- Linux-stable-mirror - lists.linaro.org

Applied "spi: davinci: fix a NULL pointer dereference" to the spi tree

by Mark Brown

The patch spi: davinci: fix a NULL pointer dereference has been applied to the spi tree at https://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi.git All being well this means that it will be integrated into the linux-next tree (usually sometime in the next 24 hours) and sent to Linus during the next merge window (or sooner if it is a bug fix), however if problems are discovered then the patch may be dropped or reverted. You may get further e-mails resulting from automated or manual testing and review of the tree, please engage with people reporting problems and send followup patches addressing any issues that are reported if needed. If any updates are required or you are submitting further changes they should be sent as incremental updates against current git, existing patches will not be replaced. Please add any relevant lists and maintainers to the CCs when replying to this mail. Thanks, Mark >From 563a53f3906a6b43692498e5b3ae891fac93a4af Mon Sep 17 00:00:00 2001 From: Bartosz Golaszewski <bgolaszewski(a)baylibre.com> Date: Fri, 10 Aug 2018 11:13:52 +0200 Subject: [PATCH] spi: davinci: fix a NULL pointer dereference On non-OF systems spi->controlled_data may be NULL. This causes a NULL pointer derefence on dm365-evm. Signed-off-by: Bartosz Golaszewski <bgolaszewski(a)baylibre.com> Signed-off-by: Mark Brown <broonie(a)kernel.org> Cc: stable(a)vger.kernel.org --- drivers/spi/spi-davinci.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/spi/spi-davinci.c b/drivers/spi/spi-davinci.c index 60d59b003aa4..4ffc0f495be8 100644 --- a/drivers/spi/spi-davinci.c +++ b/drivers/spi/spi-davinci.c @@ -217,7 +217,7 @@ static void davinci_spi_chipselect(struct spi_device *spi, int value) pdata = &dspi->pdata; /* program delay transfers if tx_delay is non zero */ - if (spicfg->wdelay) + if (spicfg && spicfg->wdelay) spidat1 |= SPIDAT1_WDEL; /* -- 2.18.0

7 years, 1 month

1
0
0 0

Please help to apply commit 32b6170ca59c("ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV")into the 4.4 stable kernel

by Yongqin Liu

Hi, All Sorry, I am following the instructions in Documentation/networking/netdev-FAQ.txt to send out this mail, if I was wrong or there are more things I need to do, please let me know. After investigated on some failures of the android VtsKernelNetTest module test, I found that without the change of "ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV", the config of CRYPTO_ECHAINIV will be generated as m by default in the .config file, which needs more module loading process to be done. But with the 4.9 and 4.14 kernels which have the change, CRYPTO_ECHAINIV will be generated as y by default in the .config file. We could set config of CRYPTO_ECHAINIV to y explicitly to generated the correct .config file, but having the change of "ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV" cherry picked into the 4.4 stable kernel looks more like the right solution. The commit id for that change is 32b6170ca59ccf07d0e394561e54b2cd9726038c, it's already in 4.9 and 4.14 kernels, like here: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net… Could you please help to check if we could have 32b6170ca59ccf07d0e394561e54b2cd9726038c in the 4.4 stable kernel? The patch is here: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/patch/net?… Thanks in advance! -- Best Regards, Yongqin Liu

7 years, 1 month

2
4
0 0

[PATCH] uprobes: Use synchronize_rcu() not synchronize_sched()

by Steven Rostedt

From: "Steven Rostedt (VMware)" <rostedt(a)goodmis.org> While debugging another bug, I was looking at all the synchronize*() functions being used in kernel/trace, and noticed that trace_uprobes was using synchronize_sched(), with a comment to synchronize with {u,ret}_probe_trace_func(). When looking at those functions, the data is protected with "rcu_read_lock()" and not with "rcu_read_lock_sched()". This is using the wrong synchronize_*() function. Cc: stable(a)vger.kernel.org Fixes: 70ed91c6ec7f8 ("tracing/uprobes: Support ftrace_event_file base multibuffer") Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> --- kernel/trace/trace_uprobe.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/trace_uprobe.c b/kernel/trace/trace_uprobe.c index bf89a51e740d..ac02fafc9f1b 100644 --- a/kernel/trace/trace_uprobe.c +++ b/kernel/trace/trace_uprobe.c @@ -952,7 +952,7 @@ probe_event_disable(struct trace_uprobe *tu, struct trace_event_file *file) list_del_rcu(&link->list); /* synchronize with u{,ret}probe_trace_func */ - synchronize_sched(); + synchronize_rcu(); kfree(link); if (!list_empty(&tu->tp.files)) -- 2.13.6

7 years, 1 month

2
6
0 0

did you check it

by Kelly

Your photos need editing. We can do it for you. We do editing for e-commerce photos, jewelries images and portrait photos etc. This will include cutout and clipping path etc , also retouching if needed. Let;s know if you want to send photos for working. We can do test on your photos. Thanks, Kelly

7 years, 1 month

1
0
0 0

[PATCH 2/2] drm/nouveau: Reset MST branching unit before enabling

by Lyude Paul

When probing a new MST device, it's not safe to make any assumptions about it's current state. While most well mannered MST hubs will just disable the branching unit on hotplug disconnects, this isn't enough to save us from various other scenarios that might have resulted in something writing to the MST branching unit before we got control of it. This could happen if a previous probe we tried failed, if we're booting in kexec context and the hub is still in the state the last kernel put it in, etc. Luckily; there is no reason we can't just reset the branching unit every time we enable a new topology. So, fix this by resetting it on enabling new topologies to ensure that we always start off with a clean, unmodified topology state on MST sinks. This fixes occasional hard-lockups on my P50's laptop dock (e.g. AUX times out all DPCD trasactions) observed after multiple docks, undocks, and module reloads. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/dispnv50/disp.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/drivers/gpu/drm/nouveau/dispnv50/disp.c b/drivers/gpu/drm/nouveau/dispnv50/disp.c index cdb3ef7c5d86..61bc36e9c915 100644 --- a/drivers/gpu/drm/nouveau/dispnv50/disp.c +++ b/drivers/gpu/drm/nouveau/dispnv50/disp.c @@ -1098,17 +1098,21 @@ nv50_mstm_enable(struct nv50_mstm *mstm, u8 dpcd, int state) int ret; if (dpcd >= 0x12) { - ret = drm_dp_dpcd_readb(mstm->mgr.aux, DP_MSTM_CTRL, &dpcd); + /* Even if we're enabling MST, start with disabling the + * branching unit to clear any sink-side MST topology state + * that wasn't set by us + */ + ret = drm_dp_dpcd_writeb(mstm->mgr.aux, DP_MSTM_CTRL, 0); if (ret < 0) return ret; - dpcd &= ~DP_MST_EN; - if (state) - dpcd |= DP_MST_EN; - - ret = drm_dp_dpcd_writeb(mstm->mgr.aux, DP_MSTM_CTRL, dpcd); - if (ret < 0) - return ret; + if (state) { + /* Now, start initializing */ + ret = drm_dp_dpcd_writeb(mstm->mgr.aux, DP_MSTM_CTRL, + DP_MST_EN); + if (ret < 0) + return ret; + } } return nvif_mthd(disp, 0, &args, sizeof(args)); -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH 1/2] drm/nouveau: Only write DP_MSTM_CTRL when needed

by Lyude Paul

Currently, nouveau will re-write the DP_MSTM_CTRL register for an MST hub every time it receives a long HPD pulse on DP. This isn't actually necessary and additionally, has some unintended side effects. With the P50 I've got here, rewriting DP_MSTM_CTRL constantly seems to make it rather likely (1 out of 5 times usually) that bringing up MST with it's ThinkPad dock will fail and result in sideband messages timing out in the middle. Afterwards, successive probes don't manage to get the dock to communicate properly over MST sideband properly. Many times sideband message timeouts from MST hubs are indicative of either the source or the sink dropping an ESI event, which can cause DRM's perspective of the topology's current state to go out of sync with reality. While it's tough to really know for sure what's happening to the dock, using userspace tools to write to DP_MSTM_CTRL in the middle of the MST link probing process does appear to make things flaky. It's possible that when we write to DP_MSTM_CTRL, the function that gets triggered to respond in the dock's firmware temporarily puts it in a state where it might end up not reporting an ESI to the source, or ends up dropping a sideband message we sent it. So, to fix this we make it so that when probing an MST topology, we respect it's current state. If the dock's already enabled, we simply read DP_MSTM_CTRL and disable the topology if it's value is not what we expected. Otherwise, we perform the normal MST probing dance. We avoid taking any action except if the state of the MST topology actually changes. This fixes MST sideband message timeouts and detection failures on my P50 with its ThinkPad dock. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/dispnv50/disp.c | 45 ++++++++++++++++++++----- 1 file changed, 36 insertions(+), 9 deletions(-) diff --git a/drivers/gpu/drm/nouveau/dispnv50/disp.c b/drivers/gpu/drm/nouveau/dispnv50/disp.c index f6c0b2aa9857..cdb3ef7c5d86 100644 --- a/drivers/gpu/drm/nouveau/dispnv50/disp.c +++ b/drivers/gpu/drm/nouveau/dispnv50/disp.c @@ -1117,31 +1117,58 @@ nv50_mstm_enable(struct nv50_mstm *mstm, u8 dpcd, int state) int nv50_mstm_detect(struct nv50_mstm *mstm, u8 dpcd[8], int allow) { - int ret, state = 0; + struct drm_dp_aux *aux; + int ret; + bool old_state, new_state; + u8 mstm_ctrl; if (!mstm) return 0; - if (dpcd[0] >= 0x12) { - ret = drm_dp_dpcd_readb(mstm->mgr.aux, DP_MSTM_CAP, &dpcd[1]); + mutex_lock(&mstm->mgr.lock); + + old_state = mstm->mgr.mst_state; + new_state = old_state; + aux = mstm->mgr.aux; + + if (old_state) { + /* Just check that the MST hub is still as we expect it */ + ret = drm_dp_dpcd_readb(aux, DP_MSTM_CTRL, &mstm_ctrl); + if (ret < 0 || !(mstm_ctrl & DP_MST_EN)) { + DRM_DEBUG_KMS("Hub gone, disabling MST topology\n"); + new_state = false; + } + } else if (dpcd[0] >= 0x12) { + ret = drm_dp_dpcd_readb(aux, DP_MSTM_CAP, &dpcd[1]); if (ret < 0) - return ret; + goto probe_error; if (!(dpcd[1] & DP_MST_CAP)) dpcd[0] = 0x11; else - state = allow; + new_state = allow; } - ret = nv50_mstm_enable(mstm, dpcd[0], state); + if (new_state == old_state) { + mutex_unlock(&mstm->mgr.lock); + return new_state; + } + + ret = nv50_mstm_enable(mstm, dpcd[0], new_state); if (ret) - return ret; + goto probe_error; + + mutex_unlock(&mstm->mgr.lock); - ret = drm_dp_mst_topology_mgr_set_mst(&mstm->mgr, state); + ret = drm_dp_mst_topology_mgr_set_mst(&mstm->mgr, new_state); if (ret) return nv50_mstm_enable(mstm, dpcd[0], 0); - return mstm->mgr.mst_state; + return new_state; + +probe_error: + mutex_unlock(&mstm->mgr.lock); + return ret; } static void -- 2.17.1

7 years, 1 month

1
0
0 0

[for-next][PATCH 6/6] uprobes: Use synchronize_rcu() not synchronize_sched()

by Steven Rostedt

From: "Steven Rostedt (VMware)" <rostedt(a)goodmis.org> While debugging another bug, I was looking at all the synchronize*() functions being used in kernel/trace, and noticed that trace_uprobes was using synchronize_sched(), with a comment to synchronize with {u,ret}_probe_trace_func(). When looking at those functions, the data is protected with "rcu_read_lock()" and not with "rcu_read_lock_sched()". This is using the wrong synchronize_*() function. Cc: stable(a)vger.kernel.org Fixes: 70ed91c6ec7f8 ("tracing/uprobes: Support ftrace_event_file base multibuffer") Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> --- kernel/trace/trace_uprobe.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/trace_uprobe.c b/kernel/trace/trace_uprobe.c index bf89a51e740d..ac02fafc9f1b 100644 --- a/kernel/trace/trace_uprobe.c +++ b/kernel/trace/trace_uprobe.c @@ -952,7 +952,7 @@ probe_event_disable(struct trace_uprobe *tu, struct trace_event_file *file) list_del_rcu(&link->list); /* synchronize with u{,ret}probe_trace_func */ - synchronize_sched(); + synchronize_rcu(); kfree(link); if (!list_empty(&tu->tp.files)) -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH v5 1/3] blkcg: Introduce blkg_root_lookup()

by Bart Van Assche

This new function will be used in a later patch to verify whether a queue has been dissociated from the cgroup controller before being released. Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Tejun Heo <tj(a)kernel.org> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Ming Lei <ming.lei(a)redhat.com> Cc: Omar Sandoval <osandov(a)fb.com> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: Alexandru Moise <00moses.alexander00(a)gmail.com> Cc: Joseph Qi <joseph.qi(a)linux.alibaba.com> Cc: <stable(a)vger.kernel.org> --- include/linux/blk-cgroup.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/include/linux/blk-cgroup.h b/include/linux/blk-cgroup.h index f7b910768306..1361cfc9b878 100644 --- a/include/linux/blk-cgroup.h +++ b/include/linux/blk-cgroup.h @@ -341,6 +341,23 @@ static inline struct blkcg_gq *blkg_lookup(struct blkcg *blkcg, return __blkg_lookup(blkcg, q, false); } +/** + * blkg_lookup - look up blkg for the specified request queue + * @q: request_queue of interest + * + * Lookup blkg for @q at the root level. See also blkg_lookup(). + */ +static inline struct blkcg_gq *blkg_root_lookup(struct request_queue *q) +{ + struct blkcg_gq *blkg; + + rcu_read_lock(); + blkg = blkg_lookup(&blkcg_root, q); + rcu_read_unlock(); + + return blkg; +} + /** * blkg_to_pdata - get policy private data * @blkg: blkg of interest @@ -864,6 +881,7 @@ static inline bool blk_cgroup_congested(void) { return false; } static inline void blkcg_schedule_throttle(struct request_queue *q, bool use_memdelay) { } static inline struct blkcg_gq *blkg_lookup(struct blkcg *blkcg, void *key) { return NULL; } +static inline struct blkcg_gq *blkg_root_lookup(struct request_queue *q) { return NULL; } static inline int blkcg_init_queue(struct request_queue *q) { return 0; } static inline void blkcg_drain_queue(struct request_queue *q) { } static inline void blkcg_exit_queue(struct request_queue *q) { } -- 2.18.0

7 years, 1 month

4
3
0 0

v3.18.118 build: 0 failures 8 warnings (v3.18.118)

by Build bot for Mark Brown

Tree/Branch: v3.18.118 Git describe: v3.18.118 Commit: 830f9674e7 Linux 3.18.118 Build Time: 0 min 1 sec Passed: 7 / 7 (100.00 %) Failed: 0 / 7 ( 0.00 %) Errors: 0 Warnings: 8 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 5 warnings 0 mismatches : arm-allmodconfig 5 warnings 0 mismatches : arm-multi_v7_defconfig 12 warnings 0 mismatches : x86_64-allmodconfig 5 warnings 0 mismatches : arm-multi_v5_defconfig 7 warnings 0 mismatches : x86_64-defconfig ------------------------------------------------------------------------------- Warnings Summary: 8 9 ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] 5 ../mm/slub.c:904:21: warning: format '%d' expects argument of type 'int', but argument 5 has type 'long unsigned int' [-Wformat=] 5 ../mm/slub.c:856:21: warning: too many arguments for format [-Wformat-extra-args] 5 ../mm/slub.c:851:21: warning: too many arguments for format [-Wformat-extra-args] 3 ../mm/slub.c:856:21: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] 3 ../mm/slub.c:851:21: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] 2 ../mm/slub.c:856:29: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] 2 ../mm/slub.c:851:31: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm-allmodconfig : PASS, 0 errors, 5 warnings, 0 section mismatches Warnings: ../mm/slub.c:851:21: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] ../mm/slub.c:851:21: warning: too many arguments for format [-Wformat-extra-args] ../mm/slub.c:856:21: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] ../mm/slub.c:856:21: warning: too many arguments for format [-Wformat-extra-args] ../mm/slub.c:904:21: warning: format '%d' expects argument of type 'int', but argument 5 has type 'long unsigned int' [-Wformat=] ------------------------------------------------------------------------------- arm-multi_v7_defconfig : PASS, 0 errors, 5 warnings, 0 section mismatches Warnings: ../mm/slub.c:851:21: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] ../mm/slub.c:851:21: warning: too many arguments for format [-Wformat-extra-args] ../mm/slub.c:856:21: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] ../mm/slub.c:856:21: warning: too many arguments for format [-Wformat-extra-args] ../mm/slub.c:904:21: warning: format '%d' expects argument of type 'int', but argument 5 has type 'long unsigned int' [-Wformat=] ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 12 warnings, 0 section mismatches Warnings: ../mm/slub.c:851:31: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] ../mm/slub.c:851:21: warning: too many arguments for format [-Wformat-extra-args] ../mm/slub.c:856:29: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] ../mm/slub.c:856:21: warning: too many arguments for format [-Wformat-extra-args] ../mm/slub.c:904:21: warning: format '%d' expects argument of type 'int', but argument 5 has type 'long unsigned int' [-Wformat=] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ------------------------------------------------------------------------------- arm-multi_v5_defconfig : PASS, 0 errors, 5 warnings, 0 section mismatches Warnings: ../mm/slub.c:851:21: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] ../mm/slub.c:851:21: warning: too many arguments for format [-Wformat-extra-args] ../mm/slub.c:856:21: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] ../mm/slub.c:856:21: warning: too many arguments for format [-Wformat-extra-args] ../mm/slub.c:904:21: warning: format '%d' expects argument of type 'int', but argument 5 has type 'long unsigned int' [-Wformat=] ------------------------------------------------------------------------------- x86_64-defconfig : PASS, 0 errors, 7 warnings, 0 section mismatches Warnings: ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../mm/slub.c:851:31: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] ../mm/slub.c:851:21: warning: too many arguments for format [-Wformat-extra-args] ../mm/slub.c:856:29: warning: format '%u' expects argument of type 'unsigned int', but argument 4 has type 'const char *' [-Wformat=] ../mm/slub.c:856:21: warning: too many arguments for format [-Wformat-extra-args] ../mm/slub.c:904:21: warning: format '%d' expects argument of type 'int', but argument 5 has type 'long unsigned int' [-Wformat=] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: x86_64-allnoconfig arm-allnoconfig

7 years, 1 month

1
0
0 0

[PATCH] pci/sriov: Hold rescan lock while enumerating

by Keith Busch

PCI enumeration/de-enumeration needs to run single threaded to prevent race conditions with other threads changing the topology. Altering the number of virtual functions was not taking the rescan/remove lock hile adding or removing those virtual functions, so this patch adds that. Reported-by: Krzysztof Wierzbicki <krzysztof.wierzbicki(a)intel.com> Cc: stable(a)vger.kernel.org Signed-off-by: Keith Busch <keith.busch(a)intel.com> --- drivers/pci/pci-sysfs.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c index 9ecfe13157c0..611abe220b6f 100644 --- a/drivers/pci/pci-sysfs.c +++ b/drivers/pci/pci-sysfs.c @@ -591,6 +591,7 @@ static ssize_t sriov_numvfs_store(struct device *dev, if (num_vfs > pci_sriov_get_totalvfs(pdev)) return -ERANGE; + pci_lock_rescan_remove(); device_lock(&pdev->dev); if (num_vfs == pdev->sriov->num_VFs) @@ -627,6 +628,7 @@ static ssize_t sriov_numvfs_store(struct device *dev, exit: device_unlock(&pdev->dev); + pci_unlock_rescan_remove(); if (ret < 0) return ret; -- 2.14.4

7 years, 1 month

1
0
0 0

[PATCH v5 3/3] block: Ensure that a request queue is dissociated from the cgroup controller

by Bart Van Assche

Several block drivers call alloc_disk() followed by put_disk() if something fails before device_add_disk() is called without calling blk_cleanup_queue(). Make sure that also for this scenario a request queue is dissociated from the cgroup controller. This patch avoids that loading the parport_pc, paride and pf drivers triggers the following kernel crash: BUG: KASAN: null-ptr-deref in pi_init+0x42e/0x580 [paride] Read of size 4 at addr 0000000000000008 by task modprobe/744 Call Trace: dump_stack+0x9a/0xeb kasan_report+0x139/0x350 pi_init+0x42e/0x580 [paride] pf_init+0x2bb/0x1000 [pf] do_one_initcall+0x8e/0x405 do_init_module+0xd9/0x2f2 load_module+0x3ab4/0x4700 SYSC_finit_module+0x176/0x1a0 do_syscall_64+0xee/0x2b0 entry_SYSCALL_64_after_hwframe+0x42/0xb7 Reported-by: Alexandru Moise <00moses.alexander00(a)gmail.com> Fixes: a063057d7c73 ("block: Fix a race between request queue removal and the block cgroup controller") # v4.17 Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Tested-by: Alexandru Moise <00moses.alexander00(a)gmail.com> Reviewed-by: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: Tejun Heo <tj(a)kernel.org> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Ming Lei <ming.lei(a)redhat.com> Cc: Alexandru Moise <00moses.alexander00(a)gmail.com> Cc: Joseph Qi <joseph.qi(a)linux.alibaba.com> Cc: <stable(a)vger.kernel.org> --- block/blk-sysfs.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/block/blk-sysfs.c b/block/blk-sysfs.c index ca1984ecbdeb..fcadea471779 100644 --- a/block/blk-sysfs.c +++ b/block/blk-sysfs.c @@ -802,6 +802,21 @@ static void __blk_release_queue(struct work_struct *work) blk_stat_remove_callback(q, q->poll_cb); blk_stat_free_callback(q->poll_cb); + if (!blk_queue_dead(q)) { + /* + * Last reference was dropped without having called + * blk_cleanup_queue(). + */ + WARN_ONCE(blk_queue_init_done(q), + "request queue %p has been registered but blk_cleanup_queue() has not been called for that queue\n", + q); + blk_exit_queue(q); + } + + WARN(blkg_root_lookup(q), + "request queue %p is being released but it has not yet been removed from the blkcg controller\n", + q); + blk_free_queue_stats(q->stats); blk_exit_rl(q, &q->root_rl); -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH v5 2/3] block: Introduce blk_exit_queue()

by Bart Van Assche

This patch does not change any functionality. Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Reviewed-by: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Ming Lei <ming.lei(a)redhat.com> Cc: Omar Sandoval <osandov(a)fb.com> Cc: Alexandru Moise <00moses.alexander00(a)gmail.com> Cc: Joseph Qi <joseph.qi(a)linux.alibaba.com> Cc: <stable(a)vger.kernel.org> --- block/blk-core.c | 54 +++++++++++++++++++++++++++--------------------- block/blk.h | 1 + 2 files changed, 31 insertions(+), 24 deletions(-) diff --git a/block/blk-core.c b/block/blk-core.c index 2e054b65de42..55bc22ef2934 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -719,6 +719,35 @@ void blk_set_queue_dying(struct request_queue *q) } EXPORT_SYMBOL_GPL(blk_set_queue_dying); +/* Unconfigure the I/O scheduler and dissociate from the cgroup controller. */ +void blk_exit_queue(struct request_queue *q) +{ + /* + * Since the I/O scheduler exit code may access cgroup information, + * perform I/O scheduler exit before disassociating from the block + * cgroup controller. + */ + if (q->elevator) { + ioc_clear_queue(q); + elevator_exit(q, q->elevator); + q->elevator = NULL; + } + + /* + * Remove all references to @q from the block cgroup controller before + * restoring @q->queue_lock to avoid that restoring this pointer causes + * e.g. blkcg_print_blkgs() to crash. + */ + blkcg_exit_queue(q); + + /* + * Since the cgroup code may dereference the @q->backing_dev_info + * pointer, only decrease its reference count after having removed the + * association with the block cgroup controller. + */ + bdi_put(q->backing_dev_info); +} + /** * blk_cleanup_queue - shutdown a request queue * @q: request queue to shutdown @@ -788,30 +817,7 @@ void blk_cleanup_queue(struct request_queue *q) */ WARN_ON_ONCE(q->kobj.state_in_sysfs); - /* - * Since the I/O scheduler exit code may access cgroup information, - * perform I/O scheduler exit before disassociating from the block - * cgroup controller. - */ - if (q->elevator) { - ioc_clear_queue(q); - elevator_exit(q, q->elevator); - q->elevator = NULL; - } - - /* - * Remove all references to @q from the block cgroup controller before - * restoring @q->queue_lock to avoid that restoring this pointer causes - * e.g. blkcg_print_blkgs() to crash. - */ - blkcg_exit_queue(q); - - /* - * Since the cgroup code may dereference the @q->backing_dev_info - * pointer, only decrease its reference count after having removed the - * association with the block cgroup controller. - */ - bdi_put(q->backing_dev_info); + blk_exit_queue(q); if (q->mq_ops) blk_mq_free_queue(q); diff --git a/block/blk.h b/block/blk.h index 6adae8f94279..aeb8026f4d7b 100644 --- a/block/blk.h +++ b/block/blk.h @@ -130,6 +130,7 @@ void blk_free_flush_queue(struct blk_flush_queue *q); int blk_init_rl(struct request_list *rl, struct request_queue *q, gfp_t gfp_mask); void blk_exit_rl(struct request_queue *q, struct request_list *rl); +void blk_exit_queue(struct request_queue *q); void blk_rq_bio_prep(struct request_queue *q, struct request *rq, struct bio *bio); void blk_queue_bypass_start(struct request_queue *q); -- 2.18.0

7 years, 1 month

1
0
0 0

want to edit

by Tony

We just found that you need image editing. We are an image studio, we do all kinds of image editing such as for e-commerce photos, jewelry images and portrait mages. Our service includes cutting out and clipping path etc , we also do retouching. You may send us a photo, testing will be provided to check our quality Thanks, Tony Glenn

7 years, 1 month

1
0
0 0

in our studio

by Tony

We just found that you need image editing. We are an image studio, we do all kinds of image editing such as for e-commerce photos, jewelry images and portrait mages. Our service includes cutting out and clipping path etc , we also do retouching. You may send us a photo, testing will be provided to check our quality Thanks, Tony Glenn

7 years, 1 month

1
0
0 0

Linux 3.18.118

by Greg KH

I'm announcing the release of the 3.18.118 kernel. All users of the 3.18 kernel series must upgrade. The updated 3.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/microblaze/boot/Makefile | 10 ++-- arch/powerpc/kernel/head_8xx.S | 2 arch/powerpc/kernel/pci_32.c | 1 arch/powerpc/platforms/chrp/time.c | 6 +- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 ++ arch/powerpc/platforms/powermac/bootx_init.c | 4 + arch/powerpc/platforms/powermac/setup.c | 1 arch/s390/include/asm/cpu_mf.h | 6 +- arch/x86/kernel/cpu/perf_event_intel_uncore.c | 2 arch/x86/kernel/cpu/perf_event_intel_uncore_nhmex.c | 2 crypto/authenc.c | 1 crypto/authencesn.c | 1 drivers/acpi/pci_root.c | 4 + drivers/ata/libata-eh.c | 12 +++-- drivers/char/random.c | 10 +++- drivers/crypto/padlock-aes.c | 8 ++- drivers/gpu/drm/gma500/psb_intel_drv.h | 2 drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 drivers/gpu/drm/radeon/radeon_connectors.c | 10 ++-- drivers/hid/i2c-hid/i2c-hid.c | 8 +++ drivers/infiniband/core/mad.c | 11 ++-- drivers/infiniband/core/ucma.c | 6 ++ drivers/md/md.c | 3 + drivers/media/common/siano/smsendian.c | 14 ++--- drivers/media/i2c/smiapp/smiapp-core.c | 11 ++-- drivers/media/pci/saa7164/saa7164-fw.c | 3 - drivers/media/platform/omap3isp/isp.c | 7 +- drivers/media/radio/si470x/radio-si470x-i2c.c | 6 +- drivers/net/can/usb/ems_usb.c | 1 drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 drivers/net/wireless/ath/regd.h | 5 ++ drivers/net/wireless/ath/regd_common.h | 13 +++++ drivers/net/wireless/mwifiex/usb.c | 3 + drivers/net/wireless/rsi/rsi_91x_sdio.c | 2 drivers/net/wireless/ti/wlcore/sdio.c | 5 ++ drivers/net/xen-netfront.c | 6 ++ drivers/pci/pci-sysfs.c | 15 +++--- drivers/regulator/pfuze100-regulator.c | 1 drivers/rtc/interface.c | 5 ++ drivers/scsi/3w-9xxx.c | 5 ++ drivers/scsi/3w-xxxx.c | 3 + drivers/scsi/megaraid.c | 3 + drivers/scsi/qla2xxx/qla_init.c | 7 +- drivers/scsi/qla2xxx/qla_os.c | 5 +- drivers/scsi/sg.c | 1 drivers/scsi/ufs/ufshcd.c | 2 drivers/tty/hvc/hvc_opal.c | 1 drivers/tty/pty.c | 3 + drivers/usb/core/hub.c | 4 + drivers/virtio/virtio_balloon.c | 2 fs/jfs/xattr.c | 10 ++-- fs/squashfs/block.c | 2 fs/squashfs/cache.c | 3 + fs/squashfs/file.c | 8 ++- fs/squashfs/fragment.c | 17 ++++--- fs/squashfs/squashfs_fs.h | 6 ++ fs/squashfs/squashfs_fs_sb.h | 1 fs/squashfs/super.c | 5 +- include/linux/ring_buffer.h | 1 include/net/tcp.h | 2 kernel/bpf/verifier.c | 4 - kernel/trace/ring_buffer.c | 16 ++++++ kernel/trace/trace.c | 6 ++ kernel/trace/trace_events_trigger.c | 18 +++++-- kernel/trace/trace_kprobe.c | 15 +++++- mm/slub.c | 2 mm/vmalloc.c | 3 - net/dsa/slave.c | 6 ++ net/ipv4/fib_frontend.c | 4 - net/ipv4/inet_fragment.c | 10 ++-- net/ipv4/ipconfig.c | 13 +++++ net/ipv4/tcp_dctcp.c | 4 - net/ipv4/tcp_input.c | 48 ++++++++++---------- sound/pci/emu10k1/emupcm.c | 4 + sound/pci/emu10k1/memory.c | 6 +- sound/pci/fm801.c | 16 +++++- sound/pci/hda/patch_ca0132.c | 8 ++- sound/soc/soc-pcm.c | 6 +- sound/usb/pcm.c | 2 tools/usb/usbip/src/usbip_detach.c | 9 ++- 81 files changed, 365 insertions(+), 144 deletions(-) Alexandre Belloni (1): rtc: ensure rtc_set_alarm fails when alarms are not supported Anil Gurumurthy (1): scsi: qla2xxx: Return error when TMF returns Anson Huang (1): regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Anton Vasilyev (1): can: ems_usb: Fix memory leak on ems_usb_disconnect() Artem Savkov (1): tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Brad Love (1): media: saa7164: Fix driver name in debug output Chintan Pandya (1): mm: vmalloc: avoid racy handling of debugobjects in vunmap Chris Novakovic (1): ipconfig: Correctly initialise ic_nameservers Christoph Hellwig (1): PCI: Prevent sysfs disable of device while driver is attached Christophe Leroy (1): powerpc/8xx: fix invalid register expression in head_8xx.S Colin Ian King (1): media: smiapp: fix timeout checking in smiapp_read_nvm Cong Wang (1): infiniband: fix a possible use-after-free bug DaeRyong Jeong (1): tty: Fix data race in tty_insert_flip_string_fixed_flag Damien Le Moal (1): libata: Fix command retry decision Dan Carpenter (1): scsi: megaraid: silence a static checker bug Dmitry Torokhov (1): HID: i2c-hid: check if device is there before really probing Dominik Bozek (1): usb: hub: Don't wait for connect state at resume for powered-off ports Eric Dumazet (5): tcp: do not force quickack when receiving out-of-order packets tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode tcp: do not aggressively quick ack after ECN events tcp: add one more quick ack after after ECN events inet: frag: enforce memory limits earlier Eugeniy Paltsev (1): NET: stmmac: align DMA stuff to largest cache line length Eyal Reizer (1): wlcore: sdio: check for valid platform device data before suspend Florian Fainelli (1): net: dsa: Do not suspend/resume closed slave_dev Ganapathi Bhat (1): mwifiex: handle race during mwifiex_usb_disconnect Greg Kroah-Hartman (1): Linux 3.18.118 Herbert Xu (1): crypto: padlock-aes - Fix Nano workaround data corruption Jakub Kicinski (1): bpf: fix references to free_bpf_prog_info() in comments Jiang Biao (1): virtio_balloon: fix another race between migration and ballooning Jonathan Neuschäfer (1): powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet Kai Chieh Chuang (1): ASoC: dpcm: fix BE dai not hw_free and shutdown Kan Liang (2): perf/x86/intel/uncore: Correct fixed counter index check in generic code perf/x86/intel/uncore: Correct fixed counter index check for NHM Leon Romanovsky (1): RDMA/mad: Convert BUG_ONs to error flows Linus Torvalds (3): squashfs: be more careful about metadata corruption squashfs: more metadata hardening squashfs: more metadata hardenings Lorenzo Bianconi (1): ipv4: remove BUG_ON() from fib_compute_spec_dst Luc Van Oostenryck (2): drm/radeon: fix mode_valid's return type drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Masami Hiramatsu (1): ring_buffer: tracing: Inherit the tracing setting to next ring buffer Mathieu Malaterre (5): mm/slub.c: add __printf verification to slab_err() powerpc/32: Add a missing include header powerpc/chrp/time: Make some functions static, add missing header include powerpc/powermac: Add missing prototype for note_bootable_part() powerpc/powermac: Mark variable x as unused Mauro Carvalho Chehab (2): media: siano: get rid of __le32/__le16 cast warnings media: si470x: fix __be16 annotations Maya Erez (1): scsi: ufs: fix exception event handling Michal Simek (1): microblaze: Fix simpleImage format generation Mika Westerberg (1): PCI: pciehp: Request control of native hotplug only if supported Quinn Tran (1): scsi: qla2xxx: Fix ISP recovery on unload Shankara Pailoor (1): jfs: Fix inconsistency between memory allocation and ea_buf->max_size Shuah Khan (Samsung OSG) (1): usbip: usbip_detach: Fix memory, udev context and udev leak Siva Rebbagondla (1): rsi: Fix 'invalid vdd' warning in mmc Steven Rostedt (VMware) (3): tracing: Fix double free of event_trigger_data tracing: Fix possible double free in event_enable_trigger_func() tracing: Quiet gcc warning about maybe unused link variable Stewart Smith (1): hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Suman Anna (1): media: omap3isp: fix unbalanced dma_iommu_mapping Sven Eckelmann (9): ath: Add regulatory mapping for FCC3_ETSIC ath: Add regulatory mapping for ETSI8_WORLD ath: Add regulatory mapping for APL13_WORLD ath: Add regulatory mapping for APL2_FCCA ath: Add regulatory mapping for Uganda ath: Add regulatory mapping for Tanzania ath: Add regulatory mapping for Serbia ath: Add regulatory mapping for Bermuda ath: Add regulatory mapping for Bahamas Takashi Iwai (2): ALSA: emu10k1: Rate-limit error messages about page errors ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Takashi Sakamoto (1): ALSA: hda/ca0132: fix build failure when a local macro is defined Theodore Ts'o (1): random: mix rdrand with entropy sent in from userspace Thomas Richter (2): s390/cpum_sf: Add data entry sizes to sampling trailer entry perf: fix invalid bit in diagnostic entry Tony Battersby (1): scsi: sg: fix minor memory leak in error path Tudor-Dan Ambarus (2): crypto: authencesn - don't leak pointers to authenc keys crypto: authenc - don't leak pointers to authenc keys Wenwen Wang (2): scsi: 3w-9xxx: fix a missing-check bug scsi: 3w-xxxx: fix a missing-check bug Xiao Liang (1): xen-netfront: wait xenbus state change when load module manually Yousuk Seung (1): tcp: refactor tcp_ecn_check_ce to remove sk type cast Yufen Yu (1): md: fix NULL dereference of mddev->pers in remove_and_add_spares() Zhouyang Jia (2): ALSA: emu10k1: add error handling for snd_ctl_add ALSA: fm801: add error handling for snd_ctl_add

7 years, 1 month

1
1
0 0

Linux 4.4.147

by Greg KH

I'm announcing the release of the 4.4.147 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 +- drivers/i2c/busses/i2c-imx.c | 3 +-- drivers/pci/pci-acpi.c | 2 +- drivers/scsi/qla2xxx/qla_init.c | 7 +++---- drivers/scsi/qla2xxx/qla_os.c | 5 +++-- fs/ext4/super.c | 4 ++-- fs/jfs/xattr.c | 10 ++++++---- include/linux/ring_buffer.h | 1 + kernel/irq/manage.c | 9 ++++++++- kernel/time/tick-sched.c | 2 +- kernel/trace/ring_buffer.c | 16 ++++++++++++++++ kernel/trace/trace.c | 6 ++++++ net/netlink/af_netlink.c | 5 +++++ 13 files changed, 54 insertions(+), 18 deletions(-) Anil Gurumurthy (1): scsi: qla2xxx: Return error when TMF returns Anna-Maria Gleixner (1): nohz: Fix local_timer_softirq_pending() Dmitry Safonov (3): netlink: Do not subscribe to non-existent groups netlink: Don't shift with UB on nlk->ngroups netlink: Don't shift on 64 for ngroups Esben Haabendal (1): i2c: imx: Fix reinit_completion() use Greg Kroah-Hartman (1): Linux 4.4.147 Masami Hiramatsu (1): ring_buffer: tracing: Inherit the tracing setting to next ring buffer Quinn Tran (1): scsi: qla2xxx: Fix ISP recovery on unload Shankara Pailoor (1): jfs: Fix inconsistency between memory allocation and ea_buf->max_size Theodore Ts'o (1): ext4: fix false negatives *and* false positives in ext4_check_descriptors() Thomas Gleixner (1): genirq: Make force irq threading setup more robust Vitaly Kuznetsov (1): ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle

7 years, 1 month

1
1
0 0

Linux 4.9.119

by Greg KH

I'm announcing the release of the 4.9.119 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 +- drivers/i2c/busses/i2c-imx.c | 3 +-- drivers/infiniband/hw/hfi1/rc.c | 2 +- drivers/infiniband/hw/hfi1/uc.c | 4 ++-- drivers/infiniband/hw/hfi1/ud.c | 4 ++-- drivers/infiniband/hw/hfi1/verbs_txreq.c | 4 ++-- drivers/infiniband/hw/hfi1/verbs_txreq.h | 4 ++-- drivers/pci/pci-acpi.c | 2 +- drivers/scsi/qla2xxx/qla_init.c | 7 +++---- drivers/scsi/qla2xxx/qla_os.c | 5 +++-- fs/btrfs/extent_io.c | 3 +++ fs/ext4/super.c | 4 ++-- fs/jfs/xattr.c | 10 ++++++---- include/linux/ring_buffer.h | 1 + include/linux/thread_info.h | 7 +------ kernel/fork.c | 3 +++ kernel/irq/manage.c | 9 ++++++++- kernel/time/tick-sched.c | 2 +- kernel/trace/ring_buffer.c | 16 ++++++++++++++++ kernel/trace/trace.c | 6 ++++++ net/ipv4/tcp_input.c | 23 +++++++++++++++++++++-- net/netlink/af_netlink.c | 5 +++++ 22 files changed, 91 insertions(+), 35 deletions(-) Anil Gurumurthy (1): scsi: qla2xxx: Return error when TMF returns Anna-Maria Gleixner (1): nohz: Fix local_timer_softirq_pending() Dmitry Safonov (3): netlink: Do not subscribe to non-existent groups netlink: Don't shift with UB on nlk->ngroups netlink: Don't shift on 64 for ngroups Eric Dumazet (1): tcp: add tcp_ooo_try_coalesce() helper Esben Haabendal (1): i2c: imx: Fix reinit_completion() use Filipe Manana (1): Btrfs: fix file data corruption after cloning a range and fsync Greg Kroah-Hartman (1): Linux 4.9.119 Kees Cook (1): fork: unconditionally clear stack on fork Konstantin Khlebnikov (1): kmemleak: clear stale pointers from task stacks Masami Hiramatsu (1): ring_buffer: tracing: Inherit the tracing setting to next ring buffer Michael J. Ruhl (1): IB/hfi1: Fix incorrect mixing of ERR_PTR and NULL return values Quinn Tran (1): scsi: qla2xxx: Fix ISP recovery on unload Shankara Pailoor (1): jfs: Fix inconsistency between memory allocation and ea_buf->max_size Theodore Ts'o (1): ext4: fix false negatives *and* false positives in ext4_check_descriptors() Thomas Gleixner (1): genirq: Make force irq threading setup more robust Vitaly Kuznetsov (1): ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle

7 years, 1 month

1
1
0 0

Linux 4.14.62

by Greg KH

I'm announcing the release of the 4.14.62 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 - drivers/i2c/busses/i2c-imx.c | 3 - drivers/idle/intel_idle.c | 7 +++- drivers/nvme/host/pci.c | 64 ++++++++++++++++---------------------- drivers/nvme/target/fc.c | 44 ++++++++++++++++++++------ drivers/pci/pci-acpi.c | 2 - drivers/scsi/qla2xxx/qla_attr.c | 1 drivers/scsi/qla2xxx/qla_gbl.h | 1 drivers/scsi/qla2xxx/qla_gs.c | 4 ++ drivers/scsi/qla2xxx/qla_init.c | 7 +--- drivers/scsi/qla2xxx/qla_inline.h | 2 + drivers/scsi/qla2xxx/qla_mid.c | 5 ++ drivers/scsi/qla2xxx/qla_os.c | 7 ++-- fs/btrfs/extent_io.c | 3 + fs/ext4/super.c | 4 +- fs/jfs/xattr.c | 10 +++-- fs/xfs/libxfs/xfs_attr_leaf.c | 5 +- fs/xfs/xfs_icache.c | 58 ++++++++++++++++++++++++++++++---- include/linux/ring_buffer.h | 1 kernel/irq/manage.c | 9 ++++- kernel/softirq.c | 2 - kernel/time/tick-sched.c | 2 - kernel/trace/ring_buffer.c | 16 +++++++++ kernel/trace/trace.c | 6 +++ net/netlink/af_netlink.c | 4 +- 25 files changed, 191 insertions(+), 78 deletions(-) Anil Gurumurthy (1): scsi: qla2xxx: Return error when TMF returns Anna-Maria Gleixner (1): nohz: Fix local_timer_softirq_pending() Dave Chinner (2): xfs: catch inode allocation state mismatch corruption xfs: validate cached inodes are free when allocated Dmitry Safonov (1): netlink: Don't shift on 64 for ngroups Eric Sandeen (1): xfs: don't call xfs_da_shrink_inode with NULL bp Esben Haabendal (1): i2c: imx: Fix reinit_completion() use Filipe Manana (1): Btrfs: fix file data corruption after cloning a range and fsync Frederic Weisbecker (1): nohz: Fix missing tick reprogram when interrupting an inline softirq Greg Kroah-Hartman (1): Linux 4.14.62 James Smart (1): nvmet-fc: fix target sgl list on large transfers Keith Busch (1): nvme-pci: Fix queue double allocations Len Brown (1): intel_idle: Graceful probe failure when MWAIT is disabled Masami Hiramatsu (1): ring_buffer: tracing: Inherit the tracing setting to next ring buffer Quinn Tran (3): scsi: qla2xxx: Fix unintialized List head crash scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion scsi: qla2xxx: Fix ISP recovery on unload Sagi Grimberg (1): nvme-pci: allocate device queues storage space at probe Shankara Pailoor (1): jfs: Fix inconsistency between memory allocation and ea_buf->max_size Theodore Ts'o (1): ext4: fix false negatives *and* false positives in ext4_check_descriptors() Thomas Gleixner (1): genirq: Make force irq threading setup more robust Vitaly Kuznetsov (1): ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle

7 years, 1 month

1
1
0 0

Linux 4.17.14

by Greg KH

I'm announcing the release of the 4.17.14 kernel. All users of the 4.17 kernel series must upgrade. The updated 4.17.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.17.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/x86/events/intel/uncore.h | 2 arch/x86/events/intel/uncore_snbep.c | 10 +++- block/blk-core.c | 5 +- drivers/i2c/busses/i2c-imx.c | 3 - drivers/scsi/qla2xxx/qla_attr.c | 1 drivers/scsi/qla2xxx/qla_gbl.h | 1 drivers/scsi/qla2xxx/qla_gs.c | 4 + drivers/scsi/qla2xxx/qla_init.c | 7 +-- drivers/scsi/qla2xxx/qla_inline.h | 2 drivers/scsi/qla2xxx/qla_isr.c | 3 + drivers/scsi/qla2xxx/qla_mbx.c | 6 ++ drivers/scsi/qla2xxx/qla_mid.c | 11 ++++- drivers/scsi/qla2xxx/qla_os.c | 51 ++++++++++-------------- drivers/scsi/qla2xxx/qla_sup.c | 3 + fs/btrfs/extent_io.c | 3 + fs/jfs/jfs_dinode.h | 7 +++ fs/jfs/jfs_incore.h | 1 fs/jfs/super.c | 3 - fs/jfs/xattr.c | 10 ++-- fs/xfs/libxfs/xfs_attr_leaf.c | 5 -- fs/xfs/xfs_icache.c | 73 +++++++++++++++++++++++------------ include/linux/ring_buffer.h | 1 kernel/irq/manage.c | 9 +++- kernel/softirq.c | 2 kernel/time/tick-sched.c | 2 kernel/trace/ring_buffer.c | 16 +++++++ kernel/trace/trace.c | 6 ++ net/netlink/af_netlink.c | 4 - 29 files changed, 170 insertions(+), 83 deletions(-) Anil Gurumurthy (1): scsi: qla2xxx: Return error when TMF returns Anna-Maria Gleixner (1): nohz: Fix local_timer_softirq_pending() Dave Chinner (1): xfs: validate cached inodes are free when allocated Dmitry Safonov (1): netlink: Don't shift on 64 for ngroups Eric Sandeen (1): xfs: don't call xfs_da_shrink_inode with NULL bp Esben Haabendal (1): i2c: imx: Fix reinit_completion() use Filipe Manana (1): Btrfs: fix file data corruption after cloning a range and fsync Frederic Weisbecker (1): nohz: Fix missing tick reprogram when interrupting an inline softirq Greg Kroah-Hartman (1): Linux 4.17.14 Kan Liang (1): perf/x86/intel/uncore: Fix hardcoded index of Broadwell extra PCI devices Kees Cook (1): jfs: Fix usercopy whitelist for inline inode data Linus Torvalds (1): Partially revert "block: fail op_is_write() requests to read-only partitions" Masami Hiramatsu (1): ring_buffer: tracing: Inherit the tracing setting to next ring buffer Quinn Tran (4): scsi: qla2xxx: Fix unintialized List head crash scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion scsi: qla2xxx: Fix driver unload by shutting down chip scsi: qla2xxx: Fix ISP recovery on unload Shankara Pailoor (1): jfs: Fix inconsistency between memory allocation and ea_buf->max_size Thomas Gleixner (1): genirq: Make force irq threading setup more robust

7 years, 1 month

1
1
0 0

[PATCH 3.18.y 5/5] switch ->setxattr() to passing dentry and inode separately

by Seung-Woo Kim

From: Al Viro <viro(a)zeniv.linux.org.uk> smack ->d_instantiate() uses ->setxattr(), so to be able to call it before we'd hashed the new dentry and attached it to inode, we need ->setxattr() instances getting the inode as an explicit argument rather than obtaining it from dentry. Similar change for ->getxattr() had been done in commit ce23e64. Unlike ->getxattr() (which is used by both selinux and smack instances of ->d_instantiate()) ->setxattr() is used only by smack one and unfortunately it got missed back then. Reported-by: Seung-Woo Kim <sw0312.kim(a)samsung.com> Tested-by: Casey Schaufler <casey(a)schaufler-ca.com> Signed-off-by: Al Viro <viro(a)zeniv.linux.org.uk> [sw0312.kim: backport to 3.18] Signed-off-by: Seung-Woo Kim <sw0312.kim(a)samsung.com> --- It is not clear, a26feccaba29 ("ceph: Get rid of d_find_alias in ceph_set_acl") is required backport for ceph or not. --- Documentation/filesystems/porting | 7 +++++++ .../staging/lustre/lustre/llite/llite_internal.h | 4 ++-- drivers/staging/lustre/lustre/llite/xattr.c | 6 ++---- fs/bad_inode.c | 4 ++-- fs/btrfs/xattr.c | 12 +++++++----- fs/btrfs/xattr.h | 5 +++-- fs/ceph/super.h | 4 ++-- fs/ceph/xattr.c | 7 ++++--- fs/cifs/cifsfs.h | 4 ++-- fs/cifs/xattr.c | 13 +++++++------ fs/ecryptfs/crypto.c | 9 +++++---- fs/ecryptfs/ecryptfs_kernel.h | 4 ++-- fs/ecryptfs/inode.c | 7 ++++--- fs/ecryptfs/mmap.c | 3 ++- fs/fuse/dir.c | 6 +++--- fs/gfs2/inode.c | 9 +++++---- fs/hfs/attr.c | 6 +++--- fs/hfs/hfs_fs.h | 2 +- fs/jfs/jfs_xattr.h | 4 ++-- fs/jfs/xattr.c | 10 +++++----- fs/kernfs/inode.c | 11 ++++++----- fs/kernfs/kernfs-internal.h | 3 ++- fs/overlayfs/inode.c | 5 +++-- fs/overlayfs/overlayfs.h | 5 +++-- fs/reiserfs/xattr.c | 8 ++++---- fs/reiserfs/xattr.h | 5 +++-- fs/ubifs/ubifs.h | 2 +- fs/ubifs/xattr.c | 4 ++-- fs/xattr.c | 9 +++++---- include/linux/fs.h | 3 ++- include/linux/xattr.h | 3 ++- mm/shmem.c | 10 ++++++---- security/smack/smack_lsm.c | 2 +- 33 files changed, 110 insertions(+), 86 deletions(-) diff --git a/Documentation/filesystems/porting b/Documentation/filesystems/porting index daf9acd..51bdd4a 100644 --- a/Documentation/filesystems/porting +++ b/Documentation/filesystems/porting @@ -469,3 +469,10 @@ in your dentry operations instead. dentry might be yet to be attached to inode, so do _not_ use its ->d_inode in the instances. Rationale: !@#!@# security_d_instantiate() needs to be called before we attach dentry to inode. +-- +[mandatory] + ->setxattr() and xattr_handler.set() get dentry and inode passed separately. + dentry might be yet to be attached to inode, so do _not_ use its ->d_inode + in the instances. Rationale: !@#!@# security_d_instantiate() needs to be + called before we attach dentry to inode and !@#!@##!@$!$#!@#$!@$!@$ smack + ->d_instantiate() uses not just ->getxattr() but ->setxattr() as well. diff --git a/drivers/staging/lustre/lustre/llite/llite_internal.h b/drivers/staging/lustre/lustre/llite/llite_internal.h index 442fe5b..d7ac9bc 100644 --- a/drivers/staging/lustre/lustre/llite/llite_internal.h +++ b/drivers/staging/lustre/lustre/llite/llite_internal.h @@ -1068,8 +1068,8 @@ static inline __u64 ll_file_maxbytes(struct inode *inode) } /* llite/xattr.c */ -int ll_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags); +int ll_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, size_t size, int flags); ssize_t ll_getxattr(struct dentry *dentry, struct inode *inode, const char *name, void *buffer, size_t size); ssize_t ll_listxattr(struct dentry *dentry, char *buffer, size_t size); diff --git a/drivers/staging/lustre/lustre/llite/xattr.c b/drivers/staging/lustre/lustre/llite/xattr.c index fc4b95d3..3edbbd2 100644 --- a/drivers/staging/lustre/lustre/llite/xattr.c +++ b/drivers/staging/lustre/lustre/llite/xattr.c @@ -212,11 +212,9 @@ int ll_setxattr_common(struct inode *inode, const char *name, return 0; } -int ll_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags) +int ll_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, size_t size, int flags) { - struct inode *inode = dentry->d_inode; - LASSERT(inode); LASSERT(name); diff --git a/fs/bad_inode.c b/fs/bad_inode.c index 336c284..5c29455 100644 --- a/fs/bad_inode.c +++ b/fs/bad_inode.c @@ -247,8 +247,8 @@ static int bad_inode_setattr(struct dentry *direntry, struct iattr *attrs) return -EIO; } -static int bad_inode_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags) +static int bad_inode_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, size_t size, int flags) { return -EIO; } diff --git a/fs/btrfs/xattr.c b/fs/btrfs/xattr.c index 6fa0196..22291af 100644 --- a/fs/btrfs/xattr.c +++ b/fs/btrfs/xattr.c @@ -412,10 +412,11 @@ ssize_t btrfs_getxattr(struct dentry *dentry, struct inode *inode, return __btrfs_getxattr(inode, name, buffer, size); } -int btrfs_setxattr(struct dentry *dentry, const char *name, const void *value, +int btrfs_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, size_t size, int flags) { - struct btrfs_root *root = BTRFS_I(dentry->d_inode)->root; + struct btrfs_root *root = BTRFS_I(inode)->root; int ret; /* @@ -431,20 +432,21 @@ int btrfs_setxattr(struct dentry *dentry, const char *name, const void *value, * for it via sb->s_xattr. */ if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) - return generic_setxattr(dentry, name, value, size, flags); + return generic_setxattr(dentry, inode, name, value, + size, flags); ret = btrfs_is_valid_xattr(name); if (ret) return ret; if (!strncmp(name, XATTR_BTRFS_PREFIX, XATTR_BTRFS_PREFIX_LEN)) - return btrfs_set_prop(dentry->d_inode, name, + return btrfs_set_prop(inode, name, value, size, flags); if (size == 0) value = ""; /* empty EA, do not remove */ - return __btrfs_setxattr(NULL, dentry->d_inode, name, value, size, + return __btrfs_setxattr(NULL, inode, name, value, size, flags); } diff --git a/fs/btrfs/xattr.h b/fs/btrfs/xattr.h index 8ee4329..bbd23f3 100644 --- a/fs/btrfs/xattr.h +++ b/fs/btrfs/xattr.h @@ -30,8 +30,9 @@ extern int __btrfs_setxattr(struct btrfs_trans_handle *trans, const void *value, size_t size, int flags); extern ssize_t btrfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name, void *buffer, size_t size); -extern int btrfs_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags); +extern int btrfs_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, + size_t size, int flags); extern int btrfs_removexattr(struct dentry *dentry, const char *name); extern int btrfs_xattr_security_init(struct btrfs_trans_handle *trans, diff --git a/fs/ceph/super.h b/fs/ceph/super.h index 82dd063..2783da8 100644 --- a/fs/ceph/super.h +++ b/fs/ceph/super.h @@ -722,8 +722,8 @@ extern int ceph_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat); /* xattr.c */ -extern int ceph_setxattr(struct dentry *, const char *, const void *, - size_t, int); +extern int ceph_setxattr(struct dentry *, struct inode *, const char *, + const void *, size_t, int); int __ceph_setxattr(struct dentry *, const char *, const void *, size_t, int); ssize_t __ceph_getxattr(struct inode *, const char *, void *, size_t); int __ceph_removexattr(struct dentry *, const char *); diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c index 59640c0..663cecc 100644 --- a/fs/ceph/xattr.c +++ b/fs/ceph/xattr.c @@ -995,14 +995,15 @@ out: return err; } -int ceph_setxattr(struct dentry *dentry, const char *name, +int ceph_setxattr(struct dentry *dentry, struct inode *inode, const char *name, const void *value, size_t size, int flags) { - if (ceph_snap(dentry->d_inode) != CEPH_NOSNAP) + if (ceph_snap(inode) != CEPH_NOSNAP) return -EROFS; if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) - return generic_setxattr(dentry, name, value, size, flags); + return generic_setxattr(dentry, inode, name, value, size, + flags); return __ceph_setxattr(dentry, name, value, size, flags); } diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index b0eac15..bda690e 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h @@ -122,8 +122,8 @@ extern int cifs_readlink(struct dentry *direntry, char __user *buffer, extern int cifs_symlink(struct inode *inode, struct dentry *direntry, const char *symname); extern int cifs_removexattr(struct dentry *, const char *); -extern int cifs_setxattr(struct dentry *, const char *, const void *, - size_t, int); +extern int cifs_setxattr(struct dentry *, struct inode *, const char *, + const void *, size_t, int); extern ssize_t cifs_getxattr(struct dentry *, struct inode *, const char *, void *, size_t); extern ssize_t cifs_listxattr(struct dentry *, char *, size_t); extern long cifs_ioctl(struct file *filep, unsigned int cmd, unsigned long arg); diff --git a/fs/cifs/xattr.c b/fs/cifs/xattr.c index d2c738e..2d7e6de 100644 --- a/fs/cifs/xattr.c +++ b/fs/cifs/xattr.c @@ -97,8 +97,9 @@ remove_ea_exit: return rc; } -int cifs_setxattr(struct dentry *direntry, const char *ea_name, - const void *ea_value, size_t value_size, int flags) +int cifs_setxattr(struct dentry *direntry, struct inode *inode, + const char *ea_name, const void *ea_value, size_t value_size, + int flags) { int rc = -EOPNOTSUPP; #ifdef CONFIG_CIFS_XATTR @@ -111,9 +112,9 @@ int cifs_setxattr(struct dentry *direntry, const char *ea_name, if (direntry == NULL) return -EIO; - if (direntry->d_inode == NULL) + if (inode == NULL) return -EIO; - sb = direntry->d_inode->i_sb; + sb = inode->i_sb; if (sb == NULL) return -EIO; @@ -177,12 +178,12 @@ int cifs_setxattr(struct dentry *direntry, const char *ea_name, memcpy(pacl, ea_value, value_size); if (pTcon->ses->server->ops->set_acl) rc = pTcon->ses->server->ops->set_acl(pacl, - value_size, direntry->d_inode, + value_size, inode, full_path, CIFS_ACL_DACL); else rc = -EOPNOTSUPP; if (rc == 0) /* force revalidate of the inode */ - CIFS_I(direntry->d_inode)->time = 0; + CIFS_I(inode)->time = 0; kfree(pacl); } #else diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index bc82bf3..1523f21 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c @@ -1149,12 +1149,13 @@ ecryptfs_write_metadata_to_contents(struct inode *ecryptfs_inode, static int ecryptfs_write_metadata_to_xattr(struct dentry *ecryptfs_dentry, + struct inode *ecryptfs_inode, char *page_virt, size_t size) { int rc; - rc = ecryptfs_setxattr(ecryptfs_dentry, ECRYPTFS_XATTR_NAME, page_virt, - size, 0); + rc = ecryptfs_setxattr(ecryptfs_dentry, ecryptfs_inode, + ECRYPTFS_XATTR_NAME, page_virt, size, 0); return rc; } @@ -1223,8 +1224,8 @@ int ecryptfs_write_metadata(struct dentry *ecryptfs_dentry, goto out_free; } if (crypt_stat->flags & ECRYPTFS_METADATA_IN_XATTR) - rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, virt, - size); + rc = ecryptfs_write_metadata_to_xattr(ecryptfs_dentry, ecryptfs_inode, + virt, size); else rc = ecryptfs_write_metadata_to_contents(ecryptfs_inode, virt, virt_len); diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index 0030865..567fbd7 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h @@ -621,8 +621,8 @@ ssize_t ecryptfs_getxattr_lower(struct dentry *lower_dentry, struct inode *lower_inode, const char *name, void *value, size_t size); int -ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value, - size_t size, int flags); +ecryptfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name, + const void *value, size_t size, int flags); int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode); #ifdef CONFIG_ECRYPT_FS_MESSAGING int ecryptfs_process_response(struct ecryptfs_daemon *daemon, diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index 4fb21a7..80006b1 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c @@ -1016,7 +1016,8 @@ static int ecryptfs_getattr(struct vfsmount *mnt, struct dentry *dentry, } int -ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value, +ecryptfs_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, size_t size, int flags) { int rc = 0; @@ -1029,8 +1030,8 @@ ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value, } rc = vfs_setxattr(lower_dentry, name, value, size, flags); - if (!rc && dentry->d_inode) - fsstack_copy_attr_all(dentry->d_inode, lower_dentry->d_inode); + if (!rc && inode) + fsstack_copy_attr_all(inode, lower_dentry->d_inode); out: return rc; } diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c index 4ee2cac..5099360 100644 --- a/fs/ecryptfs/mmap.c +++ b/fs/ecryptfs/mmap.c @@ -443,7 +443,8 @@ static int ecryptfs_write_inode_size_to_xattr(struct inode *ecryptfs_inode) if (size < 0) size = 8; put_unaligned_be64(i_size_read(ecryptfs_inode), xattr_virt); - rc = lower_inode->i_op->setxattr(lower_dentry, ECRYPTFS_XATTR_NAME, + rc = lower_inode->i_op->setxattr(lower_dentry, lower_inode, + ECRYPTFS_XATTR_NAME, xattr_virt, size, 0); mutex_unlock(&lower_inode->i_mutex); if (rc) diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index bef1ee3..1dbc7c1 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1845,10 +1845,10 @@ static int fuse_getattr(struct vfsmount *mnt, struct dentry *entry, return fuse_update_attributes(inode, stat, NULL, NULL); } -static int fuse_setxattr(struct dentry *entry, const char *name, - const void *value, size_t size, int flags) +static int fuse_setxattr(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags) { - struct inode *inode = entry->d_inode; struct fuse_conn *fc = get_fuse_conn(inode); struct fuse_req *req; struct fuse_setxattr_in inarg; diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index ee95780..eb10bd8 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c @@ -1851,10 +1851,10 @@ static int gfs2_getattr(struct vfsmount *mnt, struct dentry *dentry, return 0; } -static int gfs2_setxattr(struct dentry *dentry, const char *name, - const void *data, size_t size, int flags) +static int gfs2_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *data, size_t size, + int flags) { - struct inode *inode = dentry->d_inode; struct gfs2_inode *ip = GFS2_I(inode); struct gfs2_holder gh; int ret; @@ -1864,7 +1864,8 @@ static int gfs2_setxattr(struct dentry *dentry, const char *name, if (ret == 0) { ret = gfs2_rs_alloc(ip); if (ret == 0) - ret = generic_setxattr(dentry, name, data, size, flags); + ret = generic_setxattr(dentry, inode, name, data, + size, flags); gfs2_glock_dq(&gh); } gfs2_holder_uninit(&gh); diff --git a/fs/hfs/attr.c b/fs/hfs/attr.c index ce9719c..39b7123 100644 --- a/fs/hfs/attr.c +++ b/fs/hfs/attr.c @@ -13,10 +13,10 @@ #include "hfs_fs.h" #include "btree.h" -int hfs_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags) +int hfs_setxattr(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags) { - struct inode *inode = dentry->d_inode; struct hfs_find_data fd; hfs_cat_rec rec; struct hfs_cat_file *file; diff --git a/fs/hfs/hfs_fs.h b/fs/hfs/hfs_fs.h index f234e2a..f052215 100644 --- a/fs/hfs/hfs_fs.h +++ b/fs/hfs/hfs_fs.h @@ -211,7 +211,7 @@ extern void hfs_evict_inode(struct inode *); extern void hfs_delete_inode(struct inode *); /* attr.c */ -extern int hfs_setxattr(struct dentry *dentry, const char *name, +extern int hfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name, const void *value, size_t size, int flags); extern ssize_t hfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name, void *value, size_t size); diff --git a/fs/jfs/jfs_xattr.h b/fs/jfs/jfs_xattr.h index e69e14f..01c47b1 100644 --- a/fs/jfs/jfs_xattr.h +++ b/fs/jfs/jfs_xattr.h @@ -54,8 +54,8 @@ struct jfs_ea_list { extern int __jfs_setxattr(tid_t, struct inode *, const char *, const void *, size_t, int); -extern int jfs_setxattr(struct dentry *, const char *, const void *, size_t, - int); +extern int jfs_setxattr(struct dentry *, struct inode *, const char *, + const void *, size_t, int); extern ssize_t __jfs_getxattr(struct inode *, const char *, void *, size_t); extern ssize_t jfs_getxattr(struct dentry *, struct inode *, const char *, void *, size_t); extern ssize_t jfs_listxattr(struct dentry *, char *, size_t); diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c index 7b9a8f9..a942358 100644 --- a/fs/jfs/xattr.c +++ b/fs/jfs/xattr.c @@ -846,10 +846,9 @@ int __jfs_setxattr(tid_t tid, struct inode *inode, const char *name, return rc; } -int jfs_setxattr(struct dentry *dentry, const char *name, const void *value, - size_t value_len, int flags) +int jfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name, + const void *value, size_t value_len, int flags) { - struct inode *inode = dentry->d_inode; struct jfs_inode_info *ji = JFS_IP(inode); int rc; tid_t tid; @@ -860,7 +859,8 @@ int jfs_setxattr(struct dentry *dentry, const char *name, const void *value, * for it via sb->s_xattr. */ if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) - return generic_setxattr(dentry, name, value, value_len, flags); + return generic_setxattr(dentry, inode, name, value, value_len, + flags); if ((rc = can_set_xattr(inode, name, value, value_len))) return rc; @@ -872,7 +872,7 @@ int jfs_setxattr(struct dentry *dentry, const char *name, const void *value, tid = txBegin(inode->i_sb, 0); mutex_lock(&ji->commit_mutex); - rc = __jfs_setxattr(tid, dentry->d_inode, name, value, value_len, + rc = __jfs_setxattr(tid, inode, name, value, value_len, flags); if (!rc) rc = txCommit(tid, 1, &inode, 0); diff --git a/fs/kernfs/inode.c b/fs/kernfs/inode.c index 332ccaf..d422c76 100644 --- a/fs/kernfs/inode.c +++ b/fs/kernfs/inode.c @@ -169,10 +169,11 @@ static int kernfs_node_setsecdata(struct kernfs_node *kn, void **secdata, return 0; } -int kernfs_iop_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags) +int kernfs_iop_setxattr(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags) { - struct kernfs_node *kn = dentry->d_fsdata; + struct kernfs_node *kn = inode->i_private; struct kernfs_iattrs *attrs; void *secdata; int error; @@ -184,11 +185,11 @@ int kernfs_iop_setxattr(struct dentry *dentry, const char *name, if (!strncmp(name, XATTR_SECURITY_PREFIX, XATTR_SECURITY_PREFIX_LEN)) { const char *suffix = name + XATTR_SECURITY_PREFIX_LEN; - error = security_inode_setsecurity(dentry->d_inode, suffix, + error = security_inode_setsecurity(inode, suffix, value, size, flags); if (error) return error; - error = security_inode_getsecctx(dentry->d_inode, + error = security_inode_getsecctx(inode, &secdata, &secdata_len); if (error) return error; diff --git a/fs/kernfs/kernfs-internal.h b/fs/kernfs/kernfs-internal.h index 35b9ee1..b7469cf 100644 --- a/fs/kernfs/kernfs-internal.h +++ b/fs/kernfs/kernfs-internal.h @@ -82,7 +82,8 @@ int kernfs_iop_permission(struct inode *inode, int mask); int kernfs_iop_setattr(struct dentry *dentry, struct iattr *iattr); int kernfs_iop_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat); -int kernfs_iop_setxattr(struct dentry *dentry, const char *name, const void *value, +int kernfs_iop_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, size_t size, int flags); int kernfs_iop_removexattr(struct dentry *dentry, const char *name); ssize_t kernfs_iop_getxattr(struct dentry *dentry, struct inode *inode, diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index 04b5520..810969d 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c @@ -213,8 +213,9 @@ bool ovl_is_private_xattr(const char *name) return strncmp(name, "trusted.overlay.", 14) == 0; } -int ovl_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags) +int ovl_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, + size_t size, int flags) { int err; struct dentry *upperdentry; diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h index 66b56ea..214baf0 100644 --- a/fs/overlayfs/overlayfs.h +++ b/fs/overlayfs/overlayfs.h @@ -159,8 +159,9 @@ void ovl_cache_free(struct list_head *list); /* inode.c */ int ovl_setattr(struct dentry *dentry, struct iattr *attr); int ovl_permission(struct inode *inode, int mask); -int ovl_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags); +int ovl_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, + size_t size, int flags); ssize_t ovl_getxattr(struct dentry *dentry, struct inode *inode, const char *name, void *value, size_t size); ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size); diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c index b5d64cc..5251955 100644 --- a/fs/reiserfs/xattr.c +++ b/fs/reiserfs/xattr.c @@ -787,8 +787,8 @@ reiserfs_getxattr(struct dentry *dentry, struct inode *inode, * dentry->d_inode->i_mutex down */ int -reiserfs_setxattr(struct dentry *dentry, const char *name, const void *value, - size_t size, int flags) +reiserfs_setxattr(struct dentry *dentry, struct inode *inode, const char *name, + const void *value, size_t size, int flags) { const struct xattr_handler *handler; @@ -797,8 +797,8 @@ reiserfs_setxattr(struct dentry *dentry, const char *name, const void *value, if (!handler || get_inode_sd_version(dentry->d_inode) == STAT_DATA_V1) return -EOPNOTSUPP; - return handler->set(dentry, dentry->d_inode, name, value, size, - flags, handler->flags); + return handler->set(dentry, inode, name, value, size, flags, + handler->flags); } /* diff --git a/fs/reiserfs/xattr.h b/fs/reiserfs/xattr.h index 033bac1..0762779 100644 --- a/fs/reiserfs/xattr.h +++ b/fs/reiserfs/xattr.h @@ -20,8 +20,9 @@ int reiserfs_permission(struct inode *inode, int mask); #define has_xattr_dir(inode) (REISERFS_I(inode)->i_flags & i_has_xattr_dir) ssize_t reiserfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name, void *buffer, size_t size); -int reiserfs_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags); +int reiserfs_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, size_t size, + int flags); ssize_t reiserfs_listxattr(struct dentry *dentry, char *buffer, size_t size); int reiserfs_removexattr(struct dentry *dentry, const char *name); diff --git a/fs/ubifs/ubifs.h b/fs/ubifs/ubifs.h index c35436f..7b022a9 100644 --- a/fs/ubifs/ubifs.h +++ b/fs/ubifs/ubifs.h @@ -1748,7 +1748,7 @@ int ubifs_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat); /* xattr.c */ -int ubifs_setxattr(struct dentry *dentry, const char *name, +int ubifs_setxattr(struct dentry *dentry, struct inode *inode, const char *name, const void *value, size_t size, int flags); ssize_t ubifs_getxattr(struct dentry *dentry, struct inode *host, const char *name, void *buf, size_t size); diff --git a/fs/ubifs/xattr.c b/fs/ubifs/xattr.c index 698194f..13104e4 100644 --- a/fs/ubifs/xattr.c +++ b/fs/ubifs/xattr.c @@ -294,10 +294,10 @@ static struct inode *iget_xattr(struct ubifs_info *c, ino_t inum) return ERR_PTR(-EINVAL); } -int ubifs_setxattr(struct dentry *dentry, const char *name, +int ubifs_setxattr(struct dentry *dentry, struct inode *host, const char *name, const void *value, size_t size, int flags) { - struct inode *inode, *host = dentry->d_inode; + struct inode *inode; struct ubifs_info *c = host->i_sb->s_fs_info; struct qstr nm = QSTR_INIT(name, strlen(name)); struct ubifs_dent_node *xent; diff --git a/fs/xattr.c b/fs/xattr.c index 87bd926..d6351cb 100644 --- a/fs/xattr.c +++ b/fs/xattr.c @@ -100,7 +100,7 @@ int __vfs_setxattr_noperm(struct dentry *dentry, const char *name, if (issec) inode->i_flags &= ~S_NOSEC; if (inode->i_op->setxattr) { - error = inode->i_op->setxattr(dentry, name, value, size, flags); + error = inode->i_op->setxattr(dentry, inode, name, value, size, flags); if (!error) { fsnotify_xattr(dentry); security_inode_post_setxattr(dentry, name, value, @@ -764,7 +764,8 @@ generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size) * Find the handler for the prefix and dispatch its set() operation. */ int -generic_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags) +generic_setxattr(struct dentry *dentry, struct inode *inode, const char *name, + const void *value, size_t size, int flags) { const struct xattr_handler *handler; @@ -773,8 +774,8 @@ generic_setxattr(struct dentry *dentry, const char *name, const void *value, siz handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name); if (!handler) return -EOPNOTSUPP; - return handler->set(dentry, dentry->d_inode, name, value, size, - flags, handler->flags); + return handler->set(dentry, inode, name, value, size, flags, + handler->flags); } /* diff --git a/include/linux/fs.h b/include/linux/fs.h index 7586207..ba463aa 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1537,7 +1537,8 @@ struct inode_operations { struct inode *, struct dentry *, unsigned int); int (*setattr) (struct dentry *, struct iattr *); int (*getattr) (struct vfsmount *mnt, struct dentry *, struct kstat *); - int (*setxattr) (struct dentry *, const char *,const void *,size_t,int); + int (*setxattr) (struct dentry *, struct inode *, + const char *, const void *, size_t, int); ssize_t (*getxattr) (struct dentry *, struct inode *, const char *, void *, size_t); ssize_t (*listxattr) (struct dentry *, char *, size_t); diff --git a/include/linux/xattr.h b/include/linux/xattr.h index 0027b04..ac6e270 100644 --- a/include/linux/xattr.h +++ b/include/linux/xattr.h @@ -46,7 +46,8 @@ int vfs_removexattr(struct dentry *, const char *); ssize_t generic_getxattr(struct dentry *dentry, struct inode *inode, const char *name, void *buffer, size_t size); ssize_t generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size); -int generic_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); +int generic_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, size_t size, int flags); int generic_removexattr(struct dentry *dentry, const char *name); ssize_t vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value, size_t size, gfp_t flags); diff --git a/mm/shmem.c b/mm/shmem.c index 8be47d4..f926e5e 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -2597,10 +2597,11 @@ static ssize_t shmem_getxattr(struct dentry *dentry, struct inode *inode, return simple_xattr_get(&info->xattrs, name, buffer, size); } -static int shmem_setxattr(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags) +static int shmem_setxattr(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, size_t size, + int flags) { - struct shmem_inode_info *info = SHMEM_I(dentry->d_inode); + struct shmem_inode_info *info = SHMEM_I(inode); int err; /* @@ -2609,7 +2610,8 @@ static int shmem_setxattr(struct dentry *dentry, const char *name, * for it via sb->s_xattr. */ if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) - return generic_setxattr(dentry, name, value, size, flags); + return generic_setxattr(dentry, inode, name, value, size, + flags); err = shmem_xattr_validate(name); if (err) diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index 764e521..444a619 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -3139,7 +3139,7 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) */ if (isp->smk_flags & SMK_INODE_CHANGED) { isp->smk_flags &= ~SMK_INODE_CHANGED; - rc = inode->i_op->setxattr(dp, + rc = inode->i_op->setxattr(dp, inode, XATTR_NAME_SMACKTRANSMUTE, TRANS_TRUE, TRANS_TRUE_SIZE, 0); -- 1.7.4.1

7 years, 1 month

1
0
0 0

[PATCH 3.18.y 4/5] switch xattr_handler->set() to passing dentry and inode separately

by Seung-Woo Kim

From: Al Viro <viro(a)zeniv.linux.org.uk> preparation for similar switch in ->setxattr() (see the next commit for rationale). Signed-off-by: Al Viro <viro(a)zeniv.linux.org.uk> [sw0312.kim: backport to 3.18 including ext3] Signed-off-by: Seung-Woo Kim <sw0312.kim(a)samsung.com> --- fs/9p/acl.c | 7 +++---- fs/9p/xattr_security.c | 5 +++-- fs/9p/xattr_trusted.c | 5 +++-- fs/9p/xattr_user.c | 5 +++-- fs/ext2/xattr_security.c | 7 ++++--- fs/ext2/xattr_trusted.c | 7 ++++--- fs/ext2/xattr_user.c | 9 +++++---- fs/ext3/xattr_security.c | 7 ++++--- fs/ext3/xattr_trusted.c | 7 ++++--- fs/ext3/xattr_user.c | 9 +++++---- fs/ext4/xattr_security.c | 7 ++++--- fs/ext4/xattr_trusted.c | 7 ++++--- fs/ext4/xattr_user.c | 9 +++++---- fs/f2fs/xattr.c | 17 ++++++++--------- fs/gfs2/xattr.c | 7 ++++--- fs/hfsplus/xattr.c | 7 ++++--- fs/hfsplus/xattr.h | 4 ++-- fs/hfsplus/xattr_security.c | 7 ++++--- fs/hfsplus/xattr_trusted.c | 7 ++++--- fs/hfsplus/xattr_user.c | 7 ++++--- fs/jffs2/security.c | 7 ++++--- fs/jffs2/xattr_trusted.c | 7 ++++--- fs/jffs2/xattr_user.c | 7 ++++--- fs/nfs/nfs4proc.c | 19 +++++++++---------- fs/ocfs2/xattr.c | 23 +++++++++++++---------- fs/posix_acl.c | 6 +++--- fs/reiserfs/xattr.c | 6 ++++-- fs/reiserfs/xattr_security.c | 8 ++++---- fs/reiserfs/xattr_trusted.c | 8 ++++---- fs/reiserfs/xattr_user.c | 8 ++++---- fs/xattr.c | 5 +++-- fs/xfs/xfs_xattr.c | 7 ++++--- include/linux/xattr.h | 5 +++-- 33 files changed, 144 insertions(+), 119 deletions(-) diff --git a/fs/9p/acl.c b/fs/9p/acl.c index 938e1a4..0928d74 100644 --- a/fs/9p/acl.c +++ b/fs/9p/acl.c @@ -279,14 +279,13 @@ static int v9fs_remote_set_acl(struct dentry *dentry, const char *name, } -static int v9fs_xattr_set_acl(struct dentry *dentry, const char *name, - const void *value, size_t size, - int flags, int type) +static int v9fs_xattr_set_acl(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { int retval; struct posix_acl *acl; struct v9fs_session_info *v9ses; - struct inode *inode = dentry->d_inode; if (strcmp(name, "") != 0) return -EINVAL; diff --git a/fs/9p/xattr_security.c b/fs/9p/xattr_security.c index df692f9..242c1f8 100644 --- a/fs/9p/xattr_security.c +++ b/fs/9p/xattr_security.c @@ -47,8 +47,9 @@ static int v9fs_xattr_security_get(struct dentry *dentry, struct inode *inode, return retval; } -static int v9fs_xattr_security_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +static int v9fs_xattr_security_set(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { int retval; char *full_name; diff --git a/fs/9p/xattr_trusted.c b/fs/9p/xattr_trusted.c index acfadcf..a1fe7d9 100644 --- a/fs/9p/xattr_trusted.c +++ b/fs/9p/xattr_trusted.c @@ -47,8 +47,9 @@ static int v9fs_xattr_trusted_get(struct dentry *dentry, struct inode *inode, return retval; } -static int v9fs_xattr_trusted_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +static int v9fs_xattr_trusted_set(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { int retval; char *full_name; diff --git a/fs/9p/xattr_user.c b/fs/9p/xattr_user.c index 9b37675..7a34aca 100644 --- a/fs/9p/xattr_user.c +++ b/fs/9p/xattr_user.c @@ -47,8 +47,9 @@ static int v9fs_xattr_user_get(struct dentry *dentry, struct inode *inode, return retval; } -static int v9fs_xattr_user_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +static int v9fs_xattr_user_set(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { int retval; char *full_name; diff --git a/fs/ext2/xattr_security.c b/fs/ext2/xattr_security.c index 1d53da4..3ece525 100644 --- a/fs/ext2/xattr_security.c +++ b/fs/ext2/xattr_security.c @@ -33,12 +33,13 @@ ext2_xattr_security_get(struct dentry *unused, struct inode *inode, } static int -ext2_xattr_security_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +ext2_xattr_security_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { if (strcmp(name, "") == 0) return -EINVAL; - return ext2_xattr_set(dentry->d_inode, EXT2_XATTR_INDEX_SECURITY, name, + return ext2_xattr_set(inode, EXT2_XATTR_INDEX_SECURITY, name, value, size, flags); } diff --git a/fs/ext2/xattr_trusted.c b/fs/ext2/xattr_trusted.c index dd05f14..d88cbb1 100644 --- a/fs/ext2/xattr_trusted.c +++ b/fs/ext2/xattr_trusted.c @@ -37,12 +37,13 @@ ext2_xattr_trusted_get(struct dentry *unused, struct inode *inode, } static int -ext2_xattr_trusted_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +ext2_xattr_trusted_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { if (strcmp(name, "") == 0) return -EINVAL; - return ext2_xattr_set(dentry->d_inode, EXT2_XATTR_INDEX_TRUSTED, name, + return ext2_xattr_set(inode, EXT2_XATTR_INDEX_TRUSTED, name, value, size, flags); } diff --git a/fs/ext2/xattr_user.c b/fs/ext2/xattr_user.c index b3289d5..b96a8f8 100644 --- a/fs/ext2/xattr_user.c +++ b/fs/ext2/xattr_user.c @@ -41,15 +41,16 @@ ext2_xattr_user_get(struct dentry *unused, struct inode *inode, } static int -ext2_xattr_user_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +ext2_xattr_user_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { if (strcmp(name, "") == 0) return -EINVAL; - if (!test_opt(dentry->d_sb, XATTR_USER)) + if (!test_opt(inode->i_sb, XATTR_USER)) return -EOPNOTSUPP; - return ext2_xattr_set(dentry->d_inode, EXT2_XATTR_INDEX_USER, + return ext2_xattr_set(inode, EXT2_XATTR_INDEX_USER, name, value, size, flags); } diff --git a/fs/ext3/xattr_security.c b/fs/ext3/xattr_security.c index 3e60abc..815f8c4 100644 --- a/fs/ext3/xattr_security.c +++ b/fs/ext3/xattr_security.c @@ -34,12 +34,13 @@ ext3_xattr_security_get(struct dentry *unused, struct inode *inode, } static int -ext3_xattr_security_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +ext3_xattr_security_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { if (strcmp(name, "") == 0) return -EINVAL; - return ext3_xattr_set(dentry->d_inode, EXT3_XATTR_INDEX_SECURITY, + return ext3_xattr_set(inode, EXT3_XATTR_INDEX_SECURITY, name, value, size, flags); } diff --git a/fs/ext3/xattr_trusted.c b/fs/ext3/xattr_trusted.c index 9fe035b..f9e1769 100644 --- a/fs/ext3/xattr_trusted.c +++ b/fs/ext3/xattr_trusted.c @@ -37,12 +37,13 @@ ext3_xattr_trusted_get(struct dentry *unused, struct inode *inode, } static int -ext3_xattr_trusted_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +ext3_xattr_trusted_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { if (strcmp(name, "") == 0) return -EINVAL; - return ext3_xattr_set(dentry->d_inode, EXT3_XATTR_INDEX_TRUSTED, name, + return ext3_xattr_set(inode, EXT3_XATTR_INDEX_TRUSTED, name, value, size, flags); } diff --git a/fs/ext3/xattr_user.c b/fs/ext3/xattr_user.c index 8856f51..ce7b23d 100644 --- a/fs/ext3/xattr_user.c +++ b/fs/ext3/xattr_user.c @@ -39,14 +39,15 @@ ext3_xattr_user_get(struct dentry *unused, struct inode *inode, } static int -ext3_xattr_user_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +ext3_xattr_user_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { if (strcmp(name, "") == 0) return -EINVAL; - if (!test_opt(dentry->d_sb, XATTR_USER)) + if (!test_opt(inode->i_sb, XATTR_USER)) return -EOPNOTSUPP; - return ext3_xattr_set(dentry->d_inode, EXT3_XATTR_INDEX_USER, + return ext3_xattr_set(inode, EXT3_XATTR_INDEX_USER, name, value, size, flags); } diff --git a/fs/ext4/xattr_security.c b/fs/ext4/xattr_security.c index 7704e94..c0dc82d 100644 --- a/fs/ext4/xattr_security.c +++ b/fs/ext4/xattr_security.c @@ -38,12 +38,13 @@ ext4_xattr_security_get(struct dentry *unused, struct inode *inode, } static int -ext4_xattr_security_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +ext4_xattr_security_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { if (strcmp(name, "") == 0) return -EINVAL; - return ext4_xattr_set(dentry->d_inode, EXT4_XATTR_INDEX_SECURITY, + return ext4_xattr_set(inode, EXT4_XATTR_INDEX_SECURITY, name, value, size, flags); } diff --git a/fs/ext4/xattr_trusted.c b/fs/ext4/xattr_trusted.c index 7bf8df2..42d6db0 100644 --- a/fs/ext4/xattr_trusted.c +++ b/fs/ext4/xattr_trusted.c @@ -41,12 +41,13 @@ ext4_xattr_trusted_get(struct dentry *unused, struct inode *inode, } static int -ext4_xattr_trusted_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +ext4_xattr_trusted_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { if (strcmp(name, "") == 0) return -EINVAL; - return ext4_xattr_set(dentry->d_inode, EXT4_XATTR_INDEX_TRUSTED, + return ext4_xattr_set(inode, EXT4_XATTR_INDEX_TRUSTED, name, value, size, flags); } diff --git a/fs/ext4/xattr_user.c b/fs/ext4/xattr_user.c index afad2827..f37a4ff 100644 --- a/fs/ext4/xattr_user.c +++ b/fs/ext4/xattr_user.c @@ -42,14 +42,15 @@ ext4_xattr_user_get(struct dentry *unused, struct inode *inode, } static int -ext4_xattr_user_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +ext4_xattr_user_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { if (strcmp(name, "") == 0) return -EINVAL; - if (!test_opt(dentry->d_sb, XATTR_USER)) + if (!test_opt(inode->i_sb, XATTR_USER)) return -EOPNOTSUPP; - return ext4_xattr_set(dentry->d_inode, EXT4_XATTR_INDEX_USER, + return ext4_xattr_set(inode, EXT4_XATTR_INDEX_USER, name, value, size, flags); } diff --git a/fs/f2fs/xattr.c b/fs/f2fs/xattr.c index a6e15c5..3f4705f 100644 --- a/fs/f2fs/xattr.c +++ b/fs/f2fs/xattr.c @@ -87,10 +87,11 @@ static int f2fs_xattr_generic_get(struct dentry *unused, struct inode *inode, return f2fs_getxattr(inode, type, name, buffer, size); } -static int f2fs_xattr_generic_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +static int f2fs_xattr_generic_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { - struct f2fs_sb_info *sbi = F2FS_SB(dentry->d_sb); + struct f2fs_sb_info *sbi = F2FS_SB(inode->i_sb); switch (type) { case F2FS_XATTR_INDEX_USER: @@ -109,8 +110,7 @@ static int f2fs_xattr_generic_set(struct dentry *dentry, const char *name, if (strcmp(name, "") == 0) return -EINVAL; - return f2fs_setxattr(dentry->d_inode, type, name, - value, size, NULL, flags); + return f2fs_setxattr(inode, type, name, value, size, NULL, flags); } static size_t f2fs_xattr_advise_list(struct dentry *dentry, char *list, @@ -138,11 +138,10 @@ static int f2fs_xattr_advise_get(struct dentry *unused, struct inode *inode, return sizeof(char); } -static int f2fs_xattr_advise_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +static int f2fs_xattr_advise_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { - struct inode *inode = dentry->d_inode; - if (strcmp(name, "") != 0) return -EINVAL; if (!inode_owner_or_capable(inode)) diff --git a/fs/gfs2/xattr.c b/fs/gfs2/xattr.c index 0c15e9f..96e47b0 100644 --- a/fs/gfs2/xattr.c +++ b/fs/gfs2/xattr.c @@ -1227,10 +1227,11 @@ int __gfs2_xattr_set(struct inode *inode, const char *name, return error; } -static int gfs2_xattr_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +static int gfs2_xattr_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { - return __gfs2_xattr_set(dentry->d_inode, name, value, + return __gfs2_xattr_set(inode, name, value, size, flags, type); } diff --git a/fs/hfsplus/xattr.c b/fs/hfsplus/xattr.c index 1377437..1ac46a2 100644 --- a/fs/hfsplus/xattr.c +++ b/fs/hfsplus/xattr.c @@ -826,8 +826,9 @@ static int hfsplus_osx_getxattr(struct dentry *unused, struct inode *inode, return hfsplus_getxattr(inode, name, buffer, size); } -static int hfsplus_osx_setxattr(struct dentry *dentry, const char *name, - const void *buffer, size_t size, int flags, int type) +static int hfsplus_osx_setxattr(struct dentry *unused, struct inode *inode, + const char *name, const void *buffer, + size_t size, int flags, int type) { if (!strcmp(name, "")) return -EINVAL; @@ -845,7 +846,7 @@ static int hfsplus_osx_setxattr(struct dentry *dentry, const char *name, * creates), so we pass the name through unmodified (after * ensuring it doesn't conflict with another namespace). */ - return hfsplus_setxattr(dentry, name, buffer, size, flags); + return hfsplus_setxattr(inode, name, buffer, size, flags); } static size_t hfsplus_osx_listxattr(struct dentry *dentry, char *list, diff --git a/fs/hfsplus/xattr.h b/fs/hfsplus/xattr.h index ba9d80d7..28337f5 100644 --- a/fs/hfsplus/xattr.h +++ b/fs/hfsplus/xattr.h @@ -21,10 +21,10 @@ extern const struct xattr_handler *hfsplus_xattr_handlers[]; int __hfsplus_setxattr(struct inode *inode, const char *name, const void *value, size_t size, int flags); -static inline int hfsplus_setxattr(struct dentry *dentry, const char *name, +static inline int hfsplus_setxattr(struct inode *inode, const char *name, const void *value, size_t size, int flags) { - return __hfsplus_setxattr(dentry->d_inode, name, value, size, flags); + return __hfsplus_setxattr(inode, name, value, size, flags); } ssize_t __hfsplus_getxattr(struct inode *inode, const char *name, diff --git a/fs/hfsplus/xattr_security.c b/fs/hfsplus/xattr_security.c index 77d7f29..ccbc7df 100644 --- a/fs/hfsplus/xattr_security.c +++ b/fs/hfsplus/xattr_security.c @@ -35,8 +35,9 @@ static int hfsplus_security_getxattr(struct dentry *unused, struct inode *inode, return res; } -static int hfsplus_security_setxattr(struct dentry *dentry, const char *name, - const void *buffer, size_t size, int flags, int type) +static int hfsplus_security_setxattr(struct dentry *unused, struct inode *inode, + const char *name, const void *buffer, + size_t size, int flags, int type) { char *xattr_name; int res; @@ -51,7 +52,7 @@ static int hfsplus_security_setxattr(struct dentry *dentry, const char *name, strcpy(xattr_name, XATTR_SECURITY_PREFIX); strcpy(xattr_name + XATTR_SECURITY_PREFIX_LEN, name); - res = hfsplus_setxattr(dentry, xattr_name, buffer, size, flags); + res = hfsplus_setxattr(inode, xattr_name, buffer, size, flags); kfree(xattr_name); return res; } diff --git a/fs/hfsplus/xattr_trusted.c b/fs/hfsplus/xattr_trusted.c index 5c9e7a0..5d54660 100644 --- a/fs/hfsplus/xattr_trusted.c +++ b/fs/hfsplus/xattr_trusted.c @@ -33,8 +33,9 @@ static int hfsplus_trusted_getxattr(struct dentry *unused, struct inode *inode, return res; } -static int hfsplus_trusted_setxattr(struct dentry *dentry, const char *name, - const void *buffer, size_t size, int flags, int type) +static int hfsplus_trusted_setxattr(struct dentry *unused, struct inode *inode, + const char *name, const void *buffer, + size_t size, int flags, int type) { char *xattr_name; int res; @@ -49,7 +50,7 @@ static int hfsplus_trusted_setxattr(struct dentry *dentry, const char *name, strcpy(xattr_name, XATTR_TRUSTED_PREFIX); strcpy(xattr_name + XATTR_TRUSTED_PREFIX_LEN, name); - res = hfsplus_setxattr(dentry, xattr_name, buffer, size, flags); + res = hfsplus_setxattr(inode, xattr_name, buffer, size, flags); kfree(xattr_name); return res; } diff --git a/fs/hfsplus/xattr_user.c b/fs/hfsplus/xattr_user.c index c7c424c..931c054 100644 --- a/fs/hfsplus/xattr_user.c +++ b/fs/hfsplus/xattr_user.c @@ -33,8 +33,9 @@ static int hfsplus_user_getxattr(struct dentry *unused, struct inode *inode, return res; } -static int hfsplus_user_setxattr(struct dentry *dentry, const char *name, - const void *buffer, size_t size, int flags, int type) +static int hfsplus_user_setxattr(struct dentry *unused, struct inode *inode, + const char *name, const void *buffer, + size_t size, int flags, int type) { char *xattr_name; int res; @@ -49,7 +50,7 @@ static int hfsplus_user_setxattr(struct dentry *dentry, const char *name, strcpy(xattr_name, XATTR_USER_PREFIX); strcpy(xattr_name + XATTR_USER_PREFIX_LEN, name); - res = hfsplus_setxattr(dentry, xattr_name, buffer, size, flags); + res = hfsplus_setxattr(inode, xattr_name, buffer, size, flags); kfree(xattr_name); return res; } diff --git a/fs/jffs2/security.c b/fs/jffs2/security.c index 77a9db6..f8ee8a2 100644 --- a/fs/jffs2/security.c +++ b/fs/jffs2/security.c @@ -59,13 +59,14 @@ static int jffs2_security_getxattr(struct dentry *unused, struct inode *inode, name, buffer, size); } -static int jffs2_security_setxattr(struct dentry *dentry, const char *name, - const void *buffer, size_t size, int flags, int type) +static int jffs2_security_setxattr(struct dentry *unused, struct inode *inode, + const char *name, const void *buffer, + size_t size, int flags, int type) { if (!strcmp(name, "")) return -EINVAL; - return do_jffs2_setxattr(dentry->d_inode, JFFS2_XPREFIX_SECURITY, + return do_jffs2_setxattr(inode, JFFS2_XPREFIX_SECURITY, name, buffer, size, flags); } diff --git a/fs/jffs2/xattr_trusted.c b/fs/jffs2/xattr_trusted.c index 7b2fe19..0f36f46 100644 --- a/fs/jffs2/xattr_trusted.c +++ b/fs/jffs2/xattr_trusted.c @@ -26,12 +26,13 @@ static int jffs2_trusted_getxattr(struct dentry *unused, struct inode *inode, name, buffer, size); } -static int jffs2_trusted_setxattr(struct dentry *dentry, const char *name, - const void *buffer, size_t size, int flags, int type) +static int jffs2_trusted_setxattr(struct dentry *unused, struct inode *inode, + const char *name, const void *buffer, + size_t size, int flags, int type) { if (!strcmp(name, "")) return -EINVAL; - return do_jffs2_setxattr(dentry->d_inode, JFFS2_XPREFIX_TRUSTED, + return do_jffs2_setxattr(inode, JFFS2_XPREFIX_TRUSTED, name, buffer, size, flags); } diff --git a/fs/jffs2/xattr_user.c b/fs/jffs2/xattr_user.c index 0d8b125..62551b6 100644 --- a/fs/jffs2/xattr_user.c +++ b/fs/jffs2/xattr_user.c @@ -26,12 +26,13 @@ static int jffs2_user_getxattr(struct dentry *unused, struct inode *inode, name, buffer, size); } -static int jffs2_user_setxattr(struct dentry *dentry, const char *name, - const void *buffer, size_t size, int flags, int type) +static int jffs2_user_setxattr(struct dentry *unused, struct inode *inode, + const char *name, const void *buffer, + size_t size, int flags, int type) { if (!strcmp(name, "")) return -EINVAL; - return do_jffs2_setxattr(dentry->d_inode, JFFS2_XPREFIX_USER, + return do_jffs2_setxattr(inode, JFFS2_XPREFIX_USER, name, buffer, size, flags); } diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index 3e0df4a1..7ccecfb 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -4781,12 +4781,11 @@ static int nfs4_do_set_security_label(struct inode *inode, } static int -nfs4_set_security_label(struct dentry *dentry, const void *buf, size_t buflen) +nfs4_set_security_label(struct inode *inode, const void *buf, size_t buflen) { struct nfs4_label ilabel, *olabel = NULL; struct nfs_fattr fattr; struct rpc_cred *cred; - struct inode *inode = dentry->d_inode; int status; if (!nfs_server_capable(inode, NFS_CAP_SECURITY_LABEL)) @@ -6037,14 +6036,14 @@ nfs4_release_lockowner(struct nfs_server *server, struct nfs4_lock_state *lsp) #define XATTR_NAME_NFSV4_ACL "system.nfs4_acl" -static int nfs4_xattr_set_nfs4_acl(struct dentry *dentry, const char *key, - const void *buf, size_t buflen, - int flags, int type) +static int nfs4_xattr_set_nfs4_acl(struct dentry *unused, struct inode *inode, + const char *key, const void *buf, + size_t buflen, int flags, int type) { if (strcmp(key, "") != 0) return -EINVAL; - return nfs4_proc_set_acl(dentry->d_inode, buf, buflen); + return nfs4_proc_set_acl(inode, buf, buflen); } static int nfs4_xattr_get_nfs4_acl(struct dentry *unused, struct inode *inode, @@ -6077,12 +6076,12 @@ static inline int nfs4_server_supports_labels(struct nfs_server *server) return server->caps & NFS_CAP_SECURITY_LABEL; } -static int nfs4_xattr_set_nfs4_label(struct dentry *dentry, const char *key, - const void *buf, size_t buflen, - int flags, int type) +static int nfs4_xattr_set_nfs4_label(struct dentry *unused, struct inode *inode, + const char *key, const void *buf, + size_t buflen, int flags, int type) { if (security_ismaclabel(key)) - return nfs4_set_security_label(dentry, buf, buflen); + return nfs4_set_security_label(inode, buf, buflen); return -EOPNOTSUPP; } diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c index 8f42eaa..2d6aa1a 100644 --- a/fs/ocfs2/xattr.c +++ b/fs/ocfs2/xattr.c @@ -7262,13 +7262,14 @@ static int ocfs2_xattr_security_get(struct dentry *unused, struct inode *inode, name, buffer, size); } -static int ocfs2_xattr_security_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +static int ocfs2_xattr_security_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { if (strcmp(name, "") == 0) return -EINVAL; - return ocfs2_xattr_set(dentry->d_inode, OCFS2_XATTR_INDEX_SECURITY, + return ocfs2_xattr_set(inode, OCFS2_XATTR_INDEX_SECURITY, name, value, size, flags); } @@ -7353,13 +7354,14 @@ static int ocfs2_xattr_trusted_get(struct dentry *unused, struct inode *inode, name, buffer, size); } -static int ocfs2_xattr_trusted_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +static int ocfs2_xattr_trusted_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { if (strcmp(name, "") == 0) return -EINVAL; - return ocfs2_xattr_set(dentry->d_inode, OCFS2_XATTR_INDEX_TRUSTED, + return ocfs2_xattr_set(inode, OCFS2_XATTR_INDEX_TRUSTED, name, value, size, flags); } @@ -7406,17 +7408,18 @@ static int ocfs2_xattr_user_get(struct dentry *unused, struct inode *inode, buffer, size); } -static int ocfs2_xattr_user_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +static int ocfs2_xattr_user_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int type) { - struct ocfs2_super *osb = OCFS2_SB(dentry->d_sb); + struct ocfs2_super *osb = OCFS2_SB(inode->i_sb); if (strcmp(name, "") == 0) return -EINVAL; if (osb->s_mount_opt & OCFS2_MOUNT_NOUSERXATTR) return -EOPNOTSUPP; - return ocfs2_xattr_set(dentry->d_inode, OCFS2_XATTR_INDEX_USER, + return ocfs2_xattr_set(inode, OCFS2_XATTR_INDEX_USER, name, value, size, flags); } diff --git a/fs/posix_acl.c b/fs/posix_acl.c index a9d6c01..81b0008 100644 --- a/fs/posix_acl.c +++ b/fs/posix_acl.c @@ -841,10 +841,10 @@ set_posix_acl(struct inode *inode, int type, struct posix_acl *acl) EXPORT_SYMBOL(set_posix_acl); static int -posix_acl_xattr_set(struct dentry *dentry, const char *name, - const void *value, size_t size, int flags, int type) +posix_acl_xattr_set(struct dentry *dentry, struct inode *inode, + const char *name, const void *value, size_t size, + int flags, int type) { - struct inode *inode = dentry->d_inode; struct posix_acl *acl = NULL; int ret; diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c index 40d4fcc..b5d64cc 100644 --- a/fs/reiserfs/xattr.c +++ b/fs/reiserfs/xattr.c @@ -797,7 +797,8 @@ reiserfs_setxattr(struct dentry *dentry, const char *name, const void *value, if (!handler || get_inode_sd_version(dentry->d_inode) == STAT_DATA_V1) return -EOPNOTSUPP; - return handler->set(dentry, name, value, size, flags, handler->flags); + return handler->set(dentry, dentry->d_inode, name, value, size, + flags, handler->flags); } /* @@ -814,7 +815,8 @@ int reiserfs_removexattr(struct dentry *dentry, const char *name) if (!handler || get_inode_sd_version(dentry->d_inode) == STAT_DATA_V1) return -EOPNOTSUPP; - return handler->set(dentry, name, NULL, 0, XATTR_REPLACE, handler->flags); + return handler->set(dentry, dentry->d_inode, name, NULL, 0, + XATTR_REPLACE, handler->flags); } struct listxattr_buf { diff --git a/fs/reiserfs/xattr_security.c b/fs/reiserfs/xattr_security.c index dad61a9..d68b8da 100644 --- a/fs/reiserfs/xattr_security.c +++ b/fs/reiserfs/xattr_security.c @@ -22,16 +22,16 @@ security_get(struct dentry *unused, struct inode *inode, const char *name, } static int -security_set(struct dentry *dentry, const char *name, const void *buffer, - size_t size, int flags, int handler_flags) +security_set(struct dentry *unused, struct inode *inode, const char *name, + const void *buffer, size_t size, int flags, int handler_flags) { if (strlen(name) < sizeof(XATTR_SECURITY_PREFIX)) return -EINVAL; - if (IS_PRIVATE(dentry->d_inode)) + if (IS_PRIVATE(inode)) return -EPERM; - return reiserfs_xattr_set(dentry->d_inode, name, buffer, size, flags); + return reiserfs_xattr_set(inode, name, buffer, size, flags); } static size_t security_list(struct dentry *dentry, char *list, size_t list_len, diff --git a/fs/reiserfs/xattr_trusted.c b/fs/reiserfs/xattr_trusted.c index 9e3cf4a..8202daa 100644 --- a/fs/reiserfs/xattr_trusted.c +++ b/fs/reiserfs/xattr_trusted.c @@ -21,16 +21,16 @@ trusted_get(struct dentry *unused, struct inode *inode, const char *name, } static int -trusted_set(struct dentry *dentry, const char *name, const void *buffer, - size_t size, int flags, int handler_flags) +trusted_set(struct dentry *unused, struct inode *inode, const char *name, + const void *buffer, size_t size, int flags, int handler_flags) { if (strlen(name) < sizeof(XATTR_TRUSTED_PREFIX)) return -EINVAL; - if (!capable(CAP_SYS_ADMIN) || IS_PRIVATE(dentry->d_inode)) + if (!capable(CAP_SYS_ADMIN) || IS_PRIVATE(inode)) return -EPERM; - return reiserfs_xattr_set(dentry->d_inode, name, buffer, size, flags); + return reiserfs_xattr_set(inode, name, buffer, size, flags); } static size_t trusted_list(struct dentry *dentry, char *list, size_t list_size, diff --git a/fs/reiserfs/xattr_user.c b/fs/reiserfs/xattr_user.c index 8c0d2ef..5d0ec05 100644 --- a/fs/reiserfs/xattr_user.c +++ b/fs/reiserfs/xattr_user.c @@ -19,15 +19,15 @@ user_get(struct dentry *unused, struct inode *inode, const char *name, } static int -user_set(struct dentry *dentry, const char *name, const void *buffer, - size_t size, int flags, int handler_flags) +user_set(struct dentry *unused, struct inode *inode, const char *name, + const void *buffer, size_t size, int flags, int handler_flags) { if (strlen(name) < sizeof(XATTR_USER_PREFIX)) return -EINVAL; - if (!reiserfs_xattrs_user(dentry->d_sb)) + if (!reiserfs_xattrs_user(inode->i_sb)) return -EOPNOTSUPP; - return reiserfs_xattr_set(dentry->d_inode, name, buffer, size, flags); + return reiserfs_xattr_set(inode, name, buffer, size, flags); } static size_t user_list(struct dentry *dentry, char *list, size_t list_size, diff --git a/fs/xattr.c b/fs/xattr.c index b04fc6b..87bd926 100644 --- a/fs/xattr.c +++ b/fs/xattr.c @@ -773,7 +773,8 @@ generic_setxattr(struct dentry *dentry, const char *name, const void *value, siz handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name); if (!handler) return -EOPNOTSUPP; - return handler->set(dentry, name, value, size, flags, handler->flags); + return handler->set(dentry, dentry->d_inode, name, value, size, + flags, handler->flags); } /* @@ -788,7 +789,7 @@ generic_removexattr(struct dentry *dentry, const char *name) handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name); if (!handler) return -EOPNOTSUPP; - return handler->set(dentry, name, NULL, 0, + return handler->set(dentry, dentry->d_inode, name, NULL, 0, XATTR_REPLACE, handler->flags); } diff --git a/fs/xfs/xfs_xattr.c b/fs/xfs/xfs_xattr.c index bd4a6ee..8e19527 100644 --- a/fs/xfs/xfs_xattr.c +++ b/fs/xfs/xfs_xattr.c @@ -56,10 +56,11 @@ xfs_xattr_get(struct dentry *unused, struct inode *inode, const char *name, } static int -xfs_xattr_set(struct dentry *dentry, const char *name, const void *value, - size_t size, int flags, int xflags) +xfs_xattr_set(struct dentry *unused, struct inode *inode, + const char *name, const void *value, + size_t size, int flags, int xflags) { - struct xfs_inode *ip = XFS_I(dentry->d_inode); + struct xfs_inode *ip = XFS_I(inode); if (strcmp(name, "") == 0) return -EINVAL; diff --git a/include/linux/xattr.h b/include/linux/xattr.h index ad4c869..0027b04 100644 --- a/include/linux/xattr.h +++ b/include/linux/xattr.h @@ -26,8 +26,9 @@ struct xattr_handler { const char *name, size_t name_len, int handler_flags); int (*get)(struct dentry *dentry, struct inode *inode, const char *name, void *buffer, size_t size, int handler_flags); - int (*set)(struct dentry *dentry, const char *name, const void *buffer, - size_t size, int flags, int handler_flags); + int (*set)(struct dentry *dentry, struct inode *inode, const char *name, + const void *buffer, size_t size, int flags, + int handler_flags); }; struct xattr { -- 1.7.4.1

7 years, 1 month

1
0
0 0

[PATCH 3.18.y 3/5] security_d_instantiate(): move to the point prior to attaching dentry to inode

by Seung-Woo Kim

From: Al Viro <viro(a)zeniv.linux.org.uk> commit b96809173e94ea2fa8c19c2e40e8545a1821bf57 upstream. Signed-off-by: Al Viro <viro(a)zeniv.linux.org.uk> [sw0312.kim: backport to 3.18] Signed-off-by: Seung-Woo Kim <sw0312.kim(a)samsung.com> --- fs/dcache.c | 18 +++++++----------- 1 files changed, 7 insertions(+), 11 deletions(-) diff --git a/fs/dcache.c b/fs/dcache.c index a34d401..6a4290a 100644 --- a/fs/dcache.c +++ b/fs/dcache.c @@ -1729,12 +1729,12 @@ static void __d_instantiate(struct dentry *dentry, struct inode *inode) void d_instantiate(struct dentry *entry, struct inode * inode) { BUG_ON(!hlist_unhashed(&entry->d_u.d_alias)); + security_d_instantiate(entry, inode); if (inode) spin_lock(&inode->i_lock); __d_instantiate(entry, inode); if (inode) spin_unlock(&inode->i_lock); - security_d_instantiate(entry, inode); } EXPORT_SYMBOL(d_instantiate); @@ -1795,16 +1795,15 @@ struct dentry *d_instantiate_unique(struct dentry *entry, struct inode *inode) BUG_ON(!hlist_unhashed(&entry->d_u.d_alias)); + security_d_instantiate(entry, inode); if (inode) spin_lock(&inode->i_lock); result = __d_instantiate_unique(entry, inode); if (inode) spin_unlock(&inode->i_lock); - if (!result) { - security_d_instantiate(entry, inode); + if (!result) return NULL; - } BUG_ON(!d_unhashed(result)); iput(inode); @@ -1826,6 +1825,7 @@ int d_instantiate_no_diralias(struct dentry *entry, struct inode *inode) { BUG_ON(!hlist_unhashed(&entry->d_u.d_alias)); + security_d_instantiate(entry, inode); spin_lock(&inode->i_lock); if (S_ISDIR(inode->i_mode) && !hlist_empty(&inode->i_dentry)) { spin_unlock(&inode->i_lock); @@ -1834,7 +1834,6 @@ int d_instantiate_no_diralias(struct dentry *entry, struct inode *inode) } __d_instantiate(entry, inode); spin_unlock(&inode->i_lock); - security_d_instantiate(entry, inode); return 0; } @@ -1930,6 +1929,7 @@ static struct dentry *__d_obtain_alias(struct inode *inode, int disconnected) goto out_iput; } + security_d_instantiate(tmp, inode); spin_lock(&inode->i_lock); res = __d_find_any_alias(inode); if (res) { @@ -1953,13 +1953,10 @@ static struct dentry *__d_obtain_alias(struct inode *inode, int disconnected) hlist_bl_unlock(&tmp->d_sb->s_anon); spin_unlock(&tmp->d_lock); spin_unlock(&inode->i_lock); - security_d_instantiate(tmp, inode); return tmp; out_iput: - if (res && !IS_ERR(res)) - security_d_instantiate(res, inode); iput(inode); return res; } @@ -2817,6 +2814,7 @@ struct dentry *d_splice_alias(struct inode *inode, struct dentry *dentry) return ERR_CAST(inode); if (inode && S_ISDIR(inode->i_mode)) { + security_d_instantiate(dentry, inode); spin_lock(&inode->i_lock); new = __d_find_any_alias(inode); if (new) { @@ -2836,13 +2834,11 @@ struct dentry *d_splice_alias(struct inode *inode, struct dentry *dentry) __d_move(new, dentry, false); write_sequnlock(&rename_lock); spin_unlock(&inode->i_lock); - security_d_instantiate(new, inode); iput(inode); } else { /* already taking inode->i_lock, so d_add() by hand */ __d_instantiate(dentry, inode); spin_unlock(&inode->i_lock); - security_d_instantiate(dentry, inode); d_rehash(dentry); } } else { @@ -2876,6 +2872,7 @@ struct dentry *d_materialise_unique(struct dentry *dentry, struct inode *inode) goto out_nolock; } + security_d_instantiate(dentry, inode); spin_lock(&inode->i_lock); if (S_ISDIR(inode->i_mode)) { @@ -2927,7 +2924,6 @@ found: spin_unlock(&inode->i_lock); out_nolock: if (actual == dentry) { - security_d_instantiate(dentry, inode); return NULL; } -- 1.7.4.1

7 years, 1 month

1
0
0 0

[PATCH 3.18.y 2/5] ->getxattr(): pass dentry and inode as separate arguments

by Seung-Woo Kim

From: Al Viro <viro(a)zeniv.linux.org.uk> commit ce23e640133484eebc20ca7b7668388213e11327 upstream. Signed-off-by: Al Viro <viro(a)zeniv.linux.org.uk> [sw0312.kim: backport to 3.18] Signed-off-by: Seung-Woo Kim <sw0312.kim(a)samsung.com> --- Documentation/filesystems/porting | 6 +++++ .../staging/lustre/lustre/llite/llite_internal.h | 4 +- drivers/staging/lustre/lustre/llite/xattr.c | 6 +--- fs/bad_inode.c | 4 +- fs/btrfs/xattr.c | 8 +++--- fs/btrfs/xattr.h | 4 +- fs/ceph/super.h | 3 +- fs/ceph/xattr.c | 8 +++--- fs/cifs/cifsfs.h | 2 +- fs/cifs/xattr.c | 10 ++++---- fs/ecryptfs/crypto.c | 5 +++- fs/ecryptfs/ecryptfs_kernel.h | 4 +- fs/ecryptfs/inode.c | 23 ++++++++++--------- fs/ecryptfs/mmap.c | 3 +- fs/fuse/dir.c | 5 +-- fs/gfs2/inode.c | 9 +++---- fs/hfs/attr.c | 5 +-- fs/hfs/hfs_fs.h | 4 +- fs/jfs/jfs_xattr.h | 2 +- fs/jfs/xattr.c | 8 +++--- fs/kernfs/inode.c | 6 ++-- fs/kernfs/kernfs-internal.h | 4 +- fs/overlayfs/inode.c | 4 +- fs/overlayfs/overlayfs.h | 4 +- fs/overlayfs/super.c | 2 +- fs/reiserfs/xattr.c | 8 +++--- fs/reiserfs/xattr.h | 4 +- fs/ubifs/ubifs.h | 4 +- fs/ubifs/xattr.c | 6 ++-- fs/xattr.c | 13 ++++++----- include/linux/fs.h | 3 +- include/linux/xattr.h | 2 +- mm/shmem.c | 8 +++--- net/socket.c | 2 +- security/commoncap.c | 6 ++-- security/integrity/evm/evm_main.c | 2 +- security/selinux/hooks.c | 9 ++++--- security/smack/smack_lsm.c | 4 +- 38 files changed, 112 insertions(+), 102 deletions(-) diff --git a/Documentation/filesystems/porting b/Documentation/filesystems/porting index 0f3a139..daf9acd 100644 --- a/Documentation/filesystems/porting +++ b/Documentation/filesystems/porting @@ -463,3 +463,9 @@ in your dentry operations instead. of the in-tree instances did). inode_hash_lock is still held, of course, so they are still serialized wrt removal from inode hash, as well as wrt set() callback of iget5_locked(). +-- +[mandatory] + ->getxattr() and xattr_handler.get() get dentry and inode passed separately. + dentry might be yet to be attached to inode, so do _not_ use its ->d_inode + in the instances. Rationale: !@#!@# security_d_instantiate() needs to be + called before we attach dentry to inode. diff --git a/drivers/staging/lustre/lustre/llite/llite_internal.h b/drivers/staging/lustre/lustre/llite/llite_internal.h index 36aa0fd..442fe5b 100644 --- a/drivers/staging/lustre/lustre/llite/llite_internal.h +++ b/drivers/staging/lustre/lustre/llite/llite_internal.h @@ -1070,8 +1070,8 @@ static inline __u64 ll_file_maxbytes(struct inode *inode) /* llite/xattr.c */ int ll_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); -ssize_t ll_getxattr(struct dentry *dentry, const char *name, - void *buffer, size_t size); +ssize_t ll_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *buffer, size_t size); ssize_t ll_listxattr(struct dentry *dentry, char *buffer, size_t size); int ll_removexattr(struct dentry *dentry, const char *name); diff --git a/drivers/staging/lustre/lustre/llite/xattr.c b/drivers/staging/lustre/lustre/llite/xattr.c index 252a619..fc4b95d3 100644 --- a/drivers/staging/lustre/lustre/llite/xattr.c +++ b/drivers/staging/lustre/lustre/llite/xattr.c @@ -455,11 +455,9 @@ out: return rc; } -ssize_t ll_getxattr(struct dentry *dentry, const char *name, - void *buffer, size_t size) +ssize_t ll_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *buffer, size_t size) { - struct inode *inode = dentry->d_inode; - LASSERT(inode); LASSERT(name); diff --git a/fs/bad_inode.c b/fs/bad_inode.c index afd2b44..336c284 100644 --- a/fs/bad_inode.c +++ b/fs/bad_inode.c @@ -253,8 +253,8 @@ static int bad_inode_setxattr(struct dentry *dentry, const char *name, return -EIO; } -static ssize_t bad_inode_getxattr(struct dentry *dentry, const char *name, - void *buffer, size_t size) +static ssize_t bad_inode_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *buffer, size_t size) { return -EIO; } diff --git a/fs/btrfs/xattr.c b/fs/btrfs/xattr.c index fbb0533..6fa0196 100644 --- a/fs/btrfs/xattr.c +++ b/fs/btrfs/xattr.c @@ -393,8 +393,8 @@ static int btrfs_is_valid_xattr(const char *name) return 0; } -ssize_t btrfs_getxattr(struct dentry *dentry, const char *name, - void *buffer, size_t size) +ssize_t btrfs_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *buffer, size_t size) { int ret; @@ -404,12 +404,12 @@ ssize_t btrfs_getxattr(struct dentry *dentry, const char *name, * for it via sb->s_xattr. */ if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) - return generic_getxattr(dentry, name, buffer, size); + return generic_getxattr(dentry, inode, name, buffer, size); ret = btrfs_is_valid_xattr(name); if (ret) return ret; - return __btrfs_getxattr(dentry->d_inode, name, buffer, size); + return __btrfs_getxattr(inode, name, buffer, size); } int btrfs_setxattr(struct dentry *dentry, const char *name, const void *value, diff --git a/fs/btrfs/xattr.h b/fs/btrfs/xattr.h index 5049608..8ee4329 100644 --- a/fs/btrfs/xattr.h +++ b/fs/btrfs/xattr.h @@ -28,8 +28,8 @@ extern ssize_t __btrfs_getxattr(struct inode *inode, const char *name, extern int __btrfs_setxattr(struct btrfs_trans_handle *trans, struct inode *inode, const char *name, const void *value, size_t size, int flags); -extern ssize_t btrfs_getxattr(struct dentry *dentry, const char *name, - void *buffer, size_t size); +extern ssize_t btrfs_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *buffer, size_t size); extern int btrfs_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); extern int btrfs_removexattr(struct dentry *dentry, const char *name); diff --git a/fs/ceph/super.h b/fs/ceph/super.h index b82f507..82dd063 100644 --- a/fs/ceph/super.h +++ b/fs/ceph/super.h @@ -727,7 +727,8 @@ extern int ceph_setxattr(struct dentry *, const char *, const void *, int __ceph_setxattr(struct dentry *, const char *, const void *, size_t, int); ssize_t __ceph_getxattr(struct inode *, const char *, void *, size_t); int __ceph_removexattr(struct dentry *, const char *); -extern ssize_t ceph_getxattr(struct dentry *, const char *, void *, size_t); +extern ssize_t ceph_getxattr(struct dentry *, struct inode *, const char *, + void *, size_t); extern ssize_t ceph_listxattr(struct dentry *, char *, size_t); extern int ceph_removexattr(struct dentry *, const char *); extern void __ceph_build_xattrs_blob(struct ceph_inode_info *ci); diff --git a/fs/ceph/xattr.c b/fs/ceph/xattr.c index f827d55..59640c0 100644 --- a/fs/ceph/xattr.c +++ b/fs/ceph/xattr.c @@ -773,13 +773,13 @@ out: return err; } -ssize_t ceph_getxattr(struct dentry *dentry, const char *name, void *value, - size_t size) +ssize_t ceph_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *value, size_t size) { if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) - return generic_getxattr(dentry, name, value, size); + return generic_getxattr(dentry, inode, name, value, size); - return __ceph_getxattr(dentry->d_inode, name, value, size); + return __ceph_getxattr(inode, name, value, size); } ssize_t ceph_listxattr(struct dentry *dentry, char *names, size_t size) diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h index 15da9e3..b0eac15 100644 --- a/fs/cifs/cifsfs.h +++ b/fs/cifs/cifsfs.h @@ -124,7 +124,7 @@ extern int cifs_symlink(struct inode *inode, struct dentry *direntry, extern int cifs_removexattr(struct dentry *, const char *); extern int cifs_setxattr(struct dentry *, const char *, const void *, size_t, int); -extern ssize_t cifs_getxattr(struct dentry *, const char *, void *, size_t); +extern ssize_t cifs_getxattr(struct dentry *, struct inode *, const char *, void *, size_t); extern ssize_t cifs_listxattr(struct dentry *, char *, size_t); extern long cifs_ioctl(struct file *filep, unsigned int cmd, unsigned long arg); diff --git a/fs/cifs/xattr.c b/fs/cifs/xattr.c index 72a4d10..d2c738e 100644 --- a/fs/cifs/xattr.c +++ b/fs/cifs/xattr.c @@ -232,8 +232,8 @@ set_ea_exit: return rc; } -ssize_t cifs_getxattr(struct dentry *direntry, const char *ea_name, - void *ea_value, size_t buf_size) +ssize_t cifs_getxattr(struct dentry *direntry, struct inode *inode, + const char *ea_name, void *ea_value, size_t buf_size) { ssize_t rc = -EOPNOTSUPP; #ifdef CONFIG_CIFS_XATTR @@ -246,9 +246,9 @@ ssize_t cifs_getxattr(struct dentry *direntry, const char *ea_name, if (direntry == NULL) return -EIO; - if (direntry->d_inode == NULL) + if (inode == NULL) return -EIO; - sb = direntry->d_inode->i_sb; + sb = inode->i_sb; if (sb == NULL) return -EIO; @@ -324,7 +324,7 @@ ssize_t cifs_getxattr(struct dentry *direntry, const char *ea_name, goto get_ea_exit; /* rc already EOPNOTSUPP */ pacl = pTcon->ses->server->ops->get_acl(cifs_sb, - direntry->d_inode, full_path, &acllen); + inode, full_path, &acllen); if (IS_ERR(pacl)) { rc = PTR_ERR(pacl); cifs_dbg(VFS, "%s: error %zd getting sec desc\n", diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index 31b148f..bc82bf3 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c @@ -1377,7 +1377,9 @@ int ecryptfs_read_xattr_region(char *page_virt, struct inode *ecryptfs_inode) ssize_t size; int rc = 0; - size = ecryptfs_getxattr_lower(lower_dentry, ECRYPTFS_XATTR_NAME, + size = ecryptfs_getxattr_lower(lower_dentry, + ecryptfs_inode_to_lower(ecryptfs_inode), + ECRYPTFS_XATTR_NAME, page_virt, ECRYPTFS_DEFAULT_EXTENT_SIZE); if (size < 0) { if (unlikely(ecryptfs_verbosity > 0)) @@ -1399,6 +1401,7 @@ int ecryptfs_read_and_validate_xattr_region(struct dentry *dentry, int rc; rc = ecryptfs_getxattr_lower(ecryptfs_dentry_to_lower(dentry), + ecryptfs_inode_to_lower(inode), ECRYPTFS_XATTR_NAME, file_size, ECRYPTFS_SIZE_AND_MARKER_BYTES); if (rc < ECRYPTFS_SIZE_AND_MARKER_BYTES) diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index 4682bef..0030865 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h @@ -618,8 +618,8 @@ ecryptfs_parse_packet_set(struct ecryptfs_crypt_stat *crypt_stat, unsigned char *src, struct dentry *ecryptfs_dentry); int ecryptfs_truncate(struct dentry *dentry, loff_t new_length); ssize_t -ecryptfs_getxattr_lower(struct dentry *lower_dentry, const char *name, - void *value, size_t size); +ecryptfs_getxattr_lower(struct dentry *lower_dentry, struct inode *lower_inode, + const char *name, void *value, size_t size); int ecryptfs_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); diff --git a/fs/ecryptfs/inode.c b/fs/ecryptfs/inode.c index 885c6a9..4fb21a7 100644 --- a/fs/ecryptfs/inode.c +++ b/fs/ecryptfs/inode.c @@ -1036,29 +1036,30 @@ out: } ssize_t -ecryptfs_getxattr_lower(struct dentry *lower_dentry, const char *name, - void *value, size_t size) +ecryptfs_getxattr_lower(struct dentry *lower_dentry, struct inode *lower_inode, + const char *name, void *value, size_t size) { int rc = 0; - if (!lower_dentry->d_inode->i_op->getxattr) { + if (!lower_inode->i_op->getxattr) { rc = -EOPNOTSUPP; goto out; } - mutex_lock(&lower_dentry->d_inode->i_mutex); - rc = lower_dentry->d_inode->i_op->getxattr(lower_dentry, name, value, - size); - mutex_unlock(&lower_dentry->d_inode->i_mutex); + mutex_lock(&lower_inode->i_mutex); + rc = lower_inode->i_op->getxattr(lower_dentry, lower_inode, + name, value, size); + mutex_unlock(&lower_inode->i_mutex); out: return rc; } static ssize_t -ecryptfs_getxattr(struct dentry *dentry, const char *name, void *value, - size_t size) +ecryptfs_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *value, size_t size) { - return ecryptfs_getxattr_lower(ecryptfs_dentry_to_lower(dentry), name, - value, size); + return ecryptfs_getxattr_lower(ecryptfs_dentry_to_lower(dentry), + ecryptfs_inode_to_lower(inode), + name, value, size); } static ssize_t diff --git a/fs/ecryptfs/mmap.c b/fs/ecryptfs/mmap.c index 564a1fa..4ee2cac 100644 --- a/fs/ecryptfs/mmap.c +++ b/fs/ecryptfs/mmap.c @@ -437,7 +437,8 @@ static int ecryptfs_write_inode_size_to_xattr(struct inode *ecryptfs_inode) goto out; } mutex_lock(&lower_inode->i_mutex); - size = lower_inode->i_op->getxattr(lower_dentry, ECRYPTFS_XATTR_NAME, + size = lower_inode->i_op->getxattr(lower_dentry, lower_inode, + ECRYPTFS_XATTR_NAME, xattr_virt, PAGE_CACHE_SIZE); if (size < 0) size = 8; diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 86ee53f..bef1ee3 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -1887,10 +1887,9 @@ static int fuse_setxattr(struct dentry *entry, const char *name, return err; } -static ssize_t fuse_getxattr(struct dentry *entry, const char *name, - void *value, size_t size) +static ssize_t fuse_getxattr(struct dentry *entry, struct inode *inode, + const char *name, void *value, size_t size) { - struct inode *inode = entry->d_inode; struct fuse_conn *fc = get_fuse_conn(inode); struct fuse_req *req; struct fuse_getxattr_in inarg; diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c index c4ed823..ee95780 100644 --- a/fs/gfs2/inode.c +++ b/fs/gfs2/inode.c @@ -1871,22 +1871,21 @@ static int gfs2_setxattr(struct dentry *dentry, const char *name, return ret; } -static ssize_t gfs2_getxattr(struct dentry *dentry, const char *name, - void *data, size_t size) +static ssize_t gfs2_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *data, size_t size) { - struct inode *inode = dentry->d_inode; struct gfs2_inode *ip = GFS2_I(inode); struct gfs2_holder gh; int ret; /* For selinux during lookup */ if (gfs2_glock_is_locked_by_me(ip->i_gl)) - return generic_getxattr(dentry, name, data, size); + return generic_getxattr(dentry, inode, name, data, size); gfs2_holder_init(ip->i_gl, LM_ST_SHARED, LM_FLAG_ANY, &gh); ret = gfs2_glock_nq(&gh); if (ret == 0) { - ret = generic_getxattr(dentry, name, data, size); + ret = generic_getxattr(dentry, inode, name, data, size); gfs2_glock_dq(&gh); } gfs2_holder_uninit(&gh); diff --git a/fs/hfs/attr.c b/fs/hfs/attr.c index e057ec5..ce9719c 100644 --- a/fs/hfs/attr.c +++ b/fs/hfs/attr.c @@ -56,10 +56,9 @@ out: return res; } -ssize_t hfs_getxattr(struct dentry *dentry, const char *name, - void *value, size_t size) +ssize_t hfs_getxattr(struct dentry *unused, struct inode *inode, + const char *name, void *value, size_t size) { - struct inode *inode = dentry->d_inode; struct hfs_find_data fd; hfs_cat_rec rec; struct hfs_cat_file *file; diff --git a/fs/hfs/hfs_fs.h b/fs/hfs/hfs_fs.h index 95d2552..f234e2a 100644 --- a/fs/hfs/hfs_fs.h +++ b/fs/hfs/hfs_fs.h @@ -213,8 +213,8 @@ extern void hfs_delete_inode(struct inode *); /* attr.c */ extern int hfs_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); -extern ssize_t hfs_getxattr(struct dentry *dentry, const char *name, - void *value, size_t size); +extern ssize_t hfs_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *value, size_t size); extern ssize_t hfs_listxattr(struct dentry *dentry, char *buffer, size_t size); /* mdb.c */ diff --git a/fs/jfs/jfs_xattr.h b/fs/jfs/jfs_xattr.h index e8d717d..e69e14f 100644 --- a/fs/jfs/jfs_xattr.h +++ b/fs/jfs/jfs_xattr.h @@ -57,7 +57,7 @@ extern int __jfs_setxattr(tid_t, struct inode *, const char *, const void *, extern int jfs_setxattr(struct dentry *, const char *, const void *, size_t, int); extern ssize_t __jfs_getxattr(struct inode *, const char *, void *, size_t); -extern ssize_t jfs_getxattr(struct dentry *, const char *, void *, size_t); +extern ssize_t jfs_getxattr(struct dentry *, struct inode *, const char *, void *, size_t); extern ssize_t jfs_listxattr(struct dentry *, char *, size_t); extern int jfs_removexattr(struct dentry *, const char *); diff --git a/fs/jfs/xattr.c b/fs/jfs/xattr.c index 46325d5..7b9a8f9 100644 --- a/fs/jfs/xattr.c +++ b/fs/jfs/xattr.c @@ -933,8 +933,8 @@ ssize_t __jfs_getxattr(struct inode *inode, const char *name, void *data, return size; } -ssize_t jfs_getxattr(struct dentry *dentry, const char *name, void *data, - size_t buf_size) +ssize_t jfs_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *data, size_t buf_size) { int err; @@ -944,7 +944,7 @@ ssize_t jfs_getxattr(struct dentry *dentry, const char *name, void *data, * for it via sb->s_xattr. */ if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) - return generic_getxattr(dentry, name, data, buf_size); + return generic_getxattr(dentry, inode, name, data, buf_size); if (strncmp(name, XATTR_OS2_PREFIX, XATTR_OS2_PREFIX_LEN) == 0) { /* @@ -959,7 +959,7 @@ ssize_t jfs_getxattr(struct dentry *dentry, const char *name, void *data, return -EOPNOTSUPP; } - err = __jfs_getxattr(dentry->d_inode, name, data, buf_size); + err = __jfs_getxattr(inode, name, data, buf_size); return err; } diff --git a/fs/kernfs/inode.c b/fs/kernfs/inode.c index 9852176..332ccaf 100644 --- a/fs/kernfs/inode.c +++ b/fs/kernfs/inode.c @@ -220,10 +220,10 @@ int kernfs_iop_removexattr(struct dentry *dentry, const char *name) return simple_xattr_remove(&attrs->xattrs, name); } -ssize_t kernfs_iop_getxattr(struct dentry *dentry, const char *name, void *buf, - size_t size) +ssize_t kernfs_iop_getxattr(struct dentry *unused, struct inode *inode, + const char *name, void *buf, size_t size) { - struct kernfs_node *kn = dentry->d_fsdata; + struct kernfs_node *kn = inode->i_private; struct kernfs_iattrs *attrs; attrs = kernfs_iattrs(kn); diff --git a/fs/kernfs/kernfs-internal.h b/fs/kernfs/kernfs-internal.h index dc84a3e..35b9ee1 100644 --- a/fs/kernfs/kernfs-internal.h +++ b/fs/kernfs/kernfs-internal.h @@ -85,8 +85,8 @@ int kernfs_iop_getattr(struct vfsmount *mnt, struct dentry *dentry, int kernfs_iop_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); int kernfs_iop_removexattr(struct dentry *dentry, const char *name); -ssize_t kernfs_iop_getxattr(struct dentry *dentry, const char *name, void *buf, - size_t size); +ssize_t kernfs_iop_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *buf, size_t size); ssize_t kernfs_iop_listxattr(struct dentry *dentry, char *buf, size_t size); void kernfs_inode_init(void); diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c index df5c285..04b5520 100644 --- a/fs/overlayfs/inode.c +++ b/fs/overlayfs/inode.c @@ -246,8 +246,8 @@ static bool ovl_need_xattr_filter(struct dentry *dentry, return type == OVL_PATH_UPPER && S_ISDIR(dentry->d_inode->i_mode); } -ssize_t ovl_getxattr(struct dentry *dentry, const char *name, - void *value, size_t size) +ssize_t ovl_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *value, size_t size) { struct path realpath; enum ovl_path_type type = ovl_path_real(dentry, &realpath); diff --git a/fs/overlayfs/overlayfs.h b/fs/overlayfs/overlayfs.h index f13557f..66b56ea 100644 --- a/fs/overlayfs/overlayfs.h +++ b/fs/overlayfs/overlayfs.h @@ -161,8 +161,8 @@ int ovl_setattr(struct dentry *dentry, struct iattr *attr); int ovl_permission(struct inode *inode, int mask); int ovl_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); -ssize_t ovl_getxattr(struct dentry *dentry, const char *name, - void *value, size_t size); +ssize_t ovl_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *value, size_t size); ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size); int ovl_removexattr(struct dentry *dentry, const char *name); struct inode *ovl_d_select_inode(struct dentry *dentry, unsigned file_flags); diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c index b5bddae..7d00d6c 100644 --- a/fs/overlayfs/super.c +++ b/fs/overlayfs/super.c @@ -249,7 +249,7 @@ static bool ovl_is_opaquedir(struct dentry *dentry) if (!S_ISDIR(inode->i_mode) || !inode->i_op->getxattr) return false; - res = inode->i_op->getxattr(dentry, ovl_opaque_xattr, &val, 1); + res = inode->i_op->getxattr(dentry, inode, ovl_opaque_xattr, &val, 1); if (res == 1 && val == 'y') return true; diff --git a/fs/reiserfs/xattr.c b/fs/reiserfs/xattr.c index 9998770..40d4fcc 100644 --- a/fs/reiserfs/xattr.c +++ b/fs/reiserfs/xattr.c @@ -767,8 +767,8 @@ find_xattr_handler_prefix(const struct xattr_handler **handlers, * Inode operation getxattr() */ ssize_t -reiserfs_getxattr(struct dentry * dentry, const char *name, void *buffer, - size_t size) +reiserfs_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *buffer, size_t size) { const struct xattr_handler *handler; @@ -777,8 +777,8 @@ reiserfs_getxattr(struct dentry * dentry, const char *name, void *buffer, if (!handler || get_inode_sd_version(dentry->d_inode) == STAT_DATA_V1) return -EOPNOTSUPP; - return handler->get(dentry, dentry->d_inode, name, buffer, size, - handler->flags); + return handler->get(dentry, inode, + name, buffer, size, handler->flags); } /* diff --git a/fs/reiserfs/xattr.h b/fs/reiserfs/xattr.h index f620e96..033bac1 100644 --- a/fs/reiserfs/xattr.h +++ b/fs/reiserfs/xattr.h @@ -18,8 +18,8 @@ int reiserfs_permission(struct inode *inode, int mask); #ifdef CONFIG_REISERFS_FS_XATTR #define has_xattr_dir(inode) (REISERFS_I(inode)->i_flags & i_has_xattr_dir) -ssize_t reiserfs_getxattr(struct dentry *dentry, const char *name, - void *buffer, size_t size); +ssize_t reiserfs_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *buffer, size_t size); int reiserfs_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); ssize_t reiserfs_listxattr(struct dentry *dentry, char *buffer, size_t size); diff --git a/fs/ubifs/ubifs.h b/fs/ubifs/ubifs.h index c4fe900..c35436f 100644 --- a/fs/ubifs/ubifs.h +++ b/fs/ubifs/ubifs.h @@ -1750,8 +1750,8 @@ int ubifs_getattr(struct vfsmount *mnt, struct dentry *dentry, /* xattr.c */ int ubifs_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); -ssize_t ubifs_getxattr(struct dentry *dentry, const char *name, void *buf, - size_t size); +ssize_t ubifs_getxattr(struct dentry *dentry, struct inode *host, + const char *name, void *buf, size_t size); ssize_t ubifs_listxattr(struct dentry *dentry, char *buffer, size_t size); int ubifs_removexattr(struct dentry *dentry, const char *name); diff --git a/fs/ubifs/xattr.c b/fs/ubifs/xattr.c index ce6c0d4..698194f 100644 --- a/fs/ubifs/xattr.c +++ b/fs/ubifs/xattr.c @@ -357,10 +357,10 @@ out_free: return err; } -ssize_t ubifs_getxattr(struct dentry *dentry, const char *name, void *buf, - size_t size) +ssize_t ubifs_getxattr(struct dentry *dentry, struct inode *host, + const char *name, void *buf, size_t size) { - struct inode *inode, *host = dentry->d_inode; + struct inode *inode; struct ubifs_info *c = host->i_sb->s_fs_info; struct qstr nm = QSTR_INIT(name, strlen(name)); struct ubifs_inode *ui; diff --git a/fs/xattr.c b/fs/xattr.c index 70a5962..b04fc6b 100644 --- a/fs/xattr.c +++ b/fs/xattr.c @@ -192,7 +192,7 @@ vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value, if (!inode->i_op->getxattr) return -EOPNOTSUPP; - error = inode->i_op->getxattr(dentry, name, NULL, 0); + error = inode->i_op->getxattr(dentry, inode, name, NULL, 0); if (error < 0) return error; @@ -203,7 +203,7 @@ vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value, memset(value, 0, error + 1); } - error = inode->i_op->getxattr(dentry, name, value, error); + error = inode->i_op->getxattr(dentry, inode, name, value, error); *xattr_value = value; return error; } @@ -255,7 +255,7 @@ vfs_getxattr(struct dentry *dentry, const char *name, void *value, size_t size) } nolsm: if (inode->i_op->getxattr) - error = inode->i_op->getxattr(dentry, name, value, size); + error = inode->i_op->getxattr(dentry, inode, name, value, size); else error = -EOPNOTSUPP; @@ -717,15 +717,16 @@ xattr_resolve_name(const struct xattr_handler **handlers, const char **name) * Find the handler for the prefix and dispatch its get() operation. */ ssize_t -generic_getxattr(struct dentry *dentry, const char *name, void *buffer, size_t size) +generic_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *buffer, size_t size) { const struct xattr_handler *handler; handler = xattr_resolve_name(dentry->d_sb->s_xattr, &name); if (!handler) return -EOPNOTSUPP; - return handler->get(dentry, dentry->d_inode, name, buffer, size, - handler->flags); + return handler->get(dentry, inode, + name, buffer, size, handler->flags); } /* diff --git a/include/linux/fs.h b/include/linux/fs.h index 2a41353..7586207 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1538,7 +1538,8 @@ struct inode_operations { int (*setattr) (struct dentry *, struct iattr *); int (*getattr) (struct vfsmount *mnt, struct dentry *, struct kstat *); int (*setxattr) (struct dentry *, const char *,const void *,size_t,int); - ssize_t (*getxattr) (struct dentry *, const char *, void *, size_t); + ssize_t (*getxattr) (struct dentry *, struct inode *, + const char *, void *, size_t); ssize_t (*listxattr) (struct dentry *, char *, size_t); int (*removexattr) (struct dentry *, const char *); int (*fiemap)(struct inode *, struct fiemap_extent_info *, u64 start, diff --git a/include/linux/xattr.h b/include/linux/xattr.h index 1088878..ad4c869 100644 --- a/include/linux/xattr.h +++ b/include/linux/xattr.h @@ -43,7 +43,7 @@ int __vfs_setxattr_noperm(struct dentry *, const char *, const void *, size_t, i int vfs_setxattr(struct dentry *, const char *, const void *, size_t, int); int vfs_removexattr(struct dentry *, const char *); -ssize_t generic_getxattr(struct dentry *dentry, const char *name, void *buffer, size_t size); +ssize_t generic_getxattr(struct dentry *dentry, struct inode *inode, const char *name, void *buffer, size_t size); ssize_t generic_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size); int generic_setxattr(struct dentry *dentry, const char *name, const void *value, size_t size, int flags); int generic_removexattr(struct dentry *dentry, const char *name); diff --git a/mm/shmem.c b/mm/shmem.c index fac22b5..8be47d4 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -2576,10 +2576,10 @@ static int shmem_xattr_validate(const char *name) return -EOPNOTSUPP; } -static ssize_t shmem_getxattr(struct dentry *dentry, const char *name, - void *buffer, size_t size) +static ssize_t shmem_getxattr(struct dentry *dentry, struct inode *inode, + const char *name, void *buffer, size_t size) { - struct shmem_inode_info *info = SHMEM_I(dentry->d_inode); + struct shmem_inode_info *info = SHMEM_I(inode); int err; /* @@ -2588,7 +2588,7 @@ static ssize_t shmem_getxattr(struct dentry *dentry, const char *name, * for it via sb->s_xattr. */ if (!strncmp(name, XATTR_SYSTEM_PREFIX, XATTR_SYSTEM_PREFIX_LEN)) - return generic_getxattr(dentry, name, buffer, size); + return generic_getxattr(dentry, inode, name, buffer, size); err = shmem_xattr_validate(name); if (err) diff --git a/net/socket.c b/net/socket.c index e723717..a70e86c 100644 --- a/net/socket.c +++ b/net/socket.c @@ -470,7 +470,7 @@ static struct socket *sockfd_lookup_light(int fd, int *err, int *fput_needed) #define XATTR_SOCKPROTONAME_SUFFIX "sockprotoname" #define XATTR_NAME_SOCKPROTONAME (XATTR_SYSTEM_PREFIX XATTR_SOCKPROTONAME_SUFFIX) #define XATTR_NAME_SOCKPROTONAME_LEN (sizeof(XATTR_NAME_SOCKPROTONAME)-1) -static ssize_t sockfs_getxattr(struct dentry *dentry, +static ssize_t sockfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name, void *value, size_t size) { const char *proto_name; diff --git a/security/commoncap.c b/security/commoncap.c index 6849e6c..bdbe1e1 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -308,7 +308,7 @@ int cap_inode_need_killpriv(struct dentry *dentry) if (!inode->i_op->getxattr) return 0; - error = inode->i_op->getxattr(dentry, XATTR_NAME_CAPS, NULL, 0); + error = inode->i_op->getxattr(dentry, inode, XATTR_NAME_CAPS, NULL, 0); if (error <= 0) return 0; return 1; @@ -391,8 +391,8 @@ int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data if (!inode || !inode->i_op->getxattr) return -ENODATA; - size = inode->i_op->getxattr((struct dentry *)dentry, XATTR_NAME_CAPS, &caps, - XATTR_CAPS_SZ); + size = inode->i_op->getxattr((struct dentry *)dentry, inode, + XATTR_NAME_CAPS, &caps, XATTR_CAPS_SZ); if (size == -ENODATA || size == -EOPNOTSUPP) /* no data, that's ok */ return -ENODATA; diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c index e1998df..106d1ac 100644 --- a/security/integrity/evm/evm_main.c +++ b/security/integrity/evm/evm_main.c @@ -83,7 +83,7 @@ static int evm_find_protected_xattrs(struct dentry *dentry) return -EOPNOTSUPP; for (xattr = evm_config_xattrnames; *xattr != NULL; xattr++) { - error = inode->i_op->getxattr(dentry, *xattr, NULL, 0); + error = inode->i_op->getxattr(dentry, inode, *xattr, NULL, 0); if (error < 0) { if (error == -ENODATA) continue; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 98370d0..8718f05 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -442,7 +442,8 @@ static int sb_finish_set_opts(struct super_block *sb) rc = -EOPNOTSUPP; goto out; } - rc = root_inode->i_op->getxattr(root, XATTR_NAME_SELINUX, NULL, 0); + rc = root_inode->i_op->getxattr(root, root_inode, + XATTR_NAME_SELINUX, NULL, 0); if (rc < 0 && rc != -ENODATA) { if (rc == -EOPNOTSUPP) printk(KERN_WARNING "SELinux: (dev %s, type " @@ -1344,13 +1345,13 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent goto out_unlock; } context[len] = '\0'; - rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, + rc = inode->i_op->getxattr(dentry, inode, XATTR_NAME_SELINUX, context, len); if (rc == -ERANGE) { kfree(context); /* Need a larger buffer. Query for the right size. */ - rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, + rc = inode->i_op->getxattr(dentry, inode, XATTR_NAME_SELINUX, NULL, 0); if (rc < 0) { dput(dentry); @@ -1364,7 +1365,7 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent goto out_unlock; } context[len] = '\0'; - rc = inode->i_op->getxattr(dentry, + rc = inode->i_op->getxattr(dentry, inode, XATTR_NAME_SELINUX, context, len); } diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c index a72b516..764e521 100644 --- a/security/smack/smack_lsm.c +++ b/security/smack/smack_lsm.c @@ -219,7 +219,7 @@ static struct smack_known *smk_fetch(const char *name, struct inode *ip, if (buffer == NULL) return NULL; - rc = ip->i_op->getxattr(dp, name, buffer, SMK_LONGLABEL); + rc = ip->i_op->getxattr(dp, ip, name, buffer, SMK_LONGLABEL); if (rc > 0) skp = smk_import_entry(buffer, rc); @@ -3144,7 +3144,7 @@ static void smack_d_instantiate(struct dentry *opt_dentry, struct inode *inode) TRANS_TRUE, TRANS_TRUE_SIZE, 0); } else { - rc = inode->i_op->getxattr(dp, + rc = inode->i_op->getxattr(dp, inode, XATTR_NAME_SMACKTRANSMUTE, trattr, TRANS_TRUE_SIZE); if (rc >= 0 && strncmp(trattr, TRANS_TRUE, -- 1.7.4.1

7 years, 1 month

1
0
0 0

patch "USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB" added to usb-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the usb-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 3ae259faaf19e9b6284fe786e3bd4626df143cd7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxence=20Dupr=C3=A8s?= <xpros64(a)hotmail.fr> Date: Wed, 8 Aug 2018 23:56:33 +0000 Subject: USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller WORLDE Controller KS49 or Prodipe MIDI 49C USB controller cause a -EPROTO error, a communication restart and loop again. This issue has already been fixed for KS25. https://lore.kernel.org/patchwork/patch/753077/ I just add device 201 for KS49 in quirks.c to get it works. Signed-off-by: Laurent Roux <xpros64(a)hotmail.fr> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/core/quirks.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/usb/core/quirks.c b/drivers/usb/core/quirks.c index 097057d2eacf..689a6c65bc5c 100644 --- a/drivers/usb/core/quirks.c +++ b/drivers/usb/core/quirks.c @@ -178,6 +178,10 @@ static const struct usb_device_id usb_quirk_list[] = { /* CBM - Flash disk */ { USB_DEVICE(0x0204, 0x6025), .driver_info = USB_QUIRK_RESET_RESUME }, + /* WORLDE Controller KS49 or Prodipe MIDI 49C USB controller */ + { USB_DEVICE(0x0218, 0x0201), .driver_info = + USB_QUIRK_CONFIG_INTF_STRINGS }, + /* WORLDE easy key (easykey.25) MIDI controller */ { USB_DEVICE(0x0218, 0x0401), .driver_info = USB_QUIRK_CONFIG_INTF_STRINGS }, -- 2.18.0

7 years, 1 month

1
0
0 0

patch "USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB" added to usb-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the usb-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 44daed946923907f425f616b3d69b18a4145740c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maxence=20Dupr=C3=A8s?= <xpros64(a)hotmail.fr> Date: Wed, 8 Aug 2018 23:56:33 +0000 Subject: USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller WORLDE Controller KS49 or Prodipe MIDI 49C USB controller cause a -EPROTO error, a communication restart and loop again. This issue has already been fixed for KS25. https://lore.kernel.org/patchwork/patch/753077/ I just add device 201 for KS49 in quirks.c to get it works. This is the patch I propose. Signed-off-by: Laurent Roux <xpros64(a)hotmail.fr> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/core/quirks.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/usb/core/quirks.c b/drivers/usb/core/quirks.c index 097057d2eacf..689a6c65bc5c 100644 --- a/drivers/usb/core/quirks.c +++ b/drivers/usb/core/quirks.c @@ -178,6 +178,10 @@ static const struct usb_device_id usb_quirk_list[] = { /* CBM - Flash disk */ { USB_DEVICE(0x0204, 0x6025), .driver_info = USB_QUIRK_RESET_RESUME }, + /* WORLDE Controller KS49 or Prodipe MIDI 49C USB controller */ + { USB_DEVICE(0x0218, 0x0201), .driver_info = + USB_QUIRK_CONFIG_INTF_STRINGS }, + /* WORLDE easy key (easykey.25) MIDI controller */ { USB_DEVICE(0x0218, 0x0401), .driver_info = USB_QUIRK_CONFIG_INTF_STRINGS }, -- 2.18.0

7 years, 1 month

1
0
0 0

perf: Support uncore in 4.9.112

by Jin, Yao

Hi, The stable kernel 4.9.112 has supported Intel uncore feature in perf core. While it also needs the perf tool supporting to let perf uncore feature work. Following backport patches enables basic perf uncore feature in 4.9.112. For example, on skylake desktop, root@skl:~# uname -a Linux skl 4.9.112+ #2 SMP Mon Jul 16 17:35:25 CST 2018 x86_64 x86_64 x86_64 GNU/Linux root@skl:~# perf list | grep unc_ unc_arb_coh_trk_requests.all unc_arb_trk_occupancy.all unc_arb_trk_occupancy.cycles_with_any_request unc_arb_trk_requests.all unc_arb_trk_requests.drd_direct unc_arb_trk_requests.writes unc_cbo_cache_lookup.any_es unc_cbo_cache_lookup.any_i unc_cbo_cache_lookup.any_m unc_cbo_cache_lookup.any_mesi unc_cbo_cache_lookup.read_es unc_cbo_cache_lookup.read_i unc_cbo_cache_lookup.read_mesi unc_cbo_cache_lookup.write_es unc_cbo_cache_lookup.write_m unc_cbo_cache_lookup.write_mesi unc_cbo_xsnp_response.hit_xcore unc_cbo_xsnp_response.hitm_xcore unc_cbo_xsnp_response.miss_eviction unc_cbo_xsnp_response.miss_xcore root@skl:~# perf stat -a -e unc_cbo_cache_lookup.any_es sleep 1 Performance counter stats for 'system wide': 147,229 unc_cbo_cache_lookup.any_es 1.001204726 seconds time elapsed These patches are divided into 2 parts, perf core part and perf tool part. (Please apply the patches from top to bottom in following lists, otherwise conflicts will happen) 1. Patches for perf core to fix some uncore issues. perf/x86/intel/uncore: Fix Skylake server CHA LLC_LOOKUP event umask c3f02682a101b83424128915b14e60c156c03f02 perf/x86/intel/uncore: Fix Skylake server PCU PMU event format bab4e569e80c07ba6fe5e4f2d815adeef26cee94 perf/x86/intel/uncore: Fix Skylake UPI PMU event masks b3625980a65db6b6b6bbd5790a77ab95ce6397c5 perf/x86/intel/uncore: Remove invalid Skylake server CHA filter field 9ad0fbd8fcd9e6815908c772f8d792a9d764449e perf/x86/intel/uncore: Fix SKX CHA event extra regs 8aa7b7b4b4a601978672dce6604b9f5630b2eeb8 perf/x86/intel/uncore: Fix missing marker for skx_uncore_cha_extra_regs ba883b4abc9cd837441b01eb9cf8d9196181294d perf/x86/intel/uncore: Add event constraint for BDX PCU bb9fbe1b57503f790dbbf9f06e72cb0fb9e60740 2. Patches for perf tool to enable the uncore feature. Note that since some dependencies in perf vendor events patches, so this patch-set includes both core and uncore event patches. perf vendor events: Add BroadwellDE V5 event file 27b565b1eb04a277027953cab13b5aad5d469390 perf vendor events: Add Broadwell V17 event file b74d1315cab113ce1e0ee5e10eb6638219c1b0d1 perf vendor events: Add BroadwellX V10 event file 19c0389b60d486010d508d5a1551ee9b6a8b2f45 perf vendor events: Add Bonnell V4 event file 052aa3cce3f2b91e339318e5fe9806d0cfd822f0 perf vendor events: Add Goldmont V8 event file 4a00680b059a6c2c378945e2dffa2fa2876a4fc1 perf vendor events: Add Haswell V24 event file dcfbad10c7ba0bd2f4993c8d8a258471eb6083ff perf vendor events: Add HaswellX V17 event file ede007404388cd1ba306760a2881dc9722f5bb47 perf vendor events: Add IvyBridge V18 event file 4b90798ebb0bab8fe1ed9065e80879503f5601d2 perf vendor events: Add IvyTown V19 event file d910f0ba6d72a0917ae30b6aed5131988e3096e4 perf vendor events: Add Jaketown V20 event file 902ea4ee33e6dccece0f78a68e882eee9be9577f perf vendor events: Add KnightsLanding V9 event file 55d42d272ee30cd781e74a9c4ab152664c6417fc perf vendor events: Add NehalemEP V2 event file edaa78b4c050ec0a0fc7f436cdf6a73c91af64e0 perf vendor events: Add NehalemEX V2 event file d8c303858582d4dcd90f13ebbe9db812a70d0948 perf vendor events: Add Skylake V24 event file 47cbd67e243a6bbb4133d719edd24ee6a315462d perf vendor events: Add Silvermont V13 event file 1b0978458300164046d12e1b7930c9de38057e1d perf vendor events: Add SandyBridge V15 event file 6e82bdae472355fe0953e12eb29a36079e155ddb perf vendor events: Add WestmereEP-DP V2 event file 1f888acd92c8f88b0ab9640cef0794bc5424c668 perf vendor events: Add WestmereEP-SP V2 event file 01dd25455b3588431d3f59c70e7b934a91d66121 perf vendor events: Add WestmereEX V2 event file 1fbd54b2e2356659f9f87920dc514792db6ff602 perf vendor events intel: Add uncore events for Haswell Server processor 7003f00fdb7b44662e8b47ebaf8ff6ce554df4bb perf vendor events intel: Add uncore events for Broadwell Server 949c84efcac9662b1df520675cdfce07273f4d59 perf vendor events intel: Add uncore events for IvyBridge Server 6b138c7b14d6134bed2419ccf7573b87e7a064b0 perf vendor events intel: Add uncore events for Sandy Bridge Server dd32cb5d8fd42316bf8c2b9f7e5c51a38625f755 perf vendor events intel: Add uncore events for Xeon Phi (Knights Landing) 22c8e5526b7bf33840c20b4e717e6560e5dfb294 perf vendor events intel: Add uncore events for Broadwell DE 76667024171a2d6811c5ddbe42a8f675987ad8a1 perf vendor events: Add mapping for KnightsMill PMU events 771ceddaadd0a2b31603034b36dca50943ff6836 perf vendor events intel: Update Intel uncore JSON event files b90b3e9c11050e09279d2b9a318189e155910b20 perf vendor events intel: Add missing UNC_M_DCLOCKTICKS for Broadwell DE uncore 9c4e2e2589c99ed01db6245847b4bd44bc053330 perf vendor events intel: Add uncore events for Sandy Bridge client 80432c7311dbcf0c814d4923480b055a725b0be2 perf vendor events intel: Add uncore events for Ivy Bridge client bccdcb2a77ba0bef17baf152179e30ca35459a0c perf vendor events intel: Add uncore events for Haswell client 0585c6265e66f952bcb6280cf078e5e120bd367a perf vendor events intel: Add uncore events for Broadwell client 092a95d41655bdd31d7d28f1788818724505feb2 perf vendor events intel: Add uncore events for Skylake client 92c6de0f10a80e4936fac04148bd3783a7c2b9f8 perf vendor events: Add core event list for Skylake Server 630171d4156a257869b3cca5b2e63aacf7bc7948 perf vendor events: Add Skylake server uncore event list 41d3d6db1767326dd7daf7c6df48e42020647c15 perf vendor events: Add Goldmont Plus V1 event file 65db92e0965ab56e8031d5c804f26d5be0e47047 perf jevents: Parse eventcode as number d581141970ef3965c1624960fa928d765afd8a3e perf jevents: Add support for parsing uncore json files fedb2b518239cbc00abcf0d200e0be8436251c11 perf pmu: Support per pmu json aliases 15b22ed369aa23ef4d083ffb9621650c353d3ddd perf pmu: Support event aliases for non cpu// pmus 231bb2aa32498cbebef1306889a02114e9dfc934 perf pmu: Factor out scale conversion code d02fc6bcd53721cf8588633409157c232f2418e0 perf tools: Move new_term arguments into struct parse_events_term template 67b49b38f7bd6f34319b540ce824d5697241b3a8 perf tools: Fail on using multiple bits long terms without value 99e7138eb7897aa0ccc6661173ae2d7e79721e05 perf list: Add debug support for outputing alias string f23610245c1aa0e912476e642bd5107d04122230 perf tools: Factor out PMU matching in parser 2073ad3326b7e4577af3d6789edd03df79519d21 perf pmu: Expand PMU events by prefix match 8255718f4bedbfb3558fba10ff40a70934f2117d perf pmu: Special case uncore_ prefix a820e33547aee9fd0460106c1fc577a125c23975 perf stat: Factor out callback for collecting event values fbe51fba82901fd15d3e0a068388fcd7d02dc047 perf stat: Collapse identically named events 430daf2dc7aff16096a137347e6fd03d4af609e9 perf stat: Handle partially bad results with merging b4229e9d4cac2295f8f04ec26acd571a391c6c37 perf vendor events intel: Add uncore_arb JSON support af34cb4fad1ba08db199ef1b0a529549e041dd25 perf vendor events intel: Add missing space in json descriptions 3401e8d1e1300742ed41910b9338b9da52689a16 Thanks Jin Yao

7 years, 1 month

3
13
0 0

[PATCH 08/10] bcache: set max writeback rate when I/O request is idle

by Coly Li

Commit b1092c9af9ed ("bcache: allow quick writeback when backing idle") allows the writeback rate to be faster if there is no I/O request on a bcache device. It works well if there is only one bcache device attached to the cache set. If there are many bcache devices attached to a cache set, it may introduce performance regression because multiple faster writeback threads of the idle bcache devices will compete the btree level locks with the bcache device who have I/O requests coming. This patch fixes the above issue by only permitting fast writebac when all bcache devices attached on the cache set are idle. And if one of the bcache devices has new I/O request coming, minimized all writeback throughput immediately and let PI controller __update_writeback_rate() to decide the upcoming writeback rate for each bcache device. Also when all bcache devices are idle, limited wrieback rate to a small number is wast of thoughput, especially when backing devices are slower non-rotation devices (e.g. SATA SSD). This patch sets a max writeback rate for each backing device if the whole cache set is idle. A faster writeback rate in idle time means new I/Os may have more available space for dirty data, and people may observe a better write performance then. Please note bcache may change its cache mode in run time, and this patch still works if the cache mode is switched from writeback mode and there is still dirty data on cache. Fixes: Commit b1092c9af9ed ("bcache: allow quick writeback when backing idle") Cc: stable(a)vger.kernel.org #4.16+ Signed-off-by: Coly Li <colyli(a)suse.de> Tested-by: Kai Krakow <kai(a)kaishome.de> Tested-by: Stefan Priebe <s.priebe(a)profihost.ag> Cc: Michael Lyle <mlyle(a)lyle.org> --- drivers/md/bcache/bcache.h | 10 ++-- drivers/md/bcache/request.c | 59 ++++++++++++++++++++++- drivers/md/bcache/super.c | 4 ++ drivers/md/bcache/sysfs.c | 15 ++++-- drivers/md/bcache/util.c | 2 +- drivers/md/bcache/util.h | 2 +- drivers/md/bcache/writeback.c | 91 +++++++++++++++++++++++------------ 7 files changed, 138 insertions(+), 45 deletions(-) diff --git a/drivers/md/bcache/bcache.h b/drivers/md/bcache/bcache.h index b393b3fd06b6..05f82ff6f016 100644 --- a/drivers/md/bcache/bcache.h +++ b/drivers/md/bcache/bcache.h @@ -328,13 +328,6 @@ struct cached_dev { */ atomic_t has_dirty; - /* - * Set to zero by things that touch the backing volume-- except - * writeback. Incremented by writeback. Used to determine when to - * accelerate idle writeback. - */ - atomic_t backing_idle; - struct bch_ratelimit writeback_rate; struct delayed_work writeback_rate_update; @@ -515,6 +508,8 @@ struct cache_set { struct cache_accounting accounting; unsigned long flags; + atomic_t idle_counter; + atomic_t at_max_writeback_rate; struct cache_sb sb; @@ -524,6 +519,7 @@ struct cache_set { struct bcache_device **devices; unsigned devices_max_used; + atomic_t attached_dev_nr; struct list_head cached_devs; uint64_t cached_dev_sectors; atomic_long_t flash_dev_dirty_sectors; diff --git a/drivers/md/bcache/request.c b/drivers/md/bcache/request.c index 914d501ad1e0..7dbe8b6316a0 100644 --- a/drivers/md/bcache/request.c +++ b/drivers/md/bcache/request.c @@ -1103,6 +1103,44 @@ static void detached_dev_do_request(struct bcache_device *d, struct bio *bio) generic_make_request(bio); } +static void quit_max_writeback_rate(struct cache_set *c, + struct cached_dev *this_dc) +{ + int i; + struct bcache_device *d; + struct cached_dev *dc; + + /* + * mutex bch_register_lock may compete with other parallel requesters, + * or attach/detach operations on other backing device. Waiting to + * the mutex lock may increase I/O request latency for seconds or more. + * To avoid such situation, if mutext_trylock() failed, only writeback + * rate of current cached device is set to 1, and __update_write_back() + * will decide writeback rate of other cached devices (remember now + * c->idle_counter is 0 already). + */ + if (mutex_trylock(&bch_register_lock)) { + for (i = 0; i < c->devices_max_used; i++) { + if (!c->devices[i]) + continue; + + if (UUID_FLASH_ONLY(&c->uuids[i])) + continue; + + d = c->devices[i]; + dc = container_of(d, struct cached_dev, disk); + /* + * set writeback rate to default minimum value, + * then let update_writeback_rate() to decide the + * upcoming rate. + */ + atomic_long_set(&dc->writeback_rate.rate, 1); + } + mutex_unlock(&bch_register_lock); + } else + atomic_long_set(&this_dc->writeback_rate.rate, 1); +} + /* Cached devices - read & write stuff */ static blk_qc_t cached_dev_make_request(struct request_queue *q, @@ -1120,8 +1158,25 @@ static blk_qc_t cached_dev_make_request(struct request_queue *q, return BLK_QC_T_NONE; } - atomic_set(&dc->backing_idle, 0); - generic_start_io_acct(q, bio_op(bio), bio_sectors(bio), &d->disk->part0); + if (likely(d->c)) { + if (atomic_read(&d->c->idle_counter)) + atomic_set(&d->c->idle_counter, 0); + /* + * If at_max_writeback_rate of cache set is true and new I/O + * comes, quit max writeback rate of all cached devices + * attached to this cache set, and set at_max_writeback_rate + * to false. + */ + if (unlikely(atomic_read(&d->c->at_max_writeback_rate) == 1)) { + atomic_set(&d->c->at_max_writeback_rate, 0); + quit_max_writeback_rate(d->c, dc); + } + } + + generic_start_io_acct(q, + bio_op(bio), + bio_sectors(bio), + &d->disk->part0); bio_set_dev(bio, dc->bdev); bio->bi_iter.bi_sector += dc->sb.data_offset; diff --git a/drivers/md/bcache/super.c b/drivers/md/bcache/super.c index f517d7d1fa10..32b95f3b9461 100644 --- a/drivers/md/bcache/super.c +++ b/drivers/md/bcache/super.c @@ -696,6 +696,8 @@ static void bcache_device_detach(struct bcache_device *d) { lockdep_assert_held(&bch_register_lock); + atomic_dec(&d->c->attached_dev_nr); + if (test_bit(BCACHE_DEV_DETACHING, &d->flags)) { struct uuid_entry *u = d->c->uuids + d->id; @@ -1144,6 +1146,7 @@ int bch_cached_dev_attach(struct cached_dev *dc, struct cache_set *c, bch_cached_dev_run(dc); bcache_device_link(&dc->disk, c, "bdev"); + atomic_inc(&c->attached_dev_nr); /* Allow the writeback thread to proceed */ up_write(&dc->writeback_lock); @@ -1696,6 +1699,7 @@ struct cache_set *bch_cache_set_alloc(struct cache_sb *sb) c->block_bits = ilog2(sb->block_size); c->nr_uuids = bucket_bytes(c) / sizeof(struct uuid_entry); c->devices_max_used = 0; + atomic_set(&c->attached_dev_nr, 0); c->btree_pages = bucket_pages(c); if (c->btree_pages > BTREE_MAX_PAGES) c->btree_pages = max_t(int, c->btree_pages / 4, diff --git a/drivers/md/bcache/sysfs.c b/drivers/md/bcache/sysfs.c index 3e9d3459a224..6e88142514fb 100644 --- a/drivers/md/bcache/sysfs.c +++ b/drivers/md/bcache/sysfs.c @@ -171,7 +171,8 @@ SHOW(__bch_cached_dev) var_printf(writeback_running, "%i"); var_print(writeback_delay); var_print(writeback_percent); - sysfs_hprint(writeback_rate, wb ? dc->writeback_rate.rate << 9 : 0); + sysfs_hprint(writeback_rate, + wb ? atomic_long_read(&dc->writeback_rate.rate) << 9 : 0); sysfs_hprint(io_errors, atomic_read(&dc->io_errors)); sysfs_printf(io_error_limit, "%i", dc->error_limit); sysfs_printf(io_disable, "%i", dc->io_disable); @@ -193,7 +194,9 @@ SHOW(__bch_cached_dev) * Except for dirty and target, other values should * be 0 if writeback is not running. */ - bch_hprint(rate, wb ? dc->writeback_rate.rate << 9 : 0); + bch_hprint(rate, + wb ? atomic_long_read(&dc->writeback_rate.rate) << 9 + : 0); bch_hprint(dirty, bcache_dev_sectors_dirty(&dc->disk) << 9); bch_hprint(target, dc->writeback_rate_target << 9); bch_hprint(proportional, @@ -261,8 +264,12 @@ STORE(__cached_dev) sysfs_strtoul_clamp(writeback_percent, dc->writeback_percent, 0, 40); - sysfs_strtoul_clamp(writeback_rate, - dc->writeback_rate.rate, 1, INT_MAX); + if (attr == &sysfs_writeback_rate) { + int v; + + sysfs_strtoul_clamp(writeback_rate, v, 1, INT_MAX); + atomic_long_set(&dc->writeback_rate.rate, v); + } sysfs_strtoul_clamp(writeback_rate_update_seconds, dc->writeback_rate_update_seconds, diff --git a/drivers/md/bcache/util.c b/drivers/md/bcache/util.c index fc479b026d6d..b15256bcf0e7 100644 --- a/drivers/md/bcache/util.c +++ b/drivers/md/bcache/util.c @@ -200,7 +200,7 @@ uint64_t bch_next_delay(struct bch_ratelimit *d, uint64_t done) { uint64_t now = local_clock(); - d->next += div_u64(done * NSEC_PER_SEC, d->rate); + d->next += div_u64(done * NSEC_PER_SEC, atomic_long_read(&d->rate)); /* Bound the time. Don't let us fall further than 2 seconds behind * (this prevents unnecessary backlog that would make it impossible diff --git a/drivers/md/bcache/util.h b/drivers/md/bcache/util.h index cced87f8eb27..f7b0133c9d2f 100644 --- a/drivers/md/bcache/util.h +++ b/drivers/md/bcache/util.h @@ -442,7 +442,7 @@ struct bch_ratelimit { * Rate at which we want to do work, in units per second * The units here correspond to the units passed to bch_next_delay() */ - uint32_t rate; + atomic_long_t rate; }; static inline void bch_ratelimit_reset(struct bch_ratelimit *d) diff --git a/drivers/md/bcache/writeback.c b/drivers/md/bcache/writeback.c index 912e969fedba..481d4cf38ac0 100644 --- a/drivers/md/bcache/writeback.c +++ b/drivers/md/bcache/writeback.c @@ -104,11 +104,56 @@ static void __update_writeback_rate(struct cached_dev *dc) dc->writeback_rate_proportional = proportional_scaled; dc->writeback_rate_integral_scaled = integral_scaled; - dc->writeback_rate_change = new_rate - dc->writeback_rate.rate; - dc->writeback_rate.rate = new_rate; + dc->writeback_rate_change = new_rate - + atomic_long_read(&dc->writeback_rate.rate); + atomic_long_set(&dc->writeback_rate.rate, new_rate); dc->writeback_rate_target = target; } +static bool set_at_max_writeback_rate(struct cache_set *c, + struct cached_dev *dc) +{ + /* + * Idle_counter is increased everytime when update_writeback_rate() is + * called. If all backing devices attached to the same cache set have + * identical dc->writeback_rate_update_seconds values, it is about 6 + * rounds of update_writeback_rate() on each backing device before + * c->at_max_writeback_rate is set to 1, and then max wrteback rate set + * to each dc->writeback_rate.rate. + * In order to avoid extra locking cost for counting exact dirty cached + * devices number, c->attached_dev_nr is used to calculate the idle + * throushold. It might be bigger if not all cached device are in write- + * back mode, but it still works well with limited extra rounds of + * update_writeback_rate(). + */ + if (atomic_inc_return(&c->idle_counter) < + atomic_read(&c->attached_dev_nr) * 6) + return false; + + if (atomic_read(&c->at_max_writeback_rate) != 1) + atomic_set(&c->at_max_writeback_rate, 1); + + atomic_long_set(&dc->writeback_rate.rate, INT_MAX); + + /* keep writeback_rate_target as existing value */ + dc->writeback_rate_proportional = 0; + dc->writeback_rate_integral_scaled = 0; + dc->writeback_rate_change = 0; + + /* + * Check c->idle_counter and c->at_max_writeback_rate agagain in case + * new I/O arrives during before set_at_max_writeback_rate() returns. + * Then the writeback rate is set to 1, and its new value should be + * decided via __update_writeback_rate(). + */ + if ((atomic_read(&c->idle_counter) < + atomic_read(&c->attached_dev_nr) * 6) || + !atomic_read(&c->at_max_writeback_rate)) + return false; + + return true; +} + static void update_writeback_rate(struct work_struct *work) { struct cached_dev *dc = container_of(to_delayed_work(work), @@ -136,13 +181,20 @@ static void update_writeback_rate(struct work_struct *work) return; } - down_read(&dc->writeback_lock); - - if (atomic_read(&dc->has_dirty) && - dc->writeback_percent) - __update_writeback_rate(dc); + if (atomic_read(&dc->has_dirty) && dc->writeback_percent) { + /* + * If the whole cache set is idle, set_at_max_writeback_rate() + * will set writeback rate to a max number. Then it is + * unncessary to update writeback rate for an idle cache set + * in maximum writeback rate number(s). + */ + if (!set_at_max_writeback_rate(c, dc)) { + down_read(&dc->writeback_lock); + __update_writeback_rate(dc); + up_read(&dc->writeback_lock); + } + } - up_read(&dc->writeback_lock); /* * CACHE_SET_IO_DISABLE might be set via sysfs interface, @@ -422,27 +474,6 @@ static void read_dirty(struct cached_dev *dc) delay = writeback_delay(dc, size); - /* If the control system would wait for at least half a - * second, and there's been no reqs hitting the backing disk - * for awhile: use an alternate mode where we have at most - * one contiguous set of writebacks in flight at a time. If - * someone wants to do IO it will be quick, as it will only - * have to contend with one operation in flight, and we'll - * be round-tripping data to the backing disk as quickly as - * it can accept it. - */ - if (delay >= HZ / 2) { - /* 3 means at least 1.5 seconds, up to 7.5 if we - * have slowed way down. - */ - if (atomic_inc_return(&dc->backing_idle) >= 3) { - /* Wait for current I/Os to finish */ - closure_sync(&cl); - /* And immediately launch a new set. */ - delay = 0; - } - } - while (!kthread_should_stop() && !test_bit(CACHE_SET_IO_DISABLE, &dc->disk.c->flags) && delay) { @@ -741,7 +772,7 @@ void bch_cached_dev_writeback_init(struct cached_dev *dc) dc->writeback_running = true; dc->writeback_percent = 10; dc->writeback_delay = 30; - dc->writeback_rate.rate = 1024; + atomic_long_set(&dc->writeback_rate.rate, 1024); dc->writeback_rate_minimum = 8; dc->writeback_rate_update_seconds = WRITEBACK_RATE_UPDATE_SECS_DEFAULT; -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH 01/10] bcache: do not check return value of debugfs_create_dir()

by Coly Li

Greg KH suggests that normal code should not care about debugfs. Therefore no matter successful or failed of debugfs_create_dir() execution, it is unncessary to check its return value. There are two functions called debugfs_create_dir() and check the return value, which are bch_debug_init() and closure_debug_init(). This patch changes these two functions from int to void type, and ignore return values of debugfs_create_dir(). This patch does not fix exact bug, just makes things work as they should. Signed-off-by: Coly Li <colyli(a)suse.de> Suggested-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: stable(a)vger.kernel.org Cc: Kai Krakow <kai(a)kaishome.de> Cc: Kent Overstreet <kent.overstreet(a)gmail.com> --- drivers/md/bcache/bcache.h | 2 +- drivers/md/bcache/closure.c | 13 +++++++++---- drivers/md/bcache/closure.h | 4 ++-- drivers/md/bcache/debug.c | 11 ++++++----- drivers/md/bcache/super.c | 4 +++- 5 files changed, 21 insertions(+), 13 deletions(-) diff --git a/drivers/md/bcache/bcache.h b/drivers/md/bcache/bcache.h index 872ef4d67711..0a3e82b0876d 100644 --- a/drivers/md/bcache/bcache.h +++ b/drivers/md/bcache/bcache.h @@ -1001,7 +1001,7 @@ void bch_open_buckets_free(struct cache_set *); int bch_cache_allocator_start(struct cache *ca); void bch_debug_exit(void); -int bch_debug_init(struct kobject *); +void bch_debug_init(struct kobject *kobj); void bch_request_exit(void); int bch_request_init(void); diff --git a/drivers/md/bcache/closure.c b/drivers/md/bcache/closure.c index 0e14969182c6..618253683d40 100644 --- a/drivers/md/bcache/closure.c +++ b/drivers/md/bcache/closure.c @@ -199,11 +199,16 @@ static const struct file_operations debug_ops = { .release = single_release }; -int __init closure_debug_init(void) +void __init closure_debug_init(void) { - closure_debug = debugfs_create_file("closures", - 0400, bcache_debug, NULL, &debug_ops); - return IS_ERR_OR_NULL(closure_debug); + if (!IS_ERR_OR_NULL(bcache_debug)) + /* + * it is unnecessary to check return value of + * debugfs_create_file(), we should not care + * about this. + */ + closure_debug = debugfs_create_file( + "closures", 0400, bcache_debug, NULL, &debug_ops); } #endif diff --git a/drivers/md/bcache/closure.h b/drivers/md/bcache/closure.h index 71427eb5fdae..7c2c5bc7c88b 100644 --- a/drivers/md/bcache/closure.h +++ b/drivers/md/bcache/closure.h @@ -186,13 +186,13 @@ static inline void closure_sync(struct closure *cl) #ifdef CONFIG_BCACHE_CLOSURES_DEBUG -int closure_debug_init(void); +void closure_debug_init(void); void closure_debug_create(struct closure *cl); void closure_debug_destroy(struct closure *cl); #else -static inline int closure_debug_init(void) { return 0; } +static inline void closure_debug_init(void) {} static inline void closure_debug_create(struct closure *cl) {} static inline void closure_debug_destroy(struct closure *cl) {} diff --git a/drivers/md/bcache/debug.c b/drivers/md/bcache/debug.c index 04d146711950..12034c07257b 100644 --- a/drivers/md/bcache/debug.c +++ b/drivers/md/bcache/debug.c @@ -252,11 +252,12 @@ void bch_debug_exit(void) debugfs_remove_recursive(bcache_debug); } -int __init bch_debug_init(struct kobject *kobj) +void __init bch_debug_init(struct kobject *kobj) { - if (!IS_ENABLED(CONFIG_DEBUG_FS)) - return 0; - + /* + * it is unnecessary to check return value of + * debugfs_create_file(), we should not care + * about this. + */ bcache_debug = debugfs_create_dir("bcache", NULL); - return IS_ERR_OR_NULL(bcache_debug); } diff --git a/drivers/md/bcache/super.c b/drivers/md/bcache/super.c index e0a92104ca23..c7ffa6ef3f82 100644 --- a/drivers/md/bcache/super.c +++ b/drivers/md/bcache/super.c @@ -2345,10 +2345,12 @@ static int __init bcache_init(void) goto err; if (bch_request_init() || - bch_debug_init(bcache_kobj) || closure_debug_init() || sysfs_create_files(bcache_kobj, files)) goto err; + bch_debug_init(bcache_kobj); + closure_debug_init(); + return 0; err: bcache_exit(); -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH 4.17 00/18] 4.17.14-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.17.14 release. There are 18 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Aug 9 17:23:05 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.17.14-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.17.14-rc1 Shankara Pailoor <shankarapailoor(a)gmail.com> jfs: Fix inconsistency between memory allocation and ea_buf->max_size Dave Chinner <dchinner(a)redhat.com> xfs: validate cached inodes are free when allocated Eric Sandeen <sandeen(a)sandeen.net> xfs: don't call xfs_da_shrink_inode with NULL bp Linus Torvalds <torvalds(a)linux-foundation.org> Partially revert "block: fail op_is_write() requests to read-only partitions" Filipe Manana <fdmanana(a)suse.com> Btrfs: fix file data corruption after cloning a range and fsync Esben Haabendal <eha(a)deif.com> i2c: imx: Fix reinit_completion() use Masami Hiramatsu <mhiramat(a)kernel.org> ring_buffer: tracing: Inherit the tracing setting to next ring buffer Dmitry Safonov <dima(a)arista.com> netlink: Don't shift on 64 for ngroups Frederic Weisbecker <frederic(a)kernel.org> nohz: Fix missing tick reprogram when interrupting an inline softirq Anna-Maria Gleixner <anna-maria(a)linutronix.de> nohz: Fix local_timer_softirq_pending() Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel/uncore: Fix hardcoded index of Broadwell extra PCI devices Thomas Gleixner <tglx(a)linutronix.de> genirq: Make force irq threading setup more robust Kees Cook <keescook(a)chromium.org> jfs: Fix usercopy whitelist for inline inode data Anil Gurumurthy <anil.gurumurthy(a)cavium.com> scsi: qla2xxx: Return error when TMF returns Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix ISP recovery on unload Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix driver unload by shutting down chip Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix unintialized List head crash ------------- Diffstat: Makefile | 4 +- arch/x86/events/intel/uncore.h | 2 +- arch/x86/events/intel/uncore_snbep.c | 10 +++-- block/blk-core.c | 5 ++- drivers/i2c/busses/i2c-imx.c | 3 +- drivers/scsi/qla2xxx/qla_attr.c | 1 + drivers/scsi/qla2xxx/qla_gbl.h | 1 + drivers/scsi/qla2xxx/qla_gs.c | 4 ++ drivers/scsi/qla2xxx/qla_init.c | 7 ++-- drivers/scsi/qla2xxx/qla_inline.h | 2 + drivers/scsi/qla2xxx/qla_isr.c | 3 ++ drivers/scsi/qla2xxx/qla_mbx.c | 6 +++ drivers/scsi/qla2xxx/qla_mid.c | 11 +++++- drivers/scsi/qla2xxx/qla_os.c | 51 +++++++++++-------------- drivers/scsi/qla2xxx/qla_sup.c | 3 ++ fs/btrfs/extent_io.c | 3 ++ fs/jfs/jfs_dinode.h | 7 ++++ fs/jfs/jfs_incore.h | 1 + fs/jfs/super.c | 3 +- fs/jfs/xattr.c | 10 +++-- fs/xfs/libxfs/xfs_attr_leaf.c | 5 +-- fs/xfs/xfs_icache.c | 73 ++++++++++++++++++++++++------------ include/linux/ring_buffer.h | 1 + kernel/irq/manage.c | 9 ++++- kernel/softirq.c | 2 +- kernel/time/tick-sched.c | 2 +- kernel/trace/ring_buffer.c | 16 ++++++++ kernel/trace/trace.c | 6 +++ net/netlink/af_netlink.c | 4 +- 29 files changed, 171 insertions(+), 84 deletions(-)

7 years, 1 month

4
22
0 0

[PATCH] ARC: [plat-axs10x] Enable SWAP

by Alexey Brodkin

SWAP support on ARC was fixed earlier by commit 6e3761145a9b ("ARC: Fix CONFIG_SWAP") so now we may safely enable it on platforms that have external media like USB and SD-card. Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com> Cc: stable(a)vger.kernel.org # 6e3761145a9b: ARC: Fix CONFIG_SWAP --- arch/arc/configs/axs101_defconfig | 1 - arch/arc/configs/axs103_defconfig | 1 - arch/arc/configs/axs103_smp_defconfig | 1 - 3 files changed, 3 deletions(-) diff --git a/arch/arc/configs/axs101_defconfig b/arch/arc/configs/axs101_defconfig index 3dbb2b3f60af..96b7258a76be 100644 --- a/arch/arc/configs/axs101_defconfig +++ b/arch/arc/configs/axs101_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set diff --git a/arch/arc/configs/axs103_defconfig b/arch/arc/configs/axs103_defconfig index 4d7b85d4b2dc..72fc21ef1334 100644 --- a/arch/arc/configs/axs103_defconfig +++ b/arch/arc/configs/axs103_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set diff --git a/arch/arc/configs/axs103_smp_defconfig b/arch/arc/configs/axs103_smp_defconfig index 92417e2e39f3..2ac89bd00e28 100644 --- a/arch/arc/configs/axs103_smp_defconfig +++ b/arch/arc/configs/axs103_smp_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set -- 2.17.1

7 years, 1 month

2
3
0 0

[PATCH 3.18 00/85] 3.18.118-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 3.18.118 release. There are 85 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Aug 9 17:23:43 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v3.x/stable-review/patch-3.18.118-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-3.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 3.18.118-rc1 Shankara Pailoor <shankarapailoor(a)gmail.com> jfs: Fix inconsistency between memory allocation and ea_buf->max_size Masami Hiramatsu <mhiramat(a)kernel.org> ring_buffer: tracing: Inherit the tracing setting to next ring buffer Anil Gurumurthy <anil.gurumurthy(a)cavium.com> scsi: qla2xxx: Return error when TMF returns Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix ISP recovery on unload Tony Battersby <tonyb(a)cybernetics.com> scsi: sg: fix minor memory leak in error path Herbert Xu <herbert(a)gondor.apana.org.au> crypto: padlock-aes - Fix Nano workaround data corruption Jiang Biao <jiang.biao2(a)zte.com.cn> virtio_balloon: fix another race between migration and ballooning Anton Vasilyev <vasilyev(a)ispras.ru> can: ems_usb: Fix memory leak on ems_usb_disconnect() Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: more metadata hardenings Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: more metadata hardening Florian Fainelli <f.fainelli(a)gmail.com> net: dsa: Do not suspend/resume closed slave_dev Eric Dumazet <edumazet(a)google.com> inet: frag: enforce memory limits earlier Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> ipv4: remove BUG_ON() from fib_compute_spec_dst Eric Dumazet <edumazet(a)google.com> tcp: add one more quick ack after after ECN events Yousuk Seung <ysseung(a)google.com> tcp: refactor tcp_ecn_check_ce to remove sk type cast Eric Dumazet <edumazet(a)google.com> tcp: do not aggressively quick ack after ECN events Eric Dumazet <edumazet(a)google.com> tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode Eric Dumazet <edumazet(a)google.com> tcp: do not force quickack when receiving out-of-order packets Xiao Liang <xiliang(a)redhat.com> xen-netfront: wait xenbus state change when load module manually Eugeniy Paltsev <Eugeniy.Paltsev(a)synopsys.com> NET: stmmac: align DMA stuff to largest cache line length Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: be more careful about metadata corruption Theodore Ts'o <tytso(a)mit.edu> random: mix rdrand with entropy sent in from userspace Mauro Carvalho Chehab <mchehab(a)s-opensource.com> media: si470x: fix __be16 annotations Suman Anna <s-anna(a)ti.com> media: omap3isp: fix unbalanced dma_iommu_mapping Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authenc - don't leak pointers to authenc keys Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authencesn - don't leak pointers to authenc keys Dominik Bozek <dominikx.bozek(a)intel.com> usb: hub: Don't wait for connect state at resume for powered-off ports Michal Simek <michal.simek(a)xilinx.com> microblaze: Fix simpleImage format generation Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> rsi: Fix 'invalid vdd' warning in mmc Chris Novakovic <chris(a)chrisn.me.uk> ipconfig: Correctly initialise ic_nameservers Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Takashi Sakamoto <o-takashi(a)sakamocchi.jp> ALSA: hda/ca0132: fix build failure when a local macro is defined Mauro Carvalho Chehab <mchehab(a)s-opensource.com> media: siano: get rid of __le32/__le16 cast warnings Jakub Kicinski <jakub.kicinski(a)netronome.com> bpf: fix references to free_bpf_prog_info() in comments Dan Carpenter <dan.carpenter(a)oracle.com> scsi: megaraid: silence a static checker bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-xxxx: fix a missing-check bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-9xxx: fix a missing-check bug Thomas Richter <tmricht(a)linux.ibm.com> perf: fix invalid bit in diagnostic entry Thomas Richter <tmricht(a)linux.ibm.com> s390/cpum_sf: Add data entry sizes to sampling trailer entry Brad Love <brad(a)nextdimension.cc> media: saa7164: Fix driver name in debug output Damien Le Moal <damien.lemoal(a)wdc.com> libata: Fix command retry decision DaeRyong Jeong <threeearcat(a)gmail.com> tty: Fix data race in tty_insert_flip_string_fixed_flag Dmitry Torokhov <dtor(a)chromium.org> HID: i2c-hid: check if device is there before really probing Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/radeon: fix mode_valid's return type Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Colin Ian King <colin.king(a)canonical.com> media: smiapp: fix timeout checking in smiapp_read_nvm Yufen Yu <yuyufen(a)huawei.com> md: fix NULL dereference of mddev->pers in remove_and_add_spares() Anson Huang <Anson.Huang(a)nxp.com> regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Takashi Iwai <tiwai(a)suse.de> ALSA: emu10k1: Rate-limit error messages about page errors Maya Erez <merez(a)codeaurora.org> scsi: ufs: fix exception event handling Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: pciehp: Request control of native hotplug only if supported Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/8xx: fix invalid register expression in head_8xx.S Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Mark variable x as unused Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Add missing prototype for note_bootable_part() Mathieu Malaterre <malat(a)debian.org> powerpc/chrp/time: Make some functions static, add missing header include Mathieu Malaterre <malat(a)debian.org> powerpc/32: Add a missing include header Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bahamas Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bermuda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Serbia Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Tanzania Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Uganda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL2_FCCA Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL13_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for ETSI8_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for FCC3_ETSIC Christoph Hellwig <hch(a)lst.de> PCI: Prevent sysfs disable of device while driver is attached Eyal Reizer <eyalreizer(a)gmail.com> wlcore: sdio: check for valid platform device data before suspend Ganapathi Bhat <gbhat(a)marvell.com> mwifiex: handle race during mwifiex_usb_disconnect Kai Chieh Chuang <kaichieh.chuang(a)mediatek.com> ASoC: dpcm: fix BE dai not hw_free and shutdown Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check for NHM Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check in generic code Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_detach: Fix memory, udev context and udev leak Leon Romanovsky <leonro(a)mellanox.com> RDMA/mad: Convert BUG_ONs to error flows Stewart Smith <stewart(a)linux.ibm.com> hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Cong Wang <xiyou.wangcong(a)gmail.com> infiniband: fix a possible use-after-free bug Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: ensure rtc_set_alarm fails when alarms are not supported Mathieu Malaterre <malat(a)debian.org> mm/slub.c: add __printf verification to slab_err() Chintan Pandya <cpandya(a)codeaurora.org> mm: vmalloc: avoid racy handling of debugobjects in vunmap Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: fm801: add error handling for snd_ctl_add Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: emu10k1: add error handling for snd_ctl_add Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Quiet gcc warning about maybe unused link variable Artem Savkov <asavkov(a)redhat.com> tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix possible double free in event_enable_trigger_func() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix double free of event_trigger_data ------------- Diffstat: Makefile | 4 +- arch/microblaze/boot/Makefile | 10 +++-- arch/powerpc/kernel/head_8xx.S | 2 +- arch/powerpc/kernel/pci_32.c | 1 + arch/powerpc/platforms/chrp/time.c | 6 ++- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 +++ arch/powerpc/platforms/powermac/bootx_init.c | 4 +- arch/powerpc/platforms/powermac/setup.c | 1 + arch/s390/include/asm/cpu_mf.h | 6 ++- arch/x86/kernel/cpu/perf_event_intel_uncore.c | 2 +- .../x86/kernel/cpu/perf_event_intel_uncore_nhmex.c | 2 +- crypto/authenc.c | 1 + crypto/authencesn.c | 1 + drivers/acpi/pci_root.c | 4 +- drivers/ata/libata-eh.c | 12 ++++-- drivers/char/random.c | 10 ++++- drivers/crypto/padlock-aes.c | 8 +++- drivers/gpu/drm/gma500/psb_intel_drv.h | 2 +- drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 +- drivers/gpu/drm/radeon/radeon_connectors.c | 10 ++--- drivers/hid/i2c-hid/i2c-hid.c | 8 ++++ drivers/infiniband/core/mad.c | 11 +++-- drivers/infiniband/core/ucma.c | 6 ++- drivers/md/md.c | 3 ++ drivers/media/common/siano/smsendian.c | 14 +++---- drivers/media/i2c/smiapp/smiapp-core.c | 11 +++-- drivers/media/pci/saa7164/saa7164-fw.c | 3 +- drivers/media/platform/omap3isp/isp.c | 7 ++-- drivers/media/radio/si470x/radio-si470x-i2c.c | 6 +-- drivers/net/can/usb/ems_usb.c | 1 + drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/wireless/ath/regd.h | 5 +++ drivers/net/wireless/ath/regd_common.h | 13 ++++++ drivers/net/wireless/mwifiex/usb.c | 3 ++ drivers/net/wireless/rsi/rsi_91x_sdio.c | 2 - drivers/net/wireless/ti/wlcore/sdio.c | 5 +++ drivers/net/xen-netfront.c | 6 +++ drivers/pci/pci-sysfs.c | 15 ++++--- drivers/regulator/pfuze100-regulator.c | 1 + drivers/rtc/interface.c | 5 +++ drivers/scsi/3w-9xxx.c | 5 +++ drivers/scsi/3w-xxxx.c | 3 ++ drivers/scsi/megaraid.c | 3 ++ drivers/scsi/qla2xxx/qla_init.c | 7 ++-- drivers/scsi/qla2xxx/qla_os.c | 5 ++- drivers/scsi/sg.c | 1 + drivers/scsi/ufs/ufshcd.c | 2 + drivers/tty/hvc/hvc_opal.c | 1 - drivers/tty/pty.c | 3 ++ drivers/usb/core/hub.c | 4 ++ drivers/virtio/virtio_balloon.c | 2 + fs/jfs/xattr.c | 10 +++-- fs/squashfs/block.c | 2 + fs/squashfs/cache.c | 3 ++ fs/squashfs/file.c | 8 +++- fs/squashfs/fragment.c | 17 ++++---- fs/squashfs/squashfs_fs.h | 6 +++ fs/squashfs/squashfs_fs_sb.h | 1 + fs/squashfs/super.c | 5 ++- include/linux/ring_buffer.h | 1 + include/net/tcp.h | 2 +- kernel/bpf/verifier.c | 4 +- kernel/trace/ring_buffer.c | 16 ++++++++ kernel/trace/trace.c | 6 +++ kernel/trace/trace_events_trigger.c | 18 +++++--- kernel/trace/trace_kprobe.c | 15 ++++++- mm/slub.c | 2 +- mm/vmalloc.c | 3 +- net/dsa/slave.c | 6 +++ net/ipv4/fib_frontend.c | 4 +- net/ipv4/inet_fragment.c | 10 ++--- net/ipv4/ipconfig.c | 13 ++++++ net/ipv4/tcp_dctcp.c | 4 +- net/ipv4/tcp_input.c | 48 +++++++++++----------- sound/pci/emu10k1/emupcm.c | 4 +- sound/pci/emu10k1/memory.c | 6 +-- sound/pci/fm801.c | 16 ++++++-- sound/pci/hda/patch_ca0132.c | 8 +++- sound/soc/soc-pcm.c | 6 ++- sound/usb/pcm.c | 2 +- tools/usb/usbip/src/usbip_detach.c | 9 ++-- 81 files changed, 366 insertions(+), 145 deletions(-)

7 years, 1 month

4
84
0 0

[PATCH v2] RDMA/rxe: Set wqe->status correctly if an unexpected response is received

by Bart Van Assche

Every function that returns COMPST_ERROR must set wqe->status to another value than IB_WC_SUCCESS before returning COMPST_ERROR. Fix the only code path for which this is not yet the case. Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Zhu Yanjun <yanjun.zhu(a)oracle.com> Cc: Jianchao Wang <jianchao.w.wang(a)oracle.com> Cc: Yuval Shaia <yuval.shaia(a)oracle.com> Cc: <stable(a)vger.kernel.org> --- Changes compared to v1: left out a pr_err() statement as requested by Jason. drivers/infiniband/sw/rxe/rxe_comp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/infiniband/sw/rxe/rxe_comp.c b/drivers/infiniband/sw/rxe/rxe_comp.c index 98d470d1f3fc..83311dd07019 100644 --- a/drivers/infiniband/sw/rxe/rxe_comp.c +++ b/drivers/infiniband/sw/rxe/rxe_comp.c @@ -276,6 +276,7 @@ static inline enum comp_state check_ack(struct rxe_qp *qp, case IB_OPCODE_RC_RDMA_READ_RESPONSE_MIDDLE: if (wqe->wr.opcode != IB_WR_RDMA_READ && wqe->wr.opcode != IB_WR_RDMA_READ_WITH_INV) { + wqe->status = IB_WC_FATAL_ERR; return COMPST_ERROR; } reset_retry_counters(qp); -- 2.17.1

7 years, 1 month

4
5
0 0

[PATCH 4.14 00/21] 4.14.62-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.62 release. There are 21 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Aug 9 17:23:22 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.62-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.62-rc1 Shankara Pailoor <shankarapailoor(a)gmail.com> jfs: Fix inconsistency between memory allocation and ea_buf->max_size Eric Sandeen <sandeen(a)sandeen.net> xfs: don't call xfs_da_shrink_inode with NULL bp Dave Chinner <dchinner(a)redhat.com> xfs: validate cached inodes are free when allocated Dave Chinner <dchinner(a)redhat.com> xfs: catch inode allocation state mismatch corruption Len Brown <len.brown(a)intel.com> intel_idle: Graceful probe failure when MWAIT is disabled James Smart <jsmart2021(a)gmail.com> nvmet-fc: fix target sgl list on large transfers Keith Busch <keith.busch(a)intel.com> nvme-pci: Fix queue double allocations Sagi Grimberg <sagi(a)grimberg.me> nvme-pci: allocate device queues storage space at probe Filipe Manana <fdmanana(a)suse.com> Btrfs: fix file data corruption after cloning a range and fsync Esben Haabendal <eha(a)deif.com> i2c: imx: Fix reinit_completion() use Masami Hiramatsu <mhiramat(a)kernel.org> ring_buffer: tracing: Inherit the tracing setting to next ring buffer Vitaly Kuznetsov <vkuznets(a)redhat.com> ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle Theodore Ts'o <tytso(a)mit.edu> ext4: fix false negatives *and* false positives in ext4_check_descriptors() Dmitry Safonov <dima(a)arista.com> netlink: Don't shift on 64 for ngroups Frederic Weisbecker <frederic(a)kernel.org> nohz: Fix missing tick reprogram when interrupting an inline softirq Anna-Maria Gleixner <anna-maria(a)linutronix.de> nohz: Fix local_timer_softirq_pending() Thomas Gleixner <tglx(a)linutronix.de> genirq: Make force irq threading setup more robust Anil Gurumurthy <anil.gurumurthy(a)cavium.com> scsi: qla2xxx: Return error when TMF returns Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix ISP recovery on unload Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix unintialized List head crash ------------- Diffstat: Makefile | 4 +-- drivers/i2c/busses/i2c-imx.c | 3 +- drivers/idle/intel_idle.c | 7 ++++- drivers/nvme/host/pci.c | 64 +++++++++++++++++---------------------- drivers/nvme/target/fc.c | 44 +++++++++++++++++++++------ drivers/pci/pci-acpi.c | 2 +- drivers/scsi/qla2xxx/qla_attr.c | 1 + drivers/scsi/qla2xxx/qla_gbl.h | 1 + drivers/scsi/qla2xxx/qla_gs.c | 4 +++ drivers/scsi/qla2xxx/qla_init.c | 7 ++--- drivers/scsi/qla2xxx/qla_inline.h | 2 ++ drivers/scsi/qla2xxx/qla_mid.c | 5 +++ drivers/scsi/qla2xxx/qla_os.c | 7 +++-- fs/btrfs/extent_io.c | 3 ++ fs/ext4/super.c | 4 +-- fs/jfs/xattr.c | 10 +++--- fs/xfs/libxfs/xfs_attr_leaf.c | 5 ++- fs/xfs/xfs_icache.c | 58 ++++++++++++++++++++++++++++++----- include/linux/ring_buffer.h | 1 + kernel/irq/manage.c | 9 +++++- kernel/softirq.c | 2 +- kernel/time/tick-sched.c | 2 +- kernel/trace/ring_buffer.c | 16 ++++++++++ kernel/trace/trace.c | 6 ++++ net/netlink/af_netlink.c | 4 +-- 25 files changed, 192 insertions(+), 79 deletions(-)

7 years, 1 month

4
23
0 0

[PATCH 4.9 00/17] 4.9.119-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.119 release. There are 17 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Aug 9 17:23:30 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.119-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.119-rc1 Shankara Pailoor <shankarapailoor(a)gmail.com> jfs: Fix inconsistency between memory allocation and ea_buf->max_size Michael J. Ruhl <michael.j.ruhl(a)intel.com> IB/hfi1: Fix incorrect mixing of ERR_PTR and NULL return values Kees Cook <keescook(a)chromium.org> fork: unconditionally clear stack on fork Konstantin Khlebnikov <khlebnikov(a)yandex-team.ru> kmemleak: clear stale pointers from task stacks Eric Dumazet <edumazet(a)google.com> tcp: add tcp_ooo_try_coalesce() helper Filipe Manana <fdmanana(a)suse.com> Btrfs: fix file data corruption after cloning a range and fsync Esben Haabendal <eha(a)deif.com> i2c: imx: Fix reinit_completion() use Masami Hiramatsu <mhiramat(a)kernel.org> ring_buffer: tracing: Inherit the tracing setting to next ring buffer Vitaly Kuznetsov <vkuznets(a)redhat.com> ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle Theodore Ts'o <tytso(a)mit.edu> ext4: fix false negatives *and* false positives in ext4_check_descriptors() Dmitry Safonov <dima(a)arista.com> netlink: Don't shift on 64 for ngroups Dmitry Safonov <dima(a)arista.com> netlink: Don't shift with UB on nlk->ngroups Dmitry Safonov <dima(a)arista.com> netlink: Do not subscribe to non-existent groups Anna-Maria Gleixner <anna-maria(a)linutronix.de> nohz: Fix local_timer_softirq_pending() Thomas Gleixner <tglx(a)linutronix.de> genirq: Make force irq threading setup more robust Anil Gurumurthy <anil.gurumurthy(a)cavium.com> scsi: qla2xxx: Return error when TMF returns Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix ISP recovery on unload ------------- Diffstat: Makefile | 4 ++-- drivers/i2c/busses/i2c-imx.c | 3 +-- drivers/infiniband/hw/hfi1/rc.c | 2 +- drivers/infiniband/hw/hfi1/uc.c | 4 ++-- drivers/infiniband/hw/hfi1/ud.c | 4 ++-- drivers/infiniband/hw/hfi1/verbs_txreq.c | 4 ++-- drivers/infiniband/hw/hfi1/verbs_txreq.h | 4 ++-- drivers/pci/pci-acpi.c | 2 +- drivers/scsi/qla2xxx/qla_init.c | 7 +++---- drivers/scsi/qla2xxx/qla_os.c | 5 +++-- fs/btrfs/extent_io.c | 3 +++ fs/ext4/super.c | 4 ++-- fs/jfs/xattr.c | 10 ++++++---- include/linux/ring_buffer.h | 1 + include/linux/thread_info.h | 7 +------ kernel/fork.c | 3 +++ kernel/irq/manage.c | 9 ++++++++- kernel/time/tick-sched.c | 2 +- kernel/trace/ring_buffer.c | 16 ++++++++++++++++ kernel/trace/trace.c | 6 ++++++ net/ipv4/tcp_input.c | 23 +++++++++++++++++++++-- net/netlink/af_netlink.c | 5 +++++ 22 files changed, 92 insertions(+), 36 deletions(-)

7 years, 1 month

5
20
0 0

[PATCH 4.4 00/12] 4.4.147-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.147 release. There are 12 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Aug 9 17:23:34 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.147-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.147-rc1 Shankara Pailoor <shankarapailoor(a)gmail.com> jfs: Fix inconsistency between memory allocation and ea_buf->max_size Esben Haabendal <eha(a)deif.com> i2c: imx: Fix reinit_completion() use Masami Hiramatsu <mhiramat(a)kernel.org> ring_buffer: tracing: Inherit the tracing setting to next ring buffer Vitaly Kuznetsov <vkuznets(a)redhat.com> ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle Theodore Ts'o <tytso(a)mit.edu> ext4: fix false negatives *and* false positives in ext4_check_descriptors() Dmitry Safonov <dima(a)arista.com> netlink: Don't shift on 64 for ngroups Dmitry Safonov <dima(a)arista.com> netlink: Don't shift with UB on nlk->ngroups Dmitry Safonov <dima(a)arista.com> netlink: Do not subscribe to non-existent groups Anna-Maria Gleixner <anna-maria(a)linutronix.de> nohz: Fix local_timer_softirq_pending() Thomas Gleixner <tglx(a)linutronix.de> genirq: Make force irq threading setup more robust Anil Gurumurthy <anil.gurumurthy(a)cavium.com> scsi: qla2xxx: Return error when TMF returns Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Fix ISP recovery on unload ------------- Diffstat: Makefile | 4 ++-- drivers/i2c/busses/i2c-imx.c | 3 +-- drivers/pci/pci-acpi.c | 2 +- drivers/scsi/qla2xxx/qla_init.c | 7 +++---- drivers/scsi/qla2xxx/qla_os.c | 5 +++-- fs/ext4/super.c | 4 ++-- fs/jfs/xattr.c | 10 ++++++---- include/linux/ring_buffer.h | 1 + kernel/irq/manage.c | 9 ++++++++- kernel/time/tick-sched.c | 2 +- kernel/trace/ring_buffer.c | 16 ++++++++++++++++ kernel/trace/trace.c | 6 ++++++ net/netlink/af_netlink.c | 5 +++++ 13 files changed, 55 insertions(+), 19 deletions(-)

7 years, 1 month

5
15
0 0

[PATCH v4 2/2] block: Ensure that a request queue is dissociated from the cgroup controller

by Bart Van Assche

Several block drivers call alloc_disk() followed by put_disk() if something fails before device_add_disk() is called without calling blk_cleanup_queue(). Make sure that also for this scenario a request queue is dissociated from the cgroup controller. This patch avoids that loading the parport_pc, paride and pf drivers triggers the following kernel crash: BUG: KASAN: null-ptr-deref in pi_init+0x42e/0x580 [paride] Read of size 4 at addr 0000000000000008 by task modprobe/744 Call Trace: dump_stack+0x9a/0xeb kasan_report+0x139/0x350 pi_init+0x42e/0x580 [paride] pf_init+0x2bb/0x1000 [pf] do_one_initcall+0x8e/0x405 do_init_module+0xd9/0x2f2 load_module+0x3ab4/0x4700 SYSC_finit_module+0x176/0x1a0 do_syscall_64+0xee/0x2b0 entry_SYSCALL_64_after_hwframe+0x42/0xb7 Reported-by: Alexandru Moise <00moses.alexander00(a)gmail.com> Fixes: a063057d7c73 ("block: Fix a race between request queue removal and the block cgroup controller") # v4.17 Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Tested-by: Alexandru Moise <00moses.alexander00(a)gmail.com> Cc: Tejun Heo <tj(a)kernel.org> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Ming Lei <ming.lei(a)redhat.com> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: Alexandru Moise <00moses.alexander00(a)gmail.com> Cc: Joseph Qi <joseph.qi(a)linux.alibaba.com> Cc: <stable(a)vger.kernel.org> --- block/blk-sysfs.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/block/blk-sysfs.c b/block/blk-sysfs.c index ca1984ecbdeb..26275d9babcb 100644 --- a/block/blk-sysfs.c +++ b/block/blk-sysfs.c @@ -802,6 +802,31 @@ static void __blk_release_queue(struct work_struct *work) blk_stat_remove_callback(q, q->poll_cb); blk_stat_free_callback(q->poll_cb); + if (!blk_queue_dead(q)) { + /* + * Last reference was dropped without having called + * blk_cleanup_queue(). + */ + WARN_ONCE(blk_queue_init_done(q), + "request queue %p has been registered but blk_cleanup_queue() has not been called for that queue\n", + q); + blk_exit_queue(q); + } + +#ifdef CONFIG_BLK_CGROUP + { + struct blkcg_gq *blkg; + + rcu_read_lock(); + blkg = blkg_lookup(&blkcg_root, q); + rcu_read_unlock(); + + WARN(blkg, + "request queue %p is being released but it has not yet been removed from the blkcg controller\n", + q); + } +#endif + blk_free_queue_stats(q->stats); blk_exit_rl(q, &q->root_rl); -- 2.18.0

7 years, 1 month

4
4
0 0

[PATCH v6 0/8] powerpc/pseries: Machine check handler improvements.

by Mahesh J Salgaonkar

This patch series includes some improvement to Machine check handler for pSeries. Patch 1 fixes a buffer overrun issue if rtas extended error log size is greater than RTAS_ERROR_LOG_MAX. Patch 2 fixes an issue where machine check handler crashes kernel while accessing vmalloc-ed buffer while in nmi context. Patch 3 fixes endain bug while restoring of r3 in MCE handler. Patch 5 implements a real mode mce handler and flushes the SLBs on SLB error. Patch 6 display's the MCE error details on console. Patch 7 saves and dumps the SLB contents on SLB MCE errors to improve the debugability. Patch 8 consolidates mce early real mode handling code. Change in V6: - Introduce patch 8 to consolidate early real mode handling code. - Address Nick's comment on erroneous hunk. Change in V5: - Use min_t instead of max_t. - Fix an issue reported by kbuild test robot and address review comments. Change in V4: - Flush the SLBs in real mode mce handler to handle SLB errors for entry 0. - Allocate buffers per cpu to hold rtas error log and old slb contents. - Defer the logging of rtas error log to irq work queue. Change in V3: - Moved patch 5 to patch 2 Change in V2: - patch 3: Display additional info (NIP and task info) in MCE error details. - patch 5: Fix endain bug while restoring of r3 in MCE handler. --- Mahesh Salgaonkar (8): powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. powerpc/pseries: Defer the logging of rtas error to irq work queue. powerpc/pseries: Fix endainness while restoring of r3 in MCE handler. powerpc/pseries: Define MCE error event section. powerpc/pseries: flush SLB contents on SLB MCE errors. powerpc/pseries: Display machine check error details. powerpc/pseries: Dump the SLB contents on SLB MCE errors. powernv/pseries: consolidate code for mce early handling. arch/powerpc/include/asm/book3s/64/mmu-hash.h | 8 + arch/powerpc/include/asm/machdep.h | 1 arch/powerpc/include/asm/paca.h | 4 arch/powerpc/include/asm/rtas.h | 116 ++++++++++++ arch/powerpc/kernel/exceptions-64s.S | 18 +- arch/powerpc/kernel/mce.c | 16 +- arch/powerpc/mm/slb.c | 63 +++++++ arch/powerpc/platforms/pseries/pseries.h | 1 arch/powerpc/platforms/pseries/ras.c | 242 +++++++++++++++++++++++-- arch/powerpc/platforms/pseries/setup.c | 27 +++ 10 files changed, 471 insertions(+), 25 deletions(-) -- Signature

7 years, 1 month

2
3
0 0

[PATCH 4.14 000/246] 4.14.60-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.60 release. There are 246 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri Aug 3 16:49:18 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.60-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.60-rc1 Eric Dumazet <edumazet(a)google.com> tcp: add one more quick ack after after ECN events Yousuk Seung <ysseung(a)google.com> tcp: refactor tcp_ecn_check_ce to remove sk type cast Eric Dumazet <edumazet(a)google.com> tcp: do not aggressively quick ack after ECN events Eric Dumazet <edumazet(a)google.com> tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode Eric Dumazet <edumazet(a)google.com> tcp: do not force quickack when receiving out-of-order packets Dmitry Safonov <dima(a)arista.com> netlink: Don't shift with UB on nlk->ngroups Dmitry Safonov <dima(a)arista.com> netlink: Do not subscribe to non-existent groups Xiao Liang <xiliang(a)redhat.com> xen-netfront: wait xenbus state change when load module manually Neal Cardwell <ncardwell(a)google.com> tcp_bbr: fix bw probing to raise in-flight data for very small BDPs Eugeniy Paltsev <Eugeniy.Paltsev(a)synopsys.com> NET: stmmac: align DMA stuff to largest cache line length Anton Vasilyev <vasilyev(a)ispras.ru> net: mdio-mux: bcm-iproc: fix wrong getter and setter pair Stefan Wahren <stefan.wahren(a)i2se.com> net: lan78xx: fix rx handling before first packet is send tangpengpeng <tangpengpeng(a)higon.com> net: fix amd-xgbe flow-control issue Gal Pressman <pressmangal(a)gmail.com> net: ena: Fix use of uninitialized DMA address bits field Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> ipv4: remove BUG_ON() from fib_compute_spec_dst Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Allow overwriting CPU port setting Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Add QCA8334 binding documentation Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Enable RXMAC when bringing up a port Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Force CPU port to its highest bandwidth Leon Romanovsky <leonro(a)mellanox.com> RDMA/uverbs: Protect from attempts to create flows on unsupported QP Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: should remove debugfs Chengguang Xu <cgxu(a)mykernel.net> ovl: Sync upper dirty data when syncing overlayfs Lorenzo Pieralisi <lorenzo.pieralisi(a)arm.com> PCI: xgene: Remove leftover pci_scan_child_bus() call Lukas Wunner <lukas(a)wunner.de> PCI: pciehp: Assume NoCompl+ for Thunderbolt ports Theodore Ts'o <tytso(a)mit.edu> ext4: fix check to prevent initializing reserved inodes Theodore Ts'o <tytso(a)mit.edu> ext4: check for allocation block validity with block group locked Theodore Ts'o <tytso(a)mit.edu> ext4: fix inline data updates with checksums enabled Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: be more careful about metadata corruption Theodore Ts'o <tytso(a)mit.edu> random: mix rdrand with entropy sent in from userspace Greg Edwards <gedwards(a)ddn.com> block: reset bi_iter.bi_done after splitting bio Martin Wilck <mwilck(a)suse.com> blkdev: __blkdev_direct_IO_simple: fix leak in error case Martin Wilck <mwilck(a)suse.com> block: bio_iov_iter_get_pages: fix size of last iovec Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> drm/dp/mst: Fix off-by-one typo when dump payload table Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/atomic-helper: Drop plane->fb references only for drm_atomic_helper_shutdown() José Roberto de Souza <jose.souza(a)intel.com> drm: Add DP PSR2 sink enable bit Kirill Marinushkin <k.marinushkin(a)gmail.com> ASoC: topology: Add missing clock gating parameter when parsing hw_configs Kirill Marinushkin <k.marinushkin(a)gmail.com> ASoC: topology: Fix bclk and fsync inversion in set_link_hw_format() Mauro Carvalho Chehab <mchehab(a)kernel.org> media: si470x: fix __be16 annotations Mauro Carvalho Chehab <mchehab(a)kernel.org> media: atomisp: compat32: fix __user annotations Matthew R. Ochs <mrochs(a)linux.vnet.ibm.com> scsi: cxlflash: Avoid clobbering context control register value Uma Krishnan <ukrishn(a)linux.vnet.ibm.com> scsi: cxlflash: Synchronize reset and remove ops Shivasharan S <shivasharan.srikanteshwara(a)broadcom.com> scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Xose Vazquez Perez <xose.vazquez(a)gmail.com> scsi: scsi_dh: replace too broad "TP9" string with the exact models Douglas Anderson <dianders(a)chromium.org> regulator: Don't return or expect -errno from of_map_mode() Suman Anna <s-anna(a)ti.com> media: omap3isp: fix unbalanced dma_iommu_mapping Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authenc - don't leak pointers to authenc keys Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authencesn - don't leak pointers to authenc keys Dominik Bozek <dominikx.bozek(a)intel.com> usb: hub: Don't wait for connect state at resume for powered-off ports Michal Simek <michal.simek(a)xilinx.com> microblaze: Fix simpleImage format generation Andrey Smirnov <andrew.smirnov(a)gmail.com> soc: imx: gpcv2: Do not pass static memory as platform data Douglas Anderson <dianders(a)chromium.org> serial: core: Make sure compiler barfs for 16-byte earlycon names NeilBrown <neilb(a)suse.com> staging: lustre: ldlm: free resource when ldlm_lock_create() fails. James Simmons <jsimmons(a)infradead.org> staging: lustre: llite: correct removexattr detection Stefan Wahren <stefan.wahren(a)i2se.com> staging: vchiq_core: Fix missing semaphore release in error case Ondrej Mosnáček <omosnace(a)redhat.com> audit: allow not equal op for audit by executable Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> rsi: fix nommu_map_sg overflow kernel panic Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> rsi: Fix 'invalid vdd' warning in mmc Chris Novakovic <chris(a)chrisn.me.uk> ipconfig: Correctly initialise ic_nameservers Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Vinicius Costa Gomes <vinicius.gomes(a)intel.com> igb: Fix queue selection on MAC filters on i210 Enric Balletbo i Serra <enric.balletbo(a)collabora.com> arm64: defconfig: Enable Rockchip io-domain driver Wei Xu <wxu(a)cnexlabs.com> nvme: lightnvm: add granby support Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Apply interrupts mask per SoC Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Do not handle spurious interrupts Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> delayacct: Use raw_spinlocks Thomas Gleixner <tglx(a)linutronix.de> stop_machine: Use raw spinlocks Wolfram Sang <wsa+renesas(a)sang-engineering.com> backlight: pwm_bl: Don't use GPIOF_* with gpiod_get_direction Kirill Tkhai <ktkhai(a)virtuozzo.com> fasync: Fix deadlock between task-context and interrupt-context kill_fasync() Yixun Lan <yixun.lan(a)amlogic.com> dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Huazhong Tan <tanhuazhong(a)huawei.com> net: hns3: Fixes the out of bounds access in hclge_map_tqp Alexey Khoroshilov <khoroshilov(a)ispras.ru> spi: meson-spicc: Fix error handling in meson_spicc_probe() Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Tobin C. Harding <me(a)tobin.cc> mmc: pwrseq: Use kmalloc_array instead of stack VLA Shawn Lin <shawn.lin(a)rock-chips.com> mmc: dw_mmc: update actual clock for mmc debugfs Takashi Sakamoto <o-takashi(a)sakamocchi.jp> ALSA: hda/ca0132: fix build failure when a local macro is defined Satendra Singh Thakur <satendra.t(a)samsung.com> drm/atomic: Handling the case when setting old crtc for plane Mauro Carvalho Chehab <mchehab(a)kernel.org> media: siano: get rid of __le32/__le16 cast warnings Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: avoid fsync() failure caused by EAGAIN in writepage() Jakub Kicinski <jakub.kicinski(a)netronome.com> bpf: fix references to free_bpf_prog_info() in comments Bartlomiej Zolnierkiewicz <b.zolnierkie(a)samsung.com> thermal: exynos: fix setting rising_threshold for Exynos5433 Doug Oucharek <dougso(a)me.com> staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 Doug Oucahrek <dougso(a)me.com> staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Chad Dupuis <chad.dupuis(a)cavium.com> scsi: qedf: Set the UNLOADING flag when removing a vport Xiang Chen <chenxiang66(a)hisilicon.com> scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw Dan Carpenter <dan.carpenter(a)oracle.com> scsi: megaraid: silence a static checker bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-xxxx: fix a missing-check bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-9xxx: fix a missing-check bug Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. Thomas Richter <tmricht(a)linux.ibm.com> perf: fix invalid bit in diagnostic entry Thomas Richter <tmricht(a)linux.ibm.com> s390/cpum_sf: Add data entry sizes to sampling trailer entry Sean Lanigan <sean(a)lano.id.au> brcmfmac: Add support for bcm43364 wireless chipset Jane Wan <Jane.Wan(a)nokia.com> mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Brad Love <brad(a)nextdimension.cc> media: saa7164: Fix driver name in debug output Sami Tolvanen <samitolvanen(a)google.com> media: media-device: fix ioctl function types Hans de Goede <hdegoede(a)redhat.com> ACPI / LPSS: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is 2 Damien Le Moal <damien.lemoal(a)wdc.com> libata: Fix command retry decision Wei Yongjun <yongjun_wei(a)trendmicro.com.cn> media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Florian Fainelli <f.fainelli(a)gmail.com> net: phy: phylink: Release link GPIO Marc Zyngier <marc.zyngier(a)arm.com> dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA DaeRyong Jeong <threeearcat(a)gmail.com> tty: Fix data race in tty_insert_flip_string_fixed_flag Jacob Keller <jacob.e.keller(a)intel.com> i40e: free the skb after clearing the bitlock Mathieu Malaterre <malat(a)debian.org> nvmem: properly handle returned value nvmem_reg_read Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: emev2: Add missing interrupt-affinity to PMU node Patrice Chotard <patrice.chotard(a)st.com> ARM: dts: stih407-pinctrl: Fix complain about IRQ_TYPE_NONE usage Thor Thayer <thor.thayer(a)linux.intel.com> EDAC, altera: Fix ARM64 build warning Dmitry Torokhov <dtor(a)chromium.org> HID: i2c-hid: check if device is there before really probing Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet Samuel Li <Samuel.Li(a)amd.com> drm/amdgpu: Remove VRAM from shared bo domains. Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/radeon: fix mode_valid's return type Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> arm64: dts: renesas: salvator-common: use audio-graph-card for Sound Terry Junge <terry.junge(a)plantronics.com> HID: hid-plantronics: Re-resend Update to map button for PTT products Will Deacon <will.deacon(a)arm.com> arm64: cmpwait: Clear event register before arming exclusive monitor Mauro Carvalho Chehab <mchehab(a)kernel.org> media: atomisp: ov2680: don't declare unused vars Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Grygorii Strashko <grygorii.strashko(a)ti.com> net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Colin Ian King <colin.king(a)canonical.com> media: smiapp: fix timeout checking in smiapp_read_nvm Emil Tantilov <emil.s.tantilov(a)intel.com> ixgbevf: fix MAC address changes through ixgbevf_set_mac() Yufen Yu <yuyufen(a)huawei.com> md: fix NULL dereference of mddev->pers in remove_and_add_spares() Gioh Kim <gi-oh.kim(a)profitbricks.com> md/raid1: add error handling of read error from FailFast device Anson Huang <Anson.Huang(a)nxp.com> regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Takashi Iwai <tiwai(a)suse.de> ALSA: emu10k1: Rate-limit error messages about page errors Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: tps65910: fix possible race condition Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: vr41xx: fix possible race condition Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: tps6586x: fix possible race condition Vic Wei <vwei(a)codeaurora.org> Bluetooth: btusb: add ID for LiteOn 04ca:301a Ben Skeggs <bskeggs(a)redhat.com> drm/nouveau/fifo/gk104-: poll for runlist update completion Jens Remus <jremus(a)linux.ibm.com> scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger Maya Erez <merez(a)codeaurora.org> scsi: ufs: fix exception event handling Subhash Jadavani <subhashj(a)codeaurora.org> scsi: ufs: ufshcd: fix possible unclocked register access Eric Biggers <ebiggers(a)google.com> fscrypt: use unbound workqueue for decryption Xi Wang <wangxi11(a)huawei.com> net: hns3: Fix the missing client list node initialization Tony Lindgren <tony(a)atomide.com> spi: Add missing pm_runtime_put_noidle() after failed get Mark Rutland <mark.rutland(a)arm.com> drivers/perf: arm-ccn: don't log to dmesg in event_init Mimi Zohar <zohar(a)linux.vnet.ibm.com> ima: based on policy verify firmware signatures (pre-allocated buffer) Xinming Hu <huxm(a)marvell.com> mwifiex: correct histogram data with appropriate index Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Add support for QCA8334 switch Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: pciehp: Request control of native hotplug only if supported Sandipan Das <sandipan(a)linux.vnet.ibm.com> bpf: powerpc64: pad function address loads with NOPs Julia Lawall <Julia.Lawall(a)lip6.fr> pinctrl: at91-pio4: add missing of_node_put Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/8xx: fix invalid register expression in head_8xx.S Geert Uytterhoeven <geert+renesas(a)glider.be> spi: sh-msiof: Fix setting SIRMDR1.SYNCAC to match SITMDR1.SYNCAC Mathieu Malaterre <malat(a)debian.org> powerpc: Add __printf verification to prom_printf Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Mark variable x as unused Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Add missing prototype for note_bootable_part() Mathieu Malaterre <malat(a)debian.org> powerpc/chrp/time: Make some functions static, add missing header include Mathieu Malaterre <malat(a)debian.org> powerpc/32: Add a missing include header Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bahamas Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bermuda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Serbia Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Tanzania Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Uganda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL2_FCCA Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL13_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for ETSI8_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for FCC3_ETSIC Keith Busch <keith.busch(a)intel.com> nvme-pci: Fix AER reset handling Jianchao Wang <jianchao.w.wang(a)oracle.com> nvme-rdma: stop admin queue before freeing it Christoph Hellwig <hch(a)lst.de> PCI: Prevent sysfs disable of device while driver is attached Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> PM / wakeup: Make s2idle_lock a RAW_SPINLOCK Scott Wood <swood(a)redhat.com> x86/microcode: Make the late update update_lock a raw lock for RT Qu Wenruo <wqu(a)suse.com> btrfs: qgroup: Finish rescan when hit the last leaf of extent tree David Sterba <dsterba(a)suse.com> btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Omar Sandoval <osandov(a)fb.com> Btrfs: don't BUG_ON() in btrfs_truncate_inode_items() Omar Sandoval <osandov(a)fb.com> Btrfs: don't return ino to ino cache if inode item removal fails Hans Verkuil <hans.verkuil(a)cisco.com> media: videobuf2-core: don't call memop 'finish' when queueing Ezequiel Garcia <ezequiel(a)collabora.com> media: tw686x: Fix incorrect vb2_mem_ops GFP flags Fuyun Liang <liangfuyun1(a)huawei.com> net: hns3: Fixes the init of the VALID BD info in the descriptor Eyal Reizer <eyalreizer(a)gmail.com> wlcore: sdio: check for valid platform device data before suspend Ganapathi Bhat <gbhat(a)marvell.com> mwifiex: handle race during mwifiex_usb_disconnect Vincent Palatin <vpalatin(a)chromium.org> mfd: cros_ec: Fail early if we cannot identify the EC Kai Chieh Chuang <kaichieh.chuang(a)mediatek.com> ASoC: dpcm: fix BE dai not hw_free and shutdown Jian-Hong Pan <jian-hong(a)endlessm.com> Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Thierry Escande <thierry.escande(a)linaro.org> Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Shaul Triebitz <shaul.triebitz(a)intel.com> iwlwifi: pcie: fix race in Rx buffer allocator Ethan Lien <ethanlien(a)synology.com> btrfs: balance dirty metadata pages in btrfs_finish_ordered_io Jan Kiszka <jan.kiszka(a)siemens.com> PCI: Fix devm_pci_alloc_host_bridge() memory leak Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: intel_pstate: return Kselftest Skip code for skipped tests Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: memfd: return Kselftest Skip code for skipped tests Daniel Díaz <daniel.diaz(a)linaro.org> selftests/intel_pstate: Improve test, minor fixes Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check for NHM Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check in generic code Michael Grzeschik <m.grzeschik(a)pengutronix.de> usbip: dynamically allocate idev by nports found in sysfs Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_detach: Fix memory, udev context and udev leak Filippo Muzzini <filippo.muzzini(a)outlook.it> block, bfq: remove wrong lock in bfq_requests_merged Chao Yu <yuchao0(a)huawei.com> f2fs: fix race in between GC and atomic open Chao Yu <yuchao0(a)huawei.com> f2fs: fix to detect failure of dquot_initialize Sahitya Tummala <stummala(a)codeaurora.org> f2fs: Fix deadlock in shutdown ioctl Chao Yu <yuchao0(a)huawei.com> f2fs: fix to wait page writeback during revoking atomic write Chao Yu <yuchao0(a)huawei.com> f2fs: fix to don't trigger writeback during recovery Chao Yu <yuchao0(a)huawei.com> f2fs: fix error path of move_data_page Anatoly Pugachev <matorola(a)gmail.com> disable loading f2fs module on PAGE_SIZE > 4KB Trond Myklebust <trond.myklebust(a)hammerspace.com> pnfs: Don't release the sequence slot until we've processed layoutget on open Alexey Kodanev <alexey.kodanev(a)oracle.com> netfilter: nf_tables: check msg_type before nft_trans_set(trans) Javier González <javier(a)cnexlabs.com> lightnvm: pblk: warn in case of corrupted write buffer Leon Romanovsky <leonro(a)mellanox.com> RDMA/mad: Convert BUG_ONs to error flows Nicholas Piggin <npiggin(a)gmail.com> powerpc/64s: Fix compiler store ordering to SLB shadow area Stewart Smith <stewart(a)linux.ibm.com> hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Sam Bobroff <sbobroff(a)linux.ibm.com> powerpc/eeh: Fix use-after-release of EEH driver Michal Suchanek <msuchanek(a)suse.de> powerpc/64s: Add barrier_nospec Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/lib: Adjust .balign inside string functions for PPC32 Cong Wang <xiyou.wangcong(a)gmail.com> infiniband: fix a possible use-after-free bug Benjamin Poirier <bpoirier(a)suse.com> e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes Chengguang Xu <cgxu519(a)gmx.com> ceph: fix alignment of rasize Wang YanQing <udknight(a)gmail.com> bpf, arm32: fix inconsistent naming about emit_a32_lsr_{r64,i64} Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> printk: drop in_nmi check from printk_safe_flush_on_panic() Marco Felsch <m.felsch(a)pengutronix.de> watchdog: da9063: Fix updating timeout value Laurentiu Tudor <laurentiu.tudor(a)nxp.com> irqchip/ls-scfg-msi: Map MSIs in the iommu Jozsef Kadlecsik <kadlec(a)blackhole.kfki.hu> netfilter: ipset: List timing out entries with "timeout 1" instead of zero Florent Fourcot <florent.fourcot(a)wifirst.fr> netfilter: ipset: forbid family for hash:mac sets Jiri Olsa <jolsa(a)kernel.org> perf tools: Fix pmu events parsing rule Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: ensure rtc_set_alarm fails when alarms are not supported Mathieu Malaterre <malat(a)debian.org> mm/slub.c: add __printf verification to slab_err() Chintan Pandya <cpandya(a)codeaurora.org> mm: vmalloc: avoid racy handling of debugobjects in vunmap Huang Ying <ying.huang(a)intel.com> mm: /proc/pid/pagemap: hide swap entries from unprivileged users Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> kernel/hung_task.c: show all hung tasks before panic Alex Williamson <alex.williamson(a)redhat.com> vfio/type1: Fix task tracking for QEMU vCPU hotplug Alex Williamson <alex.williamson(a)redhat.com> vfio/mdev: Check globally for duplicate devices Geert Uytterhoeven <geert+renesas(a)glider.be> vfio: platform: Fix reset module leak in error path Scott Mayhew <smayhew(a)redhat.com> nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: fm801: add error handling for snd_ctl_add Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: emu10k1: add error handling for snd_ctl_add Olga Kornievskaia <olga.kornievskaia(a)gmail.com> skip LAYOUTRETURN if layout is invalid Stephen Hemminger <stephen(a)networkplumber.org> hv_netvsc: fix network namespace issues with VF support Juergen Gross <jgross(a)suse.com> xen/netfront: raise max number of slots in xennet_get_responses() Mark Rutland <mark.rutland(a)arm.com> kcov: ensure irq code sees a valid area Petr Machata <petrm(a)mellanox.com> mlxsw: spectrum_switchdev: Fix port_vlan refcounting Johannes Weiner <hannes(a)cmpxchg.org> arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Quiet gcc warning about maybe unused link variable Artem Savkov <asavkov(a)redhat.com> tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Snild Dolkow <snild(a)sony.com> kthread, tracing: Don't expose half-written comm when creating kthreads Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix possible double free in event_enable_trigger_func() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix double free of event_trigger_data Tejun Heo <tj(a)kernel.org> delayacct: fix crash in delayacct_blkio_end() after delayacct init failure Shakeel Butt <shakeelb(a)google.com> kvm, mm: account shadow page tables to kmemcg KT Liao <kt.liao(a)emc.com.tw> Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Chen-Yu Tsai <wens(a)csie.org> Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Donald Shanty III <dshanty(a)protonmail.com> Input: elan_i2c - add ACPI ID for lenovo ideapad 330 Marek Szyprowski <m.szyprowski(a)samsung.com> spi: spi-s3c64xx: Fix system resume support Andrew Morton <akpm(a)linux-foundation.org> drivers/infiniband/ulp/srpt/ib_srpt.c: fix build with gcc-4.4.4 Bart Van Assche <bart.vanassche(a)wdc.com> IB/srpt: Fix an out-of-bounds stack access in srpt_zerolength_write() Andrew Morton <akpm(a)linux-foundation.org> drivers/infiniband/core/verbs.c: fix build with gcc-4.4.4 Bart Van Assche <bart.vanassche(a)wdc.com> RDMA/core: Avoid that ib_drain_qp() triggers an out-of-bounds stack access Lixin Wang <alan.1.wang(a)nokia-sbell.com> i2c: core: decrease reference count of device node in i2c_unregister_device Kees Cook <keescook(a)chromium.org> fork: unconditionally clear stack on fork ------------- Diffstat: .../devicetree/bindings/net/dsa/qca8k.txt | 23 ++++- .../devicetree/bindings/net/meson-dwmac.txt | 1 + .../devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 + Documentation/vfio-mediated-device.txt | 5 + Makefile | 4 +- arch/arm/boot/dts/emev2.dtsi | 5 +- arch/arm/boot/dts/sh73a0.dtsi | 5 +- arch/arm/boot/dts/stih407-pinctrl.dtsi | 10 +- arch/arm/net/bpf_jit_32.c | 10 +- arch/arm64/boot/dts/renesas/salvator-common.dtsi | 38 ++++--- arch/arm64/configs/defconfig | 2 + arch/arm64/include/asm/cmpxchg.h | 4 +- arch/arm64/mm/init.c | 4 +- arch/microblaze/boot/Makefile | 10 +- arch/powerpc/include/asm/barrier.h | 15 +++ arch/powerpc/include/asm/cache.h | 3 + arch/powerpc/kernel/eeh_driver.c | 28 ++--- arch/powerpc/kernel/head_8xx.S | 2 +- arch/powerpc/kernel/pci_32.c | 1 + arch/powerpc/kernel/prom_init.c | 114 +++++++++++---------- arch/powerpc/lib/string.S | 7 +- arch/powerpc/mm/slb.c | 8 +- arch/powerpc/net/bpf_jit_comp64.c | 34 ++++-- arch/powerpc/platforms/chrp/time.c | 6 +- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 + arch/powerpc/platforms/powermac/bootx_init.c | 4 +- arch/powerpc/platforms/powermac/setup.c | 1 + arch/s390/include/asm/cpu_mf.h | 6 +- arch/x86/events/intel/uncore.c | 2 +- arch/x86/events/intel/uncore_nhmex.c | 2 +- arch/x86/kernel/cpu/microcode/core.c | 6 +- arch/x86/kvm/mmu.c | 2 +- block/bfq-iosched.c | 2 - block/bio.c | 19 ++-- crypto/authenc.c | 1 + crypto/authencesn.c | 1 + drivers/acpi/acpi_lpss.c | 6 +- drivers/acpi/pci_root.c | 4 +- drivers/ata/libata-eh.c | 12 ++- drivers/bluetooth/btusb.c | 4 + drivers/bluetooth/hci_qca.c | 2 +- drivers/bus/arm-ccn.c | 20 ++-- drivers/char/random.c | 10 +- drivers/edac/altera_edac.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 8 +- drivers/gpu/drm/drm_atomic.c | 4 +- drivers/gpu/drm/drm_atomic_helper.c | 78 +++++++------- drivers/gpu/drm/drm_dp_mst_topology.c | 9 +- drivers/gpu/drm/gma500/psb_intel_drv.h | 2 +- drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 +- drivers/gpu/drm/nouveau/nvkm/engine/fifo/gk104.c | 8 +- drivers/gpu/drm/radeon/radeon_connectors.c | 10 +- drivers/hid/hid-plantronics.c | 6 +- drivers/hid/i2c-hid/i2c-hid.c | 8 ++ drivers/i2c/i2c-core-base.c | 5 +- drivers/infiniband/core/mad.c | 11 +- drivers/infiniband/core/ucma.c | 6 +- drivers/infiniband/core/uverbs_cmd.c | 5 + drivers/infiniband/core/verbs.c | 12 ++- drivers/infiniband/ulp/srpt/ib_srpt.c | 16 +-- drivers/input/mouse/elan_i2c_core.c | 2 + drivers/input/serio/i8042-x86ia64io.h | 7 ++ drivers/irqchip/irq-ls-scfg-msi.c | 3 + drivers/lightnvm/pblk-rb.c | 5 +- drivers/md/md.c | 3 + drivers/md/raid1.c | 2 + drivers/media/common/siano/smsendian.c | 14 +-- drivers/media/i2c/smiapp/smiapp-core.c | 11 +- drivers/media/media-device.c | 21 ++-- drivers/media/pci/saa7164/saa7164-fw.c | 3 +- drivers/media/pci/tw686x/tw686x-video.c | 3 +- drivers/media/platform/omap3isp/isp.c | 7 +- drivers/media/platform/rcar_jpu.c | 4 +- drivers/media/radio/si470x/radio-si470x-i2c.c | 6 +- drivers/media/v4l2-core/videobuf2-core.c | 9 +- drivers/memory/tegra/mc.c | 22 +--- drivers/memory/tegra/mc.h | 9 ++ drivers/memory/tegra/tegra114.c | 2 + drivers/memory/tegra/tegra124.c | 6 ++ drivers/memory/tegra/tegra210.c | 3 + drivers/memory/tegra/tegra30.c | 2 + drivers/mfd/cros_ec.c | 6 +- drivers/mmc/core/pwrseq_simple.c | 14 ++- drivers/mmc/host/dw_mmc.c | 4 + drivers/mtd/nand/fsl_ifc_nand.c | 17 +-- drivers/net/dsa/qca8k.c | 52 +++++++++- drivers/net/dsa/qca8k.h | 7 +- drivers/net/ethernet/amazon/ena/ena_com.c | 1 + drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 4 +- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 + .../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 7 +- .../net/ethernet/hisilicon/hns3/hns3pf/hns3_enet.c | 4 + drivers/net/ethernet/intel/e1000e/netdev.c | 15 ++- drivers/net/ethernet/intel/i40e/i40e_ptp.c | 7 +- drivers/net/ethernet/intel/igb/igb_main.c | 9 +- drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 + .../ethernet/mellanox/mlxsw/spectrum_switchdev.c | 4 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 +- drivers/net/hyperv/hyperv_net.h | 2 + drivers/net/hyperv/netvsc_drv.c | 43 ++++---- drivers/net/phy/mdio-mux-bcm-iproc.c | 2 +- drivers/net/phy/phylink.c | 2 + drivers/net/usb/lan78xx.c | 2 + drivers/net/wireless/ath/regd.h | 5 + drivers/net/wireless/ath/regd_common.h | 13 +++ .../wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 + drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 + drivers/net/wireless/marvell/mwifiex/usb.c | 3 + drivers/net/wireless/marvell/mwifiex/util.c | 8 +- drivers/net/wireless/rsi/rsi_91x_hal.c | 35 ++++--- drivers/net/wireless/rsi/rsi_91x_sdio.c | 23 +++-- drivers/net/wireless/rsi/rsi_sdio.h | 2 +- drivers/net/wireless/ti/wlcore/sdio.c | 5 + drivers/net/xen-netfront.c | 10 +- drivers/nvme/host/pci.c | 5 + drivers/nvme/host/rdma.c | 10 +- drivers/nvmem/core.c | 7 ++ drivers/pci/host/pci-xgene.c | 1 - drivers/pci/hotplug/pciehp_hpc.c | 7 ++ drivers/pci/pci-sysfs.c | 15 +-- drivers/pci/probe.c | 4 +- drivers/pinctrl/pinctrl-at91-pio4.c | 4 +- drivers/regulator/cpcap-regulator.c | 2 +- drivers/regulator/of_regulator.c | 13 +-- drivers/regulator/pfuze100-regulator.c | 1 + drivers/regulator/twl-regulator.c | 2 +- drivers/rtc/interface.c | 5 + drivers/rtc/rtc-tps6586x.c | 14 ++- drivers/rtc/rtc-tps65910.c | 12 ++- drivers/rtc/rtc-vr41xx.c | 9 +- drivers/s390/scsi/zfcp_dbf.c | 2 + drivers/scsi/3w-9xxx.c | 5 + drivers/scsi/3w-xxxx.c | 3 + drivers/scsi/cxlflash/main.c | 11 +- drivers/scsi/cxlflash/sislite.h | 1 + drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 11 +- drivers/scsi/megaraid.c | 3 + drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 + drivers/scsi/qedf/qedf_main.c | 10 ++ drivers/scsi/scsi_dh.c | 5 +- drivers/scsi/ufs/ufshcd.c | 28 +++-- drivers/soc/imx/gpcv2.c | 22 ++-- drivers/spi/spi-meson-spicc.c | 11 +- drivers/spi/spi-s3c64xx.c | 4 +- drivers/spi/spi-sh-msiof.c | 6 +- drivers/spi/spi.c | 1 + .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd.c | 2 +- .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 30 +++--- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 +- drivers/staging/lustre/lustre/llite/xattr.c | 6 +- drivers/staging/media/atomisp/i2c/ov2680.c | 6 +- .../atomisp/pci/atomisp2/atomisp_compat_ioctl32.c | 49 ++++----- .../vc04_services/interface/vchiq_arm/vchiq_core.c | 1 + drivers/thermal/samsung/exynos_tmu.c | 1 + drivers/tty/hvc/hvc_opal.c | 1 - drivers/tty/pty.c | 3 + drivers/usb/core/hub.c | 4 + drivers/usb/gadget/udc/renesas_usb3.c | 8 +- drivers/vfio/mdev/mdev_core.c | 102 +++++++----------- drivers/vfio/mdev/mdev_private.h | 2 +- drivers/vfio/platform/vfio_platform_common.c | 15 ++- drivers/vfio/vfio_iommu_type1.c | 73 ++++++++----- drivers/video/backlight/pwm_bl.c | 6 +- drivers/watchdog/da9063_wdt.c | 17 ++- fs/block_dev.c | 9 +- fs/btrfs/inode.c | 33 +++--- fs/btrfs/qgroup.c | 19 ++++ fs/btrfs/tree-log.c | 10 +- fs/ceph/super.c | 2 +- fs/crypto/crypto.c | 11 +- fs/ext4/balloc.c | 3 + fs/ext4/ialloc.c | 8 +- fs/ext4/inline.c | 19 ++-- fs/ext4/inode.c | 16 ++- fs/ext4/super.c | 8 +- fs/f2fs/data.c | 8 +- fs/f2fs/file.c | 18 +++- fs/f2fs/gc.c | 11 +- fs/f2fs/segment.c | 5 + fs/f2fs/super.c | 6 ++ fs/fcntl.c | 15 ++- fs/nfs/nfs4proc.c | 14 ++- fs/nfs/pnfs.c | 6 +- fs/nfsd/nfs4xdr.c | 2 + fs/overlayfs/super.c | 19 +++- fs/proc/task_mmu.c | 26 +++-- fs/squashfs/cache.c | 3 + fs/squashfs/file.c | 8 +- fs/squashfs/fragment.c | 4 +- fs/squashfs/squashfs_fs.h | 6 ++ include/drm/drm_dp_helper.h | 1 + include/linux/delayacct.h | 4 +- include/linux/dma-iommu.h | 1 + include/linux/fs.h | 2 +- include/linux/mmc/sdio_ids.h | 1 + include/linux/netfilter/ipset/ip_set_timeout.h | 10 +- include/linux/regulator/consumer.h | 1 + include/linux/serial_core.h | 3 +- include/linux/thread_info.h | 6 +- include/net/tcp.h | 2 +- include/soc/tegra/mc.h | 2 + include/uapi/sound/asoc.h | 23 ++++- kernel/auditfilter.c | 2 +- kernel/auditsc.c | 2 + kernel/bpf/verifier.c | 4 +- kernel/delayacct.c | 17 +-- kernel/fork.c | 3 +- kernel/hung_task.c | 11 +- kernel/kcov.c | 3 +- kernel/kthread.c | 8 +- kernel/power/suspend.c | 14 +-- kernel/printk/printk_safe.c | 2 +- kernel/stop_machine.c | 24 ++--- kernel/trace/trace_events_trigger.c | 18 +++- kernel/trace/trace_kprobe.c | 15 ++- mm/slub.c | 2 +- mm/vmalloc.c | 3 +- net/ipv4/fib_frontend.c | 4 +- net/ipv4/ipconfig.c | 13 +++ net/ipv4/tcp_bbr.c | 4 + net/ipv4/tcp_dctcp.c | 4 +- net/ipv4/tcp_input.c | 48 ++++----- net/netfilter/ipset/ip_set_hash_gen.h | 5 +- net/netfilter/nf_tables_api.c | 11 +- net/netlink/af_netlink.c | 5 + security/integrity/ima/ima_main.c | 1 + sound/pci/emu10k1/emupcm.c | 4 +- sound/pci/emu10k1/memory.c | 6 +- sound/pci/fm801.c | 16 ++- sound/pci/hda/patch_ca0132.c | 8 +- sound/soc/soc-pcm.c | 6 +- sound/soc/soc-topology.c | 19 +++- sound/usb/pcm.c | 2 +- tools/perf/util/parse-events.y | 14 ++- tools/testing/selftests/intel_pstate/run.sh | 29 +++--- tools/testing/selftests/memfd/run_tests.sh | 14 ++- tools/usb/usbip/libsrc/vhci_driver.c | 32 +++--- tools/usb/usbip/libsrc/vhci_driver.h | 3 +- tools/usb/usbip/src/usbip_detach.c | 9 +- 240 files changed, 1573 insertions(+), 835 deletions(-)

7 years, 1 month

6
239
0 0

need your reply

by Julian Jones

You have needs for image editing for our studio? Our studio does different image editing for e-commerce photos, jewelry images, and portrait mages. It includes cutting out and clipping path and the others, like retouching etc. Drop us a photo, testing will be provided. Thanks, Julian

7 years, 1 month

1
0
0 0

Applied "ASoC: wm_adsp: Correct DSP pointer for preloader control" to the asoc tree

by Mark Brown

The patch ASoC: wm_adsp: Correct DSP pointer for preloader control has been applied to the asoc tree at https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git All being well this means that it will be integrated into the linux-next tree (usually sometime in the next 24 hours) and sent to Linus during the next merge window (or sooner if it is a bug fix), however if problems are discovered then the patch may be dropped or reverted. You may get further e-mails resulting from automated or manual testing and review of the tree, please engage with people reporting problems and send followup patches addressing any issues that are reported if needed. If any updates are required or you are submitting further changes they should be sent as incremental updates against current git, existing patches will not be replaced. Please add any relevant lists and maintainers to the CCs when replying to this mail. Thanks, Mark >From b1470d4ce77c2d60661c7d5325d4fb8063e15ff8 Mon Sep 17 00:00:00 2001 From: Ajit Pandey <ajit.pandey(a)cirrus.com> Date: Tue, 7 Aug 2018 18:30:42 +0100 Subject: [PATCH] ASoC: wm_adsp: Correct DSP pointer for preloader control The offset of the DSP core needs to be taken into account for the DSP preloader control get and put. Currently the dsp->preloaded variable will only ever be read/updated on the first DSP, whilst this doesn't affect the operation of the control the readback will be incorrect. Signed-off-by: Ajit Pandey <ajit.pandey(a)cirrus.com> Signed-off-by: Charles Keepax <ckeepax(a)opensource.cirrus.com> Signed-off-by: Mark Brown <broonie(a)kernel.org> Cc: stable(a)vger.kernel.org --- sound/soc/codecs/wm_adsp.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/sound/soc/codecs/wm_adsp.c b/sound/soc/codecs/wm_adsp.c index 4e7f8525449e..08dc82770273 100644 --- a/sound/soc/codecs/wm_adsp.c +++ b/sound/soc/codecs/wm_adsp.c @@ -2643,7 +2643,10 @@ int wm_adsp2_preloader_get(struct snd_kcontrol *kcontrol, struct snd_ctl_elem_value *ucontrol) { struct snd_soc_component *component = snd_soc_kcontrol_component(kcontrol); - struct wm_adsp *dsp = snd_soc_component_get_drvdata(component); + struct wm_adsp *dsps = snd_soc_component_get_drvdata(component); + struct soc_mixer_control *mc = + (struct soc_mixer_control *)kcontrol->private_value; + struct wm_adsp *dsp = &dsps[mc->shift - 1]; ucontrol->value.integer.value[0] = dsp->preloaded; @@ -2655,10 +2658,11 @@ int wm_adsp2_preloader_put(struct snd_kcontrol *kcontrol, struct snd_ctl_elem_value *ucontrol) { struct snd_soc_component *component = snd_soc_kcontrol_component(kcontrol); - struct wm_adsp *dsp = snd_soc_component_get_drvdata(component); + struct wm_adsp *dsps = snd_soc_component_get_drvdata(component); struct snd_soc_dapm_context *dapm = snd_soc_component_get_dapm(component); struct soc_mixer_control *mc = (struct soc_mixer_control *)kcontrol->private_value; + struct wm_adsp *dsp = &dsps[mc->shift - 1]; char preload[32]; snprintf(preload, ARRAY_SIZE(preload), "DSP%u Preload", mc->shift); -- 2.18.0

7 years, 1 month

1
0
0 0

editing the images

by Julian Jones

You have needs for image editing for our studio? Our studio does different image editing for e-commerce photos, jewelry images, and portrait mages. It includes cutting out and clipping path and the others, like retouching etc. Drop us a photo, testing will be provided. Thanks, Julian

7 years, 1 month

1
0
0 0

[PATCH v3 1/2] powerpc/fadump: handle crash memory ranges array index overflow

by Hari Bathini

Crash memory ranges is an array of memory ranges of the crashing kernel to be exported as a dump via /proc/vmcore file. The size of the array is set based on INIT_MEMBLOCK_REGIONS, which works alright in most cases where memblock memory regions count is less than INIT_MEMBLOCK_REGIONS value. But this count can grow beyond INIT_MEMBLOCK_REGIONS value since commit 142b45a72e22 ("memblock: Add array resizing support"). On large memory systems with a few DLPAR operations, the memblock memory regions count could be larger than INIT_MEMBLOCK_REGIONS value. On such systems, registering fadump results in crash or other system failures like below: task: c00007f39a290010 ti: c00000000b738000 task.ti: c00000000b738000 NIP: c000000000047df4 LR: c0000000000f9e58 CTR: c00000000010f180 REGS: c00000000b73b570 TRAP: 0300 Tainted: G L X (4.4.140+) MSR: 8000000000009033 <SF,EE,ME,IR,DR,RI,LE> CR: 22004484 XER: 20000000 CFAR: c000000000008500 DAR: 000007a450000000 DSISR: 40000000 SOFTE: 0 GPR00: c0000000000f9e58 c00000000b73b7f0 c000000000f09a00 000000000000001a GPR04: c00007f3bf774c90 0000000000000004 c000000000eb9a00 0000000000000800 GPR08: 0000000000000804 000007a450000000 c000000000fa9a00 c00007ffb169ca20 GPR12: 0000000022004482 c00000000fa12c00 c00007f3a0ea97a8 0000000000000000 GPR16: c00007f3a0ea9a50 c00000000b73bd60 0000000000000118 000000000001fe80 GPR20: 0000000000000118 0000000000000000 c000000000b8c980 00000000000000d0 GPR24: 000007ffb0b10000 c00007ffb169c980 0000000000000000 c000000000b8c980 GPR28: 0000000000000004 c00007ffb169c980 000000000000001a c00007ffb169c980 NIP [c000000000047df4] smp_send_reschedule+0x24/0x80 LR [c0000000000f9e58] resched_curr+0x138/0x160 Call Trace: [c00000000b73b7f0] [c0000000000f9e58] resched_curr+0x138/0x160 (unreliable) [c00000000b73b820] [c0000000000fb538] check_preempt_curr+0xc8/0xf0 [c00000000b73b850] [c0000000000fb598] ttwu_do_wakeup+0x38/0x150 [c00000000b73b890] [c0000000000fc9c4] try_to_wake_up+0x224/0x4d0 [c00000000b73b900] [c00000000011ef34] __wake_up_common+0x94/0x100 [c00000000b73b960] [c00000000034a78c] ep_poll_callback+0xac/0x1c0 [c00000000b73b9b0] [c00000000011ef34] __wake_up_common+0x94/0x100 [c00000000b73ba10] [c00000000011f810] __wake_up_sync_key+0x70/0xa0 [c00000000b73ba60] [c00000000067c3e8] sock_def_readable+0x58/0xa0 [c00000000b73ba90] [c0000000007848ac] unix_stream_sendmsg+0x2dc/0x4c0 [c00000000b73bb70] [c000000000675a38] sock_sendmsg+0x68/0xa0 [c00000000b73bba0] [c00000000067673c] ___sys_sendmsg+0x2cc/0x2e0 [c00000000b73bd30] [c000000000677dbc] __sys_sendmsg+0x5c/0xc0 [c00000000b73bdd0] [c0000000006789bc] SyS_socketcall+0x36c/0x3f0 [c00000000b73be30] [c000000000009488] system_call+0x3c/0x100 Instruction dump: 4e800020 60000000 60420000 3c4c00ec 38421c30 7c0802a6 f8010010 60000000 3d42000a e92ab420 2fa90000 4dde0020 <e9290000> 2fa90000 419e0044 7c0802a6 ---[ end trace a6d1dd4bab5f8253 ]--- as array index overflow is not checked for while setting up crash memory ranges causing memory corruption. To resolve this issue, dynamically allocate memory for crash memory ranges and resize it incrementally, in units of pagesize, on hitting array size limit. Fixes: 2df173d9e85d ("fadump: Initialize elfcore header and add PT_LOAD program headers.") Cc: stable(a)vger.kernel.org Cc: Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> Signed-off-by: Hari Bathini <hbathini(a)linux.ibm.com> Reviewed-by: Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> --- Changes in v3: * Included <linux/slab.h> for krelloc() arch/powerpc/include/asm/fadump.h | 4 +- arch/powerpc/kernel/fadump.c | 92 +++++++++++++++++++++++++++++++------ 2 files changed, 80 insertions(+), 16 deletions(-) diff --git a/arch/powerpc/include/asm/fadump.h b/arch/powerpc/include/asm/fadump.h index 5a23010..3abc738 100644 --- a/arch/powerpc/include/asm/fadump.h +++ b/arch/powerpc/include/asm/fadump.h @@ -195,8 +195,8 @@ struct fadump_crash_info_header { struct cpumask online_mask; }; -/* Crash memory ranges */ -#define INIT_CRASHMEM_RANGES (INIT_MEMBLOCK_REGIONS + 2) +/* Crash memory ranges size unit (pagesize) */ +#define CRASHMEM_RANGES_ALLOC_SIZE PAGE_SIZE struct fad_crash_memory_ranges { unsigned long long base; diff --git a/arch/powerpc/kernel/fadump.c b/arch/powerpc/kernel/fadump.c index 07e8396..9f80a78 100644 --- a/arch/powerpc/kernel/fadump.c +++ b/arch/powerpc/kernel/fadump.c @@ -34,6 +34,7 @@ #include <linux/crash_dump.h> #include <linux/kobject.h> #include <linux/sysfs.h> +#include <linux/slab.h> #include <asm/debugfs.h> #include <asm/page.h> @@ -47,8 +48,10 @@ static struct fadump_mem_struct fdm; static const struct fadump_mem_struct *fdm_active; static DEFINE_MUTEX(fadump_mutex); -struct fad_crash_memory_ranges crash_memory_ranges[INIT_CRASHMEM_RANGES]; +struct fad_crash_memory_ranges *crash_memory_ranges; +int crash_memory_ranges_size; int crash_mem_ranges; +int max_crash_mem_ranges; /* Scan the Firmware Assisted dump configuration details. */ int __init early_init_dt_scan_fw_dump(unsigned long node, @@ -868,22 +871,67 @@ static int __init process_fadump(const struct fadump_mem_struct *fdm_active) return 0; } -static inline void fadump_add_crash_memory(unsigned long long base, - unsigned long long end) +static void free_crash_memory_ranges(void) +{ + kfree(crash_memory_ranges); + crash_memory_ranges = NULL; + crash_memory_ranges_size = 0; + max_crash_mem_ranges = 0; +} + +/* + * Allocate or reallocate crash memory ranges array in incremental units + * of CRASHMEM_RANGES_ALLOC_SIZE. + */ +static int allocate_crash_memory_ranges(void) +{ + u64 new_size; + struct fad_crash_memory_ranges *new_array; + + new_size = crash_memory_ranges_size + CRASHMEM_RANGES_ALLOC_SIZE; + pr_debug("Allocating %llu bytes of memory for crash memory ranges\n", + new_size); + + new_array = krealloc(crash_memory_ranges, new_size, GFP_KERNEL); + if (new_array == NULL) { + pr_err("Insufficient memory for setting up crash memory ranges\n"); + free_crash_memory_ranges(); + return -ENOMEM; + } + + crash_memory_ranges = new_array; + crash_memory_ranges_size = new_size; + max_crash_mem_ranges = (new_size / + sizeof(struct fad_crash_memory_ranges)); + return 0; +} + +static inline int fadump_add_crash_memory(unsigned long long base, + unsigned long long end) { if (base == end) - return; + return 0; + + if (crash_mem_ranges == max_crash_mem_ranges) { + int ret; + + ret = allocate_crash_memory_ranges(); + if (ret) + return ret; + } pr_debug("crash_memory_range[%d] [%#016llx-%#016llx], %#llx bytes\n", crash_mem_ranges, base, end - 1, (end - base)); crash_memory_ranges[crash_mem_ranges].base = base; crash_memory_ranges[crash_mem_ranges].size = end - base; crash_mem_ranges++; + return 0; } -static void fadump_exclude_reserved_area(unsigned long long start, +static int fadump_exclude_reserved_area(unsigned long long start, unsigned long long end) { + int ret = 0; unsigned long long ra_start, ra_end; ra_start = fw_dump.reserve_dump_area_start; @@ -891,15 +939,20 @@ static void fadump_exclude_reserved_area(unsigned long long start, if ((ra_start < end) && (ra_end > start)) { if ((start < ra_start) && (end > ra_end)) { - fadump_add_crash_memory(start, ra_start); - fadump_add_crash_memory(ra_end, end); + ret = fadump_add_crash_memory(start, ra_start); + if (ret) + return ret; + + ret = fadump_add_crash_memory(ra_end, end); } else if (start < ra_start) { - fadump_add_crash_memory(start, ra_start); + ret = fadump_add_crash_memory(start, ra_start); } else if (ra_end < end) { - fadump_add_crash_memory(ra_end, end); + ret = fadump_add_crash_memory(ra_end, end); } } else - fadump_add_crash_memory(start, end); + ret = fadump_add_crash_memory(start, end); + + return ret; } static int fadump_init_elfcore_header(char *bufp) @@ -939,8 +992,9 @@ static int fadump_init_elfcore_header(char *bufp) * Traverse through memblock structure and setup crash memory ranges. These * ranges will be used create PT_LOAD program headers in elfcore header. */ -static void fadump_setup_crash_memory_ranges(void) +static int fadump_setup_crash_memory_ranges(void) { + int ret; struct memblock_region *reg; unsigned long long start, end; @@ -953,7 +1007,9 @@ static void fadump_setup_crash_memory_ranges(void) * specified during fadump registration. We need to create a separate * program header for this chunk with the correct offset. */ - fadump_add_crash_memory(RMA_START, fw_dump.boot_memory_size); + ret = fadump_add_crash_memory(RMA_START, fw_dump.boot_memory_size); + if (ret) + return ret; for_each_memblock(memory, reg) { start = (unsigned long long)reg->base; @@ -973,8 +1029,12 @@ static void fadump_setup_crash_memory_ranges(void) } /* add this range excluding the reserved dump area. */ - fadump_exclude_reserved_area(start, end); + ret = fadump_exclude_reserved_area(start, end); + if (ret) + return ret; } + + return 0; } /* @@ -1095,6 +1155,7 @@ static unsigned long init_fadump_header(unsigned long addr) static int register_fadump(void) { + int ret; unsigned long addr; void *vaddr; @@ -1105,7 +1166,9 @@ static int register_fadump(void) if (!fw_dump.reserve_dump_area_size) return -ENODEV; - fadump_setup_crash_memory_ranges(); + ret = fadump_setup_crash_memory_ranges(); + if (ret) + return ret; addr = be64_to_cpu(fdm.rmr_region.destination_address) + be64_to_cpu(fdm.rmr_region.source_len); /* Initialize fadump crash info header. */ @@ -1183,6 +1246,7 @@ void fadump_cleanup(void) } else if (fw_dump.dump_registered) { /* Un-register Firmware-assisted dump if it was registered. */ fadump_unregister_dump(&fdm); + free_crash_memory_ranges(); } }

7 years, 1 month

1
0
0 0

AW: Kontakt

by BL Support

Guten Tag Nachdem wir Ihre Internetseite besucht und uns mit dem Angebot vertraut gemacht hatten, trafen wir die Entscheidung, die vorliegende E-Mail zu verfassen. Wir verfügen über Kontakte zu Firmen in Deutschland, die an der Aufnahme der potentiellen Zusammenarbeit mit Ihnen interessiert wären. Mithilfe unserer Tools können Sie Ihre Zielbranche schnell aufsuchen und neue Kunden erreichen. http://www.kontakt-marketing-at.net/ MfG BL-Team.

7 years, 1 month

1
0
0 0

[RESEND] requests for xfs patches inclusion in 4.14.y

by Eduardo Valentin

Greg, Please consider adding the following XFS patches on linux-4.14.y branch to fix NULL pointer dereference errors in lookup_slow() on a NULL inode->i_ops and for a corrupted xfs image after xfs_da_shrink_inode(): ee457001ed6c ("xfs: catch inode allocation state mismatch corruption") afca6c5b2595 ("xfs: validate cached inodes are free when allocated") bb3d48dcf86a ("xfs: don't call xfs_da_shrink_inode with NULL bp") Thanks. -- All the best, Eduardo Valentin

7 years, 1 month

3
4
0 0

Tom Gall <tom.gall@linaro.org>, Alistair Strachan <alistair.strachan@linaro.org>, Greg Kroah-Hartman <gregkh@google.com>, "avid S. Miller" <davem@davemloft.net>, John Stultz <john.stultz@linaro.org>, Thomas Egerer <hakke_007@gmx.de>, Herbert Xu <herbert@gondor.apana.org.au>

by Yongqin Liu

Hi, All Sorry, I am following the instructions in Documentation/networking/netdev-FAQ.txt to send out this mail, if I was wrong or there are more things I need to do, please let me know. After investigated on some failures of the android VtsKernelNetTest module test, I found that without the change of "ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV", the config of CRYPTO_ECHAINIV will be generated as m by default in the .config file, which needs more module loading process to be done. But with the 4.9 and 4.14 kernels which have the change, CRYPTO_ECHAINIV will be generated as y by default in the .config file. We could set config of CRYPTO_ECHAINIV to y explicitly to generated the correct .config file, but having the change of "ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV" cherry picked into the 4.4 stable kernel looks more like the right solution. The commit id for that change is 32b6170ca59ccf07d0e394561e54b2cd9726038c, it's already in 4.9 and 4.14 kernels, like here: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net… https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/net… Could you please help to check if we could have 32b6170ca59ccf07d0e394561e54b2cd9726038c in the 4.4 stable kernel? The patch is here: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/patch/net?… Thanks in advance! -- Best Regards, Yongqin Liu

7 years, 1 month

1
0
0 0

[PATCH v4 1/2] block: Introduce blk_exit_queue()

by Bart Van Assche

This patch does not change any functionality. Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Ming Lei <ming.lei(a)redhat.com> Cc: Omar Sandoval <osandov(a)fb.com> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: Alexandru Moise <00moses.alexander00(a)gmail.com> Cc: Joseph Qi <joseph.qi(a)linux.alibaba.com> Cc: <stable(a)vger.kernel.org> --- block/blk-core.c | 54 +++++++++++++++++++++++++++--------------------- block/blk.h | 1 + 2 files changed, 31 insertions(+), 24 deletions(-) diff --git a/block/blk-core.c b/block/blk-core.c index 7c65e297a4f1..5fbfa8484c95 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -719,6 +719,35 @@ void blk_set_queue_dying(struct request_queue *q) } EXPORT_SYMBOL_GPL(blk_set_queue_dying); +/* Unconfigure the I/O scheduler and dissociate from the cgroup controller. */ +void blk_exit_queue(struct request_queue *q) +{ + /* + * Since the I/O scheduler exit code may access cgroup information, + * perform I/O scheduler exit before disassociating from the block + * cgroup controller. + */ + if (q->elevator) { + ioc_clear_queue(q); + elevator_exit(q, q->elevator); + q->elevator = NULL; + } + + /* + * Remove all references to @q from the block cgroup controller before + * restoring @q->queue_lock to avoid that restoring this pointer causes + * e.g. blkcg_print_blkgs() to crash. + */ + blkcg_exit_queue(q); + + /* + * Since the cgroup code may dereference the @q->backing_dev_info + * pointer, only decrease its reference count after having removed the + * association with the block cgroup controller. + */ + bdi_put(q->backing_dev_info); +} + /** * blk_cleanup_queue - shutdown a request queue * @q: request queue to shutdown @@ -788,30 +817,7 @@ void blk_cleanup_queue(struct request_queue *q) */ WARN_ON_ONCE(q->kobj.state_in_sysfs); - /* - * Since the I/O scheduler exit code may access cgroup information, - * perform I/O scheduler exit before disassociating from the block - * cgroup controller. - */ - if (q->elevator) { - ioc_clear_queue(q); - elevator_exit(q, q->elevator); - q->elevator = NULL; - } - - /* - * Remove all references to @q from the block cgroup controller before - * restoring @q->queue_lock to avoid that restoring this pointer causes - * e.g. blkcg_print_blkgs() to crash. - */ - blkcg_exit_queue(q); - - /* - * Since the cgroup code may dereference the @q->backing_dev_info - * pointer, only decrease its reference count after having removed the - * association with the block cgroup controller. - */ - bdi_put(q->backing_dev_info); + blk_exit_queue(q); if (q->mq_ops) blk_mq_free_queue(q); diff --git a/block/blk.h b/block/blk.h index 6adae8f94279..aeb8026f4d7b 100644 --- a/block/blk.h +++ b/block/blk.h @@ -130,6 +130,7 @@ void blk_free_flush_queue(struct blk_flush_queue *q); int blk_init_rl(struct request_list *rl, struct request_queue *q, gfp_t gfp_mask); void blk_exit_rl(struct request_queue *q, struct request_list *rl); +void blk_exit_queue(struct request_queue *q); void blk_rq_bio_prep(struct request_queue *q, struct request *rq, struct bio *bio); void blk_queue_bypass_start(struct request_queue *q); -- 2.18.0

7 years, 1 month

2
1
0 0

[PATCH] PCI: Fix bit definitions for LNKCAP2 register

by Felipe Balbi

Even thhough commit b891b4dc1eed claimed that original bit definitions were wrong, that's not really the case. After verifying PCI Specification Revisions 3.0, 3.1 and 4.0, Link Capabilites 2 Register's bit definitions were always starting from Bit 0. This has been causing issues reporting correct link speeds on sysfs. Fixes: b891b4dc1eed ("PCI: Fix bit definitions of PCI_EXP_LNKCAP2 register") Cc: <stable(a)vger.kernel.org> # v3.8+ Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> --- PCI Spec References: - 4.0 https://members.pcisig.com/wg/PCI-SIG/document/10912?downloadRevision=active - 3.1 https://members.pcisig.com/wg/PCI-SIG/document/download/8257 - 3.0 https://members.pcisig.com/wg/PCI-SIG/document/download/8265 include/uapi/linux/pci_regs.h | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/include/uapi/linux/pci_regs.h b/include/uapi/linux/pci_regs.h index 796d12910791..6ad597b3d082 100644 --- a/include/uapi/linux/pci_regs.h +++ b/include/uapi/linux/pci_regs.h @@ -652,10 +652,10 @@ #define PCI_EXP_DEVSTA2 42 /* Device Status 2 */ #define PCI_CAP_EXP_RC_ENDPOINT_SIZEOF_V2 44 /* v2 endpoints without link end here */ #define PCI_EXP_LNKCAP2 44 /* Link Capabilities 2 */ -#define PCI_EXP_LNKCAP2_SLS_2_5GB 0x00000002 /* Supported Speed 2.5GT/s */ -#define PCI_EXP_LNKCAP2_SLS_5_0GB 0x00000004 /* Supported Speed 5GT/s */ -#define PCI_EXP_LNKCAP2_SLS_8_0GB 0x00000008 /* Supported Speed 8GT/s */ -#define PCI_EXP_LNKCAP2_SLS_16_0GB 0x00000010 /* Supported Speed 16GT/s */ +#define PCI_EXP_LNKCAP2_SLS_2_5GB 0x00000001 /* Supported Speed 2.5GT/s */ +#define PCI_EXP_LNKCAP2_SLS_5_0GB 0x00000002 /* Supported Speed 5GT/s */ +#define PCI_EXP_LNKCAP2_SLS_8_0GB 0x00000004 /* Supported Speed 8GT/s */ +#define PCI_EXP_LNKCAP2_SLS_16_0GB 0x00000008 /* Supported Speed 16GT/s */ #define PCI_EXP_LNKCAP2_CROSSLINK 0x00000100 /* Crosslink supported */ #define PCI_EXP_LNKCTL2 48 /* Link Control 2 */ #define PCI_EXP_LNKCTL2_TLS 0x000f -- 2.16.1

7 years, 1 month

4
5
0 0

[PATCH] dm-bufio: adjust the reserved buffer for dm-verify-target.

by xiao jin

We hit the BUG() report at include/linux/scatterlist.h:144! The callback is as bellow: => verity_work => verity_hash_for_block => verity_verify_level => verity_hash => verity_hash_update => sg_init_one => sg_set_buf More debug shows the root cause. When creating dufio client it uses the __vmalloc() to allocate the buffer data for the reserved dm_buffer. The buffer that allocated by the __vmalloc() is invalid according to the __virt_addr_valid(). Mostly the reserved dm_buffer is not touched. But occasionally it might fail to allocate the dm_buffer data when we try to allocate in the __alloc_buffer_wait_no_callback(). Then it has to take the reserved dm_buffer for usage. Finally it reports the BUG() as virt_addr_valid() detects the buffer data address is invalid. The patch is to adjust the reserved buffer for dm-verity-target. We allocated two dm_buffers into the reserved buffers list when creating the buffer interface. The first dm_buffer in the reserved buffer list is allocated by the __vmalloc(), it's not used after that. The second dm_buffer in the reserved buffer list is allocated by the __get_free_pages() which can be consumed after that. Signed-off-by: xiao jin <jin.xiao(a)intel.com> --- drivers/md/dm-bufio.c | 4 ++-- drivers/md/dm-verity-target.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/md/dm-bufio.c b/drivers/md/dm-bufio.c index dc385b7..3b7ca5e 100644 --- a/drivers/md/dm-bufio.c +++ b/drivers/md/dm-bufio.c @@ -841,7 +841,7 @@ static struct dm_buffer *__alloc_buffer_wait_no_callback(struct dm_bufio_client tried_noio_alloc = true; } - if (!list_empty(&c->reserved_buffers)) { + if (!c->need_reserved_buffers) { b = list_entry(c->reserved_buffers.next, struct dm_buffer, lru_list); list_del(&b->lru_list); @@ -1701,7 +1701,7 @@ struct dm_bufio_client *dm_bufio_client_create(struct block_device *bdev, unsign goto bad; } - while (c->need_reserved_buffers) { + if (list_empty(&c->reserved_buffers)) { struct dm_buffer *b = alloc_buffer(c, GFP_KERNEL); if (!b) { diff --git a/drivers/md/dm-verity-target.c b/drivers/md/dm-verity-target.c index 12decdbd7..40c66fc 100644 --- a/drivers/md/dm-verity-target.c +++ b/drivers/md/dm-verity-target.c @@ -1107,7 +1107,7 @@ static int verity_ctr(struct dm_target *ti, unsigned argc, char **argv) v->hash_blocks = hash_position; v->bufio = dm_bufio_client_create(v->hash_dev->bdev, - 1 << v->hash_dev_block_bits, 1, sizeof(struct buffer_aux), + 1 << v->hash_dev_block_bits, 2, sizeof(struct buffer_aux), dm_bufio_alloc_callback, NULL); if (IS_ERR(v->bufio)) { ti->error = "Cannot initialize dm-bufio"; -- 2.7.4

7 years, 1 month

3
2
0 0

+ zram-remove-bd_cap_synchronous_io-with-writeback-feature-v2.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: zram-remove-bd_cap_synchronous_io-with-writeback-feature-v2 has been added to the -mm tree. Its filename is zram-remove-bd_cap_synchronous_io-with-writeback-feature-v2.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/zram-remove-bd_cap_synchronous_io-… and later at http://ozlabs.org/~akpm/mmotm/broken-out/zram-remove-bd_cap_synchronous_io-… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Minchan Kim <minchan(a)kernel.org> Subject: zram-remove-bd_cap_synchronous_io-with-writeback-feature-v2 - description correction - Andrew - add comment about removing BDI_CAP_SYNCHRONOUS_IO Link: https://lore.kernel.org/lkml/0516ae2d-b0fd-92c5-aa92-112ba7bd32fc@contabo.d… Link: http://lkml.kernel.org/r/20180802051112.86174-1-minchan@kernel.org Link: http://lkml.kernel.org/r/20180805233722.217347-1-minchan@kernel.org Signed-off-by: Minchan Kim <minchan(a)kernel.org> Reported-by: Tino Lehnig <tino.lehnig(a)contabo.de> Tested-by: Tino Lehnig <tino.lehnig(a)contabo.de> Cc: Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: <stable(a)vger.kernel.org> [4.15+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- diff -puN drivers/block/zram/zram_drv.c~zram-remove-bd_cap_synchronous_io-with-writeback-feature-v2 drivers/block/zram/zram_drv.c --- a/drivers/block/zram/zram_drv.c~zram-remove-bd_cap_synchronous_io-with-writeback-feature-v2 +++ a/drivers/block/zram/zram_drv.c @@ -401,6 +401,16 @@ static ssize_t backing_dev_store(struct zram->backing_dev = backing_dev; zram->bitmap = bitmap; zram->nr_pages = nr_pages; + /* + * With writeback feature, zram does asynchronous IO so it's no longer + * synchronous device so let's remove synchronous io flag. Othewise, + * upper layer(e.g., swap) could wait IO completion rather than + * (submit and return), which will cause system sluggish. + * Furthermore, when the IO function returns(e.g., swap_readpage), + * upper layer expects IO was done so it could deallocate the page + * freely but in fact, IO is going on so finally could cause + * use-after-free when the IO is really done. + */ zram->disk->queue->backing_dev_info->capabilities &= ~BDI_CAP_SYNCHRONOUS_IO; up_write(&zram->init_lock); _ Patches currently in -mm which might be from minchan(a)kernel.org are zram-remove-bd_cap_synchronous_io-with-writeback-feature.patch zram-remove-bd_cap_synchronous_io-with-writeback-feature-v2.patch

7 years, 1 month

1
0
0 0

Backport Security Fix for CVE-2018-13095 to v4.14

by Yuki Machida

Hi Greg, I conformed that a patch of CVE-2018-13095 not applied at v4.14.60. Could you please apply a patch for 4.14-stable ? CVE-2018-13095 Upstream commit 23fcb3340d033d9f081e21e6c12c2db7eaa541d3 References https://nvd.nist.gov/vuln/detail/CVE-2018-13095 Regards, Yuki Machida

7 years, 1 month

3
3
0 0

[PATCH] drm/nouveau: Don't forget to cancel hpd_work on suspend/unload

by Lyude Paul

Currently, there's nothing in nouveau that actually cancels this work struct. So, cancel it on suspend/unload. Otherwise, if we're unlucky enough hpd_work might try to keep running up until the system is suspended. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_display.c | 9 ++++++--- drivers/gpu/drm/nouveau/nouveau_display.h | 2 +- drivers/gpu/drm/nouveau/nouveau_drm.c | 2 +- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_display.c b/drivers/gpu/drm/nouveau/nouveau_display.c index ec7861457b84..1ba3f152cfcb 100644 --- a/drivers/gpu/drm/nouveau/nouveau_display.c +++ b/drivers/gpu/drm/nouveau/nouveau_display.c @@ -425,7 +425,7 @@ nouveau_display_init(struct drm_device *dev) } void -nouveau_display_fini(struct drm_device *dev, bool suspend) +nouveau_display_fini(struct drm_device *dev, bool suspend, bool runtime) { struct nouveau_display *disp = nouveau_display(dev); struct nouveau_drm *drm = nouveau_drm(dev); @@ -450,6 +450,9 @@ nouveau_display_fini(struct drm_device *dev, bool suspend) } drm_connector_list_iter_end(&conn_iter); + if (!runtime) + cancel_work_sync(&drm->hpd_work); + drm_kms_helper_poll_disable(dev); disp->fini(dev); } @@ -618,11 +621,11 @@ nouveau_display_suspend(struct drm_device *dev, bool runtime) } } - nouveau_display_fini(dev, true); + nouveau_display_fini(dev, true, runtime); return 0; } - nouveau_display_fini(dev, true); + nouveau_display_fini(dev, true, runtime); list_for_each_entry(crtc, &dev->mode_config.crtc_list, head) { struct nouveau_framebuffer *nouveau_fb; diff --git a/drivers/gpu/drm/nouveau/nouveau_display.h b/drivers/gpu/drm/nouveau/nouveau_display.h index 54aa7c3fa42d..ff92b54ce448 100644 --- a/drivers/gpu/drm/nouveau/nouveau_display.h +++ b/drivers/gpu/drm/nouveau/nouveau_display.h @@ -62,7 +62,7 @@ nouveau_display(struct drm_device *dev) int nouveau_display_create(struct drm_device *dev); void nouveau_display_destroy(struct drm_device *dev); int nouveau_display_init(struct drm_device *dev); -void nouveau_display_fini(struct drm_device *dev, bool suspend); +void nouveau_display_fini(struct drm_device *dev, bool suspend, bool runtime); int nouveau_display_suspend(struct drm_device *dev, bool runtime); void nouveau_display_resume(struct drm_device *dev, bool runtime); int nouveau_display_vblank_enable(struct drm_device *, unsigned int); diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index f5d3158f0378..20d4ab647cf7 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -629,7 +629,7 @@ nouveau_drm_unload(struct drm_device *dev) nouveau_debugfs_fini(drm); if (dev->mode_config.num_crtc) - nouveau_display_fini(dev, false); + nouveau_display_fini(dev, false, false); nouveau_display_destroy(dev); nouveau_bios_takedown(dev); -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v5 12/13] drm/nouveau: Fix deadlocks in nouveau_connector_detect()

by Lyude Paul

When we disable hotplugging on the GPU, we need to be able to synchronize with each connector's hotplug interrupt handler before the interrupt is finally disabled. This can be a problem however, since nouveau_connector_detect() currently grabs a runtime power reference when handling connector probing. This will deadlock the runtime suspend handler like so: [ 861.480896] INFO: task kworker/0:2:61 blocked for more than 120 seconds. [ 861.483290] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.485158] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.486332] kworker/0:2 D 0 61 2 0x80000000 [ 861.487044] Workqueue: events nouveau_display_hpd_work [nouveau] [ 861.487737] Call Trace: [ 861.488394] __schedule+0x322/0xaf0 [ 861.489070] schedule+0x33/0x90 [ 861.489744] rpm_resume+0x19c/0x850 [ 861.490392] ? finish_wait+0x90/0x90 [ 861.491068] __pm_runtime_resume+0x4e/0x90 [ 861.491753] nouveau_display_hpd_work+0x22/0x60 [nouveau] [ 861.492416] process_one_work+0x231/0x620 [ 861.493068] worker_thread+0x44/0x3a0 [ 861.493722] kthread+0x12b/0x150 [ 861.494342] ? wq_pool_ids_show+0x140/0x140 [ 861.494991] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.495648] ret_from_fork+0x3a/0x50 [ 861.496304] INFO: task kworker/6:2:320 blocked for more than 120 seconds. [ 861.496968] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.497654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.498341] kworker/6:2 D 0 320 2 0x80000080 [ 861.499045] Workqueue: pm pm_runtime_work [ 861.499739] Call Trace: [ 861.500428] __schedule+0x322/0xaf0 [ 861.501134] ? wait_for_completion+0x104/0x190 [ 861.501851] schedule+0x33/0x90 [ 861.502564] schedule_timeout+0x3a5/0x590 [ 861.503284] ? mark_held_locks+0x58/0x80 [ 861.503988] ? _raw_spin_unlock_irq+0x2c/0x40 [ 861.504710] ? wait_for_completion+0x104/0x190 [ 861.505417] ? trace_hardirqs_on_caller+0xf4/0x190 [ 861.506136] ? wait_for_completion+0x104/0x190 [ 861.506845] wait_for_completion+0x12c/0x190 [ 861.507555] ? wake_up_q+0x80/0x80 [ 861.508268] flush_work+0x1c9/0x280 [ 861.508990] ? flush_workqueue_prep_pwqs+0x1b0/0x1b0 [ 861.509735] nvif_notify_put+0xb1/0xc0 [nouveau] [ 861.510482] nouveau_display_fini+0xbd/0x170 [nouveau] [ 861.511241] nouveau_display_suspend+0x67/0x120 [nouveau] [ 861.511969] nouveau_do_suspend+0x5e/0x2d0 [nouveau] [ 861.512715] nouveau_pmops_runtime_suspend+0x47/0xb0 [nouveau] [ 861.513435] pci_pm_runtime_suspend+0x6b/0x180 [ 861.514165] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.514897] __rpm_callback+0x7a/0x1d0 [ 861.515618] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.516313] rpm_callback+0x24/0x80 [ 861.517027] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.517741] rpm_suspend+0x142/0x6b0 [ 861.518449] pm_runtime_work+0x97/0xc0 [ 861.519144] process_one_work+0x231/0x620 [ 861.519831] worker_thread+0x44/0x3a0 [ 861.520522] kthread+0x12b/0x150 [ 861.521220] ? wq_pool_ids_show+0x140/0x140 [ 861.521925] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.522622] ret_from_fork+0x3a/0x50 [ 861.523299] INFO: task kworker/6:0:1329 blocked for more than 120 seconds. [ 861.523977] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.524644] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.525349] kworker/6:0 D 0 1329 2 0x80000000 [ 861.526073] Workqueue: events nvif_notify_work [nouveau] [ 861.526751] Call Trace: [ 861.527411] __schedule+0x322/0xaf0 [ 861.528089] schedule+0x33/0x90 [ 861.528758] rpm_resume+0x19c/0x850 [ 861.529399] ? finish_wait+0x90/0x90 [ 861.530073] __pm_runtime_resume+0x4e/0x90 [ 861.530798] nouveau_connector_detect+0x7e/0x510 [nouveau] [ 861.531459] ? ww_mutex_lock+0x47/0x80 [ 861.532097] ? ww_mutex_lock+0x47/0x80 [ 861.532819] ? drm_modeset_lock+0x88/0x130 [drm] [ 861.533481] drm_helper_probe_detect_ctx+0xa0/0x100 [drm_kms_helper] [ 861.534127] drm_helper_hpd_irq_event+0xa4/0x120 [drm_kms_helper] [ 861.534940] nouveau_connector_hotplug+0x98/0x120 [nouveau] [ 861.535556] nvif_notify_work+0x2d/0xb0 [nouveau] [ 861.536221] process_one_work+0x231/0x620 [ 861.536994] worker_thread+0x44/0x3a0 [ 861.537757] kthread+0x12b/0x150 [ 861.538463] ? wq_pool_ids_show+0x140/0x140 [ 861.539102] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.539815] ret_from_fork+0x3a/0x50 [ 861.540521] Showing all locks held in the system: [ 861.541696] 2 locks held by kworker/0:2/61: [ 861.542406] #0: 000000002dbf8af5 ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.543071] #1: 0000000076868126 ((work_completion)(&drm->hpd_work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.543814] 1 lock held by khungtaskd/64: [ 861.544535] #0: 0000000059db4b53 (rcu_read_lock){....}, at: debug_show_all_locks+0x23/0x185 [ 861.545160] 3 locks held by kworker/6:2/320: [ 861.545896] #0: 00000000d9e1bc59 ((wq_completion)"pm"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.546702] #1: 00000000c9f92d84 ((work_completion)(&dev->power.work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.547443] #2: 000000004afc5de1 (drm_connector_list_iter){.+.+}, at: nouveau_display_fini+0x96/0x170 [nouveau] [ 861.548146] 1 lock held by dmesg/983: [ 861.548889] 2 locks held by zsh/1250: [ 861.549605] #0: 00000000348e3cf6 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 861.550393] #1: 000000007009a7a8 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0xc1/0x870 [ 861.551122] 6 locks held by kworker/6:0/1329: [ 861.551957] #0: 000000002dbf8af5 ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.552765] #1: 00000000ddb499ad ((work_completion)(&notify->work)#2){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.553582] #2: 000000006e013cbe (&dev->mode_config.mutex){+.+.}, at: drm_helper_hpd_irq_event+0x6c/0x120 [drm_kms_helper] [ 861.554357] #3: 000000004afc5de1 (drm_connector_list_iter){.+.+}, at: drm_helper_hpd_irq_event+0x78/0x120 [drm_kms_helper] [ 861.555227] #4: 0000000044f294d9 (crtc_ww_class_acquire){+.+.}, at: drm_helper_probe_detect_ctx+0x3d/0x100 [drm_kms_helper] [ 861.556133] #5: 00000000db193642 (crtc_ww_class_mutex){+.+.}, at: drm_modeset_lock+0x4b/0x130 [drm] [ 861.557864] ============================================= [ 861.559507] NMI backtrace for cpu 2 [ 861.560363] CPU: 2 PID: 64 Comm: khungtaskd Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.561197] Hardware name: LENOVO 20EQS64N0B/20EQS64N0B, BIOS N1EET78W (1.51 ) 05/18/2018 [ 861.561948] Call Trace: [ 861.562757] dump_stack+0x8e/0xd3 [ 861.563516] nmi_cpu_backtrace.cold.3+0x14/0x5a [ 861.564269] ? lapic_can_unplug_cpu.cold.27+0x42/0x42 [ 861.565029] nmi_trigger_cpumask_backtrace+0xa1/0xae [ 861.565789] arch_trigger_cpumask_backtrace+0x19/0x20 [ 861.566558] watchdog+0x316/0x580 [ 861.567355] kthread+0x12b/0x150 [ 861.568114] ? reset_hung_task_detector+0x20/0x20 [ 861.568863] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.569598] ret_from_fork+0x3a/0x50 [ 861.570370] Sending NMI from CPU 2 to CPUs 0-1,3-7: [ 861.571426] NMI backtrace for cpu 6 skipped: idling at intel_idle+0x7f/0x120 [ 861.571429] NMI backtrace for cpu 7 skipped: idling at intel_idle+0x7f/0x120 [ 861.571432] NMI backtrace for cpu 3 skipped: idling at intel_idle+0x7f/0x120 [ 861.571464] NMI backtrace for cpu 5 skipped: idling at intel_idle+0x7f/0x120 [ 861.571467] NMI backtrace for cpu 0 skipped: idling at intel_idle+0x7f/0x120 [ 861.571469] NMI backtrace for cpu 4 skipped: idling at intel_idle+0x7f/0x120 [ 861.571472] NMI backtrace for cpu 1 skipped: idling at intel_idle+0x7f/0x120 [ 861.572428] Kernel panic - not syncing: hung_task: blocked tasks So: fix this with a new trick; store the current task_struct that's executing in the nouveau_connector structure, then avoid attempting to runtime resume the device when we know that we're just running from the context of our hotplug interrupt handler. Since hpd interrupts are only enabled while the device is runtime active, this should be totally safe. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 16 ++++++++++------ drivers/gpu/drm/nouveau/nouveau_connector.h | 1 + 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 9714e09f17db..8409c3f2c3a1 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -572,13 +572,14 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) nv_connector->edid = NULL; } - /* Outputs are only polled while runtime active, so resuming the - * device here is unnecessary (and would deadlock upon runtime suspend - * because it waits for polling to finish). We do however, want to - * prevent the autosuspend timer from elapsing during this operation - * if possible. + /* Output polling and HPD only happens while we're runtime active, so + * resuming the device here is unnecessary (and would deadlock upon + * runtime suspend because it waits for polling to finish). We do + * however, want to prevent the autosuspend timer from elapsing during + * this operation if possible. */ - if (drm_kms_helper_is_poll_worker()) { + if (drm_kms_helper_is_poll_worker() || + nv_connector->hpd_task == current) { pm_runtime_get_noresume(dev->dev); } else { ret = pm_runtime_get_sync(dev->dev); @@ -1151,6 +1152,8 @@ nouveau_connector_hotplug(struct nvif_notify *notify) const char *name = connector->name; struct nouveau_encoder *nv_encoder; + nv_connector->hpd_task = current; + if (rep->mask & NVIF_NOTIFY_CONN_V0_IRQ) { NV_DEBUG(drm, "service %s\n", name); if ((nv_encoder = find_encoder(connector, DCB_OUTPUT_DP))) @@ -1167,6 +1170,7 @@ nouveau_connector_hotplug(struct nvif_notify *notify) nouveau_connector_hotplug_probe(nv_connector); } + nv_connector->hpd_task = NULL; return NVIF_NOTIFY_KEEP; } diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.h b/drivers/gpu/drm/nouveau/nouveau_connector.h index 2d9d35a146a4..1964e682ba13 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.h +++ b/drivers/gpu/drm/nouveau/nouveau_connector.h @@ -45,6 +45,7 @@ struct nouveau_connector { u8 *dcb; struct nvif_notify hpd; + struct task_struct *hpd_task; struct drm_dp_aux aux; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v5 11/13] drm/nouveau: Respond to HPDs by probing one conn at a time

by Lyude Paul

There isn't actually any reason we need to call drm_hpd_irq_event() from our hotplug handler, as we already know which connector the hotplug event was fired for. We're also going to need to avoid probing all connectors needlessly from hotplug handlers anyway so that we can track when nouveau_connector_detect() is being called from the context of it's connector's hotplug handler in order to fix the next deadlocking issue. This is (slightly) faster anyway! Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 28 ++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 010d6db14cba..9714e09f17db 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -1114,6 +1114,32 @@ nouveau_connector_funcs_lvds = { .atomic_get_property = nouveau_conn_atomic_get_property, }; +static void +nouveau_connector_hotplug_probe(struct nouveau_connector *nv_conn) +{ + struct drm_modeset_acquire_ctx ctx; + struct drm_connector *conn = &nv_conn->base; + enum drm_connector_status old_status; + struct drm_device *dev = conn->dev; + bool changed; + + mutex_lock(&dev->mode_config.mutex); + + drm_modeset_acquire_init(&ctx, 0); + drm_modeset_lock(&dev->mode_config.connection_mutex, &ctx); + + old_status = conn->status; + conn->status = drm_helper_probe_detect(conn, &ctx, true); + changed = old_status != conn->status; + + drm_modeset_drop_locks(&ctx); + drm_modeset_acquire_fini(&ctx); + mutex_unlock(&dev->mode_config.mutex); + + if (changed) + drm_kms_helper_hotplug_event(dev); +} + static int nouveau_connector_hotplug(struct nvif_notify *notify) { @@ -1138,7 +1164,7 @@ nouveau_connector_hotplug(struct nvif_notify *notify) nv50_mstm_remove(nv_encoder->dp.mstm); } - drm_helper_hpd_irq_event(connector->dev); + nouveau_connector_hotplug_probe(nv_connector); } return NVIF_NOTIFY_KEEP; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v5 09/13] drm/nouveau: Fix deadlock with fb_helper by inhibiting it's HPD

by Lyude Paul

I'm sure I don't need to tell you that fb_helper's locking is a mess. That being said; fb_helper's locking mess can seriously complicate the runtime suspend/resume operations of drivers because it can invoke atomic commits and connector probing from anywhere that calls drm_fb_helper_hotplug_event(). Since most drivers use drm_fb_helper_output_poll_changed() as their output_poll_changed handler, this can happen in every single context that can fire off a hotplug event. An example: [ 246.669625] INFO: task kworker/4:0:37 blocked for more than 120 seconds. [ 246.673398] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.675271] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.676527] kworker/4:0 D 0 37 2 0x80000000 [ 246.677580] Workqueue: events output_poll_execute [drm_kms_helper] [ 246.678704] Call Trace: [ 246.679753] __schedule+0x322/0xaf0 [ 246.680916] schedule+0x33/0x90 [ 246.681924] schedule_preempt_disabled+0x15/0x20 [ 246.683023] __mutex_lock+0x569/0x9a0 [ 246.684035] ? kobject_uevent_env+0x117/0x7b0 [ 246.685132] ? drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.686179] mutex_lock_nested+0x1b/0x20 [ 246.687278] ? mutex_lock_nested+0x1b/0x20 [ 246.688307] drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.689420] drm_fb_helper_output_poll_changed+0x23/0x30 [drm_kms_helper] [ 246.690462] drm_kms_helper_hotplug_event+0x2a/0x30 [drm_kms_helper] [ 246.691570] output_poll_execute+0x198/0x1c0 [drm_kms_helper] [ 246.692611] process_one_work+0x231/0x620 [ 246.693725] worker_thread+0x214/0x3a0 [ 246.694756] kthread+0x12b/0x150 [ 246.695856] ? wq_pool_ids_show+0x140/0x140 [ 246.696888] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.697998] ret_from_fork+0x3a/0x50 [ 246.699034] INFO: task kworker/0:1:60 blocked for more than 120 seconds. [ 246.700153] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.701182] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.702278] kworker/0:1 D 0 60 2 0x80000000 [ 246.703293] Workqueue: pm pm_runtime_work [ 246.704393] Call Trace: [ 246.705403] __schedule+0x322/0xaf0 [ 246.706439] ? wait_for_completion+0x104/0x190 [ 246.707393] schedule+0x33/0x90 [ 246.708375] schedule_timeout+0x3a5/0x590 [ 246.709289] ? mark_held_locks+0x58/0x80 [ 246.710208] ? _raw_spin_unlock_irq+0x2c/0x40 [ 246.711222] ? wait_for_completion+0x104/0x190 [ 246.712134] ? trace_hardirqs_on_caller+0xf4/0x190 [ 246.713094] ? wait_for_completion+0x104/0x190 [ 246.713964] wait_for_completion+0x12c/0x190 [ 246.714895] ? wake_up_q+0x80/0x80 [ 246.715727] ? get_work_pool+0x90/0x90 [ 246.716649] flush_work+0x1c9/0x280 [ 246.717483] ? flush_workqueue_prep_pwqs+0x1b0/0x1b0 [ 246.718442] __cancel_work_timer+0x146/0x1d0 [ 246.719247] cancel_delayed_work_sync+0x13/0x20 [ 246.720043] drm_kms_helper_poll_disable+0x1f/0x30 [drm_kms_helper] [ 246.721123] nouveau_pmops_runtime_suspend+0x3d/0xb0 [nouveau] [ 246.721897] pci_pm_runtime_suspend+0x6b/0x190 [ 246.722825] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.723737] __rpm_callback+0x7a/0x1d0 [ 246.724721] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.725607] rpm_callback+0x24/0x80 [ 246.726553] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.727376] rpm_suspend+0x142/0x6b0 [ 246.728185] pm_runtime_work+0x97/0xc0 [ 246.728938] process_one_work+0x231/0x620 [ 246.729796] worker_thread+0x44/0x3a0 [ 246.730614] kthread+0x12b/0x150 [ 246.731395] ? wq_pool_ids_show+0x140/0x140 [ 246.732202] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.732878] ret_from_fork+0x3a/0x50 [ 246.733768] INFO: task kworker/4:2:422 blocked for more than 120 seconds. [ 246.734587] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.735393] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.736113] kworker/4:2 D 0 422 2 0x80000080 [ 246.736789] Workqueue: events_long drm_dp_mst_link_probe_work [drm_kms_helper] [ 246.737665] Call Trace: [ 246.738490] __schedule+0x322/0xaf0 [ 246.739250] schedule+0x33/0x90 [ 246.739908] rpm_resume+0x19c/0x850 [ 246.740750] ? finish_wait+0x90/0x90 [ 246.741541] __pm_runtime_resume+0x4e/0x90 [ 246.742370] nv50_disp_atomic_commit+0x31/0x210 [nouveau] [ 246.743124] drm_atomic_commit+0x4a/0x50 [drm] [ 246.743775] restore_fbdev_mode_atomic+0x1c8/0x240 [drm_kms_helper] [ 246.744603] restore_fbdev_mode+0x31/0x140 [drm_kms_helper] [ 246.745373] drm_fb_helper_restore_fbdev_mode_unlocked+0x54/0xb0 [drm_kms_helper] [ 246.746220] drm_fb_helper_set_par+0x2d/0x50 [drm_kms_helper] [ 246.746884] drm_fb_helper_hotplug_event.part.28+0x96/0xb0 [drm_kms_helper] [ 246.747675] drm_fb_helper_output_poll_changed+0x23/0x30 [drm_kms_helper] [ 246.748544] drm_kms_helper_hotplug_event+0x2a/0x30 [drm_kms_helper] [ 246.749439] nv50_mstm_hotplug+0x15/0x20 [nouveau] [ 246.750111] drm_dp_send_link_address+0x177/0x1c0 [drm_kms_helper] [ 246.750764] drm_dp_check_and_send_link_address+0xa8/0xd0 [drm_kms_helper] [ 246.751602] drm_dp_mst_link_probe_work+0x51/0x90 [drm_kms_helper] [ 246.752314] process_one_work+0x231/0x620 [ 246.752979] worker_thread+0x44/0x3a0 [ 246.753838] kthread+0x12b/0x150 [ 246.754619] ? wq_pool_ids_show+0x140/0x140 [ 246.755386] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.756162] ret_from_fork+0x3a/0x50 [ 246.756847] Showing all locks held in the system: [ 246.758261] 3 locks held by kworker/4:0/37: [ 246.759016] #0: 00000000f8df4d2d ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.759856] #1: 00000000e6065461 ((work_completion)(&(&dev->mode_config.output_poll_work)->work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.760670] #2: 00000000cb66735f (&helper->lock){+.+.}, at: drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.761516] 2 locks held by kworker/0:1/60: [ 246.762274] #0: 00000000fff6be0f ((wq_completion)"pm"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.762982] #1: 000000005ab44fb4 ((work_completion)(&dev->power.work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.763890] 1 lock held by khungtaskd/64: [ 246.764664] #0: 000000008cb8b5c3 (rcu_read_lock){....}, at: debug_show_all_locks+0x23/0x185 [ 246.765588] 5 locks held by kworker/4:2/422: [ 246.766440] #0: 00000000232f0959 ((wq_completion)"events_long"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.767390] #1: 00000000bb59b134 ((work_completion)(&mgr->work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.768154] #2: 00000000cb66735f (&helper->lock){+.+.}, at: drm_fb_helper_restore_fbdev_mode_unlocked+0x4c/0xb0 [drm_kms_helper] [ 246.768966] #3: 000000004c8f0b6b (crtc_ww_class_acquire){+.+.}, at: restore_fbdev_mode_atomic+0x4b/0x240 [drm_kms_helper] [ 246.769921] #4: 000000004c34a296 (crtc_ww_class_mutex){+.+.}, at: drm_modeset_backoff+0x8a/0x1b0 [drm] [ 246.770839] 1 lock held by dmesg/1038: [ 246.771739] 2 locks held by zsh/1172: [ 246.772650] #0: 00000000836d0438 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 246.773680] #1: 000000001f4f4d48 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0xc1/0x870 [ 246.775522] ============================================= I've tried a couple of solutions so far, but it seems that right now the simplest solution is to just prevent fb_helper from handling hotplugs when runtime suspending, as this allows us to eliminate any possibility that we might race with fb_helper. We can just "resume" hotplug handling for fbdev when we runtime resume, and fire off a hotplug event if anything happened while we were suspended. Additionally; we take care to abort the runtime resume process if can't lock the new fb_helper hotplug locks before fb_helper starts doing something. Changes since v4: - Add nouveau_fbcon_hotplugged_in_suspend() to workaround deadlock condition that Lukas described - Just move all of this out of drm_fb_helper. It seems that other DRM drivers have already figured out other workarounds for this. If other drivers do end up needing this in the future, we can just move this back into drm_fb_helper again. Changes since v3: - Actually check if fb_helper is NULL in both new helpers - Actually check drm_fbdev_emulation in both new helpers - Don't fire off a fb_helper hotplug unconditionally; only do it if the following conditions are true (as otherwise, calling this in the wrong spot will cause Bad Things to happen): - fb_helper hotplug handling was actually inhibited previously - fb_helper actually has a delayed hotplug pending - fb_helper is actually bound - fb_helper is actually initialized - Add __must_check to drm_fb_helper_suspend_hotplug(). There's no situation where a driver would actually want to use this without checking the return value, so enforce that - Rewrite and clarify the documentation for both helpers. - Make sure to return true in the drm_fb_helper_suspend_hotplug() stub that's provided in drm_fb_helper.h when CONFIG_DRM_FBDEV_EMULATION isn't enabled - Actually grab the toplevel fb_helper lock in drm_fb_helper_resume_hotplug(), since it's possible other activity (such as a hotplug) could be going on at the same time the driver calls drm_fb_helper_resume_hotplug(). We need this to check whether or not drm_fb_helper_hotplug_event() needs to be called anyway Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/dispnv50/disp.c | 2 +- drivers/gpu/drm/nouveau/nouveau_display.c | 48 +++++++++--- drivers/gpu/drm/nouveau/nouveau_drm.c | 3 + drivers/gpu/drm/nouveau/nouveau_fbcon.c | 90 +++++++++++++++++++++++ drivers/gpu/drm/nouveau/nouveau_fbcon.h | 9 +++ 5 files changed, 139 insertions(+), 13 deletions(-) diff --git a/drivers/gpu/drm/nouveau/dispnv50/disp.c b/drivers/gpu/drm/nouveau/dispnv50/disp.c index 8b522a9b12f6..a0772389ed90 100644 --- a/drivers/gpu/drm/nouveau/dispnv50/disp.c +++ b/drivers/gpu/drm/nouveau/dispnv50/disp.c @@ -2049,7 +2049,7 @@ nv50_disp_atomic_state_alloc(struct drm_device *dev) static const struct drm_mode_config_funcs nv50_disp_func = { .fb_create = nouveau_user_framebuffer_create, - .output_poll_changed = drm_fb_helper_output_poll_changed, + .output_poll_changed = nouveau_fbcon_output_poll_changed, .atomic_check = nv50_disp_atomic_check, .atomic_commit = nv50_disp_atomic_commit, .atomic_state_alloc = nv50_disp_atomic_state_alloc, diff --git a/drivers/gpu/drm/nouveau/nouveau_display.c b/drivers/gpu/drm/nouveau/nouveau_display.c index 1d36ab5d4796..7229887f7cbf 100644 --- a/drivers/gpu/drm/nouveau/nouveau_display.c +++ b/drivers/gpu/drm/nouveau/nouveau_display.c @@ -293,7 +293,7 @@ nouveau_user_framebuffer_create(struct drm_device *dev, static const struct drm_mode_config_funcs nouveau_mode_config_funcs = { .fb_create = nouveau_user_framebuffer_create, - .output_poll_changed = drm_fb_helper_output_poll_changed, + .output_poll_changed = nouveau_fbcon_output_poll_changed, }; @@ -608,25 +608,49 @@ nouveau_display_destroy(struct drm_device *dev) int nouveau_display_suspend(struct drm_device *dev, bool runtime) { + struct nouveau_drm *drm = nouveau_drm(dev); struct nouveau_display *disp = nouveau_display(dev); struct drm_crtc *crtc; + bool using_atomic = drm_drv_uses_atomic_modeset(dev); + int ret; - if (drm_drv_uses_atomic_modeset(dev)) { - if (!runtime) { - disp->suspend = drm_atomic_helper_suspend(dev); - if (IS_ERR(disp->suspend)) { - int ret = PTR_ERR(disp->suspend); - disp->suspend = NULL; - return ret; - } + if (!runtime && using_atomic) { + disp->suspend = drm_atomic_helper_suspend(dev); + if (IS_ERR(disp->suspend)) { + int ret = PTR_ERR(disp->suspend); + disp->suspend = NULL; + return ret; } - - nouveau_display_fini(dev, true); - return 0; } nouveau_display_fini(dev, true); + if (runtime && nouveau_fbcon_hotplugged_in_suspend(drm->fbcon)) { + NV_DEBUG(drm, "interrupted by delayed fb_helper hotplug\n"); + + /* We don't need to run the whole nouveau_display_resume() + * process here, just undo what we did in + * nouveau_display_fini() + */ + NV_DEBUG(drm, "resuming display...\n"); + ret = nouveau_display_init(dev); + if (WARN_ON(ret)) { + NV_ERROR(drm, "Failed to bring back display!\n"); + return ret; + } + + return -EBUSY; + } + + /* Any hotplugs received after this point will be picked up by ACPI, + * which will wake us up properly before actually trying to handle the + * hotplug. + */ + + if (using_atomic) + return 0; + + /* The rest of this is for legacy modesetting only */ list_for_each_entry(crtc, &dev->mode_config.crtc_list, head) { struct nouveau_framebuffer *nouveau_fb; diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index f79b435368ec..296b1d63f054 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -841,6 +841,9 @@ nouveau_pmops_runtime_suspend(struct device *dev) return -EBUSY; } + if (!nouveau_fbcon_hotplug_suspend(nouveau_drm(drm_dev)->fbcon)) + return -EBUSY; + ret = nouveau_do_suspend(drm_dev, true); if (ret) return ret; diff --git a/drivers/gpu/drm/nouveau/nouveau_fbcon.c b/drivers/gpu/drm/nouveau/nouveau_fbcon.c index 85c1f10bc2b6..67677d60f07e 100644 --- a/drivers/gpu/drm/nouveau/nouveau_fbcon.c +++ b/drivers/gpu/drm/nouveau/nouveau_fbcon.c @@ -466,6 +466,7 @@ nouveau_fbcon_set_suspend_work(struct work_struct *work) console_unlock(); if (state == FBINFO_STATE_RUNNING) { + nouveau_fbcon_hotplug_resume(drm->fbcon); pm_runtime_mark_last_busy(drm->dev->dev); pm_runtime_put_sync(drm->dev->dev); } @@ -487,6 +488,94 @@ nouveau_fbcon_set_suspend(struct drm_device *dev, int state) schedule_work(&drm->fbcon_work); } +void +nouveau_fbcon_output_poll_changed(struct drm_device *dev) +{ + struct nouveau_drm *drm = nouveau_drm(dev); + struct nouveau_fbdev *fbcon = drm->fbcon; + + if (!fbcon) + return; + + mutex_lock(&fbcon->hotplug_lock); + + if (fbcon->hotplug_suspended) { + fbcon->hotplug_waiting = true; + } else { + pm_runtime_get_sync(drm->dev->dev); + + drm_fb_helper_hotplug_event(&fbcon->helper); + + pm_runtime_mark_last_busy(drm->dev->dev); + pm_runtime_put_autosuspend(drm->dev->dev); + } + + mutex_unlock(&fbcon->hotplug_lock); +} + +bool __must_check +nouveau_fbcon_hotplug_suspend(struct nouveau_fbdev *fbcon) +{ + int ret; + + if (!fbcon) + return true; + + /* We can't block on fbcon if it's performing connector probes, as + * it will need to grab a runtime PM reference to the GPU and deadlock + * us if we do. So, just abort if it's busy (that's what we want + * anyway) + */ + ret = mutex_trylock(&fbcon->hotplug_lock); + if (!ret) + return false; + fbcon->hotplug_suspended = true; + mutex_unlock(&fbcon->hotplug_lock); + + return true; +} + +void +nouveau_fbcon_hotplug_resume(struct nouveau_fbdev *fbcon) +{ + struct drm_device *dev; + + if (!fbcon) + return; + dev = fbcon->helper.dev; + + mutex_lock(&fbcon->hotplug_lock); + + fbcon->hotplug_suspended = false; + if (fbcon->hotplug_waiting) { + fbcon->hotplug_waiting = false; + + pm_runtime_get_sync(dev->dev); + + drm_fb_helper_hotplug_event(&fbcon->helper); + + pm_runtime_mark_last_busy(dev->dev); + pm_runtime_put_autosuspend(dev->dev); + } + + mutex_unlock(&fbcon->hotplug_lock); +} + +bool +nouveau_fbcon_hotplugged_in_suspend(struct nouveau_fbdev *fbcon) +{ + bool hotplug; + + if (!fbcon) + return false; + + mutex_lock(&fbcon->hotplug_lock); + hotplug = fbcon->hotplug_suspended && fbcon->hotplug_waiting; + mutex_unlock(&fbcon->hotplug_lock); + + return hotplug; +} + int nouveau_fbcon_init(struct drm_device *dev) { @@ -505,6 +594,7 @@ nouveau_fbcon_init(struct drm_device *dev) drm->fbcon = fbcon; INIT_WORK(&drm->fbcon_work, nouveau_fbcon_set_suspend_work); + mutex_init(&fbcon->hotplug_lock); drm_fb_helper_prepare(dev, &fbcon->helper, &nouveau_fbcon_helper_funcs); diff --git a/drivers/gpu/drm/nouveau/nouveau_fbcon.h b/drivers/gpu/drm/nouveau/nouveau_fbcon.h index a6f192ea3fa6..a939628bf7f7 100644 --- a/drivers/gpu/drm/nouveau/nouveau_fbcon.h +++ b/drivers/gpu/drm/nouveau/nouveau_fbcon.h @@ -41,6 +41,10 @@ struct nouveau_fbdev { struct nvif_object gdi; struct nvif_object blit; struct nvif_object twod; + + struct mutex hotplug_lock; + bool hotplug_suspended; + bool hotplug_waiting; }; void nouveau_fbcon_restore(void); @@ -68,6 +72,11 @@ void nouveau_fbcon_set_suspend(struct drm_device *dev, int state); void nouveau_fbcon_accel_save_disable(struct drm_device *dev); void nouveau_fbcon_accel_restore(struct drm_device *dev); +void nouveau_fbcon_output_poll_changed(struct drm_device *dev); +bool __must_check nouveau_fbcon_hotplug_suspend(struct nouveau_fbdev *fbcon); +void nouveau_fbcon_hotplug_resume(struct nouveau_fbdev *fbcon); +bool nouveau_fbcon_hotplugged_in_suspend(struct nouveau_fbdev *fbcon); + extern int nouveau_nofbaccel; #endif /* __NV50_FBCON_H__ */ -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v5 02/13] drm/nouveau: Remove duplicate poll_enable() in pmops_runtime_suspend()

by Lyude Paul

Since actual hotplug notifications don't get disabled until nouveau_display_fini() is called, all this will do is cause any hotplugs that happen between this drm_kms_helper_poll_disable() call and the actual hotplug disablement to potentially be dropped if ACPI isn't around to help us. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_drm.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index c7ec86d6c3c9..5fdc1fbe2ee5 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -835,7 +835,6 @@ nouveau_pmops_runtime_suspend(struct device *dev) return -EBUSY; } - drm_kms_helper_poll_disable(drm_dev); nouveau_switcheroo_optimus_dsm(); ret = nouveau_do_suspend(drm_dev, true); pci_save_state(pdev); -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v5 01/13] drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement

by Lyude Paul

Turns out this part is my fault for not noticing when reviewing 9a2eba337cace ("drm/nouveau: Fix drm poll_helper handling"). Currently we call drm_kms_helper_poll_enable() from nouveau_display_hpd_work(). This makes basically no sense however, because that means we're calling drm_kms_helper_poll_enable() every time we schedule the hotplug detection work. This is also against the advice mentioned in drm_kms_helper_poll_enable()'s documentation: Note that calls to enable and disable polling must be strictly ordered, which is automatically the case when they're only call from suspend/resume callbacks. Of course, hotplugs can't really be ordered. They could even happen immediately after we called drm_kms_helper_poll_disable() in nouveau_display_fini(), which can lead to all sorts of issues. Additionally; enabling polling /after/ we call drm_helper_hpd_irq_event() could also mean that we'd miss a hotplug event anyway, since drm_helper_hpd_irq_event() wouldn't bother trying to probe connectors so long as polling is disabled. So; simply move this back into nouveau_display_init() again. The race condition that both of these patches attempted to work around has already been fixed properly in d61a5c106351 ("drm/nouveau: Fix deadlock on runtime suspend") Fixes: 9a2eba337cace ("drm/nouveau: Fix drm poll_helper handling") Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Peter Ujfalusi <peter.ujfalusi(a)ti.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_display.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_display.c b/drivers/gpu/drm/nouveau/nouveau_display.c index ec7861457b84..1d36ab5d4796 100644 --- a/drivers/gpu/drm/nouveau/nouveau_display.c +++ b/drivers/gpu/drm/nouveau/nouveau_display.c @@ -355,8 +355,6 @@ nouveau_display_hpd_work(struct work_struct *work) pm_runtime_get_sync(drm->dev->dev); drm_helper_hpd_irq_event(drm->dev); - /* enable polling for external displays */ - drm_kms_helper_poll_enable(drm->dev); pm_runtime_mark_last_busy(drm->dev->dev); pm_runtime_put_sync(drm->dev->dev); @@ -411,6 +409,11 @@ nouveau_display_init(struct drm_device *dev) if (ret) return ret; + /* enable connector detection and polling for connectors without HPD + * support + */ + drm_kms_helper_poll_enable(dev); + /* enable hotplug interrupts */ drm_connector_list_iter_begin(dev, &conn_iter); nouveau_for_each_non_mst_connector_iter(connector, &conn_iter) { -- 2.17.1

7 years, 1 month

1
0
0 0

Please apply commit 92d34134193e ("fs: Fix inconsistency ..." to stable releases

by Guenter Roeck

Hi Greg, commit 92d34134193e ("jfs: Fix inconsistency between memory allocation and ea_buf->max_size") fixes CVE-2018-12233. As far as I can see, the commit is not in any stable releases. It applies to all stable releases at least as far back as v4.4.y (and it builds unless I really messed up). Copying author and committer in case there are any concerns. Otherwise, please apply to stable releases. Thanks, Guenter

7 years, 1 month

2
1
0 0

[RESEND] request to include on 4.14.y

by Eduardo Valentin

Greg, Can you please include the following patch to 4.14.y stable branch to fix the intel_idle probe and avoid mis-lead info to user by blaming unsupported processor model: a4c447533a18 ("intel_idle: Graceful probe failure when MWAIT is disabled") This is a self-contained and cherry-pick'able patch in linus master branch. Thanks, Hope this time is better communicated. -- All the best, Eduardo Valentin

7 years, 1 month

2
1
0 0

FAILED: patch "[PATCH] Btrfs: fix file data corruption after cloning a range and" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From bd3599a0e142cd73edd3b6801068ac3f48ac771a Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Thu, 12 Jul 2018 01:36:43 +0100 Subject: [PATCH] Btrfs: fix file data corruption after cloning a range and fsync When we clone a range into a file we can end up dropping existing extent maps (or trimming them) and replacing them with new ones if the range to be cloned overlaps with a range in the destination inode. When that happens we add the new extent maps to the list of modified extents in the inode's extent map tree, so that a "fast" fsync (the flag BTRFS_INODE_NEEDS_FULL_SYNC not set in the inode) will see the extent maps and log corresponding extent items. However, at the end of range cloning operation we do truncate all the pages in the affected range (in order to ensure future reads will not get stale data). Sometimes this truncation will release the corresponding extent maps besides the pages from the page cache. If this happens, then a "fast" fsync operation will miss logging some extent items, because it relies exclusively on the extent maps being present in the inode's extent tree, leading to data loss/corruption if the fsync ends up using the same transaction used by the clone operation (that transaction was not committed in the meanwhile). An extent map is released through the callback btrfs_invalidatepage(), which gets called by truncate_inode_pages_range(), and it calls __btrfs_releasepage(). The later ends up calling try_release_extent_mapping() which will release the extent map if some conditions are met, like the file size being greater than 16Mb, gfp flags allow blocking and the range not being locked (which is the case during the clone operation) nor being the extent map flagged as pinned (also the case for cloning). The following example, turned into a test for fstests, reproduces the issue: $ mkfs.btrfs -f /dev/sdb $ mount /dev/sdb /mnt $ xfs_io -f -c "pwrite -S 0x18 9000K 6908K" /mnt/foo $ xfs_io -f -c "pwrite -S 0x20 2572K 156K" /mnt/bar $ xfs_io -c "fsync" /mnt/bar # reflink destination offset corresponds to the size of file bar, # 2728Kb minus 4Kb. $ xfs_io -c ""reflink ${SCRATCH_MNT}/foo 0 2724K 15908K" /mnt/bar $ xfs_io -c "fsync" /mnt/bar $ md5sum /mnt/bar 95a95813a8c2abc9aa75a6c2914a077e /mnt/bar <power fail> $ mount /dev/sdb /mnt $ md5sum /mnt/bar 207fd8d0b161be8a84b945f0df8d5f8d /mnt/bar # digest should be 95a95813a8c2abc9aa75a6c2914a077e like before the # power failure In the above example, the destination offset of the clone operation corresponds to the size of the "bar" file minus 4Kb. So during the clone operation, the extent map covering the range from 2572Kb to 2728Kb gets trimmed so that it ends at offset 2724Kb, and a new extent map covering the range from 2724Kb to 11724Kb is created. So at the end of the clone operation when we ask to truncate the pages in the range from 2724Kb to 2724Kb + 15908Kb, the page invalidation callback ends up removing the new extent map (through try_release_extent_mapping()) when the page at offset 2724Kb is passed to that callback. Fix this by setting the bit BTRFS_INODE_NEEDS_FULL_SYNC whenever an extent map is removed at try_release_extent_mapping(), forcing the next fsync to search for modified extents in the fs/subvolume tree instead of relying on the presence of extent maps in memory. This way we can continue doing a "fast" fsync if the destination range of a clone operation does not overlap with an existing range or if any of the criteria necessary to remove an extent map at try_release_extent_mapping() is not met (file size not bigger then 16Mb or gfp flags do not allow blocking). CC: stable(a)vger.kernel.org # 3.16+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c index 1aa91d57404a..8fd86e29085f 100644 --- a/fs/btrfs/extent_io.c +++ b/fs/btrfs/extent_io.c @@ -4241,8 +4241,9 @@ int try_release_extent_mapping(struct page *page, gfp_t mask) struct extent_map *em; u64 start = page_offset(page); u64 end = start + PAGE_SIZE - 1; - struct extent_io_tree *tree = &BTRFS_I(page->mapping->host)->io_tree; - struct extent_map_tree *map = &BTRFS_I(page->mapping->host)->extent_tree; + struct btrfs_inode *btrfs_inode = BTRFS_I(page->mapping->host); + struct extent_io_tree *tree = &btrfs_inode->io_tree; + struct extent_map_tree *map = &btrfs_inode->extent_tree; if (gfpflags_allow_blocking(mask) && page->mapping->host->i_size > SZ_16M) { @@ -4265,6 +4266,8 @@ int try_release_extent_mapping(struct page *page, gfp_t mask) extent_map_end(em) - 1, EXTENT_LOCKED | EXTENT_WRITEBACK, 0, NULL)) { + set_bit(BTRFS_INODE_NEEDS_FULL_SYNC, + &btrfs_inode->runtime_flags); remove_extent_mapping(map, em); /* once for the rb tree */ free_extent_map(em);

7 years, 1 month

3
2
0 0

FAILED: patch "[PATCH] i2c: imx: Fix reinit_completion() use" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 9f9e3e0d4dd3338b3f3dde080789f71901e1e4ff Mon Sep 17 00:00:00 2001 From: Esben Haabendal <eha(a)deif.com> Date: Mon, 9 Jul 2018 11:43:01 +0200 Subject: [PATCH] i2c: imx: Fix reinit_completion() use MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Make sure to call reinit_completion() before dma is started to avoid race condition where reinit_completion() is called after complete() and before wait_for_completion_timeout(). Signed-off-by: Esben Haabendal <eha(a)deif.com> Fixes: ce1a78840ff7 ("i2c: imx: add DMA support for freescale i2c driver") Reviewed-by: Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> Signed-off-by: Wolfram Sang <wsa(a)the-dreams.de> Cc: stable(a)kernel.org diff --git a/drivers/i2c/busses/i2c-imx.c b/drivers/i2c/busses/i2c-imx.c index 0207e194f84b..39cfd98c7b23 100644 --- a/drivers/i2c/busses/i2c-imx.c +++ b/drivers/i2c/busses/i2c-imx.c @@ -368,6 +368,7 @@ static int i2c_imx_dma_xfer(struct imx_i2c_struct *i2c_imx, goto err_desc; } + reinit_completion(&dma->cmd_complete); txdesc->callback = i2c_imx_dma_callback; txdesc->callback_param = i2c_imx; if (dma_submit_error(dmaengine_submit(txdesc))) { @@ -622,7 +623,6 @@ static int i2c_imx_dma_write(struct imx_i2c_struct *i2c_imx, * The first byte must be transmitted by the CPU. */ imx_i2c_write_reg(i2c_8bit_addr_from_msg(msgs), i2c_imx, IMX_I2C_I2DR); - reinit_completion(&i2c_imx->dma->cmd_complete); time_left = wait_for_completion_timeout( &i2c_imx->dma->cmd_complete, msecs_to_jiffies(DMA_TIMEOUT)); @@ -681,7 +681,6 @@ static int i2c_imx_dma_read(struct imx_i2c_struct *i2c_imx, if (result) return result; - reinit_completion(&i2c_imx->dma->cmd_complete); time_left = wait_for_completion_timeout( &i2c_imx->dma->cmd_complete, msecs_to_jiffies(DMA_TIMEOUT));

7 years, 1 month

3
2
0 0

FAILED: patch "[PATCH] ring_buffer: tracing: Inherit the tracing setting to next" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 73c8d8945505acdcbae137c2e00a1232e0be709f Mon Sep 17 00:00:00 2001 From: Masami Hiramatsu <mhiramat(a)kernel.org> Date: Sat, 14 Jul 2018 01:28:15 +0900 Subject: [PATCH] ring_buffer: tracing: Inherit the tracing setting to next ring buffer Maintain the tracing on/off setting of the ring_buffer when switching to the trace buffer snapshot. Taking a snapshot is done by swapping the backup ring buffer (max_tr_buffer). But since the tracing on/off setting is defined by the ring buffer, when swapping it, the tracing on/off setting can also be changed. This causes a strange result like below: /sys/kernel/debug/tracing # cat tracing_on 1 /sys/kernel/debug/tracing # echo 0 > tracing_on /sys/kernel/debug/tracing # cat tracing_on 0 /sys/kernel/debug/tracing # echo 1 > snapshot /sys/kernel/debug/tracing # cat tracing_on 1 /sys/kernel/debug/tracing # echo 1 > snapshot /sys/kernel/debug/tracing # cat tracing_on 0 We don't touch tracing_on, but snapshot changes tracing_on setting each time. This is an anomaly, because user doesn't know that each "ring_buffer" stores its own tracing-enable state and the snapshot is done by swapping ring buffers. Link: http://lkml.kernel.org/r/153149929558.11274.11730609978254724394.stgit@devb… Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Shuah Khan <shuah(a)kernel.org> Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Hiraku Toyooka <hiraku.toyooka(a)cybertrust.co.jp> Cc: stable(a)vger.kernel.org Fixes: debdd57f5145 ("tracing: Make a snapshot feature available from userspace") Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> [ Updated commit log and comment in the code ] Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/include/linux/ring_buffer.h b/include/linux/ring_buffer.h index b72ebdff0b77..003d09ab308d 100644 --- a/include/linux/ring_buffer.h +++ b/include/linux/ring_buffer.h @@ -165,6 +165,7 @@ void ring_buffer_record_enable(struct ring_buffer *buffer); void ring_buffer_record_off(struct ring_buffer *buffer); void ring_buffer_record_on(struct ring_buffer *buffer); int ring_buffer_record_is_on(struct ring_buffer *buffer); +int ring_buffer_record_is_set_on(struct ring_buffer *buffer); void ring_buffer_record_disable_cpu(struct ring_buffer *buffer, int cpu); void ring_buffer_record_enable_cpu(struct ring_buffer *buffer, int cpu); diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index 6a46af21765c..0b0b688ea166 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -3226,6 +3226,22 @@ int ring_buffer_record_is_on(struct ring_buffer *buffer) return !atomic_read(&buffer->record_disabled); } +/** + * ring_buffer_record_is_set_on - return true if the ring buffer is set writable + * @buffer: The ring buffer to see if write is set enabled + * + * Returns true if the ring buffer is set writable by ring_buffer_record_on(). + * Note that this does NOT mean it is in a writable state. + * + * It may return true when the ring buffer has been disabled by + * ring_buffer_record_disable(), as that is a temporary disabling of + * the ring buffer. + */ +int ring_buffer_record_is_set_on(struct ring_buffer *buffer) +{ + return !(atomic_read(&buffer->record_disabled) & RB_BUFFER_OFF); +} + /** * ring_buffer_record_disable_cpu - stop all writes into the cpu_buffer * @buffer: The ring buffer to stop writes to. diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 87cf25171fb8..823687997b01 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -1373,6 +1373,12 @@ update_max_tr(struct trace_array *tr, struct task_struct *tsk, int cpu) arch_spin_lock(&tr->max_lock); + /* Inherit the recordable setting from trace_buffer */ + if (ring_buffer_record_is_set_on(tr->trace_buffer.buffer)) + ring_buffer_record_on(tr->max_buffer.buffer); + else + ring_buffer_record_off(tr->max_buffer.buffer); + swap(tr->trace_buffer.buffer, tr->max_buffer.buffer); __update_max_tr(tr, tsk, cpu);

7 years, 1 month

3
2
0 0

Please apply commit a0040c014594 to v4.4.y, v4.9.y, v4.14.y

by Sinan Kaya

Hi Greg, Upstream commit a0040c014594 ("ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle "). This patch fixes a NULL pointer access when ACPI_HANDLE() is NULL. acpi_evaluate_dsm() fails as follows while there is no DSM in the tables. ACPI: \: failed to evaluate _DSM (0x1001) Sinan

7 years, 1 month

2
3
0 0

FAILED: patch "[PATCH] ext4: fix false negatives *and* false positives in" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 44de022c4382541cebdd6de4465d1f4f465ff1dd Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Sun, 8 Jul 2018 19:35:02 -0400 Subject: [PATCH] ext4: fix false negatives *and* false positives in ext4_check_descriptors() Ext4_check_descriptors() was getting called before s_gdb_count was initialized. So for file systems w/o the meta_bg feature, allocation bitmaps could overlap the block group descriptors and ext4 wouldn't notice. For file systems with the meta_bg feature enabled, there was a fencepost error which would cause the ext4_check_descriptors() to incorrectly believe that the block allocation bitmap overlaps with the block group descriptor blocks, and it would reject the mount. Fix both of these problems. Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)vger.kernel.org diff --git a/fs/ext4/super.c b/fs/ext4/super.c index ba2396a7bd04..eff5c983e067 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -2342,7 +2342,7 @@ static int ext4_check_descriptors(struct super_block *sb, struct ext4_sb_info *sbi = EXT4_SB(sb); ext4_fsblk_t first_block = le32_to_cpu(sbi->s_es->s_first_data_block); ext4_fsblk_t last_block; - ext4_fsblk_t last_bg_block = sb_block + ext4_bg_num_gdb(sb, 0) + 1; + ext4_fsblk_t last_bg_block = sb_block + ext4_bg_num_gdb(sb, 0); ext4_fsblk_t block_bitmap; ext4_fsblk_t inode_bitmap; ext4_fsblk_t inode_table; @@ -4085,14 +4085,13 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent) goto failed_mount2; } } + sbi->s_gdb_count = db_count; if (!ext4_check_descriptors(sb, logical_sb_block, &first_not_zeroed)) { ext4_msg(sb, KERN_ERR, "group descriptors corrupted!"); ret = -EFSCORRUPTED; goto failed_mount2; } - sbi->s_gdb_count = db_count; - timer_setup(&sbi->s_err_report, print_daily_error_info, 0); /* Register extent status tree shrinker */

7 years, 1 month

4
4
0 0

[PATCH] ext4: fix false negatives *and* false positives in ext4_check_descriptors()

by Benjamin Gilbert

Fix trivial conflict that caused the original commit to bounce from 4.4, 4.9, and 4.14. -- >8 -- commit 44de022c4382541cebdd6de4465d1f4f465ff1dd upstream. Ext4_check_descriptors() was getting called before s_gdb_count was initialized. So for file systems w/o the meta_bg feature, allocation bitmaps could overlap the block group descriptors and ext4 wouldn't notice. For file systems with the meta_bg feature enabled, there was a fencepost error which would cause the ext4_check_descriptors() to incorrectly believe that the block allocation bitmap overlaps with the block group descriptor blocks, and it would reject the mount. Fix both of these problems. Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)vger.kernel.org Signed-off-by: Benjamin Gilbert <bgilbert(a)redhat.com> --- fs/ext4/super.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/ext4/super.c b/fs/ext4/super.c index fc32a67a7a19..a500f55d421a 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -2301,7 +2301,7 @@ static int ext4_check_descriptors(struct super_block *sb, struct ext4_sb_info *sbi = EXT4_SB(sb); ext4_fsblk_t first_block = le32_to_cpu(sbi->s_es->s_first_data_block); ext4_fsblk_t last_block; - ext4_fsblk_t last_bg_block = sb_block + ext4_bg_num_gdb(sb, 0) + 1; + ext4_fsblk_t last_bg_block = sb_block + ext4_bg_num_gdb(sb, 0); ext4_fsblk_t block_bitmap; ext4_fsblk_t inode_bitmap; ext4_fsblk_t inode_table; @@ -4044,13 +4044,13 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent) goto failed_mount2; } } + sbi->s_gdb_count = db_count; if (!ext4_check_descriptors(sb, logical_sb_block, &first_not_zeroed)) { ext4_msg(sb, KERN_ERR, "group descriptors corrupted!"); ret = -EFSCORRUPTED; goto failed_mount2; } - sbi->s_gdb_count = db_count; get_random_bytes(&sbi->s_next_generation, sizeof(u32)); spin_lock_init(&sbi->s_next_gen_lock); -- 2.17.1

7 years, 1 month

2
1
0 0

wait for your reply

by Roy Robinson

Did you receive my email yesterday? Just want to check if you have needs for photo editing for our studio? We normally edit 300 images within 12-24 hours. We take care of different kinds of e-commerce photos, jewelry images, and portrait model images. Including cutting out and clipping path and others, we also give retouching for your images. You may drop us a photo if you want to check our quality, we will provide testing. Thanks, Roy

7 years, 1 month

1
0
0 0

[PATCH v3 1/4] ACPI / scan: Fix acpi_is_indirect_io_slave() always returning false

by Hans de Goede

Since commit 63347db0affa ("ACPI / scan: Use acpi_bus_get_status() to initialize ACPI_TYPE_DEVICE devs") the status field of normal acpi_devices gets set to 0 by acpi_bus_type_and_status() and filled with its actual value later when acpi_add_single_object() calls acpi_bus_get_status(). This means that status is 0 when acpi_device_enumeration_by_parent() gets called which makes the acpi_match_device_ids() call in acpi_is_indirect_io_slave() always return -ENOENT. This commit fixes this by making acpi_bus_type_and_status() set status to ACPI_STA_DEFAULT until acpi_add_single_object() calls acpi_bus_get_status() Fixes: dfda4492322e ("ACPI / scan: Do not enumerate Indirect IO host children") Cc: stable(a)vger.kernel.org Cc: John Garry <john.garry(a)huawei.com> Cc: Bjorn Helgaas <bhelgaas(a)google.com> Cc: Dann Frazier <dann.frazier(a)canonical.com> Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> --- drivers/acpi/scan.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/acpi/scan.c b/drivers/acpi/scan.c index 970dd87d347c..6799d00dd790 100644 --- a/drivers/acpi/scan.c +++ b/drivers/acpi/scan.c @@ -1612,7 +1612,8 @@ static int acpi_add_single_object(struct acpi_device **child, * Note this must be done before the get power-/wakeup_dev-flags calls. */ if (type == ACPI_BUS_TYPE_DEVICE) - acpi_bus_get_status(device); + if (acpi_bus_get_status(device) < 0) + acpi_set_device_status(device, 0); acpi_bus_get_power_flags(device); acpi_bus_get_wakeup_device_flags(device); @@ -1690,7 +1691,7 @@ static int acpi_bus_type_and_status(acpi_handle handle, int *type, * acpi_add_single_object updates this once we've an acpi_device * so that acpi_bus_get_status' quirk handling can be used. */ - *sta = 0; + *sta = ACPI_STA_DEFAULT; break; case ACPI_TYPE_PROCESSOR: *type = ACPI_BUS_TYPE_PROCESSOR; -- 2.18.0

7 years, 1 month

2
2
0 0

[PATCH 1/2] x86/entry/64: Do not clear %rbx under Xen

by M. Vefa Bicakci

Commit 3ac6d8c787b8 ("x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface") unintendedly broke Xen PV virtual machines by clearing the %rbx register at the end of xen_failsafe_callback before the latter jumps to error_exit. error_exit expects the %rbx register to be a flag indicating whether there should be a return to kernel mode. This commit makes sure that the %rbx register is not cleared by the PUSH_AND_CLEAR_REGS macro, when the macro in question is instantiated by xen_failsafe_callback, to avoid the issue. The impact of this bug includes (and most likely is not limited to) kernel BUGs when wine is run in Xen PV virtual machines. One example is included below. This example depicts the bug when wine is used to run TeamViewer version 13's portable version under a Xen PV virtual machine using an up-to-date version of Qubes OS R3.2. [...........] kernel tried to execute NX-protected page - exploit attempt? (uid: 1000) [ +0.000021] BUG: unable to handle kernel paging request at ffffffff82012480 [ +0.000020] IP: init_task+0x0/0x2ac0 [ +0.000009] PGD 200e067 P4D 200e067 PUD 200f067 PMD 2d5e067 PTE 8010000002012067 [ +0.000019] Oops: 0011 [#1] SMP DEBUG_PAGEALLOC NOPTI [ +0.000015] Modules linked in: fuse bluetooth ecdh_generic rfkill ip6table_filter ip6_tables xt_conntrack ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack libcrc32c intel_rapl x86_pkg_temp_thermal crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel xen_netfront intel_rapl_perf pcspkr binfmt_misc dummy_hcd udc_core xen_gntdev xen_gntalloc u2mfn(O) xen_blkback xenfs xen_evtchn xen_privcmd xen_blkfront [ +0.000091] CPU: 0 PID: 1350 Comm: TeamViewer.exe Tainted: G O 4.14.20-11.d10d0bb86d #15 [ +0.000018] task: ffff8800042fda00 task.stack: ffffc900006f8000 [ +0.000015] RIP: e030:init_task+0x0/0x2ac0 [ +0.000009] RSP: e02b:ffffffff82003df8 EFLAGS: 00010002 [ +0.000012] RAX: 0000000000000040 RBX: 0000000000000004 RCX: 0000000000000000 [ +0.000015] RDX: 0000000000000000 RSI: 0000000000000202 RDI: ffffffff810011aa [ +0.000015] RBP: 000000000033eb88 R08: 0000000000000000 R09: 0000000000000000 [ +0.000015] R10: 0000000000000000 R11: ffff88000d772600 R12: 0000000000000000 [ +0.000015] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ +0.000027] FS: 000000007ffd8000(0063) GS:ffff88000f400000(006b) knlGS:0000000000000000 [ +0.000016] CS: e033 DS: 002b ES: 002b CR0: 0000000080050033 [ +0.000014] CR2: ffffffff82012480 CR3: 0000000004880000 CR4: 0000000000042660 [ +0.000025] Call Trace: [ +0.000007] Code: ff ff ff d0 5a 1e 81 ff ff ff ff 00 00 00 00 00 00 00 00 e0 d7 04 82 ff ff ff ff e8 98 c0 0d 00 88 ff ff 01 80 00 00 00 00 00 00 <00> 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ +0.000068] RIP: init_task+0x0/0x2ac0 RSP: ffffffff82003df8 [ +0.000011] CR2: ffffffff82012480 [ +0.000010] ---[ end trace 7fb0075d4247b2a2 ]--- The commit that introduces this bug was found with git-bisect in conjunction with some scripts and Qubes OS's cross-VM RPCs for automation, and the correction was prepared after a manual inspection of the changes introduced by the commit in question. To the best of my recollection, this issue is also reproducible in an Ubuntu 18.04 LTS dom0 instance with the version of the Xen hypervisor in Ubuntu's package repositories. Signed-off-by: M. Vefa Bicakci <m.v.b(a)runbox.com> Cc: Dominik Brodowski <linux(a)dominikbrodowski.net> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: Juergen Gross <jgross(a)suse.com> Cc: xen-devel(a)lists.xenproject.org Cc: x86(a)kernel.org Cc: stable(a)vger.kernel.org # for v4.14 and up Fixes: 3ac6d8c787b8 ("x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface") --- arch/x86/entry/calling.h | 4 +++- arch/x86/entry/entry_64.S | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/x86/entry/calling.h b/arch/x86/entry/calling.h index 20d0885b00fb..71795767da94 100644 --- a/arch/x86/entry/calling.h +++ b/arch/x86/entry/calling.h @@ -97,7 +97,7 @@ For 32-bit we have the following conventions - kernel is built with #define SIZEOF_PTREGS 21*8 -.macro PUSH_AND_CLEAR_REGS rdx=%rdx rax=%rax save_ret=0 +.macro PUSH_AND_CLEAR_REGS rdx=%rdx rax=%rax save_ret=0 clear_rbx=1 /* * Push registers and sanitize registers of values that a * speculation attack might otherwise want to exploit. The @@ -127,7 +127,9 @@ For 32-bit we have the following conventions - kernel is built with pushq %r11 /* pt_regs->r11 */ xorl %r11d, %r11d /* nospec r11*/ pushq %rbx /* pt_regs->rbx */ + .if \clear_rbx xorl %ebx, %ebx /* nospec rbx*/ + .endif pushq %rbp /* pt_regs->rbp */ xorl %ebp, %ebp /* nospec rbp*/ pushq %r12 /* pt_regs->r12 */ diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S index c7449f377a77..96e8ff34129e 100644 --- a/arch/x86/entry/entry_64.S +++ b/arch/x86/entry/entry_64.S @@ -1129,7 +1129,7 @@ ENTRY(xen_failsafe_callback) addq $0x30, %rsp UNWIND_HINT_IRET_REGS pushq $-1 /* orig_ax = -1 => not a system call */ - PUSH_AND_CLEAR_REGS + PUSH_AND_CLEAR_REGS clear_rbx=0 ENCODE_FRAME_POINTER jmp error_exit END(xen_failsafe_callback) -- 2.17.1

7 years, 1 month

6
23
0 0

Your immediate response is required if you are alive

by Derek Langston

Dear Client, Please confirm if you are still alive because two gentle men walked into my office this morning to claim your inheritance funds with our bank. They said that you are dead and that they are your representative. I got your email from the file of your relative who is yet to be paid for the Contract he has executed before his death several years ago.You the beneficiary of this fund has not been in contact with the bank to claim your fund. The gentlemen submitted an address where they want your VISA DEBIT ATM CARD sent. If you are still alive, please indicate by sending your full contact details within 7 day of receiving this message, faliure to do so, I will send the card to the address submitted by your representatives. Regards Derek

7 years, 1 month

1
0
0 0

Can you do it?

by Ms CHIANG Lai Yuen JP

I have a Businesss Proposal for you, get ack to me for more details.

7 years, 1 month

1
0
0 0

Loan and investment

by Tajick Ali

Greetings, I represent business group in Middle East looking for projects to fund; we seek any business that will guaranty a safe and secure return on investments. Alternative powers, movies, start up companies etc. We are also looking for commercial building projects, hotels, casino, strip malls etc. If you have a project that differs from these and current budget is over $40M, Write us and Provide Executive Summary and project details. (a)100% financing is available. (b)Possible JV partnerships or 100% loans. (c)Project must be over $20M total budget. I look forward to your reply, Sir Abraham Oded Sahara Petrochems Ltd odoabraham5(a)gmail.com

7 years, 1 month

1
0
0 0

[PATCH v3 3/8] drm/fb_helper: Introduce hotplug_suspend/resume()

by Lyude Paul

I'm sure I don't need to tell you that fb_helper's locking is a mess. That being said; fb_helper's locking mess can seriously complicate the runtime suspend/resume operations of drivers because it can invoke atomic commits and connector probing from anywhere that calls drm_fb_helper_hotplug_event(). Since most drivers use drm_fb_helper_output_poll_changed() as their output_poll_changed handler, this can happen in every single context that can fire off a hotplug event. An example: [ 246.669625] INFO: task kworker/4:0:37 blocked for more than 120 seconds. [ 246.673398] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.675271] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.676527] kworker/4:0 D 0 37 2 0x80000000 [ 246.677580] Workqueue: events output_poll_execute [drm_kms_helper] [ 246.678704] Call Trace: [ 246.679753] __schedule+0x322/0xaf0 [ 246.680916] schedule+0x33/0x90 [ 246.681924] schedule_preempt_disabled+0x15/0x20 [ 246.683023] __mutex_lock+0x569/0x9a0 [ 246.684035] ? kobject_uevent_env+0x117/0x7b0 [ 246.685132] ? drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.686179] mutex_lock_nested+0x1b/0x20 [ 246.687278] ? mutex_lock_nested+0x1b/0x20 [ 246.688307] drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.689420] drm_fb_helper_output_poll_changed+0x23/0x30 [drm_kms_helper] [ 246.690462] drm_kms_helper_hotplug_event+0x2a/0x30 [drm_kms_helper] [ 246.691570] output_poll_execute+0x198/0x1c0 [drm_kms_helper] [ 246.692611] process_one_work+0x231/0x620 [ 246.693725] worker_thread+0x214/0x3a0 [ 246.694756] kthread+0x12b/0x150 [ 246.695856] ? wq_pool_ids_show+0x140/0x140 [ 246.696888] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.697998] ret_from_fork+0x3a/0x50 [ 246.699034] INFO: task kworker/0:1:60 blocked for more than 120 seconds. [ 246.700153] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.701182] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.702278] kworker/0:1 D 0 60 2 0x80000000 [ 246.703293] Workqueue: pm pm_runtime_work [ 246.704393] Call Trace: [ 246.705403] __schedule+0x322/0xaf0 [ 246.706439] ? wait_for_completion+0x104/0x190 [ 246.707393] schedule+0x33/0x90 [ 246.708375] schedule_timeout+0x3a5/0x590 [ 246.709289] ? mark_held_locks+0x58/0x80 [ 246.710208] ? _raw_spin_unlock_irq+0x2c/0x40 [ 246.711222] ? wait_for_completion+0x104/0x190 [ 246.712134] ? trace_hardirqs_on_caller+0xf4/0x190 [ 246.713094] ? wait_for_completion+0x104/0x190 [ 246.713964] wait_for_completion+0x12c/0x190 [ 246.714895] ? wake_up_q+0x80/0x80 [ 246.715727] ? get_work_pool+0x90/0x90 [ 246.716649] flush_work+0x1c9/0x280 [ 246.717483] ? flush_workqueue_prep_pwqs+0x1b0/0x1b0 [ 246.718442] __cancel_work_timer+0x146/0x1d0 [ 246.719247] cancel_delayed_work_sync+0x13/0x20 [ 246.720043] drm_kms_helper_poll_disable+0x1f/0x30 [drm_kms_helper] [ 246.721123] nouveau_pmops_runtime_suspend+0x3d/0xb0 [nouveau] [ 246.721897] pci_pm_runtime_suspend+0x6b/0x190 [ 246.722825] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.723737] __rpm_callback+0x7a/0x1d0 [ 246.724721] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.725607] rpm_callback+0x24/0x80 [ 246.726553] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.727376] rpm_suspend+0x142/0x6b0 [ 246.728185] pm_runtime_work+0x97/0xc0 [ 246.728938] process_one_work+0x231/0x620 [ 246.729796] worker_thread+0x44/0x3a0 [ 246.730614] kthread+0x12b/0x150 [ 246.731395] ? wq_pool_ids_show+0x140/0x140 [ 246.732202] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.732878] ret_from_fork+0x3a/0x50 [ 246.733768] INFO: task kworker/4:2:422 blocked for more than 120 seconds. [ 246.734587] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.735393] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.736113] kworker/4:2 D 0 422 2 0x80000080 [ 246.736789] Workqueue: events_long drm_dp_mst_link_probe_work [drm_kms_helper] [ 246.737665] Call Trace: [ 246.738490] __schedule+0x322/0xaf0 [ 246.739250] schedule+0x33/0x90 [ 246.739908] rpm_resume+0x19c/0x850 [ 246.740750] ? finish_wait+0x90/0x90 [ 246.741541] __pm_runtime_resume+0x4e/0x90 [ 246.742370] nv50_disp_atomic_commit+0x31/0x210 [nouveau] [ 246.743124] drm_atomic_commit+0x4a/0x50 [drm] [ 246.743775] restore_fbdev_mode_atomic+0x1c8/0x240 [drm_kms_helper] [ 246.744603] restore_fbdev_mode+0x31/0x140 [drm_kms_helper] [ 246.745373] drm_fb_helper_restore_fbdev_mode_unlocked+0x54/0xb0 [drm_kms_helper] [ 246.746220] drm_fb_helper_set_par+0x2d/0x50 [drm_kms_helper] [ 246.746884] drm_fb_helper_hotplug_event.part.28+0x96/0xb0 [drm_kms_helper] [ 246.747675] drm_fb_helper_output_poll_changed+0x23/0x30 [drm_kms_helper] [ 246.748544] drm_kms_helper_hotplug_event+0x2a/0x30 [drm_kms_helper] [ 246.749439] nv50_mstm_hotplug+0x15/0x20 [nouveau] [ 246.750111] drm_dp_send_link_address+0x177/0x1c0 [drm_kms_helper] [ 246.750764] drm_dp_check_and_send_link_address+0xa8/0xd0 [drm_kms_helper] [ 246.751602] drm_dp_mst_link_probe_work+0x51/0x90 [drm_kms_helper] [ 246.752314] process_one_work+0x231/0x620 [ 246.752979] worker_thread+0x44/0x3a0 [ 246.753838] kthread+0x12b/0x150 [ 246.754619] ? wq_pool_ids_show+0x140/0x140 [ 246.755386] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.756162] ret_from_fork+0x3a/0x50 [ 246.756847] Showing all locks held in the system: [ 246.758261] 3 locks held by kworker/4:0/37: [ 246.759016] #0: 00000000f8df4d2d ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.759856] #1: 00000000e6065461 ((work_completion)(&(&dev->mode_config.output_poll_work)->work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.760670] #2: 00000000cb66735f (&helper->lock){+.+.}, at: drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.761516] 2 locks held by kworker/0:1/60: [ 246.762274] #0: 00000000fff6be0f ((wq_completion)"pm"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.762982] #1: 000000005ab44fb4 ((work_completion)(&dev->power.work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.763890] 1 lock held by khungtaskd/64: [ 246.764664] #0: 000000008cb8b5c3 (rcu_read_lock){....}, at: debug_show_all_locks+0x23/0x185 [ 246.765588] 5 locks held by kworker/4:2/422: [ 246.766440] #0: 00000000232f0959 ((wq_completion)"events_long"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.767390] #1: 00000000bb59b134 ((work_completion)(&mgr->work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.768154] #2: 00000000cb66735f (&helper->lock){+.+.}, at: drm_fb_helper_restore_fbdev_mode_unlocked+0x4c/0xb0 [drm_kms_helper] [ 246.768966] #3: 000000004c8f0b6b (crtc_ww_class_acquire){+.+.}, at: restore_fbdev_mode_atomic+0x4b/0x240 [drm_kms_helper] [ 246.769921] #4: 000000004c34a296 (crtc_ww_class_mutex){+.+.}, at: drm_modeset_backoff+0x8a/0x1b0 [drm] [ 246.770839] 1 lock held by dmesg/1038: [ 246.771739] 2 locks held by zsh/1172: [ 246.772650] #0: 00000000836d0438 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 246.773680] #1: 000000001f4f4d48 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0xc1/0x870 [ 246.775522] ============================================= Because of this, there's an unreasonable number of places that drm drivers would need to insert special handling to prevent trying to resume the device from all of these contexts that can deadlock. It's difficult even to try synchronizing with fb_helper in these contexts as well, since any of them could introduce a deadlock by waiting to acquire the top-level fb_helper mutex, while it's being held by another thread that might potentially call down to pm_runtime_get_sync(). Luckily-there's no actual reason we need to allow fb_helper to handle hotplugging at all when runtime suspending a device. If a hotplug happens during a runtime suspend operation, there's no reason the driver can't just re-enable fbcon's hotplug handling and bring it up to speed with hotplugging events it may have missed by calling drm_fb_helper_hotplug_event(). So, let's make this easy and just add helpers to handle disabling and enabling fb_helper connector probing() without having to potentially wait on fb_helper to finish it's work. This will let us fix the runtime suspend/resume deadlocks that we've been experiencing with nouveau, along with being able to fix some of the incorrect runtime PM core interaction that other DRM drivers currently perform to work around these issues. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/drm_fb_helper.c | 65 +++++++++++++++++++++++++++++++++ include/drm/drm_fb_helper.h | 20 ++++++++++ 2 files changed, 85 insertions(+) diff --git a/drivers/gpu/drm/drm_fb_helper.c b/drivers/gpu/drm/drm_fb_helper.c index 2ee1eaa66188..28d59befbc92 100644 --- a/drivers/gpu/drm/drm_fb_helper.c +++ b/drivers/gpu/drm/drm_fb_helper.c @@ -2733,6 +2733,66 @@ int drm_fb_helper_initial_config(struct drm_fb_helper *fb_helper, int bpp_sel) } EXPORT_SYMBOL(drm_fb_helper_initial_config); +/** + * drm_fb_helper_resume_hotplug - Allow fb_helper to handle probing new + * connectors again, and bring it up to date + * with the current device's connector status + * fb_helper: driver-allocated fbdev helper, can be NULL + * + * Allow fb_helper to react to connector status changes again after having + * been disabled through drm_fb_helper_suspend_hotplug(). This also schedules + * a fb_helper hotplug event to bring fb_helper up to date with the current + * status of the DRM device's connectors. + */ +void +drm_fb_helper_resume_hotplug(struct drm_fb_helper *fb_helper) +{ + fb_helper->hotplug_suspended = false; + drm_fb_helper_hotplug_event(fb_helper); +} +EXPORT_SYMBOL(drm_fb_helper_resume_hotplug); + +/** + * drm_fb_helper_suspend_hotplug - Attempt to temporarily inhibit fb_helper's + * ability to respond to connector changes + * without waiting + * @fb_helper: driver-allocated fbdev helper, can be NULL + * + * Temporarily prevent fb_helper from being able to handle connector changes, + * but only if it isn't busy doing something else. The connector probing + * routines in fb_helper can potentially grab any modesetting lock imaginable, + * which dramatically complicates the runtime suspend process. This helper can + * be used to simplify the process of runtime suspend by allowing the driver + * to disable unpredictable fb_helper operations as early as possible, without + * requiring that we try waiting on fb_helper (as this could lead to very + * difficult to solve deadlocks with runtime suspend code if fb_helper ends up + * needing to acquire a runtime PM reference). + * + * This call should be put at the very start of a driver's runtime suspend + * operation if desired. The driver must be responsible for re-enabling + * fb_helper hotplug handling when normal hotplug detection becomes available + * on the device again. This will usually happen if runtime suspend is + * aborted, or when the device is runtime resumed. + * + * Returns: true if hotplug handling was disabled, false if disabling hotplug + * handling would mean waiting on fb_helper. + */ +bool +drm_fb_helper_suspend_hotplug(struct drm_fb_helper *fb_helper) +{ + int ret; + + ret = mutex_trylock(&fb_helper->lock); + if (!ret) + return false; + + fb_helper->hotplug_suspended = true; + mutex_unlock(&fb_helper->lock); + + return true; +} +EXPORT_SYMBOL(drm_fb_helper_suspend_hotplug); + /** * drm_fb_helper_hotplug_event - respond to a hotplug notification by * probing all the outputs attached to the fb @@ -2774,6 +2834,11 @@ int drm_fb_helper_hotplug_event(struct drm_fb_helper *fb_helper) return err; } + if (fb_helper->hotplug_suspended) { + mutex_unlock(&fb_helper->lock); + return err; + } + DRM_DEBUG_KMS("\n"); drm_setup_crtcs(fb_helper, fb_helper->fb->width, fb_helper->fb->height); diff --git a/include/drm/drm_fb_helper.h b/include/drm/drm_fb_helper.h index b069433e7fc1..30881131075c 100644 --- a/include/drm/drm_fb_helper.h +++ b/include/drm/drm_fb_helper.h @@ -232,6 +232,14 @@ struct drm_fb_helper { * See also: @deferred_setup */ int preferred_bpp; + + /** + * @hotplug_suspended: + * + * Whether or not we can currently handle hotplug events, or if we + * need to wait for the DRM device to uninhibit us. + */ + bool hotplug_suspended; }; /** @@ -330,6 +338,10 @@ void drm_fb_helper_fbdev_teardown(struct drm_device *dev); void drm_fb_helper_lastclose(struct drm_device *dev); void drm_fb_helper_output_poll_changed(struct drm_device *dev); + +void drm_fb_helper_resume_hotplug(struct drm_fb_helper *fb_helper); +bool drm_fb_helper_suspend_hotplug(struct drm_fb_helper *fb_helper); + #else static inline void drm_fb_helper_prepare(struct drm_device *dev, struct drm_fb_helper *helper, @@ -564,6 +576,14 @@ static inline void drm_fb_helper_output_poll_changed(struct drm_device *dev) { } +static inline void +drm_fb_helper_resume_hotplug(struct drm_fb_helper *fb_helper) +{ +} +static inline bool +drm_fb_helper_suspend_hotplug(struct drm_fb_helper *fb_helper) +{ +} #endif static inline int -- 2.17.1

7 years, 1 month

5
7
0 0

[PATCH v4 7/8] drm/nouveau: Fix deadlocks in nouveau_connector_detect()

by Lyude Paul

When we disable hotplugging on the GPU, we need to be able to synchronize with each connector's hotplug interrupt handler before the interrupt is finally disabled. This can be a problem however, since nouveau_connector_detect() currently grabs a runtime power reference when handling connector probing. This will deadlock the runtime suspend handler like so: [ 861.480896] INFO: task kworker/0:2:61 blocked for more than 120 seconds. [ 861.483290] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.485158] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.486332] kworker/0:2 D 0 61 2 0x80000000 [ 861.487044] Workqueue: events nouveau_display_hpd_work [nouveau] [ 861.487737] Call Trace: [ 861.488394] __schedule+0x322/0xaf0 [ 861.489070] schedule+0x33/0x90 [ 861.489744] rpm_resume+0x19c/0x850 [ 861.490392] ? finish_wait+0x90/0x90 [ 861.491068] __pm_runtime_resume+0x4e/0x90 [ 861.491753] nouveau_display_hpd_work+0x22/0x60 [nouveau] [ 861.492416] process_one_work+0x231/0x620 [ 861.493068] worker_thread+0x44/0x3a0 [ 861.493722] kthread+0x12b/0x150 [ 861.494342] ? wq_pool_ids_show+0x140/0x140 [ 861.494991] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.495648] ret_from_fork+0x3a/0x50 [ 861.496304] INFO: task kworker/6:2:320 blocked for more than 120 seconds. [ 861.496968] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.497654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.498341] kworker/6:2 D 0 320 2 0x80000080 [ 861.499045] Workqueue: pm pm_runtime_work [ 861.499739] Call Trace: [ 861.500428] __schedule+0x322/0xaf0 [ 861.501134] ? wait_for_completion+0x104/0x190 [ 861.501851] schedule+0x33/0x90 [ 861.502564] schedule_timeout+0x3a5/0x590 [ 861.503284] ? mark_held_locks+0x58/0x80 [ 861.503988] ? _raw_spin_unlock_irq+0x2c/0x40 [ 861.504710] ? wait_for_completion+0x104/0x190 [ 861.505417] ? trace_hardirqs_on_caller+0xf4/0x190 [ 861.506136] ? wait_for_completion+0x104/0x190 [ 861.506845] wait_for_completion+0x12c/0x190 [ 861.507555] ? wake_up_q+0x80/0x80 [ 861.508268] flush_work+0x1c9/0x280 [ 861.508990] ? flush_workqueue_prep_pwqs+0x1b0/0x1b0 [ 861.509735] nvif_notify_put+0xb1/0xc0 [nouveau] [ 861.510482] nouveau_display_fini+0xbd/0x170 [nouveau] [ 861.511241] nouveau_display_suspend+0x67/0x120 [nouveau] [ 861.511969] nouveau_do_suspend+0x5e/0x2d0 [nouveau] [ 861.512715] nouveau_pmops_runtime_suspend+0x47/0xb0 [nouveau] [ 861.513435] pci_pm_runtime_suspend+0x6b/0x180 [ 861.514165] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.514897] __rpm_callback+0x7a/0x1d0 [ 861.515618] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.516313] rpm_callback+0x24/0x80 [ 861.517027] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.517741] rpm_suspend+0x142/0x6b0 [ 861.518449] pm_runtime_work+0x97/0xc0 [ 861.519144] process_one_work+0x231/0x620 [ 861.519831] worker_thread+0x44/0x3a0 [ 861.520522] kthread+0x12b/0x150 [ 861.521220] ? wq_pool_ids_show+0x140/0x140 [ 861.521925] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.522622] ret_from_fork+0x3a/0x50 [ 861.523299] INFO: task kworker/6:0:1329 blocked for more than 120 seconds. [ 861.523977] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.524644] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.525349] kworker/6:0 D 0 1329 2 0x80000000 [ 861.526073] Workqueue: events nvif_notify_work [nouveau] [ 861.526751] Call Trace: [ 861.527411] __schedule+0x322/0xaf0 [ 861.528089] schedule+0x33/0x90 [ 861.528758] rpm_resume+0x19c/0x850 [ 861.529399] ? finish_wait+0x90/0x90 [ 861.530073] __pm_runtime_resume+0x4e/0x90 [ 861.530798] nouveau_connector_detect+0x7e/0x510 [nouveau] [ 861.531459] ? ww_mutex_lock+0x47/0x80 [ 861.532097] ? ww_mutex_lock+0x47/0x80 [ 861.532819] ? drm_modeset_lock+0x88/0x130 [drm] [ 861.533481] drm_helper_probe_detect_ctx+0xa0/0x100 [drm_kms_helper] [ 861.534127] drm_helper_hpd_irq_event+0xa4/0x120 [drm_kms_helper] [ 861.534940] nouveau_connector_hotplug+0x98/0x120 [nouveau] [ 861.535556] nvif_notify_work+0x2d/0xb0 [nouveau] [ 861.536221] process_one_work+0x231/0x620 [ 861.536994] worker_thread+0x44/0x3a0 [ 861.537757] kthread+0x12b/0x150 [ 861.538463] ? wq_pool_ids_show+0x140/0x140 [ 861.539102] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.539815] ret_from_fork+0x3a/0x50 [ 861.540521] Showing all locks held in the system: [ 861.541696] 2 locks held by kworker/0:2/61: [ 861.542406] #0: 000000002dbf8af5 ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.543071] #1: 0000000076868126 ((work_completion)(&drm->hpd_work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.543814] 1 lock held by khungtaskd/64: [ 861.544535] #0: 0000000059db4b53 (rcu_read_lock){....}, at: debug_show_all_locks+0x23/0x185 [ 861.545160] 3 locks held by kworker/6:2/320: [ 861.545896] #0: 00000000d9e1bc59 ((wq_completion)"pm"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.546702] #1: 00000000c9f92d84 ((work_completion)(&dev->power.work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.547443] #2: 000000004afc5de1 (drm_connector_list_iter){.+.+}, at: nouveau_display_fini+0x96/0x170 [nouveau] [ 861.548146] 1 lock held by dmesg/983: [ 861.548889] 2 locks held by zsh/1250: [ 861.549605] #0: 00000000348e3cf6 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 861.550393] #1: 000000007009a7a8 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0xc1/0x870 [ 861.551122] 6 locks held by kworker/6:0/1329: [ 861.551957] #0: 000000002dbf8af5 ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.552765] #1: 00000000ddb499ad ((work_completion)(&notify->work)#2){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.553582] #2: 000000006e013cbe (&dev->mode_config.mutex){+.+.}, at: drm_helper_hpd_irq_event+0x6c/0x120 [drm_kms_helper] [ 861.554357] #3: 000000004afc5de1 (drm_connector_list_iter){.+.+}, at: drm_helper_hpd_irq_event+0x78/0x120 [drm_kms_helper] [ 861.555227] #4: 0000000044f294d9 (crtc_ww_class_acquire){+.+.}, at: drm_helper_probe_detect_ctx+0x3d/0x100 [drm_kms_helper] [ 861.556133] #5: 00000000db193642 (crtc_ww_class_mutex){+.+.}, at: drm_modeset_lock+0x4b/0x130 [drm] [ 861.557864] ============================================= [ 861.559507] NMI backtrace for cpu 2 [ 861.560363] CPU: 2 PID: 64 Comm: khungtaskd Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.561197] Hardware name: LENOVO 20EQS64N0B/20EQS64N0B, BIOS N1EET78W (1.51 ) 05/18/2018 [ 861.561948] Call Trace: [ 861.562757] dump_stack+0x8e/0xd3 [ 861.563516] nmi_cpu_backtrace.cold.3+0x14/0x5a [ 861.564269] ? lapic_can_unplug_cpu.cold.27+0x42/0x42 [ 861.565029] nmi_trigger_cpumask_backtrace+0xa1/0xae [ 861.565789] arch_trigger_cpumask_backtrace+0x19/0x20 [ 861.566558] watchdog+0x316/0x580 [ 861.567355] kthread+0x12b/0x150 [ 861.568114] ? reset_hung_task_detector+0x20/0x20 [ 861.568863] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.569598] ret_from_fork+0x3a/0x50 [ 861.570370] Sending NMI from CPU 2 to CPUs 0-1,3-7: [ 861.571426] NMI backtrace for cpu 6 skipped: idling at intel_idle+0x7f/0x120 [ 861.571429] NMI backtrace for cpu 7 skipped: idling at intel_idle+0x7f/0x120 [ 861.571432] NMI backtrace for cpu 3 skipped: idling at intel_idle+0x7f/0x120 [ 861.571464] NMI backtrace for cpu 5 skipped: idling at intel_idle+0x7f/0x120 [ 861.571467] NMI backtrace for cpu 0 skipped: idling at intel_idle+0x7f/0x120 [ 861.571469] NMI backtrace for cpu 4 skipped: idling at intel_idle+0x7f/0x120 [ 861.571472] NMI backtrace for cpu 1 skipped: idling at intel_idle+0x7f/0x120 [ 861.572428] Kernel panic - not syncing: hung_task: blocked tasks So: fix this with a new trick; store the current task_struct that's executing in the nouveau_connector structure, then avoid attempting to runtime resume the device when we know that we're just running from the context of our hotplug interrupt handler. Since hpd interrupts are only enabled while the device is runtime active, this should be totally safe. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 16 ++++++++++------ drivers/gpu/drm/nouveau/nouveau_connector.h | 1 + 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 9714e09f17db..8409c3f2c3a1 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -572,13 +572,14 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) nv_connector->edid = NULL; } - /* Outputs are only polled while runtime active, so resuming the - * device here is unnecessary (and would deadlock upon runtime suspend - * because it waits for polling to finish). We do however, want to - * prevent the autosuspend timer from elapsing during this operation - * if possible. + /* Output polling and HPD only happens while we're runtime active, so + * resuming the device here is unnecessary (and would deadlock upon + * runtime suspend because it waits for polling to finish). We do + * however, want to prevent the autosuspend timer from elapsing during + * this operation if possible. */ - if (drm_kms_helper_is_poll_worker()) { + if (drm_kms_helper_is_poll_worker() || + nv_connector->hpd_task == current) { pm_runtime_get_noresume(dev->dev); } else { ret = pm_runtime_get_sync(dev->dev); @@ -1151,6 +1152,8 @@ nouveau_connector_hotplug(struct nvif_notify *notify) const char *name = connector->name; struct nouveau_encoder *nv_encoder; + nv_connector->hpd_task = current; + if (rep->mask & NVIF_NOTIFY_CONN_V0_IRQ) { NV_DEBUG(drm, "service %s\n", name); if ((nv_encoder = find_encoder(connector, DCB_OUTPUT_DP))) @@ -1167,6 +1170,7 @@ nouveau_connector_hotplug(struct nvif_notify *notify) nouveau_connector_hotplug_probe(nv_connector); } + nv_connector->hpd_task = NULL; return NVIF_NOTIFY_KEEP; } diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.h b/drivers/gpu/drm/nouveau/nouveau_connector.h index 2d9d35a146a4..1964e682ba13 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.h +++ b/drivers/gpu/drm/nouveau/nouveau_connector.h @@ -45,6 +45,7 @@ struct nouveau_connector { u8 *dcb; struct nvif_notify hpd; + struct task_struct *hpd_task; struct drm_dp_aux aux; -- 2.17.1

7 years, 1 month

2
2
0 0

FAILED: patch "[PATCH] ARC: dma [non IOC]: fix arc_dma_sync_single_for_(device|cpu)" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 4c612add7b18844ddd733ebdcbe754520155999b Mon Sep 17 00:00:00 2001 From: Eugeniy Paltsev <Eugeniy.Paltsev(a)synopsys.com> Date: Tue, 24 Jul 2018 17:13:02 +0300 Subject: [PATCH] ARC: dma [non IOC]: fix arc_dma_sync_single_for_(device|cpu) ARC backend for dma_sync_single_for_(device|cpu) was broken as it was not honoring the @dir argument and simply forcing it based on the call: - arc_dma_sync_single_for_device(dir) assumed DMA_TO_DEVICE (cache wback) - arc_dma_sync_single_for_cpu(dir) assumed DMA_FROM_DEVICE (cache inv) This is not true given the DMA API programming model and has been discussed here [1] in some detail. Interestingly while the deficiency has been there forever, it only started showing up after 4.17 dma common ops rework, commit a8eb92d02dd7 ("arc: fix arc_dma_{map,unmap}_page") which wired up these calls under the more commonly used dma_map_page API triggering the issue. [1]: https://lkml.org/lkml/2018/5/18/979 Fixes: commit a8eb92d02dd7 ("arc: fix arc_dma_{map,unmap}_page") Cc: stable(a)kernel.org # v4.17+ Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev(a)synopsys.com> Signed-off-by: Vineet Gupta <vgupta(a)synopsys.com> [vgupta: reworked changelog] diff --git a/arch/arc/mm/dma.c b/arch/arc/mm/dma.c index 8c1071840979..ec47e6079f5d 100644 --- a/arch/arc/mm/dma.c +++ b/arch/arc/mm/dma.c @@ -129,14 +129,59 @@ int arch_dma_mmap(struct device *dev, struct vm_area_struct *vma, return ret; } +/* + * Cache operations depending on function and direction argument, inspired by + * https://lkml.org/lkml/2018/5/18/979 + * "dma_sync_*_for_cpu and direction=TO_DEVICE (was Re: [PATCH 02/20] + * dma-mapping: provide a generic dma-noncoherent implementation)" + * + * | map == for_device | unmap == for_cpu + * |---------------------------------------------------------------- + * TO_DEV | writeback writeback | none none + * FROM_DEV | invalidate invalidate | invalidate* invalidate* + * BIDIR | writeback+inv writeback+inv | invalidate invalidate + * + * [*] needed for CPU speculative prefetches + * + * NOTE: we don't check the validity of direction argument as it is done in + * upper layer functions (in include/linux/dma-mapping.h) + */ + void arch_sync_dma_for_device(struct device *dev, phys_addr_t paddr, size_t size, enum dma_data_direction dir) { - dma_cache_wback(paddr, size); + switch (dir) { + case DMA_TO_DEVICE: + dma_cache_wback(paddr, size); + break; + + case DMA_FROM_DEVICE: + dma_cache_inv(paddr, size); + break; + + case DMA_BIDIRECTIONAL: + dma_cache_wback_inv(paddr, size); + break; + + default: + break; + } } void arch_sync_dma_for_cpu(struct device *dev, phys_addr_t paddr, size_t size, enum dma_data_direction dir) { - dma_cache_inv(paddr, size); + switch (dir) { + case DMA_TO_DEVICE: + break; + + /* FROM_DEVICE invalidate needed if speculative CPU prefetch only */ + case DMA_FROM_DEVICE: + case DMA_BIDIRECTIONAL: + dma_cache_inv(paddr, size); + break; + + default: + break; + } }

7 years, 1 month

2
1
0 0

Linux 4.4.146

by Greg KH

I'm announcing the release of the 4.4.146 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/microblaze/boot/Makefile | 10 ++-- arch/mips/include/asm/pci.h | 2 arch/powerpc/kernel/head_8xx.S | 2 arch/powerpc/kernel/pci_32.c | 1 arch/powerpc/mm/slb.c | 8 +-- arch/powerpc/platforms/chrp/time.c | 6 +- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 ++ arch/powerpc/platforms/powermac/bootx_init.c | 4 + arch/powerpc/platforms/powermac/setup.c | 1 arch/s390/include/asm/cpu_mf.h | 6 +- arch/x86/kernel/cpu/perf_event_intel_uncore.c | 2 arch/x86/kernel/cpu/perf_event_intel_uncore_nhmex.c | 2 arch/x86/kvm/vmx.c | 7 +- crypto/authenc.c | 1 crypto/authencesn.c | 1 drivers/acpi/pci_root.c | 4 + drivers/ata/libata-eh.c | 12 +++-- drivers/bluetooth/btusb.c | 3 + drivers/bluetooth/hci_qca.c | 2 drivers/char/random.c | 10 +++- drivers/crypto/padlock-aes.c | 8 ++- drivers/dma/pxa_dma.c | 2 drivers/gpu/drm/drm_atomic.c | 4 + drivers/gpu/drm/gma500/psb_intel_drv.h | 2 drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 drivers/gpu/drm/radeon/radeon_connectors.c | 10 ++-- drivers/hid/hid-plantronics.c | 6 ++ drivers/hid/i2c-hid/i2c-hid.c | 8 +++ drivers/infiniband/core/mad.c | 11 ++-- drivers/infiniband/core/ucma.c | 6 ++ drivers/input/mouse/elan_i2c_core.c | 2 drivers/input/serio/i8042-x86ia64io.h | 7 ++ drivers/md/md.c | 3 + drivers/media/common/siano/smsendian.c | 14 ++--- drivers/media/i2c/smiapp/smiapp-core.c | 11 ++-- drivers/media/pci/saa7164/saa7164-fw.c | 3 - drivers/media/platform/omap3isp/isp.c | 7 +- drivers/media/platform/rcar_jpu.c | 4 + drivers/media/radio/si470x/radio-si470x-i2c.c | 6 +- drivers/media/v4l2-core/videobuf2-core.c | 9 ++- drivers/memory/tegra/mc.c | 22 ++------- drivers/memory/tegra/mc.h | 9 +++ drivers/memory/tegra/tegra114.c | 2 drivers/memory/tegra/tegra124.c | 6 ++ drivers/memory/tegra/tegra210.c | 3 + drivers/memory/tegra/tegra30.c | 2 drivers/mfd/cros_ec.c | 6 ++ drivers/mtd/nand/fsl_ifc_nand.c | 17 ++++--- drivers/net/can/usb/ems_usb.c | 1 drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 4 - drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 drivers/net/usb/lan78xx.c | 2 drivers/net/wireless/ath/regd.h | 5 ++ drivers/net/wireless/ath/regd_common.h | 13 +++++ drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c | 1 drivers/net/wireless/iwlwifi/pcie/rx.c | 2 drivers/net/wireless/mwifiex/usb.c | 3 + drivers/net/wireless/mwifiex/util.c | 8 ++- drivers/net/wireless/rsi/rsi_91x_sdio.c | 2 drivers/net/wireless/ti/wlcore/sdio.c | 5 ++ drivers/net/xen-netfront.c | 10 +++- drivers/pci/pci-sysfs.c | 15 +++--- drivers/pinctrl/pinctrl-at91-pio4.c | 4 + drivers/regulator/pfuze100-regulator.c | 1 drivers/rtc/interface.c | 5 ++ drivers/scsi/3w-9xxx.c | 5 ++ drivers/scsi/3w-xxxx.c | 3 + drivers/scsi/megaraid.c | 3 + drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 + drivers/scsi/scsi_dh.c | 5 +- drivers/scsi/sg.c | 1 drivers/scsi/ufs/ufshcd.c | 2 drivers/thermal/samsung/exynos_tmu.c | 1 drivers/tty/hvc/hvc_opal.c | 1 drivers/tty/pty.c | 3 + drivers/usb/core/hub.c | 4 + drivers/virtio/virtio_balloon.c | 2 fs/btrfs/qgroup.c | 19 +++++++ fs/btrfs/tree-log.c | 10 +++- fs/ext4/balloc.c | 3 + fs/ext4/ialloc.c | 3 + fs/ext4/inline.c | 19 ++++--- fs/ext4/inode.c | 16 ++---- fs/f2fs/segment.c | 3 + fs/f2fs/super.c | 6 ++ fs/nfsd/nfs4xdr.c | 2 fs/squashfs/block.c | 2 fs/squashfs/cache.c | 3 + fs/squashfs/file.c | 8 ++- fs/squashfs/fragment.c | 17 ++++--- fs/squashfs/squashfs_fs.h | 6 ++ fs/squashfs/squashfs_fs_sb.h | 1 fs/squashfs/super.c | 5 +- include/drm/drm_dp_helper.h | 1 include/linux/dma-iommu.h | 1 include/linux/mmc/sdio_ids.h | 1 include/linux/netfilter/ipset/ip_set_timeout.h | 10 +++- include/net/tcp.h | 2 include/soc/tegra/mc.h | 2 kernel/auditfilter.c | 2 kernel/auditsc.c | 2 kernel/bpf/verifier.c | 4 - kernel/trace/trace_events_trigger.c | 18 +++++-- kernel/trace/trace_kprobe.c | 15 +++++- mm/slub.c | 2 mm/vmalloc.c | 3 - net/dsa/slave.c | 6 ++ net/ipv4/fib_frontend.c | 4 - net/ipv4/inet_fragment.c | 10 ++-- net/ipv4/ipconfig.c | 13 +++++ net/ipv4/tcp_dctcp.c | 4 - net/ipv4/tcp_input.c | 48 ++++++++++---------- net/netlink/af_netlink.c | 2 net/socket.c | 2 sound/pci/emu10k1/emupcm.c | 4 + sound/pci/emu10k1/memory.c | 6 +- sound/pci/fm801.c | 16 +++++- sound/pci/hda/patch_ca0132.c | 8 ++- sound/soc/pxa/brownstone.c | 1 sound/soc/pxa/mioa701_wm9713.c | 1 sound/soc/pxa/mmp-pcm.c | 1 sound/soc/pxa/mmp-sspa.c | 1 sound/soc/pxa/palm27x.c | 1 sound/soc/pxa/pxa-ssp.c | 1 sound/soc/pxa/pxa2xx-ac97.c | 1 sound/soc/pxa/pxa2xx-pcm.c | 1 sound/soc/soc-pcm.c | 6 +- sound/usb/pcm.c | 2 tools/usb/usbip/src/usbip_detach.c | 9 ++- 130 files changed, 526 insertions(+), 207 deletions(-) Alexandre Belloni (1): rtc: ensure rtc_set_alarm fails when alarms are not supported Anatoly Pugachev (1): disable loading f2fs module on PAGE_SIZE > 4KB Andrea Adami (1): ASoC: pxa: Fix module autoload for platform drivers Anson Huang (1): regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Anton Vasilyev (1): can: ems_usb: Fix memory leak on ems_usb_disconnect() Artem Savkov (1): tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Bartlomiej Zolnierkiewicz (1): thermal: exynos: fix setting rising_threshold for Exynos5433 Brad Love (1): media: saa7164: Fix driver name in debug output Chao Yu (1): f2fs: fix to don't trigger writeback during recovery Chen-Yu Tsai (1): Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Chintan Pandya (1): mm: vmalloc: avoid racy handling of debugobjects in vunmap Chris Novakovic (1): ipconfig: Correctly initialise ic_nameservers Christoph Hellwig (1): PCI: Prevent sysfs disable of device while driver is attached Christophe Leroy (1): powerpc/8xx: fix invalid register expression in head_8xx.S Colin Ian King (1): media: smiapp: fix timeout checking in smiapp_read_nvm Cong Wang (1): infiniband: fix a possible use-after-free bug DaeRyong Jeong (1): tty: Fix data race in tty_insert_flip_string_fixed_flag Damien Le Moal (1): libata: Fix command retry decision Dan Carpenter (1): scsi: megaraid: silence a static checker bug David Sterba (1): btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Dmitry Osipenko (2): memory: tegra: Do not handle spurious interrupts memory: tegra: Apply interrupts mask per SoC Dmitry Torokhov (1): HID: i2c-hid: check if device is there before really probing Dominik Bozek (1): usb: hub: Don't wait for connect state at resume for powered-off ports Donald Shanty III (1): Input: elan_i2c - add ACPI ID for lenovo ideapad 330 Eric Dumazet (5): tcp: do not force quickack when receiving out-of-order packets tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode tcp: do not aggressively quick ack after ECN events tcp: add one more quick ack after after ECN events inet: frag: enforce memory limits earlier Eric Engestrom (1): dmaengine: pxa_dma: remove duplicate const qualifier Eugeniy Paltsev (1): NET: stmmac: align DMA stuff to largest cache line length Eyal Reizer (1): wlcore: sdio: check for valid platform device data before suspend Florian Fainelli (1): net: dsa: Do not suspend/resume closed slave_dev Ganapathi Bhat (1): mwifiex: handle race during mwifiex_usb_disconnect Greg Kroah-Hartman (1): Linux 4.4.146 Hans Verkuil (1): media: videobuf2-core: don't call memop 'finish' when queueing Herbert Xu (1): crypto: padlock-aes - Fix Nano workaround data corruption Jakub Kicinski (1): bpf: fix references to free_bpf_prog_info() in comments Jane Wan (1): mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Jeremy Cline (2): netlink: Fix spectre v1 gadget in netlink_create() net: socket: fix potential spectre v1 gadget in socketcall Jian-Hong Pan (1): Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Jiang Biao (1): virtio_balloon: fix another race between migration and ballooning Jonathan Neuschäfer (1): powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet José Roberto de Souza (1): drm: Add DP PSR2 sink enable bit Jozsef Kadlecsik (1): netfilter: ipset: List timing out entries with "timeout 1" instead of zero Juergen Gross (1): xen/netfront: raise max number of slots in xennet_get_responses() Julia Lawall (1): pinctrl: at91-pio4: add missing of_node_put KT Liao (1): Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Kai Chieh Chuang (1): ASoC: dpcm: fix BE dai not hw_free and shutdown Kan Liang (2): perf/x86/intel/uncore: Correct fixed counter index check in generic code perf/x86/intel/uncore: Correct fixed counter index check for NHM Leon Romanovsky (1): RDMA/mad: Convert BUG_ONs to error flows Linus Torvalds (3): squashfs: be more careful about metadata corruption squashfs: more metadata hardening squashfs: more metadata hardenings Lorenzo Bianconi (1): ipv4: remove BUG_ON() from fib_compute_spec_dst Luc Van Oostenryck (2): drm/radeon: fix mode_valid's return type drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Marc Zyngier (1): dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA Mathieu Malaterre (5): mm/slub.c: add __printf verification to slab_err() powerpc/32: Add a missing include header powerpc/chrp/time: Make some functions static, add missing header include powerpc/powermac: Add missing prototype for note_bootable_part() powerpc/powermac: Mark variable x as unused Mauro Carvalho Chehab (2): media: siano: get rid of __le32/__le16 cast warnings media: si470x: fix __be16 annotations Maya Erez (1): scsi: ufs: fix exception event handling Michal Simek (1): microblaze: Fix simpleImage format generation Mika Westerberg (1): PCI: pciehp: Request control of native hotplug only if supported Nicholas Piggin (1): powerpc/64s: Fix compiler store ordering to SLB shadow area Ondrej Mosnáček (1): audit: allow not equal op for audit by executable Paul Burton (1): MIPS: Fix off-by-one in pci_resource_to_user() Qu Wenruo (1): btrfs: qgroup: Finish rescan when hit the last leaf of extent tree Roman Kagan (1): kvm: x86: vmx: fix vpid leak Satendra Singh Thakur (1): drm/atomic: Handling the case when setting old crtc for plane Scott Mayhew (1): nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Sean Lanigan (1): brcmfmac: Add support for bcm43364 wireless chipset Shaul Triebitz (1): iwlwifi: pcie: fix race in Rx buffer allocator Shivasharan S (1): scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Shuah Khan (Samsung OSG) (1): usbip: usbip_detach: Fix memory, udev context and udev leak Siva Rebbagondla (1): rsi: Fix 'invalid vdd' warning in mmc Stefan Wahren (1): net: lan78xx: fix rx handling before first packet is send Steven Rostedt (VMware) (3): tracing: Fix double free of event_trigger_data tracing: Fix possible double free in event_enable_trigger_func() tracing: Quiet gcc warning about maybe unused link variable Stewart Smith (1): hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Suman Anna (1): media: omap3isp: fix unbalanced dma_iommu_mapping Sven Eckelmann (9): ath: Add regulatory mapping for FCC3_ETSIC ath: Add regulatory mapping for ETSI8_WORLD ath: Add regulatory mapping for APL13_WORLD ath: Add regulatory mapping for APL2_FCCA ath: Add regulatory mapping for Uganda ath: Add regulatory mapping for Tanzania ath: Add regulatory mapping for Serbia ath: Add regulatory mapping for Bermuda ath: Add regulatory mapping for Bahamas Takashi Iwai (2): ALSA: emu10k1: Rate-limit error messages about page errors ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Takashi Sakamoto (1): ALSA: hda/ca0132: fix build failure when a local macro is defined Terry Junge (1): HID: hid-plantronics: Re-resend Update to map button for PTT products Theodore Ts'o (3): random: mix rdrand with entropy sent in from userspace ext4: fix inline data updates with checksums enabled ext4: check for allocation block validity with block group locked Thierry Escande (1): Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Thomas Richter (2): s390/cpum_sf: Add data entry sizes to sampling trailer entry perf: fix invalid bit in diagnostic entry Tony Battersby (1): scsi: sg: fix minor memory leak in error path Tudor-Dan Ambarus (2): crypto: authencesn - don't leak pointers to authenc keys crypto: authenc - don't leak pointers to authenc keys Vincent Palatin (1): mfd: cros_ec: Fail early if we cannot identify the EC Wei Yongjun (1): media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Wenwen Wang (2): scsi: 3w-9xxx: fix a missing-check bug scsi: 3w-xxxx: fix a missing-check bug Xiao Liang (1): xen-netfront: wait xenbus state change when load module manually Xinming Hu (1): mwifiex: correct histogram data with appropriate index Xose Vazquez Perez (1): scsi: scsi_dh: replace too broad "TP9" string with the exact models Yousuk Seung (1): tcp: refactor tcp_ecn_check_ce to remove sk type cast Yufen Yu (1): md: fix NULL dereference of mddev->pers in remove_and_add_spares() Zhouyang Jia (2): ALSA: emu10k1: add error handling for snd_ctl_add ALSA: fm801: add error handling for snd_ctl_add tangpengpeng (1): net: fix amd-xgbe flow-control issue

7 years, 1 month

1
1
0 0

Linux 4.9.118

by Greg KH

I'm announcing the release of the 4.9.118 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/x86/kvm/vmx.c | 7 +-- drivers/crypto/padlock-aes.c | 8 ++- drivers/gpu/drm/vc4/vc4_plane.c | 3 + drivers/net/bonding/bond_main.c | 14 +++++- drivers/net/can/usb/ems_usb.c | 1 drivers/net/ethernet/amazon/ena/ena_com.c | 1 drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 4 - drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 drivers/net/ethernet/stmicro/stmmac/stmmac_pci.c | 40 +++++++++++++++++- drivers/net/phy/mdio-mux-bcm-iproc.c | 2 drivers/net/usb/lan78xx.c | 2 drivers/net/xen-netfront.c | 6 ++ drivers/pinctrl/intel/pinctrl-intel.c | 7 ++- drivers/scsi/sg.c | 1 drivers/virtio/virtio_balloon.c | 2 fs/squashfs/block.c | 2 fs/squashfs/fragment.c | 13 ++++- fs/squashfs/squashfs_fs_sb.h | 1 fs/squashfs/super.c | 5 +- include/net/tcp.h | 2 kernel/sched/swait.c | 6 -- net/dsa/slave.c | 6 ++ net/ipv4/fib_frontend.c | 4 - net/ipv4/inet_fragment.c | 10 ++-- net/ipv4/ip_fragment.c | 5 ++ net/ipv4/tcp_bbr.c | 4 + net/ipv4/tcp_dctcp.c | 4 - net/ipv4/tcp_input.c | 48 +++++++++++----------- net/netlink/af_netlink.c | 2 net/socket.c | 2 31 files changed, 155 insertions(+), 61 deletions(-) Andy Shevchenko (1): pinctrl: intel: Read back TX buffer state Anton Vasilyev (2): net: mdio-mux: bcm-iproc: fix wrong getter and setter pair can: ems_usb: Fix memory leak on ems_usb_disconnect() Boqun Feng (1): sched/wait: Remove the lockless swait_active() check in swake_up*() Boris Brezillon (1): drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar formats Eric Dumazet (7): tcp: do not force quickack when receiving out-of-order packets tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode tcp: do not aggressively quick ack after ECN events tcp: add one more quick ack after after ECN events bonding: avoid lockdep confusion in bond_get_stats() inet: frag: enforce memory limits earlier ipv4: frags: handle possible skb truesize change Eugeniy Paltsev (1): NET: stmmac: align DMA stuff to largest cache line length Florian Fainelli (1): net: dsa: Do not suspend/resume closed slave_dev Gal Pressman (1): net: ena: Fix use of uninitialized DMA address bits field Greg Kroah-Hartman (1): Linux 4.9.118 Herbert Xu (1): crypto: padlock-aes - Fix Nano workaround data corruption Jeremy Cline (2): netlink: Fix spectre v1 gadget in netlink_create() net: socket: fix potential spectre v1 gadget in socketcall Jiang Biao (1): virtio_balloon: fix another race between migration and ballooning Jose Abreu (1): net: stmmac: Fix WoL for PCI-based setups Linus Torvalds (2): squashfs: more metadata hardening squashfs: more metadata hardenings Lorenzo Bianconi (1): ipv4: remove BUG_ON() from fib_compute_spec_dst Neal Cardwell (1): tcp_bbr: fix bw probing to raise in-flight data for very small BDPs Roman Kagan (1): kvm: x86: vmx: fix vpid leak Stefan Wahren (1): net: lan78xx: fix rx handling before first packet is send Tony Battersby (1): scsi: sg: fix minor memory leak in error path Xiao Liang (1): xen-netfront: wait xenbus state change when load module manually Yousuk Seung (1): tcp: refactor tcp_ecn_check_ce to remove sk type cast tangpengpeng (1): net: fix amd-xgbe flow-control issue

7 years, 1 month

1
1
0 0

Linux 4.14.61

by Greg KH

I'm announcing the release of the 4.14.61 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/x86/entry/entry_64.S | 18 +---- arch/x86/kernel/apic/apic.c | 3 arch/x86/kvm/vmx.c | 7 -- drivers/crypto/padlock-aes.c | 8 +- drivers/gpu/drm/vc4/vc4_plane.c | 3 drivers/infiniband/core/uverbs_cmd.c | 59 +++++++++++++++++- drivers/net/bonding/bond_main.c | 14 +++- drivers/net/can/usb/ems_usb.c | 1 drivers/net/ethernet/mellanox/mlx5/core/eswitch.c | 4 - drivers/net/ethernet/stmicro/stmmac/stmmac_pci.c | 40 ++++++++++++ drivers/net/wireless/intel/iwlwifi/cfg/9000.c | 69 ++++++++++++++++++++++ drivers/net/wireless/intel/iwlwifi/iwl-config.h | 5 + drivers/net/wireless/intel/iwlwifi/pcie/drv.c | 22 +++++++ drivers/scsi/sg.c | 1 drivers/virtio/virtio_balloon.c | 2 fs/squashfs/block.c | 2 fs/squashfs/fragment.c | 13 ++-- fs/squashfs/squashfs_fs_sb.h | 1 fs/squashfs/super.c | 5 - fs/userfaultfd.c | 4 - kernel/auditsc.c | 13 ++-- net/dsa/slave.c | 6 + net/ipv4/inet_fragment.c | 10 +-- net/ipv4/ip_fragment.c | 5 + net/netlink/af_netlink.c | 2 net/rxrpc/call_accept.c | 4 - net/socket.c | 2 28 files changed, 275 insertions(+), 50 deletions(-) Andy Lutomirski (1): x86/entry/64: Remove %ebx handling from error_entry/exit Anton Vasilyev (1): can: ems_usb: Fix memory leak on ems_usb_disconnect() Boris Brezillon (1): drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar formats Eli Cohen (1): net/mlx5e: E-Switch, Initialize eswitch only if eswitch manager Emmanuel Grumbach (1): iwlwifi: add more card IDs for 9000 series Eric Dumazet (3): bonding: avoid lockdep confusion in bond_get_stats() inet: frag: enforce memory limits earlier ipv4: frags: handle possible skb truesize change Florian Fainelli (1): net: dsa: Do not suspend/resume closed slave_dev Greg Kroah-Hartman (1): Linux 4.14.61 Herbert Xu (1): crypto: padlock-aes - Fix Nano workaround data corruption Jack Morgenstein (1): RDMA/uverbs: Expand primary and alt AV port checks Jeremy Cline (2): netlink: Fix spectre v1 gadget in netlink_create() net: socket: fix potential spectre v1 gadget in socketcall Jiang Biao (1): virtio_balloon: fix another race between migration and ballooning Jose Abreu (1): net: stmmac: Fix WoL for PCI-based setups Len Brown (1): x86/apic: Future-proof the TSC_DEADLINE quirk for SKX Linus Torvalds (2): squashfs: more metadata hardening squashfs: more metadata hardenings Mike Rapoport (1): userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails Roman Kagan (1): kvm: x86: vmx: fix vpid leak Tony Battersby (1): scsi: sg: fix minor memory leak in error path Yi Wang (1): audit: fix potential null dereference 'context->module.name' YueHaibing (1): rxrpc: Fix user call ID check in rxrpc_service_prealloc_one

7 years, 1 month

1
1
0 0

Linux 4.17.13

by Greg KH

I'm announcing the release of the 4.17.13 kernel. All users of the 4.17 kernel series must upgrade. The updated 4.17.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.17.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/x86/entry/entry_64.S | 18 ---- arch/x86/kernel/apic/apic.c | 3 arch/x86/kvm/vmx.c | 7 - arch/x86/platform/efi/efi_64.c | 2 drivers/crypto/padlock-aes.c | 8 + drivers/gpu/drm/drm_atomic_helper.c | 8 + drivers/gpu/drm/vc4/vc4_plane.c | 3 drivers/infiniband/core/uverbs_cmd.c | 59 ++++++++++++- drivers/net/bonding/bond_main.c | 14 ++- drivers/net/can/usb/ems_usb.c | 1 drivers/net/ethernet/mellanox/mlx5/core/en_dcbnl.c | 2 drivers/net/ethernet/mellanox/mlx5/core/eswitch.c | 4 drivers/net/ethernet/mellanox/mlx5/core/ipoib/ipoib.c | 4 drivers/net/ethernet/stmicro/stmmac/stmmac_pci.c | 40 ++++++++- drivers/net/wireless/broadcom/brcm80211/brcmfmac/pcie.c | 3 drivers/net/wireless/intel/iwlwifi/cfg/9000.c | 69 ++++++++++++++++ drivers/net/wireless/intel/iwlwifi/iwl-config.h | 5 + drivers/net/wireless/intel/iwlwifi/pcie/drv.c | 22 +++++ drivers/scsi/sg.c | 1 drivers/virtio/virtio_balloon.c | 2 fs/squashfs/block.c | 2 fs/squashfs/fragment.c | 13 ++- fs/squashfs/squashfs_fs_sb.h | 1 fs/squashfs/super.c | 5 - fs/userfaultfd.c | 4 ipc/shm.c | 12 ++ kernel/auditsc.c | 13 ++- mm/hugetlb.c | 7 + net/dsa/slave.c | 6 + net/ipv4/inet_fragment.c | 6 - net/ipv4/ip_fragment.c | 5 + net/netlink/af_netlink.c | 2 net/rxrpc/call_accept.c | 4 net/socket.c | 5 - 35 files changed, 308 insertions(+), 54 deletions(-) Andy Lutomirski (1): x86/entry/64: Remove %ebx handling from error_entry/exit Anton Vasilyev (1): can: ems_usb: Fix memory leak on ems_usb_disconnect() Boris Brezillon (3): drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar formats drm/atomic: Check old_plane_state->crtc in drm_atomic_helper_async_check() drm/atomic: Initialize variables in drm_atomic_helper_async_check() to make gcc happy Brijesh Singh (1): x86/efi: Access EFI MMIO data as unencrypted when SEV is active Eli Cohen (1): net/mlx5e: E-Switch, Initialize eswitch only if eswitch manager Emmanuel Grumbach (1): iwlwifi: add more card IDs for 9000 series Eric Dumazet (3): bonding: avoid lockdep confusion in bond_get_stats() inet: frag: enforce memory limits earlier ipv4: frags: handle possible skb truesize change Feras Daoud (1): net/mlx5e: IPoIB, Set the netdevice sw mtu in ipoib enhanced flow Florian Fainelli (1): net: dsa: Do not suspend/resume closed slave_dev Greg Kroah-Hartman (1): Linux 4.17.13 Herbert Xu (1): crypto: padlock-aes - Fix Nano workaround data corruption Jack Morgenstein (1): RDMA/uverbs: Expand primary and alt AV port checks Jane Chu (1): ipc/shm.c add ->pagesize function to shm_vm_ops Jeremy Cline (3): netlink: Fix spectre v1 gadget in netlink_create() net: socket: fix potential spectre v1 gadget in socketcall net: socket: Fix potential spectre v1 gadget in sock_is_registered Jiang Biao (1): virtio_balloon: fix another race between migration and ballooning Jose Abreu (1): net: stmmac: Fix WoL for PCI-based setups Len Brown (1): x86/apic: Future-proof the TSC_DEADLINE quirk for SKX Linus Torvalds (2): squashfs: more metadata hardening squashfs: more metadata hardenings Mike Rapoport (1): userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails Or Gerlitz (1): net/mlx5e: Set port trust mode to PCP as default Rafał Miłecki (1): brcmfmac: fix regression in parsing NVRAM for multiple devices Roman Kagan (1): kvm: x86: vmx: fix vpid leak Tony Battersby (1): scsi: sg: fix minor memory leak in error path Yi Wang (1): audit: fix potential null dereference 'context->module.name' YueHaibing (1): rxrpc: Fix user call ID check in rxrpc_service_prealloc_one

7 years, 1 month

1
1
0 0

we do the editing

by Jason James

Want to follow up the email sent last week. Do you have needs for photo editing? We can edit 400 images within 24 hours. We are working on all kinds of ecommerce photos, jewelry photos, and the portrait images. We do cutting out and clipping path and others, and also we provide retouching for your photos, You can throw us a photo and we will do testing for you to check our quality. Thanks, Jason

7 years, 1 month

1
0
0 0

[char-misc-next] mei: ignore not found client in the enumeration

by Tomas Winkler

From: Alexander Usyskin <alexander.usyskin(a)intel.com> Some of the ME clients are available only for BIOS operation and are removed during hand off to an OS. However the removal is not instant. A client may be visible on the client list when the mei driver requests for enumeration, while the subsequent request for properties will be answered with client not found error value. The default behavior for an error is to perform client reset while this error is harmless and the link reset should be prevented. This issue started to be visible due to suspend/resume timing changes. Currently reported only on the Haswell based system. Fixes: [33.564957] mei_me 0000:00:16.0: hbm: properties response: wrong status = 1 CLIENT_NOT_FOUND [33.564978] mei_me 0000:00:16.0: mei_irq_read_handler ret = -71. [33.565270] mei_me 0000:00:16.0: unexpected reset: dev_state = INIT_CLIENTS fw status = 1E000255 60002306 00000200 00004401 00000000 00000010 Cc: <stable(a)vger.kernel.org> Reported-by: Heiner Kallweit <hkallweit1(a)gmail.com> Signed-off-by: Alexander Usyskin <alexander.usyskin(a)intel.com> Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> --- drivers/misc/mei/hbm.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/misc/mei/hbm.c b/drivers/misc/mei/hbm.c index f15d44bda28e..fa0f8e91e86f 100644 --- a/drivers/misc/mei/hbm.c +++ b/drivers/misc/mei/hbm.c @@ -1244,15 +1244,18 @@ int mei_hbm_dispatch(struct mei_device *dev, struct mei_msg_hdr *hdr) props_res = (struct hbm_props_response *)mei_msg; - if (props_res->status) { + if (props_res->status == MEI_HBMS_CLIENT_NOT_FOUND) { + dev_dbg(dev->dev, "hbm: properties response: %d CLIENT_NOT_FOUND\n", + props_res->me_addr); + } else if (props_res->status) { dev_err(dev->dev, "hbm: properties response: wrong status = %d %s\n", props_res->status, mei_hbm_status_str(props_res->status)); return -EPROTO; + } else { + mei_hbm_me_cl_add(dev, props_res); } - mei_hbm_me_cl_add(dev, props_res); - /* request property for the next client */ if (mei_hbm_prop_req(dev, props_res->me_addr + 1)) return -EIO; -- 2.14.4

7 years, 1 month

1
0
0 0

[PATCH] ARC: AXS10x/HSDK: Allow U-Boot to pass MAC-address to the kernel

by Alexey Brodkin

Otherwise kernel uses random MAC which is not very conveniet. With that change in place use might set desired MAC in U-Boot with "setenv ethaddr 11:22:33:44:55:66", save environment and then from boot to boot the same MAC will be used by the kernel. One other note for this to happen it's required to pass board's .dtb in U-Boot's "bootm" command like that: ------------------->8----------------- bootm 0x82000000 - 0x84000000 ------------------->8----------------- Here 0x82000000 is location of uImage while 0x80000000 is location of either axs10x.dtb or hsdk.dtb previously loaded from SD-card, USB storage or TFTP server. Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com> Cc: Rob Herring <robh+dt(a)kernel.org> Cc: stable(a)vger.kernel.org # 4.14 Cc: devicetree(a)vger.kernel.org --- arch/arc/boot/dts/axs10x_mb.dtsi | 7 ++++++- arch/arc/boot/dts/hsdk.dts | 7 ++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/arch/arc/boot/dts/axs10x_mb.dtsi b/arch/arc/boot/dts/axs10x_mb.dtsi index 47b74fbc403c..37bafd44e36d 100644 --- a/arch/arc/boot/dts/axs10x_mb.dtsi +++ b/arch/arc/boot/dts/axs10x_mb.dtsi @@ -9,6 +9,10 @@ */ / { + aliases { + ethernet = &gmac; + }; + axs10x_mb { compatible = "simple-bus"; #address-cells = <1>; @@ -68,7 +72,7 @@ }; }; - ethernet@0x18000 { + gmac: ethernet@0x18000 { #interrupt-cells = <1>; compatible = "snps,dwmac"; reg = < 0x18000 0x2000 >; @@ -81,6 +85,7 @@ max-speed = <100>; resets = <&creg_rst 5>; reset-names = "stmmaceth"; + mac-address = [00 00 00 00 00 00]; /* Filled in by U-Boot */ }; ehci@0x40000 { diff --git a/arch/arc/boot/dts/hsdk.dts b/arch/arc/boot/dts/hsdk.dts index 006aa3de5348..d00f283094d3 100644 --- a/arch/arc/boot/dts/hsdk.dts +++ b/arch/arc/boot/dts/hsdk.dts @@ -25,6 +25,10 @@ bootargs = "earlycon=uart8250,mmio32,0xf0005000,115200n8 console=ttyS0,115200n8 debug print-fatal-signals=1"; }; + aliases { + ethernet = &gmac; + }; + cpus { #address-cells = <1>; #size-cells = <0>; @@ -163,7 +167,7 @@ #clock-cells = <0>; }; - ethernet@8000 { + gmac: ethernet@8000 { #interrupt-cells = <1>; compatible = "snps,dwmac"; reg = <0x8000 0x2000>; @@ -176,6 +180,7 @@ phy-handle = <&phy0>; resets = <&cgu_rst HSDK_ETH_RESET>; reset-names = "stmmaceth"; + mac-address = [00 00 00 00 00 00]; /* Filled in by U-Boot */ mdio { #address-cells = <1>; -- 2.17.1

7 years, 1 month

3
2
0 0

[PATCH] x86/irqflags: provide a declaration for native_save_fl

by Nick Desaulniers

Fixes commit d0a8d9378d16 ("x86/paravirt: Make native_save_fl() extern inline"). It was reported that the above commit was causing users of gcc < 4.9 to observe -Werror=missing-prototypes errors. Indeed, it seems that: extern inline unsigned long native_save_fl(void) { return 0; } compiled with -Werror=missing-prototypes produces this warning in gcc < 4.9, but not gcc >= 4.9. Cc: stable(a)vger.kernel.org # 4.17, 4.14, 4.9, 4.4 Reported-by: David Laight <david.laight(a)aculab.com> Reported-by: Jean Delvare <jdelvare(a)suse.de> Signed-off-by: Nick Desaulniers <ndesaulniers(a)google.com> --- arch/x86/include/asm/irqflags.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/x86/include/asm/irqflags.h b/arch/x86/include/asm/irqflags.h index c4fc17220df9..c14f2a74b2be 100644 --- a/arch/x86/include/asm/irqflags.h +++ b/arch/x86/include/asm/irqflags.h @@ -13,6 +13,8 @@ * Interrupt control: */ +/* Declaration required for gcc < 4.9 to prevent -Werror=missing-prototypes */ +extern inline unsigned long native_save_fl(void); extern inline unsigned long native_save_fl(void) { unsigned long flags; -- 2.18.0.597.ga71716f1ad-goog

7 years, 1 month

3
2
0 0

Dear Beneficiary, FINAL NOTICE..28

by Paul

Attention: stable(a)vger.kernel.org, FINAL NOTICE We have been instructed to arrange your funds/payment via Online Banking & Loaded ATM Cards delivery to you. Your response very urgent for more details! Sincerely yours, Eddie. P.

7 years, 1 month

1
0
0 0

[PATCH RT 03/22] futex: Avoid violating the 10th rule of futex

by Julia Cartwright

From: Peter Zijlstra <peterz(a)infradead.org> 4.9.115-rt94-rc1 stable review patch. If you have any objection to the inclusion of this patch, let me know. --- 8< --- 8< --- 8< --- [ Upstream commit c1e2f0eaf015fb7076d51a339011f2383e6dd389 ] Julia reported futex state corruption in the following scenario: waiter waker stealer (prio > waiter) futex(WAIT_REQUEUE_PI, uaddr, uaddr2, timeout=[N ms]) futex_wait_requeue_pi() futex_wait_queue_me() freezable_schedule() <scheduled out> futex(LOCK_PI, uaddr2) futex(CMP_REQUEUE_PI, uaddr, uaddr2, 1, 0) /* requeues waiter to uaddr2 */ futex(UNLOCK_PI, uaddr2) wake_futex_pi() cmp_futex_value_locked(uaddr2, waiter) wake_up_q() <woken by waker> <hrtimer_wakeup() fires, clears sleeper->task> futex(LOCK_PI, uaddr2) __rt_mutex_start_proxy_lock() try_to_take_rt_mutex() /* steals lock */ rt_mutex_set_owner(lock, stealer) <preempted> <scheduled in> rt_mutex_wait_proxy_lock() __rt_mutex_slowlock() try_to_take_rt_mutex() /* fails, lock held by stealer */ if (timeout && !timeout->task) return -ETIMEDOUT; fixup_owner() /* lock wasn't acquired, so, fixup_pi_state_owner skipped */ return -ETIMEDOUT; /* At this point, we've returned -ETIMEDOUT to userspace, but the * futex word shows waiter to be the owner, and the pi_mutex has * stealer as the owner */ futex_lock(LOCK_PI, uaddr2) -> bails with EDEADLK, futex word says we're owner. And suggested that what commit: 73d786bd043e ("futex: Rework inconsistent rt_mutex/futex_q state") removes from fixup_owner() looks to be just what is needed. And indeed it is -- I completely missed that requeue_pi could also result in this case. So we need to restore that, except that subsequent patches, like commit: 16ffa12d7425 ("futex: Pull rt_mutex_futex_unlock() out from under hb->lock") changed all the locking rules. Even without that, the sequence: - if (rt_mutex_futex_trylock(&q->pi_state->pi_mutex)) { - locked = 1; - goto out; - } - raw_spin_lock_irq(&q->pi_state->pi_mutex.wait_lock); - owner = rt_mutex_owner(&q->pi_state->pi_mutex); - if (!owner) - owner = rt_mutex_next_owner(&q->pi_state->pi_mutex); - raw_spin_unlock_irq(&q->pi_state->pi_mutex.wait_lock); - ret = fixup_pi_state_owner(uaddr, q, owner); already suggests there were races; otherwise we'd never have to look at next_owner. So instead of doing 3 consecutive wait_lock sections with who knows what races, we do it all in a single section. Additionally, the usage of pi_state->owner in fixup_owner() was only safe because only the rt_mutex owner would modify it, which this additional case wrecks. Luckily the values can only change away and not to the value we're testing, this means we can do a speculative test and double check once we have the wait_lock. Fixes: 73d786bd043e ("futex: Rework inconsistent rt_mutex/futex_q state") Reported-by: Julia Cartwright <julia(a)ni.com> Reported-by: Gratian Crisan <gratian.crisan(a)ni.com> Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Tested-by: Julia Cartwright <julia(a)ni.com> Tested-by: Gratian Crisan <gratian.crisan(a)ni.com> Cc: Darren Hart <dvhart(a)infradead.org> Cc: stable(a)vger.kernel.org Link: https://lkml.kernel.org/r/20171208124939.7livp7no2ov65rrc@hirez.programming… Signed-off-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> Signed-off-by: Julia Cartwright <julia(a)ni.com> --- kernel/futex.c | 83 ++++++++++++++++++++++++++------- kernel/locking/rtmutex.c | 26 ++++++++--- kernel/locking/rtmutex_common.h | 1 + 3 files changed, 87 insertions(+), 23 deletions(-) diff --git a/kernel/futex.c b/kernel/futex.c index 270148be5647..cdd68ba6e3a6 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -2287,21 +2287,17 @@ static void unqueue_me_pi(struct futex_q *q) spin_unlock(q->lock_ptr); } -/* - * Fixup the pi_state owner with the new owner. - * - * Must be called with hash bucket lock held and mm->sem held for non - * private futexes. - */ static int fixup_pi_state_owner(u32 __user *uaddr, struct futex_q *q, - struct task_struct *newowner) + struct task_struct *argowner) { - u32 newtid = task_pid_vnr(newowner) | FUTEX_WAITERS; struct futex_pi_state *pi_state = q->pi_state; u32 uval, uninitialized_var(curval), newval; - struct task_struct *oldowner; + struct task_struct *oldowner, *newowner; + u32 newtid; int ret; + lockdep_assert_held(q->lock_ptr); + raw_spin_lock_irq(&pi_state->pi_mutex.wait_lock); oldowner = pi_state->owner; @@ -2310,11 +2306,17 @@ static int fixup_pi_state_owner(u32 __user *uaddr, struct futex_q *q, newtid |= FUTEX_OWNER_DIED; /* - * We are here either because we stole the rtmutex from the - * previous highest priority waiter or we are the highest priority - * waiter but have failed to get the rtmutex the first time. + * We are here because either: + * + * - we stole the lock and pi_state->owner needs updating to reflect + * that (@argowner == current), * - * We have to replace the newowner TID in the user space variable. + * or: + * + * - someone stole our lock and we need to fix things to point to the + * new owner (@argowner == NULL). + * + * Either way, we have to replace the TID in the user space variable. * This must be atomic as we have to preserve the owner died bit here. * * Note: We write the user space value _before_ changing the pi_state @@ -2327,6 +2329,42 @@ static int fixup_pi_state_owner(u32 __user *uaddr, struct futex_q *q, * in the PID check in lookup_pi_state. */ retry: + if (!argowner) { + if (oldowner != current) { + /* + * We raced against a concurrent self; things are + * already fixed up. Nothing to do. + */ + ret = 0; + goto out_unlock; + } + + if (__rt_mutex_futex_trylock(&pi_state->pi_mutex)) { + /* We got the lock after all, nothing to fix. */ + ret = 0; + goto out_unlock; + } + + /* + * Since we just failed the trylock; there must be an owner. + */ + newowner = rt_mutex_owner(&pi_state->pi_mutex); + BUG_ON(!newowner); + } else { + WARN_ON_ONCE(argowner != current); + if (oldowner == current) { + /* + * We raced against a concurrent self; things are + * already fixed up. Nothing to do. + */ + ret = 0; + goto out_unlock; + } + newowner = argowner; + } + + newtid = task_pid_vnr(newowner) | FUTEX_WAITERS; + if (get_futex_value_locked(&uval, uaddr)) goto handle_fault; @@ -2427,15 +2465,28 @@ static int fixup_owner(u32 __user *uaddr, struct futex_q *q, int locked) * Got the lock. We might not be the anticipated owner if we * did a lock-steal - fix up the PI-state in that case: * - * We can safely read pi_state->owner without holding wait_lock - * because we now own the rt_mutex, only the owner will attempt - * to change it. + * Speculative pi_state->owner read (we don't hold wait_lock); + * since we own the lock pi_state->owner == current is the + * stable state, anything else needs more attention. */ if (q->pi_state->owner != current) ret = fixup_pi_state_owner(uaddr, q, current); goto out; } + /* + * If we didn't get the lock; check if anybody stole it from us. In + * that case, we need to fix up the uval to point to them instead of + * us, otherwise bad things happen. [10] + * + * Another speculative read; pi_state->owner == current is unstable + * but needs our attention. + */ + if (q->pi_state->owner == current) { + ret = fixup_pi_state_owner(uaddr, q, NULL); + goto out; + } + /* * Paranoia check. If we did not take the lock, then we should not be * the owner of the rt_mutex. diff --git a/kernel/locking/rtmutex.c b/kernel/locking/rtmutex.c index 3a8b5d44aaf8..57361d631749 100644 --- a/kernel/locking/rtmutex.c +++ b/kernel/locking/rtmutex.c @@ -1849,6 +1849,19 @@ rt_mutex_slowlock(struct rt_mutex *lock, int state, return ret; } +static inline int __rt_mutex_slowtrylock(struct rt_mutex *lock) +{ + int ret = try_to_take_rt_mutex(lock, current, NULL); + + /* + * try_to_take_rt_mutex() sets the lock waiters bit + * unconditionally. Clean this up. + */ + fixup_rt_mutex_waiters(lock); + + return ret; +} + /* * Slow path try-lock function: */ @@ -1871,13 +1884,7 @@ static inline int rt_mutex_slowtrylock(struct rt_mutex *lock) */ raw_spin_lock_irqsave(&lock->wait_lock, flags); - ret = try_to_take_rt_mutex(lock, current, NULL); - - /* - * try_to_take_rt_mutex() sets the lock waiters bit - * unconditionally. Clean this up. - */ - fixup_rt_mutex_waiters(lock); + ret = __rt_mutex_slowtrylock(lock); raw_spin_unlock_irqrestore(&lock->wait_lock, flags); @@ -2102,6 +2109,11 @@ int __sched rt_mutex_futex_trylock(struct rt_mutex *lock) return rt_mutex_slowtrylock(lock); } +int __sched __rt_mutex_futex_trylock(struct rt_mutex *lock) +{ + return __rt_mutex_slowtrylock(lock); +} + /** * rt_mutex_timed_lock - lock a rt_mutex interruptible * the timeout structure is provided diff --git a/kernel/locking/rtmutex_common.h b/kernel/locking/rtmutex_common.h index 64d89d780059..50c0a1043556 100644 --- a/kernel/locking/rtmutex_common.h +++ b/kernel/locking/rtmutex_common.h @@ -122,6 +122,7 @@ extern bool rt_mutex_cleanup_proxy_lock(struct rt_mutex *lock, struct rt_mutex_waiter *waiter); extern int rt_mutex_futex_trylock(struct rt_mutex *l); +extern int __rt_mutex_futex_trylock(struct rt_mutex *l); extern void rt_mutex_futex_unlock(struct rt_mutex *lock); extern bool __rt_mutex_futex_unlock(struct rt_mutex *lock, -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH RT 02/22] futex: Fix more put_pi_state() vs. exit_pi_state_list() races

by Julia Cartwright

From: Peter Zijlstra <peterz(a)infradead.org> 4.9.115-rt94-rc1 stable review patch. If you have any objection to the inclusion of this patch, let me know. --- 8< --- 8< --- 8< --- [ Upstream commit 51d00899f7e6ded15c89cb4e2cb11a35283bac81 ] Dmitry (through syzbot) reported being able to trigger the WARN in get_pi_state() and a use-after-free on: raw_spin_lock_irq(&pi_state->pi_mutex.wait_lock); Both are due to this race: exit_pi_state_list() put_pi_state() lock(&curr->pi_lock) while() { pi_state = list_first_entry(head); hb = hash_futex(&pi_state->key); unlock(&curr->pi_lock); dec_and_test(&pi_state->refcount); lock(&hb->lock) lock(&pi_state->pi_mutex.wait_lock) // uaf if pi_state free'd lock(&curr->pi_lock); .... unlock(&curr->pi_lock); get_pi_state(); // WARN; refcount==0 The problem is we take the reference count too late, and don't allow it being 0. Fix it by using inc_not_zero() and simply retrying the loop when we fail to get a refcount. In that case put_pi_state() should remove the entry from the list. Reported-by: Dmitry Vyukov <dvyukov(a)google.com> Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Reviewed-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: Gratian Crisan <gratian.crisan(a)ni.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: dvhart(a)infradead.org Cc: syzbot <bot+2af19c9e1ffe4d4ee1d16c56ae7580feaee75765(a)syzkaller.appspotmail.com> Cc: syzkaller-bugs(a)googlegroups.com Cc: <stable(a)vger.kernel.org> Fixes: c74aef2d06a9 ("futex: Fix pi_state->owner serialization") Link: http://lkml.kernel.org/r/20171031101853.xpfh72y643kdfhjs@hirez.programming.… Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> Signed-off-by: Julia Cartwright <julia(a)ni.com> --- kernel/futex.c | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/kernel/futex.c b/kernel/futex.c index 47e42faad6c5..270148be5647 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -899,11 +899,27 @@ void exit_pi_state_list(struct task_struct *curr) */ raw_spin_lock_irq(&curr->pi_lock); while (!list_empty(head)) { - next = head->next; pi_state = list_entry(next, struct futex_pi_state, list); key = pi_state->key; hb = hash_futex(&key); + + /* + * We can race against put_pi_state() removing itself from the + * list (a waiter going away). put_pi_state() will first + * decrement the reference count and then modify the list, so + * its possible to see the list entry but fail this reference + * acquire. + * + * In that case; drop the locks to let put_pi_state() make + * progress and retry the loop. + */ + if (!atomic_inc_not_zero(&pi_state->refcount)) { + raw_spin_unlock_irq(&curr->pi_lock); + cpu_relax(); + raw_spin_lock_irq(&curr->pi_lock); + continue; + } raw_spin_unlock_irq(&curr->pi_lock); spin_lock(&hb->lock); @@ -914,10 +930,12 @@ void exit_pi_state_list(struct task_struct *curr) * task still owns the PI-state: */ if (head->next != next) { + /* retain curr->pi_lock for the loop invariant */ raw_spin_unlock(&curr->pi_lock); raw_spin_unlock_irq(&pi_state->pi_mutex.wait_lock); spin_unlock(&hb->lock); raw_spin_lock_irq(&curr->pi_lock); + put_pi_state(pi_state); continue; } @@ -925,9 +943,8 @@ void exit_pi_state_list(struct task_struct *curr) WARN_ON(list_empty(&pi_state->list)); list_del_init(&pi_state->list); pi_state->owner = NULL; - raw_spin_unlock(&curr->pi_lock); - get_pi_state(pi_state); + raw_spin_unlock(&curr->pi_lock); raw_spin_unlock_irq(&pi_state->pi_mutex.wait_lock); spin_unlock(&hb->lock); -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH RT 01/22] futex: Fix pi_state->owner serialization

by Julia Cartwright

From: Peter Zijlstra <peterz(a)infradead.org> 4.9.115-rt94-rc1 stable review patch. If you have any objection to the inclusion of this patch, let me know. --- 8< --- 8< --- 8< --- [ Upstream commit c74aef2d06a9f59cece89093eecc552933cba72a ] There was a reported suspicion about a race between exit_pi_state_list() and put_pi_state(). The same report mentioned the comment with put_pi_state() said it should be called with hb->lock held, and it no longer is in all places. As it turns out, the pi_state->owner serialization is indeed broken. As per the new rules: 734009e96d19 ("futex: Change locking rules") pi_state->owner should be serialized by pi_state->pi_mutex.wait_lock. For the sites setting pi_state->owner we already hold wait_lock (where required) but exit_pi_state_list() and put_pi_state() were not and raced on clearing it. Fixes: 734009e96d19 ("futex: Change locking rules") Reported-by: Gratian Crisan <gratian.crisan(a)ni.com> Signed-off-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: dvhart(a)infradead.org Cc: stable(a)vger.kernel.org Link: https://lkml.kernel.org/r/20170922154806.jd3ffltfk24m4o4y@hirez.programming… Signed-off-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> Signed-off-by: Julia Cartwright <julia(a)ni.com> --- kernel/futex.c | 34 ++++++++++++++++++++++------------ 1 file changed, 22 insertions(+), 12 deletions(-) diff --git a/kernel/futex.c b/kernel/futex.c index 8ab0ddd4cf8f..47e42faad6c5 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -819,8 +819,6 @@ static void get_pi_state(struct futex_pi_state *pi_state) /* * Drops a reference to the pi_state object and frees or caches it * when the last reference is gone. - * - * Must be called with the hb lock held. */ static void put_pi_state(struct futex_pi_state *pi_state) { @@ -835,16 +833,22 @@ static void put_pi_state(struct futex_pi_state *pi_state) * and has cleaned up the pi_state already */ if (pi_state->owner) { - raw_spin_lock_irq(&pi_state->owner->pi_lock); - list_del_init(&pi_state->list); - raw_spin_unlock_irq(&pi_state->owner->pi_lock); + struct task_struct *owner; - rt_mutex_proxy_unlock(&pi_state->pi_mutex, pi_state->owner); + raw_spin_lock_irq(&pi_state->pi_mutex.wait_lock); + owner = pi_state->owner; + if (owner) { + raw_spin_lock(&owner->pi_lock); + list_del_init(&pi_state->list); + raw_spin_unlock(&owner->pi_lock); + } + rt_mutex_proxy_unlock(&pi_state->pi_mutex, owner); + raw_spin_unlock_irq(&pi_state->pi_mutex.wait_lock); } - if (current->pi_state_cache) + if (current->pi_state_cache) { kfree(pi_state); - else { + } else { /* * pi_state->list is already empty. * clear pi_state->owner. @@ -903,14 +907,15 @@ void exit_pi_state_list(struct task_struct *curr) raw_spin_unlock_irq(&curr->pi_lock); spin_lock(&hb->lock); - - raw_spin_lock_irq(&curr->pi_lock); + raw_spin_lock_irq(&pi_state->pi_mutex.wait_lock); + raw_spin_lock(&curr->pi_lock); /* * We dropped the pi-lock, so re-check whether this * task still owns the PI-state: */ if (head->next != next) { - raw_spin_unlock_irq(&curr->pi_lock); + raw_spin_unlock(&curr->pi_lock); + raw_spin_unlock_irq(&pi_state->pi_mutex.wait_lock); spin_unlock(&hb->lock); raw_spin_lock_irq(&curr->pi_lock); continue; @@ -920,9 +925,10 @@ void exit_pi_state_list(struct task_struct *curr) WARN_ON(list_empty(&pi_state->list)); list_del_init(&pi_state->list); pi_state->owner = NULL; - raw_spin_unlock_irq(&curr->pi_lock); + raw_spin_unlock(&curr->pi_lock); get_pi_state(pi_state); + raw_spin_unlock_irq(&pi_state->pi_mutex.wait_lock); spin_unlock(&hb->lock); rt_mutex_futex_unlock(&pi_state->pi_mutex); @@ -1204,6 +1210,10 @@ static int attach_to_pi_owner(u32 uval, union futex_key *key, WARN_ON(!list_empty(&pi_state->list)); list_add(&pi_state->list, &p->pi_state_list); + /* + * Assignment without holding pi_state->pi_mutex.wait_lock is safe + * because there is no concurrency as the object is not published yet. + */ pi_state->owner = p; raw_spin_unlock_irq(&p->pi_lock); -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH] stop_machine: Disable preemption after queueing stopper threads

by Isaac J. Manjarres

This commit: 9fb8d5dc4b64 ("stop_machine, Disable preemption when waking two stopper threads") does not fully address the race condition that can occur as follows: On one CPU, call it CPU 3, thread 1 invokes cpu_stop_queue_two_works(2, 3,...), and the execution is such that thread 1 queues the works for migration/2 and migration/3, and is preempted after releasing the locks for migration/2 and migration/3, but before waking the threads. Then, On CPU 2, a kworker, call it thread 2, is running, and it invokes cpu_stop_queue_two_works(1, 2,...), such that thread 2 queues the works for migration/1 and migration/2. Meanwhile, on CPU 3, thread 1 resumes execution, and wakes migration/2 and migration/3. This means that when CPU 2 releases the locks for migration/1 and migration/2, but before it wakes those threads, it can be preempted by migration/2. If thread 2 is preempted by migration/2, then migration/2 will execute the first work item successfully, since migration/3 was woken up by CPU 3, but when it goes to execute the second work item, it disables preemption, calls multi_cpu_stop(), and thus, CPU 2 will wait forever for migration/1, which should have been woken up by thread 2. However migration/1 cannot be woken up by thread 2, since it is a kworker, so it is affine to CPU 2, but CPU 2 is running migration/2 with preemption disabled, so thread 2 will never run. Disable preemption after queueing works for stopper threads to ensure that the operation of queueing the works and waking the stopper threads is atomic. Fixes: 9fb8d5dc4b64 ("stop_machine, Disable preemption when waking two stopper threads") Co-Developed-by: Prasad Sodagudi <psodagud(a)codeaurora.org> Co-Developed-by: Pavankumar Kondeti <pkondeti(a)codeaurora.org> Signed-off-by: Isaac J. Manjarres <isaacm(a)codeaurora.org> Signed-off-by: Prasad Sodagudi <psodagud(a)codeaurora.org> Signed-off-by: Pavankumar Kondeti <pkondeti(a)codeaurora.org> Cc: stable(a)vger.kernel.org --- kernel/stop_machine.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/kernel/stop_machine.c b/kernel/stop_machine.c index 1ff523d..e190d1e 100644 --- a/kernel/stop_machine.c +++ b/kernel/stop_machine.c @@ -260,6 +260,15 @@ static int cpu_stop_queue_two_works(int cpu1, struct cpu_stop_work *work1, err = 0; __cpu_stop_queue_work(stopper1, work1, &wakeq); __cpu_stop_queue_work(stopper2, work2, &wakeq); + /* + * The waking up of stopper threads has to happen + * in the same scheduling context as the queueing. + * Otherwise, there is a possibility of one of the + * above stoppers being woken up by another CPU, + * and preempting us. This will cause us to n ot + * wake up the other stopper forever. + */ + preempt_disable(); unlock: raw_spin_unlock(&stopper2->lock); raw_spin_unlock_irq(&stopper1->lock); @@ -271,7 +280,6 @@ static int cpu_stop_queue_two_works(int cpu1, struct cpu_stop_work *work1, } if (!err) { - preempt_disable(); wake_up_q(&wakeq); preempt_enable(); } -- The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum, a Linux Foundation Collaborative Project

7 years, 1 month

7
11
0 0

[PATCH] powerpc/fadump: handle crash memory ranges array overflow

by Hari Bathini

Crash memory ranges is an array of memory ranges of the crashing kernel to be exported as a dump via /proc/vmcore file. The size of the array is set based on INIT_MEMBLOCK_REGIONS, which works alright in most cases where memblock memory regions count is less than INIT_MEMBLOCK_REGIONS value. But this count can grow beyond INIT_MEMBLOCK_REGIONS value since commit 142b45a72e22 ("memblock: Add array resizing support"). On large memory systems with a few DLPAR operations, the memblock memory regions count could be larger than INIT_MEMBLOCK_REGIONS value. On such systems, registering fadump results in crash or other system failures like below: task: c00007f39a290010 ti: c00000000b738000 task.ti: c00000000b738000 NIP: c000000000047df4 LR: c0000000000f9e58 CTR: c00000000010f180 REGS: c00000000b73b570 TRAP: 0300 Tainted: G L X (4.4.140+) MSR: 8000000000009033 <SF,EE,ME,IR,DR,RI,LE> CR: 22004484 XER: 20000000 CFAR: c000000000008500 DAR: 000007a450000000 DSISR: 40000000 SOFTE: 0 GPR00: c0000000000f9e58 c00000000b73b7f0 c000000000f09a00 000000000000001a GPR04: c00007f3bf774c90 0000000000000004 c000000000eb9a00 0000000000000800 GPR08: 0000000000000804 000007a450000000 c000000000fa9a00 c00007ffb169ca20 GPR12: 0000000022004482 c00000000fa12c00 c00007f3a0ea97a8 0000000000000000 GPR16: c00007f3a0ea9a50 c00000000b73bd60 0000000000000118 000000000001fe80 GPR20: 0000000000000118 0000000000000000 c000000000b8c980 00000000000000d0 GPR24: 000007ffb0b10000 c00007ffb169c980 0000000000000000 c000000000b8c980 GPR28: 0000000000000004 c00007ffb169c980 000000000000001a c00007ffb169c980 NIP [c000000000047df4] smp_send_reschedule+0x24/0x80 LR [c0000000000f9e58] resched_curr+0x138/0x160 Call Trace: [c00000000b73b7f0] [c0000000000f9e58] resched_curr+0x138/0x160 (unreliable) [c00000000b73b820] [c0000000000fb538] check_preempt_curr+0xc8/0xf0 [c00000000b73b850] [c0000000000fb598] ttwu_do_wakeup+0x38/0x150 [c00000000b73b890] [c0000000000fc9c4] try_to_wake_up+0x224/0x4d0 [c00000000b73b900] [c00000000011ef34] __wake_up_common+0x94/0x100 [c00000000b73b960] [c00000000034a78c] ep_poll_callback+0xac/0x1c0 [c00000000b73b9b0] [c00000000011ef34] __wake_up_common+0x94/0x100 [c00000000b73ba10] [c00000000011f810] __wake_up_sync_key+0x70/0xa0 [c00000000b73ba60] [c00000000067c3e8] sock_def_readable+0x58/0xa0 [c00000000b73ba90] [c0000000007848ac] unix_stream_sendmsg+0x2dc/0x4c0 [c00000000b73bb70] [c000000000675a38] sock_sendmsg+0x68/0xa0 [c00000000b73bba0] [c00000000067673c] ___sys_sendmsg+0x2cc/0x2e0 [c00000000b73bd30] [c000000000677dbc] __sys_sendmsg+0x5c/0xc0 [c00000000b73bdd0] [c0000000006789bc] SyS_socketcall+0x36c/0x3f0 [c00000000b73be30] [c000000000009488] system_call+0x3c/0x100 Instruction dump: 4e800020 60000000 60420000 3c4c00ec 38421c30 7c0802a6 f8010010 60000000 3d42000a e92ab420 2fa90000 4dde0020 <e9290000> 2fa90000 419e0044 7c0802a6 ---[ end trace a6d1dd4bab5f8253 ]--- as array index overflow is not checked for while setting up crash memory ranges causing memory corruption. To resolve this issue, resize crash memory ranges array on hitting array size limit. But without a hard limit on the number of crash memory ranges, there is a possibility of program headers count overflow in the /proc/vmcore ELF file while exporting each of this memory ranges as PT_LOAD segments. To reduce the likelihood of such scenario, fold adjacent memory ranges to minimize the total number of crash memory ranges. Fixes: 2df173d9e85d ("fadump: Initialize elfcore header and add PT_LOAD program headers.") Cc: stable(a)vger.kernel.org Cc: Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> Signed-off-by: Hari Bathini <hbathini(a)linux.ibm.com> --- arch/powerpc/include/asm/fadump.h | 2 + arch/powerpc/kernel/fadump.c | 63 ++++++++++++++++++++++++++++++++++--- 2 files changed, 59 insertions(+), 6 deletions(-) diff --git a/arch/powerpc/include/asm/fadump.h b/arch/powerpc/include/asm/fadump.h index 5a23010..ff708b3 100644 --- a/arch/powerpc/include/asm/fadump.h +++ b/arch/powerpc/include/asm/fadump.h @@ -196,7 +196,7 @@ struct fadump_crash_info_header { }; /* Crash memory ranges */ -#define INIT_CRASHMEM_RANGES (INIT_MEMBLOCK_REGIONS + 2) +#define INIT_CRASHMEM_RANGES INIT_MEMBLOCK_REGIONS struct fad_crash_memory_ranges { unsigned long long base; diff --git a/arch/powerpc/kernel/fadump.c b/arch/powerpc/kernel/fadump.c index 07e8396..1c1df4f 100644 --- a/arch/powerpc/kernel/fadump.c +++ b/arch/powerpc/kernel/fadump.c @@ -47,7 +47,9 @@ static struct fadump_mem_struct fdm; static const struct fadump_mem_struct *fdm_active; static DEFINE_MUTEX(fadump_mutex); -struct fad_crash_memory_ranges crash_memory_ranges[INIT_CRASHMEM_RANGES]; +struct fad_crash_memory_ranges init_crash_memory_ranges[INIT_CRASHMEM_RANGES]; +int max_crash_mem_ranges = INIT_CRASHMEM_RANGES; +struct fad_crash_memory_ranges *crash_memory_ranges = init_crash_memory_ranges; int crash_mem_ranges; /* Scan the Firmware Assisted dump configuration details. */ @@ -871,14 +873,65 @@ static int __init process_fadump(const struct fadump_mem_struct *fdm_active) static inline void fadump_add_crash_memory(unsigned long long base, unsigned long long end) { + u64 start, size; + bool is_adjacent = false; + if (base == end) return; + /* + * Fold adjacent memory ranges to bring down the memory ranges/ + * PT_LOAD segments count. + */ + if (crash_mem_ranges) { + start = crash_memory_ranges[crash_mem_ranges-1].base; + size = crash_memory_ranges[crash_mem_ranges-1].size; + + if ((start + size) == base) + is_adjacent = true; + } + + if (!is_adjacent) { + /* resize the array on reaching the limit */ + if (crash_mem_ranges == max_crash_mem_ranges) { + u64 old_size, new_max; + struct fad_crash_memory_ranges *new_array; + + old_size = max_crash_mem_ranges; + old_size *= sizeof(struct fad_crash_memory_ranges); + + new_max = max_crash_mem_ranges + INIT_CRASHMEM_RANGES; + size = new_max * sizeof(struct fad_crash_memory_ranges); + + pr_debug("Resizing crash memory ranges count from %d to %d\n", + max_crash_mem_ranges, new_max); + + new_array = kmalloc(size, GFP_KERNEL); + if (new_array == NULL) { + pr_warn("Insufficient memory for setting up crash memory ranges\n"); + return; + } + + /* + * Copy the old memory ranges into the new array before + * free'ing it. + */ + memcpy(new_array, crash_memory_ranges, old_size); + if (crash_memory_ranges != init_crash_memory_ranges) + kfree(crash_memory_ranges); + + crash_memory_ranges = new_array; + max_crash_mem_ranges = new_max; + } + start = base; + crash_memory_ranges[crash_mem_ranges].base = start; + crash_mem_ranges++; + } + + crash_memory_ranges[crash_mem_ranges-1].size = (end - start); + pr_debug("crash_memory_range[%d] [%#016llx-%#016llx], %#llx bytes\n", - crash_mem_ranges, base, end - 1, (end - base)); - crash_memory_ranges[crash_mem_ranges].base = base; - crash_memory_ranges[crash_mem_ranges].size = end - base; - crash_mem_ranges++; + (crash_mem_ranges - 1), start, end - 1, (end - start)); } static void fadump_exclude_reserved_area(unsigned long long start,

7 years, 1 month

4
3
0 0

[PATCH v2] zram: remove BD_CAP_SYNCHRONOUS_IO with writeback feature

by Minchan Kim

If zram supports writeback feature, it's no longer a BD_CAP_SYNCHRONOUS_IO device beause zram does asynchronous IO operations for incompressible pages. Do not pretend to be synchronous IO device. It makes the system very sluggish due to waiting for IO completion from upper layers. Furthermore, it causes a user-after-free problem because swap thinks the opearion is done when the IO functions returns so it can free the page (e.g., lock_page_or_retry and goto out_release in do_swap_page) but in fact, IO is asynchronous so the driver could access a just freed page afterward. This patch fixes the problem. BUG: Bad page state in process qemu-system-x86 pfn:3dfab21 page:ffffdfb137eac840 count:0 mapcount:0 mapping:0000000000000000 index:0x1 flags: 0x17fffc000000008(uptodate) raw: 017fffc000000008 dead000000000100 dead000000000200 0000000000000000 raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: PAGE_FLAGS_CHECK_AT_PREP flag set bad because of flags: 0x8(uptodate) Modules linked in: lz4 lz4_compress zram zsmalloc intel_rapl sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel bin fmt_misc pcbc aesni_intel aes_x86_64 crypto_simd cryptd iTCO_wdt glue_helper iTCO_vendor_support intel_cstate lpc_ich mei_me intel_uncore intel_rapl_perf pcspkr joydev sg mfd_core ioatdma mei wmi evdev ipmi_si ipmi_devintf ipmi_msghandler acpi_power_meter acpi_pad button ip_tables x_tables autofs4 ext4 crc32c_generic crc16 mbcache jbd2 fscrypto hid_generic usbhid hid sd_mod xhci_pci ehci_pci ahci libahci xhci_hcd ehci_hcd libata igb i2c_algo_bit crc32c_intel scsi_mod i2c_i8 01 dca usbcore CPU: 4 PID: 1039 Comm: qemu-system-x86 Tainted: G B 4.18.0-rc5+ #1 Hardware name: Supermicro Super Server/X10SRL-F, BIOS 2.0b 05/02/2017 Call Trace: dump_stack+0x5c/0x7b bad_page+0xba/0x120 get_page_from_freelist+0x1016/0x1250 __alloc_pages_nodemask+0xfa/0x250 alloc_pages_vma+0x7c/0x1c0 do_swap_page+0x347/0x920 ? __update_load_avg_se.isra.38+0x1eb/0x1f0 ? cpumask_next_wrap+0x3d/0x60 __handle_mm_fault+0x7b4/0x1110 ? update_load_avg+0x5ea/0x720 handle_mm_fault+0xfc/0x1f0 __get_user_pages+0x12f/0x690 get_user_pages_unlocked+0x148/0x1f0 __gfn_to_pfn_memslot+0xff/0x3c0 [kvm] try_async_pf+0x87/0x230 [kvm] tdp_page_fault+0x132/0x290 [kvm] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] kvm_mmu_page_fault+0x74/0x570 [kvm] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmx_vcpu_run+0x375/0x620 [kvm_intel] kvm_arch_vcpu_ioctl_run+0x9b3/0x1990 [kvm] ? __update_load_avg_se.isra.38+0x1eb/0x1f0 ? kvm_vcpu_ioctl+0x388/0x5d0 [kvm] kvm_vcpu_ioctl+0x388/0x5d0 [kvm] ? __switch_to+0x395/0x450 ? __switch_to+0x395/0x450 do_vfs_ioctl+0xa2/0x630 ? __schedule+0x3fd/0x890 ksys_ioctl+0x70/0x80 ? exit_to_usermode_loop+0xca/0xf0 __x64_sys_ioctl+0x16/0x20 do_syscall_64+0x55/0x100 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7fb30361add7 Code: 00 00 00 48 8b 05 c1 80 2b 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 91 80 2b 00 f7 d8 64 89 01 48 RSP: 002b:00007fb2e97f98b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000000ae80 RCX: 00007fb30361add7 RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 RBP: 00005652b984e0f0 R08: 00005652b7d513d0 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fb308c66000 R14: 0000000000000000 R15: 00005652b984e0f0 * from v1 - description correction - Andrew - add comment about removing BDI_CAP_SYNCHRONOUS_IO Link: https://lore.kernel.org/lkml/0516ae2d-b0fd-92c5-aa92-112ba7bd32fc@contabo.d… Link: http://lkml.kernel.org/r/20180802051112.86174-1-minchan@kernel.org Signed-off-by: Minchan Kim <minchan(a)kernel.org> Reported-by: Tino Lehnig <tino.lehnig(a)contabo.de> Tested-by: Tino Lehnig <tino.lehnig(a)contabo.de> Cc: Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: <stable(a)vger.kernel.org> [4.15+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- drivers/block/zram/zram_drv.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c index 7436b2d27fa3..82aa1a1f383a 100644 --- a/drivers/block/zram/zram_drv.c +++ b/drivers/block/zram/zram_drv.c @@ -298,7 +298,8 @@ static void reset_bdev(struct zram *zram) zram->backing_dev = NULL; zram->old_block_size = 0; zram->bdev = NULL; - + zram->disk->queue->backing_dev_info->capabilities |= + BDI_CAP_SYNCHRONOUS_IO; kvfree(zram->bitmap); zram->bitmap = NULL; } @@ -400,6 +401,18 @@ static ssize_t backing_dev_store(struct device *dev, zram->backing_dev = backing_dev; zram->bitmap = bitmap; zram->nr_pages = nr_pages; + /* + * With writeback feature, zram does asynchronous IO so it's no longer + * synchronous device so let's remove synchronous io flag. Othewise, + * upper layer(e.g., swap) could wait IO completion rather than + * (submit and return), which will cause system sluggish. + * Furthermore, when the IO function returns(e.g., swap_readpage), + * upper layer expects IO was done so it could deallocate the page + * freely but in fact, IO is going on so finally could cause + * use-after-free when the IO is really done. + */ + zram->disk->queue->backing_dev_info->capabilities &= + ~BDI_CAP_SYNCHRONOUS_IO; up_write(&zram->init_lock); pr_info("setup backing device %s\n", file_name); -- 2.18.0.597.ga71716f1ad-goog

7 years, 1 month

1
0
0 0

[PATCH 1/2] zram: remove BD_CAP_SYNCHRONOUS_IO with writeback feature

by Minchan Kim

If zram supports writeback feature, it's no more syncrhonous device beause zram does synchronous IO opeation for incompressible page. Do not pretend to be syncrhonous IO device. It makes system very sluggish as waiting IO completion from upper layer. Furthermore, it makes user-after-free problem because swap think the opearion is done when the IO functions returns so it could free page by will(e.g., lock_page_or_retry and goto out_release in do_swap_page) but in fact, IO is asynchrnous so driver could access just freed page afterward. This patch fixes the problem. BUG: Bad page state in process qemu-system-x86 pfn:3dfab21 page:ffffdfb137eac840 count:0 mapcount:0 mapping:0000000000000000 index:0x1 flags: 0x17fffc000000008(uptodate) raw: 017fffc000000008 dead000000000100 dead000000000200 0000000000000000 raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: PAGE_FLAGS_CHECK_AT_PREP flag set bad because of flags: 0x8(uptodate) Modules linked in: lz4 lz4_compress zram zsmalloc intel_rapl sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel bin fmt_misc pcbc aesni_intel aes_x86_64 crypto_simd cryptd iTCO_wdt glue_helper iTCO_vendor_support intel_cstate lpc_ich mei_me intel_uncore intel_rapl_perf pcspkr joydev sg mfd_core ioatdma mei wmi evdev ipmi_si ipmi_devintf ipmi_msghandler acpi_power_meter acpi_pad button ip_tables x_tables autofs4 ext4 crc32c_generic crc16 mbcache jbd2 fscrypto hid_generic usbhid hid sd_mod xhci_pci ehci_pci ahci libahci xhci_hcd ehci_hcd libata igb i2c_algo_bit crc32c_intel scsi_mod i2c_i8 01 dca usbcore CPU: 4 PID: 1039 Comm: qemu-system-x86 Tainted: G B 4.18.0-rc5+ #1 Hardware name: Supermicro Super Server/X10SRL-F, BIOS 2.0b 05/02/2017 Call Trace: dump_stack+0x5c/0x7b bad_page+0xba/0x120 get_page_from_freelist+0x1016/0x1250 __alloc_pages_nodemask+0xfa/0x250 alloc_pages_vma+0x7c/0x1c0 do_swap_page+0x347/0x920 ? __update_load_avg_se.isra.38+0x1eb/0x1f0 ? cpumask_next_wrap+0x3d/0x60 __handle_mm_fault+0x7b4/0x1110 ? update_load_avg+0x5ea/0x720 handle_mm_fault+0xfc/0x1f0 __get_user_pages+0x12f/0x690 get_user_pages_unlocked+0x148/0x1f0 __gfn_to_pfn_memslot+0xff/0x3c0 [kvm] try_async_pf+0x87/0x230 [kvm] tdp_page_fault+0x132/0x290 [kvm] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] kvm_mmu_page_fault+0x74/0x570 [kvm] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmx_vcpu_run+0x375/0x620 [kvm_intel] kvm_arch_vcpu_ioctl_run+0x9b3/0x1990 [kvm] ? __update_load_avg_se.isra.38+0x1eb/0x1f0 ? kvm_vcpu_ioctl+0x388/0x5d0 [kvm] kvm_vcpu_ioctl+0x388/0x5d0 [kvm] ? __switch_to+0x395/0x450 ? __switch_to+0x395/0x450 do_vfs_ioctl+0xa2/0x630 ? __schedule+0x3fd/0x890 ksys_ioctl+0x70/0x80 ? exit_to_usermode_loop+0xca/0xf0 __x64_sys_ioctl+0x16/0x20 do_syscall_64+0x55/0x100 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7fb30361add7 Code: 00 00 00 48 8b 05 c1 80 2b 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 91 80 2b 00 f7 d8 64 89 01 48 RSP: 002b:00007fb2e97f98b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000000ae80 RCX: 00007fb30361add7 RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 RBP: 00005652b984e0f0 R08: 00005652b7d513d0 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fb308c66000 R14: 0000000000000000 R15: 00005652b984e0f0 Link: https://lore.kernel.org/lkml/0516ae2d-b0fd-92c5-aa92-112ba7bd32fc@contabo.d… Reported-by: Tino Lehnig <tino.lehnig(a)contabo.de> Cc: Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> Cc: Tino Lehnig <tino.lehnig(a)contabo.de> Cc: <stable(a)vger.kernel.org> # v4.15+ Tested-by: Tino Lehnig <tino.lehnig(a)contabo.de> Signed-off-by: Minchan Kim <minchan(a)kernel.org> --- drivers/block/zram/zram_drv.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/block/zram/zram_drv.c b/drivers/block/zram/zram_drv.c index 7436b2d27fa3..0b6eda1bd77a 100644 --- a/drivers/block/zram/zram_drv.c +++ b/drivers/block/zram/zram_drv.c @@ -298,7 +298,8 @@ static void reset_bdev(struct zram *zram) zram->backing_dev = NULL; zram->old_block_size = 0; zram->bdev = NULL; - + zram->disk->queue->backing_dev_info->capabilities |= + BDI_CAP_SYNCHRONOUS_IO; kvfree(zram->bitmap); zram->bitmap = NULL; } @@ -400,6 +401,8 @@ static ssize_t backing_dev_store(struct device *dev, zram->backing_dev = backing_dev; zram->bitmap = bitmap; zram->nr_pages = nr_pages; + zram->disk->queue->backing_dev_info->capabilities &= + ~BDI_CAP_SYNCHRONOUS_IO; up_write(&zram->init_lock); pr_info("setup backing device %s\n", file_name); -- 2.18.0.597.ga71716f1ad-goog

7 years, 1 month

3
11
0 0

give editing

by Sam Dennis

Want to know if you have photos for editing? We can edit 300+ images each day. We can work on ecommerce photos, jewelry photos, and portrait photos. We give cut out and clipping path for different kind of photos, and also we provide retouching for them. Send us a test photo and we will do testing for you. Thanks, Sam Dennis

7 years, 1 month

1
0
0 0

Long and short term loan without collateral at 3% interest rate

by Brad Sanwomi

Dear Prospective Client, We provide funding for up to 500 Million USD. Loans are available at 3% interest rate with re-payment period of 1 year to 30 years. We provide:- *Business Loans *Project Loans *Personal Loans *Home Loans e.t.c If interested, please provide the information below:- Name: Amount Needed: Duration: Loan Type(e.g Business, Project or Personal): Country of residence: The above information would help us determine the best way to assist you. Regards Sanwomi Brad

7 years, 1 month

1
0
0 0

[PATCH 4.9 00/32] 4.9.118-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.118 release. There are 32 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon Aug 6 08:26:35 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.118-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.118-rc1 Tony Battersby <tonyb(a)cybernetics.com> scsi: sg: fix minor memory leak in error path Boris Brezillon <boris.brezillon(a)bootlin.com> drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar formats Herbert Xu <herbert(a)gondor.apana.org.au> crypto: padlock-aes - Fix Nano workaround data corruption Roman Kagan <rkagan(a)virtuozzo.com> kvm: x86: vmx: fix vpid leak Jiang Biao <jiang.biao2(a)zte.com.cn> virtio_balloon: fix another race between migration and ballooning Jeremy Cline <jcline(a)redhat.com> net: socket: fix potential spectre v1 gadget in socketcall Anton Vasilyev <vasilyev(a)ispras.ru> can: ems_usb: Fix memory leak on ems_usb_disconnect() Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: more metadata hardenings Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: more metadata hardening Jose Abreu <Jose.Abreu(a)synopsys.com> net: stmmac: Fix WoL for PCI-based setups Jeremy Cline <jcline(a)redhat.com> netlink: Fix spectre v1 gadget in netlink_create() Florian Fainelli <f.fainelli(a)gmail.com> net: dsa: Do not suspend/resume closed slave_dev Eric Dumazet <edumazet(a)google.com> ipv4: frags: handle possible skb truesize change Eric Dumazet <edumazet(a)google.com> inet: frag: enforce memory limits earlier Eric Dumazet <edumazet(a)google.com> bonding: avoid lockdep confusion in bond_get_stats() Boqun Feng <boqun.feng(a)gmail.com> sched/wait: Remove the lockless swait_active() check in swake_up*() Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: intel: Read back TX buffer state Eric Dumazet <edumazet(a)google.com> tcp: add one more quick ack after after ECN events Yousuk Seung <ysseung(a)google.com> tcp: refactor tcp_ecn_check_ce to remove sk type cast Eric Dumazet <edumazet(a)google.com> tcp: do not aggressively quick ack after ECN events Eric Dumazet <edumazet(a)google.com> tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode Eric Dumazet <edumazet(a)google.com> tcp: do not force quickack when receiving out-of-order packets Dmitry Safonov <dima(a)arista.com> netlink: Don't shift with UB on nlk->ngroups Dmitry Safonov <dima(a)arista.com> netlink: Do not subscribe to non-existent groups Xiao Liang <xiliang(a)redhat.com> xen-netfront: wait xenbus state change when load module manually Neal Cardwell <ncardwell(a)google.com> tcp_bbr: fix bw probing to raise in-flight data for very small BDPs Eugeniy Paltsev <Eugeniy.Paltsev(a)synopsys.com> NET: stmmac: align DMA stuff to largest cache line length Anton Vasilyev <vasilyev(a)ispras.ru> net: mdio-mux: bcm-iproc: fix wrong getter and setter pair Stefan Wahren <stefan.wahren(a)i2se.com> net: lan78xx: fix rx handling before first packet is send tangpengpeng <tangpengpeng(a)higon.com> net: fix amd-xgbe flow-control issue Gal Pressman <pressmangal(a)gmail.com> net: ena: Fix use of uninitialized DMA address bits field Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> ipv4: remove BUG_ON() from fib_compute_spec_dst ------------- Diffstat: Makefile | 4 +- arch/x86/kvm/vmx.c | 7 ++-- drivers/crypto/padlock-aes.c | 8 +++- drivers/gpu/drm/vc4/vc4_plane.c | 3 ++ drivers/net/bonding/bond_main.c | 14 ++++++- drivers/net/can/usb/ems_usb.c | 1 + drivers/net/ethernet/amazon/ena/ena_com.c | 1 + drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 4 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/ethernet/stmicro/stmmac/stmmac_pci.c | 40 ++++++++++++++++++- drivers/net/phy/mdio-mux-bcm-iproc.c | 2 +- drivers/net/usb/lan78xx.c | 2 + drivers/net/xen-netfront.c | 6 +++ drivers/pinctrl/intel/pinctrl-intel.c | 7 +++- drivers/scsi/sg.c | 1 + drivers/virtio/virtio_balloon.c | 2 + fs/squashfs/block.c | 2 + fs/squashfs/fragment.c | 13 ++++-- fs/squashfs/squashfs_fs_sb.h | 1 + fs/squashfs/super.c | 5 ++- include/net/tcp.h | 2 +- kernel/sched/swait.c | 6 --- net/dsa/slave.c | 6 +++ net/ipv4/fib_frontend.c | 4 +- net/ipv4/inet_fragment.c | 10 ++--- net/ipv4/ip_fragment.c | 5 +++ net/ipv4/tcp_bbr.c | 4 ++ net/ipv4/tcp_dctcp.c | 4 +- net/ipv4/tcp_input.c | 48 ++++++++++++----------- net/netlink/af_netlink.c | 7 ++++ net/socket.c | 2 + 31 files changed, 161 insertions(+), 62 deletions(-)

7 years, 1 month

4
35
0 0

[PATCH 4.14 00/23] 4.14.61-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.61 release. There are 23 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon Aug 6 08:26:30 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.61-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.61-rc1 Tony Battersby <tonyb(a)cybernetics.com> scsi: sg: fix minor memory leak in error path Boris Brezillon <boris.brezillon(a)bootlin.com> drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar formats Herbert Xu <herbert(a)gondor.apana.org.au> crypto: padlock-aes - Fix Nano workaround data corruption Jack Morgenstein <jackm(a)dev.mellanox.co.il> RDMA/uverbs: Expand primary and alt AV port checks Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> iwlwifi: add more card IDs for 9000 series Mike Rapoport <rppt(a)linux.vnet.ibm.com> userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails Yi Wang <wang.yi59(a)zte.com.cn> audit: fix potential null dereference 'context->module.name' Roman Kagan <rkagan(a)virtuozzo.com> kvm: x86: vmx: fix vpid leak Andy Lutomirski <luto(a)kernel.org> x86/entry/64: Remove %ebx handling from error_entry/exit Len Brown <len.brown(a)intel.com> x86/apic: Future-proof the TSC_DEADLINE quirk for SKX Jiang Biao <jiang.biao2(a)zte.com.cn> virtio_balloon: fix another race between migration and ballooning Jeremy Cline <jcline(a)redhat.com> net: socket: fix potential spectre v1 gadget in socketcall Anton Vasilyev <vasilyev(a)ispras.ru> can: ems_usb: Fix memory leak on ems_usb_disconnect() Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: more metadata hardenings Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: more metadata hardening Eli Cohen <eli(a)mellanox.com> net/mlx5e: E-Switch, Initialize eswitch only if eswitch manager YueHaibing <yuehaibing(a)huawei.com> rxrpc: Fix user call ID check in rxrpc_service_prealloc_one Jose Abreu <Jose.Abreu(a)synopsys.com> net: stmmac: Fix WoL for PCI-based setups Jeremy Cline <jcline(a)redhat.com> netlink: Fix spectre v1 gadget in netlink_create() Florian Fainelli <f.fainelli(a)gmail.com> net: dsa: Do not suspend/resume closed slave_dev Eric Dumazet <edumazet(a)google.com> ipv4: frags: handle possible skb truesize change Eric Dumazet <edumazet(a)google.com> inet: frag: enforce memory limits earlier Eric Dumazet <edumazet(a)google.com> bonding: avoid lockdep confusion in bond_get_stats() ------------- Diffstat: Makefile | 4 +- arch/x86/entry/entry_64.S | 18 ++---- arch/x86/kernel/apic/apic.c | 3 + arch/x86/kvm/vmx.c | 7 +-- drivers/crypto/padlock-aes.c | 8 ++- drivers/gpu/drm/vc4/vc4_plane.c | 3 + drivers/infiniband/core/uverbs_cmd.c | 59 +++++++++++++++++-- drivers/net/bonding/bond_main.c | 14 ++++- drivers/net/can/usb/ems_usb.c | 1 + drivers/net/ethernet/mellanox/mlx5/core/eswitch.c | 4 +- drivers/net/ethernet/stmicro/stmmac/stmmac_pci.c | 40 ++++++++++++- drivers/net/wireless/intel/iwlwifi/cfg/9000.c | 69 +++++++++++++++++++++++ drivers/net/wireless/intel/iwlwifi/iwl-config.h | 5 ++ drivers/net/wireless/intel/iwlwifi/pcie/drv.c | 22 ++++++++ drivers/scsi/sg.c | 1 + drivers/virtio/virtio_balloon.c | 2 + fs/squashfs/block.c | 2 + fs/squashfs/fragment.c | 13 +++-- fs/squashfs/squashfs_fs_sb.h | 1 + fs/squashfs/super.c | 5 +- fs/userfaultfd.c | 4 +- kernel/auditsc.c | 13 +++-- net/dsa/slave.c | 6 ++ net/ipv4/inet_fragment.c | 10 ++-- net/ipv4/ip_fragment.c | 5 ++ net/netlink/af_netlink.c | 2 + net/rxrpc/call_accept.c | 4 +- net/socket.c | 2 + 28 files changed, 276 insertions(+), 51 deletions(-)

7 years, 1 month

3
24
0 0

[PATCH 4.17 00/31] 4.17.13-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.17.13 release. There are 31 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon Aug 6 08:26:21 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.17.13-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.17.13-rc1 Tony Battersby <tonyb(a)cybernetics.com> scsi: sg: fix minor memory leak in error path Boris Brezillon <boris.brezillon(a)bootlin.com> drm/atomic: Initialize variables in drm_atomic_helper_async_check() to make gcc happy Boris Brezillon <boris.brezillon(a)bootlin.com> drm/atomic: Check old_plane_state->crtc in drm_atomic_helper_async_check() Boris Brezillon <boris.brezillon(a)bootlin.com> drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar formats Herbert Xu <herbert(a)gondor.apana.org.au> crypto: padlock-aes - Fix Nano workaround data corruption Jack Morgenstein <jackm(a)dev.mellanox.co.il> RDMA/uverbs: Expand primary and alt AV port checks Rafał Miłecki <rafal(a)milecki.pl> brcmfmac: fix regression in parsing NVRAM for multiple devices Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> iwlwifi: add more card IDs for 9000 series Mike Rapoport <rppt(a)linux.vnet.ibm.com> userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails Jane Chu <jane.chu(a)oracle.com> ipc/shm.c add ->pagesize function to shm_vm_ops Yi Wang <wang.yi59(a)zte.com.cn> audit: fix potential null dereference 'context->module.name' Roman Kagan <rkagan(a)virtuozzo.com> kvm: x86: vmx: fix vpid leak Andy Lutomirski <luto(a)kernel.org> x86/entry/64: Remove %ebx handling from error_entry/exit Len Brown <len.brown(a)intel.com> x86/apic: Future-proof the TSC_DEADLINE quirk for SKX Brijesh Singh <brijesh.singh(a)amd.com> x86/efi: Access EFI MMIO data as unencrypted when SEV is active Jiang Biao <jiang.biao2(a)zte.com.cn> virtio_balloon: fix another race between migration and ballooning Jeremy Cline <jcline(a)redhat.com> net: socket: Fix potential spectre v1 gadget in sock_is_registered Jeremy Cline <jcline(a)redhat.com> net: socket: fix potential spectre v1 gadget in socketcall Anton Vasilyev <vasilyev(a)ispras.ru> can: ems_usb: Fix memory leak on ems_usb_disconnect() Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: more metadata hardenings Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: more metadata hardening Feras Daoud <ferasda(a)mellanox.com> net/mlx5e: IPoIB, Set the netdevice sw mtu in ipoib enhanced flow Or Gerlitz <ogerlitz(a)mellanox.com> net/mlx5e: Set port trust mode to PCP as default Eli Cohen <eli(a)mellanox.com> net/mlx5e: E-Switch, Initialize eswitch only if eswitch manager YueHaibing <yuehaibing(a)huawei.com> rxrpc: Fix user call ID check in rxrpc_service_prealloc_one Jose Abreu <Jose.Abreu(a)synopsys.com> net: stmmac: Fix WoL for PCI-based setups Jeremy Cline <jcline(a)redhat.com> netlink: Fix spectre v1 gadget in netlink_create() Florian Fainelli <f.fainelli(a)gmail.com> net: dsa: Do not suspend/resume closed slave_dev Eric Dumazet <edumazet(a)google.com> ipv4: frags: handle possible skb truesize change Eric Dumazet <edumazet(a)google.com> inet: frag: enforce memory limits earlier Eric Dumazet <edumazet(a)google.com> bonding: avoid lockdep confusion in bond_get_stats() ------------- Diffstat: Makefile | 4 +- arch/x86/entry/entry_64.S | 18 ++---- arch/x86/kernel/apic/apic.c | 3 + arch/x86/kvm/vmx.c | 7 +-- arch/x86/platform/efi/efi_64.c | 2 +- drivers/crypto/padlock-aes.c | 8 ++- drivers/gpu/drm/drm_atomic_helper.c | 8 ++- drivers/gpu/drm/vc4/vc4_plane.c | 3 + drivers/infiniband/core/uverbs_cmd.c | 59 ++++++++++++++++-- drivers/net/bonding/bond_main.c | 14 ++++- drivers/net/can/usb/ems_usb.c | 1 + drivers/net/ethernet/mellanox/mlx5/core/en_dcbnl.c | 2 + drivers/net/ethernet/mellanox/mlx5/core/eswitch.c | 4 +- .../net/ethernet/mellanox/mlx5/core/ipoib/ipoib.c | 4 ++ drivers/net/ethernet/stmicro/stmmac/stmmac_pci.c | 40 ++++++++++++- .../wireless/broadcom/brcm80211/brcmfmac/pcie.c | 3 +- drivers/net/wireless/intel/iwlwifi/cfg/9000.c | 69 ++++++++++++++++++++++ drivers/net/wireless/intel/iwlwifi/iwl-config.h | 5 ++ drivers/net/wireless/intel/iwlwifi/pcie/drv.c | 22 +++++++ drivers/scsi/sg.c | 1 + drivers/virtio/virtio_balloon.c | 2 + fs/squashfs/block.c | 2 + fs/squashfs/fragment.c | 13 ++-- fs/squashfs/squashfs_fs_sb.h | 1 + fs/squashfs/super.c | 5 +- fs/userfaultfd.c | 4 +- ipc/shm.c | 12 ++++ kernel/auditsc.c | 13 ++-- mm/hugetlb.c | 7 +++ net/dsa/slave.c | 6 ++ net/ipv4/inet_fragment.c | 6 +- net/ipv4/ip_fragment.c | 5 ++ net/netlink/af_netlink.c | 2 + net/rxrpc/call_accept.c | 4 +- net/socket.c | 5 +- 35 files changed, 309 insertions(+), 55 deletions(-)

7 years, 1 month

3
31
0 0

[PATCHv2] netlink: Don't shift on 64 for ngroups

by Dmitry Safonov

It's legal to have 64 groups for netlink_sock. As user-supplied nladdr->nl_groups is __u32, it's possible to subscribe only to first 32 groups. The check for correctness of .bind() userspace supplied parameter is done by applying mask made from ngroups shift. Which broke Android as they have 64 groups and the shift for mask resulted in an overflow. Fixes: 61f4b23769f0 ("netlink: Don't shift with UB on nlk->ngroups") Cc: "David S. Miller" <davem(a)davemloft.net> Cc: Herbert Xu <herbert(a)gondor.apana.org.au> Cc: Steffen Klassert <steffen.klassert(a)secunet.com> Cc: netdev(a)vger.kernel.org Cc: stable(a)vger.kernel.org Reported-and-Tested-by: Nathan Chancellor <natechancellor(a)gmail.com> Signed-off-by: Dmitry Safonov <dima(a)arista.com> --- v2: sizeof() is in bytes net/netlink/af_netlink.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index 7d860a22e5fb..d6ff4d409437 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -1011,8 +1011,8 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr, if (nlk->ngroups == 0) groups = 0; - else - groups &= (1ULL << nlk->ngroups) - 1; + else if (nlk->ngroups < 8*sizeof(groups)) + groups &= (1UL << nlk->ngroups) - 1; bound = nlk->bound; if (bound) { -- 2.13.6

7 years, 1 month

2
1
0 0

[PATCH] netlink: Don't shift on 64 for ngroups

by Dmitry Safonov

It's legal to have 64 groups for netlink_sock. As user-supplied nladdr->nl_groups is __u32, it's possible to subscribe only to first 32 groups. The check for correctness of .bind() userspace supplied parameter is done by applying mask made from ngroups shift. Which broke Android as they have 64 groups and the shift for mask resulted in an overflow. Fixes: 61f4b23769f0 ("netlink: Don't shift with UB on nlk->ngroups") Cc: "David S. Miller" <davem(a)davemloft.net> Cc: Herbert Xu <herbert(a)gondor.apana.org.au> Cc: Steffen Klassert <steffen.klassert(a)secunet.com> Cc: netdev(a)vger.kernel.org Cc: stable(a)vger.kernel.org Reported-and-Tested-by: Nathan Chancellor <natechancellor(a)gmail.com> Signed-off-by: Dmitry Safonov <dima(a)arista.com> --- net/netlink/af_netlink.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index 7d860a22e5fb..e44edadfad20 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -1011,8 +1011,8 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr, if (nlk->ngroups == 0) groups = 0; - else - groups &= (1ULL << nlk->ngroups) - 1; + else if (nlk->ngroups < sizeof(long unsigned int)) + groups &= (1UL << nlk->ngroups) - 1; bound = nlk->bound; if (bound) { -- 2.13.6

7 years, 1 month

2
2
0 0

Long and short term loan without collateral at 3% interest rate

by Brad Sanwomi

Dear Prospective Client, We provide funding for up to 500 Million USD. Loans are available at 3% interest rate with re-payment period of 1 year to 30 years. We provide:- *Business Loans *Project Loans *Personal Loans *Home Loans e.t.c If interested, please provide the information below:- Name: Amount Needed: Duration: Loan Type(e.g Business, Project or Personal): Country of residence: The above information would help us determine the best way to assist you. Regards Sanwomi Brad

7 years, 1 month

1
0
0 0

[GIT PULL] usercopy fix for v4.18-rc8

by Kees Cook

Hi, Please pull this usercopy fix for v4.18-rc8. Bart Massey discovered that the usercopy whitelist for JFS was incomplete: the inline inode data may intentionally "overflow" into the neighboring "extended area", so the size of the whitelist needed to be raised to include the neighboring field. Thanks! -Kees The following changes since commit 7daf201d7fe8334e2d2364d4e8ed3394ec9af819: Linux 4.18-rc2 (2018-06-24 20:54:29 +0800) are available in the Git repository at: https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git tags/usercopy-fix-v4.18-rc8 for you to fetch changes up to 961b33c244e5ba1543ae26270a1ba29f29c2db83: jfs: Fix usercopy whitelist for inline inode data (2018-08-04 07:53:46 -0700) ---------------------------------------------------------------- - Fix JFS usercopy whitelist (it needed to cover neighboring field too) for "overflow" inline inode data. ---------------------------------------------------------------- Kees Cook (1): jfs: Fix usercopy whitelist for inline inode data fs/jfs/jfs_dinode.h | 7 +++++++ fs/jfs/jfs_incore.h | 1 + fs/jfs/super.c | 3 +-- 3 files changed, 9 insertions(+), 2 deletions(-) -- Kees Cook Pixel Security

7 years, 1 month

1
0
0 0

[PATCH 3.18.y] Fix compilation error backporting upstream commit 9fc12023d6f5

by Lorenzo Bianconi

Fix following compilation error backporting upstream commit 9fc12023d6f5 ("ipv4: remove BUG_ON() from fib_compute_spec_dst) net/ipv4/fib_frontend.c: In function 'fib_compute_spec_dst': net/ipv4/fib_frontend.c:225:3: error: expected expression before 'if' if (!fib_lookup(net, &fl4, &res)) net/ipv4/fib_frontend.c:200:20: warning: unused variable 'res' struct fib_result res; Fixes: 0e46da6c6fac ("ipv4: remove BUG_ON() from fib_compute_spec_dst") Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> --- net/ipv4/fib_frontend.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c index 924db4bedd88..0b29649627a7 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c @@ -221,7 +221,7 @@ __be32 fib_compute_spec_dst(struct sk_buff *skb) fl4.saddr = 0; fl4.flowi4_tos = RT_TOS(ip_hdr(skb)->tos); fl4.flowi4_scope = scope; - fl4.flowi4_mark = vmark ? skb->mark : 0, + fl4.flowi4_mark = vmark ? skb->mark : 0; if (!fib_lookup(net, &fl4, &res)) return FIB_RES_PREFSRC(net, res); } else { -- 2.18.0

7 years, 1 month

2
2
0 0

Linux 4.17.12

by Greg KH

I'm announcing the release of the 4.17.12 kernel. All users of the 4.17 kernel series must upgrade. The updated 4.17.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.17.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/net/dsa/qca8k.txt | 23 + Documentation/devicetree/bindings/net/meson-dwmac.txt | 1 Documentation/devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 Documentation/devicetree/bindings/watchdog/renesas-wdt.txt | 1 Documentation/vfio-mediated-device.txt | 5 Makefile | 2 arch/arm/boot/dts/emev2.dtsi | 5 arch/arm/boot/dts/imx53-ppd.dts | 2 arch/arm/boot/dts/imx53.dtsi | 8 arch/arm/boot/dts/imx6qdl-wandboard-revb1.dtsi | 1 arch/arm/boot/dts/imx6qdl-wandboard-revc1.dtsi | 1 arch/arm/boot/dts/imx6qdl-wandboard-revd1.dtsi | 1 arch/arm/boot/dts/imx6qdl-wandboard.dtsi | 8 arch/arm/boot/dts/sh73a0.dtsi | 5 arch/arm/boot/dts/stih407-pinctrl.dtsi | 10 arch/arm/boot/dts/stih410.dtsi | 18 - arch/arm/net/bpf_jit_32.c | 10 arch/arm64/boot/dts/renesas/salvator-common.dtsi | 38 +- arch/arm64/configs/defconfig | 2 arch/arm64/include/asm/cmpxchg.h | 4 arch/arm64/mm/init.c | 4 arch/microblaze/boot/Makefile | 10 arch/powerpc/include/asm/barrier.h | 15 + arch/powerpc/include/asm/cache.h | 3 arch/powerpc/include/asm/pkeys.h | 2 arch/powerpc/kernel/eeh_driver.c | 28 +- arch/powerpc/kernel/head_8xx.S | 2 arch/powerpc/kernel/pci_32.c | 1 arch/powerpc/kernel/prom_init.c | 114 ++++---- arch/powerpc/lib/string.S | 7 arch/powerpc/mm/slb.c | 8 arch/powerpc/net/bpf_jit_comp64.c | 34 +- arch/powerpc/platforms/chrp/time.c | 6 arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 arch/powerpc/platforms/powermac/bootx_init.c | 4 arch/powerpc/platforms/powermac/setup.c | 1 arch/s390/include/asm/cpu_mf.h | 6 arch/sh/boards/mach-migor/setup.c | 2 arch/x86/events/intel/uncore.c | 2 arch/x86/events/intel/uncore_nhmex.c | 2 arch/x86/kernel/cpu/microcode/core.c | 6 arch/x86/kvm/mmu.c | 2 arch/x86/kvm/svm.c | 8 block/bfq-iosched.c | 2 block/bio.c | 19 - crypto/authenc.c | 1 crypto/authencesn.c | 1 drivers/acpi/acpi_lpss.c | 32 +- drivers/acpi/acpica/psloop.c | 19 - drivers/acpi/pci_root.c | 4 drivers/ata/libata-eh.c | 12 drivers/bluetooth/btusb.c | 4 drivers/bluetooth/hci_qca.c | 2 drivers/char/random.c | 10 drivers/clk/clk-si544.c | 1 drivers/clk/ingenic/jz4770-cgu.c | 3 drivers/edac/altera_edac.c | 2 drivers/gpio/gpio-uniphier.c | 6 drivers/gpio/gpiolib-of.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_mn.c | 17 - drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 8 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 8 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_irq.c | 3 drivers/gpu/drm/amd/display/dc/dce110/dce110_hw_sequencer.c | 4 drivers/gpu/drm/amd/powerplay/hwmgr/smu7_hwmgr.c | 7 drivers/gpu/drm/drm_atomic.c | 4 drivers/gpu/drm/drm_atomic_helper.c | 78 ++--- drivers/gpu/drm/drm_dp_mst_topology.c | 9 drivers/gpu/drm/gma500/psb_intel_drv.h | 2 drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 drivers/gpu/drm/i915/i915_drv.h | 1 drivers/gpu/drm/i915/intel_ddi.c | 13 drivers/gpu/drm/i915/intel_display.c | 21 + drivers/gpu/drm/i915/intel_drv.h | 3 drivers/gpu/drm/nouveau/nouveau_dma.c | 10 drivers/gpu/drm/nouveau/nouveau_dma.h | 5 drivers/gpu/drm/nouveau/nouveau_drm.c | 30 +- drivers/gpu/drm/nouveau/nouveau_gem.c | 19 + drivers/gpu/drm/nouveau/nvkm/engine/fifo/gk104.c | 8 drivers/gpu/drm/radeon/radeon_connectors.c | 10 drivers/gpu/drm/rockchip/analogix_dp-rockchip.c | 9 drivers/gpu/drm/stm/ltdc.c | 3 drivers/gpu/host1x/dev.c | 11 drivers/hid/hid-plantronics.c | 6 drivers/hid/i2c-hid/i2c-hid.c | 8 drivers/i2c/busses/i2c-rcar.c | 54 +++- drivers/infiniband/core/mad.c | 11 drivers/infiniband/core/ucma.c | 6 drivers/infiniband/core/uverbs_cmd.c | 5 drivers/infiniband/sw/rdmavt/Kconfig | 2 drivers/infiniband/sw/rxe/Kconfig | 1 drivers/input/mouse/elan_i2c_core.c | 2 drivers/input/serio/i8042-x86ia64io.h | 7 drivers/irqchip/irq-ls-scfg-msi.c | 3 drivers/lightnvm/pblk-core.c | 6 drivers/lightnvm/pblk-rb.c | 5 drivers/lightnvm/pblk-read.c | 8 drivers/md/md.c | 3 drivers/md/raid1.c | 2 drivers/media/cec/cec-pin-error-inj.c | 33 +- drivers/media/common/siano/smsendian.c | 14 - drivers/media/common/videobuf2/videobuf2-core.c | 9 drivers/media/i2c/smiapp/smiapp-core.c | 11 drivers/media/media-device.c | 21 - drivers/media/pci/saa7164/saa7164-fw.c | 3 drivers/media/pci/tw686x/tw686x-video.c | 3 drivers/media/platform/omap3isp/isp.c | 7 drivers/media/platform/rcar_jpu.c | 4 drivers/media/platform/renesas-ceu.c | 20 + drivers/media/radio/si470x/radio-si470x-i2c.c | 6 drivers/media/rc/ir-mce_kbd-decoder.c | 12 drivers/media/usb/em28xx/em28xx-dvb.c | 4 drivers/memory/tegra/mc.c | 22 - drivers/memory/tegra/mc.h | 9 drivers/memory/tegra/tegra114.c | 2 drivers/memory/tegra/tegra124.c | 6 drivers/memory/tegra/tegra210.c | 3 drivers/memory/tegra/tegra30.c | 2 drivers/mfd/cros_ec.c | 6 drivers/mmc/core/pwrseq_simple.c | 14 - drivers/mmc/host/dw_mmc.c | 4 drivers/mmc/host/sdhci-omap.c | 17 - drivers/mtd/nand/raw/fsl_ifc_nand.c | 17 - drivers/net/dsa/qca8k.c | 52 +++ drivers/net/dsa/qca8k.h | 7 drivers/net/ethernet/amazon/ena/ena_com.c | 1 drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 4 drivers/net/ethernet/broadcom/bnxt/bnxt.c | 5 drivers/net/ethernet/broadcom/bnxt/bnxt_sriov.c | 3 drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 2 drivers/net/ethernet/hisilicon/hns3/hnae3.c | 1 drivers/net/ethernet/hisilicon/hns3/hnae3.h | 2 drivers/net/ethernet/hisilicon/hns3/hns3_enet.c | 5 drivers/net/ethernet/hisilicon/hns3/hns3_enet.h | 2 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 17 - drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.h | 2 drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 28 +- drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.h | 2 drivers/net/ethernet/intel/e1000e/netdev.c | 15 - drivers/net/ethernet/intel/i40e/i40e.h | 2 drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 4 drivers/net/ethernet/intel/i40e/i40e_ptp.c | 48 ++- drivers/net/ethernet/intel/igb/igb_main.c | 9 drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c | 8 drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 8 drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 drivers/net/ethernet/marvell/mvpp2.c | 3 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c | 14 - drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c | 4 drivers/net/ethernet/socionext/netsec.c | 23 + drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 drivers/net/hyperv/hyperv_net.h | 2 drivers/net/hyperv/netvsc_drv.c | 43 +-- drivers/net/netdevsim/devlink.c | 1 drivers/net/phy/mdio-mux-bcm-iproc.c | 2 drivers/net/phy/phylink.c | 2 drivers/net/phy/sfp-bus.c | 7 drivers/net/usb/lan78xx.c | 2 drivers/net/virtio_net.c | 41 +-- drivers/net/wireless/ath/ath10k/core.c | 134 +++++----- drivers/net/wireless/ath/ath10k/debug.c | 8 drivers/net/wireless/ath/ath10k/wmi.c | 6 drivers/net/wireless/ath/ath10k/wmi.h | 2 drivers/net/wireless/ath/regd.h | 5 drivers/net/wireless/ath/regd_common.h | 13 drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 8 drivers/net/wireless/intel/iwlwifi/mvm/rs.c | 38 +- drivers/net/wireless/intel/iwlwifi/mvm/rs.h | 7 drivers/net/wireless/intel/iwlwifi/mvm/sta.c | 2 drivers/net/wireless/intel/iwlwifi/mvm/sta.h | 10 drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 drivers/net/wireless/marvell/mwifiex/usb.c | 3 drivers/net/wireless/marvell/mwifiex/util.c | 8 drivers/net/wireless/mediatek/mt76/mt76x2_init.c | 3 drivers/net/wireless/mediatek/mt76/mt76x2_main.c | 3 drivers/net/wireless/mediatek/mt76/mt76x2_phy.c | 6 drivers/net/wireless/mediatek/mt76/tx.c | 2 drivers/net/wireless/quantenna/qtnfmac/cfg80211.c | 21 + drivers/net/wireless/quantenna/qtnfmac/event.c | 8 drivers/net/wireless/quantenna/qtnfmac/pearl/pcie.c | 4 drivers/net/wireless/rsi/rsi_91x_hal.c | 35 +- drivers/net/wireless/rsi/rsi_91x_mac80211.c | 7 drivers/net/wireless/rsi/rsi_91x_sdio.c | 23 + drivers/net/wireless/rsi/rsi_sdio.h | 2 drivers/net/wireless/ti/wlcore/sdio.c | 5 drivers/net/xen-netfront.c | 10 drivers/nvme/host/pci.c | 16 - drivers/nvme/host/rdma.c | 10 drivers/nvme/target/fc.c | 44 ++- drivers/nvmem/core.c | 7 drivers/pci/pci-sysfs.c | 15 - drivers/pci/pcie/aspm.c | 9 drivers/pci/pcie/dpc.c | 5 drivers/pci/probe.c | 4 drivers/perf/arm-cci.c | 6 drivers/perf/arm-ccn.c | 20 - drivers/pinctrl/pinctrl-at91-pio4.c | 4 drivers/pinctrl/qcom/pinctrl-msm.c | 23 + drivers/platform/x86/dell-smbios-base.c | 5 drivers/regulator/cpcap-regulator.c | 2 drivers/regulator/internal.h | 9 drivers/regulator/of_regulator.c | 13 drivers/regulator/pfuze100-regulator.c | 1 drivers/regulator/twl-regulator.c | 2 drivers/rtc/interface.c | 5 drivers/rtc/rtc-tps6586x.c | 14 - drivers/rtc/rtc-tps65910.c | 12 drivers/rtc/rtc-vr41xx.c | 9 drivers/s390/scsi/zfcp_dbf.c | 2 drivers/scsi/3w-9xxx.c | 5 drivers/scsi/3w-xxxx.c | 3 drivers/scsi/cxlflash/main.c | 11 drivers/scsi/cxlflash/sislite.h | 1 drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 11 drivers/scsi/megaraid.c | 3 drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 drivers/scsi/qedf/qedf_main.c | 10 drivers/scsi/scsi_dh.c | 5 drivers/scsi/ufs/ufshcd.c | 28 +- drivers/soc/imx/gpcv2.c | 22 + drivers/soc/qcom/qmi_interface.c | 5 drivers/soc/qcom/smem.c | 27 +- drivers/soc/tegra/pmc.c | 20 - drivers/spi/spi-meson-spicc.c | 11 drivers/spi/spi-s3c64xx.c | 4 drivers/spi/spi-sh-msiof.c | 6 drivers/spi/spi.c | 1 drivers/staging/ks7010/ks7010_sdio.c | 3 drivers/staging/lustre/lnet/klnds/o2iblnd/o2iblnd.c | 2 drivers/staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 30 +- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 drivers/staging/lustre/lustre/llite/xattr.c | 6 drivers/staging/media/atomisp/i2c/atomisp-ov2680.c | 6 drivers/staging/media/atomisp/i2c/gc2235.h | 9 drivers/staging/media/atomisp/i2c/ov2680.h | 5 drivers/staging/media/atomisp/i2c/ov2722.h | 6 drivers/staging/media/atomisp/i2c/ov5693/ov5693.h | 18 + drivers/staging/media/atomisp/pci/atomisp2/atomisp_compat_ioctl32.c | 49 +-- drivers/staging/most/cdev/cdev.c | 6 drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c | 1 drivers/thermal/samsung/exynos_tmu.c | 1 drivers/tty/hvc/hvc_opal.c | 1 drivers/tty/pty.c | 3 drivers/usb/core/hub.c | 4 drivers/vfio/mdev/mdev_core.c | 102 ++----- drivers/vfio/mdev/mdev_private.h | 2 drivers/vfio/platform/vfio_platform_common.c | 15 - drivers/vfio/vfio_iommu_type1.c | 73 +++-- drivers/video/backlight/pwm_bl.c | 6 drivers/watchdog/da9063_wdt.c | 17 + fs/block_dev.c | 9 fs/btrfs/inode.c | 33 +- fs/btrfs/qgroup.c | 19 + fs/btrfs/tree-log.c | 10 fs/ceph/super.c | 13 fs/crypto/crypto.c | 11 fs/ext4/balloc.c | 3 fs/ext4/ialloc.c | 8 fs/ext4/inline.c | 19 - fs/ext4/inode.c | 16 - fs/ext4/super.c | 13 fs/f2fs/data.c | 14 - fs/f2fs/f2fs.h | 8 fs/f2fs/file.c | 20 + fs/f2fs/gc.c | 11 fs/f2fs/segment.c | 5 fs/f2fs/super.c | 6 fs/nfs/inode.c | 3 fs/nfs/nfs4proc.c | 14 - fs/nfs/pnfs.c | 6 fs/nfsd/nfs4state.c | 5 fs/nfsd/nfs4xdr.c | 2 fs/proc/task_mmu.c | 30 +- fs/squashfs/cache.c | 3 fs/squashfs/file.c | 8 fs/squashfs/fragment.c | 4 fs/squashfs/squashfs_fs.h | 6 include/drm/drm_dp_helper.h | 1 include/linux/delayacct.h | 4 include/linux/dma-iommu.h | 1 include/linux/memcontrol.h | 23 + include/linux/mm.h | 9 include/linux/mmc/sdio_ids.h | 1 include/linux/netfilter/ipset/ip_set_timeout.h | 10 include/linux/regulator/consumer.h | 1 include/linux/serial_core.h | 3 include/net/tcp.h | 2 include/soc/tegra/mc.h | 2 include/uapi/sound/asoc.h | 23 + ipc/msg.c | 6 ipc/sem.c | 6 kernel/auditfilter.c | 2 kernel/auditsc.c | 2 kernel/bpf/syscall.c | 37 ++ kernel/bpf/verifier.c | 4 kernel/delayacct.c | 17 - kernel/fork.c | 8 kernel/hung_task.c | 11 kernel/kcov.c | 3 kernel/kthread.c | 8 kernel/memremap.c | 18 + kernel/power/suspend.c | 14 - kernel/printk/printk_safe.c | 2 kernel/sched/cpufreq_schedutil.c | 17 - kernel/stop_machine.c | 24 - kernel/time/clocksource.c | 4 kernel/trace/trace_events_trigger.c | 18 - kernel/trace/trace_kprobe.c | 15 - lib/dma-direct.c | 7 mm/slub.c | 2 mm/vmalloc.c | 3 net/core/dev.c | 17 - net/ipv4/fib_frontend.c | 4 net/ipv4/ipconfig.c | 13 net/ipv4/tcp_bbr.c | 4 net/ipv4/tcp_dctcp.c | 4 net/ipv4/tcp_input.c | 57 ++-- net/netfilter/ipset/ip_set_hash_gen.h | 5 net/netfilter/nf_tables_api.c | 11 net/netlink/af_netlink.c | 5 net/rds/ib_frmr.c | 5 net/rds/ib_mr.h | 3 net/rds/ib_rdma.c | 21 - net/rds/rdma.c | 13 net/rds/rds.h | 5 net/rds/send.c | 12 net/rxrpc/conn_event.c | 2 security/integrity/ima/ima_main.c | 1 sound/pci/emu10k1/emupcm.c | 4 sound/pci/emu10k1/memory.c | 6 sound/pci/fm801.c | 16 - sound/pci/hda/patch_ca0132.c | 8 sound/soc/fsl/fsl_ssi.c | 3 sound/soc/soc-compress.c | 52 ++- sound/soc/soc-pcm.c | 6 sound/soc/soc-topology.c | 19 + sound/usb/pcm.c | 2 tools/perf/util/parse-events.y | 14 - tools/testing/selftests/filesystems/Makefile | 1 tools/testing/selftests/filesystems/devpts_pts.c | 13 tools/testing/selftests/intel_pstate/run.sh | 29 +- tools/testing/selftests/kvm/lib/assert.c | 9 tools/testing/selftests/kvm/vmx_tsc_adjust_test.c | 2 tools/testing/selftests/memfd/run_tests.sh | 14 - tools/usb/usbip/libsrc/vhci_driver.c | 32 +- tools/usb/usbip/libsrc/vhci_driver.h | 3 tools/usb/usbip/src/usbip_detach.c | 9 349 files changed, 2486 insertions(+), 1290 deletions(-) Aaron Lu (1): mem_cgroup: make sure moving_account, move_lock_task and stat_cpu in the same cacheline Alex Elder (3): soc: qcom: qmi: fix a buffer sizing bug soc: qcom: smem: fix qcom_smem_set_global_partition() soc: qcom: smem: byte swap values properly Alex Williamson (2): vfio/mdev: Check globally for duplicate devices vfio/type1: Fix task tracking for QEMU vCPU hotplug Alexander Duyck (1): ixgbe: Fix setting of TC configuration for macvlan case Alexandre Belloni (4): rtc: ensure rtc_set_alarm fails when alarms are not supported rtc: tps6586x: fix possible race condition rtc: vr41xx: fix possible race condition rtc: tps65910: fix possible race condition Alexey Khoroshilov (1): spi: meson-spicc: Fix error handling in meson_spicc_probe() Alexey Kodanev (1): netfilter: nf_tables: check msg_type before nft_trans_set(trans) Anatoly Pugachev (1): disable loading f2fs module on PAGE_SIZE > 4KB Anders Roxell (1): selftests/filesystems: devpts_pts included wrong header Andrew Elble (1): nfsd: fix error handling in nfs4_set_delegation() Andrey Smirnov (1): soc: imx: gpcv2: Do not pass static memory as platform data Andy Shevchenko (1): drm/dp/mst: Fix off-by-one typo when dump payload table Anson Huang (1): regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Antoine Tenart (1): net: phy: sfp: handle cases where neither BR, min nor BR, max is given Anton Vasilyev (1): net: mdio-mux: bcm-iproc: fix wrong getter and setter pair Arjun Vynipadath (1): cxgb4: Added missing break in ndo_udp_tunnel_{add/del} Arnd Bergmann (2): drivers/bus: arm-cci: fix build warnings y2038: ipc: Use ktime_get_real_seconds consistently Artem Savkov (1): tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Avinash Repaka (1): RDS: RDMA: Fix the NULL-ptr deref in rds_ib_get_mr Bartlomiej Zolnierkiewicz (1): thermal: exynos: fix setting rising_threshold for Exynos5433 Ben Hutchings (1): IB: Fix RDMA_RXE and INFINIBAND_RDMAVT dependencies for DMA_VIRT_OPS Ben Skeggs (3): drm/nouveau: remove fence wait code from deferred client work handler drm/nouveau/gem: lookup VMAs for buffers referenced by pushbuf ioctl drm/nouveau/fifo/gk104-: poll for runlist update completion Benjamin Poirier (1): e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes Bjorn Helgaas (1): PCI/ASPM: Disable ASPM L1.2 Substate if we don't have LTR Brad Love (2): media: saa7164: Fix driver name in debug output media: em28xx: Fix DualHD broken second tuner Chad Dupuis (1): scsi: qedf: Set the UNLOADING flag when removing a vport Changbin Du (1): regulator: add dummy function of_find_regulator_by_node Chao Yu (6): f2fs: fix error path of move_data_page f2fs: don't drop dentry pages after fs shutdown f2fs: fix to don't trigger writeback during recovery f2fs: fix to wait page writeback during revoking atomic write f2fs: fix to detect failure of dquot_initialize f2fs: fix race in between GC and atomic open Charles Keepax (1): ASoC: compress: Only call free for components which have been opened Chen-Yu Tsai (1): Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Chengguang Xu (1): ceph: fix alignment of rasize Chintan Pandya (1): mm: vmalloc: avoid racy handling of debugobjects in vunmap Chris Novakovic (1): ipconfig: Correctly initialise ic_nameservers Christian Gromm (1): staging: most: cdev: fix chrdev_region leak Christian Lamparter (1): pinctrl: msm: fix gpio-hog related boot issues Christoph Hellwig (1): PCI: Prevent sysfs disable of device while driver is attached Christophe Leroy (2): powerpc/lib: Adjust .balign inside string functions for PPC32 powerpc/8xx: fix invalid register expression in head_8xx.S Clint Taylor (1): drm/i915/glk: Add Quirk for GLK NUC HDMI port issues. Colin Ian King (1): media: smiapp: fix timeout checking in smiapp_read_nvm Cong Wang (1): infiniband: fix a possible use-after-free bug DaeRyong Jeong (1): tty: Fix data race in tty_insert_flip_string_fixed_flag Damien Le Moal (1): libata: Fix command retry decision Dan Carpenter (2): KVM: x86: prevent integer overflows in KVM_MEMORY_ENCRYPT_REG_REGION scsi: megaraid: silence a static checker bug Daniel Díaz (1): selftests/intel_pstate: Improve test, minor fixes Dave Jiang (1): mm: disallow mappings that conflict for devm_memremap_pages() David Howells (1): rxrpc: Fix terminal retransmission connection ID to include the channel David Sterba (1): btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Dmitry Osipenko (2): memory: tegra: Do not handle spurious interrupts memory: tegra: Apply interrupts mask per SoC Dmitry Safonov (2): netlink: Do not subscribe to non-existent groups netlink: Don't shift with UB on nlk->ngroups Dmitry Torokhov (1): HID: i2c-hid: check if device is there before really probing Dominik Bozek (1): usb: hub: Don't wait for connect state at resume for powered-off ports Donald Shanty III (1): Input: elan_i2c - add ACPI ID for lenovo ideapad 330 Doug Oucahrek (1): staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Doug Oucharek (1): staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 Douglas Anderson (2): serial: core: Make sure compiler barfs for 16-byte earlycon names regulator: Don't return or expect -errno from of_map_mode() Emil Tantilov (1): ixgbevf: fix MAC address changes through ixgbevf_set_mac() Enric Balletbo i Serra (1): arm64: defconfig: Enable Rockchip io-domain driver Eric Biggers (1): fscrypt: use unbound workqueue for decryption Eric Dumazet (4): tcp: do not force quickack when receiving out-of-order packets tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode tcp: do not aggressively quick ack after ECN events tcp: add one more quick ack after after ECN events Erik Schmauss (1): ACPICA: AML Parser: ignore control method status in module-level code Ethan Lien (1): btrfs: balance dirty metadata pages in btrfs_finish_ordered_io Eugeniy Paltsev (1): NET: stmmac: align DMA stuff to largest cache line length Eyal Reizer (1): wlcore: sdio: check for valid platform device data before suspend Ezequiel Garcia (1): media: tw686x: Fix incorrect vb2_mem_ops GFP flags Fabio Estevam (2): ASoC: fsl_ssi: Use u32 variable type when using regmap_read() ARM: dts: imx6qdl-wandboard: Let the codec control MCLK pinctrl Felix Fietkau (1): mt76: add rcu locking around tx scheduling Felix Kuehling (1): drm/amdgpu: Avoid reclaim while holding locks taken in MMU notifier Filippo Muzzini (1): block, bfq: remove wrong lock in bfq_requests_merged Florent Fourcot (1): netfilter: ipset: forbid family for hash:mac sets Florian Fainelli (1): net: phy: phylink: Release link GPIO Fuyun Liang (1): net: hns3: Fixes the init of the VALID BD info in the descriptor Gal Pressman (1): net: ena: Fix use of uninitialized DMA address bits field Ganapathi Bhat (1): mwifiex: handle race during mwifiex_usb_disconnect Geert Uytterhoeven (4): vfio: platform: Fix reset module leak in error path spi: sh-msiof: Fix setting SIRMDR1.SYNCAC to match SITMDR1.SYNCAC ARM: dts: emev2: Add missing interrupt-affinity to PMU node ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Gioh Kim (1): md/raid1: add error handling of read error from FailFast device Greg Edwards (1): block: reset bi_iter.bi_done after splitting bio Greg Kroah-Hartman (1): Linux 4.17.12 Gregory Greenman (1): iwlwifi: mvm: open BA session only when sta is authorized Grygorii Strashko (1): net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Gustavo A. R. Silva (1): qtnfmac: pearl: pcie: fix memory leak in qtnf_fw_work_handler Hans Verkuil (2): media: videobuf2-core: don't call memop 'finish' when queueing media: cec: fix smatch error Hans de Goede (1): ACPI / LPSS: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is 2 Huang Ying (1): mm: /proc/pid/pagemap: hide swap entries from unprivileged users Huazhong Tan (1): net: hns3: Fixes the out of bounds access in hclge_map_tqp Ido Schimmel (1): mlxsw: spectrum_router: Return an error for non-default FIB rules Igor Konopko (2): lightnvm: fix partial read error path lightnvm: proper error handling for pblk_bio_add_pages Jacob Keller (2): i40e: free the skb after clearing the bitlock i40e: avoid overflow in i40e_ptp_adjfreq() Jacopo Mondi (2): media: arch: sh: migor: Fix TW9910 PDN gpio media: renesas-ceu: Set mbus_fmt on subdev operations Jaegeuk Kim (2): f2fs: avoid fsync() failure caused by EAGAIN in writepage() f2fs: check cap_resource only for data blocks Jakub Kicinski (2): bpf: fix references to free_bpf_prog_info() in comments netdevsim: don't leak devlink resources Jakub Pawlak (1): i40e: Add advertising 10G LR mode James Simmons (1): staging: lustre: llite: correct removexattr detection James Smart (1): nvmet-fc: fix target sgl list on large transfers Jan Kiszka (1): PCI: Fix devm_pci_alloc_host_bridge() memory leak Jane Wan (1): mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Javier González (1): lightnvm: pblk: warn in case of corrupted write buffer Jens Remus (1): scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger Jian-Hong Pan (1): Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Jianchao Wang (1): nvme-rdma: stop admin queue before freeing it Jiri Olsa (1): perf tools: Fix pmu events parsing rule Johannes Weiner (1): arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups Jonathan Neuschäfer (1): powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet José Roberto de Souza (1): drm: Add DP PSR2 sink enable bit Jozsef Kadlecsik (1): netfilter: ipset: List timing out entries with "timeout 1" instead of zero Juergen Gross (1): xen/netfront: raise max number of slots in xennet_get_responses() Julia Lawall (1): pinctrl: at91-pio4: add missing of_node_put KT Liao (1): Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Kai Chieh Chuang (1): ASoC: dpcm: fix BE dai not hw_free and shutdown Kan Liang (2): perf/x86/intel/uncore: Correct fixed counter index check in generic code perf/x86/intel/uncore: Correct fixed counter index check for NHM Keith Busch (1): nvme-pci: Fix AER reset handling Kenneth Feng (1): drm/amd/powerplay: Set higher SCLK&MCLK frequency than dpm7 in OD (v2) Kirill Marinushkin (2): ASoC: topology: Fix bclk and fsync inversion in set_link_hw_format() ASoC: topology: Add missing clock gating parameter when parsing hw_configs Kishon Vijay Abraham I (1): mmc: sdhci-omap: Fix when capabilities are obtained from SDHCI_CAPABILITIES reg Kuninori Morimoto (1): arm64: dts: renesas: salvator-common: use audio-graph-card for Sound Laurentiu Tudor (1): irqchip/ls-scfg-msi: Map MSIs in the iommu Lawrence Brakmo (1): tcp: ack immediately when a cwr packet arrives Leo (Sunpeng) Li (1): drm/amd/display: Fix dim display on DCE11 Leon Romanovsky (2): RDMA/mad: Convert BUG_ONs to error flows RDMA/uverbs: Protect from attempts to create flows on unsupported QP Lijun Ou (1): net: hns3: Fixes initalization of RoCE handle and makes it conditional Linus Torvalds (1): squashfs: be more careful about metadata corruption Linus Walleij (1): gpio: of: Handle fixed regulator flags properly Lorenzo Bianconi (3): mt76x2: apply coverage class on slot time too mt76x2: fix avg_rssi estimation ipv4: remove BUG_ON() from fib_compute_spec_dst Luc Van Oostenryck (2): drm/radeon: fix mode_valid's return type drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Luis Henriques (1): ceph: fix use-after-free in ceph_statfs() Marc Zyngier (1): dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA Marco Felsch (1): watchdog: da9063: Fix updating timeout value Marek Szyprowski (1): spi: spi-s3c64xx: Fix system resume support Mario Limonciello (1): platform/x86: dell-smbios: Match on www.dell.com in OEM strings too Mark Rutland (2): kcov: ensure irq code sees a valid area drivers/perf: arm-ccn: don't log to dmesg in event_init Martin Blumenstingl (1): dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Martin Wilck (2): block: bio_iov_iter_get_pages: fix size of last iovec blkdev: __blkdev_direct_IO_simple: fix leak in error case Masahiro Yamada (1): gpio: uniphier: set legitimate irq trigger type in .to_irq hook Masahisa KOJIMA (1): net: socionext: reset hardware in ndo_stop Mathieu Malaterre (8): mm/slub.c: add __printf verification to slab_err() powerpc/32: Add a missing include header powerpc/chrp/time: Make some functions static, add missing header include powerpc/powermac: Add missing prototype for note_bootable_part() powerpc/powermac: Mark variable x as unused powerpc: Add __printf verification to prom_printf clocksource: Move inline keyword to the beginning of function declarations nvmem: properly handle returned value nvmem_reg_read Matthew R. Ochs (1): scsi: cxlflash: Avoid clobbering context control register value Mauro Carvalho Chehab (7): media: cec-pin-error-inj: avoid a false-positive Spectre detection media: atomisp: ov2680: don't declare unused vars media: staging: atomisp: Comment out several unused sensor resolutions media: em28xx: fix a regression with HVR-950 media: siano: get rid of __le32/__le16 cast warnings media: atomisp: compat32: fix __user annotations media: si470x: fix __be16 annotations Maxime Chevallier (1): net: mvpp2: Add missing VLAN tag detection Maya Erez (1): scsi: ufs: fix exception event handling Michael Chan (2): bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. bnxt_en: Always forward VF MAC address to the PF. Michael Grzeschik (1): usbip: dynamically allocate idev by nports found in sysfs Michal Simek (1): microblaze: Fix simpleImage format generation Michal Suchanek (1): powerpc/64s: Add barrier_nospec Michal Vokáč (5): net: dsa: qca8k: Add support for QCA8334 switch net: dsa: qca8k: Force CPU port to its highest bandwidth net: dsa: qca8k: Enable RXMAC when bringing up a port net: dsa: qca8k: Add QCA8334 binding documentation net: dsa: qca8k: Allow overwriting CPU port setting Mika Westerberg (1): PCI: pciehp: Request control of native hotplug only if supported Mike Looijmans (1): clk-si544: Properly round requested frequency to nearest match Mikita Lipski (1): drm/amd/display: Do not program interrupt status on disabled crtc Mimi Zohar (1): ima: based on policy verify firmware signatures (pre-allocated buffer) Neal Cardwell (1): tcp_bbr: fix bw probing to raise in-flight data for very small BDPs NeilBrown (1): staging: lustre: ldlm: free resource when ldlm_lock_create() fails. Nicholas Piggin (1): powerpc/64s: Fix compiler store ordering to SLB shadow area Olga Kornievskaia (1): skip LAYOUTRETURN if layout is invalid Omar Sandoval (2): Btrfs: don't return ino to ino cache if inode item removal fails Btrfs: don't BUG_ON() in btrfs_truncate_inode_items() Ondrej Mosnáček (1): audit: allow not equal op for audit by executable Oza Pawandeep (1): PCI/DPC: Clear interrupt status in interrupt handler top half Patrice Chotard (2): ARM: dts: stih410: Fix complain about IRQ_TYPE_NONE usage ARM: dts: stih407-pinctrl: Fix complain about IRQ_TYPE_NONE usage Patrick Bellasi (1): sched/cpufreq: Modify aggregate utilization to always include blocked FAIR utilization Paul Cercueil (1): clk: ingenic: jz4770: Modify C1CLK clock to disable CPU clock stop on idle Petr Machata (1): mlxsw: spectrum_switchdev: Fix port_vlan refcounting Philippe CORNU (1): drm/stm: ltdc: fix warning in ltdc_crtc_update_clut() Qu Wenruo (1): btrfs: qgroup: Finish rescan when hit the last leaf of extent tree Rafael J. Wysocki (1): ACPI / LPSS: Avoid PM quirks on suspend and resume from hibernation Ram Pai (1): mm, powerpc, x86: define VM_PKEY_BITx bits if CONFIG_ARCH_HAS_PKEYS is enabled Rob Herring (1): ARM: dts: imx53: Fix LDB OF graph warning Sahitya Tummala (1): f2fs: Fix deadlock in shutdown ioctl Sam Bobroff (1): powerpc/eeh: Fix use-after-release of EEH driver Sami Tolvanen (1): media: media-device: fix ioctl function types Samuel Li (1): drm/amdgpu: Remove VRAM from shared bo domains. Sandipan Das (2): bpf: fix multi-function JITed dump obtained via syscall bpf: powerpc64: pad function address loads with NOPs Sanjay Kumar Konduri (1): rsi: Add null check for virtual interfaces in wowlan config Satendra Singh Thakur (1): drm/atomic: Handling the case when setting old crtc for plane Scott Mayhew (1): nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Scott Wood (1): x86/microcode: Make the late update update_lock a raw lock for RT Sean Lanigan (1): brcmfmac: Add support for bcm43364 wireless chipset Sean Young (1): media: rc: mce_kbd decoder: low timeout values cause double keydowns Sebastian Andrzej Siewior (2): PM / wakeup: Make s2idle_lock a RAW_SPINLOCK delayacct: Use raw_spinlocks Sergey Matyukevich (1): qtnfmac: fix invalid STA state on EAPOL failure Sergey Senozhatsky (1): printk: drop in_nmi check from printk_safe_flush_on_panic() Sergio Paracuellos (1): staging: ks7010: fix error handling in ks7010_upload_firmware Shakeel Butt (1): kvm, mm: account shadow page tables to kmemcg Shaul Triebitz (1): iwlwifi: pcie: fix race in Rx buffer allocator Shawn Lin (1): mmc: dw_mmc: update actual clock for mmc debugfs Shirish S (1): drm/amd/display: remove need of modeset flag for overlay planes (V2) Shivasharan S (1): scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Shuah Khan (Samsung OSG) (5): usbip: usbip_detach: Fix memory, udev context and udev leak selftests: memfd: return Kselftest Skip code for skipped tests selftests: kvm: return Kselftest Skip code for skipped tests selftests: intel_pstate: return Kselftest Skip code for skipped tests selftests: filesystems: return Kselftest Skip code for skipped tests Siva Rebbagondla (2): rsi: Fix 'invalid vdd' warning in mmc rsi: fix nommu_map_sg overflow kernel panic Snild Dolkow (1): kthread, tracing: Don't expose half-written comm when creating kthreads Stefan Wahren (2): staging: vchiq_core: Fix missing semaphore release in error case net: lan78xx: fix rx handling before first packet is send Stephen Hemminger (1): hv_netvsc: fix network namespace issues with VF support Steven Rostedt (VMware) (3): tracing: Fix double free of event_trigger_data tracing: Fix possible double free in event_enable_trigger_func() tracing: Quiet gcc warning about maybe unused link variable Stewart Smith (1): hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Subhash Jadavani (1): scsi: ufs: ufshcd: fix possible unclocked register access Suman Anna (1): media: omap3isp: fix unbalanced dma_iommu_mapping Sven Eckelmann (9): ath: Add regulatory mapping for FCC3_ETSIC ath: Add regulatory mapping for ETSI8_WORLD ath: Add regulatory mapping for APL13_WORLD ath: Add regulatory mapping for APL2_FCCA ath: Add regulatory mapping for Uganda ath: Add regulatory mapping for Tanzania ath: Add regulatory mapping for Serbia ath: Add regulatory mapping for Bermuda ath: Add regulatory mapping for Bahamas Takashi Iwai (3): ALSA: emu10k1: Rate-limit error messages about page errors ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback dma-direct: try reallocation with GFP_DMA32 if possible Takashi Sakamoto (1): ALSA: hda/ca0132: fix build failure when a local macro is defined Tamizh Chelvam (1): ath10k: fix kernel panic while reading tpc_stats Tariq Toukan (1): net: rollback orig value on failure of dev_qdisc_change_tx_queue_len Tejun Heo (1): delayacct: fix crash in delayacct_blkio_end() after delayacct init failure Terry Junge (1): HID: hid-plantronics: Re-resend Update to map button for PTT products Tetsuo Handa (2): mm: check for SIGKILL inside dup_mmap() loop kernel/hung_task.c: show all hung tasks before panic Theodore Ts'o (5): random: mix rdrand with entropy sent in from userspace ext4: fix false negatives *and* false positives in ext4_check_descriptors() ext4: fix inline data updates with checksums enabled ext4: check for allocation block validity with block group locked ext4: fix check to prevent initializing reserved inodes Thierry Escande (1): Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Thierry Reding (1): gpu: host1x: Acquire a reference to the IOVA cache Thomas Gleixner (1): stop_machine: Use raw spinlocks Thomas Hebb (1): ath10k: search all IEs for variant before falling back Thomas Richter (2): s390/cpum_sf: Add data entry sizes to sampling trailer entry perf: fix invalid bit in diagnostic entry Thor Thayer (1): EDAC, altera: Fix ARM64 build warning Tobin C. Harding (1): mmc: pwrseq: Use kmalloc_array instead of stack VLA Tomasz Figa (1): drm/rockchip: analogix_dp: Do not call Analogix code before bind Tony Lindgren (1): spi: Add missing pm_runtime_put_noidle() after failed get Toshiaki Makita (1): virtio_net: Fix incosistent received bytes counter Trond Myklebust (3): NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY pnfs: Don't release the sequence slot until we've processed layoutget on open NFS: Fix up nfs_post_op_update_inode() to force ctime updates Tudor-Dan Ambarus (2): crypto: authencesn - don't leak pointers to authenc keys crypto: authenc - don't leak pointers to authenc keys Uma Krishnan (1): scsi: cxlflash: Synchronize reset and remove ops Vic Wei (1): Bluetooth: btusb: add ID for LiteOn 04ca:301a Ville Syrjälä (1): drm/atomic-helper: Drop plane->fb references only for drm_atomic_helper_shutdown() Vincent Palatin (1): mfd: cros_ec: Fail early if we cannot identify the EC Vinicius Costa Gomes (1): igb: Fix queue selection on MAC filters on i210 Viresh Kumar (1): soc/tegra: pmc: Don't allocate struct tegra_powergate on stack Wang YanQing (1): bpf, arm32: fix inconsistent naming about emit_a32_lsr_{r64,i64} Wei Xu (1): nvme: lightnvm: add granby support Wei Yongjun (1): media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Wenwen Wang (2): scsi: 3w-9xxx: fix a missing-check bug scsi: 3w-xxxx: fix a missing-check bug Will Deacon (1): arm64: cmpwait: Clear event register before arming exclusive monitor Wolfram Sang (3): watchdog: renesas-wdt: Add support for the R8A77965 WDT backlight: pwm_bl: Don't use GPIOF_* with gpiod_get_direction i2c: rcar: handle RXDMA HW behaviour on Gen3 Xi Wang (3): net: hns3: Fix for VF mailbox cannot receiving PF response net: hns3: Fix the missing client list node initialization net: hns3: Fix for hns3 module is loaded multiple times problem Xiang Chen (1): scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw Xiao Liang (1): xen-netfront: wait xenbus state change when load module manually Xinming Hu (1): mwifiex: correct histogram data with appropriate index Xose Vazquez Perez (1): scsi: scsi_dh: replace too broad "TP9" string with the exact models Yixun Lan (1): dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Yousuk Seung (1): tcp: refactor tcp_ecn_check_ce to remove sk type cast Yufen Yu (1): md: fix NULL dereference of mddev->pers in remove_and_add_spares() Yunlei He (1): f2fs: fix missing clear FI_NO_PREALLOC in some error case Yunsheng Lin (4): net: hns3: Fix for phy not link up problem after resetting net: hns3: Fix for service_task not running problem after resetting net: hns3: Fix for CMDQ and Misc. interrupt init order problem net: hns3: Fix for fiber link up problem Zhouyang Jia (2): ALSA: emu10k1: add error handling for snd_ctl_add ALSA: fm801: add error handling for snd_ctl_add tangpengpeng (1): net: fix amd-xgbe flow-control issue

7 years, 1 month

3
4
0 0

FAILED: patch "[PATCH] drm/atomic: Initialize variables in" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From de2d8db395c32d121d02871819444b631f73e0b6 Mon Sep 17 00:00:00 2001 From: Boris Brezillon <boris.brezillon(a)bootlin.com> Date: Tue, 24 Jul 2018 15:33:00 +0200 Subject: [PATCH] drm/atomic: Initialize variables in drm_atomic_helper_async_check() to make gcc happy drm_atomic_helper_async_check() declares the plane, old_plane_state and new_plane_state variables to iterate over all planes of the atomic state and make sure only one plane is enabled. Unfortunately gcc is not smart enough to figure out that the check on n_planes is enough to guarantee that plane, new_plane_state and old_plane_state are initialized. Explicitly initialize those variables to NULL to make gcc happy. Fixes: fef9df8b5945 ("drm/atomic: initial support for asynchronous plane update") Cc: <stable(a)vger.kernel.org> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> Reviewed-by: Sean Paul <seanpaul(a)chromium.org> Link: https://patchwork.freedesktop.org/patch/msgid/20180724133300.32023-1-boris.… diff --git a/drivers/gpu/drm/drm_atomic_helper.c b/drivers/gpu/drm/drm_atomic_helper.c index ff858b890045..81e32199d3ef 100644 --- a/drivers/gpu/drm/drm_atomic_helper.c +++ b/drivers/gpu/drm/drm_atomic_helper.c @@ -1510,8 +1510,9 @@ int drm_atomic_helper_async_check(struct drm_device *dev, { struct drm_crtc *crtc; struct drm_crtc_state *crtc_state; - struct drm_plane *plane; - struct drm_plane_state *old_plane_state, *new_plane_state; + struct drm_plane *plane = NULL; + struct drm_plane_state *old_plane_state = NULL; + struct drm_plane_state *new_plane_state = NULL; const struct drm_plane_helper_funcs *funcs; int i, n_planes = 0;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] drm/atomic: Check old_plane_state->crtc in" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 603ba2dfb338b307aebe95fe344c479a59b3a175 Mon Sep 17 00:00:00 2001 From: Boris Brezillon <boris.brezillon(a)bootlin.com> Date: Tue, 24 Jul 2018 15:32:15 +0200 Subject: [PATCH] drm/atomic: Check old_plane_state->crtc in drm_atomic_helper_async_check() Async plane update is supposed to work only when updating the FB or FB position of an already enabled plane. That does not apply to requests where the plane was previously disabled or assigned to a different CTRC. Check old_plane_state->crtc value to make sure async plane update is allowed. Fixes: fef9df8b5945 ("drm/atomic: initial support for asynchronous plane update") Cc: <stable(a)vger.kernel.org> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> Reviewed-by: Eric Anholt <eric(a)anholt.net> Link: https://patchwork.freedesktop.org/patch/msgid/20180724133215.31917-1-boris.… diff --git a/drivers/gpu/drm/drm_atomic_helper.c b/drivers/gpu/drm/drm_atomic_helper.c index 130da5195f3b..ff858b890045 100644 --- a/drivers/gpu/drm/drm_atomic_helper.c +++ b/drivers/gpu/drm/drm_atomic_helper.c @@ -1527,7 +1527,8 @@ int drm_atomic_helper_async_check(struct drm_device *dev, if (n_planes != 1) return -EINVAL; - if (!new_plane_state->crtc) + if (!new_plane_state->crtc || + old_plane_state->crtc != new_plane_state->crtc) return -EINVAL; funcs = plane->helper_private;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] media: rc: be less noisy when driver misbehaves" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 0ca54b29054151b7a52cbb8904732280afe5a302 Mon Sep 17 00:00:00 2001 From: Sean Young <sean(a)mess.org> Date: Tue, 26 Jun 2018 11:03:18 -0400 Subject: [PATCH] media: rc: be less noisy when driver misbehaves Since commit 48231f289e52 ("media: rc: drivers should produce alternate pulse and space timing events"), on meson-ir we are regularly producing errors. Reduce to warning level and only warn once to avoid flooding the log. A proper fix for meson-ir is going to be too large for v4.18. Signed-off-by: Sean Young <sean(a)mess.org> Cc: stable(a)vger.kernel.org # 4.17+ Tested-by: Jerome Brunet <jbrunet(a)baylibre.com> Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> diff --git a/drivers/media/rc/rc-ir-raw.c b/drivers/media/rc/rc-ir-raw.c index 2e0066b1a31c..e7948908e78c 100644 --- a/drivers/media/rc/rc-ir-raw.c +++ b/drivers/media/rc/rc-ir-raw.c @@ -30,13 +30,13 @@ static int ir_raw_event_thread(void *data) while (kfifo_out(&raw->kfifo, &ev, 1)) { if (is_timing_event(ev)) { if (ev.duration == 0) - dev_err(&dev->dev, "nonsensical timing event of duration 0"); + dev_warn_once(&dev->dev, "nonsensical timing event of duration 0"); if (is_timing_event(raw->prev_ev) && !is_transition(&ev, &raw->prev_ev)) - dev_err(&dev->dev, "two consecutive events of type %s", - TO_STR(ev.pulse)); + dev_warn_once(&dev->dev, "two consecutive events of type %s", + TO_STR(ev.pulse)); if (raw->prev_ev.reset && ev.pulse == 0) - dev_err(&dev->dev, "timing event after reset should be pulse"); + dev_warn_once(&dev->dev, "timing event after reset should be pulse"); } list_for_each_entry(handler, &ir_raw_handler_list, list) if (dev->enabled_protocols &

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] net: socket: Fix potential spectre v1 gadget in" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From e978de7a6d382ec378830ca2cf38e902df0b6d84 Mon Sep 17 00:00:00 2001 From: Jeremy Cline <jcline(a)redhat.com> Date: Fri, 27 Jul 2018 22:43:02 +0000 Subject: [PATCH] net: socket: Fix potential spectre v1 gadget in sock_is_registered 'family' can be a user-controlled value, so sanitize it after the bounds check to avoid speculative out-of-bounds access. Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: stable(a)vger.kernel.org Signed-off-by: Jeremy Cline <jcline(a)redhat.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> diff --git a/net/socket.c b/net/socket.c index 4ac3b834cce9..8c24d5dc4bc8 100644 --- a/net/socket.c +++ b/net/socket.c @@ -2690,7 +2690,8 @@ EXPORT_SYMBOL(sock_unregister); bool sock_is_registered(int family) { - return family < NPROTO && rcu_access_pointer(net_families[family]); + return family < NPROTO && + rcu_access_pointer(net_families[array_index_nospec(family, NPROTO)]); } static int __init sock_init(void)

7 years, 1 month

1
0
0 0

[PATCHES] Networking

by David Miller

Please queue up the following networking bug fixes for v4.14.x and v4.17.x -stable, respectively. Thank you.

7 years, 1 month

2
1
0 0

build error in v3.18.y.stable-queue

by Guenter Roeck

net/ipv4/fib_frontend.c: In function ‘fib_compute_spec_dst’: net/ipv4/fib_frontend.c:225:3: error: expected expression before ‘if’ if (!fib_lookup(net, &fl4, &res)) Looking into the source, it is indeed bad. fl4.flowi4_mark = vmark ? skb->mark : 0, if (!fib_lookup(net, &fl4, &res)) return FIB_RES_PREFSRC(net, res); Guenter

7 years, 1 month

2
1
0 0

loan and investment

by Rai Exchanges

reetings, I represent business group in Middle East looking for projects to fund; we seek any business that will guaranty a safe and secure return on investments. Alternative powers, movies, start up companies etc. We are also looking for commercial building projects, hotels, casino, strip malls etc. If you have a project that differs from these and current budget is over $40M, Write us and Provide Executive Summary and project details. (a)100% financing is available. (b)Possible JV partnerships or 100% loans. (c)Project must be over $20M total budget. I look forward to your reply, Sir Abraham james, Sahara Petrochems Ltd (abrahamjames377(a)gmail.com)

7 years, 1 month

1
0
0 0

Loan and investment

by Tajick Ali

Greetings, I represent business group in Middle East looking for projects to fund; we seek any business that will guaranty a safe and secure return on investments. Alternative powers, movies, start up companies etc. We are also looking for commercial building projects, hotels, casino, strip malls etc. If you have a project that differs from these and current budget is over $40M, Write us and Provide Executive Summary and project details. (a)100% financing is available. (b)Possible JV partnerships or 100% loans. (c)Project must be over $20M total budget. I look forward to your reply, Sir Abraham Oded Sahara Petrochems Ltd odoabraham5(a)gmail.com

7 years, 1 month

1
0
0 0

[PATCH] stop_machine: Atomically queue and wake stopper threads

by Isaac J. Manjarres

From: Prasad Sodagudi <psodagud(a)codeaurora.org> When cpu_stop_queue_work() releases the lock for the stopper thread that was queued into its wake queue, preemption is enabled, which leads to the following deadlock: CPU0 CPU1 sched_setaffinity(0, ...) __set_cpus_allowed_ptr() stop_one_cpu(0, ...) stop_two_cpus(0, 1, ...) cpu_stop_queue_work(0, ...) cpu_stop_queue_two_works(0, ..., 1, ...) -grabs lock for migration/0- -spins with preemption disabled, waiting for migration/0's lock to be released- -adds work items for migration/0 and queues migration/0 to its wake_q- -releases lock for migration/0 and preemption is enabled- -current thread is preempted, and __set_cpus_allowed_ptr has changed the thread's cpu allowed mask to CPU1 only- -acquires migration/0 and migration/1's locks- -adds work for migration/0 but does not add migration/0 to wake_q, since it is already in a wake_q- -adds work for migration/1 and adds migration/1 to its wake_q- -releases migration/0 and migration/1's locks, wakes migration/1, and enables preemption- -since migration/1 is requested to run, migration/1 begins to run and waits on migration/0, but migration/0 will never be able to run, since the thread that can wake it is affine to CPU1- Disable preemption in cpu_stop_queue_work() before queueing works for stopper threads, and queueing the stopper thread in the wake queue, to ensure that the operation of queueing the works and waking the stopper threads is atomic. Fixes: 0b26351b910f ("stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock") Co-Developed-by: Isaac J. Manjarres <isaacm(a)codeaurora.org> Signed-off-by: Prasad Sodagudi <psodagud(a)codeaurora.org> Signed-off-by: Isaac J. Manjarres <isaacm(a)codeaurora.org> Cc: stable(a)vger.kernel.org --- kernel/stop_machine.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel/stop_machine.c b/kernel/stop_machine.c index 34b6652..067cb83 100644 --- a/kernel/stop_machine.c +++ b/kernel/stop_machine.c @@ -81,6 +81,7 @@ static bool cpu_stop_queue_work(unsigned int cpu, struct cpu_stop_work *work) unsigned long flags; bool enabled; + preempt_disable(); raw_spin_lock_irqsave(&stopper->lock, flags); enabled = stopper->enabled; if (enabled) @@ -90,6 +91,7 @@ static bool cpu_stop_queue_work(unsigned int cpu, struct cpu_stop_work *work) raw_spin_unlock_irqrestore(&stopper->lock, flags); wake_up_q(&wakeq); + preempt_enable(); return enabled; } -- The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum, a Linux Foundation Collaborative Project

7 years, 1 month

1
0
0 0

[PATCH v4.14 1/2] nvme-pci: allocate device queues storage space at probe

by Jon Derrick

Commit 147b27e4bd08406a6abebedbb478b431ec197be1 upstream It may cause race by setting 'nvmeq' in nvme_init_request() because .init_request is called inside switching io scheduler, which may happen when the NVMe device is being resetted and its nvme queues are being freed and created. We don't have any sync between the two pathes. This patch changes the nvmeq allocation to occur at probe time so there is no way we can dereference it at init_request. [ 93.268391] kernel BUG at drivers/nvme/host/pci.c:408! [ 93.274146] invalid opcode: 0000 [#1] SMP [ 93.278618] Modules linked in: nfsv3 nfs_acl rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache sunrpc ipmi_ssif vfat fat intel_rapl sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel iTCO_wdt intel_cstate ipmi_si iTCO_vendor_support intel_uncore mxm_wmi mei_me ipmi_devintf intel_rapl_perf pcspkr sg ipmi_msghandler lpc_ich dcdbas mei shpchp acpi_power_meter wmi dm_multipath ip_tables xfs libcrc32c sd_mod mgag200 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm ahci libahci nvme libata crc32c_intel nvme_core tg3 megaraid_sas ptp i2c_core pps_core dm_mirror dm_region_hash dm_log dm_mod [ 93.349071] CPU: 5 PID: 1842 Comm: sh Not tainted 4.15.0-rc2.ming+ #4 [ 93.356256] Hardware name: Dell Inc. PowerEdge R730xd/072T6D, BIOS 2.5.5 08/16/2017 [ 93.364801] task: 00000000fb8abf2a task.stack: 0000000028bd82d1 [ 93.371408] RIP: 0010:nvme_init_request+0x36/0x40 [nvme] [ 93.377333] RSP: 0018:ffffc90002537ca8 EFLAGS: 00010246 [ 93.383161] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000008 [ 93.391122] RDX: 0000000000000000 RSI: ffff880276ae0000 RDI: ffff88047bae9008 [ 93.399084] RBP: ffff88047bae9008 R08: ffff88047bae9008 R09: 0000000009dabc00 [ 93.407045] R10: 0000000000000004 R11: 000000000000299c R12: ffff880186bc1f00 [ 93.415007] R13: ffff880276ae0000 R14: 0000000000000000 R15: 0000000000000071 [ 93.422969] FS: 00007f33cf288740(0000) GS:ffff88047ba80000(0000) knlGS:0000000000000000 [ 93.431996] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.438407] CR2: 00007f33cf28e000 CR3: 000000047e5bb006 CR4: 00000000001606e0 [ 93.446368] Call Trace: [ 93.449103] blk_mq_alloc_rqs+0x231/0x2a0 [ 93.453579] blk_mq_sched_alloc_tags.isra.8+0x42/0x80 [ 93.459214] blk_mq_init_sched+0x7e/0x140 [ 93.463687] elevator_switch+0x5a/0x1f0 [ 93.467966] ? elevator_get.isra.17+0x52/0xc0 [ 93.472826] elv_iosched_store+0xde/0x150 [ 93.477299] queue_attr_store+0x4e/0x90 [ 93.481580] kernfs_fop_write+0xfa/0x180 [ 93.485958] __vfs_write+0x33/0x170 [ 93.489851] ? __inode_security_revalidate+0x4c/0x60 [ 93.495390] ? selinux_file_permission+0xda/0x130 [ 93.500641] ? _cond_resched+0x15/0x30 [ 93.504815] vfs_write+0xad/0x1a0 [ 93.508512] SyS_write+0x52/0xc0 [ 93.512113] do_syscall_64+0x61/0x1a0 [ 93.516199] entry_SYSCALL64_slow_path+0x25/0x25 [ 93.521351] RIP: 0033:0x7f33ce96aab0 [ 93.525337] RSP: 002b:00007ffe57570238 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 93.533785] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f33ce96aab0 [ 93.541746] RDX: 0000000000000006 RSI: 00007f33cf28e000 RDI: 0000000000000001 [ 93.549707] RBP: 00007f33cf28e000 R08: 000000000000000a R09: 00007f33cf288740 [ 93.557669] R10: 00007f33cf288740 R11: 0000000000000246 R12: 00007f33cec42400 [ 93.565630] R13: 0000000000000006 R14: 0000000000000001 R15: 0000000000000000 [ 93.573592] Code: 4c 8d 40 08 4c 39 c7 74 16 48 8b 00 48 8b 04 08 48 85 c0 74 16 48 89 86 78 01 00 00 31 c0 c3 8d 4a 01 48 63 c9 48 c1 e1 03 eb de <0f> 0b 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 85 f6 53 48 89 [ 93.594676] RIP: nvme_init_request+0x36/0x40 [nvme] RSP: ffffc90002537ca8 [ 93.602273] ---[ end trace 810dde3993e5f14e ]--- CC: Yi Zhang <yi.zhang(a)redhat.com> CC: Sagi Grimberg <sagi(a)grimberg.me> CC: Christoph Hellwig <hch(a)lst.de> CC: Keith Busch <keith.busch(a)intel.com> Signed-off-by: Jon Derrick <jonathan.derrick(a)intel.com> --- drivers/nvme/host/pci.c | 61 ++++++++++++++++++++----------------------------- 1 file changed, 25 insertions(+), 36 deletions(-) diff --git a/drivers/nvme/host/pci.c b/drivers/nvme/host/pci.c index 4cac475..51e8589 100644 --- a/drivers/nvme/host/pci.c +++ b/drivers/nvme/host/pci.c @@ -77,7 +77,7 @@ * Represents an NVM Express device. Each nvme_dev is a PCI function. */ struct nvme_dev { - struct nvme_queue **queues; + struct nvme_queue *queues; struct blk_mq_tag_set tagset; struct blk_mq_tag_set admin_tagset; u32 __iomem *dbs; @@ -348,7 +348,7 @@ static int nvme_admin_init_hctx(struct blk_mq_hw_ctx *hctx, void *data, unsigned int hctx_idx) { struct nvme_dev *dev = data; - struct nvme_queue *nvmeq = dev->queues[0]; + struct nvme_queue *nvmeq = &dev->queues[0]; WARN_ON(hctx_idx != 0); WARN_ON(dev->admin_tagset.tags[0] != hctx->tags); @@ -370,7 +370,7 @@ static int nvme_init_hctx(struct blk_mq_hw_ctx *hctx, void *data, unsigned int hctx_idx) { struct nvme_dev *dev = data; - struct nvme_queue *nvmeq = dev->queues[hctx_idx + 1]; + struct nvme_queue *nvmeq = &dev->queues[hctx_idx + 1]; if (!nvmeq->tags) nvmeq->tags = &dev->tagset.tags[hctx_idx]; @@ -386,7 +386,7 @@ static int nvme_init_request(struct blk_mq_tag_set *set, struct request *req, struct nvme_dev *dev = set->driver_data; struct nvme_iod *iod = blk_mq_rq_to_pdu(req); int queue_idx = (set == &dev->tagset) ? hctx_idx + 1 : 0; - struct nvme_queue *nvmeq = dev->queues[queue_idx]; + struct nvme_queue *nvmeq = &dev->queues[queue_idx]; BUG_ON(!nvmeq); iod->nvmeq = nvmeq; @@ -900,7 +900,7 @@ static int nvme_poll(struct blk_mq_hw_ctx *hctx, unsigned int tag) static void nvme_pci_submit_async_event(struct nvme_ctrl *ctrl, int aer_idx) { struct nvme_dev *dev = to_nvme_dev(ctrl); - struct nvme_queue *nvmeq = dev->queues[0]; + struct nvme_queue *nvmeq = &dev->queues[0]; struct nvme_command c; memset(&c, 0, sizeof(c)); @@ -1146,7 +1146,6 @@ static void nvme_free_queue(struct nvme_queue *nvmeq) if (nvmeq->sq_cmds) dma_free_coherent(nvmeq->q_dmadev, SQ_SIZE(nvmeq->q_depth), nvmeq->sq_cmds, nvmeq->sq_dma_addr); - kfree(nvmeq); } static void nvme_free_queues(struct nvme_dev *dev, int lowest) @@ -1154,10 +1153,8 @@ static void nvme_free_queues(struct nvme_dev *dev, int lowest) int i; for (i = dev->ctrl.queue_count - 1; i >= lowest; i--) { - struct nvme_queue *nvmeq = dev->queues[i]; dev->ctrl.queue_count--; - dev->queues[i] = NULL; - nvme_free_queue(nvmeq); + nvme_free_queue(&dev->queues[i]); } } @@ -1189,10 +1186,8 @@ static int nvme_suspend_queue(struct nvme_queue *nvmeq) static void nvme_disable_admin_queue(struct nvme_dev *dev, bool shutdown) { - struct nvme_queue *nvmeq = dev->queues[0]; + struct nvme_queue *nvmeq = &dev->queues[0]; - if (!nvmeq) - return; if (nvme_suspend_queue(nvmeq)) return; @@ -1246,13 +1241,10 @@ static int nvme_alloc_sq_cmds(struct nvme_dev *dev, struct nvme_queue *nvmeq, return 0; } -static struct nvme_queue *nvme_alloc_queue(struct nvme_dev *dev, int qid, - int depth, int node) +static int nvme_alloc_queue(struct nvme_dev *dev, int qid, + int depth, int node) { - struct nvme_queue *nvmeq = kzalloc_node(sizeof(*nvmeq), GFP_KERNEL, - node); - if (!nvmeq) - return NULL; + struct nvme_queue *nvmeq = &dev->queues[qid]; nvmeq->cqes = dma_zalloc_coherent(dev->dev, CQ_SIZE(depth), &nvmeq->cq_dma_addr, GFP_KERNEL); @@ -1271,17 +1263,15 @@ static struct nvme_queue *nvme_alloc_queue(struct nvme_dev *dev, int qid, nvmeq->q_depth = depth; nvmeq->qid = qid; nvmeq->cq_vector = -1; - dev->queues[qid] = nvmeq; dev->ctrl.queue_count++; - return nvmeq; + return 0; free_cqdma: dma_free_coherent(dev->dev, CQ_SIZE(depth), (void *)nvmeq->cqes, nvmeq->cq_dma_addr); free_nvmeq: - kfree(nvmeq); - return NULL; + return -ENOMEM; } static int queue_request_irq(struct nvme_queue *nvmeq) @@ -1468,14 +1458,12 @@ static int nvme_pci_configure_admin_queue(struct nvme_dev *dev) if (result < 0) return result; - nvmeq = dev->queues[0]; - if (!nvmeq) { - nvmeq = nvme_alloc_queue(dev, 0, NVME_AQ_DEPTH, - dev_to_node(dev->dev)); - if (!nvmeq) - return -ENOMEM; - } + result = nvme_alloc_queue(dev, 0, NVME_AQ_DEPTH, + dev_to_node(dev->dev)); + if (result) + return result; + nvmeq = &dev->queues[0]; aqa = nvmeq->q_depth - 1; aqa |= aqa << 16; @@ -1505,7 +1493,7 @@ static int nvme_create_io_queues(struct nvme_dev *dev) for (i = dev->ctrl.queue_count; i <= dev->max_qid; i++) { /* vector == qid - 1, match nvme_create_queue */ - if (!nvme_alloc_queue(dev, i, dev->q_depth, + if (nvme_alloc_queue(dev, i, dev->q_depth, pci_irq_get_node(to_pci_dev(dev->dev), i - 1))) { ret = -ENOMEM; break; @@ -1514,7 +1502,7 @@ static int nvme_create_io_queues(struct nvme_dev *dev) max = min(dev->max_qid, dev->ctrl.queue_count - 1); for (i = dev->online_queues; i <= max; i++) { - ret = nvme_create_queue(dev->queues[i], i); + ret = nvme_create_queue(&dev->queues[i], i); if (ret) break; } @@ -1770,7 +1758,7 @@ static int nvme_setup_host_mem(struct nvme_dev *dev) static int nvme_setup_io_queues(struct nvme_dev *dev) { - struct nvme_queue *adminq = dev->queues[0]; + struct nvme_queue *adminq = &dev->queues[0]; struct pci_dev *pdev = to_pci_dev(dev->dev); int result, nr_io_queues; unsigned long size; @@ -1896,7 +1884,7 @@ static void nvme_disable_io_queues(struct nvme_dev *dev, int queues) retry: timeout = ADMIN_TIMEOUT; for (; i > 0; i--, sent++) - if (nvme_delete_queue(dev->queues[i], opcode)) + if (nvme_delete_queue(&dev->queues[i], opcode)) break; while (sent--) { @@ -2081,7 +2069,7 @@ static void nvme_dev_disable(struct nvme_dev *dev, bool shutdown) queues = dev->online_queues - 1; for (i = dev->ctrl.queue_count - 1; i > 0; i--) - nvme_suspend_queue(dev->queues[i]); + nvme_suspend_queue(&dev->queues[i]); if (dead) { /* A device might become IO incapable very soon during @@ -2089,7 +2077,7 @@ static void nvme_dev_disable(struct nvme_dev *dev, bool shutdown) * queue_count can be 0 here. */ if (dev->ctrl.queue_count) - nvme_suspend_queue(dev->queues[0]); + nvme_suspend_queue(&dev->queues[0]); } else { nvme_disable_io_queues(dev, queues); nvme_disable_admin_queue(dev, shutdown); @@ -2345,7 +2333,8 @@ static int nvme_probe(struct pci_dev *pdev, const struct pci_device_id *id) dev = kzalloc_node(sizeof(*dev), GFP_KERNEL, node); if (!dev) return -ENOMEM; - dev->queues = kzalloc_node((num_possible_cpus() + 1) * sizeof(void *), + + dev->queues = kzalloc_node((num_possible_cpus() + 1) * sizeof(struct nvme_queue), GFP_KERNEL, node); if (!dev->queues) goto free; -- 1.8.3.1

7 years, 1 month

1
1
0 0

[merged] userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails has been removed from the -mm tree. Its filename was userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Subject: userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails The fix in 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") cleared the vma->vm_userfaultfd_ctx but kept userfaultfd flags in vma->vm_flags that were copied from the parent process VMA. As the result, there is an inconsistency between the values of vma->vm_userfaultfd_ctx.ctx and vma->vm_flags which triggers BUG_ON in userfaultfd_release(). Clearing the uffd flags from vma->vm_flags in case of UFFD_EVENT_FORK failure resolves the issue. Link: http://lkml.kernel.org/r/1532931975-25473-1-git-send-email-rppt@linux.vnet.… Fixes: 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") Signed-off-by: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Reported-by: syzbot+121be635a7a35ddb7dcb(a)syzkaller.appspotmail.com Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Eric Biggers <ebiggers3(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/userfaultfd.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/fs/userfaultfd.c~userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails +++ a/fs/userfaultfd.c @@ -633,8 +633,10 @@ static void userfaultfd_event_wait_compl /* the various vma->vm_userfaultfd_ctx still points to it */ down_write(&mm->mmap_sem); for (vma = mm->mmap; vma; vma = vma->vm_next) - if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) + if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) { vma->vm_userfaultfd_ctx = NULL_VM_UFFD_CTX; + vma->vm_flags &= ~(VM_UFFD_WP | VM_UFFD_MISSING); + } up_write(&mm->mmap_sem); userfaultfd_ctx_put(release_new_ctx); _ Patches currently in -mm which might be from rppt(a)linux.vnet.ibm.com are mm-make-deferred_struct_page_init-explicitly-depend-on-sparsemem.patch mm-memblock-replace-u64-with-phys_addr_t-where-appropriate.patch mm-mempool-add-missing-parameter-description.patch mm-util-make-strndup_user-description-a-kernel-doc-comment.patch mm-util-add-kernel-doc-for-kvfree.patch docs-core-api-kill-trailing-whitespace-in-kernel-apirst.patch docs-core-api-move-strmemdup-to-string-manipulation.patch docs-core-api-split-memory-management-api-to-a-separate-file.patch docs-mm-make-gfp-flags-descriptions-usable-as-kernel-doc.patch docs-core-api-mm-api-add-section-about-gfp-flags.patch

7 years, 1 month

1
0
0 0

[merged] ipc-shmc-add-pagesize-function-to-shm_vm_ops.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: ipc/shm.c add ->pagesize function to shm_vm_ops has been removed from the -mm tree. Its filename was ipc-shmc-add-pagesize-function-to-shm_vm_ops.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Jane Chu <jane.chu(a)oracle.com> Subject: ipc/shm.c add ->pagesize function to shm_vm_ops 05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") adds a new ->pagesize() function to hugetlb_vm_ops, intended to cover all hugetlbfs backed files. With System V shared memory model, if "huge page" is specified, the "shared memory" is backed by hugetlbfs files, but the mappings initiated via shmget/shmat have their original vm_ops overwritten with shm_vm_ops, so we need to add a ->pagesize function to shm_vm_ops. Otherwise, vma_kernel_pagesize() returns PAGE_SIZE given a hugetlbfs backed vma, result in below BUG: fs/hugetlbfs/inode.c 443 if (unlikely(page_mapped(page))) { 444 BUG_ON(truncate_op); [ 242.268342] hugetlbfs: oracle (4592): Using mlock ulimits for SHM_HUGETLB is deprecated [ 282.653208] ------------[ cut here ]------------ [ 282.708447] kernel BUG at fs/hugetlbfs/inode.c:444! [ 282.818957] Modules linked in: nfsv3 rpcsec_gss_krb5 nfsv4 ... [ 284.025873] CPU: 35 PID: 5583 Comm: oracle_5583_sbt Not tainted 4.14.35-1829.el7uek.x86_64 #2 [ 284.246609] task: ffff9bf0507aaf80 task.stack: ffffa9e625628000 [ 284.317455] RIP: 0010:remove_inode_hugepages+0x3db/0x3e2 .... [ 285.292389] Call Trace: [ 285.321630] hugetlbfs_evict_inode+0x1e/0x3e [ 285.372707] evict+0xdb/0x1af [ 285.408185] iput+0x1a2/0x1f7 [ 285.443661] dentry_unlink_inode+0xc6/0xf0 [ 285.492661] __dentry_kill+0xd8/0x18d [ 285.536459] dput+0x1b5/0x1ed [ 285.571939] __fput+0x18b/0x216 [ 285.609495] ____fput+0xe/0x10 [ 285.646030] task_work_run+0x90/0xa7 [ 285.688788] exit_to_usermode_loop+0xdd/0x116 [ 285.740905] do_syscall_64+0x187/0x1ae [ 285.785740] entry_SYSCALL_64_after_hwframe+0x150/0x0 Link: http://lkml.kernel.org/r/20180727211727.5020-1-jane.chu@oracle.com Fixes: 05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") Signed-off-by: Jane Chu <jane.chu(a)oracle.com> Suggested-by: Mike Kravetz <mike.kravetz(a)oracle.com> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Davidlohr Bueso <dave(a)stgolabs.net> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: Jan Kara <jack(a)suse.cz> Cc: Jérôme Glisse <jglisse(a)redhat.com> Cc: Manfred Spraul <manfred(a)colorfullife.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/mm.h | 7 +++++++ ipc/shm.c | 12 ++++++++++++ 2 files changed, 19 insertions(+) --- a/include/linux/mm.h~ipc-shmc-add-pagesize-function-to-shm_vm_ops +++ a/include/linux/mm.h @@ -389,6 +389,13 @@ enum page_entry_size { * These are the virtual MM functions - opening of an area, closing and * unmapping it (needed to keep files on disk up-to-date etc), pointer * to the functions called when a no-page or a wp-page exception occurs. + * + * Note, when a new function is introduced to vm_operations_struct and + * added to hugetlb_vm_ops, please consider adding the function to + * shm_vm_ops. This is because under System V memory model, though + * mappings created via shmget/shmat with "huge page" specified are + * backed by hugetlbfs files, their original vm_ops are overwritten with + * shm_vm_ops. */ struct vm_operations_struct { void (*open)(struct vm_area_struct * area); --- a/ipc/shm.c~ipc-shmc-add-pagesize-function-to-shm_vm_ops +++ a/ipc/shm.c @@ -427,6 +427,17 @@ static int shm_split(struct vm_area_stru return 0; } +static unsigned long shm_pagesize(struct vm_area_struct *vma) +{ + struct file *file = vma->vm_file; + struct shm_file_data *sfd = shm_file_data(file); + + if (sfd->vm_ops->pagesize) + return sfd->vm_ops->pagesize(vma); + + return PAGE_SIZE; +} + #ifdef CONFIG_NUMA static int shm_set_policy(struct vm_area_struct *vma, struct mempolicy *new) { @@ -554,6 +565,7 @@ static const struct vm_operations_struct .close = shm_close, /* callback for when the vm-area is released */ .fault = shm_fault, .split = shm_split, + .pagesize = shm_pagesize, #if defined(CONFIG_NUMA) .set_policy = shm_set_policy, .get_policy = shm_get_policy, _ Patches currently in -mm which might be from jane.chu(a)oracle.com are

7 years, 1 month

1
0
0 0

Request for backport 35a2897c2a to 4.9 branch

by David Chen

Hi all, We'd like to have the following commit backport to 4.9 branch to fix an issue we are seeing. 35a2897c2a306cca344ca5c0b43416707018f434 sched/wait: Remove the lockless swait_active() check in swake_up*() In 4.9 branch, we hit an issue in RCU, where the NOCB follower list not getting reclaimed and causing OOM. In discussion with Paul, we were able to figure out the problem was because of missed wake up resulted from lack of proper memory barrier between setting wake up condition and swake_up(). nocb_leader_wait() { *tail = rdp->nocb_gp_head; smp_mb__after_atomic(); /* Store *tail before wakeup. */ if (rdp != my_rdp && tail == &rdp->nocb_follower_head) { swake_up(&rdp->nocb_wq); Note, that the smp_mb__after_atomic() is only a compiler barrier on x86. Originally I was going to change the barrier to smp_mb(). But then I found out master has the above mentioned patch that solves the same class of problem by removing the lockless check inside swake_up(). So I'm wonder if we can backport this patch to 4.9 branch to solve this issue, and maybe solve other potential missed wake up issue as well. Thanks, David

7 years, 1 month

2
1
0 0

[PATCH] 4.9 backport of "pinctrl: intel: Read back TX buffer state"

by Anthony de Boer

Greetings. I'd like to request a backport/cherry-pick of an existing patch from the Linus tree onto the linux-4.9.y tree as I'm helping some folk try to get Debian-stable-vintage Linux running on an instance of the affected hardware. Without this patch the GPIO pins don't function, but with the cherry-picked patch they come to life. The commit is d68b42e30bbacd24354d644f430d088435b15e83 in the mainline Linux tree and it applied cleanly to the linux-4.9.y tree as of 4.9.115 (dbcdf42bab53d219caa51bcfe54c8b9066010290); I include a copy of it for reference. Thanks. --- >From d68b42e30bbacd24354d644f430d088435b15e83 Mon Sep 17 00:00:00 2001 From: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Date: Thu, 24 Aug 2017 11:19:33 +0300 Subject: [PATCH] pinctrl: intel: Read back TX buffer state In the same way as it's done in pinctrl-cherryview.c we would provide a readback TX buffer state. Fixes: 17fab473693 ("pinctrl: intel: Set pin direction properly") Reported-by: "Bourque, Francis" <francis.bourque(a)intel.com> Signed-off-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Acked-by: Mika Westerberg <mika.westerberg(a)linux.intel.com> Tested-by: "Bourque, Francis" <francis.bourque(a)intel.com> Signed-off-by: Linus Walleij <linus.walleij(a)linaro.org> --- drivers/pinctrl/intel/pinctrl-intel.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/pinctrl/intel/pinctrl-intel.c b/drivers/pinctrl/intel/pinctrl-intel.c index ac806891ff81..71df0f70b61f 100644 --- a/drivers/pinctrl/intel/pinctrl-intel.c +++ b/drivers/pinctrl/intel/pinctrl-intel.c @@ -751,12 +751,17 @@ static int intel_gpio_get(struct gpio_chip *chip, unsigned offset) { struct intel_pinctrl *pctrl = gpiochip_get_data(chip); void __iomem *reg; + u32 padcfg0; reg = intel_get_padcfg(pctrl, offset, PADCFG0); if (!reg) return -EINVAL; - return !!(readl(reg) & PADCFG0_GPIORXSTATE); + padcfg0 = readl(reg); + if (!(padcfg0 & PADCFG0_GPIOTXDIS)) + return !!(padcfg0 & PADCFG0_GPIOTXSTATE); + + return !!(padcfg0 & PADCFG0_GPIORXSTATE); } static void intel_gpio_set(struct gpio_chip *chip, unsigned offset, int value) -- 2.11.0 -- Anthony de Boer

7 years, 1 month

2
1
0 0

[PATCH] sr: Avoid that opening a CD-ROM hangs with runtime power management enabled

by Bart Van Assche

Surround scsi_execute() calls with scsi_autopm_get_device() and scsi_autopm_put_device(). Note: removing sr_mutex protection from the scsi_cd_get() and scsi_cd_put() calls is safe because the purpose of sr_mutex is to serialize cdrom_*() calls. This patch avoids that complaints similar to the following appear in the kernel log if runtime power management is enabled: INFO: task systemd-udevd:650 blocked for more than 120 seconds. Not tainted 4.18.0-rc7-dbg+ #1 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. systemd-udevd D28176 650 513 0x00000104 Call Trace: __schedule+0x444/0xfe0 schedule+0x4e/0xe0 schedule_preempt_disabled+0x18/0x30 __mutex_lock+0x41c/0xc70 mutex_lock_nested+0x1b/0x20 __blkdev_get+0x106/0x970 blkdev_get+0x22c/0x5a0 blkdev_open+0xe9/0x100 do_dentry_open.isra.19+0x33e/0x570 vfs_open+0x7c/0xd0 path_openat+0x6e3/0x1120 do_filp_open+0x11c/0x1c0 do_sys_open+0x208/0x2d0 __x64_sys_openat+0x59/0x70 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Maurizio Lombardi <mlombard(a)redhat.com> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: Alan Stern <stern(a)rowland.harvard.edu> Cc: <stable(a)vger.kernel.org> --- drivers/scsi/sr.c | 29 +++++++++++++++++++++-------- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/drivers/scsi/sr.c b/drivers/scsi/sr.c index 3f3cb72e0c0c..d0389b20574d 100644 --- a/drivers/scsi/sr.c +++ b/drivers/scsi/sr.c @@ -523,18 +523,26 @@ static int sr_init_command(struct scsi_cmnd *SCpnt) static int sr_block_open(struct block_device *bdev, fmode_t mode) { struct scsi_cd *cd; + struct scsi_device *sdev; int ret = -ENXIO; + cd = scsi_cd_get(bdev->bd_disk); + if (!cd) + goto out; + + sdev = cd->device; + scsi_autopm_get_device(sdev); check_disk_change(bdev); mutex_lock(&sr_mutex); - cd = scsi_cd_get(bdev->bd_disk); - if (cd) { - ret = cdrom_open(&cd->cdi, bdev, mode); - if (ret) - scsi_cd_put(cd); - } + ret = cdrom_open(&cd->cdi, bdev, mode); mutex_unlock(&sr_mutex); + + scsi_autopm_put_device(sdev); + if (ret) + scsi_cd_put(cd); + +out: return ret; } @@ -562,6 +570,8 @@ static int sr_block_ioctl(struct block_device *bdev, fmode_t mode, unsigned cmd, if (ret) goto out; + scsi_autopm_get_device(sdev); + /* * Send SCSI addressing ioctls directly to mid level, send other * ioctls to cdrom/block level. @@ -570,15 +580,18 @@ static int sr_block_ioctl(struct block_device *bdev, fmode_t mode, unsigned cmd, case SCSI_IOCTL_GET_IDLUN: case SCSI_IOCTL_GET_BUS_NUMBER: ret = scsi_ioctl(sdev, cmd, argp); - goto out; + goto put; } ret = cdrom_ioctl(&cd->cdi, bdev, mode, cmd, arg); if (ret != -ENOSYS) - goto out; + goto put; ret = scsi_ioctl(sdev, cmd, argp); +put: + scsi_autopm_put_device(sdev); + out: mutex_unlock(&sr_mutex); return ret; -- 2.18.0

7 years, 1 month

3
3
0 0

[PATCH] IB/hfi1: Fix incorrect mixing of ERR_PTR and NULL return values

by Mike Marciniszyn

From: Michael J. Ruhl <michael.j.ruhl(a)intel.com> commit b697d7d8c741f27b728a878fc55852b06d0f6f5e upstream. The __get_txreq() function can return a pointer, ERR_PTR(-EBUSY), or NULL. All of the relevant call sites look for IS_ERR, so the NULL return would lead to a NULL pointer exception. Do not use the ERR_PTR mechanism for this function. Update all call sites to handle the return value correctly. Clean up error paths to reflect return value. Adjusted patch for the 4.9.x branch. Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com> Reviewed-by: Mike Marciniszyn <mike.marciniszyn(a)intel.com> Reviewed-by: Kamenee Arumugam <kamenee.arumugam(a)intel.com> Signed-off-by: Michael J. Ruhl <michael.j.ruhl(a)intel.com> Signed-off-by: Dennis Dalessandro <dennis.dalessandro(a)intel.com> --- drivers/infiniband/hw/hfi1/rc.c | 2 +- drivers/infiniband/hw/hfi1/uc.c | 4 ++-- drivers/infiniband/hw/hfi1/ud.c | 4 ++-- drivers/infiniband/hw/hfi1/verbs_txreq.c | 4 ++-- drivers/infiniband/hw/hfi1/verbs_txreq.h | 4 ++-- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/infiniband/hw/hfi1/rc.c b/drivers/infiniband/hw/hfi1/rc.c index 613074e..e8e0fa5 100644 --- a/drivers/infiniband/hw/hfi1/rc.c +++ b/drivers/infiniband/hw/hfi1/rc.c @@ -397,7 +397,7 @@ int hfi1_make_rc_req(struct rvt_qp *qp, struct hfi1_pkt_state *ps) lockdep_assert_held(&qp->s_lock); ps->s_txreq = get_txreq(ps->dev, qp); - if (IS_ERR(ps->s_txreq)) + if (!ps->s_txreq) goto bail_no_tx; ohdr = &ps->s_txreq->phdr.hdr.u.oth; diff --git a/drivers/infiniband/hw/hfi1/uc.c b/drivers/infiniband/hw/hfi1/uc.c index 5e6d1ba..de21128 100644 --- a/drivers/infiniband/hw/hfi1/uc.c +++ b/drivers/infiniband/hw/hfi1/uc.c @@ -1,5 +1,5 @@ /* - * Copyright(c) 2015, 2016 Intel Corporation. + * Copyright(c) 2015 - 2018 Intel Corporation. * * This file is provided under a dual BSD/GPLv2 license. When using or * redistributing this file, you may do so under either license. @@ -72,7 +72,7 @@ int hfi1_make_uc_req(struct rvt_qp *qp, struct hfi1_pkt_state *ps) int middle = 0; ps->s_txreq = get_txreq(ps->dev, qp); - if (IS_ERR(ps->s_txreq)) + if (!ps->s_txreq) goto bail_no_tx; if (!(ib_rvt_state_ops[qp->state] & RVT_PROCESS_SEND_OK)) { diff --git a/drivers/infiniband/hw/hfi1/ud.c b/drivers/infiniband/hw/hfi1/ud.c index 97ae24b..1a7ce1d 100644 --- a/drivers/infiniband/hw/hfi1/ud.c +++ b/drivers/infiniband/hw/hfi1/ud.c @@ -1,5 +1,5 @@ /* - * Copyright(c) 2015, 2016 Intel Corporation. + * Copyright(c) 2015 - 2018 Intel Corporation. * * This file is provided under a dual BSD/GPLv2 license. When using or * redistributing this file, you may do so under either license. @@ -285,7 +285,7 @@ int hfi1_make_ud_req(struct rvt_qp *qp, struct hfi1_pkt_state *ps) u8 sc5; ps->s_txreq = get_txreq(ps->dev, qp); - if (IS_ERR(ps->s_txreq)) + if (!ps->s_txreq) goto bail_no_tx; if (!(ib_rvt_state_ops[qp->state] & RVT_PROCESS_NEXT_SEND_OK)) { diff --git a/drivers/infiniband/hw/hfi1/verbs_txreq.c b/drivers/infiniband/hw/hfi1/verbs_txreq.c index 094ab82..d8a5bad 100644 --- a/drivers/infiniband/hw/hfi1/verbs_txreq.c +++ b/drivers/infiniband/hw/hfi1/verbs_txreq.c @@ -1,5 +1,5 @@ /* - * Copyright(c) 2016 Intel Corporation. + * Copyright(c) 2016 - 2018 Intel Corporation. * * This file is provided under a dual BSD/GPLv2 license. When using or * redistributing this file, you may do so under either license. @@ -94,7 +94,7 @@ struct verbs_txreq *__get_txreq(struct hfi1_ibdev *dev, struct rvt_qp *qp) __must_hold(&qp->s_lock) { - struct verbs_txreq *tx = ERR_PTR(-EBUSY); + struct verbs_txreq *tx = NULL; write_seqlock(&dev->iowait_lock); if (ib_rvt_state_ops[qp->state] & RVT_PROCESS_RECV_OK) { diff --git a/drivers/infiniband/hw/hfi1/verbs_txreq.h b/drivers/infiniband/hw/hfi1/verbs_txreq.h index 5660897..31ded57 100644 --- a/drivers/infiniband/hw/hfi1/verbs_txreq.h +++ b/drivers/infiniband/hw/hfi1/verbs_txreq.h @@ -1,5 +1,5 @@ /* - * Copyright(c) 2016 Intel Corporation. + * Copyright(c) 2016 - 2018 Intel Corporation. * * This file is provided under a dual BSD/GPLv2 license. When using or * redistributing this file, you may do so under either license. @@ -82,7 +82,7 @@ struct verbs_txreq *__get_txreq(struct hfi1_ibdev *dev, if (unlikely(!tx)) { /* call slow path to get the lock */ tx = __get_txreq(dev, qp); - if (IS_ERR(tx)) + if (!tx) return tx; } tx->qp = qp;

7 years, 1 month

1
0
0 0

v4.17.12 build: 0 failures 1 warnings (v4.17.12)

by Build bot for Mark Brown

Tree/Branch: v4.17.12 Git describe: v4.17.12 Commit: 506f6fba26 Linux 4.17.12 Build Time: 0 min 13 sec Passed: 8 / 8 (100.00 %) Failed: 0 / 8 ( 0.00 %) Errors: 0 Warnings: 1 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 1 warnings 0 mismatches : arm-allmodconfig 1 warnings 0 mismatches : arm-multi_v7_defconfig 1 warnings 0 mismatches : arm-multi_v5_defconfig ------------------------------------------------------------------------------- Warnings Summary: 1 3 ../include/net/ip6_route.h:71:12: warning: 'rt' may be used uninitialized in this function [-Wmaybe-uninitialized] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm-allmodconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../include/net/ip6_route.h:71:12: warning: 'rt' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- arm-multi_v7_defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../include/net/ip6_route.h:71:12: warning: 'rt' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- arm-multi_v5_defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../include/net/ip6_route.h:71:12: warning: 'rt' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm-allnoconfig x86_64-defconfig

7 years, 1 month

1
0
0 0

Enhancing your images

by Sam

Do you have photos for editing? We are image team and we can process 500+ images each day. We edit ecommerce photo, jewelry photos, and beauty model photos. also wedding photos. We do cut out and clipping path for photos, also retouching. You may send us a test photo to check our quality. Thanks, Sam Parker

7 years, 1 month

1
0
0 0

[PATCH] drm/i915/lpe: Mark LPE audio as "no callbacks"

by Chris Wilson

The LPE audio is a child device of i915, it is powered up and down alongside the igfx and presents no independent runtime interface. This aptly fulfils the description of a "No-Callback" Device, so mark it thus. Fixes: 183c00350ccd ("drm/i915: Fix runtime PM for LPE audio") Testcase: igt/pm_rpm/basic-pci-d3-state Testcase: igt/pm_rpm/basic-rte Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Takashi Iwai <tiwai(a)suse.de> Cc: Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> Cc: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/i915/intel_lpe_audio.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/drivers/gpu/drm/i915/intel_lpe_audio.c b/drivers/gpu/drm/i915/intel_lpe_audio.c index 6269750e2b54..430732720e65 100644 --- a/drivers/gpu/drm/i915/intel_lpe_audio.c +++ b/drivers/gpu/drm/i915/intel_lpe_audio.c @@ -126,9 +126,7 @@ lpe_audio_platdev_create(struct drm_i915_private *dev_priv) return platdev; } - pm_runtime_forbid(&platdev->dev); - pm_runtime_set_active(&platdev->dev); - pm_runtime_enable(&platdev->dev); + pm_runtime_no_callbacks(&platdev->dev); return platdev; } -- 2.18.0

7 years, 1 month

2
2
0 0

[PATCH] drm/vc4: Fix the "no scaling" case on multi-planar YUV formats

by Boris Brezillon

When there's no scaling requested ->is_unity should be true no matter the format. Also, when no scaling is requested and we have a multi-planar YUV format, we should leave ->y_scaling[0] to VC4_SCALING_NONE and only set ->x_scaling[0] to VC4_SCALING_PPF. Doing this fixes an hardly visible artifact (seen when using modetest and a rather big overlay plane in YUV420). Fixes: fc04023fafec ("drm/vc4: Add support for YUV planes.") Cc: <stable(a)vger.kernel.org> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> --- drivers/gpu/drm/vc4/vc4_plane.c | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/drivers/gpu/drm/vc4/vc4_plane.c b/drivers/gpu/drm/vc4/vc4_plane.c index cfb50fedfa2b..a3275fa66b7b 100644 --- a/drivers/gpu/drm/vc4/vc4_plane.c +++ b/drivers/gpu/drm/vc4/vc4_plane.c @@ -297,6 +297,9 @@ static int vc4_plane_setup_clipping_and_scaling(struct drm_plane_state *state) vc4_state->y_scaling[0] = vc4_get_scaling_mode(vc4_state->src_h[0], vc4_state->crtc_h); + vc4_state->is_unity = (vc4_state->x_scaling[0] == VC4_SCALING_NONE && + vc4_state->y_scaling[0] == VC4_SCALING_NONE); + if (num_planes > 1) { vc4_state->is_yuv = true; @@ -312,24 +315,17 @@ static int vc4_plane_setup_clipping_and_scaling(struct drm_plane_state *state) vc4_get_scaling_mode(vc4_state->src_h[1], vc4_state->crtc_h); - /* YUV conversion requires that scaling be enabled, - * even on a plane that's otherwise 1:1. Choose TPZ - * for simplicity. + /* YUV conversion requires that horizontal scaling be enabled, + * even on a plane that's otherwise 1:1. Looks like only PPF + * works in that case, so let's pick that one. */ - if (vc4_state->x_scaling[0] == VC4_SCALING_NONE) - vc4_state->x_scaling[0] = VC4_SCALING_TPZ; - if (vc4_state->y_scaling[0] == VC4_SCALING_NONE) - vc4_state->y_scaling[0] = VC4_SCALING_TPZ; + if (vc4_state->is_unity) + vc4_state->x_scaling[0] = VC4_SCALING_PPF; } else { vc4_state->x_scaling[1] = VC4_SCALING_NONE; vc4_state->y_scaling[1] = VC4_SCALING_NONE; } - vc4_state->is_unity = (vc4_state->x_scaling[0] == VC4_SCALING_NONE && - vc4_state->y_scaling[0] == VC4_SCALING_NONE && - vc4_state->x_scaling[1] == VC4_SCALING_NONE && - vc4_state->y_scaling[1] == VC4_SCALING_NONE); - /* No configuring scaling on the cursor plane, since it gets non-vblank-synced updates, and scaling requires requires LBM changes which have to be vblank-synced. @@ -672,7 +668,10 @@ static int vc4_plane_mode_set(struct drm_plane *plane, vc4_dlist_write(vc4_state, SCALER_CSC2_ITR_R_601_5); } - if (!vc4_state->is_unity) { + if (vc4_state->x_scaling[0] != VC4_SCALING_NONE || + vc4_state->x_scaling[1] != VC4_SCALING_NONE || + vc4_state->y_scaling[0] != VC4_SCALING_NONE || + vc4_state->y_scaling[1] != VC4_SCALING_NONE) { /* LBM Base Address. */ if (vc4_state->y_scaling[0] != VC4_SCALING_NONE || vc4_state->y_scaling[1] != VC4_SCALING_NONE) { -- 2.14.1

7 years, 1 month

2
2
0 0

[PATCH] usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers

by Felipe Balbi

When chaining ISOC TRBs together, only the first ISOC TRB should be of type ISOC_FIRST, all others should be of type ISOC. This patch fixes that. Fixes: c6267a51639b ("usb: dwc3: gadget: align transfers to wMaxPacketSize") Cc: <stable(a)vger.kernel.org> # v4.11+ Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> --- drivers/usb/dwc3/gadget.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c index 032ea7d709ba..2ca52a056e49 100644 --- a/drivers/usb/dwc3/gadget.c +++ b/drivers/usb/dwc3/gadget.c @@ -1073,7 +1073,7 @@ static void dwc3_prepare_one_trb_sg(struct dwc3_ep *dep, /* Now prepare one extra TRB to align transfer size */ trb = &dep->trb_pool[dep->trb_enqueue]; __dwc3_prepare_one_trb(dep, trb, dwc->bounce_addr, - maxp - rem, false, 0, + maxp - rem, false, 1, req->request.stream_id, req->request.short_not_ok, req->request.no_interrupt); @@ -1117,7 +1117,7 @@ static void dwc3_prepare_one_trb_linear(struct dwc3_ep *dep, /* Now prepare one extra TRB to align transfer size */ trb = &dep->trb_pool[dep->trb_enqueue]; __dwc3_prepare_one_trb(dep, trb, dwc->bounce_addr, maxp - rem, - false, 0, req->request.stream_id, + false, 1, req->request.stream_id, req->request.short_not_ok, req->request.no_interrupt); } else if (req->request.zero && req->request.length && @@ -1133,7 +1133,7 @@ static void dwc3_prepare_one_trb_linear(struct dwc3_ep *dep, /* Now prepare one extra TRB to handle ZLP */ trb = &dep->trb_pool[dep->trb_enqueue]; __dwc3_prepare_one_trb(dep, trb, dwc->bounce_addr, 0, - false, 0, req->request.stream_id, + false, 1, req->request.stream_id, req->request.short_not_ok, req->request.no_interrupt); } else { -- 2.16.1

7 years, 1 month

1
0
0 0

Linux 4.9.117

by Greg KH

I'm announcing the release of the 4.9.117 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/net/dsa/qca8k.txt | 23 +++++ Documentation/devicetree/bindings/net/meson-dwmac.txt | 1 Documentation/devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 Makefile | 2 arch/arm/boot/dts/emev2.dtsi | 5 - arch/arm/boot/dts/sh73a0.dtsi | 5 - arch/arm64/configs/defconfig | 2 arch/arm64/include/asm/cmpxchg.h | 4 arch/arm64/mm/init.c | 4 arch/microblaze/boot/Makefile | 10 +- arch/powerpc/kernel/eeh_driver.c | 28 +++--- arch/powerpc/kernel/head_8xx.S | 2 arch/powerpc/kernel/pci_32.c | 1 arch/powerpc/mm/slb.c | 8 - arch/powerpc/net/bpf_jit_comp64.c | 34 +++++-- arch/powerpc/platforms/chrp/time.c | 6 - arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 + arch/powerpc/platforms/powermac/bootx_init.c | 4 arch/powerpc/platforms/powermac/setup.c | 1 arch/s390/include/asm/cpu_mf.h | 6 - arch/x86/events/intel/uncore.c | 2 arch/x86/events/intel/uncore_nhmex.c | 2 arch/x86/kvm/mmu.c | 2 crypto/authenc.c | 1 crypto/authencesn.c | 1 drivers/acpi/pci_root.c | 4 drivers/ata/libata-eh.c | 12 +- drivers/bluetooth/btusb.c | 3 drivers/bluetooth/hci_qca.c | 2 drivers/bus/arm-ccn.c | 20 ++-- drivers/char/random.c | 10 ++ drivers/edac/altera_edac.c | 2 drivers/gpu/drm/drm_atomic.c | 4 drivers/gpu/drm/gma500/psb_intel_drv.h | 2 drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 drivers/gpu/drm/radeon/radeon_connectors.c | 10 +- drivers/hid/hid-plantronics.c | 6 + drivers/hid/i2c-hid/i2c-hid.c | 8 + drivers/infiniband/core/mad.c | 11 +- drivers/infiniband/core/ucma.c | 6 + drivers/infiniband/core/uverbs_cmd.c | 5 + drivers/input/mouse/elan_i2c_core.c | 2 drivers/input/serio/i8042-x86ia64io.h | 7 + drivers/md/md.c | 3 drivers/media/common/siano/smsendian.c | 14 +-- drivers/media/i2c/smiapp/smiapp-core.c | 11 +- drivers/media/media-device.c | 21 ++-- drivers/media/pci/saa7164/saa7164-fw.c | 3 drivers/media/pci/tw686x/tw686x-video.c | 3 drivers/media/platform/omap3isp/isp.c | 7 - drivers/media/platform/rcar_jpu.c | 4 drivers/media/radio/si470x/radio-si470x-i2c.c | 6 - drivers/media/v4l2-core/videobuf2-core.c | 9 +- drivers/memory/tegra/mc.c | 22 +---- drivers/memory/tegra/mc.h | 9 ++ drivers/memory/tegra/tegra114.c | 2 drivers/memory/tegra/tegra124.c | 6 + drivers/memory/tegra/tegra210.c | 3 drivers/memory/tegra/tegra30.c | 2 drivers/mfd/cros_ec.c | 6 + drivers/mmc/core/pwrseq_simple.c | 14 ++- drivers/mmc/host/dw_mmc.c | 4 drivers/mtd/nand/fsl_ifc_nand.c | 17 ++- drivers/net/dsa/qca8k.c | 52 +++++++++++- drivers/net/dsa/qca8k.h | 7 + drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 + drivers/net/wireless/ath/regd.h | 5 + drivers/net/wireless/ath/regd_common.h | 13 +++ drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 drivers/net/wireless/marvell/mwifiex/usb.c | 3 drivers/net/wireless/marvell/mwifiex/util.c | 8 + drivers/net/wireless/rsi/rsi_91x_sdio.c | 2 drivers/net/wireless/ti/wlcore/sdio.c | 5 + drivers/net/xen-netfront.c | 4 drivers/nvmem/core.c | 7 + drivers/pci/pci-sysfs.c | 15 ++- drivers/pinctrl/pinctrl-at91-pio4.c | 4 drivers/regulator/pfuze100-regulator.c | 1 drivers/rtc/interface.c | 5 + drivers/scsi/3w-9xxx.c | 5 + drivers/scsi/3w-xxxx.c | 3 drivers/scsi/megaraid.c | 3 drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 drivers/scsi/scsi_dh.c | 5 - drivers/scsi/ufs/ufshcd.c | 2 drivers/staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 18 ++-- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 + drivers/staging/lustre/lustre/llite/xattr.c | 6 + drivers/thermal/samsung/exynos_tmu.c | 1 drivers/tty/hvc/hvc_opal.c | 1 drivers/tty/pty.c | 3 drivers/usb/core/hub.c | 4 drivers/usb/dwc2/hcd.c | 44 +++++----- drivers/vfio/platform/vfio_platform_common.c | 15 ++- fs/btrfs/qgroup.c | 19 ++++ fs/btrfs/tree-log.c | 10 +- fs/crypto/crypto.c | 11 ++ fs/ext4/balloc.c | 3 fs/ext4/ialloc.c | 3 fs/ext4/inline.c | 19 ++-- fs/ext4/inode.c | 16 +-- fs/f2fs/file.c | 14 ++- fs/f2fs/gc.c | 11 +- fs/f2fs/segment.c | 5 + fs/f2fs/super.c | 6 + fs/nfs/nfs4proc.c | 3 fs/nfsd/nfs4xdr.c | 2 fs/squashfs/cache.c | 3 fs/squashfs/file.c | 8 + fs/squashfs/fragment.c | 4 fs/squashfs/squashfs_fs.h | 6 + include/drm/drm_dp_helper.h | 1 include/linux/dma-iommu.h | 1 include/linux/mmc/sdio_ids.h | 1 include/linux/netfilter/ipset/ip_set_timeout.h | 10 +- include/linux/serial_core.h | 3 include/soc/tegra/mc.h | 2 kernel/auditfilter.c | 2 kernel/auditsc.c | 2 kernel/bpf/verifier.c | 4 kernel/kcov.c | 3 kernel/kthread.c | 8 + kernel/stop_machine.c | 24 ++--- kernel/trace/trace_events_trigger.c | 18 +++- kernel/trace/trace_kprobe.c | 15 +++ mm/slub.c | 2 mm/vmalloc.c | 3 net/ipv4/ipconfig.c | 13 +++ net/netfilter/nf_tables_api.c | 11 +- security/integrity/ima/ima_main.c | 1 sound/pci/emu10k1/emupcm.c | 4 sound/pci/emu10k1/memory.c | 6 - sound/pci/fm801.c | 16 ++- sound/pci/hda/patch_ca0132.c | 8 + sound/soc/soc-pcm.c | 6 - sound/usb/pcm.c | 2 tools/perf/util/parse-events.y | 14 +++ tools/testing/selftests/intel_pstate/run.sh | 24 ++--- tools/usb/usbip/src/usbip_detach.c | 9 +- 142 files changed, 766 insertions(+), 298 deletions(-) Alexandre Belloni (1): rtc: ensure rtc_set_alarm fails when alarms are not supported Alexey Kodanev (1): netfilter: nf_tables: check msg_type before nft_trans_set(trans) Anatoly Pugachev (1): disable loading f2fs module on PAGE_SIZE > 4KB Anson Huang (1): regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Antti Seppälä (1): usb: dwc2: Fix DMA alignment to start at allocated boundary Artem Savkov (1): tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Bartlomiej Zolnierkiewicz (1): thermal: exynos: fix setting rising_threshold for Exynos5433 Brad Love (1): media: saa7164: Fix driver name in debug output Chao Yu (4): f2fs: fix error path of move_data_page f2fs: fix to don't trigger writeback during recovery f2fs: fix to wait page writeback during revoking atomic write f2fs: fix race in between GC and atomic open Chen-Yu Tsai (1): Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Chintan Pandya (1): mm: vmalloc: avoid racy handling of debugobjects in vunmap Chris Novakovic (1): ipconfig: Correctly initialise ic_nameservers Christoph Hellwig (1): PCI: Prevent sysfs disable of device while driver is attached Christophe Leroy (1): powerpc/8xx: fix invalid register expression in head_8xx.S Colin Ian King (1): media: smiapp: fix timeout checking in smiapp_read_nvm Cong Wang (1): infiniband: fix a possible use-after-free bug DaeRyong Jeong (1): tty: Fix data race in tty_insert_flip_string_fixed_flag Damien Le Moal (1): libata: Fix command retry decision Dan Carpenter (1): scsi: megaraid: silence a static checker bug Daniel Díaz (1): selftests/intel_pstate: Improve test, minor fixes David Sterba (1): btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Dmitry Osipenko (2): memory: tegra: Do not handle spurious interrupts memory: tegra: Apply interrupts mask per SoC Dmitry Torokhov (1): HID: i2c-hid: check if device is there before really probing Dominik Bozek (1): usb: hub: Don't wait for connect state at resume for powered-off ports Donald Shanty III (1): Input: elan_i2c - add ACPI ID for lenovo ideapad 330 Doug Oucahrek (1): staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Douglas Anderson (1): serial: core: Make sure compiler barfs for 16-byte earlycon names Emil Tantilov (1): ixgbevf: fix MAC address changes through ixgbevf_set_mac() Enric Balletbo i Serra (1): arm64: defconfig: Enable Rockchip io-domain driver Eric Biggers (1): fscrypt: use unbound workqueue for decryption Eyal Reizer (1): wlcore: sdio: check for valid platform device data before suspend Ezequiel Garcia (1): media: tw686x: Fix incorrect vb2_mem_ops GFP flags Ganapathi Bhat (1): mwifiex: handle race during mwifiex_usb_disconnect Geert Uytterhoeven (3): vfio: platform: Fix reset module leak in error path ARM: dts: emev2: Add missing interrupt-affinity to PMU node ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Greg Kroah-Hartman (1): Linux 4.9.117 Grygorii Strashko (1): net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Hans Verkuil (1): media: videobuf2-core: don't call memop 'finish' when queueing Jakub Kicinski (1): bpf: fix references to free_bpf_prog_info() in comments James Simmons (1): staging: lustre: llite: correct removexattr detection Jane Wan (1): mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Jian-Hong Pan (1): Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Jiri Olsa (1): perf tools: Fix pmu events parsing rule Johannes Weiner (1): arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups Jonathan Neuschäfer (1): powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet José Roberto de Souza (1): drm: Add DP PSR2 sink enable bit Jozsef Kadlecsik (1): netfilter: ipset: List timing out entries with "timeout 1" instead of zero Juergen Gross (1): xen/netfront: raise max number of slots in xennet_get_responses() Julia Lawall (1): pinctrl: at91-pio4: add missing of_node_put KT Liao (1): Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Kai Chieh Chuang (1): ASoC: dpcm: fix BE dai not hw_free and shutdown Kan Liang (2): perf/x86/intel/uncore: Correct fixed counter index check in generic code perf/x86/intel/uncore: Correct fixed counter index check for NHM Leon Romanovsky (2): RDMA/mad: Convert BUG_ONs to error flows RDMA/uverbs: Protect from attempts to create flows on unsupported QP Linus Torvalds (1): squashfs: be more careful about metadata corruption Luc Van Oostenryck (2): drm/radeon: fix mode_valid's return type drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Marc Zyngier (1): dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA Mark Rutland (2): kcov: ensure irq code sees a valid area drivers/perf: arm-ccn: don't log to dmesg in event_init Martin Blumenstingl (1): dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Mathieu Malaterre (6): mm/slub.c: add __printf verification to slab_err() powerpc/32: Add a missing include header powerpc/chrp/time: Make some functions static, add missing header include powerpc/powermac: Add missing prototype for note_bootable_part() powerpc/powermac: Mark variable x as unused nvmem: properly handle returned value nvmem_reg_read Mauro Carvalho Chehab (2): media: siano: get rid of __le32/__le16 cast warnings media: si470x: fix __be16 annotations Maya Erez (1): scsi: ufs: fix exception event handling Michael Chan (1): bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. Michal Simek (1): microblaze: Fix simpleImage format generation Michal Vokáč (5): net: dsa: qca8k: Add support for QCA8334 switch net: dsa: qca8k: Force CPU port to its highest bandwidth net: dsa: qca8k: Enable RXMAC when bringing up a port net: dsa: qca8k: Add QCA8334 binding documentation net: dsa: qca8k: Allow overwriting CPU port setting Mika Westerberg (1): PCI: pciehp: Request control of native hotplug only if supported Mimi Zohar (1): ima: based on policy verify firmware signatures (pre-allocated buffer) NeilBrown (1): staging: lustre: ldlm: free resource when ldlm_lock_create() fails. Nicholas Piggin (1): powerpc/64s: Fix compiler store ordering to SLB shadow area Ondrej Mosnáček (1): audit: allow not equal op for audit by executable Qu Wenruo (1): btrfs: qgroup: Finish rescan when hit the last leaf of extent tree Sahitya Tummala (1): f2fs: Fix deadlock in shutdown ioctl Sam Bobroff (1): powerpc/eeh: Fix use-after-release of EEH driver Sami Tolvanen (1): media: media-device: fix ioctl function types Sandipan Das (1): bpf: powerpc64: pad function address loads with NOPs Satendra Singh Thakur (1): drm/atomic: Handling the case when setting old crtc for plane Scott Mayhew (1): nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Sean Lanigan (1): brcmfmac: Add support for bcm43364 wireless chipset Shakeel Butt (1): kvm, mm: account shadow page tables to kmemcg Shaul Triebitz (1): iwlwifi: pcie: fix race in Rx buffer allocator Shawn Lin (1): mmc: dw_mmc: update actual clock for mmc debugfs Shivasharan S (1): scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Shuah Khan (Samsung OSG) (1): usbip: usbip_detach: Fix memory, udev context and udev leak Siva Rebbagondla (1): rsi: Fix 'invalid vdd' warning in mmc Snild Dolkow (1): kthread, tracing: Don't expose half-written comm when creating kthreads Steven Rostedt (VMware) (3): tracing: Fix double free of event_trigger_data tracing: Fix possible double free in event_enable_trigger_func() tracing: Quiet gcc warning about maybe unused link variable Stewart Smith (1): hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Suman Anna (1): media: omap3isp: fix unbalanced dma_iommu_mapping Sven Eckelmann (9): ath: Add regulatory mapping for FCC3_ETSIC ath: Add regulatory mapping for ETSI8_WORLD ath: Add regulatory mapping for APL13_WORLD ath: Add regulatory mapping for APL2_FCCA ath: Add regulatory mapping for Uganda ath: Add regulatory mapping for Tanzania ath: Add regulatory mapping for Serbia ath: Add regulatory mapping for Bermuda ath: Add regulatory mapping for Bahamas Takashi Iwai (2): ALSA: emu10k1: Rate-limit error messages about page errors ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Takashi Sakamoto (1): ALSA: hda/ca0132: fix build failure when a local macro is defined Terry Junge (1): HID: hid-plantronics: Re-resend Update to map button for PTT products Theodore Ts'o (3): random: mix rdrand with entropy sent in from userspace ext4: fix inline data updates with checksums enabled ext4: check for allocation block validity with block group locked Thierry Escande (1): Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Thomas Gleixner (1): stop_machine: Use raw spinlocks Thomas Richter (2): s390/cpum_sf: Add data entry sizes to sampling trailer entry perf: fix invalid bit in diagnostic entry Thor Thayer (1): EDAC, altera: Fix ARM64 build warning Tobin C. Harding (1): mmc: pwrseq: Use kmalloc_array instead of stack VLA Trond Myklebust (1): pnfs: Don't release the sequence slot until we've processed layoutget on open Tudor-Dan Ambarus (2): crypto: authencesn - don't leak pointers to authenc keys crypto: authenc - don't leak pointers to authenc keys Vincent Palatin (1): mfd: cros_ec: Fail early if we cannot identify the EC Wei Yongjun (1): media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Wenwen Wang (2): scsi: 3w-9xxx: fix a missing-check bug scsi: 3w-xxxx: fix a missing-check bug Will Deacon (1): arm64: cmpwait: Clear event register before arming exclusive monitor Xinming Hu (1): mwifiex: correct histogram data with appropriate index Xose Vazquez Perez (1): scsi: scsi_dh: replace too broad "TP9" string with the exact models Yixun Lan (1): dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Yufen Yu (1): md: fix NULL dereference of mddev->pers in remove_and_add_spares() Zhouyang Jia (2): ALSA: emu10k1: add error handling for snd_ctl_add ALSA: fm801: add error handling for snd_ctl_add

7 years, 1 month

1
1
0 0

Linux 4.14.60

by Greg KH

I'm announcing the release of the 4.14.60 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/net/dsa/qca8k.txt | 23 +- Documentation/devicetree/bindings/net/meson-dwmac.txt | 1 Documentation/devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 Documentation/vfio-mediated-device.txt | 5 Makefile | 2 arch/arm/boot/dts/emev2.dtsi | 5 arch/arm/boot/dts/sh73a0.dtsi | 5 arch/arm/boot/dts/stih407-pinctrl.dtsi | 10 arch/arm/net/bpf_jit_32.c | 10 arch/arm64/boot/dts/renesas/salvator-common.dtsi | 38 +-- arch/arm64/configs/defconfig | 2 arch/arm64/include/asm/cmpxchg.h | 4 arch/arm64/mm/init.c | 4 arch/microblaze/boot/Makefile | 10 arch/powerpc/include/asm/barrier.h | 15 + arch/powerpc/include/asm/cache.h | 3 arch/powerpc/kernel/eeh_driver.c | 28 +- arch/powerpc/kernel/head_8xx.S | 2 arch/powerpc/kernel/pci_32.c | 1 arch/powerpc/kernel/prom_init.c | 114 +++++----- arch/powerpc/lib/string.S | 7 arch/powerpc/mm/slb.c | 8 arch/powerpc/net/bpf_jit_comp64.c | 34 ++ arch/powerpc/platforms/chrp/time.c | 6 arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 arch/powerpc/platforms/powermac/bootx_init.c | 4 arch/powerpc/platforms/powermac/setup.c | 1 arch/s390/include/asm/cpu_mf.h | 6 arch/x86/events/intel/uncore.c | 2 arch/x86/events/intel/uncore_nhmex.c | 2 arch/x86/kernel/cpu/microcode/core.c | 6 arch/x86/kvm/mmu.c | 2 block/bfq-iosched.c | 2 block/bio.c | 19 - crypto/authenc.c | 1 crypto/authencesn.c | 1 drivers/acpi/acpi_lpss.c | 6 drivers/acpi/pci_root.c | 4 drivers/ata/libata-eh.c | 12 - drivers/bluetooth/btusb.c | 4 drivers/bluetooth/hci_qca.c | 2 drivers/bus/arm-ccn.c | 20 - drivers/char/random.c | 10 drivers/edac/altera_edac.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 8 drivers/gpu/drm/drm_atomic.c | 4 drivers/gpu/drm/drm_atomic_helper.c | 78 +++--- drivers/gpu/drm/drm_dp_mst_topology.c | 9 drivers/gpu/drm/gma500/psb_intel_drv.h | 2 drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 drivers/gpu/drm/nouveau/nvkm/engine/fifo/gk104.c | 8 drivers/gpu/drm/radeon/radeon_connectors.c | 10 drivers/hid/hid-plantronics.c | 6 drivers/hid/i2c-hid/i2c-hid.c | 8 drivers/i2c/i2c-core-base.c | 5 drivers/infiniband/core/mad.c | 11 drivers/infiniband/core/ucma.c | 6 drivers/infiniband/core/uverbs_cmd.c | 5 drivers/infiniband/core/verbs.c | 12 - drivers/infiniband/ulp/srpt/ib_srpt.c | 16 - drivers/input/mouse/elan_i2c_core.c | 2 drivers/input/serio/i8042-x86ia64io.h | 7 drivers/irqchip/irq-ls-scfg-msi.c | 3 drivers/lightnvm/pblk-rb.c | 5 drivers/md/md.c | 3 drivers/md/raid1.c | 2 drivers/media/common/siano/smsendian.c | 14 - drivers/media/i2c/smiapp/smiapp-core.c | 11 drivers/media/media-device.c | 21 - drivers/media/pci/saa7164/saa7164-fw.c | 3 drivers/media/pci/tw686x/tw686x-video.c | 3 drivers/media/platform/omap3isp/isp.c | 7 drivers/media/platform/rcar_jpu.c | 4 drivers/media/radio/si470x/radio-si470x-i2c.c | 6 drivers/media/v4l2-core/videobuf2-core.c | 9 drivers/memory/tegra/mc.c | 22 - drivers/memory/tegra/mc.h | 9 drivers/memory/tegra/tegra114.c | 2 drivers/memory/tegra/tegra124.c | 6 drivers/memory/tegra/tegra210.c | 3 drivers/memory/tegra/tegra30.c | 2 drivers/mfd/cros_ec.c | 6 drivers/mmc/core/pwrseq_simple.c | 14 - drivers/mmc/host/dw_mmc.c | 4 drivers/mtd/nand/fsl_ifc_nand.c | 17 - drivers/net/dsa/qca8k.c | 52 ++++ drivers/net/dsa/qca8k.h | 7 drivers/net/ethernet/amazon/ena/ena_com.c | 1 drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 4 drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 7 drivers/net/ethernet/hisilicon/hns3/hns3pf/hns3_enet.c | 4 drivers/net/ethernet/intel/e1000e/netdev.c | 15 - drivers/net/ethernet/intel/i40e/i40e_ptp.c | 7 drivers/net/ethernet/intel/igb/igb_main.c | 9 drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c | 4 drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 drivers/net/hyperv/hyperv_net.h | 2 drivers/net/hyperv/netvsc_drv.c | 43 +-- drivers/net/phy/mdio-mux-bcm-iproc.c | 2 drivers/net/phy/phylink.c | 2 drivers/net/usb/lan78xx.c | 2 drivers/net/wireless/ath/regd.h | 5 drivers/net/wireless/ath/regd_common.h | 13 + drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 drivers/net/wireless/marvell/mwifiex/usb.c | 3 drivers/net/wireless/marvell/mwifiex/util.c | 8 drivers/net/wireless/rsi/rsi_91x_hal.c | 35 +-- drivers/net/wireless/rsi/rsi_91x_sdio.c | 23 +- drivers/net/wireless/rsi/rsi_sdio.h | 2 drivers/net/wireless/ti/wlcore/sdio.c | 5 drivers/net/xen-netfront.c | 10 drivers/nvme/host/pci.c | 5 drivers/nvme/host/rdma.c | 10 drivers/nvmem/core.c | 7 drivers/pci/host/pci-xgene.c | 1 drivers/pci/hotplug/pciehp_hpc.c | 7 drivers/pci/pci-sysfs.c | 15 - drivers/pci/probe.c | 4 drivers/pinctrl/pinctrl-at91-pio4.c | 4 drivers/regulator/cpcap-regulator.c | 2 drivers/regulator/of_regulator.c | 13 - drivers/regulator/pfuze100-regulator.c | 1 drivers/regulator/twl-regulator.c | 2 drivers/rtc/interface.c | 5 drivers/rtc/rtc-tps6586x.c | 14 - drivers/rtc/rtc-tps65910.c | 12 - drivers/rtc/rtc-vr41xx.c | 9 drivers/s390/scsi/zfcp_dbf.c | 2 drivers/scsi/3w-9xxx.c | 5 drivers/scsi/3w-xxxx.c | 3 drivers/scsi/cxlflash/main.c | 11 drivers/scsi/cxlflash/sislite.h | 1 drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 11 drivers/scsi/megaraid.c | 3 drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 drivers/scsi/qedf/qedf_main.c | 10 drivers/scsi/scsi_dh.c | 5 drivers/scsi/ufs/ufshcd.c | 28 +- drivers/soc/imx/gpcv2.c | 22 + drivers/spi/spi-meson-spicc.c | 11 drivers/spi/spi-s3c64xx.c | 4 drivers/spi/spi-sh-msiof.c | 6 drivers/spi/spi.c | 1 drivers/staging/lustre/lnet/klnds/o2iblnd/o2iblnd.c | 2 drivers/staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 30 +- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 drivers/staging/lustre/lustre/llite/xattr.c | 6 drivers/staging/media/atomisp/i2c/ov2680.c | 6 drivers/staging/media/atomisp/pci/atomisp2/atomisp_compat_ioctl32.c | 49 ++-- drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c | 1 drivers/thermal/samsung/exynos_tmu.c | 1 drivers/tty/hvc/hvc_opal.c | 1 drivers/tty/pty.c | 3 drivers/usb/core/hub.c | 4 drivers/usb/gadget/udc/renesas_usb3.c | 8 drivers/vfio/mdev/mdev_core.c | 102 +++----- drivers/vfio/mdev/mdev_private.h | 2 drivers/vfio/platform/vfio_platform_common.c | 15 - drivers/vfio/vfio_iommu_type1.c | 73 ++++-- drivers/video/backlight/pwm_bl.c | 6 drivers/watchdog/da9063_wdt.c | 17 + fs/block_dev.c | 9 fs/btrfs/inode.c | 33 +- fs/btrfs/qgroup.c | 19 + fs/btrfs/tree-log.c | 10 fs/ceph/super.c | 2 fs/crypto/crypto.c | 11 fs/ext4/balloc.c | 3 fs/ext4/ialloc.c | 8 fs/ext4/inline.c | 19 - fs/ext4/inode.c | 16 - fs/ext4/super.c | 8 fs/f2fs/data.c | 8 fs/f2fs/file.c | 18 + fs/f2fs/gc.c | 11 fs/f2fs/segment.c | 5 fs/f2fs/super.c | 6 fs/nfs/nfs4proc.c | 14 - fs/nfs/pnfs.c | 6 fs/nfsd/nfs4xdr.c | 2 fs/overlayfs/super.c | 19 + fs/proc/task_mmu.c | 26 +- fs/squashfs/cache.c | 3 fs/squashfs/file.c | 8 fs/squashfs/fragment.c | 4 fs/squashfs/squashfs_fs.h | 6 include/drm/drm_dp_helper.h | 1 include/linux/delayacct.h | 4 include/linux/dma-iommu.h | 1 include/linux/mmc/sdio_ids.h | 1 include/linux/netfilter/ipset/ip_set_timeout.h | 10 include/linux/regulator/consumer.h | 1 include/linux/serial_core.h | 3 include/linux/thread_info.h | 6 include/net/tcp.h | 2 include/soc/tegra/mc.h | 2 include/uapi/sound/asoc.h | 23 +- kernel/auditfilter.c | 2 kernel/auditsc.c | 2 kernel/bpf/verifier.c | 4 kernel/delayacct.c | 17 - kernel/fork.c | 3 kernel/hung_task.c | 11 kernel/kcov.c | 3 kernel/kthread.c | 8 kernel/power/suspend.c | 14 - kernel/printk/printk_safe.c | 2 kernel/stop_machine.c | 24 +- kernel/trace/trace_events_trigger.c | 18 + kernel/trace/trace_kprobe.c | 15 + mm/slub.c | 2 mm/vmalloc.c | 3 net/ipv4/fib_frontend.c | 4 net/ipv4/ipconfig.c | 13 + net/ipv4/tcp_bbr.c | 4 net/ipv4/tcp_dctcp.c | 4 net/ipv4/tcp_input.c | 48 ++-- net/netfilter/ipset/ip_set_hash_gen.h | 5 net/netfilter/nf_tables_api.c | 11 net/netlink/af_netlink.c | 5 security/integrity/ima/ima_main.c | 1 sound/pci/emu10k1/emupcm.c | 4 sound/pci/emu10k1/memory.c | 6 sound/pci/fm801.c | 16 + sound/pci/hda/patch_ca0132.c | 8 sound/soc/soc-pcm.c | 6 sound/soc/soc-topology.c | 19 + sound/usb/pcm.c | 2 tools/perf/util/parse-events.y | 14 + tools/testing/selftests/intel_pstate/run.sh | 29 +- tools/testing/selftests/memfd/run_tests.sh | 14 - tools/usb/usbip/libsrc/vhci_driver.c | 32 +- tools/usb/usbip/libsrc/vhci_driver.h | 3 tools/usb/usbip/src/usbip_detach.c | 9 238 files changed, 1564 insertions(+), 825 deletions(-) Alex Williamson (2): vfio/mdev: Check globally for duplicate devices vfio/type1: Fix task tracking for QEMU vCPU hotplug Alexandre Belloni (4): rtc: ensure rtc_set_alarm fails when alarms are not supported rtc: tps6586x: fix possible race condition rtc: vr41xx: fix possible race condition rtc: tps65910: fix possible race condition Alexey Khoroshilov (1): spi: meson-spicc: Fix error handling in meson_spicc_probe() Alexey Kodanev (1): netfilter: nf_tables: check msg_type before nft_trans_set(trans) Anatoly Pugachev (1): disable loading f2fs module on PAGE_SIZE > 4KB Andrew Morton (2): drivers/infiniband/core/verbs.c: fix build with gcc-4.4.4 drivers/infiniband/ulp/srpt/ib_srpt.c: fix build with gcc-4.4.4 Andrey Smirnov (1): soc: imx: gpcv2: Do not pass static memory as platform data Andy Shevchenko (1): drm/dp/mst: Fix off-by-one typo when dump payload table Anson Huang (1): regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Anton Vasilyev (1): net: mdio-mux: bcm-iproc: fix wrong getter and setter pair Artem Savkov (1): tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Bart Van Assche (2): RDMA/core: Avoid that ib_drain_qp() triggers an out-of-bounds stack access IB/srpt: Fix an out-of-bounds stack access in srpt_zerolength_write() Bartlomiej Zolnierkiewicz (1): thermal: exynos: fix setting rising_threshold for Exynos5433 Ben Skeggs (1): drm/nouveau/fifo/gk104-: poll for runlist update completion Benjamin Poirier (1): e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes Brad Love (1): media: saa7164: Fix driver name in debug output Chad Dupuis (1): scsi: qedf: Set the UNLOADING flag when removing a vport Chao Yu (5): f2fs: fix error path of move_data_page f2fs: fix to don't trigger writeback during recovery f2fs: fix to wait page writeback during revoking atomic write f2fs: fix to detect failure of dquot_initialize f2fs: fix race in between GC and atomic open Chen-Yu Tsai (1): Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Chengguang Xu (2): ceph: fix alignment of rasize ovl: Sync upper dirty data when syncing overlayfs Chintan Pandya (1): mm: vmalloc: avoid racy handling of debugobjects in vunmap Chris Novakovic (1): ipconfig: Correctly initialise ic_nameservers Christoph Hellwig (1): PCI: Prevent sysfs disable of device while driver is attached Christophe Leroy (2): powerpc/lib: Adjust .balign inside string functions for PPC32 powerpc/8xx: fix invalid register expression in head_8xx.S Colin Ian King (1): media: smiapp: fix timeout checking in smiapp_read_nvm Cong Wang (1): infiniband: fix a possible use-after-free bug DaeRyong Jeong (1): tty: Fix data race in tty_insert_flip_string_fixed_flag Damien Le Moal (1): libata: Fix command retry decision Dan Carpenter (1): scsi: megaraid: silence a static checker bug Daniel Díaz (1): selftests/intel_pstate: Improve test, minor fixes David Sterba (1): btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Dmitry Osipenko (2): memory: tegra: Do not handle spurious interrupts memory: tegra: Apply interrupts mask per SoC Dmitry Safonov (2): netlink: Do not subscribe to non-existent groups netlink: Don't shift with UB on nlk->ngroups Dmitry Torokhov (1): HID: i2c-hid: check if device is there before really probing Dominik Bozek (1): usb: hub: Don't wait for connect state at resume for powered-off ports Donald Shanty III (1): Input: elan_i2c - add ACPI ID for lenovo ideapad 330 Doug Oucahrek (1): staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Doug Oucharek (1): staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 Douglas Anderson (2): serial: core: Make sure compiler barfs for 16-byte earlycon names regulator: Don't return or expect -errno from of_map_mode() Emil Tantilov (1): ixgbevf: fix MAC address changes through ixgbevf_set_mac() Enric Balletbo i Serra (1): arm64: defconfig: Enable Rockchip io-domain driver Eric Biggers (1): fscrypt: use unbound workqueue for decryption Eric Dumazet (4): tcp: do not force quickack when receiving out-of-order packets tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode tcp: do not aggressively quick ack after ECN events tcp: add one more quick ack after after ECN events Ethan Lien (1): btrfs: balance dirty metadata pages in btrfs_finish_ordered_io Eugeniy Paltsev (1): NET: stmmac: align DMA stuff to largest cache line length Eyal Reizer (1): wlcore: sdio: check for valid platform device data before suspend Ezequiel Garcia (1): media: tw686x: Fix incorrect vb2_mem_ops GFP flags Filippo Muzzini (1): block, bfq: remove wrong lock in bfq_requests_merged Florent Fourcot (1): netfilter: ipset: forbid family for hash:mac sets Florian Fainelli (1): net: phy: phylink: Release link GPIO Fuyun Liang (1): net: hns3: Fixes the init of the VALID BD info in the descriptor Gal Pressman (1): net: ena: Fix use of uninitialized DMA address bits field Ganapathi Bhat (1): mwifiex: handle race during mwifiex_usb_disconnect Geert Uytterhoeven (4): vfio: platform: Fix reset module leak in error path spi: sh-msiof: Fix setting SIRMDR1.SYNCAC to match SITMDR1.SYNCAC ARM: dts: emev2: Add missing interrupt-affinity to PMU node ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Gioh Kim (1): md/raid1: add error handling of read error from FailFast device Greg Edwards (1): block: reset bi_iter.bi_done after splitting bio Greg Kroah-Hartman (1): Linux 4.14.60 Grygorii Strashko (1): net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Hans Verkuil (1): media: videobuf2-core: don't call memop 'finish' when queueing Hans de Goede (1): ACPI / LPSS: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is 2 Huang Ying (1): mm: /proc/pid/pagemap: hide swap entries from unprivileged users Huazhong Tan (1): net: hns3: Fixes the out of bounds access in hclge_map_tqp Jacob Keller (1): i40e: free the skb after clearing the bitlock Jaegeuk Kim (1): f2fs: avoid fsync() failure caused by EAGAIN in writepage() Jakub Kicinski (1): bpf: fix references to free_bpf_prog_info() in comments James Simmons (1): staging: lustre: llite: correct removexattr detection Jan Kiszka (1): PCI: Fix devm_pci_alloc_host_bridge() memory leak Jane Wan (1): mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Javier González (1): lightnvm: pblk: warn in case of corrupted write buffer Jens Remus (1): scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger Jian-Hong Pan (1): Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Jianchao Wang (1): nvme-rdma: stop admin queue before freeing it Jiri Olsa (1): perf tools: Fix pmu events parsing rule Johannes Weiner (1): arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups Jonathan Neuschäfer (1): powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet José Roberto de Souza (1): drm: Add DP PSR2 sink enable bit Jozsef Kadlecsik (1): netfilter: ipset: List timing out entries with "timeout 1" instead of zero Juergen Gross (1): xen/netfront: raise max number of slots in xennet_get_responses() Julia Lawall (1): pinctrl: at91-pio4: add missing of_node_put KT Liao (1): Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Kai Chieh Chuang (1): ASoC: dpcm: fix BE dai not hw_free and shutdown Kan Liang (2): perf/x86/intel/uncore: Correct fixed counter index check in generic code perf/x86/intel/uncore: Correct fixed counter index check for NHM Kees Cook (1): fork: unconditionally clear stack on fork Keith Busch (1): nvme-pci: Fix AER reset handling Kirill Marinushkin (2): ASoC: topology: Fix bclk and fsync inversion in set_link_hw_format() ASoC: topology: Add missing clock gating parameter when parsing hw_configs Kuninori Morimoto (1): arm64: dts: renesas: salvator-common: use audio-graph-card for Sound Laurentiu Tudor (1): irqchip/ls-scfg-msi: Map MSIs in the iommu Leon Romanovsky (2): RDMA/mad: Convert BUG_ONs to error flows RDMA/uverbs: Protect from attempts to create flows on unsupported QP Linus Torvalds (1): squashfs: be more careful about metadata corruption Lixin Wang (1): i2c: core: decrease reference count of device node in i2c_unregister_device Lorenzo Bianconi (1): ipv4: remove BUG_ON() from fib_compute_spec_dst Lorenzo Pieralisi (1): PCI: xgene: Remove leftover pci_scan_child_bus() call Luc Van Oostenryck (2): drm/radeon: fix mode_valid's return type drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Lukas Wunner (1): PCI: pciehp: Assume NoCompl+ for Thunderbolt ports Marc Zyngier (1): dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA Marco Felsch (1): watchdog: da9063: Fix updating timeout value Marek Szyprowski (1): spi: spi-s3c64xx: Fix system resume support Mark Rutland (2): kcov: ensure irq code sees a valid area drivers/perf: arm-ccn: don't log to dmesg in event_init Martin Blumenstingl (1): dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Martin Wilck (2): block: bio_iov_iter_get_pages: fix size of last iovec blkdev: __blkdev_direct_IO_simple: fix leak in error case Mathieu Malaterre (7): mm/slub.c: add __printf verification to slab_err() powerpc/32: Add a missing include header powerpc/chrp/time: Make some functions static, add missing header include powerpc/powermac: Add missing prototype for note_bootable_part() powerpc/powermac: Mark variable x as unused powerpc: Add __printf verification to prom_printf nvmem: properly handle returned value nvmem_reg_read Matthew R. Ochs (1): scsi: cxlflash: Avoid clobbering context control register value Mauro Carvalho Chehab (4): media: atomisp: ov2680: don't declare unused vars media: siano: get rid of __le32/__le16 cast warnings media: atomisp: compat32: fix __user annotations media: si470x: fix __be16 annotations Maya Erez (1): scsi: ufs: fix exception event handling Michael Chan (1): bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. Michael Grzeschik (1): usbip: dynamically allocate idev by nports found in sysfs Michal Simek (1): microblaze: Fix simpleImage format generation Michal Suchanek (1): powerpc/64s: Add barrier_nospec Michal Vokáč (5): net: dsa: qca8k: Add support for QCA8334 switch net: dsa: qca8k: Force CPU port to its highest bandwidth net: dsa: qca8k: Enable RXMAC when bringing up a port net: dsa: qca8k: Add QCA8334 binding documentation net: dsa: qca8k: Allow overwriting CPU port setting Mika Westerberg (1): PCI: pciehp: Request control of native hotplug only if supported Mimi Zohar (1): ima: based on policy verify firmware signatures (pre-allocated buffer) Neal Cardwell (1): tcp_bbr: fix bw probing to raise in-flight data for very small BDPs NeilBrown (1): staging: lustre: ldlm: free resource when ldlm_lock_create() fails. Nicholas Piggin (1): powerpc/64s: Fix compiler store ordering to SLB shadow area Olga Kornievskaia (1): skip LAYOUTRETURN if layout is invalid Omar Sandoval (2): Btrfs: don't return ino to ino cache if inode item removal fails Btrfs: don't BUG_ON() in btrfs_truncate_inode_items() Ondrej Mosnáček (1): audit: allow not equal op for audit by executable Patrice Chotard (1): ARM: dts: stih407-pinctrl: Fix complain about IRQ_TYPE_NONE usage Petr Machata (1): mlxsw: spectrum_switchdev: Fix port_vlan refcounting Qu Wenruo (1): btrfs: qgroup: Finish rescan when hit the last leaf of extent tree Sahitya Tummala (1): f2fs: Fix deadlock in shutdown ioctl Sam Bobroff (1): powerpc/eeh: Fix use-after-release of EEH driver Sami Tolvanen (1): media: media-device: fix ioctl function types Samuel Li (1): drm/amdgpu: Remove VRAM from shared bo domains. Sandipan Das (1): bpf: powerpc64: pad function address loads with NOPs Satendra Singh Thakur (1): drm/atomic: Handling the case when setting old crtc for plane Scott Mayhew (1): nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Scott Wood (1): x86/microcode: Make the late update update_lock a raw lock for RT Sean Lanigan (1): brcmfmac: Add support for bcm43364 wireless chipset Sebastian Andrzej Siewior (2): PM / wakeup: Make s2idle_lock a RAW_SPINLOCK delayacct: Use raw_spinlocks Sergey Senozhatsky (1): printk: drop in_nmi check from printk_safe_flush_on_panic() Shakeel Butt (1): kvm, mm: account shadow page tables to kmemcg Shaul Triebitz (1): iwlwifi: pcie: fix race in Rx buffer allocator Shawn Lin (1): mmc: dw_mmc: update actual clock for mmc debugfs Shivasharan S (1): scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Shuah Khan (Samsung OSG) (3): usbip: usbip_detach: Fix memory, udev context and udev leak selftests: memfd: return Kselftest Skip code for skipped tests selftests: intel_pstate: return Kselftest Skip code for skipped tests Siva Rebbagondla (2): rsi: Fix 'invalid vdd' warning in mmc rsi: fix nommu_map_sg overflow kernel panic Snild Dolkow (1): kthread, tracing: Don't expose half-written comm when creating kthreads Stefan Wahren (2): staging: vchiq_core: Fix missing semaphore release in error case net: lan78xx: fix rx handling before first packet is send Stephen Hemminger (1): hv_netvsc: fix network namespace issues with VF support Steven Rostedt (VMware) (3): tracing: Fix double free of event_trigger_data tracing: Fix possible double free in event_enable_trigger_func() tracing: Quiet gcc warning about maybe unused link variable Stewart Smith (1): hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Subhash Jadavani (1): scsi: ufs: ufshcd: fix possible unclocked register access Suman Anna (1): media: omap3isp: fix unbalanced dma_iommu_mapping Sven Eckelmann (9): ath: Add regulatory mapping for FCC3_ETSIC ath: Add regulatory mapping for ETSI8_WORLD ath: Add regulatory mapping for APL13_WORLD ath: Add regulatory mapping for APL2_FCCA ath: Add regulatory mapping for Uganda ath: Add regulatory mapping for Tanzania ath: Add regulatory mapping for Serbia ath: Add regulatory mapping for Bermuda ath: Add regulatory mapping for Bahamas Takashi Iwai (2): ALSA: emu10k1: Rate-limit error messages about page errors ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Takashi Sakamoto (1): ALSA: hda/ca0132: fix build failure when a local macro is defined Tejun Heo (1): delayacct: fix crash in delayacct_blkio_end() after delayacct init failure Terry Junge (1): HID: hid-plantronics: Re-resend Update to map button for PTT products Tetsuo Handa (1): kernel/hung_task.c: show all hung tasks before panic Theodore Ts'o (4): random: mix rdrand with entropy sent in from userspace ext4: fix inline data updates with checksums enabled ext4: check for allocation block validity with block group locked ext4: fix check to prevent initializing reserved inodes Thierry Escande (1): Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Thomas Gleixner (1): stop_machine: Use raw spinlocks Thomas Richter (2): s390/cpum_sf: Add data entry sizes to sampling trailer entry perf: fix invalid bit in diagnostic entry Thor Thayer (1): EDAC, altera: Fix ARM64 build warning Tobin C. Harding (1): mmc: pwrseq: Use kmalloc_array instead of stack VLA Tony Lindgren (1): spi: Add missing pm_runtime_put_noidle() after failed get Trond Myklebust (2): NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY pnfs: Don't release the sequence slot until we've processed layoutget on open Tudor-Dan Ambarus (2): crypto: authencesn - don't leak pointers to authenc keys crypto: authenc - don't leak pointers to authenc keys Uma Krishnan (1): scsi: cxlflash: Synchronize reset and remove ops Vic Wei (1): Bluetooth: btusb: add ID for LiteOn 04ca:301a Ville Syrjälä (1): drm/atomic-helper: Drop plane->fb references only for drm_atomic_helper_shutdown() Vincent Palatin (1): mfd: cros_ec: Fail early if we cannot identify the EC Vinicius Costa Gomes (1): igb: Fix queue selection on MAC filters on i210 Wang YanQing (1): bpf, arm32: fix inconsistent naming about emit_a32_lsr_{r64,i64} Wei Xu (1): nvme: lightnvm: add granby support Wei Yongjun (1): media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Wenwen Wang (2): scsi: 3w-9xxx: fix a missing-check bug scsi: 3w-xxxx: fix a missing-check bug Will Deacon (1): arm64: cmpwait: Clear event register before arming exclusive monitor Wolfram Sang (1): backlight: pwm_bl: Don't use GPIOF_* with gpiod_get_direction Xi Wang (1): net: hns3: Fix the missing client list node initialization Xiang Chen (1): scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw Xiao Liang (1): xen-netfront: wait xenbus state change when load module manually Xinming Hu (1): mwifiex: correct histogram data with appropriate index Xose Vazquez Perez (1): scsi: scsi_dh: replace too broad "TP9" string with the exact models Yixun Lan (1): dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Yoshihiro Shimoda (1): usb: gadget: udc: renesas_usb3: should remove debugfs Yousuk Seung (1): tcp: refactor tcp_ecn_check_ce to remove sk type cast Yufen Yu (1): md: fix NULL dereference of mddev->pers in remove_and_add_spares() Zhouyang Jia (2): ALSA: emu10k1: add error handling for snd_ctl_add ALSA: fm801: add error handling for snd_ctl_add tangpengpeng (1): net: fix amd-xgbe flow-control issue

7 years, 1 month

1
1
0 0

[PATCH 4.9 000/144] 4.9.117-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.117 release. There are 144 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri Aug 3 16:49:15 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.117-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.117-rc1 Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Allow overwriting CPU port setting Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Add QCA8334 binding documentation Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Enable RXMAC when bringing up a port Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Force CPU port to its highest bandwidth Leon Romanovsky <leonro(a)mellanox.com> RDMA/uverbs: Protect from attempts to create flows on unsupported QP Theodore Ts'o <tytso(a)mit.edu> ext4: check for allocation block validity with block group locked Theodore Ts'o <tytso(a)mit.edu> ext4: fix inline data updates with checksums enabled Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: be more careful about metadata corruption Theodore Ts'o <tytso(a)mit.edu> random: mix rdrand with entropy sent in from userspace José Roberto de Souza <jose.souza(a)intel.com> drm: Add DP PSR2 sink enable bit Mauro Carvalho Chehab <mchehab(a)kernel.org> media: si470x: fix __be16 annotations Shivasharan S <shivasharan.srikanteshwara(a)broadcom.com> scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Xose Vazquez Perez <xose.vazquez(a)gmail.com> scsi: scsi_dh: replace too broad "TP9" string with the exact models Suman Anna <s-anna(a)ti.com> media: omap3isp: fix unbalanced dma_iommu_mapping Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authenc - don't leak pointers to authenc keys Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authencesn - don't leak pointers to authenc keys Dominik Bozek <dominikx.bozek(a)intel.com> usb: hub: Don't wait for connect state at resume for powered-off ports Michal Simek <michal.simek(a)xilinx.com> microblaze: Fix simpleImage format generation Douglas Anderson <dianders(a)chromium.org> serial: core: Make sure compiler barfs for 16-byte earlycon names NeilBrown <neilb(a)suse.com> staging: lustre: ldlm: free resource when ldlm_lock_create() fails. James Simmons <jsimmons(a)infradead.org> staging: lustre: llite: correct removexattr detection Ondrej Mosnáček <omosnace(a)redhat.com> audit: allow not equal op for audit by executable Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> rsi: Fix 'invalid vdd' warning in mmc Chris Novakovic <chris(a)chrisn.me.uk> ipconfig: Correctly initialise ic_nameservers Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Enric Balletbo i Serra <enric.balletbo(a)collabora.com> arm64: defconfig: Enable Rockchip io-domain driver Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Apply interrupts mask per SoC Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Do not handle spurious interrupts Thomas Gleixner <tglx(a)linutronix.de> stop_machine: Use raw spinlocks Kirill Tkhai <ktkhai(a)virtuozzo.com> fasync: Fix deadlock between task-context and interrupt-context kill_fasync() Yixun Lan <yixun.lan(a)amlogic.com> dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Tobin C. Harding <me(a)tobin.cc> mmc: pwrseq: Use kmalloc_array instead of stack VLA Shawn Lin <shawn.lin(a)rock-chips.com> mmc: dw_mmc: update actual clock for mmc debugfs Takashi Sakamoto <o-takashi(a)sakamocchi.jp> ALSA: hda/ca0132: fix build failure when a local macro is defined Satendra Singh Thakur <satendra.t(a)samsung.com> drm/atomic: Handling the case when setting old crtc for plane Mauro Carvalho Chehab <mchehab(a)kernel.org> media: siano: get rid of __le32/__le16 cast warnings Jakub Kicinski <jakub.kicinski(a)netronome.com> bpf: fix references to free_bpf_prog_info() in comments Bartlomiej Zolnierkiewicz <b.zolnierkie(a)samsung.com> thermal: exynos: fix setting rising_threshold for Exynos5433 Doug Oucahrek <dougso(a)me.com> staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Dan Carpenter <dan.carpenter(a)oracle.com> scsi: megaraid: silence a static checker bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-xxxx: fix a missing-check bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-9xxx: fix a missing-check bug Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. Thomas Richter <tmricht(a)linux.ibm.com> perf: fix invalid bit in diagnostic entry Thomas Richter <tmricht(a)linux.ibm.com> s390/cpum_sf: Add data entry sizes to sampling trailer entry Sean Lanigan <sean(a)lano.id.au> brcmfmac: Add support for bcm43364 wireless chipset Jane Wan <Jane.Wan(a)nokia.com> mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Brad Love <brad(a)nextdimension.cc> media: saa7164: Fix driver name in debug output Sami Tolvanen <samitolvanen(a)google.com> media: media-device: fix ioctl function types Damien Le Moal <damien.lemoal(a)wdc.com> libata: Fix command retry decision Wei Yongjun <yongjun_wei(a)trendmicro.com.cn> media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Marc Zyngier <marc.zyngier(a)arm.com> dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA DaeRyong Jeong <threeearcat(a)gmail.com> tty: Fix data race in tty_insert_flip_string_fixed_flag Mathieu Malaterre <malat(a)debian.org> nvmem: properly handle returned value nvmem_reg_read Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: emev2: Add missing interrupt-affinity to PMU node Thor Thayer <thor.thayer(a)linux.intel.com> EDAC, altera: Fix ARM64 build warning Dmitry Torokhov <dtor(a)chromium.org> HID: i2c-hid: check if device is there before really probing Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/radeon: fix mode_valid's return type Terry Junge <terry.junge(a)plantronics.com> HID: hid-plantronics: Re-resend Update to map button for PTT products Will Deacon <will.deacon(a)arm.com> arm64: cmpwait: Clear event register before arming exclusive monitor Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Grygorii Strashko <grygorii.strashko(a)ti.com> net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Colin Ian King <colin.king(a)canonical.com> media: smiapp: fix timeout checking in smiapp_read_nvm Emil Tantilov <emil.s.tantilov(a)intel.com> ixgbevf: fix MAC address changes through ixgbevf_set_mac() Yufen Yu <yuyufen(a)huawei.com> md: fix NULL dereference of mddev->pers in remove_and_add_spares() Anson Huang <Anson.Huang(a)nxp.com> regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Takashi Iwai <tiwai(a)suse.de> ALSA: emu10k1: Rate-limit error messages about page errors Maya Erez <merez(a)codeaurora.org> scsi: ufs: fix exception event handling Eric Biggers <ebiggers(a)google.com> fscrypt: use unbound workqueue for decryption Mark Rutland <mark.rutland(a)arm.com> drivers/perf: arm-ccn: don't log to dmesg in event_init Mimi Zohar <zohar(a)linux.vnet.ibm.com> ima: based on policy verify firmware signatures (pre-allocated buffer) Xinming Hu <huxm(a)marvell.com> mwifiex: correct histogram data with appropriate index Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Add support for QCA8334 switch Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: pciehp: Request control of native hotplug only if supported Sandipan Das <sandipan(a)linux.vnet.ibm.com> bpf: powerpc64: pad function address loads with NOPs Julia Lawall <Julia.Lawall(a)lip6.fr> pinctrl: at91-pio4: add missing of_node_put Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/8xx: fix invalid register expression in head_8xx.S Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Mark variable x as unused Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Add missing prototype for note_bootable_part() Mathieu Malaterre <malat(a)debian.org> powerpc/chrp/time: Make some functions static, add missing header include Mathieu Malaterre <malat(a)debian.org> powerpc/32: Add a missing include header Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bahamas Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bermuda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Serbia Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Tanzania Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Uganda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL2_FCCA Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL13_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for ETSI8_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for FCC3_ETSIC Christoph Hellwig <hch(a)lst.de> PCI: Prevent sysfs disable of device while driver is attached Qu Wenruo <wqu(a)suse.com> btrfs: qgroup: Finish rescan when hit the last leaf of extent tree David Sterba <dsterba(a)suse.com> btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Hans Verkuil <hans.verkuil(a)cisco.com> media: videobuf2-core: don't call memop 'finish' when queueing Ezequiel Garcia <ezequiel(a)collabora.com> media: tw686x: Fix incorrect vb2_mem_ops GFP flags Eyal Reizer <eyalreizer(a)gmail.com> wlcore: sdio: check for valid platform device data before suspend Ganapathi Bhat <gbhat(a)marvell.com> mwifiex: handle race during mwifiex_usb_disconnect Vincent Palatin <vpalatin(a)chromium.org> mfd: cros_ec: Fail early if we cannot identify the EC Kai Chieh Chuang <kaichieh.chuang(a)mediatek.com> ASoC: dpcm: fix BE dai not hw_free and shutdown Jian-Hong Pan <jian-hong(a)endlessm.com> Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Thierry Escande <thierry.escande(a)linaro.org> Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Shaul Triebitz <shaul.triebitz(a)intel.com> iwlwifi: pcie: fix race in Rx buffer allocator Daniel Díaz <daniel.diaz(a)linaro.org> selftests/intel_pstate: Improve test, minor fixes Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check for NHM Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check in generic code Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_detach: Fix memory, udev context and udev leak Chao Yu <yuchao0(a)huawei.com> f2fs: fix race in between GC and atomic open Sahitya Tummala <stummala(a)codeaurora.org> f2fs: Fix deadlock in shutdown ioctl Chao Yu <yuchao0(a)huawei.com> f2fs: fix to wait page writeback during revoking atomic write Chao Yu <yuchao0(a)huawei.com> f2fs: fix to don't trigger writeback during recovery Chao Yu <yuchao0(a)huawei.com> f2fs: fix error path of move_data_page Anatoly Pugachev <matorola(a)gmail.com> disable loading f2fs module on PAGE_SIZE > 4KB Trond Myklebust <trond.myklebust(a)hammerspace.com> pnfs: Don't release the sequence slot until we've processed layoutget on open Alexey Kodanev <alexey.kodanev(a)oracle.com> netfilter: nf_tables: check msg_type before nft_trans_set(trans) Leon Romanovsky <leonro(a)mellanox.com> RDMA/mad: Convert BUG_ONs to error flows Nicholas Piggin <npiggin(a)gmail.com> powerpc/64s: Fix compiler store ordering to SLB shadow area Stewart Smith <stewart(a)linux.ibm.com> hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Sam Bobroff <sbobroff(a)linux.ibm.com> powerpc/eeh: Fix use-after-release of EEH driver Cong Wang <xiyou.wangcong(a)gmail.com> infiniband: fix a possible use-after-free bug Jozsef Kadlecsik <kadlec(a)blackhole.kfki.hu> netfilter: ipset: List timing out entries with "timeout 1" instead of zero Jiri Olsa <jolsa(a)kernel.org> perf tools: Fix pmu events parsing rule Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: ensure rtc_set_alarm fails when alarms are not supported Mathieu Malaterre <malat(a)debian.org> mm/slub.c: add __printf verification to slab_err() Chintan Pandya <cpandya(a)codeaurora.org> mm: vmalloc: avoid racy handling of debugobjects in vunmap Geert Uytterhoeven <geert+renesas(a)glider.be> vfio: platform: Fix reset module leak in error path Scott Mayhew <smayhew(a)redhat.com> nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: fm801: add error handling for snd_ctl_add Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: emu10k1: add error handling for snd_ctl_add Juergen Gross <jgross(a)suse.com> xen/netfront: raise max number of slots in xennet_get_responses() Mark Rutland <mark.rutland(a)arm.com> kcov: ensure irq code sees a valid area Antti Seppälä <a.seppala(a)gmail.com> usb: dwc2: Fix DMA alignment to start at allocated boundary Johannes Weiner <hannes(a)cmpxchg.org> arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Quiet gcc warning about maybe unused link variable Artem Savkov <asavkov(a)redhat.com> tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Snild Dolkow <snild(a)sony.com> kthread, tracing: Don't expose half-written comm when creating kthreads Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix possible double free in event_enable_trigger_func() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix double free of event_trigger_data Shakeel Butt <shakeelb(a)google.com> kvm, mm: account shadow page tables to kmemcg KT Liao <kt.liao(a)emc.com.tw> Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Chen-Yu Tsai <wens(a)csie.org> Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Donald Shanty III <dshanty(a)protonmail.com> Input: elan_i2c - add ACPI ID for lenovo ideapad 330 ------------- Diffstat: .../devicetree/bindings/net/dsa/qca8k.txt | 23 +++++++++- .../devicetree/bindings/net/meson-dwmac.txt | 1 + .../devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 + Makefile | 4 +- arch/arm/boot/dts/emev2.dtsi | 5 ++- arch/arm/boot/dts/sh73a0.dtsi | 5 ++- arch/arm64/configs/defconfig | 2 + arch/arm64/include/asm/cmpxchg.h | 4 +- arch/arm64/mm/init.c | 4 +- arch/microblaze/boot/Makefile | 10 +++-- arch/powerpc/kernel/eeh_driver.c | 28 +++++++----- arch/powerpc/kernel/head_8xx.S | 2 +- arch/powerpc/kernel/pci_32.c | 1 + arch/powerpc/mm/slb.c | 8 ++-- arch/powerpc/net/bpf_jit_comp64.c | 34 +++++++++----- arch/powerpc/platforms/chrp/time.c | 6 ++- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 +++ arch/powerpc/platforms/powermac/bootx_init.c | 4 +- arch/powerpc/platforms/powermac/setup.c | 1 + arch/s390/include/asm/cpu_mf.h | 6 ++- arch/x86/events/intel/uncore.c | 2 +- arch/x86/events/intel/uncore_nhmex.c | 2 +- arch/x86/kvm/mmu.c | 2 +- crypto/authenc.c | 1 + crypto/authencesn.c | 1 + drivers/acpi/pci_root.c | 4 +- drivers/ata/libata-eh.c | 12 +++-- drivers/bluetooth/btusb.c | 3 ++ drivers/bluetooth/hci_qca.c | 2 +- drivers/bus/arm-ccn.c | 20 ++++----- drivers/char/random.c | 10 ++++- drivers/edac/altera_edac.c | 2 +- drivers/gpu/drm/drm_atomic.c | 4 +- drivers/gpu/drm/gma500/psb_intel_drv.h | 2 +- drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 +- drivers/gpu/drm/radeon/radeon_connectors.c | 10 ++--- drivers/hid/hid-plantronics.c | 6 ++- drivers/hid/i2c-hid/i2c-hid.c | 8 ++++ drivers/infiniband/core/mad.c | 11 +++-- drivers/infiniband/core/ucma.c | 6 ++- drivers/infiniband/core/uverbs_cmd.c | 5 +++ drivers/input/mouse/elan_i2c_core.c | 2 + drivers/input/serio/i8042-x86ia64io.h | 7 +++ drivers/md/md.c | 3 ++ drivers/media/common/siano/smsendian.c | 14 +++--- drivers/media/i2c/smiapp/smiapp-core.c | 11 +++-- drivers/media/media-device.c | 21 ++++----- drivers/media/pci/saa7164/saa7164-fw.c | 3 +- drivers/media/pci/tw686x/tw686x-video.c | 3 +- drivers/media/platform/omap3isp/isp.c | 7 +-- drivers/media/platform/rcar_jpu.c | 4 +- drivers/media/radio/si470x/radio-si470x-i2c.c | 6 +-- drivers/media/v4l2-core/videobuf2-core.c | 9 ++-- drivers/memory/tegra/mc.c | 22 +++------ drivers/memory/tegra/mc.h | 9 ++++ drivers/memory/tegra/tegra114.c | 2 + drivers/memory/tegra/tegra124.c | 6 +++ drivers/memory/tegra/tegra210.c | 3 ++ drivers/memory/tegra/tegra30.c | 2 + drivers/mfd/cros_ec.c | 6 ++- drivers/mmc/core/pwrseq_simple.c | 14 +++--- drivers/mmc/host/dw_mmc.c | 4 ++ drivers/mtd/nand/fsl_ifc_nand.c | 17 ++++--- drivers/net/dsa/qca8k.c | 52 +++++++++++++++++++++- drivers/net/dsa/qca8k.h | 7 ++- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 ++ drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 + drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 +++- drivers/net/wireless/ath/regd.h | 5 +++ drivers/net/wireless/ath/regd_common.h | 13 ++++++ .../wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 + drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 + drivers/net/wireless/marvell/mwifiex/usb.c | 3 ++ drivers/net/wireless/marvell/mwifiex/util.c | 8 ++-- drivers/net/wireless/rsi/rsi_91x_sdio.c | 2 - drivers/net/wireless/ti/wlcore/sdio.c | 5 +++ drivers/net/xen-netfront.c | 4 +- drivers/nvmem/core.c | 7 +++ drivers/pci/pci-sysfs.c | 15 ++++--- drivers/pinctrl/pinctrl-at91-pio4.c | 4 +- drivers/regulator/pfuze100-regulator.c | 1 + drivers/rtc/interface.c | 5 +++ drivers/scsi/3w-9xxx.c | 5 +++ drivers/scsi/3w-xxxx.c | 3 ++ drivers/scsi/megaraid.c | 3 ++ drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 ++ drivers/scsi/scsi_dh.c | 5 ++- drivers/scsi/ufs/ufshcd.c | 2 + .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 18 +++++--- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 ++- drivers/staging/lustre/lustre/llite/xattr.c | 6 ++- drivers/thermal/samsung/exynos_tmu.c | 1 + drivers/tty/hvc/hvc_opal.c | 1 - drivers/tty/pty.c | 3 ++ drivers/usb/core/hub.c | 4 ++ drivers/usb/dwc2/hcd.c | 44 +++++++++--------- drivers/vfio/platform/vfio_platform_common.c | 15 ++++--- fs/btrfs/qgroup.c | 19 ++++++++ fs/btrfs/tree-log.c | 10 ++++- fs/crypto/crypto.c | 11 ++++- fs/ext4/balloc.c | 3 ++ fs/ext4/ialloc.c | 3 ++ fs/ext4/inline.c | 19 ++++---- fs/ext4/inode.c | 16 +++---- fs/f2fs/file.c | 14 ++++-- fs/f2fs/gc.c | 11 +++-- fs/f2fs/segment.c | 5 +++ fs/f2fs/super.c | 6 +++ fs/fcntl.c | 15 +++---- fs/nfs/nfs4proc.c | 3 +- fs/nfsd/nfs4xdr.c | 2 + fs/squashfs/cache.c | 3 ++ fs/squashfs/file.c | 8 +++- fs/squashfs/fragment.c | 4 +- fs/squashfs/squashfs_fs.h | 6 +++ include/drm/drm_dp_helper.h | 1 + include/linux/dma-iommu.h | 1 + include/linux/fs.h | 2 +- include/linux/mmc/sdio_ids.h | 1 + include/linux/netfilter/ipset/ip_set_timeout.h | 10 ++++- include/linux/serial_core.h | 3 +- include/soc/tegra/mc.h | 2 + kernel/auditfilter.c | 2 +- kernel/auditsc.c | 2 + kernel/bpf/verifier.c | 4 +- kernel/kcov.c | 3 +- kernel/kthread.c | 8 +++- kernel/stop_machine.c | 24 +++++----- kernel/trace/trace_events_trigger.c | 18 +++++--- kernel/trace/trace_kprobe.c | 15 ++++++- mm/slub.c | 2 +- mm/vmalloc.c | 3 +- net/ipv4/ipconfig.c | 13 ++++++ net/netfilter/nf_tables_api.c | 11 ++--- security/integrity/ima/ima_main.c | 1 + sound/pci/emu10k1/emupcm.c | 4 +- sound/pci/emu10k1/memory.c | 6 +-- sound/pci/fm801.c | 16 +++++-- sound/pci/hda/patch_ca0132.c | 8 +++- sound/soc/soc-pcm.c | 6 ++- sound/usb/pcm.c | 2 +- tools/perf/util/parse-events.y | 14 +++++- tools/testing/selftests/intel_pstate/run.sh | 24 +++++----- tools/usb/usbip/src/usbip_detach.c | 9 ++-- 144 files changed, 775 insertions(+), 308 deletions(-)

7 years, 1 month

6
134
0 0

[PATCH 4.17 000/336] 4.17.12-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.17.12 release. There are 336 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri Aug 3 16:49:21 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.17.12-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.17.12-rc1 Erik Schmauss <erik.schmauss(a)intel.com> ACPICA: AML Parser: ignore control method status in module-level code Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI / LPSS: Avoid PM quirks on suspend and resume from hibernation Lawrence Brakmo <brakmo(a)fb.com> tcp: ack immediately when a cwr packet arrives Eric Dumazet <edumazet(a)google.com> tcp: add one more quick ack after after ECN events Yousuk Seung <ysseung(a)google.com> tcp: refactor tcp_ecn_check_ce to remove sk type cast Eric Dumazet <edumazet(a)google.com> tcp: do not aggressively quick ack after ECN events Eric Dumazet <edumazet(a)google.com> tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode Eric Dumazet <edumazet(a)google.com> tcp: do not force quickack when receiving out-of-order packets Dmitry Safonov <dima(a)arista.com> netlink: Don't shift with UB on nlk->ngroups Dmitry Safonov <dima(a)arista.com> netlink: Do not subscribe to non-existent groups Tariq Toukan <tariqt(a)mellanox.com> net: rollback orig value on failure of dev_qdisc_change_tx_queue_len Arjun Vynipadath <arjun(a)chelsio.com> cxgb4: Added missing break in ndo_udp_tunnel_{add/del} Xiao Liang <xiliang(a)redhat.com> xen-netfront: wait xenbus state change when load module manually Toshiaki Makita <makita.toshiaki(a)lab.ntt.co.jp> virtio_net: Fix incosistent received bytes counter Neal Cardwell <ncardwell(a)google.com> tcp_bbr: fix bw probing to raise in-flight data for very small BDPs Avinash Repaka <avinash.repaka(a)oracle.com> RDS: RDMA: Fix the NULL-ptr deref in rds_ib_get_mr Eugeniy Paltsev <Eugeniy.Paltsev(a)synopsys.com> NET: stmmac: align DMA stuff to largest cache line length Anton Vasilyev <vasilyev(a)ispras.ru> net: mdio-mux: bcm-iproc: fix wrong getter and setter pair Stefan Wahren <stefan.wahren(a)i2se.com> net: lan78xx: fix rx handling before first packet is send tangpengpeng <tangpengpeng(a)higon.com> net: fix amd-xgbe flow-control issue Gal Pressman <pressmangal(a)gmail.com> net: ena: Fix use of uninitialized DMA address bits field Jakub Kicinski <jakub.kicinski(a)netronome.com> netdevsim: don't leak devlink resources Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> ipv4: remove BUG_ON() from fib_compute_spec_dst Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Allow overwriting CPU port setting Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Add QCA8334 binding documentation Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Enable RXMAC when bringing up a port Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Force CPU port to its highest bandwidth Leon Romanovsky <leon(a)kernel.org> RDMA/uverbs: Protect from attempts to create flows on unsupported QP Masahiro Yamada <yamada.masahiro(a)socionext.com> gpio: uniphier: set legitimate irq trigger type in .to_irq hook Linus Walleij <linus.walleij(a)linaro.org> gpio: of: Handle fixed regulator flags properly Theodore Ts'o <tytso(a)mit.edu> ext4: fix check to prevent initializing reserved inodes Theodore Ts'o <tytso(a)mit.edu> ext4: check for allocation block validity with block group locked Theodore Ts'o <tytso(a)mit.edu> ext4: fix inline data updates with checksums enabled Theodore Ts'o <tytso(a)mit.edu> ext4: fix false negatives *and* false positives in ext4_check_descriptors() Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: be more careful about metadata corruption Theodore Ts'o <tytso(a)mit.edu> random: mix rdrand with entropy sent in from userspace Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: rcar: handle RXDMA HW behaviour on Gen3 James Smart <jsmart2021(a)gmail.com> nvmet-fc: fix target sgl list on large transfers Greg Edwards <gedwards(a)ddn.com> block: reset bi_iter.bi_done after splitting bio Martin Wilck <mwilck(a)suse.com> blkdev: __blkdev_direct_IO_simple: fix leak in error case Martin Wilck <mwilck(a)suse.com> block: bio_iov_iter_get_pages: fix size of last iovec Felix Kuehling <Felix.Kuehling(a)amd.com> drm/amdgpu: Avoid reclaim while holding locks taken in MMU notifier Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> drm/dp/mst: Fix off-by-one typo when dump payload table Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/atomic-helper: Drop plane->fb references only for drm_atomic_helper_shutdown() José Roberto de Souza <jose.souza(a)intel.com> drm: Add DP PSR2 sink enable bit Fabio Estevam <fabio.estevam(a)nxp.com> ARM: dts: imx6qdl-wandboard: Let the codec control MCLK pinctrl Kirill Marinushkin <k.marinushkin(a)gmail.com> ASoC: topology: Add missing clock gating parameter when parsing hw_configs Kirill Marinushkin <k.marinushkin(a)gmail.com> ASoC: topology: Fix bclk and fsync inversion in set_link_hw_format() Masahisa KOJIMA <masahisa.kojima(a)linaro.org> net: socionext: reset hardware in ndo_stop Mauro Carvalho Chehab <mchehab(a)kernel.org> media: si470x: fix __be16 annotations Hans Verkuil <hverkuil(a)xs4all.nl> media: cec: fix smatch error Mauro Carvalho Chehab <mchehab(a)kernel.org> media: atomisp: compat32: fix __user annotations Bjorn Helgaas <bhelgaas(a)google.com> PCI/ASPM: Disable ASPM L1.2 Substate if we don't have LTR Matthew R. Ochs <mrochs(a)linux.vnet.ibm.com> scsi: cxlflash: Avoid clobbering context control register value Uma Krishnan <ukrishn(a)linux.vnet.ibm.com> scsi: cxlflash: Synchronize reset and remove ops Shivasharan S <shivasharan.srikanteshwara(a)broadcom.com> scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Xose Vazquez Perez <xose.vazquez(a)gmail.com> scsi: scsi_dh: replace too broad "TP9" string with the exact models Philippe CORNU <philippe.cornu(a)st.com> drm/stm: ltdc: fix warning in ltdc_crtc_update_clut() Thomas Hebb <tommyhebb(a)gmail.com> ath10k: search all IEs for variant before falling back Douglas Anderson <dianders(a)chromium.org> regulator: Don't return or expect -errno from of_map_mode() Suman Anna <s-anna(a)ti.com> media: omap3isp: fix unbalanced dma_iommu_mapping Sean Young <sean(a)mess.org> media: rc: mce_kbd decoder: low timeout values cause double keydowns Arnd Bergmann <arnd(a)arndb.de> y2038: ipc: Use ktime_get_real_seconds consistently Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authenc - don't leak pointers to authenc keys Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authencesn - don't leak pointers to authenc keys Dominik Bozek <dominikx.bozek(a)intel.com> usb: hub: Don't wait for connect state at resume for powered-off ports Michal Simek <michal.simek(a)xilinx.com> microblaze: Fix simpleImage format generation Andrey Smirnov <andrew.smirnov(a)gmail.com> soc: imx: gpcv2: Do not pass static memory as platform data Douglas Anderson <dianders(a)chromium.org> serial: core: Make sure compiler barfs for 16-byte earlycon names Sergio Paracuellos <sergio.paracuellos(a)gmail.com> staging: ks7010: fix error handling in ks7010_upload_firmware NeilBrown <neilb(a)suse.com> staging: lustre: ldlm: free resource when ldlm_lock_create() fails. James Simmons <jsimmons(a)infradead.org> staging: lustre: llite: correct removexattr detection Stefan Wahren <stefan.wahren(a)i2se.com> staging: vchiq_core: Fix missing semaphore release in error case Mario Limonciello <mario.limonciello(a)dell.com> platform/x86: dell-smbios: Match on www.dell.com in OEM strings too Tomasz Figa <tfiga(a)chromium.org> drm/rockchip: analogix_dp: Do not call Analogix code before bind Ondrej Mosnáček <omosnace(a)redhat.com> audit: allow not equal op for audit by executable Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> rsi: fix nommu_map_sg overflow kernel panic Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> rsi: Fix 'invalid vdd' warning in mmc Chris Novakovic <chris(a)chrisn.me.uk> ipconfig: Correctly initialise ic_nameservers Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Gustavo A. R. Silva <gustavo(a)embeddedor.com> qtnfmac: pearl: pcie: fix memory leak in qtnf_fw_work_handler Vinicius Costa Gomes <vinicius.gomes(a)intel.com> igb: Fix queue selection on MAC filters on i210 Charles Keepax <ckeepax(a)opensource.cirrus.com> ASoC: compress: Only call free for components which have been opened Enric Balletbo i Serra <enric.balletbo(a)collabora.com> arm64: defconfig: Enable Rockchip io-domain driver Fabio Estevam <fabio.estevam(a)nxp.com> ASoC: fsl_ssi: Use u32 variable type when using regmap_read() Wei Xu <wxu(a)cnexlabs.com> nvme: lightnvm: add granby support Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Apply interrupts mask per SoC Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Do not handle spurious interrupts Tamizh Chelvam <tamizhr(a)codeaurora.org> ath10k: fix kernel panic while reading tpc_stats Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> delayacct: Use raw_spinlocks Thomas Gleixner <tglx(a)linutronix.de> stop_machine: Use raw spinlocks Wolfram Sang <wsa+renesas(a)sang-engineering.com> backlight: pwm_bl: Don't use GPIOF_* with gpiod_get_direction Felix Fietkau <nbd(a)nbd.name> mt76: add rcu locking around tx scheduling Jacob Keller <jacob.e.keller(a)intel.com> i40e: avoid overflow in i40e_ptp_adjfreq() Jakub Pawlak <jakub.pawlak(a)intel.com> i40e: Add advertising 10G LR mode Kirill Tkhai <ktkhai(a)virtuozzo.com> fasync: Fix deadlock between task-context and interrupt-context kill_fasync() Yixun Lan <yixun.lan(a)amlogic.com> dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Huazhong Tan <tanhuazhong(a)huawei.com> net: hns3: Fixes the out of bounds access in hclge_map_tqp Alexey Khoroshilov <khoroshilov(a)ispras.ru> spi: meson-spicc: Fix error handling in meson_spicc_probe() Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Tobin C. Harding <me(a)tobin.cc> mmc: pwrseq: Use kmalloc_array instead of stack VLA Shawn Lin <shawn.lin(a)rock-chips.com> mmc: dw_mmc: update actual clock for mmc debugfs Takashi Sakamoto <o-takashi(a)sakamocchi.jp> ALSA: hda/ca0132: fix build failure when a local macro is defined Ido Schimmel <idosch(a)mellanox.com> mlxsw: spectrum_router: Return an error for non-default FIB rules Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: check cap_resource only for data blocks Kishon Vijay Abraham I <kishon(a)ti.com> mmc: sdhci-omap: Fix when capabilities are obtained from SDHCI_CAPABILITIES reg Satendra Singh Thakur <satendra.t(a)samsung.com> drm/atomic: Handling the case when setting old crtc for plane Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> mt76x2: fix avg_rssi estimation Mauro Carvalho Chehab <mchehab(a)kernel.org> media: siano: get rid of __le32/__le16 cast warnings Mauro Carvalho Chehab <mchehab(a)kernel.org> media: em28xx: fix a regression with HVR-950 Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: avoid fsync() failure caused by EAGAIN in writepage() Jakub Kicinski <jakub.kicinski(a)netronome.com> bpf: fix references to free_bpf_prog_info() in comments Changbin Du <changbin.du(a)intel.com> regulator: add dummy function of_find_regulator_by_node Bartlomiej Zolnierkiewicz <b.zolnierkie(a)samsung.com> thermal: exynos: fix setting rising_threshold for Exynos5433 Doug Oucharek <dougso(a)me.com> staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 Doug Oucahrek <dougso(a)me.com> staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Takashi Iwai <tiwai(a)suse.de> dma-direct: try reallocation with GFP_DMA32 if possible Chad Dupuis <chad.dupuis(a)cavium.com> scsi: qedf: Set the UNLOADING flag when removing a vport Viresh Kumar <viresh.kumar(a)linaro.org> soc/tegra: pmc: Don't allocate struct tegra_powergate on stack Xiang Chen <chenxiang66(a)hisilicon.com> scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw Dan Carpenter <dan.carpenter(a)oracle.com> scsi: megaraid: silence a static checker bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-xxxx: fix a missing-check bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-9xxx: fix a missing-check bug Christian Gromm <christian.gromm(a)microchip.com> staging: most: cdev: fix chrdev_region leak Ram Pai <linuxram(a)us.ibm.com> mm, powerpc, x86: define VM_PKEY_BITx bits if CONFIG_ARCH_HAS_PKEYS is enabled Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Always forward VF MAC address to the PF. Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. Antoine Tenart <antoine.tenart(a)bootlin.com> net: phy: sfp: handle cases where neither BR, min nor BR, max is given Thomas Richter <tmricht(a)linux.ibm.com> perf: fix invalid bit in diagnostic entry Thomas Richter <tmricht(a)linux.ibm.com> s390/cpum_sf: Add data entry sizes to sampling trailer entry Sean Lanigan <sean(a)lano.id.au> brcmfmac: Add support for bcm43364 wireless chipset Jane Wan <Jane.Wan(a)nokia.com> mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Brad Love <brad(a)nextdimension.cc> media: em28xx: Fix DualHD broken second tuner Jacopo Mondi <jacopo+renesas(a)jmondi.org> media: renesas-ceu: Set mbus_fmt on subdev operations Brad Love <brad(a)nextdimension.cc> media: saa7164: Fix driver name in debug output Sami Tolvanen <samitolvanen(a)google.com> media: media-device: fix ioctl function types Hans de Goede <hdegoede(a)redhat.com> ACPI / LPSS: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is 2 Damien Le Moal <damien.lemoal(a)wdc.com> libata: Fix command retry decision Wei Yongjun <yongjun_wei(a)trendmicro.com.cn> media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Florian Fainelli <f.fainelli(a)gmail.com> net: phy: phylink: Release link GPIO Marc Zyngier <marc.zyngier(a)arm.com> dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA DaeRyong Jeong <threeearcat(a)gmail.com> tty: Fix data race in tty_insert_flip_string_fixed_flag Jacob Keller <jacob.e.keller(a)intel.com> i40e: free the skb after clearing the bitlock Rob Herring <robh(a)kernel.org> ARM: dts: imx53: Fix LDB OF graph warning Mathieu Malaterre <malat(a)debian.org> nvmem: properly handle returned value nvmem_reg_read Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: emev2: Add missing interrupt-affinity to PMU node Patrice Chotard <patrice.chotard(a)st.com> ARM: dts: stih407-pinctrl: Fix complain about IRQ_TYPE_NONE usage Patrice Chotard <patrice.chotard(a)st.com> ARM: dts: stih410: Fix complain about IRQ_TYPE_NONE usage Sanjay Kumar Konduri <sanjay.konduri(a)redpinesignals.com> rsi: Add null check for virtual interfaces in wowlan config Thor Thayer <thor.thayer(a)linux.intel.com> EDAC, altera: Fix ARM64 build warning Dmitry Torokhov <dtor(a)chromium.org> HID: i2c-hid: check if device is there before really probing Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet Ben Hutchings <ben(a)decadent.org.uk> IB: Fix RDMA_RXE and INFINIBAND_RDMAVT dependencies for DMA_VIRT_OPS Leo (Sunpeng) Li <sunpeng.li(a)amd.com> drm/amd/display: Fix dim display on DCE11 Samuel Li <Samuel.Li(a)amd.com> drm/amdgpu: Remove VRAM from shared bo domains. Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/radeon: fix mode_valid's return type Shirish S <shirish.s(a)amd.com> drm/amd/display: remove need of modeset flag for overlay planes (V2) Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> arm64: dts: renesas: salvator-common: use audio-graph-card for Sound Terry Junge <terry.junge(a)plantronics.com> HID: hid-plantronics: Re-resend Update to map button for PTT products Will Deacon <will.deacon(a)arm.com> arm64: cmpwait: Clear event register before arming exclusive monitor Mauro Carvalho Chehab <mchehab(a)kernel.org> media: staging: atomisp: Comment out several unused sensor resolutions Mauro Carvalho Chehab <mchehab(a)kernel.org> media: atomisp: ov2680: don't declare unused vars Yunsheng Lin <linyunsheng(a)huawei.com> net: hns3: Fix for fiber link up problem Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Grygorii Strashko <grygorii.strashko(a)ti.com> net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Mathieu Malaterre <malat(a)debian.org> clocksource: Move inline keyword to the beginning of function declarations Oza Pawandeep <poza(a)codeaurora.org> PCI/DPC: Clear interrupt status in interrupt handler top half Colin Ian King <colin.king(a)canonical.com> media: smiapp: fix timeout checking in smiapp_read_nvm Thierry Reding <treding(a)nvidia.com> gpu: host1x: Acquire a reference to the IOVA cache Emil Tantilov <emil.s.tantilov(a)intel.com> ixgbevf: fix MAC address changes through ixgbevf_set_mac() Yufen Yu <yuyufen(a)huawei.com> md: fix NULL dereference of mddev->pers in remove_and_add_spares() Gioh Kim <gi-oh.kim(a)profitbricks.com> md/raid1: add error handling of read error from FailFast device Anson Huang <Anson.Huang(a)nxp.com> regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Takashi Iwai <tiwai(a)suse.de> ALSA: emu10k1: Rate-limit error messages about page errors Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: tps65910: fix possible race condition Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: vr41xx: fix possible race condition Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: tps6586x: fix possible race condition Vic Wei <vwei(a)codeaurora.org> Bluetooth: btusb: add ID for LiteOn 04ca:301a Ben Skeggs <bskeggs(a)redhat.com> drm/nouveau/fifo/gk104-: poll for runlist update completion Ben Skeggs <bskeggs(a)redhat.com> drm/nouveau/gem: lookup VMAs for buffers referenced by pushbuf ioctl Ben Skeggs <bskeggs(a)redhat.com> drm/nouveau: remove fence wait code from deferred client work handler Jens Remus <jremus(a)linux.ibm.com> scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger Maya Erez <merez(a)codeaurora.org> scsi: ufs: fix exception event handling Subhash Jadavani <subhashj(a)codeaurora.org> scsi: ufs: ufshcd: fix possible unclocked register access Maxime Chevallier <maxime.chevallier(a)bootlin.com> net: mvpp2: Add missing VLAN tag detection Eric Biggers <ebiggers(a)google.com> fscrypt: use unbound workqueue for decryption Xi Wang <wangxi11(a)huawei.com> net: hns3: Fix for hns3 module is loaded multiple times problem Xi Wang <wangxi11(a)huawei.com> net: hns3: Fix the missing client list node initialization Yunsheng Lin <linyunsheng(a)huawei.com> net: hns3: Fix for CMDQ and Misc. interrupt init order problem Tony Lindgren <tony(a)atomide.com> spi: Add missing pm_runtime_put_noidle() after failed get Mark Rutland <mark.rutland(a)arm.com> drivers/perf: arm-ccn: don't log to dmesg in event_init Wolfram Sang <wsa+renesas(a)sang-engineering.com> watchdog: renesas-wdt: Add support for the R8A77965 WDT Mimi Zohar <zohar(a)linux.vnet.ibm.com> ima: based on policy verify firmware signatures (pre-allocated buffer) Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> mt76x2: apply coverage class on slot time too Xinming Hu <huxm(a)marvell.com> mwifiex: correct histogram data with appropriate index Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Add support for QCA8334 switch Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: pciehp: Request control of native hotplug only if supported Sandipan Das <sandipan(a)linux.vnet.ibm.com> bpf: powerpc64: pad function address loads with NOPs Sandipan Das <sandipan(a)linux.vnet.ibm.com> bpf: fix multi-function JITed dump obtained via syscall Christian Lamparter <chunkeey(a)gmail.com> pinctrl: msm: fix gpio-hog related boot issues Julia Lawall <Julia.Lawall(a)lip6.fr> pinctrl: at91-pio4: add missing of_node_put Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/8xx: fix invalid register expression in head_8xx.S Geert Uytterhoeven <geert+renesas(a)glider.be> spi: sh-msiof: Fix setting SIRMDR1.SYNCAC to match SITMDR1.SYNCAC Dan Carpenter <dan.carpenter(a)oracle.com> KVM: x86: prevent integer overflows in KVM_MEMORY_ENCRYPT_REG_REGION Mathieu Malaterre <malat(a)debian.org> powerpc: Add __printf verification to prom_printf Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Mark variable x as unused Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Add missing prototype for note_bootable_part() Mathieu Malaterre <malat(a)debian.org> powerpc/chrp/time: Make some functions static, add missing header include Mathieu Malaterre <malat(a)debian.org> powerpc/32: Add a missing include header Patrick Bellasi <patrick.bellasi(a)arm.com> sched/cpufreq: Modify aggregate utilization to always include blocked FAIR utilization Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bahamas Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bermuda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Serbia Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Tanzania Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Uganda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL2_FCCA Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL13_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for ETSI8_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for FCC3_ETSIC Keith Busch <keith.busch(a)intel.com> nvme-pci: Fix AER reset handling Jianchao Wang <jianchao.w.wang(a)oracle.com> nvme-rdma: stop admin queue before freeing it Alex Elder <elder(a)linaro.org> soc: qcom: smem: byte swap values properly Alex Elder <elder(a)linaro.org> soc: qcom: smem: fix qcom_smem_set_global_partition() Alex Elder <elder(a)linaro.org> soc: qcom: qmi: fix a buffer sizing bug Christoph Hellwig <hch(a)lst.de> PCI: Prevent sysfs disable of device while driver is attached Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> PM / wakeup: Make s2idle_lock a RAW_SPINLOCK Scott Wood <swood(a)redhat.com> x86/microcode: Make the late update update_lock a raw lock for RT Qu Wenruo <wqu(a)suse.com> btrfs: qgroup: Finish rescan when hit the last leaf of extent tree David Sterba <dsterba(a)suse.com> btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Omar Sandoval <osandov(a)fb.com> Btrfs: don't BUG_ON() in btrfs_truncate_inode_items() Omar Sandoval <osandov(a)fb.com> Btrfs: don't return ino to ino cache if inode item removal fails Hans Verkuil <hans.verkuil(a)cisco.com> media: videobuf2-core: don't call memop 'finish' when queueing Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> media: cec-pin-error-inj: avoid a false-positive Spectre detection Ezequiel Garcia <ezequiel(a)collabora.com> media: tw686x: Fix incorrect vb2_mem_ops GFP flags Fuyun Liang <liangfuyun1(a)huawei.com> net: hns3: Fixes the init of the VALID BD info in the descriptor Lijun Ou <oulijun(a)huawei.com> net: hns3: Fixes initalization of RoCE handle and makes it conditional Eyal Reizer <eyalreizer(a)gmail.com> wlcore: sdio: check for valid platform device data before suspend Ganapathi Bhat <gbhat(a)marvell.com> mwifiex: handle race during mwifiex_usb_disconnect Vincent Palatin <vpalatin(a)chromium.org> mfd: cros_ec: Fail early if we cannot identify the EC Kai Chieh Chuang <kaichieh.chuang(a)mediatek.com> ASoC: dpcm: fix BE dai not hw_free and shutdown Jian-Hong Pan <jian-hong(a)endlessm.com> Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Arnd Bergmann <arnd(a)arndb.de> drivers/bus: arm-cci: fix build warnings Mikita Lipski <mikita.lipski(a)amd.com> drm/amd/display: Do not program interrupt status on disabled crtc Thierry Escande <thierry.escande(a)linaro.org> Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Gregory Greenman <gregory.greenman(a)intel.com> iwlwifi: mvm: open BA session only when sta is authorized Shaul Triebitz <shaul.triebitz(a)intel.com> iwlwifi: pcie: fix race in Rx buffer allocator Ethan Lien <ethanlien(a)synology.com> btrfs: balance dirty metadata pages in btrfs_finish_ordered_io Jan Kiszka <jan.kiszka(a)siemens.com> PCI: Fix devm_pci_alloc_host_bridge() memory leak Sergey Matyukevich <sergey.matyukevich.os(a)quantenna.com> qtnfmac: fix invalid STA state on EAPOL failure Anders Roxell <anders.roxell(a)linaro.org> selftests/filesystems: devpts_pts included wrong header Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: filesystems: return Kselftest Skip code for skipped tests Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: intel_pstate: return Kselftest Skip code for skipped tests Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: kvm: return Kselftest Skip code for skipped tests Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: memfd: return Kselftest Skip code for skipped tests Daniel Díaz <daniel.diaz(a)linaro.org> selftests/intel_pstate: Improve test, minor fixes Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check for NHM Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check in generic code Michael Grzeschik <m.grzeschik(a)pengutronix.de> usbip: dynamically allocate idev by nports found in sysfs Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_detach: Fix memory, udev context and udev leak Filippo Muzzini <filippo.muzzini(a)outlook.it> block, bfq: remove wrong lock in bfq_requests_merged Chao Yu <yuchao0(a)huawei.com> f2fs: fix race in between GC and atomic open Chao Yu <yuchao0(a)huawei.com> f2fs: fix to detect failure of dquot_initialize Yunlei He <heyunlei(a)huawei.com> f2fs: fix missing clear FI_NO_PREALLOC in some error case Sahitya Tummala <stummala(a)codeaurora.org> f2fs: Fix deadlock in shutdown ioctl Chao Yu <yuchao0(a)huawei.com> f2fs: fix to wait page writeback during revoking atomic write Chao Yu <yuchao0(a)huawei.com> f2fs: fix to don't trigger writeback during recovery Chao Yu <yuchao0(a)huawei.com> f2fs: don't drop dentry pages after fs shutdown Chao Yu <yuchao0(a)huawei.com> f2fs: fix error path of move_data_page Anatoly Pugachev <matorola(a)gmail.com> disable loading f2fs module on PAGE_SIZE > 4KB Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix up nfs_post_op_update_inode() to force ctime updates Trond Myklebust <trond.myklebust(a)hammerspace.com> pnfs: Don't release the sequence slot until we've processed layoutget on open Alexey Kodanev <alexey.kodanev(a)oracle.com> netfilter: nf_tables: check msg_type before nft_trans_set(trans) Javier González <javier(a)cnexlabs.com> lightnvm: pblk: warn in case of corrupted write buffer Igor Konopko <igor.j.konopko(a)intel.com> lightnvm: proper error handling for pblk_bio_add_pages Igor Konopko <igor.j.konopko(a)intel.com> lightnvm: fix partial read error path Leon Romanovsky <leon(a)kernel.org> RDMA/mad: Convert BUG_ONs to error flows Yunsheng Lin <linyunsheng(a)huawei.com> net: hns3: Fix for service_task not running problem after resetting Yunsheng Lin <linyunsheng(a)huawei.com> net: hns3: Fix for phy not link up problem after resetting Paul Cercueil <paul(a)crapouillou.net> clk: ingenic: jz4770: Modify C1CLK clock to disable CPU clock stop on idle Mike Looijmans <mike.looijmans(a)topic.nl> clk-si544: Properly round requested frequency to nearest match Nicholas Piggin <npiggin(a)gmail.com> powerpc/64s: Fix compiler store ordering to SLB shadow area Stewart Smith <stewart(a)linux.ibm.com> hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Sam Bobroff <sbobroff(a)linux.ibm.com> powerpc/eeh: Fix use-after-release of EEH driver Michal Suchanek <msuchanek(a)suse.de> powerpc/64s: Add barrier_nospec Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/lib: Adjust .balign inside string functions for PPC32 Cong Wang <xiyou.wangcong(a)gmail.com> infiniband: fix a possible use-after-free bug Benjamin Poirier <bpoirier(a)suse.com> e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes Luis Henriques <lhenriques(a)suse.com> ceph: fix use-after-free in ceph_statfs() Chengguang Xu <cgxu519(a)gmx.com> ceph: fix alignment of rasize Wang YanQing <udknight(a)gmail.com> bpf, arm32: fix inconsistent naming about emit_a32_lsr_{r64,i64} Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> printk: drop in_nmi check from printk_safe_flush_on_panic() Jacopo Mondi <jacopo+renesas(a)jmondi.org> media: arch: sh: migor: Fix TW9910 PDN gpio Marco Felsch <m.felsch(a)pengutronix.de> watchdog: da9063: Fix updating timeout value Laurentiu Tudor <laurentiu.tudor(a)nxp.com> irqchip/ls-scfg-msi: Map MSIs in the iommu Jozsef Kadlecsik <kadlec(a)blackhole.kfki.hu> netfilter: ipset: List timing out entries with "timeout 1" instead of zero Florent Fourcot <florent.fourcot(a)wifirst.fr> netfilter: ipset: forbid family for hash:mac sets Jiri Olsa <jolsa(a)kernel.org> perf tools: Fix pmu events parsing rule Xi Wang <wangxi11(a)huawei.com> net: hns3: Fix for VF mailbox cannot receiving PF response David Howells <dhowells(a)redhat.com> rxrpc: Fix terminal retransmission connection ID to include the channel Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: ensure rtc_set_alarm fails when alarms are not supported Mathieu Malaterre <malat(a)debian.org> mm/slub.c: add __printf verification to slab_err() Chintan Pandya <cpandya(a)codeaurora.org> mm: vmalloc: avoid racy handling of debugobjects in vunmap Huang Ying <ying.huang(a)intel.com> mm: /proc/pid/pagemap: hide swap entries from unprivileged users Aaron Lu <aaron.lu(a)intel.com> mem_cgroup: make sure moving_account, move_lock_task and stat_cpu in the same cacheline Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> kernel/hung_task.c: show all hung tasks before panic Alex Williamson <alex.williamson(a)redhat.com> vfio/type1: Fix task tracking for QEMU vCPU hotplug Alex Williamson <alex.williamson(a)redhat.com> vfio/mdev: Check globally for duplicate devices Geert Uytterhoeven <geert+renesas(a)glider.be> vfio: platform: Fix reset module leak in error path Scott Mayhew <smayhew(a)redhat.com> nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Andrew Elble <aweits(a)rit.edu> nfsd: fix error handling in nfs4_set_delegation() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: fm801: add error handling for snd_ctl_add Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: emu10k1: add error handling for snd_ctl_add Alexander Duyck <alexander.h.duyck(a)intel.com> ixgbe: Fix setting of TC configuration for macvlan case Olga Kornievskaia <olga.kornievskaia(a)gmail.com> skip LAYOUTRETURN if layout is invalid Stephen Hemminger <stephen(a)networkplumber.org> hv_netvsc: fix network namespace issues with VF support Juergen Gross <jgross(a)suse.com> xen/netfront: raise max number of slots in xennet_get_responses() Kenneth Feng <kenneth.feng(a)amd.com> drm/amd/powerplay: Set higher SCLK&MCLK frequency than dpm7 in OD (v2) Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> mm: check for SIGKILL inside dup_mmap() loop Mark Rutland <mark.rutland(a)arm.com> kcov: ensure irq code sees a valid area Petr Machata <petrm(a)mellanox.com> mlxsw: spectrum_switchdev: Fix port_vlan refcounting Clint Taylor <clinton.a.taylor(a)intel.com> drm/i915/glk: Add Quirk for GLK NUC HDMI port issues. Johannes Weiner <hannes(a)cmpxchg.org> arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Quiet gcc warning about maybe unused link variable Artem Savkov <asavkov(a)redhat.com> tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Snild Dolkow <snild(a)sony.com> kthread, tracing: Don't expose half-written comm when creating kthreads Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix possible double free in event_enable_trigger_func() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix double free of event_trigger_data Tejun Heo <tj(a)kernel.org> delayacct: fix crash in delayacct_blkio_end() after delayacct init failure Shakeel Butt <shakeelb(a)google.com> kvm, mm: account shadow page tables to kmemcg Dave Jiang <dave.jiang(a)intel.com> mm: disallow mappings that conflict for devm_memremap_pages() KT Liao <kt.liao(a)emc.com.tw> Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Chen-Yu Tsai <wens(a)csie.org> Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Donald Shanty III <dshanty(a)protonmail.com> Input: elan_i2c - add ACPI ID for lenovo ideapad 330 Marek Szyprowski <m.szyprowski(a)samsung.com> spi: spi-s3c64xx: Fix system resume support ------------- Diffstat: .../devicetree/bindings/net/dsa/qca8k.txt | 23 +++- .../devicetree/bindings/net/meson-dwmac.txt | 1 + .../devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 + .../devicetree/bindings/watchdog/renesas-wdt.txt | 1 + Documentation/vfio-mediated-device.txt | 5 + Makefile | 4 +- arch/arm/boot/dts/emev2.dtsi | 5 +- arch/arm/boot/dts/imx53-ppd.dts | 2 - arch/arm/boot/dts/imx53.dtsi | 8 ++ arch/arm/boot/dts/imx6qdl-wandboard-revb1.dtsi | 1 - arch/arm/boot/dts/imx6qdl-wandboard-revc1.dtsi | 1 - arch/arm/boot/dts/imx6qdl-wandboard-revd1.dtsi | 1 - arch/arm/boot/dts/imx6qdl-wandboard.dtsi | 8 ++ arch/arm/boot/dts/sh73a0.dtsi | 5 +- arch/arm/boot/dts/stih407-pinctrl.dtsi | 10 +- arch/arm/boot/dts/stih410.dtsi | 18 +-- arch/arm/net/bpf_jit_32.c | 10 +- arch/arm64/boot/dts/renesas/salvator-common.dtsi | 38 +++--- arch/arm64/configs/defconfig | 2 + arch/arm64/include/asm/cmpxchg.h | 4 +- arch/arm64/mm/init.c | 4 +- arch/microblaze/boot/Makefile | 10 +- arch/powerpc/include/asm/barrier.h | 15 +++ arch/powerpc/include/asm/cache.h | 3 + arch/powerpc/include/asm/pkeys.h | 2 + arch/powerpc/kernel/eeh_driver.c | 28 +++-- arch/powerpc/kernel/head_8xx.S | 2 +- arch/powerpc/kernel/pci_32.c | 1 + arch/powerpc/kernel/prom_init.c | 114 +++++++++--------- arch/powerpc/lib/string.S | 7 +- arch/powerpc/mm/slb.c | 8 +- arch/powerpc/net/bpf_jit_comp64.c | 34 ++++-- arch/powerpc/platforms/chrp/time.c | 6 +- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 + arch/powerpc/platforms/powermac/bootx_init.c | 4 +- arch/powerpc/platforms/powermac/setup.c | 1 + arch/s390/include/asm/cpu_mf.h | 6 +- arch/sh/boards/mach-migor/setup.c | 2 +- arch/x86/events/intel/uncore.c | 2 +- arch/x86/events/intel/uncore_nhmex.c | 2 +- arch/x86/kernel/cpu/microcode/core.c | 6 +- arch/x86/kvm/mmu.c | 2 +- arch/x86/kvm/svm.c | 8 +- block/bfq-iosched.c | 2 - block/bio.c | 19 ++- crypto/authenc.c | 1 + crypto/authencesn.c | 1 + drivers/acpi/acpi_lpss.c | 32 +++-- drivers/acpi/acpica/psloop.c | 19 +-- drivers/acpi/pci_root.c | 4 +- drivers/ata/libata-eh.c | 12 +- drivers/bluetooth/btusb.c | 4 + drivers/bluetooth/hci_qca.c | 2 +- drivers/char/random.c | 10 +- drivers/clk/clk-si544.c | 1 + drivers/clk/ingenic/jz4770-cgu.c | 3 +- drivers/edac/altera_edac.c | 2 +- drivers/gpio/gpio-uniphier.c | 6 +- drivers/gpio/gpiolib-of.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_mn.c | 17 +-- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 8 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 8 +- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_irq.c | 3 + .../amd/display/dc/dce110/dce110_hw_sequencer.c | 4 +- drivers/gpu/drm/amd/powerplay/hwmgr/smu7_hwmgr.c | 7 +- drivers/gpu/drm/drm_atomic.c | 4 +- drivers/gpu/drm/drm_atomic_helper.c | 78 ++++++------ drivers/gpu/drm/drm_dp_mst_topology.c | 9 +- drivers/gpu/drm/gma500/psb_intel_drv.h | 2 +- drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 +- drivers/gpu/drm/i915/i915_drv.h | 1 + drivers/gpu/drm/i915/intel_ddi.c | 13 +- drivers/gpu/drm/i915/intel_display.c | 21 +++- drivers/gpu/drm/i915/intel_drv.h | 3 +- drivers/gpu/drm/nouveau/nouveau_dma.c | 10 +- drivers/gpu/drm/nouveau/nouveau_dma.h | 5 +- drivers/gpu/drm/nouveau/nouveau_drm.c | 30 +++-- drivers/gpu/drm/nouveau/nouveau_gem.c | 19 ++- drivers/gpu/drm/nouveau/nvkm/engine/fifo/gk104.c | 8 +- drivers/gpu/drm/radeon/radeon_connectors.c | 10 +- drivers/gpu/drm/rockchip/analogix_dp-rockchip.c | 9 ++ drivers/gpu/drm/stm/ltdc.c | 3 - drivers/gpu/host1x/dev.c | 11 +- drivers/hid/hid-plantronics.c | 6 +- drivers/hid/i2c-hid/i2c-hid.c | 8 ++ drivers/i2c/busses/i2c-rcar.c | 54 ++++++++- drivers/infiniband/core/mad.c | 11 +- drivers/infiniband/core/ucma.c | 6 +- drivers/infiniband/core/uverbs_cmd.c | 5 + drivers/infiniband/sw/rdmavt/Kconfig | 2 +- drivers/infiniband/sw/rxe/Kconfig | 1 + drivers/input/mouse/elan_i2c_core.c | 2 + drivers/input/serio/i8042-x86ia64io.h | 7 ++ drivers/irqchip/irq-ls-scfg-msi.c | 3 + drivers/lightnvm/pblk-core.c | 6 +- drivers/lightnvm/pblk-rb.c | 5 +- drivers/lightnvm/pblk-read.c | 8 +- drivers/md/md.c | 3 + drivers/md/raid1.c | 2 + drivers/media/cec/cec-pin-error-inj.c | 33 ++--- drivers/media/common/siano/smsendian.c | 14 +-- drivers/media/common/videobuf2/videobuf2-core.c | 9 +- drivers/media/i2c/smiapp/smiapp-core.c | 11 +- drivers/media/media-device.c | 21 ++-- drivers/media/pci/saa7164/saa7164-fw.c | 3 +- drivers/media/pci/tw686x/tw686x-video.c | 3 +- drivers/media/platform/omap3isp/isp.c | 7 +- drivers/media/platform/rcar_jpu.c | 4 +- drivers/media/platform/renesas-ceu.c | 20 ++- drivers/media/radio/si470x/radio-si470x-i2c.c | 6 +- drivers/media/rc/ir-mce_kbd-decoder.c | 12 +- drivers/media/usb/em28xx/em28xx-dvb.c | 4 +- drivers/memory/tegra/mc.c | 22 +--- drivers/memory/tegra/mc.h | 9 ++ drivers/memory/tegra/tegra114.c | 2 + drivers/memory/tegra/tegra124.c | 6 + drivers/memory/tegra/tegra210.c | 3 + drivers/memory/tegra/tegra30.c | 2 + drivers/mfd/cros_ec.c | 6 +- drivers/mmc/core/pwrseq_simple.c | 14 ++- drivers/mmc/host/dw_mmc.c | 4 + drivers/mmc/host/sdhci-omap.c | 17 ++- drivers/mtd/nand/raw/fsl_ifc_nand.c | 17 +-- drivers/net/dsa/qca8k.c | 52 +++++++- drivers/net/dsa/qca8k.h | 7 +- drivers/net/ethernet/amazon/ena/ena_com.c | 1 + drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 4 +- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 5 +- drivers/net/ethernet/broadcom/bnxt/bnxt_sriov.c | 3 +- drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 2 + drivers/net/ethernet/hisilicon/hns3/hnae3.c | 1 + drivers/net/ethernet/hisilicon/hns3/hnae3.h | 2 + drivers/net/ethernet/hisilicon/hns3/hns3_enet.c | 5 + drivers/net/ethernet/hisilicon/hns3/hns3_enet.h | 2 + .../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 17 +-- .../ethernet/hisilicon/hns3/hns3pf/hclge_main.h | 2 +- .../ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 28 +++-- .../ethernet/hisilicon/hns3/hns3vf/hclgevf_main.h | 2 +- drivers/net/ethernet/intel/e1000e/netdev.c | 15 +-- drivers/net/ethernet/intel/i40e/i40e.h | 2 +- drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 4 +- drivers/net/ethernet/intel/i40e/i40e_ptp.c | 48 +++++--- drivers/net/ethernet/intel/igb/igb_main.c | 9 +- drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c | 8 ++ drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 8 -- drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 + drivers/net/ethernet/marvell/mvpp2.c | 3 + .../net/ethernet/mellanox/mlxsw/spectrum_router.c | 14 +-- .../ethernet/mellanox/mlxsw/spectrum_switchdev.c | 4 +- drivers/net/ethernet/socionext/netsec.c | 23 ++-- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 +- drivers/net/hyperv/hyperv_net.h | 2 + drivers/net/hyperv/netvsc_drv.c | 43 +++---- drivers/net/netdevsim/devlink.c | 1 + drivers/net/phy/mdio-mux-bcm-iproc.c | 2 +- drivers/net/phy/phylink.c | 2 + drivers/net/phy/sfp-bus.c | 7 ++ drivers/net/usb/lan78xx.c | 2 + drivers/net/virtio_net.c | 41 ++++--- drivers/net/wireless/ath/ath10k/core.c | 134 +++++++++++---------- drivers/net/wireless/ath/ath10k/debug.c | 8 +- drivers/net/wireless/ath/ath10k/wmi.c | 6 + drivers/net/wireless/ath/ath10k/wmi.h | 2 +- drivers/net/wireless/ath/regd.h | 5 + drivers/net/wireless/ath/regd_common.h | 13 ++ .../wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 + drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 8 +- drivers/net/wireless/intel/iwlwifi/mvm/rs.c | 38 +++--- drivers/net/wireless/intel/iwlwifi/mvm/rs.h | 7 +- drivers/net/wireless/intel/iwlwifi/mvm/sta.c | 2 +- drivers/net/wireless/intel/iwlwifi/mvm/sta.h | 10 +- drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 + drivers/net/wireless/marvell/mwifiex/usb.c | 3 + drivers/net/wireless/marvell/mwifiex/util.c | 8 +- drivers/net/wireless/mediatek/mt76/mt76x2_init.c | 3 + drivers/net/wireless/mediatek/mt76/mt76x2_main.c | 3 +- drivers/net/wireless/mediatek/mt76/mt76x2_phy.c | 6 +- drivers/net/wireless/mediatek/mt76/tx.c | 2 + drivers/net/wireless/quantenna/qtnfmac/cfg80211.c | 21 ++-- drivers/net/wireless/quantenna/qtnfmac/event.c | 8 +- .../net/wireless/quantenna/qtnfmac/pearl/pcie.c | 4 + drivers/net/wireless/rsi/rsi_91x_hal.c | 35 +++--- drivers/net/wireless/rsi/rsi_91x_mac80211.c | 7 +- drivers/net/wireless/rsi/rsi_91x_sdio.c | 23 ++-- drivers/net/wireless/rsi/rsi_sdio.h | 2 +- drivers/net/wireless/ti/wlcore/sdio.c | 5 + drivers/net/xen-netfront.c | 10 +- drivers/nvme/host/pci.c | 16 ++- drivers/nvme/host/rdma.c | 10 +- drivers/nvme/target/fc.c | 44 +++++-- drivers/nvmem/core.c | 7 ++ drivers/pci/pci-sysfs.c | 15 ++- drivers/pci/pcie/aspm.c | 9 ++ drivers/pci/pcie/dpc.c | 5 +- drivers/pci/probe.c | 4 +- drivers/perf/arm-cci.c | 6 +- drivers/perf/arm-ccn.c | 20 +-- drivers/pinctrl/pinctrl-at91-pio4.c | 4 +- drivers/pinctrl/qcom/pinctrl-msm.c | 23 +++- drivers/platform/x86/dell-smbios-base.c | 5 +- drivers/regulator/cpcap-regulator.c | 2 +- drivers/regulator/internal.h | 9 +- drivers/regulator/of_regulator.c | 13 +- drivers/regulator/pfuze100-regulator.c | 1 + drivers/regulator/twl-regulator.c | 2 +- drivers/rtc/interface.c | 5 + drivers/rtc/rtc-tps6586x.c | 14 ++- drivers/rtc/rtc-tps65910.c | 12 +- drivers/rtc/rtc-vr41xx.c | 9 +- drivers/s390/scsi/zfcp_dbf.c | 2 + drivers/scsi/3w-9xxx.c | 5 + drivers/scsi/3w-xxxx.c | 3 + drivers/scsi/cxlflash/main.c | 11 +- drivers/scsi/cxlflash/sislite.h | 1 + drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 11 +- drivers/scsi/megaraid.c | 3 + drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 + drivers/scsi/qedf/qedf_main.c | 10 ++ drivers/scsi/scsi_dh.c | 5 +- drivers/scsi/ufs/ufshcd.c | 28 ++++- drivers/soc/imx/gpcv2.c | 22 ++-- drivers/soc/qcom/qmi_interface.c | 5 +- drivers/soc/qcom/smem.c | 27 +++-- drivers/soc/tegra/pmc.c | 20 +-- drivers/spi/spi-meson-spicc.c | 11 +- drivers/spi/spi-s3c64xx.c | 4 +- drivers/spi/spi-sh-msiof.c | 6 +- drivers/spi/spi.c | 1 + drivers/staging/ks7010/ks7010_sdio.c | 3 + .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd.c | 2 +- .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 30 ++--- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 +- drivers/staging/lustre/lustre/llite/xattr.c | 6 +- drivers/staging/media/atomisp/i2c/atomisp-ov2680.c | 6 +- drivers/staging/media/atomisp/i2c/gc2235.h | 9 +- drivers/staging/media/atomisp/i2c/ov2680.h | 5 +- drivers/staging/media/atomisp/i2c/ov2722.h | 6 + drivers/staging/media/atomisp/i2c/ov5693/ov5693.h | 18 ++- .../atomisp/pci/atomisp2/atomisp_compat_ioctl32.c | 49 ++++---- drivers/staging/most/cdev/cdev.c | 6 +- .../vc04_services/interface/vchiq_arm/vchiq_core.c | 1 + drivers/thermal/samsung/exynos_tmu.c | 1 + drivers/tty/hvc/hvc_opal.c | 1 - drivers/tty/pty.c | 3 + drivers/usb/core/hub.c | 4 + drivers/vfio/mdev/mdev_core.c | 102 ++++++---------- drivers/vfio/mdev/mdev_private.h | 2 +- drivers/vfio/platform/vfio_platform_common.c | 15 ++- drivers/vfio/vfio_iommu_type1.c | 73 +++++++---- drivers/video/backlight/pwm_bl.c | 6 +- drivers/watchdog/da9063_wdt.c | 17 ++- fs/block_dev.c | 9 +- fs/btrfs/inode.c | 33 +++-- fs/btrfs/qgroup.c | 19 +++ fs/btrfs/tree-log.c | 10 +- fs/ceph/super.c | 13 +- fs/crypto/crypto.c | 11 +- fs/ext4/balloc.c | 3 + fs/ext4/ialloc.c | 8 +- fs/ext4/inline.c | 19 +-- fs/ext4/inode.c | 16 ++- fs/ext4/super.c | 13 +- fs/f2fs/data.c | 14 ++- fs/f2fs/f2fs.h | 8 +- fs/f2fs/file.c | 20 ++- fs/f2fs/gc.c | 11 +- fs/f2fs/segment.c | 5 + fs/f2fs/super.c | 6 + fs/fcntl.c | 15 ++- fs/nfs/inode.c | 3 +- fs/nfs/nfs4proc.c | 14 ++- fs/nfs/pnfs.c | 6 +- fs/nfsd/nfs4state.c | 5 +- fs/nfsd/nfs4xdr.c | 2 + fs/proc/task_mmu.c | 30 +++-- fs/squashfs/cache.c | 3 + fs/squashfs/file.c | 8 +- fs/squashfs/fragment.c | 4 +- fs/squashfs/squashfs_fs.h | 6 + include/drm/drm_dp_helper.h | 1 + include/linux/delayacct.h | 4 +- include/linux/dma-iommu.h | 1 + include/linux/fs.h | 2 +- include/linux/memcontrol.h | 23 +++- include/linux/mm.h | 9 +- include/linux/mmc/sdio_ids.h | 1 + include/linux/netfilter/ipset/ip_set_timeout.h | 10 +- include/linux/regulator/consumer.h | 1 + include/linux/serial_core.h | 3 +- include/net/tcp.h | 2 +- include/soc/tegra/mc.h | 2 + include/uapi/sound/asoc.h | 23 +++- ipc/msg.c | 6 +- ipc/sem.c | 6 +- kernel/auditfilter.c | 2 +- kernel/auditsc.c | 2 + kernel/bpf/syscall.c | 37 +++++- kernel/bpf/verifier.c | 4 +- kernel/delayacct.c | 17 +-- kernel/fork.c | 8 ++ kernel/hung_task.c | 11 +- kernel/kcov.c | 3 +- kernel/kthread.c | 8 +- kernel/memremap.c | 18 ++- kernel/power/suspend.c | 14 +-- kernel/printk/printk_safe.c | 2 +- kernel/sched/cpufreq_schedutil.c | 17 ++- kernel/stop_machine.c | 24 ++-- kernel/time/clocksource.c | 4 +- kernel/trace/trace_events_trigger.c | 18 ++- kernel/trace/trace_kprobe.c | 15 ++- lib/dma-direct.c | 7 ++ mm/slub.c | 2 +- mm/vmalloc.c | 3 +- net/core/dev.c | 17 +-- net/ipv4/fib_frontend.c | 4 +- net/ipv4/ipconfig.c | 13 ++ net/ipv4/tcp_bbr.c | 4 + net/ipv4/tcp_dctcp.c | 4 +- net/ipv4/tcp_input.c | 57 +++++---- net/netfilter/ipset/ip_set_hash_gen.h | 5 +- net/netfilter/nf_tables_api.c | 11 +- net/netlink/af_netlink.c | 5 + net/rds/ib_frmr.c | 5 + net/rds/ib_mr.h | 3 +- net/rds/ib_rdma.c | 21 ++-- net/rds/rdma.c | 13 +- net/rds/rds.h | 5 +- net/rds/send.c | 12 +- net/rxrpc/conn_event.c | 2 +- security/integrity/ima/ima_main.c | 1 + sound/pci/emu10k1/emupcm.c | 4 +- sound/pci/emu10k1/memory.c | 6 +- sound/pci/fm801.c | 16 ++- sound/pci/hda/patch_ca0132.c | 8 +- sound/soc/fsl/fsl_ssi.c | 3 +- sound/soc/soc-compress.c | 52 ++++---- sound/soc/soc-pcm.c | 6 +- sound/soc/soc-topology.c | 19 ++- sound/usb/pcm.c | 2 +- tools/perf/util/parse-events.y | 14 ++- tools/testing/selftests/filesystems/Makefile | 1 + tools/testing/selftests/filesystems/devpts_pts.c | 13 +- tools/testing/selftests/intel_pstate/run.sh | 29 +++-- tools/testing/selftests/kvm/lib/assert.c | 9 +- tools/testing/selftests/kvm/vmx_tsc_adjust_test.c | 2 + tools/testing/selftests/memfd/run_tests.sh | 14 ++- tools/usb/usbip/libsrc/vhci_driver.c | 32 +++-- tools/usb/usbip/libsrc/vhci_driver.h | 3 +- tools/usb/usbip/src/usbip_detach.c | 9 +- 351 files changed, 2495 insertions(+), 1300 deletions(-)

7 years, 1 month

5
316
0 0

[PATCH] usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0

by Yoshihiro Shimoda

This patch fixes an issue that maxpacket size of ep0 is incorrect for SuperSpeed. Otherwise, CDC NCM class with SuperSpeed doesn't work correctly on this driver because its control read data size is more than 64 bytes. Reported-by: Junki Kato <junki.kato.xk(a)renesas.com> Fixes: 746bfe63bba3 ("usb: gadget: renesas_usb3: add support for Renesas USB3.0 peripheral controller") Cc: <stable(a)vger.kernel.org> # v4.5+ Signed-off-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> Tested-by: Junki Kato <junki.kato.xk(a)renesas.com> --- drivers/usb/gadget/udc/renesas_usb3.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/usb/gadget/udc/renesas_usb3.c b/drivers/usb/gadget/udc/renesas_usb3.c index 7cf98c7..5b5f1c8 100644 --- a/drivers/usb/gadget/udc/renesas_usb3.c +++ b/drivers/usb/gadget/udc/renesas_usb3.c @@ -787,12 +787,15 @@ static void usb3_irq_epc_int_1_speed(struct renesas_usb3 *usb3) switch (speed) { case USB_STA_SPEED_SS: usb3->gadget.speed = USB_SPEED_SUPER; + usb3->gadget.ep0->maxpacket = USB3_EP0_SS_MAX_PACKET_SIZE; break; case USB_STA_SPEED_HS: usb3->gadget.speed = USB_SPEED_HIGH; + usb3->gadget.ep0->maxpacket = USB3_EP0_HSFS_MAX_PACKET_SIZE; break; case USB_STA_SPEED_FS: usb3->gadget.speed = USB_SPEED_FULL; + usb3->gadget.ep0->maxpacket = USB3_EP0_HSFS_MAX_PACKET_SIZE; break; default: usb3->gadget.speed = USB_SPEED_UNKNOWN; @@ -2451,7 +2454,7 @@ static int renesas_usb3_init_ep(struct renesas_usb3 *usb3, struct device *dev, /* for control pipe */ usb3->gadget.ep0 = &usb3_ep->ep; usb_ep_set_maxpacket_limit(&usb3_ep->ep, - USB3_EP0_HSFS_MAX_PACKET_SIZE); + USB3_EP0_SS_MAX_PACKET_SIZE); usb3_ep->ep.caps.type_control = true; usb3_ep->ep.caps.dir_in = true; usb3_ep->ep.caps.dir_out = true; -- 1.9.1

7 years, 1 month

1
0
0 0

[patch 3/3] userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails

by akpm＠linux-foundation.org

From: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Subject: userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails The fix in 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") cleared the vma->vm_userfaultfd_ctx but kept userfaultfd flags in vma->vm_flags that were copied from the parent process VMA. As the result, there is an inconsistency between the values of vma->vm_userfaultfd_ctx.ctx and vma->vm_flags which triggers BUG_ON in userfaultfd_release(). Clearing the uffd flags from vma->vm_flags in case of UFFD_EVENT_FORK failure resolves the issue. Link: http://lkml.kernel.org/r/1532931975-25473-1-git-send-email-rppt@linux.vnet.… Fixes: 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") Signed-off-by: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Reported-by: syzbot+121be635a7a35ddb7dcb(a)syzkaller.appspotmail.com Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Eric Biggers <ebiggers3(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/userfaultfd.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/fs/userfaultfd.c~userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails +++ a/fs/userfaultfd.c @@ -633,8 +633,10 @@ static void userfaultfd_event_wait_compl /* the various vma->vm_userfaultfd_ctx still points to it */ down_write(&mm->mmap_sem); for (vma = mm->mmap; vma; vma = vma->vm_next) - if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) + if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) { vma->vm_userfaultfd_ctx = NULL_VM_UFFD_CTX; + vma->vm_flags &= ~(VM_UFFD_WP | VM_UFFD_MISSING); + } up_write(&mm->mmap_sem); userfaultfd_ctx_put(release_new_ctx); _

7 years, 1 month

1
0
0 0

[patch 2/3] ipc/shm.c add ->pagesize function to shm_vm_ops

by akpm＠linux-foundation.org

From: Jane Chu <jane.chu(a)oracle.com> Subject: ipc/shm.c add ->pagesize function to shm_vm_ops 05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") adds a new ->pagesize() function to hugetlb_vm_ops, intended to cover all hugetlbfs backed files. With System V shared memory model, if "huge page" is specified, the "shared memory" is backed by hugetlbfs files, but the mappings initiated via shmget/shmat have their original vm_ops overwritten with shm_vm_ops, so we need to add a ->pagesize function to shm_vm_ops. Otherwise, vma_kernel_pagesize() returns PAGE_SIZE given a hugetlbfs backed vma, result in below BUG: fs/hugetlbfs/inode.c 443 if (unlikely(page_mapped(page))) { 444 BUG_ON(truncate_op); [ 242.268342] hugetlbfs: oracle (4592): Using mlock ulimits for SHM_HUGETLB is deprecated [ 282.653208] ------------[ cut here ]------------ [ 282.708447] kernel BUG at fs/hugetlbfs/inode.c:444! [ 282.818957] Modules linked in: nfsv3 rpcsec_gss_krb5 nfsv4 ... [ 284.025873] CPU: 35 PID: 5583 Comm: oracle_5583_sbt Not tainted 4.14.35-1829.el7uek.x86_64 #2 [ 284.246609] task: ffff9bf0507aaf80 task.stack: ffffa9e625628000 [ 284.317455] RIP: 0010:remove_inode_hugepages+0x3db/0x3e2 .... [ 285.292389] Call Trace: [ 285.321630] hugetlbfs_evict_inode+0x1e/0x3e [ 285.372707] evict+0xdb/0x1af [ 285.408185] iput+0x1a2/0x1f7 [ 285.443661] dentry_unlink_inode+0xc6/0xf0 [ 285.492661] __dentry_kill+0xd8/0x18d [ 285.536459] dput+0x1b5/0x1ed [ 285.571939] __fput+0x18b/0x216 [ 285.609495] ____fput+0xe/0x10 [ 285.646030] task_work_run+0x90/0xa7 [ 285.688788] exit_to_usermode_loop+0xdd/0x116 [ 285.740905] do_syscall_64+0x187/0x1ae [ 285.785740] entry_SYSCALL_64_after_hwframe+0x150/0x0 [jane.chu(a)oracle.com: relocate comment] Link: http://lkml.kernel.org/r/20180731044831.26036-1-jane.chu@oracle.com Link: http://lkml.kernel.org/r/20180727211727.5020-1-jane.chu@oracle.com Fixes: 05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") Signed-off-by: Jane Chu <jane.chu(a)oracle.com> Suggested-by: Mike Kravetz <mike.kravetz(a)oracle.com> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Davidlohr Bueso <dave(a)stgolabs.net> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: Jan Kara <jack(a)suse.cz> Cc: Jérôme Glisse <jglisse(a)redhat.com> Cc: Manfred Spraul <manfred(a)colorfullife.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- ipc/shm.c | 12 ++++++++++++ mm/hugetlb.c | 7 +++++++ 2 files changed, 19 insertions(+) --- a/ipc/shm.c~ipc-shmc-add-pagesize-function-to-shm_vm_ops +++ a/ipc/shm.c @@ -427,6 +427,17 @@ static int shm_split(struct vm_area_stru return 0; } +static unsigned long shm_pagesize(struct vm_area_struct *vma) +{ + struct file *file = vma->vm_file; + struct shm_file_data *sfd = shm_file_data(file); + + if (sfd->vm_ops->pagesize) + return sfd->vm_ops->pagesize(vma); + + return PAGE_SIZE; +} + #ifdef CONFIG_NUMA static int shm_set_policy(struct vm_area_struct *vma, struct mempolicy *new) { @@ -554,6 +565,7 @@ static const struct vm_operations_struct .close = shm_close, /* callback for when the vm-area is released */ .fault = shm_fault, .split = shm_split, + .pagesize = shm_pagesize, #if defined(CONFIG_NUMA) .set_policy = shm_set_policy, .get_policy = shm_get_policy, --- a/mm/hugetlb.c~ipc-shmc-add-pagesize-function-to-shm_vm_ops +++ a/mm/hugetlb.c @@ -3167,6 +3167,13 @@ static vm_fault_t hugetlb_vm_op_fault(st return 0; } +/* + * When a new function is introduced to vm_operations_struct and added + * to hugetlb_vm_ops, please consider adding the function to shm_vm_ops. + * This is because under System V memory model, mappings created via + * shmget/shmat with "huge page" specified are backed by hugetlbfs files, + * their original vm_ops are overwritten with shm_vm_ops. + */ const struct vm_operations_struct hugetlb_vm_ops = { .fault = hugetlb_vm_op_fault, .open = hugetlb_vm_op_open, _

7 years, 1 month

1
0
0 0

+ zram-remove-bd_cap_synchronous_io-with-writeback-feature.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: zram: remove BD_CAP_SYNCHRONOUS_IO with writeback feature has been added to the -mm tree. Its filename is zram-remove-bd_cap_synchronous_io-with-writeback-feature.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/zram-remove-bd_cap_synchronous_io-… and later at http://ozlabs.org/~akpm/mmotm/broken-out/zram-remove-bd_cap_synchronous_io-… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Minchan Kim <minchan(a)kernel.org> Subject: zram: remove BD_CAP_SYNCHRONOUS_IO with writeback feature If zram supports writeback feature, it's no longer a BD_CAP_SYNCHRONOUS_IO device beause zram does synchronous IO operations for incompressible pages. Do not pretend to be synchronous IO device. It makes the system very sluggish due to waiting for IO completion from upper layers. Furthermore, it causes a user-after-free problem because swap thinks the opearion is done when the IO functions returns so it can free the page (e.g., lock_page_or_retry and goto out_release in do_swap_page) but in fact, IO is asynchrnous so the driver could access a just freed page afterward. This patch fixes the problem. BUG: Bad page state in process qemu-system-x86 pfn:3dfab21 page:ffffdfb137eac840 count:0 mapcount:0 mapping:0000000000000000 index:0x1 flags: 0x17fffc000000008(uptodate) raw: 017fffc000000008 dead000000000100 dead000000000200 0000000000000000 raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: PAGE_FLAGS_CHECK_AT_PREP flag set bad because of flags: 0x8(uptodate) Modules linked in: lz4 lz4_compress zram zsmalloc intel_rapl sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel bin fmt_misc pcbc aesni_intel aes_x86_64 crypto_simd cryptd iTCO_wdt glue_helper iTCO_vendor_support intel_cstate lpc_ich mei_me intel_uncore intel_rapl_perf pcspkr joydev sg mfd_core ioatdma mei wmi evdev ipmi_si ipmi_devintf ipmi_msghandler acpi_power_meter acpi_pad button ip_tables x_tables autofs4 ext4 crc32c_generic crc16 mbcache jbd2 fscrypto hid_generic usbhid hid sd_mod xhci_pci ehci_pci ahci libahci xhci_hcd ehci_hcd libata igb i2c_algo_bit crc32c_intel scsi_mod i2c_i8 01 dca usbcore CPU: 4 PID: 1039 Comm: qemu-system-x86 Tainted: G B 4.18.0-rc5+ #1 Hardware name: Supermicro Super Server/X10SRL-F, BIOS 2.0b 05/02/2017 Call Trace: dump_stack+0x5c/0x7b bad_page+0xba/0x120 get_page_from_freelist+0x1016/0x1250 __alloc_pages_nodemask+0xfa/0x250 alloc_pages_vma+0x7c/0x1c0 do_swap_page+0x347/0x920 ? __update_load_avg_se.isra.38+0x1eb/0x1f0 ? cpumask_next_wrap+0x3d/0x60 __handle_mm_fault+0x7b4/0x1110 ? update_load_avg+0x5ea/0x720 handle_mm_fault+0xfc/0x1f0 __get_user_pages+0x12f/0x690 get_user_pages_unlocked+0x148/0x1f0 __gfn_to_pfn_memslot+0xff/0x3c0 [kvm] try_async_pf+0x87/0x230 [kvm] tdp_page_fault+0x132/0x290 [kvm] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] kvm_mmu_page_fault+0x74/0x570 [kvm] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmx_vcpu_run+0x375/0x620 [kvm_intel] kvm_arch_vcpu_ioctl_run+0x9b3/0x1990 [kvm] ? __update_load_avg_se.isra.38+0x1eb/0x1f0 ? kvm_vcpu_ioctl+0x388/0x5d0 [kvm] kvm_vcpu_ioctl+0x388/0x5d0 [kvm] ? __switch_to+0x395/0x450 ? __switch_to+0x395/0x450 do_vfs_ioctl+0xa2/0x630 ? __schedule+0x3fd/0x890 ksys_ioctl+0x70/0x80 ? exit_to_usermode_loop+0xca/0xf0 __x64_sys_ioctl+0x16/0x20 do_syscall_64+0x55/0x100 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7fb30361add7 Code: 00 00 00 48 8b 05 c1 80 2b 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 91 80 2b 00 f7 d8 64 89 01 48 RSP: 002b:00007fb2e97f98b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000000ae80 RCX: 00007fb30361add7 RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 RBP: 00005652b984e0f0 R08: 00005652b7d513d0 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fb308c66000 R14: 0000000000000000 R15: 00005652b984e0f0 Link: https://lore.kernel.org/lkml/0516ae2d-b0fd-92c5-aa92-112ba7bd32fc@contabo.d… Link: http://lkml.kernel.org/r/20180802051112.86174-1-minchan@kernel.org Signed-off-by: Minchan Kim <minchan(a)kernel.org> Reported-by: Tino Lehnig <tino.lehnig(a)contabo.de> Tested-by: Tino Lehnig <tino.lehnig(a)contabo.de> Cc: Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: <stable(a)vger.kernel.org> [4.15+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- drivers/block/zram/zram_drv.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) --- a/drivers/block/zram/zram_drv.c~zram-remove-bd_cap_synchronous_io-with-writeback-feature +++ a/drivers/block/zram/zram_drv.c @@ -298,7 +298,8 @@ static void reset_bdev(struct zram *zram zram->backing_dev = NULL; zram->old_block_size = 0; zram->bdev = NULL; - + zram->disk->queue->backing_dev_info->capabilities |= + BDI_CAP_SYNCHRONOUS_IO; kvfree(zram->bitmap); zram->bitmap = NULL; } @@ -400,6 +401,8 @@ static ssize_t backing_dev_store(struct zram->backing_dev = backing_dev; zram->bitmap = bitmap; zram->nr_pages = nr_pages; + zram->disk->queue->backing_dev_info->capabilities &= + ~BDI_CAP_SYNCHRONOUS_IO; up_write(&zram->init_lock); pr_info("setup backing device %s\n", file_name); _ Patches currently in -mm which might be from minchan(a)kernel.org are zram-remove-bd_cap_synchronous_io-with-writeback-feature.patch

7 years, 1 month

1
0
0 0

[PATCH v4 2/8] drm/nouveau: Enable polling even if we have runtime PM

by Lyude Paul

Having runtime PM makes no difference on whether or not we want polling, and it's now safe to just enable polling unconditionally in drm_load() thanks to d61a5c106351 ("drm/nouveau: Fix deadlock on runtime suspend") Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Peter Ujfalusi <peter.ujfalusi(a)ti.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_drm.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index 5fdc1fbe2ee5..ee2546db09c9 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -592,10 +592,11 @@ nouveau_drm_load(struct drm_device *dev, unsigned long flags) pm_runtime_allow(dev->dev); pm_runtime_mark_last_busy(dev->dev); pm_runtime_put(dev->dev); - } else { - /* enable polling for external displays */ - drm_kms_helper_poll_enable(dev); } + + /* enable polling for connectors without hpd */ + drm_kms_helper_poll_enable(dev); + return 0; fail_dispinit: -- 2.17.1

7 years, 1 month

2
2
0 0

[PATCH v4 1/8] drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement

by Lyude Paul

Turns out this part is my fault for not noticing when reviewing 9a2eba337cace ("drm/nouveau: Fix drm poll_helper handling"). Currently we call drm_kms_helper_poll_enable() from nouveau_display_hpd_work(). This makes basically no sense however, because that means we're calling drm_kms_helper_poll_enable() every time we schedule the hotplug detection work. This is also against the advice mentioned in drm_kms_helper_poll_enable()'s documentation: Note that calls to enable and disable polling must be strictly ordered, which is automatically the case when they're only call from suspend/resume callbacks. Of course, hotplugs can't really be ordered. They could even happen immediately after we called drm_kms_helper_poll_disable() in nouveau_display_fini(), which can lead to all sorts of issues. Additionally; enabling polling /after/ we call drm_helper_hpd_irq_event() could also mean that we'd miss a hotplug event anyway, since drm_helper_hpd_irq_event() wouldn't bother trying to probe connectors so long as polling is disabled. So; simply move this back into nouveau_display_init() again. The race condition that both of these patches attempted to work around has already been fixed properly in d61a5c106351 ("drm/nouveau: Fix deadlock on runtime suspend") Fixes: 9a2eba337cace ("drm/nouveau: Fix drm poll_helper handling") Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Peter Ujfalusi <peter.ujfalusi(a)ti.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_display.c | 7 +++++-- drivers/gpu/drm/nouveau/nouveau_drm.c | 1 - 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_display.c b/drivers/gpu/drm/nouveau/nouveau_display.c index ec7861457b84..1d36ab5d4796 100644 --- a/drivers/gpu/drm/nouveau/nouveau_display.c +++ b/drivers/gpu/drm/nouveau/nouveau_display.c @@ -355,8 +355,6 @@ nouveau_display_hpd_work(struct work_struct *work) pm_runtime_get_sync(drm->dev->dev); drm_helper_hpd_irq_event(drm->dev); - /* enable polling for external displays */ - drm_kms_helper_poll_enable(drm->dev); pm_runtime_mark_last_busy(drm->dev->dev); pm_runtime_put_sync(drm->dev->dev); @@ -411,6 +409,11 @@ nouveau_display_init(struct drm_device *dev) if (ret) return ret; + /* enable connector detection and polling for connectors without HPD + * support + */ + drm_kms_helper_poll_enable(dev); + /* enable hotplug interrupts */ drm_connector_list_iter_begin(dev, &conn_iter); nouveau_for_each_non_mst_connector_iter(connector, &conn_iter) { diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index c7ec86d6c3c9..5fdc1fbe2ee5 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -835,7 +835,6 @@ nouveau_pmops_runtime_suspend(struct device *dev) return -EBUSY; } - drm_kms_helper_poll_disable(drm_dev); nouveau_switcheroo_optimus_dsm(); ret = nouveau_do_suspend(drm_dev, true); pci_save_state(pdev); -- 2.17.1

7 years, 1 month

2
1
0 0

[PATCH 2/2] Avoid that SCSI device removal through sysfs triggers a deadlock

by Bart Van Assche

A long time ago the unfortunate decision was taken to add a self- deletion attribute to the sysfs SCSI device directory. That decision was unfortunate because self-deletion is really tricky. We can't drop that attribute because widely used user space software depends on it, namely the rescan-scsi-bus.sh script. Hence this patch that avoids that writing into that attribute triggers a deadlock. See also commit 7973cbd9fbd9 ("[PATCH] add sysfs attributes to scan and delete scsi_devices"). This patch avoids that self-removal triggers the following deadlock: ====================================================== WARNING: possible circular locking dependency detected 4.18.0-rc2-dbg+ #5 Not tainted ------------------------------------------------------ modprobe/6539 is trying to acquire lock: 000000008323c4cd (kn->count#202){++++}, at: kernfs_remove_by_name_ns+0x45/0x90 but task is already holding lock: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&shost->scan_mutex){+.+.}: __mutex_lock+0xfe/0xc70 mutex_lock_nested+0x1b/0x20 scsi_remove_device+0x26/0x40 [scsi_mod] sdev_store_delete+0x27/0x30 [scsi_mod] dev_attr_store+0x3e/0x50 sysfs_kf_write+0x87/0xa0 kernfs_fop_write+0x190/0x230 __vfs_write+0xd2/0x3b0 vfs_write+0x101/0x270 ksys_write+0xab/0x120 __x64_sys_write+0x43/0x50 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (kn->count#202){++++}: lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&shost->scan_mutex); lock(kn->count#202); lock(&shost->scan_mutex); lock(kn->count#202); *** DEADLOCK *** 2 locks held by modprobe/6539: #0: 00000000efaf9298 (&dev->mutex){....}, at: device_release_driver_internal+0x68/0x360 #1: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] stack backtrace: CPU: 10 PID: 6539 Comm: modprobe Not tainted 4.18.0-rc2-dbg+ #5 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 Call Trace: dump_stack+0xa4/0xf5 print_circular_bug.isra.34+0x213/0x221 __lock_acquire+0x1a7e/0x1b50 lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe See also https://www.mail-archive.com/linux-scsi@vger.kernel.org/msg54525.html. Fixes: ac0ece9174ac ("scsi: use device_remove_file_self() instead of device_schedule_callback()") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Acked-by: Tejun Heo <tj(a)kernel.org> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: <stable(a)vger.kernel.org> --- drivers/scsi/scsi_sysfs.c | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c index de122354d09a..3aee9464a7bf 100644 --- a/drivers/scsi/scsi_sysfs.c +++ b/drivers/scsi/scsi_sysfs.c @@ -722,8 +722,24 @@ static ssize_t sdev_store_delete(struct device *dev, struct device_attribute *attr, const char *buf, size_t count) { - if (device_remove_file_self(dev, attr)) - scsi_remove_device(to_scsi_device(dev)); + struct kernfs_node *kn; + + kn = sysfs_break_active_protection(&dev->kobj, &attr->attr); + WARN_ON_ONCE(!kn); + /* + * Concurrent writes into the "delete" sysfs attribute may trigger + * concurrent calls to device_remove_file() and scsi_remove_device(). + * device_remove_file() handles concurrent removal calls by + * serializing these and by ignoring the second and later removal + * attempts. Concurrent calls of scsi_remove_device() are + * serialized. The second and later calls of scsi_remove_device() are + * ignored because the first call of that function changes the device + * state into SDEV_DEL. + */ + device_remove_file(dev, attr); + scsi_remove_device(to_scsi_device(dev)); + if (kn) + sysfs_unbreak_active_protection(kn); return count; }; static DEVICE_ATTR(delete, S_IWUSR, NULL, sdev_store_delete); -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH 1/2] sysfs: Introduce sysfs_{un,}break_active_protection()

by Bart Van Assche

Introduce these two functions and export them such that the next patch can add calls to these functions from the SCSI core. Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Acked-by: Tejun Heo <tj(a)kernel.org> Acked-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: <stable(a)vger.kernel.org> --- fs/sysfs/file.c | 44 +++++++++++++++++++++++++++++++++++++++++++ include/linux/sysfs.h | 14 ++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c index 5c13f29bfcdb..118fa197a35f 100644 --- a/fs/sysfs/file.c +++ b/fs/sysfs/file.c @@ -405,6 +405,50 @@ int sysfs_chmod_file(struct kobject *kobj, const struct attribute *attr, } EXPORT_SYMBOL_GPL(sysfs_chmod_file); +/** + * sysfs_break_active_protection - break "active" protection + * @kobj: The kernel object @attr is associated with. + * @attr: The attribute to break the "active" protection for. + * + * With sysfs, just like kernfs, deletion of an attribute is postponed until + * all active .show() and .store() callbacks have finished unless this function + * is called. Hence this function is useful in methods that implement self + * deletion. + */ +struct kernfs_node *sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr) +{ + struct kernfs_node *kn; + + kobject_get(kobj); + kn = kernfs_find_and_get(kobj->sd, attr->name); + if (kn) + kernfs_break_active_protection(kn); + return kn; +} +EXPORT_SYMBOL_GPL(sysfs_break_active_protection); + +/** + * sysfs_unbreak_active_protection - restore "active" protection + * @kn: Pointer returned by sysfs_break_active_protection(). + * + * Undo the effects of sysfs_break_active_protection(). Since this function + * calls kernfs_put() on the kernfs node that corresponds to the 'attr' + * argument passed to sysfs_break_active_protection() that attribute may have + * been removed between the sysfs_break_active_protection() and + * sysfs_unbreak_active_protection() calls, it is not safe to access @kn after + * this function has returned. + */ +void sysfs_unbreak_active_protection(struct kernfs_node *kn) +{ + struct kobject *kobj = kn->parent->priv; + + kernfs_unbreak_active_protection(kn); + kernfs_put(kn); + kobject_put(kobj); +} +EXPORT_SYMBOL_GPL(sysfs_unbreak_active_protection); + /** * sysfs_remove_file_ns - remove an object attribute with a custom ns tag * @kobj: object we're acting for diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h index b8bfdc173ec0..3c12198c0103 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -237,6 +237,9 @@ int __must_check sysfs_create_files(struct kobject *kobj, const struct attribute **attr); int __must_check sysfs_chmod_file(struct kobject *kobj, const struct attribute *attr, umode_t mode); +struct kernfs_node *sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr); +void sysfs_unbreak_active_protection(struct kernfs_node *kn); void sysfs_remove_file_ns(struct kobject *kobj, const struct attribute *attr, const void *ns); bool sysfs_remove_file_self(struct kobject *kobj, const struct attribute *attr); @@ -350,6 +353,17 @@ static inline int sysfs_chmod_file(struct kobject *kobj, return 0; } +static inline struct kernfs_node * +sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr) +{ + return NULL; +} + +static inline void sysfs_unbreak_active_protection(struct kernfs_node *kn) +{ +} + static inline void sysfs_remove_file_ns(struct kobject *kobj, const struct attribute *attr, const void *ns) -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH 2/2] Avoid that SCSI device removal through sysfs triggers a deadlock

by Bart Van Assche

A long time ago the unfortunate decision was taken to add a self- deletion attribute to the sysfs SCSI device directory. That decision was unfortunate because self-deletion is really tricky. We can't drop that attribute because widely used user space software depends on it, namely the rescan-scsi-bus.sh script. Hence this patch that avoids that writing into that attribute triggers a deadlock. See also commit 7973cbd9fbd9 ("[PATCH] add sysfs attributes to scan and delete scsi_devices"). This patch avoids that self-removal triggers the following deadlock: ====================================================== WARNING: possible circular locking dependency detected 4.18.0-rc2-dbg+ #5 Not tainted ------------------------------------------------------ modprobe/6539 is trying to acquire lock: 000000008323c4cd (kn->count#202){++++}, at: kernfs_remove_by_name_ns+0x45/0x90 but task is already holding lock: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&shost->scan_mutex){+.+.}: __mutex_lock+0xfe/0xc70 mutex_lock_nested+0x1b/0x20 scsi_remove_device+0x26/0x40 [scsi_mod] sdev_store_delete+0x27/0x30 [scsi_mod] dev_attr_store+0x3e/0x50 sysfs_kf_write+0x87/0xa0 kernfs_fop_write+0x190/0x230 __vfs_write+0xd2/0x3b0 vfs_write+0x101/0x270 ksys_write+0xab/0x120 __x64_sys_write+0x43/0x50 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (kn->count#202){++++}: lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&shost->scan_mutex); lock(kn->count#202); lock(&shost->scan_mutex); lock(kn->count#202); *** DEADLOCK *** 2 locks held by modprobe/6539: #0: 00000000efaf9298 (&dev->mutex){....}, at: device_release_driver_internal+0x68/0x360 #1: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] stack backtrace: CPU: 10 PID: 6539 Comm: modprobe Not tainted 4.18.0-rc2-dbg+ #5 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 Call Trace: dump_stack+0xa4/0xf5 print_circular_bug.isra.34+0x213/0x221 __lock_acquire+0x1a7e/0x1b50 lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe See also https://www.mail-archive.com/linux-scsi@vger.kernel.org/msg54525.html. Fixes: ac0ece9174ac ("scsi: use device_remove_file_self() instead of device_schedule_callback()") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Tejun Heo <tj(a)kernel.org> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: <stable(a)vger.kernel.org> --- drivers/scsi/scsi_sysfs.c | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c index de122354d09a..3aee9464a7bf 100644 --- a/drivers/scsi/scsi_sysfs.c +++ b/drivers/scsi/scsi_sysfs.c @@ -722,8 +722,24 @@ static ssize_t sdev_store_delete(struct device *dev, struct device_attribute *attr, const char *buf, size_t count) { - if (device_remove_file_self(dev, attr)) - scsi_remove_device(to_scsi_device(dev)); + struct kernfs_node *kn; + + kn = sysfs_break_active_protection(&dev->kobj, &attr->attr); + WARN_ON_ONCE(!kn); + /* + * Concurrent writes into the "delete" sysfs attribute may trigger + * concurrent calls to device_remove_file() and scsi_remove_device(). + * device_remove_file() handles concurrent removal calls by + * serializing these and by ignoring the second and later removal + * attempts. Concurrent calls of scsi_remove_device() are + * serialized. The second and later calls of scsi_remove_device() are + * ignored because the first call of that function changes the device + * state into SDEV_DEL. + */ + device_remove_file(dev, attr); + scsi_remove_device(to_scsi_device(dev)); + if (kn) + sysfs_unbreak_active_protection(kn); return count; }; static DEVICE_ATTR(delete, S_IWUSR, NULL, sdev_store_delete); -- 2.18.0

7 years, 1 month

3
4
0 0

[PATCH] block: really disable runtime-pm for blk-mq

by Ming Lei

Runtime PM isn't ready for blk-mq yet, and commit 765e40b675a9 ("block: disable runtime-pm for blk-mq") tried to disable it. Unfortunately, it can't take effect in that way since user space still can switch it on via 'echo auto > /sys/block/sdN/device/power/control'. This patch disables runtime-pm for blk-mq really by pm_runtime_disable() and fixes all kinds of PM related kernel crash. Cc: Christoph Hellwig <hch(a)lst.de> Cc: Patrick Steinhardt <ps(a)pks.im> Cc: Bart Van Assche <Bart.VanAssche(a)wdc.com> Cc: Tomas Janousek <tomi(a)nomi.cz> Cc: Przemek Socha <soprwa(a)gmail.com> Cc: Alan Stern <stern(a)rowland.harvard.edu> Cc: <stable(a)vger.kernel.org> Signed-off-by: Ming Lei <ming.lei(a)redhat.com> --- block/blk-core.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/block/blk-core.c b/block/blk-core.c index 03a4ea93a5f3..090b782df129 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -3769,9 +3769,11 @@ EXPORT_SYMBOL(blk_finish_plug); */ void blk_pm_runtime_init(struct request_queue *q, struct device *dev) { - /* not support for RQF_PM and ->rpm_status in blk-mq yet */ - if (q->mq_ops) + /* Don't enable runtime PM for blk-mq until it is ready */ + if (q->mq_ops) { + pm_runtime_disable(dev); return; + } q->dev = dev; q->rpm_status = RPM_ACTIVE; -- 2.9.5

7 years, 1 month

6
5
0 0

[PATCH v4.14] iwlwifi: pcie: don't warn if we use all the transmit pointers

by Emmanuel Grumbach

commit 4437ba7ee7de7e71d11deb91c87a370e4ffd2601 upstream. Our Transmit Frame Descriptor (TFD) is a DMA descriptor that includes several pointers to be able to transmit a packet which is not physically contiguous. Depending on the hardware being use, we can have 20 or 25 pointers in a single TFD. In both cases, it is more than enough and it is quite hard to hit this limit. It has been reported that when using specific applications (Ktorrent), we can actually use all the pointers and then a long standing bug showed up. When we free the TFD, we check its number of valid pointers and make sure it doesn't exceed the number of pointers the hardware support. This check had an off by one bug: it is perfectly valid to free the 20 pointers if the TFD has 20 pointers. Fix that. https://bugzilla.kernel.org/show_bug.cgi?id=197981 Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> Signed-off-by: Luca Coelho <luciano.coelho(a)intel.com> --- drivers/net/wireless/intel/iwlwifi/pcie/tx.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/intel/iwlwifi/pcie/tx.c b/drivers/net/wireless/intel/iwlwifi/pcie/tx.c index 4704137..4c3b134 100644 --- a/drivers/net/wireless/intel/iwlwifi/pcie/tx.c +++ b/drivers/net/wireless/intel/iwlwifi/pcie/tx.c @@ -378,7 +378,7 @@ static void iwl_pcie_tfd_unmap(struct iwl_trans *trans, /* Sanity check on number of chunks */ num_tbs = iwl_pcie_tfd_get_num_tbs(trans, tfd); - if (num_tbs >= trans_pcie->max_tbs) { + if (num_tbs > trans_pcie->max_tbs) { IWL_ERR(trans, "Too many chunks: %i\n", num_tbs); /* @todo issue fatal error, it is quite serious situation */ return; -- 2.7.4

7 years, 1 month

1
0
0 0

[PATCH v4.9] iwlwifi: pcie: don't warn if we use all the transmit pointers

by Emmanuel Grumbach

commit 4437ba7ee7de7e71d11deb91c87a370e4ffd2601 upstream. Our Transmit Frame Descriptor (TFD) is a DMA descriptor that includes several pointers to be able to transmit a packet which is not physically contiguous. Depending on the hardware being use, we can have 20 or 25 pointers in a single TFD. In both cases, it is more than enough and it is quite hard to hit this limit. It has been reported that when using specific applications (Ktorrent), we can actually use all the pointers and then a long standing bug showed up. When we free the TFD, we check its number of valid pointers and make sure it doesn't exceed the number of pointers the hardware support. This check had an off by one bug: it is perfectly valid to free the 20 pointers if the TFD has 20 pointers. Fix that. https://bugzilla.kernel.org/show_bug.cgi?id=197981 Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> Signed-off-by: Luca Coelho <luciano.coelho(a)intel.com> --- drivers/net/wireless/intel/iwlwifi/pcie/tx.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/intel/iwlwifi/pcie/tx.c b/drivers/net/wireless/intel/iwlwifi/pcie/tx.c index e1bfc95..2c98784 100644 --- a/drivers/net/wireless/intel/iwlwifi/pcie/tx.c +++ b/drivers/net/wireless/intel/iwlwifi/pcie/tx.c @@ -416,7 +416,7 @@ static void iwl_pcie_tfd_unmap(struct iwl_trans *trans, /* Sanity check on number of chunks */ num_tbs = iwl_pcie_tfd_get_num_tbs(trans, tfd); - if (num_tbs >= trans_pcie->max_tbs) { + if (num_tbs > trans_pcie->max_tbs) { IWL_ERR(trans, "Too many chunks: %i\n", num_tbs); /* @todo issue fatal error, it is quite serious situation */ return; -- 2.7.4

7 years, 1 month

1
0
0 0

[PATCH] ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry

by Hans de Goede

I added the subsys product-id for the HDMI HDA device rather then for the PCH one, this commit fixes this. BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1525104 Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> --- sound/pci/hda/hda_intel.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sound/pci/hda/hda_intel.c b/sound/pci/hda/hda_intel.c index 1ae1850b3bfd..647ae1a71e10 100644 --- a/sound/pci/hda/hda_intel.c +++ b/sound/pci/hda/hda_intel.c @@ -2207,7 +2207,7 @@ static int azx_probe(struct pci_dev *pci, */ static struct snd_pci_quirk power_save_blacklist[] = { /* https://bugzilla.redhat.com/show_bug.cgi?id=1525104 */ - SND_PCI_QUIRK(0x1849, 0x0c0c, "Asrock B85M-ITX", 0), + SND_PCI_QUIRK(0x1849, 0xc892, "Asrock B85M-ITX", 0), /* https://bugzilla.redhat.com/show_bug.cgi?id=1525104 */ SND_PCI_QUIRK(0x1849, 0x7662, "Asrock H81M-HDS", 0), /* https://bugzilla.redhat.com/show_bug.cgi?id=1525104 */ -- 2.18.0

7 years, 1 month

2
1
0 0

your photos need edit

by Sam

As a boutique team, we work personally with our clients to ensure the good results. Having over a decade of hands-on experience in photography and retouching, we have been inspired to expand our services to the public. We are team of artists who have excelled in fields such as art, photography, retouching, graphics and design. No matter what your field of interest is in, we can learn to work with your style to give you the best product. We provide below image editing services: Clipping path Image cut out Image shadow creation Image masking Photo retouching Beauty retouching (skin, face, body retouching) Glamour retouching Product retouching Color correction and others We provide testing for our services. Thanks, Sam

7 years, 1 month

1
0
0 0

stable@vger.kernel.org 为您提供一对一专属服务，一套系统化客户开发企�到饩龇桨福�让您订单不断，客户无忧！

by vip

7 years, 1 month

1
0
0 0

patch "serial: 8250_exar: Read INT0 from slave device, too" added to tty-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_exar: Read INT0 from slave device, too to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 60ab0fafc4b652fcaf7cbc3bb8555a0cf1149c28 Mon Sep 17 00:00:00 2001 From: Aaron Sierra <asierra(a)xes-inc.com> Date: Tue, 24 Jul 2018 14:23:46 -0500 Subject: serial: 8250_exar: Read INT0 from slave device, too The sleep wake-up refactoring that I introduced in commit c7e1b4059075 ("tty: serial: exar: Relocate sleep wake-up handling") did not account for devices with a slave device on the expansion port. This patch pokes the INT0 register in the slave device, if present, in order to ensure that MSI interrupts don't get permanently "stuck" because of a sleep wake-up interrupt as described here: commit 2c0ac5b48a35 ("serial: exar: Fix stuck MSIs") This also converts an ioread8() to readb() in order to provide visual consistency with the MMIO-only accessors used elsewhere in the driver. Reported-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Signed-off-by: Aaron Sierra <asierra(a)xes-inc.com> Fixes: c7e1b4059075 ("tty: serial: exar: Relocate sleep wake-up handling") Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_exar.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/tty/serial/8250/8250_exar.c b/drivers/tty/serial/8250/8250_exar.c index 7a98acd5e171..0089aa305ef9 100644 --- a/drivers/tty/serial/8250/8250_exar.c +++ b/drivers/tty/serial/8250/8250_exar.c @@ -445,7 +445,11 @@ static irqreturn_t exar_misc_handler(int irq, void *data) struct exar8250 *priv = data; /* Clear all PCI interrupts by reading INT0. No effect on IIR */ - ioread8(priv->virt + UART_EXAR_INT0); + readb(priv->virt + UART_EXAR_INT0); + + /* Clear INT0 for Expansion Interface slave ports, too */ + if (priv->board->num_ports > 8) + readb(priv->virt + 0x2000 + UART_EXAR_INT0); return IRQ_HANDLED; } -- 2.18.0

7 years, 1 month

1
0
0 0

patch "serial: 8250_dw: Add ACPI support for uart on Broadcom SoC" added to tty-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_dw: Add ACPI support for uart on Broadcom SoC to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 784c29eda5b4e28c3a56aa90b3815f9a1b0cfdc1 Mon Sep 17 00:00:00 2001 From: Srinath Mannam <srinath.mannam(a)broadcom.com> Date: Sat, 28 Jul 2018 20:55:15 +0530 Subject: serial: 8250_dw: Add ACPI support for uart on Broadcom SoC Add ACPI identifier HID for UART DW 8250 on Broadcom SoCs to match the HID passed through ACPI tables to enable UART controller. Signed-off-by: Srinath Mannam <srinath.mannam(a)broadcom.com> Reviewed-by: Vladimir Olovyannikov <vladimir.olovyannikov(a)broadcom.com> Tested-by: Vladimir Olovyannikov <vladimir.olovyannikov(a)broadcom.com> Reviewed-by: Ray Jui <ray.jui(a)broadcom.com> Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_dw.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c index 27b7ecc3b59b..fa8dcb470640 100644 --- a/drivers/tty/serial/8250/8250_dw.c +++ b/drivers/tty/serial/8250/8250_dw.c @@ -762,6 +762,7 @@ static const struct acpi_device_id dw8250_acpi_match[] = { { "APMC0D08", 0}, { "AMD0020", 0 }, { "AMDI0020", 0 }, + { "BRCM2032", 0 }, { "HISI0031", 0 }, { }, }; -- 2.18.0

7 years, 1 month

1
0
0 0

patch "serial: 8250_dw: always set baud rate in dw8250_set_termios" added to tty-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_dw: always set baud rate in dw8250_set_termios to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From dfcab6ba573445c703235ab6c83758eec12d7f28 Mon Sep 17 00:00:00 2001 From: Chen Hu <hu1.chen(a)intel.com> Date: Fri, 27 Jul 2018 18:32:41 +0800 Subject: serial: 8250_dw: always set baud rate in dw8250_set_termios dw8250_set_termios() doesn't set baud rate if the arg "old ktermios" is NULL. This happens during resume. Call Trace: ... [ 54.928108] dw8250_set_termios+0x162/0x170 [ 54.928114] serial8250_set_termios+0x17/0x20 [ 54.928117] uart_change_speed+0x64/0x160 [ 54.928119] uart_resume_port ... So the baud rate is not restored after S3 and breaks the apps who use UART, for example, console and bluetooth etc. We address this issue by setting the baud rate irrespective of arg "old", just like the drivers for other 8250 IPs. This is tested with Intel Broxton platform. Signed-off-by: Chen Hu <hu1.chen(a)intel.com> Fixes: 4e26b134bd17 ("serial: 8250_dw: clock rate handling for all ACPI platforms") Cc: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_dw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c index b4e6f31936f5..27b7ecc3b59b 100644 --- a/drivers/tty/serial/8250/8250_dw.c +++ b/drivers/tty/serial/8250/8250_dw.c @@ -310,7 +310,7 @@ static void dw8250_set_termios(struct uart_port *p, struct ktermios *termios, long rate; int ret; - if (IS_ERR(d->clk) || !old) + if (IS_ERR(d->clk)) goto out; clk_disable_unprepare(d->clk); -- 2.18.0

7 years, 1 month

1
0
0 0

patch "USB: serial: pl2303: add a new device id for ATEN" added to usb-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: pl2303: add a new device id for ATEN to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 29c692c96b3a39cd1911fb79cd2505af8d070f07 Mon Sep 17 00:00:00 2001 From: Movie Song <MovieSong(a)aten-itlab.cn> Date: Thu, 19 Jul 2018 02:20:48 +0800 Subject: USB: serial: pl2303: add a new device id for ATEN Signed-off-by: Movie Song <MovieSong(a)aten-itlab.cn> Cc: Johan Hovold <johan(a)kernel.org> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/serial/pl2303.c | 2 ++ drivers/usb/serial/pl2303.h | 1 + 2 files changed, 3 insertions(+) diff --git a/drivers/usb/serial/pl2303.c b/drivers/usb/serial/pl2303.c index 5d1a1931967e..e41f725ac7aa 100644 --- a/drivers/usb/serial/pl2303.c +++ b/drivers/usb/serial/pl2303.c @@ -52,6 +52,8 @@ static const struct usb_device_id id_table[] = { .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_UC485), .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, + { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_UC232B), + .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_ID2) }, { USB_DEVICE(ATEN_VENDOR_ID2, ATEN_PRODUCT_ID) }, { USB_DEVICE(ELCOM_VENDOR_ID, ELCOM_PRODUCT_ID) }, diff --git a/drivers/usb/serial/pl2303.h b/drivers/usb/serial/pl2303.h index fcd72396a7b6..26965cc23c17 100644 --- a/drivers/usb/serial/pl2303.h +++ b/drivers/usb/serial/pl2303.h @@ -24,6 +24,7 @@ #define ATEN_VENDOR_ID2 0x0547 #define ATEN_PRODUCT_ID 0x2008 #define ATEN_PRODUCT_UC485 0x2021 +#define ATEN_PRODUCT_UC232B 0x2022 #define ATEN_PRODUCT_ID2 0x2118 #define IODATA_VENDOR_ID 0x04bb -- 2.18.0

7 years, 1 month

1
0
0 0

patch "USB: serial: pl2303: add a new device id for ATEN" added to usb-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: pl2303: add a new device id for ATEN to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the usb-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 29c692c96b3a39cd1911fb79cd2505af8d070f07 Mon Sep 17 00:00:00 2001 From: Movie Song <MovieSong(a)aten-itlab.cn> Date: Thu, 19 Jul 2018 02:20:48 +0800 Subject: USB: serial: pl2303: add a new device id for ATEN Signed-off-by: Movie Song <MovieSong(a)aten-itlab.cn> Cc: Johan Hovold <johan(a)kernel.org> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/serial/pl2303.c | 2 ++ drivers/usb/serial/pl2303.h | 1 + 2 files changed, 3 insertions(+) diff --git a/drivers/usb/serial/pl2303.c b/drivers/usb/serial/pl2303.c index 5d1a1931967e..e41f725ac7aa 100644 --- a/drivers/usb/serial/pl2303.c +++ b/drivers/usb/serial/pl2303.c @@ -52,6 +52,8 @@ static const struct usb_device_id id_table[] = { .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_UC485), .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, + { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_UC232B), + .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_ID2) }, { USB_DEVICE(ATEN_VENDOR_ID2, ATEN_PRODUCT_ID) }, { USB_DEVICE(ELCOM_VENDOR_ID, ELCOM_PRODUCT_ID) }, diff --git a/drivers/usb/serial/pl2303.h b/drivers/usb/serial/pl2303.h index fcd72396a7b6..26965cc23c17 100644 --- a/drivers/usb/serial/pl2303.h +++ b/drivers/usb/serial/pl2303.h @@ -24,6 +24,7 @@ #define ATEN_VENDOR_ID2 0x0547 #define ATEN_PRODUCT_ID 0x2008 #define ATEN_PRODUCT_UC485 0x2021 +#define ATEN_PRODUCT_UC232B 0x2022 #define ATEN_PRODUCT_ID2 0x2118 #define IODATA_VENDOR_ID 0x04bb -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH 1/2] sysfs: Introduce sysfs_{un,}break_active_protection()

by Bart Van Assche

Introduce these two functions and export them such that the next patch can add calls to these functions from the SCSI core. Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Tejun Heo <tj(a)kernel.org> Cc: <stable(a)vger.kernel.org> --- fs/sysfs/file.c | 44 +++++++++++++++++++++++++++++++++++++++++++ include/linux/sysfs.h | 14 ++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c index 5c13f29bfcdb..118fa197a35f 100644 --- a/fs/sysfs/file.c +++ b/fs/sysfs/file.c @@ -405,6 +405,50 @@ int sysfs_chmod_file(struct kobject *kobj, const struct attribute *attr, } EXPORT_SYMBOL_GPL(sysfs_chmod_file); +/** + * sysfs_break_active_protection - break "active" protection + * @kobj: The kernel object @attr is associated with. + * @attr: The attribute to break the "active" protection for. + * + * With sysfs, just like kernfs, deletion of an attribute is postponed until + * all active .show() and .store() callbacks have finished unless this function + * is called. Hence this function is useful in methods that implement self + * deletion. + */ +struct kernfs_node *sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr) +{ + struct kernfs_node *kn; + + kobject_get(kobj); + kn = kernfs_find_and_get(kobj->sd, attr->name); + if (kn) + kernfs_break_active_protection(kn); + return kn; +} +EXPORT_SYMBOL_GPL(sysfs_break_active_protection); + +/** + * sysfs_unbreak_active_protection - restore "active" protection + * @kn: Pointer returned by sysfs_break_active_protection(). + * + * Undo the effects of sysfs_break_active_protection(). Since this function + * calls kernfs_put() on the kernfs node that corresponds to the 'attr' + * argument passed to sysfs_break_active_protection() that attribute may have + * been removed between the sysfs_break_active_protection() and + * sysfs_unbreak_active_protection() calls, it is not safe to access @kn after + * this function has returned. + */ +void sysfs_unbreak_active_protection(struct kernfs_node *kn) +{ + struct kobject *kobj = kn->parent->priv; + + kernfs_unbreak_active_protection(kn); + kernfs_put(kn); + kobject_put(kobj); +} +EXPORT_SYMBOL_GPL(sysfs_unbreak_active_protection); + /** * sysfs_remove_file_ns - remove an object attribute with a custom ns tag * @kobj: object we're acting for diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h index b8bfdc173ec0..3c12198c0103 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -237,6 +237,9 @@ int __must_check sysfs_create_files(struct kobject *kobj, const struct attribute **attr); int __must_check sysfs_chmod_file(struct kobject *kobj, const struct attribute *attr, umode_t mode); +struct kernfs_node *sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr); +void sysfs_unbreak_active_protection(struct kernfs_node *kn); void sysfs_remove_file_ns(struct kobject *kobj, const struct attribute *attr, const void *ns); bool sysfs_remove_file_self(struct kobject *kobj, const struct attribute *attr); @@ -350,6 +353,17 @@ static inline int sysfs_chmod_file(struct kobject *kobj, return 0; } +static inline struct kernfs_node * +sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr) +{ + return NULL; +} + +static inline void sysfs_unbreak_active_protection(struct kernfs_node *kn) +{ +} + static inline void sysfs_remove_file_ns(struct kobject *kobj, const struct attribute *attr, const void *ns) -- 2.18.0

7 years, 1 month

3
2
0 0

patch "serial: 8250_exar: Read INT0 from slave device, too" added to tty-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_exar: Read INT0 from slave device, too to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the tty-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 60ab0fafc4b652fcaf7cbc3bb8555a0cf1149c28 Mon Sep 17 00:00:00 2001 From: Aaron Sierra <asierra(a)xes-inc.com> Date: Tue, 24 Jul 2018 14:23:46 -0500 Subject: serial: 8250_exar: Read INT0 from slave device, too The sleep wake-up refactoring that I introduced in commit c7e1b4059075 ("tty: serial: exar: Relocate sleep wake-up handling") did not account for devices with a slave device on the expansion port. This patch pokes the INT0 register in the slave device, if present, in order to ensure that MSI interrupts don't get permanently "stuck" because of a sleep wake-up interrupt as described here: commit 2c0ac5b48a35 ("serial: exar: Fix stuck MSIs") This also converts an ioread8() to readb() in order to provide visual consistency with the MMIO-only accessors used elsewhere in the driver. Reported-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Signed-off-by: Aaron Sierra <asierra(a)xes-inc.com> Fixes: c7e1b4059075 ("tty: serial: exar: Relocate sleep wake-up handling") Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_exar.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/tty/serial/8250/8250_exar.c b/drivers/tty/serial/8250/8250_exar.c index 7a98acd5e171..0089aa305ef9 100644 --- a/drivers/tty/serial/8250/8250_exar.c +++ b/drivers/tty/serial/8250/8250_exar.c @@ -445,7 +445,11 @@ static irqreturn_t exar_misc_handler(int irq, void *data) struct exar8250 *priv = data; /* Clear all PCI interrupts by reading INT0. No effect on IIR */ - ioread8(priv->virt + UART_EXAR_INT0); + readb(priv->virt + UART_EXAR_INT0); + + /* Clear INT0 for Expansion Interface slave ports, too */ + if (priv->board->num_ports > 8) + readb(priv->virt + 0x2000 + UART_EXAR_INT0); return IRQ_HANDLED; } -- 2.18.0

7 years, 1 month

1
0
0 0

patch "serial: 8250_dw: Add ACPI support for uart on Broadcom SoC" added to tty-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_dw: Add ACPI support for uart on Broadcom SoC to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the tty-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 784c29eda5b4e28c3a56aa90b3815f9a1b0cfdc1 Mon Sep 17 00:00:00 2001 From: Srinath Mannam <srinath.mannam(a)broadcom.com> Date: Sat, 28 Jul 2018 20:55:15 +0530 Subject: serial: 8250_dw: Add ACPI support for uart on Broadcom SoC Add ACPI identifier HID for UART DW 8250 on Broadcom SoCs to match the HID passed through ACPI tables to enable UART controller. Signed-off-by: Srinath Mannam <srinath.mannam(a)broadcom.com> Reviewed-by: Vladimir Olovyannikov <vladimir.olovyannikov(a)broadcom.com> Tested-by: Vladimir Olovyannikov <vladimir.olovyannikov(a)broadcom.com> Reviewed-by: Ray Jui <ray.jui(a)broadcom.com> Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_dw.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c index 27b7ecc3b59b..fa8dcb470640 100644 --- a/drivers/tty/serial/8250/8250_dw.c +++ b/drivers/tty/serial/8250/8250_dw.c @@ -762,6 +762,7 @@ static const struct acpi_device_id dw8250_acpi_match[] = { { "APMC0D08", 0}, { "AMD0020", 0 }, { "AMDI0020", 0 }, + { "BRCM2032", 0 }, { "HISI0031", 0 }, { }, }; -- 2.18.0

7 years, 1 month

1
0
0 0

patch "serial: 8250_dw: always set baud rate in dw8250_set_termios" added to tty-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_dw: always set baud rate in dw8250_set_termios to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the tty-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From dfcab6ba573445c703235ab6c83758eec12d7f28 Mon Sep 17 00:00:00 2001 From: Chen Hu <hu1.chen(a)intel.com> Date: Fri, 27 Jul 2018 18:32:41 +0800 Subject: serial: 8250_dw: always set baud rate in dw8250_set_termios dw8250_set_termios() doesn't set baud rate if the arg "old ktermios" is NULL. This happens during resume. Call Trace: ... [ 54.928108] dw8250_set_termios+0x162/0x170 [ 54.928114] serial8250_set_termios+0x17/0x20 [ 54.928117] uart_change_speed+0x64/0x160 [ 54.928119] uart_resume_port ... So the baud rate is not restored after S3 and breaks the apps who use UART, for example, console and bluetooth etc. We address this issue by setting the baud rate irrespective of arg "old", just like the drivers for other 8250 IPs. This is tested with Intel Broxton platform. Signed-off-by: Chen Hu <hu1.chen(a)intel.com> Fixes: 4e26b134bd17 ("serial: 8250_dw: clock rate handling for all ACPI platforms") Cc: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_dw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c index b4e6f31936f5..27b7ecc3b59b 100644 --- a/drivers/tty/serial/8250/8250_dw.c +++ b/drivers/tty/serial/8250/8250_dw.c @@ -310,7 +310,7 @@ static void dw8250_set_termios(struct uart_port *p, struct ktermios *termios, long rate; int ret; - if (IS_ERR(d->clk) || !old) + if (IS_ERR(d->clk)) goto out; clk_disable_unprepare(d->clk); -- 2.18.0

7 years, 1 month

1
0
0 0

patch "iio: ad9523: Fix return value for ad952x_store()" added to staging-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled iio: ad9523: Fix return value for ad952x_store() to my staging git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git in the staging-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 9a5094ca29ea9b1da301b31fd377c0c0c4c23034 Mon Sep 17 00:00:00 2001 From: Lars-Peter Clausen <lars(a)metafoo.de> Date: Fri, 27 Jul 2018 09:42:45 +0300 Subject: iio: ad9523: Fix return value for ad952x_store() A sysfs write callback function needs to either return the number of consumed characters or an error. The ad952x_store() function currently returns 0 if the input value was "0", this will signal that no characters have been consumed and the function will be called repeatedly in a loop indefinitely. Fix this by returning number of supplied characters to indicate that the whole input string has been consumed. Signed-off-by: Lars-Peter Clausen <lars(a)metafoo.de> Signed-off-by: Alexandru Ardelean <alexandru.ardelean(a)analog.com> Fixes: cd1678f96329 ("iio: frequency: New driver for AD9523 SPI Low Jitter Clock Generator") Cc: <Stable(a)vger.kernel.org> Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> --- drivers/iio/frequency/ad9523.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/iio/frequency/ad9523.c b/drivers/iio/frequency/ad9523.c index 37504739c277..059b2fda8cbd 100644 --- a/drivers/iio/frequency/ad9523.c +++ b/drivers/iio/frequency/ad9523.c @@ -518,7 +518,7 @@ static ssize_t ad9523_store(struct device *dev, return ret; if (!state) - return 0; + return len; mutex_lock(&st->lock); switch ((u32)this_attr->address) { -- 2.18.0

7 years, 1 month

1
0
0 0

patch "iio: ad9523: Fix return value for ad952x_store()" added to staging-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled iio: ad9523: Fix return value for ad952x_store() to my staging git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git in the staging-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the staging-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 9a5094ca29ea9b1da301b31fd377c0c0c4c23034 Mon Sep 17 00:00:00 2001 From: Lars-Peter Clausen <lars(a)metafoo.de> Date: Fri, 27 Jul 2018 09:42:45 +0300 Subject: iio: ad9523: Fix return value for ad952x_store() A sysfs write callback function needs to either return the number of consumed characters or an error. The ad952x_store() function currently returns 0 if the input value was "0", this will signal that no characters have been consumed and the function will be called repeatedly in a loop indefinitely. Fix this by returning number of supplied characters to indicate that the whole input string has been consumed. Signed-off-by: Lars-Peter Clausen <lars(a)metafoo.de> Signed-off-by: Alexandru Ardelean <alexandru.ardelean(a)analog.com> Fixes: cd1678f96329 ("iio: frequency: New driver for AD9523 SPI Low Jitter Clock Generator") Cc: <Stable(a)vger.kernel.org> Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> --- drivers/iio/frequency/ad9523.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/iio/frequency/ad9523.c b/drivers/iio/frequency/ad9523.c index 37504739c277..059b2fda8cbd 100644 --- a/drivers/iio/frequency/ad9523.c +++ b/drivers/iio/frequency/ad9523.c @@ -518,7 +518,7 @@ static ssize_t ad9523_store(struct device *dev, return ret; if (!state) - return 0; + return len; mutex_lock(&st->lock); switch ((u32)this_attr->address) { -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH v2] ext4: mballoc: Fix spectre gadget in ext4_mb_regular_allocator

by Jeremy Cline

'ac->ac_g_ex.fe_len' is a user-controlled value which is used in the derivation of 'ac->ac_2order'. 'ac->ac_2order', in turn, is used to index arrays which makes it a potential spectre gadget. Fix this by sanitizing the value assigned to 'ac->ac2_order'. This covers the following accesses found with the help of smatch: * fs/ext4/mballoc.c:1896 ext4_mb_simple_scan_group() warn: potential spectre issue 'grp->bb_counters' [w] (local cap) * fs/ext4/mballoc.c:445 mb_find_buddy() warn: potential spectre issue 'EXT4_SB(e4b->bd_sb)->s_mb_offsets' [r] (local cap) * fs/ext4/mballoc.c:446 mb_find_buddy() warn: potential spectre issue 'EXT4_SB(e4b->bd_sb)->s_mb_maxs' [r] (local cap) Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: stable(a)vger.kernel.org Suggested-by: Josh Poimboeuf <jpoimboe(a)redhat.com> Signed-off-by: Jeremy Cline <jcline(a)redhat.com> --- I broke this out of the "ext4: fix spectre v1 gadgets" patch set since the other patches in that series could, as Josh noted, be replaced with one fix in do_quotactl. I'll send that fix to the disk quota folks separately. Changes from v1: - Sanitize ac_2order on assignment, rather than down the call chain in ext4_mb_simple_scan_group. fs/ext4/mballoc.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index f7ab34088162..8b24d3d42cb3 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -14,6 +14,7 @@ #include <linux/log2.h> #include <linux/module.h> #include <linux/slab.h> +#include <linux/nospec.h> #include <linux/backing-dev.h> #include <trace/events/ext4.h> @@ -2140,7 +2141,8 @@ ext4_mb_regular_allocator(struct ext4_allocation_context *ac) * This should tell if fe_len is exactly power of 2 */ if ((ac->ac_g_ex.fe_len & (~(1 << (i - 1)))) == 0) - ac->ac_2order = i - 1; + ac->ac_2order = array_index_nospec(i - 1, + sb->s_blocksize_bits + 2); } /* if stream allocation is enabled, use global goal */ -- 2.17.1

7 years, 1 month

3
5
0 0

[PATCH 1/3] Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind()

by kys＠linuxonhyperv.com

From: Dexuan Cui <decui(a)microsoft.com> Before setting channel->rescind in vmbus_rescind_cleanup(), we should make sure the channel callback won't run any more, otherwise a high-level driver like pci_hyperv, which may be infinitely waiting for the host VSP's response and notices the channel has been rescinded, can't safely give up: e.g., in hv_pci_protocol_negotiation() -> wait_for_response(), it's unsafe to exit from wait_for_response() and proceed with the on-stack variable "comp_pkt" popped. The issue was originally spotted by Michael Kelley <mikelley(a)microsoft.com>. In vmbus_close_internal(), the patch also minimizes the range protected by disabling/enabling channel->callback_event: we don't really need that for the whole function. Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Reviewed-by: Michael Kelley <mikelley(a)microsoft.com> Cc: stable(a)vger.kernel.org Cc: K. Y. Srinivasan <kys(a)microsoft.com> Cc: Stephen Hemminger <sthemmin(a)microsoft.com> Cc: Michael Kelley <mikelley(a)microsoft.com> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> --- drivers/hv/channel.c | 40 +++++++++++++++++++++++---------------- drivers/hv/channel_mgmt.c | 6 ++++++ include/linux/hyperv.h | 2 ++ 3 files changed, 32 insertions(+), 16 deletions(-) diff --git a/drivers/hv/channel.c b/drivers/hv/channel.c index ba0a092ae085..c3949220b770 100644 --- a/drivers/hv/channel.c +++ b/drivers/hv/channel.c @@ -558,11 +558,8 @@ static void reset_channel_cb(void *arg) channel->onchannel_callback = NULL; } -static int vmbus_close_internal(struct vmbus_channel *channel) +void vmbus_reset_channel_cb(struct vmbus_channel *channel) { - struct vmbus_channel_close_channel *msg; - int ret; - /* * vmbus_on_event(), running in the per-channel tasklet, can race * with vmbus_close_internal() in the case of SMP guest, e.g., when @@ -572,6 +569,29 @@ static int vmbus_close_internal(struct vmbus_channel *channel) */ tasklet_disable(&channel->callback_event); + channel->sc_creation_callback = NULL; + + /* Stop the callback asap */ + if (channel->target_cpu != get_cpu()) { + put_cpu(); + smp_call_function_single(channel->target_cpu, reset_channel_cb, + channel, true); + } else { + reset_channel_cb(channel); + put_cpu(); + } + + /* Re-enable tasklet for use on re-open */ + tasklet_enable(&channel->callback_event); +} + +static int vmbus_close_internal(struct vmbus_channel *channel) +{ + struct vmbus_channel_close_channel *msg; + int ret; + + vmbus_reset_channel_cb(channel); + /* * In case a device driver's probe() fails (e.g., * util_probe() -> vmbus_open() returns -ENOMEM) and the device is @@ -585,16 +605,6 @@ static int vmbus_close_internal(struct vmbus_channel *channel) } channel->state = CHANNEL_OPEN_STATE; - channel->sc_creation_callback = NULL; - /* Stop callback and cancel the timer asap */ - if (channel->target_cpu != get_cpu()) { - put_cpu(); - smp_call_function_single(channel->target_cpu, reset_channel_cb, - channel, true); - } else { - reset_channel_cb(channel); - put_cpu(); - } /* Send a closing message */ @@ -639,8 +649,6 @@ static int vmbus_close_internal(struct vmbus_channel *channel) get_order(channel->ringbuffer_pagecount * PAGE_SIZE)); out: - /* re-enable tasklet for use on re-open */ - tasklet_enable(&channel->callback_event); return ret; } diff --git a/drivers/hv/channel_mgmt.c b/drivers/hv/channel_mgmt.c index f3b551a50653..0f0e091c117c 100644 --- a/drivers/hv/channel_mgmt.c +++ b/drivers/hv/channel_mgmt.c @@ -892,6 +892,12 @@ static void vmbus_onoffer_rescind(struct vmbus_channel_message_header *hdr) return; } + /* + * Before setting channel->rescind in vmbus_rescind_cleanup(), we + * should make sure the channel callback is not running any more. + */ + vmbus_reset_channel_cb(channel); + /* * Now wait for offer handling to complete. */ diff --git a/include/linux/hyperv.h b/include/linux/hyperv.h index 2330f08062c7..efda23cf32c7 100644 --- a/include/linux/hyperv.h +++ b/include/linux/hyperv.h @@ -1061,6 +1061,8 @@ extern int vmbus_establish_gpadl(struct vmbus_channel *channel, extern int vmbus_teardown_gpadl(struct vmbus_channel *channel, u32 gpadl_handle); +void vmbus_reset_channel_cb(struct vmbus_channel *channel); + extern int vmbus_recvpacket(struct vmbus_channel *channel, void *buffer, u32 bufferlen, -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH] sched/deadline: Update rq_clock of later_rq when pushing a task

by Daniel Bristot de Oliveira

Daniel Casini got this warn while running a DL task here at RetisLab: [ 461.137582] ------------[ cut here ]------------ [ 461.137583] rq->clock_update_flags < RQCF_ACT_SKIP [ 461.137599] WARNING: CPU: 4 PID: 2354 at kernel/sched/sched.h:967 assert_clock_updated.isra.32.part.33+0x17/0x20 [a ton of modules] [ 461.137646] CPU: 4 PID: 2354 Comm: label_image Not tainted 4.18.0-rc4+ #3 [ 461.137647] Hardware name: ASUS All Series/Z87-K, BIOS 0801 09/02/2013 [ 461.137649] RIP: 0010:assert_clock_updated.isra.32.part.33+0x17/0x20 [ 461.137649] Code: ff 48 89 83 08 09 00 00 eb c6 66 0f 1f 84 00 00 00 00 00 55 48 c7 c7 98 7a 6c a5 c6 05 bc 0d 54 01 01 48 89 e5 e8 a9 84 fb ff <0f> 0b 5d c3 0f 1f 44 00 00 0f 1f 44 00 00 83 7e 60 01 74 0a 48 3b [ 461.137673] RSP: 0018:ffffa77e08cafc68 EFLAGS: 00010082 [ 461.137674] RAX: 0000000000000000 RBX: ffff8b3fc1702d80 RCX: 0000000000000006 [ 461.137674] RDX: 0000000000000007 RSI: 0000000000000096 RDI: ffff8b3fded164b0 [ 461.137675] RBP: ffffa77e08cafc68 R08: 0000000000000026 R09: 0000000000000339 [ 461.137676] R10: ffff8b3fd060d410 R11: 0000000000000026 R12: ffffffffa4e14e20 [ 461.137677] R13: ffff8b3fdec22940 R14: ffff8b3fc1702da0 R15: ffff8b3fdec22940 [ 461.137678] FS: 00007efe43ee5700(0000) GS:ffff8b3fded00000(0000) knlGS:0000000000000000 [ 461.137679] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 461.137680] CR2: 00007efe30000010 CR3: 0000000301744003 CR4: 00000000001606e0 [ 461.137680] Call Trace: [ 461.137684] push_dl_task.part.46+0x3bc/0x460 [ 461.137686] task_woken_dl+0x60/0x80 [ 461.137689] ttwu_do_wakeup+0x4f/0x150 [ 461.137690] ttwu_do_activate+0x77/0x80 [ 461.137692] try_to_wake_up+0x1d6/0x4c0 [ 461.137693] wake_up_q+0x32/0x70 [ 461.137696] do_futex+0x7e7/0xb50 [ 461.137698] __x64_sys_futex+0x8b/0x180 [ 461.137701] do_syscall_64+0x5a/0x110 [ 461.137703] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 461.137705] RIP: 0033:0x7efe4918ca26 [ 461.137705] Code: 00 00 00 74 17 49 8b 48 20 44 8b 59 10 41 83 e3 30 41 83 fb 20 74 1e be 85 00 00 00 41 ba 01 00 00 00 41 b9 01 00 00 04 0f 05 <48> 3d 01 f0 ff ff 73 1f 31 c0 c3 be 8c 00 00 00 49 89 c8 4d 31 d2 [ 461.137738] RSP: 002b:00007efe43ee4928 EFLAGS: 00000283 ORIG_RAX: 00000000000000ca [ 461.137739] RAX: ffffffffffffffda RBX: 0000000005094df0 RCX: 00007efe4918ca26 [ 461.137740] RDX: 0000000000000001 RSI: 0000000000000085 RDI: 0000000005094e24 [ 461.137741] RBP: 00007efe43ee49c0 R08: 0000000005094e20 R09: 0000000004000001 [ 461.137741] R10: 0000000000000001 R11: 0000000000000283 R12: 0000000000000000 [ 461.137742] R13: 0000000005094df8 R14: 0000000000000001 R15: 0000000000448a10 [ 461.137743] ---[ end trace 187df4cad2bf7649 ]--- This warning was caused in the push_dl_task(), because the rq_clock of the later_rq was used by cpufreq_update_util() inside __add_running_bw(), before its update at activate_task(). The fix then is to update the clock before calling add_running_bw. To avoid double rq_clock_update(), we set ENQUEUE_NOCLOCK flag to activate_task(). Reported-by: Daniel Casini <daniel.casini(a)santannapisa.it> Signed-off-by: Daniel Bristot de Oliveira <bristot(a)redhat.com> Cc: Juri Lelli <juri.lelli(a)arm.com> Cc: Luca Abeni <luca.abeni(a)santannapisa.it> Cc: Tommaso Cucinotta <tommaso.cucinotta(a)sssup.it> Cc: Steven Rostedt <rostedt(a)goodmis.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Ingo Molnar <mingo(a)kernel.org> Cc: linux-kernel(a)vger.kernel.org Cc: <stable(a)vger.kernel.org> # 4.16+ Fixes: e0367b12674b sched/deadline: Move CPU frequency selection triggering points --- kernel/sched/deadline.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/kernel/sched/deadline.c b/kernel/sched/deadline.c index fbfc3f1d368a..e733c15b7695 100644 --- a/kernel/sched/deadline.c +++ b/kernel/sched/deadline.c @@ -2090,8 +2090,16 @@ static int push_dl_task(struct rq *rq) sub_rq_bw(&next_task->dl, &rq->dl); set_task_cpu(next_task, later_rq->cpu); add_rq_bw(&next_task->dl, &later_rq->dl); + + /* + * Update the later_rq clock here, because the clock is used + * by the cpufreq_update_util() inside __add_running_bw(). + * Then, set ENQUEUE_NOCLOCK flag to avoid updating the rq_clock + * again in the activate_task()->enqueue_task(). + */ + update_rq_clock(later_rq); add_running_bw(&next_task->dl, &later_rq->dl); - activate_task(later_rq, next_task, 0); + activate_task(later_rq, next_task, ENQUEUE_NOCLOCK); ret = 1; resched_curr(later_rq); -- 2.17.1

7 years, 1 month

4
4
0 0

requests for inclusion in 4.14.y

by Eduardo Valentin

Hey Greg, Can you please include the following fixes on stable 4.14.y? https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… All of the above are straight forward cherry-picks. -- All the best, Eduardo Valentin

7 years, 1 month

4
4
0 0

Re: FAILED: patch "[PATCH] nvmet-fc: fix target sgl list on large transfers" failed to apply to 4.14-stable tree

by James Smart

On 7/30/2018 12:56 AM, gregkh(a)linuxfoundation.org wrote: > > The patch below does not apply to the 4.14-stable tree. > If someone wants it applied there, or to any other stable or longterm > tree, then please email the backport, including the original git commit > id to <stable(a)vger.kernel.org>. > > thanks, > > greg k-h > > (snip) Here's the patch revised for stable 4.14.y -- james ------------------ From: James Smart <jsmart2021(a)gmail.com> commit d082dc1562a2ff0947b214796f12faaa87e816a9 upstream. The existing code to carve up the sg list expected an sg element-per-page which can be very incorrect with iommu's remapping multiple memory pages to fewer bus addresses. To hit this error required a large io payload (greater than 256k) and a system that maps on a per-page basis. It's possible that large ios could get by fine if the system condensed the sgl list into the first 64 elements. This patch corrects the sg list handling by specifically walking the sg list element by element and attempting to divide the transfer up on a per-sg element boundary. While doing so, it still tries to keep sequences under 256k, but will exceed that rule if a single sg element is larger than 256k. Fixes: 48fa362b6c3f ("nvmet-fc: simplify sg list handling") Cc: <stable(a)vger.kernel.org> # 4.14 Signed-off-by: James Smart <james.smart(a)broadcom.com> Signed-off-by: Christoph Hellwig <hch(a)lst.de> --- stable 4.14.y patch adjusted for deltas made by upstream commit 5e62d5c993e6889cd314d5b5de6b670152109a0e that are not in the stable tree. --- drivers/nvme/target/fc.c | 44 +++++++++++++++++++++++++++++++++++--------- 1 file changed, 35 insertions(+), 9 deletions(-) diff --git a/drivers/nvme/target/fc.c b/drivers/nvme/target/fc.c index 8e21211b904b..b7a5d1065378 100644 --- a/drivers/nvme/target/fc.c +++ b/drivers/nvme/target/fc.c @@ -58,8 +58,8 @@ struct nvmet_fc_ls_iod { struct work_struct work; } __aligned(sizeof(unsigned long long)); +/* desired maximum for a single sequence - if sg list allows it */ #define NVMET_FC_MAX_SEQ_LENGTH (256 * 1024) -#define NVMET_FC_MAX_XFR_SGENTS (NVMET_FC_MAX_SEQ_LENGTH / PAGE_SIZE) enum nvmet_fcp_datadir { NVMET_FCP_NODATA, @@ -74,6 +74,7 @@ struct nvmet_fc_fcp_iod { struct nvme_fc_cmd_iu cmdiubuf; struct nvme_fc_ersp_iu rspiubuf; dma_addr_t rspdma; + struct scatterlist *next_sg; struct scatterlist *data_sg; int data_sg_cnt; u32 total_length; @@ -1000,8 +1001,7 @@ nvmet_fc_register_targetport(struct nvmet_fc_port_info *pinfo, INIT_LIST_HEAD(&newrec->assoc_list); kref_init(&newrec->ref); ida_init(&newrec->assoc_cnt); - newrec->max_sg_cnt = min_t(u32, NVMET_FC_MAX_XFR_SGENTS, - template->max_sgl_segments); + newrec->max_sg_cnt = template->max_sgl_segments; ret = nvmet_fc_alloc_ls_iodlist(newrec); if (ret) { @@ -1717,6 +1717,7 @@ nvmet_fc_alloc_tgt_pgs(struct nvmet_fc_fcp_iod *fod) ((fod->io_dir == NVMET_FCP_WRITE) ? DMA_FROM_DEVICE : DMA_TO_DEVICE)); /* note: write from initiator perspective */ + fod->next_sg = fod->data_sg; return 0; @@ -1874,24 +1875,49 @@ nvmet_fc_transfer_fcp_data(struct nvmet_fc_tgtport *tgtport, struct nvmet_fc_fcp_iod *fod, u8 op) { struct nvmefc_tgt_fcp_req *fcpreq = fod->fcpreq; + struct scatterlist *sg = fod->next_sg; unsigned long flags; - u32 tlen; + u32 remaininglen = fod->total_length - fod->offset; + u32 tlen = 0; int ret; fcpreq->op = op; fcpreq->offset = fod->offset; fcpreq->timeout = NVME_FC_TGTOP_TIMEOUT_SEC; - tlen = min_t(u32, tgtport->max_sg_cnt * PAGE_SIZE, - (fod->total_length - fod->offset)); + /* + * for next sequence: + * break at a sg element boundary + * attempt to keep sequence length capped at + * NVMET_FC_MAX_SEQ_LENGTH but allow sequence to + * be longer if a single sg element is larger + * than that amount. This is done to avoid creating + * a new sg list to use for the tgtport api. + */ + fcpreq->sg = sg; + fcpreq->sg_cnt = 0; + while (tlen < remaininglen && + fcpreq->sg_cnt < tgtport->max_sg_cnt && + tlen + sg_dma_len(sg) < NVMET_FC_MAX_SEQ_LENGTH) { + fcpreq->sg_cnt++; + tlen += sg_dma_len(sg); + sg = sg_next(sg); + } + if (tlen < remaininglen && fcpreq->sg_cnt == 0) { + fcpreq->sg_cnt++; + tlen += min_t(u32, sg_dma_len(sg), remaininglen); + sg = sg_next(sg); + } + if (tlen < remaininglen) + fod->next_sg = sg; + else + fod->next_sg = NULL; + fcpreq->transfer_length = tlen; fcpreq->transferred_length = 0; fcpreq->fcp_error = 0; fcpreq->rsplen = 0; - fcpreq->sg = &fod->data_sg[fod->offset / PAGE_SIZE]; - fcpreq->sg_cnt = DIV_ROUND_UP(tlen, PAGE_SIZE); - /* * If the last READDATA request: check if LLDD supports * combined xfr with response. -- 2.13.1

7 years, 1 month

1
0
0 0

[PATCH rdma-next v4 3/3] RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq

by Kees Cook

From: Leon Romanovsky <leonro(a)mellanox.com> [ 61.182439] UBSAN: Undefined behaviour in drivers/infiniband/hw/mlx5/qp.c:5366:34 [ 61.183673] shift exponent 4294967288 is too large for 32-bit type 'unsigned int' [ 61.185530] CPU: 0 PID: 639 Comm: qp Not tainted 4.18.0-rc1-00037-g4aa1d69a9c60-dirty #96 [ 61.186981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-2.fc27 04/01/2014 [ 61.188315] Call Trace: [ 61.188661] dump_stack+0xc7/0x13b [ 61.190427] ubsan_epilogue+0x9/0x49 [ 61.190899] __ubsan_handle_shift_out_of_bounds+0x1ea/0x22f [ 61.197040] mlx5_ib_create_wq+0x1c99/0x1d50 [ 61.206632] ib_uverbs_ex_create_wq+0x499/0x820 [ 61.213892] ib_uverbs_write+0x77e/0xae0 [ 61.248018] vfs_write+0x121/0x3b0 [ 61.249831] ksys_write+0xa1/0x120 [ 61.254024] do_syscall_64+0x7c/0x2a0 [ 61.256178] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 61.259211] RIP: 0033:0x7f54bab70e99 [ 61.262125] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 [ 61.268678] RSP: 002b:00007ffe1541c318 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 61.271076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f54bab70e99 [ 61.273795] RDX: 0000000000000070 RSI: 0000000020000240 RDI: 0000000000000003 [ 61.276982] RBP: 00007ffe1541c330 R08: 00000000200078e0 R09: 0000000000000002 [ 61.280035] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004005c0 [ 61.283279] R13: 00007ffe1541c420 R14: 0000000000000000 R15: 0000000000000000 Cc: <stable(a)vger.kernel.org> # 4.7 Fixes: 79b20a6c3014 ("IB/mlx5: Add receive Work Queue verbs") Cc: syzkaller <syzkaller(a)googlegroups.com> Reported-by: Noa Osherovich <noaos(a)mellanox.com> Signed-off-by: Leon Romanovsky <leonro(a)mellanox.com> Signed-off-by: Kees Cook <keescook(a)chromium.org> --- drivers/infiniband/hw/mlx5/qp.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/infiniband/hw/mlx5/qp.c b/drivers/infiniband/hw/mlx5/qp.c index a4f1f638509f..fa3c315f6d94 100644 --- a/drivers/infiniband/hw/mlx5/qp.c +++ b/drivers/infiniband/hw/mlx5/qp.c @@ -5365,7 +5365,9 @@ static int set_user_rq_size(struct mlx5_ib_dev *dev, rwq->wqe_count = ucmd->rq_wqe_count; rwq->wqe_shift = ucmd->rq_wqe_shift; - rwq->buf_size = (rwq->wqe_count << rwq->wqe_shift); + if (check_shl_overflow(rwq->wqe_count, rwq->wqe_shift, &rwq->buf_size)) + return -EINVAL; + rwq->log_rq_stride = rwq->wqe_shift; rwq->log_rq_size = ilog2(rwq->wqe_count); return 0; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v4 8/8] drm/nouveau: Call pm_runtime_get_noresume() from hpd handlers

by Lyude Paul

We can't and don't need to try resuming the device from our hotplug handlers, but hotplug events are generally something we'd like to keep the device awake for whenever possible. So, grab a PM ref safely in our hotplug handlers using pm_runtime_get_noresume() and mark the device as busy once we're finished. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 8409c3f2c3a1..5a8e8c1ad647 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -1152,6 +1152,11 @@ nouveau_connector_hotplug(struct nvif_notify *notify) const char *name = connector->name; struct nouveau_encoder *nv_encoder; + /* Resuming the device here isn't possible; but the suspend PM ops + * will wait for us to finish our work before disabling us so this + * should be enough + */ + pm_runtime_get_noresume(drm->dev->dev); nv_connector->hpd_task = current; if (rep->mask & NVIF_NOTIFY_CONN_V0_IRQ) { @@ -1171,6 +1176,9 @@ nouveau_connector_hotplug(struct nvif_notify *notify) } nv_connector->hpd_task = NULL; + + pm_runtime_mark_last_busy(drm->dev->dev); + pm_runtime_put_autosuspend(drm->dev->dev); return NVIF_NOTIFY_KEEP; } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v4 6/8] drm/nouveau: Respond to HPDs by probing one conn at a time

by Lyude Paul

There isn't actually any reason we need to call drm_hpd_irq_event() from our hotplug handler, as we already know which connector the hotplug event was fired for. We're also going to need to avoid probing all connectors needlessly from hotplug handlers anyway so that we can track when nouveau_connector_detect() is being called from the context of it's connector's hotplug handler in order to fix the next deadlocking issue. This is (slightly) faster anyway! Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 28 ++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 010d6db14cba..9714e09f17db 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -1114,6 +1114,32 @@ nouveau_connector_funcs_lvds = { .atomic_get_property = nouveau_conn_atomic_get_property, }; +static void +nouveau_connector_hotplug_probe(struct nouveau_connector *nv_conn) +{ + struct drm_modeset_acquire_ctx ctx; + struct drm_connector *conn = &nv_conn->base; + enum drm_connector_status old_status; + struct drm_device *dev = conn->dev; + bool changed; + + mutex_lock(&dev->mode_config.mutex); + + drm_modeset_acquire_init(&ctx, 0); + drm_modeset_lock(&dev->mode_config.connection_mutex, &ctx); + + old_status = conn->status; + conn->status = drm_helper_probe_detect(conn, &ctx, true); + changed = old_status != conn->status; + + drm_modeset_drop_locks(&ctx); + drm_modeset_acquire_fini(&ctx); + mutex_unlock(&dev->mode_config.mutex); + + if (changed) + drm_kms_helper_hotplug_event(dev); +} + static int nouveau_connector_hotplug(struct nvif_notify *notify) { @@ -1138,7 +1164,7 @@ nouveau_connector_hotplug(struct nvif_notify *notify) nv50_mstm_remove(nv_encoder->dp.mstm); } - drm_helper_hpd_irq_event(connector->dev); + nouveau_connector_hotplug_probe(nv_connector); } return NVIF_NOTIFY_KEEP; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v4 5/8] drm/nouveau: Use pm_runtime_get_noresume() in connector_detect()

by Lyude Paul

It's true we can't resume the device from poll workers in nouveau_connector_detect(). We can however, prevent the autosuspend timer from elapsing immediately if it hasn't already without risking any sort of deadlock with the runtime suspend/resume operations. So do that instead of entirely avoiding grabbing a power reference. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 2a45b4c2ceb0..010d6db14cba 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -572,12 +572,16 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) nv_connector->edid = NULL; } - /* Outputs are only polled while runtime active, so acquiring a - * runtime PM ref here is unnecessary (and would deadlock upon - * runtime suspend because it waits for polling to finish). + /* Outputs are only polled while runtime active, so resuming the + * device here is unnecessary (and would deadlock upon runtime suspend + * because it waits for polling to finish). We do however, want to + * prevent the autosuspend timer from elapsing during this operation + * if possible. */ - if (!drm_kms_helper_is_poll_worker()) { - ret = pm_runtime_get_sync(connector->dev->dev); + if (drm_kms_helper_is_poll_worker()) { + pm_runtime_get_noresume(dev->dev); + } else { + ret = pm_runtime_get_sync(dev->dev); if (ret < 0 && ret != -EACCES) return conn_status; } @@ -655,10 +659,8 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) out: - if (!drm_kms_helper_is_poll_worker()) { - pm_runtime_mark_last_busy(connector->dev->dev); - pm_runtime_put_autosuspend(connector->dev->dev); - } + pm_runtime_mark_last_busy(dev->dev); + pm_runtime_put_autosuspend(dev->dev); return conn_status; } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v4 4/8] drm/nouveau: Fix deadlock with fb_helper using new helpers

by Lyude Paul

This removes the potential of deadlocking with fb_helper entirely by preventing it from handling hotplugs during the runtime suspend process as early as possible in the suspend process. If it turns out this is not possible, due to some fb_helper action having been queued up before we got a time to disable hotplugging, we simply return -EBUSY so that the runtime PM core attempts autosuspending the device again once fb_helper isn't doing anything. This fixes one of the issues causing deadlocks on runtime suspend/resume with nouveau on my P50. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_drm.c | 8 ++++++++ drivers/gpu/drm/nouveau/nouveau_fbcon.c | 1 + 2 files changed, 9 insertions(+) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index ee2546db09c9..d47cb5b2af98 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -836,6 +836,14 @@ nouveau_pmops_runtime_suspend(struct device *dev) return -EBUSY; } + /* There's no way for us to stop fb_helper work in reaction to + * hotplugs later in the RPM process. First off: we don't want to, + * fb_helper should be able to keep the GPU awake. Second off: it is + * capable of grabbing basically any lock in existence. + */ + if (!drm_fb_helper_suspend_hotplug(drm_dev->fb_helper)) + return -EBUSY; + nouveau_switcheroo_optimus_dsm(); ret = nouveau_do_suspend(drm_dev, true); pci_save_state(pdev); diff --git a/drivers/gpu/drm/nouveau/nouveau_fbcon.c b/drivers/gpu/drm/nouveau/nouveau_fbcon.c index 85c1f10bc2b6..963ba630fd04 100644 --- a/drivers/gpu/drm/nouveau/nouveau_fbcon.c +++ b/drivers/gpu/drm/nouveau/nouveau_fbcon.c @@ -466,6 +466,7 @@ nouveau_fbcon_set_suspend_work(struct work_struct *work) console_unlock(); if (state == FBINFO_STATE_RUNNING) { + drm_fb_helper_resume_hotplug(drm->dev->fb_helper); pm_runtime_mark_last_busy(drm->dev->dev); pm_runtime_put_sync(drm->dev->dev); } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v4 3/8] drm/fb_helper: Introduce suspend/resume_hotplug()

by Lyude Paul

I'm sure I don't need to tell you that fb_helper's locking is a mess. That being said; fb_helper's locking mess can seriously complicate the runtime suspend/resume operations of drivers because it can invoke atomic commits and connector probing from anywhere that calls drm_fb_helper_hotplug_event(). Since most drivers use drm_fb_helper_output_poll_changed() as their output_poll_changed handler, this can happen in every single context that can fire off a hotplug event. An example: [ 246.669625] INFO: task kworker/4:0:37 blocked for more than 120 seconds. [ 246.673398] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.675271] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.676527] kworker/4:0 D 0 37 2 0x80000000 [ 246.677580] Workqueue: events output_poll_execute [drm_kms_helper] [ 246.678704] Call Trace: [ 246.679753] __schedule+0x322/0xaf0 [ 246.680916] schedule+0x33/0x90 [ 246.681924] schedule_preempt_disabled+0x15/0x20 [ 246.683023] __mutex_lock+0x569/0x9a0 [ 246.684035] ? kobject_uevent_env+0x117/0x7b0 [ 246.685132] ? drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.686179] mutex_lock_nested+0x1b/0x20 [ 246.687278] ? mutex_lock_nested+0x1b/0x20 [ 246.688307] drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.689420] drm_fb_helper_output_poll_changed+0x23/0x30 [drm_kms_helper] [ 246.690462] drm_kms_helper_hotplug_event+0x2a/0x30 [drm_kms_helper] [ 246.691570] output_poll_execute+0x198/0x1c0 [drm_kms_helper] [ 246.692611] process_one_work+0x231/0x620 [ 246.693725] worker_thread+0x214/0x3a0 [ 246.694756] kthread+0x12b/0x150 [ 246.695856] ? wq_pool_ids_show+0x140/0x140 [ 246.696888] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.697998] ret_from_fork+0x3a/0x50 [ 246.699034] INFO: task kworker/0:1:60 blocked for more than 120 seconds. [ 246.700153] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.701182] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.702278] kworker/0:1 D 0 60 2 0x80000000 [ 246.703293] Workqueue: pm pm_runtime_work [ 246.704393] Call Trace: [ 246.705403] __schedule+0x322/0xaf0 [ 246.706439] ? wait_for_completion+0x104/0x190 [ 246.707393] schedule+0x33/0x90 [ 246.708375] schedule_timeout+0x3a5/0x590 [ 246.709289] ? mark_held_locks+0x58/0x80 [ 246.710208] ? _raw_spin_unlock_irq+0x2c/0x40 [ 246.711222] ? wait_for_completion+0x104/0x190 [ 246.712134] ? trace_hardirqs_on_caller+0xf4/0x190 [ 246.713094] ? wait_for_completion+0x104/0x190 [ 246.713964] wait_for_completion+0x12c/0x190 [ 246.714895] ? wake_up_q+0x80/0x80 [ 246.715727] ? get_work_pool+0x90/0x90 [ 246.716649] flush_work+0x1c9/0x280 [ 246.717483] ? flush_workqueue_prep_pwqs+0x1b0/0x1b0 [ 246.718442] __cancel_work_timer+0x146/0x1d0 [ 246.719247] cancel_delayed_work_sync+0x13/0x20 [ 246.720043] drm_kms_helper_poll_disable+0x1f/0x30 [drm_kms_helper] [ 246.721123] nouveau_pmops_runtime_suspend+0x3d/0xb0 [nouveau] [ 246.721897] pci_pm_runtime_suspend+0x6b/0x190 [ 246.722825] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.723737] __rpm_callback+0x7a/0x1d0 [ 246.724721] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.725607] rpm_callback+0x24/0x80 [ 246.726553] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.727376] rpm_suspend+0x142/0x6b0 [ 246.728185] pm_runtime_work+0x97/0xc0 [ 246.728938] process_one_work+0x231/0x620 [ 246.729796] worker_thread+0x44/0x3a0 [ 246.730614] kthread+0x12b/0x150 [ 246.731395] ? wq_pool_ids_show+0x140/0x140 [ 246.732202] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.732878] ret_from_fork+0x3a/0x50 [ 246.733768] INFO: task kworker/4:2:422 blocked for more than 120 seconds. [ 246.734587] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.735393] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.736113] kworker/4:2 D 0 422 2 0x80000080 [ 246.736789] Workqueue: events_long drm_dp_mst_link_probe_work [drm_kms_helper] [ 246.737665] Call Trace: [ 246.738490] __schedule+0x322/0xaf0 [ 246.739250] schedule+0x33/0x90 [ 246.739908] rpm_resume+0x19c/0x850 [ 246.740750] ? finish_wait+0x90/0x90 [ 246.741541] __pm_runtime_resume+0x4e/0x90 [ 246.742370] nv50_disp_atomic_commit+0x31/0x210 [nouveau] [ 246.743124] drm_atomic_commit+0x4a/0x50 [drm] [ 246.743775] restore_fbdev_mode_atomic+0x1c8/0x240 [drm_kms_helper] [ 246.744603] restore_fbdev_mode+0x31/0x140 [drm_kms_helper] [ 246.745373] drm_fb_helper_restore_fbdev_mode_unlocked+0x54/0xb0 [drm_kms_helper] [ 246.746220] drm_fb_helper_set_par+0x2d/0x50 [drm_kms_helper] [ 246.746884] drm_fb_helper_hotplug_event.part.28+0x96/0xb0 [drm_kms_helper] [ 246.747675] drm_fb_helper_output_poll_changed+0x23/0x30 [drm_kms_helper] [ 246.748544] drm_kms_helper_hotplug_event+0x2a/0x30 [drm_kms_helper] [ 246.749439] nv50_mstm_hotplug+0x15/0x20 [nouveau] [ 246.750111] drm_dp_send_link_address+0x177/0x1c0 [drm_kms_helper] [ 246.750764] drm_dp_check_and_send_link_address+0xa8/0xd0 [drm_kms_helper] [ 246.751602] drm_dp_mst_link_probe_work+0x51/0x90 [drm_kms_helper] [ 246.752314] process_one_work+0x231/0x620 [ 246.752979] worker_thread+0x44/0x3a0 [ 246.753838] kthread+0x12b/0x150 [ 246.754619] ? wq_pool_ids_show+0x140/0x140 [ 246.755386] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.756162] ret_from_fork+0x3a/0x50 [ 246.756847] Showing all locks held in the system: [ 246.758261] 3 locks held by kworker/4:0/37: [ 246.759016] #0: 00000000f8df4d2d ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.759856] #1: 00000000e6065461 ((work_completion)(&(&dev->mode_config.output_poll_work)->work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.760670] #2: 00000000cb66735f (&helper->lock){+.+.}, at: drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.761516] 2 locks held by kworker/0:1/60: [ 246.762274] #0: 00000000fff6be0f ((wq_completion)"pm"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.762982] #1: 000000005ab44fb4 ((work_completion)(&dev->power.work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.763890] 1 lock held by khungtaskd/64: [ 246.764664] #0: 000000008cb8b5c3 (rcu_read_lock){....}, at: debug_show_all_locks+0x23/0x185 [ 246.765588] 5 locks held by kworker/4:2/422: [ 246.766440] #0: 00000000232f0959 ((wq_completion)"events_long"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.767390] #1: 00000000bb59b134 ((work_completion)(&mgr->work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.768154] #2: 00000000cb66735f (&helper->lock){+.+.}, at: drm_fb_helper_restore_fbdev_mode_unlocked+0x4c/0xb0 [drm_kms_helper] [ 246.768966] #3: 000000004c8f0b6b (crtc_ww_class_acquire){+.+.}, at: restore_fbdev_mode_atomic+0x4b/0x240 [drm_kms_helper] [ 246.769921] #4: 000000004c34a296 (crtc_ww_class_mutex){+.+.}, at: drm_modeset_backoff+0x8a/0x1b0 [drm] [ 246.770839] 1 lock held by dmesg/1038: [ 246.771739] 2 locks held by zsh/1172: [ 246.772650] #0: 00000000836d0438 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 246.773680] #1: 000000001f4f4d48 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0xc1/0x870 [ 246.775522] ============================================= Because of this, there's an unreasonable number of places that drm drivers would need to insert special handling to prevent trying to resume the device from all of these contexts that can deadlock. It's difficult even to try synchronizing with fb_helper in these contexts as well, since any of them could introduce a deadlock by waiting to acquire the top-level fb_helper mutex, while it's being held by another thread that might potentially call down to pm_runtime_get_sync(). Luckily-there's no actual reason we need to allow fb_helper to handle hotplugging at all when runtime suspending a device. If a hotplug happens during a runtime suspend operation, there's no reason the driver can't just re-enable fbcon's hotplug handling and bring it up to speed with hotplugging events it may have missed by calling drm_fb_helper_hotplug_event(). So, let's make this easy and just add helpers to handle disabling and enabling fb_helper connector probing() without having to potentially wait on fb_helper to finish it's work. This will let us fix the runtime suspend/resume deadlocks that we've been experiencing with nouveau, along with being able to fix some of the incorrect runtime PM core interaction that other DRM drivers currently perform to work around these issues. Changes since v3: - Actually check if fb_helper is NULL in both new helpers - Actually check drm_fbdev_emulation in both new helpers - Don't fire off a fb_helper hotplug unconditionally; only do it if the following conditions are true (as otherwise, calling this in the wrong spot will cause Bad Things to happen): - fb_helper hotplug handling was actually inhibited previously - fb_helper actually has a delayed hotplug pending - fb_helper is actually bound - fb_helper is actually initialized - Add __must_check to drm_fb_helper_suspend_hotplug(). There's no situation where a driver would actually want to use this without checking the return value, so enforce that - Rewrite and clarify the documentation for both helpers. - Make sure to return true in the drm_fb_helper_suspend_hotplug() stub that's provided in drm_fb_helper.h when CONFIG_DRM_FBDEV_EMULATION isn't enabled - Actually grab the toplevel fb_helper lock in drm_fb_helper_resume_hotplug(), since it's possible other activity (such as a hotplug) could be going on at the same time the driver calls drm_fb_helper_resume_hotplug(). We need this to check whether or not drm_fb_helper_hotplug_event() needs to be called anyway Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/drm_fb_helper.c | 123 +++++++++++++++++++++++++++++++- include/drm/drm_fb_helper.h | 22 ++++++ 2 files changed, 144 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/drm_fb_helper.c b/drivers/gpu/drm/drm_fb_helper.c index 2ee1eaa66188..b5f1dee0c3a0 100644 --- a/drivers/gpu/drm/drm_fb_helper.c +++ b/drivers/gpu/drm/drm_fb_helper.c @@ -84,6 +84,11 @@ static DEFINE_MUTEX(kernel_fb_helper_lock); * For suspend/resume consider using drm_mode_config_helper_suspend() and * drm_mode_config_helper_resume() which takes care of fbdev as well. * + * For runtime suspend and runtime resume, drivers which need to disable + * normal hotplug handling should consider using + * drm_fb_helper_suspend_hotplug() and drm_fb_helper_resume_hotplug() to + * avoid deadlocking with fb_helper's hotplug handling. + * * All other functions exported by the fb helper library can be used to * implement the fbdev driver interface by the driver. * @@ -2733,6 +2738,118 @@ int drm_fb_helper_initial_config(struct drm_fb_helper *fb_helper, int bpp_sel) } EXPORT_SYMBOL(drm_fb_helper_initial_config); +/** + * drm_fb_helper_resume_hotplug - Uninhibit fb_helper hotplug handling + * @fb_helper: driver-allocated fbdev helper, can be NULL + * + * Uninhibit fb_helper's hotplug handling after it was previously inhibited by + * a call to drm_fb_helper_suspend_hotplug(). Unlike + * drm_fb_helper_suspend_hotplug(), this function will wait on + * fb_helper->lock. + * + * This helper will take care of handling any hotplug events that happened + * while fb_helper's hotplug handling was suspended. Since this possibly + * implies a call to drm_fb_helper_hotplug_event(), care must be taken when + * calling this function as it may initiate a modeset. + * + * Please note that this function is different from + * drm_fb_helper_set_suspend(). It does not resume fb_helper, it only allows + * fb_helper to probe connectors in response to changes to the device's + * connector configuration if this functionality was previously disabled by + * drm_fb_helper_suspend_hotplug(). Generally, a driver will only want to call + * this in it's runtime resume callbacks. + * + * Drivers calling drm_fb_helper_suspend_hotplug() must make sure to call this + * somewhere in their runtime resume callbacks. + * + * See also: drm_fb_helper_suspend_hotplug() + */ +void +drm_fb_helper_resume_hotplug(struct drm_fb_helper *fb_helper) +{ + bool changed; + + if (!drm_fbdev_emulation || !fb_helper) + return; + + mutex_lock(&fb_helper->lock); + + changed = !fb_helper->deferred_setup && + fb_helper->fb && + drm_fb_helper_is_bound(fb_helper) && + fb_helper->hotplug_suspended && + fb_helper->delayed_hotplug; + if (changed) + fb_helper->delayed_hotplug = false; + + fb_helper->hotplug_suspended = false; + + mutex_unlock(&fb_helper->lock); + + if (changed) + drm_fb_helper_hotplug_event(fb_helper); +} +EXPORT_SYMBOL(drm_fb_helper_resume_hotplug); + +/** + * drm_fb_helper_suspend_hotplug - Attempt to temporarily suspend fb_helper's + * hotplug handling + * @fb_helper: driver-allocated fbdev helper, can be NULL + * + * Temporarily inhibit fb_helper from responding to connector changes without + * blocking on fb_helper->lock, if possible. This can be called by a DRM + * driver early on in it's runtime suspend callback to both check whether or + * not fb_helper is still busy, and prevent hotplugs that might occur part-way + * through the runtime suspend process from being handled by fb_helper until + * drm_fb_helper_resume_hotplug() is called. This dramatically simplifies the + * runtime suspend process, as it eliminates the possibility that fb_helper + * might try to perform a modeset half way through the runtime suspend process + * in response to a connector hotplug, something which will almost certainly + * lead to deadlocking for drivers that need to disable normal hotplug + * handling in their runtime suspend handlers. + * + * Calls to this function should be put at the very start of a driver's + * runtime suspend operation if desired. The driver is then responsible for + * re-enabling fb_helper hotplug handling when normal hotplug detection + * becomes available on the device again by calling + * drm_fb_helper_resume_hotplug(). Usually, a driver will want to re-enable + * fb_helper hotplug handling once the hotplug detection capabilities of its + * devices have returned to normal (e.g. when the device is runtime resumed, + * or after the runtime suspend process was aborted for some reason). + * + * Please note that this function is different from + * drm_fb_helper_set_suspend(), in that it does not actually suspend + * fb_helper. It only prevents fb_helper from responding to connector hotplugs + * on it's own. Generally, a driver will only want to call this in its + * runtime suspend callback. + * + * See also: drm_fb_helper_resume_hotplug() + * + * RETURNS: + * True if hotplug handling was disabled successfully, or fb_helper wasn't + * actually initialized/enabled yet. False if grabbing &fb_helper->lock would + * have meant blocking on fb_helper. When this function returns false, this + * usually implies means that fb_helper is still busy doing something such as + * probing connectors or performing a modeset. Drivers should treat this the + * same way they would any other activity on the device, and abort the runtime + * suspend process as early as possible in response. + */ +bool __must_check +drm_fb_helper_suspend_hotplug(struct drm_fb_helper *fb_helper) +{ + if (!drm_fbdev_emulation || !fb_helper) + return true; + + if (!mutex_trylock(&fb_helper->lock)) + return false; + + fb_helper->hotplug_suspended = true; + mutex_unlock(&fb_helper->lock); + + return true; +} +EXPORT_SYMBOL(drm_fb_helper_suspend_hotplug); + /** * drm_fb_helper_hotplug_event - respond to a hotplug notification by * probing all the outputs attached to the fb @@ -2751,6 +2868,9 @@ EXPORT_SYMBOL(drm_fb_helper_initial_config); * for a race-free fbcon setup and will make sure that the fbdev emulation will * not miss any hotplug events. * + * See also: drm_fb_helper_suspend_hotplug() + * See also: drm_fb_helper_resume_hotplug() + * * RETURNS: * 0 on success and a non-zero error code otherwise. */ @@ -2768,7 +2888,8 @@ int drm_fb_helper_hotplug_event(struct drm_fb_helper *fb_helper) return err; } - if (!fb_helper->fb || !drm_fb_helper_is_bound(fb_helper)) { + if (!fb_helper->fb || !drm_fb_helper_is_bound(fb_helper) || + fb_helper->hotplug_suspended) { fb_helper->delayed_hotplug = true; mutex_unlock(&fb_helper->lock); return err; diff --git a/include/drm/drm_fb_helper.h b/include/drm/drm_fb_helper.h index b069433e7fc1..9c6e4ceff3af 100644 --- a/include/drm/drm_fb_helper.h +++ b/include/drm/drm_fb_helper.h @@ -232,6 +232,14 @@ struct drm_fb_helper { * See also: @deferred_setup */ int preferred_bpp; + + /** + * @hotplug_suspended: + * + * Whether or not we can currently handle hotplug events, or if we + * need to wait for the DRM device to uninhibit us. + */ + bool hotplug_suspended; }; /** @@ -330,6 +338,11 @@ void drm_fb_helper_fbdev_teardown(struct drm_device *dev); void drm_fb_helper_lastclose(struct drm_device *dev); void drm_fb_helper_output_poll_changed(struct drm_device *dev); + +void drm_fb_helper_resume_hotplug(struct drm_fb_helper *fb_helper); +bool __must_check +drm_fb_helper_suspend_hotplug(struct drm_fb_helper *fb_helper); + #else static inline void drm_fb_helper_prepare(struct drm_device *dev, struct drm_fb_helper *helper, @@ -564,6 +577,15 @@ static inline void drm_fb_helper_output_poll_changed(struct drm_device *dev) { } +static inline void +drm_fb_helper_resume_hotplug(struct drm_fb_helper *fb_helper) +{ +} +static inline bool __must_check +drm_fb_helper_suspend_hotplug(struct drm_fb_helper *fb_helper) +{ + return true; +} #endif static inline int -- 2.17.1

7 years, 1 month

1
0
0 0

Re: [PATCH] pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()

by Uwe Kleine-König

Hello, On Mon, Jul 30, 2018 at 05:43:43PM +0200, Linus Walleij wrote: > On Fri, Jul 13, 2018 at 4:55 PM Dan Carpenter <dan.carpenter(a)oracle.com> wrote: > > > The info->groups[] array is allocated in imx1_pinctrl_parse_dt(). It > > has info->ngroups elements. Thus the > here should be >= to prevent > > reading one element beyond the end of the array. > > > > Fixes: 30612cd90005 ("pinctrl: imx1 core driver") > > Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> > > Patch applied. > > I am not tagging for stable as it is debug code and does not > affect end users. Not sure this is a valid reason. Distro kernels usually enable debugfs. I'd say an out-of-bounds access that can only be triggered by root should still be fixed. I won't argue but added stable to the addressees of this mail to at least raise awareness. Best regards Uwe -- Pengutronix e.K. | Uwe Kleine-König | Industrial Linux Solutions | http://www.pengutronix.de/ |

7 years, 1 month

2
1
0 0

[PATCH v2] drm/amd/display: Report non-DP display as disconnected without EDID

by Harry Wentland

[Why] Some boards seem to have a problem where HPD is high on HDMI even though no display is connected. We don't want to report these as connected. DP spec still requires us to report DP displays as connected when HPD is high but we can't read the EDID in order to go to fail-safe mode. [How] If connector_signal is not DP abort detection if we can't retrieve the EDID. Bugzilla: https://bugs.freedesktop.org/107390 Bugzilla: https://bugs.freedesktop.org/106846 Cc: stable(a)vger.kernel.org Signed-off-by: Harry Wentland <harry.wentland(a)amd.com> Acked-by: Alex Deucher <alexander.deucher(a)amd.com> v2: Add Bugzilla and stable --- drivers/gpu/drm/amd/display/dc/core/dc_link.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/drivers/gpu/drm/amd/display/dc/core/dc_link.c b/drivers/gpu/drm/amd/display/dc/core/dc_link.c index b180197a41e2..84f0fd15be4c 100644 --- a/drivers/gpu/drm/amd/display/dc/core/dc_link.c +++ b/drivers/gpu/drm/amd/display/dc/core/dc_link.c @@ -744,6 +744,17 @@ bool dc_link_detect(struct dc_link *link, enum dc_detect_reason reason) break; case EDID_NO_RESPONSE: DC_LOG_ERROR("No EDID read.\n"); + + /* + * Abort detection for non-DP connectors if we have + * no EDID + * + * DP needs to report as connected if HDP is high + * even if we have no EDID in order to go to + * fail-safe mode + */ + if (!dc_is_dp_signal(link->connector_signal)) + return false; default: break; } -- 2.17.1

7 years, 1 month

2
1
0 0

request to include on 4.14.y: a4c447533a18ee86e07232d6344ba12b1f9c5077

by Eduardo Valentin

Greg, This is a straight forward cherry-pick. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… Thanks. -- All the best, Eduardo Valentin

7 years, 1 month

2
3
0 0

Re: [PATCH] HID: Bluetooth: hidp: buffer overflow in hidp_process_report

by Mark Salyzyn

On 08/01/2018 09:37 AM, Greg KH wrote: > On Tue, Jul 31, 2018 at 03:02:13PM -0700, Mark Salyzyn wrote: >> CVE-2018-9363 >> >> The buffer length is unsigned at all layers, but gets cast to int and >> checked in hidp_process_report and can lead to a buffer overflow. >> Switch len parameter to unsigned int to resolve issue. >> >> This affects 3.18 and newer kernels. >> >> Signed-off-by: Mark Salyzyn <salyzyn(a)android.com> >> Fixes: a4b1b5877b514b276f0f31efe02388a9c2836728 ("HID: Bluetooth: hidp: make sure input buffers are big enough") >> Cc: Marcel Holtmann <marcel(a)holtmann.org> >> Cc: Johan Hedberg <johan.hedberg(a)gmail.com> >> Cc: "David S. Miller" <davem(a)davemloft.net> >> Cc: Kees Cook <keescook(a)chromium.org> >> Cc: Benjamin Tissoires <benjamin.tissoires(a)redhat.com> >> Cc: linux-bluetooth(a)vger.kernel.org >> Cc: netdev(a)vger.kernel.org >> Cc: linux-kernel(a)vger.kernel.org >> Cc: security(a)kernel.org >> Cc: kernel-team(a)android.com > Nit, you only need to bother security@ if you do not have a fix and need > to figure out one. Thanks, I thought anything with a CVE was to go there according to netdev FAQ (dropped security from response list). > Also, you forgot to cc: stable(a)vger.kernel.org to be included in older > kernel releases :( netdev FAQ said to _not_ copy stable, I am so confused ;-{ (added stable to response list b/c patch is now taken into bluetooth-next) > thanks, > > greg k-h

7 years, 1 month

2
1
0 0

Re: [PATCH v2] arch/x86: Fix boot_cpu_data.microcode version output

by Oleksandr Natalenko

Hi. > I tested this on AMD Ryzen & Intel Broadwell system and dumped the > boot_cpu_data before and after a microcode update. On the Intel > system I also did a fatal MCE using mce-inject to confirm the output > from the mce handling code. > > P. > > ---8<--- > > On systems where a runtime microcode update has occurred the microcode > version output in a MCE log record is wrong because > boot_cpu_data.microcode is not updated during runtime. > > Update boot_cpu_data.microcode when the BSP's microcode is updated. > > Fixes: fa94d0c6e0f3 ("x86/MCE: Save microcode revision in machine check > records") > Suggested-by: Borislav Petkov <bp(a)alien8.com> > Signed-off-by: Prarit Bhargava <prarit(a)redhat.com> > Cc: stable(a)vger.kernel.org > Cc: sironi(a)amazon.de > Cc: tony.luck(a)intel.com > --- > Changes in v2: Use mc_amd->hdr.patch_id on AMD > > arch/x86/kernel/cpu/microcode/amd.c | 4 ++++ > arch/x86/kernel/cpu/microcode/intel.c | 4 ++++ > 2 files changed, 8 insertions(+) > > diff --git a/arch/x86/kernel/cpu/microcode/amd.c > b/arch/x86/kernel/cpu/microcode/amd.c > index 0624957aa068..63b072377ba4 100644 > --- a/arch/x86/kernel/cpu/microcode/amd.c > +++ b/arch/x86/kernel/cpu/microcode/amd.c > @@ -537,6 +537,10 @@ static enum ucode_state apply_microcode_amd(int > cpu) > uci->cpu_sig.rev = mc_amd->hdr.patch_id; > c->microcode = mc_amd->hdr.patch_id; > > + /* Update boot_cpu_data's revision too, if we're on the BSP: */ > + if (c->cpu_index == boot_cpu_data.cpu_index) > + boot_cpu_data.microcode = mc_amd->hdr.patch_id; > + > return UCODE_UPDATED; > } > > diff --git a/arch/x86/kernel/cpu/microcode/intel.c > b/arch/x86/kernel/cpu/microcode/intel.c > index 97ccf4c3b45b..256d336cbc04 100644 > --- a/arch/x86/kernel/cpu/microcode/intel.c > +++ b/arch/x86/kernel/cpu/microcode/intel.c > @@ -851,6 +851,10 @@ static enum ucode_state apply_microcode_intel(int > cpu) > uci->cpu_sig.rev = rev; > c->microcode = rev; > > + /* Update boot_cpu_data's revision too, if we're on the BSP: */ > + if (c->cpu_index == boot_cpu_data.cpu_index) > + boot_cpu_data.microcode = rev; > + > return UCODE_UPDATED; > } > > -- > 2.17.0 After this patch, do we preserve an original microcode version somewhere? If no, why? Sometimes it is useful while debugging another crash because of faulty microcode. Thanks. -- Oleksandr Natalenko (post-factum)

7 years, 1 month

2
2
0 0

Re: [PATCH v3 02/14] ARM: dts: sunxi: h3/h5: Fix i2c2 register address

by Icenowy Zheng

在 2017-09-26二的 09:22 +0200，Corentin Labbe写道： > The unit address and register address does not match. > This patch fix the register address with the good one. > > Acked-by: Maxime Ripard <maxime.ripard(a)free-electrons.com> > Signed-off-by: Corentin Labbe <clabbe.montjoie(a)gmail.com> This patch should be backported. Older LTS also needs patches, but the patch needs to be refactored to suite the versions. Cc: stable(a)vger.kernel.org # 4.14 > --- > arch/arm/boot/dts/sunxi-h3-h5.dtsi | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/arm/boot/dts/sunxi-h3-h5.dtsi > b/arch/arm/boot/dts/sunxi-h3-h5.dtsi > index b37ed3461229..289f2cd06dfe 100644 > --- a/arch/arm/boot/dts/sunxi-h3-h5.dtsi > +++ b/arch/arm/boot/dts/sunxi-h3-h5.dtsi > @@ -632,7 +632,7 @@ > > i2c2: i2c@1c2b400 { > compatible = "allwinner,sun6i-a31-i2c"; > - reg = <0x01c2b000 0x400>; > + reg = <0x01c2b400 0x400>; > interrupts = <GIC_SPI 8 IRQ_TYPE_LEVEL_HIGH>; > clocks = <&ccu CLK_BUS_I2C2>; > resets = <&ccu RST_BUS_I2C2>;

7 years, 1 month

1
0
0 0

2018-7_租務精選

by Flourish_萊斯物業

7 years, 1 month

1
0
0 0

[PATCHES] Networking

by David Miller

Please queue up the following networking bug fixes for 4.14.x and 4.17.x -stable, respectively. Thanks!

7 years, 1 month

2
1
0 0

[PATCH v3 3/3] RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq

by Kees Cook

From: Leon Romanovsky <leonro(a)mellanox.com> [ 61.182439] UBSAN: Undefined behaviour in drivers/infiniband/hw/mlx5/qp.c:5366:34 [ 61.183673] shift exponent 4294967288 is too large for 32-bit type 'unsigned int' [ 61.185530] CPU: 0 PID: 639 Comm: qp Not tainted 4.18.0-rc1-00037-g4aa1d69a9c60-dirty #96 [ 61.186981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-2.fc27 04/01/2014 [ 61.188315] Call Trace: [ 61.188661] dump_stack+0xc7/0x13b [ 61.190427] ubsan_epilogue+0x9/0x49 [ 61.190899] __ubsan_handle_shift_out_of_bounds+0x1ea/0x22f [ 61.197040] mlx5_ib_create_wq+0x1c99/0x1d50 [ 61.206632] ib_uverbs_ex_create_wq+0x499/0x820 [ 61.213892] ib_uverbs_write+0x77e/0xae0 [ 61.248018] vfs_write+0x121/0x3b0 [ 61.249831] ksys_write+0xa1/0x120 [ 61.254024] do_syscall_64+0x7c/0x2a0 [ 61.256178] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 61.259211] RIP: 0033:0x7f54bab70e99 [ 61.262125] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 [ 61.268678] RSP: 002b:00007ffe1541c318 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 61.271076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f54bab70e99 [ 61.273795] RDX: 0000000000000070 RSI: 0000000020000240 RDI: 0000000000000003 [ 61.276982] RBP: 00007ffe1541c330 R08: 00000000200078e0 R09: 0000000000000002 [ 61.280035] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004005c0 [ 61.283279] R13: 00007ffe1541c420 R14: 0000000000000000 R15: 0000000000000000 Cc: <stable(a)vger.kernel.org> # 4.7 Fixes: 79b20a6c3014 ("IB/mlx5: Add receive Work Queue verbs") Cc: syzkaller <syzkaller(a)googlegroups.com> Reported-by: Noa Osherovich <noaos(a)mellanox.com> Signed-off-by: Leon Romanovsky <leonro(a)mellanox.com> Signed-off-by: Kees Cook <keescook(a)chromium.org> --- drivers/infiniband/hw/mlx5/qp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/infiniband/hw/mlx5/qp.c b/drivers/infiniband/hw/mlx5/qp.c index a4f1f638509f..7fc156db643d 100644 --- a/drivers/infiniband/hw/mlx5/qp.c +++ b/drivers/infiniband/hw/mlx5/qp.c @@ -5365,7 +5365,10 @@ static int set_user_rq_size(struct mlx5_ib_dev *dev, rwq->wqe_count = ucmd->rq_wqe_count; rwq->wqe_shift = ucmd->rq_wqe_shift; - rwq->buf_size = (rwq->wqe_count << rwq->wqe_shift); + if (check_shift_overflow(rwq->wqe_count, rwq->wqe_shift, + &rwq->buf_size)) + return -EINVAL; + rwq->log_rq_stride = rwq->wqe_shift; rwq->log_rq_size = ilog2(rwq->wqe_count); return 0; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH] drm/i915/gvt: move intel_runtime_pm_get out of spin_lock in stop_schedule

by hang.yuan＠linux.intel.com

From: Hang Yuan <hang.yuan(a)linux.intel.com> pm_runtime_get_sync in intel_runtime_pm_get might sleep if i915 device is not active. When stop vgpu schedule, the device may be inactive. So need to move runtime_pm_get out of spin_lock/unlock. Fixes: b24881e0b0b6("drm/i915/gvt: Add runtime_pm_get/put into gvt_switch_mmio Signed-off-by: Hang Yuan <hang.yuan(a)linux.intel.com> Signed-off-by: Xiong Zhang <xiong.y.zhang(a)intel.com> --- drivers/gpu/drm/i915/gvt/mmio_context.c | 2 -- drivers/gpu/drm/i915/gvt/sched_policy.c | 3 +++ 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/i915/gvt/mmio_context.c b/drivers/gpu/drm/i915/gvt/mmio_context.c index 7e702c6..10e63ee 100644 --- a/drivers/gpu/drm/i915/gvt/mmio_context.c +++ b/drivers/gpu/drm/i915/gvt/mmio_context.c @@ -549,11 +549,9 @@ void intel_gvt_switch_mmio(struct intel_vgpu *pre, * performace for batch mmio read/write, so we need * handle forcewake mannually. */ - intel_runtime_pm_get(dev_priv); intel_uncore_forcewake_get(dev_priv, FORCEWAKE_ALL); switch_mmio(pre, next, ring_id); intel_uncore_forcewake_put(dev_priv, FORCEWAKE_ALL); - intel_runtime_pm_put(dev_priv); } /** diff --git a/drivers/gpu/drm/i915/gvt/sched_policy.c b/drivers/gpu/drm/i915/gvt/sched_policy.c index 09d7bb7..985fe81 100644 --- a/drivers/gpu/drm/i915/gvt/sched_policy.c +++ b/drivers/gpu/drm/i915/gvt/sched_policy.c @@ -426,6 +426,7 @@ void intel_vgpu_stop_schedule(struct intel_vgpu *vgpu) &vgpu->gvt->scheduler; int ring_id; struct vgpu_sched_data *vgpu_data = vgpu->sched_data; + struct drm_i915_private *dev_priv = vgpu->gvt->dev_priv; if (!vgpu_data->active) return; @@ -444,6 +445,7 @@ void intel_vgpu_stop_schedule(struct intel_vgpu *vgpu) scheduler->current_vgpu = NULL; } + intel_runtime_pm_get(dev_priv); spin_lock_bh(&scheduler->mmio_context_lock); for (ring_id = 0; ring_id < I915_NUM_ENGINES; ring_id++) { if (scheduler->engine_owner[ring_id] == vgpu) { @@ -452,5 +454,6 @@ void intel_vgpu_stop_schedule(struct intel_vgpu *vgpu) } } spin_unlock_bh(&scheduler->mmio_context_lock); + intel_runtime_pm_put(dev_priv); mutex_unlock(&vgpu->gvt->sched_lock); } -- 2.7.4

7 years, 1 month

3
2
0 0

[PATCH v2 3/3] RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq

by Kees Cook

From: Leon Romanovsky <leonro(a)mellanox.com> [ 61.182439] UBSAN: Undefined behaviour in drivers/infiniband/hw/mlx5/qp.c:5366:34 [ 61.183673] shift exponent 4294967288 is too large for 32-bit type 'unsigned int' [ 61.185530] CPU: 0 PID: 639 Comm: qp Not tainted 4.18.0-rc1-00037-g4aa1d69a9c60-dirty #96 [ 61.186981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-2.fc27 04/01/2014 [ 61.188315] Call Trace: [ 61.188661] dump_stack+0xc7/0x13b [ 61.190427] ubsan_epilogue+0x9/0x49 [ 61.190899] __ubsan_handle_shift_out_of_bounds+0x1ea/0x22f [ 61.197040] mlx5_ib_create_wq+0x1c99/0x1d50 [ 61.206632] ib_uverbs_ex_create_wq+0x499/0x820 [ 61.213892] ib_uverbs_write+0x77e/0xae0 [ 61.248018] vfs_write+0x121/0x3b0 [ 61.249831] ksys_write+0xa1/0x120 [ 61.254024] do_syscall_64+0x7c/0x2a0 [ 61.256178] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 61.259211] RIP: 0033:0x7f54bab70e99 [ 61.262125] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 [ 61.268678] RSP: 002b:00007ffe1541c318 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 61.271076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f54bab70e99 [ 61.273795] RDX: 0000000000000070 RSI: 0000000020000240 RDI: 0000000000000003 [ 61.276982] RBP: 00007ffe1541c330 R08: 00000000200078e0 R09: 0000000000000002 [ 61.280035] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004005c0 [ 61.283279] R13: 00007ffe1541c420 R14: 0000000000000000 R15: 0000000000000000 Cc: <stable(a)vger.kernel.org> # 4.7 Fixes: 79b20a6c3014 ("IB/mlx5: Add receive Work Queue verbs") Cc: syzkaller <syzkaller(a)googlegroups.com> Reported-by: Noa Osherovich <noaos(a)mellanox.com> Signed-off-by: Leon Romanovsky <leonro(a)mellanox.com> Signed-off-by: Kees Cook <keescook(a)chromium.org> --- drivers/infiniband/hw/mlx5/qp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/infiniband/hw/mlx5/qp.c b/drivers/infiniband/hw/mlx5/qp.c index a4f1f638509f..7fc156db643d 100644 --- a/drivers/infiniband/hw/mlx5/qp.c +++ b/drivers/infiniband/hw/mlx5/qp.c @@ -5365,7 +5365,10 @@ static int set_user_rq_size(struct mlx5_ib_dev *dev, rwq->wqe_count = ucmd->rq_wqe_count; rwq->wqe_shift = ucmd->rq_wqe_shift; - rwq->buf_size = (rwq->wqe_count << rwq->wqe_shift); + if (check_shift_overflow(rwq->wqe_count, rwq->wqe_shift, + &rwq->buf_size)) + return -EINVAL; + rwq->log_rq_stride = rwq->wqe_shift; rwq->log_rq_size = ilog2(rwq->wqe_count); return 0; -- 2.17.1

7 years, 1 month

1
0
0 0

+ userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails has been added to the -mm tree. Its filename is userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/userfaultfd-remove-uffd-flags-from… and later at http://ozlabs.org/~akpm/mmotm/broken-out/userfaultfd-remove-uffd-flags-from… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Subject: userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails The fix in 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") cleared the vma->vm_userfaultfd_ctx but kept userfaultfd flags in vma->vm_flags that were copied from the parent process VMA. As the result, there is an inconsistency between the values of vma->vm_userfaultfd_ctx.ctx and vma->vm_flags which triggers BUG_ON in userfaultfd_release(). Clearing the uffd flags from vma->vm_flags in case of UFFD_EVENT_FORK failure resolves the issue. Link: http://lkml.kernel.org/r/1532931975-25473-1-git-send-email-rppt@linux.vnet.… Fixes: 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") Signed-off-by: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Reported-by: syzbot+121be635a7a35ddb7dcb(a)syzkaller.appspotmail.com Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Eric Biggers <ebiggers3(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- diff -puN fs/userfaultfd.c~userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails fs/userfaultfd.c --- a/fs/userfaultfd.c~userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails +++ a/fs/userfaultfd.c @@ -633,8 +633,10 @@ static void userfaultfd_event_wait_compl /* the various vma->vm_userfaultfd_ctx still points to it */ down_write(&mm->mmap_sem); for (vma = mm->mmap; vma; vma = vma->vm_next) - if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) + if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) { vma->vm_userfaultfd_ctx = NULL_VM_UFFD_CTX; + vma->vm_flags &= ~(VM_UFFD_WP | VM_UFFD_MISSING); + } up_write(&mm->mmap_sem); userfaultfd_ctx_put(release_new_ctx); _ Patches currently in -mm which might be from rppt(a)linux.vnet.ibm.com are userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails.patch mm-make-deferred_struct_page_init-explicitly-depend-on-sparsemem.patch mm-memblock-replace-u64-with-phys_addr_t-where-appropriate.patch mm-mempool-add-missing-parameter-description.patch mm-util-make-strndup_user-description-a-kernel-doc-comment.patch mm-util-add-kernel-doc-for-kvfree.patch docs-core-api-kill-trailing-whitespace-in-kernel-apirst.patch docs-core-api-move-strmemdup-to-string-manipulation.patch docs-core-api-split-memory-management-api-to-a-separate-file.patch docs-mm-make-gfp-flags-descriptions-usable-as-kernel-doc.patch docs-core-api-mm-api-add-section-about-gfp-flags.patch

7 years, 1 month

1
0
0 0

Are you sure?

by Ms CHIANG Lai Yuen JP

I have a Businesss Proposal for you, Can you do it? If yes please get back to me for more details.

7 years, 1 month

1
0
0 0

[PATCH for-4.4.y 0/5] net/sched: init failure fixes

by Amit Pundir

Hi Greg, Kindly consider/review following net/sched fixes for stable 4.4.y. This patchset is a follow-up of upstream fix 87b60cfacf9f ("net_sched: fix error recovery at qdisc creation") cherry-picked on stable 4.4.y. It fix null pointer dereferences due to uninitialized timer (qdisc watchdog) or double frees due to ->destroy cleaning up a second time. Here is the original submission https://www.mail-archive.com/netdev@vger.kernel.org/msg186003.html Cherry-picked and build tested on Linux 4.4.145 for ARCH=arm/arm64. Regards, Amit Pundir Nikolay Aleksandrov (5): sch_htb: fix crash on init failure sch_multiq: fix double free on init failure sch_hhf: fix null pointer dereference on init failure sch_netem: avoid null pointer deref on init failure sch_tbf: fix two null pointer dereferences on init failure net/sched/sch_hhf.c | 3 +++ net/sched/sch_htb.c | 5 +++-- net/sched/sch_multiq.c | 7 +------ net/sched/sch_netem.c | 4 ++-- net/sched/sch_tbf.c | 5 +++-- 5 files changed, 12 insertions(+), 12 deletions(-) -- 2.7.4

7 years, 1 month

1
5
0 0

[PATCH] x86/microcode: Don't duplicate code to update ucode cpu info and cpu info

by Filippo Sironi

... on late microcode loading when handling a CPU that's already been updated and a CPU that's yet to be updated. Signed-off-by: Filippo Sironi <sironi(a)amazon.de> --- arch/x86/kernel/cpu/microcode/amd.c | 15 +++++++++------ arch/x86/kernel/cpu/microcode/intel.c | 10 ++++++---- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c index 0624957aa068..77758e10f16f 100644 --- a/arch/x86/kernel/cpu/microcode/amd.c +++ b/arch/x86/kernel/cpu/microcode/amd.c @@ -505,6 +505,7 @@ static enum ucode_state apply_microcode_amd(int cpu) struct ucode_cpu_info *uci; struct ucode_patch *p; u32 rev, dummy; + enum ucode_state ret; BUG_ON(raw_smp_processor_id() != cpu); @@ -521,9 +522,8 @@ static enum ucode_state apply_microcode_amd(int cpu) /* need to apply patch? */ if (rev >= mc_amd->hdr.patch_id) { - c->microcode = rev; - uci->cpu_sig.rev = rev; - return UCODE_OK; + ret = UCODE_OK; + goto out; } if (__apply_microcode_amd(mc_amd)) { @@ -534,10 +534,13 @@ static enum ucode_state apply_microcode_amd(int cpu) pr_info("CPU%d: new patch_level=0x%08x\n", cpu, mc_amd->hdr.patch_id); - uci->cpu_sig.rev = mc_amd->hdr.patch_id; - c->microcode = mc_amd->hdr.patch_id; + ret = UCODE_UPDATED; + rev = mc_amd->hdr.patch_id; +out: + uci->cpu_sig.rev = rev; + c->microcode = rev; - return UCODE_UPDATED; + return ret; } static int install_equiv_cpu_table(const u8 *buf) diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 97ccf4c3b45b..4bc869e829eb 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -797,6 +797,7 @@ static enum ucode_state apply_microcode_intel(int cpu) struct microcode_intel *mc; static int prev_rev; u32 rev; + enum ucode_state ret; /* We should bind the task to the CPU */ if (WARN_ON(raw_smp_processor_id() != cpu)) @@ -817,9 +818,8 @@ static enum ucode_state apply_microcode_intel(int cpu) */ rev = intel_get_microcode_revision(); if (rev >= mc->hdr.rev) { - uci->cpu_sig.rev = rev; - c->microcode = rev; - return UCODE_OK; + ret = UCODE_OK; + goto out; } /* @@ -848,10 +848,12 @@ static enum ucode_state apply_microcode_intel(int cpu) prev_rev = rev; } + ret = UCODE_UPDATED; +out: uci->cpu_sig.rev = rev; c->microcode = rev; - return UCODE_UPDATED; + return ret; } static enum ucode_state generic_load_microcode(int cpu, void *data, size_t size, -- 2.7.4

7 years, 1 month

3
3
0 0

[PATCH 1/3] ext4: super: Fix spectre gadget in ext4_quota_on

by Jeremy Cline

'type' is a user-controlled value used to index into 's_qf_names', which can be used in a Spectre v1 attack. Clamp 'type' to the size of the array to avoid a speculative out-of-bounds read. Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: stable(a)vger.kernel.org Signed-off-by: Jeremy Cline <jcline(a)redhat.com> --- fs/ext4/super.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/ext4/super.c b/fs/ext4/super.c index 6480e763080f..c04a09b51742 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -40,6 +40,7 @@ #include <linux/crc16.h> #include <linux/dax.h> #include <linux/cleancache.h> +#include <linux/nospec.h> #include <linux/uaccess.h> #include <linux/iversion.h> @@ -5559,6 +5560,7 @@ static int ext4_quota_on(struct super_block *sb, int type, int format_id, if (path->dentry->d_sb != sb) return -EXDEV; /* Journaling quota? */ + type = array_index_nospec(type, EXT4_MAXQUOTAS); if (EXT4_SB(sb)->s_qf_names[type]) { /* Quotafile not in fs root? */ if (path->dentry->d_parent != sb->s_root) -- 2.17.1

7 years, 1 month

3
4
0 0

[PATCH] kernel.h: Disable -Wreturn-stack-address for _THIS_IP_

by Nick Desaulniers

Starting with Clang-7.0, _THIS_IP_ generates -Wreturn-stack-address warnings for almost every translation unit. In general, I'd prefer to leave this on (returning the address of a stack allocated variable is in general a bad idea) and disable it only at whitelisted call sites. We can't do something like: #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wreturn-stack-address" <code> #pragma clang diagnostic pop in a GNU Statement Expression or macro, hence we use _Pragma, which is its raison d'être: https://gcc.gnu.org/onlinedocs/cpp/Pragmas.html Cc: stable(a)vger.kernel.org # 4.17, 4.14, 4.9, 4.4 Signed-off-by: Nick Desaulniers <ndesaulniers(a)google.com> --- include/linux/kernel.h | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/include/linux/kernel.h b/include/linux/kernel.h index 941dc0a5a877..5906f5727f90 100644 --- a/include/linux/kernel.h +++ b/include/linux/kernel.h @@ -168,7 +168,15 @@ #define _RET_IP_ (unsigned long)__builtin_return_address(0) -#define _THIS_IP_ ({ __label__ __here; __here: (unsigned long)&&__here; }) +#define _THIS_IP_ ( \ +{ \ + _Pragma("clang diagnostic push") \ + _Pragma("clang diagnostic ignored \"-Wreturn-stack-address\"") \ + __label__ __here; \ +__here: (unsigned long)&&__here; \ + _Pragma("clang diagnostic pop") \ +} \ +) #ifdef CONFIG_LBDAF # include <asm/div64.h> -- 2.18.0.233.g985f88cf7e-goog

7 years, 1 month

3
6
0 0

[PATCH v2] arch/x86: Fix boot_cpu_data.microcode version output

by Prarit Bhargava

I tested this on AMD Ryzen & Intel Broadwell system and dumped the boot_cpu_data before and after a microcode update. On the Intel system I also did a fatal MCE using mce-inject to confirm the output from the mce handling code. P. ---8<--- On systems where a runtime microcode update has occurred the microcode version output in a MCE log record is wrong because boot_cpu_data.microcode is not updated during runtime. Update boot_cpu_data.microcode when the BSP's microcode is updated. Fixes: fa94d0c6e0f3 ("x86/MCE: Save microcode revision in machine check records") Suggested-by: Borislav Petkov <bp(a)alien8.com> Signed-off-by: Prarit Bhargava <prarit(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: sironi(a)amazon.de Cc: tony.luck(a)intel.com --- Changes in v2: Use mc_amd->hdr.patch_id on AMD arch/x86/kernel/cpu/microcode/amd.c | 4 ++++ arch/x86/kernel/cpu/microcode/intel.c | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c index 0624957aa068..63b072377ba4 100644 --- a/arch/x86/kernel/cpu/microcode/amd.c +++ b/arch/x86/kernel/cpu/microcode/amd.c @@ -537,6 +537,10 @@ static enum ucode_state apply_microcode_amd(int cpu) uci->cpu_sig.rev = mc_amd->hdr.patch_id; c->microcode = mc_amd->hdr.patch_id; + /* Update boot_cpu_data's revision too, if we're on the BSP: */ + if (c->cpu_index == boot_cpu_data.cpu_index) + boot_cpu_data.microcode = mc_amd->hdr.patch_id; + return UCODE_UPDATED; } diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 97ccf4c3b45b..256d336cbc04 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -851,6 +851,10 @@ static enum ucode_state apply_microcode_intel(int cpu) uci->cpu_sig.rev = rev; c->microcode = rev; + /* Update boot_cpu_data's revision too, if we're on the BSP: */ + if (c->cpu_index == boot_cpu_data.cpu_index) + boot_cpu_data.microcode = rev; + return UCODE_UPDATED; } -- 2.17.0

7 years, 1 month

3
3
0 0

[PATCH v2] ipc/shm.c add ->pagesize function to shm_vm_ops

by Jane Chu

05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") adds a new ->pagesize() function to hugetlb_vm_ops, intended to cover all hugetlbfs backed files. With System V shared memory model, if "huge page" is specified, the "shared memory" is backed by hugetlbfs files, but the mappings initiated via shmget/shmat have their original vm_ops overwritten with shm_vm_ops, so we need to add a ->pagesize function to shm_vm_ops. Otherwise, vma_kernel_pagesize() returns PAGE_SIZE given a hugetlbfs backed vma, result in below BUG: fs/hugetlbfs/inode.c 443 if (unlikely(page_mapped(page))) { 444 BUG_ON(truncate_op); [ 242.268342] hugetlbfs: oracle (4592): Using mlock ulimits for SHM_HUGETLB is deprecated [ 282.653208] ------------[ cut here ]------------ [ 282.708447] kernel BUG at fs/hugetlbfs/inode.c:444! [ 282.818957] Modules linked in: nfsv3 rpcsec_gss_krb5 nfsv4 ... [ 284.025873] CPU: 35 PID: 5583 Comm: oracle_5583_sbt Not tainted 4.14.35-1829.el7uek.x86_64 #2 [ 284.246609] task: ffff9bf0507aaf80 task.stack: ffffa9e625628000 [ 284.317455] RIP: 0010:remove_inode_hugepages+0x3db/0x3e2 .... [ 285.292389] Call Trace: [ 285.321630] hugetlbfs_evict_inode+0x1e/0x3e [ 285.372707] evict+0xdb/0x1af [ 285.408185] iput+0x1a2/0x1f7 [ 285.443661] dentry_unlink_inode+0xc6/0xf0 [ 285.492661] __dentry_kill+0xd8/0x18d [ 285.536459] dput+0x1b5/0x1ed [ 285.571939] __fput+0x18b/0x216 [ 285.609495] ____fput+0xe/0x10 [ 285.646030] task_work_run+0x90/0xa7 [ 285.688788] exit_to_usermode_loop+0xdd/0x116 [ 285.740905] do_syscall_64+0x187/0x1ae [ 285.785740] entry_SYSCALL_64_after_hwframe+0x150/0x0 Link: http://lkml.kernel.org/r/20180727211727.5020-1-jane.chu@oracle.com Fixes: 05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") Signed-off-by: Jane Chu <jane.chu(a)oracle.com> Suggested-by: Mike Kravetz <mike.kravetz(a)oracle.com> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Acked-by: Davidlohr Bueso <dbueso(a)suse.de> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Jan Kara <jack(a)suse.cz> Cc: JÃ©rÃ´me Glisse <jglisse(a)redhat.com> Cc: Davidlohr Bueso <dave(a)stgolabs.net> Cc: Manfred Spraul <manfred(a)colorfullife.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- --- ipc/shm.c | 12 ++++++++++++ mm/hugetlb.c | 7 +++++++ 2 files changed, 19 insertions(+) diff --git a/ipc/shm.c b/ipc/shm.c index 051a3e1fb8df..fefa00d310fb 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -427,6 +427,17 @@ static int shm_split(struct vm_area_struct *vma, unsigned long addr) return 0; } +static unsigned long shm_pagesize(struct vm_area_struct *vma) +{ + struct file *file = vma->vm_file; + struct shm_file_data *sfd = shm_file_data(file); + + if (sfd->vm_ops->pagesize) + return sfd->vm_ops->pagesize(vma); + + return PAGE_SIZE; +} + #ifdef CONFIG_NUMA static int shm_set_policy(struct vm_area_struct *vma, struct mempolicy *new) { @@ -554,6 +565,7 @@ static const struct vm_operations_struct shm_vm_ops = { .close = shm_close, /* callback for when the vm-area is released */ .fault = shm_fault, .split = shm_split, + .pagesize = shm_pagesize, #if defined(CONFIG_NUMA) .set_policy = shm_set_policy, .get_policy = shm_get_policy, diff --git a/mm/hugetlb.c b/mm/hugetlb.c index 039ddbc574e9..3103099f64fd 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -3167,6 +3167,13 @@ static vm_fault_t hugetlb_vm_op_fault(struct vm_fault *vmf) return 0; } +/* + * When a new function is introduced to vm_operations_struct and added + * to hugetlb_vm_ops, please consider adding the function to shm_vm_ops. + * This is because under System V memory model, mappings created via + * shmget/shmat with "huge page" specified are backed by hugetlbfs files, + * their original vm_ops are overwritten with shm_vm_ops. + */ const struct vm_operations_struct hugetlb_vm_ops = { .fault = hugetlb_vm_op_fault, .open = hugetlb_vm_op_open, -- 2.15.GIT

7 years, 1 month

1
0
0 0

[PATCH] arch/x86: Fix boot_cpu_data.microcode version output

by Prarit Bhargava

On systems where a runtime microcode update has occurred the microcode version output in a MCE log record is wrong because boot_cpu_data.microcode is not updated during runtime. Update boot_cpu_data.microcode when the BSP's microcode is updated. Fixes: fa94d0c6e0f3 ("x86/MCE: Save microcode revision in machine check records") Suggested-by: Borislav Petkov <bp(a)alien8.com> Signed-off-by: Prarit Bhargava <prarit(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: sironi(a)amazon.de Cc: tony.luck(a)intel.com --- arch/x86/kernel/cpu/microcode/amd.c | 4 ++++ arch/x86/kernel/cpu/microcode/intel.c | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c index 0624957aa068..7f5b32535ac7 100644 --- a/arch/x86/kernel/cpu/microcode/amd.c +++ b/arch/x86/kernel/cpu/microcode/amd.c @@ -537,6 +537,10 @@ static enum ucode_state apply_microcode_amd(int cpu) uci->cpu_sig.rev = mc_amd->hdr.patch_id; c->microcode = mc_amd->hdr.patch_id; + /* Update boot_cpu_data's revision too, if we're on the BSP: */ + if (c->cpu_index == boot_cpu_data.cpu_index) + boot_cpu_data.microcode = rev; + return UCODE_UPDATED; } diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 97ccf4c3b45b..256d336cbc04 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -851,6 +851,10 @@ static enum ucode_state apply_microcode_intel(int cpu) uci->cpu_sig.rev = rev; c->microcode = rev; + /* Update boot_cpu_data's revision too, if we're on the BSP: */ + if (c->cpu_index == boot_cpu_data.cpu_index) + boot_cpu_data.microcode = rev; + return UCODE_UPDATED; } -- 2.17.0

7 years, 1 month

2
2
0 0

[PATCH] qedi: Fix a potential buffer overflow

by Bart Van Assche

Tell snprintf() to store at most 255 characters in the output buffer instead of 256. This patch avoids that smatch reports the following warning: drivers/scsi/qedi/qedi_main.c:891: qedi_get_boot_tgt_info() error: snprintf() is printing too much 256 vs 255 Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: <QLogic-Storage-Upstream(a)cavium.com> Cc: <stable(a)vger.kernel.org> --- drivers/scsi/qedi/qedi_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/scsi/qedi/qedi_main.c b/drivers/scsi/qedi/qedi_main.c index 682f3ce31014..ea62180d9ec8 100644 --- a/drivers/scsi/qedi/qedi_main.c +++ b/drivers/scsi/qedi/qedi_main.c @@ -888,7 +888,7 @@ static void qedi_get_boot_tgt_info(struct nvm_iscsi_block *block, ipv6_en = !!(block->generic.ctrl_flags & NVM_ISCSI_CFG_GEN_IPV6_ENABLED); - snprintf(tgt->iscsi_name, NVM_ISCSI_CFG_ISCSI_NAME_MAX_LEN, "%s\n", + snprintf(tgt->iscsi_name, sizeof(tgt->iscsi_name), "%s\n", block->target[index].target_name.byte); tgt->ipv6_en = ipv6_en; -- 2.18.0

7 years, 1 month

3
2
0 0

Richard & Angela Maxwell Congratulates You..

by Richard & Angela Maxwell

My wife and I won the Euro Millions Lottery of 53 Million British Pounds and we have voluntarily decided to donate 1,000,000GBP(One Million British Pounds) to 5 individuals randomly as part of our own charity project. To verify our lottery winnings,please see our interview by visiting the web page below: http://www.telegraph.co.uk/news/newstopics/howaboutthat/11511467/Lincolnshi… Lincolnshire couple thought £53m EuroMillions win was ... A retired couple who have become one of the country's biggest ever National Lottery winners after bagging more than £53 million at first thought it was an April Fool's joke. Richard and Angela Maxwell, from Boston in Lincolnshire, scooped £53,193,914 after winning the EuroMillions jackpot draw on ... www.telegraph.co.uk After a computer spinball,your email address was among the emails which were submitted to us by the Google, Inc as a web user; ifyou have received our email, kindly send us the below details so that we can transfer your 1,000,000.00 GBP(One Million Pounds) in your name or direct our paying bank to effect the transfer of the funds to your designated bank account in your own country. Full Names: Mobile No: Age: Address: Send your response to: richangela203(a)hotmail.com or richangela22<3057927356(a)qq.com> Best Regards, Richard & Angela Maxwell

7 years, 1 month

1
0
0 0

[PATCH v3 8/8] drm/nouveau: Call pm_runtime_get_noresume() from hpd handlers

by Lyude Paul

We can't and don't need to try resuming the device from our hotplug handlers, but hotplug events are generally something we'd like to keep the device awake for whenever possible. So, grab a PM ref safely in our hotplug handlers using pm_runtime_get_noresume() and mark the device as busy once we're finished. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 8409c3f2c3a1..5a8e8c1ad647 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -1152,6 +1152,11 @@ nouveau_connector_hotplug(struct nvif_notify *notify) const char *name = connector->name; struct nouveau_encoder *nv_encoder; + /* Resuming the device here isn't possible; but the suspend PM ops + * will wait for us to finish our work before disabling us so this + * should be enough + */ + pm_runtime_get_noresume(drm->dev->dev); nv_connector->hpd_task = current; if (rep->mask & NVIF_NOTIFY_CONN_V0_IRQ) { @@ -1171,6 +1176,9 @@ nouveau_connector_hotplug(struct nvif_notify *notify) } nv_connector->hpd_task = NULL; + + pm_runtime_mark_last_busy(drm->dev->dev); + pm_runtime_put_autosuspend(drm->dev->dev); return NVIF_NOTIFY_KEEP; } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 7/8] drm/nouveau: Fix deadlocks in nouveau_connector_detect()

by Lyude Paul

When we disable hotplugging on the GPU, we need to be able to synchronize with each connector's hotplug interrupt handler before the interrupt is finally disabled. This can be a problem however, since nouveau_connector_detect() currently grabs a runtime power reference when handling connector probing. This will deadlock the runtime suspend handler like so: [ 861.480896] INFO: task kworker/0:2:61 blocked for more than 120 seconds. [ 861.483290] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.485158] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.486332] kworker/0:2 D 0 61 2 0x80000000 [ 861.487044] Workqueue: events nouveau_display_hpd_work [nouveau] [ 861.487737] Call Trace: [ 861.488394] __schedule+0x322/0xaf0 [ 861.489070] schedule+0x33/0x90 [ 861.489744] rpm_resume+0x19c/0x850 [ 861.490392] ? finish_wait+0x90/0x90 [ 861.491068] __pm_runtime_resume+0x4e/0x90 [ 861.491753] nouveau_display_hpd_work+0x22/0x60 [nouveau] [ 861.492416] process_one_work+0x231/0x620 [ 861.493068] worker_thread+0x44/0x3a0 [ 861.493722] kthread+0x12b/0x150 [ 861.494342] ? wq_pool_ids_show+0x140/0x140 [ 861.494991] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.495648] ret_from_fork+0x3a/0x50 [ 861.496304] INFO: task kworker/6:2:320 blocked for more than 120 seconds. [ 861.496968] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.497654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.498341] kworker/6:2 D 0 320 2 0x80000080 [ 861.499045] Workqueue: pm pm_runtime_work [ 861.499739] Call Trace: [ 861.500428] __schedule+0x322/0xaf0 [ 861.501134] ? wait_for_completion+0x104/0x190 [ 861.501851] schedule+0x33/0x90 [ 861.502564] schedule_timeout+0x3a5/0x590 [ 861.503284] ? mark_held_locks+0x58/0x80 [ 861.503988] ? _raw_spin_unlock_irq+0x2c/0x40 [ 861.504710] ? wait_for_completion+0x104/0x190 [ 861.505417] ? trace_hardirqs_on_caller+0xf4/0x190 [ 861.506136] ? wait_for_completion+0x104/0x190 [ 861.506845] wait_for_completion+0x12c/0x190 [ 861.507555] ? wake_up_q+0x80/0x80 [ 861.508268] flush_work+0x1c9/0x280 [ 861.508990] ? flush_workqueue_prep_pwqs+0x1b0/0x1b0 [ 861.509735] nvif_notify_put+0xb1/0xc0 [nouveau] [ 861.510482] nouveau_display_fini+0xbd/0x170 [nouveau] [ 861.511241] nouveau_display_suspend+0x67/0x120 [nouveau] [ 861.511969] nouveau_do_suspend+0x5e/0x2d0 [nouveau] [ 861.512715] nouveau_pmops_runtime_suspend+0x47/0xb0 [nouveau] [ 861.513435] pci_pm_runtime_suspend+0x6b/0x180 [ 861.514165] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.514897] __rpm_callback+0x7a/0x1d0 [ 861.515618] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.516313] rpm_callback+0x24/0x80 [ 861.517027] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.517741] rpm_suspend+0x142/0x6b0 [ 861.518449] pm_runtime_work+0x97/0xc0 [ 861.519144] process_one_work+0x231/0x620 [ 861.519831] worker_thread+0x44/0x3a0 [ 861.520522] kthread+0x12b/0x150 [ 861.521220] ? wq_pool_ids_show+0x140/0x140 [ 861.521925] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.522622] ret_from_fork+0x3a/0x50 [ 861.523299] INFO: task kworker/6:0:1329 blocked for more than 120 seconds. [ 861.523977] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.524644] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.525349] kworker/6:0 D 0 1329 2 0x80000000 [ 861.526073] Workqueue: events nvif_notify_work [nouveau] [ 861.526751] Call Trace: [ 861.527411] __schedule+0x322/0xaf0 [ 861.528089] schedule+0x33/0x90 [ 861.528758] rpm_resume+0x19c/0x850 [ 861.529399] ? finish_wait+0x90/0x90 [ 861.530073] __pm_runtime_resume+0x4e/0x90 [ 861.530798] nouveau_connector_detect+0x7e/0x510 [nouveau] [ 861.531459] ? ww_mutex_lock+0x47/0x80 [ 861.532097] ? ww_mutex_lock+0x47/0x80 [ 861.532819] ? drm_modeset_lock+0x88/0x130 [drm] [ 861.533481] drm_helper_probe_detect_ctx+0xa0/0x100 [drm_kms_helper] [ 861.534127] drm_helper_hpd_irq_event+0xa4/0x120 [drm_kms_helper] [ 861.534940] nouveau_connector_hotplug+0x98/0x120 [nouveau] [ 861.535556] nvif_notify_work+0x2d/0xb0 [nouveau] [ 861.536221] process_one_work+0x231/0x620 [ 861.536994] worker_thread+0x44/0x3a0 [ 861.537757] kthread+0x12b/0x150 [ 861.538463] ? wq_pool_ids_show+0x140/0x140 [ 861.539102] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.539815] ret_from_fork+0x3a/0x50 [ 861.540521] Showing all locks held in the system: [ 861.541696] 2 locks held by kworker/0:2/61: [ 861.542406] #0: 000000002dbf8af5 ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.543071] #1: 0000000076868126 ((work_completion)(&drm->hpd_work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.543814] 1 lock held by khungtaskd/64: [ 861.544535] #0: 0000000059db4b53 (rcu_read_lock){....}, at: debug_show_all_locks+0x23/0x185 [ 861.545160] 3 locks held by kworker/6:2/320: [ 861.545896] #0: 00000000d9e1bc59 ((wq_completion)"pm"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.546702] #1: 00000000c9f92d84 ((work_completion)(&dev->power.work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.547443] #2: 000000004afc5de1 (drm_connector_list_iter){.+.+}, at: nouveau_display_fini+0x96/0x170 [nouveau] [ 861.548146] 1 lock held by dmesg/983: [ 861.548889] 2 locks held by zsh/1250: [ 861.549605] #0: 00000000348e3cf6 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 861.550393] #1: 000000007009a7a8 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0xc1/0x870 [ 861.551122] 6 locks held by kworker/6:0/1329: [ 861.551957] #0: 000000002dbf8af5 ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.552765] #1: 00000000ddb499ad ((work_completion)(&notify->work)#2){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.553582] #2: 000000006e013cbe (&dev->mode_config.mutex){+.+.}, at: drm_helper_hpd_irq_event+0x6c/0x120 [drm_kms_helper] [ 861.554357] #3: 000000004afc5de1 (drm_connector_list_iter){.+.+}, at: drm_helper_hpd_irq_event+0x78/0x120 [drm_kms_helper] [ 861.555227] #4: 0000000044f294d9 (crtc_ww_class_acquire){+.+.}, at: drm_helper_probe_detect_ctx+0x3d/0x100 [drm_kms_helper] [ 861.556133] #5: 00000000db193642 (crtc_ww_class_mutex){+.+.}, at: drm_modeset_lock+0x4b/0x130 [drm] [ 861.557864] ============================================= [ 861.559507] NMI backtrace for cpu 2 [ 861.560363] CPU: 2 PID: 64 Comm: khungtaskd Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.561197] Hardware name: LENOVO 20EQS64N0B/20EQS64N0B, BIOS N1EET78W (1.51 ) 05/18/2018 [ 861.561948] Call Trace: [ 861.562757] dump_stack+0x8e/0xd3 [ 861.563516] nmi_cpu_backtrace.cold.3+0x14/0x5a [ 861.564269] ? lapic_can_unplug_cpu.cold.27+0x42/0x42 [ 861.565029] nmi_trigger_cpumask_backtrace+0xa1/0xae [ 861.565789] arch_trigger_cpumask_backtrace+0x19/0x20 [ 861.566558] watchdog+0x316/0x580 [ 861.567355] kthread+0x12b/0x150 [ 861.568114] ? reset_hung_task_detector+0x20/0x20 [ 861.568863] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.569598] ret_from_fork+0x3a/0x50 [ 861.570370] Sending NMI from CPU 2 to CPUs 0-1,3-7: [ 861.571426] NMI backtrace for cpu 6 skipped: idling at intel_idle+0x7f/0x120 [ 861.571429] NMI backtrace for cpu 7 skipped: idling at intel_idle+0x7f/0x120 [ 861.571432] NMI backtrace for cpu 3 skipped: idling at intel_idle+0x7f/0x120 [ 861.571464] NMI backtrace for cpu 5 skipped: idling at intel_idle+0x7f/0x120 [ 861.571467] NMI backtrace for cpu 0 skipped: idling at intel_idle+0x7f/0x120 [ 861.571469] NMI backtrace for cpu 4 skipped: idling at intel_idle+0x7f/0x120 [ 861.571472] NMI backtrace for cpu 1 skipped: idling at intel_idle+0x7f/0x120 [ 861.572428] Kernel panic - not syncing: hung_task: blocked tasks So: fix this with a new trick; store the current task_struct that's executing in the nouveau_connector structure, then avoid attempting to runtime resume the device when we know that we're just running from the context of our hotplug interrupt handler. Since hpd interrupts are only enabled while the device is runtime active, this should be totally safe. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 16 ++++++++++------ drivers/gpu/drm/nouveau/nouveau_connector.h | 1 + 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 9714e09f17db..8409c3f2c3a1 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -572,13 +572,14 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) nv_connector->edid = NULL; } - /* Outputs are only polled while runtime active, so resuming the - * device here is unnecessary (and would deadlock upon runtime suspend - * because it waits for polling to finish). We do however, want to - * prevent the autosuspend timer from elapsing during this operation - * if possible. + /* Output polling and HPD only happens while we're runtime active, so + * resuming the device here is unnecessary (and would deadlock upon + * runtime suspend because it waits for polling to finish). We do + * however, want to prevent the autosuspend timer from elapsing during + * this operation if possible. */ - if (drm_kms_helper_is_poll_worker()) { + if (drm_kms_helper_is_poll_worker() || + nv_connector->hpd_task == current) { pm_runtime_get_noresume(dev->dev); } else { ret = pm_runtime_get_sync(dev->dev); @@ -1151,6 +1152,8 @@ nouveau_connector_hotplug(struct nvif_notify *notify) const char *name = connector->name; struct nouveau_encoder *nv_encoder; + nv_connector->hpd_task = current; + if (rep->mask & NVIF_NOTIFY_CONN_V0_IRQ) { NV_DEBUG(drm, "service %s\n", name); if ((nv_encoder = find_encoder(connector, DCB_OUTPUT_DP))) @@ -1167,6 +1170,7 @@ nouveau_connector_hotplug(struct nvif_notify *notify) nouveau_connector_hotplug_probe(nv_connector); } + nv_connector->hpd_task = NULL; return NVIF_NOTIFY_KEEP; } diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.h b/drivers/gpu/drm/nouveau/nouveau_connector.h index 2d9d35a146a4..1964e682ba13 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.h +++ b/drivers/gpu/drm/nouveau/nouveau_connector.h @@ -45,6 +45,7 @@ struct nouveau_connector { u8 *dcb; struct nvif_notify hpd; + struct task_struct *hpd_task; struct drm_dp_aux aux; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 6/8] drm/nouveau: Respond to HPDs by probing one conn at a time

by Lyude Paul

There isn't actually any reason we need to call drm_hpd_irq_event() from our hotplug handler, as we already know which connector the hotplug event was fired for. We're also going to need to avoid probing all connectors needlessly from hotplug handlers anyway so that we can track when nouveau_connector_detect() is being called from the context of it's connector's hotplug handler in order to fix the next deadlocking issue. This is (slightly) faster anyway! Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 28 ++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 010d6db14cba..9714e09f17db 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -1114,6 +1114,32 @@ nouveau_connector_funcs_lvds = { .atomic_get_property = nouveau_conn_atomic_get_property, }; +static void +nouveau_connector_hotplug_probe(struct nouveau_connector *nv_conn) +{ + struct drm_modeset_acquire_ctx ctx; + struct drm_connector *conn = &nv_conn->base; + enum drm_connector_status old_status; + struct drm_device *dev = conn->dev; + bool changed; + + mutex_lock(&dev->mode_config.mutex); + + drm_modeset_acquire_init(&ctx, 0); + drm_modeset_lock(&dev->mode_config.connection_mutex, &ctx); + + old_status = conn->status; + conn->status = drm_helper_probe_detect(conn, &ctx, true); + changed = old_status != conn->status; + + drm_modeset_drop_locks(&ctx); + drm_modeset_acquire_fini(&ctx); + mutex_unlock(&dev->mode_config.mutex); + + if (changed) + drm_kms_helper_hotplug_event(dev); +} + static int nouveau_connector_hotplug(struct nvif_notify *notify) { @@ -1138,7 +1164,7 @@ nouveau_connector_hotplug(struct nvif_notify *notify) nv50_mstm_remove(nv_encoder->dp.mstm); } - drm_helper_hpd_irq_event(connector->dev); + nouveau_connector_hotplug_probe(nv_connector); } return NVIF_NOTIFY_KEEP; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 5/8] drm/nouveau: Use pm_runtime_get_noresume() in connector_detect()

by Lyude Paul

It's true we can't resume the device from poll workers in nouveau_connector_detect(). We can however, prevent the autosuspend timer from elapsing immediately if it hasn't already without risking any sort of deadlock with the runtime suspend/resume operations. So do that instead of entirely avoiding grabbing a power reference. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 2a45b4c2ceb0..010d6db14cba 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -572,12 +572,16 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) nv_connector->edid = NULL; } - /* Outputs are only polled while runtime active, so acquiring a - * runtime PM ref here is unnecessary (and would deadlock upon - * runtime suspend because it waits for polling to finish). + /* Outputs are only polled while runtime active, so resuming the + * device here is unnecessary (and would deadlock upon runtime suspend + * because it waits for polling to finish). We do however, want to + * prevent the autosuspend timer from elapsing during this operation + * if possible. */ - if (!drm_kms_helper_is_poll_worker()) { - ret = pm_runtime_get_sync(connector->dev->dev); + if (drm_kms_helper_is_poll_worker()) { + pm_runtime_get_noresume(dev->dev); + } else { + ret = pm_runtime_get_sync(dev->dev); if (ret < 0 && ret != -EACCES) return conn_status; } @@ -655,10 +659,8 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) out: - if (!drm_kms_helper_is_poll_worker()) { - pm_runtime_mark_last_busy(connector->dev->dev); - pm_runtime_put_autosuspend(connector->dev->dev); - } + pm_runtime_mark_last_busy(dev->dev); + pm_runtime_put_autosuspend(dev->dev); return conn_status; } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 4/8] drm/nouveau: Fix deadlock with fb_helper using new helpers

by Lyude Paul

This removes the potential of deadlocking with fb_helper entirely by preventing it from handling hotplugs during the runtime suspend process as early as possible in the suspend process. If it turns out this is not possible, due to some fb_helper action having been queued up before we got a time to disable hotplugging, we simply return -EBUSY so that the runtime PM core attempts autosuspending the device again once fb_helper isn't doing anything. This fixes one of the issues causing deadlocks on runtime suspend/resume with nouveau on my P50. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_drm.c | 8 ++++++++ drivers/gpu/drm/nouveau/nouveau_fbcon.c | 1 + 2 files changed, 9 insertions(+) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index ee2546db09c9..d47cb5b2af98 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -836,6 +836,14 @@ nouveau_pmops_runtime_suspend(struct device *dev) return -EBUSY; } + /* There's no way for us to stop fb_helper work in reaction to + * hotplugs later in the RPM process. First off: we don't want to, + * fb_helper should be able to keep the GPU awake. Second off: it is + * capable of grabbing basically any lock in existence. + */ + if (!drm_fb_helper_suspend_hotplug(drm_dev->fb_helper)) + return -EBUSY; + nouveau_switcheroo_optimus_dsm(); ret = nouveau_do_suspend(drm_dev, true); pci_save_state(pdev); diff --git a/drivers/gpu/drm/nouveau/nouveau_fbcon.c b/drivers/gpu/drm/nouveau/nouveau_fbcon.c index 85c1f10bc2b6..963ba630fd04 100644 --- a/drivers/gpu/drm/nouveau/nouveau_fbcon.c +++ b/drivers/gpu/drm/nouveau/nouveau_fbcon.c @@ -466,6 +466,7 @@ nouveau_fbcon_set_suspend_work(struct work_struct *work) console_unlock(); if (state == FBINFO_STATE_RUNNING) { + drm_fb_helper_resume_hotplug(drm->dev->fb_helper); pm_runtime_mark_last_busy(drm->dev->dev); pm_runtime_put_sync(drm->dev->dev); } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 2/8] drm/nouveau: Enable polling even if we have runtime PM

by Lyude Paul

Having runtime PM makes no difference on whether or not we want polling, and it's now safe to just enable polling unconditionally in drm_load() thanks to d61a5c106351 ("drm/nouveau: Fix deadlock on runtime suspend") Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Peter Ujfalusi <peter.ujfalusi(a)ti.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_drm.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index 5fdc1fbe2ee5..ee2546db09c9 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -592,10 +592,11 @@ nouveau_drm_load(struct drm_device *dev, unsigned long flags) pm_runtime_allow(dev->dev); pm_runtime_mark_last_busy(dev->dev); pm_runtime_put(dev->dev); - } else { - /* enable polling for external displays */ - drm_kms_helper_poll_enable(dev); } + + /* enable polling for connectors without hpd */ + drm_kms_helper_poll_enable(dev); + return 0; fail_dispinit: -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 1/8] drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement

by Lyude Paul

Turns out this part is my fault for not noticing when reviewing 9a2eba337cace ("drm/nouveau: Fix drm poll_helper handling"). Currently we call drm_kms_helper_poll_enable() from nouveau_display_hpd_work(). This makes basically no sense however, because that means we're calling drm_kms_helper_poll_enable() every time we schedule the hotplug detection work. This is also against the advice mentioned in drm_kms_helper_poll_enable()'s documentation: Note that calls to enable and disable polling must be strictly ordered, which is automatically the case when they're only call from suspend/resume callbacks. Of course, hotplugs can't really be ordered. They could even happen immediately after we called drm_kms_helper_poll_disable() in nouveau_display_fini(), which can lead to all sorts of issues. Additionally; enabling polling /after/ we call drm_helper_hpd_irq_event() could also mean that we'd miss a hotplug event anyway, since drm_helper_hpd_irq_event() wouldn't bother trying to probe connectors so long as polling is disabled. So; simply move this back into nouveau_display_init() again. The race condition that both of these patches attempted to work around has already been fixed properly in d61a5c106351 ("drm/nouveau: Fix deadlock on runtime suspend") Fixes: 9a2eba337cace ("drm/nouveau: Fix drm poll_helper handling") Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Peter Ujfalusi <peter.ujfalusi(a)ti.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_display.c | 7 +++++-- drivers/gpu/drm/nouveau/nouveau_drm.c | 1 - 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_display.c b/drivers/gpu/drm/nouveau/nouveau_display.c index ec7861457b84..1d36ab5d4796 100644 --- a/drivers/gpu/drm/nouveau/nouveau_display.c +++ b/drivers/gpu/drm/nouveau/nouveau_display.c @@ -355,8 +355,6 @@ nouveau_display_hpd_work(struct work_struct *work) pm_runtime_get_sync(drm->dev->dev); drm_helper_hpd_irq_event(drm->dev); - /* enable polling for external displays */ - drm_kms_helper_poll_enable(drm->dev); pm_runtime_mark_last_busy(drm->dev->dev); pm_runtime_put_sync(drm->dev->dev); @@ -411,6 +409,11 @@ nouveau_display_init(struct drm_device *dev) if (ret) return ret; + /* enable connector detection and polling for connectors without HPD + * support + */ + drm_kms_helper_poll_enable(dev); + /* enable hotplug interrupts */ drm_connector_list_iter_begin(dev, &conn_iter); nouveau_for_each_non_mst_connector_iter(connector, &conn_iter) { diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index c7ec86d6c3c9..5fdc1fbe2ee5 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -835,7 +835,6 @@ nouveau_pmops_runtime_suspend(struct device *dev) return -EBUSY; } - drm_kms_helper_poll_disable(drm_dev); nouveau_switcheroo_optimus_dsm(); ret = nouveau_do_suspend(drm_dev, true); pci_save_state(pdev); -- 2.17.1

7 years, 1 month

1
0
0 0

request for 4.14-stable: 520e18a5080d ("ACPI / APEI: Remove ghes_ioremap_area")

by Sudip Mukherjee

Hi Greg, This was missing in 4.14-stable. Though marked for stable, but not sure if it matches the stable rules. Please apply to your queue if it does. -- Regards Sudip

7 years, 1 month

1
0
0 0

Missing signature-files for 4.9.116/4.14.59

by Rainer Fiebig

Hi! Seems the .sign-files for 4.9.116 and 4.14.59 are missing in https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ - so my script complained. So long! Rainer Fiebig -- The truth always turns out to be simpler than you thought. Richard Feynman

7 years, 1 month

2
2
0 0

[PATCH, RESEND] Avoid that SCSI device removal through sysfs triggers a deadlock

by Bart Van Assche

This patch avoids that self-removal triggers the following deadlock: ====================================================== WARNING: possible circular locking dependency detected 4.18.0-rc2-dbg+ #5 Not tainted ------------------------------------------------------ modprobe/6539 is trying to acquire lock: 000000008323c4cd (kn->count#202){++++}, at: kernfs_remove_by_name_ns+0x45/0x90 but task is already holding lock: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&shost->scan_mutex){+.+.}: __mutex_lock+0xfe/0xc70 mutex_lock_nested+0x1b/0x20 scsi_remove_device+0x26/0x40 [scsi_mod] sdev_store_delete+0x27/0x30 [scsi_mod] dev_attr_store+0x3e/0x50 sysfs_kf_write+0x87/0xa0 kernfs_fop_write+0x190/0x230 __vfs_write+0xd2/0x3b0 vfs_write+0x101/0x270 ksys_write+0xab/0x120 __x64_sys_write+0x43/0x50 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (kn->count#202){++++}: lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&shost->scan_mutex); lock(kn->count#202); lock(&shost->scan_mutex); lock(kn->count#202); *** DEADLOCK *** 2 locks held by modprobe/6539: #0: 00000000efaf9298 (&dev->mutex){....}, at: device_release_driver_internal+0x68/0x360 #1: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] stack backtrace: CPU: 10 PID: 6539 Comm: modprobe Not tainted 4.18.0-rc2-dbg+ #5 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 Call Trace: dump_stack+0xa4/0xf5 print_circular_bug.isra.34+0x213/0x221 __lock_acquire+0x1a7e/0x1b50 lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe See also https://www.mail-archive.com/linux-scsi@vger.kernel.org/msg54525.html. Suggested-by: Eric W. Biederman <ebiederm(a)xmission.com> Fixes: ac0ece9174ac ("scsi: use device_remove_file_self() instead of device_schedule_callback()") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Eric W. Biederman <ebiederm(a)xmission.com> Cc: Tejun Heo <tj(a)kernel.org> Cc: Hannes Reinecke <hare(a)suse.com> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: Ingo Molnar <mingo(a)kernel.org> Cc: Oleg Nesterov <oleg(a)redhat.com> Cc: <stable(a)vger.kernel.org> --- drivers/scsi/scsi_sysfs.c | 48 +++++++++++++++++++++++++++++++++++---- kernel/task_work.c | 1 + 2 files changed, 45 insertions(+), 4 deletions(-) diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c index de122354d09a..c43f645900d4 100644 --- a/drivers/scsi/scsi_sysfs.c +++ b/drivers/scsi/scsi_sysfs.c @@ -12,6 +12,7 @@ #include <linux/blkdev.h> #include <linux/device.h> #include <linux/pm_runtime.h> +#include <linux/task_work.h> #include <scsi/scsi.h> #include <scsi/scsi_device.h> @@ -718,14 +719,53 @@ store_rescan_field (struct device *dev, struct device_attribute *attr, } static DEVICE_ATTR(rescan, S_IWUSR, NULL, store_rescan_field); +struct remove_dev_work { + struct callback_head head; + struct scsi_device *sdev; +}; + +static void delete_sdev(struct callback_head *head) +{ + struct remove_dev_work *work = container_of(head, typeof(*work), head); + struct scsi_device *sdev = work->sdev; + + scsi_remove_device(sdev); + kfree(work); + scsi_device_put(sdev); +} + static ssize_t sdev_store_delete(struct device *dev, struct device_attribute *attr, const char *buf, size_t count) { - if (device_remove_file_self(dev, attr)) - scsi_remove_device(to_scsi_device(dev)); - return count; -}; + struct scsi_device *sdev = to_scsi_device(dev); + struct remove_dev_work *work; + int ret; + + ret = scsi_device_get(sdev); + if (ret < 0) + goto out; + ret = -ENOMEM; + work = kmalloc(sizeof(*work), GFP_KERNEL); + if (!work) + goto put; + work->head.func = delete_sdev; + work->sdev = sdev; + ret = task_work_add(current, &work->head, false); + if (ret < 0) + goto free; + ret = count; + +out: + return ret; + +free: + kfree(work); + +put: + scsi_device_put(sdev); + goto out; +} static DEVICE_ATTR(delete, S_IWUSR, NULL, sdev_store_delete); static ssize_t diff --git a/kernel/task_work.c b/kernel/task_work.c index 0fef395662a6..75dc496b9997 100644 --- a/kernel/task_work.c +++ b/kernel/task_work.c @@ -40,6 +40,7 @@ task_work_add(struct task_struct *task, struct callback_head *work, bool notify) set_notify_resume(task); return 0; } +EXPORT_SYMBOL_GPL(task_work_add); /** * task_work_cancel - cancel a pending work added by task_work_add() -- 2.18.0

7 years, 1 month

7
14
0 0

Re: Patch "kvm, mm: account shadow page tables to kmemcg" has been added to the 4.4-stable tree

by Shakeel Butt

On Sat, Jul 28, 2018 at 1:11 AM <gregkh(a)linuxfoundation.org> wrote: > > > This is a note to let you know that I've just added the patch titled > > kvm, mm: account shadow page tables to kmemcg > > to the 4.4-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > kvm-mm-account-shadow-page-tables-to-kmemcg.patch > and it can be found in the queue-4.4 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > Hi Greg, this patch requires some more changes to be effective on 4.4 kernel as kmem charging is still not in the generic page allocator code path in 4.4. Shakeel > > From d97e5e6160c0e0a23963ec198c7cb1c69e6bf9e8 Mon Sep 17 00:00:00 2001 > From: Shakeel Butt <shakeelb(a)google.com> > Date: Thu, 26 Jul 2018 16:37:45 -0700 > Subject: kvm, mm: account shadow page tables to kmemcg > MIME-Version: 1.0 > Content-Type: text/plain; charset=UTF-8 > Content-Transfer-Encoding: 8bit > > From: Shakeel Butt <shakeelb(a)google.com> > > commit d97e5e6160c0e0a23963ec198c7cb1c69e6bf9e8 upstream. > > The size of kvm's shadow page tables corresponds to the size of the > guest virtual machines on the system. Large VMs can spend a significant > amount of memory as shadow page tables which can not be left as system > memory overhead. So, account shadow page tables to the kmemcg. > > [shakeelb(a)google.com: replace (GFP_KERNEL|__GFP_ACCOUNT) with GFP_KERNEL_ACCOUNT] > Link: http://lkml.kernel.org/r/20180629140224.205849-1-shakeelb@google.com > Link: http://lkml.kernel.org/r/20180627181349.149778-1-shakeelb@google.com > Signed-off-by: Shakeel Butt <shakeelb(a)google.com> > Cc: Michal Hocko <mhocko(a)kernel.org> > Cc: Johannes Weiner <hannes(a)cmpxchg.org> > Cc: Vladimir Davydov <vdavydov.dev(a)gmail.com> > Cc: Paolo Bonzini <pbonzini(a)redhat.com> > Cc: Greg Thelen <gthelen(a)google.com> > Cc: Radim Krčmář <rkrcmar(a)redhat.com> > Cc: Peter Feiner <pfeiner(a)google.com> > Cc: <stable(a)vger.kernel.org> > Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> > Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > > --- > arch/x86/kvm/mmu.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > --- a/arch/x86/kvm/mmu.c > +++ b/arch/x86/kvm/mmu.c > @@ -692,7 +692,7 @@ static int mmu_topup_memory_cache_page(s > if (cache->nobjs >= min) > return 0; > while (cache->nobjs < ARRAY_SIZE(cache->objects)) { > - page = (void *)__get_free_page(GFP_KERNEL); > + page = (void *)__get_free_page(GFP_KERNEL_ACCOUNT); > if (!page) > return -ENOMEM; > cache->objects[cache->nobjs++] = page; > > > Patches currently in stable-queue which might be from shakeelb(a)google.com are > > queue-4.4/kvm-mm-account-shadow-page-tables-to-kmemcg.patch

7 years, 1 month

2
1
0 0

Request for 4.4-stable: e5b7d71aa5b32180adec49a17c752e577c68f740

by Andrea Adami

Greg, referring to 4.4 kernels which I build and use on the legacy Zaurus handhelds, I still carry these fixes which I tested but sent too late for the 4.4 merge window. e5b7d71aa5b3 ASoC: pxa: Fix module autoload for platform drivers I think this fix could be backported to 4.4-stable. Please review. Thanks Andrea

7 years, 1 month

2
1
0 0

[PATCH] tracing: do not leak kernel addresses

by Mark Salyzyn

From: Nick Desaulniers <ndesaulniers(a)google.com> Switch from 0x%lx to 0x%pK to print the kernel addresses. Fixes: CVE-2017-0630 Signed-off-by: Mark Salyzyn <salyzyn(a)android.com> Cc: Nick Desaulniers <ndesaulniers(a)google.com> Cc: Steven Rostedt <rostedt(a)goodmis.org> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: <kernel-team(a)android.com> Cc: <stable(a)vger.kernel.org> # 3.18, 4.4, 4.9, 4.14 Cc: <linux-kernel(a)vger.kernel.org> --- kernel/trace/trace_printk.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/trace_printk.c b/kernel/trace/trace_printk.c index ad1d6164e946..93698023baf1 100644 --- a/kernel/trace/trace_printk.c +++ b/kernel/trace/trace_printk.c @@ -304,7 +304,7 @@ static int t_show(struct seq_file *m, void *v) if (!*fmt) return 0; - seq_printf(m, "0x%lx : \"", *(unsigned long *)fmt); + seq_printf(m, "0x%pK : \"", *(unsigned long *)fmt); /* * Tabs and new lines need to be converted. -- 2.18.0.233.g985f88cf7e-goog

7 years, 1 month

9
26
0 0

[PATCH] block: blk_init_allocated_queue() set q->fq as NULL in the fail case

by xiao jin

We find the memory use-after-free issue in __blk_drain_queue() on the kernel 4.14. After read the latest kernel 4.18-rc6 we think it has the same problem. Memory is allocated for q->fq in the blk_init_allocated_queue(). If the elevator init function called with error return, it will run into the fail case to free the q->fq. Then the __blk_drain_queue() uses the same memory after the free of the q->fq, it will lead to the unpredictable event. The patch is to set q->fq as NULL in the fail case of blk_init_allocated_queue(). Fixes: commit 7c94e1c157a2 ("block: introduce blk_flush_queue to drive flush machinery") Signed-off-by: xiao jin <jin.xiao(a)intel.com> Cc: Ming Lei <ming.lei(a)redhat.com> Cc: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: <stable(a)vger.kernel.org> --- block/blk-core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/block/blk-core.c b/block/blk-core.c index b888175..52635e2 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -1072,6 +1072,7 @@ int blk_init_allocated_queue(struct request_queue *q) q->exit_rq_fn(q, q->fq->flush_rq); out_free_flush_queue: blk_free_flush_queue(q->fq); + q->fq = NULL; return -ENOMEM; } EXPORT_SYMBOL(blk_init_allocated_queue); -- 1.7.9.5

7 years, 1 month

4
3
0 0

FAILED: patch "[PATCH] mm: use vma_init() to initialize VMAs on stack and data" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 2c4541e24c55e2847bede93e33d749280edd429a Mon Sep 17 00:00:00 2001 From: "Kirill A. Shutemov" <kirill.shutemov(a)linux.intel.com> Date: Thu, 26 Jul 2018 16:37:30 -0700 Subject: [PATCH] mm: use vma_init() to initialize VMAs on stack and data segments Make sure to initialize all VMAs properly, not only those which come from vm_area_cachep. Link: http://lkml.kernel.org/r/20180724121139.62570-3-kirill.shutemov@linux.intel… Signed-off-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Acked-by: Linus Torvalds <torvalds(a)linux-foundation.org> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Oleg Nesterov <oleg(a)redhat.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/arch/arm/kernel/process.c b/arch/arm/kernel/process.c index 225d1c58d2de..d9c299133111 100644 --- a/arch/arm/kernel/process.c +++ b/arch/arm/kernel/process.c @@ -338,6 +338,7 @@ static struct vm_area_struct gate_vma = { static int __init gate_vma_init(void) { + vma_init(&gate_vma, NULL); gate_vma.vm_page_prot = PAGE_READONLY_EXEC; return 0; } diff --git a/arch/arm/mach-rpc/ecard.c b/arch/arm/mach-rpc/ecard.c index 39aef4876ed4..8db62cc54a6a 100644 --- a/arch/arm/mach-rpc/ecard.c +++ b/arch/arm/mach-rpc/ecard.c @@ -237,8 +237,8 @@ static void ecard_init_pgtables(struct mm_struct *mm) memcpy(dst_pgd, src_pgd, sizeof(pgd_t) * (EASI_SIZE / PGDIR_SIZE)); + vma_init(&vma, mm); vma.vm_flags = VM_EXEC; - vma.vm_mm = mm; flush_tlb_range(&vma, IO_START, IO_START + IO_SIZE); flush_tlb_range(&vma, EASI_START, EASI_START + EASI_SIZE); diff --git a/arch/arm64/include/asm/tlb.h b/arch/arm64/include/asm/tlb.h index ffdaea7954bb..d87f2d646caa 100644 --- a/arch/arm64/include/asm/tlb.h +++ b/arch/arm64/include/asm/tlb.h @@ -37,7 +37,9 @@ static inline void __tlb_remove_table(void *_table) static inline void tlb_flush(struct mmu_gather *tlb) { - struct vm_area_struct vma = { .vm_mm = tlb->mm, }; + struct vm_area_struct vma; + + vma_init(&vma, tlb->mm); /* * The ASID allocator will either invalidate the ASID or mark diff --git a/arch/arm64/mm/hugetlbpage.c b/arch/arm64/mm/hugetlbpage.c index ecc6818191df..1854e49aa18a 100644 --- a/arch/arm64/mm/hugetlbpage.c +++ b/arch/arm64/mm/hugetlbpage.c @@ -108,11 +108,13 @@ static pte_t get_clear_flush(struct mm_struct *mm, unsigned long pgsize, unsigned long ncontig) { - struct vm_area_struct vma = { .vm_mm = mm }; + struct vm_area_struct vma; pte_t orig_pte = huge_ptep_get(ptep); bool valid = pte_valid(orig_pte); unsigned long i, saddr = addr; + vma_init(&vma, mm); + for (i = 0; i < ncontig; i++, addr += pgsize, ptep++) { pte_t pte = ptep_get_and_clear(mm, addr, ptep); @@ -145,9 +147,10 @@ static void clear_flush(struct mm_struct *mm, unsigned long pgsize, unsigned long ncontig) { - struct vm_area_struct vma = { .vm_mm = mm }; + struct vm_area_struct vma; unsigned long i, saddr = addr; + vma_init(&vma, mm); for (i = 0; i < ncontig; i++, addr += pgsize, ptep++) pte_clear(mm, addr, ptep); diff --git a/arch/ia64/include/asm/tlb.h b/arch/ia64/include/asm/tlb.h index 44f0ac0df308..db89e7306081 100644 --- a/arch/ia64/include/asm/tlb.h +++ b/arch/ia64/include/asm/tlb.h @@ -120,7 +120,7 @@ ia64_tlb_flush_mmu_tlbonly(struct mmu_gather *tlb, unsigned long start, unsigned */ struct vm_area_struct vma; - vma.vm_mm = tlb->mm; + vma_init(&vma, tlb->mm); /* flush the address range from the tlb: */ flush_tlb_range(&vma, start, end); /* now flush the virt. page-table area mapping the address range: */ diff --git a/arch/ia64/mm/init.c b/arch/ia64/mm/init.c index bdb14a369137..e6c6dfd98de2 100644 --- a/arch/ia64/mm/init.c +++ b/arch/ia64/mm/init.c @@ -273,7 +273,7 @@ static struct vm_area_struct gate_vma; static int __init gate_vma_init(void) { - gate_vma.vm_mm = NULL; + vma_init(&gate_vma, NULL); gate_vma.vm_start = FIXADDR_USER_START; gate_vma.vm_end = FIXADDR_USER_END; gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; diff --git a/arch/x86/um/mem_32.c b/arch/x86/um/mem_32.c index 744afdc18cf3..56c44d865f7b 100644 --- a/arch/x86/um/mem_32.c +++ b/arch/x86/um/mem_32.c @@ -16,7 +16,7 @@ static int __init gate_vma_init(void) if (!FIXADDR_USER_START) return 0; - gate_vma.vm_mm = NULL; + vma_init(&gate_vma, NULL); gate_vma.vm_start = FIXADDR_USER_START; gate_vma.vm_end = FIXADDR_USER_END; gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index d508c7844681..40d4c66c7751 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -411,6 +411,7 @@ static void remove_inode_hugepages(struct inode *inode, loff_t lstart, bool truncate_op = (lend == LLONG_MAX); memset(&pseudo_vma, 0, sizeof(struct vm_area_struct)); + vma_init(&pseudo_vma, current->mm); pseudo_vma.vm_flags = (VM_HUGETLB | VM_MAYSHARE | VM_SHARED); pagevec_init(&pvec); next = start; @@ -595,6 +596,7 @@ static long hugetlbfs_fallocate(struct file *file, int mode, loff_t offset, * as input to create an allocation policy. */ memset(&pseudo_vma, 0, sizeof(struct vm_area_struct)); + vma_init(&pseudo_vma, mm); pseudo_vma.vm_flags = (VM_HUGETLB | VM_MAYSHARE | VM_SHARED); pseudo_vma.vm_file = file; diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 9ac49ef17b4e..01f1a14facc4 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -2505,6 +2505,7 @@ void mpol_shared_policy_init(struct shared_policy *sp, struct mempolicy *mpol) /* Create pseudo-vma that contains just the policy */ memset(&pvma, 0, sizeof(struct vm_area_struct)); + vma_init(&pvma, NULL); pvma.vm_end = TASK_SIZE; /* policy covers entire file */ mpol_set_shared_policy(sp, &pvma, new); /* adds ref */ diff --git a/mm/shmem.c b/mm/shmem.c index 2cab84403055..41b9bbf24e16 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1421,6 +1421,7 @@ static void shmem_pseudo_vma_init(struct vm_area_struct *vma, { /* Create a pseudo vma that just contains the policy */ memset(vma, 0, sizeof(*vma)); + vma_init(vma, NULL); /* Bias interleave by inode number to distribute better across nodes */ vma->vm_pgoff = index + info->vfs_inode.i_ino; vma->vm_policy = mpol_shared_policy_lookup(&info->policy, index);

7 years, 1 month

4
3
0 0

[PATCH] perf/x86/intel/uncore: Fix hardcode index of Broadwell extra PCI DEV

by kan.liang＠linux.intel.com

From: Kan Liang <kan.liang(a)linux.intel.com> Masa reports that a warning message is shown while CPU hot-removing on Broadwell server. WARNING: CPU: 126 PID: 6 at arch/x86/events/intel/uncore.c:988 uncore_pci_remove+0x10b/0x150 Call Trace: pci_device_remove+0x42/0xd0 device_release_driver_internal+0x148/0x220 pci_stop_bus_device+0x76/0xa0 pci_stop_root_bus+0x44/0x60 acpi_pci_root_remove+0x1f/0x80 acpi_bus_trim+0x57/0x90 acpi_bus_trim+0x2e/0x90 acpi_device_hotplug+0x2bc/0x4b0 acpi_hotplug_work_fn+0x1a/0x30 process_one_work+0x174/0x3a0 worker_thread+0x4c/0x3d0 kthread+0xf8/0x130 This bug was introduced in: commit 15a3e845b01c ("perf/x86/intel/uncore: Fix SBOX support for Broadwell CPUs") The index of "QPI Port 2 filter" was hardcode to 2. The index of "PCU.3" used enumerator "HSWEP_PCI_PCU_3", which equals to 2 as well. To fix the conflict, the hardcode index needs to be cleaned up. Introduce a new enumerator "BDX_PCI_QPI_PORT2_FILTER" for "QPI Port 2 filter" on Broadwell, and increase the UNCORE_EXTRA_PCI_DEV_MAX. Clean up hardcode index. Reported-by: Masayoshi Mizuma <m.mizuma(a)jp.fujitsu.com> Debugged-by: Masayoshi Mizuma <m.mizuma(a)jp.fujitsu.com> Tested-by: Masayoshi Mizuma <m.mizuma(a)jp.fujitsu.com> Suggested-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Kan Liang <kan.liang(a)linux.intel.com> Fixes: 15a3e845b01c ("perf/x86/intel/uncore: Fix SBOX support for Broadwell CPUs") --- arch/x86/events/intel/uncore.h | 2 +- arch/x86/events/intel/uncore_snbep.c | 10 +++++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/arch/x86/events/intel/uncore.h b/arch/x86/events/intel/uncore.h index c9e1e0b..e17ab88 100644 --- a/arch/x86/events/intel/uncore.h +++ b/arch/x86/events/intel/uncore.h @@ -28,7 +28,7 @@ #define UNCORE_PCI_DEV_TYPE(data) ((data >> 8) & 0xff) #define UNCORE_PCI_DEV_IDX(data) (data & 0xff) #define UNCORE_EXTRA_PCI_DEV 0xff -#define UNCORE_EXTRA_PCI_DEV_MAX 3 +#define UNCORE_EXTRA_PCI_DEV_MAX 4 #define UNCORE_EVENT_CONSTRAINT(c, n) EVENT_CONSTRAINT(c, n, 0xff) diff --git a/arch/x86/events/intel/uncore_snbep.c b/arch/x86/events/intel/uncore_snbep.c index 87dc026..51d7c11 100644 --- a/arch/x86/events/intel/uncore_snbep.c +++ b/arch/x86/events/intel/uncore_snbep.c @@ -1029,6 +1029,7 @@ void snbep_uncore_cpu_init(void) enum { SNBEP_PCI_QPI_PORT0_FILTER, SNBEP_PCI_QPI_PORT1_FILTER, + BDX_PCI_QPI_PORT2_FILTER, HSWEP_PCI_PCU_3, }; @@ -3286,15 +3287,18 @@ static const struct pci_device_id bdx_uncore_pci_ids[] = { }, { /* QPI Port 0 filter */ PCI_DEVICE(PCI_VENDOR_ID_INTEL, 0x6f86), - .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, 0), + .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, + SNBEP_PCI_QPI_PORT0_FILTER), }, { /* QPI Port 1 filter */ PCI_DEVICE(PCI_VENDOR_ID_INTEL, 0x6f96), - .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, 1), + .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, + SNBEP_PCI_QPI_PORT1_FILTER), }, { /* QPI Port 2 filter */ PCI_DEVICE(PCI_VENDOR_ID_INTEL, 0x6f46), - .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, 2), + .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, + BDX_PCI_QPI_PORT2_FILTER), }, { /* PCU.3 (for Capability registers) */ PCI_DEVICE(PCI_VENDOR_ID_INTEL, 0x6fc0), -- 2.4.11

7 years, 1 month

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror