- Linux-stable-mirror - lists.linaro.org

by Tajick Ali

Greetings, I represent business group in Middle East looking for projects to fund; we seek any business that will guaranty a safe and secure return on investments. Alternative powers, movies, start up companies etc. We are also looking for commercial building projects, hotels, casino, strip malls etc. If you have a project that differs from these and current budget is over $40M, Write us and Provide Executive Summary and project details. (a)100% financing is available. (b)Possible JV partnerships or 100% loans. (c)Project must be over $20M total budget. I look forward to your reply, Sir Abraham Oded Sahara Petrochems Ltd odoabraham5(a)gmail.com

7 years, 1 month

1
0
0 0

[PATCH] stop_machine: Atomically queue and wake stopper threads

by Isaac J. Manjarres

From: Prasad Sodagudi <psodagud(a)codeaurora.org> When cpu_stop_queue_work() releases the lock for the stopper thread that was queued into its wake queue, preemption is enabled, which leads to the following deadlock: CPU0 CPU1 sched_setaffinity(0, ...) __set_cpus_allowed_ptr() stop_one_cpu(0, ...) stop_two_cpus(0, 1, ...) cpu_stop_queue_work(0, ...) cpu_stop_queue_two_works(0, ..., 1, ...) -grabs lock for migration/0- -spins with preemption disabled, waiting for migration/0's lock to be released- -adds work items for migration/0 and queues migration/0 to its wake_q- -releases lock for migration/0 and preemption is enabled- -current thread is preempted, and __set_cpus_allowed_ptr has changed the thread's cpu allowed mask to CPU1 only- -acquires migration/0 and migration/1's locks- -adds work for migration/0 but does not add migration/0 to wake_q, since it is already in a wake_q- -adds work for migration/1 and adds migration/1 to its wake_q- -releases migration/0 and migration/1's locks, wakes migration/1, and enables preemption- -since migration/1 is requested to run, migration/1 begins to run and waits on migration/0, but migration/0 will never be able to run, since the thread that can wake it is affine to CPU1- Disable preemption in cpu_stop_queue_work() before queueing works for stopper threads, and queueing the stopper thread in the wake queue, to ensure that the operation of queueing the works and waking the stopper threads is atomic. Fixes: 0b26351b910f ("stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock") Co-Developed-by: Isaac J. Manjarres <isaacm(a)codeaurora.org> Signed-off-by: Prasad Sodagudi <psodagud(a)codeaurora.org> Signed-off-by: Isaac J. Manjarres <isaacm(a)codeaurora.org> Cc: stable(a)vger.kernel.org --- kernel/stop_machine.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel/stop_machine.c b/kernel/stop_machine.c index 34b6652..067cb83 100644 --- a/kernel/stop_machine.c +++ b/kernel/stop_machine.c @@ -81,6 +81,7 @@ static bool cpu_stop_queue_work(unsigned int cpu, struct cpu_stop_work *work) unsigned long flags; bool enabled; + preempt_disable(); raw_spin_lock_irqsave(&stopper->lock, flags); enabled = stopper->enabled; if (enabled) @@ -90,6 +91,7 @@ static bool cpu_stop_queue_work(unsigned int cpu, struct cpu_stop_work *work) raw_spin_unlock_irqrestore(&stopper->lock, flags); wake_up_q(&wakeq); + preempt_enable(); return enabled; } -- The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum, a Linux Foundation Collaborative Project

7 years, 1 month

1
0
0 0

[PATCH v4.14 1/2] nvme-pci: allocate device queues storage space at probe

by Jon Derrick

Commit 147b27e4bd08406a6abebedbb478b431ec197be1 upstream It may cause race by setting 'nvmeq' in nvme_init_request() because .init_request is called inside switching io scheduler, which may happen when the NVMe device is being resetted and its nvme queues are being freed and created. We don't have any sync between the two pathes. This patch changes the nvmeq allocation to occur at probe time so there is no way we can dereference it at init_request. [ 93.268391] kernel BUG at drivers/nvme/host/pci.c:408! [ 93.274146] invalid opcode: 0000 [#1] SMP [ 93.278618] Modules linked in: nfsv3 nfs_acl rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache sunrpc ipmi_ssif vfat fat intel_rapl sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel iTCO_wdt intel_cstate ipmi_si iTCO_vendor_support intel_uncore mxm_wmi mei_me ipmi_devintf intel_rapl_perf pcspkr sg ipmi_msghandler lpc_ich dcdbas mei shpchp acpi_power_meter wmi dm_multipath ip_tables xfs libcrc32c sd_mod mgag200 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm ahci libahci nvme libata crc32c_intel nvme_core tg3 megaraid_sas ptp i2c_core pps_core dm_mirror dm_region_hash dm_log dm_mod [ 93.349071] CPU: 5 PID: 1842 Comm: sh Not tainted 4.15.0-rc2.ming+ #4 [ 93.356256] Hardware name: Dell Inc. PowerEdge R730xd/072T6D, BIOS 2.5.5 08/16/2017 [ 93.364801] task: 00000000fb8abf2a task.stack: 0000000028bd82d1 [ 93.371408] RIP: 0010:nvme_init_request+0x36/0x40 [nvme] [ 93.377333] RSP: 0018:ffffc90002537ca8 EFLAGS: 00010246 [ 93.383161] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000008 [ 93.391122] RDX: 0000000000000000 RSI: ffff880276ae0000 RDI: ffff88047bae9008 [ 93.399084] RBP: ffff88047bae9008 R08: ffff88047bae9008 R09: 0000000009dabc00 [ 93.407045] R10: 0000000000000004 R11: 000000000000299c R12: ffff880186bc1f00 [ 93.415007] R13: ffff880276ae0000 R14: 0000000000000000 R15: 0000000000000071 [ 93.422969] FS: 00007f33cf288740(0000) GS:ffff88047ba80000(0000) knlGS:0000000000000000 [ 93.431996] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 93.438407] CR2: 00007f33cf28e000 CR3: 000000047e5bb006 CR4: 00000000001606e0 [ 93.446368] Call Trace: [ 93.449103] blk_mq_alloc_rqs+0x231/0x2a0 [ 93.453579] blk_mq_sched_alloc_tags.isra.8+0x42/0x80 [ 93.459214] blk_mq_init_sched+0x7e/0x140 [ 93.463687] elevator_switch+0x5a/0x1f0 [ 93.467966] ? elevator_get.isra.17+0x52/0xc0 [ 93.472826] elv_iosched_store+0xde/0x150 [ 93.477299] queue_attr_store+0x4e/0x90 [ 93.481580] kernfs_fop_write+0xfa/0x180 [ 93.485958] __vfs_write+0x33/0x170 [ 93.489851] ? __inode_security_revalidate+0x4c/0x60 [ 93.495390] ? selinux_file_permission+0xda/0x130 [ 93.500641] ? _cond_resched+0x15/0x30 [ 93.504815] vfs_write+0xad/0x1a0 [ 93.508512] SyS_write+0x52/0xc0 [ 93.512113] do_syscall_64+0x61/0x1a0 [ 93.516199] entry_SYSCALL64_slow_path+0x25/0x25 [ 93.521351] RIP: 0033:0x7f33ce96aab0 [ 93.525337] RSP: 002b:00007ffe57570238 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 93.533785] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00007f33ce96aab0 [ 93.541746] RDX: 0000000000000006 RSI: 00007f33cf28e000 RDI: 0000000000000001 [ 93.549707] RBP: 00007f33cf28e000 R08: 000000000000000a R09: 00007f33cf288740 [ 93.557669] R10: 00007f33cf288740 R11: 0000000000000246 R12: 00007f33cec42400 [ 93.565630] R13: 0000000000000006 R14: 0000000000000001 R15: 0000000000000000 [ 93.573592] Code: 4c 8d 40 08 4c 39 c7 74 16 48 8b 00 48 8b 04 08 48 85 c0 74 16 48 89 86 78 01 00 00 31 c0 c3 8d 4a 01 48 63 c9 48 c1 e1 03 eb de <0f> 0b 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 85 f6 53 48 89 [ 93.594676] RIP: nvme_init_request+0x36/0x40 [nvme] RSP: ffffc90002537ca8 [ 93.602273] ---[ end trace 810dde3993e5f14e ]--- CC: Yi Zhang <yi.zhang(a)redhat.com> CC: Sagi Grimberg <sagi(a)grimberg.me> CC: Christoph Hellwig <hch(a)lst.de> CC: Keith Busch <keith.busch(a)intel.com> Signed-off-by: Jon Derrick <jonathan.derrick(a)intel.com> --- drivers/nvme/host/pci.c | 61 ++++++++++++++++++++----------------------------- 1 file changed, 25 insertions(+), 36 deletions(-) diff --git a/drivers/nvme/host/pci.c b/drivers/nvme/host/pci.c index 4cac475..51e8589 100644 --- a/drivers/nvme/host/pci.c +++ b/drivers/nvme/host/pci.c @@ -77,7 +77,7 @@ * Represents an NVM Express device. Each nvme_dev is a PCI function. */ struct nvme_dev { - struct nvme_queue **queues; + struct nvme_queue *queues; struct blk_mq_tag_set tagset; struct blk_mq_tag_set admin_tagset; u32 __iomem *dbs; @@ -348,7 +348,7 @@ static int nvme_admin_init_hctx(struct blk_mq_hw_ctx *hctx, void *data, unsigned int hctx_idx) { struct nvme_dev *dev = data; - struct nvme_queue *nvmeq = dev->queues[0]; + struct nvme_queue *nvmeq = &dev->queues[0]; WARN_ON(hctx_idx != 0); WARN_ON(dev->admin_tagset.tags[0] != hctx->tags); @@ -370,7 +370,7 @@ static int nvme_init_hctx(struct blk_mq_hw_ctx *hctx, void *data, unsigned int hctx_idx) { struct nvme_dev *dev = data; - struct nvme_queue *nvmeq = dev->queues[hctx_idx + 1]; + struct nvme_queue *nvmeq = &dev->queues[hctx_idx + 1]; if (!nvmeq->tags) nvmeq->tags = &dev->tagset.tags[hctx_idx]; @@ -386,7 +386,7 @@ static int nvme_init_request(struct blk_mq_tag_set *set, struct request *req, struct nvme_dev *dev = set->driver_data; struct nvme_iod *iod = blk_mq_rq_to_pdu(req); int queue_idx = (set == &dev->tagset) ? hctx_idx + 1 : 0; - struct nvme_queue *nvmeq = dev->queues[queue_idx]; + struct nvme_queue *nvmeq = &dev->queues[queue_idx]; BUG_ON(!nvmeq); iod->nvmeq = nvmeq; @@ -900,7 +900,7 @@ static int nvme_poll(struct blk_mq_hw_ctx *hctx, unsigned int tag) static void nvme_pci_submit_async_event(struct nvme_ctrl *ctrl, int aer_idx) { struct nvme_dev *dev = to_nvme_dev(ctrl); - struct nvme_queue *nvmeq = dev->queues[0]; + struct nvme_queue *nvmeq = &dev->queues[0]; struct nvme_command c; memset(&c, 0, sizeof(c)); @@ -1146,7 +1146,6 @@ static void nvme_free_queue(struct nvme_queue *nvmeq) if (nvmeq->sq_cmds) dma_free_coherent(nvmeq->q_dmadev, SQ_SIZE(nvmeq->q_depth), nvmeq->sq_cmds, nvmeq->sq_dma_addr); - kfree(nvmeq); } static void nvme_free_queues(struct nvme_dev *dev, int lowest) @@ -1154,10 +1153,8 @@ static void nvme_free_queues(struct nvme_dev *dev, int lowest) int i; for (i = dev->ctrl.queue_count - 1; i >= lowest; i--) { - struct nvme_queue *nvmeq = dev->queues[i]; dev->ctrl.queue_count--; - dev->queues[i] = NULL; - nvme_free_queue(nvmeq); + nvme_free_queue(&dev->queues[i]); } } @@ -1189,10 +1186,8 @@ static int nvme_suspend_queue(struct nvme_queue *nvmeq) static void nvme_disable_admin_queue(struct nvme_dev *dev, bool shutdown) { - struct nvme_queue *nvmeq = dev->queues[0]; + struct nvme_queue *nvmeq = &dev->queues[0]; - if (!nvmeq) - return; if (nvme_suspend_queue(nvmeq)) return; @@ -1246,13 +1241,10 @@ static int nvme_alloc_sq_cmds(struct nvme_dev *dev, struct nvme_queue *nvmeq, return 0; } -static struct nvme_queue *nvme_alloc_queue(struct nvme_dev *dev, int qid, - int depth, int node) +static int nvme_alloc_queue(struct nvme_dev *dev, int qid, + int depth, int node) { - struct nvme_queue *nvmeq = kzalloc_node(sizeof(*nvmeq), GFP_KERNEL, - node); - if (!nvmeq) - return NULL; + struct nvme_queue *nvmeq = &dev->queues[qid]; nvmeq->cqes = dma_zalloc_coherent(dev->dev, CQ_SIZE(depth), &nvmeq->cq_dma_addr, GFP_KERNEL); @@ -1271,17 +1263,15 @@ static struct nvme_queue *nvme_alloc_queue(struct nvme_dev *dev, int qid, nvmeq->q_depth = depth; nvmeq->qid = qid; nvmeq->cq_vector = -1; - dev->queues[qid] = nvmeq; dev->ctrl.queue_count++; - return nvmeq; + return 0; free_cqdma: dma_free_coherent(dev->dev, CQ_SIZE(depth), (void *)nvmeq->cqes, nvmeq->cq_dma_addr); free_nvmeq: - kfree(nvmeq); - return NULL; + return -ENOMEM; } static int queue_request_irq(struct nvme_queue *nvmeq) @@ -1468,14 +1458,12 @@ static int nvme_pci_configure_admin_queue(struct nvme_dev *dev) if (result < 0) return result; - nvmeq = dev->queues[0]; - if (!nvmeq) { - nvmeq = nvme_alloc_queue(dev, 0, NVME_AQ_DEPTH, - dev_to_node(dev->dev)); - if (!nvmeq) - return -ENOMEM; - } + result = nvme_alloc_queue(dev, 0, NVME_AQ_DEPTH, + dev_to_node(dev->dev)); + if (result) + return result; + nvmeq = &dev->queues[0]; aqa = nvmeq->q_depth - 1; aqa |= aqa << 16; @@ -1505,7 +1493,7 @@ static int nvme_create_io_queues(struct nvme_dev *dev) for (i = dev->ctrl.queue_count; i <= dev->max_qid; i++) { /* vector == qid - 1, match nvme_create_queue */ - if (!nvme_alloc_queue(dev, i, dev->q_depth, + if (nvme_alloc_queue(dev, i, dev->q_depth, pci_irq_get_node(to_pci_dev(dev->dev), i - 1))) { ret = -ENOMEM; break; @@ -1514,7 +1502,7 @@ static int nvme_create_io_queues(struct nvme_dev *dev) max = min(dev->max_qid, dev->ctrl.queue_count - 1); for (i = dev->online_queues; i <= max; i++) { - ret = nvme_create_queue(dev->queues[i], i); + ret = nvme_create_queue(&dev->queues[i], i); if (ret) break; } @@ -1770,7 +1758,7 @@ static int nvme_setup_host_mem(struct nvme_dev *dev) static int nvme_setup_io_queues(struct nvme_dev *dev) { - struct nvme_queue *adminq = dev->queues[0]; + struct nvme_queue *adminq = &dev->queues[0]; struct pci_dev *pdev = to_pci_dev(dev->dev); int result, nr_io_queues; unsigned long size; @@ -1896,7 +1884,7 @@ static void nvme_disable_io_queues(struct nvme_dev *dev, int queues) retry: timeout = ADMIN_TIMEOUT; for (; i > 0; i--, sent++) - if (nvme_delete_queue(dev->queues[i], opcode)) + if (nvme_delete_queue(&dev->queues[i], opcode)) break; while (sent--) { @@ -2081,7 +2069,7 @@ static void nvme_dev_disable(struct nvme_dev *dev, bool shutdown) queues = dev->online_queues - 1; for (i = dev->ctrl.queue_count - 1; i > 0; i--) - nvme_suspend_queue(dev->queues[i]); + nvme_suspend_queue(&dev->queues[i]); if (dead) { /* A device might become IO incapable very soon during @@ -2089,7 +2077,7 @@ static void nvme_dev_disable(struct nvme_dev *dev, bool shutdown) * queue_count can be 0 here. */ if (dev->ctrl.queue_count) - nvme_suspend_queue(dev->queues[0]); + nvme_suspend_queue(&dev->queues[0]); } else { nvme_disable_io_queues(dev, queues); nvme_disable_admin_queue(dev, shutdown); @@ -2345,7 +2333,8 @@ static int nvme_probe(struct pci_dev *pdev, const struct pci_device_id *id) dev = kzalloc_node(sizeof(*dev), GFP_KERNEL, node); if (!dev) return -ENOMEM; - dev->queues = kzalloc_node((num_possible_cpus() + 1) * sizeof(void *), + + dev->queues = kzalloc_node((num_possible_cpus() + 1) * sizeof(struct nvme_queue), GFP_KERNEL, node); if (!dev->queues) goto free; -- 1.8.3.1

7 years, 1 month

1
1
0 0

[merged] userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails has been removed from the -mm tree. Its filename was userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Subject: userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails The fix in 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") cleared the vma->vm_userfaultfd_ctx but kept userfaultfd flags in vma->vm_flags that were copied from the parent process VMA. As the result, there is an inconsistency between the values of vma->vm_userfaultfd_ctx.ctx and vma->vm_flags which triggers BUG_ON in userfaultfd_release(). Clearing the uffd flags from vma->vm_flags in case of UFFD_EVENT_FORK failure resolves the issue. Link: http://lkml.kernel.org/r/1532931975-25473-1-git-send-email-rppt@linux.vnet.… Fixes: 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") Signed-off-by: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Reported-by: syzbot+121be635a7a35ddb7dcb(a)syzkaller.appspotmail.com Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Eric Biggers <ebiggers3(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/userfaultfd.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/fs/userfaultfd.c~userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails +++ a/fs/userfaultfd.c @@ -633,8 +633,10 @@ static void userfaultfd_event_wait_compl /* the various vma->vm_userfaultfd_ctx still points to it */ down_write(&mm->mmap_sem); for (vma = mm->mmap; vma; vma = vma->vm_next) - if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) + if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) { vma->vm_userfaultfd_ctx = NULL_VM_UFFD_CTX; + vma->vm_flags &= ~(VM_UFFD_WP | VM_UFFD_MISSING); + } up_write(&mm->mmap_sem); userfaultfd_ctx_put(release_new_ctx); _ Patches currently in -mm which might be from rppt(a)linux.vnet.ibm.com are mm-make-deferred_struct_page_init-explicitly-depend-on-sparsemem.patch mm-memblock-replace-u64-with-phys_addr_t-where-appropriate.patch mm-mempool-add-missing-parameter-description.patch mm-util-make-strndup_user-description-a-kernel-doc-comment.patch mm-util-add-kernel-doc-for-kvfree.patch docs-core-api-kill-trailing-whitespace-in-kernel-apirst.patch docs-core-api-move-strmemdup-to-string-manipulation.patch docs-core-api-split-memory-management-api-to-a-separate-file.patch docs-mm-make-gfp-flags-descriptions-usable-as-kernel-doc.patch docs-core-api-mm-api-add-section-about-gfp-flags.patch

7 years, 1 month

1
0
0 0

[merged] ipc-shmc-add-pagesize-function-to-shm_vm_ops.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: ipc/shm.c add ->pagesize function to shm_vm_ops has been removed from the -mm tree. Its filename was ipc-shmc-add-pagesize-function-to-shm_vm_ops.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Jane Chu <jane.chu(a)oracle.com> Subject: ipc/shm.c add ->pagesize function to shm_vm_ops 05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") adds a new ->pagesize() function to hugetlb_vm_ops, intended to cover all hugetlbfs backed files. With System V shared memory model, if "huge page" is specified, the "shared memory" is backed by hugetlbfs files, but the mappings initiated via shmget/shmat have their original vm_ops overwritten with shm_vm_ops, so we need to add a ->pagesize function to shm_vm_ops. Otherwise, vma_kernel_pagesize() returns PAGE_SIZE given a hugetlbfs backed vma, result in below BUG: fs/hugetlbfs/inode.c 443 if (unlikely(page_mapped(page))) { 444 BUG_ON(truncate_op); [ 242.268342] hugetlbfs: oracle (4592): Using mlock ulimits for SHM_HUGETLB is deprecated [ 282.653208] ------------[ cut here ]------------ [ 282.708447] kernel BUG at fs/hugetlbfs/inode.c:444! [ 282.818957] Modules linked in: nfsv3 rpcsec_gss_krb5 nfsv4 ... [ 284.025873] CPU: 35 PID: 5583 Comm: oracle_5583_sbt Not tainted 4.14.35-1829.el7uek.x86_64 #2 [ 284.246609] task: ffff9bf0507aaf80 task.stack: ffffa9e625628000 [ 284.317455] RIP: 0010:remove_inode_hugepages+0x3db/0x3e2 .... [ 285.292389] Call Trace: [ 285.321630] hugetlbfs_evict_inode+0x1e/0x3e [ 285.372707] evict+0xdb/0x1af [ 285.408185] iput+0x1a2/0x1f7 [ 285.443661] dentry_unlink_inode+0xc6/0xf0 [ 285.492661] __dentry_kill+0xd8/0x18d [ 285.536459] dput+0x1b5/0x1ed [ 285.571939] __fput+0x18b/0x216 [ 285.609495] ____fput+0xe/0x10 [ 285.646030] task_work_run+0x90/0xa7 [ 285.688788] exit_to_usermode_loop+0xdd/0x116 [ 285.740905] do_syscall_64+0x187/0x1ae [ 285.785740] entry_SYSCALL_64_after_hwframe+0x150/0x0 Link: http://lkml.kernel.org/r/20180727211727.5020-1-jane.chu@oracle.com Fixes: 05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") Signed-off-by: Jane Chu <jane.chu(a)oracle.com> Suggested-by: Mike Kravetz <mike.kravetz(a)oracle.com> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Davidlohr Bueso <dave(a)stgolabs.net> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: Jan Kara <jack(a)suse.cz> Cc: Jérôme Glisse <jglisse(a)redhat.com> Cc: Manfred Spraul <manfred(a)colorfullife.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/mm.h | 7 +++++++ ipc/shm.c | 12 ++++++++++++ 2 files changed, 19 insertions(+) --- a/include/linux/mm.h~ipc-shmc-add-pagesize-function-to-shm_vm_ops +++ a/include/linux/mm.h @@ -389,6 +389,13 @@ enum page_entry_size { * These are the virtual MM functions - opening of an area, closing and * unmapping it (needed to keep files on disk up-to-date etc), pointer * to the functions called when a no-page or a wp-page exception occurs. + * + * Note, when a new function is introduced to vm_operations_struct and + * added to hugetlb_vm_ops, please consider adding the function to + * shm_vm_ops. This is because under System V memory model, though + * mappings created via shmget/shmat with "huge page" specified are + * backed by hugetlbfs files, their original vm_ops are overwritten with + * shm_vm_ops. */ struct vm_operations_struct { void (*open)(struct vm_area_struct * area); --- a/ipc/shm.c~ipc-shmc-add-pagesize-function-to-shm_vm_ops +++ a/ipc/shm.c @@ -427,6 +427,17 @@ static int shm_split(struct vm_area_stru return 0; } +static unsigned long shm_pagesize(struct vm_area_struct *vma) +{ + struct file *file = vma->vm_file; + struct shm_file_data *sfd = shm_file_data(file); + + if (sfd->vm_ops->pagesize) + return sfd->vm_ops->pagesize(vma); + + return PAGE_SIZE; +} + #ifdef CONFIG_NUMA static int shm_set_policy(struct vm_area_struct *vma, struct mempolicy *new) { @@ -554,6 +565,7 @@ static const struct vm_operations_struct .close = shm_close, /* callback for when the vm-area is released */ .fault = shm_fault, .split = shm_split, + .pagesize = shm_pagesize, #if defined(CONFIG_NUMA) .set_policy = shm_set_policy, .get_policy = shm_get_policy, _ Patches currently in -mm which might be from jane.chu(a)oracle.com are

7 years, 1 month

1
0
0 0

Request for backport 35a2897c2a to 4.9 branch

by David Chen

Hi all, We'd like to have the following commit backport to 4.9 branch to fix an issue we are seeing. 35a2897c2a306cca344ca5c0b43416707018f434 sched/wait: Remove the lockless swait_active() check in swake_up*() In 4.9 branch, we hit an issue in RCU, where the NOCB follower list not getting reclaimed and causing OOM. In discussion with Paul, we were able to figure out the problem was because of missed wake up resulted from lack of proper memory barrier between setting wake up condition and swake_up(). nocb_leader_wait() { *tail = rdp->nocb_gp_head; smp_mb__after_atomic(); /* Store *tail before wakeup. */ if (rdp != my_rdp && tail == &rdp->nocb_follower_head) { swake_up(&rdp->nocb_wq); Note, that the smp_mb__after_atomic() is only a compiler barrier on x86. Originally I was going to change the barrier to smp_mb(). But then I found out master has the above mentioned patch that solves the same class of problem by removing the lockless check inside swake_up(). So I'm wonder if we can backport this patch to 4.9 branch to solve this issue, and maybe solve other potential missed wake up issue as well. Thanks, David

7 years, 1 month

2
1
0 0

[PATCH] 4.9 backport of "pinctrl: intel: Read back TX buffer state"

by Anthony de Boer

Greetings. I'd like to request a backport/cherry-pick of an existing patch from the Linus tree onto the linux-4.9.y tree as I'm helping some folk try to get Debian-stable-vintage Linux running on an instance of the affected hardware. Without this patch the GPIO pins don't function, but with the cherry-picked patch they come to life. The commit is d68b42e30bbacd24354d644f430d088435b15e83 in the mainline Linux tree and it applied cleanly to the linux-4.9.y tree as of 4.9.115 (dbcdf42bab53d219caa51bcfe54c8b9066010290); I include a copy of it for reference. Thanks. --- >From d68b42e30bbacd24354d644f430d088435b15e83 Mon Sep 17 00:00:00 2001 From: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Date: Thu, 24 Aug 2017 11:19:33 +0300 Subject: [PATCH] pinctrl: intel: Read back TX buffer state In the same way as it's done in pinctrl-cherryview.c we would provide a readback TX buffer state. Fixes: 17fab473693 ("pinctrl: intel: Set pin direction properly") Reported-by: "Bourque, Francis" <francis.bourque(a)intel.com> Signed-off-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Acked-by: Mika Westerberg <mika.westerberg(a)linux.intel.com> Tested-by: "Bourque, Francis" <francis.bourque(a)intel.com> Signed-off-by: Linus Walleij <linus.walleij(a)linaro.org> --- drivers/pinctrl/intel/pinctrl-intel.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/pinctrl/intel/pinctrl-intel.c b/drivers/pinctrl/intel/pinctrl-intel.c index ac806891ff81..71df0f70b61f 100644 --- a/drivers/pinctrl/intel/pinctrl-intel.c +++ b/drivers/pinctrl/intel/pinctrl-intel.c @@ -751,12 +751,17 @@ static int intel_gpio_get(struct gpio_chip *chip, unsigned offset) { struct intel_pinctrl *pctrl = gpiochip_get_data(chip); void __iomem *reg; + u32 padcfg0; reg = intel_get_padcfg(pctrl, offset, PADCFG0); if (!reg) return -EINVAL; - return !!(readl(reg) & PADCFG0_GPIORXSTATE); + padcfg0 = readl(reg); + if (!(padcfg0 & PADCFG0_GPIOTXDIS)) + return !!(padcfg0 & PADCFG0_GPIOTXSTATE); + + return !!(padcfg0 & PADCFG0_GPIORXSTATE); } static void intel_gpio_set(struct gpio_chip *chip, unsigned offset, int value) -- 2.11.0 -- Anthony de Boer

7 years, 1 month

2
1
0 0

[PATCH] sr: Avoid that opening a CD-ROM hangs with runtime power management enabled

by Bart Van Assche

Surround scsi_execute() calls with scsi_autopm_get_device() and scsi_autopm_put_device(). Note: removing sr_mutex protection from the scsi_cd_get() and scsi_cd_put() calls is safe because the purpose of sr_mutex is to serialize cdrom_*() calls. This patch avoids that complaints similar to the following appear in the kernel log if runtime power management is enabled: INFO: task systemd-udevd:650 blocked for more than 120 seconds. Not tainted 4.18.0-rc7-dbg+ #1 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. systemd-udevd D28176 650 513 0x00000104 Call Trace: __schedule+0x444/0xfe0 schedule+0x4e/0xe0 schedule_preempt_disabled+0x18/0x30 __mutex_lock+0x41c/0xc70 mutex_lock_nested+0x1b/0x20 __blkdev_get+0x106/0x970 blkdev_get+0x22c/0x5a0 blkdev_open+0xe9/0x100 do_dentry_open.isra.19+0x33e/0x570 vfs_open+0x7c/0xd0 path_openat+0x6e3/0x1120 do_filp_open+0x11c/0x1c0 do_sys_open+0x208/0x2d0 __x64_sys_openat+0x59/0x70 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Maurizio Lombardi <mlombard(a)redhat.com> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: Alan Stern <stern(a)rowland.harvard.edu> Cc: <stable(a)vger.kernel.org> --- drivers/scsi/sr.c | 29 +++++++++++++++++++++-------- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/drivers/scsi/sr.c b/drivers/scsi/sr.c index 3f3cb72e0c0c..d0389b20574d 100644 --- a/drivers/scsi/sr.c +++ b/drivers/scsi/sr.c @@ -523,18 +523,26 @@ static int sr_init_command(struct scsi_cmnd *SCpnt) static int sr_block_open(struct block_device *bdev, fmode_t mode) { struct scsi_cd *cd; + struct scsi_device *sdev; int ret = -ENXIO; + cd = scsi_cd_get(bdev->bd_disk); + if (!cd) + goto out; + + sdev = cd->device; + scsi_autopm_get_device(sdev); check_disk_change(bdev); mutex_lock(&sr_mutex); - cd = scsi_cd_get(bdev->bd_disk); - if (cd) { - ret = cdrom_open(&cd->cdi, bdev, mode); - if (ret) - scsi_cd_put(cd); - } + ret = cdrom_open(&cd->cdi, bdev, mode); mutex_unlock(&sr_mutex); + + scsi_autopm_put_device(sdev); + if (ret) + scsi_cd_put(cd); + +out: return ret; } @@ -562,6 +570,8 @@ static int sr_block_ioctl(struct block_device *bdev, fmode_t mode, unsigned cmd, if (ret) goto out; + scsi_autopm_get_device(sdev); + /* * Send SCSI addressing ioctls directly to mid level, send other * ioctls to cdrom/block level. @@ -570,15 +580,18 @@ static int sr_block_ioctl(struct block_device *bdev, fmode_t mode, unsigned cmd, case SCSI_IOCTL_GET_IDLUN: case SCSI_IOCTL_GET_BUS_NUMBER: ret = scsi_ioctl(sdev, cmd, argp); - goto out; + goto put; } ret = cdrom_ioctl(&cd->cdi, bdev, mode, cmd, arg); if (ret != -ENOSYS) - goto out; + goto put; ret = scsi_ioctl(sdev, cmd, argp); +put: + scsi_autopm_put_device(sdev); + out: mutex_unlock(&sr_mutex); return ret; -- 2.18.0

7 years, 1 month

3
3
0 0

[PATCH] IB/hfi1: Fix incorrect mixing of ERR_PTR and NULL return values

by Mike Marciniszyn

From: Michael J. Ruhl <michael.j.ruhl(a)intel.com> commit b697d7d8c741f27b728a878fc55852b06d0f6f5e upstream. The __get_txreq() function can return a pointer, ERR_PTR(-EBUSY), or NULL. All of the relevant call sites look for IS_ERR, so the NULL return would lead to a NULL pointer exception. Do not use the ERR_PTR mechanism for this function. Update all call sites to handle the return value correctly. Clean up error paths to reflect return value. Adjusted patch for the 4.9.x branch. Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com> Reviewed-by: Mike Marciniszyn <mike.marciniszyn(a)intel.com> Reviewed-by: Kamenee Arumugam <kamenee.arumugam(a)intel.com> Signed-off-by: Michael J. Ruhl <michael.j.ruhl(a)intel.com> Signed-off-by: Dennis Dalessandro <dennis.dalessandro(a)intel.com> --- drivers/infiniband/hw/hfi1/rc.c | 2 +- drivers/infiniband/hw/hfi1/uc.c | 4 ++-- drivers/infiniband/hw/hfi1/ud.c | 4 ++-- drivers/infiniband/hw/hfi1/verbs_txreq.c | 4 ++-- drivers/infiniband/hw/hfi1/verbs_txreq.h | 4 ++-- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/infiniband/hw/hfi1/rc.c b/drivers/infiniband/hw/hfi1/rc.c index 613074e..e8e0fa5 100644 --- a/drivers/infiniband/hw/hfi1/rc.c +++ b/drivers/infiniband/hw/hfi1/rc.c @@ -397,7 +397,7 @@ int hfi1_make_rc_req(struct rvt_qp *qp, struct hfi1_pkt_state *ps) lockdep_assert_held(&qp->s_lock); ps->s_txreq = get_txreq(ps->dev, qp); - if (IS_ERR(ps->s_txreq)) + if (!ps->s_txreq) goto bail_no_tx; ohdr = &ps->s_txreq->phdr.hdr.u.oth; diff --git a/drivers/infiniband/hw/hfi1/uc.c b/drivers/infiniband/hw/hfi1/uc.c index 5e6d1ba..de21128 100644 --- a/drivers/infiniband/hw/hfi1/uc.c +++ b/drivers/infiniband/hw/hfi1/uc.c @@ -1,5 +1,5 @@ /* - * Copyright(c) 2015, 2016 Intel Corporation. + * Copyright(c) 2015 - 2018 Intel Corporation. * * This file is provided under a dual BSD/GPLv2 license. When using or * redistributing this file, you may do so under either license. @@ -72,7 +72,7 @@ int hfi1_make_uc_req(struct rvt_qp *qp, struct hfi1_pkt_state *ps) int middle = 0; ps->s_txreq = get_txreq(ps->dev, qp); - if (IS_ERR(ps->s_txreq)) + if (!ps->s_txreq) goto bail_no_tx; if (!(ib_rvt_state_ops[qp->state] & RVT_PROCESS_SEND_OK)) { diff --git a/drivers/infiniband/hw/hfi1/ud.c b/drivers/infiniband/hw/hfi1/ud.c index 97ae24b..1a7ce1d 100644 --- a/drivers/infiniband/hw/hfi1/ud.c +++ b/drivers/infiniband/hw/hfi1/ud.c @@ -1,5 +1,5 @@ /* - * Copyright(c) 2015, 2016 Intel Corporation. + * Copyright(c) 2015 - 2018 Intel Corporation. * * This file is provided under a dual BSD/GPLv2 license. When using or * redistributing this file, you may do so under either license. @@ -285,7 +285,7 @@ int hfi1_make_ud_req(struct rvt_qp *qp, struct hfi1_pkt_state *ps) u8 sc5; ps->s_txreq = get_txreq(ps->dev, qp); - if (IS_ERR(ps->s_txreq)) + if (!ps->s_txreq) goto bail_no_tx; if (!(ib_rvt_state_ops[qp->state] & RVT_PROCESS_NEXT_SEND_OK)) { diff --git a/drivers/infiniband/hw/hfi1/verbs_txreq.c b/drivers/infiniband/hw/hfi1/verbs_txreq.c index 094ab82..d8a5bad 100644 --- a/drivers/infiniband/hw/hfi1/verbs_txreq.c +++ b/drivers/infiniband/hw/hfi1/verbs_txreq.c @@ -1,5 +1,5 @@ /* - * Copyright(c) 2016 Intel Corporation. + * Copyright(c) 2016 - 2018 Intel Corporation. * * This file is provided under a dual BSD/GPLv2 license. When using or * redistributing this file, you may do so under either license. @@ -94,7 +94,7 @@ struct verbs_txreq *__get_txreq(struct hfi1_ibdev *dev, struct rvt_qp *qp) __must_hold(&qp->s_lock) { - struct verbs_txreq *tx = ERR_PTR(-EBUSY); + struct verbs_txreq *tx = NULL; write_seqlock(&dev->iowait_lock); if (ib_rvt_state_ops[qp->state] & RVT_PROCESS_RECV_OK) { diff --git a/drivers/infiniband/hw/hfi1/verbs_txreq.h b/drivers/infiniband/hw/hfi1/verbs_txreq.h index 5660897..31ded57 100644 --- a/drivers/infiniband/hw/hfi1/verbs_txreq.h +++ b/drivers/infiniband/hw/hfi1/verbs_txreq.h @@ -1,5 +1,5 @@ /* - * Copyright(c) 2016 Intel Corporation. + * Copyright(c) 2016 - 2018 Intel Corporation. * * This file is provided under a dual BSD/GPLv2 license. When using or * redistributing this file, you may do so under either license. @@ -82,7 +82,7 @@ struct verbs_txreq *__get_txreq(struct hfi1_ibdev *dev, if (unlikely(!tx)) { /* call slow path to get the lock */ tx = __get_txreq(dev, qp); - if (IS_ERR(tx)) + if (!tx) return tx; } tx->qp = qp;

7 years, 1 month

1
0
0 0

v4.17.12 build: 0 failures 1 warnings (v4.17.12)

by Build bot for Mark Brown

Tree/Branch: v4.17.12 Git describe: v4.17.12 Commit: 506f6fba26 Linux 4.17.12 Build Time: 0 min 13 sec Passed: 8 / 8 (100.00 %) Failed: 0 / 8 ( 0.00 %) Errors: 0 Warnings: 1 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 1 warnings 0 mismatches : arm-allmodconfig 1 warnings 0 mismatches : arm-multi_v7_defconfig 1 warnings 0 mismatches : arm-multi_v5_defconfig ------------------------------------------------------------------------------- Warnings Summary: 1 3 ../include/net/ip6_route.h:71:12: warning: 'rt' may be used uninitialized in this function [-Wmaybe-uninitialized] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm-allmodconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../include/net/ip6_route.h:71:12: warning: 'rt' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- arm-multi_v7_defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../include/net/ip6_route.h:71:12: warning: 'rt' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- arm-multi_v5_defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../include/net/ip6_route.h:71:12: warning: 'rt' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm-allnoconfig x86_64-defconfig

7 years, 1 month

1
0
0 0

Enhancing your images

by Sam

Do you have photos for editing? We are image team and we can process 500+ images each day. We edit ecommerce photo, jewelry photos, and beauty model photos. also wedding photos. We do cut out and clipping path for photos, also retouching. You may send us a test photo to check our quality. Thanks, Sam Parker

7 years, 1 month

1
0
0 0

[PATCH] drm/i915/lpe: Mark LPE audio as "no callbacks"

by Chris Wilson

The LPE audio is a child device of i915, it is powered up and down alongside the igfx and presents no independent runtime interface. This aptly fulfils the description of a "No-Callback" Device, so mark it thus. Fixes: 183c00350ccd ("drm/i915: Fix runtime PM for LPE audio") Testcase: igt/pm_rpm/basic-pci-d3-state Testcase: igt/pm_rpm/basic-rte Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Takashi Iwai <tiwai(a)suse.de> Cc: Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> Cc: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/i915/intel_lpe_audio.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/drivers/gpu/drm/i915/intel_lpe_audio.c b/drivers/gpu/drm/i915/intel_lpe_audio.c index 6269750e2b54..430732720e65 100644 --- a/drivers/gpu/drm/i915/intel_lpe_audio.c +++ b/drivers/gpu/drm/i915/intel_lpe_audio.c @@ -126,9 +126,7 @@ lpe_audio_platdev_create(struct drm_i915_private *dev_priv) return platdev; } - pm_runtime_forbid(&platdev->dev); - pm_runtime_set_active(&platdev->dev); - pm_runtime_enable(&platdev->dev); + pm_runtime_no_callbacks(&platdev->dev); return platdev; } -- 2.18.0

7 years, 1 month

2
2
0 0

[PATCH] drm/vc4: Fix the "no scaling" case on multi-planar YUV formats

by Boris Brezillon

When there's no scaling requested ->is_unity should be true no matter the format. Also, when no scaling is requested and we have a multi-planar YUV format, we should leave ->y_scaling[0] to VC4_SCALING_NONE and only set ->x_scaling[0] to VC4_SCALING_PPF. Doing this fixes an hardly visible artifact (seen when using modetest and a rather big overlay plane in YUV420). Fixes: fc04023fafec ("drm/vc4: Add support for YUV planes.") Cc: <stable(a)vger.kernel.org> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> --- drivers/gpu/drm/vc4/vc4_plane.c | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/drivers/gpu/drm/vc4/vc4_plane.c b/drivers/gpu/drm/vc4/vc4_plane.c index cfb50fedfa2b..a3275fa66b7b 100644 --- a/drivers/gpu/drm/vc4/vc4_plane.c +++ b/drivers/gpu/drm/vc4/vc4_plane.c @@ -297,6 +297,9 @@ static int vc4_plane_setup_clipping_and_scaling(struct drm_plane_state *state) vc4_state->y_scaling[0] = vc4_get_scaling_mode(vc4_state->src_h[0], vc4_state->crtc_h); + vc4_state->is_unity = (vc4_state->x_scaling[0] == VC4_SCALING_NONE && + vc4_state->y_scaling[0] == VC4_SCALING_NONE); + if (num_planes > 1) { vc4_state->is_yuv = true; @@ -312,24 +315,17 @@ static int vc4_plane_setup_clipping_and_scaling(struct drm_plane_state *state) vc4_get_scaling_mode(vc4_state->src_h[1], vc4_state->crtc_h); - /* YUV conversion requires that scaling be enabled, - * even on a plane that's otherwise 1:1. Choose TPZ - * for simplicity. + /* YUV conversion requires that horizontal scaling be enabled, + * even on a plane that's otherwise 1:1. Looks like only PPF + * works in that case, so let's pick that one. */ - if (vc4_state->x_scaling[0] == VC4_SCALING_NONE) - vc4_state->x_scaling[0] = VC4_SCALING_TPZ; - if (vc4_state->y_scaling[0] == VC4_SCALING_NONE) - vc4_state->y_scaling[0] = VC4_SCALING_TPZ; + if (vc4_state->is_unity) + vc4_state->x_scaling[0] = VC4_SCALING_PPF; } else { vc4_state->x_scaling[1] = VC4_SCALING_NONE; vc4_state->y_scaling[1] = VC4_SCALING_NONE; } - vc4_state->is_unity = (vc4_state->x_scaling[0] == VC4_SCALING_NONE && - vc4_state->y_scaling[0] == VC4_SCALING_NONE && - vc4_state->x_scaling[1] == VC4_SCALING_NONE && - vc4_state->y_scaling[1] == VC4_SCALING_NONE); - /* No configuring scaling on the cursor plane, since it gets non-vblank-synced updates, and scaling requires requires LBM changes which have to be vblank-synced. @@ -672,7 +668,10 @@ static int vc4_plane_mode_set(struct drm_plane *plane, vc4_dlist_write(vc4_state, SCALER_CSC2_ITR_R_601_5); } - if (!vc4_state->is_unity) { + if (vc4_state->x_scaling[0] != VC4_SCALING_NONE || + vc4_state->x_scaling[1] != VC4_SCALING_NONE || + vc4_state->y_scaling[0] != VC4_SCALING_NONE || + vc4_state->y_scaling[1] != VC4_SCALING_NONE) { /* LBM Base Address. */ if (vc4_state->y_scaling[0] != VC4_SCALING_NONE || vc4_state->y_scaling[1] != VC4_SCALING_NONE) { -- 2.14.1

7 years, 1 month

2
2
0 0

[PATCH] usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers

by Felipe Balbi

When chaining ISOC TRBs together, only the first ISOC TRB should be of type ISOC_FIRST, all others should be of type ISOC. This patch fixes that. Fixes: c6267a51639b ("usb: dwc3: gadget: align transfers to wMaxPacketSize") Cc: <stable(a)vger.kernel.org> # v4.11+ Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> --- drivers/usb/dwc3/gadget.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c index 032ea7d709ba..2ca52a056e49 100644 --- a/drivers/usb/dwc3/gadget.c +++ b/drivers/usb/dwc3/gadget.c @@ -1073,7 +1073,7 @@ static void dwc3_prepare_one_trb_sg(struct dwc3_ep *dep, /* Now prepare one extra TRB to align transfer size */ trb = &dep->trb_pool[dep->trb_enqueue]; __dwc3_prepare_one_trb(dep, trb, dwc->bounce_addr, - maxp - rem, false, 0, + maxp - rem, false, 1, req->request.stream_id, req->request.short_not_ok, req->request.no_interrupt); @@ -1117,7 +1117,7 @@ static void dwc3_prepare_one_trb_linear(struct dwc3_ep *dep, /* Now prepare one extra TRB to align transfer size */ trb = &dep->trb_pool[dep->trb_enqueue]; __dwc3_prepare_one_trb(dep, trb, dwc->bounce_addr, maxp - rem, - false, 0, req->request.stream_id, + false, 1, req->request.stream_id, req->request.short_not_ok, req->request.no_interrupt); } else if (req->request.zero && req->request.length && @@ -1133,7 +1133,7 @@ static void dwc3_prepare_one_trb_linear(struct dwc3_ep *dep, /* Now prepare one extra TRB to handle ZLP */ trb = &dep->trb_pool[dep->trb_enqueue]; __dwc3_prepare_one_trb(dep, trb, dwc->bounce_addr, 0, - false, 0, req->request.stream_id, + false, 1, req->request.stream_id, req->request.short_not_ok, req->request.no_interrupt); } else { -- 2.16.1

7 years, 1 month

1
0
0 0

Linux 4.9.117

by Greg KH

I'm announcing the release of the 4.9.117 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/net/dsa/qca8k.txt | 23 +++++ Documentation/devicetree/bindings/net/meson-dwmac.txt | 1 Documentation/devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 Makefile | 2 arch/arm/boot/dts/emev2.dtsi | 5 - arch/arm/boot/dts/sh73a0.dtsi | 5 - arch/arm64/configs/defconfig | 2 arch/arm64/include/asm/cmpxchg.h | 4 arch/arm64/mm/init.c | 4 arch/microblaze/boot/Makefile | 10 +- arch/powerpc/kernel/eeh_driver.c | 28 +++--- arch/powerpc/kernel/head_8xx.S | 2 arch/powerpc/kernel/pci_32.c | 1 arch/powerpc/mm/slb.c | 8 - arch/powerpc/net/bpf_jit_comp64.c | 34 +++++-- arch/powerpc/platforms/chrp/time.c | 6 - arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 + arch/powerpc/platforms/powermac/bootx_init.c | 4 arch/powerpc/platforms/powermac/setup.c | 1 arch/s390/include/asm/cpu_mf.h | 6 - arch/x86/events/intel/uncore.c | 2 arch/x86/events/intel/uncore_nhmex.c | 2 arch/x86/kvm/mmu.c | 2 crypto/authenc.c | 1 crypto/authencesn.c | 1 drivers/acpi/pci_root.c | 4 drivers/ata/libata-eh.c | 12 +- drivers/bluetooth/btusb.c | 3 drivers/bluetooth/hci_qca.c | 2 drivers/bus/arm-ccn.c | 20 ++-- drivers/char/random.c | 10 ++ drivers/edac/altera_edac.c | 2 drivers/gpu/drm/drm_atomic.c | 4 drivers/gpu/drm/gma500/psb_intel_drv.h | 2 drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 drivers/gpu/drm/radeon/radeon_connectors.c | 10 +- drivers/hid/hid-plantronics.c | 6 + drivers/hid/i2c-hid/i2c-hid.c | 8 + drivers/infiniband/core/mad.c | 11 +- drivers/infiniband/core/ucma.c | 6 + drivers/infiniband/core/uverbs_cmd.c | 5 + drivers/input/mouse/elan_i2c_core.c | 2 drivers/input/serio/i8042-x86ia64io.h | 7 + drivers/md/md.c | 3 drivers/media/common/siano/smsendian.c | 14 +-- drivers/media/i2c/smiapp/smiapp-core.c | 11 +- drivers/media/media-device.c | 21 ++-- drivers/media/pci/saa7164/saa7164-fw.c | 3 drivers/media/pci/tw686x/tw686x-video.c | 3 drivers/media/platform/omap3isp/isp.c | 7 - drivers/media/platform/rcar_jpu.c | 4 drivers/media/radio/si470x/radio-si470x-i2c.c | 6 - drivers/media/v4l2-core/videobuf2-core.c | 9 +- drivers/memory/tegra/mc.c | 22 +---- drivers/memory/tegra/mc.h | 9 ++ drivers/memory/tegra/tegra114.c | 2 drivers/memory/tegra/tegra124.c | 6 + drivers/memory/tegra/tegra210.c | 3 drivers/memory/tegra/tegra30.c | 2 drivers/mfd/cros_ec.c | 6 + drivers/mmc/core/pwrseq_simple.c | 14 ++- drivers/mmc/host/dw_mmc.c | 4 drivers/mtd/nand/fsl_ifc_nand.c | 17 ++- drivers/net/dsa/qca8k.c | 52 +++++++++++- drivers/net/dsa/qca8k.h | 7 + drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 + drivers/net/wireless/ath/regd.h | 5 + drivers/net/wireless/ath/regd_common.h | 13 +++ drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 drivers/net/wireless/marvell/mwifiex/usb.c | 3 drivers/net/wireless/marvell/mwifiex/util.c | 8 + drivers/net/wireless/rsi/rsi_91x_sdio.c | 2 drivers/net/wireless/ti/wlcore/sdio.c | 5 + drivers/net/xen-netfront.c | 4 drivers/nvmem/core.c | 7 + drivers/pci/pci-sysfs.c | 15 ++- drivers/pinctrl/pinctrl-at91-pio4.c | 4 drivers/regulator/pfuze100-regulator.c | 1 drivers/rtc/interface.c | 5 + drivers/scsi/3w-9xxx.c | 5 + drivers/scsi/3w-xxxx.c | 3 drivers/scsi/megaraid.c | 3 drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 drivers/scsi/scsi_dh.c | 5 - drivers/scsi/ufs/ufshcd.c | 2 drivers/staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 18 ++-- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 + drivers/staging/lustre/lustre/llite/xattr.c | 6 + drivers/thermal/samsung/exynos_tmu.c | 1 drivers/tty/hvc/hvc_opal.c | 1 drivers/tty/pty.c | 3 drivers/usb/core/hub.c | 4 drivers/usb/dwc2/hcd.c | 44 +++++----- drivers/vfio/platform/vfio_platform_common.c | 15 ++- fs/btrfs/qgroup.c | 19 ++++ fs/btrfs/tree-log.c | 10 +- fs/crypto/crypto.c | 11 ++ fs/ext4/balloc.c | 3 fs/ext4/ialloc.c | 3 fs/ext4/inline.c | 19 ++-- fs/ext4/inode.c | 16 +-- fs/f2fs/file.c | 14 ++- fs/f2fs/gc.c | 11 +- fs/f2fs/segment.c | 5 + fs/f2fs/super.c | 6 + fs/nfs/nfs4proc.c | 3 fs/nfsd/nfs4xdr.c | 2 fs/squashfs/cache.c | 3 fs/squashfs/file.c | 8 + fs/squashfs/fragment.c | 4 fs/squashfs/squashfs_fs.h | 6 + include/drm/drm_dp_helper.h | 1 include/linux/dma-iommu.h | 1 include/linux/mmc/sdio_ids.h | 1 include/linux/netfilter/ipset/ip_set_timeout.h | 10 +- include/linux/serial_core.h | 3 include/soc/tegra/mc.h | 2 kernel/auditfilter.c | 2 kernel/auditsc.c | 2 kernel/bpf/verifier.c | 4 kernel/kcov.c | 3 kernel/kthread.c | 8 + kernel/stop_machine.c | 24 ++--- kernel/trace/trace_events_trigger.c | 18 +++- kernel/trace/trace_kprobe.c | 15 +++ mm/slub.c | 2 mm/vmalloc.c | 3 net/ipv4/ipconfig.c | 13 +++ net/netfilter/nf_tables_api.c | 11 +- security/integrity/ima/ima_main.c | 1 sound/pci/emu10k1/emupcm.c | 4 sound/pci/emu10k1/memory.c | 6 - sound/pci/fm801.c | 16 ++- sound/pci/hda/patch_ca0132.c | 8 + sound/soc/soc-pcm.c | 6 - sound/usb/pcm.c | 2 tools/perf/util/parse-events.y | 14 +++ tools/testing/selftests/intel_pstate/run.sh | 24 ++--- tools/usb/usbip/src/usbip_detach.c | 9 +- 142 files changed, 766 insertions(+), 298 deletions(-) Alexandre Belloni (1): rtc: ensure rtc_set_alarm fails when alarms are not supported Alexey Kodanev (1): netfilter: nf_tables: check msg_type before nft_trans_set(trans) Anatoly Pugachev (1): disable loading f2fs module on PAGE_SIZE > 4KB Anson Huang (1): regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Antti Seppälä (1): usb: dwc2: Fix DMA alignment to start at allocated boundary Artem Savkov (1): tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Bartlomiej Zolnierkiewicz (1): thermal: exynos: fix setting rising_threshold for Exynos5433 Brad Love (1): media: saa7164: Fix driver name in debug output Chao Yu (4): f2fs: fix error path of move_data_page f2fs: fix to don't trigger writeback during recovery f2fs: fix to wait page writeback during revoking atomic write f2fs: fix race in between GC and atomic open Chen-Yu Tsai (1): Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Chintan Pandya (1): mm: vmalloc: avoid racy handling of debugobjects in vunmap Chris Novakovic (1): ipconfig: Correctly initialise ic_nameservers Christoph Hellwig (1): PCI: Prevent sysfs disable of device while driver is attached Christophe Leroy (1): powerpc/8xx: fix invalid register expression in head_8xx.S Colin Ian King (1): media: smiapp: fix timeout checking in smiapp_read_nvm Cong Wang (1): infiniband: fix a possible use-after-free bug DaeRyong Jeong (1): tty: Fix data race in tty_insert_flip_string_fixed_flag Damien Le Moal (1): libata: Fix command retry decision Dan Carpenter (1): scsi: megaraid: silence a static checker bug Daniel Díaz (1): selftests/intel_pstate: Improve test, minor fixes David Sterba (1): btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Dmitry Osipenko (2): memory: tegra: Do not handle spurious interrupts memory: tegra: Apply interrupts mask per SoC Dmitry Torokhov (1): HID: i2c-hid: check if device is there before really probing Dominik Bozek (1): usb: hub: Don't wait for connect state at resume for powered-off ports Donald Shanty III (1): Input: elan_i2c - add ACPI ID for lenovo ideapad 330 Doug Oucahrek (1): staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Douglas Anderson (1): serial: core: Make sure compiler barfs for 16-byte earlycon names Emil Tantilov (1): ixgbevf: fix MAC address changes through ixgbevf_set_mac() Enric Balletbo i Serra (1): arm64: defconfig: Enable Rockchip io-domain driver Eric Biggers (1): fscrypt: use unbound workqueue for decryption Eyal Reizer (1): wlcore: sdio: check for valid platform device data before suspend Ezequiel Garcia (1): media: tw686x: Fix incorrect vb2_mem_ops GFP flags Ganapathi Bhat (1): mwifiex: handle race during mwifiex_usb_disconnect Geert Uytterhoeven (3): vfio: platform: Fix reset module leak in error path ARM: dts: emev2: Add missing interrupt-affinity to PMU node ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Greg Kroah-Hartman (1): Linux 4.9.117 Grygorii Strashko (1): net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Hans Verkuil (1): media: videobuf2-core: don't call memop 'finish' when queueing Jakub Kicinski (1): bpf: fix references to free_bpf_prog_info() in comments James Simmons (1): staging: lustre: llite: correct removexattr detection Jane Wan (1): mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Jian-Hong Pan (1): Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Jiri Olsa (1): perf tools: Fix pmu events parsing rule Johannes Weiner (1): arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups Jonathan Neuschäfer (1): powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet José Roberto de Souza (1): drm: Add DP PSR2 sink enable bit Jozsef Kadlecsik (1): netfilter: ipset: List timing out entries with "timeout 1" instead of zero Juergen Gross (1): xen/netfront: raise max number of slots in xennet_get_responses() Julia Lawall (1): pinctrl: at91-pio4: add missing of_node_put KT Liao (1): Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Kai Chieh Chuang (1): ASoC: dpcm: fix BE dai not hw_free and shutdown Kan Liang (2): perf/x86/intel/uncore: Correct fixed counter index check in generic code perf/x86/intel/uncore: Correct fixed counter index check for NHM Leon Romanovsky (2): RDMA/mad: Convert BUG_ONs to error flows RDMA/uverbs: Protect from attempts to create flows on unsupported QP Linus Torvalds (1): squashfs: be more careful about metadata corruption Luc Van Oostenryck (2): drm/radeon: fix mode_valid's return type drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Marc Zyngier (1): dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA Mark Rutland (2): kcov: ensure irq code sees a valid area drivers/perf: arm-ccn: don't log to dmesg in event_init Martin Blumenstingl (1): dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Mathieu Malaterre (6): mm/slub.c: add __printf verification to slab_err() powerpc/32: Add a missing include header powerpc/chrp/time: Make some functions static, add missing header include powerpc/powermac: Add missing prototype for note_bootable_part() powerpc/powermac: Mark variable x as unused nvmem: properly handle returned value nvmem_reg_read Mauro Carvalho Chehab (2): media: siano: get rid of __le32/__le16 cast warnings media: si470x: fix __be16 annotations Maya Erez (1): scsi: ufs: fix exception event handling Michael Chan (1): bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. Michal Simek (1): microblaze: Fix simpleImage format generation Michal Vokáč (5): net: dsa: qca8k: Add support for QCA8334 switch net: dsa: qca8k: Force CPU port to its highest bandwidth net: dsa: qca8k: Enable RXMAC when bringing up a port net: dsa: qca8k: Add QCA8334 binding documentation net: dsa: qca8k: Allow overwriting CPU port setting Mika Westerberg (1): PCI: pciehp: Request control of native hotplug only if supported Mimi Zohar (1): ima: based on policy verify firmware signatures (pre-allocated buffer) NeilBrown (1): staging: lustre: ldlm: free resource when ldlm_lock_create() fails. Nicholas Piggin (1): powerpc/64s: Fix compiler store ordering to SLB shadow area Ondrej Mosnáček (1): audit: allow not equal op for audit by executable Qu Wenruo (1): btrfs: qgroup: Finish rescan when hit the last leaf of extent tree Sahitya Tummala (1): f2fs: Fix deadlock in shutdown ioctl Sam Bobroff (1): powerpc/eeh: Fix use-after-release of EEH driver Sami Tolvanen (1): media: media-device: fix ioctl function types Sandipan Das (1): bpf: powerpc64: pad function address loads with NOPs Satendra Singh Thakur (1): drm/atomic: Handling the case when setting old crtc for plane Scott Mayhew (1): nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Sean Lanigan (1): brcmfmac: Add support for bcm43364 wireless chipset Shakeel Butt (1): kvm, mm: account shadow page tables to kmemcg Shaul Triebitz (1): iwlwifi: pcie: fix race in Rx buffer allocator Shawn Lin (1): mmc: dw_mmc: update actual clock for mmc debugfs Shivasharan S (1): scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Shuah Khan (Samsung OSG) (1): usbip: usbip_detach: Fix memory, udev context and udev leak Siva Rebbagondla (1): rsi: Fix 'invalid vdd' warning in mmc Snild Dolkow (1): kthread, tracing: Don't expose half-written comm when creating kthreads Steven Rostedt (VMware) (3): tracing: Fix double free of event_trigger_data tracing: Fix possible double free in event_enable_trigger_func() tracing: Quiet gcc warning about maybe unused link variable Stewart Smith (1): hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Suman Anna (1): media: omap3isp: fix unbalanced dma_iommu_mapping Sven Eckelmann (9): ath: Add regulatory mapping for FCC3_ETSIC ath: Add regulatory mapping for ETSI8_WORLD ath: Add regulatory mapping for APL13_WORLD ath: Add regulatory mapping for APL2_FCCA ath: Add regulatory mapping for Uganda ath: Add regulatory mapping for Tanzania ath: Add regulatory mapping for Serbia ath: Add regulatory mapping for Bermuda ath: Add regulatory mapping for Bahamas Takashi Iwai (2): ALSA: emu10k1: Rate-limit error messages about page errors ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Takashi Sakamoto (1): ALSA: hda/ca0132: fix build failure when a local macro is defined Terry Junge (1): HID: hid-plantronics: Re-resend Update to map button for PTT products Theodore Ts'o (3): random: mix rdrand with entropy sent in from userspace ext4: fix inline data updates with checksums enabled ext4: check for allocation block validity with block group locked Thierry Escande (1): Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Thomas Gleixner (1): stop_machine: Use raw spinlocks Thomas Richter (2): s390/cpum_sf: Add data entry sizes to sampling trailer entry perf: fix invalid bit in diagnostic entry Thor Thayer (1): EDAC, altera: Fix ARM64 build warning Tobin C. Harding (1): mmc: pwrseq: Use kmalloc_array instead of stack VLA Trond Myklebust (1): pnfs: Don't release the sequence slot until we've processed layoutget on open Tudor-Dan Ambarus (2): crypto: authencesn - don't leak pointers to authenc keys crypto: authenc - don't leak pointers to authenc keys Vincent Palatin (1): mfd: cros_ec: Fail early if we cannot identify the EC Wei Yongjun (1): media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Wenwen Wang (2): scsi: 3w-9xxx: fix a missing-check bug scsi: 3w-xxxx: fix a missing-check bug Will Deacon (1): arm64: cmpwait: Clear event register before arming exclusive monitor Xinming Hu (1): mwifiex: correct histogram data with appropriate index Xose Vazquez Perez (1): scsi: scsi_dh: replace too broad "TP9" string with the exact models Yixun Lan (1): dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Yufen Yu (1): md: fix NULL dereference of mddev->pers in remove_and_add_spares() Zhouyang Jia (2): ALSA: emu10k1: add error handling for snd_ctl_add ALSA: fm801: add error handling for snd_ctl_add

7 years, 1 month

1
1
0 0

Linux 4.14.60

by Greg KH

I'm announcing the release of the 4.14.60 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/net/dsa/qca8k.txt | 23 +- Documentation/devicetree/bindings/net/meson-dwmac.txt | 1 Documentation/devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 Documentation/vfio-mediated-device.txt | 5 Makefile | 2 arch/arm/boot/dts/emev2.dtsi | 5 arch/arm/boot/dts/sh73a0.dtsi | 5 arch/arm/boot/dts/stih407-pinctrl.dtsi | 10 arch/arm/net/bpf_jit_32.c | 10 arch/arm64/boot/dts/renesas/salvator-common.dtsi | 38 +-- arch/arm64/configs/defconfig | 2 arch/arm64/include/asm/cmpxchg.h | 4 arch/arm64/mm/init.c | 4 arch/microblaze/boot/Makefile | 10 arch/powerpc/include/asm/barrier.h | 15 + arch/powerpc/include/asm/cache.h | 3 arch/powerpc/kernel/eeh_driver.c | 28 +- arch/powerpc/kernel/head_8xx.S | 2 arch/powerpc/kernel/pci_32.c | 1 arch/powerpc/kernel/prom_init.c | 114 +++++----- arch/powerpc/lib/string.S | 7 arch/powerpc/mm/slb.c | 8 arch/powerpc/net/bpf_jit_comp64.c | 34 ++ arch/powerpc/platforms/chrp/time.c | 6 arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 arch/powerpc/platforms/powermac/bootx_init.c | 4 arch/powerpc/platforms/powermac/setup.c | 1 arch/s390/include/asm/cpu_mf.h | 6 arch/x86/events/intel/uncore.c | 2 arch/x86/events/intel/uncore_nhmex.c | 2 arch/x86/kernel/cpu/microcode/core.c | 6 arch/x86/kvm/mmu.c | 2 block/bfq-iosched.c | 2 block/bio.c | 19 - crypto/authenc.c | 1 crypto/authencesn.c | 1 drivers/acpi/acpi_lpss.c | 6 drivers/acpi/pci_root.c | 4 drivers/ata/libata-eh.c | 12 - drivers/bluetooth/btusb.c | 4 drivers/bluetooth/hci_qca.c | 2 drivers/bus/arm-ccn.c | 20 - drivers/char/random.c | 10 drivers/edac/altera_edac.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 8 drivers/gpu/drm/drm_atomic.c | 4 drivers/gpu/drm/drm_atomic_helper.c | 78 +++--- drivers/gpu/drm/drm_dp_mst_topology.c | 9 drivers/gpu/drm/gma500/psb_intel_drv.h | 2 drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 drivers/gpu/drm/nouveau/nvkm/engine/fifo/gk104.c | 8 drivers/gpu/drm/radeon/radeon_connectors.c | 10 drivers/hid/hid-plantronics.c | 6 drivers/hid/i2c-hid/i2c-hid.c | 8 drivers/i2c/i2c-core-base.c | 5 drivers/infiniband/core/mad.c | 11 drivers/infiniband/core/ucma.c | 6 drivers/infiniband/core/uverbs_cmd.c | 5 drivers/infiniband/core/verbs.c | 12 - drivers/infiniband/ulp/srpt/ib_srpt.c | 16 - drivers/input/mouse/elan_i2c_core.c | 2 drivers/input/serio/i8042-x86ia64io.h | 7 drivers/irqchip/irq-ls-scfg-msi.c | 3 drivers/lightnvm/pblk-rb.c | 5 drivers/md/md.c | 3 drivers/md/raid1.c | 2 drivers/media/common/siano/smsendian.c | 14 - drivers/media/i2c/smiapp/smiapp-core.c | 11 drivers/media/media-device.c | 21 - drivers/media/pci/saa7164/saa7164-fw.c | 3 drivers/media/pci/tw686x/tw686x-video.c | 3 drivers/media/platform/omap3isp/isp.c | 7 drivers/media/platform/rcar_jpu.c | 4 drivers/media/radio/si470x/radio-si470x-i2c.c | 6 drivers/media/v4l2-core/videobuf2-core.c | 9 drivers/memory/tegra/mc.c | 22 - drivers/memory/tegra/mc.h | 9 drivers/memory/tegra/tegra114.c | 2 drivers/memory/tegra/tegra124.c | 6 drivers/memory/tegra/tegra210.c | 3 drivers/memory/tegra/tegra30.c | 2 drivers/mfd/cros_ec.c | 6 drivers/mmc/core/pwrseq_simple.c | 14 - drivers/mmc/host/dw_mmc.c | 4 drivers/mtd/nand/fsl_ifc_nand.c | 17 - drivers/net/dsa/qca8k.c | 52 ++++ drivers/net/dsa/qca8k.h | 7 drivers/net/ethernet/amazon/ena/ena_com.c | 1 drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 4 drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 7 drivers/net/ethernet/hisilicon/hns3/hns3pf/hns3_enet.c | 4 drivers/net/ethernet/intel/e1000e/netdev.c | 15 - drivers/net/ethernet/intel/i40e/i40e_ptp.c | 7 drivers/net/ethernet/intel/igb/igb_main.c | 9 drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c | 4 drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 drivers/net/hyperv/hyperv_net.h | 2 drivers/net/hyperv/netvsc_drv.c | 43 +-- drivers/net/phy/mdio-mux-bcm-iproc.c | 2 drivers/net/phy/phylink.c | 2 drivers/net/usb/lan78xx.c | 2 drivers/net/wireless/ath/regd.h | 5 drivers/net/wireless/ath/regd_common.h | 13 + drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 drivers/net/wireless/marvell/mwifiex/usb.c | 3 drivers/net/wireless/marvell/mwifiex/util.c | 8 drivers/net/wireless/rsi/rsi_91x_hal.c | 35 +-- drivers/net/wireless/rsi/rsi_91x_sdio.c | 23 +- drivers/net/wireless/rsi/rsi_sdio.h | 2 drivers/net/wireless/ti/wlcore/sdio.c | 5 drivers/net/xen-netfront.c | 10 drivers/nvme/host/pci.c | 5 drivers/nvme/host/rdma.c | 10 drivers/nvmem/core.c | 7 drivers/pci/host/pci-xgene.c | 1 drivers/pci/hotplug/pciehp_hpc.c | 7 drivers/pci/pci-sysfs.c | 15 - drivers/pci/probe.c | 4 drivers/pinctrl/pinctrl-at91-pio4.c | 4 drivers/regulator/cpcap-regulator.c | 2 drivers/regulator/of_regulator.c | 13 - drivers/regulator/pfuze100-regulator.c | 1 drivers/regulator/twl-regulator.c | 2 drivers/rtc/interface.c | 5 drivers/rtc/rtc-tps6586x.c | 14 - drivers/rtc/rtc-tps65910.c | 12 - drivers/rtc/rtc-vr41xx.c | 9 drivers/s390/scsi/zfcp_dbf.c | 2 drivers/scsi/3w-9xxx.c | 5 drivers/scsi/3w-xxxx.c | 3 drivers/scsi/cxlflash/main.c | 11 drivers/scsi/cxlflash/sislite.h | 1 drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 11 drivers/scsi/megaraid.c | 3 drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 drivers/scsi/qedf/qedf_main.c | 10 drivers/scsi/scsi_dh.c | 5 drivers/scsi/ufs/ufshcd.c | 28 +- drivers/soc/imx/gpcv2.c | 22 + drivers/spi/spi-meson-spicc.c | 11 drivers/spi/spi-s3c64xx.c | 4 drivers/spi/spi-sh-msiof.c | 6 drivers/spi/spi.c | 1 drivers/staging/lustre/lnet/klnds/o2iblnd/o2iblnd.c | 2 drivers/staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 30 +- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 drivers/staging/lustre/lustre/llite/xattr.c | 6 drivers/staging/media/atomisp/i2c/ov2680.c | 6 drivers/staging/media/atomisp/pci/atomisp2/atomisp_compat_ioctl32.c | 49 ++-- drivers/staging/vc04_services/interface/vchiq_arm/vchiq_core.c | 1 drivers/thermal/samsung/exynos_tmu.c | 1 drivers/tty/hvc/hvc_opal.c | 1 drivers/tty/pty.c | 3 drivers/usb/core/hub.c | 4 drivers/usb/gadget/udc/renesas_usb3.c | 8 drivers/vfio/mdev/mdev_core.c | 102 +++----- drivers/vfio/mdev/mdev_private.h | 2 drivers/vfio/platform/vfio_platform_common.c | 15 - drivers/vfio/vfio_iommu_type1.c | 73 ++++-- drivers/video/backlight/pwm_bl.c | 6 drivers/watchdog/da9063_wdt.c | 17 + fs/block_dev.c | 9 fs/btrfs/inode.c | 33 +- fs/btrfs/qgroup.c | 19 + fs/btrfs/tree-log.c | 10 fs/ceph/super.c | 2 fs/crypto/crypto.c | 11 fs/ext4/balloc.c | 3 fs/ext4/ialloc.c | 8 fs/ext4/inline.c | 19 - fs/ext4/inode.c | 16 - fs/ext4/super.c | 8 fs/f2fs/data.c | 8 fs/f2fs/file.c | 18 + fs/f2fs/gc.c | 11 fs/f2fs/segment.c | 5 fs/f2fs/super.c | 6 fs/nfs/nfs4proc.c | 14 - fs/nfs/pnfs.c | 6 fs/nfsd/nfs4xdr.c | 2 fs/overlayfs/super.c | 19 + fs/proc/task_mmu.c | 26 +- fs/squashfs/cache.c | 3 fs/squashfs/file.c | 8 fs/squashfs/fragment.c | 4 fs/squashfs/squashfs_fs.h | 6 include/drm/drm_dp_helper.h | 1 include/linux/delayacct.h | 4 include/linux/dma-iommu.h | 1 include/linux/mmc/sdio_ids.h | 1 include/linux/netfilter/ipset/ip_set_timeout.h | 10 include/linux/regulator/consumer.h | 1 include/linux/serial_core.h | 3 include/linux/thread_info.h | 6 include/net/tcp.h | 2 include/soc/tegra/mc.h | 2 include/uapi/sound/asoc.h | 23 +- kernel/auditfilter.c | 2 kernel/auditsc.c | 2 kernel/bpf/verifier.c | 4 kernel/delayacct.c | 17 - kernel/fork.c | 3 kernel/hung_task.c | 11 kernel/kcov.c | 3 kernel/kthread.c | 8 kernel/power/suspend.c | 14 - kernel/printk/printk_safe.c | 2 kernel/stop_machine.c | 24 +- kernel/trace/trace_events_trigger.c | 18 + kernel/trace/trace_kprobe.c | 15 + mm/slub.c | 2 mm/vmalloc.c | 3 net/ipv4/fib_frontend.c | 4 net/ipv4/ipconfig.c | 13 + net/ipv4/tcp_bbr.c | 4 net/ipv4/tcp_dctcp.c | 4 net/ipv4/tcp_input.c | 48 ++-- net/netfilter/ipset/ip_set_hash_gen.h | 5 net/netfilter/nf_tables_api.c | 11 net/netlink/af_netlink.c | 5 security/integrity/ima/ima_main.c | 1 sound/pci/emu10k1/emupcm.c | 4 sound/pci/emu10k1/memory.c | 6 sound/pci/fm801.c | 16 + sound/pci/hda/patch_ca0132.c | 8 sound/soc/soc-pcm.c | 6 sound/soc/soc-topology.c | 19 + sound/usb/pcm.c | 2 tools/perf/util/parse-events.y | 14 + tools/testing/selftests/intel_pstate/run.sh | 29 +- tools/testing/selftests/memfd/run_tests.sh | 14 - tools/usb/usbip/libsrc/vhci_driver.c | 32 +- tools/usb/usbip/libsrc/vhci_driver.h | 3 tools/usb/usbip/src/usbip_detach.c | 9 238 files changed, 1564 insertions(+), 825 deletions(-) Alex Williamson (2): vfio/mdev: Check globally for duplicate devices vfio/type1: Fix task tracking for QEMU vCPU hotplug Alexandre Belloni (4): rtc: ensure rtc_set_alarm fails when alarms are not supported rtc: tps6586x: fix possible race condition rtc: vr41xx: fix possible race condition rtc: tps65910: fix possible race condition Alexey Khoroshilov (1): spi: meson-spicc: Fix error handling in meson_spicc_probe() Alexey Kodanev (1): netfilter: nf_tables: check msg_type before nft_trans_set(trans) Anatoly Pugachev (1): disable loading f2fs module on PAGE_SIZE > 4KB Andrew Morton (2): drivers/infiniband/core/verbs.c: fix build with gcc-4.4.4 drivers/infiniband/ulp/srpt/ib_srpt.c: fix build with gcc-4.4.4 Andrey Smirnov (1): soc: imx: gpcv2: Do not pass static memory as platform data Andy Shevchenko (1): drm/dp/mst: Fix off-by-one typo when dump payload table Anson Huang (1): regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Anton Vasilyev (1): net: mdio-mux: bcm-iproc: fix wrong getter and setter pair Artem Savkov (1): tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Bart Van Assche (2): RDMA/core: Avoid that ib_drain_qp() triggers an out-of-bounds stack access IB/srpt: Fix an out-of-bounds stack access in srpt_zerolength_write() Bartlomiej Zolnierkiewicz (1): thermal: exynos: fix setting rising_threshold for Exynos5433 Ben Skeggs (1): drm/nouveau/fifo/gk104-: poll for runlist update completion Benjamin Poirier (1): e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes Brad Love (1): media: saa7164: Fix driver name in debug output Chad Dupuis (1): scsi: qedf: Set the UNLOADING flag when removing a vport Chao Yu (5): f2fs: fix error path of move_data_page f2fs: fix to don't trigger writeback during recovery f2fs: fix to wait page writeback during revoking atomic write f2fs: fix to detect failure of dquot_initialize f2fs: fix race in between GC and atomic open Chen-Yu Tsai (1): Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Chengguang Xu (2): ceph: fix alignment of rasize ovl: Sync upper dirty data when syncing overlayfs Chintan Pandya (1): mm: vmalloc: avoid racy handling of debugobjects in vunmap Chris Novakovic (1): ipconfig: Correctly initialise ic_nameservers Christoph Hellwig (1): PCI: Prevent sysfs disable of device while driver is attached Christophe Leroy (2): powerpc/lib: Adjust .balign inside string functions for PPC32 powerpc/8xx: fix invalid register expression in head_8xx.S Colin Ian King (1): media: smiapp: fix timeout checking in smiapp_read_nvm Cong Wang (1): infiniband: fix a possible use-after-free bug DaeRyong Jeong (1): tty: Fix data race in tty_insert_flip_string_fixed_flag Damien Le Moal (1): libata: Fix command retry decision Dan Carpenter (1): scsi: megaraid: silence a static checker bug Daniel Díaz (1): selftests/intel_pstate: Improve test, minor fixes David Sterba (1): btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Dmitry Osipenko (2): memory: tegra: Do not handle spurious interrupts memory: tegra: Apply interrupts mask per SoC Dmitry Safonov (2): netlink: Do not subscribe to non-existent groups netlink: Don't shift with UB on nlk->ngroups Dmitry Torokhov (1): HID: i2c-hid: check if device is there before really probing Dominik Bozek (1): usb: hub: Don't wait for connect state at resume for powered-off ports Donald Shanty III (1): Input: elan_i2c - add ACPI ID for lenovo ideapad 330 Doug Oucahrek (1): staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Doug Oucharek (1): staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 Douglas Anderson (2): serial: core: Make sure compiler barfs for 16-byte earlycon names regulator: Don't return or expect -errno from of_map_mode() Emil Tantilov (1): ixgbevf: fix MAC address changes through ixgbevf_set_mac() Enric Balletbo i Serra (1): arm64: defconfig: Enable Rockchip io-domain driver Eric Biggers (1): fscrypt: use unbound workqueue for decryption Eric Dumazet (4): tcp: do not force quickack when receiving out-of-order packets tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode tcp: do not aggressively quick ack after ECN events tcp: add one more quick ack after after ECN events Ethan Lien (1): btrfs: balance dirty metadata pages in btrfs_finish_ordered_io Eugeniy Paltsev (1): NET: stmmac: align DMA stuff to largest cache line length Eyal Reizer (1): wlcore: sdio: check for valid platform device data before suspend Ezequiel Garcia (1): media: tw686x: Fix incorrect vb2_mem_ops GFP flags Filippo Muzzini (1): block, bfq: remove wrong lock in bfq_requests_merged Florent Fourcot (1): netfilter: ipset: forbid family for hash:mac sets Florian Fainelli (1): net: phy: phylink: Release link GPIO Fuyun Liang (1): net: hns3: Fixes the init of the VALID BD info in the descriptor Gal Pressman (1): net: ena: Fix use of uninitialized DMA address bits field Ganapathi Bhat (1): mwifiex: handle race during mwifiex_usb_disconnect Geert Uytterhoeven (4): vfio: platform: Fix reset module leak in error path spi: sh-msiof: Fix setting SIRMDR1.SYNCAC to match SITMDR1.SYNCAC ARM: dts: emev2: Add missing interrupt-affinity to PMU node ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Gioh Kim (1): md/raid1: add error handling of read error from FailFast device Greg Edwards (1): block: reset bi_iter.bi_done after splitting bio Greg Kroah-Hartman (1): Linux 4.14.60 Grygorii Strashko (1): net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Hans Verkuil (1): media: videobuf2-core: don't call memop 'finish' when queueing Hans de Goede (1): ACPI / LPSS: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is 2 Huang Ying (1): mm: /proc/pid/pagemap: hide swap entries from unprivileged users Huazhong Tan (1): net: hns3: Fixes the out of bounds access in hclge_map_tqp Jacob Keller (1): i40e: free the skb after clearing the bitlock Jaegeuk Kim (1): f2fs: avoid fsync() failure caused by EAGAIN in writepage() Jakub Kicinski (1): bpf: fix references to free_bpf_prog_info() in comments James Simmons (1): staging: lustre: llite: correct removexattr detection Jan Kiszka (1): PCI: Fix devm_pci_alloc_host_bridge() memory leak Jane Wan (1): mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Javier González (1): lightnvm: pblk: warn in case of corrupted write buffer Jens Remus (1): scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger Jian-Hong Pan (1): Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Jianchao Wang (1): nvme-rdma: stop admin queue before freeing it Jiri Olsa (1): perf tools: Fix pmu events parsing rule Johannes Weiner (1): arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups Jonathan Neuschäfer (1): powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet José Roberto de Souza (1): drm: Add DP PSR2 sink enable bit Jozsef Kadlecsik (1): netfilter: ipset: List timing out entries with "timeout 1" instead of zero Juergen Gross (1): xen/netfront: raise max number of slots in xennet_get_responses() Julia Lawall (1): pinctrl: at91-pio4: add missing of_node_put KT Liao (1): Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Kai Chieh Chuang (1): ASoC: dpcm: fix BE dai not hw_free and shutdown Kan Liang (2): perf/x86/intel/uncore: Correct fixed counter index check in generic code perf/x86/intel/uncore: Correct fixed counter index check for NHM Kees Cook (1): fork: unconditionally clear stack on fork Keith Busch (1): nvme-pci: Fix AER reset handling Kirill Marinushkin (2): ASoC: topology: Fix bclk and fsync inversion in set_link_hw_format() ASoC: topology: Add missing clock gating parameter when parsing hw_configs Kuninori Morimoto (1): arm64: dts: renesas: salvator-common: use audio-graph-card for Sound Laurentiu Tudor (1): irqchip/ls-scfg-msi: Map MSIs in the iommu Leon Romanovsky (2): RDMA/mad: Convert BUG_ONs to error flows RDMA/uverbs: Protect from attempts to create flows on unsupported QP Linus Torvalds (1): squashfs: be more careful about metadata corruption Lixin Wang (1): i2c: core: decrease reference count of device node in i2c_unregister_device Lorenzo Bianconi (1): ipv4: remove BUG_ON() from fib_compute_spec_dst Lorenzo Pieralisi (1): PCI: xgene: Remove leftover pci_scan_child_bus() call Luc Van Oostenryck (2): drm/radeon: fix mode_valid's return type drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Lukas Wunner (1): PCI: pciehp: Assume NoCompl+ for Thunderbolt ports Marc Zyngier (1): dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA Marco Felsch (1): watchdog: da9063: Fix updating timeout value Marek Szyprowski (1): spi: spi-s3c64xx: Fix system resume support Mark Rutland (2): kcov: ensure irq code sees a valid area drivers/perf: arm-ccn: don't log to dmesg in event_init Martin Blumenstingl (1): dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Martin Wilck (2): block: bio_iov_iter_get_pages: fix size of last iovec blkdev: __blkdev_direct_IO_simple: fix leak in error case Mathieu Malaterre (7): mm/slub.c: add __printf verification to slab_err() powerpc/32: Add a missing include header powerpc/chrp/time: Make some functions static, add missing header include powerpc/powermac: Add missing prototype for note_bootable_part() powerpc/powermac: Mark variable x as unused powerpc: Add __printf verification to prom_printf nvmem: properly handle returned value nvmem_reg_read Matthew R. Ochs (1): scsi: cxlflash: Avoid clobbering context control register value Mauro Carvalho Chehab (4): media: atomisp: ov2680: don't declare unused vars media: siano: get rid of __le32/__le16 cast warnings media: atomisp: compat32: fix __user annotations media: si470x: fix __be16 annotations Maya Erez (1): scsi: ufs: fix exception event handling Michael Chan (1): bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. Michael Grzeschik (1): usbip: dynamically allocate idev by nports found in sysfs Michal Simek (1): microblaze: Fix simpleImage format generation Michal Suchanek (1): powerpc/64s: Add barrier_nospec Michal Vokáč (5): net: dsa: qca8k: Add support for QCA8334 switch net: dsa: qca8k: Force CPU port to its highest bandwidth net: dsa: qca8k: Enable RXMAC when bringing up a port net: dsa: qca8k: Add QCA8334 binding documentation net: dsa: qca8k: Allow overwriting CPU port setting Mika Westerberg (1): PCI: pciehp: Request control of native hotplug only if supported Mimi Zohar (1): ima: based on policy verify firmware signatures (pre-allocated buffer) Neal Cardwell (1): tcp_bbr: fix bw probing to raise in-flight data for very small BDPs NeilBrown (1): staging: lustre: ldlm: free resource when ldlm_lock_create() fails. Nicholas Piggin (1): powerpc/64s: Fix compiler store ordering to SLB shadow area Olga Kornievskaia (1): skip LAYOUTRETURN if layout is invalid Omar Sandoval (2): Btrfs: don't return ino to ino cache if inode item removal fails Btrfs: don't BUG_ON() in btrfs_truncate_inode_items() Ondrej Mosnáček (1): audit: allow not equal op for audit by executable Patrice Chotard (1): ARM: dts: stih407-pinctrl: Fix complain about IRQ_TYPE_NONE usage Petr Machata (1): mlxsw: spectrum_switchdev: Fix port_vlan refcounting Qu Wenruo (1): btrfs: qgroup: Finish rescan when hit the last leaf of extent tree Sahitya Tummala (1): f2fs: Fix deadlock in shutdown ioctl Sam Bobroff (1): powerpc/eeh: Fix use-after-release of EEH driver Sami Tolvanen (1): media: media-device: fix ioctl function types Samuel Li (1): drm/amdgpu: Remove VRAM from shared bo domains. Sandipan Das (1): bpf: powerpc64: pad function address loads with NOPs Satendra Singh Thakur (1): drm/atomic: Handling the case when setting old crtc for plane Scott Mayhew (1): nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Scott Wood (1): x86/microcode: Make the late update update_lock a raw lock for RT Sean Lanigan (1): brcmfmac: Add support for bcm43364 wireless chipset Sebastian Andrzej Siewior (2): PM / wakeup: Make s2idle_lock a RAW_SPINLOCK delayacct: Use raw_spinlocks Sergey Senozhatsky (1): printk: drop in_nmi check from printk_safe_flush_on_panic() Shakeel Butt (1): kvm, mm: account shadow page tables to kmemcg Shaul Triebitz (1): iwlwifi: pcie: fix race in Rx buffer allocator Shawn Lin (1): mmc: dw_mmc: update actual clock for mmc debugfs Shivasharan S (1): scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Shuah Khan (Samsung OSG) (3): usbip: usbip_detach: Fix memory, udev context and udev leak selftests: memfd: return Kselftest Skip code for skipped tests selftests: intel_pstate: return Kselftest Skip code for skipped tests Siva Rebbagondla (2): rsi: Fix 'invalid vdd' warning in mmc rsi: fix nommu_map_sg overflow kernel panic Snild Dolkow (1): kthread, tracing: Don't expose half-written comm when creating kthreads Stefan Wahren (2): staging: vchiq_core: Fix missing semaphore release in error case net: lan78xx: fix rx handling before first packet is send Stephen Hemminger (1): hv_netvsc: fix network namespace issues with VF support Steven Rostedt (VMware) (3): tracing: Fix double free of event_trigger_data tracing: Fix possible double free in event_enable_trigger_func() tracing: Quiet gcc warning about maybe unused link variable Stewart Smith (1): hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Subhash Jadavani (1): scsi: ufs: ufshcd: fix possible unclocked register access Suman Anna (1): media: omap3isp: fix unbalanced dma_iommu_mapping Sven Eckelmann (9): ath: Add regulatory mapping for FCC3_ETSIC ath: Add regulatory mapping for ETSI8_WORLD ath: Add regulatory mapping for APL13_WORLD ath: Add regulatory mapping for APL2_FCCA ath: Add regulatory mapping for Uganda ath: Add regulatory mapping for Tanzania ath: Add regulatory mapping for Serbia ath: Add regulatory mapping for Bermuda ath: Add regulatory mapping for Bahamas Takashi Iwai (2): ALSA: emu10k1: Rate-limit error messages about page errors ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Takashi Sakamoto (1): ALSA: hda/ca0132: fix build failure when a local macro is defined Tejun Heo (1): delayacct: fix crash in delayacct_blkio_end() after delayacct init failure Terry Junge (1): HID: hid-plantronics: Re-resend Update to map button for PTT products Tetsuo Handa (1): kernel/hung_task.c: show all hung tasks before panic Theodore Ts'o (4): random: mix rdrand with entropy sent in from userspace ext4: fix inline data updates with checksums enabled ext4: check for allocation block validity with block group locked ext4: fix check to prevent initializing reserved inodes Thierry Escande (1): Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Thomas Gleixner (1): stop_machine: Use raw spinlocks Thomas Richter (2): s390/cpum_sf: Add data entry sizes to sampling trailer entry perf: fix invalid bit in diagnostic entry Thor Thayer (1): EDAC, altera: Fix ARM64 build warning Tobin C. Harding (1): mmc: pwrseq: Use kmalloc_array instead of stack VLA Tony Lindgren (1): spi: Add missing pm_runtime_put_noidle() after failed get Trond Myklebust (2): NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY pnfs: Don't release the sequence slot until we've processed layoutget on open Tudor-Dan Ambarus (2): crypto: authencesn - don't leak pointers to authenc keys crypto: authenc - don't leak pointers to authenc keys Uma Krishnan (1): scsi: cxlflash: Synchronize reset and remove ops Vic Wei (1): Bluetooth: btusb: add ID for LiteOn 04ca:301a Ville Syrjälä (1): drm/atomic-helper: Drop plane->fb references only for drm_atomic_helper_shutdown() Vincent Palatin (1): mfd: cros_ec: Fail early if we cannot identify the EC Vinicius Costa Gomes (1): igb: Fix queue selection on MAC filters on i210 Wang YanQing (1): bpf, arm32: fix inconsistent naming about emit_a32_lsr_{r64,i64} Wei Xu (1): nvme: lightnvm: add granby support Wei Yongjun (1): media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Wenwen Wang (2): scsi: 3w-9xxx: fix a missing-check bug scsi: 3w-xxxx: fix a missing-check bug Will Deacon (1): arm64: cmpwait: Clear event register before arming exclusive monitor Wolfram Sang (1): backlight: pwm_bl: Don't use GPIOF_* with gpiod_get_direction Xi Wang (1): net: hns3: Fix the missing client list node initialization Xiang Chen (1): scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw Xiao Liang (1): xen-netfront: wait xenbus state change when load module manually Xinming Hu (1): mwifiex: correct histogram data with appropriate index Xose Vazquez Perez (1): scsi: scsi_dh: replace too broad "TP9" string with the exact models Yixun Lan (1): dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Yoshihiro Shimoda (1): usb: gadget: udc: renesas_usb3: should remove debugfs Yousuk Seung (1): tcp: refactor tcp_ecn_check_ce to remove sk type cast Yufen Yu (1): md: fix NULL dereference of mddev->pers in remove_and_add_spares() Zhouyang Jia (2): ALSA: emu10k1: add error handling for snd_ctl_add ALSA: fm801: add error handling for snd_ctl_add tangpengpeng (1): net: fix amd-xgbe flow-control issue

7 years, 1 month

1
1
0 0

[PATCH 4.9 000/144] 4.9.117-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.117 release. There are 144 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri Aug 3 16:49:15 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.117-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.117-rc1 Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Allow overwriting CPU port setting Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Add QCA8334 binding documentation Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Enable RXMAC when bringing up a port Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Force CPU port to its highest bandwidth Leon Romanovsky <leonro(a)mellanox.com> RDMA/uverbs: Protect from attempts to create flows on unsupported QP Theodore Ts'o <tytso(a)mit.edu> ext4: check for allocation block validity with block group locked Theodore Ts'o <tytso(a)mit.edu> ext4: fix inline data updates with checksums enabled Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: be more careful about metadata corruption Theodore Ts'o <tytso(a)mit.edu> random: mix rdrand with entropy sent in from userspace José Roberto de Souza <jose.souza(a)intel.com> drm: Add DP PSR2 sink enable bit Mauro Carvalho Chehab <mchehab(a)kernel.org> media: si470x: fix __be16 annotations Shivasharan S <shivasharan.srikanteshwara(a)broadcom.com> scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Xose Vazquez Perez <xose.vazquez(a)gmail.com> scsi: scsi_dh: replace too broad "TP9" string with the exact models Suman Anna <s-anna(a)ti.com> media: omap3isp: fix unbalanced dma_iommu_mapping Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authenc - don't leak pointers to authenc keys Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authencesn - don't leak pointers to authenc keys Dominik Bozek <dominikx.bozek(a)intel.com> usb: hub: Don't wait for connect state at resume for powered-off ports Michal Simek <michal.simek(a)xilinx.com> microblaze: Fix simpleImage format generation Douglas Anderson <dianders(a)chromium.org> serial: core: Make sure compiler barfs for 16-byte earlycon names NeilBrown <neilb(a)suse.com> staging: lustre: ldlm: free resource when ldlm_lock_create() fails. James Simmons <jsimmons(a)infradead.org> staging: lustre: llite: correct removexattr detection Ondrej Mosnáček <omosnace(a)redhat.com> audit: allow not equal op for audit by executable Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> rsi: Fix 'invalid vdd' warning in mmc Chris Novakovic <chris(a)chrisn.me.uk> ipconfig: Correctly initialise ic_nameservers Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Enric Balletbo i Serra <enric.balletbo(a)collabora.com> arm64: defconfig: Enable Rockchip io-domain driver Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Apply interrupts mask per SoC Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Do not handle spurious interrupts Thomas Gleixner <tglx(a)linutronix.de> stop_machine: Use raw spinlocks Kirill Tkhai <ktkhai(a)virtuozzo.com> fasync: Fix deadlock between task-context and interrupt-context kill_fasync() Yixun Lan <yixun.lan(a)amlogic.com> dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Tobin C. Harding <me(a)tobin.cc> mmc: pwrseq: Use kmalloc_array instead of stack VLA Shawn Lin <shawn.lin(a)rock-chips.com> mmc: dw_mmc: update actual clock for mmc debugfs Takashi Sakamoto <o-takashi(a)sakamocchi.jp> ALSA: hda/ca0132: fix build failure when a local macro is defined Satendra Singh Thakur <satendra.t(a)samsung.com> drm/atomic: Handling the case when setting old crtc for plane Mauro Carvalho Chehab <mchehab(a)kernel.org> media: siano: get rid of __le32/__le16 cast warnings Jakub Kicinski <jakub.kicinski(a)netronome.com> bpf: fix references to free_bpf_prog_info() in comments Bartlomiej Zolnierkiewicz <b.zolnierkie(a)samsung.com> thermal: exynos: fix setting rising_threshold for Exynos5433 Doug Oucahrek <dougso(a)me.com> staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Dan Carpenter <dan.carpenter(a)oracle.com> scsi: megaraid: silence a static checker bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-xxxx: fix a missing-check bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-9xxx: fix a missing-check bug Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. Thomas Richter <tmricht(a)linux.ibm.com> perf: fix invalid bit in diagnostic entry Thomas Richter <tmricht(a)linux.ibm.com> s390/cpum_sf: Add data entry sizes to sampling trailer entry Sean Lanigan <sean(a)lano.id.au> brcmfmac: Add support for bcm43364 wireless chipset Jane Wan <Jane.Wan(a)nokia.com> mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Brad Love <brad(a)nextdimension.cc> media: saa7164: Fix driver name in debug output Sami Tolvanen <samitolvanen(a)google.com> media: media-device: fix ioctl function types Damien Le Moal <damien.lemoal(a)wdc.com> libata: Fix command retry decision Wei Yongjun <yongjun_wei(a)trendmicro.com.cn> media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Marc Zyngier <marc.zyngier(a)arm.com> dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA DaeRyong Jeong <threeearcat(a)gmail.com> tty: Fix data race in tty_insert_flip_string_fixed_flag Mathieu Malaterre <malat(a)debian.org> nvmem: properly handle returned value nvmem_reg_read Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: emev2: Add missing interrupt-affinity to PMU node Thor Thayer <thor.thayer(a)linux.intel.com> EDAC, altera: Fix ARM64 build warning Dmitry Torokhov <dtor(a)chromium.org> HID: i2c-hid: check if device is there before really probing Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/radeon: fix mode_valid's return type Terry Junge <terry.junge(a)plantronics.com> HID: hid-plantronics: Re-resend Update to map button for PTT products Will Deacon <will.deacon(a)arm.com> arm64: cmpwait: Clear event register before arming exclusive monitor Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Grygorii Strashko <grygorii.strashko(a)ti.com> net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Colin Ian King <colin.king(a)canonical.com> media: smiapp: fix timeout checking in smiapp_read_nvm Emil Tantilov <emil.s.tantilov(a)intel.com> ixgbevf: fix MAC address changes through ixgbevf_set_mac() Yufen Yu <yuyufen(a)huawei.com> md: fix NULL dereference of mddev->pers in remove_and_add_spares() Anson Huang <Anson.Huang(a)nxp.com> regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Takashi Iwai <tiwai(a)suse.de> ALSA: emu10k1: Rate-limit error messages about page errors Maya Erez <merez(a)codeaurora.org> scsi: ufs: fix exception event handling Eric Biggers <ebiggers(a)google.com> fscrypt: use unbound workqueue for decryption Mark Rutland <mark.rutland(a)arm.com> drivers/perf: arm-ccn: don't log to dmesg in event_init Mimi Zohar <zohar(a)linux.vnet.ibm.com> ima: based on policy verify firmware signatures (pre-allocated buffer) Xinming Hu <huxm(a)marvell.com> mwifiex: correct histogram data with appropriate index Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Add support for QCA8334 switch Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: pciehp: Request control of native hotplug only if supported Sandipan Das <sandipan(a)linux.vnet.ibm.com> bpf: powerpc64: pad function address loads with NOPs Julia Lawall <Julia.Lawall(a)lip6.fr> pinctrl: at91-pio4: add missing of_node_put Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/8xx: fix invalid register expression in head_8xx.S Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Mark variable x as unused Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Add missing prototype for note_bootable_part() Mathieu Malaterre <malat(a)debian.org> powerpc/chrp/time: Make some functions static, add missing header include Mathieu Malaterre <malat(a)debian.org> powerpc/32: Add a missing include header Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bahamas Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bermuda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Serbia Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Tanzania Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Uganda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL2_FCCA Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL13_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for ETSI8_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for FCC3_ETSIC Christoph Hellwig <hch(a)lst.de> PCI: Prevent sysfs disable of device while driver is attached Qu Wenruo <wqu(a)suse.com> btrfs: qgroup: Finish rescan when hit the last leaf of extent tree David Sterba <dsterba(a)suse.com> btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Hans Verkuil <hans.verkuil(a)cisco.com> media: videobuf2-core: don't call memop 'finish' when queueing Ezequiel Garcia <ezequiel(a)collabora.com> media: tw686x: Fix incorrect vb2_mem_ops GFP flags Eyal Reizer <eyalreizer(a)gmail.com> wlcore: sdio: check for valid platform device data before suspend Ganapathi Bhat <gbhat(a)marvell.com> mwifiex: handle race during mwifiex_usb_disconnect Vincent Palatin <vpalatin(a)chromium.org> mfd: cros_ec: Fail early if we cannot identify the EC Kai Chieh Chuang <kaichieh.chuang(a)mediatek.com> ASoC: dpcm: fix BE dai not hw_free and shutdown Jian-Hong Pan <jian-hong(a)endlessm.com> Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Thierry Escande <thierry.escande(a)linaro.org> Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Shaul Triebitz <shaul.triebitz(a)intel.com> iwlwifi: pcie: fix race in Rx buffer allocator Daniel Díaz <daniel.diaz(a)linaro.org> selftests/intel_pstate: Improve test, minor fixes Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check for NHM Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check in generic code Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_detach: Fix memory, udev context and udev leak Chao Yu <yuchao0(a)huawei.com> f2fs: fix race in between GC and atomic open Sahitya Tummala <stummala(a)codeaurora.org> f2fs: Fix deadlock in shutdown ioctl Chao Yu <yuchao0(a)huawei.com> f2fs: fix to wait page writeback during revoking atomic write Chao Yu <yuchao0(a)huawei.com> f2fs: fix to don't trigger writeback during recovery Chao Yu <yuchao0(a)huawei.com> f2fs: fix error path of move_data_page Anatoly Pugachev <matorola(a)gmail.com> disable loading f2fs module on PAGE_SIZE > 4KB Trond Myklebust <trond.myklebust(a)hammerspace.com> pnfs: Don't release the sequence slot until we've processed layoutget on open Alexey Kodanev <alexey.kodanev(a)oracle.com> netfilter: nf_tables: check msg_type before nft_trans_set(trans) Leon Romanovsky <leonro(a)mellanox.com> RDMA/mad: Convert BUG_ONs to error flows Nicholas Piggin <npiggin(a)gmail.com> powerpc/64s: Fix compiler store ordering to SLB shadow area Stewart Smith <stewart(a)linux.ibm.com> hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Sam Bobroff <sbobroff(a)linux.ibm.com> powerpc/eeh: Fix use-after-release of EEH driver Cong Wang <xiyou.wangcong(a)gmail.com> infiniband: fix a possible use-after-free bug Jozsef Kadlecsik <kadlec(a)blackhole.kfki.hu> netfilter: ipset: List timing out entries with "timeout 1" instead of zero Jiri Olsa <jolsa(a)kernel.org> perf tools: Fix pmu events parsing rule Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: ensure rtc_set_alarm fails when alarms are not supported Mathieu Malaterre <malat(a)debian.org> mm/slub.c: add __printf verification to slab_err() Chintan Pandya <cpandya(a)codeaurora.org> mm: vmalloc: avoid racy handling of debugobjects in vunmap Geert Uytterhoeven <geert+renesas(a)glider.be> vfio: platform: Fix reset module leak in error path Scott Mayhew <smayhew(a)redhat.com> nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: fm801: add error handling for snd_ctl_add Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: emu10k1: add error handling for snd_ctl_add Juergen Gross <jgross(a)suse.com> xen/netfront: raise max number of slots in xennet_get_responses() Mark Rutland <mark.rutland(a)arm.com> kcov: ensure irq code sees a valid area Antti Seppälä <a.seppala(a)gmail.com> usb: dwc2: Fix DMA alignment to start at allocated boundary Johannes Weiner <hannes(a)cmpxchg.org> arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Quiet gcc warning about maybe unused link variable Artem Savkov <asavkov(a)redhat.com> tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Snild Dolkow <snild(a)sony.com> kthread, tracing: Don't expose half-written comm when creating kthreads Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix possible double free in event_enable_trigger_func() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix double free of event_trigger_data Shakeel Butt <shakeelb(a)google.com> kvm, mm: account shadow page tables to kmemcg KT Liao <kt.liao(a)emc.com.tw> Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Chen-Yu Tsai <wens(a)csie.org> Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Donald Shanty III <dshanty(a)protonmail.com> Input: elan_i2c - add ACPI ID for lenovo ideapad 330 ------------- Diffstat: .../devicetree/bindings/net/dsa/qca8k.txt | 23 +++++++++- .../devicetree/bindings/net/meson-dwmac.txt | 1 + .../devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 + Makefile | 4 +- arch/arm/boot/dts/emev2.dtsi | 5 ++- arch/arm/boot/dts/sh73a0.dtsi | 5 ++- arch/arm64/configs/defconfig | 2 + arch/arm64/include/asm/cmpxchg.h | 4 +- arch/arm64/mm/init.c | 4 +- arch/microblaze/boot/Makefile | 10 +++-- arch/powerpc/kernel/eeh_driver.c | 28 +++++++----- arch/powerpc/kernel/head_8xx.S | 2 +- arch/powerpc/kernel/pci_32.c | 1 + arch/powerpc/mm/slb.c | 8 ++-- arch/powerpc/net/bpf_jit_comp64.c | 34 +++++++++----- arch/powerpc/platforms/chrp/time.c | 6 ++- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 +++ arch/powerpc/platforms/powermac/bootx_init.c | 4 +- arch/powerpc/platforms/powermac/setup.c | 1 + arch/s390/include/asm/cpu_mf.h | 6 ++- arch/x86/events/intel/uncore.c | 2 +- arch/x86/events/intel/uncore_nhmex.c | 2 +- arch/x86/kvm/mmu.c | 2 +- crypto/authenc.c | 1 + crypto/authencesn.c | 1 + drivers/acpi/pci_root.c | 4 +- drivers/ata/libata-eh.c | 12 +++-- drivers/bluetooth/btusb.c | 3 ++ drivers/bluetooth/hci_qca.c | 2 +- drivers/bus/arm-ccn.c | 20 ++++----- drivers/char/random.c | 10 ++++- drivers/edac/altera_edac.c | 2 +- drivers/gpu/drm/drm_atomic.c | 4 +- drivers/gpu/drm/gma500/psb_intel_drv.h | 2 +- drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 +- drivers/gpu/drm/radeon/radeon_connectors.c | 10 ++--- drivers/hid/hid-plantronics.c | 6 ++- drivers/hid/i2c-hid/i2c-hid.c | 8 ++++ drivers/infiniband/core/mad.c | 11 +++-- drivers/infiniband/core/ucma.c | 6 ++- drivers/infiniband/core/uverbs_cmd.c | 5 +++ drivers/input/mouse/elan_i2c_core.c | 2 + drivers/input/serio/i8042-x86ia64io.h | 7 +++ drivers/md/md.c | 3 ++ drivers/media/common/siano/smsendian.c | 14 +++--- drivers/media/i2c/smiapp/smiapp-core.c | 11 +++-- drivers/media/media-device.c | 21 ++++----- drivers/media/pci/saa7164/saa7164-fw.c | 3 +- drivers/media/pci/tw686x/tw686x-video.c | 3 +- drivers/media/platform/omap3isp/isp.c | 7 +-- drivers/media/platform/rcar_jpu.c | 4 +- drivers/media/radio/si470x/radio-si470x-i2c.c | 6 +-- drivers/media/v4l2-core/videobuf2-core.c | 9 ++-- drivers/memory/tegra/mc.c | 22 +++------ drivers/memory/tegra/mc.h | 9 ++++ drivers/memory/tegra/tegra114.c | 2 + drivers/memory/tegra/tegra124.c | 6 +++ drivers/memory/tegra/tegra210.c | 3 ++ drivers/memory/tegra/tegra30.c | 2 + drivers/mfd/cros_ec.c | 6 ++- drivers/mmc/core/pwrseq_simple.c | 14 +++--- drivers/mmc/host/dw_mmc.c | 4 ++ drivers/mtd/nand/fsl_ifc_nand.c | 17 ++++--- drivers/net/dsa/qca8k.c | 52 +++++++++++++++++++++- drivers/net/dsa/qca8k.h | 7 ++- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 ++ drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 + drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 +++- drivers/net/wireless/ath/regd.h | 5 +++ drivers/net/wireless/ath/regd_common.h | 13 ++++++ .../wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 + drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 + drivers/net/wireless/marvell/mwifiex/usb.c | 3 ++ drivers/net/wireless/marvell/mwifiex/util.c | 8 ++-- drivers/net/wireless/rsi/rsi_91x_sdio.c | 2 - drivers/net/wireless/ti/wlcore/sdio.c | 5 +++ drivers/net/xen-netfront.c | 4 +- drivers/nvmem/core.c | 7 +++ drivers/pci/pci-sysfs.c | 15 ++++--- drivers/pinctrl/pinctrl-at91-pio4.c | 4 +- drivers/regulator/pfuze100-regulator.c | 1 + drivers/rtc/interface.c | 5 +++ drivers/scsi/3w-9xxx.c | 5 +++ drivers/scsi/3w-xxxx.c | 3 ++ drivers/scsi/megaraid.c | 3 ++ drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 ++ drivers/scsi/scsi_dh.c | 5 ++- drivers/scsi/ufs/ufshcd.c | 2 + .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 18 +++++--- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 ++- drivers/staging/lustre/lustre/llite/xattr.c | 6 ++- drivers/thermal/samsung/exynos_tmu.c | 1 + drivers/tty/hvc/hvc_opal.c | 1 - drivers/tty/pty.c | 3 ++ drivers/usb/core/hub.c | 4 ++ drivers/usb/dwc2/hcd.c | 44 +++++++++--------- drivers/vfio/platform/vfio_platform_common.c | 15 ++++--- fs/btrfs/qgroup.c | 19 ++++++++ fs/btrfs/tree-log.c | 10 ++++- fs/crypto/crypto.c | 11 ++++- fs/ext4/balloc.c | 3 ++ fs/ext4/ialloc.c | 3 ++ fs/ext4/inline.c | 19 ++++---- fs/ext4/inode.c | 16 +++---- fs/f2fs/file.c | 14 ++++-- fs/f2fs/gc.c | 11 +++-- fs/f2fs/segment.c | 5 +++ fs/f2fs/super.c | 6 +++ fs/fcntl.c | 15 +++---- fs/nfs/nfs4proc.c | 3 +- fs/nfsd/nfs4xdr.c | 2 + fs/squashfs/cache.c | 3 ++ fs/squashfs/file.c | 8 +++- fs/squashfs/fragment.c | 4 +- fs/squashfs/squashfs_fs.h | 6 +++ include/drm/drm_dp_helper.h | 1 + include/linux/dma-iommu.h | 1 + include/linux/fs.h | 2 +- include/linux/mmc/sdio_ids.h | 1 + include/linux/netfilter/ipset/ip_set_timeout.h | 10 ++++- include/linux/serial_core.h | 3 +- include/soc/tegra/mc.h | 2 + kernel/auditfilter.c | 2 +- kernel/auditsc.c | 2 + kernel/bpf/verifier.c | 4 +- kernel/kcov.c | 3 +- kernel/kthread.c | 8 +++- kernel/stop_machine.c | 24 +++++----- kernel/trace/trace_events_trigger.c | 18 +++++--- kernel/trace/trace_kprobe.c | 15 ++++++- mm/slub.c | 2 +- mm/vmalloc.c | 3 +- net/ipv4/ipconfig.c | 13 ++++++ net/netfilter/nf_tables_api.c | 11 ++--- security/integrity/ima/ima_main.c | 1 + sound/pci/emu10k1/emupcm.c | 4 +- sound/pci/emu10k1/memory.c | 6 +-- sound/pci/fm801.c | 16 +++++-- sound/pci/hda/patch_ca0132.c | 8 +++- sound/soc/soc-pcm.c | 6 ++- sound/usb/pcm.c | 2 +- tools/perf/util/parse-events.y | 14 +++++- tools/testing/selftests/intel_pstate/run.sh | 24 +++++----- tools/usb/usbip/src/usbip_detach.c | 9 ++-- 144 files changed, 775 insertions(+), 308 deletions(-)

7 years, 1 month

6
134
0 0

[PATCH 4.17 000/336] 4.17.12-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.17.12 release. There are 336 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri Aug 3 16:49:21 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.17.12-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.17.12-rc1 Erik Schmauss <erik.schmauss(a)intel.com> ACPICA: AML Parser: ignore control method status in module-level code Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI / LPSS: Avoid PM quirks on suspend and resume from hibernation Lawrence Brakmo <brakmo(a)fb.com> tcp: ack immediately when a cwr packet arrives Eric Dumazet <edumazet(a)google.com> tcp: add one more quick ack after after ECN events Yousuk Seung <ysseung(a)google.com> tcp: refactor tcp_ecn_check_ce to remove sk type cast Eric Dumazet <edumazet(a)google.com> tcp: do not aggressively quick ack after ECN events Eric Dumazet <edumazet(a)google.com> tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode Eric Dumazet <edumazet(a)google.com> tcp: do not force quickack when receiving out-of-order packets Dmitry Safonov <dima(a)arista.com> netlink: Don't shift with UB on nlk->ngroups Dmitry Safonov <dima(a)arista.com> netlink: Do not subscribe to non-existent groups Tariq Toukan <tariqt(a)mellanox.com> net: rollback orig value on failure of dev_qdisc_change_tx_queue_len Arjun Vynipadath <arjun(a)chelsio.com> cxgb4: Added missing break in ndo_udp_tunnel_{add/del} Xiao Liang <xiliang(a)redhat.com> xen-netfront: wait xenbus state change when load module manually Toshiaki Makita <makita.toshiaki(a)lab.ntt.co.jp> virtio_net: Fix incosistent received bytes counter Neal Cardwell <ncardwell(a)google.com> tcp_bbr: fix bw probing to raise in-flight data for very small BDPs Avinash Repaka <avinash.repaka(a)oracle.com> RDS: RDMA: Fix the NULL-ptr deref in rds_ib_get_mr Eugeniy Paltsev <Eugeniy.Paltsev(a)synopsys.com> NET: stmmac: align DMA stuff to largest cache line length Anton Vasilyev <vasilyev(a)ispras.ru> net: mdio-mux: bcm-iproc: fix wrong getter and setter pair Stefan Wahren <stefan.wahren(a)i2se.com> net: lan78xx: fix rx handling before first packet is send tangpengpeng <tangpengpeng(a)higon.com> net: fix amd-xgbe flow-control issue Gal Pressman <pressmangal(a)gmail.com> net: ena: Fix use of uninitialized DMA address bits field Jakub Kicinski <jakub.kicinski(a)netronome.com> netdevsim: don't leak devlink resources Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> ipv4: remove BUG_ON() from fib_compute_spec_dst Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Allow overwriting CPU port setting Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Add QCA8334 binding documentation Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Enable RXMAC when bringing up a port Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Force CPU port to its highest bandwidth Leon Romanovsky <leon(a)kernel.org> RDMA/uverbs: Protect from attempts to create flows on unsupported QP Masahiro Yamada <yamada.masahiro(a)socionext.com> gpio: uniphier: set legitimate irq trigger type in .to_irq hook Linus Walleij <linus.walleij(a)linaro.org> gpio: of: Handle fixed regulator flags properly Theodore Ts'o <tytso(a)mit.edu> ext4: fix check to prevent initializing reserved inodes Theodore Ts'o <tytso(a)mit.edu> ext4: check for allocation block validity with block group locked Theodore Ts'o <tytso(a)mit.edu> ext4: fix inline data updates with checksums enabled Theodore Ts'o <tytso(a)mit.edu> ext4: fix false negatives *and* false positives in ext4_check_descriptors() Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: be more careful about metadata corruption Theodore Ts'o <tytso(a)mit.edu> random: mix rdrand with entropy sent in from userspace Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: rcar: handle RXDMA HW behaviour on Gen3 James Smart <jsmart2021(a)gmail.com> nvmet-fc: fix target sgl list on large transfers Greg Edwards <gedwards(a)ddn.com> block: reset bi_iter.bi_done after splitting bio Martin Wilck <mwilck(a)suse.com> blkdev: __blkdev_direct_IO_simple: fix leak in error case Martin Wilck <mwilck(a)suse.com> block: bio_iov_iter_get_pages: fix size of last iovec Felix Kuehling <Felix.Kuehling(a)amd.com> drm/amdgpu: Avoid reclaim while holding locks taken in MMU notifier Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> drm/dp/mst: Fix off-by-one typo when dump payload table Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/atomic-helper: Drop plane->fb references only for drm_atomic_helper_shutdown() José Roberto de Souza <jose.souza(a)intel.com> drm: Add DP PSR2 sink enable bit Fabio Estevam <fabio.estevam(a)nxp.com> ARM: dts: imx6qdl-wandboard: Let the codec control MCLK pinctrl Kirill Marinushkin <k.marinushkin(a)gmail.com> ASoC: topology: Add missing clock gating parameter when parsing hw_configs Kirill Marinushkin <k.marinushkin(a)gmail.com> ASoC: topology: Fix bclk and fsync inversion in set_link_hw_format() Masahisa KOJIMA <masahisa.kojima(a)linaro.org> net: socionext: reset hardware in ndo_stop Mauro Carvalho Chehab <mchehab(a)kernel.org> media: si470x: fix __be16 annotations Hans Verkuil <hverkuil(a)xs4all.nl> media: cec: fix smatch error Mauro Carvalho Chehab <mchehab(a)kernel.org> media: atomisp: compat32: fix __user annotations Bjorn Helgaas <bhelgaas(a)google.com> PCI/ASPM: Disable ASPM L1.2 Substate if we don't have LTR Matthew R. Ochs <mrochs(a)linux.vnet.ibm.com> scsi: cxlflash: Avoid clobbering context control register value Uma Krishnan <ukrishn(a)linux.vnet.ibm.com> scsi: cxlflash: Synchronize reset and remove ops Shivasharan S <shivasharan.srikanteshwara(a)broadcom.com> scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Xose Vazquez Perez <xose.vazquez(a)gmail.com> scsi: scsi_dh: replace too broad "TP9" string with the exact models Philippe CORNU <philippe.cornu(a)st.com> drm/stm: ltdc: fix warning in ltdc_crtc_update_clut() Thomas Hebb <tommyhebb(a)gmail.com> ath10k: search all IEs for variant before falling back Douglas Anderson <dianders(a)chromium.org> regulator: Don't return or expect -errno from of_map_mode() Suman Anna <s-anna(a)ti.com> media: omap3isp: fix unbalanced dma_iommu_mapping Sean Young <sean(a)mess.org> media: rc: mce_kbd decoder: low timeout values cause double keydowns Arnd Bergmann <arnd(a)arndb.de> y2038: ipc: Use ktime_get_real_seconds consistently Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authenc - don't leak pointers to authenc keys Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authencesn - don't leak pointers to authenc keys Dominik Bozek <dominikx.bozek(a)intel.com> usb: hub: Don't wait for connect state at resume for powered-off ports Michal Simek <michal.simek(a)xilinx.com> microblaze: Fix simpleImage format generation Andrey Smirnov <andrew.smirnov(a)gmail.com> soc: imx: gpcv2: Do not pass static memory as platform data Douglas Anderson <dianders(a)chromium.org> serial: core: Make sure compiler barfs for 16-byte earlycon names Sergio Paracuellos <sergio.paracuellos(a)gmail.com> staging: ks7010: fix error handling in ks7010_upload_firmware NeilBrown <neilb(a)suse.com> staging: lustre: ldlm: free resource when ldlm_lock_create() fails. James Simmons <jsimmons(a)infradead.org> staging: lustre: llite: correct removexattr detection Stefan Wahren <stefan.wahren(a)i2se.com> staging: vchiq_core: Fix missing semaphore release in error case Mario Limonciello <mario.limonciello(a)dell.com> platform/x86: dell-smbios: Match on www.dell.com in OEM strings too Tomasz Figa <tfiga(a)chromium.org> drm/rockchip: analogix_dp: Do not call Analogix code before bind Ondrej Mosnáček <omosnace(a)redhat.com> audit: allow not equal op for audit by executable Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> rsi: fix nommu_map_sg overflow kernel panic Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> rsi: Fix 'invalid vdd' warning in mmc Chris Novakovic <chris(a)chrisn.me.uk> ipconfig: Correctly initialise ic_nameservers Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Gustavo A. R. Silva <gustavo(a)embeddedor.com> qtnfmac: pearl: pcie: fix memory leak in qtnf_fw_work_handler Vinicius Costa Gomes <vinicius.gomes(a)intel.com> igb: Fix queue selection on MAC filters on i210 Charles Keepax <ckeepax(a)opensource.cirrus.com> ASoC: compress: Only call free for components which have been opened Enric Balletbo i Serra <enric.balletbo(a)collabora.com> arm64: defconfig: Enable Rockchip io-domain driver Fabio Estevam <fabio.estevam(a)nxp.com> ASoC: fsl_ssi: Use u32 variable type when using regmap_read() Wei Xu <wxu(a)cnexlabs.com> nvme: lightnvm: add granby support Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Apply interrupts mask per SoC Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Do not handle spurious interrupts Tamizh Chelvam <tamizhr(a)codeaurora.org> ath10k: fix kernel panic while reading tpc_stats Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> delayacct: Use raw_spinlocks Thomas Gleixner <tglx(a)linutronix.de> stop_machine: Use raw spinlocks Wolfram Sang <wsa+renesas(a)sang-engineering.com> backlight: pwm_bl: Don't use GPIOF_* with gpiod_get_direction Felix Fietkau <nbd(a)nbd.name> mt76: add rcu locking around tx scheduling Jacob Keller <jacob.e.keller(a)intel.com> i40e: avoid overflow in i40e_ptp_adjfreq() Jakub Pawlak <jakub.pawlak(a)intel.com> i40e: Add advertising 10G LR mode Kirill Tkhai <ktkhai(a)virtuozzo.com> fasync: Fix deadlock between task-context and interrupt-context kill_fasync() Yixun Lan <yixun.lan(a)amlogic.com> dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Huazhong Tan <tanhuazhong(a)huawei.com> net: hns3: Fixes the out of bounds access in hclge_map_tqp Alexey Khoroshilov <khoroshilov(a)ispras.ru> spi: meson-spicc: Fix error handling in meson_spicc_probe() Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Tobin C. Harding <me(a)tobin.cc> mmc: pwrseq: Use kmalloc_array instead of stack VLA Shawn Lin <shawn.lin(a)rock-chips.com> mmc: dw_mmc: update actual clock for mmc debugfs Takashi Sakamoto <o-takashi(a)sakamocchi.jp> ALSA: hda/ca0132: fix build failure when a local macro is defined Ido Schimmel <idosch(a)mellanox.com> mlxsw: spectrum_router: Return an error for non-default FIB rules Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: check cap_resource only for data blocks Kishon Vijay Abraham I <kishon(a)ti.com> mmc: sdhci-omap: Fix when capabilities are obtained from SDHCI_CAPABILITIES reg Satendra Singh Thakur <satendra.t(a)samsung.com> drm/atomic: Handling the case when setting old crtc for plane Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> mt76x2: fix avg_rssi estimation Mauro Carvalho Chehab <mchehab(a)kernel.org> media: siano: get rid of __le32/__le16 cast warnings Mauro Carvalho Chehab <mchehab(a)kernel.org> media: em28xx: fix a regression with HVR-950 Jaegeuk Kim <jaegeuk(a)kernel.org> f2fs: avoid fsync() failure caused by EAGAIN in writepage() Jakub Kicinski <jakub.kicinski(a)netronome.com> bpf: fix references to free_bpf_prog_info() in comments Changbin Du <changbin.du(a)intel.com> regulator: add dummy function of_find_regulator_by_node Bartlomiej Zolnierkiewicz <b.zolnierkie(a)samsung.com> thermal: exynos: fix setting rising_threshold for Exynos5433 Doug Oucharek <dougso(a)me.com> staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 Doug Oucahrek <dougso(a)me.com> staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Takashi Iwai <tiwai(a)suse.de> dma-direct: try reallocation with GFP_DMA32 if possible Chad Dupuis <chad.dupuis(a)cavium.com> scsi: qedf: Set the UNLOADING flag when removing a vport Viresh Kumar <viresh.kumar(a)linaro.org> soc/tegra: pmc: Don't allocate struct tegra_powergate on stack Xiang Chen <chenxiang66(a)hisilicon.com> scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw Dan Carpenter <dan.carpenter(a)oracle.com> scsi: megaraid: silence a static checker bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-xxxx: fix a missing-check bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-9xxx: fix a missing-check bug Christian Gromm <christian.gromm(a)microchip.com> staging: most: cdev: fix chrdev_region leak Ram Pai <linuxram(a)us.ibm.com> mm, powerpc, x86: define VM_PKEY_BITx bits if CONFIG_ARCH_HAS_PKEYS is enabled Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Always forward VF MAC address to the PF. Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. Antoine Tenart <antoine.tenart(a)bootlin.com> net: phy: sfp: handle cases where neither BR, min nor BR, max is given Thomas Richter <tmricht(a)linux.ibm.com> perf: fix invalid bit in diagnostic entry Thomas Richter <tmricht(a)linux.ibm.com> s390/cpum_sf: Add data entry sizes to sampling trailer entry Sean Lanigan <sean(a)lano.id.au> brcmfmac: Add support for bcm43364 wireless chipset Jane Wan <Jane.Wan(a)nokia.com> mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Brad Love <brad(a)nextdimension.cc> media: em28xx: Fix DualHD broken second tuner Jacopo Mondi <jacopo+renesas(a)jmondi.org> media: renesas-ceu: Set mbus_fmt on subdev operations Brad Love <brad(a)nextdimension.cc> media: saa7164: Fix driver name in debug output Sami Tolvanen <samitolvanen(a)google.com> media: media-device: fix ioctl function types Hans de Goede <hdegoede(a)redhat.com> ACPI / LPSS: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is 2 Damien Le Moal <damien.lemoal(a)wdc.com> libata: Fix command retry decision Wei Yongjun <yongjun_wei(a)trendmicro.com.cn> media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Florian Fainelli <f.fainelli(a)gmail.com> net: phy: phylink: Release link GPIO Marc Zyngier <marc.zyngier(a)arm.com> dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA DaeRyong Jeong <threeearcat(a)gmail.com> tty: Fix data race in tty_insert_flip_string_fixed_flag Jacob Keller <jacob.e.keller(a)intel.com> i40e: free the skb after clearing the bitlock Rob Herring <robh(a)kernel.org> ARM: dts: imx53: Fix LDB OF graph warning Mathieu Malaterre <malat(a)debian.org> nvmem: properly handle returned value nvmem_reg_read Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: dts: emev2: Add missing interrupt-affinity to PMU node Patrice Chotard <patrice.chotard(a)st.com> ARM: dts: stih407-pinctrl: Fix complain about IRQ_TYPE_NONE usage Patrice Chotard <patrice.chotard(a)st.com> ARM: dts: stih410: Fix complain about IRQ_TYPE_NONE usage Sanjay Kumar Konduri <sanjay.konduri(a)redpinesignals.com> rsi: Add null check for virtual interfaces in wowlan config Thor Thayer <thor.thayer(a)linux.intel.com> EDAC, altera: Fix ARM64 build warning Dmitry Torokhov <dtor(a)chromium.org> HID: i2c-hid: check if device is there before really probing Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet Ben Hutchings <ben(a)decadent.org.uk> IB: Fix RDMA_RXE and INFINIBAND_RDMAVT dependencies for DMA_VIRT_OPS Leo (Sunpeng) Li <sunpeng.li(a)amd.com> drm/amd/display: Fix dim display on DCE11 Samuel Li <Samuel.Li(a)amd.com> drm/amdgpu: Remove VRAM from shared bo domains. Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/radeon: fix mode_valid's return type Shirish S <shirish.s(a)amd.com> drm/amd/display: remove need of modeset flag for overlay planes (V2) Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> arm64: dts: renesas: salvator-common: use audio-graph-card for Sound Terry Junge <terry.junge(a)plantronics.com> HID: hid-plantronics: Re-resend Update to map button for PTT products Will Deacon <will.deacon(a)arm.com> arm64: cmpwait: Clear event register before arming exclusive monitor Mauro Carvalho Chehab <mchehab(a)kernel.org> media: staging: atomisp: Comment out several unused sensor resolutions Mauro Carvalho Chehab <mchehab(a)kernel.org> media: atomisp: ov2680: don't declare unused vars Yunsheng Lin <linyunsheng(a)huawei.com> net: hns3: Fix for fiber link up problem Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Grygorii Strashko <grygorii.strashko(a)ti.com> net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Mathieu Malaterre <malat(a)debian.org> clocksource: Move inline keyword to the beginning of function declarations Oza Pawandeep <poza(a)codeaurora.org> PCI/DPC: Clear interrupt status in interrupt handler top half Colin Ian King <colin.king(a)canonical.com> media: smiapp: fix timeout checking in smiapp_read_nvm Thierry Reding <treding(a)nvidia.com> gpu: host1x: Acquire a reference to the IOVA cache Emil Tantilov <emil.s.tantilov(a)intel.com> ixgbevf: fix MAC address changes through ixgbevf_set_mac() Yufen Yu <yuyufen(a)huawei.com> md: fix NULL dereference of mddev->pers in remove_and_add_spares() Gioh Kim <gi-oh.kim(a)profitbricks.com> md/raid1: add error handling of read error from FailFast device Anson Huang <Anson.Huang(a)nxp.com> regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Takashi Iwai <tiwai(a)suse.de> ALSA: emu10k1: Rate-limit error messages about page errors Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: tps65910: fix possible race condition Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: vr41xx: fix possible race condition Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: tps6586x: fix possible race condition Vic Wei <vwei(a)codeaurora.org> Bluetooth: btusb: add ID for LiteOn 04ca:301a Ben Skeggs <bskeggs(a)redhat.com> drm/nouveau/fifo/gk104-: poll for runlist update completion Ben Skeggs <bskeggs(a)redhat.com> drm/nouveau/gem: lookup VMAs for buffers referenced by pushbuf ioctl Ben Skeggs <bskeggs(a)redhat.com> drm/nouveau: remove fence wait code from deferred client work handler Jens Remus <jremus(a)linux.ibm.com> scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger Maya Erez <merez(a)codeaurora.org> scsi: ufs: fix exception event handling Subhash Jadavani <subhashj(a)codeaurora.org> scsi: ufs: ufshcd: fix possible unclocked register access Maxime Chevallier <maxime.chevallier(a)bootlin.com> net: mvpp2: Add missing VLAN tag detection Eric Biggers <ebiggers(a)google.com> fscrypt: use unbound workqueue for decryption Xi Wang <wangxi11(a)huawei.com> net: hns3: Fix for hns3 module is loaded multiple times problem Xi Wang <wangxi11(a)huawei.com> net: hns3: Fix the missing client list node initialization Yunsheng Lin <linyunsheng(a)huawei.com> net: hns3: Fix for CMDQ and Misc. interrupt init order problem Tony Lindgren <tony(a)atomide.com> spi: Add missing pm_runtime_put_noidle() after failed get Mark Rutland <mark.rutland(a)arm.com> drivers/perf: arm-ccn: don't log to dmesg in event_init Wolfram Sang <wsa+renesas(a)sang-engineering.com> watchdog: renesas-wdt: Add support for the R8A77965 WDT Mimi Zohar <zohar(a)linux.vnet.ibm.com> ima: based on policy verify firmware signatures (pre-allocated buffer) Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> mt76x2: apply coverage class on slot time too Xinming Hu <huxm(a)marvell.com> mwifiex: correct histogram data with appropriate index Michal Vokáč <vokac.m(a)gmail.com> net: dsa: qca8k: Add support for QCA8334 switch Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: pciehp: Request control of native hotplug only if supported Sandipan Das <sandipan(a)linux.vnet.ibm.com> bpf: powerpc64: pad function address loads with NOPs Sandipan Das <sandipan(a)linux.vnet.ibm.com> bpf: fix multi-function JITed dump obtained via syscall Christian Lamparter <chunkeey(a)gmail.com> pinctrl: msm: fix gpio-hog related boot issues Julia Lawall <Julia.Lawall(a)lip6.fr> pinctrl: at91-pio4: add missing of_node_put Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/8xx: fix invalid register expression in head_8xx.S Geert Uytterhoeven <geert+renesas(a)glider.be> spi: sh-msiof: Fix setting SIRMDR1.SYNCAC to match SITMDR1.SYNCAC Dan Carpenter <dan.carpenter(a)oracle.com> KVM: x86: prevent integer overflows in KVM_MEMORY_ENCRYPT_REG_REGION Mathieu Malaterre <malat(a)debian.org> powerpc: Add __printf verification to prom_printf Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Mark variable x as unused Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Add missing prototype for note_bootable_part() Mathieu Malaterre <malat(a)debian.org> powerpc/chrp/time: Make some functions static, add missing header include Mathieu Malaterre <malat(a)debian.org> powerpc/32: Add a missing include header Patrick Bellasi <patrick.bellasi(a)arm.com> sched/cpufreq: Modify aggregate utilization to always include blocked FAIR utilization Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bahamas Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bermuda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Serbia Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Tanzania Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Uganda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL2_FCCA Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL13_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for ETSI8_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for FCC3_ETSIC Keith Busch <keith.busch(a)intel.com> nvme-pci: Fix AER reset handling Jianchao Wang <jianchao.w.wang(a)oracle.com> nvme-rdma: stop admin queue before freeing it Alex Elder <elder(a)linaro.org> soc: qcom: smem: byte swap values properly Alex Elder <elder(a)linaro.org> soc: qcom: smem: fix qcom_smem_set_global_partition() Alex Elder <elder(a)linaro.org> soc: qcom: qmi: fix a buffer sizing bug Christoph Hellwig <hch(a)lst.de> PCI: Prevent sysfs disable of device while driver is attached Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> PM / wakeup: Make s2idle_lock a RAW_SPINLOCK Scott Wood <swood(a)redhat.com> x86/microcode: Make the late update update_lock a raw lock for RT Qu Wenruo <wqu(a)suse.com> btrfs: qgroup: Finish rescan when hit the last leaf of extent tree David Sterba <dsterba(a)suse.com> btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Omar Sandoval <osandov(a)fb.com> Btrfs: don't BUG_ON() in btrfs_truncate_inode_items() Omar Sandoval <osandov(a)fb.com> Btrfs: don't return ino to ino cache if inode item removal fails Hans Verkuil <hans.verkuil(a)cisco.com> media: videobuf2-core: don't call memop 'finish' when queueing Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> media: cec-pin-error-inj: avoid a false-positive Spectre detection Ezequiel Garcia <ezequiel(a)collabora.com> media: tw686x: Fix incorrect vb2_mem_ops GFP flags Fuyun Liang <liangfuyun1(a)huawei.com> net: hns3: Fixes the init of the VALID BD info in the descriptor Lijun Ou <oulijun(a)huawei.com> net: hns3: Fixes initalization of RoCE handle and makes it conditional Eyal Reizer <eyalreizer(a)gmail.com> wlcore: sdio: check for valid platform device data before suspend Ganapathi Bhat <gbhat(a)marvell.com> mwifiex: handle race during mwifiex_usb_disconnect Vincent Palatin <vpalatin(a)chromium.org> mfd: cros_ec: Fail early if we cannot identify the EC Kai Chieh Chuang <kaichieh.chuang(a)mediatek.com> ASoC: dpcm: fix BE dai not hw_free and shutdown Jian-Hong Pan <jian-hong(a)endlessm.com> Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Arnd Bergmann <arnd(a)arndb.de> drivers/bus: arm-cci: fix build warnings Mikita Lipski <mikita.lipski(a)amd.com> drm/amd/display: Do not program interrupt status on disabled crtc Thierry Escande <thierry.escande(a)linaro.org> Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Gregory Greenman <gregory.greenman(a)intel.com> iwlwifi: mvm: open BA session only when sta is authorized Shaul Triebitz <shaul.triebitz(a)intel.com> iwlwifi: pcie: fix race in Rx buffer allocator Ethan Lien <ethanlien(a)synology.com> btrfs: balance dirty metadata pages in btrfs_finish_ordered_io Jan Kiszka <jan.kiszka(a)siemens.com> PCI: Fix devm_pci_alloc_host_bridge() memory leak Sergey Matyukevich <sergey.matyukevich.os(a)quantenna.com> qtnfmac: fix invalid STA state on EAPOL failure Anders Roxell <anders.roxell(a)linaro.org> selftests/filesystems: devpts_pts included wrong header Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: filesystems: return Kselftest Skip code for skipped tests Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: intel_pstate: return Kselftest Skip code for skipped tests Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: kvm: return Kselftest Skip code for skipped tests Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: memfd: return Kselftest Skip code for skipped tests Daniel Díaz <daniel.diaz(a)linaro.org> selftests/intel_pstate: Improve test, minor fixes Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check for NHM Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check in generic code Michael Grzeschik <m.grzeschik(a)pengutronix.de> usbip: dynamically allocate idev by nports found in sysfs Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_detach: Fix memory, udev context and udev leak Filippo Muzzini <filippo.muzzini(a)outlook.it> block, bfq: remove wrong lock in bfq_requests_merged Chao Yu <yuchao0(a)huawei.com> f2fs: fix race in between GC and atomic open Chao Yu <yuchao0(a)huawei.com> f2fs: fix to detect failure of dquot_initialize Yunlei He <heyunlei(a)huawei.com> f2fs: fix missing clear FI_NO_PREALLOC in some error case Sahitya Tummala <stummala(a)codeaurora.org> f2fs: Fix deadlock in shutdown ioctl Chao Yu <yuchao0(a)huawei.com> f2fs: fix to wait page writeback during revoking atomic write Chao Yu <yuchao0(a)huawei.com> f2fs: fix to don't trigger writeback during recovery Chao Yu <yuchao0(a)huawei.com> f2fs: don't drop dentry pages after fs shutdown Chao Yu <yuchao0(a)huawei.com> f2fs: fix error path of move_data_page Anatoly Pugachev <matorola(a)gmail.com> disable loading f2fs module on PAGE_SIZE > 4KB Trond Myklebust <trond.myklebust(a)hammerspace.com> NFS: Fix up nfs_post_op_update_inode() to force ctime updates Trond Myklebust <trond.myklebust(a)hammerspace.com> pnfs: Don't release the sequence slot until we've processed layoutget on open Alexey Kodanev <alexey.kodanev(a)oracle.com> netfilter: nf_tables: check msg_type before nft_trans_set(trans) Javier González <javier(a)cnexlabs.com> lightnvm: pblk: warn in case of corrupted write buffer Igor Konopko <igor.j.konopko(a)intel.com> lightnvm: proper error handling for pblk_bio_add_pages Igor Konopko <igor.j.konopko(a)intel.com> lightnvm: fix partial read error path Leon Romanovsky <leon(a)kernel.org> RDMA/mad: Convert BUG_ONs to error flows Yunsheng Lin <linyunsheng(a)huawei.com> net: hns3: Fix for service_task not running problem after resetting Yunsheng Lin <linyunsheng(a)huawei.com> net: hns3: Fix for phy not link up problem after resetting Paul Cercueil <paul(a)crapouillou.net> clk: ingenic: jz4770: Modify C1CLK clock to disable CPU clock stop on idle Mike Looijmans <mike.looijmans(a)topic.nl> clk-si544: Properly round requested frequency to nearest match Nicholas Piggin <npiggin(a)gmail.com> powerpc/64s: Fix compiler store ordering to SLB shadow area Stewart Smith <stewart(a)linux.ibm.com> hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Sam Bobroff <sbobroff(a)linux.ibm.com> powerpc/eeh: Fix use-after-release of EEH driver Michal Suchanek <msuchanek(a)suse.de> powerpc/64s: Add barrier_nospec Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/lib: Adjust .balign inside string functions for PPC32 Cong Wang <xiyou.wangcong(a)gmail.com> infiniband: fix a possible use-after-free bug Benjamin Poirier <bpoirier(a)suse.com> e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes Luis Henriques <lhenriques(a)suse.com> ceph: fix use-after-free in ceph_statfs() Chengguang Xu <cgxu519(a)gmx.com> ceph: fix alignment of rasize Wang YanQing <udknight(a)gmail.com> bpf, arm32: fix inconsistent naming about emit_a32_lsr_{r64,i64} Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> printk: drop in_nmi check from printk_safe_flush_on_panic() Jacopo Mondi <jacopo+renesas(a)jmondi.org> media: arch: sh: migor: Fix TW9910 PDN gpio Marco Felsch <m.felsch(a)pengutronix.de> watchdog: da9063: Fix updating timeout value Laurentiu Tudor <laurentiu.tudor(a)nxp.com> irqchip/ls-scfg-msi: Map MSIs in the iommu Jozsef Kadlecsik <kadlec(a)blackhole.kfki.hu> netfilter: ipset: List timing out entries with "timeout 1" instead of zero Florent Fourcot <florent.fourcot(a)wifirst.fr> netfilter: ipset: forbid family for hash:mac sets Jiri Olsa <jolsa(a)kernel.org> perf tools: Fix pmu events parsing rule Xi Wang <wangxi11(a)huawei.com> net: hns3: Fix for VF mailbox cannot receiving PF response David Howells <dhowells(a)redhat.com> rxrpc: Fix terminal retransmission connection ID to include the channel Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: ensure rtc_set_alarm fails when alarms are not supported Mathieu Malaterre <malat(a)debian.org> mm/slub.c: add __printf verification to slab_err() Chintan Pandya <cpandya(a)codeaurora.org> mm: vmalloc: avoid racy handling of debugobjects in vunmap Huang Ying <ying.huang(a)intel.com> mm: /proc/pid/pagemap: hide swap entries from unprivileged users Aaron Lu <aaron.lu(a)intel.com> mem_cgroup: make sure moving_account, move_lock_task and stat_cpu in the same cacheline Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> kernel/hung_task.c: show all hung tasks before panic Alex Williamson <alex.williamson(a)redhat.com> vfio/type1: Fix task tracking for QEMU vCPU hotplug Alex Williamson <alex.williamson(a)redhat.com> vfio/mdev: Check globally for duplicate devices Geert Uytterhoeven <geert+renesas(a)glider.be> vfio: platform: Fix reset module leak in error path Scott Mayhew <smayhew(a)redhat.com> nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Andrew Elble <aweits(a)rit.edu> nfsd: fix error handling in nfs4_set_delegation() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: fm801: add error handling for snd_ctl_add Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: emu10k1: add error handling for snd_ctl_add Alexander Duyck <alexander.h.duyck(a)intel.com> ixgbe: Fix setting of TC configuration for macvlan case Olga Kornievskaia <olga.kornievskaia(a)gmail.com> skip LAYOUTRETURN if layout is invalid Stephen Hemminger <stephen(a)networkplumber.org> hv_netvsc: fix network namespace issues with VF support Juergen Gross <jgross(a)suse.com> xen/netfront: raise max number of slots in xennet_get_responses() Kenneth Feng <kenneth.feng(a)amd.com> drm/amd/powerplay: Set higher SCLK&MCLK frequency than dpm7 in OD (v2) Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> mm: check for SIGKILL inside dup_mmap() loop Mark Rutland <mark.rutland(a)arm.com> kcov: ensure irq code sees a valid area Petr Machata <petrm(a)mellanox.com> mlxsw: spectrum_switchdev: Fix port_vlan refcounting Clint Taylor <clinton.a.taylor(a)intel.com> drm/i915/glk: Add Quirk for GLK NUC HDMI port issues. Johannes Weiner <hannes(a)cmpxchg.org> arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Quiet gcc warning about maybe unused link variable Artem Savkov <asavkov(a)redhat.com> tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Snild Dolkow <snild(a)sony.com> kthread, tracing: Don't expose half-written comm when creating kthreads Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix possible double free in event_enable_trigger_func() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix double free of event_trigger_data Tejun Heo <tj(a)kernel.org> delayacct: fix crash in delayacct_blkio_end() after delayacct init failure Shakeel Butt <shakeelb(a)google.com> kvm, mm: account shadow page tables to kmemcg Dave Jiang <dave.jiang(a)intel.com> mm: disallow mappings that conflict for devm_memremap_pages() KT Liao <kt.liao(a)emc.com.tw> Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Chen-Yu Tsai <wens(a)csie.org> Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Donald Shanty III <dshanty(a)protonmail.com> Input: elan_i2c - add ACPI ID for lenovo ideapad 330 Marek Szyprowski <m.szyprowski(a)samsung.com> spi: spi-s3c64xx: Fix system resume support ------------- Diffstat: .../devicetree/bindings/net/dsa/qca8k.txt | 23 +++- .../devicetree/bindings/net/meson-dwmac.txt | 1 + .../devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 + .../devicetree/bindings/watchdog/renesas-wdt.txt | 1 + Documentation/vfio-mediated-device.txt | 5 + Makefile | 4 +- arch/arm/boot/dts/emev2.dtsi | 5 +- arch/arm/boot/dts/imx53-ppd.dts | 2 - arch/arm/boot/dts/imx53.dtsi | 8 ++ arch/arm/boot/dts/imx6qdl-wandboard-revb1.dtsi | 1 - arch/arm/boot/dts/imx6qdl-wandboard-revc1.dtsi | 1 - arch/arm/boot/dts/imx6qdl-wandboard-revd1.dtsi | 1 - arch/arm/boot/dts/imx6qdl-wandboard.dtsi | 8 ++ arch/arm/boot/dts/sh73a0.dtsi | 5 +- arch/arm/boot/dts/stih407-pinctrl.dtsi | 10 +- arch/arm/boot/dts/stih410.dtsi | 18 +-- arch/arm/net/bpf_jit_32.c | 10 +- arch/arm64/boot/dts/renesas/salvator-common.dtsi | 38 +++--- arch/arm64/configs/defconfig | 2 + arch/arm64/include/asm/cmpxchg.h | 4 +- arch/arm64/mm/init.c | 4 +- arch/microblaze/boot/Makefile | 10 +- arch/powerpc/include/asm/barrier.h | 15 +++ arch/powerpc/include/asm/cache.h | 3 + arch/powerpc/include/asm/pkeys.h | 2 + arch/powerpc/kernel/eeh_driver.c | 28 +++-- arch/powerpc/kernel/head_8xx.S | 2 +- arch/powerpc/kernel/pci_32.c | 1 + arch/powerpc/kernel/prom_init.c | 114 +++++++++--------- arch/powerpc/lib/string.S | 7 +- arch/powerpc/mm/slb.c | 8 +- arch/powerpc/net/bpf_jit_comp64.c | 34 ++++-- arch/powerpc/platforms/chrp/time.c | 6 +- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 + arch/powerpc/platforms/powermac/bootx_init.c | 4 +- arch/powerpc/platforms/powermac/setup.c | 1 + arch/s390/include/asm/cpu_mf.h | 6 +- arch/sh/boards/mach-migor/setup.c | 2 +- arch/x86/events/intel/uncore.c | 2 +- arch/x86/events/intel/uncore_nhmex.c | 2 +- arch/x86/kernel/cpu/microcode/core.c | 6 +- arch/x86/kvm/mmu.c | 2 +- arch/x86/kvm/svm.c | 8 +- block/bfq-iosched.c | 2 - block/bio.c | 19 ++- crypto/authenc.c | 1 + crypto/authencesn.c | 1 + drivers/acpi/acpi_lpss.c | 32 +++-- drivers/acpi/acpica/psloop.c | 19 +-- drivers/acpi/pci_root.c | 4 +- drivers/ata/libata-eh.c | 12 +- drivers/bluetooth/btusb.c | 4 + drivers/bluetooth/hci_qca.c | 2 +- drivers/char/random.c | 10 +- drivers/clk/clk-si544.c | 1 + drivers/clk/ingenic/jz4770-cgu.c | 3 +- drivers/edac/altera_edac.c | 2 +- drivers/gpio/gpio-uniphier.c | 6 +- drivers/gpio/gpiolib-of.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_mn.c | 17 +-- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 8 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 8 +- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_irq.c | 3 + .../amd/display/dc/dce110/dce110_hw_sequencer.c | 4 +- drivers/gpu/drm/amd/powerplay/hwmgr/smu7_hwmgr.c | 7 +- drivers/gpu/drm/drm_atomic.c | 4 +- drivers/gpu/drm/drm_atomic_helper.c | 78 ++++++------ drivers/gpu/drm/drm_dp_mst_topology.c | 9 +- drivers/gpu/drm/gma500/psb_intel_drv.h | 2 +- drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 +- drivers/gpu/drm/i915/i915_drv.h | 1 + drivers/gpu/drm/i915/intel_ddi.c | 13 +- drivers/gpu/drm/i915/intel_display.c | 21 +++- drivers/gpu/drm/i915/intel_drv.h | 3 +- drivers/gpu/drm/nouveau/nouveau_dma.c | 10 +- drivers/gpu/drm/nouveau/nouveau_dma.h | 5 +- drivers/gpu/drm/nouveau/nouveau_drm.c | 30 +++-- drivers/gpu/drm/nouveau/nouveau_gem.c | 19 ++- drivers/gpu/drm/nouveau/nvkm/engine/fifo/gk104.c | 8 +- drivers/gpu/drm/radeon/radeon_connectors.c | 10 +- drivers/gpu/drm/rockchip/analogix_dp-rockchip.c | 9 ++ drivers/gpu/drm/stm/ltdc.c | 3 - drivers/gpu/host1x/dev.c | 11 +- drivers/hid/hid-plantronics.c | 6 +- drivers/hid/i2c-hid/i2c-hid.c | 8 ++ drivers/i2c/busses/i2c-rcar.c | 54 ++++++++- drivers/infiniband/core/mad.c | 11 +- drivers/infiniband/core/ucma.c | 6 +- drivers/infiniband/core/uverbs_cmd.c | 5 + drivers/infiniband/sw/rdmavt/Kconfig | 2 +- drivers/infiniband/sw/rxe/Kconfig | 1 + drivers/input/mouse/elan_i2c_core.c | 2 + drivers/input/serio/i8042-x86ia64io.h | 7 ++ drivers/irqchip/irq-ls-scfg-msi.c | 3 + drivers/lightnvm/pblk-core.c | 6 +- drivers/lightnvm/pblk-rb.c | 5 +- drivers/lightnvm/pblk-read.c | 8 +- drivers/md/md.c | 3 + drivers/md/raid1.c | 2 + drivers/media/cec/cec-pin-error-inj.c | 33 ++--- drivers/media/common/siano/smsendian.c | 14 +-- drivers/media/common/videobuf2/videobuf2-core.c | 9 +- drivers/media/i2c/smiapp/smiapp-core.c | 11 +- drivers/media/media-device.c | 21 ++-- drivers/media/pci/saa7164/saa7164-fw.c | 3 +- drivers/media/pci/tw686x/tw686x-video.c | 3 +- drivers/media/platform/omap3isp/isp.c | 7 +- drivers/media/platform/rcar_jpu.c | 4 +- drivers/media/platform/renesas-ceu.c | 20 ++- drivers/media/radio/si470x/radio-si470x-i2c.c | 6 +- drivers/media/rc/ir-mce_kbd-decoder.c | 12 +- drivers/media/usb/em28xx/em28xx-dvb.c | 4 +- drivers/memory/tegra/mc.c | 22 +--- drivers/memory/tegra/mc.h | 9 ++ drivers/memory/tegra/tegra114.c | 2 + drivers/memory/tegra/tegra124.c | 6 + drivers/memory/tegra/tegra210.c | 3 + drivers/memory/tegra/tegra30.c | 2 + drivers/mfd/cros_ec.c | 6 +- drivers/mmc/core/pwrseq_simple.c | 14 ++- drivers/mmc/host/dw_mmc.c | 4 + drivers/mmc/host/sdhci-omap.c | 17 ++- drivers/mtd/nand/raw/fsl_ifc_nand.c | 17 +-- drivers/net/dsa/qca8k.c | 52 +++++++- drivers/net/dsa/qca8k.h | 7 +- drivers/net/ethernet/amazon/ena/ena_com.c | 1 + drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 4 +- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 5 +- drivers/net/ethernet/broadcom/bnxt/bnxt_sriov.c | 3 +- drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 2 + drivers/net/ethernet/hisilicon/hns3/hnae3.c | 1 + drivers/net/ethernet/hisilicon/hns3/hnae3.h | 2 + drivers/net/ethernet/hisilicon/hns3/hns3_enet.c | 5 + drivers/net/ethernet/hisilicon/hns3/hns3_enet.h | 2 + .../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 17 +-- .../ethernet/hisilicon/hns3/hns3pf/hclge_main.h | 2 +- .../ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 28 +++-- .../ethernet/hisilicon/hns3/hns3vf/hclgevf_main.h | 2 +- drivers/net/ethernet/intel/e1000e/netdev.c | 15 +-- drivers/net/ethernet/intel/i40e/i40e.h | 2 +- drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 4 +- drivers/net/ethernet/intel/i40e/i40e_ptp.c | 48 +++++--- drivers/net/ethernet/intel/igb/igb_main.c | 9 +- drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c | 8 ++ drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 8 -- drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 + drivers/net/ethernet/marvell/mvpp2.c | 3 + .../net/ethernet/mellanox/mlxsw/spectrum_router.c | 14 +-- .../ethernet/mellanox/mlxsw/spectrum_switchdev.c | 4 +- drivers/net/ethernet/socionext/netsec.c | 23 ++-- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 +- drivers/net/hyperv/hyperv_net.h | 2 + drivers/net/hyperv/netvsc_drv.c | 43 +++---- drivers/net/netdevsim/devlink.c | 1 + drivers/net/phy/mdio-mux-bcm-iproc.c | 2 +- drivers/net/phy/phylink.c | 2 + drivers/net/phy/sfp-bus.c | 7 ++ drivers/net/usb/lan78xx.c | 2 + drivers/net/virtio_net.c | 41 ++++--- drivers/net/wireless/ath/ath10k/core.c | 134 +++++++++++---------- drivers/net/wireless/ath/ath10k/debug.c | 8 +- drivers/net/wireless/ath/ath10k/wmi.c | 6 + drivers/net/wireless/ath/ath10k/wmi.h | 2 +- drivers/net/wireless/ath/regd.h | 5 + drivers/net/wireless/ath/regd_common.h | 13 ++ .../wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 + drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 8 +- drivers/net/wireless/intel/iwlwifi/mvm/rs.c | 38 +++--- drivers/net/wireless/intel/iwlwifi/mvm/rs.h | 7 +- drivers/net/wireless/intel/iwlwifi/mvm/sta.c | 2 +- drivers/net/wireless/intel/iwlwifi/mvm/sta.h | 10 +- drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 + drivers/net/wireless/marvell/mwifiex/usb.c | 3 + drivers/net/wireless/marvell/mwifiex/util.c | 8 +- drivers/net/wireless/mediatek/mt76/mt76x2_init.c | 3 + drivers/net/wireless/mediatek/mt76/mt76x2_main.c | 3 +- drivers/net/wireless/mediatek/mt76/mt76x2_phy.c | 6 +- drivers/net/wireless/mediatek/mt76/tx.c | 2 + drivers/net/wireless/quantenna/qtnfmac/cfg80211.c | 21 ++-- drivers/net/wireless/quantenna/qtnfmac/event.c | 8 +- .../net/wireless/quantenna/qtnfmac/pearl/pcie.c | 4 + drivers/net/wireless/rsi/rsi_91x_hal.c | 35 +++--- drivers/net/wireless/rsi/rsi_91x_mac80211.c | 7 +- drivers/net/wireless/rsi/rsi_91x_sdio.c | 23 ++-- drivers/net/wireless/rsi/rsi_sdio.h | 2 +- drivers/net/wireless/ti/wlcore/sdio.c | 5 + drivers/net/xen-netfront.c | 10 +- drivers/nvme/host/pci.c | 16 ++- drivers/nvme/host/rdma.c | 10 +- drivers/nvme/target/fc.c | 44 +++++-- drivers/nvmem/core.c | 7 ++ drivers/pci/pci-sysfs.c | 15 ++- drivers/pci/pcie/aspm.c | 9 ++ drivers/pci/pcie/dpc.c | 5 +- drivers/pci/probe.c | 4 +- drivers/perf/arm-cci.c | 6 +- drivers/perf/arm-ccn.c | 20 +-- drivers/pinctrl/pinctrl-at91-pio4.c | 4 +- drivers/pinctrl/qcom/pinctrl-msm.c | 23 +++- drivers/platform/x86/dell-smbios-base.c | 5 +- drivers/regulator/cpcap-regulator.c | 2 +- drivers/regulator/internal.h | 9 +- drivers/regulator/of_regulator.c | 13 +- drivers/regulator/pfuze100-regulator.c | 1 + drivers/regulator/twl-regulator.c | 2 +- drivers/rtc/interface.c | 5 + drivers/rtc/rtc-tps6586x.c | 14 ++- drivers/rtc/rtc-tps65910.c | 12 +- drivers/rtc/rtc-vr41xx.c | 9 +- drivers/s390/scsi/zfcp_dbf.c | 2 + drivers/scsi/3w-9xxx.c | 5 + drivers/scsi/3w-xxxx.c | 3 + drivers/scsi/cxlflash/main.c | 11 +- drivers/scsi/cxlflash/sislite.h | 1 + drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 11 +- drivers/scsi/megaraid.c | 3 + drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 + drivers/scsi/qedf/qedf_main.c | 10 ++ drivers/scsi/scsi_dh.c | 5 +- drivers/scsi/ufs/ufshcd.c | 28 ++++- drivers/soc/imx/gpcv2.c | 22 ++-- drivers/soc/qcom/qmi_interface.c | 5 +- drivers/soc/qcom/smem.c | 27 +++-- drivers/soc/tegra/pmc.c | 20 +-- drivers/spi/spi-meson-spicc.c | 11 +- drivers/spi/spi-s3c64xx.c | 4 +- drivers/spi/spi-sh-msiof.c | 6 +- drivers/spi/spi.c | 1 + drivers/staging/ks7010/ks7010_sdio.c | 3 + .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd.c | 2 +- .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 30 ++--- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 +- drivers/staging/lustre/lustre/llite/xattr.c | 6 +- drivers/staging/media/atomisp/i2c/atomisp-ov2680.c | 6 +- drivers/staging/media/atomisp/i2c/gc2235.h | 9 +- drivers/staging/media/atomisp/i2c/ov2680.h | 5 +- drivers/staging/media/atomisp/i2c/ov2722.h | 6 + drivers/staging/media/atomisp/i2c/ov5693/ov5693.h | 18 ++- .../atomisp/pci/atomisp2/atomisp_compat_ioctl32.c | 49 ++++---- drivers/staging/most/cdev/cdev.c | 6 +- .../vc04_services/interface/vchiq_arm/vchiq_core.c | 1 + drivers/thermal/samsung/exynos_tmu.c | 1 + drivers/tty/hvc/hvc_opal.c | 1 - drivers/tty/pty.c | 3 + drivers/usb/core/hub.c | 4 + drivers/vfio/mdev/mdev_core.c | 102 ++++++---------- drivers/vfio/mdev/mdev_private.h | 2 +- drivers/vfio/platform/vfio_platform_common.c | 15 ++- drivers/vfio/vfio_iommu_type1.c | 73 +++++++---- drivers/video/backlight/pwm_bl.c | 6 +- drivers/watchdog/da9063_wdt.c | 17 ++- fs/block_dev.c | 9 +- fs/btrfs/inode.c | 33 +++-- fs/btrfs/qgroup.c | 19 +++ fs/btrfs/tree-log.c | 10 +- fs/ceph/super.c | 13 +- fs/crypto/crypto.c | 11 +- fs/ext4/balloc.c | 3 + fs/ext4/ialloc.c | 8 +- fs/ext4/inline.c | 19 +-- fs/ext4/inode.c | 16 ++- fs/ext4/super.c | 13 +- fs/f2fs/data.c | 14 ++- fs/f2fs/f2fs.h | 8 +- fs/f2fs/file.c | 20 ++- fs/f2fs/gc.c | 11 +- fs/f2fs/segment.c | 5 + fs/f2fs/super.c | 6 + fs/fcntl.c | 15 ++- fs/nfs/inode.c | 3 +- fs/nfs/nfs4proc.c | 14 ++- fs/nfs/pnfs.c | 6 +- fs/nfsd/nfs4state.c | 5 +- fs/nfsd/nfs4xdr.c | 2 + fs/proc/task_mmu.c | 30 +++-- fs/squashfs/cache.c | 3 + fs/squashfs/file.c | 8 +- fs/squashfs/fragment.c | 4 +- fs/squashfs/squashfs_fs.h | 6 + include/drm/drm_dp_helper.h | 1 + include/linux/delayacct.h | 4 +- include/linux/dma-iommu.h | 1 + include/linux/fs.h | 2 +- include/linux/memcontrol.h | 23 +++- include/linux/mm.h | 9 +- include/linux/mmc/sdio_ids.h | 1 + include/linux/netfilter/ipset/ip_set_timeout.h | 10 +- include/linux/regulator/consumer.h | 1 + include/linux/serial_core.h | 3 +- include/net/tcp.h | 2 +- include/soc/tegra/mc.h | 2 + include/uapi/sound/asoc.h | 23 +++- ipc/msg.c | 6 +- ipc/sem.c | 6 +- kernel/auditfilter.c | 2 +- kernel/auditsc.c | 2 + kernel/bpf/syscall.c | 37 +++++- kernel/bpf/verifier.c | 4 +- kernel/delayacct.c | 17 +-- kernel/fork.c | 8 ++ kernel/hung_task.c | 11 +- kernel/kcov.c | 3 +- kernel/kthread.c | 8 +- kernel/memremap.c | 18 ++- kernel/power/suspend.c | 14 +-- kernel/printk/printk_safe.c | 2 +- kernel/sched/cpufreq_schedutil.c | 17 ++- kernel/stop_machine.c | 24 ++-- kernel/time/clocksource.c | 4 +- kernel/trace/trace_events_trigger.c | 18 ++- kernel/trace/trace_kprobe.c | 15 ++- lib/dma-direct.c | 7 ++ mm/slub.c | 2 +- mm/vmalloc.c | 3 +- net/core/dev.c | 17 +-- net/ipv4/fib_frontend.c | 4 +- net/ipv4/ipconfig.c | 13 ++ net/ipv4/tcp_bbr.c | 4 + net/ipv4/tcp_dctcp.c | 4 +- net/ipv4/tcp_input.c | 57 +++++---- net/netfilter/ipset/ip_set_hash_gen.h | 5 +- net/netfilter/nf_tables_api.c | 11 +- net/netlink/af_netlink.c | 5 + net/rds/ib_frmr.c | 5 + net/rds/ib_mr.h | 3 +- net/rds/ib_rdma.c | 21 ++-- net/rds/rdma.c | 13 +- net/rds/rds.h | 5 +- net/rds/send.c | 12 +- net/rxrpc/conn_event.c | 2 +- security/integrity/ima/ima_main.c | 1 + sound/pci/emu10k1/emupcm.c | 4 +- sound/pci/emu10k1/memory.c | 6 +- sound/pci/fm801.c | 16 ++- sound/pci/hda/patch_ca0132.c | 8 +- sound/soc/fsl/fsl_ssi.c | 3 +- sound/soc/soc-compress.c | 52 ++++---- sound/soc/soc-pcm.c | 6 +- sound/soc/soc-topology.c | 19 ++- sound/usb/pcm.c | 2 +- tools/perf/util/parse-events.y | 14 ++- tools/testing/selftests/filesystems/Makefile | 1 + tools/testing/selftests/filesystems/devpts_pts.c | 13 +- tools/testing/selftests/intel_pstate/run.sh | 29 +++-- tools/testing/selftests/kvm/lib/assert.c | 9 +- tools/testing/selftests/kvm/vmx_tsc_adjust_test.c | 2 + tools/testing/selftests/memfd/run_tests.sh | 14 ++- tools/usb/usbip/libsrc/vhci_driver.c | 32 +++-- tools/usb/usbip/libsrc/vhci_driver.h | 3 +- tools/usb/usbip/src/usbip_detach.c | 9 +- 351 files changed, 2495 insertions(+), 1300 deletions(-)

7 years, 1 month

5
316
0 0

[PATCH] usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0

by Yoshihiro Shimoda

This patch fixes an issue that maxpacket size of ep0 is incorrect for SuperSpeed. Otherwise, CDC NCM class with SuperSpeed doesn't work correctly on this driver because its control read data size is more than 64 bytes. Reported-by: Junki Kato <junki.kato.xk(a)renesas.com> Fixes: 746bfe63bba3 ("usb: gadget: renesas_usb3: add support for Renesas USB3.0 peripheral controller") Cc: <stable(a)vger.kernel.org> # v4.5+ Signed-off-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> Tested-by: Junki Kato <junki.kato.xk(a)renesas.com> --- drivers/usb/gadget/udc/renesas_usb3.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/usb/gadget/udc/renesas_usb3.c b/drivers/usb/gadget/udc/renesas_usb3.c index 7cf98c7..5b5f1c8 100644 --- a/drivers/usb/gadget/udc/renesas_usb3.c +++ b/drivers/usb/gadget/udc/renesas_usb3.c @@ -787,12 +787,15 @@ static void usb3_irq_epc_int_1_speed(struct renesas_usb3 *usb3) switch (speed) { case USB_STA_SPEED_SS: usb3->gadget.speed = USB_SPEED_SUPER; + usb3->gadget.ep0->maxpacket = USB3_EP0_SS_MAX_PACKET_SIZE; break; case USB_STA_SPEED_HS: usb3->gadget.speed = USB_SPEED_HIGH; + usb3->gadget.ep0->maxpacket = USB3_EP0_HSFS_MAX_PACKET_SIZE; break; case USB_STA_SPEED_FS: usb3->gadget.speed = USB_SPEED_FULL; + usb3->gadget.ep0->maxpacket = USB3_EP0_HSFS_MAX_PACKET_SIZE; break; default: usb3->gadget.speed = USB_SPEED_UNKNOWN; @@ -2451,7 +2454,7 @@ static int renesas_usb3_init_ep(struct renesas_usb3 *usb3, struct device *dev, /* for control pipe */ usb3->gadget.ep0 = &usb3_ep->ep; usb_ep_set_maxpacket_limit(&usb3_ep->ep, - USB3_EP0_HSFS_MAX_PACKET_SIZE); + USB3_EP0_SS_MAX_PACKET_SIZE); usb3_ep->ep.caps.type_control = true; usb3_ep->ep.caps.dir_in = true; usb3_ep->ep.caps.dir_out = true; -- 1.9.1

7 years, 1 month

1
0
0 0

[patch 3/3] userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails

by akpm＠linux-foundation.org

From: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Subject: userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails The fix in 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") cleared the vma->vm_userfaultfd_ctx but kept userfaultfd flags in vma->vm_flags that were copied from the parent process VMA. As the result, there is an inconsistency between the values of vma->vm_userfaultfd_ctx.ctx and vma->vm_flags which triggers BUG_ON in userfaultfd_release(). Clearing the uffd flags from vma->vm_flags in case of UFFD_EVENT_FORK failure resolves the issue. Link: http://lkml.kernel.org/r/1532931975-25473-1-git-send-email-rppt@linux.vnet.… Fixes: 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") Signed-off-by: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Reported-by: syzbot+121be635a7a35ddb7dcb(a)syzkaller.appspotmail.com Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Eric Biggers <ebiggers3(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/userfaultfd.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/fs/userfaultfd.c~userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails +++ a/fs/userfaultfd.c @@ -633,8 +633,10 @@ static void userfaultfd_event_wait_compl /* the various vma->vm_userfaultfd_ctx still points to it */ down_write(&mm->mmap_sem); for (vma = mm->mmap; vma; vma = vma->vm_next) - if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) + if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) { vma->vm_userfaultfd_ctx = NULL_VM_UFFD_CTX; + vma->vm_flags &= ~(VM_UFFD_WP | VM_UFFD_MISSING); + } up_write(&mm->mmap_sem); userfaultfd_ctx_put(release_new_ctx); _

7 years, 1 month

1
0
0 0

[patch 2/3] ipc/shm.c add ->pagesize function to shm_vm_ops

by akpm＠linux-foundation.org

From: Jane Chu <jane.chu(a)oracle.com> Subject: ipc/shm.c add ->pagesize function to shm_vm_ops 05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") adds a new ->pagesize() function to hugetlb_vm_ops, intended to cover all hugetlbfs backed files. With System V shared memory model, if "huge page" is specified, the "shared memory" is backed by hugetlbfs files, but the mappings initiated via shmget/shmat have their original vm_ops overwritten with shm_vm_ops, so we need to add a ->pagesize function to shm_vm_ops. Otherwise, vma_kernel_pagesize() returns PAGE_SIZE given a hugetlbfs backed vma, result in below BUG: fs/hugetlbfs/inode.c 443 if (unlikely(page_mapped(page))) { 444 BUG_ON(truncate_op); [ 242.268342] hugetlbfs: oracle (4592): Using mlock ulimits for SHM_HUGETLB is deprecated [ 282.653208] ------------[ cut here ]------------ [ 282.708447] kernel BUG at fs/hugetlbfs/inode.c:444! [ 282.818957] Modules linked in: nfsv3 rpcsec_gss_krb5 nfsv4 ... [ 284.025873] CPU: 35 PID: 5583 Comm: oracle_5583_sbt Not tainted 4.14.35-1829.el7uek.x86_64 #2 [ 284.246609] task: ffff9bf0507aaf80 task.stack: ffffa9e625628000 [ 284.317455] RIP: 0010:remove_inode_hugepages+0x3db/0x3e2 .... [ 285.292389] Call Trace: [ 285.321630] hugetlbfs_evict_inode+0x1e/0x3e [ 285.372707] evict+0xdb/0x1af [ 285.408185] iput+0x1a2/0x1f7 [ 285.443661] dentry_unlink_inode+0xc6/0xf0 [ 285.492661] __dentry_kill+0xd8/0x18d [ 285.536459] dput+0x1b5/0x1ed [ 285.571939] __fput+0x18b/0x216 [ 285.609495] ____fput+0xe/0x10 [ 285.646030] task_work_run+0x90/0xa7 [ 285.688788] exit_to_usermode_loop+0xdd/0x116 [ 285.740905] do_syscall_64+0x187/0x1ae [ 285.785740] entry_SYSCALL_64_after_hwframe+0x150/0x0 [jane.chu(a)oracle.com: relocate comment] Link: http://lkml.kernel.org/r/20180731044831.26036-1-jane.chu@oracle.com Link: http://lkml.kernel.org/r/20180727211727.5020-1-jane.chu@oracle.com Fixes: 05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") Signed-off-by: Jane Chu <jane.chu(a)oracle.com> Suggested-by: Mike Kravetz <mike.kravetz(a)oracle.com> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Davidlohr Bueso <dave(a)stgolabs.net> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: Jan Kara <jack(a)suse.cz> Cc: Jérôme Glisse <jglisse(a)redhat.com> Cc: Manfred Spraul <manfred(a)colorfullife.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- ipc/shm.c | 12 ++++++++++++ mm/hugetlb.c | 7 +++++++ 2 files changed, 19 insertions(+) --- a/ipc/shm.c~ipc-shmc-add-pagesize-function-to-shm_vm_ops +++ a/ipc/shm.c @@ -427,6 +427,17 @@ static int shm_split(struct vm_area_stru return 0; } +static unsigned long shm_pagesize(struct vm_area_struct *vma) +{ + struct file *file = vma->vm_file; + struct shm_file_data *sfd = shm_file_data(file); + + if (sfd->vm_ops->pagesize) + return sfd->vm_ops->pagesize(vma); + + return PAGE_SIZE; +} + #ifdef CONFIG_NUMA static int shm_set_policy(struct vm_area_struct *vma, struct mempolicy *new) { @@ -554,6 +565,7 @@ static const struct vm_operations_struct .close = shm_close, /* callback for when the vm-area is released */ .fault = shm_fault, .split = shm_split, + .pagesize = shm_pagesize, #if defined(CONFIG_NUMA) .set_policy = shm_set_policy, .get_policy = shm_get_policy, --- a/mm/hugetlb.c~ipc-shmc-add-pagesize-function-to-shm_vm_ops +++ a/mm/hugetlb.c @@ -3167,6 +3167,13 @@ static vm_fault_t hugetlb_vm_op_fault(st return 0; } +/* + * When a new function is introduced to vm_operations_struct and added + * to hugetlb_vm_ops, please consider adding the function to shm_vm_ops. + * This is because under System V memory model, mappings created via + * shmget/shmat with "huge page" specified are backed by hugetlbfs files, + * their original vm_ops are overwritten with shm_vm_ops. + */ const struct vm_operations_struct hugetlb_vm_ops = { .fault = hugetlb_vm_op_fault, .open = hugetlb_vm_op_open, _

7 years, 1 month

1
0
0 0

+ zram-remove-bd_cap_synchronous_io-with-writeback-feature.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: zram: remove BD_CAP_SYNCHRONOUS_IO with writeback feature has been added to the -mm tree. Its filename is zram-remove-bd_cap_synchronous_io-with-writeback-feature.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/zram-remove-bd_cap_synchronous_io-… and later at http://ozlabs.org/~akpm/mmotm/broken-out/zram-remove-bd_cap_synchronous_io-… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Minchan Kim <minchan(a)kernel.org> Subject: zram: remove BD_CAP_SYNCHRONOUS_IO with writeback feature If zram supports writeback feature, it's no longer a BD_CAP_SYNCHRONOUS_IO device beause zram does synchronous IO operations for incompressible pages. Do not pretend to be synchronous IO device. It makes the system very sluggish due to waiting for IO completion from upper layers. Furthermore, it causes a user-after-free problem because swap thinks the opearion is done when the IO functions returns so it can free the page (e.g., lock_page_or_retry and goto out_release in do_swap_page) but in fact, IO is asynchrnous so the driver could access a just freed page afterward. This patch fixes the problem. BUG: Bad page state in process qemu-system-x86 pfn:3dfab21 page:ffffdfb137eac840 count:0 mapcount:0 mapping:0000000000000000 index:0x1 flags: 0x17fffc000000008(uptodate) raw: 017fffc000000008 dead000000000100 dead000000000200 0000000000000000 raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: PAGE_FLAGS_CHECK_AT_PREP flag set bad because of flags: 0x8(uptodate) Modules linked in: lz4 lz4_compress zram zsmalloc intel_rapl sb_edac x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel bin fmt_misc pcbc aesni_intel aes_x86_64 crypto_simd cryptd iTCO_wdt glue_helper iTCO_vendor_support intel_cstate lpc_ich mei_me intel_uncore intel_rapl_perf pcspkr joydev sg mfd_core ioatdma mei wmi evdev ipmi_si ipmi_devintf ipmi_msghandler acpi_power_meter acpi_pad button ip_tables x_tables autofs4 ext4 crc32c_generic crc16 mbcache jbd2 fscrypto hid_generic usbhid hid sd_mod xhci_pci ehci_pci ahci libahci xhci_hcd ehci_hcd libata igb i2c_algo_bit crc32c_intel scsi_mod i2c_i8 01 dca usbcore CPU: 4 PID: 1039 Comm: qemu-system-x86 Tainted: G B 4.18.0-rc5+ #1 Hardware name: Supermicro Super Server/X10SRL-F, BIOS 2.0b 05/02/2017 Call Trace: dump_stack+0x5c/0x7b bad_page+0xba/0x120 get_page_from_freelist+0x1016/0x1250 __alloc_pages_nodemask+0xfa/0x250 alloc_pages_vma+0x7c/0x1c0 do_swap_page+0x347/0x920 ? __update_load_avg_se.isra.38+0x1eb/0x1f0 ? cpumask_next_wrap+0x3d/0x60 __handle_mm_fault+0x7b4/0x1110 ? update_load_avg+0x5ea/0x720 handle_mm_fault+0xfc/0x1f0 __get_user_pages+0x12f/0x690 get_user_pages_unlocked+0x148/0x1f0 __gfn_to_pfn_memslot+0xff/0x3c0 [kvm] try_async_pf+0x87/0x230 [kvm] tdp_page_fault+0x132/0x290 [kvm] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] kvm_mmu_page_fault+0x74/0x570 [kvm] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmexit_fill_RSB+0x18/0x30 [kvm_intel] ? vmexit_fill_RSB+0xc/0x30 [kvm_intel] ? vmx_vcpu_run+0x375/0x620 [kvm_intel] kvm_arch_vcpu_ioctl_run+0x9b3/0x1990 [kvm] ? __update_load_avg_se.isra.38+0x1eb/0x1f0 ? kvm_vcpu_ioctl+0x388/0x5d0 [kvm] kvm_vcpu_ioctl+0x388/0x5d0 [kvm] ? __switch_to+0x395/0x450 ? __switch_to+0x395/0x450 do_vfs_ioctl+0xa2/0x630 ? __schedule+0x3fd/0x890 ksys_ioctl+0x70/0x80 ? exit_to_usermode_loop+0xca/0xf0 __x64_sys_ioctl+0x16/0x20 do_syscall_64+0x55/0x100 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7fb30361add7 Code: 00 00 00 48 8b 05 c1 80 2b 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 91 80 2b 00 f7 d8 64 89 01 48 RSP: 002b:00007fb2e97f98b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000000ae80 RCX: 00007fb30361add7 RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000015 RBP: 00005652b984e0f0 R08: 00005652b7d513d0 R09: 0000000000000001 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fb308c66000 R14: 0000000000000000 R15: 00005652b984e0f0 Link: https://lore.kernel.org/lkml/0516ae2d-b0fd-92c5-aa92-112ba7bd32fc@contabo.d… Link: http://lkml.kernel.org/r/20180802051112.86174-1-minchan@kernel.org Signed-off-by: Minchan Kim <minchan(a)kernel.org> Reported-by: Tino Lehnig <tino.lehnig(a)contabo.de> Tested-by: Tino Lehnig <tino.lehnig(a)contabo.de> Cc: Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> Cc: Jens Axboe <axboe(a)kernel.dk> Cc: <stable(a)vger.kernel.org> [4.15+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- drivers/block/zram/zram_drv.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) --- a/drivers/block/zram/zram_drv.c~zram-remove-bd_cap_synchronous_io-with-writeback-feature +++ a/drivers/block/zram/zram_drv.c @@ -298,7 +298,8 @@ static void reset_bdev(struct zram *zram zram->backing_dev = NULL; zram->old_block_size = 0; zram->bdev = NULL; - + zram->disk->queue->backing_dev_info->capabilities |= + BDI_CAP_SYNCHRONOUS_IO; kvfree(zram->bitmap); zram->bitmap = NULL; } @@ -400,6 +401,8 @@ static ssize_t backing_dev_store(struct zram->backing_dev = backing_dev; zram->bitmap = bitmap; zram->nr_pages = nr_pages; + zram->disk->queue->backing_dev_info->capabilities &= + ~BDI_CAP_SYNCHRONOUS_IO; up_write(&zram->init_lock); pr_info("setup backing device %s\n", file_name); _ Patches currently in -mm which might be from minchan(a)kernel.org are zram-remove-bd_cap_synchronous_io-with-writeback-feature.patch

7 years, 1 month

1
0
0 0

[PATCH v4 2/8] drm/nouveau: Enable polling even if we have runtime PM

by Lyude Paul

Having runtime PM makes no difference on whether or not we want polling, and it's now safe to just enable polling unconditionally in drm_load() thanks to d61a5c106351 ("drm/nouveau: Fix deadlock on runtime suspend") Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Peter Ujfalusi <peter.ujfalusi(a)ti.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_drm.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index 5fdc1fbe2ee5..ee2546db09c9 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -592,10 +592,11 @@ nouveau_drm_load(struct drm_device *dev, unsigned long flags) pm_runtime_allow(dev->dev); pm_runtime_mark_last_busy(dev->dev); pm_runtime_put(dev->dev); - } else { - /* enable polling for external displays */ - drm_kms_helper_poll_enable(dev); } + + /* enable polling for connectors without hpd */ + drm_kms_helper_poll_enable(dev); + return 0; fail_dispinit: -- 2.17.1

7 years, 1 month

2
2
0 0

[PATCH v4 1/8] drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement

by Lyude Paul

Turns out this part is my fault for not noticing when reviewing 9a2eba337cace ("drm/nouveau: Fix drm poll_helper handling"). Currently we call drm_kms_helper_poll_enable() from nouveau_display_hpd_work(). This makes basically no sense however, because that means we're calling drm_kms_helper_poll_enable() every time we schedule the hotplug detection work. This is also against the advice mentioned in drm_kms_helper_poll_enable()'s documentation: Note that calls to enable and disable polling must be strictly ordered, which is automatically the case when they're only call from suspend/resume callbacks. Of course, hotplugs can't really be ordered. They could even happen immediately after we called drm_kms_helper_poll_disable() in nouveau_display_fini(), which can lead to all sorts of issues. Additionally; enabling polling /after/ we call drm_helper_hpd_irq_event() could also mean that we'd miss a hotplug event anyway, since drm_helper_hpd_irq_event() wouldn't bother trying to probe connectors so long as polling is disabled. So; simply move this back into nouveau_display_init() again. The race condition that both of these patches attempted to work around has already been fixed properly in d61a5c106351 ("drm/nouveau: Fix deadlock on runtime suspend") Fixes: 9a2eba337cace ("drm/nouveau: Fix drm poll_helper handling") Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Peter Ujfalusi <peter.ujfalusi(a)ti.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_display.c | 7 +++++-- drivers/gpu/drm/nouveau/nouveau_drm.c | 1 - 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_display.c b/drivers/gpu/drm/nouveau/nouveau_display.c index ec7861457b84..1d36ab5d4796 100644 --- a/drivers/gpu/drm/nouveau/nouveau_display.c +++ b/drivers/gpu/drm/nouveau/nouveau_display.c @@ -355,8 +355,6 @@ nouveau_display_hpd_work(struct work_struct *work) pm_runtime_get_sync(drm->dev->dev); drm_helper_hpd_irq_event(drm->dev); - /* enable polling for external displays */ - drm_kms_helper_poll_enable(drm->dev); pm_runtime_mark_last_busy(drm->dev->dev); pm_runtime_put_sync(drm->dev->dev); @@ -411,6 +409,11 @@ nouveau_display_init(struct drm_device *dev) if (ret) return ret; + /* enable connector detection and polling for connectors without HPD + * support + */ + drm_kms_helper_poll_enable(dev); + /* enable hotplug interrupts */ drm_connector_list_iter_begin(dev, &conn_iter); nouveau_for_each_non_mst_connector_iter(connector, &conn_iter) { diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index c7ec86d6c3c9..5fdc1fbe2ee5 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -835,7 +835,6 @@ nouveau_pmops_runtime_suspend(struct device *dev) return -EBUSY; } - drm_kms_helper_poll_disable(drm_dev); nouveau_switcheroo_optimus_dsm(); ret = nouveau_do_suspend(drm_dev, true); pci_save_state(pdev); -- 2.17.1

7 years, 1 month

2
1
0 0

[PATCH 2/2] Avoid that SCSI device removal through sysfs triggers a deadlock

by Bart Van Assche

A long time ago the unfortunate decision was taken to add a self- deletion attribute to the sysfs SCSI device directory. That decision was unfortunate because self-deletion is really tricky. We can't drop that attribute because widely used user space software depends on it, namely the rescan-scsi-bus.sh script. Hence this patch that avoids that writing into that attribute triggers a deadlock. See also commit 7973cbd9fbd9 ("[PATCH] add sysfs attributes to scan and delete scsi_devices"). This patch avoids that self-removal triggers the following deadlock: ====================================================== WARNING: possible circular locking dependency detected 4.18.0-rc2-dbg+ #5 Not tainted ------------------------------------------------------ modprobe/6539 is trying to acquire lock: 000000008323c4cd (kn->count#202){++++}, at: kernfs_remove_by_name_ns+0x45/0x90 but task is already holding lock: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&shost->scan_mutex){+.+.}: __mutex_lock+0xfe/0xc70 mutex_lock_nested+0x1b/0x20 scsi_remove_device+0x26/0x40 [scsi_mod] sdev_store_delete+0x27/0x30 [scsi_mod] dev_attr_store+0x3e/0x50 sysfs_kf_write+0x87/0xa0 kernfs_fop_write+0x190/0x230 __vfs_write+0xd2/0x3b0 vfs_write+0x101/0x270 ksys_write+0xab/0x120 __x64_sys_write+0x43/0x50 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (kn->count#202){++++}: lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&shost->scan_mutex); lock(kn->count#202); lock(&shost->scan_mutex); lock(kn->count#202); *** DEADLOCK *** 2 locks held by modprobe/6539: #0: 00000000efaf9298 (&dev->mutex){....}, at: device_release_driver_internal+0x68/0x360 #1: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] stack backtrace: CPU: 10 PID: 6539 Comm: modprobe Not tainted 4.18.0-rc2-dbg+ #5 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 Call Trace: dump_stack+0xa4/0xf5 print_circular_bug.isra.34+0x213/0x221 __lock_acquire+0x1a7e/0x1b50 lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe See also https://www.mail-archive.com/linux-scsi@vger.kernel.org/msg54525.html. Fixes: ac0ece9174ac ("scsi: use device_remove_file_self() instead of device_schedule_callback()") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Acked-by: Tejun Heo <tj(a)kernel.org> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: <stable(a)vger.kernel.org> --- drivers/scsi/scsi_sysfs.c | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c index de122354d09a..3aee9464a7bf 100644 --- a/drivers/scsi/scsi_sysfs.c +++ b/drivers/scsi/scsi_sysfs.c @@ -722,8 +722,24 @@ static ssize_t sdev_store_delete(struct device *dev, struct device_attribute *attr, const char *buf, size_t count) { - if (device_remove_file_self(dev, attr)) - scsi_remove_device(to_scsi_device(dev)); + struct kernfs_node *kn; + + kn = sysfs_break_active_protection(&dev->kobj, &attr->attr); + WARN_ON_ONCE(!kn); + /* + * Concurrent writes into the "delete" sysfs attribute may trigger + * concurrent calls to device_remove_file() and scsi_remove_device(). + * device_remove_file() handles concurrent removal calls by + * serializing these and by ignoring the second and later removal + * attempts. Concurrent calls of scsi_remove_device() are + * serialized. The second and later calls of scsi_remove_device() are + * ignored because the first call of that function changes the device + * state into SDEV_DEL. + */ + device_remove_file(dev, attr); + scsi_remove_device(to_scsi_device(dev)); + if (kn) + sysfs_unbreak_active_protection(kn); return count; }; static DEVICE_ATTR(delete, S_IWUSR, NULL, sdev_store_delete); -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH 1/2] sysfs: Introduce sysfs_{un,}break_active_protection()

by Bart Van Assche

Introduce these two functions and export them such that the next patch can add calls to these functions from the SCSI core. Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Acked-by: Tejun Heo <tj(a)kernel.org> Acked-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: <stable(a)vger.kernel.org> --- fs/sysfs/file.c | 44 +++++++++++++++++++++++++++++++++++++++++++ include/linux/sysfs.h | 14 ++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c index 5c13f29bfcdb..118fa197a35f 100644 --- a/fs/sysfs/file.c +++ b/fs/sysfs/file.c @@ -405,6 +405,50 @@ int sysfs_chmod_file(struct kobject *kobj, const struct attribute *attr, } EXPORT_SYMBOL_GPL(sysfs_chmod_file); +/** + * sysfs_break_active_protection - break "active" protection + * @kobj: The kernel object @attr is associated with. + * @attr: The attribute to break the "active" protection for. + * + * With sysfs, just like kernfs, deletion of an attribute is postponed until + * all active .show() and .store() callbacks have finished unless this function + * is called. Hence this function is useful in methods that implement self + * deletion. + */ +struct kernfs_node *sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr) +{ + struct kernfs_node *kn; + + kobject_get(kobj); + kn = kernfs_find_and_get(kobj->sd, attr->name); + if (kn) + kernfs_break_active_protection(kn); + return kn; +} +EXPORT_SYMBOL_GPL(sysfs_break_active_protection); + +/** + * sysfs_unbreak_active_protection - restore "active" protection + * @kn: Pointer returned by sysfs_break_active_protection(). + * + * Undo the effects of sysfs_break_active_protection(). Since this function + * calls kernfs_put() on the kernfs node that corresponds to the 'attr' + * argument passed to sysfs_break_active_protection() that attribute may have + * been removed between the sysfs_break_active_protection() and + * sysfs_unbreak_active_protection() calls, it is not safe to access @kn after + * this function has returned. + */ +void sysfs_unbreak_active_protection(struct kernfs_node *kn) +{ + struct kobject *kobj = kn->parent->priv; + + kernfs_unbreak_active_protection(kn); + kernfs_put(kn); + kobject_put(kobj); +} +EXPORT_SYMBOL_GPL(sysfs_unbreak_active_protection); + /** * sysfs_remove_file_ns - remove an object attribute with a custom ns tag * @kobj: object we're acting for diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h index b8bfdc173ec0..3c12198c0103 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -237,6 +237,9 @@ int __must_check sysfs_create_files(struct kobject *kobj, const struct attribute **attr); int __must_check sysfs_chmod_file(struct kobject *kobj, const struct attribute *attr, umode_t mode); +struct kernfs_node *sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr); +void sysfs_unbreak_active_protection(struct kernfs_node *kn); void sysfs_remove_file_ns(struct kobject *kobj, const struct attribute *attr, const void *ns); bool sysfs_remove_file_self(struct kobject *kobj, const struct attribute *attr); @@ -350,6 +353,17 @@ static inline int sysfs_chmod_file(struct kobject *kobj, return 0; } +static inline struct kernfs_node * +sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr) +{ + return NULL; +} + +static inline void sysfs_unbreak_active_protection(struct kernfs_node *kn) +{ +} + static inline void sysfs_remove_file_ns(struct kobject *kobj, const struct attribute *attr, const void *ns) -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH 2/2] Avoid that SCSI device removal through sysfs triggers a deadlock

by Bart Van Assche

A long time ago the unfortunate decision was taken to add a self- deletion attribute to the sysfs SCSI device directory. That decision was unfortunate because self-deletion is really tricky. We can't drop that attribute because widely used user space software depends on it, namely the rescan-scsi-bus.sh script. Hence this patch that avoids that writing into that attribute triggers a deadlock. See also commit 7973cbd9fbd9 ("[PATCH] add sysfs attributes to scan and delete scsi_devices"). This patch avoids that self-removal triggers the following deadlock: ====================================================== WARNING: possible circular locking dependency detected 4.18.0-rc2-dbg+ #5 Not tainted ------------------------------------------------------ modprobe/6539 is trying to acquire lock: 000000008323c4cd (kn->count#202){++++}, at: kernfs_remove_by_name_ns+0x45/0x90 but task is already holding lock: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&shost->scan_mutex){+.+.}: __mutex_lock+0xfe/0xc70 mutex_lock_nested+0x1b/0x20 scsi_remove_device+0x26/0x40 [scsi_mod] sdev_store_delete+0x27/0x30 [scsi_mod] dev_attr_store+0x3e/0x50 sysfs_kf_write+0x87/0xa0 kernfs_fop_write+0x190/0x230 __vfs_write+0xd2/0x3b0 vfs_write+0x101/0x270 ksys_write+0xab/0x120 __x64_sys_write+0x43/0x50 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (kn->count#202){++++}: lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&shost->scan_mutex); lock(kn->count#202); lock(&shost->scan_mutex); lock(kn->count#202); *** DEADLOCK *** 2 locks held by modprobe/6539: #0: 00000000efaf9298 (&dev->mutex){....}, at: device_release_driver_internal+0x68/0x360 #1: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] stack backtrace: CPU: 10 PID: 6539 Comm: modprobe Not tainted 4.18.0-rc2-dbg+ #5 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 Call Trace: dump_stack+0xa4/0xf5 print_circular_bug.isra.34+0x213/0x221 __lock_acquire+0x1a7e/0x1b50 lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe See also https://www.mail-archive.com/linux-scsi@vger.kernel.org/msg54525.html. Fixes: ac0ece9174ac ("scsi: use device_remove_file_self() instead of device_schedule_callback()") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Tejun Heo <tj(a)kernel.org> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: <stable(a)vger.kernel.org> --- drivers/scsi/scsi_sysfs.c | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c index de122354d09a..3aee9464a7bf 100644 --- a/drivers/scsi/scsi_sysfs.c +++ b/drivers/scsi/scsi_sysfs.c @@ -722,8 +722,24 @@ static ssize_t sdev_store_delete(struct device *dev, struct device_attribute *attr, const char *buf, size_t count) { - if (device_remove_file_self(dev, attr)) - scsi_remove_device(to_scsi_device(dev)); + struct kernfs_node *kn; + + kn = sysfs_break_active_protection(&dev->kobj, &attr->attr); + WARN_ON_ONCE(!kn); + /* + * Concurrent writes into the "delete" sysfs attribute may trigger + * concurrent calls to device_remove_file() and scsi_remove_device(). + * device_remove_file() handles concurrent removal calls by + * serializing these and by ignoring the second and later removal + * attempts. Concurrent calls of scsi_remove_device() are + * serialized. The second and later calls of scsi_remove_device() are + * ignored because the first call of that function changes the device + * state into SDEV_DEL. + */ + device_remove_file(dev, attr); + scsi_remove_device(to_scsi_device(dev)); + if (kn) + sysfs_unbreak_active_protection(kn); return count; }; static DEVICE_ATTR(delete, S_IWUSR, NULL, sdev_store_delete); -- 2.18.0

7 years, 1 month

3
4
0 0

[PATCH] block: really disable runtime-pm for blk-mq

by Ming Lei

Runtime PM isn't ready for blk-mq yet, and commit 765e40b675a9 ("block: disable runtime-pm for blk-mq") tried to disable it. Unfortunately, it can't take effect in that way since user space still can switch it on via 'echo auto > /sys/block/sdN/device/power/control'. This patch disables runtime-pm for blk-mq really by pm_runtime_disable() and fixes all kinds of PM related kernel crash. Cc: Christoph Hellwig <hch(a)lst.de> Cc: Patrick Steinhardt <ps(a)pks.im> Cc: Bart Van Assche <Bart.VanAssche(a)wdc.com> Cc: Tomas Janousek <tomi(a)nomi.cz> Cc: Przemek Socha <soprwa(a)gmail.com> Cc: Alan Stern <stern(a)rowland.harvard.edu> Cc: <stable(a)vger.kernel.org> Signed-off-by: Ming Lei <ming.lei(a)redhat.com> --- block/blk-core.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/block/blk-core.c b/block/blk-core.c index 03a4ea93a5f3..090b782df129 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -3769,9 +3769,11 @@ EXPORT_SYMBOL(blk_finish_plug); */ void blk_pm_runtime_init(struct request_queue *q, struct device *dev) { - /* not support for RQF_PM and ->rpm_status in blk-mq yet */ - if (q->mq_ops) + /* Don't enable runtime PM for blk-mq until it is ready */ + if (q->mq_ops) { + pm_runtime_disable(dev); return; + } q->dev = dev; q->rpm_status = RPM_ACTIVE; -- 2.9.5

7 years, 1 month

6
5
0 0

[PATCH v4.14] iwlwifi: pcie: don't warn if we use all the transmit pointers

by Emmanuel Grumbach

commit 4437ba7ee7de7e71d11deb91c87a370e4ffd2601 upstream. Our Transmit Frame Descriptor (TFD) is a DMA descriptor that includes several pointers to be able to transmit a packet which is not physically contiguous. Depending on the hardware being use, we can have 20 or 25 pointers in a single TFD. In both cases, it is more than enough and it is quite hard to hit this limit. It has been reported that when using specific applications (Ktorrent), we can actually use all the pointers and then a long standing bug showed up. When we free the TFD, we check its number of valid pointers and make sure it doesn't exceed the number of pointers the hardware support. This check had an off by one bug: it is perfectly valid to free the 20 pointers if the TFD has 20 pointers. Fix that. https://bugzilla.kernel.org/show_bug.cgi?id=197981 Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> Signed-off-by: Luca Coelho <luciano.coelho(a)intel.com> --- drivers/net/wireless/intel/iwlwifi/pcie/tx.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/intel/iwlwifi/pcie/tx.c b/drivers/net/wireless/intel/iwlwifi/pcie/tx.c index 4704137..4c3b134 100644 --- a/drivers/net/wireless/intel/iwlwifi/pcie/tx.c +++ b/drivers/net/wireless/intel/iwlwifi/pcie/tx.c @@ -378,7 +378,7 @@ static void iwl_pcie_tfd_unmap(struct iwl_trans *trans, /* Sanity check on number of chunks */ num_tbs = iwl_pcie_tfd_get_num_tbs(trans, tfd); - if (num_tbs >= trans_pcie->max_tbs) { + if (num_tbs > trans_pcie->max_tbs) { IWL_ERR(trans, "Too many chunks: %i\n", num_tbs); /* @todo issue fatal error, it is quite serious situation */ return; -- 2.7.4

7 years, 1 month

1
0
0 0

[PATCH v4.9] iwlwifi: pcie: don't warn if we use all the transmit pointers

by Emmanuel Grumbach

commit 4437ba7ee7de7e71d11deb91c87a370e4ffd2601 upstream. Our Transmit Frame Descriptor (TFD) is a DMA descriptor that includes several pointers to be able to transmit a packet which is not physically contiguous. Depending on the hardware being use, we can have 20 or 25 pointers in a single TFD. In both cases, it is more than enough and it is quite hard to hit this limit. It has been reported that when using specific applications (Ktorrent), we can actually use all the pointers and then a long standing bug showed up. When we free the TFD, we check its number of valid pointers and make sure it doesn't exceed the number of pointers the hardware support. This check had an off by one bug: it is perfectly valid to free the 20 pointers if the TFD has 20 pointers. Fix that. https://bugzilla.kernel.org/show_bug.cgi?id=197981 Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> Signed-off-by: Luca Coelho <luciano.coelho(a)intel.com> --- drivers/net/wireless/intel/iwlwifi/pcie/tx.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/intel/iwlwifi/pcie/tx.c b/drivers/net/wireless/intel/iwlwifi/pcie/tx.c index e1bfc95..2c98784 100644 --- a/drivers/net/wireless/intel/iwlwifi/pcie/tx.c +++ b/drivers/net/wireless/intel/iwlwifi/pcie/tx.c @@ -416,7 +416,7 @@ static void iwl_pcie_tfd_unmap(struct iwl_trans *trans, /* Sanity check on number of chunks */ num_tbs = iwl_pcie_tfd_get_num_tbs(trans, tfd); - if (num_tbs >= trans_pcie->max_tbs) { + if (num_tbs > trans_pcie->max_tbs) { IWL_ERR(trans, "Too many chunks: %i\n", num_tbs); /* @todo issue fatal error, it is quite serious situation */ return; -- 2.7.4

7 years, 1 month

1
0
0 0

[PATCH] ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry

by Hans de Goede

I added the subsys product-id for the HDMI HDA device rather then for the PCH one, this commit fixes this. BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1525104 Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> --- sound/pci/hda/hda_intel.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sound/pci/hda/hda_intel.c b/sound/pci/hda/hda_intel.c index 1ae1850b3bfd..647ae1a71e10 100644 --- a/sound/pci/hda/hda_intel.c +++ b/sound/pci/hda/hda_intel.c @@ -2207,7 +2207,7 @@ static int azx_probe(struct pci_dev *pci, */ static struct snd_pci_quirk power_save_blacklist[] = { /* https://bugzilla.redhat.com/show_bug.cgi?id=1525104 */ - SND_PCI_QUIRK(0x1849, 0x0c0c, "Asrock B85M-ITX", 0), + SND_PCI_QUIRK(0x1849, 0xc892, "Asrock B85M-ITX", 0), /* https://bugzilla.redhat.com/show_bug.cgi?id=1525104 */ SND_PCI_QUIRK(0x1849, 0x7662, "Asrock H81M-HDS", 0), /* https://bugzilla.redhat.com/show_bug.cgi?id=1525104 */ -- 2.18.0

7 years, 1 month

2
1
0 0

your photos need edit

by Sam

As a boutique team, we work personally with our clients to ensure the good results. Having over a decade of hands-on experience in photography and retouching, we have been inspired to expand our services to the public. We are team of artists who have excelled in fields such as art, photography, retouching, graphics and design. No matter what your field of interest is in, we can learn to work with your style to give you the best product. We provide below image editing services: Clipping path Image cut out Image shadow creation Image masking Photo retouching Beauty retouching (skin, face, body retouching) Glamour retouching Product retouching Color correction and others We provide testing for our services. Thanks, Sam

7 years, 1 month

1
0
0 0

stable@vger.kernel.org 为您提供一对一专属服务，一套系统化客户开发企�到饩龇桨福�让您订单不断，客户无忧！

by vip

7 years, 1 month

1
0
0 0

patch "serial: 8250_exar: Read INT0 from slave device, too" added to tty-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_exar: Read INT0 from slave device, too to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 60ab0fafc4b652fcaf7cbc3bb8555a0cf1149c28 Mon Sep 17 00:00:00 2001 From: Aaron Sierra <asierra(a)xes-inc.com> Date: Tue, 24 Jul 2018 14:23:46 -0500 Subject: serial: 8250_exar: Read INT0 from slave device, too The sleep wake-up refactoring that I introduced in commit c7e1b4059075 ("tty: serial: exar: Relocate sleep wake-up handling") did not account for devices with a slave device on the expansion port. This patch pokes the INT0 register in the slave device, if present, in order to ensure that MSI interrupts don't get permanently "stuck" because of a sleep wake-up interrupt as described here: commit 2c0ac5b48a35 ("serial: exar: Fix stuck MSIs") This also converts an ioread8() to readb() in order to provide visual consistency with the MMIO-only accessors used elsewhere in the driver. Reported-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Signed-off-by: Aaron Sierra <asierra(a)xes-inc.com> Fixes: c7e1b4059075 ("tty: serial: exar: Relocate sleep wake-up handling") Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_exar.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/tty/serial/8250/8250_exar.c b/drivers/tty/serial/8250/8250_exar.c index 7a98acd5e171..0089aa305ef9 100644 --- a/drivers/tty/serial/8250/8250_exar.c +++ b/drivers/tty/serial/8250/8250_exar.c @@ -445,7 +445,11 @@ static irqreturn_t exar_misc_handler(int irq, void *data) struct exar8250 *priv = data; /* Clear all PCI interrupts by reading INT0. No effect on IIR */ - ioread8(priv->virt + UART_EXAR_INT0); + readb(priv->virt + UART_EXAR_INT0); + + /* Clear INT0 for Expansion Interface slave ports, too */ + if (priv->board->num_ports > 8) + readb(priv->virt + 0x2000 + UART_EXAR_INT0); return IRQ_HANDLED; } -- 2.18.0

7 years, 1 month

1
0
0 0

patch "serial: 8250_dw: Add ACPI support for uart on Broadcom SoC" added to tty-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_dw: Add ACPI support for uart on Broadcom SoC to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 784c29eda5b4e28c3a56aa90b3815f9a1b0cfdc1 Mon Sep 17 00:00:00 2001 From: Srinath Mannam <srinath.mannam(a)broadcom.com> Date: Sat, 28 Jul 2018 20:55:15 +0530 Subject: serial: 8250_dw: Add ACPI support for uart on Broadcom SoC Add ACPI identifier HID for UART DW 8250 on Broadcom SoCs to match the HID passed through ACPI tables to enable UART controller. Signed-off-by: Srinath Mannam <srinath.mannam(a)broadcom.com> Reviewed-by: Vladimir Olovyannikov <vladimir.olovyannikov(a)broadcom.com> Tested-by: Vladimir Olovyannikov <vladimir.olovyannikov(a)broadcom.com> Reviewed-by: Ray Jui <ray.jui(a)broadcom.com> Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_dw.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c index 27b7ecc3b59b..fa8dcb470640 100644 --- a/drivers/tty/serial/8250/8250_dw.c +++ b/drivers/tty/serial/8250/8250_dw.c @@ -762,6 +762,7 @@ static const struct acpi_device_id dw8250_acpi_match[] = { { "APMC0D08", 0}, { "AMD0020", 0 }, { "AMDI0020", 0 }, + { "BRCM2032", 0 }, { "HISI0031", 0 }, { }, }; -- 2.18.0

7 years, 1 month

1
0
0 0

patch "serial: 8250_dw: always set baud rate in dw8250_set_termios" added to tty-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_dw: always set baud rate in dw8250_set_termios to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From dfcab6ba573445c703235ab6c83758eec12d7f28 Mon Sep 17 00:00:00 2001 From: Chen Hu <hu1.chen(a)intel.com> Date: Fri, 27 Jul 2018 18:32:41 +0800 Subject: serial: 8250_dw: always set baud rate in dw8250_set_termios dw8250_set_termios() doesn't set baud rate if the arg "old ktermios" is NULL. This happens during resume. Call Trace: ... [ 54.928108] dw8250_set_termios+0x162/0x170 [ 54.928114] serial8250_set_termios+0x17/0x20 [ 54.928117] uart_change_speed+0x64/0x160 [ 54.928119] uart_resume_port ... So the baud rate is not restored after S3 and breaks the apps who use UART, for example, console and bluetooth etc. We address this issue by setting the baud rate irrespective of arg "old", just like the drivers for other 8250 IPs. This is tested with Intel Broxton platform. Signed-off-by: Chen Hu <hu1.chen(a)intel.com> Fixes: 4e26b134bd17 ("serial: 8250_dw: clock rate handling for all ACPI platforms") Cc: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_dw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c index b4e6f31936f5..27b7ecc3b59b 100644 --- a/drivers/tty/serial/8250/8250_dw.c +++ b/drivers/tty/serial/8250/8250_dw.c @@ -310,7 +310,7 @@ static void dw8250_set_termios(struct uart_port *p, struct ktermios *termios, long rate; int ret; - if (IS_ERR(d->clk) || !old) + if (IS_ERR(d->clk)) goto out; clk_disable_unprepare(d->clk); -- 2.18.0

7 years, 1 month

1
0
0 0

patch "USB: serial: pl2303: add a new device id for ATEN" added to usb-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: pl2303: add a new device id for ATEN to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 29c692c96b3a39cd1911fb79cd2505af8d070f07 Mon Sep 17 00:00:00 2001 From: Movie Song <MovieSong(a)aten-itlab.cn> Date: Thu, 19 Jul 2018 02:20:48 +0800 Subject: USB: serial: pl2303: add a new device id for ATEN Signed-off-by: Movie Song <MovieSong(a)aten-itlab.cn> Cc: Johan Hovold <johan(a)kernel.org> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/serial/pl2303.c | 2 ++ drivers/usb/serial/pl2303.h | 1 + 2 files changed, 3 insertions(+) diff --git a/drivers/usb/serial/pl2303.c b/drivers/usb/serial/pl2303.c index 5d1a1931967e..e41f725ac7aa 100644 --- a/drivers/usb/serial/pl2303.c +++ b/drivers/usb/serial/pl2303.c @@ -52,6 +52,8 @@ static const struct usb_device_id id_table[] = { .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_UC485), .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, + { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_UC232B), + .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_ID2) }, { USB_DEVICE(ATEN_VENDOR_ID2, ATEN_PRODUCT_ID) }, { USB_DEVICE(ELCOM_VENDOR_ID, ELCOM_PRODUCT_ID) }, diff --git a/drivers/usb/serial/pl2303.h b/drivers/usb/serial/pl2303.h index fcd72396a7b6..26965cc23c17 100644 --- a/drivers/usb/serial/pl2303.h +++ b/drivers/usb/serial/pl2303.h @@ -24,6 +24,7 @@ #define ATEN_VENDOR_ID2 0x0547 #define ATEN_PRODUCT_ID 0x2008 #define ATEN_PRODUCT_UC485 0x2021 +#define ATEN_PRODUCT_UC232B 0x2022 #define ATEN_PRODUCT_ID2 0x2118 #define IODATA_VENDOR_ID 0x04bb -- 2.18.0

7 years, 1 month

1
0
0 0

patch "USB: serial: pl2303: add a new device id for ATEN" added to usb-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: pl2303: add a new device id for ATEN to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the usb-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 29c692c96b3a39cd1911fb79cd2505af8d070f07 Mon Sep 17 00:00:00 2001 From: Movie Song <MovieSong(a)aten-itlab.cn> Date: Thu, 19 Jul 2018 02:20:48 +0800 Subject: USB: serial: pl2303: add a new device id for ATEN Signed-off-by: Movie Song <MovieSong(a)aten-itlab.cn> Cc: Johan Hovold <johan(a)kernel.org> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/serial/pl2303.c | 2 ++ drivers/usb/serial/pl2303.h | 1 + 2 files changed, 3 insertions(+) diff --git a/drivers/usb/serial/pl2303.c b/drivers/usb/serial/pl2303.c index 5d1a1931967e..e41f725ac7aa 100644 --- a/drivers/usb/serial/pl2303.c +++ b/drivers/usb/serial/pl2303.c @@ -52,6 +52,8 @@ static const struct usb_device_id id_table[] = { .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_UC485), .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, + { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_UC232B), + .driver_info = PL2303_QUIRK_ENDPOINT_HACK }, { USB_DEVICE(ATEN_VENDOR_ID, ATEN_PRODUCT_ID2) }, { USB_DEVICE(ATEN_VENDOR_ID2, ATEN_PRODUCT_ID) }, { USB_DEVICE(ELCOM_VENDOR_ID, ELCOM_PRODUCT_ID) }, diff --git a/drivers/usb/serial/pl2303.h b/drivers/usb/serial/pl2303.h index fcd72396a7b6..26965cc23c17 100644 --- a/drivers/usb/serial/pl2303.h +++ b/drivers/usb/serial/pl2303.h @@ -24,6 +24,7 @@ #define ATEN_VENDOR_ID2 0x0547 #define ATEN_PRODUCT_ID 0x2008 #define ATEN_PRODUCT_UC485 0x2021 +#define ATEN_PRODUCT_UC232B 0x2022 #define ATEN_PRODUCT_ID2 0x2118 #define IODATA_VENDOR_ID 0x04bb -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH 1/2] sysfs: Introduce sysfs_{un,}break_active_protection()

by Bart Van Assche

Introduce these two functions and export them such that the next patch can add calls to these functions from the SCSI core. Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Tejun Heo <tj(a)kernel.org> Cc: <stable(a)vger.kernel.org> --- fs/sysfs/file.c | 44 +++++++++++++++++++++++++++++++++++++++++++ include/linux/sysfs.h | 14 ++++++++++++++ 2 files changed, 58 insertions(+) diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c index 5c13f29bfcdb..118fa197a35f 100644 --- a/fs/sysfs/file.c +++ b/fs/sysfs/file.c @@ -405,6 +405,50 @@ int sysfs_chmod_file(struct kobject *kobj, const struct attribute *attr, } EXPORT_SYMBOL_GPL(sysfs_chmod_file); +/** + * sysfs_break_active_protection - break "active" protection + * @kobj: The kernel object @attr is associated with. + * @attr: The attribute to break the "active" protection for. + * + * With sysfs, just like kernfs, deletion of an attribute is postponed until + * all active .show() and .store() callbacks have finished unless this function + * is called. Hence this function is useful in methods that implement self + * deletion. + */ +struct kernfs_node *sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr) +{ + struct kernfs_node *kn; + + kobject_get(kobj); + kn = kernfs_find_and_get(kobj->sd, attr->name); + if (kn) + kernfs_break_active_protection(kn); + return kn; +} +EXPORT_SYMBOL_GPL(sysfs_break_active_protection); + +/** + * sysfs_unbreak_active_protection - restore "active" protection + * @kn: Pointer returned by sysfs_break_active_protection(). + * + * Undo the effects of sysfs_break_active_protection(). Since this function + * calls kernfs_put() on the kernfs node that corresponds to the 'attr' + * argument passed to sysfs_break_active_protection() that attribute may have + * been removed between the sysfs_break_active_protection() and + * sysfs_unbreak_active_protection() calls, it is not safe to access @kn after + * this function has returned. + */ +void sysfs_unbreak_active_protection(struct kernfs_node *kn) +{ + struct kobject *kobj = kn->parent->priv; + + kernfs_unbreak_active_protection(kn); + kernfs_put(kn); + kobject_put(kobj); +} +EXPORT_SYMBOL_GPL(sysfs_unbreak_active_protection); + /** * sysfs_remove_file_ns - remove an object attribute with a custom ns tag * @kobj: object we're acting for diff --git a/include/linux/sysfs.h b/include/linux/sysfs.h index b8bfdc173ec0..3c12198c0103 100644 --- a/include/linux/sysfs.h +++ b/include/linux/sysfs.h @@ -237,6 +237,9 @@ int __must_check sysfs_create_files(struct kobject *kobj, const struct attribute **attr); int __must_check sysfs_chmod_file(struct kobject *kobj, const struct attribute *attr, umode_t mode); +struct kernfs_node *sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr); +void sysfs_unbreak_active_protection(struct kernfs_node *kn); void sysfs_remove_file_ns(struct kobject *kobj, const struct attribute *attr, const void *ns); bool sysfs_remove_file_self(struct kobject *kobj, const struct attribute *attr); @@ -350,6 +353,17 @@ static inline int sysfs_chmod_file(struct kobject *kobj, return 0; } +static inline struct kernfs_node * +sysfs_break_active_protection(struct kobject *kobj, + const struct attribute *attr) +{ + return NULL; +} + +static inline void sysfs_unbreak_active_protection(struct kernfs_node *kn) +{ +} + static inline void sysfs_remove_file_ns(struct kobject *kobj, const struct attribute *attr, const void *ns) -- 2.18.0

7 years, 1 month

3
2
0 0

patch "serial: 8250_exar: Read INT0 from slave device, too" added to tty-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_exar: Read INT0 from slave device, too to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the tty-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 60ab0fafc4b652fcaf7cbc3bb8555a0cf1149c28 Mon Sep 17 00:00:00 2001 From: Aaron Sierra <asierra(a)xes-inc.com> Date: Tue, 24 Jul 2018 14:23:46 -0500 Subject: serial: 8250_exar: Read INT0 from slave device, too The sleep wake-up refactoring that I introduced in commit c7e1b4059075 ("tty: serial: exar: Relocate sleep wake-up handling") did not account for devices with a slave device on the expansion port. This patch pokes the INT0 register in the slave device, if present, in order to ensure that MSI interrupts don't get permanently "stuck" because of a sleep wake-up interrupt as described here: commit 2c0ac5b48a35 ("serial: exar: Fix stuck MSIs") This also converts an ioread8() to readb() in order to provide visual consistency with the MMIO-only accessors used elsewhere in the driver. Reported-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Signed-off-by: Aaron Sierra <asierra(a)xes-inc.com> Fixes: c7e1b4059075 ("tty: serial: exar: Relocate sleep wake-up handling") Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_exar.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/tty/serial/8250/8250_exar.c b/drivers/tty/serial/8250/8250_exar.c index 7a98acd5e171..0089aa305ef9 100644 --- a/drivers/tty/serial/8250/8250_exar.c +++ b/drivers/tty/serial/8250/8250_exar.c @@ -445,7 +445,11 @@ static irqreturn_t exar_misc_handler(int irq, void *data) struct exar8250 *priv = data; /* Clear all PCI interrupts by reading INT0. No effect on IIR */ - ioread8(priv->virt + UART_EXAR_INT0); + readb(priv->virt + UART_EXAR_INT0); + + /* Clear INT0 for Expansion Interface slave ports, too */ + if (priv->board->num_ports > 8) + readb(priv->virt + 0x2000 + UART_EXAR_INT0); return IRQ_HANDLED; } -- 2.18.0

7 years, 1 month

1
0
0 0

patch "serial: 8250_dw: Add ACPI support for uart on Broadcom SoC" added to tty-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_dw: Add ACPI support for uart on Broadcom SoC to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the tty-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 784c29eda5b4e28c3a56aa90b3815f9a1b0cfdc1 Mon Sep 17 00:00:00 2001 From: Srinath Mannam <srinath.mannam(a)broadcom.com> Date: Sat, 28 Jul 2018 20:55:15 +0530 Subject: serial: 8250_dw: Add ACPI support for uart on Broadcom SoC Add ACPI identifier HID for UART DW 8250 on Broadcom SoCs to match the HID passed through ACPI tables to enable UART controller. Signed-off-by: Srinath Mannam <srinath.mannam(a)broadcom.com> Reviewed-by: Vladimir Olovyannikov <vladimir.olovyannikov(a)broadcom.com> Tested-by: Vladimir Olovyannikov <vladimir.olovyannikov(a)broadcom.com> Reviewed-by: Ray Jui <ray.jui(a)broadcom.com> Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_dw.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c index 27b7ecc3b59b..fa8dcb470640 100644 --- a/drivers/tty/serial/8250/8250_dw.c +++ b/drivers/tty/serial/8250/8250_dw.c @@ -762,6 +762,7 @@ static const struct acpi_device_id dw8250_acpi_match[] = { { "APMC0D08", 0}, { "AMD0020", 0 }, { "AMDI0020", 0 }, + { "BRCM2032", 0 }, { "HISI0031", 0 }, { }, }; -- 2.18.0

7 years, 1 month

1
0
0 0

patch "serial: 8250_dw: always set baud rate in dw8250_set_termios" added to tty-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled serial: 8250_dw: always set baud rate in dw8250_set_termios to my tty git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git in the tty-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the tty-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From dfcab6ba573445c703235ab6c83758eec12d7f28 Mon Sep 17 00:00:00 2001 From: Chen Hu <hu1.chen(a)intel.com> Date: Fri, 27 Jul 2018 18:32:41 +0800 Subject: serial: 8250_dw: always set baud rate in dw8250_set_termios dw8250_set_termios() doesn't set baud rate if the arg "old ktermios" is NULL. This happens during resume. Call Trace: ... [ 54.928108] dw8250_set_termios+0x162/0x170 [ 54.928114] serial8250_set_termios+0x17/0x20 [ 54.928117] uart_change_speed+0x64/0x160 [ 54.928119] uart_resume_port ... So the baud rate is not restored after S3 and breaks the apps who use UART, for example, console and bluetooth etc. We address this issue by setting the baud rate irrespective of arg "old", just like the drivers for other 8250 IPs. This is tested with Intel Broxton platform. Signed-off-by: Chen Hu <hu1.chen(a)intel.com> Fixes: 4e26b134bd17 ("serial: 8250_dw: clock rate handling for all ACPI platforms") Cc: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/tty/serial/8250/8250_dw.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tty/serial/8250/8250_dw.c b/drivers/tty/serial/8250/8250_dw.c index b4e6f31936f5..27b7ecc3b59b 100644 --- a/drivers/tty/serial/8250/8250_dw.c +++ b/drivers/tty/serial/8250/8250_dw.c @@ -310,7 +310,7 @@ static void dw8250_set_termios(struct uart_port *p, struct ktermios *termios, long rate; int ret; - if (IS_ERR(d->clk) || !old) + if (IS_ERR(d->clk)) goto out; clk_disable_unprepare(d->clk); -- 2.18.0

7 years, 1 month

1
0
0 0

patch "iio: ad9523: Fix return value for ad952x_store()" added to staging-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled iio: ad9523: Fix return value for ad952x_store() to my staging git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git in the staging-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 9a5094ca29ea9b1da301b31fd377c0c0c4c23034 Mon Sep 17 00:00:00 2001 From: Lars-Peter Clausen <lars(a)metafoo.de> Date: Fri, 27 Jul 2018 09:42:45 +0300 Subject: iio: ad9523: Fix return value for ad952x_store() A sysfs write callback function needs to either return the number of consumed characters or an error. The ad952x_store() function currently returns 0 if the input value was "0", this will signal that no characters have been consumed and the function will be called repeatedly in a loop indefinitely. Fix this by returning number of supplied characters to indicate that the whole input string has been consumed. Signed-off-by: Lars-Peter Clausen <lars(a)metafoo.de> Signed-off-by: Alexandru Ardelean <alexandru.ardelean(a)analog.com> Fixes: cd1678f96329 ("iio: frequency: New driver for AD9523 SPI Low Jitter Clock Generator") Cc: <Stable(a)vger.kernel.org> Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> --- drivers/iio/frequency/ad9523.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/iio/frequency/ad9523.c b/drivers/iio/frequency/ad9523.c index 37504739c277..059b2fda8cbd 100644 --- a/drivers/iio/frequency/ad9523.c +++ b/drivers/iio/frequency/ad9523.c @@ -518,7 +518,7 @@ static ssize_t ad9523_store(struct device *dev, return ret; if (!state) - return 0; + return len; mutex_lock(&st->lock); switch ((u32)this_attr->address) { -- 2.18.0

7 years, 1 month

1
0
0 0

patch "iio: ad9523: Fix return value for ad952x_store()" added to staging-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled iio: ad9523: Fix return value for ad952x_store() to my staging git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git in the staging-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the staging-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 9a5094ca29ea9b1da301b31fd377c0c0c4c23034 Mon Sep 17 00:00:00 2001 From: Lars-Peter Clausen <lars(a)metafoo.de> Date: Fri, 27 Jul 2018 09:42:45 +0300 Subject: iio: ad9523: Fix return value for ad952x_store() A sysfs write callback function needs to either return the number of consumed characters or an error. The ad952x_store() function currently returns 0 if the input value was "0", this will signal that no characters have been consumed and the function will be called repeatedly in a loop indefinitely. Fix this by returning number of supplied characters to indicate that the whole input string has been consumed. Signed-off-by: Lars-Peter Clausen <lars(a)metafoo.de> Signed-off-by: Alexandru Ardelean <alexandru.ardelean(a)analog.com> Fixes: cd1678f96329 ("iio: frequency: New driver for AD9523 SPI Low Jitter Clock Generator") Cc: <Stable(a)vger.kernel.org> Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> --- drivers/iio/frequency/ad9523.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/iio/frequency/ad9523.c b/drivers/iio/frequency/ad9523.c index 37504739c277..059b2fda8cbd 100644 --- a/drivers/iio/frequency/ad9523.c +++ b/drivers/iio/frequency/ad9523.c @@ -518,7 +518,7 @@ static ssize_t ad9523_store(struct device *dev, return ret; if (!state) - return 0; + return len; mutex_lock(&st->lock); switch ((u32)this_attr->address) { -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH v2] ext4: mballoc: Fix spectre gadget in ext4_mb_regular_allocator

by Jeremy Cline

'ac->ac_g_ex.fe_len' is a user-controlled value which is used in the derivation of 'ac->ac_2order'. 'ac->ac_2order', in turn, is used to index arrays which makes it a potential spectre gadget. Fix this by sanitizing the value assigned to 'ac->ac2_order'. This covers the following accesses found with the help of smatch: * fs/ext4/mballoc.c:1896 ext4_mb_simple_scan_group() warn: potential spectre issue 'grp->bb_counters' [w] (local cap) * fs/ext4/mballoc.c:445 mb_find_buddy() warn: potential spectre issue 'EXT4_SB(e4b->bd_sb)->s_mb_offsets' [r] (local cap) * fs/ext4/mballoc.c:446 mb_find_buddy() warn: potential spectre issue 'EXT4_SB(e4b->bd_sb)->s_mb_maxs' [r] (local cap) Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: stable(a)vger.kernel.org Suggested-by: Josh Poimboeuf <jpoimboe(a)redhat.com> Signed-off-by: Jeremy Cline <jcline(a)redhat.com> --- I broke this out of the "ext4: fix spectre v1 gadgets" patch set since the other patches in that series could, as Josh noted, be replaced with one fix in do_quotactl. I'll send that fix to the disk quota folks separately. Changes from v1: - Sanitize ac_2order on assignment, rather than down the call chain in ext4_mb_simple_scan_group. fs/ext4/mballoc.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index f7ab34088162..8b24d3d42cb3 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -14,6 +14,7 @@ #include <linux/log2.h> #include <linux/module.h> #include <linux/slab.h> +#include <linux/nospec.h> #include <linux/backing-dev.h> #include <trace/events/ext4.h> @@ -2140,7 +2141,8 @@ ext4_mb_regular_allocator(struct ext4_allocation_context *ac) * This should tell if fe_len is exactly power of 2 */ if ((ac->ac_g_ex.fe_len & (~(1 << (i - 1)))) == 0) - ac->ac_2order = i - 1; + ac->ac_2order = array_index_nospec(i - 1, + sb->s_blocksize_bits + 2); } /* if stream allocation is enabled, use global goal */ -- 2.17.1

7 years, 1 month

3
5
0 0

[PATCH 1/3] Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind()

by kys＠linuxonhyperv.com

From: Dexuan Cui <decui(a)microsoft.com> Before setting channel->rescind in vmbus_rescind_cleanup(), we should make sure the channel callback won't run any more, otherwise a high-level driver like pci_hyperv, which may be infinitely waiting for the host VSP's response and notices the channel has been rescinded, can't safely give up: e.g., in hv_pci_protocol_negotiation() -> wait_for_response(), it's unsafe to exit from wait_for_response() and proceed with the on-stack variable "comp_pkt" popped. The issue was originally spotted by Michael Kelley <mikelley(a)microsoft.com>. In vmbus_close_internal(), the patch also minimizes the range protected by disabling/enabling channel->callback_event: we don't really need that for the whole function. Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Reviewed-by: Michael Kelley <mikelley(a)microsoft.com> Cc: stable(a)vger.kernel.org Cc: K. Y. Srinivasan <kys(a)microsoft.com> Cc: Stephen Hemminger <sthemmin(a)microsoft.com> Cc: Michael Kelley <mikelley(a)microsoft.com> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> --- drivers/hv/channel.c | 40 +++++++++++++++++++++++---------------- drivers/hv/channel_mgmt.c | 6 ++++++ include/linux/hyperv.h | 2 ++ 3 files changed, 32 insertions(+), 16 deletions(-) diff --git a/drivers/hv/channel.c b/drivers/hv/channel.c index ba0a092ae085..c3949220b770 100644 --- a/drivers/hv/channel.c +++ b/drivers/hv/channel.c @@ -558,11 +558,8 @@ static void reset_channel_cb(void *arg) channel->onchannel_callback = NULL; } -static int vmbus_close_internal(struct vmbus_channel *channel) +void vmbus_reset_channel_cb(struct vmbus_channel *channel) { - struct vmbus_channel_close_channel *msg; - int ret; - /* * vmbus_on_event(), running in the per-channel tasklet, can race * with vmbus_close_internal() in the case of SMP guest, e.g., when @@ -572,6 +569,29 @@ static int vmbus_close_internal(struct vmbus_channel *channel) */ tasklet_disable(&channel->callback_event); + channel->sc_creation_callback = NULL; + + /* Stop the callback asap */ + if (channel->target_cpu != get_cpu()) { + put_cpu(); + smp_call_function_single(channel->target_cpu, reset_channel_cb, + channel, true); + } else { + reset_channel_cb(channel); + put_cpu(); + } + + /* Re-enable tasklet for use on re-open */ + tasklet_enable(&channel->callback_event); +} + +static int vmbus_close_internal(struct vmbus_channel *channel) +{ + struct vmbus_channel_close_channel *msg; + int ret; + + vmbus_reset_channel_cb(channel); + /* * In case a device driver's probe() fails (e.g., * util_probe() -> vmbus_open() returns -ENOMEM) and the device is @@ -585,16 +605,6 @@ static int vmbus_close_internal(struct vmbus_channel *channel) } channel->state = CHANNEL_OPEN_STATE; - channel->sc_creation_callback = NULL; - /* Stop callback and cancel the timer asap */ - if (channel->target_cpu != get_cpu()) { - put_cpu(); - smp_call_function_single(channel->target_cpu, reset_channel_cb, - channel, true); - } else { - reset_channel_cb(channel); - put_cpu(); - } /* Send a closing message */ @@ -639,8 +649,6 @@ static int vmbus_close_internal(struct vmbus_channel *channel) get_order(channel->ringbuffer_pagecount * PAGE_SIZE)); out: - /* re-enable tasklet for use on re-open */ - tasklet_enable(&channel->callback_event); return ret; } diff --git a/drivers/hv/channel_mgmt.c b/drivers/hv/channel_mgmt.c index f3b551a50653..0f0e091c117c 100644 --- a/drivers/hv/channel_mgmt.c +++ b/drivers/hv/channel_mgmt.c @@ -892,6 +892,12 @@ static void vmbus_onoffer_rescind(struct vmbus_channel_message_header *hdr) return; } + /* + * Before setting channel->rescind in vmbus_rescind_cleanup(), we + * should make sure the channel callback is not running any more. + */ + vmbus_reset_channel_cb(channel); + /* * Now wait for offer handling to complete. */ diff --git a/include/linux/hyperv.h b/include/linux/hyperv.h index 2330f08062c7..efda23cf32c7 100644 --- a/include/linux/hyperv.h +++ b/include/linux/hyperv.h @@ -1061,6 +1061,8 @@ extern int vmbus_establish_gpadl(struct vmbus_channel *channel, extern int vmbus_teardown_gpadl(struct vmbus_channel *channel, u32 gpadl_handle); +void vmbus_reset_channel_cb(struct vmbus_channel *channel); + extern int vmbus_recvpacket(struct vmbus_channel *channel, void *buffer, u32 bufferlen, -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH] sched/deadline: Update rq_clock of later_rq when pushing a task

by Daniel Bristot de Oliveira

Daniel Casini got this warn while running a DL task here at RetisLab: [ 461.137582] ------------[ cut here ]------------ [ 461.137583] rq->clock_update_flags < RQCF_ACT_SKIP [ 461.137599] WARNING: CPU: 4 PID: 2354 at kernel/sched/sched.h:967 assert_clock_updated.isra.32.part.33+0x17/0x20 [a ton of modules] [ 461.137646] CPU: 4 PID: 2354 Comm: label_image Not tainted 4.18.0-rc4+ #3 [ 461.137647] Hardware name: ASUS All Series/Z87-K, BIOS 0801 09/02/2013 [ 461.137649] RIP: 0010:assert_clock_updated.isra.32.part.33+0x17/0x20 [ 461.137649] Code: ff 48 89 83 08 09 00 00 eb c6 66 0f 1f 84 00 00 00 00 00 55 48 c7 c7 98 7a 6c a5 c6 05 bc 0d 54 01 01 48 89 e5 e8 a9 84 fb ff <0f> 0b 5d c3 0f 1f 44 00 00 0f 1f 44 00 00 83 7e 60 01 74 0a 48 3b [ 461.137673] RSP: 0018:ffffa77e08cafc68 EFLAGS: 00010082 [ 461.137674] RAX: 0000000000000000 RBX: ffff8b3fc1702d80 RCX: 0000000000000006 [ 461.137674] RDX: 0000000000000007 RSI: 0000000000000096 RDI: ffff8b3fded164b0 [ 461.137675] RBP: ffffa77e08cafc68 R08: 0000000000000026 R09: 0000000000000339 [ 461.137676] R10: ffff8b3fd060d410 R11: 0000000000000026 R12: ffffffffa4e14e20 [ 461.137677] R13: ffff8b3fdec22940 R14: ffff8b3fc1702da0 R15: ffff8b3fdec22940 [ 461.137678] FS: 00007efe43ee5700(0000) GS:ffff8b3fded00000(0000) knlGS:0000000000000000 [ 461.137679] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 461.137680] CR2: 00007efe30000010 CR3: 0000000301744003 CR4: 00000000001606e0 [ 461.137680] Call Trace: [ 461.137684] push_dl_task.part.46+0x3bc/0x460 [ 461.137686] task_woken_dl+0x60/0x80 [ 461.137689] ttwu_do_wakeup+0x4f/0x150 [ 461.137690] ttwu_do_activate+0x77/0x80 [ 461.137692] try_to_wake_up+0x1d6/0x4c0 [ 461.137693] wake_up_q+0x32/0x70 [ 461.137696] do_futex+0x7e7/0xb50 [ 461.137698] __x64_sys_futex+0x8b/0x180 [ 461.137701] do_syscall_64+0x5a/0x110 [ 461.137703] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 461.137705] RIP: 0033:0x7efe4918ca26 [ 461.137705] Code: 00 00 00 74 17 49 8b 48 20 44 8b 59 10 41 83 e3 30 41 83 fb 20 74 1e be 85 00 00 00 41 ba 01 00 00 00 41 b9 01 00 00 04 0f 05 <48> 3d 01 f0 ff ff 73 1f 31 c0 c3 be 8c 00 00 00 49 89 c8 4d 31 d2 [ 461.137738] RSP: 002b:00007efe43ee4928 EFLAGS: 00000283 ORIG_RAX: 00000000000000ca [ 461.137739] RAX: ffffffffffffffda RBX: 0000000005094df0 RCX: 00007efe4918ca26 [ 461.137740] RDX: 0000000000000001 RSI: 0000000000000085 RDI: 0000000005094e24 [ 461.137741] RBP: 00007efe43ee49c0 R08: 0000000005094e20 R09: 0000000004000001 [ 461.137741] R10: 0000000000000001 R11: 0000000000000283 R12: 0000000000000000 [ 461.137742] R13: 0000000005094df8 R14: 0000000000000001 R15: 0000000000448a10 [ 461.137743] ---[ end trace 187df4cad2bf7649 ]--- This warning was caused in the push_dl_task(), because the rq_clock of the later_rq was used by cpufreq_update_util() inside __add_running_bw(), before its update at activate_task(). The fix then is to update the clock before calling add_running_bw. To avoid double rq_clock_update(), we set ENQUEUE_NOCLOCK flag to activate_task(). Reported-by: Daniel Casini <daniel.casini(a)santannapisa.it> Signed-off-by: Daniel Bristot de Oliveira <bristot(a)redhat.com> Cc: Juri Lelli <juri.lelli(a)arm.com> Cc: Luca Abeni <luca.abeni(a)santannapisa.it> Cc: Tommaso Cucinotta <tommaso.cucinotta(a)sssup.it> Cc: Steven Rostedt <rostedt(a)goodmis.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Ingo Molnar <mingo(a)kernel.org> Cc: linux-kernel(a)vger.kernel.org Cc: <stable(a)vger.kernel.org> # 4.16+ Fixes: e0367b12674b sched/deadline: Move CPU frequency selection triggering points --- kernel/sched/deadline.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/kernel/sched/deadline.c b/kernel/sched/deadline.c index fbfc3f1d368a..e733c15b7695 100644 --- a/kernel/sched/deadline.c +++ b/kernel/sched/deadline.c @@ -2090,8 +2090,16 @@ static int push_dl_task(struct rq *rq) sub_rq_bw(&next_task->dl, &rq->dl); set_task_cpu(next_task, later_rq->cpu); add_rq_bw(&next_task->dl, &later_rq->dl); + + /* + * Update the later_rq clock here, because the clock is used + * by the cpufreq_update_util() inside __add_running_bw(). + * Then, set ENQUEUE_NOCLOCK flag to avoid updating the rq_clock + * again in the activate_task()->enqueue_task(). + */ + update_rq_clock(later_rq); add_running_bw(&next_task->dl, &later_rq->dl); - activate_task(later_rq, next_task, 0); + activate_task(later_rq, next_task, ENQUEUE_NOCLOCK); ret = 1; resched_curr(later_rq); -- 2.17.1

7 years, 1 month

4
4
0 0

requests for inclusion in 4.14.y

by Eduardo Valentin

Hey Greg, Can you please include the following fixes on stable 4.14.y? https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… All of the above are straight forward cherry-picks. -- All the best, Eduardo Valentin

7 years, 1 month

4
4
0 0

Re: FAILED: patch "[PATCH] nvmet-fc: fix target sgl list on large transfers" failed to apply to 4.14-stable tree

by James Smart

On 7/30/2018 12:56 AM, gregkh(a)linuxfoundation.org wrote: > > The patch below does not apply to the 4.14-stable tree. > If someone wants it applied there, or to any other stable or longterm > tree, then please email the backport, including the original git commit > id to <stable(a)vger.kernel.org>. > > thanks, > > greg k-h > > (snip) Here's the patch revised for stable 4.14.y -- james ------------------ From: James Smart <jsmart2021(a)gmail.com> commit d082dc1562a2ff0947b214796f12faaa87e816a9 upstream. The existing code to carve up the sg list expected an sg element-per-page which can be very incorrect with iommu's remapping multiple memory pages to fewer bus addresses. To hit this error required a large io payload (greater than 256k) and a system that maps on a per-page basis. It's possible that large ios could get by fine if the system condensed the sgl list into the first 64 elements. This patch corrects the sg list handling by specifically walking the sg list element by element and attempting to divide the transfer up on a per-sg element boundary. While doing so, it still tries to keep sequences under 256k, but will exceed that rule if a single sg element is larger than 256k. Fixes: 48fa362b6c3f ("nvmet-fc: simplify sg list handling") Cc: <stable(a)vger.kernel.org> # 4.14 Signed-off-by: James Smart <james.smart(a)broadcom.com> Signed-off-by: Christoph Hellwig <hch(a)lst.de> --- stable 4.14.y patch adjusted for deltas made by upstream commit 5e62d5c993e6889cd314d5b5de6b670152109a0e that are not in the stable tree. --- drivers/nvme/target/fc.c | 44 +++++++++++++++++++++++++++++++++++--------- 1 file changed, 35 insertions(+), 9 deletions(-) diff --git a/drivers/nvme/target/fc.c b/drivers/nvme/target/fc.c index 8e21211b904b..b7a5d1065378 100644 --- a/drivers/nvme/target/fc.c +++ b/drivers/nvme/target/fc.c @@ -58,8 +58,8 @@ struct nvmet_fc_ls_iod { struct work_struct work; } __aligned(sizeof(unsigned long long)); +/* desired maximum for a single sequence - if sg list allows it */ #define NVMET_FC_MAX_SEQ_LENGTH (256 * 1024) -#define NVMET_FC_MAX_XFR_SGENTS (NVMET_FC_MAX_SEQ_LENGTH / PAGE_SIZE) enum nvmet_fcp_datadir { NVMET_FCP_NODATA, @@ -74,6 +74,7 @@ struct nvmet_fc_fcp_iod { struct nvme_fc_cmd_iu cmdiubuf; struct nvme_fc_ersp_iu rspiubuf; dma_addr_t rspdma; + struct scatterlist *next_sg; struct scatterlist *data_sg; int data_sg_cnt; u32 total_length; @@ -1000,8 +1001,7 @@ nvmet_fc_register_targetport(struct nvmet_fc_port_info *pinfo, INIT_LIST_HEAD(&newrec->assoc_list); kref_init(&newrec->ref); ida_init(&newrec->assoc_cnt); - newrec->max_sg_cnt = min_t(u32, NVMET_FC_MAX_XFR_SGENTS, - template->max_sgl_segments); + newrec->max_sg_cnt = template->max_sgl_segments; ret = nvmet_fc_alloc_ls_iodlist(newrec); if (ret) { @@ -1717,6 +1717,7 @@ nvmet_fc_alloc_tgt_pgs(struct nvmet_fc_fcp_iod *fod) ((fod->io_dir == NVMET_FCP_WRITE) ? DMA_FROM_DEVICE : DMA_TO_DEVICE)); /* note: write from initiator perspective */ + fod->next_sg = fod->data_sg; return 0; @@ -1874,24 +1875,49 @@ nvmet_fc_transfer_fcp_data(struct nvmet_fc_tgtport *tgtport, struct nvmet_fc_fcp_iod *fod, u8 op) { struct nvmefc_tgt_fcp_req *fcpreq = fod->fcpreq; + struct scatterlist *sg = fod->next_sg; unsigned long flags; - u32 tlen; + u32 remaininglen = fod->total_length - fod->offset; + u32 tlen = 0; int ret; fcpreq->op = op; fcpreq->offset = fod->offset; fcpreq->timeout = NVME_FC_TGTOP_TIMEOUT_SEC; - tlen = min_t(u32, tgtport->max_sg_cnt * PAGE_SIZE, - (fod->total_length - fod->offset)); + /* + * for next sequence: + * break at a sg element boundary + * attempt to keep sequence length capped at + * NVMET_FC_MAX_SEQ_LENGTH but allow sequence to + * be longer if a single sg element is larger + * than that amount. This is done to avoid creating + * a new sg list to use for the tgtport api. + */ + fcpreq->sg = sg; + fcpreq->sg_cnt = 0; + while (tlen < remaininglen && + fcpreq->sg_cnt < tgtport->max_sg_cnt && + tlen + sg_dma_len(sg) < NVMET_FC_MAX_SEQ_LENGTH) { + fcpreq->sg_cnt++; + tlen += sg_dma_len(sg); + sg = sg_next(sg); + } + if (tlen < remaininglen && fcpreq->sg_cnt == 0) { + fcpreq->sg_cnt++; + tlen += min_t(u32, sg_dma_len(sg), remaininglen); + sg = sg_next(sg); + } + if (tlen < remaininglen) + fod->next_sg = sg; + else + fod->next_sg = NULL; + fcpreq->transfer_length = tlen; fcpreq->transferred_length = 0; fcpreq->fcp_error = 0; fcpreq->rsplen = 0; - fcpreq->sg = &fod->data_sg[fod->offset / PAGE_SIZE]; - fcpreq->sg_cnt = DIV_ROUND_UP(tlen, PAGE_SIZE); - /* * If the last READDATA request: check if LLDD supports * combined xfr with response. -- 2.13.1

7 years, 1 month

1
0
0 0

[PATCH rdma-next v4 3/3] RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq

by Kees Cook

From: Leon Romanovsky <leonro(a)mellanox.com> [ 61.182439] UBSAN: Undefined behaviour in drivers/infiniband/hw/mlx5/qp.c:5366:34 [ 61.183673] shift exponent 4294967288 is too large for 32-bit type 'unsigned int' [ 61.185530] CPU: 0 PID: 639 Comm: qp Not tainted 4.18.0-rc1-00037-g4aa1d69a9c60-dirty #96 [ 61.186981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-2.fc27 04/01/2014 [ 61.188315] Call Trace: [ 61.188661] dump_stack+0xc7/0x13b [ 61.190427] ubsan_epilogue+0x9/0x49 [ 61.190899] __ubsan_handle_shift_out_of_bounds+0x1ea/0x22f [ 61.197040] mlx5_ib_create_wq+0x1c99/0x1d50 [ 61.206632] ib_uverbs_ex_create_wq+0x499/0x820 [ 61.213892] ib_uverbs_write+0x77e/0xae0 [ 61.248018] vfs_write+0x121/0x3b0 [ 61.249831] ksys_write+0xa1/0x120 [ 61.254024] do_syscall_64+0x7c/0x2a0 [ 61.256178] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 61.259211] RIP: 0033:0x7f54bab70e99 [ 61.262125] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 [ 61.268678] RSP: 002b:00007ffe1541c318 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 61.271076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f54bab70e99 [ 61.273795] RDX: 0000000000000070 RSI: 0000000020000240 RDI: 0000000000000003 [ 61.276982] RBP: 00007ffe1541c330 R08: 00000000200078e0 R09: 0000000000000002 [ 61.280035] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004005c0 [ 61.283279] R13: 00007ffe1541c420 R14: 0000000000000000 R15: 0000000000000000 Cc: <stable(a)vger.kernel.org> # 4.7 Fixes: 79b20a6c3014 ("IB/mlx5: Add receive Work Queue verbs") Cc: syzkaller <syzkaller(a)googlegroups.com> Reported-by: Noa Osherovich <noaos(a)mellanox.com> Signed-off-by: Leon Romanovsky <leonro(a)mellanox.com> Signed-off-by: Kees Cook <keescook(a)chromium.org> --- drivers/infiniband/hw/mlx5/qp.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/infiniband/hw/mlx5/qp.c b/drivers/infiniband/hw/mlx5/qp.c index a4f1f638509f..fa3c315f6d94 100644 --- a/drivers/infiniband/hw/mlx5/qp.c +++ b/drivers/infiniband/hw/mlx5/qp.c @@ -5365,7 +5365,9 @@ static int set_user_rq_size(struct mlx5_ib_dev *dev, rwq->wqe_count = ucmd->rq_wqe_count; rwq->wqe_shift = ucmd->rq_wqe_shift; - rwq->buf_size = (rwq->wqe_count << rwq->wqe_shift); + if (check_shl_overflow(rwq->wqe_count, rwq->wqe_shift, &rwq->buf_size)) + return -EINVAL; + rwq->log_rq_stride = rwq->wqe_shift; rwq->log_rq_size = ilog2(rwq->wqe_count); return 0; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v4 8/8] drm/nouveau: Call pm_runtime_get_noresume() from hpd handlers

by Lyude Paul

We can't and don't need to try resuming the device from our hotplug handlers, but hotplug events are generally something we'd like to keep the device awake for whenever possible. So, grab a PM ref safely in our hotplug handlers using pm_runtime_get_noresume() and mark the device as busy once we're finished. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 8409c3f2c3a1..5a8e8c1ad647 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -1152,6 +1152,11 @@ nouveau_connector_hotplug(struct nvif_notify *notify) const char *name = connector->name; struct nouveau_encoder *nv_encoder; + /* Resuming the device here isn't possible; but the suspend PM ops + * will wait for us to finish our work before disabling us so this + * should be enough + */ + pm_runtime_get_noresume(drm->dev->dev); nv_connector->hpd_task = current; if (rep->mask & NVIF_NOTIFY_CONN_V0_IRQ) { @@ -1171,6 +1176,9 @@ nouveau_connector_hotplug(struct nvif_notify *notify) } nv_connector->hpd_task = NULL; + + pm_runtime_mark_last_busy(drm->dev->dev); + pm_runtime_put_autosuspend(drm->dev->dev); return NVIF_NOTIFY_KEEP; } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v4 6/8] drm/nouveau: Respond to HPDs by probing one conn at a time

by Lyude Paul

There isn't actually any reason we need to call drm_hpd_irq_event() from our hotplug handler, as we already know which connector the hotplug event was fired for. We're also going to need to avoid probing all connectors needlessly from hotplug handlers anyway so that we can track when nouveau_connector_detect() is being called from the context of it's connector's hotplug handler in order to fix the next deadlocking issue. This is (slightly) faster anyway! Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 28 ++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 010d6db14cba..9714e09f17db 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -1114,6 +1114,32 @@ nouveau_connector_funcs_lvds = { .atomic_get_property = nouveau_conn_atomic_get_property, }; +static void +nouveau_connector_hotplug_probe(struct nouveau_connector *nv_conn) +{ + struct drm_modeset_acquire_ctx ctx; + struct drm_connector *conn = &nv_conn->base; + enum drm_connector_status old_status; + struct drm_device *dev = conn->dev; + bool changed; + + mutex_lock(&dev->mode_config.mutex); + + drm_modeset_acquire_init(&ctx, 0); + drm_modeset_lock(&dev->mode_config.connection_mutex, &ctx); + + old_status = conn->status; + conn->status = drm_helper_probe_detect(conn, &ctx, true); + changed = old_status != conn->status; + + drm_modeset_drop_locks(&ctx); + drm_modeset_acquire_fini(&ctx); + mutex_unlock(&dev->mode_config.mutex); + + if (changed) + drm_kms_helper_hotplug_event(dev); +} + static int nouveau_connector_hotplug(struct nvif_notify *notify) { @@ -1138,7 +1164,7 @@ nouveau_connector_hotplug(struct nvif_notify *notify) nv50_mstm_remove(nv_encoder->dp.mstm); } - drm_helper_hpd_irq_event(connector->dev); + nouveau_connector_hotplug_probe(nv_connector); } return NVIF_NOTIFY_KEEP; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v4 5/8] drm/nouveau: Use pm_runtime_get_noresume() in connector_detect()

by Lyude Paul

It's true we can't resume the device from poll workers in nouveau_connector_detect(). We can however, prevent the autosuspend timer from elapsing immediately if it hasn't already without risking any sort of deadlock with the runtime suspend/resume operations. So do that instead of entirely avoiding grabbing a power reference. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 2a45b4c2ceb0..010d6db14cba 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -572,12 +572,16 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) nv_connector->edid = NULL; } - /* Outputs are only polled while runtime active, so acquiring a - * runtime PM ref here is unnecessary (and would deadlock upon - * runtime suspend because it waits for polling to finish). + /* Outputs are only polled while runtime active, so resuming the + * device here is unnecessary (and would deadlock upon runtime suspend + * because it waits for polling to finish). We do however, want to + * prevent the autosuspend timer from elapsing during this operation + * if possible. */ - if (!drm_kms_helper_is_poll_worker()) { - ret = pm_runtime_get_sync(connector->dev->dev); + if (drm_kms_helper_is_poll_worker()) { + pm_runtime_get_noresume(dev->dev); + } else { + ret = pm_runtime_get_sync(dev->dev); if (ret < 0 && ret != -EACCES) return conn_status; } @@ -655,10 +659,8 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) out: - if (!drm_kms_helper_is_poll_worker()) { - pm_runtime_mark_last_busy(connector->dev->dev); - pm_runtime_put_autosuspend(connector->dev->dev); - } + pm_runtime_mark_last_busy(dev->dev); + pm_runtime_put_autosuspend(dev->dev); return conn_status; } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v4 4/8] drm/nouveau: Fix deadlock with fb_helper using new helpers

by Lyude Paul

This removes the potential of deadlocking with fb_helper entirely by preventing it from handling hotplugs during the runtime suspend process as early as possible in the suspend process. If it turns out this is not possible, due to some fb_helper action having been queued up before we got a time to disable hotplugging, we simply return -EBUSY so that the runtime PM core attempts autosuspending the device again once fb_helper isn't doing anything. This fixes one of the issues causing deadlocks on runtime suspend/resume with nouveau on my P50. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_drm.c | 8 ++++++++ drivers/gpu/drm/nouveau/nouveau_fbcon.c | 1 + 2 files changed, 9 insertions(+) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index ee2546db09c9..d47cb5b2af98 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -836,6 +836,14 @@ nouveau_pmops_runtime_suspend(struct device *dev) return -EBUSY; } + /* There's no way for us to stop fb_helper work in reaction to + * hotplugs later in the RPM process. First off: we don't want to, + * fb_helper should be able to keep the GPU awake. Second off: it is + * capable of grabbing basically any lock in existence. + */ + if (!drm_fb_helper_suspend_hotplug(drm_dev->fb_helper)) + return -EBUSY; + nouveau_switcheroo_optimus_dsm(); ret = nouveau_do_suspend(drm_dev, true); pci_save_state(pdev); diff --git a/drivers/gpu/drm/nouveau/nouveau_fbcon.c b/drivers/gpu/drm/nouveau/nouveau_fbcon.c index 85c1f10bc2b6..963ba630fd04 100644 --- a/drivers/gpu/drm/nouveau/nouveau_fbcon.c +++ b/drivers/gpu/drm/nouveau/nouveau_fbcon.c @@ -466,6 +466,7 @@ nouveau_fbcon_set_suspend_work(struct work_struct *work) console_unlock(); if (state == FBINFO_STATE_RUNNING) { + drm_fb_helper_resume_hotplug(drm->dev->fb_helper); pm_runtime_mark_last_busy(drm->dev->dev); pm_runtime_put_sync(drm->dev->dev); } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v4 3/8] drm/fb_helper: Introduce suspend/resume_hotplug()

by Lyude Paul

I'm sure I don't need to tell you that fb_helper's locking is a mess. That being said; fb_helper's locking mess can seriously complicate the runtime suspend/resume operations of drivers because it can invoke atomic commits and connector probing from anywhere that calls drm_fb_helper_hotplug_event(). Since most drivers use drm_fb_helper_output_poll_changed() as their output_poll_changed handler, this can happen in every single context that can fire off a hotplug event. An example: [ 246.669625] INFO: task kworker/4:0:37 blocked for more than 120 seconds. [ 246.673398] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.675271] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.676527] kworker/4:0 D 0 37 2 0x80000000 [ 246.677580] Workqueue: events output_poll_execute [drm_kms_helper] [ 246.678704] Call Trace: [ 246.679753] __schedule+0x322/0xaf0 [ 246.680916] schedule+0x33/0x90 [ 246.681924] schedule_preempt_disabled+0x15/0x20 [ 246.683023] __mutex_lock+0x569/0x9a0 [ 246.684035] ? kobject_uevent_env+0x117/0x7b0 [ 246.685132] ? drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.686179] mutex_lock_nested+0x1b/0x20 [ 246.687278] ? mutex_lock_nested+0x1b/0x20 [ 246.688307] drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.689420] drm_fb_helper_output_poll_changed+0x23/0x30 [drm_kms_helper] [ 246.690462] drm_kms_helper_hotplug_event+0x2a/0x30 [drm_kms_helper] [ 246.691570] output_poll_execute+0x198/0x1c0 [drm_kms_helper] [ 246.692611] process_one_work+0x231/0x620 [ 246.693725] worker_thread+0x214/0x3a0 [ 246.694756] kthread+0x12b/0x150 [ 246.695856] ? wq_pool_ids_show+0x140/0x140 [ 246.696888] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.697998] ret_from_fork+0x3a/0x50 [ 246.699034] INFO: task kworker/0:1:60 blocked for more than 120 seconds. [ 246.700153] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.701182] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.702278] kworker/0:1 D 0 60 2 0x80000000 [ 246.703293] Workqueue: pm pm_runtime_work [ 246.704393] Call Trace: [ 246.705403] __schedule+0x322/0xaf0 [ 246.706439] ? wait_for_completion+0x104/0x190 [ 246.707393] schedule+0x33/0x90 [ 246.708375] schedule_timeout+0x3a5/0x590 [ 246.709289] ? mark_held_locks+0x58/0x80 [ 246.710208] ? _raw_spin_unlock_irq+0x2c/0x40 [ 246.711222] ? wait_for_completion+0x104/0x190 [ 246.712134] ? trace_hardirqs_on_caller+0xf4/0x190 [ 246.713094] ? wait_for_completion+0x104/0x190 [ 246.713964] wait_for_completion+0x12c/0x190 [ 246.714895] ? wake_up_q+0x80/0x80 [ 246.715727] ? get_work_pool+0x90/0x90 [ 246.716649] flush_work+0x1c9/0x280 [ 246.717483] ? flush_workqueue_prep_pwqs+0x1b0/0x1b0 [ 246.718442] __cancel_work_timer+0x146/0x1d0 [ 246.719247] cancel_delayed_work_sync+0x13/0x20 [ 246.720043] drm_kms_helper_poll_disable+0x1f/0x30 [drm_kms_helper] [ 246.721123] nouveau_pmops_runtime_suspend+0x3d/0xb0 [nouveau] [ 246.721897] pci_pm_runtime_suspend+0x6b/0x190 [ 246.722825] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.723737] __rpm_callback+0x7a/0x1d0 [ 246.724721] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.725607] rpm_callback+0x24/0x80 [ 246.726553] ? pci_has_legacy_pm_support+0x70/0x70 [ 246.727376] rpm_suspend+0x142/0x6b0 [ 246.728185] pm_runtime_work+0x97/0xc0 [ 246.728938] process_one_work+0x231/0x620 [ 246.729796] worker_thread+0x44/0x3a0 [ 246.730614] kthread+0x12b/0x150 [ 246.731395] ? wq_pool_ids_show+0x140/0x140 [ 246.732202] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.732878] ret_from_fork+0x3a/0x50 [ 246.733768] INFO: task kworker/4:2:422 blocked for more than 120 seconds. [ 246.734587] Not tainted 4.18.0-rc5Lyude-Test+ #2 [ 246.735393] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 246.736113] kworker/4:2 D 0 422 2 0x80000080 [ 246.736789] Workqueue: events_long drm_dp_mst_link_probe_work [drm_kms_helper] [ 246.737665] Call Trace: [ 246.738490] __schedule+0x322/0xaf0 [ 246.739250] schedule+0x33/0x90 [ 246.739908] rpm_resume+0x19c/0x850 [ 246.740750] ? finish_wait+0x90/0x90 [ 246.741541] __pm_runtime_resume+0x4e/0x90 [ 246.742370] nv50_disp_atomic_commit+0x31/0x210 [nouveau] [ 246.743124] drm_atomic_commit+0x4a/0x50 [drm] [ 246.743775] restore_fbdev_mode_atomic+0x1c8/0x240 [drm_kms_helper] [ 246.744603] restore_fbdev_mode+0x31/0x140 [drm_kms_helper] [ 246.745373] drm_fb_helper_restore_fbdev_mode_unlocked+0x54/0xb0 [drm_kms_helper] [ 246.746220] drm_fb_helper_set_par+0x2d/0x50 [drm_kms_helper] [ 246.746884] drm_fb_helper_hotplug_event.part.28+0x96/0xb0 [drm_kms_helper] [ 246.747675] drm_fb_helper_output_poll_changed+0x23/0x30 [drm_kms_helper] [ 246.748544] drm_kms_helper_hotplug_event+0x2a/0x30 [drm_kms_helper] [ 246.749439] nv50_mstm_hotplug+0x15/0x20 [nouveau] [ 246.750111] drm_dp_send_link_address+0x177/0x1c0 [drm_kms_helper] [ 246.750764] drm_dp_check_and_send_link_address+0xa8/0xd0 [drm_kms_helper] [ 246.751602] drm_dp_mst_link_probe_work+0x51/0x90 [drm_kms_helper] [ 246.752314] process_one_work+0x231/0x620 [ 246.752979] worker_thread+0x44/0x3a0 [ 246.753838] kthread+0x12b/0x150 [ 246.754619] ? wq_pool_ids_show+0x140/0x140 [ 246.755386] ? kthread_create_worker_on_cpu+0x70/0x70 [ 246.756162] ret_from_fork+0x3a/0x50 [ 246.756847] Showing all locks held in the system: [ 246.758261] 3 locks held by kworker/4:0/37: [ 246.759016] #0: 00000000f8df4d2d ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.759856] #1: 00000000e6065461 ((work_completion)(&(&dev->mode_config.output_poll_work)->work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.760670] #2: 00000000cb66735f (&helper->lock){+.+.}, at: drm_fb_helper_hotplug_event.part.28+0x20/0xb0 [drm_kms_helper] [ 246.761516] 2 locks held by kworker/0:1/60: [ 246.762274] #0: 00000000fff6be0f ((wq_completion)"pm"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.762982] #1: 000000005ab44fb4 ((work_completion)(&dev->power.work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.763890] 1 lock held by khungtaskd/64: [ 246.764664] #0: 000000008cb8b5c3 (rcu_read_lock){....}, at: debug_show_all_locks+0x23/0x185 [ 246.765588] 5 locks held by kworker/4:2/422: [ 246.766440] #0: 00000000232f0959 ((wq_completion)"events_long"){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.767390] #1: 00000000bb59b134 ((work_completion)(&mgr->work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 246.768154] #2: 00000000cb66735f (&helper->lock){+.+.}, at: drm_fb_helper_restore_fbdev_mode_unlocked+0x4c/0xb0 [drm_kms_helper] [ 246.768966] #3: 000000004c8f0b6b (crtc_ww_class_acquire){+.+.}, at: restore_fbdev_mode_atomic+0x4b/0x240 [drm_kms_helper] [ 246.769921] #4: 000000004c34a296 (crtc_ww_class_mutex){+.+.}, at: drm_modeset_backoff+0x8a/0x1b0 [drm] [ 246.770839] 1 lock held by dmesg/1038: [ 246.771739] 2 locks held by zsh/1172: [ 246.772650] #0: 00000000836d0438 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 246.773680] #1: 000000001f4f4d48 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0xc1/0x870 [ 246.775522] ============================================= Because of this, there's an unreasonable number of places that drm drivers would need to insert special handling to prevent trying to resume the device from all of these contexts that can deadlock. It's difficult even to try synchronizing with fb_helper in these contexts as well, since any of them could introduce a deadlock by waiting to acquire the top-level fb_helper mutex, while it's being held by another thread that might potentially call down to pm_runtime_get_sync(). Luckily-there's no actual reason we need to allow fb_helper to handle hotplugging at all when runtime suspending a device. If a hotplug happens during a runtime suspend operation, there's no reason the driver can't just re-enable fbcon's hotplug handling and bring it up to speed with hotplugging events it may have missed by calling drm_fb_helper_hotplug_event(). So, let's make this easy and just add helpers to handle disabling and enabling fb_helper connector probing() without having to potentially wait on fb_helper to finish it's work. This will let us fix the runtime suspend/resume deadlocks that we've been experiencing with nouveau, along with being able to fix some of the incorrect runtime PM core interaction that other DRM drivers currently perform to work around these issues. Changes since v3: - Actually check if fb_helper is NULL in both new helpers - Actually check drm_fbdev_emulation in both new helpers - Don't fire off a fb_helper hotplug unconditionally; only do it if the following conditions are true (as otherwise, calling this in the wrong spot will cause Bad Things to happen): - fb_helper hotplug handling was actually inhibited previously - fb_helper actually has a delayed hotplug pending - fb_helper is actually bound - fb_helper is actually initialized - Add __must_check to drm_fb_helper_suspend_hotplug(). There's no situation where a driver would actually want to use this without checking the return value, so enforce that - Rewrite and clarify the documentation for both helpers. - Make sure to return true in the drm_fb_helper_suspend_hotplug() stub that's provided in drm_fb_helper.h when CONFIG_DRM_FBDEV_EMULATION isn't enabled - Actually grab the toplevel fb_helper lock in drm_fb_helper_resume_hotplug(), since it's possible other activity (such as a hotplug) could be going on at the same time the driver calls drm_fb_helper_resume_hotplug(). We need this to check whether or not drm_fb_helper_hotplug_event() needs to be called anyway Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/drm_fb_helper.c | 123 +++++++++++++++++++++++++++++++- include/drm/drm_fb_helper.h | 22 ++++++ 2 files changed, 144 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/drm_fb_helper.c b/drivers/gpu/drm/drm_fb_helper.c index 2ee1eaa66188..b5f1dee0c3a0 100644 --- a/drivers/gpu/drm/drm_fb_helper.c +++ b/drivers/gpu/drm/drm_fb_helper.c @@ -84,6 +84,11 @@ static DEFINE_MUTEX(kernel_fb_helper_lock); * For suspend/resume consider using drm_mode_config_helper_suspend() and * drm_mode_config_helper_resume() which takes care of fbdev as well. * + * For runtime suspend and runtime resume, drivers which need to disable + * normal hotplug handling should consider using + * drm_fb_helper_suspend_hotplug() and drm_fb_helper_resume_hotplug() to + * avoid deadlocking with fb_helper's hotplug handling. + * * All other functions exported by the fb helper library can be used to * implement the fbdev driver interface by the driver. * @@ -2733,6 +2738,118 @@ int drm_fb_helper_initial_config(struct drm_fb_helper *fb_helper, int bpp_sel) } EXPORT_SYMBOL(drm_fb_helper_initial_config); +/** + * drm_fb_helper_resume_hotplug - Uninhibit fb_helper hotplug handling + * @fb_helper: driver-allocated fbdev helper, can be NULL + * + * Uninhibit fb_helper's hotplug handling after it was previously inhibited by + * a call to drm_fb_helper_suspend_hotplug(). Unlike + * drm_fb_helper_suspend_hotplug(), this function will wait on + * fb_helper->lock. + * + * This helper will take care of handling any hotplug events that happened + * while fb_helper's hotplug handling was suspended. Since this possibly + * implies a call to drm_fb_helper_hotplug_event(), care must be taken when + * calling this function as it may initiate a modeset. + * + * Please note that this function is different from + * drm_fb_helper_set_suspend(). It does not resume fb_helper, it only allows + * fb_helper to probe connectors in response to changes to the device's + * connector configuration if this functionality was previously disabled by + * drm_fb_helper_suspend_hotplug(). Generally, a driver will only want to call + * this in it's runtime resume callbacks. + * + * Drivers calling drm_fb_helper_suspend_hotplug() must make sure to call this + * somewhere in their runtime resume callbacks. + * + * See also: drm_fb_helper_suspend_hotplug() + */ +void +drm_fb_helper_resume_hotplug(struct drm_fb_helper *fb_helper) +{ + bool changed; + + if (!drm_fbdev_emulation || !fb_helper) + return; + + mutex_lock(&fb_helper->lock); + + changed = !fb_helper->deferred_setup && + fb_helper->fb && + drm_fb_helper_is_bound(fb_helper) && + fb_helper->hotplug_suspended && + fb_helper->delayed_hotplug; + if (changed) + fb_helper->delayed_hotplug = false; + + fb_helper->hotplug_suspended = false; + + mutex_unlock(&fb_helper->lock); + + if (changed) + drm_fb_helper_hotplug_event(fb_helper); +} +EXPORT_SYMBOL(drm_fb_helper_resume_hotplug); + +/** + * drm_fb_helper_suspend_hotplug - Attempt to temporarily suspend fb_helper's + * hotplug handling + * @fb_helper: driver-allocated fbdev helper, can be NULL + * + * Temporarily inhibit fb_helper from responding to connector changes without + * blocking on fb_helper->lock, if possible. This can be called by a DRM + * driver early on in it's runtime suspend callback to both check whether or + * not fb_helper is still busy, and prevent hotplugs that might occur part-way + * through the runtime suspend process from being handled by fb_helper until + * drm_fb_helper_resume_hotplug() is called. This dramatically simplifies the + * runtime suspend process, as it eliminates the possibility that fb_helper + * might try to perform a modeset half way through the runtime suspend process + * in response to a connector hotplug, something which will almost certainly + * lead to deadlocking for drivers that need to disable normal hotplug + * handling in their runtime suspend handlers. + * + * Calls to this function should be put at the very start of a driver's + * runtime suspend operation if desired. The driver is then responsible for + * re-enabling fb_helper hotplug handling when normal hotplug detection + * becomes available on the device again by calling + * drm_fb_helper_resume_hotplug(). Usually, a driver will want to re-enable + * fb_helper hotplug handling once the hotplug detection capabilities of its + * devices have returned to normal (e.g. when the device is runtime resumed, + * or after the runtime suspend process was aborted for some reason). + * + * Please note that this function is different from + * drm_fb_helper_set_suspend(), in that it does not actually suspend + * fb_helper. It only prevents fb_helper from responding to connector hotplugs + * on it's own. Generally, a driver will only want to call this in its + * runtime suspend callback. + * + * See also: drm_fb_helper_resume_hotplug() + * + * RETURNS: + * True if hotplug handling was disabled successfully, or fb_helper wasn't + * actually initialized/enabled yet. False if grabbing &fb_helper->lock would + * have meant blocking on fb_helper. When this function returns false, this + * usually implies means that fb_helper is still busy doing something such as + * probing connectors or performing a modeset. Drivers should treat this the + * same way they would any other activity on the device, and abort the runtime + * suspend process as early as possible in response. + */ +bool __must_check +drm_fb_helper_suspend_hotplug(struct drm_fb_helper *fb_helper) +{ + if (!drm_fbdev_emulation || !fb_helper) + return true; + + if (!mutex_trylock(&fb_helper->lock)) + return false; + + fb_helper->hotplug_suspended = true; + mutex_unlock(&fb_helper->lock); + + return true; +} +EXPORT_SYMBOL(drm_fb_helper_suspend_hotplug); + /** * drm_fb_helper_hotplug_event - respond to a hotplug notification by * probing all the outputs attached to the fb @@ -2751,6 +2868,9 @@ EXPORT_SYMBOL(drm_fb_helper_initial_config); * for a race-free fbcon setup and will make sure that the fbdev emulation will * not miss any hotplug events. * + * See also: drm_fb_helper_suspend_hotplug() + * See also: drm_fb_helper_resume_hotplug() + * * RETURNS: * 0 on success and a non-zero error code otherwise. */ @@ -2768,7 +2888,8 @@ int drm_fb_helper_hotplug_event(struct drm_fb_helper *fb_helper) return err; } - if (!fb_helper->fb || !drm_fb_helper_is_bound(fb_helper)) { + if (!fb_helper->fb || !drm_fb_helper_is_bound(fb_helper) || + fb_helper->hotplug_suspended) { fb_helper->delayed_hotplug = true; mutex_unlock(&fb_helper->lock); return err; diff --git a/include/drm/drm_fb_helper.h b/include/drm/drm_fb_helper.h index b069433e7fc1..9c6e4ceff3af 100644 --- a/include/drm/drm_fb_helper.h +++ b/include/drm/drm_fb_helper.h @@ -232,6 +232,14 @@ struct drm_fb_helper { * See also: @deferred_setup */ int preferred_bpp; + + /** + * @hotplug_suspended: + * + * Whether or not we can currently handle hotplug events, or if we + * need to wait for the DRM device to uninhibit us. + */ + bool hotplug_suspended; }; /** @@ -330,6 +338,11 @@ void drm_fb_helper_fbdev_teardown(struct drm_device *dev); void drm_fb_helper_lastclose(struct drm_device *dev); void drm_fb_helper_output_poll_changed(struct drm_device *dev); + +void drm_fb_helper_resume_hotplug(struct drm_fb_helper *fb_helper); +bool __must_check +drm_fb_helper_suspend_hotplug(struct drm_fb_helper *fb_helper); + #else static inline void drm_fb_helper_prepare(struct drm_device *dev, struct drm_fb_helper *helper, @@ -564,6 +577,15 @@ static inline void drm_fb_helper_output_poll_changed(struct drm_device *dev) { } +static inline void +drm_fb_helper_resume_hotplug(struct drm_fb_helper *fb_helper) +{ +} +static inline bool __must_check +drm_fb_helper_suspend_hotplug(struct drm_fb_helper *fb_helper) +{ + return true; +} #endif static inline int -- 2.17.1

7 years, 1 month

1
0
0 0

Re: [PATCH] pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()

by Uwe Kleine-König

Hello, On Mon, Jul 30, 2018 at 05:43:43PM +0200, Linus Walleij wrote: > On Fri, Jul 13, 2018 at 4:55 PM Dan Carpenter <dan.carpenter(a)oracle.com> wrote: > > > The info->groups[] array is allocated in imx1_pinctrl_parse_dt(). It > > has info->ngroups elements. Thus the > here should be >= to prevent > > reading one element beyond the end of the array. > > > > Fixes: 30612cd90005 ("pinctrl: imx1 core driver") > > Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> > > Patch applied. > > I am not tagging for stable as it is debug code and does not > affect end users. Not sure this is a valid reason. Distro kernels usually enable debugfs. I'd say an out-of-bounds access that can only be triggered by root should still be fixed. I won't argue but added stable to the addressees of this mail to at least raise awareness. Best regards Uwe -- Pengutronix e.K. | Uwe Kleine-König | Industrial Linux Solutions | http://www.pengutronix.de/ |

7 years, 1 month

2
1
0 0

[PATCH v2] drm/amd/display: Report non-DP display as disconnected without EDID

by Harry Wentland

[Why] Some boards seem to have a problem where HPD is high on HDMI even though no display is connected. We don't want to report these as connected. DP spec still requires us to report DP displays as connected when HPD is high but we can't read the EDID in order to go to fail-safe mode. [How] If connector_signal is not DP abort detection if we can't retrieve the EDID. Bugzilla: https://bugs.freedesktop.org/107390 Bugzilla: https://bugs.freedesktop.org/106846 Cc: stable(a)vger.kernel.org Signed-off-by: Harry Wentland <harry.wentland(a)amd.com> Acked-by: Alex Deucher <alexander.deucher(a)amd.com> v2: Add Bugzilla and stable --- drivers/gpu/drm/amd/display/dc/core/dc_link.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/drivers/gpu/drm/amd/display/dc/core/dc_link.c b/drivers/gpu/drm/amd/display/dc/core/dc_link.c index b180197a41e2..84f0fd15be4c 100644 --- a/drivers/gpu/drm/amd/display/dc/core/dc_link.c +++ b/drivers/gpu/drm/amd/display/dc/core/dc_link.c @@ -744,6 +744,17 @@ bool dc_link_detect(struct dc_link *link, enum dc_detect_reason reason) break; case EDID_NO_RESPONSE: DC_LOG_ERROR("No EDID read.\n"); + + /* + * Abort detection for non-DP connectors if we have + * no EDID + * + * DP needs to report as connected if HDP is high + * even if we have no EDID in order to go to + * fail-safe mode + */ + if (!dc_is_dp_signal(link->connector_signal)) + return false; default: break; } -- 2.17.1

7 years, 1 month

2
1
0 0

request to include on 4.14.y: a4c447533a18ee86e07232d6344ba12b1f9c5077

by Eduardo Valentin

Greg, This is a straight forward cherry-pick. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… Thanks. -- All the best, Eduardo Valentin

7 years, 1 month

2
3
0 0

Re: [PATCH] HID: Bluetooth: hidp: buffer overflow in hidp_process_report

by Mark Salyzyn

On 08/01/2018 09:37 AM, Greg KH wrote: > On Tue, Jul 31, 2018 at 03:02:13PM -0700, Mark Salyzyn wrote: >> CVE-2018-9363 >> >> The buffer length is unsigned at all layers, but gets cast to int and >> checked in hidp_process_report and can lead to a buffer overflow. >> Switch len parameter to unsigned int to resolve issue. >> >> This affects 3.18 and newer kernels. >> >> Signed-off-by: Mark Salyzyn <salyzyn(a)android.com> >> Fixes: a4b1b5877b514b276f0f31efe02388a9c2836728 ("HID: Bluetooth: hidp: make sure input buffers are big enough") >> Cc: Marcel Holtmann <marcel(a)holtmann.org> >> Cc: Johan Hedberg <johan.hedberg(a)gmail.com> >> Cc: "David S. Miller" <davem(a)davemloft.net> >> Cc: Kees Cook <keescook(a)chromium.org> >> Cc: Benjamin Tissoires <benjamin.tissoires(a)redhat.com> >> Cc: linux-bluetooth(a)vger.kernel.org >> Cc: netdev(a)vger.kernel.org >> Cc: linux-kernel(a)vger.kernel.org >> Cc: security(a)kernel.org >> Cc: kernel-team(a)android.com > Nit, you only need to bother security@ if you do not have a fix and need > to figure out one. Thanks, I thought anything with a CVE was to go there according to netdev FAQ (dropped security from response list). > Also, you forgot to cc: stable(a)vger.kernel.org to be included in older > kernel releases :( netdev FAQ said to _not_ copy stable, I am so confused ;-{ (added stable to response list b/c patch is now taken into bluetooth-next) > thanks, > > greg k-h

7 years, 1 month

2
1
0 0

Re: [PATCH v2] arch/x86: Fix boot_cpu_data.microcode version output

by Oleksandr Natalenko

Hi. > I tested this on AMD Ryzen & Intel Broadwell system and dumped the > boot_cpu_data before and after a microcode update. On the Intel > system I also did a fatal MCE using mce-inject to confirm the output > from the mce handling code. > > P. > > ---8<--- > > On systems where a runtime microcode update has occurred the microcode > version output in a MCE log record is wrong because > boot_cpu_data.microcode is not updated during runtime. > > Update boot_cpu_data.microcode when the BSP's microcode is updated. > > Fixes: fa94d0c6e0f3 ("x86/MCE: Save microcode revision in machine check > records") > Suggested-by: Borislav Petkov <bp(a)alien8.com> > Signed-off-by: Prarit Bhargava <prarit(a)redhat.com> > Cc: stable(a)vger.kernel.org > Cc: sironi(a)amazon.de > Cc: tony.luck(a)intel.com > --- > Changes in v2: Use mc_amd->hdr.patch_id on AMD > > arch/x86/kernel/cpu/microcode/amd.c | 4 ++++ > arch/x86/kernel/cpu/microcode/intel.c | 4 ++++ > 2 files changed, 8 insertions(+) > > diff --git a/arch/x86/kernel/cpu/microcode/amd.c > b/arch/x86/kernel/cpu/microcode/amd.c > index 0624957aa068..63b072377ba4 100644 > --- a/arch/x86/kernel/cpu/microcode/amd.c > +++ b/arch/x86/kernel/cpu/microcode/amd.c > @@ -537,6 +537,10 @@ static enum ucode_state apply_microcode_amd(int > cpu) > uci->cpu_sig.rev = mc_amd->hdr.patch_id; > c->microcode = mc_amd->hdr.patch_id; > > + /* Update boot_cpu_data's revision too, if we're on the BSP: */ > + if (c->cpu_index == boot_cpu_data.cpu_index) > + boot_cpu_data.microcode = mc_amd->hdr.patch_id; > + > return UCODE_UPDATED; > } > > diff --git a/arch/x86/kernel/cpu/microcode/intel.c > b/arch/x86/kernel/cpu/microcode/intel.c > index 97ccf4c3b45b..256d336cbc04 100644 > --- a/arch/x86/kernel/cpu/microcode/intel.c > +++ b/arch/x86/kernel/cpu/microcode/intel.c > @@ -851,6 +851,10 @@ static enum ucode_state apply_microcode_intel(int > cpu) > uci->cpu_sig.rev = rev; > c->microcode = rev; > > + /* Update boot_cpu_data's revision too, if we're on the BSP: */ > + if (c->cpu_index == boot_cpu_data.cpu_index) > + boot_cpu_data.microcode = rev; > + > return UCODE_UPDATED; > } > > -- > 2.17.0 After this patch, do we preserve an original microcode version somewhere? If no, why? Sometimes it is useful while debugging another crash because of faulty microcode. Thanks. -- Oleksandr Natalenko (post-factum)

7 years, 1 month

2
2
0 0

Re: [PATCH v3 02/14] ARM: dts: sunxi: h3/h5: Fix i2c2 register address

by Icenowy Zheng

在 2017-09-26二的 09:22 +0200，Corentin Labbe写道： > The unit address and register address does not match. > This patch fix the register address with the good one. > > Acked-by: Maxime Ripard <maxime.ripard(a)free-electrons.com> > Signed-off-by: Corentin Labbe <clabbe.montjoie(a)gmail.com> This patch should be backported. Older LTS also needs patches, but the patch needs to be refactored to suite the versions. Cc: stable(a)vger.kernel.org # 4.14 > --- > arch/arm/boot/dts/sunxi-h3-h5.dtsi | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/arm/boot/dts/sunxi-h3-h5.dtsi > b/arch/arm/boot/dts/sunxi-h3-h5.dtsi > index b37ed3461229..289f2cd06dfe 100644 > --- a/arch/arm/boot/dts/sunxi-h3-h5.dtsi > +++ b/arch/arm/boot/dts/sunxi-h3-h5.dtsi > @@ -632,7 +632,7 @@ > > i2c2: i2c@1c2b400 { > compatible = "allwinner,sun6i-a31-i2c"; > - reg = <0x01c2b000 0x400>; > + reg = <0x01c2b400 0x400>; > interrupts = <GIC_SPI 8 IRQ_TYPE_LEVEL_HIGH>; > clocks = <&ccu CLK_BUS_I2C2>; > resets = <&ccu RST_BUS_I2C2>;

7 years, 1 month

1
0
0 0

2018-7_租務精選

by Flourish_萊斯物業

7 years, 1 month

1
0
0 0

[PATCHES] Networking

by David Miller

Please queue up the following networking bug fixes for 4.14.x and 4.17.x -stable, respectively. Thanks!

7 years, 1 month

2
1
0 0

[PATCH v3 3/3] RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq

by Kees Cook

From: Leon Romanovsky <leonro(a)mellanox.com> [ 61.182439] UBSAN: Undefined behaviour in drivers/infiniband/hw/mlx5/qp.c:5366:34 [ 61.183673] shift exponent 4294967288 is too large for 32-bit type 'unsigned int' [ 61.185530] CPU: 0 PID: 639 Comm: qp Not tainted 4.18.0-rc1-00037-g4aa1d69a9c60-dirty #96 [ 61.186981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-2.fc27 04/01/2014 [ 61.188315] Call Trace: [ 61.188661] dump_stack+0xc7/0x13b [ 61.190427] ubsan_epilogue+0x9/0x49 [ 61.190899] __ubsan_handle_shift_out_of_bounds+0x1ea/0x22f [ 61.197040] mlx5_ib_create_wq+0x1c99/0x1d50 [ 61.206632] ib_uverbs_ex_create_wq+0x499/0x820 [ 61.213892] ib_uverbs_write+0x77e/0xae0 [ 61.248018] vfs_write+0x121/0x3b0 [ 61.249831] ksys_write+0xa1/0x120 [ 61.254024] do_syscall_64+0x7c/0x2a0 [ 61.256178] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 61.259211] RIP: 0033:0x7f54bab70e99 [ 61.262125] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 [ 61.268678] RSP: 002b:00007ffe1541c318 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 61.271076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f54bab70e99 [ 61.273795] RDX: 0000000000000070 RSI: 0000000020000240 RDI: 0000000000000003 [ 61.276982] RBP: 00007ffe1541c330 R08: 00000000200078e0 R09: 0000000000000002 [ 61.280035] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004005c0 [ 61.283279] R13: 00007ffe1541c420 R14: 0000000000000000 R15: 0000000000000000 Cc: <stable(a)vger.kernel.org> # 4.7 Fixes: 79b20a6c3014 ("IB/mlx5: Add receive Work Queue verbs") Cc: syzkaller <syzkaller(a)googlegroups.com> Reported-by: Noa Osherovich <noaos(a)mellanox.com> Signed-off-by: Leon Romanovsky <leonro(a)mellanox.com> Signed-off-by: Kees Cook <keescook(a)chromium.org> --- drivers/infiniband/hw/mlx5/qp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/infiniband/hw/mlx5/qp.c b/drivers/infiniband/hw/mlx5/qp.c index a4f1f638509f..7fc156db643d 100644 --- a/drivers/infiniband/hw/mlx5/qp.c +++ b/drivers/infiniband/hw/mlx5/qp.c @@ -5365,7 +5365,10 @@ static int set_user_rq_size(struct mlx5_ib_dev *dev, rwq->wqe_count = ucmd->rq_wqe_count; rwq->wqe_shift = ucmd->rq_wqe_shift; - rwq->buf_size = (rwq->wqe_count << rwq->wqe_shift); + if (check_shift_overflow(rwq->wqe_count, rwq->wqe_shift, + &rwq->buf_size)) + return -EINVAL; + rwq->log_rq_stride = rwq->wqe_shift; rwq->log_rq_size = ilog2(rwq->wqe_count); return 0; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH] drm/i915/gvt: move intel_runtime_pm_get out of spin_lock in stop_schedule

by hang.yuan＠linux.intel.com

From: Hang Yuan <hang.yuan(a)linux.intel.com> pm_runtime_get_sync in intel_runtime_pm_get might sleep if i915 device is not active. When stop vgpu schedule, the device may be inactive. So need to move runtime_pm_get out of spin_lock/unlock. Fixes: b24881e0b0b6("drm/i915/gvt: Add runtime_pm_get/put into gvt_switch_mmio Signed-off-by: Hang Yuan <hang.yuan(a)linux.intel.com> Signed-off-by: Xiong Zhang <xiong.y.zhang(a)intel.com> --- drivers/gpu/drm/i915/gvt/mmio_context.c | 2 -- drivers/gpu/drm/i915/gvt/sched_policy.c | 3 +++ 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/i915/gvt/mmio_context.c b/drivers/gpu/drm/i915/gvt/mmio_context.c index 7e702c6..10e63ee 100644 --- a/drivers/gpu/drm/i915/gvt/mmio_context.c +++ b/drivers/gpu/drm/i915/gvt/mmio_context.c @@ -549,11 +549,9 @@ void intel_gvt_switch_mmio(struct intel_vgpu *pre, * performace for batch mmio read/write, so we need * handle forcewake mannually. */ - intel_runtime_pm_get(dev_priv); intel_uncore_forcewake_get(dev_priv, FORCEWAKE_ALL); switch_mmio(pre, next, ring_id); intel_uncore_forcewake_put(dev_priv, FORCEWAKE_ALL); - intel_runtime_pm_put(dev_priv); } /** diff --git a/drivers/gpu/drm/i915/gvt/sched_policy.c b/drivers/gpu/drm/i915/gvt/sched_policy.c index 09d7bb7..985fe81 100644 --- a/drivers/gpu/drm/i915/gvt/sched_policy.c +++ b/drivers/gpu/drm/i915/gvt/sched_policy.c @@ -426,6 +426,7 @@ void intel_vgpu_stop_schedule(struct intel_vgpu *vgpu) &vgpu->gvt->scheduler; int ring_id; struct vgpu_sched_data *vgpu_data = vgpu->sched_data; + struct drm_i915_private *dev_priv = vgpu->gvt->dev_priv; if (!vgpu_data->active) return; @@ -444,6 +445,7 @@ void intel_vgpu_stop_schedule(struct intel_vgpu *vgpu) scheduler->current_vgpu = NULL; } + intel_runtime_pm_get(dev_priv); spin_lock_bh(&scheduler->mmio_context_lock); for (ring_id = 0; ring_id < I915_NUM_ENGINES; ring_id++) { if (scheduler->engine_owner[ring_id] == vgpu) { @@ -452,5 +454,6 @@ void intel_vgpu_stop_schedule(struct intel_vgpu *vgpu) } } spin_unlock_bh(&scheduler->mmio_context_lock); + intel_runtime_pm_put(dev_priv); mutex_unlock(&vgpu->gvt->sched_lock); } -- 2.7.4

7 years, 1 month

3
2
0 0

[PATCH v2 3/3] RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq

by Kees Cook

From: Leon Romanovsky <leonro(a)mellanox.com> [ 61.182439] UBSAN: Undefined behaviour in drivers/infiniband/hw/mlx5/qp.c:5366:34 [ 61.183673] shift exponent 4294967288 is too large for 32-bit type 'unsigned int' [ 61.185530] CPU: 0 PID: 639 Comm: qp Not tainted 4.18.0-rc1-00037-g4aa1d69a9c60-dirty #96 [ 61.186981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-2.fc27 04/01/2014 [ 61.188315] Call Trace: [ 61.188661] dump_stack+0xc7/0x13b [ 61.190427] ubsan_epilogue+0x9/0x49 [ 61.190899] __ubsan_handle_shift_out_of_bounds+0x1ea/0x22f [ 61.197040] mlx5_ib_create_wq+0x1c99/0x1d50 [ 61.206632] ib_uverbs_ex_create_wq+0x499/0x820 [ 61.213892] ib_uverbs_write+0x77e/0xae0 [ 61.248018] vfs_write+0x121/0x3b0 [ 61.249831] ksys_write+0xa1/0x120 [ 61.254024] do_syscall_64+0x7c/0x2a0 [ 61.256178] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 61.259211] RIP: 0033:0x7f54bab70e99 [ 61.262125] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 [ 61.268678] RSP: 002b:00007ffe1541c318 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 61.271076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f54bab70e99 [ 61.273795] RDX: 0000000000000070 RSI: 0000000020000240 RDI: 0000000000000003 [ 61.276982] RBP: 00007ffe1541c330 R08: 00000000200078e0 R09: 0000000000000002 [ 61.280035] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004005c0 [ 61.283279] R13: 00007ffe1541c420 R14: 0000000000000000 R15: 0000000000000000 Cc: <stable(a)vger.kernel.org> # 4.7 Fixes: 79b20a6c3014 ("IB/mlx5: Add receive Work Queue verbs") Cc: syzkaller <syzkaller(a)googlegroups.com> Reported-by: Noa Osherovich <noaos(a)mellanox.com> Signed-off-by: Leon Romanovsky <leonro(a)mellanox.com> Signed-off-by: Kees Cook <keescook(a)chromium.org> --- drivers/infiniband/hw/mlx5/qp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/infiniband/hw/mlx5/qp.c b/drivers/infiniband/hw/mlx5/qp.c index a4f1f638509f..7fc156db643d 100644 --- a/drivers/infiniband/hw/mlx5/qp.c +++ b/drivers/infiniband/hw/mlx5/qp.c @@ -5365,7 +5365,10 @@ static int set_user_rq_size(struct mlx5_ib_dev *dev, rwq->wqe_count = ucmd->rq_wqe_count; rwq->wqe_shift = ucmd->rq_wqe_shift; - rwq->buf_size = (rwq->wqe_count << rwq->wqe_shift); + if (check_shift_overflow(rwq->wqe_count, rwq->wqe_shift, + &rwq->buf_size)) + return -EINVAL; + rwq->log_rq_stride = rwq->wqe_shift; rwq->log_rq_size = ilog2(rwq->wqe_count); return 0; -- 2.17.1

7 years, 1 month

1
0
0 0

+ userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails has been added to the -mm tree. Its filename is userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/userfaultfd-remove-uffd-flags-from… and later at http://ozlabs.org/~akpm/mmotm/broken-out/userfaultfd-remove-uffd-flags-from… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Subject: userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails The fix in 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") cleared the vma->vm_userfaultfd_ctx but kept userfaultfd flags in vma->vm_flags that were copied from the parent process VMA. As the result, there is an inconsistency between the values of vma->vm_userfaultfd_ctx.ctx and vma->vm_flags which triggers BUG_ON in userfaultfd_release(). Clearing the uffd flags from vma->vm_flags in case of UFFD_EVENT_FORK failure resolves the issue. Link: http://lkml.kernel.org/r/1532931975-25473-1-git-send-email-rppt@linux.vnet.… Fixes: 0cbb4b4f4c44 ("userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails") Signed-off-by: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Reported-by: syzbot+121be635a7a35ddb7dcb(a)syzkaller.appspotmail.com Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Eric Biggers <ebiggers3(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- diff -puN fs/userfaultfd.c~userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails fs/userfaultfd.c --- a/fs/userfaultfd.c~userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails +++ a/fs/userfaultfd.c @@ -633,8 +633,10 @@ static void userfaultfd_event_wait_compl /* the various vma->vm_userfaultfd_ctx still points to it */ down_write(&mm->mmap_sem); for (vma = mm->mmap; vma; vma = vma->vm_next) - if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) + if (vma->vm_userfaultfd_ctx.ctx == release_new_ctx) { vma->vm_userfaultfd_ctx = NULL_VM_UFFD_CTX; + vma->vm_flags &= ~(VM_UFFD_WP | VM_UFFD_MISSING); + } up_write(&mm->mmap_sem); userfaultfd_ctx_put(release_new_ctx); _ Patches currently in -mm which might be from rppt(a)linux.vnet.ibm.com are userfaultfd-remove-uffd-flags-from-vma-vm_flags-if-uffd_event_fork-fails.patch mm-make-deferred_struct_page_init-explicitly-depend-on-sparsemem.patch mm-memblock-replace-u64-with-phys_addr_t-where-appropriate.patch mm-mempool-add-missing-parameter-description.patch mm-util-make-strndup_user-description-a-kernel-doc-comment.patch mm-util-add-kernel-doc-for-kvfree.patch docs-core-api-kill-trailing-whitespace-in-kernel-apirst.patch docs-core-api-move-strmemdup-to-string-manipulation.patch docs-core-api-split-memory-management-api-to-a-separate-file.patch docs-mm-make-gfp-flags-descriptions-usable-as-kernel-doc.patch docs-core-api-mm-api-add-section-about-gfp-flags.patch

7 years, 1 month

1
0
0 0

Are you sure?

by Ms CHIANG Lai Yuen JP

I have a Businesss Proposal for you, Can you do it? If yes please get back to me for more details.

7 years, 1 month

1
0
0 0

[PATCH for-4.4.y 0/5] net/sched: init failure fixes

by Amit Pundir

Hi Greg, Kindly consider/review following net/sched fixes for stable 4.4.y. This patchset is a follow-up of upstream fix 87b60cfacf9f ("net_sched: fix error recovery at qdisc creation") cherry-picked on stable 4.4.y. It fix null pointer dereferences due to uninitialized timer (qdisc watchdog) or double frees due to ->destroy cleaning up a second time. Here is the original submission https://www.mail-archive.com/netdev@vger.kernel.org/msg186003.html Cherry-picked and build tested on Linux 4.4.145 for ARCH=arm/arm64. Regards, Amit Pundir Nikolay Aleksandrov (5): sch_htb: fix crash on init failure sch_multiq: fix double free on init failure sch_hhf: fix null pointer dereference on init failure sch_netem: avoid null pointer deref on init failure sch_tbf: fix two null pointer dereferences on init failure net/sched/sch_hhf.c | 3 +++ net/sched/sch_htb.c | 5 +++-- net/sched/sch_multiq.c | 7 +------ net/sched/sch_netem.c | 4 ++-- net/sched/sch_tbf.c | 5 +++-- 5 files changed, 12 insertions(+), 12 deletions(-) -- 2.7.4

7 years, 1 month

1
5
0 0

[PATCH] x86/microcode: Don't duplicate code to update ucode cpu info and cpu info

by Filippo Sironi

... on late microcode loading when handling a CPU that's already been updated and a CPU that's yet to be updated. Signed-off-by: Filippo Sironi <sironi(a)amazon.de> --- arch/x86/kernel/cpu/microcode/amd.c | 15 +++++++++------ arch/x86/kernel/cpu/microcode/intel.c | 10 ++++++---- 2 files changed, 15 insertions(+), 10 deletions(-) diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c index 0624957aa068..77758e10f16f 100644 --- a/arch/x86/kernel/cpu/microcode/amd.c +++ b/arch/x86/kernel/cpu/microcode/amd.c @@ -505,6 +505,7 @@ static enum ucode_state apply_microcode_amd(int cpu) struct ucode_cpu_info *uci; struct ucode_patch *p; u32 rev, dummy; + enum ucode_state ret; BUG_ON(raw_smp_processor_id() != cpu); @@ -521,9 +522,8 @@ static enum ucode_state apply_microcode_amd(int cpu) /* need to apply patch? */ if (rev >= mc_amd->hdr.patch_id) { - c->microcode = rev; - uci->cpu_sig.rev = rev; - return UCODE_OK; + ret = UCODE_OK; + goto out; } if (__apply_microcode_amd(mc_amd)) { @@ -534,10 +534,13 @@ static enum ucode_state apply_microcode_amd(int cpu) pr_info("CPU%d: new patch_level=0x%08x\n", cpu, mc_amd->hdr.patch_id); - uci->cpu_sig.rev = mc_amd->hdr.patch_id; - c->microcode = mc_amd->hdr.patch_id; + ret = UCODE_UPDATED; + rev = mc_amd->hdr.patch_id; +out: + uci->cpu_sig.rev = rev; + c->microcode = rev; - return UCODE_UPDATED; + return ret; } static int install_equiv_cpu_table(const u8 *buf) diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 97ccf4c3b45b..4bc869e829eb 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -797,6 +797,7 @@ static enum ucode_state apply_microcode_intel(int cpu) struct microcode_intel *mc; static int prev_rev; u32 rev; + enum ucode_state ret; /* We should bind the task to the CPU */ if (WARN_ON(raw_smp_processor_id() != cpu)) @@ -817,9 +818,8 @@ static enum ucode_state apply_microcode_intel(int cpu) */ rev = intel_get_microcode_revision(); if (rev >= mc->hdr.rev) { - uci->cpu_sig.rev = rev; - c->microcode = rev; - return UCODE_OK; + ret = UCODE_OK; + goto out; } /* @@ -848,10 +848,12 @@ static enum ucode_state apply_microcode_intel(int cpu) prev_rev = rev; } + ret = UCODE_UPDATED; +out: uci->cpu_sig.rev = rev; c->microcode = rev; - return UCODE_UPDATED; + return ret; } static enum ucode_state generic_load_microcode(int cpu, void *data, size_t size, -- 2.7.4

7 years, 1 month

3
3
0 0

[PATCH 1/3] ext4: super: Fix spectre gadget in ext4_quota_on

by Jeremy Cline

'type' is a user-controlled value used to index into 's_qf_names', which can be used in a Spectre v1 attack. Clamp 'type' to the size of the array to avoid a speculative out-of-bounds read. Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: stable(a)vger.kernel.org Signed-off-by: Jeremy Cline <jcline(a)redhat.com> --- fs/ext4/super.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/ext4/super.c b/fs/ext4/super.c index 6480e763080f..c04a09b51742 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -40,6 +40,7 @@ #include <linux/crc16.h> #include <linux/dax.h> #include <linux/cleancache.h> +#include <linux/nospec.h> #include <linux/uaccess.h> #include <linux/iversion.h> @@ -5559,6 +5560,7 @@ static int ext4_quota_on(struct super_block *sb, int type, int format_id, if (path->dentry->d_sb != sb) return -EXDEV; /* Journaling quota? */ + type = array_index_nospec(type, EXT4_MAXQUOTAS); if (EXT4_SB(sb)->s_qf_names[type]) { /* Quotafile not in fs root? */ if (path->dentry->d_parent != sb->s_root) -- 2.17.1

7 years, 1 month

3
4
0 0

[PATCH] kernel.h: Disable -Wreturn-stack-address for _THIS_IP_

by Nick Desaulniers

Starting with Clang-7.0, _THIS_IP_ generates -Wreturn-stack-address warnings for almost every translation unit. In general, I'd prefer to leave this on (returning the address of a stack allocated variable is in general a bad idea) and disable it only at whitelisted call sites. We can't do something like: #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wreturn-stack-address" <code> #pragma clang diagnostic pop in a GNU Statement Expression or macro, hence we use _Pragma, which is its raison d'être: https://gcc.gnu.org/onlinedocs/cpp/Pragmas.html Cc: stable(a)vger.kernel.org # 4.17, 4.14, 4.9, 4.4 Signed-off-by: Nick Desaulniers <ndesaulniers(a)google.com> --- include/linux/kernel.h | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/include/linux/kernel.h b/include/linux/kernel.h index 941dc0a5a877..5906f5727f90 100644 --- a/include/linux/kernel.h +++ b/include/linux/kernel.h @@ -168,7 +168,15 @@ #define _RET_IP_ (unsigned long)__builtin_return_address(0) -#define _THIS_IP_ ({ __label__ __here; __here: (unsigned long)&&__here; }) +#define _THIS_IP_ ( \ +{ \ + _Pragma("clang diagnostic push") \ + _Pragma("clang diagnostic ignored \"-Wreturn-stack-address\"") \ + __label__ __here; \ +__here: (unsigned long)&&__here; \ + _Pragma("clang diagnostic pop") \ +} \ +) #ifdef CONFIG_LBDAF # include <asm/div64.h> -- 2.18.0.233.g985f88cf7e-goog

7 years, 1 month

3
6
0 0

[PATCH v2] arch/x86: Fix boot_cpu_data.microcode version output

by Prarit Bhargava

I tested this on AMD Ryzen & Intel Broadwell system and dumped the boot_cpu_data before and after a microcode update. On the Intel system I also did a fatal MCE using mce-inject to confirm the output from the mce handling code. P. ---8<--- On systems where a runtime microcode update has occurred the microcode version output in a MCE log record is wrong because boot_cpu_data.microcode is not updated during runtime. Update boot_cpu_data.microcode when the BSP's microcode is updated. Fixes: fa94d0c6e0f3 ("x86/MCE: Save microcode revision in machine check records") Suggested-by: Borislav Petkov <bp(a)alien8.com> Signed-off-by: Prarit Bhargava <prarit(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: sironi(a)amazon.de Cc: tony.luck(a)intel.com --- Changes in v2: Use mc_amd->hdr.patch_id on AMD arch/x86/kernel/cpu/microcode/amd.c | 4 ++++ arch/x86/kernel/cpu/microcode/intel.c | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c index 0624957aa068..63b072377ba4 100644 --- a/arch/x86/kernel/cpu/microcode/amd.c +++ b/arch/x86/kernel/cpu/microcode/amd.c @@ -537,6 +537,10 @@ static enum ucode_state apply_microcode_amd(int cpu) uci->cpu_sig.rev = mc_amd->hdr.patch_id; c->microcode = mc_amd->hdr.patch_id; + /* Update boot_cpu_data's revision too, if we're on the BSP: */ + if (c->cpu_index == boot_cpu_data.cpu_index) + boot_cpu_data.microcode = mc_amd->hdr.patch_id; + return UCODE_UPDATED; } diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 97ccf4c3b45b..256d336cbc04 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -851,6 +851,10 @@ static enum ucode_state apply_microcode_intel(int cpu) uci->cpu_sig.rev = rev; c->microcode = rev; + /* Update boot_cpu_data's revision too, if we're on the BSP: */ + if (c->cpu_index == boot_cpu_data.cpu_index) + boot_cpu_data.microcode = rev; + return UCODE_UPDATED; } -- 2.17.0

7 years, 1 month

3
3
0 0

[PATCH v2] ipc/shm.c add ->pagesize function to shm_vm_ops

by Jane Chu

05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") adds a new ->pagesize() function to hugetlb_vm_ops, intended to cover all hugetlbfs backed files. With System V shared memory model, if "huge page" is specified, the "shared memory" is backed by hugetlbfs files, but the mappings initiated via shmget/shmat have their original vm_ops overwritten with shm_vm_ops, so we need to add a ->pagesize function to shm_vm_ops. Otherwise, vma_kernel_pagesize() returns PAGE_SIZE given a hugetlbfs backed vma, result in below BUG: fs/hugetlbfs/inode.c 443 if (unlikely(page_mapped(page))) { 444 BUG_ON(truncate_op); [ 242.268342] hugetlbfs: oracle (4592): Using mlock ulimits for SHM_HUGETLB is deprecated [ 282.653208] ------------[ cut here ]------------ [ 282.708447] kernel BUG at fs/hugetlbfs/inode.c:444! [ 282.818957] Modules linked in: nfsv3 rpcsec_gss_krb5 nfsv4 ... [ 284.025873] CPU: 35 PID: 5583 Comm: oracle_5583_sbt Not tainted 4.14.35-1829.el7uek.x86_64 #2 [ 284.246609] task: ffff9bf0507aaf80 task.stack: ffffa9e625628000 [ 284.317455] RIP: 0010:remove_inode_hugepages+0x3db/0x3e2 .... [ 285.292389] Call Trace: [ 285.321630] hugetlbfs_evict_inode+0x1e/0x3e [ 285.372707] evict+0xdb/0x1af [ 285.408185] iput+0x1a2/0x1f7 [ 285.443661] dentry_unlink_inode+0xc6/0xf0 [ 285.492661] __dentry_kill+0xd8/0x18d [ 285.536459] dput+0x1b5/0x1ed [ 285.571939] __fput+0x18b/0x216 [ 285.609495] ____fput+0xe/0x10 [ 285.646030] task_work_run+0x90/0xa7 [ 285.688788] exit_to_usermode_loop+0xdd/0x116 [ 285.740905] do_syscall_64+0x187/0x1ae [ 285.785740] entry_SYSCALL_64_after_hwframe+0x150/0x0 Link: http://lkml.kernel.org/r/20180727211727.5020-1-jane.chu@oracle.com Fixes: 05ea88608d4e13 ("mm, hugetlbfs: introduce ->pagesize() to vm_operations_struct") Signed-off-by: Jane Chu <jane.chu(a)oracle.com> Suggested-by: Mike Kravetz <mike.kravetz(a)oracle.com> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Acked-by: Davidlohr Bueso <dbueso(a)suse.de> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Jan Kara <jack(a)suse.cz> Cc: JÃ©rÃ´me Glisse <jglisse(a)redhat.com> Cc: Davidlohr Bueso <dave(a)stgolabs.net> Cc: Manfred Spraul <manfred(a)colorfullife.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- --- ipc/shm.c | 12 ++++++++++++ mm/hugetlb.c | 7 +++++++ 2 files changed, 19 insertions(+) diff --git a/ipc/shm.c b/ipc/shm.c index 051a3e1fb8df..fefa00d310fb 100644 --- a/ipc/shm.c +++ b/ipc/shm.c @@ -427,6 +427,17 @@ static int shm_split(struct vm_area_struct *vma, unsigned long addr) return 0; } +static unsigned long shm_pagesize(struct vm_area_struct *vma) +{ + struct file *file = vma->vm_file; + struct shm_file_data *sfd = shm_file_data(file); + + if (sfd->vm_ops->pagesize) + return sfd->vm_ops->pagesize(vma); + + return PAGE_SIZE; +} + #ifdef CONFIG_NUMA static int shm_set_policy(struct vm_area_struct *vma, struct mempolicy *new) { @@ -554,6 +565,7 @@ static const struct vm_operations_struct shm_vm_ops = { .close = shm_close, /* callback for when the vm-area is released */ .fault = shm_fault, .split = shm_split, + .pagesize = shm_pagesize, #if defined(CONFIG_NUMA) .set_policy = shm_set_policy, .get_policy = shm_get_policy, diff --git a/mm/hugetlb.c b/mm/hugetlb.c index 039ddbc574e9..3103099f64fd 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -3167,6 +3167,13 @@ static vm_fault_t hugetlb_vm_op_fault(struct vm_fault *vmf) return 0; } +/* + * When a new function is introduced to vm_operations_struct and added + * to hugetlb_vm_ops, please consider adding the function to shm_vm_ops. + * This is because under System V memory model, mappings created via + * shmget/shmat with "huge page" specified are backed by hugetlbfs files, + * their original vm_ops are overwritten with shm_vm_ops. + */ const struct vm_operations_struct hugetlb_vm_ops = { .fault = hugetlb_vm_op_fault, .open = hugetlb_vm_op_open, -- 2.15.GIT

7 years, 1 month

1
0
0 0

[PATCH] arch/x86: Fix boot_cpu_data.microcode version output

by Prarit Bhargava

On systems where a runtime microcode update has occurred the microcode version output in a MCE log record is wrong because boot_cpu_data.microcode is not updated during runtime. Update boot_cpu_data.microcode when the BSP's microcode is updated. Fixes: fa94d0c6e0f3 ("x86/MCE: Save microcode revision in machine check records") Suggested-by: Borislav Petkov <bp(a)alien8.com> Signed-off-by: Prarit Bhargava <prarit(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: sironi(a)amazon.de Cc: tony.luck(a)intel.com --- arch/x86/kernel/cpu/microcode/amd.c | 4 ++++ arch/x86/kernel/cpu/microcode/intel.c | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/arch/x86/kernel/cpu/microcode/amd.c b/arch/x86/kernel/cpu/microcode/amd.c index 0624957aa068..7f5b32535ac7 100644 --- a/arch/x86/kernel/cpu/microcode/amd.c +++ b/arch/x86/kernel/cpu/microcode/amd.c @@ -537,6 +537,10 @@ static enum ucode_state apply_microcode_amd(int cpu) uci->cpu_sig.rev = mc_amd->hdr.patch_id; c->microcode = mc_amd->hdr.patch_id; + /* Update boot_cpu_data's revision too, if we're on the BSP: */ + if (c->cpu_index == boot_cpu_data.cpu_index) + boot_cpu_data.microcode = rev; + return UCODE_UPDATED; } diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 97ccf4c3b45b..256d336cbc04 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -851,6 +851,10 @@ static enum ucode_state apply_microcode_intel(int cpu) uci->cpu_sig.rev = rev; c->microcode = rev; + /* Update boot_cpu_data's revision too, if we're on the BSP: */ + if (c->cpu_index == boot_cpu_data.cpu_index) + boot_cpu_data.microcode = rev; + return UCODE_UPDATED; } -- 2.17.0

7 years, 1 month

2
2
0 0

[PATCH] qedi: Fix a potential buffer overflow

by Bart Van Assche

Tell snprintf() to store at most 255 characters in the output buffer instead of 256. This patch avoids that smatch reports the following warning: drivers/scsi/qedi/qedi_main.c:891: qedi_get_boot_tgt_info() error: snprintf() is printing too much 256 vs 255 Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: <QLogic-Storage-Upstream(a)cavium.com> Cc: <stable(a)vger.kernel.org> --- drivers/scsi/qedi/qedi_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/scsi/qedi/qedi_main.c b/drivers/scsi/qedi/qedi_main.c index 682f3ce31014..ea62180d9ec8 100644 --- a/drivers/scsi/qedi/qedi_main.c +++ b/drivers/scsi/qedi/qedi_main.c @@ -888,7 +888,7 @@ static void qedi_get_boot_tgt_info(struct nvm_iscsi_block *block, ipv6_en = !!(block->generic.ctrl_flags & NVM_ISCSI_CFG_GEN_IPV6_ENABLED); - snprintf(tgt->iscsi_name, NVM_ISCSI_CFG_ISCSI_NAME_MAX_LEN, "%s\n", + snprintf(tgt->iscsi_name, sizeof(tgt->iscsi_name), "%s\n", block->target[index].target_name.byte); tgt->ipv6_en = ipv6_en; -- 2.18.0

7 years, 1 month

3
2
0 0

Richard & Angela Maxwell Congratulates You..

by Richard & Angela Maxwell

My wife and I won the Euro Millions Lottery of 53 Million British Pounds and we have voluntarily decided to donate 1,000,000GBP(One Million British Pounds) to 5 individuals randomly as part of our own charity project. To verify our lottery winnings,please see our interview by visiting the web page below: http://www.telegraph.co.uk/news/newstopics/howaboutthat/11511467/Lincolnshi… Lincolnshire couple thought £53m EuroMillions win was ... A retired couple who have become one of the country's biggest ever National Lottery winners after bagging more than £53 million at first thought it was an April Fool's joke. Richard and Angela Maxwell, from Boston in Lincolnshire, scooped £53,193,914 after winning the EuroMillions jackpot draw on ... www.telegraph.co.uk After a computer spinball,your email address was among the emails which were submitted to us by the Google, Inc as a web user; ifyou have received our email, kindly send us the below details so that we can transfer your 1,000,000.00 GBP(One Million Pounds) in your name or direct our paying bank to effect the transfer of the funds to your designated bank account in your own country. Full Names: Mobile No: Age: Address: Send your response to: richangela203(a)hotmail.com or richangela22<3057927356(a)qq.com> Best Regards, Richard & Angela Maxwell

7 years, 1 month

1
0
0 0

[PATCH v3 8/8] drm/nouveau: Call pm_runtime_get_noresume() from hpd handlers

by Lyude Paul

We can't and don't need to try resuming the device from our hotplug handlers, but hotplug events are generally something we'd like to keep the device awake for whenever possible. So, grab a PM ref safely in our hotplug handlers using pm_runtime_get_noresume() and mark the device as busy once we're finished. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 8409c3f2c3a1..5a8e8c1ad647 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -1152,6 +1152,11 @@ nouveau_connector_hotplug(struct nvif_notify *notify) const char *name = connector->name; struct nouveau_encoder *nv_encoder; + /* Resuming the device here isn't possible; but the suspend PM ops + * will wait for us to finish our work before disabling us so this + * should be enough + */ + pm_runtime_get_noresume(drm->dev->dev); nv_connector->hpd_task = current; if (rep->mask & NVIF_NOTIFY_CONN_V0_IRQ) { @@ -1171,6 +1176,9 @@ nouveau_connector_hotplug(struct nvif_notify *notify) } nv_connector->hpd_task = NULL; + + pm_runtime_mark_last_busy(drm->dev->dev); + pm_runtime_put_autosuspend(drm->dev->dev); return NVIF_NOTIFY_KEEP; } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 7/8] drm/nouveau: Fix deadlocks in nouveau_connector_detect()

by Lyude Paul

When we disable hotplugging on the GPU, we need to be able to synchronize with each connector's hotplug interrupt handler before the interrupt is finally disabled. This can be a problem however, since nouveau_connector_detect() currently grabs a runtime power reference when handling connector probing. This will deadlock the runtime suspend handler like so: [ 861.480896] INFO: task kworker/0:2:61 blocked for more than 120 seconds. [ 861.483290] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.485158] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.486332] kworker/0:2 D 0 61 2 0x80000000 [ 861.487044] Workqueue: events nouveau_display_hpd_work [nouveau] [ 861.487737] Call Trace: [ 861.488394] __schedule+0x322/0xaf0 [ 861.489070] schedule+0x33/0x90 [ 861.489744] rpm_resume+0x19c/0x850 [ 861.490392] ? finish_wait+0x90/0x90 [ 861.491068] __pm_runtime_resume+0x4e/0x90 [ 861.491753] nouveau_display_hpd_work+0x22/0x60 [nouveau] [ 861.492416] process_one_work+0x231/0x620 [ 861.493068] worker_thread+0x44/0x3a0 [ 861.493722] kthread+0x12b/0x150 [ 861.494342] ? wq_pool_ids_show+0x140/0x140 [ 861.494991] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.495648] ret_from_fork+0x3a/0x50 [ 861.496304] INFO: task kworker/6:2:320 blocked for more than 120 seconds. [ 861.496968] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.497654] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.498341] kworker/6:2 D 0 320 2 0x80000080 [ 861.499045] Workqueue: pm pm_runtime_work [ 861.499739] Call Trace: [ 861.500428] __schedule+0x322/0xaf0 [ 861.501134] ? wait_for_completion+0x104/0x190 [ 861.501851] schedule+0x33/0x90 [ 861.502564] schedule_timeout+0x3a5/0x590 [ 861.503284] ? mark_held_locks+0x58/0x80 [ 861.503988] ? _raw_spin_unlock_irq+0x2c/0x40 [ 861.504710] ? wait_for_completion+0x104/0x190 [ 861.505417] ? trace_hardirqs_on_caller+0xf4/0x190 [ 861.506136] ? wait_for_completion+0x104/0x190 [ 861.506845] wait_for_completion+0x12c/0x190 [ 861.507555] ? wake_up_q+0x80/0x80 [ 861.508268] flush_work+0x1c9/0x280 [ 861.508990] ? flush_workqueue_prep_pwqs+0x1b0/0x1b0 [ 861.509735] nvif_notify_put+0xb1/0xc0 [nouveau] [ 861.510482] nouveau_display_fini+0xbd/0x170 [nouveau] [ 861.511241] nouveau_display_suspend+0x67/0x120 [nouveau] [ 861.511969] nouveau_do_suspend+0x5e/0x2d0 [nouveau] [ 861.512715] nouveau_pmops_runtime_suspend+0x47/0xb0 [nouveau] [ 861.513435] pci_pm_runtime_suspend+0x6b/0x180 [ 861.514165] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.514897] __rpm_callback+0x7a/0x1d0 [ 861.515618] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.516313] rpm_callback+0x24/0x80 [ 861.517027] ? pci_has_legacy_pm_support+0x70/0x70 [ 861.517741] rpm_suspend+0x142/0x6b0 [ 861.518449] pm_runtime_work+0x97/0xc0 [ 861.519144] process_one_work+0x231/0x620 [ 861.519831] worker_thread+0x44/0x3a0 [ 861.520522] kthread+0x12b/0x150 [ 861.521220] ? wq_pool_ids_show+0x140/0x140 [ 861.521925] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.522622] ret_from_fork+0x3a/0x50 [ 861.523299] INFO: task kworker/6:0:1329 blocked for more than 120 seconds. [ 861.523977] Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.524644] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 861.525349] kworker/6:0 D 0 1329 2 0x80000000 [ 861.526073] Workqueue: events nvif_notify_work [nouveau] [ 861.526751] Call Trace: [ 861.527411] __schedule+0x322/0xaf0 [ 861.528089] schedule+0x33/0x90 [ 861.528758] rpm_resume+0x19c/0x850 [ 861.529399] ? finish_wait+0x90/0x90 [ 861.530073] __pm_runtime_resume+0x4e/0x90 [ 861.530798] nouveau_connector_detect+0x7e/0x510 [nouveau] [ 861.531459] ? ww_mutex_lock+0x47/0x80 [ 861.532097] ? ww_mutex_lock+0x47/0x80 [ 861.532819] ? drm_modeset_lock+0x88/0x130 [drm] [ 861.533481] drm_helper_probe_detect_ctx+0xa0/0x100 [drm_kms_helper] [ 861.534127] drm_helper_hpd_irq_event+0xa4/0x120 [drm_kms_helper] [ 861.534940] nouveau_connector_hotplug+0x98/0x120 [nouveau] [ 861.535556] nvif_notify_work+0x2d/0xb0 [nouveau] [ 861.536221] process_one_work+0x231/0x620 [ 861.536994] worker_thread+0x44/0x3a0 [ 861.537757] kthread+0x12b/0x150 [ 861.538463] ? wq_pool_ids_show+0x140/0x140 [ 861.539102] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.539815] ret_from_fork+0x3a/0x50 [ 861.540521] Showing all locks held in the system: [ 861.541696] 2 locks held by kworker/0:2/61: [ 861.542406] #0: 000000002dbf8af5 ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.543071] #1: 0000000076868126 ((work_completion)(&drm->hpd_work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.543814] 1 lock held by khungtaskd/64: [ 861.544535] #0: 0000000059db4b53 (rcu_read_lock){....}, at: debug_show_all_locks+0x23/0x185 [ 861.545160] 3 locks held by kworker/6:2/320: [ 861.545896] #0: 00000000d9e1bc59 ((wq_completion)"pm"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.546702] #1: 00000000c9f92d84 ((work_completion)(&dev->power.work)){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.547443] #2: 000000004afc5de1 (drm_connector_list_iter){.+.+}, at: nouveau_display_fini+0x96/0x170 [nouveau] [ 861.548146] 1 lock held by dmesg/983: [ 861.548889] 2 locks held by zsh/1250: [ 861.549605] #0: 00000000348e3cf6 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x37/0x40 [ 861.550393] #1: 000000007009a7a8 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0xc1/0x870 [ 861.551122] 6 locks held by kworker/6:0/1329: [ 861.551957] #0: 000000002dbf8af5 ((wq_completion)"events"){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.552765] #1: 00000000ddb499ad ((work_completion)(&notify->work)#2){+.+.}, at: process_one_work+0x1b3/0x620 [ 861.553582] #2: 000000006e013cbe (&dev->mode_config.mutex){+.+.}, at: drm_helper_hpd_irq_event+0x6c/0x120 [drm_kms_helper] [ 861.554357] #3: 000000004afc5de1 (drm_connector_list_iter){.+.+}, at: drm_helper_hpd_irq_event+0x78/0x120 [drm_kms_helper] [ 861.555227] #4: 0000000044f294d9 (crtc_ww_class_acquire){+.+.}, at: drm_helper_probe_detect_ctx+0x3d/0x100 [drm_kms_helper] [ 861.556133] #5: 00000000db193642 (crtc_ww_class_mutex){+.+.}, at: drm_modeset_lock+0x4b/0x130 [drm] [ 861.557864] ============================================= [ 861.559507] NMI backtrace for cpu 2 [ 861.560363] CPU: 2 PID: 64 Comm: khungtaskd Tainted: G O 4.18.0-rc6Lyude-Test+ #1 [ 861.561197] Hardware name: LENOVO 20EQS64N0B/20EQS64N0B, BIOS N1EET78W (1.51 ) 05/18/2018 [ 861.561948] Call Trace: [ 861.562757] dump_stack+0x8e/0xd3 [ 861.563516] nmi_cpu_backtrace.cold.3+0x14/0x5a [ 861.564269] ? lapic_can_unplug_cpu.cold.27+0x42/0x42 [ 861.565029] nmi_trigger_cpumask_backtrace+0xa1/0xae [ 861.565789] arch_trigger_cpumask_backtrace+0x19/0x20 [ 861.566558] watchdog+0x316/0x580 [ 861.567355] kthread+0x12b/0x150 [ 861.568114] ? reset_hung_task_detector+0x20/0x20 [ 861.568863] ? kthread_create_worker_on_cpu+0x70/0x70 [ 861.569598] ret_from_fork+0x3a/0x50 [ 861.570370] Sending NMI from CPU 2 to CPUs 0-1,3-7: [ 861.571426] NMI backtrace for cpu 6 skipped: idling at intel_idle+0x7f/0x120 [ 861.571429] NMI backtrace for cpu 7 skipped: idling at intel_idle+0x7f/0x120 [ 861.571432] NMI backtrace for cpu 3 skipped: idling at intel_idle+0x7f/0x120 [ 861.571464] NMI backtrace for cpu 5 skipped: idling at intel_idle+0x7f/0x120 [ 861.571467] NMI backtrace for cpu 0 skipped: idling at intel_idle+0x7f/0x120 [ 861.571469] NMI backtrace for cpu 4 skipped: idling at intel_idle+0x7f/0x120 [ 861.571472] NMI backtrace for cpu 1 skipped: idling at intel_idle+0x7f/0x120 [ 861.572428] Kernel panic - not syncing: hung_task: blocked tasks So: fix this with a new trick; store the current task_struct that's executing in the nouveau_connector structure, then avoid attempting to runtime resume the device when we know that we're just running from the context of our hotplug interrupt handler. Since hpd interrupts are only enabled while the device is runtime active, this should be totally safe. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 16 ++++++++++------ drivers/gpu/drm/nouveau/nouveau_connector.h | 1 + 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 9714e09f17db..8409c3f2c3a1 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -572,13 +572,14 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) nv_connector->edid = NULL; } - /* Outputs are only polled while runtime active, so resuming the - * device here is unnecessary (and would deadlock upon runtime suspend - * because it waits for polling to finish). We do however, want to - * prevent the autosuspend timer from elapsing during this operation - * if possible. + /* Output polling and HPD only happens while we're runtime active, so + * resuming the device here is unnecessary (and would deadlock upon + * runtime suspend because it waits for polling to finish). We do + * however, want to prevent the autosuspend timer from elapsing during + * this operation if possible. */ - if (drm_kms_helper_is_poll_worker()) { + if (drm_kms_helper_is_poll_worker() || + nv_connector->hpd_task == current) { pm_runtime_get_noresume(dev->dev); } else { ret = pm_runtime_get_sync(dev->dev); @@ -1151,6 +1152,8 @@ nouveau_connector_hotplug(struct nvif_notify *notify) const char *name = connector->name; struct nouveau_encoder *nv_encoder; + nv_connector->hpd_task = current; + if (rep->mask & NVIF_NOTIFY_CONN_V0_IRQ) { NV_DEBUG(drm, "service %s\n", name); if ((nv_encoder = find_encoder(connector, DCB_OUTPUT_DP))) @@ -1167,6 +1170,7 @@ nouveau_connector_hotplug(struct nvif_notify *notify) nouveau_connector_hotplug_probe(nv_connector); } + nv_connector->hpd_task = NULL; return NVIF_NOTIFY_KEEP; } diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.h b/drivers/gpu/drm/nouveau/nouveau_connector.h index 2d9d35a146a4..1964e682ba13 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.h +++ b/drivers/gpu/drm/nouveau/nouveau_connector.h @@ -45,6 +45,7 @@ struct nouveau_connector { u8 *dcb; struct nvif_notify hpd; + struct task_struct *hpd_task; struct drm_dp_aux aux; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 6/8] drm/nouveau: Respond to HPDs by probing one conn at a time

by Lyude Paul

There isn't actually any reason we need to call drm_hpd_irq_event() from our hotplug handler, as we already know which connector the hotplug event was fired for. We're also going to need to avoid probing all connectors needlessly from hotplug handlers anyway so that we can track when nouveau_connector_detect() is being called from the context of it's connector's hotplug handler in order to fix the next deadlocking issue. This is (slightly) faster anyway! Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 28 ++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 010d6db14cba..9714e09f17db 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -1114,6 +1114,32 @@ nouveau_connector_funcs_lvds = { .atomic_get_property = nouveau_conn_atomic_get_property, }; +static void +nouveau_connector_hotplug_probe(struct nouveau_connector *nv_conn) +{ + struct drm_modeset_acquire_ctx ctx; + struct drm_connector *conn = &nv_conn->base; + enum drm_connector_status old_status; + struct drm_device *dev = conn->dev; + bool changed; + + mutex_lock(&dev->mode_config.mutex); + + drm_modeset_acquire_init(&ctx, 0); + drm_modeset_lock(&dev->mode_config.connection_mutex, &ctx); + + old_status = conn->status; + conn->status = drm_helper_probe_detect(conn, &ctx, true); + changed = old_status != conn->status; + + drm_modeset_drop_locks(&ctx); + drm_modeset_acquire_fini(&ctx); + mutex_unlock(&dev->mode_config.mutex); + + if (changed) + drm_kms_helper_hotplug_event(dev); +} + static int nouveau_connector_hotplug(struct nvif_notify *notify) { @@ -1138,7 +1164,7 @@ nouveau_connector_hotplug(struct nvif_notify *notify) nv50_mstm_remove(nv_encoder->dp.mstm); } - drm_helper_hpd_irq_event(connector->dev); + nouveau_connector_hotplug_probe(nv_connector); } return NVIF_NOTIFY_KEEP; -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 5/8] drm/nouveau: Use pm_runtime_get_noresume() in connector_detect()

by Lyude Paul

It's true we can't resume the device from poll workers in nouveau_connector_detect(). We can however, prevent the autosuspend timer from elapsing immediately if it hasn't already without risking any sort of deadlock with the runtime suspend/resume operations. So do that instead of entirely avoiding grabbing a power reference. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_connector.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_connector.c b/drivers/gpu/drm/nouveau/nouveau_connector.c index 2a45b4c2ceb0..010d6db14cba 100644 --- a/drivers/gpu/drm/nouveau/nouveau_connector.c +++ b/drivers/gpu/drm/nouveau/nouveau_connector.c @@ -572,12 +572,16 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) nv_connector->edid = NULL; } - /* Outputs are only polled while runtime active, so acquiring a - * runtime PM ref here is unnecessary (and would deadlock upon - * runtime suspend because it waits for polling to finish). + /* Outputs are only polled while runtime active, so resuming the + * device here is unnecessary (and would deadlock upon runtime suspend + * because it waits for polling to finish). We do however, want to + * prevent the autosuspend timer from elapsing during this operation + * if possible. */ - if (!drm_kms_helper_is_poll_worker()) { - ret = pm_runtime_get_sync(connector->dev->dev); + if (drm_kms_helper_is_poll_worker()) { + pm_runtime_get_noresume(dev->dev); + } else { + ret = pm_runtime_get_sync(dev->dev); if (ret < 0 && ret != -EACCES) return conn_status; } @@ -655,10 +659,8 @@ nouveau_connector_detect(struct drm_connector *connector, bool force) out: - if (!drm_kms_helper_is_poll_worker()) { - pm_runtime_mark_last_busy(connector->dev->dev); - pm_runtime_put_autosuspend(connector->dev->dev); - } + pm_runtime_mark_last_busy(dev->dev); + pm_runtime_put_autosuspend(dev->dev); return conn_status; } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 4/8] drm/nouveau: Fix deadlock with fb_helper using new helpers

by Lyude Paul

This removes the potential of deadlocking with fb_helper entirely by preventing it from handling hotplugs during the runtime suspend process as early as possible in the suspend process. If it turns out this is not possible, due to some fb_helper action having been queued up before we got a time to disable hotplugging, we simply return -EBUSY so that the runtime PM core attempts autosuspending the device again once fb_helper isn't doing anything. This fixes one of the issues causing deadlocks on runtime suspend/resume with nouveau on my P50. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Karol Herbst <karolherbst(a)gmail.com> --- drivers/gpu/drm/nouveau/nouveau_drm.c | 8 ++++++++ drivers/gpu/drm/nouveau/nouveau_fbcon.c | 1 + 2 files changed, 9 insertions(+) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index ee2546db09c9..d47cb5b2af98 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -836,6 +836,14 @@ nouveau_pmops_runtime_suspend(struct device *dev) return -EBUSY; } + /* There's no way for us to stop fb_helper work in reaction to + * hotplugs later in the RPM process. First off: we don't want to, + * fb_helper should be able to keep the GPU awake. Second off: it is + * capable of grabbing basically any lock in existence. + */ + if (!drm_fb_helper_suspend_hotplug(drm_dev->fb_helper)) + return -EBUSY; + nouveau_switcheroo_optimus_dsm(); ret = nouveau_do_suspend(drm_dev, true); pci_save_state(pdev); diff --git a/drivers/gpu/drm/nouveau/nouveau_fbcon.c b/drivers/gpu/drm/nouveau/nouveau_fbcon.c index 85c1f10bc2b6..963ba630fd04 100644 --- a/drivers/gpu/drm/nouveau/nouveau_fbcon.c +++ b/drivers/gpu/drm/nouveau/nouveau_fbcon.c @@ -466,6 +466,7 @@ nouveau_fbcon_set_suspend_work(struct work_struct *work) console_unlock(); if (state == FBINFO_STATE_RUNNING) { + drm_fb_helper_resume_hotplug(drm->dev->fb_helper); pm_runtime_mark_last_busy(drm->dev->dev); pm_runtime_put_sync(drm->dev->dev); } -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 2/8] drm/nouveau: Enable polling even if we have runtime PM

by Lyude Paul

Having runtime PM makes no difference on whether or not we want polling, and it's now safe to just enable polling unconditionally in drm_load() thanks to d61a5c106351 ("drm/nouveau: Fix deadlock on runtime suspend") Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Peter Ujfalusi <peter.ujfalusi(a)ti.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_drm.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index 5fdc1fbe2ee5..ee2546db09c9 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -592,10 +592,11 @@ nouveau_drm_load(struct drm_device *dev, unsigned long flags) pm_runtime_allow(dev->dev); pm_runtime_mark_last_busy(dev->dev); pm_runtime_put(dev->dev); - } else { - /* enable polling for external displays */ - drm_kms_helper_poll_enable(dev); } + + /* enable polling for connectors without hpd */ + drm_kms_helper_poll_enable(dev); + return 0; fail_dispinit: -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH v3 1/8] drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement

by Lyude Paul

Turns out this part is my fault for not noticing when reviewing 9a2eba337cace ("drm/nouveau: Fix drm poll_helper handling"). Currently we call drm_kms_helper_poll_enable() from nouveau_display_hpd_work(). This makes basically no sense however, because that means we're calling drm_kms_helper_poll_enable() every time we schedule the hotplug detection work. This is also against the advice mentioned in drm_kms_helper_poll_enable()'s documentation: Note that calls to enable and disable polling must be strictly ordered, which is automatically the case when they're only call from suspend/resume callbacks. Of course, hotplugs can't really be ordered. They could even happen immediately after we called drm_kms_helper_poll_disable() in nouveau_display_fini(), which can lead to all sorts of issues. Additionally; enabling polling /after/ we call drm_helper_hpd_irq_event() could also mean that we'd miss a hotplug event anyway, since drm_helper_hpd_irq_event() wouldn't bother trying to probe connectors so long as polling is disabled. So; simply move this back into nouveau_display_init() again. The race condition that both of these patches attempted to work around has already been fixed properly in d61a5c106351 ("drm/nouveau: Fix deadlock on runtime suspend") Fixes: 9a2eba337cace ("drm/nouveau: Fix drm poll_helper handling") Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: Lukas Wunner <lukas(a)wunner.de> Cc: Peter Ujfalusi <peter.ujfalusi(a)ti.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_display.c | 7 +++++-- drivers/gpu/drm/nouveau/nouveau_drm.c | 1 - 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_display.c b/drivers/gpu/drm/nouveau/nouveau_display.c index ec7861457b84..1d36ab5d4796 100644 --- a/drivers/gpu/drm/nouveau/nouveau_display.c +++ b/drivers/gpu/drm/nouveau/nouveau_display.c @@ -355,8 +355,6 @@ nouveau_display_hpd_work(struct work_struct *work) pm_runtime_get_sync(drm->dev->dev); drm_helper_hpd_irq_event(drm->dev); - /* enable polling for external displays */ - drm_kms_helper_poll_enable(drm->dev); pm_runtime_mark_last_busy(drm->dev->dev); pm_runtime_put_sync(drm->dev->dev); @@ -411,6 +409,11 @@ nouveau_display_init(struct drm_device *dev) if (ret) return ret; + /* enable connector detection and polling for connectors without HPD + * support + */ + drm_kms_helper_poll_enable(dev); + /* enable hotplug interrupts */ drm_connector_list_iter_begin(dev, &conn_iter); nouveau_for_each_non_mst_connector_iter(connector, &conn_iter) { diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index c7ec86d6c3c9..5fdc1fbe2ee5 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -835,7 +835,6 @@ nouveau_pmops_runtime_suspend(struct device *dev) return -EBUSY; } - drm_kms_helper_poll_disable(drm_dev); nouveau_switcheroo_optimus_dsm(); ret = nouveau_do_suspend(drm_dev, true); pci_save_state(pdev); -- 2.17.1

7 years, 1 month

1
0
0 0

request for 4.14-stable: 520e18a5080d ("ACPI / APEI: Remove ghes_ioremap_area")

by Sudip Mukherjee

Hi Greg, This was missing in 4.14-stable. Though marked for stable, but not sure if it matches the stable rules. Please apply to your queue if it does. -- Regards Sudip

7 years, 1 month

1
0
0 0

Missing signature-files for 4.9.116/4.14.59

by Rainer Fiebig

Hi! Seems the .sign-files for 4.9.116 and 4.14.59 are missing in https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ - so my script complained. So long! Rainer Fiebig -- The truth always turns out to be simpler than you thought. Richard Feynman

7 years, 1 month

2
2
0 0

[PATCH, RESEND] Avoid that SCSI device removal through sysfs triggers a deadlock

by Bart Van Assche

This patch avoids that self-removal triggers the following deadlock: ====================================================== WARNING: possible circular locking dependency detected 4.18.0-rc2-dbg+ #5 Not tainted ------------------------------------------------------ modprobe/6539 is trying to acquire lock: 000000008323c4cd (kn->count#202){++++}, at: kernfs_remove_by_name_ns+0x45/0x90 but task is already holding lock: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (&shost->scan_mutex){+.+.}: __mutex_lock+0xfe/0xc70 mutex_lock_nested+0x1b/0x20 scsi_remove_device+0x26/0x40 [scsi_mod] sdev_store_delete+0x27/0x30 [scsi_mod] dev_attr_store+0x3e/0x50 sysfs_kf_write+0x87/0xa0 kernfs_fop_write+0x190/0x230 __vfs_write+0xd2/0x3b0 vfs_write+0x101/0x270 ksys_write+0xab/0x120 __x64_sys_write+0x43/0x50 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (kn->count#202){++++}: lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&shost->scan_mutex); lock(kn->count#202); lock(&shost->scan_mutex); lock(kn->count#202); *** DEADLOCK *** 2 locks held by modprobe/6539: #0: 00000000efaf9298 (&dev->mutex){....}, at: device_release_driver_internal+0x68/0x360 #1: 00000000a6ec2c69 (&shost->scan_mutex){+.+.}, at: scsi_remove_host+0x21/0x150 [scsi_mod] stack backtrace: CPU: 10 PID: 6539 Comm: modprobe Not tainted 4.18.0-rc2-dbg+ #5 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 Call Trace: dump_stack+0xa4/0xf5 print_circular_bug.isra.34+0x213/0x221 __lock_acquire+0x1a7e/0x1b50 lock_acquire+0xd2/0x260 __kernfs_remove+0x424/0x4a0 kernfs_remove_by_name_ns+0x45/0x90 remove_files.isra.1+0x3a/0x90 sysfs_remove_group+0x5c/0xc0 sysfs_remove_groups+0x39/0x60 device_remove_attrs+0x82/0xb0 device_del+0x251/0x580 __scsi_remove_device+0x19f/0x1d0 [scsi_mod] scsi_forget_host+0x37/0xb0 [scsi_mod] scsi_remove_host+0x9b/0x150 [scsi_mod] sdebug_driver_remove+0x4b/0x150 [scsi_debug] device_release_driver_internal+0x241/0x360 device_release_driver+0x12/0x20 bus_remove_device+0x1bc/0x290 device_del+0x259/0x580 device_unregister+0x1a/0x70 sdebug_remove_adapter+0x8b/0xf0 [scsi_debug] scsi_debug_exit+0x76/0xe8 [scsi_debug] __x64_sys_delete_module+0x1c1/0x280 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe See also https://www.mail-archive.com/linux-scsi@vger.kernel.org/msg54525.html. Suggested-by: Eric W. Biederman <ebiederm(a)xmission.com> Fixes: ac0ece9174ac ("scsi: use device_remove_file_self() instead of device_schedule_callback()") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Eric W. Biederman <ebiederm(a)xmission.com> Cc: Tejun Heo <tj(a)kernel.org> Cc: Hannes Reinecke <hare(a)suse.com> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: Ingo Molnar <mingo(a)kernel.org> Cc: Oleg Nesterov <oleg(a)redhat.com> Cc: <stable(a)vger.kernel.org> --- drivers/scsi/scsi_sysfs.c | 48 +++++++++++++++++++++++++++++++++++---- kernel/task_work.c | 1 + 2 files changed, 45 insertions(+), 4 deletions(-) diff --git a/drivers/scsi/scsi_sysfs.c b/drivers/scsi/scsi_sysfs.c index de122354d09a..c43f645900d4 100644 --- a/drivers/scsi/scsi_sysfs.c +++ b/drivers/scsi/scsi_sysfs.c @@ -12,6 +12,7 @@ #include <linux/blkdev.h> #include <linux/device.h> #include <linux/pm_runtime.h> +#include <linux/task_work.h> #include <scsi/scsi.h> #include <scsi/scsi_device.h> @@ -718,14 +719,53 @@ store_rescan_field (struct device *dev, struct device_attribute *attr, } static DEVICE_ATTR(rescan, S_IWUSR, NULL, store_rescan_field); +struct remove_dev_work { + struct callback_head head; + struct scsi_device *sdev; +}; + +static void delete_sdev(struct callback_head *head) +{ + struct remove_dev_work *work = container_of(head, typeof(*work), head); + struct scsi_device *sdev = work->sdev; + + scsi_remove_device(sdev); + kfree(work); + scsi_device_put(sdev); +} + static ssize_t sdev_store_delete(struct device *dev, struct device_attribute *attr, const char *buf, size_t count) { - if (device_remove_file_self(dev, attr)) - scsi_remove_device(to_scsi_device(dev)); - return count; -}; + struct scsi_device *sdev = to_scsi_device(dev); + struct remove_dev_work *work; + int ret; + + ret = scsi_device_get(sdev); + if (ret < 0) + goto out; + ret = -ENOMEM; + work = kmalloc(sizeof(*work), GFP_KERNEL); + if (!work) + goto put; + work->head.func = delete_sdev; + work->sdev = sdev; + ret = task_work_add(current, &work->head, false); + if (ret < 0) + goto free; + ret = count; + +out: + return ret; + +free: + kfree(work); + +put: + scsi_device_put(sdev); + goto out; +} static DEVICE_ATTR(delete, S_IWUSR, NULL, sdev_store_delete); static ssize_t diff --git a/kernel/task_work.c b/kernel/task_work.c index 0fef395662a6..75dc496b9997 100644 --- a/kernel/task_work.c +++ b/kernel/task_work.c @@ -40,6 +40,7 @@ task_work_add(struct task_struct *task, struct callback_head *work, bool notify) set_notify_resume(task); return 0; } +EXPORT_SYMBOL_GPL(task_work_add); /** * task_work_cancel - cancel a pending work added by task_work_add() -- 2.18.0

7 years, 1 month

7
14
0 0

Re: Patch "kvm, mm: account shadow page tables to kmemcg" has been added to the 4.4-stable tree

by Shakeel Butt

On Sat, Jul 28, 2018 at 1:11 AM <gregkh(a)linuxfoundation.org> wrote: > > > This is a note to let you know that I've just added the patch titled > > kvm, mm: account shadow page tables to kmemcg > > to the 4.4-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > kvm-mm-account-shadow-page-tables-to-kmemcg.patch > and it can be found in the queue-4.4 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > Hi Greg, this patch requires some more changes to be effective on 4.4 kernel as kmem charging is still not in the generic page allocator code path in 4.4. Shakeel > > From d97e5e6160c0e0a23963ec198c7cb1c69e6bf9e8 Mon Sep 17 00:00:00 2001 > From: Shakeel Butt <shakeelb(a)google.com> > Date: Thu, 26 Jul 2018 16:37:45 -0700 > Subject: kvm, mm: account shadow page tables to kmemcg > MIME-Version: 1.0 > Content-Type: text/plain; charset=UTF-8 > Content-Transfer-Encoding: 8bit > > From: Shakeel Butt <shakeelb(a)google.com> > > commit d97e5e6160c0e0a23963ec198c7cb1c69e6bf9e8 upstream. > > The size of kvm's shadow page tables corresponds to the size of the > guest virtual machines on the system. Large VMs can spend a significant > amount of memory as shadow page tables which can not be left as system > memory overhead. So, account shadow page tables to the kmemcg. > > [shakeelb(a)google.com: replace (GFP_KERNEL|__GFP_ACCOUNT) with GFP_KERNEL_ACCOUNT] > Link: http://lkml.kernel.org/r/20180629140224.205849-1-shakeelb@google.com > Link: http://lkml.kernel.org/r/20180627181349.149778-1-shakeelb@google.com > Signed-off-by: Shakeel Butt <shakeelb(a)google.com> > Cc: Michal Hocko <mhocko(a)kernel.org> > Cc: Johannes Weiner <hannes(a)cmpxchg.org> > Cc: Vladimir Davydov <vdavydov.dev(a)gmail.com> > Cc: Paolo Bonzini <pbonzini(a)redhat.com> > Cc: Greg Thelen <gthelen(a)google.com> > Cc: Radim Krčmář <rkrcmar(a)redhat.com> > Cc: Peter Feiner <pfeiner(a)google.com> > Cc: <stable(a)vger.kernel.org> > Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> > Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > > --- > arch/x86/kvm/mmu.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > --- a/arch/x86/kvm/mmu.c > +++ b/arch/x86/kvm/mmu.c > @@ -692,7 +692,7 @@ static int mmu_topup_memory_cache_page(s > if (cache->nobjs >= min) > return 0; > while (cache->nobjs < ARRAY_SIZE(cache->objects)) { > - page = (void *)__get_free_page(GFP_KERNEL); > + page = (void *)__get_free_page(GFP_KERNEL_ACCOUNT); > if (!page) > return -ENOMEM; > cache->objects[cache->nobjs++] = page; > > > Patches currently in stable-queue which might be from shakeelb(a)google.com are > > queue-4.4/kvm-mm-account-shadow-page-tables-to-kmemcg.patch

7 years, 1 month

2
1
0 0

Request for 4.4-stable: e5b7d71aa5b32180adec49a17c752e577c68f740

by Andrea Adami

Greg, referring to 4.4 kernels which I build and use on the legacy Zaurus handhelds, I still carry these fixes which I tested but sent too late for the 4.4 merge window. e5b7d71aa5b3 ASoC: pxa: Fix module autoload for platform drivers I think this fix could be backported to 4.4-stable. Please review. Thanks Andrea

7 years, 1 month

2
1
0 0

[PATCH] tracing: do not leak kernel addresses

by Mark Salyzyn

From: Nick Desaulniers <ndesaulniers(a)google.com> Switch from 0x%lx to 0x%pK to print the kernel addresses. Fixes: CVE-2017-0630 Signed-off-by: Mark Salyzyn <salyzyn(a)android.com> Cc: Nick Desaulniers <ndesaulniers(a)google.com> Cc: Steven Rostedt <rostedt(a)goodmis.org> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: <kernel-team(a)android.com> Cc: <stable(a)vger.kernel.org> # 3.18, 4.4, 4.9, 4.14 Cc: <linux-kernel(a)vger.kernel.org> --- kernel/trace/trace_printk.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/trace_printk.c b/kernel/trace/trace_printk.c index ad1d6164e946..93698023baf1 100644 --- a/kernel/trace/trace_printk.c +++ b/kernel/trace/trace_printk.c @@ -304,7 +304,7 @@ static int t_show(struct seq_file *m, void *v) if (!*fmt) return 0; - seq_printf(m, "0x%lx : \"", *(unsigned long *)fmt); + seq_printf(m, "0x%pK : \"", *(unsigned long *)fmt); /* * Tabs and new lines need to be converted. -- 2.18.0.233.g985f88cf7e-goog

7 years, 1 month

9
26
0 0

[PATCH] block: blk_init_allocated_queue() set q->fq as NULL in the fail case

by xiao jin

We find the memory use-after-free issue in __blk_drain_queue() on the kernel 4.14. After read the latest kernel 4.18-rc6 we think it has the same problem. Memory is allocated for q->fq in the blk_init_allocated_queue(). If the elevator init function called with error return, it will run into the fail case to free the q->fq. Then the __blk_drain_queue() uses the same memory after the free of the q->fq, it will lead to the unpredictable event. The patch is to set q->fq as NULL in the fail case of blk_init_allocated_queue(). Fixes: commit 7c94e1c157a2 ("block: introduce blk_flush_queue to drive flush machinery") Signed-off-by: xiao jin <jin.xiao(a)intel.com> Cc: Ming Lei <ming.lei(a)redhat.com> Cc: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: <stable(a)vger.kernel.org> --- block/blk-core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/block/blk-core.c b/block/blk-core.c index b888175..52635e2 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -1072,6 +1072,7 @@ int blk_init_allocated_queue(struct request_queue *q) q->exit_rq_fn(q, q->fq->flush_rq); out_free_flush_queue: blk_free_flush_queue(q->fq); + q->fq = NULL; return -ENOMEM; } EXPORT_SYMBOL(blk_init_allocated_queue); -- 1.7.9.5

7 years, 1 month

4
3
0 0

FAILED: patch "[PATCH] mm: use vma_init() to initialize VMAs on stack and data" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 2c4541e24c55e2847bede93e33d749280edd429a Mon Sep 17 00:00:00 2001 From: "Kirill A. Shutemov" <kirill.shutemov(a)linux.intel.com> Date: Thu, 26 Jul 2018 16:37:30 -0700 Subject: [PATCH] mm: use vma_init() to initialize VMAs on stack and data segments Make sure to initialize all VMAs properly, not only those which come from vm_area_cachep. Link: http://lkml.kernel.org/r/20180724121139.62570-3-kirill.shutemov@linux.intel… Signed-off-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Acked-by: Linus Torvalds <torvalds(a)linux-foundation.org> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Oleg Nesterov <oleg(a)redhat.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/arch/arm/kernel/process.c b/arch/arm/kernel/process.c index 225d1c58d2de..d9c299133111 100644 --- a/arch/arm/kernel/process.c +++ b/arch/arm/kernel/process.c @@ -338,6 +338,7 @@ static struct vm_area_struct gate_vma = { static int __init gate_vma_init(void) { + vma_init(&gate_vma, NULL); gate_vma.vm_page_prot = PAGE_READONLY_EXEC; return 0; } diff --git a/arch/arm/mach-rpc/ecard.c b/arch/arm/mach-rpc/ecard.c index 39aef4876ed4..8db62cc54a6a 100644 --- a/arch/arm/mach-rpc/ecard.c +++ b/arch/arm/mach-rpc/ecard.c @@ -237,8 +237,8 @@ static void ecard_init_pgtables(struct mm_struct *mm) memcpy(dst_pgd, src_pgd, sizeof(pgd_t) * (EASI_SIZE / PGDIR_SIZE)); + vma_init(&vma, mm); vma.vm_flags = VM_EXEC; - vma.vm_mm = mm; flush_tlb_range(&vma, IO_START, IO_START + IO_SIZE); flush_tlb_range(&vma, EASI_START, EASI_START + EASI_SIZE); diff --git a/arch/arm64/include/asm/tlb.h b/arch/arm64/include/asm/tlb.h index ffdaea7954bb..d87f2d646caa 100644 --- a/arch/arm64/include/asm/tlb.h +++ b/arch/arm64/include/asm/tlb.h @@ -37,7 +37,9 @@ static inline void __tlb_remove_table(void *_table) static inline void tlb_flush(struct mmu_gather *tlb) { - struct vm_area_struct vma = { .vm_mm = tlb->mm, }; + struct vm_area_struct vma; + + vma_init(&vma, tlb->mm); /* * The ASID allocator will either invalidate the ASID or mark diff --git a/arch/arm64/mm/hugetlbpage.c b/arch/arm64/mm/hugetlbpage.c index ecc6818191df..1854e49aa18a 100644 --- a/arch/arm64/mm/hugetlbpage.c +++ b/arch/arm64/mm/hugetlbpage.c @@ -108,11 +108,13 @@ static pte_t get_clear_flush(struct mm_struct *mm, unsigned long pgsize, unsigned long ncontig) { - struct vm_area_struct vma = { .vm_mm = mm }; + struct vm_area_struct vma; pte_t orig_pte = huge_ptep_get(ptep); bool valid = pte_valid(orig_pte); unsigned long i, saddr = addr; + vma_init(&vma, mm); + for (i = 0; i < ncontig; i++, addr += pgsize, ptep++) { pte_t pte = ptep_get_and_clear(mm, addr, ptep); @@ -145,9 +147,10 @@ static void clear_flush(struct mm_struct *mm, unsigned long pgsize, unsigned long ncontig) { - struct vm_area_struct vma = { .vm_mm = mm }; + struct vm_area_struct vma; unsigned long i, saddr = addr; + vma_init(&vma, mm); for (i = 0; i < ncontig; i++, addr += pgsize, ptep++) pte_clear(mm, addr, ptep); diff --git a/arch/ia64/include/asm/tlb.h b/arch/ia64/include/asm/tlb.h index 44f0ac0df308..db89e7306081 100644 --- a/arch/ia64/include/asm/tlb.h +++ b/arch/ia64/include/asm/tlb.h @@ -120,7 +120,7 @@ ia64_tlb_flush_mmu_tlbonly(struct mmu_gather *tlb, unsigned long start, unsigned */ struct vm_area_struct vma; - vma.vm_mm = tlb->mm; + vma_init(&vma, tlb->mm); /* flush the address range from the tlb: */ flush_tlb_range(&vma, start, end); /* now flush the virt. page-table area mapping the address range: */ diff --git a/arch/ia64/mm/init.c b/arch/ia64/mm/init.c index bdb14a369137..e6c6dfd98de2 100644 --- a/arch/ia64/mm/init.c +++ b/arch/ia64/mm/init.c @@ -273,7 +273,7 @@ static struct vm_area_struct gate_vma; static int __init gate_vma_init(void) { - gate_vma.vm_mm = NULL; + vma_init(&gate_vma, NULL); gate_vma.vm_start = FIXADDR_USER_START; gate_vma.vm_end = FIXADDR_USER_END; gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; diff --git a/arch/x86/um/mem_32.c b/arch/x86/um/mem_32.c index 744afdc18cf3..56c44d865f7b 100644 --- a/arch/x86/um/mem_32.c +++ b/arch/x86/um/mem_32.c @@ -16,7 +16,7 @@ static int __init gate_vma_init(void) if (!FIXADDR_USER_START) return 0; - gate_vma.vm_mm = NULL; + vma_init(&gate_vma, NULL); gate_vma.vm_start = FIXADDR_USER_START; gate_vma.vm_end = FIXADDR_USER_END; gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index d508c7844681..40d4c66c7751 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -411,6 +411,7 @@ static void remove_inode_hugepages(struct inode *inode, loff_t lstart, bool truncate_op = (lend == LLONG_MAX); memset(&pseudo_vma, 0, sizeof(struct vm_area_struct)); + vma_init(&pseudo_vma, current->mm); pseudo_vma.vm_flags = (VM_HUGETLB | VM_MAYSHARE | VM_SHARED); pagevec_init(&pvec); next = start; @@ -595,6 +596,7 @@ static long hugetlbfs_fallocate(struct file *file, int mode, loff_t offset, * as input to create an allocation policy. */ memset(&pseudo_vma, 0, sizeof(struct vm_area_struct)); + vma_init(&pseudo_vma, mm); pseudo_vma.vm_flags = (VM_HUGETLB | VM_MAYSHARE | VM_SHARED); pseudo_vma.vm_file = file; diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 9ac49ef17b4e..01f1a14facc4 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -2505,6 +2505,7 @@ void mpol_shared_policy_init(struct shared_policy *sp, struct mempolicy *mpol) /* Create pseudo-vma that contains just the policy */ memset(&pvma, 0, sizeof(struct vm_area_struct)); + vma_init(&pvma, NULL); pvma.vm_end = TASK_SIZE; /* policy covers entire file */ mpol_set_shared_policy(sp, &pvma, new); /* adds ref */ diff --git a/mm/shmem.c b/mm/shmem.c index 2cab84403055..41b9bbf24e16 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -1421,6 +1421,7 @@ static void shmem_pseudo_vma_init(struct vm_area_struct *vma, { /* Create a pseudo vma that just contains the policy */ memset(vma, 0, sizeof(*vma)); + vma_init(vma, NULL); /* Bias interleave by inode number to distribute better across nodes */ vma->vm_pgoff = index + info->vfs_inode.i_ino; vma->vm_policy = mpol_shared_policy_lookup(&info->policy, index);

7 years, 1 month

4
3
0 0

[PATCH] perf/x86/intel/uncore: Fix hardcode index of Broadwell extra PCI DEV

by kan.liang＠linux.intel.com

From: Kan Liang <kan.liang(a)linux.intel.com> Masa reports that a warning message is shown while CPU hot-removing on Broadwell server. WARNING: CPU: 126 PID: 6 at arch/x86/events/intel/uncore.c:988 uncore_pci_remove+0x10b/0x150 Call Trace: pci_device_remove+0x42/0xd0 device_release_driver_internal+0x148/0x220 pci_stop_bus_device+0x76/0xa0 pci_stop_root_bus+0x44/0x60 acpi_pci_root_remove+0x1f/0x80 acpi_bus_trim+0x57/0x90 acpi_bus_trim+0x2e/0x90 acpi_device_hotplug+0x2bc/0x4b0 acpi_hotplug_work_fn+0x1a/0x30 process_one_work+0x174/0x3a0 worker_thread+0x4c/0x3d0 kthread+0xf8/0x130 This bug was introduced in: commit 15a3e845b01c ("perf/x86/intel/uncore: Fix SBOX support for Broadwell CPUs") The index of "QPI Port 2 filter" was hardcode to 2. The index of "PCU.3" used enumerator "HSWEP_PCI_PCU_3", which equals to 2 as well. To fix the conflict, the hardcode index needs to be cleaned up. Introduce a new enumerator "BDX_PCI_QPI_PORT2_FILTER" for "QPI Port 2 filter" on Broadwell, and increase the UNCORE_EXTRA_PCI_DEV_MAX. Clean up hardcode index. Reported-by: Masayoshi Mizuma <m.mizuma(a)jp.fujitsu.com> Debugged-by: Masayoshi Mizuma <m.mizuma(a)jp.fujitsu.com> Tested-by: Masayoshi Mizuma <m.mizuma(a)jp.fujitsu.com> Suggested-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Kan Liang <kan.liang(a)linux.intel.com> Fixes: 15a3e845b01c ("perf/x86/intel/uncore: Fix SBOX support for Broadwell CPUs") --- arch/x86/events/intel/uncore.h | 2 +- arch/x86/events/intel/uncore_snbep.c | 10 +++++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/arch/x86/events/intel/uncore.h b/arch/x86/events/intel/uncore.h index c9e1e0b..e17ab88 100644 --- a/arch/x86/events/intel/uncore.h +++ b/arch/x86/events/intel/uncore.h @@ -28,7 +28,7 @@ #define UNCORE_PCI_DEV_TYPE(data) ((data >> 8) & 0xff) #define UNCORE_PCI_DEV_IDX(data) (data & 0xff) #define UNCORE_EXTRA_PCI_DEV 0xff -#define UNCORE_EXTRA_PCI_DEV_MAX 3 +#define UNCORE_EXTRA_PCI_DEV_MAX 4 #define UNCORE_EVENT_CONSTRAINT(c, n) EVENT_CONSTRAINT(c, n, 0xff) diff --git a/arch/x86/events/intel/uncore_snbep.c b/arch/x86/events/intel/uncore_snbep.c index 87dc026..51d7c11 100644 --- a/arch/x86/events/intel/uncore_snbep.c +++ b/arch/x86/events/intel/uncore_snbep.c @@ -1029,6 +1029,7 @@ void snbep_uncore_cpu_init(void) enum { SNBEP_PCI_QPI_PORT0_FILTER, SNBEP_PCI_QPI_PORT1_FILTER, + BDX_PCI_QPI_PORT2_FILTER, HSWEP_PCI_PCU_3, }; @@ -3286,15 +3287,18 @@ static const struct pci_device_id bdx_uncore_pci_ids[] = { }, { /* QPI Port 0 filter */ PCI_DEVICE(PCI_VENDOR_ID_INTEL, 0x6f86), - .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, 0), + .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, + SNBEP_PCI_QPI_PORT0_FILTER), }, { /* QPI Port 1 filter */ PCI_DEVICE(PCI_VENDOR_ID_INTEL, 0x6f96), - .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, 1), + .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, + SNBEP_PCI_QPI_PORT1_FILTER), }, { /* QPI Port 2 filter */ PCI_DEVICE(PCI_VENDOR_ID_INTEL, 0x6f46), - .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, 2), + .driver_data = UNCORE_PCI_DEV_DATA(UNCORE_EXTRA_PCI_DEV, + BDX_PCI_QPI_PORT2_FILTER), }, { /* PCU.3 (for Capability registers) */ PCI_DEVICE(PCI_VENDOR_ID_INTEL, 0x6fc0), -- 2.4.11

7 years, 1 month

1
0
0 0

Request for 4.4-stable: 4e0def887d717598ae8062b46e55f9e00d3a5783

by Andrea Adami

Greg, building for corgi with gcc7 I notice this single warning: /drivers/dma/pxa_dma.c:1324:34: warning: duplicate 'const' declaration specifier [-Wduplicate-decl-specifier] static const struct of_device_id const pxad_dt_ids[] ... There was a wrong backport of one patch and pxa_dma was fixed by 4.4.90. Unfortunately the patch "4e0def8 dmaengine: pxa_dma: remove duplicate const qualifier" was forgotten. Thanks Andrea

7 years, 1 month

2
1
0 0

request for 4.14-stable: e8d4bfe3a715 ("ovl: Sync upper dirty data when syncing overlayfs")

by Sudip Mukherjee