- Linux-stable-mirror - lists.linaro.org

[merged] userfaultfd-disable-irqs-when-taking-the-waitqueue-lock.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: userfaultfd: disable irqs when taking the waitqueue lock has been removed from the -mm tree. Its filename was userfaultfd-disable-irqs-when-taking-the-waitqueue-lock.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Christoph Hellwig <hch(a)lst.de> Subject: userfaultfd: disable irqs when taking the waitqueue lock userfaultfd contains howe-grown locking of the waitqueue lock, and does not disable interrupts. This relies on the fact that no one else takes it from interrupt context and violates an invariat of the normal waitqueue locking scheme. With aio poll it is easy to trigger other locks that disable interrupts (or are called from interrupt context). Link: http://lkml.kernel.org/r/20181018154101.18750-1-hch@lst.de Signed-off-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: Andrea Arcangeli <aarcange(a)redhat.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Cc: <stable(a)vger.kernel.org> [4.19.x] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/userfaultfd.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) --- a/fs/userfaultfd.c~userfaultfd-disable-irqs-when-taking-the-waitqueue-lock +++ a/fs/userfaultfd.c @@ -1026,7 +1026,7 @@ static ssize_t userfaultfd_ctx_read(stru struct userfaultfd_ctx *fork_nctx = NULL; /* always take the fd_wqh lock before the fault_pending_wqh lock */ - spin_lock(&ctx->fd_wqh.lock); + spin_lock_irq(&ctx->fd_wqh.lock); __add_wait_queue(&ctx->fd_wqh, &wait); for (;;) { set_current_state(TASK_INTERRUPTIBLE); @@ -1112,13 +1112,13 @@ static ssize_t userfaultfd_ctx_read(stru ret = -EAGAIN; break; } - spin_unlock(&ctx->fd_wqh.lock); + spin_unlock_irq(&ctx->fd_wqh.lock); schedule(); - spin_lock(&ctx->fd_wqh.lock); + spin_lock_irq(&ctx->fd_wqh.lock); } __remove_wait_queue(&ctx->fd_wqh, &wait); __set_current_state(TASK_RUNNING); - spin_unlock(&ctx->fd_wqh.lock); + spin_unlock_irq(&ctx->fd_wqh.lock); if (!ret && msg->event == UFFD_EVENT_FORK) { ret = resolve_userfault_fork(ctx, fork_nctx, msg); _ Patches currently in -mm which might be from hch(a)lst.de are

7 years

1
0
0 0

[merged] mm-proc-pid-smaps_rollup-fix-null-pointer-deref-in-smaps_pte_range.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: /proc/pid/smaps_rollup: fix NULL pointer deref in smaps_pte_range() has been removed from the -mm tree. Its filename was mm-proc-pid-smaps_rollup-fix-null-pointer-deref-in-smaps_pte_range.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Vlastimil Babka <vbabka(a)suse.cz> Subject: mm: /proc/pid/smaps_rollup: fix NULL pointer deref in smaps_pte_range() Leonardo reports an apparent regression in 4.19-rc7: BUG: unable to handle kernel NULL pointer dereference at 00000000000000f0 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 3 PID: 6032 Comm: python Not tainted 4.19.0-041900rc7-lowlatency #201810071631 Hardware name: LENOVO 80UG/Toronto 4A2, BIOS 0XCN45WW 08/09/2018 RIP: 0010:smaps_pte_range+0x32d/0x540 Code: 80 00 00 00 00 74 a9 48 89 de 41 f6 40 52 40 0f 85 04 02 00 00 49 2b 30 48 c1 ee 0c 49 03 b0 98 00 00 00 49 8b 80 a0 00 00 00 <48> 8b b8 f0 00 00 00 e8 b7 ef ec ff 48 85 c0 0f 84 71 ff ff ff a8 RSP: 0018:ffffb0cbc484fb88 EFLAGS: 00010202 RAX: 0000000000000000 RBX: 0000560ddb9e9000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000560ddb9e9 RDI: 0000000000000001 RBP: ffffb0cbc484fbc0 R08: ffff94a5a227a578 R09: ffff94a5a227a578 R10: 0000000000000000 R11: 0000560ddbbe7000 R12: ffffe903098ba728 R13: ffffb0cbc484fc78 R14: ffffb0cbc484fcf8 R15: ffff94a5a2e9cf48 FS: 00007f6dfb683740(0000) GS:ffff94a5aaf80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000f0 CR3: 000000011c118001 CR4: 00000000003606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __walk_page_range+0x3c2/0x6f0 walk_page_vma+0x42/0x60 smap_gather_stats+0x79/0xe0 ? gather_pte_stats+0x320/0x320 ? gather_hugetlb_stats+0x70/0x70 show_smaps_rollup+0xcd/0x1c0 seq_read+0x157/0x400 __vfs_read+0x3a/0x180 ? security_file_permission+0x93/0xc0 ? security_file_permission+0x93/0xc0 vfs_read+0x8f/0x140 ksys_read+0x55/0xc0 __x64_sys_read+0x1a/0x20 do_syscall_64+0x5a/0x110 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Decoded code matched to local compilation+disassembly points to smaps_pte_entry(): } else if (unlikely(IS_ENABLED(CONFIG_SHMEM) && mss->check_shmem_swap && pte_none(*pte))) { page = find_get_entry(vma->vm_file->f_mapping, linear_page_index(vma, addr)); Here, vma->vm_file is NULL. mss->check_shmem_swap should be false in that case, however for smaps_rollup, smap_gather_stats() can set the flag true for one vma and leave it true for subsequent vma's where it should be false. To fix, reset the check_shmem_swap flag to false. There's also related bug which sets mss->swap to shmem_swapped, which in the context of smaps_rollup overwrites any value accumulated from previous vma's. Fix that as well. Note that the report suggests a regression between 4.17.19 and 4.19-rc7, which makes the 4.19 series ending with commit 258f669e7e88 ("mm: /proc/pid/smaps_rollup: convert to single value seq_file") suspicious. But the mss was reused for rollup since 493b0e9d945f ("mm: add /proc/pid/smaps_rollup") so let's play it safe with the stable backport. Link: http://lkml.kernel.org/r/555fbd1f-4ac9-0b58-dcd4-5dc4380ff7ca@suse.cz Link: https://bugzilla.kernel.org/show_bug.cgi?id=201377 Fixes: 493b0e9d945f ("mm: add /proc/pid/smaps_rollup") Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Reported-by: Leonardo Soares Müller <leozinho29_eu(a)hotmail.com> Tested-by: Leonardo Soares Müller <leozinho29_eu(a)hotmail.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Daniel Colascione <dancol(a)google.com> Cc: Alexey Dobriyan <adobriyan(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/proc/task_mmu.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/fs/proc/task_mmu.c~mm-proc-pid-smaps_rollup-fix-null-pointer-deref-in-smaps_pte_range +++ a/fs/proc/task_mmu.c @@ -713,6 +713,8 @@ static void smap_gather_stats(struct vm_ smaps_walk.private = mss; #ifdef CONFIG_SHMEM + /* In case of smaps_rollup, reset the value from previous vma */ + mss->check_shmem_swap = false; if (vma->vm_file && shmem_mapping(vma->vm_file->f_mapping)) { /* * For shared or readonly shmem mappings we know that all @@ -728,7 +730,7 @@ static void smap_gather_stats(struct vm_ if (!shmem_swapped || (vma->vm_flags & VM_SHARED) || !(vma->vm_flags & VM_WRITE)) { - mss->swap = shmem_swapped; + mss->swap += shmem_swapped; } else { mss->check_shmem_swap = true; smaps_walk.pte_hole = smaps_pte_hole; _ Patches currently in -mm which might be from vbabka(a)suse.cz are

7 years

1
0
0 0

[PATCH AUTOSEL 4.9 01/98] perf symbols: Fix memory corruption because of zero length symbols

by Sasha Levin

From: Ravi Bangoria <ravi.bangoria(a)linux.vnet.ibm.com> [ Upstream commit 331c7cb307971eac38e9470340e10c87855bf4bc ] Perf top is often crashing at very random locations on powerpc. After investigating, I found the crash only happens when sample is of zero length symbol. Powerpc kernel has many such symbols which does not contain length details in vmlinux binary and thus start and end addresses of such symbols are same. Structure struct sym_hist { u64 nr_samples; u64 period; struct sym_hist_entry addr[0]; }; has last member 'addr[]' of size zero. 'addr[]' is an array of addresses that belongs to one symbol (function). If function consist of 100 instructions, 'addr' points to an array of 100 'struct sym_hist_entry' elements. For zero length symbol, it points to the *empty* array, i.e. no members in the array and thus offset 0 is also invalid for such array. static int __symbol__inc_addr_samples(...) { ... offset = addr - sym->start; h = annotation__histogram(notes, evidx); h->nr_samples++; h->addr[offset].nr_samples++; h->period += sample->period; h->addr[offset].period += sample->period; ... } Here, when 'addr' is same as 'sym->start', 'offset' becomes 0, which is valid for normal symbols but *invalid* for zero length symbols and thus updating h->addr[offset] causes memory corruption. Fix this by adding one dummy element for zero length symbols. Link: https://lkml.org/lkml/2016/10/10/148 Fixes: edee44be5919 ("perf annotate: Don't throw error for zero length symbols") Signed-off-by: Ravi Bangoria <ravi.bangoria(a)linux.vnet.ibm.com> Acked-by: Jiri Olsa <jolsa(a)kernel.org> Acked-by: Namhyung Kim <namhyung(a)kernel.org> Cc: Alexander Shishkin <alexander.shishkin(a)linux.intel.com> Cc: Jin Yao <yao.jin(a)linux.intel.com> Cc: Kim Phillips <kim.phillips(a)arm.com> Cc: Naveen N. Rao <naveen.n.rao(a)linux.vnet.ibm.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Taeung Song <treeze.taeung(a)gmail.com> Link: http://lkml.kernel.org/r/1508854806-10542-1-git-send-email-ravi.bangoria@li… Signed-off-by: Arnaldo Carvalho de Melo <acme(a)redhat.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- tools/perf/util/annotate.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/tools/perf/util/annotate.c b/tools/perf/util/annotate.c index a38227eb5450..3336cbc6ec48 100644 --- a/tools/perf/util/annotate.c +++ b/tools/perf/util/annotate.c @@ -495,9 +495,19 @@ static struct ins *ins__find(const char *name) int symbol__alloc_hist(struct symbol *sym) { struct annotation *notes = symbol__annotation(sym); - const size_t size = symbol__size(sym); + size_t size = symbol__size(sym); size_t sizeof_sym_hist; + /* + * Add buffer of one element for zero length symbol. + * When sample is taken from first instruction of + * zero length symbol, perf still resolves it and + * shows symbol name in perf report and allows to + * annotate it. + */ + if (size == 0) + size = 1; + /* Check for overflow when calculating sizeof_sym_hist */ if (size > (SIZE_MAX - sizeof(struct sym_hist)) / sizeof(u64)) return -1; -- 2.17.1

7 years

3
101
0 0

[PATCH] kbuild: set no-integrated-as before incl. arch Makefile

by ndesaulniers＠google.com

From: Stefan Agner <stefan(a)agner.ch> In order to make sure compiler flag detection for ARM works correctly the no-integrated-as flags need to be set before including the arch specific Makefile. commit 0f0e8de334c54c38818a4a5390a39aa09deff5bf upstream Fixes: cfe17c9bbe6a ("kbuild: move cc-option and cc-disable-warning after incl. arch Makefile") Signed-off-by: Stefan Agner <stefan(a)agner.ch> Signed-off-by: Masahiro Yamada <yamada.masahiro(a)socionext.com> Reported-by: Nathan Chancellor <natechancellor(a)gmail.com> Signed-off-by: Nick Desaulniers <ndesaulniers(a)google.com> --- Sending to stable for inclusion in 4.14. Needed for CONFIG_ARM64_LSE_ATOMICS. Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index e02d092bc2d6..9e7f69c26aba 100644 --- a/Makefile +++ b/Makefile @@ -487,6 +487,8 @@ CLANG_GCC_TC := --gcc-toolchain=$(GCC_TOOLCHAIN) endif KBUILD_CFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC) KBUILD_AFLAGS += $(CLANG_TARGET) $(CLANG_GCC_TC) +KBUILD_CFLAGS += $(call cc-option, -no-integrated-as) +KBUILD_AFLAGS += $(call cc-option, -no-integrated-as) endif RETPOLINE_CFLAGS_GCC := -mindirect-branch=thunk-extern -mindirect-branch-register @@ -743,8 +745,6 @@ KBUILD_CFLAGS += $(call cc-disable-warning, tautological-compare) # See modpost pattern 2 KBUILD_CFLAGS += $(call cc-option, -mno-global-merge,) KBUILD_CFLAGS += $(call cc-option, -fcatch-undefined-behavior) -KBUILD_CFLAGS += $(call cc-option, -no-integrated-as) -KBUILD_AFLAGS += $(call cc-option, -no-integrated-as) else # These warnings generated too much noise in a regular build. -- 2.19.1.568.g152ad8e336-goog

7 years

3
2
0 0

[PATCH AUTOSEL 4.14 01/46] iwlwifi: mvm: check for short GI only for OFDM

by Sasha Levin

From: Sara Sharon <sara.sharon(a)intel.com> [ Upstream commit 4c59ff5a9a9c54cc26c807dc2fa6933f7e9fa4ef ] This bit will be used in CCK to indicate short preamble. Signed-off-by: Sara Sharon <sara.sharon(a)intel.com> Signed-off-by: Luca Coelho <luciano.coelho(a)intel.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/net/wireless/intel/iwlwifi/mvm/rx.c | 3 ++- drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/rx.c b/drivers/net/wireless/intel/iwlwifi/mvm/rx.c index 2d14a58cbdd7..c73e4be9bde3 100644 --- a/drivers/net/wireless/intel/iwlwifi/mvm/rx.c +++ b/drivers/net/wireless/intel/iwlwifi/mvm/rx.c @@ -439,7 +439,8 @@ void iwl_mvm_rx_rx_mpdu(struct iwl_mvm *mvm, struct napi_struct *napi, rx_status->bw = RATE_INFO_BW_160; break; } - if (rate_n_flags & RATE_MCS_SGI_MSK) + if (!(rate_n_flags & RATE_MCS_CCK_MSK) && + rate_n_flags & RATE_MCS_SGI_MSK) rx_status->enc_flags |= RX_ENC_FLAG_SHORT_GI; if (rate_n_flags & RATE_HT_MCS_GF_MSK) rx_status->enc_flags |= RX_ENC_FLAG_HT_GF; diff --git a/drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c b/drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c index e2196dc35dc6..8ba8c70571fb 100644 --- a/drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c +++ b/drivers/net/wireless/intel/iwlwifi/mvm/rxmq.c @@ -981,7 +981,9 @@ void iwl_mvm_rx_mpdu_mq(struct iwl_mvm *mvm, struct napi_struct *napi, rx_status->bw = RATE_INFO_BW_160; break; } - if (rate_n_flags & RATE_MCS_SGI_MSK) + + if (!(rate_n_flags & RATE_MCS_CCK_MSK) && + rate_n_flags & RATE_MCS_SGI_MSK) rx_status->enc_flags |= RX_ENC_FLAG_SHORT_GI; if (rate_n_flags & RATE_HT_MCS_GF_MSK) rx_status->enc_flags |= RX_ENC_FLAG_HT_GF; -- 2.17.1

7 years

3
48
0 0

[PATCH] perf/stat: Handle different PMU names with common prefix

by Thomas Richter

On s390 the CPU Measurement Facility for counters now supports 2 PMUs named cpum_cf (CPU Measurement Facility for counters) and cpum_cf_diag (CPU Measurement Facility for diagnostic counters) for one and the same CPU. Running command [root@s35lp76 perf]# ./perf stat -e tx_c_tend \ -- ~/mytests/cf-tx-events 1 Measuring transactions TX_C_TABORT_NO_SPECIAL: 0 expected:0 TX_C_TABORT_SPECIAL: 0 expected:0 TX_C_TEND: 1 expected:1 TX_NC_TABORT: 11 expected:11 TX_NC_TEND: 1 expected:1 Performance counter stats for '/root/mytests/cf-tx-events 1': 2 tx_c_tend 0.002120091 seconds time elapsed 0.000121000 seconds user 0.002127000 seconds sys [root@s35lp76 perf]# displays output which is unexpected (and wrong): 2 tx_c_tend The test program definitely triggers only one transaction, as shown in line 'TX_C_TEND: 1 expected:1'. This is caused by the following call sequence: pmu_lookup() scans and installs a PMU. +--> pmu_aliases() parses all aliases in directory .../<pmu-name>/events/* which are file names. +--> pmu_aliases_parse() Read each file in directory and create an new alias entry. This is done with +--> perf_pmu__new_alias() and +--> __perf_pmu__new_alias() which also check for identical alias names. After pmu_aliases() returns, a complete list of event names for this pmu has been created. Now function pmu_add_cpu_aliases() is called to add the events listed in the json | files to the alias list of the cpu. +--> perf_pmu__find_map() Returns a pointer to the json events. Now function pmu_add_cpu_aliases() scans through all events listed in the JSON files for this CPU. Each json event pmu name is compared with the current PMU being built up and if they mismatch, the json event is added to the current PMUs alias list. To avoid duplicate entries the following comparison is done: if (!is_arm_pmu_core(name)) { pname = pe->pmu ? pe->pmu : "cpu"; if (strncmp(pname, name, strlen(pname))) continue; } The culprit is the strncmp() function. Using current s390 PMU naming, the first PMU is 'cpum_cf' and a long list of events is added, among them 'tx_c_tend' When the second PMU named 'cpum_cf_diag' is added, only one event named 'CF_DIAG' is added by the pmu_aliases() function. Now function pmu_add_cpu_aliases() is invoked for PMU 'cpum_cf_diag'. Since the CPUID string is the same for both PMUs, json file events for PMU named 'cpum_cf' are added to the PMU 'cpm_cf_diag' This happens because the strncmp() actually compares: strncmp("cpum_cf", "cpum_cf_diag", 6); The first parameter is the pmu name taken from the event in the json file. The second parameter is the pmu name of the PMU currently being built. They are different, but the length of the compare only tests the common prefix and this returns 0(true) when it should return false. Now all events for PMU cpum_cf are added to the alias list for pmu cpum_cf_diag. Later on in function parse_events_add_pmu() the event 'tx_c_end' is searched in all available PMUs and found twice, adding it two times to the evsel_list global variable which is the root of all events. This results in a counter value of 2 instead of 1. Output with this patch: [root@s35lp76 perf]# ./perf stat -e tx_c_tend \ -- ~/mytests/cf-tx-events 1 Measuring transactions TX_C_TABORT_NO_SPECIAL: 0 expected:0 TX_C_TABORT_SPECIAL: 0 expected:0 TX_C_TEND: 1 expected:1 TX_NC_TABORT: 11 expected:11 TX_NC_TEND: 1 expected:1 Performance counter stats for '/root/mytests/cf-tx-events 1': 1 tx_c_tend 0.001815365 seconds time elapsed 0.000123000 seconds user 0.001756000 seconds sys [root@s35lp76 perf]# Fixes: 292c34c10249 ("perf pmu: Fix core PMU alias list for X86 platform") Signed-off-by: Thomas Richter <tmricht(a)linux.ibm.com> Reviewed-by: Hendrik Brueckner <brueckner(a)linux.ibm.com> Cc: Kan Liang <kan.liang(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> # 4.18+ --- tools/perf/util/pmu.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/perf/util/pmu.c b/tools/perf/util/pmu.c index 7799788f662f..7e49baad304d 100644 --- a/tools/perf/util/pmu.c +++ b/tools/perf/util/pmu.c @@ -773,7 +773,7 @@ static void pmu_add_cpu_aliases(struct list_head *head, struct perf_pmu *pmu) if (!is_arm_pmu_core(name)) { pname = pe->pmu ? pe->pmu : "cpu"; - if (strncmp(pname, name, strlen(pname))) + if (strcmp(pname, name)) continue; } -- 2.14.3

7 years

4
3
0 0

[PATCH 1/2] mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings

by Michal Hocko

From: Andrea Arcangeli <aarcange(a)redhat.com> THP allocation might be really disruptive when allocated on NUMA system with the local node full or hard to reclaim. Stefan has posted an allocation stall report on 4.12 based SLES kernel which suggests the same issue: [245513.362669] kvm: page allocation stalls for 194572ms, order:9, mode:0x4740ca(__GFP_HIGHMEM|__GFP_IO|__GFP_FS|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL|__GFP_THISNODE|__GFP_MOVABLE|__GFP_DIRECT_RECLAIM), nodemask=(null) [245513.363983] kvm cpuset=/ mems_allowed=0-1 [245513.364604] CPU: 10 PID: 84752 Comm: kvm Tainted: G W 4.12.0+98-ph <a href="/view.php?id=1" title="[geschlossen] Integration Ramdisk" class="resolved">0000001</a> SLE15 (unreleased) [245513.365258] Hardware name: Supermicro SYS-1029P-WTRT/X11DDW-NT, BIOS 2.0 12/05/2017 [245513.365905] Call Trace: [245513.366535] dump_stack+0x5c/0x84 [245513.367148] warn_alloc+0xe0/0x180 [245513.367769] __alloc_pages_slowpath+0x820/0xc90 [245513.368406] ? __slab_free+0xa9/0x2f0 [245513.369048] ? __slab_free+0xa9/0x2f0 [245513.369671] __alloc_pages_nodemask+0x1cc/0x210 [245513.370300] alloc_pages_vma+0x1e5/0x280 [245513.370921] do_huge_pmd_wp_page+0x83f/0xf00 [245513.371554] ? set_huge_zero_page.isra.52.part.53+0x9b/0xb0 [245513.372184] ? do_huge_pmd_anonymous_page+0x631/0x6d0 [245513.372812] __handle_mm_fault+0x93d/0x1060 [245513.373439] handle_mm_fault+0xc6/0x1b0 [245513.374042] __do_page_fault+0x230/0x430 [245513.374679] ? get_vtime_delta+0x13/0xb0 [245513.375411] do_page_fault+0x2a/0x70 [245513.376145] ? page_fault+0x65/0x80 [245513.376882] page_fault+0x7b/0x80 [...] [245513.382056] Mem-Info: [245513.382634] active_anon:126315487 inactive_anon:1612476 isolated_anon:5 active_file:60183 inactive_file:245285 isolated_file:0 unevictable:15657 dirty:286 writeback:1 unstable:0 slab_reclaimable:75543 slab_unreclaimable:2509111 mapped:81814 shmem:31764 pagetables:370616 bounce:0 free:32294031 free_pcp:6233 free_cma:0 [245513.386615] Node 0 active_anon:254680388kB inactive_anon:1112760kB active_file:240648kB inactive_file:981168kB unevictable:13368kB isolated(anon):0kB isolated(file):0kB mapped:280240kB dirty:1144kB writeback:0kB shmem:95832kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 81225728kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [245513.388650] Node 1 active_anon:250583072kB inactive_anon:5337144kB active_file:84kB inactive_file:0kB unevictable:49260kB isolated(anon):20kB isolated(file):0kB mapped:47016kB dirty:0kB writeback:4kB shmem:31224kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 31897600kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no The defrag mode is "madvise" and from the above report it is clear that the THP has been allocated for MADV_HUGEPAGA vma. Andrea has identified that the main source of the problem is __GFP_THISNODE usage: : The problem is that direct compaction combined with the NUMA : __GFP_THISNODE logic in mempolicy.c is telling reclaim to swap very : hard the local node, instead of failing the allocation if there's no : THP available in the local node. : : Such logic was ok until __GFP_THISNODE was added to the THP allocation : path even with MPOL_DEFAULT. : : The idea behind the __GFP_THISNODE addition, is that it is better to : provide local memory in PAGE_SIZE units than to use remote NUMA THP : backed memory. That largely depends on the remote latency though, on : threadrippers for example the overhead is relatively low in my : experience. : : The combination of __GFP_THISNODE and __GFP_DIRECT_RECLAIM results in : extremely slow qemu startup with vfio, if the VM is larger than the : size of one host NUMA node. This is because it will try very hard to : unsuccessfully swapout get_user_pages pinned pages as result of the : __GFP_THISNODE being set, instead of falling back to PAGE_SIZE : allocations and instead of trying to allocate THP on other nodes (it : would be even worse without vfio type1 GUP pins of course, except it'd : be swapping heavily instead). Fix this by removing __GFP_THISNODE for THP requests which are requesting the direct reclaim. This effectivelly reverts 5265047ac301 on the grounds that the zone/node reclaim was known to be disruptive due to premature reclaim when there was memory free. While it made sense at the time for HPC workloads without NUMA awareness on rare machines, it was ultimately harmful in the majority of cases. The existing behaviour is similiar, if not as widespare as it applies to a corner case but crucially, it cannot be tuned around like zone_reclaim_mode can. The default behaviour should always be to cause the least harm for the common case. If there are specialised use cases out there that want zone_reclaim_mode in specific cases, then it can be built on top. Longterm we should consider a memory policy which allows for the node reclaim like behavior for the specific memory ranges which would allow a [1] http://lkml.kernel.org/r/20180820032204.9591-1-aarcange@redhat.com [mhocko(a)suse.com: rewrote the changelog based on the one from Andrea] Fixes: 5265047ac301 ("mm, thp: really limit transparent hugepage allocation to local node") Cc: Zi Yan <zi.yan(a)cs.rutgers.edu> Cc: stable # 4.1+ Reported-by: Stefan Priebe <s.priebe(a)profihost.ag> Debugged-by: Andrea Arcangeli <aarcange(a)redhat.com> Reported-by: Alex Williamson <alex.williamson(a)redhat.com> Signed-off-by: Andrea Arcangeli <aarcange(a)redhat.com> Signed-off-by: Michal Hocko <mhocko(a)suse.com> --- mm/mempolicy.c | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/mm/mempolicy.c b/mm/mempolicy.c index da858f794eb6..149b6f4cf023 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -2046,8 +2046,36 @@ alloc_pages_vma(gfp_t gfp, int order, struct vm_area_struct *vma, nmask = policy_nodemask(gfp, pol); if (!nmask || node_isset(hpage_node, *nmask)) { mpol_cond_put(pol); - page = __alloc_pages_node(hpage_node, - gfp | __GFP_THISNODE, order); + /* + * We cannot invoke reclaim if __GFP_THISNODE + * is set. Invoking reclaim with + * __GFP_THISNODE set, would cause THP + * allocations to trigger heavy swapping + * despite there may be tons of free memory + * (including potentially plenty of THP + * already available in the buddy) on all the + * other NUMA nodes. + * + * At most we could invoke compaction when + * __GFP_THISNODE is set (but we would need to + * refrain from invoking reclaim even if + * compaction returned COMPACT_SKIPPED because + * there wasn't not enough memory to succeed + * compaction). For now just avoid + * __GFP_THISNODE instead of limiting the + * allocation path to a strict and single + * compaction invocation. + * + * Supposedly if direct reclaim was enabled by + * the caller, the app prefers THP regardless + * of the node it comes from so this would be + * more desiderable behavior than only + * providing THP originated from the local + * node in such case. + */ + if (!(gfp & __GFP_DIRECT_RECLAIM)) + gfp |= __GFP_THISNODE; + page = __alloc_pages_node(hpage_node, gfp, order); goto out; } } -- 2.18.0

7 years

9
45
0 0

urgent

by Les Scadding

Hello Dear Do you have the passion for humanitarian welfare? Can you devote your time and be totally committed and devoted to run multi-million pounds humanitarian charity project sponsored totally by me; with an incentive/compensation accrual to you for your time and effort and at no cost to you. If interested, reply me for the full details Thanks Les Scadding

7 years

1
0
0 0

[PATCH 0/3] block: make sure discard/writesame bio is aligned with logical block size

by Ming Lei

Hi, The 1st & 3rd patch fixes bio size alignment issue. The 2nd patch cleans up __blkdev_issue_discard() a bit. Thanks, Ming Lei (3): block: make sure discard bio is aligned with logical block size block: cleanup __blkdev_issue_discard() block: make sure writesame bio is aligned with logical block size block/blk-lib.c | 25 ++++++------------------- 1 file changed, 6 insertions(+), 19 deletions(-) Cc: Rui Salvaterra <rsalvaterra(a)gmail.com> Cc: stable(a)vger.kernel.org Cc: Mike Snitzer <snitzer(a)redhat.com> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Xiao Ni <xni(a)redhat.com> Cc: Mariusz Dabrowski <mariusz.dabrowski(a)intel.com> -- 2.9.5

7 years

2
6
0 0

[PATCH v3] libata: Apply NOLPM quirk for SAMSUNG MZ7TD256HAFV-000L9

by Diego Viola

med_power_with_dipm causes my T450 to freeze with a SAMSUNG MZ7TD256HAFV-000L9 SSD (firmware DXT02L5Q). Switching the LPM to max_performance fixes this issue. Signed-off-by: Diego Viola <diego.viola(a)gmail.com> --- drivers/ata/libata-core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c index a9dd4ea7467d..6e594644cb1d 100644 --- a/drivers/ata/libata-core.c +++ b/drivers/ata/libata-core.c @@ -4553,6 +4553,7 @@ static const struct ata_blacklist_entry ata_device_blacklist [] = { /* These specific Samsung models/firmware-revs do not handle LPM well */ { "SAMSUNG MZMPC128HBFU-000MV", "CXM14M1Q", ATA_HORKAGE_NOLPM, }, { "SAMSUNG SSD PM830 mSATA *", "CXM13D1Q", ATA_HORKAGE_NOLPM, }, + { "SAMSUNG MZ7TD256HAFV-000L9", "DXT02L5Q", ATA_HORKAGE_NOLPM, }, /* devices that don't properly handle queued TRIM commands */ { "Micron_M500IT_*", "MU01", ATA_HORKAGE_NO_NCQ_TRIM | -- 2.19.1

7 years

3
6
0 0

[patch 135/135] hugetlbfs: dirty pages as they are added to pagecache

by akpm＠linux-foundation.org

From: Mike Kravetz <mike.kravetz(a)oracle.com> Subject: hugetlbfs: dirty pages as they are added to pagecache Some test systems were experiencing negative huge page reserve counts and incorrect file block counts. This was traced to /proc/sys/vm/drop_caches removing clean pages from hugetlbfs file pagecaches. When non-hugetlbfs explicit code removes the pages, the appropriate accounting is not performed. This can be recreated as follows: fallocate -l 2M /dev/hugepages/foo echo 1 > /proc/sys/vm/drop_caches fallocate -l 2M /dev/hugepages/foo grep -i huge /proc/meminfo AnonHugePages: 0 kB ShmemHugePages: 0 kB HugePages_Total: 2048 HugePages_Free: 2047 HugePages_Rsvd: 18446744073709551615 HugePages_Surp: 0 Hugepagesize: 2048 kB Hugetlb: 4194304 kB ls -lsh /dev/hugepages/foo 4.0M -rw-r--r--. 1 root root 2.0M Oct 17 20:05 /dev/hugepages/foo To address this issue, dirty pages as they are added to pagecache. This can easily be reproduced with fallocate as shown above. Read faulted pages will eventually end up being marked dirty. But there is a window where they are clean and could be impacted by code such as drop_caches. So, just dirty them all as they are added to the pagecache. Link: http://lkml.kernel.org/r/b5be45b8-5afe-56cd-9482-28384699a049@oracle.com Fixes: 6bda666a03f0 ("hugepages: fold find_or_alloc_pages into huge_no_page()") Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Mihcla Hocko <mhocko(a)suse.com> Reviewed-by: Khalid Aziz <khalid.aziz(a)oracle.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Cc: "Aneesh Kumar K . V" <aneesh.kumar(a)linux.vnet.ibm.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: "Kirill A . Shutemov" <kirill.shutemov(a)linux.intel.com> Cc: Davidlohr Bueso <dave(a)stgolabs.net> Cc: Alexander Viro <viro(a)zeniv.linux.org.uk> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hugetlb.c | 6 ++++++ 1 file changed, 6 insertions(+) --- a/mm/hugetlb.c~hugetlbfs-dirty-pages-as-they-are-added-to-pagecache-v2 +++ a/mm/hugetlb.c @@ -3690,6 +3690,12 @@ int huge_add_to_page_cache(struct page * return err; ClearPagePrivate(page); + /* + * set page dirty so that it will not be removed from cache/file + * by non-hugetlbfs specific code paths. + */ + set_page_dirty(page); + spin_lock(&inode->i_lock); inode->i_blocks += blocks_per_huge_page(h); spin_unlock(&inode->i_lock); _

7 years

1
0
0 0

[patch 002/135] userfaultfd: disable irqs when taking the waitqueue lock

by akpm＠linux-foundation.org

From: Christoph Hellwig <hch(a)lst.de> Subject: userfaultfd: disable irqs when taking the waitqueue lock userfaultfd contains howe-grown locking of the waitqueue lock, and does not disable interrupts. This relies on the fact that no one else takes it from interrupt context and violates an invariat of the normal waitqueue locking scheme. With aio poll it is easy to trigger other locks that disable interrupts (or are called from interrupt context). Link: http://lkml.kernel.org/r/20181018154101.18750-1-hch@lst.de Signed-off-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: Andrea Arcangeli <aarcange(a)redhat.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Cc: <stable(a)vger.kernel.org> [4.19.x] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/userfaultfd.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) --- a/fs/userfaultfd.c~userfaultfd-disable-irqs-when-taking-the-waitqueue-lock +++ a/fs/userfaultfd.c @@ -1026,7 +1026,7 @@ static ssize_t userfaultfd_ctx_read(stru struct userfaultfd_ctx *fork_nctx = NULL; /* always take the fd_wqh lock before the fault_pending_wqh lock */ - spin_lock(&ctx->fd_wqh.lock); + spin_lock_irq(&ctx->fd_wqh.lock); __add_wait_queue(&ctx->fd_wqh, &wait); for (;;) { set_current_state(TASK_INTERRUPTIBLE); @@ -1112,13 +1112,13 @@ static ssize_t userfaultfd_ctx_read(stru ret = -EAGAIN; break; } - spin_unlock(&ctx->fd_wqh.lock); + spin_unlock_irq(&ctx->fd_wqh.lock); schedule(); - spin_lock(&ctx->fd_wqh.lock); + spin_lock_irq(&ctx->fd_wqh.lock); } __remove_wait_queue(&ctx->fd_wqh, &wait); __set_current_state(TASK_RUNNING); - spin_unlock(&ctx->fd_wqh.lock); + spin_unlock_irq(&ctx->fd_wqh.lock); if (!ret && msg->event == UFFD_EVENT_FORK) { ret = resolve_userfault_fork(ctx, fork_nctx, msg); _

7 years

1
0
0 0

[patch 001/135] mm: /proc/pid/smaps_rollup: fix NULL pointer deref in smaps_pte_range()

by akpm＠linux-foundation.org

From: Vlastimil Babka <vbabka(a)suse.cz> Subject: mm: /proc/pid/smaps_rollup: fix NULL pointer deref in smaps_pte_range() Leonardo reports an apparent regression in 4.19-rc7: BUG: unable to handle kernel NULL pointer dereference at 00000000000000f0 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 3 PID: 6032 Comm: python Not tainted 4.19.0-041900rc7-lowlatency #201810071631 Hardware name: LENOVO 80UG/Toronto 4A2, BIOS 0XCN45WW 08/09/2018 RIP: 0010:smaps_pte_range+0x32d/0x540 Code: 80 00 00 00 00 74 a9 48 89 de 41 f6 40 52 40 0f 85 04 02 00 00 49 2b 30 48 c1 ee 0c 49 03 b0 98 00 00 00 49 8b 80 a0 00 00 00 <48> 8b b8 f0 00 00 00 e8 b7 ef ec ff 48 85 c0 0f 84 71 ff ff ff a8 RSP: 0018:ffffb0cbc484fb88 EFLAGS: 00010202 RAX: 0000000000000000 RBX: 0000560ddb9e9000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000560ddb9e9 RDI: 0000000000000001 RBP: ffffb0cbc484fbc0 R08: ffff94a5a227a578 R09: ffff94a5a227a578 R10: 0000000000000000 R11: 0000560ddbbe7000 R12: ffffe903098ba728 R13: ffffb0cbc484fc78 R14: ffffb0cbc484fcf8 R15: ffff94a5a2e9cf48 FS: 00007f6dfb683740(0000) GS:ffff94a5aaf80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000f0 CR3: 000000011c118001 CR4: 00000000003606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __walk_page_range+0x3c2/0x6f0 walk_page_vma+0x42/0x60 smap_gather_stats+0x79/0xe0 ? gather_pte_stats+0x320/0x320 ? gather_hugetlb_stats+0x70/0x70 show_smaps_rollup+0xcd/0x1c0 seq_read+0x157/0x400 __vfs_read+0x3a/0x180 ? security_file_permission+0x93/0xc0 ? security_file_permission+0x93/0xc0 vfs_read+0x8f/0x140 ksys_read+0x55/0xc0 __x64_sys_read+0x1a/0x20 do_syscall_64+0x5a/0x110 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Decoded code matched to local compilation+disassembly points to smaps_pte_entry(): } else if (unlikely(IS_ENABLED(CONFIG_SHMEM) && mss->check_shmem_swap && pte_none(*pte))) { page = find_get_entry(vma->vm_file->f_mapping, linear_page_index(vma, addr)); Here, vma->vm_file is NULL. mss->check_shmem_swap should be false in that case, however for smaps_rollup, smap_gather_stats() can set the flag true for one vma and leave it true for subsequent vma's where it should be false. To fix, reset the check_shmem_swap flag to false. There's also related bug which sets mss->swap to shmem_swapped, which in the context of smaps_rollup overwrites any value accumulated from previous vma's. Fix that as well. Note that the report suggests a regression between 4.17.19 and 4.19-rc7, which makes the 4.19 series ending with commit 258f669e7e88 ("mm: /proc/pid/smaps_rollup: convert to single value seq_file") suspicious. But the mss was reused for rollup since 493b0e9d945f ("mm: add /proc/pid/smaps_rollup") so let's play it safe with the stable backport. Link: http://lkml.kernel.org/r/555fbd1f-4ac9-0b58-dcd4-5dc4380ff7ca@suse.cz Link: https://bugzilla.kernel.org/show_bug.cgi?id=201377 Fixes: 493b0e9d945f ("mm: add /proc/pid/smaps_rollup") Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Reported-by: Leonardo Soares Müller <leozinho29_eu(a)hotmail.com> Tested-by: Leonardo Soares Müller <leozinho29_eu(a)hotmail.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Daniel Colascione <dancol(a)google.com> Cc: Alexey Dobriyan <adobriyan(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/proc/task_mmu.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/fs/proc/task_mmu.c~mm-proc-pid-smaps_rollup-fix-null-pointer-deref-in-smaps_pte_range +++ a/fs/proc/task_mmu.c @@ -713,6 +713,8 @@ static void smap_gather_stats(struct vm_ smaps_walk.private = mss; #ifdef CONFIG_SHMEM + /* In case of smaps_rollup, reset the value from previous vma */ + mss->check_shmem_swap = false; if (vma->vm_file && shmem_mapping(vma->vm_file->f_mapping)) { /* * For shared or readonly shmem mappings we know that all @@ -728,7 +730,7 @@ static void smap_gather_stats(struct vm_ if (!shmem_swapped || (vma->vm_flags & VM_SHARED) || !(vma->vm_flags & VM_WRITE)) { - mss->swap = shmem_swapped; + mss->swap += shmem_swapped; } else { mss->check_shmem_swap = true; smaps_walk.pte_hole = smaps_pte_hole; _

7 years

1
0
0 0

[PATCH] arm64: dts: stratix10: Correct System Manager register size

by thor.thayer＠linux.intel.com

From: Thor Thayer <thor.thayer(a)linux.intel.com> Correct the register size of the System Manager node. Cc: stable(a)vger.kernel.org Fixes: 78cd6a9d8e154 ("arm64: dts: Add base stratix 10 dtsi") Signed-off-by: Thor Thayer <thor.thayer(a)linux.intel.com> --- arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi index 67dac595dc72..3989876ab699 100644 --- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi +++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi @@ -327,7 +327,7 @@ sysmgr: sysmgr@ffd12000 { compatible = "altr,sys-mgr", "syscon"; - reg = <0xffd12000 0x1000>; + reg = <0xffd12000 0x228>; }; /* Local timer */ -- 2.7.4

7 years

3
2
0 0

[PATCH] ARM: dts: socfpga: Fix SDRAM node address for Arria10

by thor.thayer＠linux.intel.com

From: Thor Thayer <thor.thayer(a)linux.intel.com> The address in the SDRAM node was incorrect. Fix this to agree with the correct address and to match the reg definition block. Cc: stable(a)vger.kernel.org Fixes: 54b4a8f57848b("arm: socfpga: dts: Add Arria10 SDRAM EDAC DTS support") Signed-off-by: Thor Thayer <thor.thayer(a)linux.intel.com> --- arch/arm/boot/dts/socfpga_arria10.dtsi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/boot/dts/socfpga_arria10.dtsi b/arch/arm/boot/dts/socfpga_arria10.dtsi index 791ca15c799e..bd1985694bca 100644 --- a/arch/arm/boot/dts/socfpga_arria10.dtsi +++ b/arch/arm/boot/dts/socfpga_arria10.dtsi @@ -601,7 +601,7 @@ status = "disabled"; }; - sdr: sdr@ffc25000 { + sdr: sdr@ffcfb100 { compatible = "altr,sdr-ctl", "syscon"; reg = <0xffcfb100 0x80>; }; -- 2.7.4

7 years

3
2
0 0

[PATCH v2] HID: hiddev: fix potential Spectre v1

by Breno Leitao

uref->usage_index can be indirectly controlled by userspace, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. This field is used as an array index by the hiddev_ioctl_usage() function, when 'cmd' is either HIDIOCGCOLLECTIONINDEX, HIDIOCGUSAGES or HIDIOCSUSAGES. For cmd == HIDIOCGCOLLECTIONINDEX case, uref->usage_index is compared to field->maxusage and then used as an index to dereference field->usage array. The same thing happens to the cmd == HIDIOC{G,S}USAGES cases, where uref->usage_index is checked against an array maximum value and then it is used as an index in an array. This is a summary of the HIDIOCGCOLLECTIONINDEX case, which matches the traditional Spectre V1 first load: copy_from_user(uref, user_arg, sizeof(*uref)) if (uref->usage_index >= field->maxusage) goto inval; i = field->usage[uref->usage_index].collection_index; return i; This patch fixes this by sanitizing field uref->usage_index before using it to index field->usage (HIDIOCGCOLLECTIONINDEX) or field->value in HIDIOC{G,S}USAGES arrays, thus, avoiding speculation in the first load. Signed-off-by: Breno Leitao <leitao(a)debian.org> Cc: <stable(a)vger.kernel.org> -- v2: Contemplate cmd == HIDIOC{G,S}USAGES case diff --git a/drivers/hid/usbhid/hiddev.c b/drivers/hid/usbhid/hiddev.c index 23872d08308c..a746017fac17 100644 --- a/drivers/hid/usbhid/hiddev.c +++ b/drivers/hid/usbhid/hiddev.c @@ -512,14 +512,24 @@ static noinline int hiddev_ioctl_usage(struct hiddev *hiddev, unsigned int cmd, if (cmd == HIDIOCGCOLLECTIONINDEX) { if (uref->usage_index >= field->maxusage) goto inval; + uref->usage_index = + array_index_nospec(uref->usage_index, + field->maxusage); } else if (uref->usage_index >= field->report_count) goto inval; } - if ((cmd == HIDIOCGUSAGES || cmd == HIDIOCSUSAGES) && - (uref_multi->num_values > HID_MAX_MULTI_USAGES || - uref->usage_index + uref_multi->num_values > field->report_count)) - goto inval; + if (cmd == HIDIOCGUSAGES || cmd == HIDIOCSUSAGES) { + if (uref_multi->num_values > HID_MAX_MULTI_USAGES || + uref->usage_index + uref_multi->num_values > + field->report_count) + goto inval; + + uref->usage_index = + array_index_nospec(uref->usage_index, + field->report_count - + uref_multi->num_values); + } switch (cmd) { case HIDIOCGUSAGE: -- 2.17.1

7 years

2
1
0 0

for your photos 15

by Katie

We are a team of 12 image editors and we are here to edit your photos. We mainly provide images cut out and images clipping path, masking. Such as for ecommerce photos, and it is also for beauty portraits and skin images We provide test editing if you send us 1 or 2 photos. Thanks, Katie

7 years

1
0
0 0

[PATCH AUTOSEL 4.14 01/15] ARM: dts: imx53-qsb: disable 1.2GHz OPP

by Sasha Levin

From: Sascha Hauer <s.hauer(a)pengutronix.de> [ Upstream commit eea96566c189c77e5272585984eb2729881a2f1d ] The maximum CPU frequency for the i.MX53 QSB is 1GHz, so disable the 1.2GHz OPP. This makes the board work again with configs that have cpufreq enabled like imx_v6_v7_defconfig on which the board stopped working with the addition of cpufreq-dt support. Fixes: 791f416608 ("ARM: dts: imx53: add cpufreq-dt support") Signed-off-by: Sascha Hauer <s.hauer(a)pengutronix.de> Signed-off-by: Shawn Guo <shawnguo(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- arch/arm/boot/dts/imx53-qsb-common.dtsi | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/arch/arm/boot/dts/imx53-qsb-common.dtsi b/arch/arm/boot/dts/imx53-qsb-common.dtsi index 683dcbe27cbd..8c11190c5218 100644 --- a/arch/arm/boot/dts/imx53-qsb-common.dtsi +++ b/arch/arm/boot/dts/imx53-qsb-common.dtsi @@ -130,6 +130,17 @@ }; }; +&cpu0 { + /* CPU rated to 1GHz, not 1.2GHz as per the default settings */ + operating-points = < + /* kHz uV */ + 166666 850000 + 400000 900000 + 800000 1050000 + 1000000 1200000 + >; +}; + &esdhc1 { pinctrl-names = "default"; pinctrl-0 = <&pinctrl_esdhc1>; -- 2.17.1

7 years

4
21
0 0

[PATCH AUTOSEL 3.18 01/98] dm thin: restore requested 'error_if_no_space' setting on OODS to WRITE transition

by Sasha Levin

From: Mike Snitzer <snitzer(a)redhat.com> [ Upstream commit 172c238612ebf81cabccc86b788c9209af591f61 ] A thin-pool that is in out-of-data-space (OODS) mode may transition back to write mode -- without the admin adding more space to the thin-pool -- if/when blocks are released (either by deleting thin devices or discarding provisioned blocks). But as part of the thin-pool's earlier transition to out-of-data-space mode the thin-pool may have set the 'error_if_no_space' flag to true if the no_space_timeout expires without more space having been made available. That implementation detail, of changing the pool's error_if_no_space setting, needs to be reset back to the default that the user specified when the thin-pool's table was loaded. Otherwise we'll drop the user requested behaviour on the floor when this out-of-data-space to write mode transition occurs. Reported-by: Vivek Goyal <vgoyal(a)redhat.com> Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> Acked-by: Joe Thornber <ejt(a)redhat.com> Fixes: 2c43fd26e4 ("dm thin: fix missing out-of-data-space to write mode transition if blocks are released") Cc: stable(a)vger.kernel.org Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/md/dm-thin.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/md/dm-thin.c b/drivers/md/dm-thin.c index 68c7102a64c8..936c57b57539 100644 --- a/drivers/md/dm-thin.c +++ b/drivers/md/dm-thin.c @@ -1909,6 +1909,7 @@ static void set_pool_mode(struct pool *pool, enum pool_mode new_mode) case PM_WRITE: if (old_mode != new_mode) notify_of_pool_mode_change(pool, "write"); + pool->pf.error_if_no_space = pt->requested_pf.error_if_no_space; dm_pool_metadata_read_write(pool->pmd); pool->process_bio = process_bio; pool->process_discard = process_discard; -- 2.17.1

7 years

6
106
0 0

[PATCH AUTOSEL 4.4 01/65] KEYS: put keyring if install_session_keyring_to_cred() fails

by Sasha Levin

From: Eric Biggers <ebiggers(a)google.com> [ Upstream commit d636bd9f12a66ea3775c9fabbf3f8e118253467a ] In join_session_keyring(), if install_session_keyring_to_cred() were to fail, we would leak the keyring reference, just like in the bug fixed by commit 23567fd052a9 ("KEYS: Fix keyring ref leak in join_session_keyring()"). Fortunately this cannot happen currently, but we really should be more careful. Do this by adding and using a new error label at which the keyring reference is dropped. Signed-off-by: Eric Biggers <ebiggers(a)google.com> Signed-off-by: David Howells <dhowells(a)redhat.com> Signed-off-by: James Morris <james.l.morris(a)oracle.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- security/keys/process_keys.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index ac1d5b2b1626..a7095372701e 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c @@ -808,15 +808,14 @@ long join_session_keyring(const char *name) ret = PTR_ERR(keyring); goto error2; } else if (keyring == new->session_keyring) { - key_put(keyring); ret = 0; - goto error2; + goto error3; } /* we've got a keyring - now to install it */ ret = install_session_keyring_to_cred(new, keyring); if (ret < 0) - goto error2; + goto error3; commit_creds(new); mutex_unlock(&key_session_mutex); @@ -826,6 +825,8 @@ long join_session_keyring(const char *name) okay: return ret; +error3: + key_put(keyring); error2: mutex_unlock(&key_session_mutex); error: -- 2.17.1

7 years

3
69
0 0

[PATCH v2 2/2] drm/i915/hdmi: Reorder structure to match specification

by clinton.a.taylor＠intel.com

From: Clint Taylor <clinton.a.taylor(a)intel.com> reorder structure of 297, 594 N values to group Audio Sample Frequencies together to make updating from HDMI specification easier. V2: Match patch 1/2 version Cc: Jani Nikula <jani.nikula(a)linux.intel.com> Cc: stable(a)vger.kernel.org Signed-off-by: Clint Taylor <clinton.a.taylor(a)intel.com> --- drivers/gpu/drm/i915/intel_audio.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/drivers/gpu/drm/i915/intel_audio.c b/drivers/gpu/drm/i915/intel_audio.c index ee3ca2d..47caecb 100644 --- a/drivers/gpu/drm/i915/intel_audio.c +++ b/drivers/gpu/drm/i915/intel_audio.c @@ -153,32 +153,32 @@ struct dp_aud_n_m { int n; int cts; } hdmi_aud_ncts[] = { - { 44100, TMDS_296M, 4459, 234375 }, - { 44100, TMDS_297M, 4704, 247500 }, - { 48000, TMDS_296M, 5824, 281250 }, - { 48000, TMDS_297M, 5120, 247500 }, { 32000, TMDS_296M, 5824, 421875 }, { 32000, TMDS_297M, 3072, 222750 }, + { 44100, TMDS_296M, 4459, 234375 }, + { 44100, TMDS_297M, 4704, 247500 }, { 88200, TMDS_296M, 8918, 234375 }, { 88200, TMDS_297M, 9408, 247500 }, - { 96000, TMDS_296M, 11648, 281250 }, - { 96000, TMDS_297M, 10240, 247500 }, { 176400, TMDS_296M, 17836, 234375 }, { 176400, TMDS_297M, 18816, 247500 }, + { 48000, TMDS_296M, 5824, 281250 }, + { 48000, TMDS_297M, 5120, 247500 }, + { 96000, TMDS_296M, 11648, 281250 }, + { 96000, TMDS_297M, 10240, 247500 }, { 192000, TMDS_296M, 23296, 281250 }, { 192000, TMDS_297M, 20480, 247500 }, - { 44100, TMDS_593M, 8918, 937500 }, - { 44100, TMDS_594M, 9408, 990000 }, - { 48000, TMDS_593M, 5824, 562500 }, - { 48000, TMDS_594M, 6144, 594000 }, { 32000, TMDS_593M, 5824, 843750 }, { 32000, TMDS_594M, 3072, 445500 }, + { 44100, TMDS_593M, 8918, 937500 }, + { 44100, TMDS_594M, 9408, 990000 }, { 88200, TMDS_593M, 17836, 937500 }, { 88200, TMDS_594M, 18816, 990000 }, - { 96000, TMDS_593M, 11648, 562500 }, - { 96000, TMDS_594M, 12288, 594000 }, { 176400, TMDS_593M, 35672, 937500 }, { 176400, TMDS_594M, 37632, 990000 }, + { 48000, TMDS_593M, 5824, 562500 }, + { 48000, TMDS_594M, 6144, 594000 }, + { 96000, TMDS_593M, 11648, 562500 }, + { 96000, TMDS_594M, 12288, 594000 }, { 192000, TMDS_593M, 23296, 562500 }, { 192000, TMDS_594M, 24576, 594000 }, }; -- 1.9.1

7 years

2
1
0 0

stable@vger.kernel.org RE:For Your Urgent Perusal

by Mr Steven Walter

Dear stable(a)vger.kernel.org , I am sorry for invading your privacy because we do not know each other but I am contacting you because of my late client who died without a will. This is to notify you that your are the beneficiary to the bequest of the sum of £10,500,000.00 GBP in the intent of my deceased client. If you accept please forward your full names, current address and your direct cell for the court documentations and so that we can obtain the probate division of court papers required for you to claim the funds from the holding bank. Thanks, Steven Walter Disclaimer: Adobe® reserves the rights to protect sensitive documents against fraudsters and spyware. Adobe® secured files are encrypted with the receivers' email and can only be viewed by the recipient. For more details visit http://www.adobe.com/legal/terms.html for details.

7 years

1
0
0 0

stable@vger.kernel.org RE:For Your Urgent Perusal

by Mr Steven Walter

Dear stable(a)vger.kernel.org , I am sorry for invading your privacy because we do not know each other but I am contacting you because of my late client who died without a will. This is to notify you that your are the beneficiary to the bequest of the sum of £10,500,000.00 GBP in the intent of my deceased client. If you accept please forward your full names, current address and your direct cell for the court documentations and so that we can obtain the probate division of court papers required for you to claim the funds from the holding bank. Thanks, Steven Walter Disclaimer: Adobe® reserves the rights to protect sensitive documents against fraudsters and spyware. Adobe® secured files are encrypted with the receivers' email and can only be viewed by the recipient. For more details visit http://www.adobe.com/legal/terms.html for details.

7 years

1
0
0 0

[PATCH v2 1/2] drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values

by clinton.a.taylor＠intel.com

From: Clint Taylor <clinton.a.taylor(a)intel.com> HDMI 2.0 594Mhz modes were incorrectly selecting 25.200Mhz Automatic N value mode instead of HDMI specification values. V2: Fix 88.2 Hz N value Cc: Jani Nikula <jani.nikula(a)linux.intel.com> Cc: stable(a)vger.kernel.org Signed-off-by: Clint Taylor <clinton.a.taylor(a)intel.com> --- drivers/gpu/drm/i915/intel_audio.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/drivers/gpu/drm/i915/intel_audio.c b/drivers/gpu/drm/i915/intel_audio.c index 769f3f5..ee3ca2d 100644 --- a/drivers/gpu/drm/i915/intel_audio.c +++ b/drivers/gpu/drm/i915/intel_audio.c @@ -144,6 +144,9 @@ struct dp_aud_n_m { /* HDMI N/CTS table */ #define TMDS_297M 297000 #define TMDS_296M 296703 +#define TMDS_594M 594000 +#define TMDS_593M 593407 + static const struct { int sample_rate; int clock; @@ -164,6 +167,20 @@ struct dp_aud_n_m { { 176400, TMDS_297M, 18816, 247500 }, { 192000, TMDS_296M, 23296, 281250 }, { 192000, TMDS_297M, 20480, 247500 }, + { 44100, TMDS_593M, 8918, 937500 }, + { 44100, TMDS_594M, 9408, 990000 }, + { 48000, TMDS_593M, 5824, 562500 }, + { 48000, TMDS_594M, 6144, 594000 }, + { 32000, TMDS_593M, 5824, 843750 }, + { 32000, TMDS_594M, 3072, 445500 }, + { 88200, TMDS_593M, 17836, 937500 }, + { 88200, TMDS_594M, 18816, 990000 }, + { 96000, TMDS_593M, 11648, 562500 }, + { 96000, TMDS_594M, 12288, 594000 }, + { 176400, TMDS_593M, 35672, 937500 }, + { 176400, TMDS_594M, 37632, 990000 }, + { 192000, TMDS_593M, 23296, 562500 }, + { 192000, TMDS_594M, 24576, 594000 }, }; /* get AUD_CONFIG_PIXEL_CLOCK_HDMI_* value for mode */ -- 1.9.1

7 years

2
1
0 0

stable@vger.kernel.org RE:For Your Urgent Perusal

by Mr Steven Walter

Dear stable(a)vger.kernel.org , I am sorry for invading your privacy because we do not know each other but I am contacting you because of my late client who died without a will. This is to notify you that your are the beneficiary to the bequest of the sum of £10,500,000.00 GBP in the intent of my deceased client. If you accept please forward your full names, current address and your direct cell for the court documentations and so that we can obtain the probate division of court papers required for you to claim the funds from the holding bank. Thanks, Steven Walter Disclaimer: Adobe® reserves the rights to protect sensitive documents against fraudsters and spyware. Adobe® secured files are encrypted with the receivers' email and can only be viewed by the recipient. For more details visit http://www.adobe.com/legal/terms.html for details.

7 years

1
0
0 0

stable@vger.kernel.org RE:For Your Urgent Perusal

by Mr Steven Walter

Dear stable(a)vger.kernel.org , I am sorry for invading your privacy because we do not know each other but I am contacting you because of my late client who died without a will. This is to notify you that your are the beneficiary to the bequest of the sum of £10,500,000.00 GBP in the intent of my deceased client. If you accept please forward your full names, current address and your direct cell for the court documentations and so that we can obtain the probate division of court papers required for you to claim the funds from the holding bank. Thanks, Steven Walter Disclaimer: Adobe® reserves the rights to protect sensitive documents against fraudsters and spyware. Adobe® secured files are encrypted with the receivers' email and can only be viewed by the recipient. For more details visit http://www.adobe.com/legal/terms.html for details.

7 years

1
0
0 0

[PATCH] spi: uniphier: fix incorrect property items

by Keiji Hayashibara

This commit fixes incorrect property because it was different from the actual. The parameters of '#address-cells' and '#size-cells' were removed, and 'interrupts', 'pinctrl-names' and 'pinctrl-0' were added. Fixes: 4dcd5c2781f3 ("spi: add DT bindings for UniPhier SPI controller") Signed-off-by: Keiji Hayashibara <hayashibara.keiji(a)socionext.com> --- Documentation/devicetree/bindings/spi/spi-uniphier.txt | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/Documentation/devicetree/bindings/spi/spi-uniphier.txt b/Documentation/devicetree/bindings/spi/spi-uniphier.txt index 504a4ec..b04e66a 100644 --- a/Documentation/devicetree/bindings/spi/spi-uniphier.txt +++ b/Documentation/devicetree/bindings/spi/spi-uniphier.txt @@ -5,18 +5,20 @@ UniPhier SoCs have SCSSI which supports SPI single channel. Required properties: - compatible: should be "socionext,uniphier-scssi" - reg: address and length of the spi master registers - - #address-cells: must be <1>, see spi-bus.txt - - #size-cells: must be <0>, see spi-bus.txt - - clocks: A phandle to the clock for the device. - - resets: A phandle to the reset control for the device. + - interrupts: a single interrupt specifier + - pinctrl-names: should be "default" + - pinctrl-0: pin control state for the default mode + - clocks: a phandle to the clock for the device + - resets: a phandle to the reset control for the device Example: spi0: spi@54006000 { compatible = "socionext,uniphier-scssi"; reg = <0x54006000 0x100>; - #address-cells = <1>; - #size-cells = <0>; + interrupts = <0 39 4>; + pinctrl-names = "default"; + pinctrl-0 = <&pinctrl_spi0>; clocks = <&peri_clk 11>; resets = <&peri_rst 11>; }; -- 2.7.4

7 years

3
3
0 0

[PATCH v3] x86/microcode: Handle negative microcode revisions

by Andi Kleen

From: Andi Kleen <ak(a)linux.intel.com> The Intel microcode revision space is unsigned. Inside Intel there are special microcode revisions that have the highest bit set, and they are considered to have a higher revision than any microcodes that don't have this bit set. The function comparing the microcode revision in the Linux driver compares u32 with int, which ends up being signed extended to long on 64bit systems. This results in these highest bit set microcode revision not loading because their revision appears negative and smaller than the existing microcode. Change the comparison to unsigned. With that the loading works as expected. Cc: stable(a)vger.kernel.org # Any supported stable Signed-off-by: Andi Kleen <ak(a)linux.intel.com> -- v2: White space changes. v3: Be more verbose --- arch/x86/kernel/cpu/microcode/intel.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 16936a24795c..e54d402500d3 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -93,7 +93,8 @@ static int find_matching_signature(void *mc, unsigned int csig, int cpf) /* * Returns 1 if update has been found, 0 otherwise. */ -static int has_newer_microcode(void *mc, unsigned int csig, int cpf, int new_rev) +static int has_newer_microcode(void *mc, unsigned int csig, int cpf, + unsigned new_rev) { struct microcode_header_intel *mc_hdr = mc; -- 2.17.2

7 years

1
0
0 0

[PATCH v3] x86/numa_emulation: Fix uniform-split numa emulation

by Dan Williams

From: Dave Jiang <dave.jiang(a)intel.com> The numa_emulation() routine in the 'uniform' case walks through all the physical 'memblk' instances and divides them into N emulated nodes with split_nodes_size_interleave_uniform(). As each physical node is consumed it is removed from the physical memblk array in the numa_remove_memblk_from() helper. Since split_nodes_size_interleave_uniform() handles advancing the array as the 'memblk' is consumed it is expected that the base of the array is always specified as the argument. Otherwise, on multi-socket (> 2) configurations the uniform-split capability can generate an invalid numa configuration leading to boot failures with signatures like the following: rcu: INFO: rcu_sched detected stalls on CPUs/tasks: Sending NMI from CPU 0 to CPUs 2: NMI backtrace for cpu 2 CPU: 2 PID: 1332 Comm: pgdatinit0 Not tainted 4.19.0-rc8-next-20181019-baseline #59 RIP: 0010:__init_single_page.isra.74+0x81/0x90 [..] Call Trace: deferred_init_pages+0xaa/0xe3 deferred_init_memmap+0x18f/0x318 kthread+0xf8/0x130 ? deferred_free_pages.isra.105+0xc9/0xc9 ? kthread_stop+0x110/0x110 ret_from_fork+0x35/0x40 Cc: x86(a)kernel.org Cc: Borislav Petkov <bp(a)alien8.de> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> Fixes: 1f6a2c6d9f121 ("x86/numa_emulation: Introduce uniform split capability") Signed-off-by: Dave Jiang <dave.jiang(a)intel.com> Tested-by: Alexander Duyck <alexander.h.duyck(a)linux.intel.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- Changes since v2: https://lore.kernel.org/patchwork/patch/988541/ * Update the changelog with details from testing by Alex arch/x86/mm/numa_emulation.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/arch/x86/mm/numa_emulation.c b/arch/x86/mm/numa_emulation.c index b54d52a2d00a..d71d72cf6c66 100644 --- a/arch/x86/mm/numa_emulation.c +++ b/arch/x86/mm/numa_emulation.c @@ -400,9 +400,17 @@ void __init numa_emulation(struct numa_meminfo *numa_meminfo, int numa_dist_cnt) n = simple_strtoul(emu_cmdline, &emu_cmdline, 0); ret = -1; for_each_node_mask(i, physnode_mask) { + /* + * The reason we pass in blk[0] is due to + * numa_remove_memblk_from() called by + * emu_setup_memblk() will delete entry 0 + * and then move everything else up in the pi.blk + * array. Therefore we should always be looking + * at blk[0]. + */ ret = split_nodes_size_interleave_uniform(&ei, &pi, - pi.blk[i].start, pi.blk[i].end, 0, - n, &pi.blk[i], nid); + pi.blk[0].start, pi.blk[0].end, 0, + n, &pi.blk[0], nid); if (ret < 0) break; if (ret < n) {

7 years

2
2
0 0

[PATCH v2] nfit, mce: only handle uncorrectable machine checks

by Vishal Verma

The mce handler for 'nfit' devices is called for memory errors on a Non-Volatile DIMM, and adds the error location to a 'badblocks' list. This list is used by the various NVDIMM drivers to avoid consuming known poison locations during IO. The mce handler gets called for both corrected and uncorrectable errors. Until now, both kinds of errors have been added to the badblocks list. However, corrected memory errors indicate that the problem has already been fixed by hardware, and the resulting interrupt is merely a notification to Linux. As far as future accesses to that location are concerned, it is perfectly fine to use, and thus doesn't need to be included in the above badblocks list. Add a check in the nfit mce handler to filter out corrected mce events, and only process uncorrectable errors. Reported-by: Omar Avelar <omar.avelar(a)intel.com> Fixes: 6839a6d96f4e ("nfit: do an ARS scrub on hitting a latent media error") Cc: stable(a)vger.kernel.org Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: Tony Luck <tony.luck(a)intel.com> Cc: Borislav Petkov <bp(a)alien8.de> Signed-off-by: Vishal Verma <vishal.l.verma(a)intel.com> --- arch/x86/include/asm/mce.h | 1 + arch/x86/kernel/cpu/mcheck/mce.c | 3 ++- drivers/acpi/nfit/mce.c | 4 ++-- 3 files changed, 5 insertions(+), 3 deletions(-) v2: Reword the changelog to explain the motivation for this patch better (Borisalv) diff --git a/arch/x86/include/asm/mce.h b/arch/x86/include/asm/mce.h index 3a17107594c8..3111b3cee2ee 100644 --- a/arch/x86/include/asm/mce.h +++ b/arch/x86/include/asm/mce.h @@ -216,6 +216,7 @@ static inline int umc_normaddr_to_sysaddr(u64 norm_addr, u16 nid, u8 umc, u64 *s int mce_available(struct cpuinfo_x86 *c); bool mce_is_memory_error(struct mce *m); +bool mce_is_correctable(struct mce *m); DECLARE_PER_CPU(unsigned, mce_exception_count); DECLARE_PER_CPU(unsigned, mce_poll_count); diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c index 953b3ce92dcc..27015948bc41 100644 --- a/arch/x86/kernel/cpu/mcheck/mce.c +++ b/arch/x86/kernel/cpu/mcheck/mce.c @@ -534,7 +534,7 @@ bool mce_is_memory_error(struct mce *m) } EXPORT_SYMBOL_GPL(mce_is_memory_error); -static bool mce_is_correctable(struct mce *m) +bool mce_is_correctable(struct mce *m) { if (m->cpuvendor == X86_VENDOR_AMD && m->status & MCI_STATUS_DEFERRED) return false; @@ -544,6 +544,7 @@ static bool mce_is_correctable(struct mce *m) return true; } +EXPORT_SYMBOL_GPL(mce_is_correctable); static bool cec_add_mce(struct mce *m) { diff --git a/drivers/acpi/nfit/mce.c b/drivers/acpi/nfit/mce.c index e9626bf6ca29..7a51707f87e9 100644 --- a/drivers/acpi/nfit/mce.c +++ b/drivers/acpi/nfit/mce.c @@ -25,8 +25,8 @@ static int nfit_handle_mce(struct notifier_block *nb, unsigned long val, struct acpi_nfit_desc *acpi_desc; struct nfit_spa *nfit_spa; - /* We only care about memory errors */ - if (!mce_is_memory_error(mce)) + /* We only care about uncorrectable memory errors */ + if (!mce_is_memory_error(mce) || mce_is_correctable(mce)) return NOTIFY_DONE; /* -- 2.17.1

7 years

2
1
0 0

[PATCH v2 01/10] mtd: cfi_cmdset_0002: Change do_write_oneword() to use chip_good()

by Tokunori Ikegami

This is required for OpenWrt Project to result the flash write issue as below patche. <https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=ddc11c3932c7b…> Also the original patch in OpenWRT is below. <https://github.com/openwrt/openwrt/blob/v18.06.0/target/linux/ar71xx/patche…> So change to use chip_good() instead of chip_ready(). The reason to use chip_good() is that just actually fix the issue. And also in the past I had fixed the erase function also as same way by the patch below. <https://patchwork.ozlabs.org/patch/922656/> Note: The reason for the patch for erase is same. In my understanding the chip_ready() is just checked the value twice from flash. So I think that sometimes incorrect value is read twice and it is depended on the flash device behavior but not sure.. So change to use chip_good() instead of chip_ready(). Signed-off-by: Tokunori Ikegami <ikegami(a)allied-telesis.co.jp> Signed-off-by: Hauke Mehrtens <hauke(a)hauke-m.de> Signed-off-by: Koen Vandeputte <koen.vandeputte(a)ncentric.com> Signed-off-by: Fabio Bettoni <fbettoni(a)gmail.com> Co-Developed-by: Hauke Mehrtens <hauke(a)hauke-m.de> Co-Developed-by: Koen Vandeputte <koen.vandeputte(a)ncentric.com> Co-Developed-by: Fabio Bettoni <fbettoni(a)gmail.com> Reported-by: Fabio Bettoni <fbettoni(a)gmail.com> Cc: Chris Packham <chris.packham(a)alliedtelesis.co.nz> Cc: Joakim Tjernlund <Joakim.Tjernlund(a)infinera.com> Cc: Boris Brezillon <boris.brezillon(a)free-electrons.com> Cc: linux-mtd(a)lists.infradead.org Cc: stable(a)vger.kernel.org --- Changes since v1: - Just update the commit message. drivers/mtd/chips/cfi_cmdset_0002.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/drivers/mtd/chips/cfi_cmdset_0002.c b/drivers/mtd/chips/cfi_cmdset_0002.c index 72428b6bfc47..251c9e1675bd 100644 --- a/drivers/mtd/chips/cfi_cmdset_0002.c +++ b/drivers/mtd/chips/cfi_cmdset_0002.c @@ -1627,31 +1627,37 @@ static int __xipram do_write_oneword(struct map_info *map, struct flchip *chip, continue; } - if (time_after(jiffies, timeo) && !chip_ready(map, adr)){ + if (chip_good(map, adr, datum)) + break; + + if (time_after(jiffies, timeo)){ xip_enable(map, chip, adr); printk(KERN_WARNING "MTD %s(): software timeout\n", __func__); xip_disable(map, chip, adr); + ret = -EIO; break; } - if (chip_ready(map, adr)) - break; - /* Latency issues. Drop the lock, wait a while and retry */ UDELAY(map, chip, adr, 1); } + /* Did we succeed? */ - if (!chip_good(map, adr, datum)) { + if (ret) { /* reset on all failures. */ map_write(map, CMD(0xF0), chip->start); /* FIXME - should have reset delay before continuing */ - if (++retry_cnt <= MAX_RETRIES) + if (++retry_cnt <= MAX_RETRIES) { + ret = 0; goto retry; + } ret = -EIO; } + xip_enable(map, chip, adr); + op_done: if (mode == FL_OTP_WRITE) otp_exit(map, chip, adr, map_bankwidth(map)); -- 2.18.0

7 years

3
2
0 0

My request

by Abel Brent

Dear friend, Greetings, I am Abel Brent, a NATO soldier serving in Afghanistan. I and my comrades we are seeking your assistance to help us receive/invest our funds in your country in any lucrative business. Please if this proposal is acceptable by you, kindly respond back to me for more details. Thanks and waiting to hear from you Abel.

7 years

1
0
0 0

[PATCH AUTOSEL 4.18 1/8] x86/paravirt: Fix some warning messages

by Sasha Levin

From: Dan Carpenter <dan.carpenter(a)oracle.com> [ Upstream commit 571d0563c8881595f4ab027aef9ed1c55e3e7b7c ] The first argument to WARN_ONCE() is a condition. Fixes: 5800dc5c19f3 ("x86/paravirt: Fix spectre-v2 mitigations for paravirt guests") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Reviewed-by: Juergen Gross <jgross(a)suse.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Alok Kataria <akataria(a)vmware.com> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: virtualization(a)lists.linux-foundation.org Cc: kernel-janitors(a)vger.kernel.org Link: https://lkml.kernel.org/r/20180919103553.GD9238@mwanda Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- arch/x86/kernel/paravirt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/paravirt.c b/arch/x86/kernel/paravirt.c index 930c88341e4e..1fbf38dde84c 100644 --- a/arch/x86/kernel/paravirt.c +++ b/arch/x86/kernel/paravirt.c @@ -90,7 +90,7 @@ unsigned paravirt_patch_call(void *insnbuf, if (len < 5) { #ifdef CONFIG_RETPOLINE - WARN_ONCE("Failing to patch indirect CALL in %ps\n", (void *)addr); + WARN_ONCE(1, "Failing to patch indirect CALL in %ps\n", (void *)addr); #endif return len; /* call too long for patch site */ } @@ -110,7 +110,7 @@ unsigned paravirt_patch_jmp(void *insnbuf, const void *target, if (len < 5) { #ifdef CONFIG_RETPOLINE - WARN_ONCE("Failing to patch indirect JMP in %ps\n", (void *)addr); + WARN_ONCE(1, "Failing to patch indirect JMP in %ps\n", (void *)addr); #endif return len; /* call too long for patch site */ } -- 2.17.1

7 years

1
7
0 0

[PATCH] drm/i915: Fix ilk+ watermarks when disabling pipes

by Ville Syrjala

From: Ville Syrjälä <ville.syrjala(a)linux.intel.com> We're no longer programming any watermarks when we're disabling a pipe. That means ilk_wm_merge() & co. will keep considering the any pipe that is getting disabled as still enabled. Thus we either get no LP1+ watermakrs (ilk-ivb), or we get suboptimal ones (hsw-bdw). This seems to have been broken by commit b6b178a77210 ("drm/i915: Calculate ironlake intermediate watermarks correctly, v2."). Before that we apparently had some difference between the intermediate and optimal watermarks and so we would program the optiomal ones. Now intermediate and optimal are identical for disabled pipes and so we don't program either. Fix this by programming the intermediate watermarks even for disabled pipes. We were already doing that for skl+. We'll leave out gmch platforms for now since those do the merging in a different manner and should work as is. We'll want to unify this eventually, but play it safe for now and just put in a FIXME. Cc: stable(a)vger.kernel.org Cc: Matt Roper <matthew.d.roper(a)intel.com> Cc: Maarten Lankhorst <maarten.lankhorst(a)linux.intel.com> Fixes: b6b178a77210 ("drm/i915: Calculate ironlake intermediate watermarks correctly, v2.") Signed-off-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> --- drivers/gpu/drm/i915/intel_display.c | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c index fe045abb6472..1e963dcebf2d 100644 --- a/drivers/gpu/drm/i915/intel_display.c +++ b/drivers/gpu/drm/i915/intel_display.c @@ -12818,17 +12818,12 @@ static void intel_atomic_commit_tail(struct drm_atomic_state *state) intel_check_cpu_fifo_underruns(dev_priv); intel_check_pch_fifo_underruns(dev_priv); - if (!new_crtc_state->active) { - /* - * Make sure we don't call initial_watermarks - * for ILK-style watermark updates. - * - * No clue what this is supposed to achieve. - */ - if (INTEL_GEN(dev_priv) >= 9) - dev_priv->display.initial_watermarks(intel_state, - new_intel_crtc_state); - } + /* FIXME unify this for all platforms */ + if (!new_crtc_state->active && + !HAS_GMCH_DISPLAY(dev_priv) && + dev_priv->display.initial_watermarks) + dev_priv->display.initial_watermarks(intel_state, + new_intel_crtc_state); } } -- 2.18.1

7 years

1
0
0 0

[PATCH] xen/pvh: don't try to unplug emulated devices

by Juergen Gross

A Xen PVH guest has no associated qemu device model, so trying to unplug any emulated devices is making no sense at all. Bail out early from xen_unplug_emulated_devices() when running as PVH guest. This will avoid issuing the boot message: [ 0.000000] Xen Platform PCI: unrecognised magic value Cc: <stable(a)vger.kernel.org> # 4.11 Signed-off-by: Juergen Gross <jgross(a)suse.com> --- arch/x86/xen/platform-pci-unplug.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/arch/x86/xen/platform-pci-unplug.c b/arch/x86/xen/platform-pci-unplug.c index 66ab96a4e2b3..96d7f7d39cb9 100644 --- a/arch/x86/xen/platform-pci-unplug.c +++ b/arch/x86/xen/platform-pci-unplug.c @@ -134,6 +134,10 @@ void xen_unplug_emulated_devices(void) { int r; + /* PVH guests don't have emulated devices. */ + if (xen_pvh_domain()) + return; + /* user explicitly requested no unplug */ if (xen_emul_unplug & XEN_UNPLUG_NEVER) return; -- 2.16.4

7 years

2
1
0 0

[PATCH] netfilter: conntrack: fix calculation of next bucket number in early_drop

by Vasily Khoruzhick

If there's no entry to drop in bucket that corresponds to the hash, early_drop() should look for it in other buckets. But since it increments hash instead of bucket number, it actually looks in the same bucket 8 times: hsize is 16k by default (14 bits) and hash is 32-bit value, so reciprocal_scale(hash, hsize) returns the same value for hash..hash+7 in most cases. Fix it by increasing bucket number instead of hash and rename _hash to bucket to avoid future confusion. Fixes: 3e86638e9a0b ("netfilter: conntrack: consider ct netns in early_drop logic") Cc: <stable(a)vger.kernel.org> # v4.7+ Signed-off-by: Vasily Khoruzhick <vasilykh(a)arista.com> --- net/netfilter/nf_conntrack_core.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c index ca1168d67fac..a04af246b184 100644 --- a/net/netfilter/nf_conntrack_core.c +++ b/net/netfilter/nf_conntrack_core.c @@ -1073,19 +1073,22 @@ static unsigned int early_drop_list(struct net *net, return drops; } -static noinline int early_drop(struct net *net, unsigned int _hash) +static noinline int early_drop(struct net *net, unsigned int hash) { unsigned int i; for (i = 0; i < NF_CT_EVICTION_RANGE; i++) { struct hlist_nulls_head *ct_hash; - unsigned int hash, hsize, drops; + unsigned int bucket, hsize, drops; rcu_read_lock(); nf_conntrack_get_ht(&ct_hash, &hsize); - hash = reciprocal_scale(_hash++, hsize); + if (!i) + bucket = reciprocal_scale(hash, hsize); + else + bucket = (bucket + 1) % hsize; - drops = early_drop_list(net, &ct_hash[hash]); + drops = early_drop_list(net, &ct_hash[bucket]); rcu_read_unlock(); if (drops) { -- 2.19.1

7 years

3
2
0 0

[PATCH] nfit, mce: only handle uncorrectable machine checks

by Vishal Verma

We only want a machine check error to be added to libnvdimm's 'badblock' if it was an uncorrectable error. Currently we insert both corrected and uncorrectable errors. Add a check in the nfit mce handler to filter out corrected mce events. Reported-by: Omar Avelar <omar.avelar(a)intel.com> Fixes: 6839a6d96f4e ("nfit: do an ARS scrub on hitting a latent media error") Cc: stable(a)vger.kernel.org Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: Tony Luck <tony.luck(a)intel.com> Cc: Borislav Petkov <bp(a)alien8.de> Signed-off-by: Vishal Verma <vishal.l.verma(a)intel.com> --- arch/x86/include/asm/mce.h | 1 + arch/x86/kernel/cpu/mcheck/mce.c | 3 ++- drivers/acpi/nfit/mce.c | 4 ++-- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/arch/x86/include/asm/mce.h b/arch/x86/include/asm/mce.h index 3a17107594c8..3111b3cee2ee 100644 --- a/arch/x86/include/asm/mce.h +++ b/arch/x86/include/asm/mce.h @@ -216,6 +216,7 @@ static inline int umc_normaddr_to_sysaddr(u64 norm_addr, u16 nid, u8 umc, u64 *s int mce_available(struct cpuinfo_x86 *c); bool mce_is_memory_error(struct mce *m); +bool mce_is_correctable(struct mce *m); DECLARE_PER_CPU(unsigned, mce_exception_count); DECLARE_PER_CPU(unsigned, mce_poll_count); diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c index 953b3ce92dcc..27015948bc41 100644 --- a/arch/x86/kernel/cpu/mcheck/mce.c +++ b/arch/x86/kernel/cpu/mcheck/mce.c @@ -534,7 +534,7 @@ bool mce_is_memory_error(struct mce *m) } EXPORT_SYMBOL_GPL(mce_is_memory_error); -static bool mce_is_correctable(struct mce *m) +bool mce_is_correctable(struct mce *m) { if (m->cpuvendor == X86_VENDOR_AMD && m->status & MCI_STATUS_DEFERRED) return false; @@ -544,6 +544,7 @@ static bool mce_is_correctable(struct mce *m) return true; } +EXPORT_SYMBOL_GPL(mce_is_correctable); static bool cec_add_mce(struct mce *m) { diff --git a/drivers/acpi/nfit/mce.c b/drivers/acpi/nfit/mce.c index e9626bf6ca29..7a51707f87e9 100644 --- a/drivers/acpi/nfit/mce.c +++ b/drivers/acpi/nfit/mce.c @@ -25,8 +25,8 @@ static int nfit_handle_mce(struct notifier_block *nb, unsigned long val, struct acpi_nfit_desc *acpi_desc; struct nfit_spa *nfit_spa; - /* We only care about memory errors */ - if (!mce_is_memory_error(mce)) + /* We only care about uncorrectable memory errors */ + if (!mce_is_memory_error(mce) || mce_is_correctable(mce)) return NOTIFY_DONE; /* -- 2.17.1

7 years

2
1
0 0

+ mm-hmm-fix-race-between-hmm_mirror_unregister-and-mmu_notifier-callback.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm/hmm: fix race between hmm_mirror_unregister() and mmu_notifier callback has been added to the -mm tree. Its filename is mm-hmm-fix-race-between-hmm_mirror_unregister-and-mmu_notifier-callback.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-hmm-fix-race-between-hmm_mirror… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-hmm-fix-race-between-hmm_mirror… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Ralph Campbell <rcampbell(a)nvidia.com> Subject: mm/hmm: fix race between hmm_mirror_unregister() and mmu_notifier callback In hmm_mirror_unregister(), mm->hmm is set to NULL and then mmu_notifier_unregister_no_release() is called. That creates a small window where mmu_notifier can call mmu_notifier_ops with mm->hmm equal to NULL. Fix this by first unregistering mmu notifier callbacks and then setting mm->hmm to NULL. Similarly in hmm_register(), set mm->hmm before registering mmu_notifier callbacks so callback functions always see mm->hmm set. Link: http://lkml.kernel.org/r/20181019160442.18723-4-jglisse@redhat.com Signed-off-by: Ralph Campbell <rcampbell(a)nvidia.com> Signed-off-by: Jérôme Glisse <jglisse(a)redhat.com> Reviewed-by: John Hubbard <jhubbard(a)nvidia.com> Reviewed-by: Jérôme Glisse <jglisse(a)redhat.com> Reviewed-by: Balbir Singh <bsingharora(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hmm.c | 36 +++++++++++++++++++++--------------- 1 file changed, 21 insertions(+), 15 deletions(-) --- a/mm/hmm.c~mm-hmm-fix-race-between-hmm_mirror_unregister-and-mmu_notifier-callback +++ a/mm/hmm.c @@ -91,16 +91,6 @@ static struct hmm *hmm_register(struct m spin_lock_init(&hmm->lock); hmm->mm = mm; - /* - * We should only get here if hold the mmap_sem in write mode ie on - * registration of first mirror through hmm_mirror_register() - */ - hmm->mmu_notifier.ops = &hmm_mmu_notifier_ops; - if (__mmu_notifier_register(&hmm->mmu_notifier, mm)) { - kfree(hmm); - return NULL; - } - spin_lock(&mm->page_table_lock); if (!mm->hmm) mm->hmm = hmm; @@ -108,12 +98,27 @@ static struct hmm *hmm_register(struct m cleanup = true; spin_unlock(&mm->page_table_lock); - if (cleanup) { - mmu_notifier_unregister(&hmm->mmu_notifier, mm); - kfree(hmm); - } + if (cleanup) + goto error; + + /* + * We should only get here if hold the mmap_sem in write mode ie on + * registration of first mirror through hmm_mirror_register() + */ + hmm->mmu_notifier.ops = &hmm_mmu_notifier_ops; + if (__mmu_notifier_register(&hmm->mmu_notifier, mm)) + goto error_mm; return mm->hmm; + +error_mm: + spin_lock(&mm->page_table_lock); + if (mm->hmm == hmm) + mm->hmm = NULL; + spin_unlock(&mm->page_table_lock); +error: + kfree(hmm); + return NULL; } void hmm_mm_destroy(struct mm_struct *mm) @@ -278,12 +283,13 @@ void hmm_mirror_unregister(struct hmm_mi if (!should_unregister || mm == NULL) return; + mmu_notifier_unregister_no_release(&hmm->mmu_notifier, mm); + spin_lock(&mm->page_table_lock); if (mm->hmm == hmm) mm->hmm = NULL; spin_unlock(&mm->page_table_lock); - mmu_notifier_unregister_no_release(&hmm->mmu_notifier, mm); kfree(hmm); } EXPORT_SYMBOL(hmm_mirror_unregister); _ Patches currently in -mm which might be from rcampbell(a)nvidia.com are mm-rmap-map_pte-was-not-handling-private-zone_device-page-properly-v3.patch mm-hmm-fix-race-between-hmm_mirror_unregister-and-mmu_notifier-callback.patch

7 years

1
0
0 0

+ mm-rmap-map_pte-was-not-handling-private-zone_device-page-properly-v3.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm/rmap: map_pte() was not handling private ZONE_DEVICE page properly has been added to the -mm tree. Its filename is mm-rmap-map_pte-was-not-handling-private-zone_device-page-properly-v3.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-rmap-map_pte-was-not-handling-p… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-rmap-map_pte-was-not-handling-p… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Ralph Campbell <rcampbell(a)nvidia.com> Subject: mm/rmap: map_pte() was not handling private ZONE_DEVICE page properly Private ZONE_DEVICE pages use a special pte entry and thus are not present. Properly handle this case in map_pte(), it is already handled in check_pte(), the map_pte() part was lost in some rebase most probably. Without this patch the slow migration path can not migrate back to any private ZONE_DEVICE memory to regular memory. This was found after stress testing migration back to system memory. This ultimatly can lead to the CPU constantly page fault looping on the special swap entry. Link: http://lkml.kernel.org/r/20181019160442.18723-3-jglisse@redhat.com Signed-off-by: Ralph Campbell <rcampbell(a)nvidia.com> Signed-off-by: Jérôme Glisse <jglisse(a)redhat.com> Reviewed-by: Balbir Singh <bsingharora(a)gmail.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/page_vma_mapped.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) --- a/mm/page_vma_mapped.c~mm-rmap-map_pte-was-not-handling-private-zone_device-page-properly-v3 +++ a/mm/page_vma_mapped.c @@ -21,7 +21,29 @@ static bool map_pte(struct page_vma_mapp if (!is_swap_pte(*pvmw->pte)) return false; } else { - if (!pte_present(*pvmw->pte)) + /* + * We get here when we are trying to unmap a private + * device page from the process address space. Such + * page is not CPU accessible and thus is mapped as + * a special swap entry, nonetheless it still does + * count as a valid regular mapping for the page (and + * is accounted as such in page maps count). + * + * So handle this special case as if it was a normal + * page mapping ie lock CPU page table and returns + * true. + * + * For more details on device private memory see HMM + * (include/linux/hmm.h or mm/hmm.c). + */ + if (is_swap_pte(*pvmw->pte)) { + swp_entry_t entry; + + /* Handle un-addressable ZONE_DEVICE memory */ + entry = pte_to_swp_entry(*pvmw->pte); + if (!is_device_private_entry(entry)) + return false; + } else if (!pte_present(*pvmw->pte)) return false; } } _ Patches currently in -mm which might be from rcampbell(a)nvidia.com are mm-rmap-map_pte-was-not-handling-private-zone_device-page-properly-v3.patch mm-hmm-fix-race-between-hmm_mirror_unregister-and-mmu_notifier-callback.patch

7 years

1
0
0 0

[PATCH 3/6] mm/hmm: fix race between hmm_mirror_unregister() and mmu_notifier callback

by jglisse＠redhat.com

From: Ralph Campbell <rcampbell(a)nvidia.com> In hmm_mirror_unregister(), mm->hmm is set to NULL and then mmu_notifier_unregister_no_release() is called. That creates a small window where mmu_notifier can call mmu_notifier_ops with mm->hmm equal to NULL. Fix this by first unregistering mmu notifier callbacks and then setting mm->hmm to NULL. Similarly in hmm_register(), set mm->hmm before registering mmu_notifier callbacks so callback functions always see mm->hmm set. Signed-off-by: Ralph Campbell <rcampbell(a)nvidia.com> Reviewed-by: John Hubbard <jhubbard(a)nvidia.com> Reviewed-by: Jérôme Glisse <jglisse(a)redhat.com> Reviewed-by: Balbir Singh <bsingharora(a)gmail.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: stable(a)vger.kernel.org --- mm/hmm.c | 36 +++++++++++++++++++++--------------- 1 file changed, 21 insertions(+), 15 deletions(-) diff --git a/mm/hmm.c b/mm/hmm.c index 9a068a1da487..a16678d08127 100644 --- a/mm/hmm.c +++ b/mm/hmm.c @@ -91,16 +91,6 @@ static struct hmm *hmm_register(struct mm_struct *mm) spin_lock_init(&hmm->lock); hmm->mm = mm; - /* - * We should only get here if hold the mmap_sem in write mode ie on - * registration of first mirror through hmm_mirror_register() - */ - hmm->mmu_notifier.ops = &hmm_mmu_notifier_ops; - if (__mmu_notifier_register(&hmm->mmu_notifier, mm)) { - kfree(hmm); - return NULL; - } - spin_lock(&mm->page_table_lock); if (!mm->hmm) mm->hmm = hmm; @@ -108,12 +98,27 @@ static struct hmm *hmm_register(struct mm_struct *mm) cleanup = true; spin_unlock(&mm->page_table_lock); - if (cleanup) { - mmu_notifier_unregister(&hmm->mmu_notifier, mm); - kfree(hmm); - } + if (cleanup) + goto error; + + /* + * We should only get here if hold the mmap_sem in write mode ie on + * registration of first mirror through hmm_mirror_register() + */ + hmm->mmu_notifier.ops = &hmm_mmu_notifier_ops; + if (__mmu_notifier_register(&hmm->mmu_notifier, mm)) + goto error_mm; return mm->hmm; + +error_mm: + spin_lock(&mm->page_table_lock); + if (mm->hmm == hmm) + mm->hmm = NULL; + spin_unlock(&mm->page_table_lock); +error: + kfree(hmm); + return NULL; } void hmm_mm_destroy(struct mm_struct *mm) @@ -278,12 +283,13 @@ void hmm_mirror_unregister(struct hmm_mirror *mirror) if (!should_unregister || mm == NULL) return; + mmu_notifier_unregister_no_release(&hmm->mmu_notifier, mm); + spin_lock(&mm->page_table_lock); if (mm->hmm == hmm) mm->hmm = NULL; spin_unlock(&mm->page_table_lock); - mmu_notifier_unregister_no_release(&hmm->mmu_notifier, mm); kfree(hmm); } EXPORT_SYMBOL(hmm_mirror_unregister); -- 2.17.2

7 years

2
1
0 0

[alternative-merged] hugetlbfs-dirty-pages-as-they-are-added-to-pagecache.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: hugetlbfs: dirty pages as they are added to pagecache has been removed from the -mm tree. Its filename was hugetlbfs-dirty-pages-as-they-are-added-to-pagecache.patch This patch was dropped because an alternative patch was merged ------------------------------------------------------ From: Mike Kravetz <mike.kravetz(a)oracle.com> Subject: hugetlbfs: dirty pages as they are added to pagecache Some test systems were experiencing negative huge page reserve counts and incorrect file block counts. This was traced to /proc/sys/vm/drop_caches removing clean pages from hugetlbfs file pagecaches. When non-hugetlbfs explicit code removes the pages, the appropriate accounting is not performed. This can be recreated as follows: fallocate -l 2M /dev/hugepages/foo echo 1 > /proc/sys/vm/drop_caches fallocate -l 2M /dev/hugepages/foo grep -i huge /proc/meminfo AnonHugePages: 0 kB ShmemHugePages: 0 kB HugePages_Total: 2048 HugePages_Free: 2047 HugePages_Rsvd: 18446744073709551615 HugePages_Surp: 0 Hugepagesize: 2048 kB Hugetlb: 4194304 kB ls -lsh /dev/hugepages/foo 4.0M -rw-r--r--. 1 root root 2.0M Oct 17 20:05 /dev/hugepages/foo To address this issue, dirty pages as they are added to pagecache. This can easily be reproduced with fallocate as shown above. Read faulted pages will eventually end up being marked dirty. But there is a window where they are clean and could be impacted by code such as drop_caches. So, just dirty them all as they are added to the pagecache. In addition, it makes little sense to even try to drop hugetlbfs pagecache pages, so disable calls to these filesystems in drop_caches code. Link: http://lkml.kernel.org/r/20181018041022.4529-1-mike.kravetz@oracle.com Fixes: 70c3547e36f5 ("hugetlbfs: add hugetlbfs_fallocate()") Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: Hugh Dickins <hughd(a)google.com> Cc: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)linux.vnet.ibm.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: "Kirill A . Shutemov" <kirill.shutemov(a)linux.intel.com> Cc: Davidlohr Bueso <dave(a)stgolabs.net> Cc: Alexander Viro <viro(a)zeniv.linux.org.uk> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- --- a/fs/drop_caches.c~hugetlbfs-dirty-pages-as-they-are-added-to-pagecache +++ a/fs/drop_caches.c @@ -9,6 +9,7 @@ #include <linux/writeback.h> #include <linux/sysctl.h> #include <linux/gfp.h> +#include <linux/magic.h> #include "internal.h" /* A global variable is a bit ugly, but it keeps the code simple */ @@ -18,6 +19,12 @@ static void drop_pagecache_sb(struct sup { struct inode *inode, *toput_inode = NULL; + /* + * It makes no sense to try and drop hugetlbfs page cache pages. + */ + if (sb->s_magic == HUGETLBFS_MAGIC) + return; + spin_lock(&sb->s_inode_list_lock); list_for_each_entry(inode, &sb->s_inodes, i_sb_list) { spin_lock(&inode->i_lock); --- a/mm/hugetlb.c~hugetlbfs-dirty-pages-as-they-are-added-to-pagecache +++ a/mm/hugetlb.c @@ -3690,6 +3690,12 @@ int huge_add_to_page_cache(struct page * return err; ClearPagePrivate(page); + /* + * set page dirty so that it will not be removed from cache/file + * by non-hugetlbfs specific code paths. + */ + set_page_dirty(page); + spin_lock(&inode->i_lock); inode->i_blocks += blocks_per_huge_page(h); spin_unlock(&inode->i_lock); _ Patches currently in -mm which might be from mike.kravetz(a)oracle.com are hugetlbfs-dirty-pages-as-they-are-added-to-pagecache-v2.patch

7 years

1
0
0 0

+ hugetlbfs-dirty-pages-as-they-are-added-to-pagecache-v2.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: hugetlbfs: dirty pages as they are added to pagecache has been added to the -mm tree. Its filename is hugetlbfs-dirty-pages-as-they-are-added-to-pagecache-v2.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/hugetlbfs-dirty-pages-as-they-are-… and later at http://ozlabs.org/~akpm/mmotm/broken-out/hugetlbfs-dirty-pages-as-they-are-… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Mike Kravetz <mike.kravetz(a)oracle.com> Subject: hugetlbfs: dirty pages as they are added to pagecache Some test systems were experiencing negative huge page reserve counts and incorrect file block counts. This was traced to /proc/sys/vm/drop_caches removing clean pages from hugetlbfs file pagecaches. When non-hugetlbfs explicit code removes the pages, the appropriate accounting is not performed. This can be recreated as follows: fallocate -l 2M /dev/hugepages/foo echo 1 > /proc/sys/vm/drop_caches fallocate -l 2M /dev/hugepages/foo grep -i huge /proc/meminfo AnonHugePages: 0 kB ShmemHugePages: 0 kB HugePages_Total: 2048 HugePages_Free: 2047 HugePages_Rsvd: 18446744073709551615 HugePages_Surp: 0 Hugepagesize: 2048 kB Hugetlb: 4194304 kB ls -lsh /dev/hugepages/foo 4.0M -rw-r--r--. 1 root root 2.0M Oct 17 20:05 /dev/hugepages/foo To address this issue, dirty pages as they are added to pagecache. This can easily be reproduced with fallocate as shown above. Read faulted pages will eventually end up being marked dirty. But there is a window where they are clean and could be impacted by code such as drop_caches. So, just dirty them all as they are added to the pagecache. Link: http://lkml.kernel.org/r/b5be45b8-5afe-56cd-9482-28384699a049@oracle.com Fixes: 6bda666a03f0 ("hugepages: fold find_or_alloc_pages into huge_no_page()") Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Mihcla Hocko <mhocko(a)suse.com> Reviewed-by: Khalid Aziz <khalid.aziz(a)oracle.com> Cc: Hugh Dickins <hughd(a)google.com> Cc: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Cc: "Aneesh Kumar K . V" <aneesh.kumar(a)linux.vnet.ibm.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: "Kirill A . Shutemov" <kirill.shutemov(a)linux.intel.com> Cc: Davidlohr Bueso <dave(a)stgolabs.net> Cc: Alexander Viro <viro(a)zeniv.linux.org.uk> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hugetlb.c | 6 ++++++ 1 file changed, 6 insertions(+) --- a/mm/hugetlb.c~hugetlbfs-dirty-pages-as-they-are-added-to-pagecache-v2 +++ a/mm/hugetlb.c @@ -3690,6 +3690,12 @@ int huge_add_to_page_cache(struct page * return err; ClearPagePrivate(page); + /* + * set page dirty so that it will not be removed from cache/file + * by non-hugetlbfs specific code paths. + */ + set_page_dirty(page); + spin_lock(&inode->i_lock); inode->i_blocks += blocks_per_huge_page(h); spin_unlock(&inode->i_lock); _ Patches currently in -mm which might be from mike.kravetz(a)oracle.com are hugetlbfs-dirty-pages-as-they-are-added-to-pagecache-v2.patch hugetlbfs-dirty-pages-as-they-are-added-to-pagecache.patch

7 years

1
0
0 0

[PATCH v2] [bug/urgent] dvb-usb-v2: Fix incorrect use of transfer_flags URB_FREE_BUFFER

by Malcolm Priestley

In commit 1a0c10ed7b media: dvb-usb-v2: stop using coherent memory for URBs incorrectly adds URB_FREE_BUFFER after every urb transfer resulting in no buffers and eventually deadlock. The stream buffer should remain constant while in use by user and kfree() on their departure. Signed-off-by: Malcolm Priestley <tvboxspy(a)gmail.com> CC: stable(a)vger.kernel.org # v4.18+ --- drivers/media/usb/dvb-usb-v2/usb_urb.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/drivers/media/usb/dvb-usb-v2/usb_urb.c b/drivers/media/usb/dvb-usb-v2/usb_urb.c index 024c751eb165..2ad2ddeaff51 100644 --- a/drivers/media/usb/dvb-usb-v2/usb_urb.c +++ b/drivers/media/usb/dvb-usb-v2/usb_urb.c @@ -155,7 +155,6 @@ static int usb_urb_alloc_bulk_urbs(struct usb_data_stream *stream) stream->props.u.bulk.buffersize, usb_urb_complete, stream); - stream->urb_list[i]->transfer_flags = URB_FREE_BUFFER; stream->urbs_initialized++; } return 0; @@ -186,7 +185,7 @@ static int usb_urb_alloc_isoc_urbs(struct usb_data_stream *stream) urb->complete = usb_urb_complete; urb->pipe = usb_rcvisocpipe(stream->udev, stream->props.endpoint); - urb->transfer_flags = URB_ISO_ASAP | URB_FREE_BUFFER; + urb->transfer_flags = URB_ISO_ASAP; urb->interval = stream->props.u.isoc.interval; urb->number_of_packets = stream->props.u.isoc.framesperurb; urb->transfer_buffer_length = stream->props.u.isoc.framesize * @@ -210,7 +209,7 @@ static int usb_free_stream_buffers(struct usb_data_stream *stream) if (stream->state & USB_STATE_URB_BUF) { while (stream->buf_num) { stream->buf_num--; - stream->buf_list[stream->buf_num] = NULL; + kfree(stream->buf_list[stream->buf_num]); } } -- 2.19.1

7 years

1
0
0 0

[PATCH] [bug/urgent] dvb-usb-v2: Fix incorrect use of transfer_flags URB_FREE_BUFFER

by Malcolm Priestley

In commit 1a0c10ed7b media: dvb-usb-v2: stop using coherent memory for URBs incorrectly adds URB_FREE_BUFFER after every urb transfer resulting in no buffers and eventually deadlock. The stream buffer should remain in constant while in use by user and kfree() on their departure. Signed-off-by: Malcolm Priestley <tvboxspy(a)gmail.com> CC: stable(a)vger.kernel.org # v4.18+ --- drivers/media/usb/dvb-usb-v2/usb_urb.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/drivers/media/usb/dvb-usb-v2/usb_urb.c b/drivers/media/usb/dvb-usb-v2/usb_urb.c index 024c751eb165..2ad2ddeaff51 100644 --- a/drivers/media/usb/dvb-usb-v2/usb_urb.c +++ b/drivers/media/usb/dvb-usb-v2/usb_urb.c @@ -155,7 +155,6 @@ static int usb_urb_alloc_bulk_urbs(struct usb_data_stream *stream) stream->props.u.bulk.buffersize, usb_urb_complete, stream); - stream->urb_list[i]->transfer_flags = URB_FREE_BUFFER; stream->urbs_initialized++; } return 0; @@ -186,7 +185,7 @@ static int usb_urb_alloc_isoc_urbs(struct usb_data_stream *stream) urb->complete = usb_urb_complete; urb->pipe = usb_rcvisocpipe(stream->udev, stream->props.endpoint); - urb->transfer_flags = URB_ISO_ASAP | URB_FREE_BUFFER; + urb->transfer_flags = URB_ISO_ASAP; urb->interval = stream->props.u.isoc.interval; urb->number_of_packets = stream->props.u.isoc.framesperurb; urb->transfer_buffer_length = stream->props.u.isoc.framesize * @@ -210,7 +209,7 @@ static int usb_free_stream_buffers(struct usb_data_stream *stream) if (stream->state & USB_STATE_URB_BUF) { while (stream->buf_num) { stream->buf_num--; - stream->buf_list[stream->buf_num] = NULL; + kfree(stream->buf_list[stream->buf_num]); } } -- 2.19.1

7 years

1
1
0 0

for your images 16

by Kate

We are an imaging team who can process 300+ images daily. If you need any image editing service, please contact us today. We do mainly images cut out and clipping path, masking. Such as for your ecommerce photos, jewelry photos retouching, also it is for beauty portraits and skin images and wedding photos. We provide test editing if you send some photos. Thanks, Kate

7 years

1
0
0 0

for your images 15

by Kate

We are an imaging team who can process 300+ images daily. If you need any image editing service, please contact us today. We do mainly images cut out and clipping path, masking. Such as for your ecommerce photos, jewelry photos retouching, also it is for beauty portraits and skin images and wedding photos. We provide test editing if you send some photos. Thanks, Kate

7 years

1
0
0 0

Re: [PATCH 1/4] Revert "ceph: fix dentry leak in splice_dentry()"

by Jeff Layton

On Wed, 2018-10-24 at 14:24 +0800, Yan, Zheng wrote: > On Mon, Oct 15, 2018 at 9:05 PM Jeff Layton <jlayton(a)redhat.com> wrote: > > > > On Mon, 2018-10-15 at 20:37 +0800, Yan, Zheng wrote: > > > > On Oct 15, 2018, at 19:29, Jeff Layton <jlayton(a)redhat.com> wrote: > > > > > > > > On Mon, 2018-10-15 at 09:58 +0800, Yan, Zheng wrote: > > > > > > On Oct 12, 2018, at 18:56, Jeff Layton <jlayton(a)redhat.com> wrote: > > > > > > > > > > > > On Fri, 2018-10-12 at 10:39 +0800, Yan, Zheng wrote: > > > > > > > > On Oct 11, 2018, at 22:49, Jeff Layton <jlayton(a)redhat.com> wrote: > > > > > > > > > > > > > > > > On Fri, 2018-09-28 at 17:43 +0800, Yan, Zheng wrote: > > > > > > > > > This reverts commit 8b8f53af1ed9df88a4c0fbfdf3db58f62060edf3. > > > > > > > > > > > > > > > > > > splice_dentry() is used by three places. For two places, req->r_dentry > > > > > > > > > is passed to splice_dentry(). In the case of error, req->r_dentry does > > > > > > > > > not get updated. So splice_dentry() should not drop reference. > > > > > > > > > > > > > > > > > > Cc: stable(a)vger.kernel.org #4.18 > > > > > > > > > Signed-off-by: "Yan, Zheng" <zyan(a)redhat.com> > > > > > > > > > --- > > > > > > > > > fs/ceph/inode.c | 1 - > > > > > > > > > 1 file changed, 1 deletion(-) > > > > > > > > > > > > > > > > > > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c > > > > > > > > > index c6bbb7aa99e4..375924b2bc86 100644 > > > > > > > > > --- a/fs/ceph/inode.c > > > > > > > > > +++ b/fs/ceph/inode.c > > > > > > > > > @@ -1140,7 +1140,6 @@ static struct dentry *splice_dentry(struct dentry *dn, struct inode *in) > > > > > > > > > if (IS_ERR(realdn)) { > > > > > > > > > pr_err("splice_dentry error %ld %p inode %p ino %llx.%llx\n", > > > > > > > > > PTR_ERR(realdn), dn, in, ceph_vinop(in)); > > > > > > > > > - dput(dn); > > > > > > > > > dn = realdn; /* note realdn contains the error */ > > > > > > > > > goto out; > > > > > > > > > } else if (realdn) { > > > > > > > > > > > > > > > > This might be ok, buI have some real concerns about splice_dentry and > > > > > > > > its callers -- particularly ceph_fill_trace: > > > > > > > > > > > > > > > > We hold a reference to dn on entry to splice_dentry. We then call > > > > > > > > d_splice_alias and get back an error, and now we don't put the old > > > > > > > > dentry. > > > > > > > > > > > > > > > > Fine -- we have to then expect the caller to do it. Unfortunately, the > > > > > > > > callers in ceph_fill_trace do this: > > > > > > > > > > > > > > > > dn = splice_dentry(dn, in); > > > > > > > > if (IS_ERR(dn)) { > > > > > > > > err = PTR_ERR(dn); > > > > > > > > goto done; > > > > > > > > } > > > > > > > > req->r_dentry = dn; /* may have spliced */ > > > > > > > > > > > > > > > > The old value of dn gets clobbered once that comes back with an ERR_PTR. > > > > > > > > I guess we could claim that r_dentry will still be set to the old value > > > > > > > > at that point and that it would get cleaned up when it gets cleaned up. > > > > > > > > > > > > > > > > But...I see this higher up in ceph_fill_trace at the end of the > > > > > > > > CEPH_MFS_OP_RENAME condition block: > > > > > > > > > > > > > > > > dn = req->r_old_dentry; /* use old_dentry */ > > > > > > > > > > > > > > > > So now I'm worried about the case where the splice succeeds. ISTM that > > > > > > > > "dn" can represent either r_dentry or r_old_dentry at the point where > > > > > > > > splice_dentry gets called, but we only ever reset the value of r_dentry > > > > > > > > there. > > > > > > > > > > > > > > > > If dn == r_old_dentry at the time that splice_dentry is called, and then > > > > > > > > that succeeds, we'll end up leaking the reference to r_dentry and then > > > > > > > > doing an overput on r_old_dentry. > > > > > > > > > > > > > > > > > > > > > > Good catch > > > > > > > > > > > > > > > I think it might help to establish clear "ownership" of the dentry > > > > > > > > references throughout that function. Consider zeroing out r_dentry and > > > > > > > > r_old_dentry at the time that you set the local variables? That might > > > > > > > > make this whole thing less fragile. > > > > > > > > > > > > > > Before the function return, we need to set req->r_dentry again. This will introduce duplicated code because there are several ‘goto’ in the function. How about following change. > > > > > > > > > > > > > > > > > > > > > - dn = req->r_old_dentry; /* use old_dentry */ > > > > > > > + /* swap r_dentry and r_old_dentry */ > > > > > > > + req->r_dentry = req->r_old_dentry; > > > > > > > + req->r_old_dentry = dn; > > > > > > > + dn = req->r_dentry; > > > > > > > > > > > > > > > > > > > Why do we need to reset r_dentry? I don't see where it gets used after > > > > > > ceph_fill_trace returns, so I gather we're just resetting it to clean up > > > > > > the references? Your proposed fix looks like it would fix that bug. It > > > > > > will mean that the values in the req will change but maybe that's ok. > > > > > > > > > > > > > > > > It’s used by ceph_finish_lookup > > > > > > > > > > > > > In that case, it might be bad idea to overwrite the value of r_dentry > > > > with the r_old_dentry pointer? > > > > > > ceph_finish_lookup() is not used in the rename case ;) > > > > > > > > > > Ok, but still...I worry about this sort of special-casing, as it can > > lead to people making incorrect assumptions later. I think it would be > > best to just take a dentry ref for "dn" and just put it before it goes > > out of scope. > > how about below patch. let splice_dentry() to update req->r_dentry. > > > diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c > index e8ce4e66bc47..739737f4e0e1 100644 > --- a/fs/ceph/inode.c > +++ b/fs/ceph/inode.c > @@ -1106,8 +1106,9 @@ static void update_dentry_lease(struct dentry *dentry, > * splice a dentry to an inode. > * caller must hold directory i_mutex for this to be safe. > */ > -static struct dentry *splice_dentry(struct dentry *dn, struct inode *in) > +static int splice_dentry(struct dentry **pdn, struct inode *in) > { > + struct dentry *dn = *pdn; > struct dentry *realdn; > > BUG_ON(d_inode(dn)); > @@ -1140,28 +1141,23 @@ static struct dentry *splice_dentry(struct dentry *dn, struct inode *in) > if (IS_ERR(realdn)) { > pr_err("splice_dentry error %ld %p inode %p ino %llx.%llx\n", > PTR_ERR(realdn), dn, in, ceph_vinop(in)); > - dn = realdn; > - /* > - * Caller should release 'dn' in the case of error. > - * If 'req->r_dentry' is passed to this function, > - * caller should leave 'req->r_dentry' untouched. > - */ > - goto out; > - } else if (realdn) { > + return PTR_ERR(realdn); > + } > + > + if (realdn) { > dout("dn %p (%d) spliced with %p (%d) " > "inode %p ino %llx.%llx\n", > dn, d_count(dn), > realdn, d_count(realdn), > d_inode(realdn), ceph_vinop(d_inode(realdn))); > dput(dn); > - dn = realdn; > + *pdn = realdn; > } else { > BUG_ON(!ceph_dentry(dn)); > dout("dn %p attached to %p ino %llx.%llx\n", > dn, d_inode(dn), ceph_vinop(d_inode(dn))); > } > -out: > - return dn; > + return 0; > } > > /* > @@ -1348,7 +1344,10 @@ int ceph_fill_trace(struct super_block *sb, struct ceph_mds_request *req) > dout("dn %p gets new offset %lld\n", req->r_old_dentry, > ceph_dentry(req->r_old_dentry)->offset); > > - dn = req->r_old_dentry; /* use old_dentry */ > + /* swap r_dentry and r_old_dentry */ > + req->r_dentry = req->r_old_dentry; > + req->r_old_dentry = dn; > + dn = req->r_dentry; I think the above deserves a comment explaining why this is safe to do for rename ops. > } > > /* null dentry? */ > @@ -1373,12 +1372,10 @@ int ceph_fill_trace(struct super_block *sb, struct ceph_mds_request *req) > if (d_really_is_negative(dn)) { > ceph_dir_clear_ordered(dir); > ihold(in); > - dn = splice_dentry(dn, in); > - if (IS_ERR(dn)) { > - err = PTR_ERR(dn); > + err = splice_dentry(&req->r_dentry, in); > + if (err < 0) > goto done; > - } > - req->r_dentry = dn; /* may have spliced */ > + dn = req->r_dentry; /* may have spliced */ > } else if (d_really_is_positive(dn) && d_inode(dn) != in) { > dout(" %p links to %p %llx.%llx, not %llx.%llx\n", > dn, d_inode(dn), ceph_vinop(d_inode(dn)), > @@ -1398,22 +1395,18 @@ int ceph_fill_trace(struct super_block *sb, struct ceph_mds_request *req) > } else if ((req->r_op == CEPH_MDS_OP_LOOKUPSNAP || > req->r_op == CEPH_MDS_OP_MKSNAP) && > !test_bit(CEPH_MDS_R_ABORTED, &req->r_req_flags)) { > - struct dentry *dn = req->r_dentry; > struct inode *dir = req->r_parent; > > /* fill out a snapdir LOOKUPSNAP dentry */ > - BUG_ON(!dn); > BUG_ON(!dir); > BUG_ON(ceph_snap(dir) != CEPH_SNAPDIR); > - dout(" linking snapped dir %p to dn %p\n", in, dn); > + BUG_ON(!req->r_dentry); > + dout(" linking snapped dir %p to dn %p\n", in, req->r_dentry); > ceph_dir_clear_ordered(dir); > ihold(in); > - dn = splice_dentry(dn, in); > - if (IS_ERR(dn)) { > - err = PTR_ERR(dn); > + err = splice_dentry(&req->r_dentry, in); > + if (err < 0) > goto done; > - } > - req->r_dentry = dn; /* may have spliced */ > } else if (rinfo->head->is_dentry) { > struct ceph_vino *ptvino = NULL; > > @@ -1677,8 +1670,6 @@ int ceph_readdir_prepopulate(struct ceph_mds_request *req, > } > > if (d_really_is_negative(dn)) { > - struct dentry *realdn; > - > if (ceph_security_xattr_deadlock(in)) { > dout(" skip splicing dn %p to inode %p" > " (security xattr deadlock)\n", dn, in); > @@ -1687,13 +1678,9 @@ int ceph_readdir_prepopulate(struct ceph_mds_request *req, > goto next_item; > } > > - realdn = splice_dentry(dn, in); > - if (IS_ERR(realdn)) { > - err = PTR_ERR(realdn); > - d_drop(dn); > + err = splice_dentry(&dn, in); > + if (err < 0) > goto next_item; > - } > - dn = realdn; > } > > ceph_dentry(dn)->offset = rde->offset; > @@ -1709,8 +1696,7 @@ int ceph_readdir_prepopulate(struct ceph_mds_request *req, > err = ret; > } > next_item: > - if (dn) > - dput(dn); > + dput(dn); > } > out: > if (err == 0 && skipped == 0) { > The rest seems to be ok. > > > > > At the very least, if you are going to override r_dentry like this, > > please add a comment explaining why it's safe to do this in the rename case. > > > > > > > > > > > > > > > > > Another idea might be to just keep an extra reference to "dn", and not > > > > > > reset r_dentry and r_old_dentry? It's a bit more code, but it might be a > > > > > > cleaner fix, long-term. > > > > > > > > > > I will check, Thanks > > > > > > > > > > Yan, Zheng > > > > > > > > > > > -- > > > > > > Jeff Layton <jlayton(a)redhat.com> > > > > > > > > > > > > > > > > > > -- > > > > Jeff Layton <jlayton(a)redhat.com> > > > > > > > > > > > > > > -- > > Jeff Layton <jlayton(a)redhat.com> > > -- Jeff Layton <jlayton(a)redhat.com>

7 years

1
0
0 0

[PATCH] tpm: tpm_try_transmit() refactor error flow.

by Tomas Winkler

First, rename out_no_locality to out_locality for bailing out on both tpm_cmd_ready() and tpm_request_locality() failure. Second, ignore the return value of go_to_idle() as it may override the return value of the actual tpm operation, the go_to_idle() error will be caught on any consequent command. Last, fix the wrong 'goto out', that jumped back instead of forward. Cc: stable(a)vger.kernel.org Fixes: 627448e85c76 ("tpm: separate cmd_ready/go_idle from runtime_pm") Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> --- drivers/char/tpm/tpm-interface.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 129f640424b7..95db630dd722 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -477,13 +477,15 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip, if (need_locality) { rc = tpm_request_locality(chip, flags); - if (rc < 0) - goto out_no_locality; + if (rc < 0) { + need_locality = false; + goto out_locality; + } } rc = tpm_cmd_ready(chip, flags); if (rc) - goto out; + goto out_locality; rc = tpm2_prepare_space(chip, space, ordinal, buf); if (rc) @@ -547,14 +549,13 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip, dev_err(&chip->dev, "tpm2_commit_space: error %d\n", rc); out: - rc = tpm_go_idle(chip, flags); - if (rc) - goto out; + /* may fail but do not override previous error value in rc */ + tpm_go_idle(chip, flags); +out_locality: if (need_locality) tpm_relinquish_locality(chip, flags); -out_no_locality: if (chip->ops->clk_enable != NULL) chip->ops->clk_enable(chip, false); -- 2.14.4

7 years

3
8
0 0

[PATCH] hugetlbfs: dirty pages as they are added to pagecache

by Mike Kravetz

Some test systems were experiencing negative huge page reserve counts and incorrect file block counts. This was traced to /proc/sys/vm/drop_caches removing clean pages from hugetlbfs file pagecaches. When non-hugetlbfs explicit code removes the pages, the appropriate accounting is not performed. This can be recreated as follows: fallocate -l 2M /dev/hugepages/foo echo 1 > /proc/sys/vm/drop_caches fallocate -l 2M /dev/hugepages/foo grep -i huge /proc/meminfo AnonHugePages: 0 kB ShmemHugePages: 0 kB HugePages_Total: 2048 HugePages_Free: 2047 HugePages_Rsvd: 18446744073709551615 HugePages_Surp: 0 Hugepagesize: 2048 kB Hugetlb: 4194304 kB ls -lsh /dev/hugepages/foo 4.0M -rw-r--r--. 1 root root 2.0M Oct 17 20:05 /dev/hugepages/foo To address this issue, dirty pages as they are added to pagecache. This can easily be reproduced with fallocate as shown above. Read faulted pages will eventually end up being marked dirty. But there is a window where they are clean and could be impacted by code such as drop_caches. So, just dirty them all as they are added to the pagecache. In addition, it makes little sense to even try to drop hugetlbfs pagecache pages, so disable calls to these filesystems in drop_caches code. Fixes: 70c3547e36f5 ("hugetlbfs: add hugetlbfs_fallocate()") Cc: stable(a)vger.kernel.org Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> --- fs/drop_caches.c | 7 +++++++ mm/hugetlb.c | 6 ++++++ 2 files changed, 13 insertions(+) diff --git a/fs/drop_caches.c b/fs/drop_caches.c index 82377017130f..b72c5bc502a8 100644 --- a/fs/drop_caches.c +++ b/fs/drop_caches.c @@ -9,6 +9,7 @@ #include <linux/writeback.h> #include <linux/sysctl.h> #include <linux/gfp.h> +#include <linux/magic.h> #include "internal.h" /* A global variable is a bit ugly, but it keeps the code simple */ @@ -18,6 +19,12 @@ static void drop_pagecache_sb(struct super_block *sb, void *unused) { struct inode *inode, *toput_inode = NULL; + /* + * It makes no sense to try and drop hugetlbfs page cache pages. + */ + if (sb->s_magic == HUGETLBFS_MAGIC) + return; + spin_lock(&sb->s_inode_list_lock); list_for_each_entry(inode, &sb->s_inodes, i_sb_list) { spin_lock(&inode->i_lock); diff --git a/mm/hugetlb.c b/mm/hugetlb.c index 5c390f5a5207..7b5c0ad9a6bd 100644 --- a/mm/hugetlb.c +++ b/mm/hugetlb.c @@ -3690,6 +3690,12 @@ int huge_add_to_page_cache(struct page *page, struct address_space *mapping, return err; ClearPagePrivate(page); + /* + * set page dirty so that it will not be removed from cache/file + * by non-hugetlbfs specific code paths. + */ + set_page_dirty(page); + spin_lock(&inode->i_lock); inode->i_blocks += blocks_per_huge_page(h); spin_unlock(&inode->i_lock); -- 2.17.2

7 years

5
9
0 0

[PATCH 1/4] Revert "ceph: fix dentry leak in splice_dentry()"

by Yan, Zheng

This reverts commit 8b8f53af1ed9df88a4c0fbfdf3db58f62060edf3. splice_dentry() is used by three places. For two places, req->r_dentry is passed to splice_dentry(). In the case of error, req->r_dentry does not get updated. So splice_dentry() should not drop reference. Cc: stable(a)vger.kernel.org #4.18 Signed-off-by: "Yan, Zheng" <zyan(a)redhat.com> --- fs/ceph/inode.c | 1 - 1 file changed, 1 deletion(-) diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c index c6bbb7aa99e4..375924b2bc86 100644 --- a/fs/ceph/inode.c +++ b/fs/ceph/inode.c @@ -1140,7 +1140,6 @@ static struct dentry *splice_dentry(struct dentry *dn, struct inode *in) if (IS_ERR(realdn)) { pr_err("splice_dentry error %ld %p inode %p ino %llx.%llx\n", PTR_ERR(realdn), dn, in, ceph_vinop(in)); - dput(dn); dn = realdn; /* note realdn contains the error */ goto out; } else if (realdn) { -- 2.17.1

7 years

4
10
0 0

[RESEND PATCH v2 2/2] drm/i915/mst: Reset MST after resume when necessary

by Juston Li

From: Lyude <cpaul(a)redhat.com> A follow-up to the previous commit, we skip checking the status of the MST device and completely reprobe it if drm_dp_mst_topology_mgr_resume() returns -EINVAL. Cc: stable(a)vger.kernel.org Signed-off-by: Lyude <cpaul(a)redhat.com> Signed-off-by: Juston Li <juston.li(a)intel.com> --- drivers/gpu/drm/i915/intel_dp.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c index 8c38efef77a1..cb5ffec73094 100644 --- a/drivers/gpu/drm/i915/intel_dp.c +++ b/drivers/gpu/drm/i915/intel_dp.c @@ -6793,7 +6793,12 @@ void intel_dp_mst_resume(struct drm_i915_private *dev_priv) continue; ret = drm_dp_mst_topology_mgr_resume(&intel_dp->mst_mgr); - if (ret) + /* A full reset is required */ + if (ret == -EINVAL) { + drm_dp_mst_topology_mgr_set_mst(&intel_dp->mst_mgr, false); + intel_dp_configure_mst(intel_dp); + } else if (ret != 0) { intel_dp_check_mst_status(intel_dp); + } } } -- 2.17.2

7 years

1
0
0 0

[PATCH stable v2 1/2] termios, tty/tty_baudrate.c: fix buffer overrun

by H. Peter Anvin (Intel)

From: "H. Peter Anvin" <hpa(a)zytor.com> On architectures with CBAUDEX == 0 (Alpha and PowerPC), the code in tty_baudrate.c does not do any limit checking on the tty_baudrate[] array, and in fact a buffer overrun is possible on both architectures. Add a limit check to prevent that situation. This will be followed by a much bigger cleanup/simplification patch. Signed-off-by: H. Peter Anvin (Intel) <hpa(a)zytor.com> Requested-by: Cc: Johan Hovold <johan(a)kernel.org> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Jiri Slaby <jslaby(a)suse.com> Cc: Al Viro <viro(a)zeniv.linux.org.uk> Cc: Richard Henderson <rth(a)twiddle.net> Cc: Ivan Kokshaysky <ink(a)jurassic.park.msu.ru> Cc: Matt Turner <mattst88(a)gmail.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Kate Stewart <kstewart(a)linuxfoundation.org> Cc: Philippe Ombredanne <pombredanne(a)nexb.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Eugene Syromiatnikov <esyr(a)redhat.com> Cc: <linux-alpha(a)vger.kernel.org> Cc: <linux-serial(a)vger.kernel.org> Cc: Alan Cox <alan(a)lxorguk.ukuu.org.uk> Cc: <stable(a)vger.kernel.org> --- drivers/tty/tty_baudrate.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/tty/tty_baudrate.c b/drivers/tty/tty_baudrate.c index 7576ceace571..f438eaa68246 100644 --- a/drivers/tty/tty_baudrate.c +++ b/drivers/tty/tty_baudrate.c @@ -77,7 +77,7 @@ speed_t tty_termios_baud_rate(struct ktermios *termios) else cbaud += 15; } - return baud_table[cbaud]; + return cbaud >= n_baud_table ? 0 : baud_table[cbaud]; } EXPORT_SYMBOL(tty_termios_baud_rate); @@ -113,7 +113,7 @@ speed_t tty_termios_input_baud_rate(struct ktermios *termios) else cbaud += 15; } - return baud_table[cbaud]; + return cbaud >= n_baud_table ? 0 : baud_table[cbaud]; #else /* IBSHIFT */ return tty_termios_baud_rate(termios); #endif /* IBSHIFT */ -- 2.14.4

7 years

4
4
0 0

[PATCH V2] MIPS: VDSO: Reduce VDSO_RANDOMIZE_SIZE to 64MB for 64bit

by Huacai Chen

Commit ea7e0480a4b695d0aa6b3 ("MIPS: VDSO: Always map near top of user memory") set VDSO_RANDOMIZE_SIZE to 256MB for 64bit kernel. But take a look at arch/mips/mm/mmap.c we can see that MIN_GAP is 128MB, which means the mmap_base may be at (user_address_top - 128MB). This make the stack be surrounded by mmaped areas, then stack expanding fails and causes a segmentation fault. Therefore, VDSO_RANDOMIZE_SIZE should be less than MIN_GAP and this patch reduce it to 64MB. By the way, not all VDSO_RANDOMIZE_SIZE can be used for vdso_base() randomization because VDSO need some room to locate itself (in this patch we reserve 64KB). Cc: stable(a)vger.kernel.org Fixes: ea7e0480a4b695d0aa ("MIPS: VDSO: Always map near top of user memory") Signed-off-by: Huacai Chen <chenhc(a)lemote.com> --- arch/mips/include/asm/processor.h | 2 +- arch/mips/kernel/vdso.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/mips/include/asm/processor.h b/arch/mips/include/asm/processor.h index 49d6046..c373eb6 100644 --- a/arch/mips/include/asm/processor.h +++ b/arch/mips/include/asm/processor.h @@ -81,7 +81,7 @@ extern unsigned int vced_count, vcei_count; #endif -#define VDSO_RANDOMIZE_SIZE (TASK_IS_32BIT_ADDR ? SZ_1M : SZ_256M) +#define VDSO_RANDOMIZE_SIZE (TASK_IS_32BIT_ADDR ? SZ_1M : SZ_64M) extern unsigned long mips_stack_top(void); #define STACK_TOP mips_stack_top() diff --git a/arch/mips/kernel/vdso.c b/arch/mips/kernel/vdso.c index 48a9c6b..d6232d9 100644 --- a/arch/mips/kernel/vdso.c +++ b/arch/mips/kernel/vdso.c @@ -106,7 +106,7 @@ static unsigned long vdso_base(void) base = STACK_TOP + PAGE_SIZE; if (current->flags & PF_RANDOMIZE) { - base += get_random_int() & (VDSO_RANDOMIZE_SIZE - 1); + base += get_random_int() & (VDSO_RANDOMIZE_SIZE - SZ_64K - 1); base = PAGE_ALIGN(base); } -- 2.7.0

7 years

2
1
0 0

[PATCH AUTOSEL 4.18 01/27] ARM: dts: imx53-qsb: disable 1.2GHz OPP

by Sasha Levin

From: Sascha Hauer <s.hauer(a)pengutronix.de> [ Upstream commit eea96566c189c77e5272585984eb2729881a2f1d ] The maximum CPU frequency for the i.MX53 QSB is 1GHz, so disable the 1.2GHz OPP. This makes the board work again with configs that have cpufreq enabled like imx_v6_v7_defconfig on which the board stopped working with the addition of cpufreq-dt support. Fixes: 791f416608 ("ARM: dts: imx53: add cpufreq-dt support") Signed-off-by: Sascha Hauer <s.hauer(a)pengutronix.de> Signed-off-by: Shawn Guo <shawnguo(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- arch/arm/boot/dts/imx53-qsb-common.dtsi | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/arch/arm/boot/dts/imx53-qsb-common.dtsi b/arch/arm/boot/dts/imx53-qsb-common.dtsi index ef7658a78836..c1548adee789 100644 --- a/arch/arm/boot/dts/imx53-qsb-common.dtsi +++ b/arch/arm/boot/dts/imx53-qsb-common.dtsi @@ -123,6 +123,17 @@ }; }; +&cpu0 { + /* CPU rated to 1GHz, not 1.2GHz as per the default settings */ + operating-points = < + /* kHz uV */ + 166666 850000 + 400000 900000 + 800000 1050000 + 1000000 1200000 + >; +}; + &esdhc1 { pinctrl-names = "default"; pinctrl-0 = <&pinctrl_esdhc1>; -- 2.17.1

7 years

2
30
0 0

[PATCH] DRM: UDL: get rid of useless vblank initialization

by Eugeniy Paltsev

UDL doesn't support vblank functionality so we don't need to initialize vblank here (we are able to send page flip completion events even without vblank initialization) Moreover current drm_vblank_init call with num_crtcs > 0 causes sending DRM_EVENT_FLIP_COMPLETE event with zero timestamp every time. This breaks userspace apps (for example weston) which relies on timestamp value. Cc: stable(a)vger.kernel.org Signed-off-by: Eugeniy Paltsev <Eugeniy.Paltsev(a)synopsys.com> --- drivers/gpu/drm/udl/udl_main.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/drivers/gpu/drm/udl/udl_main.c b/drivers/gpu/drm/udl/udl_main.c index f455f095a146..1b014d92855b 100644 --- a/drivers/gpu/drm/udl/udl_main.c +++ b/drivers/gpu/drm/udl/udl_main.c @@ -350,15 +350,10 @@ int udl_driver_load(struct drm_device *dev, unsigned long flags) if (ret) goto err; - ret = drm_vblank_init(dev, 1); - if (ret) - goto err_fb; - drm_kms_helper_poll_init(dev); return 0; -err_fb: - udl_fbdev_cleanup(dev); + err: if (udl->urbs.count) udl_free_urb_list(dev); -- 2.14.4

7 years

3
3
0 0

[PATCH v2 1/3] ARM: socfpga: Clean unused functions

by Clément Péron

These functions are unused externally, removed them and declare the one used locally as static. Signed-off-by: Clément Péron <peron.clem(a)gmail.com> --- arch/arm/mach-socfpga/core.h | 2 -- arch/arm/mach-socfpga/socfpga.c | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/arch/arm/mach-socfpga/core.h b/arch/arm/mach-socfpga/core.h index 65e1817d8afe..92cae0a9213f 100644 --- a/arch/arm/mach-socfpga/core.h +++ b/arch/arm/mach-socfpga/core.h @@ -34,8 +34,6 @@ #define RSTMGR_MPUMODRST_CPU1 0x2 /* CPU1 Reset */ -extern void socfpga_init_clocks(void); -extern void socfpga_sysmgr_init(void); void socfpga_init_l2_ecc(void); void socfpga_init_ocram_ecc(void); void socfpga_init_arria10_l2_ecc(void); diff --git a/arch/arm/mach-socfpga/socfpga.c b/arch/arm/mach-socfpga/socfpga.c index dde14f7bf2c3..5fb6f79059a8 100644 --- a/arch/arm/mach-socfpga/socfpga.c +++ b/arch/arm/mach-socfpga/socfpga.c @@ -32,7 +32,7 @@ void __iomem *rst_manager_base_addr; void __iomem *sdr_ctl_base_addr; unsigned long socfpga_cpu1start_addr; -void __init socfpga_sysmgr_init(void) +static void __init socfpga_sysmgr_init(void) { struct device_node *np; -- 2.17.1

7 years

2
4
0 0

v4.19 build: 0 failures 3 warnings (v4.19)

by Build bot for Mark Brown

Tree/Branch: v4.19 Git describe: v4.19 Commit: 84df9525b0 Linux 4.19 Build Time: 124 min 25 sec Passed: 11 / 11 (100.00 %) Failed: 0 / 11 ( 0.00 %) Errors: 0 Warnings: 3 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 1 warnings 0 mismatches : arm64-allmodconfig 1 warnings 0 mismatches : arm-allmodconfig 1 warnings 0 mismatches : arm-multi_v5_defconfig ------------------------------------------------------------------------------- Warnings Summary: 3 1 ../drivers/staging/erofs/unzip_vle.c:186:29: warning: array subscript is above array bounds [-Warray-bounds] 1 ../drivers/isdn/hardware/eicon/message.c:5985:1: warning: the frame size of 2064 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/i2c/busses/i2c-aspeed.c:567:1: warning: label 'out' defined but not used [-Wunused-label] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm64-allmodconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../drivers/isdn/hardware/eicon/message.c:5985:1: warning: the frame size of 2064 bytes is larger than 2048 bytes [-Wframe-larger-than=] ------------------------------------------------------------------------------- arm-allmodconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../drivers/staging/erofs/unzip_vle.c:186:29: warning: array subscript is above array bounds [-Warray-bounds] ------------------------------------------------------------------------------- arm-multi_v5_defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../drivers/i2c/busses/i2c-aspeed.c:567:1: warning: label 'out' defined but not used [-Wunused-label] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm-multi_v7_defconfig x86_64-defconfig arm-allnoconfig x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm64-defconfig

7 years

1
0
0 0

[PATCH] rtc: ds1307: fix ds1339 wakealarm support

by Soeren Moch

Commit 51ed73eb998a1c79a2b0e9bed68f75a8a2c93b9b ("rtc: ds1340: Add support for trickle charger.") breaks ds1339 wakealarm support by limiting accessible registers. Fix this. Fixes: 51ed73eb998a ("rtc: ds1340: Add support for trickle charger.") Cc: stable(a)vger.kernel.org Signed-off-by: Soeren Moch <smoch(a)web.de> -- Cc: Andrea Greco <a.greco(a)4sigma.it> Cc: Alessandro Zummo <a.zummo(a)towertech.it> Cc: Alexandre Belloni <alexandre.belloni(a)bootlin.com> Cc: linux-rtc(a)vger.kernel.org Cc: linux-kernel(a)vger.kernel.org --- drivers/rtc/rtc-ds1307.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/rtc/rtc-ds1307.c b/drivers/rtc/rtc-ds1307.c index 4b2b4627daeb..71396b62dc52 100644 --- a/drivers/rtc/rtc-ds1307.c +++ b/drivers/rtc/rtc-ds1307.c @@ -1384,7 +1384,6 @@ static void ds1307_clks_register(struct ds1307 *ds1307) static const struct regmap_config regmap_config = { .reg_bits = 8, .val_bits = 8, - .max_register = 0x9, }; static int ds1307_probe(struct i2c_client *client, -- 2.17.1

7 years

2
4
0 0

[PATCH 4.4 00/48] 4.4.162-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.162 release. There are 48 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Oct 20 17:54:03 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.162-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.162-rc1 Long Li <longli(a)microsoft.com> HV: properly delay KVP packets when negotiation is in progress Vitaly Kuznetsov <vkuznets(a)redhat.com> Drivers: hv: kvp: fix IP Failover K. Y. Srinivasan <kys(a)microsoft.com> Drivers: hv: util: Pass the channel information during the init call K. Y. Srinivasan <kys(a)microsoft.com> Drivers: hv: utils: Invoke the poll function after handshake Stephen Warren <swarren(a)nvidia.com> usb: gadget: serial: fix oops when data rx'd after close Alexey Brodkin <abrodkin(a)synopsys.com> ARC: build: Get rid of toolchain check Michael Neuling <mikey(a)neuling.org> powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Neuling <mikey(a)neuling.org> powerpc/tm: Fix userspace r13 corruption James Cowgill <jcowgill(a)debian.org> RISC-V: include linux/ftrace.h in asm-prototypes.h Nathan Chancellor <natechancellor(a)gmail.com> net/mlx4: Use cpumask_available for eq->affinity_mask Michael Schmitz <schmitzmic(a)gmail.com> Input: atakbd - fix Atari CapsLock behaviour Andreas Schwab <schwab(a)linux-m68k.org> Input: atakbd - fix Atari keymap Keerthy <j-keerthy(a)ti.com> clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Jozef Balga <jozef.balga(a)gmail.com> media: af9035: prevent buffer overflow on write Andy Lutomirski <luto(a)kernel.org> x86/fpu: Finish excising 'eagerfpu' Rik van Riel <riel(a)redhat.com> x86/fpu: Remove struct fpu::counter Andy Lutomirski <luto(a)kernel.org> x86/fpu: Remove use_eager_fpu() Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: remove eager_fpu field of struct kvm_vcpu_arch Eric Dumazet <edumazet(a)google.com> rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 Florian Fainelli <f.fainelli(a)gmail.com> net: systemport: Fix wake-up interrupt race during resume Maxime Chevallier <maxime.chevallier(a)bootlin.com> net: mvpp2: Extract the correct ethtype from the skb for tx csum offload Ido Schimmel <idosch(a)mellanox.com> team: Forbid enslaving team device to itself Shahed Shaikh <shahed.shaikh(a)cavium.com> qlcnic: fix Tx descriptor corruption on 82xx devices Yu Zhao <yuzhao(a)google.com> net/usb: cancel pending work when unbinding smsc75xx Sean Tranchetti <stranche(a)codeaurora.org> netlabel: check for IPV4MASK in addrinfo_get Jeff Barnhill <0xeffeff(a)gmail.com> net/ipv6: Display all addresses in output of /proc/net/if_inet6 Sabrina Dubroca <sd(a)queasysnail.net> net: ipv4: update fnhe_pmtu when first hop's MTU changes Eric Dumazet <edumazet(a)google.com> ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() Paolo Abeni <pabeni(a)redhat.com> ip_tunnel: be careful when accessing the inner header Paolo Abeni <pabeni(a)redhat.com> ip6_tunnel: be careful when accessing the inner header Mahesh Bandewar <maheshb(a)google.com> bonding: avoid possible dead-lock Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Fix TX timeout during netpoll. Hou Tao <houtao1(a)huawei.com> jffs2: return -ERANGE when xattr buffer is too small Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Don't print a warning when setting link state for disabled ports Edgar Cherkasov <echerkasov(a)dev.rtsoft.ru> i2c: i2c-scmi: fix for i2c_smbus_write_block_data Adrian Hunter <adrian.hunter(a)intel.com> perf script python: Fix export-to-postgresql.py occasional failure Mikulas Patocka <mpatocka(a)redhat.com> mach64: detect the dot clock divider correctly on sparc Jann Horn <jannh(a)google.com> mm/vmstat.c: fix outdated vmstat_text Theodore Ts'o <tytso(a)mit.edu> ext4: add corruption check in ext4_xattr_set_entry() Amber Lin <Amber.Lin(a)amd.com> drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 Nicolas Ferre <nicolas.ferre(a)microchip.com> ARM: dts: at91: add new compatibility string for macb on sama5d3 Nicolas Ferre <nicolas.ferre(a)microchip.com> net: macb: disable scatter-gather for macb on sama5d3 Jongsung Kim <neidhard.kim(a)lge.com> stmmac: fix valid numbers of unicast filter entries Yu Zhao <yuzhao(a)google.com> sound: enable interrupt after dma buffer initialization Tony Lindgren <tony(a)atomide.com> mfd: omap-usb-host: Fix dts probe of children Lei Yang <Lei.Yang(a)windriver.com> selftests/efivarfs: add required kernel configs Danny Smith <danny.smith(a)axis.com> ASoC: sigmadsp: safeload should not have lower byte limit Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: wm8804: Add ACPI support ------------- Diffstat: Documentation/devicetree/bindings/net/macb.txt | 1 + Documentation/kernel-parameters.txt | 5 -- Makefile | 4 +- arch/arc/Makefile | 14 ---- arch/arm/boot/dts/sama5d3_emac.dtsi | 2 +- arch/powerpc/kernel/tm.S | 20 +++++- arch/riscv/include/asm/asm-prototypes.h | 7 ++ arch/x86/crypto/crc32c-intel_glue.c | 17 ++--- arch/x86/include/asm/cpufeatures.h | 1 - arch/x86/include/asm/fpu/internal.h | 37 +---------- arch/x86/include/asm/fpu/types.h | 34 ---------- arch/x86/include/asm/kvm_host.h | 1 - arch/x86/kernel/fpu/core.c | 41 ++---------- arch/x86/kernel/fpu/signal.c | 8 +-- arch/x86/kvm/cpuid.c | 5 +- arch/x86/kvm/x86.c | 10 --- drivers/clocksource/timer-ti-32k.c | 3 + drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gfx_v7.c | 2 +- drivers/hv/hv_fcopy.c | 2 +- drivers/hv/hv_kvp.c | 40 +++++++++++- drivers/hv/hv_snapshot.c | 4 +- drivers/hv/hv_util.c | 1 + drivers/hv/hyperv_vmbus.h | 5 ++ drivers/i2c/busses/i2c-scmi.c | 1 + drivers/input/keyboard/atakbd.c | 74 ++++++++-------------- drivers/media/usb/dvb-usb-v2/af9035.c | 6 +- drivers/mfd/omap-usb-host.c | 11 ++-- drivers/net/bonding/bond_main.c | 43 +++++-------- drivers/net/ethernet/broadcom/bcmsysport.c | 22 +++---- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 13 +++- drivers/net/ethernet/cadence/macb.c | 8 +++ drivers/net/ethernet/marvell/mvpp2.c | 10 +-- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 +- drivers/net/ethernet/qlogic/qlcnic/qlcnic.h | 8 ++- .../net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c | 3 +- .../net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.h | 3 +- drivers/net/ethernet/qlogic/qlcnic/qlcnic_hw.h | 3 +- drivers/net/ethernet/qlogic/qlcnic/qlcnic_io.c | 12 ++-- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 5 +- drivers/net/team/team.c | 5 ++ drivers/net/usb/smsc75xx.c | 1 + drivers/usb/gadget/function/u_serial.c | 2 +- drivers/usb/host/xhci-hub.c | 18 +++--- drivers/video/fbdev/aty/atyfb.h | 3 +- drivers/video/fbdev/aty/atyfb_base.c | 7 +- drivers/video/fbdev/aty/mach64_ct.c | 10 +-- fs/ext4/xattr.c | 22 ++++--- fs/jffs2/xattr.c | 6 +- include/linux/hyperv.h | 1 + include/linux/netdevice.h | 7 ++ include/net/bonding.h | 7 +- include/net/ip_fib.h | 1 + mm/vmstat.c | 1 - net/core/dev.c | 28 +++++++- net/core/rtnetlink.c | 6 ++ net/ipv4/fib_frontend.c | 12 ++-- net/ipv4/fib_semantics.c | 50 +++++++++++++++ net/ipv4/ip_sockglue.c | 3 +- net/ipv4/ip_tunnel.c | 9 +++ net/ipv6/addrconf.c | 4 +- net/ipv6/ip6_tunnel.c | 13 +++- net/netlabel/netlabel_unlabeled.c | 3 +- sound/hda/hdac_controller.c | 8 ++- sound/soc/codecs/sigmadsp.c | 3 +- sound/soc/codecs/wm8804-i2c.c | 15 ++++- tools/perf/scripts/python/export-to-postgresql.py | 9 +++ tools/testing/selftests/efivarfs/config | 1 + 67 files changed, 404 insertions(+), 340 deletions(-)

7 years

7
56
0 0

[PATCH 4.14 00/41] 4.14.78-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.78 release. There are 41 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Oct 20 17:53:55 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.78-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.78-rc1 Michael J. Ruhl <michael.j.ruhl(a)intel.com> IB/hfi1: Fix destroy_qp hang after a link down Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: rcar: handle RXDMA HW behaviour on Gen3 Clint Taylor <clinton.a.taylor(a)intel.com> drm/i915/glk: Add Quirk for GLK NUC HDMI port issues. Dave Jiang <dave.jiang(a)intel.com> mm: disallow mappings that conflict for devm_memremap_pages() Gilad Ben-Yossef <gilad(a)benyossef.com> staging: ccree: check DMA pool buf !NULL before free Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915: Nuke the LVDS lid notifier Natanael Copa <ncopa(a)alpinelinux.org> HID: quirks: fix support for Apple Magic Keyboards Alexey Brodkin <abrodkin(a)synopsys.com> ARC: build: Don't set CROSS_COMPILE in arch's Makefile Alexey Brodkin <abrodkin(a)synopsys.com> ARC: build: Get rid of toolchain check Linus Torvalds <torvalds(a)linux-foundation.org> mremap: properly flush TLB before releasing the page Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "vfs: fix freeze protection in mnt_want_write_file() for overlayfs" Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/lib/feature-fixups: use raw_patch_instruction() Arindam Nath <arindam.nath(a)amd.com> iommu/amd: Return devid as alias for ACPI HID devices Michael Neuling <mikey(a)neuling.org> powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Neuling <mikey(a)neuling.org> powerpc/tm: Fix userspace r13 corruption James Cowgill <jcowgill(a)debian.org> RISC-V: include linux/ftrace.h in asm-prototypes.h Tao Ren <taoren(a)fb.com> clocksource/drivers/fttmr010: Fix set_next_event handler Nathan Chancellor <natechancellor(a)gmail.com> net/mlx4: Use cpumask_available for eq->affinity_mask Johannes Thumshirn <jthumshirn(a)suse.de> scsi: sd: don't crash the host on invalid commands Wen Xiong <wenxiong(a)linux.vnet.ibm.com> scsi: ipr: System hung while dlpar adding primary ipr adapter back Alexandru Gheorghe <alexandru-cosmin.gheorghe(a)arm.com> drm: mali-dp: Call drm_crtc_vblank_reset on device init Jisheng Zhang <Jisheng.Zhang(a)synaptics.com> PCI: dwc: Fix scheduling while atomic issues Kazuya Mizuguchi <kazuya.mizuguchi.ks(a)renesas.com> ravb: do not write 1 to reserved bits Christian Lamparter <chunkeey(a)gmail.com> net: emac: fix fixed-link setup for the RTL8363SB switch Michael Schmitz <schmitzmic(a)gmail.com> Input: atakbd - fix Atari CapsLock behaviour Andreas Schwab <schwab(a)linux-m68k.org> Input: atakbd - fix Atari keymap Alexander Shishkin <alexander.shishkin(a)linux.intel.com> intel_th: pci: Add Ice Lake PCH support Laura Abbott <labbott(a)redhat.com> scsi: ibmvscsis: Ensure partition name is properly NUL terminated Laura Abbott <labbott(a)redhat.com> scsi: ibmvscsis: Fix a stringop-overflow warning Keerthy <j-keerthy(a)ti.com> clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Marek Lindner <mareklindner(a)neomailbox.ch> batman-adv: fix hardif_neigh refcount on queue_work() failure Marek Lindner <mareklindner(a)neomailbox.ch> batman-adv: fix backbone_gw refcount on queue_work() failure Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated tvlv handler Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated global TT entry Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated softif_vlan entry Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated nc_node entry Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated gateway_node entry Sven Eckelmann <sven(a)narfation.org> batman-adv: Fix segfault when writing to sysfs elp_interval Sven Eckelmann <sven(a)narfation.org> batman-adv: Fix segfault when writing to throughput_override Sven Eckelmann <sven(a)narfation.org> batman-adv: Avoid probe ELP information leak Jozef Balga <jozef.balga(a)gmail.com> media: af9035: prevent buffer overflow on write ------------- Diffstat: Makefile | 4 +- arch/arc/Makefile | 24 +----- arch/powerpc/include/asm/code-patching.h | 1 + arch/powerpc/kernel/tm.S | 20 ++++- arch/powerpc/lib/code-patching.c | 4 +- arch/powerpc/lib/feature-fixups.c | 8 +- arch/riscv/include/asm/asm-prototypes.h | 7 ++ drivers/clocksource/timer-fttmr010.c | 18 ++-- drivers/clocksource/timer-ti-32k.c | 3 + drivers/gpu/drm/arm/malidp_drv.c | 1 + drivers/gpu/drm/i915/i915_drv.c | 10 --- drivers/gpu/drm/i915/i915_drv.h | 9 +- drivers/gpu/drm/i915/intel_ddi.c | 13 ++- drivers/gpu/drm/i915/intel_display.c | 21 ++++- drivers/gpu/drm/i915/intel_drv.h | 3 +- drivers/gpu/drm/i915/intel_lvds.c | 136 +------------------------------ drivers/hid/hid-core.c | 3 + drivers/hwtracing/intel_th/pci.c | 5 ++ drivers/i2c/busses/i2c-rcar.c | 54 +++++++++++- drivers/infiniband/hw/hfi1/chip.c | 7 +- drivers/infiniband/hw/hfi1/pio.c | 42 ++++++++-- drivers/infiniband/hw/hfi1/pio.h | 2 + drivers/input/keyboard/atakbd.c | 74 +++++++---------- drivers/iommu/amd_iommu.c | 6 ++ drivers/media/usb/dvb-usb-v2/af9035.c | 6 +- drivers/net/ethernet/ibm/emac/core.c | 15 ++-- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 +- drivers/net/ethernet/renesas/ravb.h | 5 ++ drivers/net/ethernet/renesas/ravb_main.c | 11 +-- drivers/net/ethernet/renesas/ravb_ptp.c | 2 +- drivers/pci/dwc/pcie-designware.c | 8 +- drivers/pci/dwc/pcie-designware.h | 3 +- drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 5 +- drivers/scsi/ipr.c | 106 ++++++++++++++---------- drivers/scsi/ipr.h | 1 + drivers/scsi/sd.c | 3 +- drivers/staging/ccree/ssi_buffer_mgr.c | 3 +- fs/namespace.c | 7 +- include/linux/huge_mm.h | 2 +- kernel/memremap.c | 18 +++- mm/huge_memory.c | 10 +-- mm/mremap.c | 30 +++---- net/batman-adv/bat_v_elp.c | 10 ++- net/batman-adv/bridge_loop_avoidance.c | 10 ++- net/batman-adv/gateway_client.c | 11 ++- net/batman-adv/network-coding.c | 27 +++--- net/batman-adv/soft-interface.c | 25 ++++-- net/batman-adv/sysfs.c | 30 ++++--- net/batman-adv/translation-table.c | 6 +- net/batman-adv/tvlv.c | 8 +- 50 files changed, 445 insertions(+), 395 deletions(-)

7 years

6
47
0 0

Logo products custom made

by Lilly Koller

Hi, I didn’t know if you had received my email from last week? Can you direct me to the person that handles your company promo items? Do you have any upcoming events, tradeshows or promotional needs? We manufacture ALL custom LOGO and branded products. The most asked about product that we make, is the custom printed USB flash drives! We can print your logo on them and load your digital images, videos and files! If you need marketing, advertising, gifts or incentives, USB flash drives are the solution! Here is what we include: -Any size memory you need: 64MB up to 128GB -We will print your logo on both sides, just ask! -Very Low Order Minimums -Need them quickly? Not a problem, we offer Rush Service NEW: We can make a custom shaped USB drive to look like your Logo or product! Email over a copy of your logo and we will create a design mock up for you at no cost! Our higher memory sizes are a really good option right now! Ask about the “Double Your Memory” upgrade promotion going on right now! Pricing is low right now, so let us know what you need and we will get you a quick quote. We will beat any competitors pricing, send us your last invoice and we will beat it! We always offer great rates for schools and nonprofits as well. Regards, Lilly Koller Logo USB Account Manager

7 years

1
0
0 0

[PATCH AUTOSEL 3.18 1/4] Input: mousedev - add a schedule point in mousedev_write()

by Sasha Levin

From: Eric Dumazet <edumazet(a)google.com> [ Upstream commit f74c371fe72a4f820d287db8067683fb533e4ede ] syzbot was able to trigger rcu stalls by calling write() with large number of bytes. Add a cond_resched() in the loop to avoid this. Link: https://lkml.org/lkml/2018/8/23/1106 Signed-off-by: Eric Dumazet <edumazet(a)google.com> Reported-by: syzbot+9436b02171ac0894d33e(a)syzkaller.appspotmail.com Reviewed-by: Paul E. McKenney <paulmck(a)linux.ibm.com> Signed-off-by: Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- drivers/input/mousedev.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/input/mousedev.c b/drivers/input/mousedev.c index b604564dec5c..036acf861496 100644 --- a/drivers/input/mousedev.c +++ b/drivers/input/mousedev.c @@ -701,6 +701,7 @@ static ssize_t mousedev_write(struct file *file, const char __user *buffer, mousedev_generate_response(client, c); spin_unlock_irq(&client->packet_lock); + cond_resched(); } kill_fasync(&client->fasync, SIGIO, POLL_IN); -- 2.17.1

7 years

1
3
0 0

[PATCH AUTOSEL 4.4 1/5] ARM: dts: imx53-qsb: disable 1.2GHz OPP

by Sasha Levin

From: Sascha Hauer <s.hauer(a)pengutronix.de> [ Upstream commit eea96566c189c77e5272585984eb2729881a2f1d ] The maximum CPU frequency for the i.MX53 QSB is 1GHz, so disable the 1.2GHz OPP. This makes the board work again with configs that have cpufreq enabled like imx_v6_v7_defconfig on which the board stopped working with the addition of cpufreq-dt support. Fixes: 791f416608 ("ARM: dts: imx53: add cpufreq-dt support") Signed-off-by: Sascha Hauer <s.hauer(a)pengutronix.de> Signed-off-by: Shawn Guo <shawnguo(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- arch/arm/boot/dts/imx53-qsb-common.dtsi | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/arch/arm/boot/dts/imx53-qsb-common.dtsi b/arch/arm/boot/dts/imx53-qsb-common.dtsi index 53fd75c8ffcf..47894b41e4e2 100644 --- a/arch/arm/boot/dts/imx53-qsb-common.dtsi +++ b/arch/arm/boot/dts/imx53-qsb-common.dtsi @@ -130,6 +130,17 @@ }; }; +&cpu0 { + /* CPU rated to 1GHz, not 1.2GHz as per the default settings */ + operating-points = < + /* kHz uV */ + 166666 850000 + 400000 900000 + 800000 1050000 + 1000000 1200000 + >; +}; + &esdhc1 { pinctrl-names = "default"; pinctrl-0 = <&pinctrl_esdhc1>; -- 2.17.1

7 years

1
4
0 0

[PATCH AUTOSEL 4.9 1/9] ARM: dts: imx53-qsb: disable 1.2GHz OPP

by Sasha Levin

From: Sascha Hauer <s.hauer(a)pengutronix.de> [ Upstream commit eea96566c189c77e5272585984eb2729881a2f1d ] The maximum CPU frequency for the i.MX53 QSB is 1GHz, so disable the 1.2GHz OPP. This makes the board work again with configs that have cpufreq enabled like imx_v6_v7_defconfig on which the board stopped working with the addition of cpufreq-dt support. Fixes: 791f416608 ("ARM: dts: imx53: add cpufreq-dt support") Signed-off-by: Sascha Hauer <s.hauer(a)pengutronix.de> Signed-off-by: Shawn Guo <shawnguo(a)kernel.org> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- arch/arm/boot/dts/imx53-qsb-common.dtsi | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/arch/arm/boot/dts/imx53-qsb-common.dtsi b/arch/arm/boot/dts/imx53-qsb-common.dtsi index c05e7cfd0cbc..c8a6a6868c46 100644 --- a/arch/arm/boot/dts/imx53-qsb-common.dtsi +++ b/arch/arm/boot/dts/imx53-qsb-common.dtsi @@ -130,6 +130,17 @@ }; }; +&cpu0 { + /* CPU rated to 1GHz, not 1.2GHz as per the default settings */ + operating-points = < + /* kHz uV */ + 166666 850000 + 400000 900000 + 800000 1050000 + 1000000 1200000 + >; +}; + &esdhc1 { pinctrl-names = "default"; pinctrl-0 = <&pinctrl_esdhc1>; -- 2.17.1

7 years

1
8
0 0

v3.16.60 build: 0 failures 17 warnings (v3.16.60)

by Build bot for Mark Brown

Tree/Branch: v3.16.60 Git describe: v3.16.60 Commit: d7d78c9371 Linux 3.16.60 Build Time: 33 min 53 sec Passed: 10 / 10 (100.00 %) Failed: 0 / 10 ( 0.00 %) Errors: 0 Warnings: 17 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 5 warnings 0 mismatches : arm64-allmodconfig 2 warnings 0 mismatches : arm-multi_v5_defconfig 2 warnings 0 mismatches : arm-multi_v7_defconfig 1 warnings 0 mismatches : x86_64-defconfig 6 warnings 0 mismatches : arm-allmodconfig 1 warnings 0 mismatches : arm-allnoconfig 1 warnings 0 mismatches : x86_64-allnoconfig 9 warnings 0 mismatches : x86_64-allmodconfig 2 warnings 0 mismatches : arm64-defconfig ------------------------------------------------------------------------------- Warnings Summary: 17 7 <stdin>:1238:2: warning: #warning syscall seccomp not implemented [-Wcpp] 2 ../ipc/sem.c:385:6: warning: '___p1' may be used uninitialized in this function [-Wmaybe-uninitialized] 2 ../drivers/staging/vt6656/main_usb.c:1101:7: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 2 ../drivers/staging/vt6656/dpc.c:712:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 2 ../drivers/net/ethernet/broadcom/genet/bcmgenet.c:1347:17: warning: unused variable 'kdev' [-Wunused-variable] 2 ../drivers/media/dvb-frontends/drxk_hard.c:2223:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 2 ../drivers/media/dvb-frontends/drxd_hard.c:2631:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/staging/rtl8192ee/rtl8192ee/hw.c:529:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/staging/rtl8192ee/rtl8192ee/hw.c:524:4: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/staging/rtl8192ee/btcoexist/halbtc8821a2ant.c:2338:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/scsi/fnic/fnic_fcs.c:104:6: warning: this 'else' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/platform/x86/eeepc-laptop.c:279:10: warning: 'value' may be used uninitialized in this function [-Wmaybe-uninitialized] 1 ../drivers/net/wireless/rtlwifi/rtl8723be/hw.c:1132:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/mtd/nand/omap2.c:1318:12: warning: 'omap_calculate_ecc_bch_multi' defined but not used [-Wunused-function] 1 ../drivers/media/platform/davinci/vpfe_capture.c:291:12: warning: 'vpfe_get_ccdc_image_format' defined but not used [-Wunused-function] 1 ../drivers/media/platform/davinci/vpfe_capture.c:1718:1: warning: label 'unlock_out' defined but not used [-Wunused-label] 1 ../arch/x86/kernel/cpu/common.c:1160:13: warning: 'syscall32_cpu_init' defined but not used [-Wunused-function] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm64-allmodconfig : PASS, 0 errors, 5 warnings, 0 section mismatches Warnings: ../drivers/media/dvb-frontends/drxd_hard.c:2631:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/media/dvb-frontends/drxk_hard.c:2223:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/net/ethernet/broadcom/genet/bcmgenet.c:1347:17: warning: unused variable 'kdev' [-Wunused-variable] ../drivers/staging/vt6656/main_usb.c:1101:7: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/vt6656/dpc.c:712:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ------------------------------------------------------------------------------- arm-multi_v5_defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: <stdin>:1238:2: warning: #warning syscall seccomp not implemented [-Wcpp] <stdin>:1238:2: warning: #warning syscall seccomp not implemented [-Wcpp] ------------------------------------------------------------------------------- arm-multi_v7_defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: <stdin>:1238:2: warning: #warning syscall seccomp not implemented [-Wcpp] <stdin>:1238:2: warning: #warning syscall seccomp not implemented [-Wcpp] ------------------------------------------------------------------------------- x86_64-defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../drivers/platform/x86/eeepc-laptop.c:279:10: warning: 'value' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- arm-allmodconfig : PASS, 0 errors, 6 warnings, 0 section mismatches Warnings: <stdin>:1238:2: warning: #warning syscall seccomp not implemented [-Wcpp] ../drivers/media/platform/davinci/vpfe_capture.c:1718:1: warning: label 'unlock_out' defined but not used [-Wunused-label] ../drivers/media/platform/davinci/vpfe_capture.c:291:12: warning: 'vpfe_get_ccdc_image_format' defined but not used [-Wunused-function] ../drivers/mtd/nand/omap2.c:1318:12: warning: 'omap_calculate_ecc_bch_multi' defined but not used [-Wunused-function] ../drivers/net/ethernet/broadcom/genet/bcmgenet.c:1347:17: warning: unused variable 'kdev' [-Wunused-variable] <stdin>:1238:2: warning: #warning syscall seccomp not implemented [-Wcpp] ------------------------------------------------------------------------------- arm-allnoconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: <stdin>:1238:2: warning: #warning syscall seccomp not implemented [-Wcpp] ------------------------------------------------------------------------------- x86_64-allnoconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../arch/x86/kernel/cpu/common.c:1160:13: warning: 'syscall32_cpu_init' defined but not used [-Wunused-function] ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 9 warnings, 0 section mismatches Warnings: ../drivers/media/dvb-frontends/drxd_hard.c:2631:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/media/dvb-frontends/drxk_hard.c:2223:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/scsi/fnic/fnic_fcs.c:104:6: warning: this 'else' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/rtl8192ee/rtl8192ee/hw.c:524:4: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/rtl8192ee/rtl8192ee/hw.c:529:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/rtl8192ee/btcoexist/halbtc8821a2ant.c:2338:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation] ../drivers/net/wireless/rtlwifi/rtl8723be/hw.c:1132:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/vt6656/main_usb.c:1101:7: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/vt6656/dpc.c:712:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ------------------------------------------------------------------------------- arm64-defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ../ipc/sem.c:385:6: warning: '___p1' may be used uninitialized in this function [-Wmaybe-uninitialized] ../ipc/sem.c:385:6: warning: '___p1' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig

7 years

1
0
0 0

[GIT PULL] commits for Linux 3.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 3.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 0d63979c1bc9c85578be4c589768a13dc0a7c5eb: Linux 3.18.124 (2018-10-13 09:09:32 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-3.18-22102018 for you to fetch changes up to aaac5c6d8d51f14eaf6716945efd932489c14553: net: cxgb3_main: fix a missing-check bug (2018-10-15 18:04:54 -0400) - ---------------------------------------------------------------- for-greg-3.18-22102018 - ---------------------------------------------------------------- Andrei Otcheretianski (1): cfg80211: reg: Init wiphy_idx in regulatory_hint_core() Edgar Cherkasov (1): i2c: i2c-scmi: fix for i2c_smbus_write_block_data Florian Fainelli (5): asix: Check for supported Wake-on-LAN modes ax88179_178a: Check for supported Wake-on-LAN modes sr9800: Check for supported Wake-on-LAN modes smsc75xx: Check for Wake-on-LAN modes smsc95xx: Check for Wake-on-LAN modes Jiri Olsa (1): perf/ring_buffer: Prevent concurent ring buffer access Sean Tranchetti (1): xfrm: validate template mode Shahed Shaikh (1): qlcnic: fix Tx descriptor corruption on 82xx devices Steffen Klassert (1): xfrm: Validate address prefix lengths in the xfrm selector. Thadeu Lima de Souza Cascardo (1): xfrm6: call kfree_skb when skb is toobig Thomas Petazzoni (1): ARM: 8799/1: mm: fix pci_ioremap_io() offset check Wenwen Wang (1): net: cxgb3_main: fix a missing-check bug Yu Zhao (1): net/usb: cancel pending work when unbinding smsc75xx arch/arm/mm/ioremap.c | 2 +- drivers/i2c/busses/i2c-scmi.c | 1 + drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c | 17 +++++++++++++++++ drivers/net/ethernet/qlogic/qlcnic/qlcnic.h | 8 +++++--- drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c | 3 ++- drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.h | 3 ++- drivers/net/ethernet/qlogic/qlcnic/qlcnic_hw.h | 3 ++- drivers/net/ethernet/qlogic/qlcnic/qlcnic_io.c | 12 ++++++------ drivers/net/usb/asix_common.c | 3 +++ drivers/net/usb/ax88179_178a.c | 3 +++ drivers/net/usb/smsc75xx.c | 4 ++++ drivers/net/usb/smsc95xx.c | 3 +++ drivers/net/usb/sr9800.c | 3 +++ kernel/events/core.c | 2 ++ net/ipv6/xfrm6_output.c | 2 ++ net/wireless/reg.c | 1 + net/xfrm/xfrm_user.c | 15 +++++++++++++++ 17 files changed, 72 insertions(+), 13 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlvNlO0ACgkQ3qZv95d3 LNzX7g/9GDGFL5jUsbKF3rMw9dfMduU9C7CjPIc1HSxm+ubbqWALDSfhc2FlC6MZ 5/Touzu+ANyD61K4Gb/EdAHmzVqtrlSJTNPBiYS/y1buJCiyuE2WEDxtu6NEdi8P Z60epRH6U7v0vMXBJ3PqQCqo/Z/hKIbimiAw1okLBfRfnWvMCM2E1NyVWmiGcZl0 wI9p6UjrR/bPg+27wlhh6aB0cdbYnTApQbMZD0Sa179511XOmK7kF8Hn8B5PDWJE 7+KmlWvbu12qmQW9KT7KU0QkDsF10PE2j5KcuI+auzUkC8ZJ6nmMQOnD1qSNaYAR eDx3QerdzZ2RGlDcfzEWbieJpR1ktQ6GaxEbRGCPeVQA1RfStLDRshlXVrYRsbJw LR2V86C02Hcj3yLZfk6rNBn9GfDH2JBbEIzhUG6G3fe7FKhFqL/Z05PB8GnlF9yg q6Vq71b6QgpBD/7DL4B+lnmR2gY0EfNhwESIBoNmd+CYuApO1z9vNmziS+bdEMyP 6xm67QIigwI6s38KW8l8UMH7yycJU8jmTh0H5lBuZF2ObS+ST1KFldnXnFSfg+xN sLBl0W+m3wV5pJwKI84v1wXFNXwE0r59ertbgK+pw1IPmakNR+4tmweFI7VLN/OW rm8LQOBTzq87KwUAKrNhzV6fACYFebbe1RGXkJjtZ5dp7PagaAM= =uh0x -----END PGP SIGNATURE-----

7 years

1
0
0 0

[GIT PULL] commits for Linux 4.4

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.4 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit b001adea66f0e0a7803adfbf9128a2d7969daa4e: Linux 4.4.161 (2018-10-13 09:11:36 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.4-22102018 for you to fetch changes up to b559a6cf1f539a2a46f85fb46e254836c8501483: mm/vmstat.c: fix outdated vmstat_text (2018-10-15 18:04:48 -0400) - ---------------------------------------------------------------- for-greg-4.4-22102018 - ---------------------------------------------------------------- Andrei Otcheretianski (2): mac80211: Always report TX status cfg80211: reg: Init wiphy_idx in regulatory_hint_core() Edgar Cherkasov (1): i2c: i2c-scmi: fix for i2c_smbus_write_block_data Florian Fainelli (7): asix: Check for supported Wake-on-LAN modes ax88179_178a: Check for supported Wake-on-LAN modes lan78xx: Check for supported Wake-on-LAN modes sr9800: Check for supported Wake-on-LAN modes r8152: Check for supported Wake-on-LAN Modes smsc75xx: Check for Wake-on-LAN modes smsc95xx: Check for Wake-on-LAN modes Jann Horn (1): mm/vmstat.c: fix outdated vmstat_text Jiri Olsa (1): perf/ring_buffer: Prevent concurent ring buffer access Jouni Malinen (1): cfg80211: Address some corner cases in scan result channel updating Lubomir Rintel (1): pxa168fb: prepare the clock Mahesh Bandewar (1): bonding: avoid possible dead-lock Martin Willi (1): mac80211_hwsim: do not omit multicast announce of first added radio Matias Karhumaa (1): Bluetooth: SMP: fix crash in unpairing Michael Chan (1): bnxt_en: Fix TX timeout during netpoll. Sean Tranchetti (1): xfrm: validate template mode Shahed Shaikh (1): qlcnic: fix Tx descriptor corruption on 82xx devices Steffen Klassert (1): xfrm: Validate address prefix lengths in the xfrm selector. Thadeu Lima de Souza Cascardo (1): xfrm6: call kfree_skb when skb is toobig Thomas Petazzoni (1): ARM: 8799/1: mm: fix pci_ioremap_io() offset check Wenwen Wang (1): net: cxgb3_main: fix a missing-check bug Yu Zhao (1): net/usb: cancel pending work when unbinding smsc75xx arch/arm/mm/ioremap.c | 2 +- drivers/i2c/busses/i2c-scmi.c | 1 + drivers/net/bonding/bond_main.c | 43 +++++++--------- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 13 +++-- drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c | 17 +++++++ drivers/net/ethernet/qlogic/qlcnic/qlcnic.h | 8 +-- .../net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c | 3 +- .../net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.h | 3 +- drivers/net/ethernet/qlogic/qlcnic/qlcnic_hw.h | 3 +- drivers/net/ethernet/qlogic/qlcnic/qlcnic_io.c | 12 ++--- drivers/net/usb/asix_common.c | 3 ++ drivers/net/usb/ax88179_178a.c | 3 ++ drivers/net/usb/lan78xx.c | 17 ++----- drivers/net/usb/r8152.c | 3 ++ drivers/net/usb/smsc75xx.c | 4 ++ drivers/net/usb/smsc95xx.c | 3 ++ drivers/net/usb/sr9800.c | 3 ++ drivers/net/wireless/mac80211_hwsim.c | 3 +- drivers/video/fbdev/pxa168fb.c | 6 +-- include/net/bonding.h | 7 +-- kernel/events/core.c | 2 + mm/vmstat.c | 1 - net/bluetooth/mgmt.c | 7 +-- net/bluetooth/smp.c | 29 +++++++++-- net/bluetooth/smp.h | 3 +- net/ipv6/xfrm6_output.c | 2 + net/mac80211/status.c | 7 +-- net/wireless/reg.c | 1 + net/wireless/scan.c | 58 ++++++++++++++++++---- net/xfrm/xfrm_user.c | 15 ++++++ 30 files changed, 191 insertions(+), 91 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlvNlOAACgkQ3qZv95d3 LNzwLw/7BYr8E2x99hz+6fPee/Wp/yCXWMr3/R5O02lBrcFmSLqvKQqky8/6Ao+W vglWM3F/fI9emTK/0688EC2atprbcbjEZiDEj1C3CFD0Gdsed5bGZZ4p7OLy4ZMq Hxt/3gUwJEn7NfrN02PWpeS9uBmIuzF2XPkjSp94wHvgsjbX6NbHfgMfOHMhSzfM dYe6tQKqmBif5CLpQ/fIPj0w9/1k4nN08w76dy57swmnBVk4ENva23GFoknhOUje mHJD2Z5TCwXQb42lbGmjL8p17Y+TsG+DeXV9ecWeaaWNPUOAMfyr/zBFIKe/h6pO E7zOf1HO0or1FSwekKLB0pD+7vt6J0AbxgECApHjsL/pVc1vER+snNRpitwBC2Sd CNJF0H647hx6YAi95FHaLjz5inFHgizO9bhg5fVSAfWbQTLMfNzg5ldnq9MFcAT4 FIOBfnhhJiIhdhUNEcoc7fbJsPfYXTcmhE1wp3yAsBrRmIHu4A4R5mHnIUvkLRRR S01mNUKge4NWOMnaW9j/eMGZpbtqVsaqQMVOFABid18088WH2m0CDP/q7+uQYoih xcMBcatzXrSlMcZpEWONgImd7rhC87bH8k7/3nUBX1AKXYFvbQOZot9WqtG7b9qy MTcCReXXYyOM10l8X2ARf8ZpPsKpQ22YsGpNYkQw3WjZ4hH1wmM= =q3ii -----END PGP SIGNATURE-----

7 years

1
0
0 0

[GIT PULL] commits for Linux 4.9

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.9 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 1d326a94d1039e4543edd97cbaf0fc38d2cefbb5: Linux 4.9.134 (2018-10-18 09:13:26 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.9-22102018 for you to fetch changes up to 417cb56548e89751efe53f95645ebc12e80704e4: net: cxgb3_main: fix a missing-check bug (2018-10-18 09:08:15 -0400) - ---------------------------------------------------------------- for-greg-4.9-22102018 - ---------------------------------------------------------------- Alexandre Belloni (1): soc: fsl: qbman: qman: avoid allocating from non existing gen_pool Andrei Otcheretianski (2): mac80211: Always report TX status cfg80211: reg: Init wiphy_idx in regulatory_hint_core() Bob Copeland (1): mac80211: fix pending queue hang due to TX_DROP Florian Fainelli (8): ARM: dts: BCM63xx: Fix incorrect interrupt specifiers asix: Check for supported Wake-on-LAN modes ax88179_178a: Check for supported Wake-on-LAN modes lan78xx: Check for supported Wake-on-LAN modes sr9800: Check for supported Wake-on-LAN modes r8152: Check for supported Wake-on-LAN Modes smsc75xx: Check for Wake-on-LAN modes smsc95xx: Check for Wake-on-LAN modes Jiri Olsa (1): perf/ring_buffer: Prevent concurent ring buffer access Johannes Berg (1): mac80211: TDLS: fix skb queue/priority assignment Jouni Malinen (1): cfg80211: Address some corner cases in scan result channel updating Kan Liang (1): perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX Lubomir Rintel (1): pxa168fb: prepare the clock Maciej W. Rozycki (1): declance: Fix continuation with the adapter identification message Martin Willi (1): mac80211_hwsim: do not omit multicast announce of first added radio Masashi Honma (1): nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT Matias Karhumaa (1): Bluetooth: SMP: fix crash in unpairing Michal Simek (1): net: macb: Clean 64b dma addresses if they are not detected Nathan Chancellor (2): qed: Avoid implicit enum conversion in qed_roce_mode_to_flavor qed: Avoid constant logical operation warning in qed_vf_pf_acquire Rickard x Andersson (1): net: fec: fix rare tx timeout Sean Tranchetti (1): xfrm: validate template mode Steffen Klassert (1): xfrm: Validate address prefix lengths in the xfrm selector. Thadeu Lima de Souza Cascardo (1): xfrm6: call kfree_skb when skb is toobig Thomas Petazzoni (1): ARM: 8799/1: mm: fix pci_ioremap_io() offset check Wenwen Wang (1): net: cxgb3_main: fix a missing-check bug Zhao Qiang (1): soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() arch/arm/boot/dts/bcm63138.dtsi | 14 +++--- arch/arm/mm/ioremap.c | 2 +- arch/x86/events/intel/uncore_snbep.c | 12 ++--- drivers/net/ethernet/amd/declance.c | 10 +++-- drivers/net/ethernet/cadence/macb.c | 1 + drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c | 17 ++++++++ drivers/net/ethernet/freescale/fec_main.c | 8 ++-- drivers/net/ethernet/qlogic/qed/qed_roce.c | 15 ++----- drivers/net/ethernet/qlogic/qed/qed_vf.c | 1 - drivers/net/usb/asix_common.c | 3 ++ drivers/net/usb/ax88179_178a.c | 3 ++ drivers/net/usb/lan78xx.c | 17 ++------ drivers/net/usb/r8152.c | 3 ++ drivers/net/usb/smsc75xx.c | 3 ++ drivers/net/usb/smsc95xx.c | 3 ++ drivers/net/usb/sr9800.c | 3 ++ drivers/net/wireless/mac80211_hwsim.c | 3 +- drivers/soc/fsl/qbman/qman.c | 3 ++ drivers/soc/fsl/qe/ucc.c | 2 +- drivers/video/fbdev/pxa168fb.c | 6 +-- kernel/events/core.c | 2 + net/bluetooth/mgmt.c | 7 +-- net/bluetooth/smp.c | 29 +++++++++++-- net/bluetooth/smp.h | 3 +- net/ipv6/xfrm6_output.c | 2 + net/mac80211/status.c | 7 +-- net/mac80211/tdls.c | 8 ++-- net/mac80211/tx.c | 2 +- net/wireless/nl80211.c | 1 + net/wireless/reg.c | 1 + net/wireless/scan.c | 58 +++++++++++++++++++++---- net/xfrm/xfrm_user.c | 15 +++++++ 32 files changed, 183 insertions(+), 81 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlvNlM0ACgkQ3qZv95d3 LNy06A//TppaaIiGDc4s77H9gobWl6wNQCMQEfJL+hJuakjLAeK0fg/B2OGJKOWv C4AZyaZbBN94aEu9aqRC9LRweFwtbYD0yAnAVuFmiYfvJr6n7BhoQ2jkSIQ3A+h6 EmRr3++AVXWsk9c3AUO2a96Mz8zIzLqJmT8/kyZjD8oqjqFXXVOKIsi+HAL2qA2H 1BuH/N9IarC8qH65b8EvJofD3gDNnGdbRZNnB9zGXw7S+1JdTkY0fv2VKj8DR8PI gHvFeEXF5tN8f+slDPcSrvWV02PW+RgSgkUaAQRg8FDQYOiHYHAKlBgNlC9JW8ZB lqINzGUg3jDHeyGb61z5TQ871kiKL28Eg35LLetNhvt70Da7e7yx4bpmeFbsAVt0 Qy/DUYz4sngYDvKeliE9KAVuCjBn3JydqNyh34XdsL2qn/lIMsRvPpMmW3IZZ8hG 8OFjZUbx4m3EZqPYUqitSAIdYiry1hHNIZikA32YhZLJBeWMzehzUezWCJQE8xjC iaMaLcrWzuCw6I1Za6mBFna80c0nXBqOqwE/dxW22lrQ7JsGzcJ2+hOjp1HIeXmy OXhUpHCzlKkiyIwix67+z1PJkzaDWrA9JfV0MMhWVrE8CBe8ejo3BJ4VLP+CopfP hZQRlz9swjfBj7EAM/N0ifDZbPzH9eNSB2QOdwQQ07sCJIDEwKw= =BiFi -----END PGP SIGNATURE-----

7 years

1
0
0 0

[GIT PULL] commits for Linux 4.14

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.14 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 8263087bf62739362d50ec965c8c34fe3ee7a7cd: Linux 4.14.77 (2018-10-18 09:16:28 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.14-22102018 for you to fetch changes up to 099c61fc9879e7007c703a041ad2a2a3c38895d7: ocfs2: fix crash in ocfs2_duplicate_clusters_by_page() (2018-10-18 09:08:06 -0400) - ---------------------------------------------------------------- for-greg-4.14-22102018 - ---------------------------------------------------------------- Alexandre Belloni (1): soc: fsl: qbman: qman: avoid allocating from non existing gen_pool Andrei Otcheretianski (2): mac80211: Always report TX status cfg80211: reg: Init wiphy_idx in regulatory_hint_core() Bob Copeland (1): mac80211: fix pending queue hang due to TX_DROP David Ahern (1): netfilter: bridge: Don't sabotage nf_hook calls from an l3mdev Davide Caratti (1): be2net: don't flip hw_features when VXLANs are added/deleted Florian Fainelli (8): ARM: dts: BCM63xx: Fix incorrect interrupt specifiers asix: Check for supported Wake-on-LAN modes ax88179_178a: Check for supported Wake-on-LAN modes lan78xx: Check for supported Wake-on-LAN modes sr9800: Check for supported Wake-on-LAN modes r8152: Check for supported Wake-on-LAN Modes smsc75xx: Check for Wake-on-LAN modes smsc95xx: Check for Wake-on-LAN modes Guenter Roeck (1): locking/ww_mutex: Fix runtime warning in the WW mutex selftest Jiri Olsa (1): perf/ring_buffer: Prevent concurent ring buffer access Johannes Berg (1): mac80211: TDLS: fix skb queue/priority assignment Jouni Malinen (1): cfg80211: Address some corner cases in scan result channel updating Kan Liang (1): perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX Larry Chen (1): ocfs2: fix crash in ocfs2_duplicate_clusters_by_page() Lubomir Rintel (1): pxa168fb: prepare the clock Maciej W. Rozycki (1): declance: Fix continuation with the adapter identification message Martin Willi (1): mac80211_hwsim: do not omit multicast announce of first added radio Masashi Honma (2): nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds Matias Karhumaa (1): Bluetooth: SMP: fix crash in unpairing Michal Simek (1): net: macb: Clean 64b dma addresses if they are not detected Natarajan, Janakarajan (1): perf/x86/amd/uncore: Set ThreadMask and SliceMask for L3 Cache perf events Nathan Chancellor (5): qed: Avoid implicit enum conversion in qed_set_tunn_cls_info qed: Fix mask parameter in qed_vf_prep_tunn_req_tlv qed: Avoid implicit enum conversion in qed_roce_mode_to_flavor qed: Avoid constant logical operation warning in qed_vf_pf_acquire qed: Avoid implicit enum conversion in qed_iwarp_parse_rx_pkt Peter Zijlstra (1): perf/core: Fix perf_pmu_unregister() locking Rickard x Andersson (1): net: fec: fix rare tx timeout Sean Tranchetti (2): xfrm: validate template mode net: qualcomm: rmnet: Skip processing loopback packets Sowmini Varadhan (2): xfrm: reset transport header back to network header after all input transforms ahave been applied xfrm: reset crypto_done when iterating over multiple input xfrms Steffen Klassert (2): xfrm: Validate address prefix lengths in the xfrm selector. xfrm: Fix NULL pointer dereference when skb_dst_force clears the dst_entry. Steve Capper (1): arm64: hugetlb: Fix handling of young ptes Thadeu Lima de Souza Cascardo (1): xfrm6: call kfree_skb when skb is toobig Thomas Petazzoni (1): ARM: 8799/1: mm: fix pci_ioremap_io() offset check Wenwen Wang (2): net: cxgb3_main: fix a missing-check bug yam: fix a missing-check bug Yu Zhao (1): cfg80211: fix use-after-free in reg_process_hint() Yuan-Chi Pang (1): mac80211: fix TX status reporting for ieee80211s Zhao Qiang (1): soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() arch/arm/boot/dts/bcm63138.dtsi | 14 +++--- arch/arm/mm/ioremap.c | 2 +- arch/arm64/mm/hugetlbpage.c | 12 +++-- arch/x86/events/amd/uncore.c | 10 ++++ arch/x86/events/intel/uncore_snbep.c | 12 ++--- arch/x86/include/asm/perf_event.h | 8 +++ drivers/net/ethernet/amd/declance.c | 10 ++-- drivers/net/ethernet/cadence/macb_main.c | 1 + drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c | 17 +++++++ drivers/net/ethernet/emulex/benet/be_main.c | 5 +- drivers/net/ethernet/freescale/fec_main.c | 8 +-- drivers/net/ethernet/qlogic/qed/qed_iwarp.c | 4 +- drivers/net/ethernet/qlogic/qed/qed_roce.c | 15 ++---- drivers/net/ethernet/qlogic/qed/qed_sp_commands.c | 2 +- drivers/net/ethernet/qlogic/qed/qed_vf.c | 5 +- .../net/ethernet/qualcomm/rmnet/rmnet_handlers.c | 3 ++ drivers/net/hamradio/yam.c | 4 ++ drivers/net/usb/asix_common.c | 3 ++ drivers/net/usb/ax88179_178a.c | 3 ++ drivers/net/usb/lan78xx.c | 17 ++----- drivers/net/usb/r8152.c | 3 ++ drivers/net/usb/smsc75xx.c | 3 ++ drivers/net/usb/smsc95xx.c | 3 ++ drivers/net/usb/sr9800.c | 3 ++ drivers/net/wireless/mac80211_hwsim.c | 3 +- drivers/soc/fsl/qbman/qman.c | 3 ++ drivers/soc/fsl/qe/ucc.c | 2 +- drivers/video/fbdev/pxa168fb.c | 6 +-- fs/ocfs2/refcounttree.c | 16 ++++-- kernel/events/core.c | 11 ++-- kernel/locking/test-ww_mutex.c | 10 ++-- net/bluetooth/mgmt.c | 7 +-- net/bluetooth/smp.c | 29 +++++++++-- net/bluetooth/smp.h | 3 +- net/bridge/br_netfilter_hooks.c | 3 +- net/ipv4/xfrm4_input.c | 1 + net/ipv4/xfrm4_mode_transport.c | 4 +- net/ipv6/xfrm6_input.c | 1 + net/ipv6/xfrm6_mode_transport.c | 4 +- net/ipv6/xfrm6_output.c | 2 + net/mac80211/mesh.h | 3 +- net/mac80211/mesh_hwmp.c | 9 ++-- net/mac80211/status.c | 11 ++-- net/mac80211/tdls.c | 8 +-- net/mac80211/tx.c | 2 +- net/wireless/nl80211.c | 20 ++++++-- net/wireless/reg.c | 8 +-- net/wireless/scan.c | 58 ++++++++++++++++++---- net/xfrm/xfrm_input.c | 1 + net/xfrm/xfrm_output.c | 4 ++ net/xfrm/xfrm_policy.c | 4 ++ net/xfrm/xfrm_user.c | 15 ++++++ 52 files changed, 284 insertions(+), 131 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlvNlL8ACgkQ3qZv95d3 LNzQTA//T5dupcx3HiI8Q5SYfU++mpB2hvOGq4cUijF5NTtb66OwdykPRLFNa+sd oNC2Q5gT65c62+0lP8p6szZ01wpNlRy54THergh9zViM+r9G4nurVtKHrHVyZK5S VUvNO/Koxxztbp2P63caA56L37xNHQ0dB0e+KEQlvbyqBdzgOcFOxfwFO/iitL+0 un25d/ELJRLZxkz+AEUrW3Re/2xFRq425qFkOVHIrrVwzKEdoGcQTcujXyYkrtnK +W86SnJh9C7WkYyfyYhNlPiBftsVAzIF01sVLeT62ADhcUfuvgYGdqKui4Fv45Zy WRD7sNjyZsr8SuSD0fMUQuNesw7TXIALKEllzkhU0Awhw/OH0xzdOMRU6NlcczJk kbc1NXnbiO/tPTmd4cgoJDD/8EYxI7bfan+O4iqwM1DrNpbzDFh+qZYVSEWiLdUK Ex/kPdmNvishUrRwlOq7NCPkXbfse7bLMQfY9nSEbjfSljV8IlH4lnnanhezRAqV 8bOqGkaj4nxhinZJheNfOxCW7ZZxgvIQ87SaN1WXALgV8KdEINgS4notoAV8tcqQ ku90IIqPl28DLiB1OTOOfClDoEuQo9WE5JIjY3wRFqTPW3/YlbBw4Pw3cDHjZics 6clCLdQMTNKBsQhOGrzR749eJkziR81S+LSySHkVFaJvJWjiGtY= =9ORS -----END PGP SIGNATURE-----

7 years

1
0
0 0

[GIT PULL] commits for Linux 4.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 2724bf10255a5bd0fe578b4a4c7a0f7ab15f73cd: Linux 4.18.15 (2018-10-18 09:18:20 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.18-22102018 for you to fetch changes up to 26d01686996b715dbef1bd134a4ed1917e75e4c5: clk: mvebu: armada-37xx-periph: Remove unused var num_parents (2018-10-18 09:07:56 -0400) - ---------------------------------------------------------------- for-greg-4.18-22102018 - ---------------------------------------------------------------- Alexandre Belloni (1): soc: fsl: qbman: qman: avoid allocating from non existing gen_pool Anders Roxell (1): clk: mvebu: armada-37xx-periph: Remove unused var num_parents Andrei Otcheretianski (2): mac80211: Always report TX status cfg80211: reg: Init wiphy_idx in regulatory_hint_core() Anshuman Khandual (1): mm/migrate.c: split only transparent huge pages when allocation fails Atish Patra (1): RISCV: Fix end PFN for low memory Bob Copeland (1): mac80211: fix pending queue hang due to TX_DROP Colin Ian King (1): drm/i2c: tda9950: fix timeout counter check Dan Carpenter (1): x86/paravirt: Fix some warning messages David Ahern (1): netfilter: bridge: Don't sabotage nf_hook calls from an l3mdev David Howells (4): rxrpc: Fix checks as to whether we should set up a new call rxrpc: Fix RTT gathering rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket rxrpc: Fix error distribution Davide Caratti (1): be2net: don't flip hw_features when VXLANs are added/deleted Florian Fainelli (8): ARM: dts: BCM63xx: Fix incorrect interrupt specifiers asix: Check for supported Wake-on-LAN modes ax88179_178a: Check for supported Wake-on-LAN modes lan78xx: Check for supported Wake-on-LAN modes sr9800: Check for supported Wake-on-LAN modes r8152: Check for supported Wake-on-LAN Modes smsc75xx: Check for Wake-on-LAN modes smsc95xx: Check for Wake-on-LAN modes Florian Westphal (1): netfilter: avoid erronous array bounds warning Guenter Roeck (2): Revert "serial: 8250_dw: Fix runtime PM handling" locking/ww_mutex: Fix runtime warning in the WW mutex selftest Hans Verkuil (1): drm/i2c: tda9950: set MAX_RETRIES for errors only Jiri Olsa (1): perf/ring_buffer: Prevent concurent ring buffer access Johannes Berg (1): mac80211: TDLS: fix skb queue/priority assignment Jouni Malinen (1): cfg80211: Address some corner cases in scan result channel updating Kan Liang (1): perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX Larry Chen (1): ocfs2: fix crash in ocfs2_duplicate_clusters_by_page() Liran Alon (3): KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled KVM: x86: Do not use kvm_x86_ops->mpx_supported() directly KVM: nVMX: Fix emulation of VM_ENTRY_LOAD_BNDCFGS Lubomir Rintel (1): pxa168fb: prepare the clock Maciej W. Rozycki (1): declance: Fix continuation with the adapter identification message Martin Willi (3): mac80211_hwsim: fix locking when iterating radios during ns exit mac80211_hwsim: fix race in radio destruction from netlink notifier mac80211_hwsim: do not omit multicast announce of first added radio Masashi Honma (2): nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds Masayoshi Mizuma (1): perf/x86/intel/uncore: Use boot_cpu_data.phys_proc_id instead of hardcorded physical package ID 0 Matias Karhumaa (1): Bluetooth: SMP: fix crash in unpairing Michal Simek (1): net: macb: Clean 64b dma addresses if they are not detected Mika Westerberg (2): thunderbolt: Do not handle ICM events after domain is stopped thunderbolt: Initialize after IOMMUs Natarajan, Janakarajan (1): perf/x86/amd/uncore: Set ThreadMask and SliceMask for L3 Cache perf events Nathan Chancellor (5): qed: Avoid implicit enum conversion in qed_set_tunn_cls_info qed: Fix mask parameter in qed_vf_prep_tunn_req_tlv qed: Avoid implicit enum conversion in qed_roce_mode_to_flavor qed: Avoid constant logical operation warning in qed_vf_pf_acquire qed: Avoid implicit enum conversion in qed_iwarp_parse_rx_pkt Nilesh Javali (1): scsi: qedi: Initialize the stats mutex lock Peter Zijlstra (1): perf/core: Fix perf_pmu_unregister() locking Rickard x Andersson (1): net: fec: fix rare tx timeout Sean Tranchetti (1): xfrm: validate template mode Shirish S (1): drm/amd/display: Signal hw_done() after waiting for flip_done() Sowmini Varadhan (2): xfrm: reset transport header back to network header after all input transforms ahave been applied xfrm: reset crypto_done when iterating over multiple input xfrms Srikar Dronamraju (1): powerpc/numa: Skip onlining a offline node in kdump path Steffen Klassert (2): xfrm: Validate address prefix lengths in the xfrm selector. xfrm: Fix NULL pointer dereference when skb_dst_force clears the dst_entry. Steve Capper (1): arm64: hugetlb: Fix handling of young ptes Taehee Yoo (1): netfilter: nft_set_rbtree: add missing rb_erase() in GC routine Thadeu Lima de Souza Cascardo (1): xfrm6: call kfree_skb when skb is toobig Thomas Petazzoni (1): ARM: 8799/1: mm: fix pci_ioremap_io() offset check Wenwen Wang (2): net: cxgb3_main: fix a missing-check bug yam: fix a missing-check bug Yu Zhao (1): cfg80211: fix use-after-free in reg_process_hint() Yuan-Chi Pang (1): mac80211: fix TX status reporting for ieee80211s YueHaibing (1): mm/gup_benchmark: fix unsigned comparison to zero in __gup_benchmark_ioctl Zhao Qiang (1): soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() zhong jiang (1): netfilter: conntrack: get rid of double sizeof arch/arm/boot/dts/bcm63138.dtsi | 14 +++--- arch/arm/mm/ioremap.c | 2 +- arch/arm64/mm/hugetlbpage.c | 12 +++-- arch/powerpc/mm/numa.c | 5 +- arch/riscv/kernel/setup.c | 2 +- arch/x86/events/amd/uncore.c | 10 ++++ arch/x86/events/intel/uncore_snbep.c | 14 +++--- arch/x86/include/asm/perf_event.h | 8 ++++ arch/x86/kernel/paravirt.c | 4 +- arch/x86/kvm/vmx.c | 39 +++++++++++---- arch/x86/kvm/x86.c | 2 +- drivers/clk/mvebu/armada-37xx-periph.c | 1 - drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 10 +++- drivers/gpu/drm/i2c/tda9950.c | 5 +- drivers/net/ethernet/amd/declance.c | 10 ++-- drivers/net/ethernet/cadence/macb_main.c | 1 + drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c | 17 +++++++ drivers/net/ethernet/emulex/benet/be_main.c | 5 +- drivers/net/ethernet/freescale/fec_main.c | 8 ++-- drivers/net/ethernet/qlogic/qed/qed_iwarp.c | 4 +- drivers/net/ethernet/qlogic/qed/qed_roce.c | 15 ++---- drivers/net/ethernet/qlogic/qed/qed_sp_commands.c | 2 +- drivers/net/ethernet/qlogic/qed/qed_vf.c | 5 +- drivers/net/hamradio/yam.c | 4 ++ drivers/net/usb/asix_common.c | 3 ++ drivers/net/usb/ax88179_178a.c | 3 ++ drivers/net/usb/lan78xx.c | 17 ++----- drivers/net/usb/r8152.c | 3 ++ drivers/net/usb/smsc75xx.c | 3 ++ drivers/net/usb/smsc95xx.c | 3 ++ drivers/net/usb/sr9800.c | 3 ++ drivers/net/wireless/mac80211_hwsim.c | 36 +++++++------- drivers/scsi/qedi/qedi_main.c | 1 + drivers/soc/fsl/qbman/qman.c | 3 ++ drivers/soc/fsl/qe/ucc.c | 2 +- drivers/thunderbolt/icm.c | 49 ++++++++----------- drivers/thunderbolt/nhi.c | 2 +- drivers/tty/serial/8250/8250_dw.c | 4 -- drivers/video/fbdev/pxa168fb.c | 6 +-- fs/ocfs2/refcounttree.c | 16 +++++-- include/linux/netfilter.h | 2 + include/trace/events/rxrpc.h | 4 +- kernel/events/core.c | 11 ++--- kernel/locking/test-ww_mutex.c | 10 ++-- mm/gup_benchmark.c | 3 +- mm/migrate.c | 2 +- net/bluetooth/mgmt.c | 7 +-- net/bluetooth/smp.c | 29 ++++++++++-- net/bluetooth/smp.h | 3 +- net/bridge/br_netfilter_hooks.c | 3 +- net/ipv4/xfrm4_input.c | 1 + net/ipv4/xfrm4_mode_transport.c | 4 +- net/ipv6/xfrm6_input.c | 1 + net/ipv6/xfrm6_mode_transport.c | 4 +- net/ipv6/xfrm6_output.c | 2 + net/mac80211/mesh.h | 3 +- net/mac80211/mesh_hwmp.c | 9 ++-- net/mac80211/status.c | 11 ++--- net/mac80211/tdls.c | 8 ++-- net/mac80211/tx.c | 2 +- net/netfilter/nf_conntrack_proto_tcp.c | 4 +- net/netfilter/nft_set_rbtree.c | 28 +++++------ net/rxrpc/ar-internal.h | 15 ++++-- net/rxrpc/call_object.c | 2 +- net/rxrpc/conn_client.c | 4 +- net/rxrpc/conn_object.c | 4 +- net/rxrpc/input.c | 20 ++++---- net/rxrpc/local_object.c | 32 +++++++++---- net/rxrpc/output.c | 31 +++++++----- net/rxrpc/peer_event.c | 46 +++++------------- net/rxrpc/peer_object.c | 17 ------- net/wireless/nl80211.c | 20 ++++++-- net/wireless/reg.c | 8 ++-- net/wireless/scan.c | 58 +++++++++++++++++++---- net/xfrm/xfrm_input.c | 1 + net/xfrm/xfrm_output.c | 4 ++ net/xfrm/xfrm_policy.c | 4 ++ net/xfrm/xfrm_user.c | 15 ++++++ 78 files changed, 467 insertions(+), 318 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlvNlLQACgkQ3qZv95d3 LNxG5hAAgi9FdHk+dLze0f1V4fd/rG6YdwqOF7/YZz9FWZEib+eMLs18oSMcR/K3 SAs001XwWxJCy4OdLlYvFDqZU8np+RxzG4ol6Y6GRrpiVYSxHVbVjpBbsl2SW98M b1TnAPpHtF7z6720AXZo1EvgJ/yVQvWUtU7eiiGPYxrsfMTyYhttNtPnzsf43FNr il+HyOwdgLcRvbzO6SbaGv2Qmvy6KwZFyU8E4oOdQ7HmHEhE5/Om5jo9BSxie/KK OilDy0LfzziUI1KelewK2c6Zk9lbxzyVEhGXiCs+fKj6EbHTwNXrEAzXuQw7ZJgz hkHH1Beve24kyp4YpJQsq/bWJfFA4WTXmuDVU4fdMsOOKnm5/Xm4hnpFHRINRElj r9ZB1QveLi+8MZWi4JLi6MRh6dqE53DX8refwdljut3RdDTMiVapEoyhkFlyMZzh TJgB5PLFcRWWd5I6hI384eUrdfvgbusRwysMvxJOoBr/ddk6c4XDqMaGmUCnLSt8 ORZ0mFhV6VKrK8/y0LRhRjDTjGppYAuCDpbLw4SmZsTmyohLg1gubk8mGXDA+hqk ZMoFO67t1Sy8UiwLLJGL+XUkDnWUhWpKFynVgtTTCRcMKuqnmaHHC+s8v5nIsczh 7WLYCE3wISy1ug7i0Ew9qoMj7/gihrIUjtmpsnFtnvTgOqDj00A= =Zxve -----END PGP SIGNATURE-----

7 years

1
0
0 0

[PATCH v5] selinux: policydb - fix byte order and alignment issues

by Ondrej Mosnacek

Do the LE conversions before doing the Infiniband-related range checks. The incorrect checks are otherwise causing a failure to load any policy with an ibendportcon rule on BE systems. This can be reproduced by running (on e.g. ppc64): cat >my_module.cil <<EOF (type test_ibendport_t) (roletype object_r test_ibendport_t) (ibendportcon mlx4_0 1 (system_u object_r test_ibendport_t ((s0) (s0)))) EOF semodule -i my_module.cil Also, fix loading/storing the 64-bit subnet prefix for OCON_IBPKEY to use a correctly aligned buffer. Finally, do not use the 'nodebuf' (u32) buffer where 'buf' (__le32) should be used instead. Tested internally on a ppc64 machine with a RHEL 7 kernel with this patch applied. Cc: Daniel Jurgens <danielj(a)mellanox.com> Cc: Eli Cohen <eli(a)mellanox.com> Cc: James Morris <jmorris(a)namei.org> Cc: Doug Ledford <dledford(a)redhat.com> Cc: <stable(a)vger.kernel.org> # 4.13+ Fixes: a806f7a1616f ("selinux: Create policydb version for Infiniband support") Signed-off-by: Ondrej Mosnacek <omosnace(a)redhat.com> --- security/selinux/ss/policydb.c | 51 ++++++++++++++++++++++++---------- 1 file changed, 36 insertions(+), 15 deletions(-) Changes in v5: - defer also assignment to 8-bit ibendport.port Changes in v4: - defer assignment to 16-bit struct fields to after the range check Changes in v3: - use separate buffer for the 64-bit subnet_prefix - add comments on the byte ordering of subnet_prefix - deduplicate the le32_to_cpu() calls from checks Changes in v2: - add reproducer to commit message - update e-mail address of James Morris - better Cc also the old SELinux ML diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index f4eadd3f7350..d7e8126f32dc 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -2108,6 +2108,7 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, { int i, j, rc; u32 nel, len; + __be64 prefixbuf[1]; __le32 buf[3]; struct ocontext *l, *c; u32 nodebuf[8]; @@ -2217,21 +2218,30 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, goto out; break; } - case OCON_IBPKEY: - rc = next_entry(nodebuf, fp, sizeof(u32) * 4); + case OCON_IBPKEY: { + u32 pkey_lo, pkey_hi; + + rc = next_entry(prefixbuf, fp, sizeof(u64)); + if (rc) + goto out; + + /* we need to have subnet_prefix in CPU order */ + c->u.ibpkey.subnet_prefix = be64_to_cpu(prefixbuf[0]); + + rc = next_entry(buf, fp, sizeof(u32) * 2); if (rc) goto out; - c->u.ibpkey.subnet_prefix = be64_to_cpu(*((__be64 *)nodebuf)); + pkey_lo = le32_to_cpu(buf[0]); + pkey_hi = le32_to_cpu(buf[1]); - if (nodebuf[2] > 0xffff || - nodebuf[3] > 0xffff) { + if (pkey_lo > U16_MAX || pkey_hi > U16_MAX) { rc = -EINVAL; goto out; } - c->u.ibpkey.low_pkey = le32_to_cpu(nodebuf[2]); - c->u.ibpkey.high_pkey = le32_to_cpu(nodebuf[3]); + c->u.ibpkey.low_pkey = pkey_lo; + c->u.ibpkey.high_pkey = pkey_hi; rc = context_read_and_validate(&c->context[0], p, @@ -2239,7 +2249,10 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, if (rc) goto out; break; - case OCON_IBENDPORT: + } + case OCON_IBENDPORT: { + u32 port; + rc = next_entry(buf, fp, sizeof(u32) * 2); if (rc) goto out; @@ -2249,12 +2262,13 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, if (rc) goto out; - if (buf[1] > 0xff || buf[1] == 0) { + port = le32_to_cpu(buf[1]); + if (port > 0xff || port == 0) { rc = -EINVAL; goto out; } - c->u.ibendport.port = le32_to_cpu(buf[1]); + c->u.ibendport.port = port; rc = context_read_and_validate(&c->context[0], p, @@ -2262,7 +2276,8 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, if (rc) goto out; break; - } + } /* end case */ + } /* end switch */ } } rc = 0; @@ -3105,6 +3120,7 @@ static int ocontext_write(struct policydb *p, struct policydb_compat_info *info, { unsigned int i, j, rc; size_t nel, len; + __be64 prefixbuf[1]; __le32 buf[3]; u32 nodebuf[8]; struct ocontext *c; @@ -3192,12 +3208,17 @@ static int ocontext_write(struct policydb *p, struct policydb_compat_info *info, return rc; break; case OCON_IBPKEY: - *((__be64 *)nodebuf) = cpu_to_be64(c->u.ibpkey.subnet_prefix); + /* subnet_prefix is in CPU order */ + prefixbuf[0] = cpu_to_be64(c->u.ibpkey.subnet_prefix); - nodebuf[2] = cpu_to_le32(c->u.ibpkey.low_pkey); - nodebuf[3] = cpu_to_le32(c->u.ibpkey.high_pkey); + rc = put_entry(prefixbuf, sizeof(u64), 1, fp); + if (rc) + return rc; + + buf[0] = cpu_to_le32(c->u.ibpkey.low_pkey); + buf[1] = cpu_to_le32(c->u.ibpkey.high_pkey); - rc = put_entry(nodebuf, sizeof(u32), 4, fp); + rc = put_entry(buf, sizeof(u32), 2, fp); if (rc) return rc; rc = context_write(p, &c->context[0], fp); -- 2.17.2

7 years

1
0
0 0

Linux 3.16.60

by Ben Hutchings

I'm announcing the release of the 3.16.60 kernel. All users of the 3.16 kernel series should upgrade. The updated 3.16.y git tree can be found at: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.16.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git The diff from 3.16.59 is attached to this message. Ben. ------------ Documentation/networking/ppp_generic.txt | 6 - Makefile | 2 +- arch/arc/include/asm/Kbuild | 1 + arch/arm/boot/compressed/head.S | 16 +- arch/arm/boot/compressed/misc.c | 9 +- arch/arm/boot/dts/at91sam9g25.dtsi | 2 +- arch/arm/crypto/Makefile | 2 + arch/arm/include/asm/assembler.h | 10 + arch/arm/kernel/traps.c | 5 +- arch/arm/kvm/arm.c | 15 +- arch/arm/lib/getuser.S | 4 + arch/arm/mach-davinci/board-dm646x-evm.c | 3 +- arch/arm/mach-keystone/pm_domain.c | 1 + arch/avr32/include/asm/Kbuild | 1 + arch/blackfin/include/asm/Kbuild | 1 + arch/c6x/include/asm/Kbuild | 1 + arch/cris/include/asm/Kbuild | 1 + arch/frv/include/asm/Kbuild | 1 + arch/hexagon/include/asm/Kbuild | 1 + arch/ia64/include/asm/Kbuild | 1 + arch/m32r/include/asm/Kbuild | 1 + arch/metag/include/asm/Kbuild | 1 + arch/microblaze/include/asm/Kbuild | 1 + arch/mips/include/asm/Kbuild | 1 + arch/mips/include/asm/uaccess.h | 11 +- arch/mips/kernel/ptrace.c | 24 ++- arch/mips/kernel/ptrace32.c | 6 +- arch/mips/kvm/kvm_mips.c | 2 +- arch/mips/lib/memset.S | 11 +- arch/mn10300/include/asm/Kbuild | 1 + arch/parisc/kernel/drivers.c | 4 + arch/parisc/kernel/hpmc.S | 6 +- arch/powerpc/include/asm/barrier.h | 3 +- arch/powerpc/include/asm/opal.h | 3 + arch/powerpc/include/asm/synch.h | 4 - arch/powerpc/kernel/cpu_setup_power.S | 4 + arch/powerpc/kernel/eeh_driver.c | 61 ++++-- arch/powerpc/kernel/eeh_pe.c | 3 +- arch/powerpc/lib/feature-fixups.c | 2 +- arch/powerpc/mm/hugetlbpage.c | 17 +- arch/powerpc/platforms/powernv/opal-nvram.c | 21 +- arch/s390/hypfs/inode.c | 2 +- arch/s390/include/asm/Kbuild | 1 + arch/s390/kernel/ipl.c | 1 + arch/s390/kernel/perf_cpum_sf.c | 4 + arch/score/include/asm/Kbuild | 1 + arch/tile/include/asm/Kbuild | 1 + arch/um/include/asm/Kbuild | 1 + arch/um/os-Linux/signal.c | 2 +- arch/unicore32/include/asm/Kbuild | 1 + arch/x86/boot/compressed/eboot.c | 6 +- arch/x86/crypto/cast5_avx_glue.c | 3 +- arch/x86/include/asm/apic.h | 4 +- arch/x86/include/asm/x2apic.h | 2 +- arch/x86/kernel/acpi/boot.c | 18 +- arch/x86/kernel/apic/apic_numachip.c | 2 +- arch/x86/kernel/apic/x2apic_uv_x.c | 2 +- arch/x86/kernel/cpu/perf_event.c | 8 +- arch/x86/kernel/machine_kexec_32.c | 6 +- arch/x86/kernel/machine_kexec_64.c | 4 +- arch/x86/kernel/smpboot.c | 2 + arch/x86/kernel/tsc.c | 2 +- arch/x86/kvm/x86.c | 7 +- arch/x86/mm/dump_pagetables.c | 10 +- arch/x86/net/bpf_jit_comp.c | 3 +- arch/x86/um/stub_segv.c | 2 +- arch/x86/xen/mmu.c | 6 +- arch/xtensa/include/asm/Kbuild | 1 + crypto/af_alg.c | 8 +- crypto/ahash.c | 7 +- drivers/ata/ahci.c | 1 + drivers/ata/libata-core.c | 8 + drivers/atm/zatm.c | 3 + drivers/base/regmap/regmap.c | 22 +- drivers/char/virtio_console.c | 157 +++++++------- drivers/gpu/drm/drm_fops.c | 1 + drivers/gpu/drm/i915/i915_cmd_parser.c | 80 ++++--- drivers/gpu/drm/i915/i915_drv.h | 5 + drivers/gpu/drm/i915/i915_gem_userptr.c | 3 + drivers/gpu/drm/i915/intel_hdmi.c | 14 +- drivers/gpu/drm/i915/intel_lvds.c | 11 +- drivers/gpu/drm/msm/msm_gem.c | 30 ++- drivers/gpu/drm/radeon/radeon_device.c | 15 +- drivers/gpu/drm/radeon/si_dpm.c | 4 +- drivers/gpu/drm/rcar-du/rcar_du_lvdsenc.c | 10 +- drivers/hid/hid-core.c | 12 +- drivers/hid/hidraw.c | 5 + drivers/hid/i2c-hid/i2c-hid.c | 13 +- drivers/hwmon/nct6683.c | 4 +- drivers/hwmon/nct6775.c | 10 +- drivers/hwmon/pmbus/adm1275.c | 4 +- drivers/hwmon/pmbus/max8688.c | 2 +- drivers/i2c/busses/i2c-pmcmsp.c | 4 +- drivers/i2c/busses/i2c-viperboard.c | 2 +- drivers/iio/kfifo_buf.c | 11 +- drivers/infiniband/core/addr.c | 16 ++ drivers/infiniband/core/iwpm_util.c | 5 +- drivers/infiniband/core/ucma.c | 43 ++-- drivers/infiniband/hw/cxgb4/cq.c | 11 +- drivers/infiniband/hw/cxgb4/device.c | 8 + drivers/infiniband/hw/cxgb4/iw_cxgb4.h | 6 +- drivers/infiniband/hw/cxgb4/qp.c | 4 +- drivers/infiniband/hw/cxgb4/resource.c | 26 ++- drivers/infiniband/hw/mlx5/qp.c | 39 ++-- drivers/infiniband/ulp/srp/ib_srp.c | 8 +- drivers/input/serio/i8042-x86ia64io.h | 24 +++ drivers/media/pci/cx25821/cx25821-core.c | 7 +- drivers/media/platform/s3c-camif/camif-capture.c | 7 +- drivers/media/rc/rc-main.c | 4 +- drivers/media/v4l2-core/v4l2-compat-ioctl32.c | 4 +- drivers/message/fusion/mptsas.c | 1 + drivers/mmc/host/jz4740_mmc.c | 2 +- drivers/mtd/chips/cfi_cmdset_0001.c | 33 ++- drivers/mtd/chips/cfi_cmdset_0002.c | 9 +- drivers/mtd/ubi/block.c | 2 +- drivers/mtd/ubi/build.c | 11 + drivers/net/bonding/bond_main.c | 3 +- drivers/net/can/usb/kvaser_usb.c | 2 +- drivers/net/ethernet/broadcom/bcmsysport.c | 11 +- drivers/net/ethernet/broadcom/genet/bcmgenet.c | 11 +- drivers/net/ethernet/cisco/enic/enic_main.c | 8 +- drivers/net/ethernet/marvell/sky2.c | 2 +- drivers/net/ethernet/mellanox/mlx4/en_ethtool.c | 16 ++ drivers/net/ethernet/mellanox/mlx4/main.c | 4 +- drivers/net/ethernet/mellanox/mlx4/mlx4_en.h | 7 +- drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +- drivers/net/ethernet/ti/cpsw.c | 13 +- drivers/net/ethernet/ti/davinci_cpdma.c | 2 +- drivers/net/ethernet/ti/davinci_emac.c | 62 ++++-- drivers/net/ppp/ppp_generic.c | 136 +++++++----- drivers/net/ppp/pppoe.c | 4 + drivers/net/team/team.c | 38 +++- drivers/net/usb/qmi_wwan.c | 13 ++ drivers/net/vmxnet3/vmxnet3_drv.c | 137 ++++++++---- drivers/net/vmxnet3/vmxnet3_int.h | 8 +- drivers/net/wireless/rtl818x/rtl8187/dev.c | 2 +- drivers/parport/parport_pc.c | 4 + drivers/pci/hotplug/acpiphp_glue.c | 23 +- drivers/pci/quirks.c | 13 ++ drivers/pinctrl/pinctrl-single.c | 22 +- drivers/rtc/rtc-snvs.c | 15 +- drivers/rtc/rtc-tx4939.c | 6 +- drivers/s390/block/dasd_alias.c | 16 +- drivers/s390/cio/chsc.c | 14 +- drivers/s390/cio/qdio_main.c | 42 ++-- drivers/s390/cio/qdio_setup.c | 12 +- drivers/s390/net/qeth_core_main.c | 8 +- drivers/s390/scsi/zfcp_dbf.c | 23 +- drivers/s390/scsi/zfcp_ext.h | 5 +- drivers/s390/scsi/zfcp_scsi.c | 14 +- drivers/scsi/qla2xxx/qla_init.c | 3 +- drivers/scsi/sd.c | 2 + drivers/staging/line6/midi.c | 2 +- drivers/staging/rtl8192u/r8192U_core.c | 2 + drivers/staging/usbip/usbip_common.h | 2 +- drivers/staging/usbip/vhci_hcd.c | 8 +- drivers/thermal/imx_thermal.c | 19 +- drivers/tty/Makefile | 3 +- drivers/tty/n_null.c | 80 +++++++ drivers/tty/pty.c | 21 +- drivers/tty/serial/altera_uart.c | 6 +- drivers/tty/serial/arc_uart.c | 8 +- drivers/tty/serial/fsl_lpuart.c | 4 + drivers/tty/serial/imx.c | 6 + drivers/tty/serial/mxs-auart.c | 5 + drivers/tty/serial/pxa.c | 4 + drivers/tty/serial/xilinx_uartps.c | 2 +- drivers/tty/tty_io.c | 42 ++-- drivers/tty/tty_ldisc.c | 68 +++--- drivers/tty/vt/vt.c | 6 +- drivers/usb/core/config.c | 4 +- drivers/usb/core/generic.c | 9 +- drivers/usb/core/hcd.c | 1 + drivers/usb/core/hub.c | 10 +- drivers/usb/core/quirks.c | 3 + drivers/usb/dwc3/dwc3-pci.c | 2 +- drivers/usb/host/xhci-pci.c | 5 +- drivers/usb/musb/musb_gadget_ep0.c | 14 +- drivers/usb/musb/musb_host.c | 4 +- drivers/usb/serial/Kconfig | 1 + drivers/usb/serial/cp210x.c | 2 + drivers/usb/serial/ftdi_sio.c | 5 +- drivers/usb/serial/ftdi_sio_ids.h | 9 + drivers/usb/serial/usb-serial-simple.c | 7 + drivers/usb/serial/visor.c | 69 +++--- drivers/video/fbdev/stifb.c | 2 +- drivers/watchdog/f71808e_wdt.c | 2 +- drivers/xen/swiotlb-xen.c | 2 +- drivers/xen/xen-acpi-processor.c | 6 +- fs/affs/namei.c | 10 +- fs/afs/security.c | 13 +- fs/aio.c | 7 +- fs/autofs4/root.c | 2 +- fs/btrfs/ctree.c | 16 +- fs/btrfs/extent-tree.c | 1 + fs/btrfs/inode.c | 231 +++++++++++++------- fs/btrfs/ioctl.c | 22 +- fs/btrfs/tests/qgroup-tests.c | 2 +- fs/btrfs/tree-log.c | 12 +- fs/buffer.c | 2 +- fs/ceph/inode.c | 10 +- fs/cifs/cifsfs.c | 13 ++ fs/cifs/dir.c | 9 +- fs/cifs/smb2pdu.c | 49 +++-- fs/dcache.c | 22 ++ fs/ecryptfs/inode.c | 3 +- fs/ext2/inode.c | 10 - fs/ext2/namei.c | 6 +- fs/ext3/namei.c | 6 +- fs/ext4/balloc.c | 3 +- fs/ext4/dir.c | 8 +- fs/ext4/ialloc.c | 43 +--- fs/ext4/indirect.c | 5 +- fs/ext4/namei.c | 6 +- fs/ext4/xattr.c | 86 +++++--- fs/ext4/xattr.h | 11 + fs/f2fs/f2fs.h | 1 + fs/f2fs/gc.c | 2 +- fs/f2fs/inode.c | 23 ++ fs/f2fs/namei.c | 52 ++--- fs/fs-writeback.c | 2 +- fs/hugetlbfs/inode.c | 10 +- fs/jbd2/journal.c | 5 +- fs/jbd2/transaction.c | 1 + fs/jffs2/dir.c | 12 +- fs/jffs2/super.c | 2 +- fs/jfs/namei.c | 12 +- fs/namespace.c | 3 +- fs/nilfs2/namei.c | 6 +- fs/notify/fanotify/fanotify.c | 34 ++- fs/ocfs2/dlm/dlmcommon.h | 1 + fs/ocfs2/dlm/dlmdomain.c | 15 ++ fs/ocfs2/dlm/dlmrecovery.c | 13 +- fs/proc/proc_sysctl.c | 3 + fs/reiserfs/journal.c | 2 +- fs/reiserfs/namei.c | 12 +- fs/ubifs/super.c | 14 +- fs/udf/ialloc.c | 7 +- fs/udf/namei.c | 106 ++++----- fs/ufs/ialloc.c | 6 +- fs/ufs/namei.c | 14 +- include/asm-generic/word-at-a-time.h | 80 ++++++- include/linux/clk-provider.h | 3 +- include/linux/dcache.h | 1 + include/linux/efi.h | 8 +- include/linux/hid.h | 4 +- include/linux/iio/buffer.h | 6 +- include/linux/log2.h | 13 +- include/linux/msg.h | 4 +- include/linux/mtd/flashchip.h | 1 + include/linux/shm.h | 4 +- include/linux/string.h | 3 + include/linux/tty.h | 6 +- include/linux/virtio.h | 3 + include/net/dst.h | 1 + include/net/inet_timewait_sock.h | 1 + include/net/nexthop.h | 2 +- include/rdma/ib_addr.h | 2 + include/sound/control.h | 7 +- include/sound/pcm_oss.h | 1 + include/trace/events/xen.h | 16 -- include/uapi/linux/ppp-ioctl.h | 2 +- include/uapi/linux/tty.h | 1 + ipc/msg.c | 19 +- ipc/msgutil.c | 2 +- ipc/sem.c | 38 ++-- ipc/shm.c | 116 +++++++--- ipc/util.c | 9 + ipc/util.h | 11 + kernel/resource.c | 3 +- kernel/sched/auto_group.c | 9 +- kernel/sched/core.c | 3 + kernel/sys.c | 4 + kernel/time/clocksource.c | 2 + kernel/time/tick-broadcast.c | 8 + kernel/trace/trace_events_filter.c | 3 + kernel/trace/trace_events_trigger.c | 5 +- kernel/trace/trace_uprobe.c | 32 ++- kernel/tracepoint.c | 4 +- lib/string.c | 88 ++++++++ mm/filemap.c | 7 +- mm/mmap.c | 32 +++ net/atm/lec.c | 9 +- net/batman-adv/translation-table.c | 93 ++++++-- net/bridge/netfilter/ebtables.c | 3 +- net/ceph/messenger.c | 7 + net/compat.c | 6 +- net/core/dev.c | 3 +- net/core/dev_addr_lists.c | 4 +- net/core/neighbour.c | 30 ++- net/core/skbuff.c | 1 + net/dccp/ccids/ccid2.c | 14 +- net/dccp/timer.c | 2 +- net/dns_resolver/dns_key.c | 14 +- net/ipv4/inet_timewait_sock.c | 1 + net/ipv4/ip_output.c | 3 +- net/ipv4/ip_tunnel.c | 17 +- net/ipv4/ping.c | 7 +- net/ipv4/route.c | 118 +++++----- net/ipv4/tcp.c | 8 +- net/ipv4/tcp_input.c | 7 +- net/ipv4/tcp_output.c | 7 +- net/ipv4/udp.c | 7 +- net/ipv6/ip6_gre.c | 8 +- net/ipv6/ip6_output.c | 3 +- net/ipv6/ip6_tunnel.c | 8 +- net/ipv6/ip6_vti.c | 7 +- net/ipv6/route.c | 2 + net/ipv6/sit.c | 8 +- net/ipv6/xfrm6_policy.c | 2 +- net/l2tp/l2tp_core.c | 260 ++++++++++------------- net/l2tp/l2tp_core.h | 7 +- net/l2tp/l2tp_debugfs.c | 18 +- net/l2tp/l2tp_netlink.c | 28 ++- net/l2tp/l2tp_ppp.c | 43 +++- net/llc/af_llc.c | 17 +- net/netfilter/ipvs/ip_vs_core.c | 8 + net/netfilter/ipvs/ip_vs_ctl.c | 15 +- net/netfilter/ipvs/ip_vs_sync.c | 10 +- net/netfilter/nf_tables_api.c | 59 ++--- net/netlink/af_netlink.c | 2 + net/packet/af_packet.c | 86 +++++--- net/packet/internal.h | 10 +- net/rfkill/rfkill-gpio.c | 7 +- net/sched/sch_fq.c | 37 ++-- net/sctp/inqueue.c | 2 +- net/sctp/ipv6.c | 65 +++--- net/sunrpc/rpc_pipe.c | 1 + security/selinux/ss/services.c | 2 +- sound/core/control_compat.c | 3 +- sound/core/oss/pcm_oss.c | 186 ++++++++++++---- sound/core/pcm.c | 8 +- sound/core/pcm_compat.c | 2 + sound/core/pcm_native.c | 1 + sound/core/rawmidi_compat.c | 18 +- sound/core/seq/oss/seq_oss_event.c | 15 +- sound/core/seq/oss/seq_oss_midi.c | 2 + sound/core/seq/oss/seq_oss_synth.c | 85 ++++---- sound/core/seq/oss/seq_oss_synth.h | 3 +- sound/core/seq/seq_virmidi.c | 4 +- sound/core/timer.c | 222 +++++++++---------- sound/drivers/aloop.c | 17 +- sound/drivers/opl3/opl3_synth.c | 7 +- sound/pci/asihpi/hpimsginit.c | 39 ++-- sound/pci/asihpi/hpioctl.c | 4 +- sound/pci/hda/hda_hwdep.c | 12 +- sound/pci/rme9652/hdspm.c | 24 ++- sound/pci/rme9652/rme9652.c | 6 +- sound/soc/codecs/ssm2602.c | 19 +- sound/soc/fsl/fsl_esai.c | 7 + sound/usb/mixer.c | 8 + sound/usb/mixer_maps.c | 3 + tools/perf/Documentation/perf-top.txt | 3 + tools/perf/builtin-record.c | 2 +- 354 files changed, 3603 insertions(+), 1941 deletions(-) Aaron Ma (2): HID: i2c-hid: fix size check and type usage HID: core: Fix size as type u32 Al Viro (12): hypfs_kill_super(): deal with failed allocations jffs2_kill_sb(): deal with failed allocations rpc_pipefs: fix double-dput() Don't leak MNT_INTERNAL away from internal mounts udf: merge the pieces inserting a new non-directory object into directory udf: fix the udf_iget() vs. udf_new_inode() races ufs: deal with nfsd/iget races do d_instantiate/unlock_new_inode combinations safely affs_lookup(): close a race with affs_remove_link() ext2: fix a block leak aio: fix io_destroy(2) vs. lookup_ioctx() race fix io_destroy()/aio_complete() race Alan Cox (1): tty: handle the case where we cannot restore a line discipline Alan Stern (1): USB: Accept bulk endpoints with 1024-byte maxpacket Alex Smith (1): mmc: jz4740: Fix race condition in IRQ mask update Alexander Gerasiov (1): parport_pc: Add support for WCH CH382L PCI-E single parallel port card. Alexey Khoroshilov (2): vmxnet3: fix checks for dma mapping errors vmxnet3: avoid assumption about invalid dma_pa in vmxnet3_set_mc() Amir Goldstein (1): fanotify: fix logic of events on child Andrew Morton (1): fs/reiserfs/journal.c: add missing resierfs_warning() arg Andrey Ignatov (1): ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg Andy King (1): VMXNET3: Check for map error in vmxnet3_set_mc Aneesh Kumar K.V (1): powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb Ard Biesheuvel (1): efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode Arnaldo Carvalho de Melo (1): perf top: Document --ignore-vmlinux Arnd Bergmann (1): media: s3c-camif: fix out-of-bounds array access Bai Ping (1): thermal: imx: register irq handler later in probe Bart Van Assche (1): IB/srp: Fix srp_abort() Ben Hutchings (5): scsi: qla2xxx: Avoid double completion of abort command drm/msm: Fix possible null dereference on failure of get_pages() ALSA: timer: Fix pause event notification ppp: Fix null pointer dereference on registration failure Linux 3.16.60 Bharat Potnuri (1): iw_cxgb4: Atomically flush per QP HW CQEs Bin Liu (1): usb: musb: host: fix potential NULL pointer dereference Bjorn Helgaas (1): drm/radeon: make MacBook Pro d3_delay quirk more generic Bjørn Mork (1): qmi_wwan: do not steal interfaces from class drivers Brad Volkin (1): drm/i915: Log a message when rejecting LRM to OACONTROL Bryan O'Donoghue (1): rtc: snvs: Fix usage of snvs_rtc_enable Chao Yu (2): f2fs: reposition unlock_new_inode to prevent accessing invalid inode udf: avoid unneeded up_write when fail to add entry in ->symlink Charles Keepax (2): regmap: Correct offset handling in regmap_volatile_range regmap: Don't use format_val in regmap_bulk_read Chris Mason (1): Btrfs: use insert_inode_locked4 for inode creation Chris Metcalf (3): Make asm/word-at-a-time.h available on all architectures word-at-a-time.h: fix some Kbuild files string: provide strscpy() Clemens Werther (1): USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator Colin Ian King (5): media: cx25821: prevent out-of-bounds read on array card rtc: tx4939: avoid unintended sign extension on a 24 bit shift staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr RDMA/iwpm: fix memory leak on map_info KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable" Collin May (1): USB: serial: simple: add libtransistor console Cong Wang (2): llc: hold llc_sap before release_sock() llc: fix NULL pointer deref for SOCK_ZAPPED Dan Carpenter (2): xen/acpi: off by one in read_acpi_id() net: ethernet: davinci_emac: fix error handling in probe() Daniel Borkmann (1): bpf, x64: fix memleak when not converging after image Danilo Krummrich (1): fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table Danit Goldberg (1): IB/mlx5: Use unlimited rate when static rate is not supported Dave Airlie (1): drm: set FMODE_UNSIGNED_OFFSET for drm files David Henningsson (1): ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr David Howells (1): afs: Fix directory permissions check David Lechner (1): pinctrl: pinctrl-single: Fix pcs_request_gpio() when bits_per_mux != 0 Davidlohr Bueso (5): ipc,shm: move BUG_ON check into shm_lock ipc: convert invalid scenarios to use WARN_ON ipc/sem: make semctl setting sempid consistent Revert "ipc/shm: Fix shmat mmap nil-page protection" ipc/shm: fix shmat() nil address after round-down when remapping Dennis Wassenberg (1): Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list Dexuan Cui (1): tick/broadcast: Use for_each_cpu() specially on UP kernels Dmitry Safonov (1): tracing/uprobe: Drop isdigit() check in create_trace_uprobe Dou Liyang (1): x86/acpi: Prevent X2APIC id 0xffffffff from being accounted Eliot Blennerhassett (1): ALSA: asihpi: used parts of message/response are zeroed before use Eric Biggers (5): crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one ipc/shm: fix use-after-free of shm file via remap_file_pages() ext4: correctly detect when an xattr value has an invalid size KEYS: DNS: limit the length of option strings ppp: remove the PPPIOCDETACH ioctl Eric Dumazet (21): ip_tunnel: better validate user provided tunnel names ipv6: sit: better validate user provided tunnel names ip6_gre: better validate user provided tunnel names ip6_tunnel: better validate user provided tunnel names vti6: better validate user provided tunnel names crypto: af_alg - fix possible uninit-value in alg_bind() netlink: fix uninit-value in netlink_sendmsg net: fix rtnh_ok() net: initialize skb->peeked when cloning net: fix uninit-value in __hw_addr_add_ex() soreuseport: initialise timewait reuseport field sctp: do not leak kernel memory to user space tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets net: af_packet: fix race in PACKET_{R|T}X_RING ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy tcp: fix TCP_REPAIR_QUEUE bound checking net_sched: fq: take care of throttled flows before reuse dccp: fix tasklet usage llc: better deal with too small mtu xfrm6: avoid potential infinite loop in _decode_session6() tcp: purge write queue in tcp_connect_init() Eric W. Biederman (4): ipc/util: Helpers for making the sysvipc operations pid namespace aware ipc/shm: Fix shmctl(..., IPC_STAT, ...) between pid namespaces. ipc/msg: Fix msgctl(..., IPC_STAT, ...) between pid namespaces ipc/sem: Fix semctl(..., GETPID, ...) between pid namespaces Eryu Guan (1): ext4: protect i_disksize update by i_data_sem in direct write path Fabián Inostroza (1): ALSA: line6: Use correct endpoint type for midi output Federico Cuello (1): ALSA: usb: mixer: volume quirk for CM102-A+/102S+ Filipe Manana (3): Btrfs: fix copy_items() return value when logging an inode Btrfs: ensure tmpfile inode is always persisted with link count of 0 Btrfs: don't leave dangling dentry if symlink creation failed Florent Flament (1): drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log Florian Fainelli (2): net: bcmgenet: Fix sparse warnings in bcmgenet_put_tx_csum() net: systemport: Fix sparse warnings in bcm_sysport_insert_tsb() Florian Westphal (1): netfilter: nf_tables: can't fail after linking rule into active rule list Francisco Jerez (1): drm/i915: Fix command parser to validate multiple register access with the same command. Geert Uytterhoeven (6): serial: arc_uart: Fix out-of-bounds access through DT alias serial: fsl_lpuart: Fix out-of-bounds access through DT alias serial: imx: Fix out-of-bounds access through serial port index serial: mxs-auart: Fix out-of-bounds access through serial port index serial: pxa: Fix out-of-bounds access through serial port index serial: xuartps: Fix out-of-bounds access through DT alias Govindarajulu Varadarajan (1): enic: set DMA mask to 47 bit Greg Kroah-Hartman (1): USB: serial: visor: handle potential invalid device configuration Guenter Roeck (4): hwmon: (pmbus/max8688) Accept negative page register values hwmon: (pmbus/adm1275) Accept negative page register values hwmon: (nct6775) Fix writing pwmX_mode hwmon: (nct6683) Enable EC access if disabled at boot Guillaume Nault (12): l2tp: fix races in tunnel creation l2tp: fix race in duplicate tunnel detection l2tp: hold reference on tunnels in netlink dumps l2tp: hold reference on tunnels printed in pppol2tp proc file l2tp: hold reference on tunnels printed in l2tp/tunnels debugfs file l2tp: fix {pppol2tp, l2tp_dfs}_seq_stop() in case of seq_file overflow l2tp: check sockaddr length in pppol2tp_connect() pppoe: check sockaddr length in pppoe_connect() ppp: fix device unregistration upon netns deletion ppp: fix lockdep splat in ppp_dev_uninit() ppp: fix race in ppp device destruction ppp: unlock all_ppp_mutex before registering device Gustavo A. R. Silva (3): atm: zatm: Fix potential Spectre v1 net: atm: Fix potential Spectre v1 kernel/sys.c: fix potential Spectre v1 issue Hans de Goede (1): libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs Heinrich Schuchardt (1): usb: musb: gadget: misplaced out of bounds check Helge Deller (2): parisc: Fix HPMC handler by increasing size to multiple of 16 bytes parisc: Fix out of array access in match_pci_device() Hendrik Brueckner (1): s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero Herbert Xu (1): crypto: ahash - Fix early termination in hash walk Huacai Chen (1): zboot: fix stack protector in compressed boot phase Ian Kent (1): autofs: mount point create should honour passed in mode Igor Pylypiv (1): watchdog: f71808e_wdt: Fix WD_EN register read Ilya Dryomov (1): libceph: validate con->state at the top of try_write() Ivan Khoronzhuk (1): net: ethernet: ti: cpdma: correct error handling for chan create Jack Morgenstein (1): net/mlx4: Fix irq-unsafe spinlock usage Jaegeuk Kim (2): f2fs: call f2fs_unlock_op after error was handled f2fs: go out for insert_inode_locked failure James Kelly (1): ASoC: ssm2602: Replace reg_default_raw with reg_default Jan Kara (3): bdi: Fix oops in wb_workfn() ufs: Fix warning from unlock_new_inode() ufs: Fix possible deadlock when looking up directories Jann Horn (1): tcp: don't read out-of-bounds opsize Jason Andryuk (1): HID: i2c-hid: Fix "incomplete report" noise Jeff Moyer (1): block_invalidatepage(): only release page if the full page was invalidated Jens Remus (1): scsi: zfcp: fix infinite iteration on ERP ready list Jerome Brunet (1): clk: fix mux clock documentation Jimmy Assarsson (1): can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() Jiri Olsa (1): perf record: Put new line after target override warning Joakim Tjernlund (3): mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block. mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug. mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block. Joe Jin (1): xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent Joerg Roedel (1): x86/mm: Prevent kernel Oops in PTDUMP code with HIGHPTE=y Johan Hovold (2): USB: serial: cp210x: add ELDAT Easywave RX09 id rfkill: gpio: fix memory leak in probe error path Jonathan Neuschäfer (1): net: core: dst: Add kernel-doc for 'net' parameter Julian Anastasov (3): ipv4: fix fnhe usage by non-cached routes ipvs: fix stats update from local clients ipvs: fix buffer overflow with sync daemon and service Julian Wiedmann (5): s390/qdio: don't merge ERROR output buffers s390/qdio: don't retry EQBS after CCQ 96 s390/qeth: handle failure on workqueue creation s390/qdio: fix access to uninitialized qdio_q fields s390/qdio: don't release memory in qdio_setup_irq() Kai-Heng Feng (2): sky2: Increase D3 delay to sky2 stops working after suspend xhci: Fix USB ports for Dell Inspiron 5775 Kamil Lulko (1): usb: core: Add quirk for HP v222w 16GB Mini Kenny Yu (1): uprobe: Find last occurrence of ':' when parsing uprobe PATH:OFFSET Kirill A. Shutemov (1): ipc/shm: handle removed segments gracefully in shm_mmap() Krzysztof Mazur (1): um: Use POSIX ucontext_t instead of struct ucontext Kyle Roeschley (1): USB: serial: cp210x: add ID for NI USB serial console Lance Richardson (1): net: support compat 64-bit time in {s,g}etsockopt Leon Romanovsky (1): RDMA/mlx5: Protect from shift operand overflow Leonard Crestez (1): crypto: arm,arm64 - Fix random regeneration of S_shipped Li RongQing (1): x86/apic: Fix signedness bug in APIC ID validity checks Linus Lüssing (1): batman-adv: Fix TT sync flags for intermediate TT responses Linus Torvalds (3): mmap: introduce sane default mmap limits mmap: relax file size limit for regular files give up on gcc ilog2() constant optimizations Liu Bo (3): Btrfs: fix unexpected cow in run_delalloc_nocow Btrfs: fix NULL pointer dereference in log_dir_items Btrfs: bail out on error during replay_dir_deletes Long Li (1): cifs: Allocate validate negotiation request through kmalloc Maciej W. Rozycki (3): MIPS: ptrace: Expose FIR register through FP regset MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs Mahesh Rajashekhara (1): scsi: sd: Defer spinning up drive while SANITIZE is in progress Major Hayden (1): USB: serial: ftdi_sio: add RT Systems VX-8 cable Marc Dionne (1): afs: Ignore AFS_ACE_READ and AFS_ACE_WRITE for directories Marc Zyngier (1): KVM: arm/arm64: Close VMID generation race Marek Lindner (1): batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs Mark Brown (1): regmap: Support bulk reads for devices without raw formatting Markus Elfring (2): video/fbdev/stifb: Return -ENOMEM after a failed kzalloc() in stifb_init_fb() tracing: Deletion of an unnecessary check before iput() Martin K. Petersen (1): scsi: mptsas: Disable WRITE SAME Martin Kelly (2): iio:buffer: make length types match kfifo types iio:kfifo_buf: check for uint overflow Masami Hiramatsu (3): tracing/uprobe_event: Fix strncpy corner case ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions Mathieu Desnoyers (1): tracepoint: Do not warn on ENOMEM Matt Redfearn (4): MIPS: memset.S: EVA & fault support for small_memset MIPS: memset.S: Fix return of __clear_user from Lpartial_fixup MIPS: memset.S: Fix clobber of v1 in last_fixup MIPS: uaccess: Add micromips clobbers to bzero invocation Matthew Auld (1): drm/i915/userptr: reject zero user_size Matthew Wilcox (1): mm/filemap.c: fix NULL pointer in page_cache_tree_insert() Mauro Carvalho Chehab (1): media: v4l2-compat-ioctl32: don't oops on overlay Michael Ellerman (1): powerpc/lib: Fix off-by-one in alternate feature patching Michael Neuling (3): powerpc/eeh: Fix race with driver un/bind powerpc/eeh: Fix enabling bridge MMIO windows powerpc/64s: Clear PCR on boot Michael S. Tsirkin (6): virtio_console: don't tie bufs to a vq virtio: add ability to iterate over vqs virtio_console: free buffers after reset virtio_console: drop custom control queue cleanup virtio_console: move removal code virtio_console: reset on out of memory Michal Srb (1): drm/i915/cmdparser: Do not check past the cmd length. Mika Westerberg (2): ACPI / hotplug / PCI: Check presence of slot itself in get_slot_status() ahci: Add PCI ID for Cannon Lake PCH-LP AHCI Mike Frysinger (1): vt: change SGR 21 to follow the standards Mike Galbraith (1): sched/autogroup: Fix 64-bit kernel nice level adjustment Mike Kravetz (1): hugetlbfs: fix bug in pgoff overflow checking Mikhail Lappo (1): thermal: imx: Fix race condition in imx_thermal_probe() Moshe Shemesh (1): net/mlx4_en: Verify coalescing parameters are in range Nicholas Piggin (5): powerpc/powernv: Handle unknown OPAL errors in opal_nvram_write() powerpc/64: Fix smp_wmb barrier definition use use lwsync consistently powerpc/powernv: define a standard delay for OPAL_BUSY type retry loops powerpc/powernv: Fix OPAL NVRAM driver OPAL_BUSY loops powerpc/powernv: Fix NVRAM sleep in invalid context when crashing Nico Sneck (1): drm/radeon: add PX quirk for Asus K73TK Nicolas Dichtel (1): ip_tunnel: restore binding to ifaces with a large mtu Nicolas Ferre (1): ARM: dts: at91: at91sam9g25: fix mux-mask pinctrl property Nicolin Chen (1): ASoC: fsl_esai: Fix divisor calculation failure at lower ratio Nikolay Borisov (3): btrfs: Refactor transaction handling in received subvolume ioctl btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol btrfs: Fix possible softlock on single core machines Ondrej Zary (2): Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad drm/i915: Disable LVDS on Radiant P845 Paolo Abeni (2): team: avoid adding twice the same option to the event list netfilter: ebtables: handle string from userspace with care Paul Parsons (1): drm/radeon: Fix PCIe lane width calculation Peng Hao (1): kvm: x86: fix a compile warning Peter Rosin (3): i2c: pmcmsp: return message count on master_xfer success i2c: pmcmsp: fix error return from master_xfer i2c: viperboard: return message count on master_xfer success Peter Zijlstra (5): clocksource: Initialize cs->wd_list sched/core: Fix possible Spectre-v1 indexing for sched_prio_to_weight[] sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[] perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* Prakash Kamliya (1): drm/msm: fix leak in failed get_pages Qu Wenruo (1): btrfs: tests/qgroup: Fix wrong tree backref level Raju Rangoju (1): RDMA/cxgb4: release hw resources on device removal Rasmus Villemoes (2): drivers: tty: Merge alloc_tty_struct and initialize_tty_struct drivers: tty: Fix use-after-free in pty_common_install Ravi Chandra Sadineni (1): USB: Increment wakeup count on remote wakeup. Richard Weinberger (2): ubifs: Check ubifs_wbuf_sync() return code ubi: Reject MLC NAND Robbie Ko (1): Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting Rodrigo Rivas Costa (1): HID: hidraw: Fix crash on HIDIOCGFEATURE with a destroyed device Roland Dreier (3): RDMA/ucma: Don't allow setting RDMA_OPTION_IB_PATH without an RDMA device RDMA/ucma: Introduce safer rdma_addr_size() variants RDMA/ucma: Allow resolving address w/o specifying source address Romain Izard (1): ubi: Fix error for write access Ronnie Sahlberg (1): cifs: fix memory leak in SMB2_open() Russell King (1): ARM: keystone: fix platform_domain_notifier array overrun SZ Lin (林上智) (1): NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2 Sachin Grover (1): selinux: KASAN: slab-out-of-bounds in xattr_getsecurity Sean Young (1): media: rc: oops in ir_timer_keyup after device unplug Sebastian Ott (1): s390/cio: update chpid descriptor after resource accessibility event Sekhar Nori (1): ARM: davinci: board-dm646x-evm: set VPIF capture card name Sergei Shtylyov (1): drm: rcar-du: lvds: Fix LVDS startup on R-Car Gen2 Shamir Rabinovitch (1): RDMA/ucma: ucma_context reference leak in error path Shuah Khan (2): usbip: vhci_hcd: check rhport before using in vhci_hub_control() usbip: vhci_hcd: Fix usb device and sockfd leaks Song Liu (1): tracing: Fix bad use of igrab in trace_uprobe.c Stefan Brüns (1): drm/i915: Try EDID bitbanging on HDMI after failed read Stefan Haberland (1): s390/dasd: fix IO error for newly defined devices Steve French (2): cifs: do not allow creating sockets except with SMB1 posix exensions smb3: directory sync should not return an error Steven Rostedt (VMware) (3): tracing: Fix regex_match_front() to not over compare the test string tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} tracing: Fix crash when freeing instances with event triggers Sudhir Sreedharan (1): rtl8187: Fix NULL pointer dereference in priv->conf_mutex Sudip Mukherjee (1): libata: blacklist Micron 500IT SSD with MU01 firmware Sven Eckelmann (1): batman-adv: Avoid race in TT TVLV allocator helper Takashi Iwai (21): ALSA: pcm: Use ERESTARTSYS instead of EINTR in OSS emulation ALSA: pcm: Avoid potential races between OSS ioctls and read/write ALSA: pcm: Return -EBUSY for OSS ioctls changing busy streams ALSA: pcm: Fix mutex unbalance in OSS emulation ioctls ALSA: pcm: Fix UAF at PCM release via PCM timer access ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation resource: fix integer overflow at reallocation ALSA: rawmidi: Fix missing input substream checks in compat ioctls ALSA: usb-audio: Skip broken EU on Dell dock USB-audio ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device ALSA: seq: oss: Hardening for potential Spectre v1 ALSA: control: Hardening for potential Spectre v1 ALSA: hda: Hardening for potential Spectre v1 ALSA: opl3: Hardening for potential Spectre v1 ALSA: asihpi: Hardening for potential Spectre v1 ALSA: hdspm: Hardening for potential Spectre v1 ALSA: rme9652: Hardening for potential Spectre v1 ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger() ALSA: aloop: Add missing cable lock to ctl API callbacks ALSA: pcm: Check PCM state at xfern compat ioctl ALSA: timer: Call notifier in the same spinlock Tarick Bedeir (1): net/mlx4_core: Fix error handling in mlx4_init_port_info. Tejun Heo (1): libata: Blacklist some Sandisk SSDs for NCQ Tetsuo Handa (4): tty: Avoid possible error pointer dereference at tty_ldisc_restore(). tty: Don't call panic() at tty_ldisc_init() tty: Use __GFP_NOFAIL for tty_ldisc_get() x86/kexec: Avoid double free_page() upon do_kexec_load() failure Theodore Ts'o (6): jbd2: if the journal is aborted then don't allow update of the log tail ext4: don't update checksum of new initialized bitmaps ext4: add bounds checking to ext4_xattr_find_entry() ext4: add extra checks to ext4_xattr_block_get() ext4: force revalidation of directory pointer after seekdir(2) ext4: set h_journal if there is a failure starting a reserved handle Thinh Nguyen (1): usb: dwc3: pci: Properly cleanup resource Tony Lindgren (1): net: davinci_emac: Fix runtime pm calls for davinci_emac Toshiaki Makita (1): vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi Uwe Kleine-König (1): serial: altera: ensure port->regshift is honored consistently Vasily Gorbik (1): s390/ipl: ensure loadparm valid flag is set Vasyl Vavrychuk (1): USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster Wei Huang (1): KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed Wenwen Wang (1): ALSA: control: fix a redundant-copy issue Willem de Bruijn (2): packet: fix bitfield update race net: test tailroom before appending to linear skb Wolfgang Bumiller (1): net: fix deadlock while clearing neighbor proxy table Xiaoming Gao (1): x86/tsc: Prevent 32bit truncation in calc_hpet_ref() Xin Long (5): sctp: do not check port in sctp_inet6_cmp_addr bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave team: fix netconsole setup over team sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr sctp: fix the issue that the cookie-ack with auth can't get processed Yan, Zheng (1): ceph: always update atime/mtime/ctime for new inode Yazen Ghannam (1): x86/smpboot: Don't use mwait_play_dead() on AMD systems Yishai Hadas (1): RDMA/mlx5: Don't assume that medium blueFlame register exists Zhengjun Xing (1): USB:fix USB3 devices behind USB3 hubs not resuming at hibernate thaw himanshu.madhani(a)cavium.com (1): scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS hpreg(a)vmware.com (1): vmxnet3: set the DMA mask before the first DMA map operation piaojun (1): ocfs2/dlm: wait for dlm recovery done when migrating all lock resources Łukasz Stelmach (1): ARM: 8753/1: decompressor: add a missing parameter to the addruart macro

7 years

1
0
0 0

[PATCH v4] selinux: policydb - fix byte order and alignment issues

by Ondrej Mosnacek

Do the LE conversions before doing the Infiniband-related range checks. The incorrect checks are otherwise causing a failure to load any policy with an ibendportcon rule on BE systems. This can be reproduced by running (on e.g. ppc64): cat >my_module.cil <<EOF (type test_ibendport_t) (roletype object_r test_ibendport_t) (ibendportcon mlx4_0 1 (system_u object_r test_ibendport_t ((s0) (s0)))) EOF semodule -i my_module.cil Also, fix loading/storing the 64-bit subnet prefix for OCON_IBPKEY to use a correctly aligned buffer. Finally, do not use the 'nodebuf' (u32) buffer where 'buf' (__le32) should be used instead. Tested internally on a ppc64 machine with a RHEL 7 kernel with this patch applied. Cc: Daniel Jurgens <danielj(a)mellanox.com> Cc: Eli Cohen <eli(a)mellanox.com> Cc: James Morris <jmorris(a)namei.org> Cc: Doug Ledford <dledford(a)redhat.com> Cc: <stable(a)vger.kernel.org> # 4.13+ Fixes: a806f7a1616f ("selinux: Create policydb version for Infiniband support") Signed-off-by: Ondrej Mosnacek <omosnace(a)redhat.com> --- security/selinux/ss/policydb.c | 46 +++++++++++++++++++++++----------- 1 file changed, 32 insertions(+), 14 deletions(-) Changes in v4: - defer assignment to 16-bit struct fields to after the range check Changes in v3: - use separate buffer for the 64-bit subnet_prefix - add comments on the byte ordering of subnet_prefix - deduplicate the le32_to_cpu() calls from checks Changes in v2: - add reproducer to commit message - update e-mail address of James Morris - better Cc also the old SELinux ML diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index f4eadd3f7350..d50668006a52 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -2108,6 +2108,7 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, { int i, j, rc; u32 nel, len; + __be64 prefixbuf[1]; __le32 buf[3]; struct ocontext *l, *c; u32 nodebuf[8]; @@ -2217,21 +2218,30 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, goto out; break; } - case OCON_IBPKEY: - rc = next_entry(nodebuf, fp, sizeof(u32) * 4); + case OCON_IBPKEY: { + u32 pkey_lo, pkey_hi; + + rc = next_entry(prefixbuf, fp, sizeof(u64)); + if (rc) + goto out; + + /* we need to have subnet_prefix in CPU order */ + c->u.ibpkey.subnet_prefix = be64_to_cpu(prefixbuf[0]); + + rc = next_entry(buf, fp, sizeof(u32) * 2); if (rc) goto out; - c->u.ibpkey.subnet_prefix = be64_to_cpu(*((__be64 *)nodebuf)); + pkey_lo = le32_to_cpu(buf[0]); + pkey_hi = le32_to_cpu(buf[1]); - if (nodebuf[2] > 0xffff || - nodebuf[3] > 0xffff) { + if (pkey_lo > U16_MAX || pkey_hi > U16_MAX) { rc = -EINVAL; goto out; } - c->u.ibpkey.low_pkey = le32_to_cpu(nodebuf[2]); - c->u.ibpkey.high_pkey = le32_to_cpu(nodebuf[3]); + c->u.ibpkey.low_pkey = pkey_lo; + c->u.ibpkey.high_pkey = pkey_hi; rc = context_read_and_validate(&c->context[0], p, @@ -2239,6 +2249,7 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, if (rc) goto out; break; + } case OCON_IBENDPORT: rc = next_entry(buf, fp, sizeof(u32) * 2); if (rc) @@ -2249,13 +2260,14 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, if (rc) goto out; - if (buf[1] > 0xff || buf[1] == 0) { + c->u.ibendport.port = le32_to_cpu(buf[1]); + + if (c->u.ibendport.port > 0xff || + c->u.ibendport.port == 0) { rc = -EINVAL; goto out; } - c->u.ibendport.port = le32_to_cpu(buf[1]); - rc = context_read_and_validate(&c->context[0], p, fp); @@ -3105,6 +3117,7 @@ static int ocontext_write(struct policydb *p, struct policydb_compat_info *info, { unsigned int i, j, rc; size_t nel, len; + __be64 prefixbuf[1]; __le32 buf[3]; u32 nodebuf[8]; struct ocontext *c; @@ -3192,12 +3205,17 @@ static int ocontext_write(struct policydb *p, struct policydb_compat_info *info, return rc; break; case OCON_IBPKEY: - *((__be64 *)nodebuf) = cpu_to_be64(c->u.ibpkey.subnet_prefix); + /* subnet_prefix is in CPU order */ + prefixbuf[0] = cpu_to_be64(c->u.ibpkey.subnet_prefix); - nodebuf[2] = cpu_to_le32(c->u.ibpkey.low_pkey); - nodebuf[3] = cpu_to_le32(c->u.ibpkey.high_pkey); + rc = put_entry(prefixbuf, sizeof(u64), 1, fp); + if (rc) + return rc; - rc = put_entry(nodebuf, sizeof(u32), 4, fp); + buf[0] = cpu_to_le32(c->u.ibpkey.low_pkey); + buf[1] = cpu_to_le32(c->u.ibpkey.high_pkey); + + rc = put_entry(buf, sizeof(u32), 2, fp); if (rc) return rc; rc = context_write(p, &c->context[0], fp); -- 2.17.2

7 years

3
5
0 0

[PATCH] PCI / PM: Allow runtime PM without callback functions

by Jarkko Nikula

Allow PCI core to do runtime PM to devices without needing to use dummy runtime PM callback functions if there is no need to do anything device specific beyond PCI device power state management. Implement this by letting core to change device power state during runtime PM transitions even if no callback functions are defined. Fixes: a9c8088c7988 ("i2c: i801: Don't restore config registers on runtime PM") Reported-by: Mika Westerberg <mika.westerberg(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Jarkko Nikula <jarkko.nikula(a)linux.intel.com> --- This is related to my i2c-i801.c fix thread back in June which I completely forgot till now: https://lkml.org/lkml/2018/6/27/642 Discussion back then was that it should be handled in the PCI PM instead of having dummy functions in the drivers. I wanted to respin with a patch. --- drivers/pci/pci-driver.c | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/drivers/pci/pci-driver.c b/drivers/pci/pci-driver.c index bef17c3fca67..6185b878ede1 100644 --- a/drivers/pci/pci-driver.c +++ b/drivers/pci/pci-driver.c @@ -1239,7 +1239,7 @@ static int pci_pm_runtime_suspend(struct device *dev) struct pci_dev *pci_dev = to_pci_dev(dev); const struct dev_pm_ops *pm = dev->driver ? dev->driver->pm : NULL; pci_power_t prev = pci_dev->current_state; - int error; + int error = 0; /* * If pci_dev->driver is not set (unbound), we leave the device in D0, @@ -1251,11 +1251,9 @@ static int pci_pm_runtime_suspend(struct device *dev) return 0; } - if (!pm || !pm->runtime_suspend) - return -ENOSYS; - pci_dev->state_saved = false; - error = pm->runtime_suspend(dev); + if (pm && pm->runtime_suspend) + error = pm->runtime_suspend(dev); if (error) { /* * -EBUSY and -EAGAIN is used to request the runtime PM core @@ -1292,7 +1290,7 @@ static int pci_pm_runtime_suspend(struct device *dev) static int pci_pm_runtime_resume(struct device *dev) { - int rc; + int rc = 0; struct pci_dev *pci_dev = to_pci_dev(dev); const struct dev_pm_ops *pm = dev->driver ? dev->driver->pm : NULL; @@ -1306,14 +1304,12 @@ static int pci_pm_runtime_resume(struct device *dev) if (!pci_dev->driver) return 0; - if (!pm || !pm->runtime_resume) - return -ENOSYS; - pci_fixup_device(pci_fixup_resume_early, pci_dev); pci_enable_wake(pci_dev, PCI_D0, false); pci_fixup_device(pci_fixup_resume, pci_dev); - rc = pm->runtime_resume(dev); + if (pm && pm->runtime_resume) + rc = pm->runtime_resume(dev); pci_dev->runtime_d3cold = false; -- 2.19.1

7 years

4
7
0 0

[tip:perf/core] kprobes/x86: Use preempt_enable() in optimized_callback()

by tip-bot for Masami Hiramatsu

Commit-ID: 2e62024c265aa69315ed02835623740030435380 Gitweb: https://git.kernel.org/tip/2e62024c265aa69315ed02835623740030435380 Author: Masami Hiramatsu <mhiramat(a)kernel.org> AuthorDate: Sat, 20 Oct 2018 18:47:53 +0900 Committer: Ingo Molnar <mingo(a)kernel.org> CommitDate: Mon, 22 Oct 2018 03:31:01 +0200 kprobes/x86: Use preempt_enable() in optimized_callback() The following commit: a19b2e3d7839 ("kprobes/x86: Remove IRQ disabling from ftrace-based/optimized kprobes”) removed local_irq_save/restore() from optimized_callback(), the handler might be interrupted by the rescheduling interrupt and might be rescheduled - so we must not use the preempt_enable_no_resched() macro. Use preempt_enable() instead, to not lose preemption events. [ mingo: Improved the changelog. ] Reported-by: Nadav Amit <namit(a)vmware.com> Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> Acked-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Cc: <stable(a)vger.kernel.org> Cc: Alexei Starovoitov <alexei.starovoitov(a)gmail.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Oleg Nesterov <oleg(a)redhat.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: dwmw(a)amazon.co.uk Fixes: a19b2e3d7839 ("kprobes/x86: Remove IRQ disabling from ftrace-based/optimized kprobes”) Link: http://lkml.kernel.org/r/154002887331.7627.10194920925792947001.stgit@devbox Signed-off-by: Ingo Molnar <mingo(a)kernel.org> --- arch/x86/kernel/kprobes/opt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kernel/kprobes/opt.c b/arch/x86/kernel/kprobes/opt.c index eaf02f2e7300..40b16b270656 100644 --- a/arch/x86/kernel/kprobes/opt.c +++ b/arch/x86/kernel/kprobes/opt.c @@ -179,7 +179,7 @@ optimized_callback(struct optimized_kprobe *op, struct pt_regs *regs) opt_pre_handler(&op->kp, regs); __this_cpu_write(current_kprobe, NULL); } - preempt_enable_no_resched(); + preempt_enable(); } NOKPROBE_SYMBOL(optimized_callback);

7 years

1
0
0 0

[PATCH v2] f2fs: fix to account IO correctly

by Chao Yu

Below race can cause reversed reference on dirty count, fix it by relocating __submit_bio() and inc_page_count(). Thread A Thread B - f2fs_inplace_write_data - f2fs_submit_page_bio - __submit_bio - f2fs_write_end_io - dec_page_count - inc_page_count Cc: <stable(a)vger.kernel.org> Fixes: d1b3e72d5490 ("f2fs: submit bio of in-place-update pages") Signed-off-by: Chao Yu <yuchao0(a)huawei.com> --- v2: - split into two parts, fix previous bug in this part, merge another part into other related patch. fs/f2fs/data.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c index 9ef6f1f01eda..83b1983094bd 100644 --- a/fs/f2fs/data.c +++ b/fs/f2fs/data.c @@ -462,10 +462,10 @@ int f2fs_submit_page_bio(struct f2fs_io_info *fio) } bio_set_op_attrs(bio, fio->op, fio->op_flags); - __submit_bio(fio->sbi, bio, fio->type); - if (!is_read_io(fio->op)) inc_page_count(fio->sbi, WB_DATA_TYPE(fio->page)); + + __submit_bio(fio->sbi, bio, fio->type); return 0; } -- 2.18.0.rc1

7 years

1
0
0 0

[PATCH 2/2] selftests/ftrace: Fix synthetic event test to delete event correctly

by Masami Hiramatsu

Fix the synthetic event test case to remove event correctly. If redirecting command to synthetic_event file without append mode, it cleans up all existing events and execute (parse) the command. This means "delete event" always fails to find the target event. Since previous synthetic event has a bug which doesn't return -ENOENT even if it fails to find the deleting event, this test passed. But fixing that bug, this test fails because this test itself has a bug. This fixes that bug by trying to delete event right after adding an event, and use append mode redirection ('>>') instead of normal redirection ('>'). Fixes: f06eec4d0f2c ('selftests: ftrace: Add inter-event hist triggers testcases') Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: stable(a)vger.kernel.org Cc: Rajvi Jingar <rajvi.jingar(a)intel.com> Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Shuah Khan <shuah(a)kernel.org> Cc: Steven Rostedt (VMware) <rostedt(a)goodmis.org> --- .../trigger-synthetic-event-createremove.tc | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/ftrace/test.d/trigger/inter-event/trigger-synthetic-event-createremove.tc b/tools/testing/selftests/ftrace/test.d/trigger/inter-event/trigger-synthetic-event-createremove.tc index cef11377dcbd..c604438df13b 100644 --- a/tools/testing/selftests/ftrace/test.d/trigger/inter-event/trigger-synthetic-event-createremove.tc +++ b/tools/testing/selftests/ftrace/test.d/trigger/inter-event/trigger-synthetic-event-createremove.tc @@ -35,18 +35,18 @@ fi reset_trigger -echo "Test create synthetic event with an error" -echo 'wakeup_latency u64 lat pid_t pid char' > synthetic_events > /dev/null +echo "Test remove synthetic event" +echo '!wakeup_latency u64 lat pid_t pid char comm[16]' >> synthetic_events if [ -d events/synthetic/wakeup_latency ]; then - fail "Created wakeup_latency synthetic event with an invalid format" + fail "Failed to delete wakeup_latency synthetic event" fi reset_trigger -echo "Test remove synthetic event" -echo '!wakeup_latency u64 lat pid_t pid char comm[16]' > synthetic_events +echo "Test create synthetic event with an error" +echo 'wakeup_latency u64 lat pid_t pid char' > synthetic_events > /dev/null if [ -d events/synthetic/wakeup_latency ]; then - fail "Failed to delete wakeup_latency synthetic event" + fail "Created wakeup_latency synthetic event with an invalid format" fi do_reset

7 years

1
0
0 0

[PATCH 1/2] tracing: Return -ENOENT if there is no target synthetic event

by Masami Hiramatsu

Return -ENOENT error if there is no target synthetic event. This notices an operation failure to user as below; # echo 'wakeup_latency u64 lat; pid_t pid;' > synthetic_events # echo '!wakeup' >> synthetic_events sh: write error: No such file or directory Fixes: 4b147936fa50 ('tracing: Add support for 'synthetic' events') Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: stable(a)vger.kernel.org Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Steven Rostedt <rostedt(a)goodmis.org> --- kernel/trace/trace_events_hist.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index d239004aaf29..eb908ef2ecec 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -1063,8 +1063,10 @@ static int create_synth_event(int argc, char **argv) event = NULL; ret = -EEXIST; goto out; - } else if (delete_event) + } else if (delete_event) { + ret = -ENOENT; goto out; + } if (argc < 2) { ret = -EINVAL;

7 years

1
0
0 0

4.14: Regression on ppc32 (early crash)

by Christoph Biedl

Hello, on both my ppc32 systems I've tested (G4 PowerMac and G4 Mac-mini), I see a regression after upgrading from 4.14.74 to 4.14.76: Very soon after starting the kernel from yaboot, they drop me into a OF prompt, message is "invalid memory access at" on the mini, and another one I forgot on the PowerMac. FWIW, the ppc64 G5 PowerMac does fine. Before I start bisecting - might take a few days -, is this already on radar? Christoph

7 years

2
2
0 0

Re: [PATCH] [fs] exportfs/expfs.c Validate the dentry in exportfs_decode_fh function

by Amir Goldstein

On Sun, Oct 21, 2018 at 10:26 AM Monthero <rhmcruiser(a)gmail.com> wrote: > > Hi Amir thanks for the pointer. > I will get in touch with maintainer of 3.16 > Yes it covers Neil's commit and apart from that it would need this replacement for dentry check in 3.16 > > > - if (S_ISDIR(result->d_inode->i_mode)) { > > + if (d_is_dir(result)) { > Fine, but Why? How is dereferencing dentry->d_flags any better than dereferencing->d_inode when dentry has an invalid value? Thanks, Amir.

7 years

1
0
0 0

[PATCH 3/5] Drivers: hv: kvp: Fix the recent regression caused by incorrect clean-up

by kys＠linuxonhyperv.com

From: Dexuan Cui <decui(a)microsoft.com> In kvp_send_key(), we do need call process_ib_ipinfo() if message->kvp_hdr.operation is KVP_OP_GET_IP_INFO, because it turns out the userland hv_kvp_daemon needs the info of operation, adapter_id and addr_family. With the incorrect fc62c3b1977d, the host can't get the VM's IP via KVP. And, fc62c3b1977d added a "break;", but actually forgot to initialize the key_size/value in the case of KVP_OP_SET, so the default key_size of 0 is passed to the kvp daemon, and the pool files /var/lib/hyperv/.kvp_pool_* can't be updated. This patch effectively rolls back the previous fc62c3b1977d, and correctly fixes the "this statement may fall through" warnings. This patch is tested on WS 2012 R2 and 2016. Fixes: fc62c3b1977d ("Drivers: hv: kvp: Fix two "this statement may fall through" warnings") Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Cc: K. Y. Srinivasan <kys(a)microsoft.com> Cc: Haiyang Zhang <haiyangz(a)microsoft.com> Cc: Stephen Hemminger <sthemmin(a)microsoft.com> Cc: <Stable(a)vger.kernel.org> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> --- drivers/hv/hv_kvp.c | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/drivers/hv/hv_kvp.c b/drivers/hv/hv_kvp.c index a7513a8a8e37..9fbb15c62c6c 100644 --- a/drivers/hv/hv_kvp.c +++ b/drivers/hv/hv_kvp.c @@ -353,6 +353,9 @@ static void process_ib_ipinfo(void *in_msg, void *out_msg, int op) out->body.kvp_ip_val.dhcp_enabled = in->kvp_ip_val.dhcp_enabled; + __attribute__ ((fallthrough)); + + case KVP_OP_GET_IP_INFO: utf16s_to_utf8s((wchar_t *)in->kvp_ip_val.adapter_id, MAX_ADAPTER_ID_SIZE, UTF16_LITTLE_ENDIAN, @@ -405,7 +408,11 @@ kvp_send_key(struct work_struct *dummy) process_ib_ipinfo(in_msg, message, KVP_OP_SET_IP_INFO); break; case KVP_OP_GET_IP_INFO: - /* We only need to pass on message->kvp_hdr.operation. */ + /* + * We only need to pass on the info of operation, adapter_id + * and addr_family to the userland kvp daemon. + */ + process_ib_ipinfo(in_msg, message, KVP_OP_GET_IP_INFO); break; case KVP_OP_SET: switch (in_msg->body.kvp_set.data.value_type) { @@ -446,9 +453,9 @@ kvp_send_key(struct work_struct *dummy) } - break; - - case KVP_OP_GET: + /* + * The key is always a string - utf16 encoding. + */ message->body.kvp_set.data.key_size = utf16s_to_utf8s( (wchar_t *)in_msg->body.kvp_set.data.key, @@ -456,6 +463,17 @@ kvp_send_key(struct work_struct *dummy) UTF16_LITTLE_ENDIAN, message->body.kvp_set.data.key, HV_KVP_EXCHANGE_MAX_KEY_SIZE - 1) + 1; + + break; + + case KVP_OP_GET: + message->body.kvp_get.data.key_size = + utf16s_to_utf8s( + (wchar_t *)in_msg->body.kvp_get.data.key, + in_msg->body.kvp_get.data.key_size, + UTF16_LITTLE_ENDIAN, + message->body.kvp_get.data.key, + HV_KVP_EXCHANGE_MAX_KEY_SIZE - 1) + 1; break; case KVP_OP_DELETE: -- 2.18.0

7 years

7
9
0 0

[PATCH v2] x86/microcode: Handle negative microcode revisions

by Andi Kleen

From: Andi Kleen <ak(a)linux.intel.com> The Intel microcode revision space is unsigned. Inside Intel there are special microcodes that have the highest bit set, and they are considered to have a higher revision than any microcodes that don't have this bit set. The function comparing the microcode revision in the Linux driver compares u32 with int, which ends up being signed extended to long on 64bit systems. This results in these highest bit set microcode revision not loading because their revision appears negative and smaller than the existing microcode. Change the comparison to unsigned. With that the loading works as expected. Cc: stable(a)vger.kernel.org # Any supported stable Signed-off-by: Andi Kleen <ak(a)linux.intel.com> -- v2: White space changes. --- arch/x86/kernel/cpu/microcode/intel.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c index 16936a24795c..e54d402500d3 100644 --- a/arch/x86/kernel/cpu/microcode/intel.c +++ b/arch/x86/kernel/cpu/microcode/intel.c @@ -93,7 +93,8 @@ static int find_matching_signature(void *mc, unsigned int csig, int cpf) /* * Returns 1 if update has been found, 0 otherwise. */ -static int has_newer_microcode(void *mc, unsigned int csig, int cpf, int new_rev) +static int has_newer_microcode(void *mc, unsigned int csig, int cpf, + unsigned new_rev) { struct microcode_header_intel *mc_hdr = mc; -- 2.17.1

7 years

1
0
0 0

Solutions

by Linda

We are one image studio who is able to process 300+ photos a day. If you need any image editing, please let us know. We can do it for you such as: Image cut out for photos and clipping path, masking for your photos, They are mostly used for ecommerce photos, jewelry photos retouching, beauty and skin images and wedding photos. We do also different kind of beauty retouching, portraits retouching. We can send editing for your photos if you send us one or two photos. Thanks, Linda

7 years

1
0
0 0

Linux 4.18.16

by Greg KH

I'm announcing the release of the 4.18.16 kernel. All users of the 4.18 kernel series must upgrade. The updated 4.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arc/Makefile | 24 ------ arch/powerpc/kernel/tm.S | 20 ++++- arch/powerpc/mm/numa.c | 4 - arch/riscv/include/asm/asm-prototypes.h | 7 + arch/x86/boot/compressed/mem_encrypt.S | 19 ---- drivers/clocksource/timer-fttmr010.c | 18 ++-- drivers/clocksource/timer-ti-32k.c | 3 drivers/gpu/drm/arm/malidp_drv.c | 1 drivers/hwtracing/intel_th/pci.c | 5 + drivers/infiniband/core/uverbs_cmd.c | 68 +++++++++++------ drivers/infiniband/hw/bnxt_re/main.c | 93 +++++++++-------------- drivers/input/keyboard/atakbd.c | 74 +++++++----------- drivers/iommu/amd_iommu.c | 6 + drivers/iommu/rockchip-iommu.c | 6 + drivers/media/usb/dvb-usb-v2/af9035.c | 6 + drivers/net/ethernet/chelsio/cxgb4/t4_msg.h | 1 drivers/net/ethernet/ibm/emac/core.c | 15 ++- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 drivers/net/ethernet/qlogic/qed/qed_dcbx.c | 9 ++ drivers/net/ethernet/qlogic/qed/qed_dcbx.h | 1 drivers/net/ethernet/qlogic/qed/qed_dev.c | 15 +++ drivers/net/ethernet/qlogic/qed/qed_hsi.h | 4 + drivers/net/ethernet/renesas/ravb.h | 5 + drivers/net/ethernet/renesas/ravb_main.c | 11 +- drivers/net/ethernet/renesas/ravb_ptp.c | 2 drivers/pci/controller/dwc/pcie-designware.c | 8 +- drivers/pci/controller/dwc/pcie-designware.h | 3 drivers/pinctrl/pinctrl-amd.c | 33 +++++--- drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 5 - drivers/scsi/ipr.c | 106 +++++++++++++++------------ drivers/scsi/ipr.h | 1 drivers/scsi/lpfc/lpfc_attr.c | 15 ++- drivers/scsi/lpfc/lpfc_debugfs.c | 10 +- drivers/scsi/lpfc/lpfc_nvme.c | 11 ++ drivers/scsi/sd.c | 3 drivers/soundwire/stream.c | 23 ++++- drivers/spi/spi-gpio.c | 4 - fs/namespace.c | 7 - include/linux/huge_mm.h | 2 kernel/bpf/sockmap.c | 91 ++++++++++++++++++----- mm/huge_memory.c | 10 +- mm/mremap.c | 30 +++---- net/batman-adv/bat_v_elp.c | 10 +- net/batman-adv/bridge_loop_avoidance.c | 10 ++ net/batman-adv/gateway_client.c | 11 ++ net/batman-adv/network-coding.c | 27 +++--- net/batman-adv/soft-interface.c | 25 ++++-- net/batman-adv/sysfs.c | 30 +++++-- net/batman-adv/translation-table.c | 6 + net/batman-adv/tvlv.c | 8 +- net/smc/af_smc.c | 7 + net/smc/smc_clc.c | 14 +-- tools/testing/selftests/bpf/test_maps.c | 10 +- tools/testing/selftests/net/pmtu.sh | 4 - 55 files changed, 562 insertions(+), 384 deletions(-) Alexander Shishkin (1): intel_th: pci: Add Ice Lake PCH support Alexandru Gheorghe (1): drm: mali-dp: Call drm_crtc_vblank_reset on device init Alexey Brodkin (2): ARC: build: Get rid of toolchain check ARC: build: Don't set CROSS_COMPILE in arch's Makefile Andreas Schwab (1): Input: atakbd - fix Atari keymap Arindam Nath (1): iommu/amd: Return devid as alias for ACPI HID devices Christian Lamparter (1): net: emac: fix fixed-link setup for the RTL8363SB switch Daniel Kurtz (1): pinctrl/amd: poll InterruptEnable bits in amd_gpio_irq_set_type Greg Kroah-Hartman (2): Revert "vfs: fix freeze protection in mnt_want_write_file() for overlayfs" Linux 4.18.16 Heiko Stuebner (1): iommu/rockchip: Free irqs in shutdown handler James Cowgill (1): RISC-V: include linux/ftrace.h in asm-prototypes.h James Smart (1): scsi: lpfc: Synchronize access to remoteport via rport Jisheng Zhang (1): PCI: dwc: Fix scheduling while atomic issues Johannes Thumshirn (1): scsi: sd: don't crash the host on invalid commands John Fastabend (3): bpf: sockmap only allow ESTABLISHED sock state bpf: sockmap, fix transition through disconnect without close bpf: test_maps, only support ESTABLISHED socks Jozef Balga (1): media: af9035: prevent buffer overflow on write Kairui Song (1): x86/boot: Fix kexec booting failure in the SEV bit detection code Kazuya Mizuguchi (1): ravb: do not write 1 to reserved bits Keerthy (1): clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Laura Abbott (2): scsi: ibmvscsis: Fix a stringop-overflow warning scsi: ibmvscsis: Ensure partition name is properly NUL terminated Linus Torvalds (1): mremap: properly flush TLB before releasing the page Linus Walleij (1): spi: gpio: Fix copy-and-paste error Majd Dibbiny (1): RDMA/uverbs: Fix validity check for modify QP Marek Lindner (2): batman-adv: fix backbone_gw refcount on queue_work() failure batman-adv: fix hardif_neigh refcount on queue_work() failure Michael Neuling (2): powerpc/tm: Fix userspace r13 corruption powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Schmitz (1): Input: atakbd - fix Atari CapsLock behaviour Nathan Chancellor (1): net/mlx4: Use cpumask_available for eq->affinity_mask Sabrina Dubroca (1): selftests: pmtu: properly redirect stderr to /dev/null Sanyog Kale (1): soundwire: Fix acquiring bus lock twice during master release Selvin Xavier (1): RDMA/bnxt_re: Fix system crash during RDMA resource initialization Shreyas NC (2): soundwire: Fix duplicate stream state assignment soundwire: Fix incorrect exit after configuring stream Srikar Dronamraju (1): powerpc/numa: Use associativity if VPHN hcall is successful Steve Wise (1): cxgb4: fix abort_req_rss6 struct Sudarsana Reddy Kalluru (2): qed: Fix populating the invalid stag value in multi function mode. qed: Do not add VLAN 0 tag to untagged frames in multi-function mode. Sven Eckelmann (8): batman-adv: Avoid probe ELP information leak batman-adv: Fix segfault when writing to throughput_override batman-adv: Fix segfault when writing to sysfs elp_interval batman-adv: Prevent duplicated gateway_node entry batman-adv: Prevent duplicated nc_node entry batman-adv: Prevent duplicated softif_vlan entry batman-adv: Prevent duplicated global TT entry batman-adv: Prevent duplicated tvlv handler Tao Ren (1): clocksource/drivers/fttmr010: Fix set_next_event handler Ursula Braun (1): net/smc: fix non-blocking connect problem Wen Xiong (1): scsi: ipr: System hung while dlpar adding primary ipr adapter back YueHaibing (1): net/smc: fix sizeof to int comparison

7 years

1
1
0 0

Linux 4.14.78

by Greg KH

I'm announcing the release of the 4.14.78 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arc/Makefile | 24 ----- arch/powerpc/include/asm/code-patching.h | 1 arch/powerpc/kernel/tm.S | 20 +++- arch/powerpc/lib/code-patching.c | 4 arch/powerpc/lib/feature-fixups.c | 8 - drivers/clocksource/timer-fttmr010.c | 18 ++-- drivers/clocksource/timer-ti-32k.c | 3 drivers/gpu/drm/arm/malidp_drv.c | 1 drivers/gpu/drm/i915/i915_drv.c | 10 -- drivers/gpu/drm/i915/i915_drv.h | 9 -- drivers/gpu/drm/i915/intel_ddi.c | 13 ++ drivers/gpu/drm/i915/intel_display.c | 21 ++++ drivers/gpu/drm/i915/intel_drv.h | 3 drivers/gpu/drm/i915/intel_lvds.c | 136 ------------------------------- drivers/hid/hid-core.c | 3 drivers/hwtracing/intel_th/pci.c | 5 + drivers/i2c/busses/i2c-rcar.c | 54 +++++++++++- drivers/infiniband/hw/hfi1/chip.c | 7 + drivers/infiniband/hw/hfi1/pio.c | 42 +++++++-- drivers/infiniband/hw/hfi1/pio.h | 2 drivers/input/keyboard/atakbd.c | 74 ++++++---------- drivers/iommu/amd_iommu.c | 6 + drivers/media/usb/dvb-usb-v2/af9035.c | 6 - drivers/net/ethernet/ibm/emac/core.c | 15 ++- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 drivers/net/ethernet/renesas/ravb.h | 5 + drivers/net/ethernet/renesas/ravb_main.c | 11 +- drivers/net/ethernet/renesas/ravb_ptp.c | 2 drivers/pci/dwc/pcie-designware.c | 8 - drivers/pci/dwc/pcie-designware.h | 3 drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 5 - drivers/scsi/ipr.c | 106 +++++++++++++----------- drivers/scsi/ipr.h | 1 drivers/scsi/sd.c | 3 drivers/staging/ccree/ssi_buffer_mgr.c | 3 fs/namespace.c | 7 - include/linux/huge_mm.h | 2 kernel/memremap.c | 18 +++- mm/huge_memory.c | 10 -- mm/mremap.c | 30 ++---- net/batman-adv/bat_v_elp.c | 10 +- net/batman-adv/bridge_loop_avoidance.c | 10 +- net/batman-adv/gateway_client.c | 11 ++ net/batman-adv/network-coding.c | 27 +++--- net/batman-adv/soft-interface.c | 25 ++++- net/batman-adv/sysfs.c | 30 ++++-- net/batman-adv/translation-table.c | 6 - net/batman-adv/tvlv.c | 8 + 49 files changed, 437 insertions(+), 394 deletions(-) Alexander Shishkin (1): intel_th: pci: Add Ice Lake PCH support Alexandru Gheorghe (1): drm: mali-dp: Call drm_crtc_vblank_reset on device init Alexey Brodkin (2): ARC: build: Get rid of toolchain check ARC: build: Don't set CROSS_COMPILE in arch's Makefile Andreas Schwab (1): Input: atakbd - fix Atari keymap Arindam Nath (1): iommu/amd: Return devid as alias for ACPI HID devices Christian Lamparter (1): net: emac: fix fixed-link setup for the RTL8363SB switch Christophe Leroy (1): powerpc/lib/feature-fixups: use raw_patch_instruction() Clint Taylor (1): drm/i915/glk: Add Quirk for GLK NUC HDMI port issues. Dave Jiang (1): mm: disallow mappings that conflict for devm_memremap_pages() Gilad Ben-Yossef (1): staging: ccree: check DMA pool buf !NULL before free Greg Kroah-Hartman (2): Revert "vfs: fix freeze protection in mnt_want_write_file() for overlayfs" Linux 4.14.78 Jisheng Zhang (1): PCI: dwc: Fix scheduling while atomic issues Johannes Thumshirn (1): scsi: sd: don't crash the host on invalid commands Jozef Balga (1): media: af9035: prevent buffer overflow on write Kazuya Mizuguchi (1): ravb: do not write 1 to reserved bits Keerthy (1): clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Laura Abbott (2): scsi: ibmvscsis: Fix a stringop-overflow warning scsi: ibmvscsis: Ensure partition name is properly NUL terminated Linus Torvalds (1): mremap: properly flush TLB before releasing the page Marek Lindner (2): batman-adv: fix backbone_gw refcount on queue_work() failure batman-adv: fix hardif_neigh refcount on queue_work() failure Michael J. Ruhl (1): IB/hfi1: Fix destroy_qp hang after a link down Michael Neuling (2): powerpc/tm: Fix userspace r13 corruption powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Schmitz (1): Input: atakbd - fix Atari CapsLock behaviour Natanael Copa (1): HID: quirks: fix support for Apple Magic Keyboards Nathan Chancellor (1): net/mlx4: Use cpumask_available for eq->affinity_mask Sven Eckelmann (8): batman-adv: Avoid probe ELP information leak batman-adv: Fix segfault when writing to throughput_override batman-adv: Fix segfault when writing to sysfs elp_interval batman-adv: Prevent duplicated gateway_node entry batman-adv: Prevent duplicated nc_node entry batman-adv: Prevent duplicated softif_vlan entry batman-adv: Prevent duplicated global TT entry batman-adv: Prevent duplicated tvlv handler Tao Ren (1): clocksource/drivers/fttmr010: Fix set_next_event handler Ville Syrjälä (1): drm/i915: Nuke the LVDS lid notifier Wen Xiong (1): scsi: ipr: System hung while dlpar adding primary ipr adapter back Wolfram Sang (1): i2c: rcar: handle RXDMA HW behaviour on Gen3

7 years

1
1
0 0

Linux 4.9.135

by Greg KH

I'm announcing the release of the 4.9.135 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arc/Makefile | 24 --------- arch/powerpc/kernel/tm.S | 20 +++++++- arch/s390/appldata/appldata_os.c | 16 +++--- arch/x86/include/asm/pgtable_types.h | 2 drivers/clocksource/timer-ti-32k.c | 3 + drivers/cpufreq/cpufreq.c | 6 +- drivers/cpufreq/cpufreq_governor.c | 2 drivers/cpufreq/cpufreq_stats.c | 1 drivers/gpu/drm/arm/malidp_drv.c | 1 drivers/hid/hid-core.c | 3 + drivers/hv/hv_kvp.c | 13 +++-- drivers/input/keyboard/atakbd.c | 74 +++++++++++------------------- drivers/iommu/amd_iommu.c | 6 ++ drivers/macintosh/rack-meter.c | 28 +++++------ drivers/media/usb/dvb-usb-v2/af9035.c | 6 +- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 - drivers/net/ethernet/renesas/ravb.h | 5 ++ drivers/net/ethernet/renesas/ravb_main.c | 11 ++-- drivers/net/ethernet/renesas/ravb_ptp.c | 2 drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 5 -- drivers/scsi/sd.c | 3 - drivers/usb/gadget/function/u_serial.c | 2 fs/ext4/ext4.h | 3 - fs/ext4/inline.c | 38 --------------- fs/ext4/xattr.c | 18 ------- fs/proc/stat.c | 68 ++++++++++++++-------------- fs/proc/uptime.c | 7 -- include/linux/huge_mm.h | 2 kernel/sched/cpuacct.c | 2 kernel/sched/cputime.c | 75 +++++++++++++------------------ kernel/sched/sched.h | 12 +++- mm/huge_memory.c | 10 +--- mm/mremap.c | 30 +++++------- net/batman-adv/bat_v_elp.c | 8 ++- net/batman-adv/bridge_loop_avoidance.c | 10 +++- net/batman-adv/network-coding.c | 27 ++++++----- net/batman-adv/soft-interface.c | 25 +++++++--- net/batman-adv/sysfs.c | 30 ++++++++---- net/batman-adv/translation-table.c | 6 +- net/batman-adv/tvlv.c | 8 ++- net/netfilter/nf_nat_core.c | 2 42 files changed, 295 insertions(+), 324 deletions(-) Alexandru Gheorghe (1): drm: mali-dp: Call drm_crtc_vblank_reset on device init Alexey Brodkin (2): ARC: build: Get rid of toolchain check ARC: build: Don't set CROSS_COMPILE in arch's Makefile Andreas Schwab (1): Input: atakbd - fix Atari keymap Arindam Nath (1): iommu/amd: Return devid as alias for ACPI HID devices Frederic Weisbecker (4): sched/cputime: Convert kcpustat to nsecs macintosh/rack-meter: Convert cputime64_t use to u64 sched/cputime: Increment kcpustat directly on irqtime account sched/cputime: Fix ksoftirqd cputime accounting regression Greg Kroah-Hartman (1): Linux 4.9.135 Jan Kara (1): mm: Preserve _PAGE_DEVMAP across mprotect() calls Johannes Thumshirn (1): scsi: sd: don't crash the host on invalid commands Jozef Balga (1): media: af9035: prevent buffer overflow on write Kazuya Mizuguchi (1): ravb: do not write 1 to reserved bits Keerthy (1): clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Laura Abbott (2): scsi: ibmvscsis: Fix a stringop-overflow warning scsi: ibmvscsis: Ensure partition name is properly NUL terminated Linus Torvalds (1): mremap: properly flush TLB before releasing the page Long Li (1): HV: properly delay KVP packets when negotiation is in progress Marek Lindner (2): batman-adv: fix backbone_gw refcount on queue_work() failure batman-adv: fix hardif_neigh refcount on queue_work() failure Michael Neuling (2): powerpc/tm: Fix userspace r13 corruption powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Schmitz (1): Input: atakbd - fix Atari CapsLock behaviour Natanael Copa (1): HID: quirks: fix support for Apple Magic Keyboards Nathan Chancellor (1): net/mlx4: Use cpumask_available for eq->affinity_mask Stephen Warren (1): usb: gadget: serial: fix oops when data rx'd after close Sven Eckelmann (6): batman-adv: Fix segfault when writing to throughput_override batman-adv: Fix segfault when writing to sysfs elp_interval batman-adv: Prevent duplicated nc_node entry batman-adv: Prevent duplicated softif_vlan entry batman-adv: Prevent duplicated global TT entry batman-adv: Prevent duplicated tvlv handler Theodore Ts'o (1): ext4: avoid running out of journal credits when appending to an inline file Xin Long (1): netfilter: check for seqadj ext existence before adding it in nf_nat_setup_info

7 years

1
1
0 0

Linux 4.4.162

by Greg KH

I'm announcing the release of the 4.4.162 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/net/macb.txt | 1 Documentation/kernel-parameters.txt | 5 - Makefile | 2 arch/arc/Makefile | 14 --- arch/arm/boot/dts/sama5d3_emac.dtsi | 2 arch/powerpc/kernel/tm.S | 20 ++++ arch/x86/crypto/crc32c-intel_glue.c | 17 ---- arch/x86/include/asm/cpufeatures.h | 1 arch/x86/include/asm/fpu/internal.h | 37 --------- arch/x86/include/asm/fpu/types.h | 34 -------- arch/x86/include/asm/kvm_host.h | 1 arch/x86/kernel/fpu/core.c | 41 +-------- arch/x86/kernel/fpu/signal.c | 8 - arch/x86/kvm/cpuid.c | 5 - arch/x86/kvm/x86.c | 10 -- drivers/clocksource/timer-ti-32k.c | 3 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gfx_v7.c | 2 drivers/hv/hv_fcopy.c | 2 drivers/hv/hv_kvp.c | 40 +++++++++ drivers/hv/hv_snapshot.c | 4 drivers/hv/hv_util.c | 1 drivers/hv/hyperv_vmbus.h | 5 + drivers/i2c/busses/i2c-scmi.c | 1 drivers/input/keyboard/atakbd.c | 74 ++++++------------ drivers/media/usb/dvb-usb-v2/af9035.c | 6 - drivers/mfd/omap-usb-host.c | 11 +- drivers/net/bonding/bond_main.c | 43 ++++------ drivers/net/ethernet/broadcom/bcmsysport.c | 22 ++--- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 13 ++- drivers/net/ethernet/cadence/macb.c | 8 + drivers/net/ethernet/marvell/mvpp2.c | 10 +- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic.h | 8 + drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.h | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_hw.h | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_io.c | 12 +- drivers/net/ethernet/stmicro/stmmac/stmmac_platform.c | 5 - drivers/net/team/team.c | 5 + drivers/net/usb/smsc75xx.c | 1 drivers/usb/gadget/function/u_serial.c | 2 drivers/usb/host/xhci-hub.c | 18 ++-- drivers/video/fbdev/aty/atyfb.h | 3 drivers/video/fbdev/aty/atyfb_base.c | 7 - drivers/video/fbdev/aty/mach64_ct.c | 10 +- fs/ext4/xattr.c | 22 +++-- fs/jffs2/xattr.c | 6 - include/linux/hyperv.h | 1 include/linux/netdevice.h | 7 + include/net/bonding.h | 7 - include/net/ip_fib.h | 1 mm/vmstat.c | 1 net/core/dev.c | 28 ++++++ net/core/rtnetlink.c | 6 + net/ipv4/fib_frontend.c | 12 +- net/ipv4/fib_semantics.c | 50 ++++++++++++ net/ipv4/ip_sockglue.c | 3 net/ipv4/ip_tunnel.c | 9 ++ net/ipv6/addrconf.c | 4 net/ipv6/ip6_tunnel.c | 13 ++- net/netlabel/netlabel_unlabeled.c | 3 sound/hda/hdac_controller.c | 8 + sound/soc/codecs/sigmadsp.c | 3 sound/soc/codecs/wm8804-i2c.c | 15 +++ tools/perf/scripts/python/export-to-postgresql.py | 9 ++ tools/testing/selftests/efivarfs/config | 1 66 files changed, 396 insertions(+), 339 deletions(-) Adrian Hunter (1): perf script python: Fix export-to-postgresql.py occasional failure Alexey Brodkin (1): ARC: build: Get rid of toolchain check Amber Lin (1): drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 Andreas Schwab (1): Input: atakbd - fix Atari keymap Andy Lutomirski (2): x86/fpu: Remove use_eager_fpu() x86/fpu: Finish excising 'eagerfpu' Danny Smith (1): ASoC: sigmadsp: safeload should not have lower byte limit Edgar Cherkasov (1): i2c: i2c-scmi: fix for i2c_smbus_write_block_data Eric Dumazet (2): ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 Florian Fainelli (1): net: systemport: Fix wake-up interrupt race during resume Greg Kroah-Hartman (1): Linux 4.4.162 Hou Tao (1): jffs2: return -ERANGE when xattr buffer is too small Ido Schimmel (1): team: Forbid enslaving team device to itself Jann Horn (1): mm/vmstat.c: fix outdated vmstat_text Jeff Barnhill (1): net/ipv6: Display all addresses in output of /proc/net/if_inet6 Jongsung Kim (1): stmmac: fix valid numbers of unicast filter entries Jozef Balga (1): media: af9035: prevent buffer overflow on write K. Y. Srinivasan (2): Drivers: hv: utils: Invoke the poll function after handshake Drivers: hv: util: Pass the channel information during the init call Keerthy (1): clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Lei Yang (1): selftests/efivarfs: add required kernel configs Long Li (1): HV: properly delay KVP packets when negotiation is in progress Mahesh Bandewar (1): bonding: avoid possible dead-lock Mathias Nyman (1): xhci: Don't print a warning when setting link state for disabled ports Maxime Chevallier (1): net: mvpp2: Extract the correct ethtype from the skb for tx csum offload Michael Chan (1): bnxt_en: Fix TX timeout during netpoll. Michael Neuling (2): powerpc/tm: Fix userspace r13 corruption powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Schmitz (1): Input: atakbd - fix Atari CapsLock behaviour Mikulas Patocka (1): mach64: detect the dot clock divider correctly on sparc Nathan Chancellor (1): net/mlx4: Use cpumask_available for eq->affinity_mask Nicolas Ferre (2): net: macb: disable scatter-gather for macb on sama5d3 ARM: dts: at91: add new compatibility string for macb on sama5d3 Paolo Abeni (2): ip6_tunnel: be careful when accessing the inner header ip_tunnel: be careful when accessing the inner header Paolo Bonzini (1): KVM: x86: remove eager_fpu field of struct kvm_vcpu_arch Pierre-Louis Bossart (1): ASoC: wm8804: Add ACPI support Rik van Riel (1): x86/fpu: Remove struct fpu::counter Sabrina Dubroca (1): net: ipv4: update fnhe_pmtu when first hop's MTU changes Sean Tranchetti (1): netlabel: check for IPV4MASK in addrinfo_get Shahed Shaikh (1): qlcnic: fix Tx descriptor corruption on 82xx devices Stephen Warren (1): usb: gadget: serial: fix oops when data rx'd after close Theodore Ts'o (1): ext4: add corruption check in ext4_xattr_set_entry() Tony Lindgren (1): mfd: omap-usb-host: Fix dts probe of children Vitaly Kuznetsov (1): Drivers: hv: kvp: fix IP Failover Yu Zhao (2): sound: enable interrupt after dma buffer initialization net/usb: cancel pending work when unbinding smsc75xx

7 years

1
1
0 0

[PATCH 4.18 00/53] 4.18.16-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.18.16 release. There are 53 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Oct 20 17:53:52 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.18.16-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.18.16-rc1 Alexey Brodkin <abrodkin(a)synopsys.com> ARC: build: Don't set CROSS_COMPILE in arch's Makefile Alexey Brodkin <abrodkin(a)synopsys.com> ARC: build: Get rid of toolchain check Linus Torvalds <torvalds(a)linux-foundation.org> mremap: properly flush TLB before releasing the page Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Revert "vfs: fix freeze protection in mnt_want_write_file() for overlayfs" Kairui Song <kasong(a)redhat.com> x86/boot: Fix kexec booting failure in the SEV bit detection code Arindam Nath <arindam.nath(a)amd.com> iommu/amd: Return devid as alias for ACPI HID devices Srikar Dronamraju <srikar(a)linux.vnet.ibm.com> powerpc/numa: Use associativity if VPHN hcall is successful Michael Neuling <mikey(a)neuling.org> powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Neuling <mikey(a)neuling.org> powerpc/tm: Fix userspace r13 corruption Daniel Kurtz <djkurtz(a)chromium.org> pinctrl/amd: poll InterruptEnable bits in amd_gpio_irq_set_type Heiko Stuebner <heiko(a)sntech.de> iommu/rockchip: Free irqs in shutdown handler James Cowgill <jcowgill(a)debian.org> RISC-V: include linux/ftrace.h in asm-prototypes.h Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix system crash during RDMA resource initialization Tao Ren <taoren(a)fb.com> clocksource/drivers/fttmr010: Fix set_next_event handler Nathan Chancellor <natechancellor(a)gmail.com> net/mlx4: Use cpumask_available for eq->affinity_mask John Fastabend <john.fastabend(a)gmail.com> bpf: test_maps, only support ESTABLISHED socks John Fastabend <john.fastabend(a)gmail.com> bpf: sockmap, fix transition through disconnect without close John Fastabend <john.fastabend(a)gmail.com> bpf: sockmap only allow ESTABLISHED sock state Johannes Thumshirn <jthumshirn(a)suse.de> scsi: sd: don't crash the host on invalid commands Wen Xiong <wenxiong(a)linux.vnet.ibm.com> scsi: ipr: System hung while dlpar adding primary ipr adapter back Alexandru Gheorghe <alexandru-cosmin.gheorghe(a)arm.com> drm: mali-dp: Call drm_crtc_vblank_reset on device init James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Synchronize access to remoteport via rport Majd Dibbiny <majd(a)mellanox.com> RDMA/uverbs: Fix validity check for modify QP Jisheng Zhang <Jisheng.Zhang(a)synaptics.com> PCI: dwc: Fix scheduling while atomic issues Sudarsana Reddy Kalluru <sudarsana.kalluru(a)cavium.com> qed: Do not add VLAN 0 tag to untagged frames in multi-function mode. Sudarsana Reddy Kalluru <sudarsana.kalluru(a)cavium.com> qed: Fix populating the invalid stag value in multi function mode. YueHaibing <yuehaibing(a)huawei.com> net/smc: fix sizeof to int comparison Ursula Braun <ubraun(a)linux.ibm.com> net/smc: fix non-blocking connect problem Kazuya Mizuguchi <kazuya.mizuguchi.ks(a)renesas.com> ravb: do not write 1 to reserved bits Christian Lamparter <chunkeey(a)gmail.com> net: emac: fix fixed-link setup for the RTL8363SB switch Sabrina Dubroca <sd(a)queasysnail.net> selftests: pmtu: properly redirect stderr to /dev/null Michael Schmitz <schmitzmic(a)gmail.com> Input: atakbd - fix Atari CapsLock behaviour Andreas Schwab <schwab(a)linux-m68k.org> Input: atakbd - fix Atari keymap Alexander Shishkin <alexander.shishkin(a)linux.intel.com> intel_th: pci: Add Ice Lake PCH support Laura Abbott <labbott(a)redhat.com> scsi: ibmvscsis: Ensure partition name is properly NUL terminated Laura Abbott <labbott(a)redhat.com> scsi: ibmvscsis: Fix a stringop-overflow warning Keerthy <j-keerthy(a)ti.com> clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Steve Wise <swise(a)opengridcomputing.com> cxgb4: fix abort_req_rss6 struct Marek Lindner <mareklindner(a)neomailbox.ch> batman-adv: fix hardif_neigh refcount on queue_work() failure Marek Lindner <mareklindner(a)neomailbox.ch> batman-adv: fix backbone_gw refcount on queue_work() failure Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated tvlv handler Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated global TT entry Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated softif_vlan entry Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated nc_node entry Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated gateway_node entry Sven Eckelmann <sven(a)narfation.org> batman-adv: Fix segfault when writing to sysfs elp_interval Sven Eckelmann <sven(a)narfation.org> batman-adv: Fix segfault when writing to throughput_override Sven Eckelmann <sven(a)narfation.org> batman-adv: Avoid probe ELP information leak Linus Walleij <linus.walleij(a)linaro.org> spi: gpio: Fix copy-and-paste error Jozef Balga <jozef.balga(a)gmail.com> media: af9035: prevent buffer overflow on write Sanyog Kale <sanyog.r.kale(a)intel.com> soundwire: Fix acquiring bus lock twice during master release Shreyas NC <shreyas.nc(a)intel.com> soundwire: Fix incorrect exit after configuring stream Shreyas NC <shreyas.nc(a)intel.com> soundwire: Fix duplicate stream state assignment ------------- Diffstat: Makefile | 4 +- arch/arc/Makefile | 24 +----- arch/powerpc/kernel/tm.S | 20 ++++- arch/powerpc/mm/numa.c | 4 +- arch/riscv/include/asm/asm-prototypes.h | 7 ++ arch/x86/boot/compressed/mem_encrypt.S | 19 ----- drivers/clocksource/timer-fttmr010.c | 18 +++-- drivers/clocksource/timer-ti-32k.c | 3 + drivers/gpu/drm/arm/malidp_drv.c | 1 + drivers/hwtracing/intel_th/pci.c | 5 ++ drivers/infiniband/core/uverbs_cmd.c | 68 +++++++++++------ drivers/infiniband/hw/bnxt_re/main.c | 93 ++++++++++------------- drivers/input/keyboard/atakbd.c | 74 +++++++------------ drivers/iommu/amd_iommu.c | 6 ++ drivers/iommu/rockchip-iommu.c | 6 ++ drivers/media/usb/dvb-usb-v2/af9035.c | 6 +- drivers/net/ethernet/chelsio/cxgb4/t4_msg.h | 1 - drivers/net/ethernet/ibm/emac/core.c | 15 ++-- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 +- drivers/net/ethernet/qlogic/qed/qed_dcbx.c | 9 ++- drivers/net/ethernet/qlogic/qed/qed_dcbx.h | 1 + drivers/net/ethernet/qlogic/qed/qed_dev.c | 15 +++- drivers/net/ethernet/qlogic/qed/qed_hsi.h | 4 + drivers/net/ethernet/renesas/ravb.h | 5 ++ drivers/net/ethernet/renesas/ravb_main.c | 11 +-- drivers/net/ethernet/renesas/ravb_ptp.c | 2 +- drivers/pci/controller/dwc/pcie-designware.c | 8 +- drivers/pci/controller/dwc/pcie-designware.h | 3 +- drivers/pinctrl/pinctrl-amd.c | 33 ++++++--- drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 5 +- drivers/scsi/ipr.c | 106 +++++++++++++++------------ drivers/scsi/ipr.h | 1 + drivers/scsi/lpfc/lpfc_attr.c | 15 ++-- drivers/scsi/lpfc/lpfc_debugfs.c | 10 +-- drivers/scsi/lpfc/lpfc_nvme.c | 11 ++- drivers/scsi/sd.c | 3 +- drivers/soundwire/stream.c | 23 ++++-- drivers/spi/spi-gpio.c | 4 +- fs/namespace.c | 7 +- include/linux/huge_mm.h | 2 +- kernel/bpf/sockmap.c | 91 ++++++++++++++++++----- mm/huge_memory.c | 10 +-- mm/mremap.c | 30 ++++---- net/batman-adv/bat_v_elp.c | 10 ++- net/batman-adv/bridge_loop_avoidance.c | 10 ++- net/batman-adv/gateway_client.c | 11 ++- net/batman-adv/network-coding.c | 27 ++++--- net/batman-adv/soft-interface.c | 25 +++++-- net/batman-adv/sysfs.c | 30 +++++--- net/batman-adv/translation-table.c | 6 +- net/batman-adv/tvlv.c | 8 +- net/smc/af_smc.c | 7 +- net/smc/smc_clc.c | 14 ++-- tools/testing/selftests/bpf/test_maps.c | 10 ++- tools/testing/selftests/net/pmtu.sh | 4 +- 55 files changed, 563 insertions(+), 385 deletions(-)

7 years

4
59
0 0

[PATCH 2/3] tracing: Fix synthetic event to allow semicolon at end

by Steven Rostedt

From: Masami Hiramatsu <mhiramat(a)kernel.org> Fix synthetic event to allow independent semicolon at end. The synthetic_events interface accepts a semicolon after the last word if there is no space. # echo "myevent u64 var;" >> synthetic_events But if there is a space, it returns an error. # echo "myevent u64 var ;" > synthetic_events sh: write error: Invalid argument This behavior is difficult for users to understand. Let's allow the last independent semicolon too. Link: http://lkml.kernel.org/r/153986835420.18251.2191216690677025744.stgit@devbox Cc: Shuah Khan <shuah(a)kernel.org> Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: stable(a)vger.kernel.org Fixes: commit 4b147936fa50 ("tracing: Add support for 'synthetic' events") Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> --- kernel/trace/trace_events_hist.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index 6ff83941065a..d239004aaf29 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -1088,7 +1088,7 @@ static int create_synth_event(int argc, char **argv) i += consumed - 1; } - if (i < argc) { + if (i < argc && strcmp(argv[i], ";") != 0) { ret = -EINVAL; goto err; } -- 2.19.0

7 years

1
0
0 0

[PATCH 1/3] tracing: Fix synthetic event to accept unsigned modifier

by Steven Rostedt

From: Masami Hiramatsu <mhiramat(a)kernel.org> Fix synthetic event to accept unsigned modifier for its field type correctly. Currently, synthetic_events interface returns error for "unsigned" modifiers as below; # echo "myevent unsigned long var" >> synthetic_events sh: write error: Invalid argument This is because argv_split() breaks "unsigned long" into "unsigned" and "long", but parse_synth_field() doesn't expected it. With this fix, synthetic_events can handle the "unsigned long" correctly like as below; # echo "myevent unsigned long var" >> synthetic_events # cat synthetic_events myevent unsigned long var Link: http://lkml.kernel.org/r/153986832571.18251.8448135724590496531.stgit@devbox Cc: Shuah Khan <shuah(a)kernel.org> Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: stable(a)vger.kernel.org Fixes: commit 4b147936fa50 ("tracing: Add support for 'synthetic' events") Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> --- kernel/trace/trace_events_hist.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index 85f6b01431c7..6ff83941065a 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -738,16 +738,30 @@ static void free_synth_field(struct synth_field *field) kfree(field); } -static struct synth_field *parse_synth_field(char *field_type, - char *field_name) +static struct synth_field *parse_synth_field(int argc, char **argv, + int *consumed) { struct synth_field *field; + const char *prefix = NULL; + char *field_type = argv[0], *field_name; int len, ret = 0; char *array; if (field_type[0] == ';') field_type++; + if (!strcmp(field_type, "unsigned")) { + if (argc < 3) + return ERR_PTR(-EINVAL); + prefix = "unsigned "; + field_type = argv[1]; + field_name = argv[2]; + *consumed = 3; + } else { + field_name = argv[1]; + *consumed = 2; + } + len = strlen(field_name); if (field_name[len - 1] == ';') field_name[len - 1] = '\0'; @@ -760,11 +774,15 @@ static struct synth_field *parse_synth_field(char *field_type, array = strchr(field_name, '['); if (array) len += strlen(array); + if (prefix) + len += strlen(prefix); field->type = kzalloc(len, GFP_KERNEL); if (!field->type) { ret = -ENOMEM; goto free; } + if (prefix) + strcat(field->type, prefix); strcat(field->type, field_type); if (array) { strcat(field->type, array); @@ -1009,7 +1027,7 @@ static int create_synth_event(int argc, char **argv) struct synth_field *field, *fields[SYNTH_FIELDS_MAX]; struct synth_event *event = NULL; bool delete_event = false; - int i, n_fields = 0, ret = 0; + int i, consumed = 0, n_fields = 0, ret = 0; char *name; mutex_lock(&synth_event_mutex); @@ -1061,13 +1079,13 @@ static int create_synth_event(int argc, char **argv) goto err; } - field = parse_synth_field(argv[i], argv[i + 1]); + field = parse_synth_field(argc - i, &argv[i], &consumed); if (IS_ERR(field)) { ret = PTR_ERR(field); goto err; } - fields[n_fields] = field; - i++; n_fields++; + fields[n_fields++] = field; + i += consumed - 1; } if (i < argc) { -- 2.19.0

7 years

1
0
0 0

[PATCH v7 01/21] tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x

by Tomas Winkler

tpm_i2c_nuvoton calculated commands duration using TPM 1.x values via tpm_calc_ordinal_duration() also for TPM 2.x chips. Call tpm2_calc_ordinal_duration() for retrieving ordinal duration for TPM 2.X chips. Cc: stable(a)vger.kernel.org Cc: Nayna Jain <nayna(a)linux.vnet.ibm.com> Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> Reviewed-by: Nayna Jain <nayna(a)linux.ibm.com> Tested-by: Nayna Jain <nayna(a)linux.ibm.com> (For TPM 2.0) --- V7: new in the series. drivers/char/tpm/tpm_i2c_nuvoton.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/drivers/char/tpm/tpm_i2c_nuvoton.c b/drivers/char/tpm/tpm_i2c_nuvoton.c index caa86b19c76d..f74f451baf6a 100644 --- a/drivers/char/tpm/tpm_i2c_nuvoton.c +++ b/drivers/char/tpm/tpm_i2c_nuvoton.c @@ -369,6 +369,7 @@ static int i2c_nuvoton_send(struct tpm_chip *chip, u8 *buf, size_t len) struct device *dev = chip->dev.parent; struct i2c_client *client = to_i2c_client(dev); u32 ordinal; + unsigned long duration; size_t count = 0; int burst_count, bytes2write, retries, rc = -EIO; @@ -455,10 +456,12 @@ static int i2c_nuvoton_send(struct tpm_chip *chip, u8 *buf, size_t len) return rc; } ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); - rc = i2c_nuvoton_wait_for_data_avail(chip, - tpm_calc_ordinal_duration(chip, - ordinal), - &priv->read_queue); + if (chip->flags & TPM_CHIP_FLAG_TPM2) + duration = tpm2_calc_ordinal_duration(chip, ordinal); + else + duration = tpm_calc_ordinal_duration(chip, ordinal); + + rc = i2c_nuvoton_wait_for_data_avail(chip, duration, &priv->read_queue); if (rc) { dev_err(dev, "%s() timeout command duration\n", __func__); i2c_nuvoton_ready(chip); -- 2.14.4

7 years

2
1
0 0

[PATCH 4.9 00/35] 4.9.135-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.135 release. There are 35 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Oct 20 17:54:00 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.135-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.135-rc1 Long Li <longli(a)microsoft.com> HV: properly delay KVP packets when negotiation is in progress Theodore Ts'o <tytso(a)mit.edu> ext4: avoid running out of journal credits when appending to an inline file Frederic Weisbecker <fweisbec(a)gmail.com> sched/cputime: Fix ksoftirqd cputime accounting regression Frederic Weisbecker <fweisbec(a)gmail.com> sched/cputime: Increment kcpustat directly on irqtime account Frederic Weisbecker <fweisbec(a)gmail.com> macintosh/rack-meter: Convert cputime64_t use to u64 Frederic Weisbecker <fweisbec(a)gmail.com> sched/cputime: Convert kcpustat to nsecs Stephen Warren <swarren(a)nvidia.com> usb: gadget: serial: fix oops when data rx'd after close Natanael Copa <ncopa(a)alpinelinux.org> HID: quirks: fix support for Apple Magic Keyboards Alexey Brodkin <abrodkin(a)synopsys.com> ARC: build: Don't set CROSS_COMPILE in arch's Makefile Alexey Brodkin <abrodkin(a)synopsys.com> ARC: build: Get rid of toolchain check Xin Long <lucien.xin(a)gmail.com> netfilter: check for seqadj ext existence before adding it in nf_nat_setup_info Jan Kara <jack(a)suse.cz> mm: Preserve _PAGE_DEVMAP across mprotect() calls Linus Torvalds <torvalds(a)linux-foundation.org> mremap: properly flush TLB before releasing the page Arindam Nath <arindam.nath(a)amd.com> iommu/amd: Return devid as alias for ACPI HID devices Michael Neuling <mikey(a)neuling.org> powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Neuling <mikey(a)neuling.org> powerpc/tm: Fix userspace r13 corruption James Cowgill <jcowgill(a)debian.org> RISC-V: include linux/ftrace.h in asm-prototypes.h Nathan Chancellor <natechancellor(a)gmail.com> net/mlx4: Use cpumask_available for eq->affinity_mask Johannes Thumshirn <jthumshirn(a)suse.de> scsi: sd: don't crash the host on invalid commands Alexandru Gheorghe <alexandru-cosmin.gheorghe(a)arm.com> drm: mali-dp: Call drm_crtc_vblank_reset on device init Kazuya Mizuguchi <kazuya.mizuguchi.ks(a)renesas.com> ravb: do not write 1 to reserved bits Michael Schmitz <schmitzmic(a)gmail.com> Input: atakbd - fix Atari CapsLock behaviour Andreas Schwab <schwab(a)linux-m68k.org> Input: atakbd - fix Atari keymap Laura Abbott <labbott(a)redhat.com> scsi: ibmvscsis: Ensure partition name is properly NUL terminated Laura Abbott <labbott(a)redhat.com> scsi: ibmvscsis: Fix a stringop-overflow warning Keerthy <j-keerthy(a)ti.com> clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Marek Lindner <mareklindner(a)neomailbox.ch> batman-adv: fix hardif_neigh refcount on queue_work() failure Marek Lindner <mareklindner(a)neomailbox.ch> batman-adv: fix backbone_gw refcount on queue_work() failure Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated tvlv handler Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated global TT entry Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated softif_vlan entry Sven Eckelmann <sven(a)narfation.org> batman-adv: Prevent duplicated nc_node entry Sven Eckelmann <sven(a)narfation.org> batman-adv: Fix segfault when writing to sysfs elp_interval Sven Eckelmann <sven(a)narfation.org> batman-adv: Fix segfault when writing to throughput_override Jozef Balga <jozef.balga(a)gmail.com> media: af9035: prevent buffer overflow on write ------------- Diffstat: Makefile | 4 +- arch/arc/Makefile | 24 +--------- arch/powerpc/kernel/tm.S | 20 +++++++-- arch/riscv/include/asm/asm-prototypes.h | 7 +++ arch/s390/appldata/appldata_os.c | 16 +++---- arch/x86/include/asm/pgtable_types.h | 2 +- drivers/clocksource/timer-ti-32k.c | 3 ++ drivers/cpufreq/cpufreq.c | 6 +-- drivers/cpufreq/cpufreq_governor.c | 2 +- drivers/cpufreq/cpufreq_stats.c | 1 - drivers/gpu/drm/arm/malidp_drv.c | 1 + drivers/hid/hid-core.c | 3 ++ drivers/hv/hv_kvp.c | 13 +++--- drivers/input/keyboard/atakbd.c | 74 ++++++++++++------------------- drivers/iommu/amd_iommu.c | 6 +++ drivers/macintosh/rack-meter.c | 28 ++++++------ drivers/media/usb/dvb-usb-v2/af9035.c | 6 ++- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 +- drivers/net/ethernet/renesas/ravb.h | 5 +++ drivers/net/ethernet/renesas/ravb_main.c | 11 ++--- drivers/net/ethernet/renesas/ravb_ptp.c | 2 +- drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 5 +-- drivers/scsi/sd.c | 3 +- drivers/usb/gadget/function/u_serial.c | 2 +- fs/ext4/ext4.h | 3 -- fs/ext4/inline.c | 38 +--------------- fs/ext4/xattr.c | 18 +------- fs/proc/stat.c | 68 ++++++++++++++--------------- fs/proc/uptime.c | 7 +-- include/linux/huge_mm.h | 2 +- kernel/sched/cpuacct.c | 2 +- kernel/sched/cputime.c | 75 ++++++++++++++------------------ kernel/sched/sched.h | 12 +++-- mm/huge_memory.c | 10 ++--- mm/mremap.c | 30 ++++++------- net/batman-adv/bat_v_elp.c | 8 +++- net/batman-adv/bridge_loop_avoidance.c | 10 ++++- net/batman-adv/network-coding.c | 27 +++++++----- net/batman-adv/soft-interface.c | 25 ++++++++--- net/batman-adv/sysfs.c | 30 ++++++++----- net/batman-adv/translation-table.c | 6 ++- net/batman-adv/tvlv.c | 8 +++- net/netfilter/nf_nat_core.c | 2 +- 43 files changed, 303 insertions(+), 325 deletions(-)

7 years

5
40
0 0

[PATCH 2/6] mm/rmap: map_pte() was not handling private ZONE_DEVICE page properly v3

by jglisse＠redhat.com

From: Ralph Campbell <rcampbell(a)nvidia.com> Private ZONE_DEVICE pages use a special pte entry and thus are not present. Properly handle this case in map_pte(), it is already handled in check_pte(), the map_pte() part was lost in some rebase most probably. Without this patch the slow migration path can not migrate back to any private ZONE_DEVICE memory to regular memory. This was found after stress testing migration back to system memory. This ultimatly can lead to the CPU constantly page fault looping on the special swap entry. Changes since v2: - add comments explaining what is going on Changes since v1: - properly lock pte directory in map_pte() Signed-off-by: Ralph Campbell <rcampbell(a)nvidia.com> Signed-off-by: Jérôme Glisse <jglisse(a)redhat.com> Reviewed-by: Balbir Singh <bsingharora(a)gmail.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Cc: stable(a)vger.kernel.org --- mm/page_vma_mapped.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/mm/page_vma_mapped.c b/mm/page_vma_mapped.c index ae3c2a35d61b..11df03e71288 100644 --- a/mm/page_vma_mapped.c +++ b/mm/page_vma_mapped.c @@ -21,7 +21,29 @@ static bool map_pte(struct page_vma_mapped_walk *pvmw) if (!is_swap_pte(*pvmw->pte)) return false; } else { - if (!pte_present(*pvmw->pte)) + /* + * We get here when we are trying to unmap a private + * device page from the process address space. Such + * page is not CPU accessible and thus is mapped as + * a special swap entry, nonetheless it still does + * count as a valid regular mapping for the page (and + * is accounted as such in page maps count). + * + * So handle this special case as if it was a normal + * page mapping ie lock CPU page table and returns + * true. + * + * For more details on device private memory see HMM + * (include/linux/hmm.h or mm/hmm.c). + */ + if (is_swap_pte(*pvmw->pte)) { + swp_entry_t entry; + + /* Handle un-addressable ZONE_DEVICE memory */ + entry = pte_to_swp_entry(*pvmw->pte); + if (!is_device_private_entry(entry)) + return false; + } else if (!pte_present(*pvmw->pte)) return false; } } -- 2.17.2

7 years

1
0
0 0

[PATCH v2] fsnotify: Fix busy inodes during unmount

by Jan Kara

Detaching of mark connector from fsnotify_put_mark() can race with unmounting of the filesystem like: CPU1 CPU2 fsnotify_put_mark() spin_lock(&conn->lock); ... inode = fsnotify_detach_connector_from_object(conn) spin_unlock(&conn->lock); generic_shutdown_super() fsnotify_unmount_inodes() sees connector detached for inode -> nothing to do evict_inode() barfs on pending inode reference iput(inode); Resulting in "Busy inodes after unmount" message and possible kernel oops. Make fsnotify_unmount_inodes() properly wait for outstanding inode references from detached connectors. Note that the accounting of outstanding inode references in the superblock can cause some cacheline contention on the counter. OTOH it happens only during deletion of the last notification mark from an inode (or during unlinking of watched inode) and that is not too bad. I have measured time to create & delete inotify watch 100000 times from 64 processes in parallel (each process having its own inotify group and its own file on a shared superblock) on a 64 CPU machine. Average and standard deviation of 15 runs look like: Avg Stddev Vanilla 9.817400 0.276165 Fixed 9.710467 0.228294 So there's no statistically significant difference. Fixes: 6b3f05d24d35 ("fsnotify: Detach mark from object list when last reference is dropped") CC: stable(a)vger.kernel.org Signed-off-by: Jan Kara <jack(a)suse.cz> --- fs/notify/fsnotify.c | 3 +++ fs/notify/mark.c | 39 +++++++++++++++++++++++++++++++-------- include/linux/fs.h | 3 +++ 3 files changed, 37 insertions(+), 8 deletions(-) Changes since v1: * added Fixes tag * improved fsnotify_drop_object to take object type diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c index f174397b63a0..00d4f4357724 100644 --- a/fs/notify/fsnotify.c +++ b/fs/notify/fsnotify.c @@ -96,6 +96,9 @@ void fsnotify_unmount_inodes(struct super_block *sb) if (iput_inode) iput(iput_inode); + /* Wait for outstanding inode references from connectors */ + wait_var_event(&sb->s_fsnotify_inode_refs, + !atomic_long_read(&sb->s_fsnotify_inode_refs)); } /* diff --git a/fs/notify/mark.c b/fs/notify/mark.c index 59cdb27826de..f4e330b5b379 100644 --- a/fs/notify/mark.c +++ b/fs/notify/mark.c @@ -179,17 +179,20 @@ static void fsnotify_connector_destroy_workfn(struct work_struct *work) } } -static struct inode *fsnotify_detach_connector_from_object( - struct fsnotify_mark_connector *conn) +static void *fsnotify_detach_connector_from_object( + struct fsnotify_mark_connector *conn, + unsigned int *type) { struct inode *inode = NULL; + *type = conn->type; if (conn->type == FSNOTIFY_OBJ_TYPE_DETACHED) return NULL; if (conn->type == FSNOTIFY_OBJ_TYPE_INODE) { inode = fsnotify_conn_inode(conn); inode->i_fsnotify_mask = 0; + atomic_long_inc(&inode->i_sb->s_fsnotify_inode_refs); } else if (conn->type == FSNOTIFY_OBJ_TYPE_VFSMOUNT) { fsnotify_conn_mount(conn)->mnt_fsnotify_mask = 0; } @@ -211,10 +214,29 @@ static void fsnotify_final_mark_destroy(struct fsnotify_mark *mark) fsnotify_put_group(group); } +/* Drop object reference originally held by a connector */ +static void fsnotify_drop_object(unsigned int type, void *objp) +{ + struct inode *inode; + struct super_block *sb; + + if (!objp) + return; + /* Currently only inode references are passed to be dropped */ + if (WARN_ON_ONCE(type != FSNOTIFY_OBJ_TYPE_INODE)) + return; + inode = objp; + sb = inode->i_sb; + iput(inode); + if (atomic_long_dec_and_test(&sb->s_fsnotify_inode_refs)) + wake_up_var(&sb->s_fsnotify_inode_refs); +} + void fsnotify_put_mark(struct fsnotify_mark *mark) { struct fsnotify_mark_connector *conn; - struct inode *inode = NULL; + void *objp = NULL; + unsigned int type; bool free_conn = false; /* Catch marks that were actually never attached to object */ @@ -234,7 +256,7 @@ void fsnotify_put_mark(struct fsnotify_mark *mark) conn = mark->connector; hlist_del_init_rcu(&mark->obj_list); if (hlist_empty(&conn->list)) { - inode = fsnotify_detach_connector_from_object(conn); + objp = fsnotify_detach_connector_from_object(conn, &type); free_conn = true; } else { __fsnotify_recalc_mask(conn); @@ -242,7 +264,7 @@ void fsnotify_put_mark(struct fsnotify_mark *mark) mark->connector = NULL; spin_unlock(&conn->lock); - iput(inode); + fsnotify_drop_object(type, objp); if (free_conn) { spin_lock(&destroy_lock); @@ -709,7 +731,8 @@ void fsnotify_destroy_marks(fsnotify_connp_t *connp) { struct fsnotify_mark_connector *conn; struct fsnotify_mark *mark, *old_mark = NULL; - struct inode *inode; + void *objp; + unsigned int type; conn = fsnotify_grab_connector(connp); if (!conn) @@ -735,11 +758,11 @@ void fsnotify_destroy_marks(fsnotify_connp_t *connp) * mark references get dropped. It would lead to strange results such * as delaying inode deletion or blocking unmount. */ - inode = fsnotify_detach_connector_from_object(conn); + objp = fsnotify_detach_connector_from_object(conn, &type); spin_unlock(&conn->lock); if (old_mark) fsnotify_put_mark(old_mark); - iput(inode); + fsnotify_drop_object(type, objp); } /* diff --git a/include/linux/fs.h b/include/linux/fs.h index 33322702c910..5090f3dcec3b 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1428,6 +1428,9 @@ struct super_block { /* Number of inodes with nlink == 0 but still referenced */ atomic_long_t s_remove_count; + /* Pending fsnotify inode refs */ + atomic_long_t s_fsnotify_inode_refs; + /* Being remounted read-only */ int s_readonly_remount; -- 2.16.4

7 years

2
2
0 0

[PATCH v3] fsnotify: Fix busy inodes during unmount

by Jan Kara

Detaching of mark connector from fsnotify_put_mark() can race with unmounting of the filesystem like: CPU1 CPU2 fsnotify_put_mark() spin_lock(&conn->lock); ... inode = fsnotify_detach_connector_from_object(conn) spin_unlock(&conn->lock); generic_shutdown_super() fsnotify_unmount_inodes() sees connector detached for inode -> nothing to do evict_inode() barfs on pending inode reference iput(inode); Resulting in "Busy inodes after unmount" message and possible kernel oops. Make fsnotify_unmount_inodes() properly wait for outstanding inode references from detached connectors. Note that the accounting of outstanding inode references in the superblock can cause some cacheline contention on the counter. OTOH it happens only during deletion of the last notification mark from an inode (or during unlinking of watched inode) and that is not too bad. I have measured time to create & delete inotify watch 100000 times from 64 processes in parallel (each process having its own inotify group and its own file on a shared superblock) on a 64 CPU machine. Average and standard deviation of 15 runs look like: Avg Stddev Vanilla 9.817400 0.276165 Fixed 9.710467 0.228294 So there's no statistically significant difference. Fixes: 6b3f05d24d35 ("fsnotify: Detach mark from object list when last reference is dropped") CC: stable(a)vger.kernel.org Signed-off-by: Jan Kara <jack(a)suse.cz> --- fs/notify/fsnotify.c | 3 +++ fs/notify/mark.c | 39 +++++++++++++++++++++++++++++++-------- include/linux/fs.h | 3 +++ 3 files changed, 37 insertions(+), 8 deletions(-) Changes since v2: * fixed uninitialized warning Changes since v1: * added Fixes tag * fsnotify_drop_object() now takes type diff --git a/fs/notify/fsnotify.c b/fs/notify/fsnotify.c index f174397b63a0..00d4f4357724 100644 --- a/fs/notify/fsnotify.c +++ b/fs/notify/fsnotify.c @@ -96,6 +96,9 @@ void fsnotify_unmount_inodes(struct super_block *sb) if (iput_inode) iput(iput_inode); + /* Wait for outstanding inode references from connectors */ + wait_var_event(&sb->s_fsnotify_inode_refs, + !atomic_long_read(&sb->s_fsnotify_inode_refs)); } /* diff --git a/fs/notify/mark.c b/fs/notify/mark.c index 59cdb27826de..09535f6423fc 100644 --- a/fs/notify/mark.c +++ b/fs/notify/mark.c @@ -179,17 +179,20 @@ static void fsnotify_connector_destroy_workfn(struct work_struct *work) } } -static struct inode *fsnotify_detach_connector_from_object( - struct fsnotify_mark_connector *conn) +static void *fsnotify_detach_connector_from_object( + struct fsnotify_mark_connector *conn, + unsigned int *type) { struct inode *inode = NULL; + *type = conn->type; if (conn->type == FSNOTIFY_OBJ_TYPE_DETACHED) return NULL; if (conn->type == FSNOTIFY_OBJ_TYPE_INODE) { inode = fsnotify_conn_inode(conn); inode->i_fsnotify_mask = 0; + atomic_long_inc(&inode->i_sb->s_fsnotify_inode_refs); } else if (conn->type == FSNOTIFY_OBJ_TYPE_VFSMOUNT) { fsnotify_conn_mount(conn)->mnt_fsnotify_mask = 0; } @@ -211,10 +214,29 @@ static void fsnotify_final_mark_destroy(struct fsnotify_mark *mark) fsnotify_put_group(group); } +/* Drop object reference originally held by a connector */ +static void fsnotify_drop_object(unsigned int type, void *objp) +{ + struct inode *inode; + struct super_block *sb; + + if (!objp) + return; + /* Currently only inode references are passed to be dropped */ + if (WARN_ON_ONCE(type != FSNOTIFY_OBJ_TYPE_INODE)) + return; + inode = objp; + sb = inode->i_sb; + iput(inode); + if (atomic_long_dec_and_test(&sb->s_fsnotify_inode_refs)) + wake_up_var(&sb->s_fsnotify_inode_refs); +} + void fsnotify_put_mark(struct fsnotify_mark *mark) { struct fsnotify_mark_connector *conn; - struct inode *inode = NULL; + void *objp = NULL; + unsigned int type = FSNOTIFY_OBJ_TYPE_DETACHED; bool free_conn = false; /* Catch marks that were actually never attached to object */ @@ -234,7 +256,7 @@ void fsnotify_put_mark(struct fsnotify_mark *mark) conn = mark->connector; hlist_del_init_rcu(&mark->obj_list); if (hlist_empty(&conn->list)) { - inode = fsnotify_detach_connector_from_object(conn); + objp = fsnotify_detach_connector_from_object(conn, &type); free_conn = true; } else { __fsnotify_recalc_mask(conn); @@ -242,7 +264,7 @@ void fsnotify_put_mark(struct fsnotify_mark *mark) mark->connector = NULL; spin_unlock(&conn->lock); - iput(inode); + fsnotify_drop_object(type, objp); if (free_conn) { spin_lock(&destroy_lock); @@ -709,7 +731,8 @@ void fsnotify_destroy_marks(fsnotify_connp_t *connp) { struct fsnotify_mark_connector *conn; struct fsnotify_mark *mark, *old_mark = NULL; - struct inode *inode; + void *objp; + unsigned int type; conn = fsnotify_grab_connector(connp); if (!conn) @@ -735,11 +758,11 @@ void fsnotify_destroy_marks(fsnotify_connp_t *connp) * mark references get dropped. It would lead to strange results such * as delaying inode deletion or blocking unmount. */ - inode = fsnotify_detach_connector_from_object(conn); + objp = fsnotify_detach_connector_from_object(conn, &type); spin_unlock(&conn->lock); if (old_mark) fsnotify_put_mark(old_mark); - iput(inode); + fsnotify_drop_object(type, objp); } /* diff --git a/include/linux/fs.h b/include/linux/fs.h index 33322702c910..5090f3dcec3b 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1428,6 +1428,9 @@ struct super_block { /* Number of inodes with nlink == 0 but still referenced */ atomic_long_t s_remove_count; + /* Pending fsnotify inode refs */ + atomic_long_t s_fsnotify_inode_refs; + /* Being remounted read-only */ int s_readonly_remount; -- 2.16.4

7 years

1
0
0 0

[PATCH] ACPICA: Use 'jiffies' as the time bassis for acpi_os_get_timer()

by Bart Van Assche

Since acpi_os_get_timer() may be called after the timer subsystem has been suspended, use the jiffies counter instead of ktime_get(). This patch avoids that the following warning is reported during hibernation: WARNING: CPU: 0 PID: 612 at kernel/time/timekeeping.c:751 ktime_get+0x116/0x120 RIP: 0010:ktime_get+0x116/0x120 Call Trace: acpi_os_get_timer+0xe/0x30 acpi_ds_exec_begin_control_op+0x175/0x1de acpi_ds_exec_begin_op+0x2c7/0x39a acpi_ps_create_op+0x573/0x5e4 acpi_ps_parse_loop+0x349/0x1220 acpi_ps_parse_aml+0x25b/0x6da acpi_ps_execute_method+0x327/0x41b acpi_ns_evaluate+0x4e9/0x6f5 acpi_ut_evaluate_object+0xd9/0x2f2 acpi_rs_get_method_data+0x8f/0x114 acpi_walk_resources+0x122/0x1b6 acpi_pci_link_get_current.isra.2+0x157/0x280 acpi_pci_link_set+0x32f/0x4a0 irqrouter_resume+0x58/0x80 syscore_resume+0x84/0x380 hibernation_snapshot+0x20c/0x4f0 hibernate+0x22d/0x3a6 state_store+0x99/0xa0 kobj_attr_store+0x37/0x50 sysfs_kf_write+0x87/0xa0 kernfs_fop_write+0x1a5/0x240 __vfs_write+0xd2/0x410 vfs_write+0x101/0x250 ksys_write+0xab/0x120 __x64_sys_write+0x43/0x50 do_syscall_64+0x71/0x220 entry_SYSCALL_64_after_hwframe+0x49/0xbe Fixes: 164a08cee135 ("ACPICA: Dispatcher: Introduce timeout mechanism for infinite loop detection") Reported-by: Fengguang Wu <fengguang.wu(a)intel.com> References: https://lists.01.org/pipermail/lkp/2018-April/008406.html Cc: Rafael J. Wysocki <rjw(a)rjwysocki.net> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Len Brown <lenb(a)kernel.org> Cc: Yu Chen <yu.c.chen(a)intel.com> Cc: Fengguang Wu <fengguang.wu(a)intel.com> Cc: linux-acpi(a)vger.kernel.org Cc: stable(a)vger.kernel.org Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> --- drivers/acpi/osl.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c index 8df9abfa947b..ed73f6fb0779 100644 --- a/drivers/acpi/osl.c +++ b/drivers/acpi/osl.c @@ -617,15 +617,18 @@ void acpi_os_stall(u32 us) } /* - * Support ACPI 3.0 AML Timer operand - * Returns 64-bit free-running, monotonically increasing timer - * with 100ns granularity + * Support ACPI 3.0 AML Timer operand. Returns a 64-bit free-running, + * monotonically increasing timer with 100ns granularity. Do not use + * ktime_get() to implement this function because this function may get + * called after timekeeping has been suspended. Note: calling this function + * after timekeeping has been suspended may lead to unexpected results + * because when timekeeping is suspended the jiffies counter is not + * incremented. See also timekeeping_suspend(). */ u64 acpi_os_get_timer(void) { - u64 time_ns = ktime_to_ns(ktime_get()); - do_div(time_ns, 100); - return time_ns; + return (get_jiffies_64() - INITIAL_JIFFIES) * + (ACPI_100NSEC_PER_SEC / HZ); } acpi_status acpi_os_read_port(acpi_io_address port, u32 * value, u32 width) -- 2.19.1.568.g152ad8e336-goog

7 years

2
1
0 0

[PATCH v2] drm/sun4i: Fix an ulong overflow in the dotclock driver

by Boris Brezillon

The calculated ideal rate can easily overflow an unsigned long, thus making the best div selection buggy as soon as no ideal match is found before the overflow occurs. Fixes: 4731a72df273 ("drm/sun4i: request exact rates to our parents") Cc: <stable(a)vger.kernel.org> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> Acked-by: Maxime Ripard <maxime.ripard(a)bootlin.com> --- Changes in v2: - Add a comment to explain why we bail out after an overflow - Add Maxime ack - Use a goto instead of a break --- drivers/gpu/drm/sun4i/sun4i_dotclock.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/sun4i/sun4i_dotclock.c b/drivers/gpu/drm/sun4i/sun4i_dotclock.c index e36004fbe453..2a15f2f9271e 100644 --- a/drivers/gpu/drm/sun4i/sun4i_dotclock.c +++ b/drivers/gpu/drm/sun4i/sun4i_dotclock.c @@ -81,9 +81,19 @@ static long sun4i_dclk_round_rate(struct clk_hw *hw, unsigned long rate, int i; for (i = tcon->dclk_min_div; i <= tcon->dclk_max_div; i++) { - unsigned long ideal = rate * i; + u64 ideal = (u64)rate * i; unsigned long rounded; + /* + * ideal has overflowed the max value that can be stored in an + * unsigned long, and every clk operation we might do on a + * truncated u64 value will give us incorrect results. + * Let's just stop there since bigger dividers will result in + * the same overflow issue. + */ + if (ideal > ULONG_MAX) + goto out; + rounded = clk_hw_round_rate(clk_hw_get_parent(hw), ideal); -- 2.14.1

7 years

2
1
0 0

patch "usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten" added to usb-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From e28fd56ad5273be67d0fae5bedc7e1680e729952 Mon Sep 17 00:00:00 2001 From: "Shuah Khan (Samsung OSG)" <shuah(a)kernel.org> Date: Thu, 18 Oct 2018 10:19:29 -0600 Subject: usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten In rmmod path, usbip_vudc does platform_device_put() twice once from platform_device_unregister() and then from put_vudc_device(). The second put results in: BUG kmalloc-2048 (Not tainted): Poison overwritten error or BUG: KASAN: use-after-free in kobject_put+0x1e/0x230 if KASAN is enabled. [ 169.042156] calling init+0x0/0x1000 [usbip_vudc] @ 1697 [ 169.042396] ============================================================================= [ 169.043678] probe of usbip-vudc.0 returned 1 after 350 usecs [ 169.044508] BUG kmalloc-2048 (Not tainted): Poison overwritten [ 169.044509] ----------------------------------------------------------------------------- ... [ 169.057849] INFO: Freed in device_release+0x2b/0x80 age=4223 cpu=3 pid=1693 [ 169.057852] kobject_put+0x86/0x1b0 [ 169.057853] 0xffffffffc0c30a96 [ 169.057855] __x64_sys_delete_module+0x157/0x240 Fix it to call platform_device_del() instead and let put_vudc_device() do the platform_device_put(). Reported-by: Randy Dunlap <rdunlap(a)infradead.org> Signed-off-by: Shuah Khan (Samsung OSG) <shuah(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/usbip/vudc_main.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/drivers/usb/usbip/vudc_main.c b/drivers/usb/usbip/vudc_main.c index 3fc22037a82f..390733e6937e 100644 --- a/drivers/usb/usbip/vudc_main.c +++ b/drivers/usb/usbip/vudc_main.c @@ -73,6 +73,10 @@ static int __init init(void) cleanup: list_for_each_entry_safe(udc_dev, udc_dev2, &vudc_devices, dev_entry) { list_del(&udc_dev->dev_entry); + /* + * Just do platform_device_del() here, put_vudc_device() + * calls the platform_device_put() + */ platform_device_del(udc_dev->pdev); put_vudc_device(udc_dev); } @@ -89,7 +93,11 @@ static void __exit cleanup(void) list_for_each_entry_safe(udc_dev, udc_dev2, &vudc_devices, dev_entry) { list_del(&udc_dev->dev_entry); - platform_device_unregister(udc_dev->pdev); + /* + * Just do platform_device_del() here, put_vudc_device() + * calls the platform_device_put() + */ + platform_device_del(udc_dev->pdev); put_vudc_device(udc_dev); } platform_driver_unregister(&vudc_driver); -- 2.19.1

7 years

1
0
0 0

[PATCH] usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten

by Shuah Khan (Samsung OSG)

In rmmod path, usbip_vudc does platform_device_put() twice once from platform_device_unregister() and then from put_vudc_device(). The second put results in: BUG kmalloc-2048 (Not tainted): Poison overwritten error or BUG: KASAN: use-after-free in kobject_put+0x1e/0x230 if KASAN is enabled. [ 169.042156] calling init+0x0/0x1000 [usbip_vudc] @ 1697 [ 169.042396] ============================================================================= [ 169.043678] probe of usbip-vudc.0 returned 1 after 350 usecs [ 169.044508] BUG kmalloc-2048 (Not tainted): Poison overwritten [ 169.044509] ----------------------------------------------------------------------------- ... [ 169.057849] INFO: Freed in device_release+0x2b/0x80 age=4223 cpu=3 pid=1693 [ 169.057852] kobject_put+0x86/0x1b0 [ 169.057853] 0xffffffffc0c30a96 [ 169.057855] __x64_sys_delete_module+0x157/0x240 Fix it to call platform_device_del() instead and let put_vudc_device() do the platform_device_put(). Reported-by: Randy Dunlap <rdunlap(a)infradead.org> Signed-off-by: Shuah Khan (Samsung OSG) <shuah(a)kernel.org> Cc: <stable(a)vger.kernel.org> --- drivers/usb/usbip/vudc_main.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/drivers/usb/usbip/vudc_main.c b/drivers/usb/usbip/vudc_main.c index 3fc22037a82f..390733e6937e 100644 --- a/drivers/usb/usbip/vudc_main.c +++ b/drivers/usb/usbip/vudc_main.c @@ -73,6 +73,10 @@ static int __init init(void) cleanup: list_for_each_entry_safe(udc_dev, udc_dev2, &vudc_devices, dev_entry) { list_del(&udc_dev->dev_entry); + /* + * Just do platform_device_del() here, put_vudc_device() + * calls the platform_device_put() + */ platform_device_del(udc_dev->pdev); put_vudc_device(udc_dev); } @@ -89,7 +93,11 @@ static void __exit cleanup(void) list_for_each_entry_safe(udc_dev, udc_dev2, &vudc_devices, dev_entry) { list_del(&udc_dev->dev_entry); - platform_device_unregister(udc_dev->pdev); + /* + * Just do platform_device_del() here, put_vudc_device() + * calls the platform_device_put() + */ + platform_device_del(udc_dev->pdev); put_vudc_device(udc_dev); } platform_driver_unregister(&vudc_driver); -- 2.17.0

7 years

2
1
0 0

+ hugetlbfs-dirty-pages-as-they-are-added-to-pagecache.patch tentatively added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: hugetlbfs: dirty pages as they are added to pagecache has been added to the -mm tree. Its filename is hugetlbfs-dirty-pages-as-they-are-added-to-pagecache.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/hugetlbfs-dirty-pages-as-they-are-… and later at http://ozlabs.org/~akpm/mmotm/broken-out/hugetlbfs-dirty-pages-as-they-are-… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Mike Kravetz <mike.kravetz(a)oracle.com> Subject: hugetlbfs: dirty pages as they are added to pagecache Some test systems were experiencing negative huge page reserve counts and incorrect file block counts. This was traced to /proc/sys/vm/drop_caches removing clean pages from hugetlbfs file pagecaches. When non-hugetlbfs explicit code removes the pages, the appropriate accounting is not performed. This can be recreated as follows: fallocate -l 2M /dev/hugepages/foo echo 1 > /proc/sys/vm/drop_caches fallocate -l 2M /dev/hugepages/foo grep -i huge /proc/meminfo AnonHugePages: 0 kB ShmemHugePages: 0 kB HugePages_Total: 2048 HugePages_Free: 2047 HugePages_Rsvd: 18446744073709551615 HugePages_Surp: 0 Hugepagesize: 2048 kB Hugetlb: 4194304 kB ls -lsh /dev/hugepages/foo 4.0M -rw-r--r--. 1 root root 2.0M Oct 17 20:05 /dev/hugepages/foo To address this issue, dirty pages as they are added to pagecache. This can easily be reproduced with fallocate as shown above. Read faulted pages will eventually end up being marked dirty. But there is a window where they are clean and could be impacted by code such as drop_caches. So, just dirty them all as they are added to the pagecache. In addition, it makes little sense to even try to drop hugetlbfs pagecache pages, so disable calls to these filesystems in drop_caches code. Link: http://lkml.kernel.org/r/20181018041022.4529-1-mike.kravetz@oracle.com Fixes: 70c3547e36f5 ("hugetlbfs: add hugetlbfs_fallocate()") Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: Hugh Dickins <hughd(a)google.com> Cc: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)linux.vnet.ibm.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: "Kirill A . Shutemov" <kirill.shutemov(a)linux.intel.com> Cc: Davidlohr Bueso <dave(a)stgolabs.net> Cc: Alexander Viro <viro(a)zeniv.linux.org.uk> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- --- a/fs/drop_caches.c~hugetlbfs-dirty-pages-as-they-are-added-to-pagecache +++ a/fs/drop_caches.c @@ -9,6 +9,7 @@ #include <linux/writeback.h> #include <linux/sysctl.h> #include <linux/gfp.h> +#include <linux/magic.h> #include "internal.h" /* A global variable is a bit ugly, but it keeps the code simple */ @@ -18,6 +19,12 @@ static void drop_pagecache_sb(struct sup { struct inode *inode, *toput_inode = NULL; + /* + * It makes no sense to try and drop hugetlbfs page cache pages. + */ + if (sb->s_magic == HUGETLBFS_MAGIC) + return; + spin_lock(&sb->s_inode_list_lock); list_for_each_entry(inode, &sb->s_inodes, i_sb_list) { spin_lock(&inode->i_lock); --- a/mm/hugetlb.c~hugetlbfs-dirty-pages-as-they-are-added-to-pagecache +++ a/mm/hugetlb.c @@ -3690,6 +3690,12 @@ int huge_add_to_page_cache(struct page * return err; ClearPagePrivate(page); + /* + * set page dirty so that it will not be removed from cache/file + * by non-hugetlbfs specific code paths. + */ + set_page_dirty(page); + spin_lock(&inode->i_lock); inode->i_blocks += blocks_per_huge_page(h); spin_unlock(&inode->i_lock); _ Patches currently in -mm which might be from mike.kravetz(a)oracle.com are hugetlbfs-dirty-pages-as-they-are-added-to-pagecache.patch

7 years

1
0
0 0

Re: Patch "RISC-V: include linux/ftrace.h in asm-prototypes.h" has been added to the 4.4-stable tree

by Palmer Dabbelt

On Thu, 18 Oct 2018 11:23:12 PDT (-0700), merker(a)debian.org wrote: > On Thu, Oct 18, 2018 at 11:13:02AM +0200, gregkh(a)linuxfoundation.org wrote: >> >> This is a note to let you know that I've just added the patch titled >> >> RISC-V: include linux/ftrace.h in asm-prototypes.h >> >> to the 4.4-stable tree which can be found at: >> http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… >> >> The filename of the patch is: >> risc-v-include-linux-ftrace.h-in-asm-prototypes.h.patch >> and it can be found in the queue-4.4 subdirectory. >> >> If you, or anyone else, feels it should not be added to the stable tree, >> please let <stable(a)vger.kernel.org> know about it. > [...] >> From: James Cowgill <jcowgill(a)debian.org> >> Date: Thu, 6 Sep 2018 22:57:56 +0100 >> Subject: RISC-V: include linux/ftrace.h in asm-prototypes.h >> >> From: James Cowgill <jcowgill(a)debian.org> >> >> [ Upstream commit 57a489786de9ec37d6e25ef1305dc337047f0236 ] > > I guess it doesn't make much sense to add this patch to the 4.4 > and 3.18 stable trees. The patch creates an arch-specific header > (arch/riscv/include/asm/asm-prototypes.h), but the first mainline > kernel with support for the RISC-V architecture has been kernel > 4.15. I agree.

7 years

1
0
0 0

[4.4.y v2] ext4: avoid running out of journal credits when appending to an inline file

by Chenbo Feng

From: Theodore Ts'o <tytso(a)mit.edu> commit 8bc1379b82b8e809eef77a9fedbb75c6c297be19 upstream. Use a separate journal transaction if it turns out that we need to convert an inline file to use an data block. Otherwise we could end up failing due to not having journal credits. This addresses CVE-2018-10883. https://bugzilla.kernel.org/show_bug.cgi?id=200071 Change-Id: Ifbe92e379f7a25fb252a2584356ccb91f902ea8f Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)kernel.org [fengc(a)google.com: 4.4 and 4.9 backport: adjust context] Signed-off-by: Chenbo Feng <fengc(a)google.com> --- fs/ext4/ext4.h | 3 --- fs/ext4/inline.c | 38 +------------------------------------- fs/ext4/xattr.c | 18 ++---------------- 3 files changed, 3 insertions(+), 56 deletions(-) diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index f5d9f82b173a..b6e25d771eea 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -3039,9 +3039,6 @@ extern struct buffer_head *ext4_get_first_inline_block(struct inode *inode, extern int ext4_inline_data_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo, int *has_inline, __u64 start, __u64 len); -extern int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed); extern void ext4_inline_data_truncate(struct inode *inode, int *has_inline); extern int ext4_convert_inline_data(struct inode *inode); diff --git a/fs/ext4/inline.c b/fs/ext4/inline.c index 1e7a9774119c..5ead3b0f3d34 100644 --- a/fs/ext4/inline.c +++ b/fs/ext4/inline.c @@ -888,11 +888,11 @@ retry_journal: flags |= AOP_FLAG_NOFS; if (ret == -ENOSPC) { + ext4_journal_stop(handle); ret = ext4_da_convert_inline_data_to_extent(mapping, inode, flags, fsdata); - ext4_journal_stop(handle); if (ret == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) goto retry_journal; @@ -1867,42 +1867,6 @@ out: return (error < 0 ? error : 0); } -/* - * Called during xattr set, and if we can sparse space 'needed', - * just create the extent tree evict the data to the outer block. - * - * We use jbd2 instead of page cache to move data to the 1st block - * so that the whole transaction can be committed as a whole and - * the data isn't lost because of the delayed page cache write. - */ -int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed) -{ - int error; - struct ext4_xattr_entry *entry; - struct ext4_inode *raw_inode; - struct ext4_iloc iloc; - - error = ext4_get_inode_loc(inode, &iloc); - if (error) - return error; - - raw_inode = ext4_raw_inode(&iloc); - entry = (struct ext4_xattr_entry *)((void *)raw_inode + - EXT4_I(inode)->i_inline_off); - if (EXT4_XATTR_LEN(entry->e_name_len) + - EXT4_XATTR_SIZE(le32_to_cpu(entry->e_value_size)) < needed) { - error = -ENOSPC; - goto out; - } - - error = ext4_convert_inline_data_nolock(handle, inode, &iloc); -out: - brelse(iloc.bh); - return error; -} - void ext4_inline_data_truncate(struct inode *inode, int *has_inline) { handle_t *handle; diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index b51bb73b06a6..b555b5ee0839 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -1038,22 +1038,8 @@ int ext4_xattr_ibody_inline_set(handle_t *handle, struct inode *inode, if (EXT4_I(inode)->i_extra_isize == 0) return -ENOSPC; error = ext4_xattr_set_entry(i, s); - if (error) { - if (error == -ENOSPC && - ext4_has_inline_data(inode)) { - error = ext4_try_to_evict_inline_data(handle, inode, - EXT4_XATTR_LEN(strlen(i->name) + - EXT4_XATTR_SIZE(i->value_len))); - if (error) - return error; - error = ext4_xattr_ibody_find(inode, i, is); - if (error) - return error; - error = ext4_xattr_set_entry(i, s); - } - if (error) - return error; - } + if (error) + return error; header = IHDR(inode, ext4_raw_inode(&is->iloc)); if (!IS_LAST_ENTRY(s->first)) { header->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC); -- 2.19.0.605.g01d371f741-goog

7 years

2
5
0 0

[PATCH 0/4] [for linux-4.4.y only] Hyper-V: backport 4 KVP fixes

by Dexuan Cui

Recently Wang Jian reported some KVP issues on the v4.4 kernel: https://github.com/LIS/lis-next/issues/593: e.g. the /var/lib/hyperv/.kvp_pool_* files can not be updated, and sometimes if the hv_kvp_daemon doesn't timely start, the host may not be able to query the VM's IP address via KVP. I identified these 4 mainline patches to fix the issues. The patches can be applied cleanly to the latest 4.4.y branch (currently it's v4.4.161). The first 3 are simply cherry-picked from the mainline, and the 4th has to be reworked for the v4.4 kernel. Wang Jian tested the 4 patches, and the issues can be fixed. I also did some tests and found no regression. Thanks! -- Dexuan K. Y. Srinivasan (2): Drivers: hv: utils: Invoke the poll function after handshake Drivers: hv: util: Pass the channel information during the init call Long Li (1): -- Reworked by Dexuan HV: properly delay KVP packets when negotiation is in progress Vitaly Kuznetsov (1): Drivers: hv: kvp: fix IP Failover drivers/hv/hv_fcopy.c | 2 +- drivers/hv/hv_kvp.c | 40 +++++++++++++++++++++++++++++++++++++--- drivers/hv/hv_snapshot.c | 4 ++-- drivers/hv/hv_util.c | 1 + drivers/hv/hyperv_vmbus.h | 5 +++++ include/linux/hyperv.h | 1 + 6 files changed, 47 insertions(+), 6 deletions(-) -- 2.7.4

7 years

2
2
0 0

[PATCH 4/4] [for linux-4.4.y only] HV: properly delay KVP packets when negotiation is in progress

by Dexuan Cui

The host may send multiple negotiation packets (due to timeout) before the KVP user-mode daemon is connected. KVP user-mode daemon is connected. We need to defer processing those packets until the daemon is negotiated and connected. It's okay for guest to respond to all negotiation packets. In addition, the host may send multiple staged KVP requests as soon as negotiation is done. We need to properly process those packets using one tasklet for exclusive access to ring buffer. This patch is based on the work of Nick Meier <Nick.Meier(a)microsoft.com>. Signed-off-by: Long Li <longli(a)microsoft.com> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> The above is the original changelog of a3ade8cc474d ("HV: properly delay KVP packets when negotiation is in progress" Here I re-worked the original patch because the mainline version can't work for the linux-4.4.y branch, on which channel->callback_event doesn't exist yet. In the mainline, channel->callback_event was added by: 631e63a9f346 ("vmbus: change to per channel tasklet"). Here we don't want to backport it to v4.4, as it requires extra supporting changes and fixes, which are unnecessary as to the KVP bug we're trying to resolve. NOTE: before this patch is used, we should cherry-pick the other related 3 patches from the mainline first: The background of this backport request is that: recently Wang Jian reported some KVP issues: https://github.com/LIS/lis-next/issues/593: e.g. the /var/lib/hyperv/.kvp_pool_* files can not be updated, and sometimes if the hv_kvp_daemon doesn't timely start, the host may not be able to query the VM's IP address via KVP. Reported-by: Wang Jian <jianjian.wang1(a)gmail.com> Tested-by: Wang Jian <jianjian.wang1(a)gmail.com> Signed-off-by: Dexuan Cui <decui(a)microsoft.com> --- This is re-worked by me from the mainline: a3ade8cc474d ("HV: properly delay KVP packets when negotiation is in progress" I added my Signed-off-by as I identified and tested the patches. If this is unnecessary, please feel free to remove it. drivers/hv/hv_kvp.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/drivers/hv/hv_kvp.c b/drivers/hv/hv_kvp.c index ff0a426..1771a96 100644 --- a/drivers/hv/hv_kvp.c +++ b/drivers/hv/hv_kvp.c @@ -612,21 +612,22 @@ void hv_kvp_onchannelcallback(void *context) NEGO_IN_PROGRESS, NEGO_FINISHED} host_negotiatied = NEGO_NOT_STARTED; - if (host_negotiatied == NEGO_NOT_STARTED && - kvp_transaction.state < HVUTIL_READY) { + if (kvp_transaction.state < HVUTIL_READY) { /* * If userspace daemon is not connected and host is asking * us to negotiate we need to delay to not lose messages. * This is important for Failover IP setting. */ - host_negotiatied = NEGO_IN_PROGRESS; - schedule_delayed_work(&kvp_host_handshake_work, + if (host_negotiatied == NEGO_NOT_STARTED) { + host_negotiatied = NEGO_IN_PROGRESS; + schedule_delayed_work(&kvp_host_handshake_work, HV_UTIL_NEGO_TIMEOUT * HZ); + } return; } if (kvp_transaction.state > HVUTIL_READY) return; - +recheck: vmbus_recvpacket(channel, recv_buffer, PAGE_SIZE * 4, &recvlen, &requestid); @@ -703,6 +704,8 @@ void hv_kvp_onchannelcallback(void *context) VM_PKT_DATA_INBAND, 0); host_negotiatied = NEGO_FINISHED; + + goto recheck; } } -- 2.7.4

7 years

2
2
0 0

[4.9.y v3] ext4: avoid running out of journal credits when appending to an inline file

by Chenbo Feng

From: Theodore Ts'o <tytso(a)mit.edu> commit 8bc1379b82b8e809eef77a9fedbb75c6c297be19 upstream. Use a separate journal transaction if it turns out that we need to convert an inline file to use an data block. Otherwise we could end up failing due to not having journal credits. This addresses CVE-2018-10883. https://bugzilla.kernel.org/show_bug.cgi?id=200071 Change-Id: Ifbe92e379f7a25fb252a2584356ccb91f902ea8f Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)kernel.org [fengc(a)google.com: 4.4 and 4.9 backport: adjust context] Signed-off-by: Chenbo Feng <fengc(a)google.com> --- fs/ext4/ext4.h | 3 --- fs/ext4/inline.c | 38 +------------------------------------- fs/ext4/xattr.c | 18 ++---------------- 3 files changed, 3 insertions(+), 56 deletions(-) diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index 43e27d8ec770..567a6c7af677 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -3038,9 +3038,6 @@ extern struct buffer_head *ext4_get_first_inline_block(struct inode *inode, extern int ext4_inline_data_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo, int *has_inline, __u64 start, __u64 len); -extern int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed); extern void ext4_inline_data_truncate(struct inode *inode, int *has_inline); extern int ext4_convert_inline_data(struct inode *inode); diff --git a/fs/ext4/inline.c b/fs/ext4/inline.c index 211539a7adfc..6779a9f1de3b 100644 --- a/fs/ext4/inline.c +++ b/fs/ext4/inline.c @@ -889,11 +889,11 @@ int ext4_da_write_inline_data_begin(struct address_space *mapping, flags |= AOP_FLAG_NOFS; if (ret == -ENOSPC) { + ext4_journal_stop(handle); ret = ext4_da_convert_inline_data_to_extent(mapping, inode, flags, fsdata); - ext4_journal_stop(handle); if (ret == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) goto retry_journal; @@ -1865,42 +1865,6 @@ int ext4_inline_data_fiemap(struct inode *inode, return (error < 0 ? error : 0); } -/* - * Called during xattr set, and if we can sparse space 'needed', - * just create the extent tree evict the data to the outer block. - * - * We use jbd2 instead of page cache to move data to the 1st block - * so that the whole transaction can be committed as a whole and - * the data isn't lost because of the delayed page cache write. - */ -int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed) -{ - int error; - struct ext4_xattr_entry *entry; - struct ext4_inode *raw_inode; - struct ext4_iloc iloc; - - error = ext4_get_inode_loc(inode, &iloc); - if (error) - return error; - - raw_inode = ext4_raw_inode(&iloc); - entry = (struct ext4_xattr_entry *)((void *)raw_inode + - EXT4_I(inode)->i_inline_off); - if (EXT4_XATTR_LEN(entry->e_name_len) + - EXT4_XATTR_SIZE(le32_to_cpu(entry->e_value_size)) < needed) { - error = -ENOSPC; - goto out; - } - - error = ext4_convert_inline_data_nolock(handle, inode, &iloc); -out: - brelse(iloc.bh); - return error; -} - void ext4_inline_data_truncate(struct inode *inode, int *has_inline) { handle_t *handle; diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index c10180d0b018..d6d59b92da6d 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -1086,22 +1086,8 @@ int ext4_xattr_ibody_inline_set(handle_t *handle, struct inode *inode, if (EXT4_I(inode)->i_extra_isize == 0) return -ENOSPC; error = ext4_xattr_set_entry(i, s, inode); - if (error) { - if (error == -ENOSPC && - ext4_has_inline_data(inode)) { - error = ext4_try_to_evict_inline_data(handle, inode, - EXT4_XATTR_LEN(strlen(i->name) + - EXT4_XATTR_SIZE(i->value_len))); - if (error) - return error; - error = ext4_xattr_ibody_find(inode, i, is); - if (error) - return error; - error = ext4_xattr_set_entry(i, s, inode); - } - if (error) - return error; - } + if (error) + return error; header = IHDR(inode, ext4_raw_inode(&is->iloc)); if (!IS_LAST_ENTRY(s->first)) { header->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC); -- 2.19.1.331.ge82ca0e54c-goog

7 years

2
1
0 0

[PATCH 4.9 v2 0/4] Fix softirq time accounting issues on 4.9

by Ivan Delalande

Hi Greg, This series fixes issues we've seen with softirq time accounting in 4.9: - when ksoftirqd is running at 100% on a CPU, none of the values reported by /proc/stat for that CPU will change, sometimes for dozens of seconds, - large deviations in the total number of ticks accumulated over a fixed time for a CPU, probably because of the first issue hitting for shorter periods. We found out that something pretty similar had been reported 9 months ago, see the reference link below. In that discussion, Rabin Vincent had made a 4.9 specific patch which fixes our first issue, but we were still seeing some deviation from the total number of ticks (up to 1.7% from expected, where we had only 0.2% on older kernels), and you had also asked for a direct backport from the mainline series, if possible. As mentioned in that thread, a lot of changes (probably 50+) went into 4.11 to remove cputime, but we could get something working with only the 4 attached patches to fix these two issues. Three of these patches apply without change, and the second one in the series ("sched/cputime: Convert kcpustat to nsecs") needed a minor change as a cast had been added in 527b0a76f41d ("sched/cpuacct: Avoid %lld seq_printf warning") to fix a build warning on s390. I guess we could also include that patch in this series, let me know if this is the preferred way to handle this. We ran our tests on 3.18, 4.4 and 4.9 and confirmed that only 4.9 would need this series, and that this series indeed restores the behavior we were seeing on those older kernels. Thanks! Reference: http://lkml.kernel.org/r/%3C1513159876-5125-1-git-send-email-rabin.vincent@… v2: - drop "time: Introduce jiffies64_to_nsecs()" as it has already been merged into v4.9.132, - include backport of commit 564b733c899f ("macintosh/rack-meter: Convert cputime64_t use to u64") to avoid introducing a build failure on powerpc. Frederic Weisbecker (4): sched/cputime: Convert kcpustat to nsecs macintosh/rack-meter: Convert cputime64_t use to u64 sched/cputime: Increment kcpustat directly on irqtime account sched/cputime: Fix ksoftirqd cputime accounting regression arch/s390/appldata/appldata_os.c | 16 +++---- drivers/cpufreq/cpufreq.c | 6 +-- drivers/cpufreq/cpufreq_governor.c | 2 +- drivers/cpufreq/cpufreq_stats.c | 1 - drivers/macintosh/rack-meter.c | 28 +++++------ fs/proc/stat.c | 68 +++++++++++++-------------- fs/proc/uptime.c | 7 +-- kernel/sched/cpuacct.c | 2 +- kernel/sched/cputime.c | 75 +++++++++++++----------------- kernel/sched/sched.h | 12 +++-- 10 files changed, 104 insertions(+), 113 deletions(-) -- 2.19.1

7 years

2
5
0 0

request for 4.14-stable: 2b16fd63059a ("i2c: rcar: handle RXDMA HW behaviour on Gen3")

by Sudip Mukherjee

Hi Greg, This was missing in 4.14-stable. Please apply to your queue. -- Regards Sudip

7 years

2
1
0 0

request for 4.14-stable: 0ca9488193e6 ("drm/i915/glk: Add Quirk for GLK NUC HDMI port issues.")

by Sudip Mukherjee

Hi Greg, This was missing in 4.14-stable. Please apply to your queue. -- Regards Sudip

7 years

2
1
0 0

request for 4.14-stable: 15d36fecd0bd ("mm: disallow mappings that conflict for devm_memremap_pages()")

by Sudip Mukherjee

Hi Greg, This was missing in 4.14-stable. Please apply to your queue. -- Regards Sudip

7 years

2
1
0 0

request for 4.14-stable: 2f7caf6b0214 ("staging: ccree: check DMA pool buf !NULL before free")

by Sudip Mukherjee

Hi Greg, This was missing in 4.14-stable. Please apply to your queue. -- Regards Sudip

7 years

2
1
0 0

FAILED: patch "[PATCH] drm/i915: Nuke the LVDS lid notifier" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 05c72e77ccda89ff624108b1b59a0fc43843f343 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ville=20Syrj=C3=A4l=C3=A4?= <ville.syrjala(a)linux.intel.com> Date: Tue, 17 Jul 2018 20:42:14 +0300 Subject: [PATCH] drm/i915: Nuke the LVDS lid notifier MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We broke the LVDS notifier resume thing in (presumably) commit e2c8b8701e2d ("drm/i915: Use atomic helpers for suspend, v2.") as we no longer duplicate the current state in the LVDS notifier and thus we never resume it properly either. Instead of trying to fix it again let's just kill off the lid notifier entirely. None of the machines tested thus far have apparently needed it. Originally the lid notifier was added to work around cases where the VBIOS was clobbering some of the hardware state behind the driver's back, mostly on Thinkpads. We now have a few report of Thinkpads working just fine without the notifier. So maybe it was misdiagnosed originally, or something else has changed (ACPI video stuff perhaps?). If we do end up finding a machine where the VBIOS is still causing problems I would suggest that we first try setting various bits in the VBIOS scratch registers. There are several to choose from that may instruct the VBIOS to steer clear. With the notifier gone we'll also stop looking at the panel status in ->detect(). v2: Nuke enum modeset_restore (Rodrigo) Cc: stable(a)vger.kernel.org Cc: Wolfgang Draxinger <wdraxinger.maillist(a)draxit.de> Cc: Vito Caputo <vcaputo(a)pengaru.com> Cc: kitsunyan <kitsunyan(a)airmail.cc> Cc: Joonas Saarinen <jza(a)saunalahti.fi> Tested-by: Vito Caputo <vcaputo(a)pengaru.com> # Thinkapd X61s Tested-by: kitsunyan <kitsunyan(a)airmail.cc> # ThinkPad X200 Tested-by: Joonas Saarinen <jza(a)saunalahti.fi> # Fujitsu Siemens U9210 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=105902 References: https://lists.freedesktop.org/archives/intel-gfx/2018-June/169315.html References: https://bugs.freedesktop.org/show_bug.cgi?id=21230 Fixes: e2c8b8701e2d ("drm/i915: Use atomic helpers for suspend, v2.") Signed-off-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180717174216.22252-1-ville.… Reviewed-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> diff --git a/drivers/gpu/drm/i915/i915_drv.c b/drivers/gpu/drm/i915/i915_drv.c index 337b1aad5212..343e79a44abd 100644 --- a/drivers/gpu/drm/i915/i915_drv.c +++ b/drivers/gpu/drm/i915/i915_drv.c @@ -900,7 +900,6 @@ static int i915_driver_init_early(struct drm_i915_private *dev_priv, spin_lock_init(&dev_priv->uncore.lock); mutex_init(&dev_priv->sb_lock); - mutex_init(&dev_priv->modeset_restore_lock); mutex_init(&dev_priv->av_mutex); mutex_init(&dev_priv->wm.wm_mutex); mutex_init(&dev_priv->pps_mutex); @@ -1570,11 +1569,6 @@ static int i915_drm_suspend(struct drm_device *dev) struct pci_dev *pdev = dev_priv->drm.pdev; pci_power_t opregion_target_state; - /* ignore lid events during suspend */ - mutex_lock(&dev_priv->modeset_restore_lock); - dev_priv->modeset_restore = MODESET_SUSPENDED; - mutex_unlock(&dev_priv->modeset_restore_lock); - disable_rpm_wakeref_asserts(dev_priv); /* We do a lot of poking in a lot of registers, make sure they work @@ -1770,10 +1764,6 @@ static int i915_drm_resume(struct drm_device *dev) intel_fbdev_set_suspend(dev, FBINFO_STATE_RUNNING, false); - mutex_lock(&dev_priv->modeset_restore_lock); - dev_priv->modeset_restore = MODESET_DONE; - mutex_unlock(&dev_priv->modeset_restore_lock); - intel_opregion_notify_adapter(dev_priv, PCI_D0); enable_rpm_wakeref_asserts(dev_priv); diff --git a/drivers/gpu/drm/i915/i915_drv.h b/drivers/gpu/drm/i915/i915_drv.h index 08d4303abb14..995656f51b57 100644 --- a/drivers/gpu/drm/i915/i915_drv.h +++ b/drivers/gpu/drm/i915/i915_drv.h @@ -1002,12 +1002,6 @@ struct i915_gem_mm { #define I915_ENGINE_WEDGED_TIMEOUT (60 * HZ) /* Reset but no recovery? */ -enum modeset_restore { - MODESET_ON_LID_OPEN, - MODESET_DONE, - MODESET_SUSPENDED, -}; - #define DP_AUX_A 0x40 #define DP_AUX_B 0x10 #define DP_AUX_C 0x20 @@ -1730,8 +1724,6 @@ struct drm_i915_private { unsigned long quirks; - enum modeset_restore modeset_restore; - struct mutex modeset_restore_lock; struct drm_atomic_state *modeset_restore_state; struct drm_modeset_acquire_ctx reset_ctx; diff --git a/drivers/gpu/drm/i915/intel_lvds.c b/drivers/gpu/drm/i915/intel_lvds.c index bb06744d28a4..a35404119257 100644 --- a/drivers/gpu/drm/i915/intel_lvds.c +++ b/drivers/gpu/drm/i915/intel_lvds.c @@ -44,8 +44,6 @@ /* Private structure for the integrated LVDS support */ struct intel_lvds_connector { struct intel_connector base; - - struct notifier_block lid_notifier; }; struct intel_lvds_pps { @@ -452,26 +450,9 @@ static bool intel_lvds_compute_config(struct intel_encoder *intel_encoder, return true; } -/* - * Detect the LVDS connection. - * - * Since LVDS doesn't have hotlug, we use the lid as a proxy. Open means - * connected and closed means disconnected. We also send hotplug events as - * needed, using lid status notification from the input layer. - */ static enum drm_connector_status intel_lvds_detect(struct drm_connector *connector, bool force) { - struct drm_i915_private *dev_priv = to_i915(connector->dev); - enum drm_connector_status status; - - DRM_DEBUG_KMS("[CONNECTOR:%d:%s]\n", - connector->base.id, connector->name); - - status = intel_panel_detect(dev_priv); - if (status != connector_status_unknown) - return status; - return connector_status_connected; } @@ -496,117 +477,6 @@ static int intel_lvds_get_modes(struct drm_connector *connector) return 1; } -static int intel_no_modeset_on_lid_dmi_callback(const struct dmi_system_id *id) -{ - DRM_INFO("Skipping forced modeset for %s\n", id->ident); - return 1; -} - -/* The GPU hangs up on these systems if modeset is performed on LID open */ -static const struct dmi_system_id intel_no_modeset_on_lid[] = { - { - .callback = intel_no_modeset_on_lid_dmi_callback, - .ident = "Toshiba Tecra A11", - .matches = { - DMI_MATCH(DMI_SYS_VENDOR, "TOSHIBA"), - DMI_MATCH(DMI_PRODUCT_NAME, "TECRA A11"), - }, - }, - - { } /* terminating entry */ -}; - -/* - * Lid events. Note the use of 'modeset': - * - we set it to MODESET_ON_LID_OPEN on lid close, - * and set it to MODESET_DONE on open - * - we use it as a "only once" bit (ie we ignore - * duplicate events where it was already properly set) - * - the suspend/resume paths will set it to - * MODESET_SUSPENDED and ignore the lid open event, - * because they restore the mode ("lid open"). - */ -static int intel_lid_notify(struct notifier_block *nb, unsigned long val, - void *unused) -{ - struct intel_lvds_connector *lvds_connector = - container_of(nb, struct intel_lvds_connector, lid_notifier); - struct drm_connector *connector = &lvds_connector->base.base; - struct drm_device *dev = connector->dev; - struct drm_i915_private *dev_priv = to_i915(dev); - - if (dev->switch_power_state != DRM_SWITCH_POWER_ON) - return NOTIFY_OK; - - mutex_lock(&dev_priv->modeset_restore_lock); - if (dev_priv->modeset_restore == MODESET_SUSPENDED) - goto exit; - /* - * check and update the status of LVDS connector after receiving - * the LID nofication event. - */ - connector->status = connector->funcs->detect(connector, false); - - /* Don't force modeset on machines where it causes a GPU lockup */ - if (dmi_check_system(intel_no_modeset_on_lid)) - goto exit; - if (!acpi_lid_open()) { - /* do modeset on next lid open event */ - dev_priv->modeset_restore = MODESET_ON_LID_OPEN; - goto exit; - } - - if (dev_priv->modeset_restore == MODESET_DONE) - goto exit; - - /* - * Some old platform's BIOS love to wreak havoc while the lid is closed. - * We try to detect this here and undo any damage. The split for PCH - * platforms is rather conservative and a bit arbitrary expect that on - * those platforms VGA disabling requires actual legacy VGA I/O access, - * and as part of the cleanup in the hw state restore we also redisable - * the vga plane. - */ - if (!HAS_PCH_SPLIT(dev_priv)) - intel_display_resume(dev); - - dev_priv->modeset_restore = MODESET_DONE; - -exit: - mutex_unlock(&dev_priv->modeset_restore_lock); - return NOTIFY_OK; -} - -static int -intel_lvds_connector_register(struct drm_connector *connector) -{ - struct intel_lvds_connector *lvds = to_lvds_connector(connector); - int ret; - - ret = intel_connector_register(connector); - if (ret) - return ret; - - lvds->lid_notifier.notifier_call = intel_lid_notify; - if (acpi_lid_notifier_register(&lvds->lid_notifier)) { - DRM_DEBUG_KMS("lid notifier registration failed\n"); - lvds->lid_notifier.notifier_call = NULL; - } - - return 0; -} - -static void -intel_lvds_connector_unregister(struct drm_connector *connector) -{ - struct intel_lvds_connector *lvds = to_lvds_connector(connector); - - if (lvds->lid_notifier.notifier_call) - acpi_lid_notifier_unregister(&lvds->lid_notifier); - - intel_connector_unregister(connector); -} - /** * intel_lvds_destroy - unregister and free LVDS structures * @connector: connector to free @@ -639,8 +509,8 @@ static const struct drm_connector_funcs intel_lvds_connector_funcs = { .fill_modes = drm_helper_probe_single_connector_modes, .atomic_get_property = intel_digital_connector_atomic_get_property, .atomic_set_property = intel_digital_connector_atomic_set_property, - .late_register = intel_lvds_connector_register, - .early_unregister = intel_lvds_connector_unregister, + .late_register = intel_connector_register, + .early_unregister = intel_connector_unregister, .destroy = intel_lvds_destroy, .atomic_destroy_state = drm_atomic_helper_connector_destroy_state, .atomic_duplicate_state = intel_digital_connector_duplicate_state, @@ -1114,8 +984,6 @@ void intel_lvds_init(struct drm_i915_private *dev_priv) * 2) check for VBT data * 3) check to see if LVDS is already on * if none of the above, no panel - * 4) make sure lid is open - * if closed, act like it's not there for now */ /*

7 years

3
2
0 0

patch "usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten" added to usb-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the usb-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 55a9300cea58007741f7d6b4b132e37d84a4329e Mon Sep 17 00:00:00 2001 From: "Shuah Khan (Samsung OSG)" <shuah(a)kernel.org> Date: Thu, 18 Oct 2018 10:19:29 -0600 Subject: usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten In rmmod path, usbip_vudc does platform_device_put() twice once from platform_device_unregister() and then from put_vudc_device(). The second put results in: BUG kmalloc-2048 (Not tainted): Poison overwritten error or BUG: KASAN: use-after-free in kobject_put+0x1e/0x230 if KASAN is enabled. [ 169.042156] calling init+0x0/0x1000 [usbip_vudc] @ 1697 [ 169.042396] ============================================================================= [ 169.043678] probe of usbip-vudc.0 returned 1 after 350 usecs [ 169.044508] BUG kmalloc-2048 (Not tainted): Poison overwritten [ 169.044509] ----------------------------------------------------------------------------- ... [ 169.057849] INFO: Freed in device_release+0x2b/0x80 age=4223 cpu=3 pid=1693 [ 169.057852] kobject_put+0x86/0x1b0 [ 169.057853] 0xffffffffc0c30a96 [ 169.057855] __x64_sys_delete_module+0x157/0x240 Fix it to call platform_device_del() instead and let put_vudc_device() do the platform_device_put(). Reported-by: Randy Dunlap <rdunlap(a)infradead.org> Signed-off-by: Shuah Khan (Samsung OSG) <shuah(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/usbip/vudc_main.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/drivers/usb/usbip/vudc_main.c b/drivers/usb/usbip/vudc_main.c index 3fc22037a82f..390733e6937e 100644 --- a/drivers/usb/usbip/vudc_main.c +++ b/drivers/usb/usbip/vudc_main.c @@ -73,6 +73,10 @@ static int __init init(void) cleanup: list_for_each_entry_safe(udc_dev, udc_dev2, &vudc_devices, dev_entry) { list_del(&udc_dev->dev_entry); + /* + * Just do platform_device_del() here, put_vudc_device() + * calls the platform_device_put() + */ platform_device_del(udc_dev->pdev); put_vudc_device(udc_dev); } @@ -89,7 +93,11 @@ static void __exit cleanup(void) list_for_each_entry_safe(udc_dev, udc_dev2, &vudc_devices, dev_entry) { list_del(&udc_dev->dev_entry); - platform_device_unregister(udc_dev->pdev); + /* + * Just do platform_device_del() here, put_vudc_device() + * calls the platform_device_put() + */ + platform_device_del(udc_dev->pdev); put_vudc_device(udc_dev); } platform_driver_unregister(&vudc_driver); -- 2.19.1

7 years

1
0
0 0

[PATCH v3 00/30] backport of IP fragmentation fixes

by Stephen Hemminger

Took the set of patches from 4.19 to handle IP fragmentation DoS and applied them against 4.14.69. Most of these are from Eric. In a couple case, it required some manual merge conflict resolution. Tested normal IP fragmentation with iperf3 and malicious IP fragments with fragmentsmack. Under fragmentation attack (700Kpps) the original 4.14.69 consumes 97% CPU; with this patch it drops to 5%. v3 - send to wider audience v2 - added patch from 4.19 linux-next to fix ip fragmentation crash Dan Carpenter (1): ipv4: frags: precedence bug in ip_expire() Eric Dumazet (22): inet: frags: change inet_frags_init_net() return value inet: frags: add a pointer to struct netns_frags inet: frags: refactor ipfrag_init() inet: frags: refactor ipv6_frag_init() inet: frags: refactor lowpan_net_frag_init() ipv6: export ip6 fragments sysctl to unprivileged users rhashtable: add schedule points inet: frags: use rhashtables for reassembly units inet: frags: remove some helpers inet: frags: get rif of inet_frag_evicting() inet: frags: remove inet_frag_maybe_warn_overflow() inet: frags: break the 2GB limit for frags storage inet: frags: do not clone skb in ip_expire() ipv6: frags: rewrite ip6_expire_frag_queue() rhashtable: reorganize struct rhashtable layout inet: frags: reorganize struct netns_frags inet: frags: get rid of ipfrag_skb_cb/FRAG_CB inet: frags: fix ip6frag_low_thresh boundary net: speed up skb_rbtree_purge() net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends net: add rb_to_skb() and other rb tree helpers net: sk_buff rbnode reorg Florian Westphal (1): ipv6: defrag: drop non-last frags smaller than min mtu Kees Cook (1): inet: frags: Convert timers to use timer_setup() Peter Oskolkov (4): ip: discard IPv4 datagrams with overlapping segments. net: modify skb_rbtree_purge to return the truesize of all purged skbs. ip: add helpers to process in-order fragments faster. ip: process in-order fragments efficiently Taehee Yoo (1): ip: frags: fix crash in ip_do_fragment() Documentation/networking/ip-sysctl.txt | 13 +- include/linux/rhashtable.h | 8 +- include/linux/skbuff.h | 50 +- include/net/inet_frag.h | 135 +++--- include/net/ip.h | 1 - include/net/ipv6.h | 26 +- include/uapi/linux/snmp.h | 1 + lib/rhashtable.c | 2 + net/core/skbuff.c | 31 +- net/ieee802154/6lowpan/6lowpan_i.h | 26 +- net/ieee802154/6lowpan/reassembly.c | 153 ++++--- net/ipv4/inet_fragment.c | 378 ++++------------ net/ipv4/ip_fragment.c | 578 +++++++++++++----------- net/ipv4/proc.c | 7 +- net/ipv4/tcp_fastopen.c | 8 +- net/ipv4/tcp_input.c | 33 +- net/ipv6/netfilter/nf_conntrack_reasm.c | 105 ++--- net/ipv6/proc.c | 5 +- net/ipv6/reassembly.c | 217 ++++----- net/sched/sch_netem.c | 14 +- 20 files changed, 802 insertions(+), 989 deletions(-) -- 2.18.0

7 years

3
32
0 0

[GIT PULL] commits for Linux 4.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit e7d199e92956587695510d147c8de795f944cec9: Linux 4.18.14 (2018-10-13 09:33:17 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.18-16102018 for you to fetch changes up to c8e6deb507081660532500fb97cf8901a582d8f5: x86/boot: Fix kexec booting failure in the SEV bit detection code (2018-10-15 18:01:55 -0400) - ---------------------------------------------------------------- for-greg-4.18-16102018 - ---------------------------------------------------------------- Alaa Hleihel (1): net/mlx5: Check for SQ and not RQ state when modifying hairpin SQ Alexander Shishkin (1): intel_th: pci: Add Ice Lake PCH support Alexandru Gheorghe (1): drm: mali-dp: Call drm_crtc_vblank_reset on device init Andreas Schwab (1): Input: atakbd - fix Atari keymap Antoine Tenart (2): net: mvpp2: fix a txq_done race condition net: mscc: fix the frame extraction into the skb Arindam Nath (1): iommu/amd: Return devid as alias for ACPI HID devices Christian Lamparter (1): net: emac: fix fixed-link setup for the RTL8363SB switch Daniel Kurtz (1): pinctrl/amd: poll InterruptEnable bits in amd_gpio_irq_set_type Davide Caratti (1): bnxt_en: don't try to offload VLAN 'modify' action Friedemann Gerold (1): net: aquantia: memory corruption on jumbo frames Heiko Stuebner (1): iommu/rockchip: Free irqs in shutdown handler James Cowgill (1): RISC-V: include linux/ftrace.h in asm-prototypes.h James Smart (1): scsi: lpfc: Synchronize access to remoteport via rport Jisheng Zhang (1): PCI: dwc: Fix scheduling while atomic issues Johannes Thumshirn (1): scsi: sd: don't crash the host on invalid commands John Fastabend (3): bpf: sockmap only allow ESTABLISHED sock state bpf: sockmap, fix transition through disconnect without close bpf: test_maps, only support ESTABLISHED socks Jose Abreu (2): net: stmmac: Rework coalesce timer and fix multi-queue races net: stmmac: Fixup the tail addr setting in xmit path Jozef Balga (1): media: af9035: prevent buffer overflow on write Kairui Song (1): x86/boot: Fix kexec booting failure in the SEV bit detection code Kazuya Mizuguchi (1): ravb: do not write 1 to reserved bits Keerthy (1): clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Laura Abbott (2): scsi: ibmvscsis: Fix a stringop-overflow warning scsi: ibmvscsis: Ensure partition name is properly NUL terminated Linus Walleij (1): spi: gpio: Fix copy-and-paste error Majd Dibbiny (1): RDMA/uverbs: Fix validity check for modify QP Marek Lindner (2): batman-adv: fix backbone_gw refcount on queue_work() failure batman-adv: fix hardif_neigh refcount on queue_work() failure Michael Neuling (2): powerpc/tm: Fix userspace r13 corruption powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Schmitz (1): Input: atakbd - fix Atari CapsLock behaviour Nathan Chancellor (1): net/mlx4: Use cpumask_available for eq->affinity_mask Russell King (1): sfp: fix oops with ethtool -m Sabrina Dubroca (1): selftests: pmtu: properly redirect stderr to /dev/null Sanyog Kale (1): soundwire: Fix acquiring bus lock twice during master release Selvin Xavier (1): RDMA/bnxt_re: Fix system crash during RDMA resource initialization Shreyas NC (2): soundwire: Fix duplicate stream state assignment soundwire: Fix incorrect exit after configuring stream Srikar Dronamraju (1): powerpc/numa: Use associativity if VPHN hcall is successful Steve Wise (1): cxgb4: fix abort_req_rss6 struct Sudarsana Reddy Kalluru (2): qed: Fix populating the invalid stag value in multi function mode. qed: Do not add VLAN 0 tag to untagged frames in multi-function mode. Sven Eckelmann (8): batman-adv: Avoid probe ELP information leak batman-adv: Fix segfault when writing to throughput_override batman-adv: Fix segfault when writing to sysfs elp_interval batman-adv: Prevent duplicated gateway_node entry batman-adv: Prevent duplicated nc_node entry batman-adv: Prevent duplicated softif_vlan entry batman-adv: Prevent duplicated global TT entry batman-adv: Prevent duplicated tvlv handler Tao Ren (1): clocksource/drivers/fttmr010: Fix set_next_event handler Ursula Braun (1): net/smc: fix non-blocking connect problem Wen Xiong (1): scsi: ipr: System hung while dlpar adding primary ipr adapter back YueHaibing (1): net/smc: fix sizeof to int comparison arch/powerpc/kernel/tm.S | 20 +- arch/powerpc/mm/numa.c | 4 +- arch/riscv/include/asm/asm-prototypes.h | 7 + arch/x86/boot/compressed/mem_encrypt.S | 19 -- drivers/clocksource/timer-fttmr010.c | 18 +- drivers/clocksource/timer-ti-32k.c | 3 + drivers/gpu/drm/arm/malidp_drv.c | 1 + drivers/hwtracing/intel_th/pci.c | 5 + drivers/infiniband/core/uverbs_cmd.c | 68 ++++-- drivers/infiniband/hw/bnxt_re/main.c | 93 ++++---- drivers/input/keyboard/atakbd.c | 74 +++---- drivers/iommu/amd_iommu.c | 6 + drivers/iommu/rockchip-iommu.c | 6 + drivers/media/usb/dvb-usb-v2/af9035.c | 6 +- drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 32 +-- drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 20 +- drivers/net/ethernet/chelsio/cxgb4/t4_msg.h | 1 - drivers/net/ethernet/ibm/emac/core.c | 15 +- drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c | 10 +- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 +- drivers/net/ethernet/mellanox/mlx5/core/transobj.c | 2 +- drivers/net/ethernet/mscc/ocelot_board.c | 12 +- drivers/net/ethernet/qlogic/qed/qed_dcbx.c | 9 +- drivers/net/ethernet/qlogic/qed/qed_dcbx.h | 1 + drivers/net/ethernet/qlogic/qed/qed_dev.c | 15 +- drivers/net/ethernet/qlogic/qed/qed_hsi.h | 4 + drivers/net/ethernet/renesas/ravb.h | 5 + drivers/net/ethernet/renesas/ravb_main.c | 11 +- drivers/net/ethernet/renesas/ravb_ptp.c | 2 +- drivers/net/ethernet/stmicro/stmmac/common.h | 4 +- drivers/net/ethernet/stmicro/stmmac/stmmac.h | 14 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 238 ++++++++++++--------- drivers/net/phy/sfp-bus.c | 4 +- drivers/pci/controller/dwc/pcie-designware.c | 8 +- drivers/pci/controller/dwc/pcie-designware.h | 3 +- drivers/pinctrl/pinctrl-amd.c | 33 ++- drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 5 +- drivers/scsi/ipr.c | 106 +++++---- drivers/scsi/ipr.h | 1 + drivers/scsi/lpfc/lpfc_attr.c | 15 +- drivers/scsi/lpfc/lpfc_debugfs.c | 10 +- drivers/scsi/lpfc/lpfc_nvme.c | 11 +- drivers/scsi/sd.c | 3 +- drivers/soundwire/stream.c | 23 +- drivers/spi/spi-gpio.c | 4 +- include/linux/stmmac.h | 1 + kernel/bpf/sockmap.c | 91 ++++++-- net/batman-adv/bat_v_elp.c | 10 +- net/batman-adv/bridge_loop_avoidance.c | 10 +- net/batman-adv/gateway_client.c | 11 +- net/batman-adv/network-coding.c | 27 +-- net/batman-adv/soft-interface.c | 25 ++- net/batman-adv/sysfs.c | 30 ++- net/batman-adv/translation-table.c | 6 +- net/batman-adv/tvlv.c | 8 +- net/smc/af_smc.c | 7 +- net/smc/smc_clc.c | 14 +- tools/testing/selftests/bpf/test_maps.c | 10 +- tools/testing/selftests/net/pmtu.sh | 4 +- 59 files changed, 738 insertions(+), 470 deletions(-) create mode 100644 arch/riscv/include/asm/asm-prototypes.h -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlvGFGoACgkQ3qZv95d3 LNxF8A/+KAEtzAlffVw0aUCqQa2Y87cjAQC9xXM6SkW27j8+trsBRoyZY+DmWPB3 Pud7sy55U5ETnmqfX1VHOs9S4KSICEiPrRkkfnE8BTq7N/hSOeNYTXeEwHppBVhZ pal4eWgjHdypbFCiJaiEbppH+14CgxYElfIPm0frPlsjfdPgTe5hS7j8/bRdtrxF JtG4IY0sLyFtD1piP31AglYetv3ETqe+uLXyqDSfTgNC6kfiSgtqLDoVKHUKH5ec wP8Aen+QN3YAJnaWq9JUlse74wPvLriysqvbgzL57KM9GDgUl1RECsN2koSh6fph MLzD9WrwdmSpiH37MVodjmriT8iSUp+a78eHT9FC7GKVhigTK4dnXLAkqXYBdJxU OwZCEzJwqmNsdJP6qXaFjHMv6t3dJUtvPls90/zshyEl/krxue+loYiKoHEn9vUS 8E4FPBqbsGih3cwZlloZMF5yqjnTdcKYWQ8Olwjs6/bIbtkINl9b3LQavHdzvdy3 KKBhWyW8ciIaL7Gr+HmrCGnqA4WsbXBIE9A3eXXALN2wWtNae6o03Czdw6EOpEdZ jRndNGsq93lfqdE7Zk8gJzUFoVGo/Ani5v+2ULBdMvlUgo8Xw1ZpuU/D63v/zMWp ZyOXvK/dkLm5bRtQf90nJln0z6Hf6q4ww6IFaEKSc5wn2zt+EW0= =jgQ+ -----END PGP SIGNATURE-----

7 years

2
1
0 0

[PATCH stable v4.4+] usb: gadget: serial: fix oops when data rx'd after close

by Krzysztof Kozlowski

From: Stephen Warren <swarren(a)nvidia.com> commit daa35bd95634a2a2d72d1049c93576a02711cb1a upstream When the gadget serial device has no associated TTY, do not pass any received data into the TTY layer for processing; simply drop it instead. This prevents the TTY layer from calling back into the gadget serial driver, which will then crash in e.g. gs_write_room() due to lack of gadget serial device to TTY association (i.e. a NULL pointer dereference). Signed-off-by: Stephen Warren <swarren(a)nvidia.com> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> Signed-off-by: Krzysztof Kozlowski <krzk(a)kernel.org> --- This is necessary for v4.4+ to fix: [ 134.015750] Unable to handle kernel NULL pointer dereference at virtual address 000000a8 [ 134.023988] pgd = 80004000 [ 134.026749] [000000a8] *pgd=00000000 [ 134.030417] Internal error: Oops: 17 [#1] ARM [ 134.034826] Modules linked in: ctr ccm usb_f_acm u_serial ath9k_htc ath9k_common ath9k_hw ath mac80211 cfg80211 libcomposite configfs [ 134.047166] CPU: 0 PID: 51 Comm: kworker/u2:1 Not tainted 4.9.133 #60 [ 134.053664] Hardware name: Freescale Vybrid VF5xx/VF6xx (Device Tree) [ 134.060195] Workqueue: events_unbound flush_to_ldisc [ 134.065244] task: 86a42140 task.stack: 86a9a000 [ 134.069872] PC is at gs_flush_chars+0x18/0x30 [u_serial] [ 134.075261] LR is at n_tty_receive_buf_common+0x648/0xa54 [ 134.080726] pc : [<7f169d4c>] lr : [<803cce74>] psr: 200f0093 [ 134.080726] sp : 86a9be08 ip : 86a9be20 fp : 86a9be1c [ 134.092310] r10: 86bff600 r9 : 862240cc r8 : 00000000 [ 134.097589] r7 : 862240cc r6 : 00000000 r5 : 00000000 r4 : 200f0013 [ 134.104177] r3 : 7f169d34 r2 : 0000000a r1 : 0000003c r0 : 00000000 [ 134.110763] Flags: nzCv IRQs off FIQs on Mode SVC_32 ISA ARM Segment none [ 134.118081] Control: 10c5387d Table: 85fb8059 DAC: 00000051 [ 134.123882] Process kworker/u2:1 (pid: 51, stack limit = 0x86a9a208) [ 134.130293] Stack: (0x86a9be08 to 0x86a9c000) [ 134.134717] be00: 89f0b000 00000000 86a9be8c 86a9be20 803cce74 7f169d40 [ 134.143000] be20: 86bff658 00020001 86bff73c 86a9be38 55555556 89f0b000 86a9be6c 8061f090 [ 134.151282] be40: 89f0b018 89f0d000 89f0b000 00000000 86224090 0000003c 00000000 0000003c [ 134.159567] be60: 86a9be94 0000003c 803cd280 86be5e00 8604ea40 86be5e14 00000000 86802014 [ 134.167852] be80: 86a9bea4 86a9be90 803cd29c 803cc838 00000001 80101438 86a9bebc 86a9bea8 [ 134.176135] bea0: 803d00c4 803cd28c 86224000 86be5e04 86a9bee4 86a9bec0 803d05fc 803d00a8 [ 134.184419] bec0: 86be5e04 86acf980 00000000 86808700 86802000 00000000 86a9bf1c 86a9bee8 [ 134.192703] bee0: 8012ef38 803d054c 00000088 8090cac0 86a9a000 86acf980 86802000 86acf998 [ 134.200988] bf00: 00000088 8090cac0 86a9a000 86802014 86a9bf5c 86a9bf20 8012f260 8012ee20 [ 134.209270] bf20: 86ad1dc0 8070ee70 8092c91c 86802000 00000000 00000000 86ad1dc0 86a9a000 [ 134.217554] bf40: 86acf980 8012f1f4 00000000 00000000 86a9bfac 86a9bf60 80134a78 8012f200 [ 134.225838] bf60: 00000000 00000000 86ad1dc0 86acf980 00000000 86a9bf74 86a9bf74 00000000 [ 134.234122] bf80: 86a9bf80 86a9bf80 8013b048 86ad1dc0 80134980 00000000 00000000 00000000 [ 134.242406] bfa0: 00000000 86a9bfb0 80107990 8013498c 00000000 00000000 00000000 00000000 [ 134.250688] bfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 134.258970] bfe0: 00000000 00000000 00000000 00000000 00000013 00000000 00000000 00000000 [ 134.267228] Backtrace: [ 134.269785] [<7f169d34>] (gs_flush_chars [u_serial]) from [<803cce74>] (n_tty_receive_buf_common+0x648/0xa54) [ 134.279800] r5:00000000 r4:89f0b000 [ 134.283449] [<803cc82c>] (n_tty_receive_buf_common) from [<803cd29c>] (n_tty_receive_buf2+0x1c/0x24) [ 134.292695] r10:86802014 r9:00000000 r8:86be5e14 r7:8604ea40 r6:86be5e00 r5:803cd280 [ 134.300610] r4:0000003c [ 134.303216] [<803cd280>] (n_tty_receive_buf2) from [<803d00c4>] (tty_ldisc_receive_buf+0x28/0x64) [ 134.312201] [<803d009c>] (tty_ldisc_receive_buf) from [<803d05fc>] (flush_to_ldisc+0xbc/0xd4) [ 134.320822] r5:86be5e04 r4:86224000 [ 134.324476] [<803d0540>] (flush_to_ldisc) from [<8012ef38>] (process_one_work+0x124/0x3e0) [ 134.332851] r9:00000000 r8:86802000 r7:86808700 r6:00000000 r5:86acf980 r4:86be5e04 [ 134.340706] [<8012ee14>] (process_one_work) from [<8012f260>] (worker_thread+0x6c/0x5a8) [ 134.348905] r10:86802014 r9:86a9a000 r8:8090cac0 r7:00000088 r6:86acf998 r5:86802000 [ 134.356828] r4:86acf980 [ 134.359431] [<8012f1f4>] (worker_thread) from [<80134a78>] (kthread+0xf8/0x110) [ 134.366847] r10:00000000 r9:00000000 r8:8012f1f4 r7:86acf980 r6:86a9a000 r5:86ad1dc0 [ 134.374765] r4:00000000 [ 134.377375] [<80134980>] (kthread) from [<80107990>] (ret_from_fork+0x14/0x24) [ 134.384708] r8:00000000 r7:00000000 r6:00000000 r5:80134980 r4:86ad1dc0 [ 134.391483] Code: e24cb004 e5900168 e10f4000 f10c0080 (e59030a8) [ 134.397643] ---[ end trace 6d6c0a94eccf9fda ]--- Reproduction: 1. Set up USB serial gadget and connect to device. 2. On device: while true; do echo "abcdefgh01234567890" > /dev/ttyGS0; done 3. On PC, execute simultaneously: while true; do cat /dev/ttyACM0 >> /tmp/tmp-dl; done for i in `seq 10000` ; do echo "XXXXXXXXXXXXXX" > /dev/ttyACM0 ; done --- drivers/usb/gadget/function/u_serial.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/gadget/function/u_serial.c b/drivers/usb/gadget/function/u_serial.c index f7771d86ad6c..4ea44f7122ee 100644 --- a/drivers/usb/gadget/function/u_serial.c +++ b/drivers/usb/gadget/function/u_serial.c @@ -518,7 +518,7 @@ static void gs_rx_push(unsigned long _port) } /* push data to (open) tty */ - if (req->actual) { + if (req->actual && tty) { char *packet = req->buf; unsigned size = req->actual; unsigned n; -- 2.7.4

7 years

2
1
0 0

Re: [PATCH] HID: quirks: fix support for Apple Magic Keyboards

by Benjamin Tissoires

On Wed, Oct 17, 2018 at 5:55 PM Natanael Copa <ncopa(a)alpinelinux.org> wrote: > > On Wed, 17 Oct 2018 16:59:15 +0200 > Benjamin Tissoires <benjamin.tissoires(a)redhat.com> wrote: > > > Hi Natanael, > > > > On Wed, Oct 17, 2018 at 4:52 PM Natanael Copa <ncopa(a)alpinelinux.org> wrote: > > > > > > Commit ee3454924370 ("HID: add support for Apple Magic Keyboards") added > > > support for the Magic Keyboard over Bluetooth, but did not add the > > > BT_VENDOR_ID_APPLE to hid-quirks. Fix this so hid-apple driver is used > > > over hid-generic. > > > > > > This fixes the Fn key, which does not work at all with hid-generic. > > > > > > Fixes: ee3454924370 ("HID: add support for Apple Magic Keyboards") > > > Bugzilla-id: https://bugzilla.kernel.org/show_bug.cgi?id=99881 > > > Signed-off-by: Natanael Copa <ncopa(a)alpinelinux.org> > > > --- > > > This should be backported to stable too. > > > > > > drivers/hid/hid-quirks.c | 3 +++ > > > 1 file changed, 3 insertions(+) > > > > > > diff --git a/drivers/hid/hid-quirks.c b/drivers/hid/hid-quirks.c > > > index 249d49b6b16c..a3b3aecf8628 100644 > > > --- a/drivers/hid/hid-quirks.c > > > +++ b/drivers/hid/hid-quirks.c > > > @@ -270,6 +270,9 @@ static const struct hid_device_id hid_have_special_driver[] = { > > > { HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_ALU_WIRELESS_2011_ISO) }, > > > { HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_ALU_WIRELESS_2011_JIS) }, > > > { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_ANSI) }, > > > + { HID_BLUETOOTH_DEVICE(BT_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_ANSI) }, > > > + { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_NUMPAD_ANSI) }, > > > + { HID_BLUETOOTH_DEVICE(BT_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_NUMPAD_ANSI) }, > > > > NACK, this should not be required with kernels v4.17+ IIRC. > > > > If it doesn't work on a recent kernel, please raise the issue, but I > > am actually chasing down the new inclusions of these when we add new > > device support. > > Fair enough. I think it may be needed for 4.14.y kernels though, to fix > commit b6cc0ba2cbf4 (HID: add support for Apple Magic Keyboards). > > Fn key did not work without this patch on 4.14.76 for me. Right, b6cc0ba2cbf4 has been added to 4.14.75 and is not working because tweaking hid_have_special_driver[] is not required in current kernels anymore. @stable folks, would it be possible to take this patch in the v4.9 and v4.14 trees? It can't go into Linus' tree, but I'd be glad to give my Acked-by for a stable backport. > > > There is even a high chance that we remove the list entirely as this > > would tremendously help the distributions to just have to ship > > hid-generic in the initramfs instead of a bunch of random hid drivers. > > I doubt that distros will want Bluetooth keyboards there though. (which > this is about) I was talking more generally, killing this list of devices, as some are keyboard and useful, and some are not needed as you say. But the point is that distro folks won't have to decide which module to ship: only hid-generic will be sufficient. Cheers, Benjamin > > > By the way, if the driver is not autoloaded by udev, it is a problem > > in udev likely. > > > > Cheers, > > Benjamin > > > > > { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, > > > USB_DEVICE_ID_APPLE_FOUNTAIN_TP_ONLY) }, > > > { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, > > > USB_DEVICE_ID_APPLE_GEYSER1_TP_ONLY) }, #endif -- > > > 2.19.1 > > > >

7 years

3
4
0 0

[PATCH] block: don't deal with discard limit in blkdev_issue_discard()

by Ming Lei

blk_queue_split() does respect this limit via bio splitting, so no need to do that in blkdev_issue_discard(), then we can align to normal bio submit(bio_add_page() & submit_bio()). More importantly, this patch fixes one issue introduced in a22c4d7e34402cc ("block: re-add discard_granularity and alignment checks"), in which zero discard bio may be generated in case of zero alignment. Fixes: a22c4d7e34402ccdf3 ("block: re-add discard_granularity and alignment checks") Cc: stable(a)vger.kernel.org Cc: Mariusz Dabrowski <mariusz.dabrowski(a)intel.com> Cc: Ming Lin <ming.l(a)ssi.samsung.com> Cc: Mike Snitzer <snitzer(a)redhat.com> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Xiao Ni <xni(a)redhat.com> Signed-off-by: Ming Lei <ming.lei(a)redhat.com> --- block/blk-lib.c | 28 ++-------------------------- 1 file changed, 2 insertions(+), 26 deletions(-) diff --git a/block/blk-lib.c b/block/blk-lib.c index d1b9dd03da25..bbd44666f2b5 100644 --- a/block/blk-lib.c +++ b/block/blk-lib.c @@ -29,9 +29,7 @@ int __blkdev_issue_discard(struct block_device *bdev, sector_t sector, { struct request_queue *q = bdev_get_queue(bdev); struct bio *bio = *biop; - unsigned int granularity; unsigned int op; - int alignment; sector_t bs_mask; if (!q) @@ -54,38 +52,16 @@ int __blkdev_issue_discard(struct block_device *bdev, sector_t sector, if ((sector | nr_sects) & bs_mask) return -EINVAL; - /* Zero-sector (unknown) and one-sector granularities are the same. */ - granularity = max(q->limits.discard_granularity >> 9, 1U); - alignment = (bdev_discard_alignment(bdev) >> 9) % granularity; - while (nr_sects) { - unsigned int req_sects; - sector_t end_sect, tmp; + unsigned int req_sects = nr_sects; + sector_t end_sect; - /* - * Issue in chunks of the user defined max discard setting, - * ensuring that bi_size doesn't overflow - */ - req_sects = min_t(sector_t, nr_sects, - q->limits.max_discard_sectors); if (!req_sects) goto fail; if (req_sects > UINT_MAX >> 9) req_sects = UINT_MAX >> 9; - /* - * If splitting a request, and the next starting sector would be - * misaligned, stop the discard at the previous aligned sector. - */ end_sect = sector + req_sects; - tmp = end_sect; - if (req_sects < nr_sects && - sector_div(tmp, granularity) != alignment) { - end_sect = end_sect - alignment; - sector_div(end_sect, granularity); - end_sect = end_sect * granularity + alignment; - req_sects = end_sect - sector; - } bio = next_bio(bio, 0, gfp_mask); bio->bi_iter.bi_sector = sector; -- 2.9.5

7 years

3
3
0 0

[PATCH v2 2/3] tracing: Fix synthetic event to allow semicolon at end

by Masami Hiramatsu

Fix synthetic event to allow independent semicolon at end. The synthetic_events interface accepts a semicolon after the last word if there is no space. # echo "myevent u64 var;" >> synthetic_events But if there is a space, it returns an error. # echo "myevent u64 var ;" > synthetic_events sh: write error: Invalid argument This behavior is difficult for users to understand. Let's allow the last independent semicolon too. Fixes: commit 4b147936fa50 ("tracing: Add support for 'synthetic' events") Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: stable(a)vger.kernel.org Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Steven Rostedt <rostedt(a)goodmis.org> --- kernel/trace/trace_events_hist.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index 6ff83941065a..d239004aaf29 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -1088,7 +1088,7 @@ static int create_synth_event(int argc, char **argv) i += consumed - 1; } - if (i < argc) { + if (i < argc && strcmp(argv[i], ";") != 0) { ret = -EINVAL; goto err; }

7 years

1
0
0 0

[PATCH v2 1/3] tracing: Fix synthetic event to accept unsigned modifier

by Masami Hiramatsu

Fix synthetic event to accept unsigned modifier for its field type correctly. Currently, synthetic_events interface returns error for "unsigned" modifiers as below; # echo "myevent unsigned long var" >> synthetic_events sh: write error: Invalid argument This is because argv_split() breaks "unsigned long" into "unsigned" and "long", but parse_synth_field() doesn't expected it. With this fix, synthetic_events can handle the "unsigned long" correctly like as below; # echo "myevent unsigned long var" >> synthetic_events # cat synthetic_events myevent unsigned long var Fixes: commit 4b147936fa50 ("tracing: Add support for 'synthetic' events") Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: stable(a)vger.kernel.org Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Steven Rostedt <rostedt(a)goodmis.org> --- Changes in v2: - Fix a typo of stable ML. --- kernel/trace/trace_events_hist.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index 85f6b01431c7..6ff83941065a 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -738,16 +738,30 @@ static void free_synth_field(struct synth_field *field) kfree(field); } -static struct synth_field *parse_synth_field(char *field_type, - char *field_name) +static struct synth_field *parse_synth_field(int argc, char **argv, + int *consumed) { struct synth_field *field; + const char *prefix = NULL; + char *field_type = argv[0], *field_name; int len, ret = 0; char *array; if (field_type[0] == ';') field_type++; + if (!strcmp(field_type, "unsigned")) { + if (argc < 3) + return ERR_PTR(-EINVAL); + prefix = "unsigned "; + field_type = argv[1]; + field_name = argv[2]; + *consumed = 3; + } else { + field_name = argv[1]; + *consumed = 2; + } + len = strlen(field_name); if (field_name[len - 1] == ';') field_name[len - 1] = '\0'; @@ -760,11 +774,15 @@ static struct synth_field *parse_synth_field(char *field_type, array = strchr(field_name, '['); if (array) len += strlen(array); + if (prefix) + len += strlen(prefix); field->type = kzalloc(len, GFP_KERNEL); if (!field->type) { ret = -ENOMEM; goto free; } + if (prefix) + strcat(field->type, prefix); strcat(field->type, field_type); if (array) { strcat(field->type, array); @@ -1009,7 +1027,7 @@ static int create_synth_event(int argc, char **argv) struct synth_field *field, *fields[SYNTH_FIELDS_MAX]; struct synth_event *event = NULL; bool delete_event = false; - int i, n_fields = 0, ret = 0; + int i, consumed = 0, n_fields = 0, ret = 0; char *name; mutex_lock(&synth_event_mutex); @@ -1061,13 +1079,13 @@ static int create_synth_event(int argc, char **argv) goto err; } - field = parse_synth_field(argv[i], argv[i + 1]); + field = parse_synth_field(argc - i, &argv[i], &consumed); if (IS_ERR(field)) { ret = PTR_ERR(field); goto err; } - fields[n_fields] = field; - i++; n_fields++; + fields[n_fields++] = field; + i += consumed - 1; } if (i < argc) {

7 years

1
0
0 0

RE: [PATCH] ARC: Get rid of toolchain check

by Alexey Brodkin

Hello, > -----Original Message----- > From: Rob Herring [mailto:robh@kernel.org] > Sent: Friday, September 14, 2018 12:04 AM > To: Alexey.Brodkin(a)synopsys.com > Cc: linux-snps-arc(a)lists.infradead.org; Linux Kernel Mailing List <linux-kernel(a)vger.kernel.org>; Vineet.Gupta1(a)synopsys.com > Subject: Re: [PATCH] ARC: Get rid of toolchain check > > On Thu, Sep 13, 2018 at 3:24 PM Alexey Brodkin > <Alexey.Brodkin(a)synopsys.com> wrote: > > > > This check is very naive: we simply test if GCC invoked without > > "-mcpu=XXX" has ARC700 define set. In that case we think that GCC > > was built with "--with-cpu=arc700" and has libgcc built for ARC700. > > > > Otherwise if ARC700 is not defined we think that everythng was built > > for ARCv2. > > > > But in reality our life is much more interesting. > > > > 1. Regardless of GCC configuration (i.e. what we pass in "--with-cpu" > > it may generate code for any ARC core). > > > > 2. libgcc might be built with explicitly specified "--mcpu=YYY" > > > > That's exactly what happens in case of multilibbed toolchains: > > - GCC is configured with default settings > > - All the libs built for many different CPU flavors > > > > I.e. that check gets in the way of usage of multilibbed > > toolchains. And even non-multilibbed toolchains are affected. > > OpenEmbedded also builds GCC without "--with-cpu" because > > each and every target component later is compiled with explicitly > > set "-mcpu=ZZZ". > > > > Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com> > > --- > > arch/arc/Makefile | 14 -------------- > > 1 file changed, 14 deletions(-) > > +1 for this. Removing it also helps with my work to be able to build > all the .dts files with only a host compiler. That also needs the hunk > setting CROSS_COMPILE removed and not having a built-in dtb by > default, but this is a step in the right direction. > > Acked-by: Rob Herring <robh(a)kernel.org> May we get this one back-ported to stable trees? Upstream commit in Linus' tree is 615f64458ad8 ("ARC: build: Get rid of toolchain check"). This fixes kernel configuration for ARC in case of missing ARC cross-tools in current PATH. -Alexey

7 years

2
1
0 0

RE: [PATCH] ARC: Don't set CROSS_COMPILE in arch's Makefile

by Alexey Brodkin

Hello, > -----Original Message----- > From: Alexey Brodkin [mailto:abrodkin@synopsys.com] > Sent: Sunday, September 16, 2018 11:48 PM > To: linux-snps-arc(a)lists.infradead.org > Cc: linux-kernel(a)vger.kernel.org; Vineet Gupta <vgupta(a)synopsys.com>; Alexey Brodkin <abrodkin(a)synopsys.com>; Masahiro > Yamada <yamada.masahiro(a)socionext.com>; Rob Herring <robh(a)kernel.org> > Subject: [PATCH] ARC: Don't set CROSS_COMPILE in arch's Makefile > > There's not much sense in doing that because if user or > his build-system didn't set CROSS_COMPILE we still may > very well make incorrect guess. > > But as it turned out setting CROSS_COMPILE is not as harmless > as one may think: with recent changes that implemented automatic > discovery of __host__ gcc features unconditional setup of > CROSS_COMPILE leads to failures on execution of "make xxx_defconfig" > with absent cross-compiler, for more info see [1]. > > Set CROSS_COMPILE as well gets in the way if we want only to build > .dtb's (again with absent cross-compiler which is not really needed > for building .dtb's), see [2]. > > Note, we had to change LIBGCC assignment type from ":=" to "=" > so that is is resolved on its usage, otherwise if it is resolved > at declaration time with missing CROSS_COMPILE we're getting this > error message from host GCC: > ------------------------->8------------------------- > gcc: error: unrecognized command line option ‘-mmedium-calls’ > gcc: error: unrecognized command line option ‘-mno-sdata’; did you mean ‘-fno-stats’? > ------------------------->8------------------------- > > [1] http://lists.infradead.org/pipermail/linux-snps-arc/2018-September/004308.h… > [2] http://lists.infradead.org/pipermail/linux-snps-arc/2018-September/004320.h… > > Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com> > Cc: Masahiro Yamada <yamada.masahiro(a)socionext.com> > Cc: Rob Herring <robh(a)kernel.org> > --- > arch/arc/Makefile | 10 +--------- > 1 file changed, 1 insertion(+), 9 deletions(-) > > diff --git a/arch/arc/Makefile b/arch/arc/Makefile > index 99cce77ab98f..5f6b67917dc2 100644 > --- a/arch/arc/Makefile > +++ b/arch/arc/Makefile > @@ -6,14 +6,6 @@ > # published by the Free Software Foundation. > # > > -ifeq ($(CROSS_COMPILE),) > -ifndef CONFIG_CPU_BIG_ENDIAN > -CROSS_COMPILE := arc-linux- > -else > -CROSS_COMPILE := arceb-linux- > -endif > -endif > - > KBUILD_DEFCONFIG := nsim_700_defconfig > > cflags-y += -fno-common -pipe -fno-builtin -mmedium-calls -D__linux__ > @@ -79,7 +71,7 @@ cflags-$(disable_small_data) += -mno-sdata -fcall-used-gp > cflags-$(CONFIG_CPU_BIG_ENDIAN) += -mbig-endian > ldflags-$(CONFIG_CPU_BIG_ENDIAN) += -EB > > -LIBGCC := $(shell $(CC) $(cflags-y) --print-libgcc-file-name) > +LIBGCC = $(shell $(CC) $(cflags-y) --print-libgcc-file-name) > > # Modules with short calls might break for calls into builtin-kernel > KBUILD_CFLAGS_MODULE += -mlong-calls -mno-millicode > -- > 2.17.1 May we have this one back-ported to stable branches? Upstream commit in Linus' tree is: 40660f1fcee8 ("ARC: build: Don't set CROSS_COMPILE in arch's Makefile"). Regards, Alexey

7 years

2
1
0 0

netfilter request for -stable 4.9.x inclusion

by Pablo Neira Ayuso

Hi Greg, Could you enqueue the following patch for -stable 4.9.x? commit ab6dd1beac7be3c17f8bf3d38bdf29ecb7293f1e Author: Xin Long <lucien.xin(a)gmail.com> Date: Thu Aug 10 10:22:24 2017 +0800 netfilter: check for seqadj ext existence before adding it in nf_nat_setup_info Cc'ing Laura, combining SNAT+DNAT+ftp helper is currently broken with 4.9.x. The patch above cures the issues. Thanks.

7 years

2
1
0 0

[PATCH 2/3] tracing: Fix synthetic event to allow semicolon at end

by Masami Hiramatsu

Fix synthetic event to allow independent semicolon at end. The synthetic_events interface accepts a semicolon after the last word if there is no space. # echo "myevent u64 var;" >> synthetic_events But if there is a space, it returns an error. # echo "myevent u64 var ;" > synthetic_events sh: write error: Invalid argument This behavior is difficult for users to understand. Let's allow the last independent semicolon too. Fixes: commit 4b147936fa50 ("tracing: Add support for 'synthetic' events") Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: <stable(a)vger.kernel.org> Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Steven Rostedt <rostedt(a)goodmis.org> --- kernel/trace/trace_events_hist.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index 6ff83941065a..d239004aaf29 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -1088,7 +1088,7 @@ static int create_synth_event(int argc, char **argv) i += consumed - 1; } - if (i < argc) { + if (i < argc && strcmp(argv[i], ";") != 0) { ret = -EINVAL; goto err; }

7 years

1
0
0 0

Images 34

by Nancy

We are an image team who can process 400+ images each day. If you need any image editing service, please let us know. Image cut out and clipping path, masking. Such as for ecommerce photos, jewelry photos retouching, beauty and skin images and wedding photos. We give test editing for your photos if you send us some. Thanks, Nancy

7 years

1
0
0 0

[PATCH 0/4] FS-Cache: Miscellaneous fixes

by David Howells

Attached are another couple of miscellaneous fixes for FS-Cache and CacheFiles: (1) Fix a race between object burial in cachefiles and external rmdir. (2) Fix a race from a split atomic op. (3) Fix incomplete initialisation of cookie key space. (4) Fix out-of-bounds read. The patches are tagged here: git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git fscache-fixes-20181017 and can also be found on the following branch: http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=fs… David --- Al Viro (1): cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) David Howells (1): fscache: Fix incomplete initialisation of inline key space Eric Sandeen (1): fscache: Fix out of bound read in long cookie keys kiran.modukuri (1): fscache: Fix race in fscache_op_complete() due to split atomic_sub & read fs/cachefiles/namei.c | 2 +- fs/fscache/cookie.c | 31 ++++++++++--------------------- fs/fscache/internal.h | 1 - fs/fscache/main.c | 4 +--- include/linux/fscache-cache.h | 4 ++-- 5 files changed, 14 insertions(+), 28 deletions(-)

7 years

2
2
0 0

[PATCH] drm/sun4i: Fix an ulong overflow in the dotclock driver

by Boris Brezillon

The calculated ideal rate can easily overflow an unsigned long, thus making the best div selection buggy as soon as no ideal match is found before the overflow occurs. Fixes: 4731a72df273 ("drm/sun4i: request exact rates to our parents") Cc: <stable(a)vger.kernel.org> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> --- drivers/gpu/drm/sun4i/sun4i_dotclock.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/sun4i/sun4i_dotclock.c b/drivers/gpu/drm/sun4i/sun4i_dotclock.c index e36004fbe453..82132a9bd1d5 100644 --- a/drivers/gpu/drm/sun4i/sun4i_dotclock.c +++ b/drivers/gpu/drm/sun4i/sun4i_dotclock.c @@ -81,9 +81,12 @@ static long sun4i_dclk_round_rate(struct clk_hw *hw, unsigned long rate, int i; for (i = tcon->dclk_min_div; i <= tcon->dclk_max_div; i++) { - unsigned long ideal = rate * i; + u64 ideal = (u64)rate * i; unsigned long rounded; + if (ideal > ULONG_MAX) + break; + rounded = clk_hw_round_rate(clk_hw_get_parent(hw), ideal); -- 2.14.1

7 years

2
1
0 0

Re: SV: MPC8321 boot failure

by gregkh＠linuxfoundation.org

On Thu, Oct 18, 2018 at 08:51:46AM +0000, David Gounaris wrote: > Hi, I can also confirm that it works after cherry-picking the proposed commit. > > Reported-and-tested-by: David Gounaris <david.gounaris(a)infinera.com<mailto:David.Gounaris@infinera.com>> > Now queued up, thanks. greg k-h

7 years

1
0
0 0

Linux 4.18.15

by Greg KH

I'm announcing the release of the 4.18.15 kernel. All users of the 4.18 kernel series must upgrade. The updated 4.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/net/macb.txt | 1 Makefile | 16 - arch/arm/boot/dts/sama5d3_emac.dtsi | 2 arch/arm64/kernel/perf_event.c | 7 arch/mips/include/asm/processor.h | 10 arch/mips/kernel/process.c | 25 + arch/mips/kernel/setup.c | 48 +-- arch/mips/kernel/vdso.c | 18 + arch/powerpc/include/asm/book3s/64/pgtable.h | 4 arch/powerpc/kvm/book3s_64_mmu_radix.c | 101 ++---- arch/x86/include/asm/pgtable_types.h | 2 arch/x86/include/uapi/asm/kvm.h | 1 arch/x86/kvm/lapic.c | 22 + drivers/bluetooth/hci_ldisc.c | 2 drivers/clk/x86/clk-pmc-atom.c | 18 - drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gfx_v7.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_device.c | 3 drivers/gpu/drm/amd/amdkfd/kfd_iommu.c | 13 drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v9.c | 2 drivers/gpu/drm/amd/amdkfd/kfd_priv.h | 1 drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 21 + drivers/gpu/drm/amd/include/kgd_kfd_interface.h | 2 drivers/gpu/drm/nouveau/dispnv50/disp.c | 15 drivers/gpu/drm/pl111/pl111_vexpress.c | 3 drivers/hwmon/nct6775.c | 70 +++- drivers/i2c/busses/i2c-scmi.c | 1 drivers/input/joystick/xpad.c | 3 drivers/md/dm-cache-target.c | 5 drivers/md/dm-flakey.c | 2 drivers/md/dm-linear.c | 8 drivers/md/dm.c | 27 + drivers/mfd/omap-usb-host.c | 11 drivers/mmc/core/block.c | 10 drivers/net/bonding/bond_main.c | 65 ++-- drivers/net/dsa/b53/b53_common.c | 4 drivers/net/dsa/bcm_sf2.c | 14 drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 32 +- drivers/net/ethernet/broadcom/bcmsysport.c | 22 - drivers/net/ethernet/broadcom/bnxt/bnxt.c | 27 + drivers/net/ethernet/broadcom/bnxt/bnxt_dcb.c | 6 drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 20 - drivers/net/ethernet/cadence/macb_main.c | 8 drivers/net/ethernet/hisilicon/hns/hnae.c | 2 drivers/net/ethernet/hisilicon/hns/hns_enet.c | 30 + drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c | 19 - drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 3 drivers/net/ethernet/mellanox/mlx5/core/eswitch.c | 4 drivers/net/ethernet/mellanox/mlx5/core/transobj.c | 2 drivers/net/ethernet/mscc/ocelot_board.c | 12 drivers/net/ethernet/netronome/nfp/nfp_net_common.c | 17 - drivers/net/ethernet/qlogic/qed/qed_hsi.h | 1 drivers/net/ethernet/qlogic/qlcnic/qlcnic.h | 8 drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.h | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_hw.h | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_io.c | 12 drivers/net/ethernet/qualcomm/rmnet/rmnet_handlers.c | 7 drivers/net/ethernet/realtek/r8169.c | 24 - drivers/net/ethernet/stmicro/stmmac/common.h | 4 drivers/net/ethernet/stmicro/stmmac/stmmac.h | 14 drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 238 ++++++++------- drivers/net/ethernet/stmicro/stmmac/stmmac_platform.c | 5 drivers/net/ethernet/ti/Kconfig | 1 drivers/net/phy/phylink.c | 48 +-- drivers/net/phy/sfp-bus.c | 4 drivers/net/team/team.c | 6 drivers/net/tun.c | 43 +- drivers/net/usb/qmi_wwan.c | 1 drivers/net/usb/smsc75xx.c | 1 drivers/net/vxlan.c | 3 drivers/pci/controller/pci-hyperv.c | 37 ++ drivers/perf/arm_pmu.c | 8 drivers/pinctrl/intel/pinctrl-cannonlake.c | 2 drivers/pinctrl/pinctrl-mcp23s08.c | 13 drivers/s390/cio/vfio_ccw_cp.c | 2 drivers/scsi/qla2xxx/qla_target.h | 4 drivers/target/iscsi/iscsi_target.c | 22 - drivers/video/fbdev/aty/atyfb.h | 3 drivers/video/fbdev/aty/atyfb_base.c | 7 drivers/video/fbdev/aty/mach64_ct.c | 10 fs/afs/rxrpc.c | 2 fs/dax.c | 13 include/linux/cgroup-defs.h | 1 include/linux/netdevice.h | 7 include/linux/perf/arm_pmu.h | 1 include/linux/stmmac.h | 1 include/linux/virtio_net.h | 18 + include/net/bonding.h | 7 include/net/inet_sock.h | 6 include/net/ip_fib.h | 1 include/sound/hdaudio.h | 1 include/sound/soc-dapm.h | 1 kernel/bpf/btf.c | 2 kernel/cgroup/cgroup.c | 25 + lib/vsprintf.c | 2 mm/huge_memory.c | 6 mm/mmap.c | 2 mm/percpu.c | 1 mm/vmscan.c | 11 mm/vmstat.c | 1 net/bluetooth/smp.c | 16 - net/core/dev.c | 28 + net/core/ethtool.c | 1 net/core/filter.c | 3 net/core/rtnetlink.c | 41 +- net/dccp/input.c | 4 net/dccp/ipv4.c | 4 net/ipv4/fib_frontend.c | 12 net/ipv4/fib_semantics.c | 50 +++ net/ipv4/inet_connection_sock.c | 5 net/ipv4/ip_sockglue.c | 3 net/ipv4/ip_tunnel.c | 9 net/ipv4/route.c | 7 net/ipv4/tcp_input.c | 4 net/ipv4/tcp_ipv4.c | 4 net/ipv4/udp.c | 2 net/ipv6/addrconf.c | 4 net/ipv6/ip6_fib.c | 2 net/ipv6/ip6_tunnel.c | 13 net/ipv6/raw.c | 29 + net/ipv6/route.c | 5 net/netlabel/netlabel_unlabeled.c | 3 net/packet/af_packet.c | 11 net/sched/cls_u32.c | 10 net/sched/sch_api.c | 24 + net/sctp/transport.c | 12 net/tipc/socket.c | 4 scripts/subarch.include | 13 sound/hda/hdac_controller.c | 15 sound/soc/amd/acp-pcm-dma.c | 21 + sound/soc/codecs/max98373.c | 3 sound/soc/codecs/rt5514.c | 8 sound/soc/codecs/sigmadsp.c | 3 sound/soc/codecs/wm8804-i2c.c | 15 sound/soc/intel/skylake/skl.c | 2 sound/soc/qcom/qdsp6/q6routing.c | 4 sound/soc/sh/rcar/adg.c | 5 sound/soc/sh/rcar/core.c | 10 sound/soc/sh/rcar/dma.c | 4 sound/soc/soc-core.c | 4 sound/soc/soc-dapm.c | 4 tools/perf/scripts/python/export-to-postgresql.py | 9 tools/perf/scripts/python/export-to-sqlite.py | 6 tools/testing/selftests/android/Makefile | 2 tools/testing/selftests/android/config | 5 tools/testing/selftests/android/ion/Makefile | 2 tools/testing/selftests/android/ion/config | 5 tools/testing/selftests/cgroup/cgroup_util.c | 17 - tools/testing/selftests/efivarfs/config | 1 tools/testing/selftests/futex/functional/Makefile | 1 tools/testing/selftests/gpio/Makefile | 7 tools/testing/selftests/kselftest.h | 1 tools/testing/selftests/kvm/Makefile | 7 tools/testing/selftests/lib.mk | 12 tools/testing/selftests/memory-hotplug/config | 1 tools/testing/selftests/net/Makefile | 1 tools/testing/selftests/networking/timestamping/Makefile | 1 tools/testing/selftests/vm/Makefile | 4 160 files changed, 1294 insertions(+), 626 deletions(-) Adrian Hunter (2): perf script python: Fix export-to-postgresql.py occasional failure perf script python: Fix export-to-sqlite.py sample columns Akshu Agrawal (1): ASoC: AMD: Ensure reset bit is cleared before configuring Al Viro (1): net: sched: cls_u32: fix hnode refcounting Alaa Hleihel (1): net/mlx5: Check for SQ and not RQ state when modifying hairpin SQ Amber Lin (1): drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 Anders Roxell (2): selftests: android: move config up a level selftests: add headers_install to lib.mk Antoine Tenart (2): net: mvpp2: fix a txq_done race condition net: mscc: fix the frame extraction into the skb Baruch Siach (1): net: phy: phylink: fix SFP interface autodetection Charles Keepax (1): ASoC: dapm: Fix NULL pointer deference on CODEC to CODEC DAIs Chris Boot (1): mmc: block: avoid multiblock reads for the last sector in SPI mode Corentin Labbe (1): net: ethernet: ti: add missing GENERIC_ALLOCATOR dependency Damien Le Moal (2): dm: fix report zone remapping to account for partition offset dm linear: fix linear_end_io conditional definition Dan Carpenter (1): scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted() Dan Williams (1): filesystem-dax: Fix dax_layout_busy_page() livelock Danny Smith (1): ASoC: sigmadsp: safeload should not have lower byte limit David Ahern (3): net: sched: Add policy validation for tc attributes rtnetlink: Fail dump if target netnsid is invalid net/ipv6: Remove extra call to ip6_convert_metrics for multipath case David Howells (2): afs: Fix afs_server struct leak afs: Fix clearance of reply Davide Caratti (1): bnxt_en: don't try to offload VLAN 'modify' action Edgar Cherkasov (1): i2c: i2c-scmi: fix for i2c_smbus_write_block_data Eran Ben Elisha (1): net/mlx5: E-Switch, Fix out of bound access when setting vport rate Eric Dumazet (7): ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 tun: remove unused parameters tun: initialize napi_mutex unconditionally tun: napi flags belong to tfile tcp/dccp: fix lockdep issue when SYN is backlogged inet: make sure to grab rcu_read_lock before using ireq->ireq_opt Eric Farman (1): s390/cio: Fix how vfio-ccw checks pinned pages Florian Fainelli (4): net: dsa: bcm_sf2: Call setup during switch resume net: systemport: Fix wake-up interrupt race during resume net: dsa: bcm_sf2: Fix unbind ordering net: dsa: b53: Keep CPU port as tagged in all VLANs Friedemann Gerold (1): net: aquantia: memory corruption on jumbo frames Giacinto Cifelli (1): qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface Greg Kroah-Hartman (1): Linux 4.18.15 Guenter Roeck (4): hwmon: (nct6775) Fix access to fan pulse registers hwmon: (nct6775) Fix virtual temperature sources for NCT6796D hwmon: (nct6775) Fix RPM output for fan7 on NCT6796D hwmon: (nct6775) Use different register to get fan RPM for fan7 Hangbin Liu (1): vxlan: fill ttl inherit info Hans de Goede (2): clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail clk: x86: Stop marking clocks as CLK_IS_CRITICAL Heiner Kallweit (1): r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO Hermes Zhang (1): Bluetooth: hci_ldisc: Free rw_semaphore on close Ido Schimmel (1): team: Forbid enslaving team device to itself Jakub Kicinski (1): nfp: avoid soft lockups under control message storm Jan Kara (1): mm: Preserve _PAGE_DEVMAP across mprotect() calls Jann Horn (2): mm/vmstat.c: fix outdated vmstat_text mm/mmap.c: don't clobber partially overlapping VMA with MAP_FIXED_NOREPLACE Jay Kamat (1): Fix cg_read_strcmp() Jeff Barnhill (1): net/ipv6: Display all addresses in output of /proc/net/if_inet6 Jianbo Liu (1): net/mlx5e: Set vlan masks for all offloaded TC rules Jianfeng Tan (1): net/packet: fix packet drop as of virtio gso Jiri Kosina (1): udp: Unbreak modules that rely on external __skb_recv_udp() availability Johan Hedberg (1): Bluetooth: SMP: Fix trying to use non-existent local OOB data Jongsung Kim (1): stmmac: fix valid numbers of unicast filter entries Jose Abreu (2): net: stmmac: Fixup the tail addr setting in xmit path net: stmmac: Rework coalesce timer and fix multi-queue races Jérôme Glisse (1): mm/thp: fix call to mmu_notifier in set_pmd_migration_entry() v2 Kuninori Morimoto (2): ASoC: rsnd: adg: care clock-frequency size ASoC: rsnd: don't fallback to PIO mode when -EPROBE_DEFER Laura Abbott (1): scsi: iscsi: target: Don't use stack buffer for scatterlist Lei Yang (2): selftests/efivarfs: add required kernel configs selftests: memory-hotplug: add required configs Lyude Paul (1): drm/nouveau/drm/nouveau: Grab runtime PM ref in nv50_mstc_detect() Maciej S. Szmigiero (1): r8169: set RX_MULTI_EN bit in RxConfig for 8168F-family chips Maciej Żenczykowski (1): net-ethtool: ETHTOOL_GUFO did not and should not require CAP_NET_ADMIN Mahesh Bandewar (3): bonding: avoid possible dead-lock bonding: pass link-local packets to bonding master also. bonding: fix warning message Marco Felsch (1): pinctrl: mcp23s08: fix irq and irqchip setup order Martin KaFai Lau (1): bpf: btf: Fix end boundary calculation for type section Matias Karhumaa (1): Bluetooth: Use correct tfm to generate OOB data Mauricio Faria de Oliveira (1): rtnetlink: fix rtnl_fdb_dump() for ndmsg header Maxime Chevallier (1): net: mvpp2: Extract the correct ethtype from the skb for tx csum offload Michael Chan (2): bnxt_en: Fix TX timeout during netpoll. bnxt_en: Fix VNIC reservations on the PF. Mike Rapoport (2): net/ipv6: stop leaking percpu memory in fib6 info percpu: stop leaking bitmap metadata blocks Mike Snitzer (1): dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled Mikulas Patocka (1): mach64: detect the dot clock divider correctly on sparc Nicholas Piggin (1): KVM: PPC: Book3S HV: Don't use compound_order to determine host mapping size Nicolas Ferre (2): net: macb: disable scatter-gather for macb on sama5d3 ARM: dts: at91: add new compatibility string for macb on sama5d3 Oder Chiou (1): ASoC: rt5514: Fix the issue of the delay volume applied again Paolo Abeni (2): ip6_tunnel: be careful when accessing the inner header ip_tunnel: be careful when accessing the inner header Parthasarathy Bhuvaragan (1): tipc: fix flow control accounting for implicit connect Paul Burton (2): MIPS: Fix CONFIG_CMDLINE handling MIPS: VDSO: Always map near top of user memory Paul Mackerras (1): KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault Pierre-Louis Bossart (1): ASoC: wm8804: Add ACPI support Ramses Ramírez (1): Input: xpad - add support for Xbox1 PDP Camo series gamepad Roman Gushchin (1): mm: slowly shrink slabs with a relatively small number of objects Russell King (1): sfp: fix oops with ethtool -m Ryan Lee (2): ASoC: max98373: Added speaker FS gain cotnrol register to volatile. ASoC: max98373: Added 10ms sleep after amp software reset Sabrina Dubroca (2): net: ipv4: update fnhe_pmtu when first hop's MTU changes net: ipv4: don't let PMTU updates increase route MTU Sean Tranchetti (2): netlabel: check for IPV4MASK in addrinfo_get net: qualcomm: rmnet: Skip processing loopback packets Shahed Shaikh (1): qlcnic: fix Tx descriptor corruption on 82xx devices Shenghui Wang (1): dm cache: destroy migration_cache if cache target registration failed Simon Detheridge (1): pinctrl: cannonlake: Fix gpio base for GPP-E Srinivas Kandagatla (1): ASoC: q6routing: initialize data correctly Stephen Hemminger (1): PCI: hv: support reporting serial number as slot information Steven Rostedt (VMware) (1): vsprintf: Fix off-by-one bug in bstr_printf() processing dereferenced pointers Subash Abhinov Kasiviswanathan (2): net: qualcomm: rmnet: Fix incorrect allocation flag in transmit net: qualcomm: rmnet: Fix incorrect allocation flag in receive path Sudarsana Reddy Kalluru (1): qed: Fix shmem structure inconsistency between driver and the mfw. Tejun Heo (1): cgroup: Fix dom_cgrp propagation when enabling threaded mode Thiago Jung Bauermann (1): selftests: kselftest: Remove outdated comment Tony Lindgren (1): mfd: omap-usb-host: Fix dts probe of children Tushar Dave (1): bpf: use __GFP_COMP while allocating page Vasundhara Volam (2): bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request bnxt_en: get the reduced max_irqs by the ones used by RDMA Venkat Duvvuru (1): bnxt_en: free hwrm resources, if driver probe fails. Vitaly Kuznetsov (1): x86/kvm/lapic: always disable MMIO interface in x2APIC mode Wei Wang (1): ipv6: take rcu lock in rawv6_send_hdrinc() Will Deacon (1): arm64: perf: Reject stand-alone CHAIN events for PMUv3 Xin Long (1): sctp: update dst pmtu with the correct daddr Yong Zhao (2): drm/amdkfd: Change the control stack MTYPE from UC to NC on GFX9 drm/amdkfd: Fix ATS capablity was not reported correctly on some APUs Yu Zhao (3): net/usb: cancel pending work when unbinding smsc75xx sound: enable interrupt after dma buffer initialization sound: don't call skl_init_chip() to reset intel skl soc Yunsheng Lin (1): net: hns: fix for unmapping problem when SMMU is on zhong jiang (1): drm/pl111: Make sure of_device_id tables are NULL terminated

7 years

1
1
0 0

Linux 4.14.77

by Greg KH

I'm announcing the release of the 4.14.77 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/net/macb.txt | 1 Makefile | 2 arch/arm/boot/dts/sama5d3_emac.dtsi | 2 arch/arm/include/asm/assembler.h | 12 + arch/arm/include/asm/barrier.h | 32 +++ arch/arm/include/asm/bugs.h | 6 arch/arm/include/asm/cp15.h | 3 arch/arm/include/asm/cputype.h | 8 arch/arm/include/asm/kvm_asm.h | 2 arch/arm/include/asm/kvm_host.h | 14 + arch/arm/include/asm/kvm_mmu.h | 23 ++ arch/arm/include/asm/proc-fns.h | 4 arch/arm/include/asm/system_misc.h | 15 + arch/arm/include/asm/thread_info.h | 4 arch/arm/include/asm/uaccess.h | 26 +- arch/arm/kernel/Makefile | 1 arch/arm/kernel/bugs.c | 18 + arch/arm/kernel/entry-common.S | 18 - arch/arm/kernel/entry-header.S | 25 ++ arch/arm/kernel/signal.c | 58 +++--- arch/arm/kernel/smp.c | 4 arch/arm/kernel/suspend.c | 2 arch/arm/kernel/sys_oabi-compat.c | 8 arch/arm/kvm/hyp/hyp-entry.S | 112 +++++++++++ arch/arm/lib/copy_from_user.S | 9 arch/arm/mm/Kconfig | 23 ++ arch/arm/mm/Makefile | 2 arch/arm/mm/fault.c | 3 arch/arm/mm/proc-macros.S | 3 arch/arm/mm/proc-v7-2level.S | 6 arch/arm/mm/proc-v7-bugs.c | 174 ++++++++++++++++++ arch/arm/mm/proc-v7.S | 154 ++++++++++++--- arch/arm/vfp/vfpmodule.c | 17 - arch/arm64/kernel/perf_event.c | 7 arch/mips/include/asm/processor.h | 10 - arch/mips/kernel/process.c | 25 ++ arch/mips/kernel/vdso.c | 18 + arch/powerpc/include/asm/book3s/64/pgtable.h | 4 arch/x86/include/asm/pgtable_types.h | 2 arch/x86/include/uapi/asm/kvm.h | 1 arch/x86/kvm/lapic.c | 22 +- drivers/bluetooth/hci_ldisc.c | 2 drivers/clk/x86/clk-pmc-atom.c | 18 + drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gfx_v7.c | 2 drivers/i2c/busses/i2c-scmi.c | 1 drivers/md/dm-cache-target.c | 5 drivers/md/dm-flakey.c | 2 drivers/md/dm-linear.c | 8 drivers/md/dm.c | 27 ++ drivers/mfd/omap-usb-host.c | 11 - drivers/mmc/core/block.c | 10 + drivers/net/bonding/bond_main.c | 65 +++--- drivers/net/dsa/bcm_sf2.c | 12 - drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 32 +-- drivers/net/ethernet/broadcom/bcmsysport.c | 22 +- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 23 +- drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 20 +- drivers/net/ethernet/cadence/macb_main.c | 8 drivers/net/ethernet/hisilicon/hns/hnae.c | 2 drivers/net/ethernet/hisilicon/hns/hns_enet.c | 30 +-- drivers/net/ethernet/marvell/mvpp2.c | 20 +- drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 3 drivers/net/ethernet/mellanox/mlx5/core/eswitch.c | 4 drivers/net/ethernet/netronome/nfp/nfp_net_common.c | 17 + drivers/net/ethernet/qlogic/qlcnic/qlcnic.h | 8 drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.h | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_hw.h | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_io.c | 12 - drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 8 drivers/net/ethernet/stmicro/stmmac/stmmac_platform.c | 5 drivers/net/hyperv/netvsc_drv.c | 9 drivers/net/team/team.c | 5 drivers/net/usb/qmi_wwan.c | 1 drivers/net/usb/smsc75xx.c | 1 drivers/pci/host/pci-hyperv.c | 37 +++ drivers/perf/arm_pmu.c | 8 drivers/pinctrl/pinctrl-mcp23s08.c | 13 + drivers/s390/cio/vfio_ccw_cp.c | 2 drivers/scsi/qla2xxx/qla_target.h | 4 drivers/target/iscsi/iscsi_target.c | 22 +- drivers/usb/host/xhci-hub.c | 18 - drivers/video/fbdev/aty/atyfb.h | 3 drivers/video/fbdev/aty/atyfb_base.c | 7 drivers/video/fbdev/aty/mach64_ct.c | 10 - fs/dcache.c | 38 +++ include/linux/cgroup-defs.h | 1 include/linux/mmzone.h | 1 include/linux/netdevice.h | 7 include/linux/perf/arm_pmu.h | 1 include/linux/virtio_net.h | 18 + include/net/bonding.h | 7 include/net/inet_sock.h | 6 include/net/ip_fib.h | 1 include/sound/hdaudio.h | 1 kernel/cgroup/cgroup.c | 25 +- mm/huge_memory.c | 6 mm/page_alloc.c | 7 mm/percpu.c | 1 mm/util.c | 7 mm/vmstat.c | 6 net/core/dev.c | 28 ++ net/core/ethtool.c | 1 net/core/rtnetlink.c | 35 ++- net/dccp/input.c | 4 net/dccp/ipv4.c | 4 net/ipv4/fib_frontend.c | 12 - net/ipv4/fib_semantics.c | 50 +++++ net/ipv4/inet_connection_sock.c | 5 net/ipv4/ip_sockglue.c | 3 net/ipv4/ip_tunnel.c | 9 net/ipv4/tcp_input.c | 4 net/ipv4/tcp_ipv4.c | 4 net/ipv4/udp.c | 2 net/ipv6/addrconf.c | 4 net/ipv6/ip6_tunnel.c | 13 + net/ipv6/raw.c | 29 ++- net/netlabel/netlabel_unlabeled.c | 3 net/packet/af_packet.c | 11 - net/sched/sch_api.c | 22 +- net/sctp/transport.c | 12 + net/tipc/socket.c | 4 sound/hda/hdac_controller.c | 15 + sound/soc/codecs/rt5514.c | 8 sound/soc/codecs/sigmadsp.c | 3 sound/soc/codecs/wm8804-i2c.c | 15 + sound/soc/intel/skylake/skl.c | 2 sound/soc/sh/rcar/adg.c | 5 sound/soc/sh/rcar/core.c | 10 - sound/soc/sh/rcar/dma.c | 4 tools/perf/builtin-script.c | 22 +- tools/perf/scripts/python/export-to-postgresql.py | 9 tools/perf/scripts/python/export-to-sqlite.py | 6 tools/perf/tests/attr.c | 4 tools/perf/tests/mem.c | 2 tools/perf/tests/pmu.c | 2 tools/perf/util/cgroup.c | 2 tools/perf/util/parse-events.c | 4 tools/perf/util/pmu.c | 2 tools/testing/selftests/efivarfs/config | 1 tools/testing/selftests/memory-hotplug/config | 1 141 files changed, 1488 insertions(+), 427 deletions(-) Adrian Hunter (2): perf script python: Fix export-to-postgresql.py occasional failure perf script python: Fix export-to-sqlite.py sample columns Amber Lin (1): drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 Antoine Tenart (1): net: mvpp2: fix a txq_done race condition Chris Boot (1): mmc: block: avoid multiblock reads for the last sector in SPI mode Damien Le Moal (2): dm: fix report zone remapping to account for partition offset dm linear: fix linear_end_io conditional definition Dan Carpenter (1): scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted() Danny Smith (1): ASoC: sigmadsp: safeload should not have lower byte limit David Ahern (1): net: sched: Add policy validation for tc attributes Davide Caratti (1): bnxt_en: don't try to offload VLAN 'modify' action Edgar Cherkasov (1): i2c: i2c-scmi: fix for i2c_smbus_write_block_data Eran Ben Elisha (1): net/mlx5: E-Switch, Fix out of bound access when setting vport rate Eric Dumazet (4): ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 tcp/dccp: fix lockdep issue when SYN is backlogged inet: make sure to grab rcu_read_lock before using ireq->ireq_opt Eric Farman (1): s390/cio: Fix how vfio-ccw checks pinned pages Florian Fainelli (3): net: dsa: bcm_sf2: Call setup during switch resume net: systemport: Fix wake-up interrupt race during resume net: dsa: bcm_sf2: Fix unbind ordering Friedemann Gerold (1): net: aquantia: memory corruption on jumbo frames Giacinto Cifelli (1): qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface Greg Kroah-Hartman (1): Linux 4.14.77 Hans de Goede (2): clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail clk: x86: Stop marking clocks as CLK_IS_CRITICAL Hermes Zhang (1): Bluetooth: hci_ldisc: Free rw_semaphore on close Ido Schimmel (1): team: Forbid enslaving team device to itself Jakub Kicinski (1): nfp: avoid soft lockups under control message storm Jan Kara (1): mm: Preserve _PAGE_DEVMAP across mprotect() calls Jann Horn (1): mm/vmstat.c: fix outdated vmstat_text Jeff Barnhill (1): net/ipv6: Display all addresses in output of /proc/net/if_inet6 Jianbo Liu (1): net/mlx5e: Set vlan masks for all offloaded TC rules Jianfeng Tan (1): net/packet: fix packet drop as of virtio gso Jiri Kosina (1): udp: Unbreak modules that rely on external __skb_recv_udp() availability Jiri Olsa (1): perf tools: Fix snprint warnings for gcc 8 Jongsung Kim (1): stmmac: fix valid numbers of unicast filter entries Jose Abreu (1): net: stmmac: Fixup the tail addr setting in xmit path Jérôme Glisse (1): mm/thp: fix call to mmu_notifier in set_pmd_migration_entry() v2 Kuninori Morimoto (2): ASoC: rsnd: adg: care clock-frequency size ASoC: rsnd: don't fallback to PIO mode when -EPROBE_DEFER Laura Abbott (1): scsi: iscsi: target: Don't use stack buffer for scatterlist Lei Yang (2): selftests/efivarfs: add required kernel configs selftests: memory-hotplug: add required configs Maciej Żenczykowski (1): net-ethtool: ETHTOOL_GUFO did not and should not require CAP_NET_ADMIN Mahesh Bandewar (3): bonding: avoid possible dead-lock bonding: pass link-local packets to bonding master also. bonding: fix warning message Marc Zyngier (2): ARM: KVM: invalidate BTB on guest exit for Cortex-A12/A17 ARM: KVM: invalidate icache on guest exit for Cortex-A15 Marco Felsch (1): pinctrl: mcp23s08: fix irq and irqchip setup order Mathias Nyman (1): xhci: Don't print a warning when setting link state for disabled ports Mauricio Faria de Oliveira (1): rtnetlink: fix rtnl_fdb_dump() for ndmsg header Maxime Chevallier (1): net: mvpp2: Extract the correct ethtype from the skb for tx csum offload Michael Chan (1): bnxt_en: Fix TX timeout during netpoll. Mike Rapoport (1): percpu: stop leaking bitmap metadata blocks Mike Snitzer (1): dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled Mikulas Patocka (1): mach64: detect the dot clock divider correctly on sparc Nicolas Ferre (2): net: macb: disable scatter-gather for macb on sama5d3 ARM: dts: at91: add new compatibility string for macb on sama5d3 Oder Chiou (1): ASoC: rt5514: Fix the issue of the delay volume applied again Paolo Abeni (2): ip6_tunnel: be careful when accessing the inner header ip_tunnel: be careful when accessing the inner header Parthasarathy Bhuvaragan (1): tipc: fix flow control accounting for implicit connect Paul Burton (1): MIPS: VDSO: Always map near top of user memory Pierre-Louis Bossart (1): ASoC: wm8804: Add ACPI support Roman Gushchin (5): mm: introduce NR_INDIRECTLY_RECLAIMABLE_BYTES mm: treat indirectly reclaimable memory as available in MemAvailable dcache: account external names as indirectly reclaimable memory mm: treat indirectly reclaimable memory as free in overcommit logic mm: don't show nr_indirectly_reclaimable in /proc/vmstat Russell King (22): ARM: add more CPU part numbers for Cortex and Brahma B15 CPUs ARM: bugs: prepare processor bug infrastructure ARM: bugs: hook processor bug checking into SMP and suspend paths ARM: bugs: add support for per-processor bug checking ARM: spectre: add Kconfig symbol for CPUs vulnerable to Spectre ARM: spectre-v2: harden branch predictor on context switches ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit ARM: spectre-v2: harden user aborts in kernel space ARM: spectre-v2: add firmware based hardening ARM: spectre-v2: warn about incorrect context switching functions ARM: spectre-v2: KVM: invalidate icache on guest exit for Brahma B15 ARM: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling ARM: KVM: report support for SMCCC_ARCH_WORKAROUND_1 ARM: spectre-v1: add speculation barrier (csdb) macros ARM: spectre-v1: add array_index_mask_nospec() implementation ARM: spectre-v1: fix syscall entry ARM: signal: copy registers using __copy_from_user() ARM: vfp: use __copy_from_user() when restoring VFP state ARM: oabi-compat: copy semops using __copy_from_user() ARM: use __inttype() in get_user() ARM: spectre-v1: use get_user() for __get_user() ARM: spectre-v1: mitigate user accesses Sabrina Dubroca (1): net: ipv4: update fnhe_pmtu when first hop's MTU changes Sean Tranchetti (1): netlabel: check for IPV4MASK in addrinfo_get Shahed Shaikh (1): qlcnic: fix Tx descriptor corruption on 82xx devices Shenghui Wang (1): dm cache: destroy migration_cache if cache target registration failed Stephen Hemminger (2): hv_netvsc: fix schedule in RCU context PCI: hv: support reporting serial number as slot information Tejun Heo (1): cgroup: Fix dom_cgrp propagation when enabling threaded mode Tony Lindgren (1): mfd: omap-usb-host: Fix dts probe of children Venkat Duvvuru (1): bnxt_en: free hwrm resources, if driver probe fails. Vitaly Kuznetsov (1): x86/kvm/lapic: always disable MMIO interface in x2APIC mode Wei Wang (1): ipv6: take rcu lock in rawv6_send_hdrinc() Will Deacon (1): arm64: perf: Reject stand-alone CHAIN events for PMUv3 Xin Long (1): sctp: update dst pmtu with the correct daddr Yu Zhao (3): net/usb: cancel pending work when unbinding smsc75xx sound: enable interrupt after dma buffer initialization sound: don't call skl_init_chip() to reset intel skl soc Yunsheng Lin (1): net: hns: fix for unmapping problem when SMMU is on

7 years

1
1
0 0

Linux 4.9.134

by Greg KH

I'm announcing the release of the 4.9.134 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/net/macb.txt | 1 Documentation/networking/ip-sysctl.txt | 13 Makefile | 2 arch/arm/boot/dts/sama5d3_emac.dtsi | 2 arch/x86/include/uapi/asm/kvm.h | 1 arch/x86/kvm/lapic.c | 22 drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gfx_v7.c | 2 drivers/i2c/busses/i2c-scmi.c | 1 drivers/mfd/omap-usb-host.c | 11 drivers/net/bonding/bond_main.c | 43 - drivers/net/dsa/bcm_sf2.c | 12 drivers/net/ethernet/broadcom/bcmsysport.c | 22 drivers/net/ethernet/broadcom/bnxt/bnxt.c | 13 drivers/net/ethernet/cadence/macb.c | 8 drivers/net/ethernet/hisilicon/hns/hnae.c | 2 drivers/net/ethernet/hisilicon/hns/hns_enet.c | 30 drivers/net/ethernet/marvell/mvpp2.c | 10 drivers/net/ethernet/qlogic/qlcnic/qlcnic.h | 8 drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.h | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_hw.h | 3 drivers/net/ethernet/qlogic/qlcnic/qlcnic_io.c | 12 drivers/net/ethernet/stmicro/stmmac/stmmac_platform.c | 5 drivers/net/team/team.c | 5 drivers/net/usb/qmi_wwan.c | 1 drivers/net/usb/smsc75xx.c | 1 drivers/scsi/qla2xxx/qla_target.h | 4 drivers/target/iscsi/iscsi_target.c | 22 drivers/usb/host/xhci-hub.c | 18 drivers/video/fbdev/aty/atyfb.h | 3 drivers/video/fbdev/aty/atyfb_base.c | 7 drivers/video/fbdev/aty/mach64_ct.c | 10 fs/ext4/xattr.c | 2 include/linux/netdevice.h | 7 include/linux/rhashtable.h | 4 include/linux/skbuff.h | 34 - include/net/bonding.h | 7 include/net/inet_frag.h | 133 +--- include/net/inet_sock.h | 6 include/net/ip.h | 1 include/net/ip_fib.h | 1 include/net/ipv6.h | 26 include/uapi/linux/snmp.h | 1 lib/rhashtable.c | 5 mm/vmstat.c | 1 net/core/dev.c | 28 net/core/rtnetlink.c | 6 net/core/skbuff.c | 31 net/dccp/input.c | 4 net/dccp/ipv4.c | 4 net/ieee802154/6lowpan/6lowpan_i.h | 26 net/ieee802154/6lowpan/reassembly.c | 148 ++-- net/ipv4/fib_frontend.c | 12 net/ipv4/fib_semantics.c | 50 + net/ipv4/inet_connection_sock.c | 5 net/ipv4/inet_fragment.c | 379 ++--------- net/ipv4/ip_fragment.c | 573 +++++++++--------- net/ipv4/ip_sockglue.c | 3 net/ipv4/ip_tunnel.c | 9 net/ipv4/proc.c | 7 net/ipv4/tcp_input.c | 37 - net/ipv4/tcp_ipv4.c | 4 net/ipv6/addrconf.c | 4 net/ipv6/ip6_tunnel.c | 13 net/ipv6/netfilter/nf_conntrack_reasm.c | 100 +-- net/ipv6/proc.c | 5 net/ipv6/raw.c | 29 net/ipv6/reassembly.c | 212 +++--- net/netlabel/netlabel_unlabeled.c | 3 sound/hda/hdac_controller.c | 8 sound/soc/codecs/sigmadsp.c | 3 sound/soc/codecs/wm8804-i2c.c | 15 tools/perf/scripts/python/export-to-postgresql.py | 9 tools/testing/selftests/efivarfs/config | 1 tools/testing/selftests/memory-hotplug/config | 1 75 files changed, 1134 insertions(+), 1123 deletions(-) Adrian Hunter (1): perf script python: Fix export-to-postgresql.py occasional failure Amber Lin (1): drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 Dan Carpenter (2): scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted() ipv4: frags: precedence bug in ip_expire() Daniel Rosenberg (1): ext4: Fix error code in ext4_xattr_set_entry() Danny Smith (1): ASoC: sigmadsp: safeload should not have lower byte limit Edgar Cherkasov (1): i2c: i2c-scmi: fix for i2c_smbus_write_block_data Eric Dumazet (25): ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 tcp/dccp: fix lockdep issue when SYN is backlogged inet: make sure to grab rcu_read_lock before using ireq->ireq_opt inet: frags: change inet_frags_init_net() return value inet: frags: add a pointer to struct netns_frags inet: frags: refactor ipfrag_init() inet: frags: refactor ipv6_frag_init() inet: frags: refactor lowpan_net_frag_init() ipv6: export ip6 fragments sysctl to unprivileged users rhashtable: add schedule points inet: frags: use rhashtables for reassembly units inet: frags: remove some helpers inet: frags: get rif of inet_frag_evicting() inet: frags: remove inet_frag_maybe_warn_overflow() inet: frags: break the 2GB limit for frags storage inet: frags: do not clone skb in ip_expire() ipv6: frags: rewrite ip6_expire_frag_queue() rhashtable: reorganize struct rhashtable layout inet: frags: reorganize struct netns_frags inet: frags: get rid of ipfrag_skb_cb/FRAG_CB inet: frags: fix ip6frag_low_thresh boundary net: speed up skb_rbtree_purge() net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends net: add rb_to_skb() and other rb tree helpers Florian Fainelli (3): net: dsa: bcm_sf2: Call setup during switch resume net: dsa: bcm_sf2: Fix unbind ordering net: systemport: Fix wake-up interrupt race during resume Florian Westphal (1): ipv6: defrag: drop non-last frags smaller than min mtu Giacinto Cifelli (1): qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface Greg Kroah-Hartman (1): Linux 4.9.134 Ido Schimmel (1): team: Forbid enslaving team device to itself Jann Horn (1): mm/vmstat.c: fix outdated vmstat_text Jeff Barnhill (1): net/ipv6: Display all addresses in output of /proc/net/if_inet6 Jongsung Kim (1): stmmac: fix valid numbers of unicast filter entries Laura Abbott (1): scsi: iscsi: target: Don't use stack buffer for scatterlist Lei Yang (2): selftests/efivarfs: add required kernel configs selftests: memory-hotplug: add required configs Mahesh Bandewar (1): bonding: avoid possible dead-lock Mathias Nyman (1): xhci: Don't print a warning when setting link state for disabled ports Maxime Chevallier (1): net: mvpp2: Extract the correct ethtype from the skb for tx csum offload Michael Chan (1): bnxt_en: Fix TX timeout during netpoll. Mikulas Patocka (1): mach64: detect the dot clock divider correctly on sparc Nicolas Ferre (2): net: macb: disable scatter-gather for macb on sama5d3 ARM: dts: at91: add new compatibility string for macb on sama5d3 Paolo Abeni (2): ip6_tunnel: be careful when accessing the inner header ip_tunnel: be careful when accessing the inner header Peter Oskolkov (5): ip: discard IPv4 datagrams with overlapping segments. net: modify skb_rbtree_purge to return the truesize of all purged skbs. ip: use rb trees for IP frag queue. ip: add helpers to process in-order fragments faster. ip: process in-order fragments efficiently Pierre-Louis Bossart (1): ASoC: wm8804: Add ACPI support Sabrina Dubroca (1): net: ipv4: update fnhe_pmtu when first hop's MTU changes Sean Tranchetti (1): netlabel: check for IPV4MASK in addrinfo_get Shahed Shaikh (1): qlcnic: fix Tx descriptor corruption on 82xx devices Taehee Yoo (1): ip: frags: fix crash in ip_do_fragment() Tony Lindgren (1): mfd: omap-usb-host: Fix dts probe of children Vitaly Kuznetsov (1): x86/kvm/lapic: always disable MMIO interface in x2APIC mode Wei Wang (1): ipv6: take rcu lock in rawv6_send_hdrinc() Yu Zhao (2): sound: enable interrupt after dma buffer initialization net/usb: cancel pending work when unbinding smsc75xx Yunsheng Lin (1): net: hns: fix for unmapping problem when SMMU is on

7 years

1
1
0 0

[PATCH 4.14 000/109] 4.14.77-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.77 release. There are 109 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Oct 18 17:04:58 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.77-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.77-rc1 Jiri Olsa <jolsa(a)kernel.org> perf tools: Fix snprint warnings for gcc 8 Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre-v1: mitigate user accesses Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre-v1: use get_user() for __get_user() Russell King <rmk+kernel(a)armlinux.org.uk> ARM: use __inttype() in get_user() Russell King <rmk+kernel(a)armlinux.org.uk> ARM: oabi-compat: copy semops using __copy_from_user() Russell King <rmk+kernel(a)armlinux.org.uk> ARM: vfp: use __copy_from_user() when restoring VFP state Russell King <rmk+kernel(a)armlinux.org.uk> ARM: signal: copy registers using __copy_from_user() Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre-v1: fix syscall entry Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre-v1: add array_index_mask_nospec() implementation Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre-v1: add speculation barrier (csdb) macros Russell King <rmk+kernel(a)armlinux.org.uk> ARM: KVM: report support for SMCCC_ARCH_WORKAROUND_1 Russell King <rmk+kernel(a)armlinux.org.uk> ARM: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre-v2: KVM: invalidate icache on guest exit for Brahma B15 Marc Zyngier <marc.zyngier(a)arm.com> ARM: KVM: invalidate icache on guest exit for Cortex-A15 Marc Zyngier <marc.zyngier(a)arm.com> ARM: KVM: invalidate BTB on guest exit for Cortex-A12/A17 Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre-v2: warn about incorrect context switching functions Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre-v2: add firmware based hardening Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre-v2: harden user aborts in kernel space Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre-v2: harden branch predictor on context switches Russell King <rmk+kernel(a)armlinux.org.uk> ARM: spectre: add Kconfig symbol for CPUs vulnerable to Spectre Russell King <rmk+kernel(a)armlinux.org.uk> ARM: bugs: add support for per-processor bug checking Russell King <rmk+kernel(a)armlinux.org.uk> ARM: bugs: hook processor bug checking into SMP and suspend paths Russell King <rmk+kernel(a)armlinux.org.uk> ARM: bugs: prepare processor bug infrastructure Russell King <rmk+kernel(a)armlinux.org.uk> ARM: add more CPU part numbers for Cortex and Brahma B15 CPUs Roman Gushchin <guro(a)fb.com> mm: don't show nr_indirectly_reclaimable in /proc/vmstat Roman Gushchin <guro(a)fb.com> mm: treat indirectly reclaimable memory as free in overcommit logic Roman Gushchin <guro(a)fb.com> dcache: account external names as indirectly reclaimable memory Roman Gushchin <guro(a)fb.com> mm: treat indirectly reclaimable memory as available in MemAvailable Roman Gushchin <guro(a)fb.com> mm: introduce NR_INDIRECTLY_RECLAIMABLE_BYTES Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Don't print a warning when setting link state for disabled ports Edgar Cherkasov <echerkasov(a)dev.rtsoft.ru> i2c: i2c-scmi: fix for i2c_smbus_write_block_data Jan Kara <jack(a)suse.cz> mm: Preserve _PAGE_DEVMAP across mprotect() calls Jérôme Glisse <jglisse(a)redhat.com> mm/thp: fix call to mmu_notifier in set_pmd_migration_entry() v2 Will Deacon <will.deacon(a)arm.com> arm64: perf: Reject stand-alone CHAIN events for PMUv3 Marco Felsch <m.felsch(a)pengutronix.de> pinctrl: mcp23s08: fix irq and irqchip setup order Chris Boot <bootc(a)bootc.net> mmc: block: avoid multiblock reads for the last sector in SPI mode Tejun Heo <tj(a)kernel.org> cgroup: Fix dom_cgrp propagation when enabling threaded mode Damien Le Moal <damien.lemoal(a)wdc.com> dm linear: fix linear_end_io conditional definition Mike Snitzer <snitzer(a)redhat.com> dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled Damien Le Moal <damien.lemoal(a)wdc.com> dm: fix report zone remapping to account for partition offset Shenghui Wang <shhuiw(a)foxmail.com> dm cache: destroy migration_cache if cache target registration failed Eric Farman <farman(a)linux.ibm.com> s390/cio: Fix how vfio-ccw checks pinned pages Adrian Hunter <adrian.hunter(a)intel.com> perf script python: Fix export-to-sqlite.py sample columns Adrian Hunter <adrian.hunter(a)intel.com> perf script python: Fix export-to-postgresql.py occasional failure Mike Rapoport <rppt(a)linux.vnet.ibm.com> percpu: stop leaking bitmap metadata blocks Mikulas Patocka <mpatocka(a)redhat.com> mach64: detect the dot clock divider correctly on sparc Paul Burton <paul.burton(a)mips.com> MIPS: VDSO: Always map near top of user memory Jann Horn <jannh(a)google.com> mm/vmstat.c: fix outdated vmstat_text Amber Lin <Amber.Lin(a)amd.com> drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 Vitaly Kuznetsov <vkuznets(a)redhat.com> x86/kvm/lapic: always disable MMIO interface in x2APIC mode Hans de Goede <hdegoede(a)redhat.com> clk: x86: Stop marking clocks as CLK_IS_CRITICAL Hans de Goede <hdegoede(a)redhat.com> clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail Stephen Hemminger <stephen(a)networkplumber.org> PCI: hv: support reporting serial number as slot information Nicolas Ferre <nicolas.ferre(a)microchip.com> ARM: dts: at91: add new compatibility string for macb on sama5d3 Nicolas Ferre <nicolas.ferre(a)microchip.com> net: macb: disable scatter-gather for macb on sama5d3 Jongsung Kim <neidhard.kim(a)lge.com> stmmac: fix valid numbers of unicast filter entries Stephen Hemminger <stephen(a)networkplumber.org> hv_netvsc: fix schedule in RCU context Yu Zhao <yuzhao(a)google.com> sound: don't call skl_init_chip() to reset intel skl soc Yu Zhao <yuzhao(a)google.com> sound: enable interrupt after dma buffer initialization Dan Carpenter <dan.carpenter(a)oracle.com> scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted() Laura Abbott <labbott(a)redhat.com> scsi: iscsi: target: Don't use stack buffer for scatterlist Tony Lindgren <tony(a)atomide.com> mfd: omap-usb-host: Fix dts probe of children Hermes Zhang <chenhuiz(a)axis.com> Bluetooth: hci_ldisc: Free rw_semaphore on close Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: rsnd: don't fallback to PIO mode when -EPROBE_DEFER Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: rsnd: adg: care clock-frequency size Lei Yang <Lei.Yang(a)windriver.com> selftests: memory-hotplug: add required configs Lei Yang <Lei.Yang(a)windriver.com> selftests/efivarfs: add required kernel configs Danny Smith <danny.smith(a)axis.com> ASoC: sigmadsp: safeload should not have lower byte limit Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: wm8804: Add ACPI support Oder Chiou <oder_chiou(a)realtek.com> ASoC: rt5514: Fix the issue of the delay volume applied again Eric Dumazet <edumazet(a)google.com> inet: make sure to grab rcu_read_lock before using ireq->ireq_opt Eric Dumazet <edumazet(a)google.com> tcp/dccp: fix lockdep issue when SYN is backlogged Maciej Żenczykowski <maze(a)google.com> net-ethtool: ETHTOOL_GUFO did not and should not require CAP_NET_ADMIN Davide Caratti <dcaratti(a)redhat.com> bnxt_en: don't try to offload VLAN 'modify' action Jakub Kicinski <jakub.kicinski(a)netronome.com> nfp: avoid soft lockups under control message storm Mahesh Bandewar <maheshb(a)google.com> bonding: fix warning message Mahesh Bandewar <maheshb(a)google.com> bonding: pass link-local packets to bonding master also. Eran Ben Elisha <eranbe(a)mellanox.com> net/mlx5: E-Switch, Fix out of bound access when setting vport rate Friedemann Gerold <f.gerold(a)b-c-s.de> net: aquantia: memory corruption on jumbo frames Jianbo Liu <jianbol(a)mellanox.com> net/mlx5e: Set vlan masks for all offloaded TC rules Florian Fainelli <f.fainelli(a)gmail.com> net: dsa: bcm_sf2: Fix unbind ordering Jianfeng Tan <jianfeng.tan(a)linux.alibaba.com> net/packet: fix packet drop as of virtio gso Jose Abreu <Jose.Abreu(a)synopsys.com> net: stmmac: Fixup the tail addr setting in xmit path Jiri Kosina <jkosina(a)suse.cz> udp: Unbreak modules that rely on external __skb_recv_udp() availability Parthasarathy Bhuvaragan <parthasarathy.bhuvaragan(a)ericsson.com> tipc: fix flow control accounting for implicit connect Ido Schimmel <idosch(a)mellanox.com> team: Forbid enslaving team device to itself Xin Long <lucien.xin(a)gmail.com> sctp: update dst pmtu with the correct daddr Eric Dumazet <edumazet(a)google.com> rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 Mauricio Faria de Oliveira <mfo(a)canonical.com> rtnetlink: fix rtnl_fdb_dump() for ndmsg header Giacinto Cifelli <gciofono(a)gmail.com> qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface Shahed Shaikh <shahed.shaikh(a)cavium.com> qlcnic: fix Tx descriptor corruption on 82xx devices Yu Zhao <yuzhao(a)google.com> net/usb: cancel pending work when unbinding smsc75xx Florian Fainelli <f.fainelli(a)gmail.com> net: systemport: Fix wake-up interrupt race during resume David Ahern <dsahern(a)gmail.com> net: sched: Add policy validation for tc attributes Antoine Tenart <antoine.tenart(a)bootlin.com> net: mvpp2: fix a txq_done race condition Maxime Chevallier <maxime.chevallier(a)bootlin.com> net: mvpp2: Extract the correct ethtype from the skb for tx csum offload Sean Tranchetti <stranche(a)codeaurora.org> netlabel: check for IPV4MASK in addrinfo_get Jeff Barnhill <0xeffeff(a)gmail.com> net/ipv6: Display all addresses in output of /proc/net/if_inet6 Sabrina Dubroca <sd(a)queasysnail.net> net: ipv4: update fnhe_pmtu when first hop's MTU changes Yunsheng Lin <linyunsheng(a)huawei.com> net: hns: fix for unmapping problem when SMMU is on Florian Fainelli <f.fainelli(a)gmail.com> net: dsa: bcm_sf2: Call setup during switch resume Wei Wang <weiwan(a)google.com> ipv6: take rcu lock in rawv6_send_hdrinc() Eric Dumazet <edumazet(a)google.com> ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() Paolo Abeni <pabeni(a)redhat.com> ip_tunnel: be careful when accessing the inner header Paolo Abeni <pabeni(a)redhat.com> ip6_tunnel: be careful when accessing the inner header Mahesh Bandewar <maheshb(a)google.com> bonding: avoid possible dead-lock Venkat Duvvuru <venkatkumar.duvvuru(a)broadcom.com> bnxt_en: free hwrm resources, if driver probe fails. Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Fix TX timeout during netpoll. ------------- Diffstat: Documentation/devicetree/bindings/net/macb.txt | 1 + Makefile | 4 +- arch/arm/boot/dts/sama5d3_emac.dtsi | 2 +- arch/arm/include/asm/assembler.h | 12 ++ arch/arm/include/asm/barrier.h | 32 ++++ arch/arm/include/asm/bugs.h | 6 +- arch/arm/include/asm/cp15.h | 3 + arch/arm/include/asm/cputype.h | 8 + arch/arm/include/asm/kvm_asm.h | 2 - arch/arm/include/asm/kvm_host.h | 14 +- arch/arm/include/asm/kvm_mmu.h | 23 ++- arch/arm/include/asm/proc-fns.h | 4 + arch/arm/include/asm/system_misc.h | 15 ++ arch/arm/include/asm/thread_info.h | 4 +- arch/arm/include/asm/uaccess.h | 26 ++- arch/arm/kernel/Makefile | 1 + arch/arm/kernel/bugs.c | 18 +++ arch/arm/kernel/entry-common.S | 18 +-- arch/arm/kernel/entry-header.S | 25 +++ arch/arm/kernel/signal.c | 58 +++---- arch/arm/kernel/smp.c | 4 + arch/arm/kernel/suspend.c | 2 + arch/arm/kernel/sys_oabi-compat.c | 8 +- arch/arm/kvm/hyp/hyp-entry.S | 112 ++++++++++++- arch/arm/lib/copy_from_user.S | 9 ++ arch/arm/mm/Kconfig | 23 +++ arch/arm/mm/Makefile | 2 +- arch/arm/mm/fault.c | 3 + arch/arm/mm/proc-macros.S | 3 +- arch/arm/mm/proc-v7-2level.S | 6 - arch/arm/mm/proc-v7-bugs.c | 174 +++++++++++++++++++++ arch/arm/mm/proc-v7.S | 154 ++++++++++++++---- arch/arm/vfp/vfpmodule.c | 17 +- arch/arm64/kernel/perf_event.c | 7 + arch/mips/include/asm/processor.h | 10 +- arch/mips/kernel/process.c | 25 +++ arch/mips/kernel/vdso.c | 18 ++- arch/powerpc/include/asm/book3s/64/pgtable.h | 4 +- arch/x86/include/asm/pgtable_types.h | 2 +- arch/x86/include/uapi/asm/kvm.h | 1 + arch/x86/kvm/lapic.c | 22 ++- drivers/bluetooth/hci_ldisc.c | 2 + drivers/clk/x86/clk-pmc-atom.c | 18 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gfx_v7.c | 2 +- drivers/i2c/busses/i2c-scmi.c | 1 + drivers/md/dm-cache-target.c | 5 +- drivers/md/dm-flakey.c | 2 + drivers/md/dm-linear.c | 8 +- drivers/md/dm.c | 27 +++- drivers/mfd/omap-usb-host.c | 11 +- drivers/mmc/core/block.c | 10 ++ drivers/net/bonding/bond_main.c | 65 ++++---- drivers/net/dsa/bcm_sf2.c | 12 +- drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 32 ++-- drivers/net/ethernet/broadcom/bcmsysport.c | 22 +-- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 23 ++- drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 20 ++- drivers/net/ethernet/cadence/macb_main.c | 8 + drivers/net/ethernet/hisilicon/hns/hnae.c | 2 +- drivers/net/ethernet/hisilicon/hns/hns_enet.c | 30 ++-- drivers/net/ethernet/marvell/mvpp2.c | 20 ++- drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 3 + drivers/net/ethernet/mellanox/mlx5/core/eswitch.c | 4 +- .../net/ethernet/netronome/nfp/nfp_net_common.c | 17 +- drivers/net/ethernet/qlogic/qlcnic/qlcnic.h | 8 +- .../net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c | 3 +- .../net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.h | 3 +- drivers/net/ethernet/qlogic/qlcnic/qlcnic_hw.h | 3 +- drivers/net/ethernet/qlogic/qlcnic/qlcnic_io.c | 12 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 8 +- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 5 +- drivers/net/hyperv/netvsc_drv.c | 9 +- drivers/net/team/team.c | 5 + drivers/net/usb/qmi_wwan.c | 1 + drivers/net/usb/smsc75xx.c | 1 + drivers/pci/host/pci-hyperv.c | 37 +++++ drivers/perf/arm_pmu.c | 8 +- drivers/pinctrl/pinctrl-mcp23s08.c | 13 +- drivers/s390/cio/vfio_ccw_cp.c | 2 +- drivers/scsi/qla2xxx/qla_target.h | 4 +- drivers/target/iscsi/iscsi_target.c | 22 ++- drivers/usb/host/xhci-hub.c | 18 +-- drivers/video/fbdev/aty/atyfb.h | 3 +- drivers/video/fbdev/aty/atyfb_base.c | 7 +- drivers/video/fbdev/aty/mach64_ct.c | 10 +- fs/dcache.c | 38 +++-- include/linux/cgroup-defs.h | 1 + include/linux/mmzone.h | 1 + include/linux/netdevice.h | 7 + include/linux/perf/arm_pmu.h | 1 + include/linux/virtio_net.h | 18 +++ include/net/bonding.h | 7 +- include/net/inet_sock.h | 6 - include/net/ip_fib.h | 1 + include/sound/hdaudio.h | 1 + kernel/cgroup/cgroup.c | 25 +-- mm/huge_memory.c | 6 - mm/page_alloc.c | 7 + mm/percpu.c | 1 + mm/util.c | 7 + mm/vmstat.c | 6 +- net/core/dev.c | 28 +++- net/core/ethtool.c | 1 + net/core/rtnetlink.c | 35 +++-- net/dccp/input.c | 4 +- net/dccp/ipv4.c | 4 +- net/ipv4/fib_frontend.c | 12 +- net/ipv4/fib_semantics.c | 50 ++++++ net/ipv4/inet_connection_sock.c | 5 +- net/ipv4/ip_sockglue.c | 3 +- net/ipv4/ip_tunnel.c | 9 ++ net/ipv4/tcp_input.c | 4 +- net/ipv4/tcp_ipv4.c | 4 +- net/ipv4/udp.c | 2 +- net/ipv6/addrconf.c | 4 +- net/ipv6/ip6_tunnel.c | 13 +- net/ipv6/raw.c | 29 ++-- net/netlabel/netlabel_unlabeled.c | 3 +- net/packet/af_packet.c | 11 +- net/sched/sch_api.c | 22 ++- net/sctp/transport.c | 12 +- net/tipc/socket.c | 4 +- sound/hda/hdac_controller.c | 15 +- sound/soc/codecs/rt5514.c | 8 +- sound/soc/codecs/sigmadsp.c | 3 +- sound/soc/codecs/wm8804-i2c.c | 15 +- sound/soc/intel/skylake/skl.c | 2 +- sound/soc/sh/rcar/adg.c | 5 + sound/soc/sh/rcar/core.c | 10 +- sound/soc/sh/rcar/dma.c | 4 + tools/perf/builtin-script.c | 22 +-- tools/perf/scripts/python/export-to-postgresql.py | 9 ++ tools/perf/scripts/python/export-to-sqlite.py | 6 +- tools/perf/tests/attr.c | 4 +- tools/perf/tests/mem.c | 2 +- tools/perf/tests/pmu.c | 2 +- tools/perf/util/cgroup.c | 2 +- tools/perf/util/parse-events.c | 4 +- tools/perf/util/pmu.c | 2 +- tools/testing/selftests/efivarfs/config | 1 + tools/testing/selftests/memory-hotplug/config | 1 + 141 files changed, 1489 insertions(+), 428 deletions(-)

7 years

5
115
0 0

[PATCH 4.18 000/135] 4.18.15-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.18.15 release. There are 135 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Oct 18 17:04:43 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.18.15-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.18.15-rc1 Edgar Cherkasov <echerkasov(a)dev.rtsoft.ru> i2c: i2c-scmi: fix for i2c_smbus_write_block_data Jan Kara <jack(a)suse.cz> mm: Preserve _PAGE_DEVMAP across mprotect() calls Dan Williams <dan.j.williams(a)intel.com> filesystem-dax: Fix dax_layout_busy_page() livelock Jérôme Glisse <jglisse(a)redhat.com> mm/thp: fix call to mmu_notifier in set_pmd_migration_entry() v2 Jann Horn <jannh(a)google.com> mm/mmap.c: don't clobber partially overlapping VMA with MAP_FIXED_NOREPLACE Will Deacon <will.deacon(a)arm.com> arm64: perf: Reject stand-alone CHAIN events for PMUv3 Marco Felsch <m.felsch(a)pengutronix.de> pinctrl: mcp23s08: fix irq and irqchip setup order Chris Boot <bootc(a)bootc.net> mmc: block: avoid multiblock reads for the last sector in SPI mode Lyude Paul <lyude(a)redhat.com> drm/nouveau/drm/nouveau: Grab runtime PM ref in nv50_mstc_detect() Ramses Ramírez <ramzeto(a)gmail.com> Input: xpad - add support for Xbox1 PDP Camo series gamepad Tejun Heo <tj(a)kernel.org> cgroup: Fix dom_cgrp propagation when enabling threaded mode Damien Le Moal <damien.lemoal(a)wdc.com> dm linear: fix linear_end_io conditional definition Mike Snitzer <snitzer(a)redhat.com> dm linear: eliminate linear_end_io call if CONFIG_DM_ZONED disabled Damien Le Moal <damien.lemoal(a)wdc.com> dm: fix report zone remapping to account for partition offset Shenghui Wang <shhuiw(a)foxmail.com> dm cache: destroy migration_cache if cache target registration failed Eric Farman <farman(a)linux.ibm.com> s390/cio: Fix how vfio-ccw checks pinned pages Adrian Hunter <adrian.hunter(a)intel.com> perf script python: Fix export-to-sqlite.py sample columns Adrian Hunter <adrian.hunter(a)intel.com> perf script python: Fix export-to-postgresql.py occasional failure Mike Rapoport <rppt(a)linux.vnet.ibm.com> percpu: stop leaking bitmap metadata blocks Steven Rostedt (VMware) <rostedt(a)goodmis.org> vsprintf: Fix off-by-one bug in bstr_printf() processing dereferenced pointers Mikulas Patocka <mpatocka(a)redhat.com> mach64: detect the dot clock divider correctly on sparc Paul Burton <paul.burton(a)mips.com> MIPS: VDSO: Always map near top of user memory Paul Burton <paul.burton(a)mips.com> MIPS: Fix CONFIG_CMDLINE handling David Howells <dhowells(a)redhat.com> afs: Fix clearance of reply David Howells <dhowells(a)redhat.com> afs: Fix afs_server struct leak Jann Horn <jannh(a)google.com> mm/vmstat.c: fix outdated vmstat_text Roman Gushchin <guro(a)fb.com> mm: slowly shrink slabs with a relatively small number of objects Yong Zhao <Yong.Zhao(a)amd.com> drm/amdkfd: Fix ATS capablity was not reported correctly on some APUs Yong Zhao <yong.zhao(a)amd.com> drm/amdkfd: Change the control stack MTYPE from UC to NC on GFX9 Amber Lin <Amber.Lin(a)amd.com> drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 Vitaly Kuznetsov <vkuznets(a)redhat.com> x86/kvm/lapic: always disable MMIO interface in x2APIC mode Simon Detheridge <s(a)sd.ai> pinctrl: cannonlake: Fix gpio base for GPP-E Hans de Goede <hdegoede(a)redhat.com> clk: x86: Stop marking clocks as CLK_IS_CRITICAL Hans de Goede <hdegoede(a)redhat.com> clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail Stephen Hemminger <stephen(a)networkplumber.org> hv_netvsc: pair VF based on serial number Stephen Hemminger <stephen(a)networkplumber.org> PCI: hv: support reporting serial number as slot information Nicolas Ferre <nicolas.ferre(a)microchip.com> ARM: dts: at91: add new compatibility string for macb on sama5d3 Nicolas Ferre <nicolas.ferre(a)microchip.com> net: macb: disable scatter-gather for macb on sama5d3 Corentin Labbe <clabbe(a)baylibre.com> net: ethernet: ti: add missing GENERIC_ALLOCATOR dependency Guenter Roeck <linux(a)roeck-us.net> hwmon: (nct6775) Use different register to get fan RPM for fan7 Jongsung Kim <neidhard.kim(a)lge.com> stmmac: fix valid numbers of unicast filter entries Guenter Roeck <linux(a)roeck-us.net> hwmon: (nct6775) Fix RPM output for fan7 on NCT6796D Guenter Roeck <linux(a)roeck-us.net> hwmon: (nct6775) Fix virtual temperature sources for NCT6796D Tushar Dave <tushar.n.dave(a)oracle.com> bpf: use __GFP_COMP while allocating page Martin KaFai Lau <kafai(a)fb.com> bpf: btf: Fix end boundary calculation for type section Yu Zhao <yuzhao(a)google.com> sound: don't call skl_init_chip() to reset intel skl soc Yu Zhao <yuzhao(a)google.com> sound: enable interrupt after dma buffer initialization Dan Carpenter <dan.carpenter(a)oracle.com> scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted() Laura Abbott <labbott(a)redhat.com> scsi: iscsi: target: Don't use stack buffer for scatterlist Nicholas Piggin <npiggin(a)gmail.com> KVM: PPC: Book3S HV: Don't use compound_order to determine host mapping size Tony Lindgren <tony(a)atomide.com> mfd: omap-usb-host: Fix dts probe of children Hermes Zhang <chenhuiz(a)axis.com> Bluetooth: hci_ldisc: Free rw_semaphore on close Matias Karhumaa <matias.karhumaa(a)gmail.com> Bluetooth: Use correct tfm to generate OOB data Johan Hedberg <johan.hedberg(a)intel.com> Bluetooth: SMP: Fix trying to use non-existent local OOB data zhong jiang <zhongjiang(a)huawei.com> drm/pl111: Make sure of_device_id tables are NULL terminated Akshu Agrawal <akshu.agrawal(a)amd.com> ASoC: AMD: Ensure reset bit is cleared before configuring Jay Kamat <jgkamat(a)fb.com> Add tests for memory.oom.group Jay Kamat <jgkamat(a)fb.com> Fix cg_read_strcmp() Guenter Roeck <linux(a)roeck-us.net> hwmon: (nct6775) Fix access to fan pulse registers Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: rsnd: don't fallback to PIO mode when -EPROBE_DEFER Kuninori Morimoto <kuninori.morimoto.gx(a)renesas.com> ASoC: rsnd: adg: care clock-frequency size Lei Yang <Lei.Yang(a)windriver.com> selftests: memory-hotplug: add required configs Lei Yang <Lei.Yang(a)windriver.com> selftests/efivarfs: add required kernel configs Anders Roxell <anders.roxell(a)linaro.org> selftests: add headers_install to lib.mk Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> ASoC: q6routing: initialize data correctly Danny Smith <danny.smith(a)axis.com> ASoC: sigmadsp: safeload should not have lower byte limit Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: wm8804: Add ACPI support Ryan Lee <ryans.lee(a)maximintegrated.com> ASoC: max98373: Added 10ms sleep after amp software reset Thiago Jung Bauermann <bauerman(a)linux.ibm.com> selftests: kselftest: Remove outdated comment Anders Roxell <anders.roxell(a)linaro.org> selftests: android: move config up a level Oder Chiou <oder_chiou(a)realtek.com> ASoC: rt5514: Fix the issue of the delay volume applied again Ryan Lee <ryans.lee(a)maximintegrated.com> ASoC: max98373: Added speaker FS gain cotnrol register to volatile. Charles Keepax <ckeepax(a)opensource.cirrus.com> ASoC: dapm: Fix NULL pointer deference on CODEC to CODEC DAIs Hangbin Liu <liuhangbin(a)gmail.com> vxlan: fill ttl inherit info Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> r8169: set RX_MULTI_EN bit in RxConfig for 8168F-family chips Heiner Kallweit <hkallweit1(a)gmail.com> r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO Sudarsana Reddy Kalluru <sudarsana.kalluru(a)cavium.com> qed: Fix shmem structure inconsistency between driver and the mfw. Antoine Tenart <antoine.tenart(a)bootlin.com> net: mscc: fix the frame extraction into the skb Mike Rapoport <rppt(a)linux.vnet.ibm.com> net/ipv6: stop leaking percpu memory in fib6 info David Ahern <dsahern(a)gmail.com> net/ipv6: Remove extra call to ip6_convert_metrics for multipath case Vasundhara Volam <vasundhara-v.volam(a)broadcom.com> bnxt_en: get the reduced max_irqs by the ones used by RDMA Vasundhara Volam <vasundhara-v.volam(a)broadcom.com> bnxt_en: Fix enables field in HWRM_QUEUE_COS2BW_CFG request Alaa Hleihel <alaa(a)mellanox.com> net/mlx5: Check for SQ and not RQ state when modifying hairpin SQ Sabrina Dubroca <sd(a)queasysnail.net> net: ipv4: don't let PMTU updates increase route MTU Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Fix VNIC reservations on the PF. David Ahern <dsahern(a)gmail.com> rtnetlink: Fail dump if target netnsid is invalid Florian Fainelli <f.fainelli(a)gmail.com> net: dsa: b53: Keep CPU port as tagged in all VLANs Eric Dumazet <edumazet(a)google.com> inet: make sure to grab rcu_read_lock before using ireq->ireq_opt Eric Dumazet <edumazet(a)google.com> tcp/dccp: fix lockdep issue when SYN is backlogged Russell King <rmk+kernel(a)armlinux.org.uk> sfp: fix oops with ethtool -m Baruch Siach <baruch(a)tkos.co.il> net: phy: phylink: fix SFP interface autodetection Maciej Żenczykowski <maze(a)google.com> net-ethtool: ETHTOOL_GUFO did not and should not require CAP_NET_ADMIN Davide Caratti <dcaratti(a)redhat.com> bnxt_en: don't try to offload VLAN 'modify' action Jakub Kicinski <jakub.kicinski(a)netronome.com> nfp: avoid soft lockups under control message storm Jose Abreu <Jose.Abreu(a)synopsys.com> net: stmmac: Rework coalesce timer and fix multi-queue races Mahesh Bandewar <maheshb(a)google.com> bonding: fix warning message Mahesh Bandewar <maheshb(a)google.com> bonding: pass link-local packets to bonding master also. Eran Ben Elisha <eranbe(a)mellanox.com> net/mlx5: E-Switch, Fix out of bound access when setting vport rate Friedemann Gerold <f.gerold(a)b-c-s.de> net: aquantia: memory corruption on jumbo frames Jianbo Liu <jianbol(a)mellanox.com> net/mlx5e: Set vlan masks for all offloaded TC rules Florian Fainelli <f.fainelli(a)gmail.com> net: dsa: bcm_sf2: Fix unbind ordering Jianfeng Tan <jianfeng.tan(a)linux.alibaba.com> net/packet: fix packet drop as of virtio gso Jose Abreu <Jose.Abreu(a)synopsys.com> net: stmmac: Fixup the tail addr setting in xmit path Eric Dumazet <edumazet(a)google.com> tun: napi flags belong to tfile Eric Dumazet <edumazet(a)google.com> tun: initialize napi_mutex unconditionally Eric Dumazet <edumazet(a)google.com> tun: remove unused parameters Subash Abhinov Kasiviswanathan <subashab(a)codeaurora.org> net: qualcomm: rmnet: Fix incorrect allocation flag in receive path Subash Abhinov Kasiviswanathan <subashab(a)codeaurora.org> net: qualcomm: rmnet: Fix incorrect allocation flag in transmit Sean Tranchetti <stranche(a)codeaurora.org> net: qualcomm: rmnet: Skip processing loopback packets Jiri Kosina <jkosina(a)suse.cz> udp: Unbreak modules that rely on external __skb_recv_udp() availability Parthasarathy Bhuvaragan <parthasarathy.bhuvaragan(a)ericsson.com> tipc: fix flow control accounting for implicit connect Ido Schimmel <idosch(a)mellanox.com> team: Forbid enslaving team device to itself Xin Long <lucien.xin(a)gmail.com> sctp: update dst pmtu with the correct daddr Eric Dumazet <edumazet(a)google.com> rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 Mauricio Faria de Oliveira <mfo(a)canonical.com> rtnetlink: fix rtnl_fdb_dump() for ndmsg header Giacinto Cifelli <gciofono(a)gmail.com> qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface Shahed Shaikh <shahed.shaikh(a)cavium.com> qlcnic: fix Tx descriptor corruption on 82xx devices Yu Zhao <yuzhao(a)google.com> net/usb: cancel pending work when unbinding smsc75xx Florian Fainelli <f.fainelli(a)gmail.com> net: systemport: Fix wake-up interrupt race during resume Al Viro <viro(a)zeniv.linux.org.uk> net: sched: cls_u32: fix hnode refcounting David Ahern <dsahern(a)gmail.com> net: sched: Add policy validation for tc attributes Antoine Tenart <antoine.tenart(a)bootlin.com> net: mvpp2: fix a txq_done race condition Maxime Chevallier <maxime.chevallier(a)bootlin.com> net: mvpp2: Extract the correct ethtype from the skb for tx csum offload Sean Tranchetti <stranche(a)codeaurora.org> netlabel: check for IPV4MASK in addrinfo_get Jeff Barnhill <0xeffeff(a)gmail.com> net/ipv6: Display all addresses in output of /proc/net/if_inet6 Sabrina Dubroca <sd(a)queasysnail.net> net: ipv4: update fnhe_pmtu when first hop's MTU changes Yunsheng Lin <linyunsheng(a)huawei.com> net: hns: fix for unmapping problem when SMMU is on Florian Fainelli <f.fainelli(a)gmail.com> net: dsa: bcm_sf2: Call setup during switch resume Wei Wang <weiwan(a)google.com> ipv6: take rcu lock in rawv6_send_hdrinc() Eric Dumazet <edumazet(a)google.com> ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() Paolo Abeni <pabeni(a)redhat.com> ip_tunnel: be careful when accessing the inner header Paolo Abeni <pabeni(a)redhat.com> ip6_tunnel: be careful when accessing the inner header Mahesh Bandewar <maheshb(a)google.com> bonding: avoid possible dead-lock Venkat Duvvuru <venkatkumar.duvvuru(a)broadcom.com> bnxt_en: free hwrm resources, if driver probe fails. Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Fix TX timeout during netpoll. ------------- Diffstat: Documentation/devicetree/bindings/net/macb.txt | 1 + Makefile | 18 +- arch/arm/boot/dts/sama5d3_emac.dtsi | 2 +- arch/arm64/kernel/perf_event.c | 7 + arch/mips/include/asm/processor.h | 10 +- arch/mips/kernel/process.c | 25 +++ arch/mips/kernel/setup.c | 48 +++-- arch/mips/kernel/vdso.c | 18 +- arch/powerpc/include/asm/book3s/64/pgtable.h | 4 +- arch/powerpc/kvm/book3s_64_mmu_radix.c | 91 ++++---- arch/x86/include/asm/pgtable_types.h | 2 +- arch/x86/include/uapi/asm/kvm.h | 1 + arch/x86/kvm/lapic.c | 22 +- drivers/bluetooth/hci_ldisc.c | 2 + drivers/clk/x86/clk-pmc-atom.c | 18 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c | 6 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gfx_v7.c | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_device.c | 3 +- drivers/gpu/drm/amd/amdkfd/kfd_iommu.c | 13 +- drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v9.c | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_priv.h | 1 + drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 21 +- drivers/gpu/drm/amd/include/kgd_kfd_interface.h | 2 +- drivers/gpu/drm/nouveau/dispnv50/disp.c | 15 +- drivers/gpu/drm/pl111/pl111_vexpress.c | 3 +- drivers/hwmon/nct6775.c | 70 ++++-- drivers/i2c/busses/i2c-scmi.c | 1 + drivers/input/joystick/xpad.c | 3 + drivers/md/dm-cache-target.c | 5 +- drivers/md/dm-flakey.c | 2 + drivers/md/dm-linear.c | 8 +- drivers/md/dm.c | 27 ++- drivers/mfd/omap-usb-host.c | 11 +- drivers/mmc/core/block.c | 10 + drivers/net/bonding/bond_main.c | 65 +++--- drivers/net/dsa/b53/b53_common.c | 4 +- drivers/net/dsa/bcm_sf2.c | 14 +- drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 32 +-- drivers/net/ethernet/broadcom/bcmsysport.c | 22 +- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 27 ++- drivers/net/ethernet/broadcom/bnxt/bnxt_dcb.c | 6 +- drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 20 +- drivers/net/ethernet/cadence/macb_main.c | 8 + drivers/net/ethernet/hisilicon/hns/hnae.c | 2 +- drivers/net/ethernet/hisilicon/hns/hns_enet.c | 30 ++- drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c | 19 +- drivers/net/ethernet/mellanox/mlx5/core/en_tc.c | 3 + drivers/net/ethernet/mellanox/mlx5/core/eswitch.c | 4 +- drivers/net/ethernet/mellanox/mlx5/core/transobj.c | 2 +- drivers/net/ethernet/mscc/ocelot_board.c | 12 +- .../net/ethernet/netronome/nfp/nfp_net_common.c | 17 +- drivers/net/ethernet/qlogic/qed/qed_hsi.h | 1 + drivers/net/ethernet/qlogic/qlcnic/qlcnic.h | 8 +- .../net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.c | 3 +- .../net/ethernet/qlogic/qlcnic/qlcnic_83xx_hw.h | 3 +- drivers/net/ethernet/qlogic/qlcnic/qlcnic_hw.h | 3 +- drivers/net/ethernet/qlogic/qlcnic/qlcnic_io.c | 12 +- .../net/ethernet/qualcomm/rmnet/rmnet_handlers.c | 7 +- drivers/net/ethernet/realtek/r8169.c | 24 +-- drivers/net/ethernet/stmicro/stmmac/common.h | 4 +- drivers/net/ethernet/stmicro/stmmac/stmmac.h | 14 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 238 ++++++++++++--------- .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 5 +- drivers/net/ethernet/ti/Kconfig | 1 + drivers/net/hyperv/netvsc.c | 3 + drivers/net/hyperv/netvsc_drv.c | 58 ++--- drivers/net/phy/phylink.c | 48 +++-- drivers/net/phy/sfp-bus.c | 4 +- drivers/net/team/team.c | 6 + drivers/net/tun.c | 43 ++-- drivers/net/usb/qmi_wwan.c | 1 + drivers/net/usb/smsc75xx.c | 1 + drivers/net/vxlan.c | 3 + drivers/pci/controller/pci-hyperv.c | 37 ++++ drivers/perf/arm_pmu.c | 8 +- drivers/pinctrl/intel/pinctrl-cannonlake.c | 2 +- drivers/pinctrl/pinctrl-mcp23s08.c | 13 +- drivers/s390/cio/vfio_ccw_cp.c | 2 +- drivers/scsi/qla2xxx/qla_target.h | 4 +- drivers/target/iscsi/iscsi_target.c | 22 +- drivers/video/fbdev/aty/atyfb.h | 3 +- drivers/video/fbdev/aty/atyfb_base.c | 7 +- drivers/video/fbdev/aty/mach64_ct.c | 10 +- fs/afs/rxrpc.c | 2 - fs/dax.c | 13 +- include/linux/cgroup-defs.h | 1 + include/linux/netdevice.h | 7 + include/linux/perf/arm_pmu.h | 1 + include/linux/stmmac.h | 1 + include/linux/virtio_net.h | 18 ++ include/net/bonding.h | 7 +- include/net/inet_sock.h | 6 - include/net/ip_fib.h | 1 + include/sound/hdaudio.h | 1 + include/sound/soc-dapm.h | 1 + kernel/bpf/btf.c | 2 +- kernel/cgroup/cgroup.c | 25 ++- lib/vsprintf.c | 2 +- mm/huge_memory.c | 6 - mm/mmap.c | 2 +- mm/percpu.c | 1 + mm/vmscan.c | 11 + mm/vmstat.c | 1 - net/bluetooth/smp.c | 16 +- net/core/dev.c | 28 ++- net/core/ethtool.c | 1 + net/core/filter.c | 3 +- net/core/rtnetlink.c | 41 ++-- net/dccp/input.c | 4 +- net/dccp/ipv4.c | 4 +- net/ipv4/fib_frontend.c | 12 +- net/ipv4/fib_semantics.c | 50 +++++ net/ipv4/inet_connection_sock.c | 5 +- net/ipv4/ip_sockglue.c | 3 +- net/ipv4/ip_tunnel.c | 9 + net/ipv4/route.c | 7 +- net/ipv4/tcp_input.c | 4 +- net/ipv4/tcp_ipv4.c | 4 +- net/ipv4/udp.c | 2 +- net/ipv6/addrconf.c | 4 +- net/ipv6/ip6_fib.c | 2 + net/ipv6/ip6_tunnel.c | 13 +- net/ipv6/raw.c | 29 ++- net/ipv6/route.c | 5 - net/netlabel/netlabel_unlabeled.c | 3 +- net/packet/af_packet.c | 11 +- net/sched/cls_u32.c | 10 +- net/sched/sch_api.c | 24 ++- net/sctp/transport.c | 12 +- net/tipc/socket.c | 4 +- scripts/subarch.include | 13 ++ sound/hda/hdac_controller.c | 15 +- sound/soc/amd/acp-pcm-dma.c | 21 ++ sound/soc/codecs/max98373.c | 3 + sound/soc/codecs/rt5514.c | 8 +- sound/soc/codecs/sigmadsp.c | 3 +- sound/soc/codecs/wm8804-i2c.c | 15 +- sound/soc/intel/skylake/skl.c | 2 +- sound/soc/qcom/qdsp6/q6routing.c | 4 +- sound/soc/sh/rcar/adg.c | 5 + sound/soc/sh/rcar/core.c | 10 +- sound/soc/sh/rcar/dma.c | 4 + sound/soc/soc-core.c | 4 +- sound/soc/soc-dapm.c | 4 + tools/perf/scripts/python/export-to-postgresql.py | 9 + tools/perf/scripts/python/export-to-sqlite.py | 6 +- tools/testing/selftests/android/Makefile | 2 +- tools/testing/selftests/android/{ion => }/config | 0 tools/testing/selftests/android/ion/Makefile | 2 + tools/testing/selftests/cgroup/cgroup_util.c | 38 +++- tools/testing/selftests/cgroup/cgroup_util.h | 1 + tools/testing/selftests/cgroup/test_memcontrol.c | 205 ++++++++++++++++++ tools/testing/selftests/efivarfs/config | 1 + tools/testing/selftests/futex/functional/Makefile | 1 + tools/testing/selftests/gpio/Makefile | 7 +- tools/testing/selftests/kselftest.h | 1 - tools/testing/selftests/kvm/Makefile | 7 +- tools/testing/selftests/lib.mk | 12 ++ tools/testing/selftests/memory-hotplug/config | 1 + tools/testing/selftests/net/Makefile | 1 + .../selftests/networking/timestamping/Makefile | 1 + tools/testing/selftests/vm/Makefile | 4 - 163 files changed, 1543 insertions(+), 647 deletions(-)

7 years

9
155
0 0

[PATCH] ACPICA: AML Parser: fix parse loop to correctly skip erroneous extended opcodes

by Erik Schmauss

AML opcodes come in two lengths: 1-byte opcodes and 2-byte, extended opcodes. If an error occurs due to illegal opcodes during table load, the AML parser needs to continue loading the table. In order to do this, it needs to skip parsing of the offending opcode and operands associated with that opcode. This change fixes the AML parse loop to correctly skip parsing of incorrect extended opcodes. Previously, only the short opcodes were skipped correctly. Signed-off-by: Erik Schmauss <erik.schmauss(a)intel.com> --- drivers/acpi/acpica/psloop.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/drivers/acpi/acpica/psloop.c b/drivers/acpi/acpica/psloop.c index 34fc2f7476ed..b0789c483b0f 100644 --- a/drivers/acpi/acpica/psloop.c +++ b/drivers/acpi/acpica/psloop.c @@ -417,6 +417,7 @@ acpi_status acpi_ps_parse_loop(struct acpi_walk_state *walk_state) union acpi_parse_object *op = NULL; /* current op */ struct acpi_parse_state *parser_state; u8 *aml_op_start = NULL; + u8 opcode_length; ACPI_FUNCTION_TRACE_PTR(ps_parse_loop, walk_state); @@ -540,8 +541,19 @@ acpi_status acpi_ps_parse_loop(struct acpi_walk_state *walk_state) "Skip parsing opcode %s", acpi_ps_get_opcode_name (walk_state->opcode))); + + /* + * Determine the opcode length before skipping the opcode. + * An opcode can be 1 byte or 2 bytes in length. + */ + opcode_length = 1; + if ((walk_state->opcode & 0xFF00) == + AML_EXTENDED_OPCODE) { + opcode_length = 2; + } walk_state->parser_state.aml = - walk_state->aml + 1; + walk_state->aml + opcode_length; + walk_state->parser_state.aml = acpi_ps_get_next_package_end (&walk_state->parser_state); -- 2.17.1

7 years

2
1
0 0

[PATCH] ACPICA: AML interpreter: add region addresses in global list during initialization

by Erik Schmauss

The table load process omitted adding the operation region address range to the global list. This omission is problematic because the OS queries the global list to check for address range conflicts before deciding which drivers to load. This commit may result in warning messages that look like the following: [ 7.871761] ACPI Warning: system_IO range 0x00000428-0x0000042F conflicts with op_region 0x00000400-0x0000047F (\PMIO) (20180531/utaddress-213) [ 7.871769] ACPI: If an ACPI driver is available for this device, you should use it instead of the native driver However, these messages do not signify regressions. It is a result of properly adding address ranges within the global address list. Link: https://bugzilla.kernel.org/show_bug.cgi?id=200011 Tested-by: Jean-Marc Lenoir <archlinux(a)jihemel.com> Signed-off-by: Erik Schmauss <erik.schmauss(a)intel.com> --- drivers/acpi/acpica/dsopcode.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/acpi/acpica/dsopcode.c b/drivers/acpi/acpica/dsopcode.c index e9fb0bf3c8d2..78f9de260d5f 100644 --- a/drivers/acpi/acpica/dsopcode.c +++ b/drivers/acpi/acpica/dsopcode.c @@ -417,6 +417,10 @@ acpi_ds_eval_region_operands(struct acpi_walk_state *walk_state, ACPI_FORMAT_UINT64(obj_desc->region.address), obj_desc->region.length)); + status = acpi_ut_add_address_range(obj_desc->region.space_id, + obj_desc->region.address, + obj_desc->region.length, node); + /* Now the address and length are valid for this opregion */ obj_desc->region.flags |= AOPOBJ_DATA_VALID; -- 2.17.1

7 years

2
1
0 0

Re: MPC8321 boot failure

by Christophe LEROY

Hi, I can now confirm that the boot failure is due to the absence of commit 8183d99f4a22 ("powerpc/lib/feature-fixups: use raw_patch_instruction()") Greg, could you please apply that patch to 4.14 stable ? Thanks Christophe Le 17/10/2018 à 18:36, Christophe LEROY a écrit : > Hi, > > Yes I discovered the same issue today on MPC8321E, I plan to look at it > more closely tomorrow morning (Paris Time). > > I think we are missing commit 8183d99f4a22c2abbc543847a588df3666ef0c0c , > I didn't realise it when we applied the serie to 4.14, > patch_instruction() is called too early without that patch. > > If you have opportunity to test now, you are welcome, otherwise I'll > test it tomorrow. > > Christophe > > Le 17/10/2018 à 17:18, David Gounaris a écrit : >> Hello, I got into troubles when I upgraded to Linux kernel 4.14.76 on >> boards with MPC8321. >> >> >> The symptom that I see is that the boot process gets cyclic, and no >> printouts are seen from the Linux kernel. It seems like it resets. >> >> >> When I revert the following commits it works again. >> >> af1a8101794dfea897290e057f61086dabfe6c91, powerpc/lib: fix book3s/32 >> boot failure due to code patching >> 609fbeddb24c4035d24fc32d82dc08b30ae3dfc0, powerpc: Avoid code patching >> freed init sections >> >> Any ideas of how to continue? >> >> BR / David Gounaris >> >> >>

7 years

1
0
0 0

[PATCH v2 5/7] sd: Avoid that hibernation triggers a kernel warning

by Bart Van Assche

Although the power management code never calls the system-wide and runtime suspend callbacks concurrently, runtime power state changes can happen while the system is being suspended or resumed. See also the dpm_suspend() and dpm_resume() calls in hibernation_snapshot(). Make sure the sd driver supports this. This patch avoids that the following call trace is reported during system-wide suspend: WARNING: CPU: 0 PID: 701 at drivers/scsi/scsi_lib.c:3047 scsi_device_quiesce+0x4b/0xd0 Workqueue: events_unbound async_run_entry_fn RIP: 0010:scsi_device_quiesce+0x4b/0xd0 Call Trace: scsi_bus_suspend_common+0x71/0xe0 scsi_bus_freeze+0x15/0x20 dpm_run_callback+0x88/0x360 __device_suspend+0x1c4/0x840 async_suspend+0x1f/0xb0 async_run_entry_fn+0x6e/0x2c0 process_one_work+0x4ae/0xa20 worker_thread+0x63/0x5a0 kthread+0x1cf/0x1f0 ret_from_fork+0x24/0x30 Fixes: cd84a62e0078 ("block, scsi: Change the preempt-only flag into a counter") Cc: Lee Duncan <lduncan(a)suse.com> Cc: Hannes Reinecke <hare(a)suse.com> Cc: Luis Chamberlain <mcgrof(a)kernel.org> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: stable(a)vger.kernel.org Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> --- drivers/scsi/scsi_lib.c | 15 ++++++--------- include/scsi/scsi_device.h | 1 - 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi/scsi_lib.c index 7db3c5fae469..6c18a61176e5 100644 --- a/drivers/scsi/scsi_lib.c +++ b/drivers/scsi/scsi_lib.c @@ -3052,11 +3052,12 @@ scsi_device_quiesce(struct scsi_device *sdev) int err; /* - * It is allowed to call scsi_device_quiesce() multiple times from - * the same context but concurrent scsi_device_quiesce() calls are - * not allowed. + * Since all scsi_device_quiesce() and scsi_device_resume() calls + * are serialized it is safe here to check the device state without + * holding the SCSI device state mutex. */ - WARN_ON_ONCE(sdev->quiesced_by && sdev->quiesced_by != current); + if (sdev->sdev_state == SDEV_QUIESCE) + return 0; blk_set_preempt_only(q); @@ -3072,9 +3073,7 @@ scsi_device_quiesce(struct scsi_device *sdev) mutex_lock(&sdev->state_mutex); err = scsi_device_set_state(sdev, SDEV_QUIESCE); - if (err == 0) - sdev->quiesced_by = current; - else + if (err) blk_clear_preempt_only(q); mutex_unlock(&sdev->state_mutex); @@ -3098,8 +3097,6 @@ void scsi_device_resume(struct scsi_device *sdev) * device deleted during suspend) */ mutex_lock(&sdev->state_mutex); - WARN_ON_ONCE(!sdev->quiesced_by); - sdev->quiesced_by = NULL; blk_clear_preempt_only(sdev->request_queue); if (sdev->sdev_state == SDEV_QUIESCE) scsi_device_set_state(sdev, SDEV_RUNNING); diff --git a/include/scsi/scsi_device.h b/include/scsi/scsi_device.h index 202f4d6a4342..ef86c8adc5d5 100644 --- a/include/scsi/scsi_device.h +++ b/include/scsi/scsi_device.h @@ -226,7 +226,6 @@ struct scsi_device { unsigned char access_state; struct mutex state_mutex; enum scsi_device_state sdev_state; - struct task_struct *quiesced_by; unsigned long sdev_data[0]; } __attribute__((aligned(sizeof(unsigned long)))); -- 2.19.1.568.g152ad8e336-goog

7 years

1
0
0 0

[PATCH] scsi/sd: Avoid that hibernation triggers a kernel warning

by Bart Van Assche

Although the power management code never calls the system-wide and runtime suspend callbacks concurrently, runtime power state changes can happen while the system is being suspended or resumed. See also the dpm_suspend() and dpm_resume() calls in hibernation_snapshot(). Make sure the sd driver supports this. This patch avoids that the following call trace is reported during system-wide suspend: WARNING: CPU: 0 PID: 701 at drivers/scsi/scsi_lib.c:3047 scsi_device_quiesce+0x4b/0xd0 Workqueue: events_unbound async_run_entry_fn RIP: 0010:scsi_device_quiesce+0x4b/0xd0 Call Trace: scsi_bus_suspend_common+0x71/0xe0 scsi_bus_freeze+0x15/0x20 dpm_run_callback+0x88/0x360 __device_suspend+0x1c4/0x840 async_suspend+0x1f/0xb0 async_run_entry_fn+0x6e/0x2c0 process_one_work+0x4ae/0xa20 worker_thread+0x63/0x5a0 kthread+0x1cf/0x1f0 ret_from_fork+0x24/0x30 Fixes: cd84a62e0078 ("block, scsi: Change the preempt-only flag into a counter") Cc: Lee Duncan <lduncan(a)suse.com> Cc: Hannes Reinecke <hare(a)suse.com> Cc: Luis Chamberlain <mcgrof(a)kernel.org> Cc: Johannes Thumshirn <jthumshirn(a)suse.de> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: stable(a)vger.kernel.org Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> --- drivers/scsi/scsi_lib.c | 16 +++++----------- include/scsi/scsi_device.h | 1 - 2 files changed, 5 insertions(+), 12 deletions(-) diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi/scsi_lib.c index 62348412ed1b..3106e910e766 100644 --- a/drivers/scsi/scsi_lib.c +++ b/drivers/scsi/scsi_lib.c @@ -3040,13 +3040,11 @@ scsi_device_quiesce(struct scsi_device *sdev) int err; /* - * It is allowed to call scsi_device_quiesce() multiple times from - * the same context but concurrent scsi_device_quiesce() calls are - * not allowed. + * Since all scsi_device_quiesce() and scsi_device_resume() calls + * are serialized it is safe to check the device state without holding + * the SCSI device state mutex. */ - WARN_ON_ONCE(sdev->quiesced_by && sdev->quiesced_by != current); - - if (sdev->quiesced_by == current) + if (sdev->sdev_state == SDEV_QUIESCE) return 0; blk_set_pm_only(q); @@ -3063,9 +3061,7 @@ scsi_device_quiesce(struct scsi_device *sdev) mutex_lock(&sdev->state_mutex); err = scsi_device_set_state(sdev, SDEV_QUIESCE); - if (err == 0) - sdev->quiesced_by = current; - else + if (err) blk_clear_pm_only(q); mutex_unlock(&sdev->state_mutex); @@ -3089,8 +3085,6 @@ void scsi_device_resume(struct scsi_device *sdev) * device deleted during suspend) */ mutex_lock(&sdev->state_mutex); - WARN_ON_ONCE(!sdev->quiesced_by); - sdev->quiesced_by = NULL; blk_clear_pm_only(sdev->request_queue); if (sdev->sdev_state == SDEV_QUIESCE) scsi_device_set_state(sdev, SDEV_RUNNING); diff --git a/include/scsi/scsi_device.h b/include/scsi/scsi_device.h index 202f4d6a4342..ef86c8adc5d5 100644 --- a/include/scsi/scsi_device.h +++ b/include/scsi/scsi_device.h @@ -226,7 +226,6 @@ struct scsi_device { unsigned char access_state; struct mutex state_mutex; enum scsi_device_state sdev_state; - struct task_struct *quiesced_by; unsigned long sdev_data[0]; } __attribute__((aligned(sizeof(unsigned long)))); -- 2.19.1.568.g152ad8e336-goog

7 years

1
1
0 0

[PATCH v3] selinux: policydb - fix byte order and alignment issues

by Ondrej Mosnacek

Do the LE conversions before doing the Infiniband-related range checks. The incorrect checks are otherwise causing a failure to load any policy with an ibendportcon rule on BE systems. This can be reproduced by running (on e.g. ppc64): cat >my_module.cil <<EOF (type test_ibendport_t) (roletype object_r test_ibendport_t) (ibendportcon mlx4_0 1 (system_u object_r test_ibendport_t ((s0) (s0)))) EOF semodule -i my_module.cil Also, fix loading/storing the 64-bit subnet prefix for OCON_IBPKEY to use a correctly aligned buffer. Finally, do not use the 'nodebuf' (u32) buffer where 'buf' (__le32) should be used instead. Tested internally on a ppc64 machine with a RHEL 7 kernel with this patch applied. Cc: Daniel Jurgens <danielj(a)mellanox.com> Cc: Eli Cohen <eli(a)mellanox.com> Cc: James Morris <jmorris(a)namei.org> Cc: Doug Ledford <dledford(a)redhat.com> Cc: <stable(a)vger.kernel.org> # 4.13+ Fixes: a806f7a1616f ("selinux: Create policydb version for Infiniband support") Signed-off-by: Ondrej Mosnacek <omosnace(a)redhat.com> --- security/selinux/ss/policydb.c | 41 ++++++++++++++++++++++------------ 1 file changed, 27 insertions(+), 14 deletions(-) Changes in v3: - use separate buffer for the 64-bit subnet_prefix - add comments on the byte ordering of subnet_prefix - deduplicate the le32_to_cpu() calls from checks Changes in v2: - add reproducer to commit message - update e-mail address of James Morris - better Cc also the old SELinux ML diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index f4eadd3f7350..b9029491869b 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -2108,6 +2108,7 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, { int i, j, rc; u32 nel, len; + __be64 prefixbuf[1]; __le32 buf[3]; struct ocontext *l, *c; u32 nodebuf[8]; @@ -2218,21 +2219,26 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, break; } case OCON_IBPKEY: - rc = next_entry(nodebuf, fp, sizeof(u32) * 4); + rc = next_entry(prefixbuf, fp, sizeof(u64)); if (rc) goto out; - c->u.ibpkey.subnet_prefix = be64_to_cpu(*((__be64 *)nodebuf)); + /* we need to have subnet_prefix in CPU order */ + c->u.ibpkey.subnet_prefix = be64_to_cpu(prefixbuf[0]); - if (nodebuf[2] > 0xffff || - nodebuf[3] > 0xffff) { + rc = next_entry(buf, fp, sizeof(u32) * 2); + if (rc) + goto out; + + c->u.ibpkey.low_pkey = le32_to_cpu(buf[0]); + c->u.ibpkey.high_pkey = le32_to_cpu(buf[1]); + + if (c->u.ibpkey.low_pkey > 0xffff || + c->u.ibpkey.high_pkey > 0xffff) { rc = -EINVAL; goto out; } - c->u.ibpkey.low_pkey = le32_to_cpu(nodebuf[2]); - c->u.ibpkey.high_pkey = le32_to_cpu(nodebuf[3]); - rc = context_read_and_validate(&c->context[0], p, fp); @@ -2249,13 +2255,14 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, if (rc) goto out; - if (buf[1] > 0xff || buf[1] == 0) { + c->u.ibendport.port = le32_to_cpu(buf[1]); + + if (c->u.ibendport.port > 0xff || + c->u.ibendport.port == 0) { rc = -EINVAL; goto out; } - c->u.ibendport.port = le32_to_cpu(buf[1]); - rc = context_read_and_validate(&c->context[0], p, fp); @@ -3105,6 +3112,7 @@ static int ocontext_write(struct policydb *p, struct policydb_compat_info *info, { unsigned int i, j, rc; size_t nel, len; + __be64 prefixbuf[1]; __le32 buf[3]; u32 nodebuf[8]; struct ocontext *c; @@ -3192,12 +3200,17 @@ static int ocontext_write(struct policydb *p, struct policydb_compat_info *info, return rc; break; case OCON_IBPKEY: - *((__be64 *)nodebuf) = cpu_to_be64(c->u.ibpkey.subnet_prefix); + /* subnet_prefix is in CPU order */ + prefixbuf[0] = cpu_to_be64(c->u.ibpkey.subnet_prefix); - nodebuf[2] = cpu_to_le32(c->u.ibpkey.low_pkey); - nodebuf[3] = cpu_to_le32(c->u.ibpkey.high_pkey); + rc = put_entry(prefixbuf, sizeof(u64), 1, fp); + if (rc) + return rc; + + buf[0] = cpu_to_le32(c->u.ibpkey.low_pkey); + buf[1] = cpu_to_le32(c->u.ibpkey.high_pkey); - rc = put_entry(nodebuf, sizeof(u32), 4, fp); + rc = put_entry(buf, sizeof(u32), 2, fp); if (rc) return rc; rc = context_write(p, &c->context[0], fp); -- 2.17.2

7 years

3
2
0 0

[PATCH 5/5] Tools: hv: kvp: Fix a warning of buffer overflow with gcc 8.0.1

by kys＠linuxonhyperv.com

From: Dexuan Cui <decui(a)microsoft.com> The patch fixes: hv_kvp_daemon.c: In function 'kvp_set_ip_info': hv_kvp_daemon.c:1305:2: note: 'snprintf' output between 41 and 4136 bytes into a destination of size 4096 Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Cc: K. Y. Srinivasan <kys(a)microsoft.com> Cc: Haiyang Zhang <haiyangz(a)microsoft.com> Cc: Stephen Hemminger <sthemmin(a)microsoft.com> Cc: <Stable(a)vger.kernel.org> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> --- tools/hv/hv_kvp_daemon.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c index bbb2a8ef367c..b7c2cf7eaba5 100644 --- a/tools/hv/hv_kvp_daemon.c +++ b/tools/hv/hv_kvp_daemon.c @@ -1176,7 +1176,7 @@ static int kvp_set_ip_info(char *if_name, struct hv_kvp_ipaddr_value *new_val) int error = 0; char if_file[PATH_MAX]; FILE *file; - char cmd[PATH_MAX]; + char cmd[PATH_MAX * 2]; char *mac_addr; /* -- 2.18.0

7 years

3
2
0 0

[PATCH 2/2] tracing: Use trace_clock_local() for looping in preemptirq_delay_test.c

by Steven Rostedt

From: "Steven Rostedt (VMware)" <rostedt(a)goodmis.org> The preemptirq_delay_test module is used for the ftrace selftest code that tests the latency tracers. The problem is that it uses ktime for the delay loop, and then checks the tracer to see if the delay loop is caught, but the tracer uses trace_clock_local() which uses various different other clocks to measure the latency. As ktime uses the clock cycles, and the code then converts that to nanoseconds, it causes rounding errors, and the preemptirq latency tests are failing due to being off by 1 (it expects to see a delay of 500000 us, but the delay is only 499999 us). This is happening due to a rounding error in the ktime (which is totally legit). The purpose of the test is to see if it can catch the delay, not to test the accuracy between trace_clock_local() and ktime_get(). Best to use apples to apples, and have the delay loop use the same clock as the latency tracer does. Cc: stable(a)vger.kernel.org Fixes: f96e8577da102 ("lib: Add module for testing preemptoff/irqsoff latency tracers") Acked-by: Joel Fernandes (Google) <joel(a)joelfernandes.org> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> --- kernel/trace/preemptirq_delay_test.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/kernel/trace/preemptirq_delay_test.c b/kernel/trace/preemptirq_delay_test.c index f704390db9fc..d8765c952fab 100644 --- a/kernel/trace/preemptirq_delay_test.c +++ b/kernel/trace/preemptirq_delay_test.c @@ -5,12 +5,12 @@ * Copyright (C) 2018 Joel Fernandes (Google) <joel(a)joelfernandes.org> */ +#include <linux/trace_clock.h> #include <linux/delay.h> #include <linux/interrupt.h> #include <linux/irq.h> #include <linux/kernel.h> #include <linux/kthread.h> -#include <linux/ktime.h> #include <linux/module.h> #include <linux/printk.h> #include <linux/string.h> @@ -25,13 +25,13 @@ MODULE_PARM_DESC(test_mode, "Mode of the test such as preempt or irq (default ir static void busy_wait(ulong time) { - ktime_t start, end; - start = ktime_get(); + u64 start, end; + start = trace_clock_local(); do { - end = ktime_get(); + end = trace_clock_local(); if (kthread_should_stop()) break; - } while (ktime_to_ns(ktime_sub(end, start)) < (time * 1000)); + } while ((end - start) < (time * 1000)); } static int preemptirq_delay_run(void *data) -- 2.19.0

7 years

1
0
0 0

[PATCH 0/4] FS-Cache: Miscellaneous fixes

by David Howells

Attached are another couple of miscellaneous fixes for FS-Cache and CacheFiles: (1) Fix a race between object burial in cachefiles and external rmdir. (2) Fix a race from a split atomic op. (3) Fix incomplete initialisation of cookie key space. (4) Fix out-of-bounds read. The patches are tagged here: git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git fscache-fixes-20181017 and can also be found on the following branch: http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=fs… David --- Al Viro (1): cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) David Howells (1): fscache: Fix incomplete initialisation of inline key space Eric Sandeen (1): fscache: Fix out of bound read in long cookie keys kiran.modukuri (1): fscache: Fix race in fscache_op_complete() due to split atomic_sub & read fs/cachefiles/namei.c | 2 +- fs/fscache/cookie.c | 31 ++++++++++--------------------- fs/fscache/internal.h | 1 - fs/fscache/main.c | 4 +--- include/linux/fscache-cache.h | 4 ++-- 5 files changed, 14 insertions(+), 28 deletions(-)

7 years

1
1
0 0

For your photos 25

by Jenny

We provide photoshop services to some of the companies from around the world. Some online stores use our services for retouching portraits, jewelry, apparels, furnitures etc. Here are the details of what we provide: Clipping path Deep etching Image masking Portrait retouching Jewelry retouching Fashion retouching Please reply back for further info. We can provide testing for your photos if needed. Thanks, Jenny

7 years

1
0
0 0

[PATCH] drm/i915/gen9+: Fix initial readout for Y tiled framebuffers

by Imre Deak

If BIOS configured a Y tiled FB we failed to set up the backing object tiling accordingly, leading to a lack of GT fence installed and a garbled console. The problem was bisected to commit 011f22eb545a ("drm/i915: Do NOT skip the first 4k of stolen memory for pre-allocated buffers v2") but it just revealed a pre-existing issue. Kudos to Ville who suspected a missing fence looking at the corruption on the screen. Cc: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Cc: Mika Westerberg <mika.westerberg(a)linux.intel.com> Cc: Hans de Goede <hdegoede(a)redhat.com> Cc: ronald(a)innovation.ch Cc: <stable(a)vger.kernel.org> Reported-by: Mika Westerberg <mika.westerberg(a)linux.intel.com> Reported-by: ronald(a)innovation.ch Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=108264 Fixes: bc8d7dffacb1 ("drm/i915/skl: Provide a Skylake version of get_plane_config()") Signed-off-by: Imre Deak <imre.deak(a)intel.com> --- drivers/gpu/drm/i915/intel_display.c | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c index a2e729fa8d64..3d34b98c4634 100644 --- a/drivers/gpu/drm/i915/intel_display.c +++ b/drivers/gpu/drm/i915/intel_display.c @@ -2674,6 +2674,17 @@ intel_alloc_initial_plane_obj(struct intel_crtc *crtc, if (size_aligned * 2 > dev_priv->stolen_usable_size) return false; + switch (fb->modifier) { + case DRM_FORMAT_MOD_LINEAR: + case I915_FORMAT_MOD_X_TILED: + case I915_FORMAT_MOD_Y_TILED: + break; + default: + DRM_DEBUG_DRIVER("Unsupported modifier for initial FB: 0x%llx\n", + fb->modifier); + return false; + } + mutex_lock(&dev->struct_mutex); obj = i915_gem_object_create_stolen_for_preallocated(dev_priv, base_aligned, @@ -2683,8 +2694,17 @@ intel_alloc_initial_plane_obj(struct intel_crtc *crtc, if (!obj) return false; - if (plane_config->tiling == I915_TILING_X) - obj->tiling_and_stride = fb->pitches[0] | I915_TILING_X; + switch (plane_config->tiling) { + case I915_TILING_NONE: + break; + case I915_TILING_X: + case I915_TILING_Y: + obj->tiling_and_stride = fb->pitches[0] | plane_config->tiling; + break; + default: + MISSING_CASE(plane_config->tiling); + return false; + } mode_cmd.pixel_format = fb->format->format; mode_cmd.width = fb->width; @@ -8827,6 +8847,7 @@ skylake_get_initial_plane_config(struct intel_crtc *crtc, fb->modifier = I915_FORMAT_MOD_X_TILED; break; case PLANE_CTL_TILED_Y: + plane_config->tiling = I915_TILING_Y; if (val & PLANE_CTL_RENDER_DECOMPRESSION_ENABLE) fb->modifier = I915_FORMAT_MOD_Y_TILED_CCS; else -- 2.13.2

7 years

3
2
0 0

[PATCH v2] selinux: fix byte order and alignment issues in policydb.c

by Ondrej Mosnacek

Add missing LE conversions to the Infiniband-related range checks. These were causing a failure to load any policy with an ibendportcon rule on BE systems. This can be reproduced by running: cat >my_module.cil <<EOF (type test_ibendport_t) (roletype object_r test_ibendport_t) (ibendportcon mlx4_0 1 (system_u object_r test_ibendport_t ((s0) (s0)))) EOF semodule -i my_module.cil (On ppc64 it fails with "/sbin/load_policy: Can't load policy: Invalid argument") Also, the temporary buffers are only guaranteed to be aligned for 32-bit access so use (get/put)_unaligned_be64() for 64-bit accesses. Finally, do not use the 'nodebuf' (u32) buffer where 'buf' (__le32) should be used instead. Tested internally on a ppc64 machine with a RHEL 7 kernel with this patch applied. Cc: Daniel Jurgens <danielj(a)mellanox.com> Cc: Eli Cohen <eli(a)mellanox.com> Cc: James Morris <jmorris(a)namei.org> Cc: Doug Ledford <dledford(a)redhat.com> Cc: <stable(a)vger.kernel.org> # 4.13+ Fixes: a806f7a1616f ("selinux: Create policydb version for Infiniband support") Signed-off-by: Ondrej Mosnacek <omosnace(a)redhat.com> --- security/selinux/ss/policydb.c | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) Changes in v2: - add reproducer to commit message - update e-mail address of James Morris - better Cc also the old SELinux ML diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index f4eadd3f7350..2b310e8f2923 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -37,6 +37,7 @@ #include <linux/errno.h> #include <linux/audit.h> #include <linux/flex_array.h> +#include <asm/unaligned.h> #include "security.h" #include "policydb.h" @@ -2108,7 +2109,7 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, { int i, j, rc; u32 nel, len; - __le32 buf[3]; + __le32 buf[4]; struct ocontext *l, *c; u32 nodebuf[8]; @@ -2218,20 +2219,20 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, break; } case OCON_IBPKEY: - rc = next_entry(nodebuf, fp, sizeof(u32) * 4); + rc = next_entry(buf, fp, sizeof(u32) * 4); if (rc) goto out; - c->u.ibpkey.subnet_prefix = be64_to_cpu(*((__be64 *)nodebuf)); + c->u.ibpkey.subnet_prefix = get_unaligned_be64(buf); - if (nodebuf[2] > 0xffff || - nodebuf[3] > 0xffff) { + if (le32_to_cpu(buf[2]) > 0xffff || + le32_to_cpu(buf[3]) > 0xffff) { rc = -EINVAL; goto out; } - c->u.ibpkey.low_pkey = le32_to_cpu(nodebuf[2]); - c->u.ibpkey.high_pkey = le32_to_cpu(nodebuf[3]); + c->u.ibpkey.low_pkey = le32_to_cpu(buf[2]); + c->u.ibpkey.high_pkey = le32_to_cpu(buf[3]); rc = context_read_and_validate(&c->context[0], p, @@ -2249,7 +2250,8 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info, if (rc) goto out; - if (buf[1] > 0xff || buf[1] == 0) { + if (le32_to_cpu(buf[1]) > 0xff || + le32_to_cpu(buf[1]) == 0) { rc = -EINVAL; goto out; } @@ -3105,7 +3107,7 @@ static int ocontext_write(struct policydb *p, struct policydb_compat_info *info, { unsigned int i, j, rc; size_t nel, len; - __le32 buf[3]; + __le32 buf[4]; u32 nodebuf[8]; struct ocontext *c; for (i = 0; i < info->ocon_num; i++) { @@ -3192,12 +3194,12 @@ static int ocontext_write(struct policydb *p, struct policydb_compat_info *info, return rc; break; case OCON_IBPKEY: - *((__be64 *)nodebuf) = cpu_to_be64(c->u.ibpkey.subnet_prefix); + put_unaligned_be64(c->u.ibpkey.subnet_prefix, buf); - nodebuf[2] = cpu_to_le32(c->u.ibpkey.low_pkey); - nodebuf[3] = cpu_to_le32(c->u.ibpkey.high_pkey); + buf[2] = cpu_to_le32(c->u.ibpkey.low_pkey); + buf[3] = cpu_to_le32(c->u.ibpkey.high_pkey); - rc = put_entry(nodebuf, sizeof(u32), 4, fp); + rc = put_entry(buf, sizeof(u32), 4, fp); if (rc) return rc; rc = context_write(p, &c->context[0], fp); -- 2.17.2

7 years

2
3
0 0

[PATCH v2] drm/atomic_helper: Stop modesets on unregistered connectors harder

by Lyude Paul

Unfortunately, it appears our fix in: commit b5d29843d8ef ("drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors") Which attempted to work around the problems introduced by: commit 4d80273976bf ("drm/atomic_helper: Disallow new modesets on unregistered connectors") Is still not the right solution, as modesets can still be triggered outside of drm_atomic_set_crtc_for_connector(). So in order to fix this, while still being careful that we don't break modesets that a driver may perform before being registered with userspace, we replace connector->registered with a tristate member, connector->registration_state. This allows us to keep track of whether or not a connector is still initializing and hasn't been exposed to userspace, is currently registered and exposed to userspace, or has been legitimately removed from the system after having once been present. Using this info, we can prevent userspace from performing new modesets on unregistered connectors while still allowing the driver to perform modesets on unregistered connectors before the driver has finished being registered. Changes since v1: - Fix WARN_ON() in drm_connector_cleanup() that CI caught with this patchset in igt@drv_module_reload@basic-reload-inject and igt@drv_module_reload@basic-reload by checking if the connector is registered instead of unregistered, as calling drm_connector_cleanup() on a connector that hasn't been registered with userspace yet should stay valid. - Remove unregistered_connector_check(), and just go back to what we were doing before in commit 4d80273976bf ("drm/atomic_helper: Disallow new modesets on unregistered connectors") except replacing READ_ONCE(connector->registered) with drm_connector_is_unregistered(). This gets rid of the behavior of allowing DPMS On<->Off, but that should be fine as it's more consistent with the UAPI we had before - danvet - s/drm_connector_unregistered/drm_connector_is_unregistered/ - danvet - Update documentation, fix some typos. Fixes: b5d29843d8ef ("drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors") Cc: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Cc: Daniel Vetter <daniel.vetter(a)ffwll.ch> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: stable(a)vger.kernel.org Cc: David Airlie <airlied(a)linux.ie> Signed-off-by: Lyude Paul <lyude(a)redhat.com> --- drivers/gpu/drm/drm_atomic_helper.c | 21 ++++++++- drivers/gpu/drm/drm_atomic_uapi.c | 21 --------- drivers/gpu/drm/drm_connector.c | 11 +++-- drivers/gpu/drm/i915/intel_dp_mst.c | 8 ++-- include/drm/drm_connector.h | 71 ++++++++++++++++++++++++++++- 5 files changed, 99 insertions(+), 33 deletions(-) diff --git a/drivers/gpu/drm/drm_atomic_helper.c b/drivers/gpu/drm/drm_atomic_helper.c index 6f66777dca4b..ee6b2987a3c7 100644 --- a/drivers/gpu/drm/drm_atomic_helper.c +++ b/drivers/gpu/drm/drm_atomic_helper.c @@ -319,6 +319,26 @@ update_connector_routing(struct drm_atomic_state *state, return 0; } + crtc_state = drm_atomic_get_new_crtc_state(state, + new_connector_state->crtc); + /* + * For compatibility with legacy users, we want to make sure that + * we allow DPMS On->Off modesets on unregistered connectors. Modesets + * which would result in anything else must be considered invalid, to + * avoid turning on new displays on dead connectors. + * + * Since the connector can be unregistered at any point during an + * atomic check or commit, this is racy. But that's OK: all we care + * about is ensuring that userspace can't do anything but shut off the + * display on a connector that was destroyed after its been notified, + * not before. + */ + if (drm_connector_is_unregistered(connector) && crtc_state->active) { + DRM_DEBUG_ATOMIC("[CONNECTOR:%d:%s] is not registered\n", + connector->base.id, connector->name); + return -EINVAL; + } + funcs = connector->helper_private; if (funcs->atomic_best_encoder) @@ -363,7 +383,6 @@ update_connector_routing(struct drm_atomic_state *state, set_best_encoder(state, new_connector_state, new_encoder); - crtc_state = drm_atomic_get_new_crtc_state(state, new_connector_state->crtc); crtc_state->connectors_changed = true; DRM_DEBUG_ATOMIC("[CONNECTOR:%d:%s] using [ENCODER:%d:%s] on [CRTC:%d:%s]\n", diff --git a/drivers/gpu/drm/drm_atomic_uapi.c b/drivers/gpu/drm/drm_atomic_uapi.c index a22d6f269b07..d5b7f315098c 100644 --- a/drivers/gpu/drm/drm_atomic_uapi.c +++ b/drivers/gpu/drm/drm_atomic_uapi.c @@ -299,27 +299,6 @@ drm_atomic_set_crtc_for_connector(struct drm_connector_state *conn_state, struct drm_connector *connector = conn_state->connector; struct drm_crtc_state *crtc_state; - /* - * For compatibility with legacy users, we want to make sure that - * we allow DPMS On<->Off modesets on unregistered connectors, since - * legacy modesetting users will not be expecting these to fail. We do - * not however, want to allow legacy users to assign a connector - * that's been unregistered from sysfs to another CRTC, since doing - * this with a now non-existent connector could potentially leave us - * in an invalid state. - * - * Since the connector can be unregistered at any point during an - * atomic check or commit, this is racy. But that's OK: all we care - * about is ensuring that userspace can't use this connector for new - * configurations after it's been notified that the connector is no - * longer present. - */ - if (!READ_ONCE(connector->registered) && crtc) { - DRM_DEBUG_ATOMIC("[CONNECTOR:%d:%s] is not registered\n", - connector->base.id, connector->name); - return -EINVAL; - } - if (conn_state->crtc == crtc) return 0; diff --git a/drivers/gpu/drm/drm_connector.c b/drivers/gpu/drm/drm_connector.c index 5d01414ec9f7..891f9458d29e 100644 --- a/drivers/gpu/drm/drm_connector.c +++ b/drivers/gpu/drm/drm_connector.c @@ -396,7 +396,8 @@ void drm_connector_cleanup(struct drm_connector *connector) /* The connector should have been removed from userspace long before * it is finally destroyed. */ - if (WARN_ON(connector->registered)) + if (WARN_ON(connector->registration_state == + DRM_CONNECTOR_REGISTERED)) drm_connector_unregister(connector); if (connector->tile_group) { @@ -453,7 +454,7 @@ int drm_connector_register(struct drm_connector *connector) return 0; mutex_lock(&connector->mutex); - if (connector->registered) + if (connector->registration_state != DRM_CONNECTOR_INITIALIZING) goto unlock; ret = drm_sysfs_connector_add(connector); @@ -473,7 +474,7 @@ int drm_connector_register(struct drm_connector *connector) drm_mode_object_register(connector->dev, &connector->base); - connector->registered = true; + connector->registration_state = DRM_CONNECTOR_REGISTERED; goto unlock; err_debugfs: @@ -495,7 +496,7 @@ EXPORT_SYMBOL(drm_connector_register); void drm_connector_unregister(struct drm_connector *connector) { mutex_lock(&connector->mutex); - if (!connector->registered) { + if (connector->registration_state != DRM_CONNECTOR_REGISTERED) { mutex_unlock(&connector->mutex); return; } @@ -506,7 +507,7 @@ void drm_connector_unregister(struct drm_connector *connector) drm_sysfs_connector_remove(connector); drm_debugfs_connector_remove(connector); - connector->registered = false; + connector->registration_state = DRM_CONNECTOR_UNREGISTERED; mutex_unlock(&connector->mutex); } EXPORT_SYMBOL(drm_connector_unregister); diff --git a/drivers/gpu/drm/i915/intel_dp_mst.c b/drivers/gpu/drm/i915/intel_dp_mst.c index b268bdd71bd3..8b71d64ebd9d 100644 --- a/drivers/gpu/drm/i915/intel_dp_mst.c +++ b/drivers/gpu/drm/i915/intel_dp_mst.c @@ -78,7 +78,7 @@ static bool intel_dp_mst_compute_config(struct intel_encoder *encoder, pipe_config->pbn = mst_pbn; /* Zombie connectors can't have VCPI slots */ - if (READ_ONCE(connector->registered)) { + if (!drm_connector_is_unregistered(connector)) { slots = drm_dp_atomic_find_vcpi_slots(state, &intel_dp->mst_mgr, port, @@ -314,7 +314,7 @@ static int intel_dp_mst_get_ddc_modes(struct drm_connector *connector) struct edid *edid; int ret; - if (!READ_ONCE(connector->registered)) + if (drm_connector_is_unregistered(connector)) return intel_connector_update_modes(connector, NULL); edid = drm_dp_mst_get_edid(connector, &intel_dp->mst_mgr, intel_connector->port); @@ -330,7 +330,7 @@ intel_dp_mst_detect(struct drm_connector *connector, bool force) struct intel_connector *intel_connector = to_intel_connector(connector); struct intel_dp *intel_dp = intel_connector->mst_port; - if (!READ_ONCE(connector->registered)) + if (drm_connector_is_unregistered(connector)) return connector_status_disconnected; return drm_dp_mst_detect_port(connector, &intel_dp->mst_mgr, intel_connector->port); @@ -361,7 +361,7 @@ intel_dp_mst_mode_valid(struct drm_connector *connector, int bpp = 24; /* MST uses fixed bpp */ int max_rate, mode_rate, max_lanes, max_link_clock; - if (!READ_ONCE(connector->registered)) + if (drm_connector_is_unregistered(connector)) return MODE_ERROR; if (mode->flags & DRM_MODE_FLAG_DBLSCAN) diff --git a/include/drm/drm_connector.h b/include/drm/drm_connector.h index 5b3cf909fd5e..dd0552cb7472 100644 --- a/include/drm/drm_connector.h +++ b/include/drm/drm_connector.h @@ -82,6 +82,53 @@ enum drm_connector_status { connector_status_unknown = 3, }; +/** + * enum drm_connector_registration_status - userspace registration status for + * a &drm_connector + * + * This enum is used to track the status of initializing a connector and + * registering it with userspace, so that DRM can prevent bogus modesets on + * connectors that no longer exist. + */ +enum drm_connector_registration_state { + /** + * @DRM_CONNECTOR_INITIALIZING: The connector has just been created, + * but has yet to be exposed to userspace. There should be no + * additional restrictions to how the state of this connector may be + * modified. + */ + DRM_CONNECTOR_INITIALIZING = 0, + + /** + * @DRM_CONNECTOR_REGISTERED: The connector has been fully initialized + * and registered with sysfs, as such it has been exposed to + * userspace. There should be no additional restrictions to how the + * state of this connector may be modified. + */ + DRM_CONNECTOR_REGISTERED = 1, + + /** + * @DRM_CONNECTOR_UNREGISTERED: The connector has either been exposed + * to userspace and has since been unregistered and removed from + * userspace, or the connector was unregistered before it had a chance + * to be exposed to userspace (e.g. still in the + * @DRM_CONNECTOR_INITIALIZING state). When a connector is + * unregistered, there are additional restrictions to how its state + * may be modified: + * + * - An unregistered connector may only have its DPMS changed from + * On->Off. Once DPMS is changed to Off, it may not be switched back + * to On. + * - Modesets are not allowed on unregistered connectors, unless they + * would result in disabling its assigned CRTCs. This means + * disabling a CRTC on an unregistered connector is OK, but enabling + * one is not. + * - Removing a CRTC from an unregistered connector is OK, but new + * CRTCs may never be assigned to an unregistered connector. + */ + DRM_CONNECTOR_UNREGISTERED = 2, +}; + enum subpixel_order { SubPixelUnknown = 0, SubPixelHorizontalRGB, @@ -853,10 +900,12 @@ struct drm_connector { bool ycbcr_420_allowed; /** - * @registered: Is this connector exposed (registered) with userspace? + * @registration_state: Is this connector initializing, exposed + * (registered) with userspace, or unregistered? + * * Protected by @mutex. */ - bool registered; + enum drm_connector_registration_state registration_state; /** * @modes: @@ -1167,6 +1216,24 @@ static inline void drm_connector_unreference(struct drm_connector *connector) drm_connector_put(connector); } +/** + * drm_connector_is_unregistered - has the connector been unregistered from + * userspace? + * @connector: DRM connector + * + * Checks whether or not @connector has been unregistered from userspace. + * + * Returns: + * True if the connector was unregistered, false if the connector is + * registered or has not yet been registered with userspace. + */ +static inline bool +drm_connector_is_unregistered(struct drm_connector *connector) +{ + return READ_ONCE(connector->registration_state) == + DRM_CONNECTOR_UNREGISTERED; +} + const char *drm_get_connector_status_name(enum drm_connector_status status); const char *drm_get_subpixel_order_name(enum subpixel_order order); const char *drm_get_dpms_name(int val); -- 2.17.2

7 years

2
1
0 0

[PATCH 4/5] Drivers: hv: kvp: Use %u to print U32

by kys＠linuxonhyperv.com

From: Dexuan Cui <decui(a)microsoft.com> I didn't find a real issue. Let's just make it consistent with the next "case REG_U64:" where %llu is used. Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Cc: K. Y. Srinivasan <kys(a)microsoft.com> Cc: Haiyang Zhang <haiyangz(a)microsoft.com> Cc: Stephen Hemminger <sthemmin(a)microsoft.com> Cc: <Stable(a)vger.kernel.org> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> --- drivers/hv/hv_kvp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/hv/hv_kvp.c b/drivers/hv/hv_kvp.c index 9fbb15c62c6c..3b8590ff94ba 100644 --- a/drivers/hv/hv_kvp.c +++ b/drivers/hv/hv_kvp.c @@ -437,7 +437,7 @@ kvp_send_key(struct work_struct *dummy) val32 = in_msg->body.kvp_set.data.value_u32; message->body.kvp_set.data.value_size = sprintf(message->body.kvp_set.data.value, - "%d", val32) + 1; + "%u", val32) + 1; break; case REG_U64: -- 2.18.0

7 years

3
2
0 0

[PATCH 3/4] [for linux-4.4.y only] Drivers: hv: kvp: fix IP Failover

by Dexuan Cui

Hyper-V VMs can be replicated to another hosts and there is a feature to set different IP for replicas, it is called 'Failover TCP/IP'. When such guest starts Hyper-V host sends it KVP_OP_SET_IP_INFO message as soon as we finish negotiation procedure. The problem is that it can happen (and it actually happens) before userspace daemon connects and we reply with HV_E_FAIL to the message. As there are no repetitions we fail to set the requested IP. Solve the issue by postponing our reply to the negotiation message till userspace daemon is connected. We can't wait too long as there is a host-side timeout (cca. 75 seconds) and if we fail to reply in this time frame the whole KVP service will become inactive. The solution is not ideal - if it takes userspace daemon more than 60 seconds to connect IP Failover will still fail but I don't see a solution with our current separation between kernel and userspace parts. Other two modules (VSS and FCOPY) don't require such delay, leave them untouched. Signed-off-by: Vitaly Kuznetsov <vkuznets(a)redhat.com> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Dexuan Cui <decui(a)microsoft.com> --- This is cherry-picked from the mainline: 4dbfc2e ("Drivers: hv: kvp: fix IP Failover") I added my Signed-off-by as I identified and tested the patches. If this is unnecessary, please feel free to remove it. drivers/hv/hv_kvp.c | 31 +++++++++++++++++++++++++++++++ drivers/hv/hyperv_vmbus.h | 5 +++++ 2 files changed, 36 insertions(+) diff --git a/drivers/hv/hv_kvp.c b/drivers/hv/hv_kvp.c index cd3fb01..ff0a426 100644 --- a/drivers/hv/hv_kvp.c +++ b/drivers/hv/hv_kvp.c @@ -78,9 +78,11 @@ static void kvp_send_key(struct work_struct *dummy); static void kvp_respond_to_host(struct hv_kvp_msg *msg, int error); static void kvp_timeout_func(struct work_struct *dummy); +static void kvp_host_handshake_func(struct work_struct *dummy); static void kvp_register(int); static DECLARE_DELAYED_WORK(kvp_timeout_work, kvp_timeout_func); +static DECLARE_DELAYED_WORK(kvp_host_handshake_work, kvp_host_handshake_func); static DECLARE_WORK(kvp_sendkey_work, kvp_send_key); static const char kvp_devname[] = "vmbus/hv_kvp"; @@ -131,6 +133,11 @@ static void kvp_timeout_func(struct work_struct *dummy) hv_poll_channel(kvp_transaction.recv_channel, kvp_poll_wrapper); } +static void kvp_host_handshake_func(struct work_struct *dummy) +{ + hv_poll_channel(kvp_transaction.recv_channel, hv_kvp_onchannelcallback); +} + static int kvp_handle_handshake(struct hv_kvp_msg *msg) { switch (msg->kvp_hdr.operation) { @@ -155,6 +162,12 @@ static int kvp_handle_handshake(struct hv_kvp_msg *msg) pr_debug("KVP: userspace daemon ver. %d registered\n", KVP_OP_REGISTER); kvp_register(dm_reg_value); + + /* + * If we're still negotiating with the host cancel the timeout + * work to not poll the channel twice. + */ + cancel_delayed_work_sync(&kvp_host_handshake_work); hv_poll_channel(kvp_transaction.recv_channel, kvp_poll_wrapper); return 0; @@ -595,7 +608,22 @@ void hv_kvp_onchannelcallback(void *context) struct icmsg_negotiate *negop = NULL; int util_fw_version; int kvp_srv_version; + static enum {NEGO_NOT_STARTED, + NEGO_IN_PROGRESS, + NEGO_FINISHED} host_negotiatied = NEGO_NOT_STARTED; + if (host_negotiatied == NEGO_NOT_STARTED && + kvp_transaction.state < HVUTIL_READY) { + /* + * If userspace daemon is not connected and host is asking + * us to negotiate we need to delay to not lose messages. + * This is important for Failover IP setting. + */ + host_negotiatied = NEGO_IN_PROGRESS; + schedule_delayed_work(&kvp_host_handshake_work, + HV_UTIL_NEGO_TIMEOUT * HZ); + return; + } if (kvp_transaction.state > HVUTIL_READY) return; @@ -673,6 +701,8 @@ void hv_kvp_onchannelcallback(void *context) vmbus_sendpacket(channel, recv_buffer, recvlen, requestid, VM_PKT_DATA_INBAND, 0); + + host_negotiatied = NEGO_FINISHED; } } @@ -711,6 +741,7 @@ hv_kvp_init(struct hv_util_service *srv) void hv_kvp_deinit(void) { kvp_transaction.state = HVUTIL_DEVICE_DYING; + cancel_delayed_work_sync(&kvp_host_handshake_work); cancel_delayed_work_sync(&kvp_timeout_work); cancel_work_sync(&kvp_sendkey_work); hvutil_transport_destroy(hvt); diff --git a/drivers/hv/hyperv_vmbus.h b/drivers/hv/hyperv_vmbus.h index 75e383e..15e0649 100644 --- a/drivers/hv/hyperv_vmbus.h +++ b/drivers/hv/hyperv_vmbus.h @@ -36,6 +36,11 @@ #define HV_UTIL_TIMEOUT 30 /* + * Timeout for guest-host handshake for services. + */ +#define HV_UTIL_NEGO_TIMEOUT 60 + +/* * The below CPUID leaves are present if VersionAndFeatures.HypervisorPresent * is set by CPUID(HVCPUID_VERSION_FEATURES). */ -- 2.7.4

7 years

1
0
0 0

[PATCH 2/4] [for linux-4.4.y only] Drivers: hv: util: Pass the channel information during the init call

by Dexuan Cui

Pass the channel information to the util drivers that need to defer reading the channel while they are processing a request. This would address the following issue reported by Vitaly: Commit 3cace4a61610 ("Drivers: hv: utils: run polling callback always in interrupt context") removed direct *_transaction.state = HVUTIL_READY assignments from *_handle_handshake() functions introducing the following race: if a userspace daemon connects before we get first non-negotiation request from the server hv_poll_channel() won't set transaction state to HVUTIL_READY as (!channel) condition will fail, we set it to non-NULL on the first real request from the server. Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> Reported-by: Vitaly Kuznetsov <vkuznets(a)redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Dexuan Cui <decui(a)microsoft.com> --- This is cherry-picked from the mainline: b9830d1 ("Drivers: hv: util: Pass the channel information during the init call") I added my Signed-off-by as I identified and tested the patches. If this is unnecessary, please feel free to remove it. drivers/hv/hv_fcopy.c | 2 +- drivers/hv/hv_kvp.c | 2 +- drivers/hv/hv_snapshot.c | 2 +- drivers/hv/hv_util.c | 1 + include/linux/hyperv.h | 1 + 5 files changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/hv/hv_fcopy.c b/drivers/hv/hv_fcopy.c index 12dcbd8..2cce48d 100644 --- a/drivers/hv/hv_fcopy.c +++ b/drivers/hv/hv_fcopy.c @@ -256,7 +256,6 @@ void hv_fcopy_onchannelcallback(void *context) */ fcopy_transaction.recv_len = recvlen; - fcopy_transaction.recv_channel = channel; fcopy_transaction.recv_req_id = requestid; fcopy_transaction.fcopy_msg = fcopy_msg; @@ -323,6 +322,7 @@ static void fcopy_on_reset(void) int hv_fcopy_init(struct hv_util_service *srv) { recv_buffer = srv->recv_buffer; + fcopy_transaction.recv_channel = srv->channel; init_completion(&release_event); /* diff --git a/drivers/hv/hv_kvp.c b/drivers/hv/hv_kvp.c index b97ef3e..cd3fb01 100644 --- a/drivers/hv/hv_kvp.c +++ b/drivers/hv/hv_kvp.c @@ -640,7 +640,6 @@ void hv_kvp_onchannelcallback(void *context) */ kvp_transaction.recv_len = recvlen; - kvp_transaction.recv_channel = channel; kvp_transaction.recv_req_id = requestid; kvp_transaction.kvp_msg = kvp_msg; @@ -690,6 +689,7 @@ int hv_kvp_init(struct hv_util_service *srv) { recv_buffer = srv->recv_buffer; + kvp_transaction.recv_channel = srv->channel; init_completion(&release_event); /* diff --git a/drivers/hv/hv_snapshot.c b/drivers/hv/hv_snapshot.c index c5fb249..b0feddb 100644 --- a/drivers/hv/hv_snapshot.c +++ b/drivers/hv/hv_snapshot.c @@ -264,7 +264,6 @@ void hv_vss_onchannelcallback(void *context) */ vss_transaction.recv_len = recvlen; - vss_transaction.recv_channel = channel; vss_transaction.recv_req_id = requestid; vss_transaction.msg = (struct hv_vss_msg *)vss_msg; @@ -340,6 +339,7 @@ hv_vss_init(struct hv_util_service *srv) return -ENOTSUPP; } recv_buffer = srv->recv_buffer; + vss_transaction.recv_channel = srv->channel; /* * When this driver loads, the user level daemon that diff --git a/drivers/hv/hv_util.c b/drivers/hv/hv_util.c index 41f5896..9dc6372 100644 --- a/drivers/hv/hv_util.c +++ b/drivers/hv/hv_util.c @@ -326,6 +326,7 @@ static int util_probe(struct hv_device *dev, srv->recv_buffer = kmalloc(PAGE_SIZE * 4, GFP_KERNEL); if (!srv->recv_buffer) return -ENOMEM; + srv->channel = dev->channel; if (srv->util_init) { ret = srv->util_init(srv); if (ret) { diff --git a/include/linux/hyperv.h b/include/linux/hyperv.h index ae6a711..281bb00 100644 --- a/include/linux/hyperv.h +++ b/include/linux/hyperv.h @@ -1179,6 +1179,7 @@ int vmbus_allocate_mmio(struct resource **new, struct hv_device *device_obj, struct hv_util_service { u8 *recv_buffer; + void *channel; void (*util_cb)(void *); int (*util_init)(struct hv_util_service *); void (*util_deinit)(void); -- 2.7.4

7 years

1
0
0 0

[PATCH 1/4] [for linux-4.4.y only] Drivers: hv: utils: Invoke the poll function after handshake

by Dexuan Cui

When the handshake with daemon is complete, we should poll the channel since during the handshake, we will not be processing any messages. This is a potential bug if the host is waiting for a response from the guest. I would like to thank Dexuan for pointing this out. Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Dexuan Cui <decui(a)microsoft.com> --- This is cherry-picked from the mainline: 2d0c3b5 ("Drivers: hv: utils: Invoke the poll function after handshake") I added my Signed-off-by as I identified and tested the patches. If this is unnecessary, please feel free to remove it. drivers/hv/hv_kvp.c | 2 +- drivers/hv/hv_snapshot.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/hv/hv_kvp.c b/drivers/hv/hv_kvp.c index ce4d3a9..b97ef3e 100644 --- a/drivers/hv/hv_kvp.c +++ b/drivers/hv/hv_kvp.c @@ -155,7 +155,7 @@ static int kvp_handle_handshake(struct hv_kvp_msg *msg) pr_debug("KVP: userspace daemon ver. %d registered\n", KVP_OP_REGISTER); kvp_register(dm_reg_value); - kvp_transaction.state = HVUTIL_READY; + hv_poll_channel(kvp_transaction.recv_channel, kvp_poll_wrapper); return 0; } diff --git a/drivers/hv/hv_snapshot.c b/drivers/hv/hv_snapshot.c index faad79a..c5fb249 100644 --- a/drivers/hv/hv_snapshot.c +++ b/drivers/hv/hv_snapshot.c @@ -114,7 +114,7 @@ static int vss_handle_handshake(struct hv_vss_msg *vss_msg) default: return -EINVAL; } - vss_transaction.state = HVUTIL_READY; + hv_poll_channel(vss_transaction.recv_channel, vss_poll_wrapper); pr_debug("VSS: userspace daemon ver. %d registered\n", dm_reg_value); return 0; } -- 2.7.4

7 years

1
0
0 0

[PATCH] [linux-4.4.y only] HV: properly delay KVP packets when negotiation is in progress

by Dexuan Cui

The host may send multiple negotiation packets (due to timeout) before the KVP user-mode daemon is connected. KVP user-mode daemon is connected. We need to defer processing those packets until the daemon is negotiated and connected. It's okay for guest to respond to all negotiation packets. In addition, the host may send multiple staged KVP requests as soon as negotiation is done. We need to properly process those packets using one tasklet for exclusive access to ring buffer. This patch is based on the work of Nick Meier <Nick.Meier(a)microsoft.com>. Signed-off-by: Long Li <longli(a)microsoft.com> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> The above is the original changelog of a3ade8cc474d ("HV: properly delay KVP packets when negotiation is in progress" Here I re-worked the original patch because the mainline version can't work for the linux-4.4.y branch, on which channel->callback_event doesn't exist yet. In the mainline, channel->callback_event was added by: 631e63a9f346 ("vmbus: change to per channel tasklet"). Here we don't want to backport it to v4.4, as it requires extra supporting changes and fixes, which are unnecessary as to the KVP bug we're trying to resolve. NOTE: before this patch is used, we should cherry-pick the other related 3 patches from the mainline first: 2d0c3b5 ("Drivers: hv: utils: Invoke the poll function after handshake") b9830d1 ("Drivers: hv: util: Pass the channel information during the init call") 4dbfc2e ("Drivers: hv: kvp: fix IP Failover") And, actually it would better if we can cherry-pick more fixes from the mainline first (the 3 above patches are also included in this 27-patch list): 01 b003596 Drivers: hv: utils: use memdup_user in hvt_op_write 02 2d0c3b5 Drivers: hv: utils: Invoke the poll function after handshake 03 1f75338 Drivers: hv: utils: fix memory leak on on_msg() failure 04 a72f3a4 Drivers: hv: utils: rename outmsg_lock 05 a150256 Drivers: hv: utils: introduce HVUTIL_TRANSPORT_DESTROY mode 06 9420098 Drivers: hv: utils: fix crash when device is removed from host side 07 77b744a Drivers: hv: utils: fix hvt_op_poll() return value on transport destroy 08 b9830d1 Drivers: hv: util: Pass the channel information during the init call 09 e66853b Drivers: hv: utils: Remove util transport handler from list if registration fails 10 4dbfc2e Drivers: hv: kvp: fix IP Failover 11 e0fa3e5 Drivers: hv: utils: fix a race on userspace daemons registration 12 497af84 Drivers: hv: utils: Continue to poll VSS channel after handling requests. 13 db886e4 Drivers: hv: utils: Check VSS daemon is listening before a hot backup 14 abeda47 Drivers: hv: utils: Rename version definitions to reflect protocol version. 15 2e338f7 Drivers: hv: utils: Use TimeSync samples to adjust the clock after boot. 16 8e1d260 Drivers: hv: utils: Support TimeSync version 4.0 protocol samples. 17 3ba1eb1 Drivers: hv: hv_util: Avoid dynamic allocation in time synch 18 3da0401b Drivers: hv: utils: Fix the mapping between host version and protocol to use 19 23d2cc0 Drivers: hv: vss: Improve log messages. 20 b357fd3 Drivers: hv: vss: Operation timeouts should match host expectation 21 1724462 hv_util: switch to using timespec64 22 a165645 Drivers: hv: vmbus: Use all supported IC versions to negotiate 23 1274a69 Drivers: hv: Log the negotiated IC versions. 24 bb6a4db Drivers: hv: util: Fix a typo 25 e9c18ae Drivers: hv: util: move waiting for release to hv_utils_transport itself 26 bdc1dd4 vmbus: fix spelling errors 27 ddce54b Drivers: hv: kvp: Use MAX_ADAPTER_ID_SIZE for translating adapter id This to to say, we're requesting a backport of 4 patches or 28 patches. If 28 patches seem too many, we hope at least the 4 patches can be backported. The patches can be applied cleanly to the latest v4.4 branch (currently it's v4.4.160). The background of this backport request is that: recently Wang Jian reported some KVP issues: https://github.com/LIS/lis-next/issues/593: e.g. the /var/lib/hyperv/.kvp_pool_* files can not be updated, and sometimes if the hv_kvp_daemon doesn't timely start, the host may not be able to query the VM's IP address via KVP. Wang Jian tested the 4 patches and the 28 patches, and the issues can be fixed by the patches. Reported-by: Wang Jian <jianjian.wang1(a)gmail.com> Tested-by: Wang Jian <jianjian.wang1(a)gmail.com> Signed-off-by: Dexuan Cui <decui(a)microsoft.com> --- drivers/hv/hv_kvp.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/drivers/hv/hv_kvp.c b/drivers/hv/hv_kvp.c index f3d3d75ac913e..e4fbc17bbe190 100644 --- a/drivers/hv/hv_kvp.c +++ b/drivers/hv/hv_kvp.c @@ -627,21 +627,22 @@ void hv_kvp_onchannelcallback(void *context) NEGO_IN_PROGRESS, NEGO_FINISHED} host_negotiatied = NEGO_NOT_STARTED; - if (host_negotiatied == NEGO_NOT_STARTED && - kvp_transaction.state < HVUTIL_READY) { + if (kvp_transaction.state < HVUTIL_READY) { /* * If userspace daemon is not connected and host is asking * us to negotiate we need to delay to not lose messages. * This is important for Failover IP setting. */ - host_negotiatied = NEGO_IN_PROGRESS; - schedule_delayed_work(&kvp_host_handshake_work, + if (host_negotiatied == NEGO_NOT_STARTED) { + host_negotiatied = NEGO_IN_PROGRESS; + schedule_delayed_work(&kvp_host_handshake_work, HV_UTIL_NEGO_TIMEOUT * HZ); + } return; } if (kvp_transaction.state > HVUTIL_READY) return; - +recheck: vmbus_recvpacket(channel, recv_buffer, PAGE_SIZE * 4, &recvlen, &requestid); @@ -704,6 +705,8 @@ void hv_kvp_onchannelcallback(void *context) VM_PKT_DATA_INBAND, 0); host_negotiatied = NEGO_FINISHED; + + goto recheck; } }

7 years

3
3
0 0

[PATCH 0/7] NULL pointer deref fix for stm32-dma

by Joel Fernandes (Google)

Hi Greg, While looking at android-4.14, I found a NULL pointer deref with stm32-dma driver using Coccicheck errors. I found that upstream had a bunch of patches on stm32-dma that have fixed this and other issues, I applied these patches cleanly onto Android 4.14. I believe these should goto stable and flow into Android 4.14 from there, but I haven't tested this since I have no hardware to do so. Atleast I can say that the coccicheck error below goes away when running: make coccicheck MODE=report ./drivers/dma/stm32-dma.c:567:18-24: ERROR: chan -> desc is NULL but dereferenced. Anyway, please consider this series for 4.14 stable, I have CC'd the author and others, thanks. Pierre Yves MORDRET (7): dmaengine: stm32-dma: threshold manages with bitfield feature dmaengine: stm32-dma: fix incomplete configuration in cyclic mode dmaengine: stm32-dma: fix typo and reported checkpatch warnings dmaengine: stm32-dma: Improve memory burst management dmaengine: stm32-dma: fix DMA IRQ status handling dmaengine: stm32-dma: fix max items per transfer dmaengine: stm32-dma: properly mask irq bits drivers/dma/stm32-dma.c | 287 +++++++++++++++++++++++++++++++++------- 1 file changed, 240 insertions(+), 47 deletions(-) -- 2.19.0.605.g01d371f741-goog

7 years

4
10
0 0

[PATCH 3/3] x86/fpu: Save FPU registers on context switch if there is a FPU

by Sebastian Andrzej Siewior

Booting a 486 with "no387 nofxsr" ends with | math_emulate: 0060:c101987d | Kernel panic - not syncing: Math emulation needed in kernel on the first context switch in user land. The reason is that copy_fpregs_to_fpstate() tries `fnsave' which does not work. This happens since commit f1c8cd0176078 ("x86/fpu: Change fpu->fpregs_active users to fpu->fpstate_active"). Add a check for X86_FEATURE_FPU before trying to save FPU registers (we have such a check switch_fpu_finish() already). Fixes: f1c8cd0176078 ("x86/fpu: Change fpu->fpregs_active users to fpu->fpstate_active") Cc: stable(a)vger.kernel.org Signed-off-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> --- arch/x86/include/asm/fpu/internal.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/include/asm/fpu/internal.h b/arch/x86/include/asm/fpu/internal.h index a38bf5a1e37ad..69dcdf195b611 100644 --- a/arch/x86/include/asm/fpu/internal.h +++ b/arch/x86/include/asm/fpu/internal.h @@ -528,7 +528,7 @@ static inline void fpregs_activate(struct fpu *fpu) static inline void switch_fpu_prepare(struct fpu *old_fpu, int cpu) { - if (old_fpu->initialized) { + if (static_cpu_has(X86_FEATURE_FPU) && old_fpu->initialized) { if (!copy_fpregs_to_fpstate(old_fpu)) old_fpu->last_cpu = -1; else -- 2.19.1

7 years

2
1
0 0

[PATCH v2] clk: s2mps11: Fix matching when built as module and DT node contains compatible

by Krzysztof Kozlowski

When driver is built as module and DT node contains clocks compatible (e.g. "samsung,s2mps11-clk"), the module will not be autoloaded because module aliases won't match. The modalias from uevent: of:NclocksT<NULL>Csamsung,s2mps11-clk The modalias from driver: platform:s2mps11-clk The devices are instantiated by parent's MFD. However both Device Tree bindings and parent define the compatible for clocks devices. In case of module matching this DT compatible will be used. The issue will not happen if this is a built-in (no need for module matching) or when clocks DT node does not contain compatible (not correct from bindings perspective but working for driver). Note when backporting to stable kernels: adjust the list of device ID entries. Cc: <stable(a)vger.kernel.org> Fixes: 53c31b3437a6 ("mfd: sec-core: Add of_compatible strings for clock MFD cells") Signed-off-by: Krzysztof Kozlowski <krzk(a)kernel.org> Acked-by: Stephen Boyd <sboyd(a)kernel.org> --- Changes since v1: 1. Add Stephen's ack. 2. Minor language changes to comment. Stephen, can you apply it to clk tree? I think you acked it so I could take it... but anyway I cannot combine it with DT changes. --- drivers/clk/clk-s2mps11.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/drivers/clk/clk-s2mps11.c b/drivers/clk/clk-s2mps11.c index d44e0eea31ec..0934d3724495 100644 --- a/drivers/clk/clk-s2mps11.c +++ b/drivers/clk/clk-s2mps11.c @@ -245,6 +245,36 @@ static const struct platform_device_id s2mps11_clk_id[] = { }; MODULE_DEVICE_TABLE(platform, s2mps11_clk_id); +#ifdef CONFIG_OF +/* + * Device is instantiated through parent MFD device and device matching is done + * through platform_device_id. + * + * However if device's DT node contains proper clock compatible and driver is + * built as a module, then the *module* matching will be done trough DT aliases. + * This requires of_device_id table. In the same time this will not change the + * actual *device* matching so do not add .of_match_table. + */ +static const struct of_device_id s2mps11_dt_match[] = { + { + .compatible = "samsung,s2mps11-clk", + .data = (void *)S2MPS11X, + }, { + .compatible = "samsung,s2mps13-clk", + .data = (void *)S2MPS13X, + }, { + .compatible = "samsung,s2mps14-clk", + .data = (void *)S2MPS14X, + }, { + .compatible = "samsung,s5m8767-clk", + .data = (void *)S5M8767X, + }, { + /* Sentinel */ + }, +}; +MODULE_DEVICE_TABLE(of, s2mps11_dt_match); +#endif + static struct platform_driver s2mps11_clk_driver = { .driver = { .name = "s2mps11-clk", -- 2.14.1

7 years

2
1
0 0

[PATCH] IB/hfi1: Fix destroy_qp hang after a link down

by Michael J. Ruhl

From: Michael J. Ruhl <michael.j.ruhl(a)intel.com> commit b4a4957d3d1c328b733fce783b7264996f866ad2 upstream. rvt_destroy_qp() cannot complete until all in process packets have been released from the underlying hardware. If a link down event occurs, an application can hang with a kernel stack similar to: cat /proc/<app PID>/stack quiesce_qp+0x178/0x250 [hfi1] rvt_reset_qp+0x23d/0x400 [rdmavt] rvt_destroy_qp+0x69/0x210 [rdmavt] ib_destroy_qp+0xba/0x1c0 [ib_core] nvme_rdma_destroy_queue_ib+0x46/0x80 [nvme_rdma] nvme_rdma_free_queue+0x3c/0xd0 [nvme_rdma] nvme_rdma_destroy_io_queues+0x88/0xd0 [nvme_rdma] nvme_rdma_error_recovery_work+0x52/0xf0 [nvme_rdma] process_one_work+0x17a/0x440 worker_thread+0x126/0x3c0 kthread+0xcf/0xe0 ret_from_fork+0x58/0x90 0xffffffffffffffff quiesce_qp() waits until all outstanding packets have been freed. This wait should be momentary. During a link down event, the cleanup handling does not ensure that all packets caught by the link down are flushed properly. This is caused by the fact that the freeze path and the link down event is handled the same. This is not correct. The freeze path waits until the HFI is unfrozen and then restarts PIO. A link down is not a freeze event. The link down path cannot restart the PIO until link is restored. If the PIO path is restarted before the link comes up, the application (QP) using the PIO path will hang (until link is restored). Fix by separating the linkdown path from the freeze path and use the link down path for link down events. Close a race condition sc_disable() by acquiring both the progress and release locks. Close a race condition in sc_stop() by moving the setting of the flag bits under the alloc lock. Fixes: 7724105686e7 ("IB/hfi1: add driver files") Cc: <stable(a)vger.kernel.org> # 4.14.x Reviewed-by: Mike Marciniszyn <mike.marciniszyn(a)intel.com> Signed-off-by: Michael J. Ruhl <michael.j.ruhl(a)intel.com> Signed-off-by: Dennis Dalessandro <dennis.dalessandro(a)intel.com> --- drivers/infiniband/hw/hfi1/chip.c | 7 +++++- drivers/infiniband/hw/hfi1/pio.c | 42 ++++++++++++++++++++++++++++++------- drivers/infiniband/hw/hfi1/pio.h | 2 ++ 3 files changed, 42 insertions(+), 9 deletions(-) diff --git a/drivers/infiniband/hw/hfi1/chip.c b/drivers/infiniband/hw/hfi1/chip.c index 33cf173..f9faacc 100644 --- a/drivers/infiniband/hw/hfi1/chip.c +++ b/drivers/infiniband/hw/hfi1/chip.c @@ -6722,6 +6722,7 @@ void start_freeze_handling(struct hfi1_pportdata *ppd, int flags) struct hfi1_devdata *dd = ppd->dd; struct send_context *sc; int i; + int sc_flags; if (flags & FREEZE_SELF) write_csr(dd, CCE_CTRL, CCE_CTRL_SPC_FREEZE_SMASK); @@ -6732,11 +6733,13 @@ void start_freeze_handling(struct hfi1_pportdata *ppd, int flags) /* notify all SDMA engines that they are going into a freeze */ sdma_freeze_notify(dd, !!(flags & FREEZE_LINK_DOWN)); + sc_flags = SCF_FROZEN | SCF_HALTED | (flags & FREEZE_LINK_DOWN ? + SCF_LINK_DOWN : 0); /* do halt pre-handling on all enabled send contexts */ for (i = 0; i < dd->num_send_contexts; i++) { sc = dd->send_contexts[i].sc; if (sc && (sc->flags & SCF_ENABLED)) - sc_stop(sc, SCF_FROZEN | SCF_HALTED); + sc_stop(sc, sc_flags); } /* Send context are frozen. Notify user space */ @@ -10646,6 +10649,8 @@ int set_link_state(struct hfi1_pportdata *ppd, u32 state) add_rcvctrl(dd, RCV_CTRL_RCV_PORT_ENABLE_SMASK); handle_linkup_change(dd, 1); + pio_kernel_linkup(dd); + ppd->host_link_state = HLS_UP_INIT; break; case HLS_UP_ARMED: diff --git a/drivers/infiniband/hw/hfi1/pio.c b/drivers/infiniband/hw/hfi1/pio.c index a95ac62..44a8940 100644 --- a/drivers/infiniband/hw/hfi1/pio.c +++ b/drivers/infiniband/hw/hfi1/pio.c @@ -937,20 +937,18 @@ void sc_free(struct send_context *sc) void sc_disable(struct send_context *sc) { u64 reg; - unsigned long flags; struct pio_buf *pbuf; if (!sc) return; /* do all steps, even if already disabled */ - spin_lock_irqsave(&sc->alloc_lock, flags); + spin_lock_irq(&sc->alloc_lock); reg = read_kctxt_csr(sc->dd, sc->hw_context, SC(CTRL)); reg &= ~SC(CTRL_CTXT_ENABLE_SMASK); sc->flags &= ~SCF_ENABLED; sc_wait_for_packet_egress(sc, 1); write_kctxt_csr(sc->dd, sc->hw_context, SC(CTRL), reg); - spin_unlock_irqrestore(&sc->alloc_lock, flags); /* * Flush any waiters. Once the context is disabled, @@ -960,7 +958,7 @@ void sc_disable(struct send_context *sc) * proceed with the flush. */ udelay(1); - spin_lock_irqsave(&sc->release_lock, flags); + spin_lock(&sc->release_lock); if (sc->sr) { /* this context has a shadow ring */ while (sc->sr_tail != sc->sr_head) { pbuf = &sc->sr[sc->sr_tail].pbuf; @@ -971,7 +969,8 @@ void sc_disable(struct send_context *sc) sc->sr_tail = 0; } } - spin_unlock_irqrestore(&sc->release_lock, flags); + spin_unlock(&sc->release_lock); + spin_unlock_irq(&sc->alloc_lock); } /* return SendEgressCtxtStatus.PacketOccupancy */ @@ -1194,11 +1193,39 @@ void pio_kernel_unfreeze(struct hfi1_devdata *dd) sc = dd->send_contexts[i].sc; if (!sc || !(sc->flags & SCF_FROZEN) || sc->type == SC_USER) continue; + if (sc->flags & SCF_LINK_DOWN) + continue; sc_enable(sc); /* will clear the sc frozen flag */ } } +/** + * pio_kernel_linkup() - Re-enable send contexts after linkup event + * @dd: valid devive data + * + * When the link goes down, the freeze path is taken. However, a link down + * event is different from a freeze because if the send context is re-enabled + * whowever is sending data will start sending data again, which will hang + * any QP that is sending data. + * + * The freeze path now looks at the type of event that occurs and takes this + * path for link down event. + */ +void pio_kernel_linkup(struct hfi1_devdata *dd) +{ + struct send_context *sc; + int i; + + for (i = 0; i < dd->num_send_contexts; i++) { + sc = dd->send_contexts[i].sc; + if (!sc || !(sc->flags & SCF_LINK_DOWN) || sc->type == SC_USER) + continue; + + sc_enable(sc); /* will clear the sc link down flag */ + } +} + /* * Wait for the SendPioInitCtxt.PioInitInProgress bit to clear. * Returns: @@ -1398,11 +1425,10 @@ void sc_stop(struct send_context *sc, int flag) { unsigned long flags; - /* mark the context */ - sc->flags |= flag; - /* stop buffer allocations */ spin_lock_irqsave(&sc->alloc_lock, flags); + /* mark the context */ + sc->flags |= flag; sc->flags &= ~SCF_ENABLED; spin_unlock_irqrestore(&sc->alloc_lock, flags); wake_up(&sc->halt_wait); diff --git a/drivers/infiniband/hw/hfi1/pio.h b/drivers/infiniband/hw/hfi1/pio.h index 99ca5ed..c7c4e6e 100644 --- a/drivers/infiniband/hw/hfi1/pio.h +++ b/drivers/infiniband/hw/hfi1/pio.h @@ -145,6 +145,7 @@ struct send_context { #define SCF_IN_FREE 0x02 #define SCF_HALTED 0x04 #define SCF_FROZEN 0x08 +#define SCF_LINK_DOWN 0x10 struct send_context_info { struct send_context *sc; /* allocated working context */ @@ -312,6 +313,7 @@ struct pio_buf *sc_buffer_alloc(struct send_context *sc, u32 dw_len, void pio_reset_all(struct hfi1_devdata *dd); void pio_freeze(struct hfi1_devdata *dd); void pio_kernel_unfreeze(struct hfi1_devdata *dd); +void pio_kernel_linkup(struct hfi1_devdata *dd); /* global PIO send control operations */ #define PSC_GLOBAL_ENABLE 0

7 years

1
0
0 0

[PATCH 4.14 00/45] 4.14.76-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.76 release. There are 45 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Oct 13 15:24:53 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.76-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.76-rc1 Zhi Chen <zhichen(a)codeaurora.org> ath10k: fix scan crash due to incorrect length calculation Jan Stancek <jstancek(a)redhat.com> virtio_balloon: fix increment of vb->num_pfns in fill_balloon() Michael S. Tsirkin <mst(a)redhat.com> virtio_balloon: fix deadlock on OOM Ka-Cheong Poon <ka-cheong.poon(a)oracle.com> rds: rds_ib_recv_alloc_cache() should call alloc_percpu_gfp() instead Richard Weinberger <richard(a)nod.at> ubifs: Check for name being NULL while mounting Cong Wang <xiyou.wangcong(a)gmail.com> ucma: fix a use-after-free in ucma_resolve_ip() Chao Yu <yuchao0(a)huawei.com> f2fs: fix invalid memory access Jiri Olsa <jolsa(a)kernel.org> perf utils: Move is_directory() to path.h Harsh Jain <harsh(a)chelsio.com> crypto: chelsio - Fix memory corruption in DMA Mapped buffers. Vineet Gupta <vgupta(a)synopsys.com> ARC: clone syscall to setp r25 as thread pointer Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/lib: fix book3s/32 boot failure due to code patching Michael Neuling <mikey(a)neuling.org> powerpc: Avoid code patching freed init sections Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/lib/code-patching: refactor patch_instruction() James Smart <jsmart2021(a)gmail.com> nvme_fc: fix ctrl create failures racing with workq items Yu Wang <yyuwang(a)codeaurora.org> ath10k: fix kernel panic issue during pci probe Carl Huang <cjhuang(a)codeaurora.org> ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait Prateek Sood <prsood(a)codeaurora.org> cgroup/cpuset: remove circular dependency deadlock Jiri Olsa <jolsa(a)kernel.org> perf tools: Fix python extension build for gcc 8 Arnaldo Carvalho de Melo <acme(a)redhat.com> perf annotate: Use asprintf when formatting objdump command line Guenter Roeck <linux(a)roeck-us.net> of: unittest: Disable interrupt node tests for old world MAC systems Dmitry Safonov <dima(a)arista.com> tty: Drop tty->count on tty_reopen() failure Romain Izard <romain.izard.pro(a)gmail.com> usb: cdc_acm: Do not leak URB buffers Johan Hovold <johan(a)kernel.org> USB: serial: simple: add Motorola Tetra MTP6550 id Chunfeng Yun <chunfeng.yun(a)mediatek.com> usb: xhci-mtk: resume USB3 roothub first Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Add missing CAS workaround for Intel Sunrise Point xHCI Mike Snitzer <snitzer(a)redhat.com> dm cache: fix resize crash if user doesn't reload cache table Joe Thornber <ejt(a)redhat.com> dm cache metadata: ignore hints array being too small during resize Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM / core: Clear the direct_complete flag on errors Felix Fietkau <nbd(a)nbd.name> mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys Daniel Drake <drake(a)endlessm.com> PCI: Reprogram bridge prefetch registers on resume Andy Lutomirski <luto(a)kernel.org> x86/vdso: Fix vDSO syscall fallback asm constraint regression Andy Lutomirski <luto(a)kernel.org> x86/vdso: Only enable vDSO retpolines when enabled and supported Andy Lutomirski <luto(a)kernel.org> selftests/x86: Add clock_gettime() tests to test_vdso Andy Lutomirski <luto(a)kernel.org> x86/vdso: Fix asm constraints on vDSO syscall fallbacks Jason Ekstrand <jason(a)jlekstrand.net> drm/syncobj: Don't leak fences when WAIT_FOR_SUBMIT is set Rex Zhu <Rex.Zhu(a)amd.com> drm/amdgpu: Fix vce work queue was not cancelled when suspend Jan Beulich <JBeulich(a)suse.com> xen-netback: fix input validation in xenvif_set_hash_mapping() Tomi Valkeinen <tomi.valkeinen(a)ti.com> fbdev/omapfb: fix omapfb_memory_read infoleak Alexandre Belloni <alexandre.belloni(a)bootlin.com> clocksource/drivers/timer-atmel-pit: Properly handle error cases Ilya Dryomov <idryomov(a)gmail.com> blk-mq: I/O and timer unplugs are inverted in blktrace Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: x86: fix L1TF's MMIO GFN calculation Jann Horn <jannh(a)google.com> mm/vmstat.c: skip NR_TLB_REMOTE_FLUSH* properly Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> mm, thp: fix mlocking THP page with migration enabled Mike Kravetz <mike.kravetz(a)oracle.com> mm: migration: fix migration of huge PMD shared pages Reinette Chatre <reinette.chatre(a)intel.com> perf/core: Add sanity check to deal with pinned event failure ------------- Diffstat: Makefile | 4 +- arch/arc/kernel/process.c | 20 +++ arch/powerpc/include/asm/setup.h | 1 + arch/powerpc/lib/code-patching.c | 44 +++--- arch/powerpc/mm/mem.c | 2 + arch/x86/entry/vdso/Makefile | 16 ++- arch/x86/entry/vdso/vclock_gettime.c | 26 ++-- arch/x86/kvm/mmu.c | 24 +++- block/blk-mq.c | 4 +- drivers/base/power/main.c | 5 +- drivers/clocksource/timer-atmel-pit.c | 20 ++- drivers/crypto/chelsio/chcr_algo.c | 41 ++++-- drivers/crypto/chelsio/chcr_crypto.h | 2 + drivers/gpu/drm/amd/amdgpu/amdgpu_vce.c | 3 +- drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 4 +- drivers/gpu/drm/drm_syncobj.c | 5 + drivers/infiniband/core/ucma.c | 2 + drivers/md/dm-cache-metadata.c | 4 +- drivers/md/dm-cache-target.c | 9 +- drivers/net/wireless/ath/ath10k/debug.c | 12 +- drivers/net/wireless/ath/ath10k/trace.h | 12 +- drivers/net/wireless/ath/ath10k/wmi-tlv.c | 8 +- drivers/net/wireless/ath/ath10k/wmi.c | 2 +- drivers/net/xen-netback/hash.c | 12 +- drivers/nvme/host/fc.c | 4 + drivers/of/unittest.c | 26 ++-- drivers/pci/pci.c | 27 ++-- drivers/tty/tty_io.c | 11 +- drivers/usb/class/cdc-acm.c | 6 + drivers/usb/host/xhci-mtk.c | 4 +- drivers/usb/host/xhci-pci.c | 2 + drivers/usb/serial/usb-serial-simple.c | 3 +- drivers/video/fbdev/omap2/omapfb/omapfb-ioctl.c | 5 +- drivers/virtio/virtio_balloon.c | 23 +++- fs/f2fs/checkpoint.c | 9 +- fs/ubifs/super.c | 3 + include/linux/balloon_compaction.h | 35 ++++- include/linux/hugetlb.h | 14 ++ include/linux/mm.h | 6 + kernel/cgroup/cpuset.c | 53 ++++---- kernel/events/core.c | 6 + mm/balloon_compaction.c | 28 +++- mm/huge_memory.c | 2 +- mm/hugetlb.c | 37 ++++- mm/migrate.c | 3 + mm/rmap.c | 42 +++++- mm/vmstat.c | 3 + net/mac80211/cfg.c | 2 +- net/rds/ib.h | 2 +- net/rds/ib_cm.c | 2 +- net/rds/ib_recv.c | 10 +- tools/perf/builtin-script.c | 14 +- tools/perf/util/annotate.c | 17 ++- tools/perf/util/path.c | 14 ++ tools/perf/util/path.h | 3 + tools/perf/util/setup.py | 2 + tools/testing/selftests/x86/test_vdso.c | 172 ++++++++++++++++++++++++ 57 files changed, 690 insertions(+), 182 deletions(-)

7 years

7
53
0 0

Building 4.14 LTS kernel with GCC 8

by Ignat Korchagin

Hello, We were trying to build 4.14 kernel with GCC 8, but perf failed to compile. The upstream tree seems to have necessary commits to support GCC 8, but they were not ported to 4.14 branch. With backporting the following commits we were able to restore perf compilation and compile a working 4.14 kernel with GCC 8.2: 6810158d526e483868e519befff407b91e76b3db: perf annotate: Use asprintf when formatting objdump command b7a313d84e853049062011d78cb04b6decd12f5c: perf tools: Fix python extension build for gcc 8 77f18153c080855e1c3fb520ca31a4e61530121d: perf tools: Fix snprint warnings for gcc 8 06c3f2aa9fc68e7f3fe3d83e7569d2a2801d9f99: perf utils: Move is_directory() to path.h Propose to apply the above commits to 4.14 to be able to compile it with GCC 8 (mostly to properly support CONFIG_RETPOLINE) Commit 6810158d526e483868e519befff407b91e76b3db might need adjustment to cleanly apply on 4.14 branch. Regards, Ignat

7 years

3
6
0 0

[GIT PULL] commits for Linux 3.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 3.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 0d63979c1bc9c85578be4c589768a13dc0a7c5eb: Linux 3.18.124 (2018-10-13 09:09:32 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-3.18-16102018 for you to fetch changes up to 8103cbfd1edd20d4de51defa9d6914e33b043f91: powerpc/tm: Avoid possible userspace r1 corruption on reclaim (2018-10-15 18:02:23 -0400) - ---------------------------------------------------------------- for-greg-3.18-16102018 - ---------------------------------------------------------------- James Cowgill (1): RISC-V: include linux/ftrace.h in asm-prototypes.h Jozef Balga (1): media: af9035: prevent buffer overflow on write Michael Neuling (2): powerpc/tm: Fix userspace r13 corruption powerpc/tm: Avoid possible userspace r1 corruption on reclaim arch/powerpc/kernel/tm.S | 20 +++++++++++++++++--- arch/riscv/include/asm/asm-prototypes.h | 7 +++++++ drivers/media/usb/dvb-usb-v2/af9035.c | 6 ++++-- 3 files changed, 28 insertions(+), 5 deletions(-) create mode 100644 arch/riscv/include/asm/asm-prototypes.h -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlvGFIkACgkQ3qZv95d3 LNz4Kw//VdIsXsVwvtQ3NCLX5PUgxqzP+oJO7JpOP53HpbmkUbpq2tqs4BxIsc5e 4/1HXQjkP4of+y82mLmX6lsH0QMPusrmzWMv5+fcUL3hA2pN9/6a5EVEFdiwCrhy siVoXIEXCFIzw+bKOziSW3Zeggmju0pCjP7dNn2td3Fj+f/vBF9Yd7WUsKSbrWrY 2/U4HRbySBQEtphElk5HjpEJ4zdy6z2OZs+oPXjEjL0akoDo3JSHmYySrZiUj0Gr ZcRqm1aPp0+5AgSTrmxpznSoUlj3Aivc9XuqRo2/wxbasaNVmF7CsYoj9ErUB7YR NKXM7xhgd1zwTr3pW1n/p2Gwf5qTrOt1oOM22hLqOp/KgoUXNGMWrM3nyEAC9cvH ysaVBcj1wDz6Si4wUMyaMrWqNZl/gBRxYQW9UvS7Zi7i+qdAZ1MpdXR9LIKWv1uN f490e1HHuid3qWa2QtRR4LGxIves74uHORUs0xnEsXtoqHy51ozTY9y+6NIfikDQ TDk7+a5JV/9XKRnNTl3flwEmQIkWJ6mpZ1JPM/XeSpmoEFQYAaKJg6DC6V8kgdHM INYbCY8DOqxhdCTN6+qDEkOVwuClpEpWntQF8rxg/W/NdiiXnzCUlOQBmjok8kXW ajgcPZ2n9SzjpbqiXvBPNsXGs5Akt9Vyo6Kyosq+YEY/Jn0HQcM= =j/HW -----END PGP SIGNATURE-----

7 years

1
0
0 0

[GIT PULL] commits for Linux 4.4

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.4 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit b001adea66f0e0a7803adfbf9128a2d7969daa4e: Linux 4.4.161 (2018-10-13 09:11:36 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.4-16102018 for you to fetch changes up to 0d850290d80e46758e82d87904cec458113f923e: powerpc/tm: Avoid possible userspace r1 corruption on reclaim (2018-10-15 18:02:16 -0400) - ---------------------------------------------------------------- for-greg-4.4-16102018 - ---------------------------------------------------------------- Andreas Schwab (1): Input: atakbd - fix Atari keymap James Cowgill (1): RISC-V: include linux/ftrace.h in asm-prototypes.h Jozef Balga (1): media: af9035: prevent buffer overflow on write Keerthy (1): clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Michael Neuling (2): powerpc/tm: Fix userspace r13 corruption powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Schmitz (1): Input: atakbd - fix Atari CapsLock behaviour Nathan Chancellor (1): net/mlx4: Use cpumask_available for eq->affinity_mask arch/powerpc/kernel/tm.S | 20 +++++++-- arch/riscv/include/asm/asm-prototypes.h | 7 ++++ drivers/clocksource/timer-ti-32k.c | 3 ++ drivers/input/keyboard/atakbd.c | 74 +++++++++++++-------------------- drivers/media/usb/dvb-usb-v2/af9035.c | 6 ++- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 +- 6 files changed, 61 insertions(+), 52 deletions(-) create mode 100644 arch/riscv/include/asm/asm-prototypes.h -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlvGFIEACgkQ3qZv95d3 LNxv3g//ZDlmu6pfxVo4C+l0pRa+uZvBorGmr+6hHlTYe19kbttuAGykjm+QCCb5 QXvUAft6YJaclXPXWi6NtEEG0TYrEtz7f7GWJyAr9FQ4kHHck2cUZrMq/marpK7i nkFD8ERCqixSV6VWk3PFQGv1oaEJnEi4ygEQXaSwSgVi47GZUS3MxkzUn1T9JAL0 eDR/DhoMOg9IXD8KVlg6yrkOoiSEbUIaYdXoa2JYGalJbAMvsPB4KqOnVe/Ry+/j RAGOzAok3Y8yvpmFSiz/gpkjSL3jQpdlsfvZFZcnnTks3Q6MlHuWt+SNRbRgtmdG VN2ijzyyhdvewj78KIz5V6uewSaw8TauWq6HqLdnTadisA9mvicDuHNkhn8dm54/ irawJcLsVn+KNA6m8fFRgpfRNMP92DvVz25tTbF08QeKGtr/aF/XelPEj2B3YD/R CFE0f5n/vkv6KSs8GSjqvJD8w4vpP1P8TqJwNAdU7yF+aisNWJqaueKdQ8FA8q54 TDPSFUWqqLuDkDyLwfidMJl0R60PhmkVuAFLBqPkIo7m05AFm3Ab71nq7+U45g3C ELw1z/hFSlmj8z9l8VwlxqAdTa/ppKVHnK9eYAnCItpO5G26FNcbpeAZF3lT74XK mzutvuFZznNX6cxxc5fsan5r7c5+oENNMlNlgPplY97mTyUs2/w= =uvan -----END PGP SIGNATURE-----

7 years

1
0
0 0

[GIT PULL] commits for Linux 4.9

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.9 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit deb3303f665b31c29210ef4b30b1e69cb06cc397: Linux 4.9.133 (2018-10-13 09:18:59 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.9-16102018 for you to fetch changes up to 088da20301ef9c8cf3a2b3a16945e7675b90e66e: iommu/amd: Return devid as alias for ACPI HID devices (2018-10-15 18:02:10 -0400) - ---------------------------------------------------------------- for-greg-4.9-16102018 - ---------------------------------------------------------------- Alexandru Gheorghe (1): drm: mali-dp: Call drm_crtc_vblank_reset on device init Andreas Schwab (1): Input: atakbd - fix Atari keymap Arindam Nath (1): iommu/amd: Return devid as alias for ACPI HID devices James Cowgill (1): RISC-V: include linux/ftrace.h in asm-prototypes.h Johannes Thumshirn (1): scsi: sd: don't crash the host on invalid commands Jozef Balga (1): media: af9035: prevent buffer overflow on write Kazuya Mizuguchi (1): ravb: do not write 1 to reserved bits Keerthy (1): clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Laura Abbott (2): scsi: ibmvscsis: Fix a stringop-overflow warning scsi: ibmvscsis: Ensure partition name is properly NUL terminated Marek Lindner (2): batman-adv: fix backbone_gw refcount on queue_work() failure batman-adv: fix hardif_neigh refcount on queue_work() failure Michael Neuling (2): powerpc/tm: Fix userspace r13 corruption powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Schmitz (1): Input: atakbd - fix Atari CapsLock behaviour Nathan Chancellor (1): net/mlx4: Use cpumask_available for eq->affinity_mask Sven Eckelmann (6): batman-adv: Fix segfault when writing to throughput_override batman-adv: Fix segfault when writing to sysfs elp_interval batman-adv: Prevent duplicated nc_node entry batman-adv: Prevent duplicated softif_vlan entry batman-adv: Prevent duplicated global TT entry batman-adv: Prevent duplicated tvlv handler arch/powerpc/kernel/tm.S | 20 +++++++-- arch/riscv/include/asm/asm-prototypes.h | 7 +++ drivers/clocksource/timer-ti-32k.c | 3 ++ drivers/gpu/drm/arm/malidp_drv.c | 1 + drivers/input/keyboard/atakbd.c | 74 ++++++++++++-------------------- drivers/iommu/amd_iommu.c | 6 +++ drivers/media/usb/dvb-usb-v2/af9035.c | 6 ++- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 +- drivers/net/ethernet/renesas/ravb.h | 5 +++ drivers/net/ethernet/renesas/ravb_main.c | 11 ++--- drivers/net/ethernet/renesas/ravb_ptp.c | 2 +- drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 5 +-- drivers/scsi/sd.c | 3 +- net/batman-adv/bat_v_elp.c | 8 +++- net/batman-adv/bridge_loop_avoidance.c | 10 ++++- net/batman-adv/network-coding.c | 27 ++++++------ net/batman-adv/soft-interface.c | 25 ++++++++--- net/batman-adv/sysfs.c | 30 ++++++++----- net/batman-adv/translation-table.c | 6 ++- net/batman-adv/tvlv.c | 8 +++- 20 files changed, 161 insertions(+), 99 deletions(-) create mode 100644 arch/riscv/include/asm/asm-prototypes.h -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlvGFHoACgkQ3qZv95d3 LNx+DBAAuEHwt9B1fQdY9RCXkJdOzi1nTvuJsw9BbCcM2iyHFpn2Cz4GVe4DLKy0 ochgEkOKoeUEdJe10twylhyL2H+awkq1EcSmz6/Ncnltft9t+y8zg+/t5GD2yrI9 L0wZcI6vs3kIhJXDZah7b/xapcwcLRq+qiM7+HfYuaG0g9TauzphOr9bwwSIkEW5 qWkJMd1iMrvr9ZTcjTTtrrgW9MnOWpewRIGxaLEDoZ+EzRGgw/NBdDb8CJU6vH6G 9Hsd/IWk/ObWSwToauy02g+lNqwKBc3Y+Vb79YKJfY8k1KXjnyVNtXHCkF63dG7J h+zbdd/mII7fA8b99pfdNlFLPxAXpF6jPpXQsb8wvGw/kWeq+s8ek22ly4p9zIDP 9ZQheepIWL5ATDPwNH8dZ7iuJW3JvBRftBuyyJNcCfCC6dXbhtXSFECmKB+xI5vq iwO01ZGw81yX8N3kSnqmtZBgU1mmFYkvUDe38s63P9rDZOdhshm9XHBwBu54KDyA tF81VuxVvEvYRpPO3a6d/fIZEMcGIplDA/97yIHaNvZWWnURJMnDo+OsphqM5h5c Dt2xvi/t0Hc8RKmILCP6jXrOowj+hrUYjV3Sp7Pb9XtrKPvkKiL1cqu3I3GdeG3i OuXnHApabuLSU0RW21D7LZeHkrRKM+Rj2aaJlyT+ln7j/G8fl74= =C4kD -----END PGP SIGNATURE-----

7 years

1
0
0 0

[GIT PULL] commits for Linux 4.14

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.14 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 0b46ce3e3423aee80d28d296e1806176cdcec7ad: Linux 4.14.76 (2018-10-13 09:27:30 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.14-16102018 for you to fetch changes up to d4c8a84b095877b071d34320c5abcd3a2fb33094: iommu/amd: Return devid as alias for ACPI HID devices (2018-10-15 18:02:03 -0400) - ---------------------------------------------------------------- for-greg-4.14-16102018 - ---------------------------------------------------------------- Alexander Shishkin (1): intel_th: pci: Add Ice Lake PCH support Alexandru Gheorghe (1): drm: mali-dp: Call drm_crtc_vblank_reset on device init Andreas Schwab (1): Input: atakbd - fix Atari keymap Arindam Nath (1): iommu/amd: Return devid as alias for ACPI HID devices Christian Lamparter (1): net: emac: fix fixed-link setup for the RTL8363SB switch Davide Caratti (1): bnxt_en: don't try to offload VLAN 'modify' action Friedemann Gerold (1): net: aquantia: memory corruption on jumbo frames James Cowgill (1): RISC-V: include linux/ftrace.h in asm-prototypes.h Jisheng Zhang (1): PCI: dwc: Fix scheduling while atomic issues Johannes Thumshirn (1): scsi: sd: don't crash the host on invalid commands Jozef Balga (1): media: af9035: prevent buffer overflow on write Kazuya Mizuguchi (1): ravb: do not write 1 to reserved bits Keerthy (1): clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs Laura Abbott (2): scsi: ibmvscsis: Fix a stringop-overflow warning scsi: ibmvscsis: Ensure partition name is properly NUL terminated Marek Lindner (2): batman-adv: fix backbone_gw refcount on queue_work() failure batman-adv: fix hardif_neigh refcount on queue_work() failure Michael Neuling (2): powerpc/tm: Fix userspace r13 corruption powerpc/tm: Avoid possible userspace r1 corruption on reclaim Michael Schmitz (1): Input: atakbd - fix Atari CapsLock behaviour Nathan Chancellor (1): net/mlx4: Use cpumask_available for eq->affinity_mask Sven Eckelmann (8): batman-adv: Avoid probe ELP information leak batman-adv: Fix segfault when writing to throughput_override batman-adv: Fix segfault when writing to sysfs elp_interval batman-adv: Prevent duplicated gateway_node entry batman-adv: Prevent duplicated nc_node entry batman-adv: Prevent duplicated softif_vlan entry batman-adv: Prevent duplicated global TT entry batman-adv: Prevent duplicated tvlv handler Tao Ren (1): clocksource/drivers/fttmr010: Fix set_next_event handler Wen Xiong (1): scsi: ipr: System hung while dlpar adding primary ipr adapter back arch/powerpc/kernel/tm.S | 20 ++++- arch/riscv/include/asm/asm-prototypes.h | 7 ++ drivers/clocksource/timer-fttmr010.c | 18 ++-- drivers/clocksource/timer-ti-32k.c | 3 + drivers/gpu/drm/arm/malidp_drv.c | 1 + drivers/hwtracing/intel_th/pci.c | 5 ++ drivers/input/keyboard/atakbd.c | 74 ++++++---------- drivers/iommu/amd_iommu.c | 6 ++ drivers/media/usb/dvb-usb-v2/af9035.c | 6 +- drivers/net/ethernet/aquantia/atlantic/aq_ring.c | 32 ++++--- drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 20 +++-- drivers/net/ethernet/ibm/emac/core.c | 15 ++-- drivers/net/ethernet/mellanox/mlx4/eq.c | 3 +- drivers/net/ethernet/renesas/ravb.h | 5 ++ drivers/net/ethernet/renesas/ravb_main.c | 11 +-- drivers/net/ethernet/renesas/ravb_ptp.c | 2 +- drivers/pci/dwc/pcie-designware.c | 8 +- drivers/pci/dwc/pcie-designware.h | 3 +- drivers/scsi/ibmvscsi_tgt/ibmvscsi_tgt.c | 5 +- drivers/scsi/ipr.c | 106 +++++++++++++---------- drivers/scsi/ipr.h | 1 + drivers/scsi/sd.c | 3 +- net/batman-adv/bat_v_elp.c | 10 ++- net/batman-adv/bridge_loop_avoidance.c | 10 ++- net/batman-adv/gateway_client.c | 11 ++- net/batman-adv/network-coding.c | 27 +++--- net/batman-adv/soft-interface.c | 25 ++++-- net/batman-adv/sysfs.c | 30 ++++--- net/batman-adv/translation-table.c | 6 +- net/batman-adv/tvlv.c | 8 +- 30 files changed, 296 insertions(+), 185 deletions(-) create mode 100644 arch/riscv/include/asm/asm-prototypes.h -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlvGFHMACgkQ3qZv95d3 LNxd3w//el01UZYBcr5IwNl+TCESFIpZu0fKopnSqBcKA5o7I6saYNrWBV3bgoTx Ob+XSfKe0FtXFsvXVveLCyEa/ctAz3wj+6D00kV1x6fbIknAg8GjKogu0rpZgXEG 5acEKpw/zutWSGJcZ166gN0sPH8TZDZJDj3qAXLiSmu0CHAJlTooD+tQd6gtKhrG 8pL7HUoJXIK1PVvghaLhiJh01m7iPAjA5rS1M359dWlNwpgCdOfeAjWThy+3QUaM DEs35AvRFPq+kzGRsJyy++NCp2rqgctorhh1O0FUO8tqBN59poMyPXImjtj/NwJG pRqFaohwjDpIaKjWUiP63dVglrlxshI9uSebVGZwEOJm4tq9nkQtzKtaLYirjiIe nOHPuIYG9u8en9MIImw0m3vmfViHAxATh9/dEZuk4rYyTjVMrNC2d9RPbnpARITH PGHsgysAgFt95f3YQbe7ZnCiojS82sc9+Nn6fi9RXzF3q9k9SyIQ4JF1+fjF45LV Uz5EK08tDS2LcvqdqYeR3Ws5nlhGZVVO7q0ec4b0TBZZ4IxWME6jLGQT6g8UTmwG UV4gVL8/kZ2UlqClk/rYoelYYFo5fL8ntImbGvr+BckRSYcV2+DsQ1t3sHM04fVL kkYMASseaPyGC/c+Xfdcod05lzKdwx0uBdFxb+Wce3qSuefei04= =aLi0 -----END PGP SIGNATURE-----

7 years

1
0
0 0

Backports that remove FPU lazy-mode deadcode (4.4)

by Daniel Sangorrin

Hello Greg, This series contains patches that complete the removal of FPU lazy-mode code, documentation and comments for kernel 4.4.y. The patches are mostly cleanups and they can be useful to backport future patches if more bugs on the FPU code are found. [PATCH v4 4.4 1/4] KVM: x86: remove eager_fpu field of struct [PATCH v4 4.4 2/4] x86/fpu: Remove use_eager_fpu() [PATCH v4 4.4 3/4] x86/fpu: Remove struct fpu::counter [PATCH v4 4.4 4/4] x86/fpu: Finish excising 'eagerfpu' Diffstat: Documentation/kernel-parameters.txt | 5 ----- arch/x86/crypto/crc32c-intel_glue.c | 17 ++++------------- arch/x86/include/asm/cpufeatures.h | 1 - arch/x86/include/asm/fpu/internal.h | 37 +------------------------------------ arch/x86/include/asm/fpu/types.h | 34 ---------------------------------- arch/x86/include/asm/kvm_host.h | 1 - arch/x86/kernel/fpu/core.c | 41 +++++------------------------------------ arch/x86/kernel/fpu/signal.c | 8 +++----- arch/x86/kvm/cpuid.c | 5 +---- arch/x86/kvm/x86.c | 10 ---------- 10 files changed, 14 insertions(+), 145 deletions(-) Thanks, Daniel

7 years

2
5
0 0

[PATCH stable 4.9 v2 00/29] backport of IP fragmentation fixes

by Florian Fainelli

This is based on Stephen's v4.14 patches, with the necessary merge conflicts, and the lack of timer_setup() on the 4.9 baseline. Perf results on a gigabit capable system, before and after are below. Series can also be found here: https://github.com/ffainelli/linux/commits/fragment-stack-v4.9-v2 Changes in v2: - drop "net: sk_buff rbnode reorg" - added original "ip: use rb trees for IP frag queue." commit Before patches: PerfTop: 180 irqs/sec kernel:78.9% exact: 0.0% [4000Hz cycles:ppp], (all, 4 CPUs) ------------------------------------------------------------------------------- 34.81% [kernel] [k] ip_defrag 4.57% [kernel] [k] arch_cpu_idle 2.09% [kernel] [k] fib_table_lookup 1.74% [kernel] [k] finish_task_switch 1.57% [kernel] [k] v7_dma_inv_range 1.47% [kernel] [k] __netif_receive_skb_core 1.06% [kernel] [k] __slab_free 1.04% [kernel] [k] __netdev_alloc_skb 0.99% [kernel] [k] ip_route_input_noref 0.96% [kernel] [k] dev_gro_receive 0.96% [kernel] [k] tick_nohz_idle_enter 0.93% [kernel] [k] bcm_sysport_poll 0.92% [kernel] [k] skb_release_data 0.91% [kernel] [k] __memzero 0.90% [kernel] [k] __free_page_frag 0.87% [kernel] [k] ip_rcv 0.77% [kernel] [k] eth_type_trans 0.71% [kernel] [k] _raw_spin_unlock_irqrestore 0.68% [kernel] [k] tick_nohz_idle_exit 0.65% [kernel] [k] bcm_sysport_rx_refill After patches: PerfTop: 214 irqs/sec kernel:80.4% exact: 0.0% [4000Hz cycles:ppp], (all, 4 CPUs) ------------------------------------------------------------------------------- 6.61% [kernel] [k] arch_cpu_idle 3.77% [kernel] [k] ip_defrag 3.65% [kernel] [k] v7_dma_inv_range 3.18% [kernel] [k] fib_table_lookup 3.04% [kernel] [k] __netif_receive_skb_core 2.31% [kernel] [k] finish_task_switch 2.31% [kernel] [k] _raw_spin_unlock_irqrestore 1.65% [kernel] [k] bcm_sysport_poll 1.63% [kernel] [k] ip_route_input_noref 1.63% [kernel] [k] __memzero 1.58% [kernel] [k] __netdev_alloc_skb 1.47% [kernel] [k] tick_nohz_idle_enter 1.40% [kernel] [k] __slab_free 1.32% [kernel] [k] ip_rcv 1.32% [kernel] [k] __softirqentry_text_start 1.30% [kernel] [k] dev_gro_receive 1.23% [kernel] [k] bcm_sysport_rx_refill 1.11% [kernel] [k] tick_nohz_idle_exit 1.06% [kernel] [k] memcmp 1.02% [kernel] [k] dma_cache_maint_page Dan Carpenter (1): ipv4: frags: precedence bug in ip_expire() Eric Dumazet (21): inet: frags: change inet_frags_init_net() return value inet: frags: add a pointer to struct netns_frags inet: frags: refactor ipfrag_init() inet: frags: refactor ipv6_frag_init() inet: frags: refactor lowpan_net_frag_init() ipv6: export ip6 fragments sysctl to unprivileged users rhashtable: add schedule points inet: frags: use rhashtables for reassembly units inet: frags: remove some helpers inet: frags: get rif of inet_frag_evicting() inet: frags: remove inet_frag_maybe_warn_overflow() inet: frags: break the 2GB limit for frags storage inet: frags: do not clone skb in ip_expire() ipv6: frags: rewrite ip6_expire_frag_queue() rhashtable: reorganize struct rhashtable layout inet: frags: reorganize struct netns_frags inet: frags: get rid of ipfrag_skb_cb/FRAG_CB inet: frags: fix ip6frag_low_thresh boundary net: speed up skb_rbtree_purge() net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends net: add rb_to_skb() and other rb tree helpers Florian Westphal (1): ipv6: defrag: drop non-last frags smaller than min mtu Peter Oskolkov (5): ip: discard IPv4 datagrams with overlapping segments. net: modify skb_rbtree_purge to return the truesize of all purged skbs. ip: use rb trees for IP frag queue. ip: add helpers to process in-order fragments faster. ip: process in-order fragments efficiently Taehee Yoo (1): ip: frags: fix crash in ip_do_fragment() Documentation/networking/ip-sysctl.txt | 13 +- include/linux/rhashtable.h | 4 +- include/linux/skbuff.h | 34 +- include/net/inet_frag.h | 133 +++--- include/net/ip.h | 1 - include/net/ipv6.h | 26 +- include/uapi/linux/snmp.h | 1 + lib/rhashtable.c | 5 +- net/core/skbuff.c | 31 +- net/ieee802154/6lowpan/6lowpan_i.h | 26 +- net/ieee802154/6lowpan/reassembly.c | 148 +++--- net/ipv4/inet_fragment.c | 379 ++++------------ net/ipv4/ip_fragment.c | 573 +++++++++++++----------- net/ipv4/proc.c | 7 +- net/ipv4/tcp_input.c | 33 +- net/ipv6/netfilter/nf_conntrack_reasm.c | 100 ++--- net/ipv6/proc.c | 5 +- net/ipv6/reassembly.c | 212 ++++----- 18 files changed, 774 insertions(+), 957 deletions(-) -- 2.17.1

7 years

3
32
0 0

[PATCH 4.14 00/24] V4.14 backport of 32-bit arm spectre patches

by David Long

From: "David A. Long" <dave.long(a)linaro.org> V4.14 backport of spectre patches from Russell M. King's spectre branch. Patches not yet in upstream are excluded. Marc Zyngier (2): ARM: KVM: invalidate BTB on guest exit for Cortex-A12/A17 ARM: KVM: invalidate icache on guest exit for Cortex-A15 Russell King (22): ARM: add more CPU part numbers for Cortex and Brahma B15 CPUs ARM: bugs: prepare processor bug infrastructure ARM: bugs: hook processor bug checking into SMP and suspend paths ARM: bugs: add support for per-processor bug checking ARM: spectre: add Kconfig symbol for CPUs vulnerable to Spectre ARM: spectre-v2: harden branch predictor on context switches ARM: spectre-v2: add Cortex A8 and A15 validation of the IBE bit ARM: spectre-v2: harden user aborts in kernel space ARM: spectre-v2: add firmware based hardening ARM: spectre-v2: warn about incorrect context switching functions ARM: spectre-v2: KVM: invalidate icache on guest exit for Brahma B15 ARM: KVM: Add SMCCC_ARCH_WORKAROUND_1 fast handling ARM: KVM: report support for SMCCC_ARCH_WORKAROUND_1 ARM: spectre-v1: add speculation barrier (csdb) macros ARM: spectre-v1: add array_index_mask_nospec() implementation ARM: spectre-v1: fix syscall entry ARM: signal: copy registers using __copy_from_user() ARM: vfp: use __copy_from_user() when restoring VFP state ARM: oabi-compat: copy semops using __copy_from_user() ARM: use __inttype() in get_user() ARM: spectre-v1: use get_user() for __get_user() ARM: spectre-v1: mitigate user accesses arch/arm/include/asm/assembler.h | 12 +++ arch/arm/include/asm/barrier.h | 32 +++++++ arch/arm/include/asm/bugs.h | 6 +- arch/arm/include/asm/cp15.h | 3 + arch/arm/include/asm/cputype.h | 8 ++ arch/arm/include/asm/kvm_asm.h | 2 - arch/arm/include/asm/kvm_host.h | 14 ++- arch/arm/include/asm/kvm_mmu.h | 23 ++++- arch/arm/include/asm/proc-fns.h | 4 + arch/arm/include/asm/system_misc.h | 15 ++++ arch/arm/include/asm/thread_info.h | 4 +- arch/arm/include/asm/uaccess.h | 26 ++++-- arch/arm/kernel/Makefile | 1 + arch/arm/kernel/bugs.c | 18 ++++ arch/arm/kernel/entry-common.S | 18 ++-- arch/arm/kernel/entry-header.S | 25 ++++++ arch/arm/kernel/signal.c | 58 ++++++------- arch/arm/kernel/smp.c | 4 + arch/arm/kernel/suspend.c | 2 + arch/arm/kernel/sys_oabi-compat.c | 8 +- arch/arm/kvm/hyp/hyp-entry.S | 112 +++++++++++++++++++++++- arch/arm/lib/copy_from_user.S | 9 ++ arch/arm/mm/Kconfig | 23 +++++ arch/arm/mm/Makefile | 2 +- arch/arm/mm/fault.c | 3 + arch/arm/mm/proc-macros.S | 3 +- arch/arm/mm/proc-v7-2level.S | 6 -- arch/arm/mm/proc-v7-bugs.c | 174 +++++++++++++++++++++++++++++++++++++ arch/arm/mm/proc-v7.S | 154 +++++++++++++++++++++++++------- arch/arm/vfp/vfpmodule.c | 17 ++-- 30 files changed, 674 insertions(+), 112 deletions(-) create mode 100644 arch/arm/kernel/bugs.c create mode 100644 arch/arm/mm/proc-v7-bugs.c -- 2.5.0

7 years

2
25
0 0

[PATCH] ACPICA: Fix dispatcher timeout mechanism

by Bart Van Assche

This patch avoids that the following warning is reported during hibernation: WARNING: CPU: 0 PID: 612 at kernel/time/timekeeping.c:751 ktime_get+0x116/0x120 RIP: 0010:ktime_get+0x116/0x120 Call Trace: acpi_os_get_timer+0xe/0x30 acpi_ds_exec_begin_control_op+0x175/0x1de acpi_ds_exec_begin_op+0x2c7/0x39a acpi_ps_create_op+0x573/0x5e4 acpi_ps_parse_loop+0x349/0x1220 acpi_ps_parse_aml+0x25b/0x6da acpi_ps_execute_method+0x327/0x41b acpi_ns_evaluate+0x4e9/0x6f5 acpi_ut_evaluate_object+0xd9/0x2f2 acpi_rs_get_method_data+0x8f/0x114 acpi_walk_resources+0x122/0x1b6 acpi_pci_link_get_current.isra.2+0x157/0x280 acpi_pci_link_set+0x32f/0x4a0 irqrouter_resume+0x58/0x80 syscore_resume+0x84/0x380 hibernation_snapshot+0x20c/0x4f0 hibernate+0x22d/0x3a6 state_store+0x99/0xa0 kobj_attr_store+0x37/0x50 sysfs_kf_write+0x87/0xa0 kernfs_fop_write+0x1a5/0x240 __vfs_write+0xd2/0x410 vfs_write+0x101/0x250 ksys_write+0xab/0x120 __x64_sys_write+0x43/0x50 do_syscall_64+0x71/0x220 entry_SYSCALL_64_after_hwframe+0x49/0xbe Reported-by: Fengguang Wu <fengguang.wu(a)intel.com> Fixes: 164a08cee135 ("ACPICA: Dispatcher: Introduce timeout mechanism for infinite loop detection") References: https://lists.01.org/pipermail/lkp/2018-April/008406.html Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> Cc: Rafael J. Wysocki <rjw(a)rjwysocki.net> Cc: Len Brown <lenb(a)kernel.org> Cc: Fengguang Wu <fengguang.wu(a)intel.com> Cc: linux-acpi(a)vger.kernel.org Cc: stable(a)vger.kernel.org --- drivers/acpi/acpica/aclocal.h | 2 +- drivers/acpi/acpica/dscontrol.c | 9 ++++----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/drivers/acpi/acpica/aclocal.h b/drivers/acpi/acpica/aclocal.h index 0f28a38a43ea..7b093bcbaef5 100644 --- a/drivers/acpi/acpica/aclocal.h +++ b/drivers/acpi/acpica/aclocal.h @@ -588,7 +588,7 @@ struct acpi_control_state { union acpi_parse_object *predicate_op; u8 *aml_predicate_start; /* Start of if/while predicate */ u8 *package_end; /* End of if/while block */ - u64 loop_timeout; /* While() loop timeout */ + unsigned long loop_timeout; /* While() loop timeout */ }; /* diff --git a/drivers/acpi/acpica/dscontrol.c b/drivers/acpi/acpica/dscontrol.c index 0da96268deb5..9dbea4549484 100644 --- a/drivers/acpi/acpica/dscontrol.c +++ b/drivers/acpi/acpica/dscontrol.c @@ -84,8 +84,8 @@ acpi_ds_exec_begin_control_op(struct acpi_walk_state *walk_state, control_state->control.package_end = walk_state->parser_state.pkg_end; control_state->control.opcode = op->common.aml_opcode; - control_state->control.loop_timeout = acpi_os_get_timer() + - (u64)(acpi_gbl_max_loop_iterations * ACPI_100NSEC_PER_SEC); + control_state->control.loop_timeout = jiffies + + acpi_gbl_max_loop_iterations * HZ; /* Push the control state on this walk's control stack */ @@ -179,9 +179,8 @@ acpi_ds_exec_end_control_op(struct acpi_walk_state *walk_state, * written AML when the hardware does not respond within a while * loop and the loop does not implement a timeout. */ - if (ACPI_TIME_AFTER(acpi_os_get_timer(), - control_state->control. - loop_timeout)) { + if (time_after(jiffies, + control_state->control.loop_timeout)) { status = AE_AML_LOOP_TIMEOUT; break; } -- 2.19.1.331.ge82ca0e54c-goog

7 years

3
4
0 0

FAILED: patch "[PATCH] mm: treat indirectly reclaimable memory as free in overcommit" failed to apply to 4.16-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.16-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From d79f7aa496fc94d763f67b833a1f36f4c171176f Mon Sep 17 00:00:00 2001 From: Roman Gushchin <guro(a)fb.com> Date: Tue, 10 Apr 2018 16:27:47 -0700 Subject: [PATCH] mm: treat indirectly reclaimable memory as free in overcommit logic Indirectly reclaimable memory can consume a significant part of total memory and it's actually reclaimable (it will be released under actual memory pressure). So, the overcommit logic should treat it as free. Otherwise, it's possible to cause random system-wide memory allocation failures by consuming a significant amount of memory by indirectly reclaimable memory, e.g. dentry external names. If overcommit policy GUESS is used, it might be used for denial of service attack under some conditions. The following program illustrates the approach. It causes the kernel to allocate an unreclaimable kmalloc-256 chunk for each stat() call, so that at some point the overcommit logic may start blocking large allocation system-wide. int main() { char buf[256]; unsigned long i; struct stat statbuf; buf[0] = '/'; for (i = 1; i < sizeof(buf); i++) buf[i] = '_'; for (i = 0; 1; i++) { sprintf(&buf[248], "%8lu", i); stat(buf, &statbuf); } return 0; } This patch in combination with related indirectly reclaimable memory patches closes this issue. Link: http://lkml.kernel.org/r/20180313130041.8078-1-guro@fb.com Signed-off-by: Roman Gushchin <guro(a)fb.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Cc: Alexander Viro <viro(a)zeniv.linux.org.uk> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Johannes Weiner <hannes(a)cmpxchg.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/mm/util.c b/mm/util.c index 029fc2f3b395..73676f0f1b43 100644 --- a/mm/util.c +++ b/mm/util.c @@ -667,6 +667,13 @@ int __vm_enough_memory(struct mm_struct *mm, long pages, int cap_sys_admin) */ free += global_node_page_state(NR_SLAB_RECLAIMABLE); + /* + * Part of the kernel memory, which can be released + * under memory pressure. + */ + free += global_node_page_state( + NR_INDIRECTLY_RECLAIMABLE_BYTES) >> PAGE_SHIFT; + /* * Leave reserved pages. The pages are not for anonymous pages. */

7 years

3
4
0 0

[stable PATCH] xhci: Don't print a warning when setting link state for disabled ports

by Ross Zwisler

From: Mathias Nyman <mathias.nyman(a)linux.intel.com> commit 1208d8a84fdcae6b395c57911cdf907450d30e70 upstream. When disabling a USB3 port the hub driver will set the port link state to U3 to prevent "ejected" or "safely removed" devices that are still physically connected from immediately re-enumerating. If the device was really unplugged, then error messages were printed as the hub tries to set the U3 link state for a port that is no longer enabled. xhci-hcd ee000000.usb: Cannot set link state. usb usb8-port1: cannot disable (err = -32) Don't print error message in xhci-hub if hub tries to set port link state for a disabled port. Return -ENODEV instead which also silences hub driver. Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> Tested-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Ross Zwisler <zwisler(a)google.com> --- We'd like to get this commit added to linux-4.14.y, linux-4.9.y and linux-4.4.y, please. We continue to get error reports from users who are concerned about the USB error messages referred to in the changelog. The upstream commit 1208d8a84fdc can be cherry-picked cleanly to linux-4.14.y, and this patch applies cleanly to both linux-4.9.y and linux-4.4.y. I've tested both the clean cherry-pick and this version of the patch on real hardware. --- drivers/usb/host/xhci-hub.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/drivers/usb/host/xhci-hub.c b/drivers/usb/host/xhci-hub.c index 0722f75f1d6a..54bde0f45666 100644 --- a/drivers/usb/host/xhci-hub.c +++ b/drivers/usb/host/xhci-hub.c @@ -1073,13 +1073,15 @@ int xhci_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, break; } - /* Software should not attempt to set - * port link state above '3' (U3) and the port - * must be enabled. - */ - if ((temp & PORT_PE) == 0 || - (link_state > USB_SS_PORT_LS_U3)) { - xhci_warn(xhci, "Cannot set link state.\n"); + /* Port must be enabled */ + if (!(temp & PORT_PE)) { + retval = -ENODEV; + break; + } + /* Can't set port link state above '3' (U3) */ + if (link_state > USB_SS_PORT_LS_U3) { + xhci_warn(xhci, "Cannot set port %d link state %d\n", + wIndex, link_state); goto error; } -- 2.19.0.605.g01d371f741-goog

7 years

2
1
0 0

i2c: i2c-scmi: fix for i2c_smbus_write_block_data

by Wolfram Sang

Hi, upstream commit 08d9db00fe0e ("i2c: i2c-scmi: fix for i2c_smbus_write_block_data") should go to stable. I simply forgot to tag it accordingly. I am sorry about that. It should have: Fixes: dc9854212e0d ("i2c: Add driver for SMBus Control Method Interface") # v2.6.32+ Thanks, Wolfram

7 years

2
1
0 0

FAILED: patch "[PATCH] MIPS: memset: Fix CPU_DADDI_WORKAROUNDS `small_fixup'" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 148b9aba99e0bbadf361747d21456e1589015f74 Mon Sep 17 00:00:00 2001 From: "Maciej W. Rozycki" <macro(a)linux-mips.org> Date: Tue, 2 Oct 2018 12:50:11 +0100 Subject: [PATCH] MIPS: memset: Fix CPU_DADDI_WORKAROUNDS `small_fixup' regression Fix a commit 8a8158c85e1e ("MIPS: memset.S: EVA & fault support for small_memset") regression and remove assembly warnings: arch/mips/lib/memset.S: Assembler messages: arch/mips/lib/memset.S:243: Warning: Macro instruction expanded into multiple instructions in a branch delay slot triggering with the CPU_DADDI_WORKAROUNDS option set and this code: PTR_SUBU a2, t1, a0 jr ra PTR_ADDIU a2, 1 This is because with that option in place the DADDIU instruction, which the PTR_ADDIU CPP macro expands to, becomes a GAS macro, which in turn expands to an LI/DADDU (or actually ADDIU/DADDU) sequence: 13c: 01a4302f dsubu a2,t1,a0 140: 03e00008 jr ra 144: 24010001 li at,1 148: 00c1302d daddu a2,a2,at ... Correct this by switching off the `noreorder' assembly mode and letting GAS schedule this jump's delay slot, as there is nothing special about it that would require manual scheduling. With this change in place correct code is produced: 13c: 01a4302f dsubu a2,t1,a0 140: 24010001 li at,1 144: 03e00008 jr ra 148: 00c1302d daddu a2,a2,at ... Signed-off-by: Maciej W. Rozycki <macro(a)linux-mips.org> Signed-off-by: Paul Burton <paul.burton(a)mips.com> Fixes: 8a8158c85e1e ("MIPS: memset.S: EVA & fault support for small_memset") Patchwork: https://patchwork.linux-mips.org/patch/20833/ Cc: Ralf Baechle <ralf(a)linux-mips.org> Cc: stable(a)vger.kernel.org # 4.17+ diff --git a/arch/mips/lib/memset.S b/arch/mips/lib/memset.S index 3a6f34ef5ffc..069acec3df9f 100644 --- a/arch/mips/lib/memset.S +++ b/arch/mips/lib/memset.S @@ -280,9 +280,11 @@ * unset_bytes = end_addr - current_addr + 1 * a2 = t1 - a0 + 1 */ + .set reorder PTR_SUBU a2, t1, a0 + PTR_ADDIU a2, 1 jr ra - PTR_ADDIU a2, 1 + .set noreorder .endm

7 years

1
0
0 0

FAILED: patch "[PATCH] MIPS: memset: Fix CPU_DADDI_WORKAROUNDS `small_fixup'" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 148b9aba99e0bbadf361747d21456e1589015f74 Mon Sep 17 00:00:00 2001 From: "Maciej W. Rozycki" <macro(a)linux-mips.org> Date: Tue, 2 Oct 2018 12:50:11 +0100 Subject: [PATCH] MIPS: memset: Fix CPU_DADDI_WORKAROUNDS `small_fixup' regression Fix a commit 8a8158c85e1e ("MIPS: memset.S: EVA & fault support for small_memset") regression and remove assembly warnings: arch/mips/lib/memset.S: Assembler messages: arch/mips/lib/memset.S:243: Warning: Macro instruction expanded into multiple instructions in a branch delay slot triggering with the CPU_DADDI_WORKAROUNDS option set and this code: PTR_SUBU a2, t1, a0 jr ra PTR_ADDIU a2, 1 This is because with that option in place the DADDIU instruction, which the PTR_ADDIU CPP macro expands to, becomes a GAS macro, which in turn expands to an LI/DADDU (or actually ADDIU/DADDU) sequence: 13c: 01a4302f dsubu a2,t1,a0 140: 03e00008 jr ra 144: 24010001 li at,1 148: 00c1302d daddu a2,a2,at ... Correct this by switching off the `noreorder' assembly mode and letting GAS schedule this jump's delay slot, as there is nothing special about it that would require manual scheduling. With this change in place correct code is produced: 13c: 01a4302f dsubu a2,t1,a0 140: 24010001 li at,1 144: 03e00008 jr ra 148: 00c1302d daddu a2,a2,at ... Signed-off-by: Maciej W. Rozycki <macro(a)linux-mips.org> Signed-off-by: Paul Burton <paul.burton(a)mips.com> Fixes: 8a8158c85e1e ("MIPS: memset.S: EVA & fault support for small_memset") Patchwork: https://patchwork.linux-mips.org/patch/20833/ Cc: Ralf Baechle <ralf(a)linux-mips.org> Cc: stable(a)vger.kernel.org # 4.17+ diff --git a/arch/mips/lib/memset.S b/arch/mips/lib/memset.S index 3a6f34ef5ffc..069acec3df9f 100644 --- a/arch/mips/lib/memset.S +++ b/arch/mips/lib/memset.S @@ -280,9 +280,11 @@ * unset_bytes = end_addr - current_addr + 1 * a2 = t1 - a0 + 1 */ + .set reorder PTR_SUBU a2, t1, a0 + PTR_ADDIU a2, 1 jr ra - PTR_ADDIU a2, 1 + .set noreorder .endm

7 years

1
0
0 0

FAILED: patch "[PATCH] MIPS: memset: Fix CPU_DADDI_WORKAROUNDS `small_fixup'" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 148b9aba99e0bbadf361747d21456e1589015f74 Mon Sep 17 00:00:00 2001 From: "Maciej W. Rozycki" <macro(a)linux-mips.org> Date: Tue, 2 Oct 2018 12:50:11 +0100 Subject: [PATCH] MIPS: memset: Fix CPU_DADDI_WORKAROUNDS `small_fixup' regression Fix a commit 8a8158c85e1e ("MIPS: memset.S: EVA & fault support for small_memset") regression and remove assembly warnings: arch/mips/lib/memset.S: Assembler messages: arch/mips/lib/memset.S:243: Warning: Macro instruction expanded into multiple instructions in a branch delay slot triggering with the CPU_DADDI_WORKAROUNDS option set and this code: PTR_SUBU a2, t1, a0 jr ra PTR_ADDIU a2, 1 This is because with that option in place the DADDIU instruction, which the PTR_ADDIU CPP macro expands to, becomes a GAS macro, which in turn expands to an LI/DADDU (or actually ADDIU/DADDU) sequence: 13c: 01a4302f dsubu a2,t1,a0 140: 03e00008 jr ra 144: 24010001 li at,1 148: 00c1302d daddu a2,a2,at ... Correct this by switching off the `noreorder' assembly mode and letting GAS schedule this jump's delay slot, as there is nothing special about it that would require manual scheduling. With this change in place correct code is produced: 13c: 01a4302f dsubu a2,t1,a0 140: 24010001 li at,1 144: 03e00008 jr ra 148: 00c1302d daddu a2,a2,at ... Signed-off-by: Maciej W. Rozycki <macro(a)linux-mips.org> Signed-off-by: Paul Burton <paul.burton(a)mips.com> Fixes: 8a8158c85e1e ("MIPS: memset.S: EVA & fault support for small_memset") Patchwork: https://patchwork.linux-mips.org/patch/20833/ Cc: Ralf Baechle <ralf(a)linux-mips.org> Cc: stable(a)vger.kernel.org # 4.17+ diff --git a/arch/mips/lib/memset.S b/arch/mips/lib/memset.S index 3a6f34ef5ffc..069acec3df9f 100644 --- a/arch/mips/lib/memset.S +++ b/arch/mips/lib/memset.S @@ -280,9 +280,11 @@ * unset_bytes = end_addr - current_addr + 1 * a2 = t1 - a0 + 1 */ + .set reorder PTR_SUBU a2, t1, a0 + PTR_ADDIU a2, 1 jr ra - PTR_ADDIU a2, 1 + .set noreorder .endm

7 years

1
0
0 0

FAILED: patch "[PATCH] MIPS: memset: Fix CPU_DADDI_WORKAROUNDS `small_fixup'" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 148b9aba99e0bbadf361747d21456e1589015f74 Mon Sep 17 00:00:00 2001 From: "Maciej W. Rozycki" <macro(a)linux-mips.org> Date: Tue, 2 Oct 2018 12:50:11 +0100 Subject: [PATCH] MIPS: memset: Fix CPU_DADDI_WORKAROUNDS `small_fixup' regression Fix a commit 8a8158c85e1e ("MIPS: memset.S: EVA & fault support for small_memset") regression and remove assembly warnings: arch/mips/lib/memset.S: Assembler messages: arch/mips/lib/memset.S:243: Warning: Macro instruction expanded into multiple instructions in a branch delay slot triggering with the CPU_DADDI_WORKAROUNDS option set and this code: PTR_SUBU a2, t1, a0 jr ra PTR_ADDIU a2, 1 This is because with that option in place the DADDIU instruction, which the PTR_ADDIU CPP macro expands to, becomes a GAS macro, which in turn expands to an LI/DADDU (or actually ADDIU/DADDU) sequence: 13c: 01a4302f dsubu a2,t1,a0 140: 03e00008 jr ra 144: 24010001 li at,1 148: 00c1302d daddu a2,a2,at ... Correct this by switching off the `noreorder' assembly mode and letting GAS schedule this jump's delay slot, as there is nothing special about it that would require manual scheduling. With this change in place correct code is produced: 13c: 01a4302f dsubu a2,t1,a0 140: 24010001 li at,1 144: 03e00008 jr ra 148: 00c1302d daddu a2,a2,at ... Signed-off-by: Maciej W. Rozycki <macro(a)linux-mips.org> Signed-off-by: Paul Burton <paul.burton(a)mips.com> Fixes: 8a8158c85e1e ("MIPS: memset.S: EVA & fault support for small_memset") Patchwork: https://patchwork.linux-mips.org/patch/20833/ Cc: Ralf Baechle <ralf(a)linux-mips.org> Cc: stable(a)vger.kernel.org # 4.17+ diff --git a/arch/mips/lib/memset.S b/arch/mips/lib/memset.S index 3a6f34ef5ffc..069acec3df9f 100644 --- a/arch/mips/lib/memset.S +++ b/arch/mips/lib/memset.S @@ -280,9 +280,11 @@ * unset_bytes = end_addr - current_addr + 1 * a2 = t1 - a0 + 1 */ + .set reorder PTR_SUBU a2, t1, a0 + PTR_ADDIU a2, 1 jr ra - PTR_ADDIU a2, 1 + .set noreorder .endm

7 years

1
0
0 0

FAILED: patch "[PATCH] MIPS: VDSO: Always map near top of user memory" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From ea7e0480a4b695d0aa6b3fa99bd658a003122113 Mon Sep 17 00:00:00 2001 From: Paul Burton <paul.burton(a)mips.com> Date: Tue, 25 Sep 2018 15:51:26 -0700 Subject: [PATCH] MIPS: VDSO: Always map near top of user memory When using the legacy mmap layout, for example triggered using ulimit -s unlimited, get_unmapped_area() fills memory from bottom to top starting from a fairly low address near TASK_UNMAPPED_BASE. This placement is suboptimal if the user application wishes to allocate large amounts of heap memory using the brk syscall. With the VDSO being located low in the user's virtual address space, the amount of space available for access using brk is limited much more than it was prior to the introduction of the VDSO. For example: # ulimit -s unlimited; cat /proc/self/maps 00400000-004ec000 r-xp 00000000 08:00 71436 /usr/bin/coreutils 004fc000-004fd000 rwxp 000ec000 08:00 71436 /usr/bin/coreutils 004fd000-0050f000 rwxp 00000000 00:00 0 00cc3000-00ce4000 rwxp 00000000 00:00 0 [heap] 2ab96000-2ab98000 r--p 00000000 00:00 0 [vvar] 2ab98000-2ab99000 r-xp 00000000 00:00 0 [vdso] 2ab99000-2ab9d000 rwxp 00000000 00:00 0 ... Resolve this by adjusting STACK_TOP to reserve space for the VDSO & providing an address hint to get_unmapped_area() causing it to use this space even when using the legacy mmap layout. We reserve enough space for the VDSO, plus 1MB or 256MB for 32 bit & 64 bit systems respectively within which we randomize the VDSO base address. Previously this randomization was taken care of by the mmap base address randomization performed by arch_mmap_rnd(). The 1MB & 256MB sizes are somewhat arbitrary but chosen such that we have some randomization without taking up too much of the user's virtual address space, which is often in short supply for 32 bit systems. With this the VDSO is always mapped at a high address, leaving lots of space for statically linked programs to make use of brk: # ulimit -s unlimited; cat /proc/self/maps 00400000-004ec000 r-xp 00000000 08:00 71436 /usr/bin/coreutils 004fc000-004fd000 rwxp 000ec000 08:00 71436 /usr/bin/coreutils 004fd000-0050f000 rwxp 00000000 00:00 0 00c28000-00c49000 rwxp 00000000 00:00 0 [heap] ... 7f67c000-7f69d000 rwxp 00000000 00:00 0 [stack] 7f7fc000-7f7fd000 rwxp 00000000 00:00 0 7fcf1000-7fcf3000 r--p 00000000 00:00 0 [vvar] 7fcf3000-7fcf4000 r-xp 00000000 00:00 0 [vdso] Signed-off-by: Paul Burton <paul.burton(a)mips.com> Reported-by: Huacai Chen <chenhc(a)lemote.com> Fixes: ebb5e78cc634 ("MIPS: Initial implementation of a VDSO") Cc: Huacai Chen <chenhc(a)lemote.com> Cc: linux-mips(a)linux-mips.org Cc: stable(a)vger.kernel.org # v4.4+ diff --git a/arch/mips/include/asm/processor.h b/arch/mips/include/asm/processor.h index b2fa62922d88..49d6046ca1d0 100644 --- a/arch/mips/include/asm/processor.h +++ b/arch/mips/include/asm/processor.h @@ -13,6 +13,7 @@ #include <linux/atomic.h> #include <linux/cpumask.h> +#include <linux/sizes.h> #include <linux/threads.h> #include <asm/cachectl.h> @@ -80,11 +81,10 @@ extern unsigned int vced_count, vcei_count; #endif -/* - * One page above the stack is used for branch delay slot "emulation". - * See dsemul.c for details. - */ -#define STACK_TOP ((TASK_SIZE & PAGE_MASK) - PAGE_SIZE) +#define VDSO_RANDOMIZE_SIZE (TASK_IS_32BIT_ADDR ? SZ_1M : SZ_256M) + +extern unsigned long mips_stack_top(void); +#define STACK_TOP mips_stack_top() /* * This decides where the kernel will search for a free chunk of vm diff --git a/arch/mips/kernel/process.c b/arch/mips/kernel/process.c index 8fc69891e117..d4f7fd4550e1 100644 --- a/arch/mips/kernel/process.c +++ b/arch/mips/kernel/process.c @@ -32,6 +32,7 @@ #include <linux/nmi.h> #include <linux/cpu.h> +#include <asm/abi.h> #include <asm/asm.h> #include <asm/bootinfo.h> #include <asm/cpu.h> @@ -39,6 +40,7 @@ #include <asm/dsp.h> #include <asm/fpu.h> #include <asm/irq.h> +#include <asm/mips-cps.h> #include <asm/msa.h> #include <asm/pgtable.h> #include <asm/mipsregs.h> @@ -645,6 +647,29 @@ unsigned long get_wchan(struct task_struct *task) return pc; } +unsigned long mips_stack_top(void) +{ + unsigned long top = TASK_SIZE & PAGE_MASK; + + /* One page for branch delay slot "emulation" */ + top -= PAGE_SIZE; + + /* Space for the VDSO, data page & GIC user page */ + top -= PAGE_ALIGN(current->thread.abi->vdso->size); + top -= PAGE_SIZE; + top -= mips_gic_present() ? PAGE_SIZE : 0; + + /* Space for cache colour alignment */ + if (cpu_has_dc_aliases) + top -= shm_align_mask + 1; + + /* Space to randomize the VDSO base */ + if (current->flags & PF_RANDOMIZE) + top -= VDSO_RANDOMIZE_SIZE; + + return top; +} + /* * Don't forget that the stack pointer must be aligned on a 8 bytes * boundary for 32-bits ABI and 16 bytes for 64-bits ABI. diff --git a/arch/mips/kernel/vdso.c b/arch/mips/kernel/vdso.c index 8f845f6e5f42..48a9c6b90e07 100644 --- a/arch/mips/kernel/vdso.c +++ b/arch/mips/kernel/vdso.c @@ -15,6 +15,7 @@ #include <linux/ioport.h> #include <linux/kernel.h> #include <linux/mm.h> +#include <linux/random.h> #include <linux/sched.h> #include <linux/slab.h> #include <linux/timekeeper_internal.h> @@ -97,6 +98,21 @@ void update_vsyscall_tz(void) } } +static unsigned long vdso_base(void) +{ + unsigned long base; + + /* Skip the delay slot emulation page */ + base = STACK_TOP + PAGE_SIZE; + + if (current->flags & PF_RANDOMIZE) { + base += get_random_int() & (VDSO_RANDOMIZE_SIZE - 1); + base = PAGE_ALIGN(base); + } + + return base; +} + int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) { struct mips_vdso_image *image = current->thread.abi->vdso; @@ -137,7 +153,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) if (cpu_has_dc_aliases) size += shm_align_mask + 1; - base = get_unmapped_area(NULL, 0, size, 0, 0); + base = get_unmapped_area(NULL, vdso_base(), size, 0, 0); if (IS_ERR_VALUE(base)) { ret = base; goto out;

7 years

1
0
0 0

stable backport request: 28e2c4bb99aa ("mm/vmstat.c: fix outdated vmstat_text")

by Jann Horn

I guess I should put more stable backport tags on stuff, I've been bugged about not having requested a backport for the following: commit 28e2c4bb99aa ("mm/vmstat.c: fix outdated vmstat_text"), for stable kernels 4.14 and 4.18.

7 years

2
1
0 0

[PATCH] drm/atomic_helper: Stop modesets on unregistered connectors harder

by Lyude Paul

Unfortunately, it appears our fix in: commit b5d29843d8ef ("drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors") Which attempted to work around the problems introduced by: commit 4d80273976bf ("drm/atomic_helper: Disallow new modesets on unregistered connectors") Is still not the right solution, as modesets can still be triggered outside of drm_atomic_set_crtc_for_connector(). So in order to fix this, while still being careful that we don't break modesets that a driver may perform before being registered with userspace, we replace connector->registered with a tristate member, connector->registration_state. This allows us to keep track of whether or not a connector is still initializing and hasn't been exposed to userspace, is currently registered and exposed to userspace, or has been legitimately removed from the system after having once been present. Using this info, we can prevent userspace from performing new modesets on unregistered connectors while still allowing the driver to perform modesets on unregistered connectors before the driver has finished being registered. Fixes: b5d29843d8ef ("drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors") Cc: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Cc: Daniel Vetter <daniel.vetter(a)ffwll.ch> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: stable(a)vger.kernel.org Cc: David Airlie <airlied(a)linux.ie> Signed-off-by: Lyude Paul <lyude(a)redhat.com> --- drivers/gpu/drm/drm_atomic_helper.c | 60 +++++++++++++++++++++---- drivers/gpu/drm/drm_atomic_uapi.c | 21 --------- drivers/gpu/drm/drm_connector.c | 10 ++--- drivers/gpu/drm/i915/intel_dp_mst.c | 8 ++-- include/drm/drm_connector.h | 68 ++++++++++++++++++++++++++++- 5 files changed, 127 insertions(+), 40 deletions(-) diff --git a/drivers/gpu/drm/drm_atomic_helper.c b/drivers/gpu/drm/drm_atomic_helper.c index 6f66777dca4b..6cadeaf28ae4 100644 --- a/drivers/gpu/drm/drm_atomic_helper.c +++ b/drivers/gpu/drm/drm_atomic_helper.c @@ -529,6 +529,35 @@ mode_valid(struct drm_atomic_state *state) return 0; } +static int +unregistered_connector_check(struct drm_atomic_state *state, + struct drm_connector *connector, + struct drm_connector_state *old_conn_state, + struct drm_connector_state *new_conn_state) +{ + struct drm_crtc_state *crtc_state; + struct drm_crtc *crtc; + + if (!drm_connector_unregistered(connector)) + return 0; + + crtc = new_conn_state->crtc; + if (!crtc) + return 0; + + crtc_state = drm_atomic_get_new_crtc_state(state, crtc); + if (!crtc_state || !drm_atomic_crtc_needs_modeset(crtc_state)) + return 0; + + if (crtc_state->mode_changed) { + DRM_DEBUG_ATOMIC("[CONNECTOR:%d:%s] can't change mode on unregistered connector\n", + connector->base.id, connector->name); + return -EINVAL; + } + + return 0; +} + /** * drm_atomic_helper_check_modeset - validate state object for modeset changes * @dev: DRM device @@ -684,18 +713,33 @@ drm_atomic_helper_check_modeset(struct drm_device *dev, return ret; } - /* - * Iterate over all connectors again, to make sure atomic_check() - * has been called on them when a modeset is forced. - */ for_each_oldnew_connector_in_state(state, connector, old_connector_state, new_connector_state, i) { const struct drm_connector_helper_funcs *funcs = connector->helper_private; - if (connectors_mask & BIT(i)) - continue; + /* Make sure atomic_check() is called on any unchecked + * connectors when a modeset has been forced + */ + if (connectors_mask & BIT(i) && funcs->atomic_check) { + ret = funcs->atomic_check(connector, + new_connector_state); + if (ret) + return ret; + } - if (funcs->atomic_check) - ret = funcs->atomic_check(connector, new_connector_state); + /* + * Prevent userspace from turning on new displays or setting + * new modes using connectors which have been removed from + * userspace. This is racy since an unplug could happen at any + * time including after this check, but that's OK: we only + * care about preventing userspace from trying to set invalid + * state using destroyed connectors that it's been notified + * about. No one can save us after the atomic check completes + * but ourselves. + */ + ret = unregistered_connector_check(state, + connector, + old_connector_state, + new_connector_state); if (ret) return ret; } diff --git a/drivers/gpu/drm/drm_atomic_uapi.c b/drivers/gpu/drm/drm_atomic_uapi.c index a22d6f269b07..d5b7f315098c 100644 --- a/drivers/gpu/drm/drm_atomic_uapi.c +++ b/drivers/gpu/drm/drm_atomic_uapi.c @@ -299,27 +299,6 @@ drm_atomic_set_crtc_for_connector(struct drm_connector_state *conn_state, struct drm_connector *connector = conn_state->connector; struct drm_crtc_state *crtc_state; - /* - * For compatibility with legacy users, we want to make sure that - * we allow DPMS On<->Off modesets on unregistered connectors, since - * legacy modesetting users will not be expecting these to fail. We do - * not however, want to allow legacy users to assign a connector - * that's been unregistered from sysfs to another CRTC, since doing - * this with a now non-existent connector could potentially leave us - * in an invalid state. - * - * Since the connector can be unregistered at any point during an - * atomic check or commit, this is racy. But that's OK: all we care - * about is ensuring that userspace can't use this connector for new - * configurations after it's been notified that the connector is no - * longer present. - */ - if (!READ_ONCE(connector->registered) && crtc) { - DRM_DEBUG_ATOMIC("[CONNECTOR:%d:%s] is not registered\n", - connector->base.id, connector->name); - return -EINVAL; - } - if (conn_state->crtc == crtc) return 0; diff --git a/drivers/gpu/drm/drm_connector.c b/drivers/gpu/drm/drm_connector.c index 5d01414ec9f7..79943102fe18 100644 --- a/drivers/gpu/drm/drm_connector.c +++ b/drivers/gpu/drm/drm_connector.c @@ -396,7 +396,7 @@ void drm_connector_cleanup(struct drm_connector *connector) /* The connector should have been removed from userspace long before * it is finally destroyed. */ - if (WARN_ON(connector->registered)) + if (WARN_ON(!drm_connector_unregistered(connector))) drm_connector_unregister(connector); if (connector->tile_group) { @@ -453,7 +453,7 @@ int drm_connector_register(struct drm_connector *connector) return 0; mutex_lock(&connector->mutex); - if (connector->registered) + if (connector->registration_state != DRM_CONNECTOR_INITIALIZING) goto unlock; ret = drm_sysfs_connector_add(connector); @@ -473,7 +473,7 @@ int drm_connector_register(struct drm_connector *connector) drm_mode_object_register(connector->dev, &connector->base); - connector->registered = true; + connector->registration_state = DRM_CONNECTOR_REGISTERED; goto unlock; err_debugfs: @@ -495,7 +495,7 @@ EXPORT_SYMBOL(drm_connector_register); void drm_connector_unregister(struct drm_connector *connector) { mutex_lock(&connector->mutex); - if (!connector->registered) { + if (connector->registration_state != DRM_CONNECTOR_REGISTERED) { mutex_unlock(&connector->mutex); return; } @@ -506,7 +506,7 @@ void drm_connector_unregister(struct drm_connector *connector) drm_sysfs_connector_remove(connector); drm_debugfs_connector_remove(connector); - connector->registered = false; + connector->registration_state = DRM_CONNECTOR_UNREGISTERED; mutex_unlock(&connector->mutex); } EXPORT_SYMBOL(drm_connector_unregister); diff --git a/drivers/gpu/drm/i915/intel_dp_mst.c b/drivers/gpu/drm/i915/intel_dp_mst.c index b268bdd71bd3..ad367309e10b 100644 --- a/drivers/gpu/drm/i915/intel_dp_mst.c +++ b/drivers/gpu/drm/i915/intel_dp_mst.c @@ -78,7 +78,7 @@ static bool intel_dp_mst_compute_config(struct intel_encoder *encoder, pipe_config->pbn = mst_pbn; /* Zombie connectors can't have VCPI slots */ - if (READ_ONCE(connector->registered)) { + if (!drm_connector_unregistered(connector)) { slots = drm_dp_atomic_find_vcpi_slots(state, &intel_dp->mst_mgr, port, @@ -314,7 +314,7 @@ static int intel_dp_mst_get_ddc_modes(struct drm_connector *connector) struct edid *edid; int ret; - if (!READ_ONCE(connector->registered)) + if (drm_connector_unregistered(connector)) return intel_connector_update_modes(connector, NULL); edid = drm_dp_mst_get_edid(connector, &intel_dp->mst_mgr, intel_connector->port); @@ -330,7 +330,7 @@ intel_dp_mst_detect(struct drm_connector *connector, bool force) struct intel_connector *intel_connector = to_intel_connector(connector); struct intel_dp *intel_dp = intel_connector->mst_port; - if (!READ_ONCE(connector->registered)) + if (drm_connector_unregistered(connector)) return connector_status_disconnected; return drm_dp_mst_detect_port(connector, &intel_dp->mst_mgr, intel_connector->port); @@ -361,7 +361,7 @@ intel_dp_mst_mode_valid(struct drm_connector *connector, int bpp = 24; /* MST uses fixed bpp */ int max_rate, mode_rate, max_lanes, max_link_clock; - if (!READ_ONCE(connector->registered)) + if (drm_connector_unregistered(connector)) return MODE_ERROR; if (mode->flags & DRM_MODE_FLAG_DBLSCAN) diff --git a/include/drm/drm_connector.h b/include/drm/drm_connector.h index 5b3cf909fd5e..5f3e4a37bcd2 100644 --- a/include/drm/drm_connector.h +++ b/include/drm/drm_connector.h @@ -82,6 +82,51 @@ enum drm_connector_status { connector_status_unknown = 3, }; +/** + * enum drm_connector_registration_status - userspace registration status for + * a &drm_connector + * + * This enum is used to track the status of initializing a connector and + * registering it with userspace, so that DRM can prevent bogus modesets on + * connectors that no longer exist. + */ +enum drm_connector_registration_state { + /** + * @DRM_CONNECTOR_INITIALIZING: The connector has just been created, + * but has yet to be exposed to userspace. There should be no + * additional restrictions to how the state of this connector may be + * modified. connector to a new CRTC. + */ + DRM_CONNECTOR_INITIALIZING = 0, + + /** + * @DRM_CONNECTOR_REGISTERED: The connector has been fully initialized + * and registered with sysfs, as such it has been exposed to + * userspace. There should be no additional restrictions to how the + * state of this connector may be modified. + */ + DRM_CONNECTOR_REGISTERED = 1, + + /** + * @DRM_CONNECTOR_UNREGISTERED: The connector has either been exposed + * to userspace and has since been unregistered and removed from + * userspace, or the connector was destroyed before it had a chance to + * be exposed to userspace. There are additional restrictions to how + * the state of an unregistered connector may be modified: + * + * - The current display mode as exposed to userspace must remain the + * same as it was when the connector was unregistered. + * - The connector's currently assigned CRTC may be unassigned from + * this connector. Unassigning the connector's CRTC must be + * permanent. + * - New CRTCs must not be assigned to this connector. + * - The DPMS state of the connector (for compatibility with legacy + * modesetting) may modified freely, so long as doing so does not + * cause the new atomic state to violate any of these rules. + */ + DRM_CONNECTOR_UNREGISTERED = 2, +}; + enum subpixel_order { SubPixelUnknown = 0, SubPixelHorizontalRGB, @@ -853,10 +898,12 @@ struct drm_connector { bool ycbcr_420_allowed; /** - * @registered: Is this connector exposed (registered) with userspace? + * @registration_state: Is this connector initializing, exposed + * (registered) with userspace, or unregistered? + * * Protected by @mutex. */ - bool registered; + enum drm_connector_registration_state registration_state; /** * @modes: @@ -1167,6 +1214,23 @@ static inline void drm_connector_unreference(struct drm_connector *connector) drm_connector_put(connector); } +/** + * drm_connector_unregistered - has the connector been unregistered from + * userspace? + * @connector: DRM connector + * + * Checks whether or not @connector has been unregistered from userspace. + * + * Returns: + * True if the connector was unregistered, false if the connector is + * registered or has not yet been registered with userspace. + */ +static inline bool drm_connector_unregistered(struct drm_connector *connector) +{ + return READ_ONCE(connector->registration_state) == + DRM_CONNECTOR_UNREGISTERED; +} + const char *drm_get_connector_status_name(enum drm_connector_status status); const char *drm_get_subpixel_order_name(enum subpixel_order order); const char *drm_get_dpms_name(int val); -- 2.17.2

7 years

2
1
0 0

patch "USB: fix the usbfs flag sanitization for control transfers" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: fix the usbfs flag sanitization for control transfers to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 665c365a77fbfeabe52694aedf3446d5f2f1ce42 Mon Sep 17 00:00:00 2001 From: Alan Stern <stern(a)rowland.harvard.edu> Date: Mon, 15 Oct 2018 16:55:04 -0400 Subject: USB: fix the usbfs flag sanitization for control transfers Commit 7a68d9fb8510 ("USB: usbdevfs: sanitize flags more") checks the transfer flags for URBs submitted from userspace via usbfs. However, the check for whether the USBDEVFS_URB_SHORT_NOT_OK flag should be allowed for a control transfer was added in the wrong place, before the code has properly determined the direction of the control transfer. (Control transfers are special because for them, the direction is set by the bRequestType byte of the Setup packet rather than direction bit of the endpoint address.) This patch moves code which sets up the allow_short flag for control transfers down after is_in has been set to the correct value. Signed-off-by: Alan Stern <stern(a)rowland.harvard.edu> Reported-and-tested-by: syzbot+24a30223a4b609bb802e(a)syzkaller.appspotmail.com Fixes: 7a68d9fb8510 ("USB: usbdevfs: sanitize flags more") CC: Oliver Neukum <oneukum(a)suse.com> CC: <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/core/devio.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c index 244417d0dfd1..ffccd40ea67d 100644 --- a/drivers/usb/core/devio.c +++ b/drivers/usb/core/devio.c @@ -1474,8 +1474,6 @@ static int proc_do_submiturb(struct usb_dev_state *ps, struct usbdevfs_urb *uurb u = 0; switch (uurb->type) { case USBDEVFS_URB_TYPE_CONTROL: - if (is_in) - allow_short = true; if (!usb_endpoint_xfer_control(&ep->desc)) return -EINVAL; /* min 8 byte setup packet */ @@ -1505,6 +1503,8 @@ static int proc_do_submiturb(struct usb_dev_state *ps, struct usbdevfs_urb *uurb is_in = 0; uurb->endpoint &= ~USB_DIR_IN; } + if (is_in) + allow_short = true; snoop(&ps->dev->dev, "control urb: bRequestType=%02x " "bRequest=%02x wValue=%04x " "wIndex=%04x wLength=%04x\n", -- 2.19.1

7 years

1
0
0 0

[GIT PULL] commits for Linux 4.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 7da07a3216a00aa3c523db4539fc6914497d0576: Linux 4.18.12 (2018-10-03 16:59:28 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.18-12102018 for you to fetch changes up to 6504d46ffb696d2b116606dbb44a16b06241cf49: mm: slowly shrink slabs with a relatively small number of objects (2018-10-03 22:24:11 -0400) - ---------------------------------------------------------------- for-greg-4.18-12102018 - ---------------------------------------------------------------- Akshu Agrawal (1): ASoC: AMD: Ensure reset bit is cleared before configuring Amber Lin (1): drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 Anders Roxell (2): selftests: android: move config up a level selftests: add headers_install to lib.mk Charles Keepax (1): ASoC: dapm: Fix NULL pointer deference on CODEC to CODEC DAIs Corentin Labbe (1): net: ethernet: ti: add missing GENERIC_ALLOCATOR dependency Dan Carpenter (1): scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted() Danny Smith (1): ASoC: sigmadsp: safeload should not have lower byte limit Guenter Roeck (4): hwmon: (nct6775) Fix access to fan pulse registers hwmon: (nct6775) Fix virtual temperature sources for NCT6796D hwmon: (nct6775) Fix RPM output for fan7 on NCT6796D hwmon: (nct6775) Use different register to get fan RPM for fan7 Hans de Goede (2): clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail clk: x86: Stop marking clocks as CLK_IS_CRITICAL Hermes Zhang (1): Bluetooth: hci_ldisc: Free rw_semaphore on close Jay Kamat (2): Fix cg_read_strcmp() Add tests for memory.oom.group Johan Hedberg (1): Bluetooth: SMP: Fix trying to use non-existent local OOB data Jongsung Kim (1): stmmac: fix valid numbers of unicast filter entries Kuninori Morimoto (2): ASoC: rsnd: adg: care clock-frequency size ASoC: rsnd: don't fallback to PIO mode when -EPROBE_DEFER Laura Abbott (1): scsi: iscsi: target: Don't use stack buffer for scatterlist Lei Yang (2): selftests/efivarfs: add required kernel configs selftests: memory-hotplug: add required configs Martin KaFai Lau (1): bpf: btf: Fix end boundary calculation for type section Matias Karhumaa (1): Bluetooth: Use correct tfm to generate OOB data Nicholas Piggin (1): KVM: PPC: Book3S HV: Don't use compound_order to determine host mapping size Nicolas Ferre (2): net: macb: disable scatter-gather for macb on sama5d3 ARM: dts: at91: add new compatibility string for macb on sama5d3 Oder Chiou (1): ASoC: rt5514: Fix the issue of the delay volume applied again Pierre-Louis Bossart (1): ASoC: wm8804: Add ACPI support Richard Weinberger (1): ubifs: Check for name being NULL while mounting Roman Gushchin (1): mm: slowly shrink slabs with a relatively small number of objects Ryan Lee (2): ASoC: max98373: Added speaker FS gain cotnrol register to volatile. ASoC: max98373: Added 10ms sleep after amp software reset Simon Detheridge (1): pinctrl: cannonlake: Fix gpio base for GPP-E Srinivas Kandagatla (1): ASoC: q6routing: initialize data correctly Stephen Hemminger (2): PCI: hv: support reporting serial number as slot information hv_netvsc: pair VF based on serial number Thiago Jung Bauermann (1): selftests: kselftest: Remove outdated comment Tony Lindgren (1): mfd: omap-usb-host: Fix dts probe of children Tushar Dave (1): bpf: use __GFP_COMP while allocating page Vitaly Kuznetsov (1): x86/kvm/lapic: always disable MMIO interface in x2APIC mode Yong Zhao (2): drm/amdkfd: Change the control stack MTYPE from UC to NC on GFX9 drm/amdkfd: Fix ATS capablity was not reported correctly on some APUs Yu Zhao (2): sound: enable interrupt after dma buffer initialization sound: don't call skl_init_chip() to reset intel skl soc zhong jiang (1): drm/pl111: Make sure of_device_id tables are NULL terminated Documentation/devicetree/bindings/net/macb.txt | 1 + Makefile | 14 +- arch/arm/boot/dts/sama5d3_emac.dtsi | 2 +- arch/powerpc/kvm/book3s_64_mmu_radix.c | 91 ++++----- arch/x86/include/uapi/asm/kvm.h | 1 + arch/x86/kvm/lapic.c | 22 ++- drivers/bluetooth/hci_ldisc.c | 2 + drivers/clk/x86/clk-pmc-atom.c | 18 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.c | 6 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gfx_v7.c | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_device.c | 3 +- drivers/gpu/drm/amd/amdkfd/kfd_iommu.c | 13 +- drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v9.c | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_priv.h | 1 + drivers/gpu/drm/amd/amdkfd/kfd_topology.c | 21 ++- drivers/gpu/drm/amd/include/kgd_kfd_interface.h | 2 +- drivers/gpu/drm/pl111/pl111_vexpress.c | 3 +- drivers/hwmon/nct6775.c | 70 ++++--- drivers/mfd/omap-usb-host.c | 11 +- drivers/net/ethernet/cadence/macb_main.c | 8 + .../net/ethernet/stmicro/stmmac/stmmac_platform.c | 5 +- drivers/net/ethernet/ti/Kconfig | 1 + drivers/net/hyperv/netvsc.c | 3 + drivers/net/hyperv/netvsc_drv.c | 58 +++--- drivers/pci/controller/pci-hyperv.c | 37 ++++ drivers/pinctrl/intel/pinctrl-cannonlake.c | 2 +- drivers/scsi/qla2xxx/qla_target.h | 4 +- drivers/target/iscsi/iscsi_target.c | 22 ++- fs/ubifs/super.c | 3 + include/sound/hdaudio.h | 1 + include/sound/soc-dapm.h | 1 + kernel/bpf/btf.c | 2 +- mm/vmscan.c | 11 ++ net/bluetooth/smp.c | 16 +- net/core/filter.c | 3 +- scripts/subarch.include | 13 ++ sound/hda/hdac_controller.c | 15 +- sound/soc/amd/acp-pcm-dma.c | 21 +++ sound/soc/codecs/max98373.c | 3 + sound/soc/codecs/rt5514.c | 8 +- sound/soc/codecs/sigmadsp.c | 3 +- sound/soc/codecs/wm8804-i2c.c | 15 +- sound/soc/intel/skylake/skl.c | 2 +- sound/soc/qcom/qdsp6/q6routing.c | 4 +- sound/soc/sh/rcar/adg.c | 5 + sound/soc/sh/rcar/core.c | 10 +- sound/soc/sh/rcar/dma.c | 4 + sound/soc/soc-core.c | 4 +- sound/soc/soc-dapm.c | 4 + tools/testing/selftests/android/Makefile | 2 +- tools/testing/selftests/android/{ion => }/config | 0 tools/testing/selftests/android/ion/Makefile | 2 + tools/testing/selftests/cgroup/cgroup_util.c | 38 +++- tools/testing/selftests/cgroup/cgroup_util.h | 1 + tools/testing/selftests/cgroup/test_memcontrol.c | 205 +++++++++++++++++++++ tools/testing/selftests/efivarfs/config | 1 + tools/testing/selftests/futex/functional/Makefile | 1 + tools/testing/selftests/gpio/Makefile | 7 +- tools/testing/selftests/kselftest.h | 1 - tools/testing/selftests/kvm/Makefile | 7 +- tools/testing/selftests/lib.mk | 12 ++ tools/testing/selftests/memory-hotplug/config | 1 + tools/testing/selftests/net/Makefile | 1 + .../selftests/networking/timestamping/Makefile | 1 + tools/testing/selftests/vm/Makefile | 4 - 66 files changed, 661 insertions(+), 198 deletions(-) create mode 100644 scripts/subarch.include rename tools/testing/selftests/android/{ion => }/config (100%) create mode 100644 tools/testing/selftests/efivarfs/config -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlvAsVIACgkQ3qZv95d3 LNzS0A/+LZrhb4rh1ifRLjDSnBSMWN6vAhRvxHt1qzmU+aFjfyhYjAUmyYjt5mVC z+zO6rHsWbplvVdQnKK+/PJdyROsOwSxpTwlsCAC7AfneMpcBdxAs+fJUczkVxgz AI8e3/hbAfqGf+RaLTDnj6muuFK1RlQCjxCjX5iu5jkWaQj1OJ+BdXXMpkynaxiz OwRRUtV8jmpv3VhU/2ae0Posk96qJoogtj/sDfWQB9t1R/pnsU8udUwFft1NfB7x 2OSwfIGm84gMrzVhgbcvHaSKzj4SqC/tsZ3Q9+cdmtA2WDOlJcwI7E7kNYeeo+tD VhVJuqtGZRQUT81WIVPIK+bLBn8tF0kkTBQyKopsHvGfxRT/+k9/nGz+WNn8Zm7G r8Uhf4c/YkXprsxvbIc+2TRaJ3hmu71HigXakdowndu42ndZmqQSPJtLZPHBP27E LBI1gz/hFCiLv13cN7cvlGmy2SVM2LbYh10st8nw6buEY4S7CKRcXxuVDrBI7wtQ PlbjdM1FWW9BnfIv8yJuzQpBycB/R9Fz+++qWV3uAXqN52tiW/51ylh+9fvEKfid +gEuAyL1pVHh1RFcRzHbX2lEZ3kDAzrWS22IRBSmQSdkForiidNZbOHyCMCV6gLt o4OUAAHzu5XnjGHZ3+dRBEPBEjTvWQPLmbDEiEtHjXiKQsI8vW4= =DhcF -----END PGP SIGNATURE-----

7 years

2
1
0 0

[PATCH 1/2] arm64: dts: meson: fix reserve memory regions

by Jerome Brunet

Since commit 50d7ba36b916 ("arm64: export memblock_reserve()d regions via /proc/iomem") was merged Amlogic's boards using mainline u-boot started showing the following warning: WARNING: CPU: 0 PID: 1 at arch/arm64/kernel/setup.c:271 reserve_memblock_reserved_regions+0xd8/0x144 Modules linked in: CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.19.0-rc7-00263-g385684b3eb27-dirty #254 pstate: 40000005 (nZcv daif -PAN -UAO) pc : reserve_memblock_reserved_regions+0xd8/0x144 lr : reserve_memblock_reserved_regions+0xd0/0x144 [...] This is due to u-boot setting some /reservedmem/ region while our dts declares reserved memory on the same region with no-map. The conflict produce the warning. This is fixed by using /reservedmem/ in our dts as well, which is probably something we should have done from the beginning. Cc: stable(a)vger.kernel.org Cc: Neil Armstrong <narmstrong(a)baylibre.com> Signed-off-by: Jerome Brunet <jbrunet(a)baylibre.com> --- Hi Kevin, I would have liked to put a Fixes tag above but I could not figure out which commit to pick, considering how much we changed those regions in the past. If you have suggestion, I'll be happy to repost this patch. If you prefer, feel free to amend this patch directly. Cheers Jerome arch/arm64/boot/dts/amlogic/meson-axg.dtsi | 24 +++++-------------- arch/arm64/boot/dts/amlogic/meson-gx.dtsi | 27 ++++++++-------------- 2 files changed, 15 insertions(+), 36 deletions(-) diff --git a/arch/arm64/boot/dts/amlogic/meson-axg.dtsi b/arch/arm64/boot/dts/amlogic/meson-axg.dtsi index 178d8e8c56b8..06a06f11f114 100644 --- a/arch/arm64/boot/dts/amlogic/meson-axg.dtsi +++ b/arch/arm64/boot/dts/amlogic/meson-axg.dtsi @@ -13,6 +13,12 @@ #include <dt-bindings/reset/amlogic,meson-axg-audio-arb.h> #include <dt-bindings/reset/amlogic,meson-axg-reset.h> +/* 16 MiB reserved for Hardware ROM Firmware */ +/memreserve/ 0x0 0x1000000; + +/* 3 MiB reserved for ARM Trusted Firmware (BL31) */ +/memreserve/ 0x05000000 0x300000; + / { compatible = "amlogic,meson-axg"; @@ -115,24 +121,6 @@ method = "smc"; }; - reserved-memory { - #address-cells = <2>; - #size-cells = <2>; - ranges; - - /* 16 MiB reserved for Hardware ROM Firmware */ - hwrom_reserved: hwrom@0 { - reg = <0x0 0x0 0x0 0x1000000>; - no-map; - }; - - /* Alternate 3 MiB reserved for ARM Trusted Firmware (BL31) */ - secmon_reserved: secmon@5000000 { - reg = <0x0 0x05000000 0x0 0x300000>; - no-map; - }; - }; - soc { compatible = "simple-bus"; #address-cells = <2>; diff --git a/arch/arm64/boot/dts/amlogic/meson-gx.dtsi b/arch/arm64/boot/dts/amlogic/meson-gx.dtsi index 676a995fb912..23e879b29b1e 100644 --- a/arch/arm64/boot/dts/amlogic/meson-gx.dtsi +++ b/arch/arm64/boot/dts/amlogic/meson-gx.dtsi @@ -13,6 +13,15 @@ #include <dt-bindings/interrupt-controller/irq.h> #include <dt-bindings/interrupt-controller/arm-gic.h> +/* 16 MiB reserved for Hardware ROM Firmware */ +/memreserve/ 0x0 0x1000000; + +/* 2 MiB reserved for ARM Trusted Firmware (BL31) */ +/memreserve/ 0x10000000 0x200000; + +/* Alternate 3 MiB reserved for ARM Trusted Firmware (BL31) */ +/memreserve/ 0x05000000 0x300000; + / { interrupt-parent = <&gic>; #address-cells = <2>; @@ -23,24 +32,6 @@ #size-cells = <2>; ranges; - /* 16 MiB reserved for Hardware ROM Firmware */ - hwrom_reserved: hwrom@0 { - reg = <0x0 0x0 0x0 0x1000000>; - no-map; - }; - - /* 2 MiB reserved for ARM Trusted Firmware (BL31) */ - secmon_reserved: secmon@10000000 { - reg = <0x0 0x10000000 0x0 0x200000>; - no-map; - }; - - /* Alternate 3 MiB reserved for ARM Trusted Firmware (BL31) */ - secmon_reserved_alt: secmon@5000000 { - reg = <0x0 0x05000000 0x0 0x300000>; - no-map; - }; - linux,cma { compatible = "shared-dma-pool"; reusable; -- 2.17.2

7 years

3
3
0 0

+ mm-proc-pid-smaps_rollup-fix-null-pointer-deref-in-smaps_pte_range.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: /proc/pid/smaps_rollup: fix NULL pointer deref in smaps_pte_range() has been added to the -mm tree. Its filename is mm-proc-pid-smaps_rollup-fix-null-pointer-deref-in-smaps_pte_range.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-proc-pid-smaps_rollup-fix-null-… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-proc-pid-smaps_rollup-fix-null-… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Vlastimil Babka <vbabka(a)suse.cz> Subject: mm: /proc/pid/smaps_rollup: fix NULL pointer deref in smaps_pte_range() Leonardo reports an apparent regression in 4.19-rc7: BUG: unable to handle kernel NULL pointer dereference at 00000000000000f0 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 3 PID: 6032 Comm: python Not tainted 4.19.0-041900rc7-lowlatency #201810071631 Hardware name: LENOVO 80UG/Toronto 4A2, BIOS 0XCN45WW 08/09/2018 RIP: 0010:smaps_pte_range+0x32d/0x540 Code: 80 00 00 00 00 74 a9 48 89 de 41 f6 40 52 40 0f 85 04 02 00 00 49 2b 30 48 c1 ee 0c 49 03 b0 98 00 00 00 49 8b 80 a0 00 00 00 <48> 8b b8 f0 00 00 00 e8 b7 ef ec ff 48 85 c0 0f 84 71 ff ff ff a8 RSP: 0018:ffffb0cbc484fb88 EFLAGS: 00010202 RAX: 0000000000000000 RBX: 0000560ddb9e9000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000560ddb9e9 RDI: 0000000000000001 RBP: ffffb0cbc484fbc0 R08: ffff94a5a227a578 R09: ffff94a5a227a578 R10: 0000000000000000 R11: 0000560ddbbe7000 R12: ffffe903098ba728 R13: ffffb0cbc484fc78 R14: ffffb0cbc484fcf8 R15: ffff94a5a2e9cf48 FS: 00007f6dfb683740(0000) GS:ffff94a5aaf80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000f0 CR3: 000000011c118001 CR4: 00000000003606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __walk_page_range+0x3c2/0x6f0 walk_page_vma+0x42/0x60 smap_gather_stats+0x79/0xe0 ? gather_pte_stats+0x320/0x320 ? gather_hugetlb_stats+0x70/0x70 show_smaps_rollup+0xcd/0x1c0 seq_read+0x157/0x400 __vfs_read+0x3a/0x180 ? security_file_permission+0x93/0xc0 ? security_file_permission+0x93/0xc0 vfs_read+0x8f/0x140 ksys_read+0x55/0xc0 __x64_sys_read+0x1a/0x20 do_syscall_64+0x5a/0x110 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Decoded code matched to local compilation+disassembly points to smaps_pte_entry(): } else if (unlikely(IS_ENABLED(CONFIG_SHMEM) && mss->check_shmem_swap && pte_none(*pte))) { page = find_get_entry(vma->vm_file->f_mapping, linear_page_index(vma, addr)); Here, vma->vm_file is NULL. mss->check_shmem_swap should be false in that case, however for smaps_rollup, smap_gather_stats() can set the flag true for one vma and leave it true for subsequent vma's where it should be false. To fix, reset the check_shmem_swap flag to false. There's also related bug which sets mss->swap to shmem_swapped, which in the context of smaps_rollup overwrites any value accumulated from previous vma's. Fix that as well. Note that the report suggests a regression between 4.17.19 and 4.19-rc7, which makes the 4.19 series ending with commit 258f669e7e88 ("mm: /proc/pid/smaps_rollup: convert to single value seq_file") suspicious. But the mss was reused for rollup since 493b0e9d945f ("mm: add /proc/pid/smaps_rollup") so let's play it safe with the stable backport. Link: http://lkml.kernel.org/r/555fbd1f-4ac9-0b58-dcd4-5dc4380ff7ca@suse.cz Link: https://bugzilla.kernel.org/show_bug.cgi?id=201377 Fixes: 493b0e9d945f ("mm: add /proc/pid/smaps_rollup") Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Reported-by: Leonardo Soares Mller <leozinho29_eu(a)hotmail.com> Tested-by: Leonardo Soares Mller <leozinho29_eu(a)hotmail.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Daniel Colascione <dancol(a)google.com> Cc: Alexey Dobriyan <adobriyan(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/proc/task_mmu.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/fs/proc/task_mmu.c~mm-proc-pid-smaps_rollup-fix-null-pointer-deref-in-smaps_pte_range +++ a/fs/proc/task_mmu.c @@ -713,6 +713,8 @@ static void smap_gather_stats(struct vm_ smaps_walk.private = mss; #ifdef CONFIG_SHMEM + /* In case of smaps_rollup, reset the value from previous vma */ + mss->check_shmem_swap = false; if (vma->vm_file && shmem_mapping(vma->vm_file->f_mapping)) { /* * For shared or readonly shmem mappings we know that all @@ -728,7 +730,7 @@ static void smap_gather_stats(struct vm_ if (!shmem_swapped || (vma->vm_flags & VM_SHARED) || !(vma->vm_flags & VM_WRITE)) { - mss->swap = shmem_swapped; + mss->swap += shmem_swapped; } else { mss->check_shmem_swap = true; smaps_walk.pte_hole = smaps_pte_hole; _ Patches currently in -mm which might be from vbabka(a)suse.cz are mm-proc-pid-smaps_rollup-fix-null-pointer-deref-in-smaps_pte_range.patch mm-slab-combine-kmalloc_caches-and-kmalloc_dma_caches.patch mm-slab-slub-introduce-kmalloc-reclaimable-caches.patch dcache-allocate-external-names-from-reclaimable-kmalloc-caches.patch mm-rename-and-change-semantics-of-nr_indirectly_reclaimable_bytes.patch mm-proc-add-kreclaimable-to-proc-meminfo.patch mm-slab-shorten-kmalloc-cache-names-for-large-sizes.patch

7 years

2
1
0 0

[GIT] PATCHES

by David Miller

Please queue up the following networking bug fixes for v4.14 and v4.18 -stable, respectively. Thanks!

7 years

2
1
0 0

[PATCH AUTOSEL 3.18 01/15] xfrm: Validate address prefix lengths in the xfrm selector.

by Sasha Levin

From: Steffen Klassert <steffen.klassert(a)secunet.com> [ Upstream commit 07bf7908950a8b14e81aa1807e3c667eab39287a ] We don't validate the address prefix lengths in the xfrm selector we got from userspace. This can lead to undefined behaviour in the address matching functions if the prefix is too big for the given address family. Fix this by checking the prefixes and refuse SA/policy insertation when a prefix is invalid. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Reported-by: Air Icy <icytxw(a)gmail.com> Signed-off-by: Steffen Klassert <steffen.klassert(a)secunet.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- net/xfrm/xfrm_user.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 4fe43d80c153..ca99638b5d5a 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -150,10 +150,16 @@ static int verify_newsa_info(struct xfrm_usersa_info *p, err = -EINVAL; switch (p->family) { case AF_INET: + if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32) + goto out; + break; case AF_INET6: #if IS_ENABLED(CONFIG_IPV6) + if (p->sel.prefixlen_d > 128 || p->sel.prefixlen_s > 128) + goto out; + break; #else err = -EAFNOSUPPORT; @@ -1285,10 +1291,16 @@ static int verify_newpolicy_info(struct xfrm_userpolicy_info *p) switch (p->sel.family) { case AF_INET: + if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32) + return -EINVAL; + break; case AF_INET6: #if IS_ENABLED(CONFIG_IPV6) + if (p->sel.prefixlen_d > 128 || p->sel.prefixlen_s > 128) + return -EINVAL; + break; #else return -EAFNOSUPPORT; -- 2.17.1

7 years

1
14
0 0

[PATCH AUTOSEL 4.9 01/38] xfrm: Validate address prefix lengths in the xfrm selector.

by Sasha Levin

From: Steffen Klassert <steffen.klassert(a)secunet.com> [ Upstream commit 07bf7908950a8b14e81aa1807e3c667eab39287a ] We don't validate the address prefix lengths in the xfrm selector we got from userspace. This can lead to undefined behaviour in the address matching functions if the prefix is too big for the given address family. Fix this by checking the prefixes and refuse SA/policy insertation when a prefix is invalid. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Reported-by: Air Icy <icytxw(a)gmail.com> Signed-off-by: Steffen Klassert <steffen.klassert(a)secunet.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- net/xfrm/xfrm_user.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 6e768093d7c8..b7ac834a6091 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -151,10 +151,16 @@ static int verify_newsa_info(struct xfrm_usersa_info *p, err = -EINVAL; switch (p->family) { case AF_INET: + if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32) + goto out; + break; case AF_INET6: #if IS_ENABLED(CONFIG_IPV6) + if (p->sel.prefixlen_d > 128 || p->sel.prefixlen_s > 128) + goto out; + break; #else err = -EAFNOSUPPORT; @@ -1316,10 +1322,16 @@ static int verify_newpolicy_info(struct xfrm_userpolicy_info *p) switch (p->sel.family) { case AF_INET: + if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32) + return -EINVAL; + break; case AF_INET6: #if IS_ENABLED(CONFIG_IPV6) + if (p->sel.prefixlen_d > 128 || p->sel.prefixlen_s > 128) + return -EINVAL; + break; #else return -EAFNOSUPPORT; -- 2.17.1

7 years

1
37
0 0

[PATCH AUTOSEL 4.14 01/61] xfrm: Validate address prefix lengths in the xfrm selector.

by Sasha Levin

From: Steffen Klassert <steffen.klassert(a)secunet.com> [ Upstream commit 07bf7908950a8b14e81aa1807e3c667eab39287a ] We don't validate the address prefix lengths in the xfrm selector we got from userspace. This can lead to undefined behaviour in the address matching functions if the prefix is too big for the given address family. Fix this by checking the prefixes and refuse SA/policy insertation when a prefix is invalid. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Reported-by: Air Icy <icytxw(a)gmail.com> Signed-off-by: Steffen Klassert <steffen.klassert(a)secunet.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- net/xfrm/xfrm_user.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 5554d28a32eb..4292347bf45e 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -151,10 +151,16 @@ static int verify_newsa_info(struct xfrm_usersa_info *p, err = -EINVAL; switch (p->family) { case AF_INET: + if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32) + goto out; + break; case AF_INET6: #if IS_ENABLED(CONFIG_IPV6) + if (p->sel.prefixlen_d > 128 || p->sel.prefixlen_s > 128) + goto out; + break; #else err = -EAFNOSUPPORT; @@ -1353,10 +1359,16 @@ static int verify_newpolicy_info(struct xfrm_userpolicy_info *p) switch (p->sel.family) { case AF_INET: + if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32) + return -EINVAL; + break; case AF_INET6: #if IS_ENABLED(CONFIG_IPV6) + if (p->sel.prefixlen_d > 128 || p->sel.prefixlen_s > 128) + return -EINVAL; + break; #else return -EAFNOSUPPORT; -- 2.17.1

7 years

1
60
0 0

[PATCH AUTOSEL 4.18 001/100] xfrm: Validate address prefix lengths in the xfrm selector.

by Sasha Levin

From: Steffen Klassert <steffen.klassert(a)secunet.com> [ Upstream commit 07bf7908950a8b14e81aa1807e3c667eab39287a ] We don't validate the address prefix lengths in the xfrm selector we got from userspace. This can lead to undefined behaviour in the address matching functions if the prefix is too big for the given address family. Fix this by checking the prefixes and refuse SA/policy insertation when a prefix is invalid. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Reported-by: Air Icy <icytxw(a)gmail.com> Signed-off-by: Steffen Klassert <steffen.klassert(a)secunet.com> Signed-off-by: Sasha Levin <sashal(a)kernel.org> --- net/xfrm/xfrm_user.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index 33878e6e0d0a..5151b3ebf068 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -151,10 +151,16 @@ static int verify_newsa_info(struct xfrm_usersa_info *p, err = -EINVAL; switch (p->family) { case AF_INET: + if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32) + goto out; + break; case AF_INET6: #if IS_ENABLED(CONFIG_IPV6) + if (p->sel.prefixlen_d > 128 || p->sel.prefixlen_s > 128) + goto out; + break; #else err = -EAFNOSUPPORT; @@ -1359,10 +1365,16 @@ static int verify_newpolicy_info(struct xfrm_userpolicy_info *p) switch (p->sel.family) { case AF_INET: + if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32) + return -EINVAL; + break; case AF_INET6: #if IS_ENABLED(CONFIG_IPV6) + if (p->sel.prefixlen_d > 128 || p->sel.prefixlen_s > 128) + return -EINVAL; + break; #else return -EAFNOSUPPORT; -- 2.17.1

7 years

1
99
0 0

Re: [PATCH] powerpc/traps: restore recoverability of machine_check interrupts

by Christophe LEROY

Cc: stable(a)vger.kernel.org <stable(a)vger.kernel.org> Le 13/10/2018 à 11:16, Christophe Leroy a écrit : > commit b96672dd840f ("powerpc: Machine check interrupt is a non- > maskable interrupt") added a call to nmi_enter() at the beginning of > machine check restart exception handler. Due to that, in_interrupt() > always returns true regardless of the state before entering the > exception, and die() panics even when the system was not already in > interrupt. > > This patch calls nmi_exit() before calling die() in order to restore > the interrupt state we had before calling nmi_enter() > > Fixes: b96672dd840f ("powerpc: Machine check interrupt is a non-maskable interrupt") > Signed-off-by: Christophe Leroy <christophe.leroy(a)c-s.fr> > --- > arch/powerpc/kernel/traps.c | 9 +++++++-- > 1 file changed, 7 insertions(+), 2 deletions(-) > > diff --git a/arch/powerpc/kernel/traps.c b/arch/powerpc/kernel/traps.c > index fd58749b4d6b..4f880c2a6e4c 100644 > --- a/arch/powerpc/kernel/traps.c > +++ b/arch/powerpc/kernel/traps.c > @@ -765,12 +765,17 @@ void machine_check_exception(struct pt_regs *regs) > if (check_io_access(regs)) > goto bail; > > - die("Machine check", regs, SIGBUS); > - > /* Must die if the interrupt is not recoverable */ > if (!(regs->msr & MSR_RI)) > nmi_panic(regs, "Unrecoverable Machine check"); > > + if (!nested) > + nmi_exit(); > + > + die("Machine check", regs, SIGBUS); > + > + return; > + > bail: > if (!nested) > nmi_exit(); >

7 years

2
1
0 0

[PATCH] ext4: Fix error code in ext4_xattr_set_entry()

by Daniel Rosenberg

ext4_xattr_set_entry should return EFSCORRUPTED instead of EIO for corrupted xattr entries. Fixes b469713e0c0c ("ext4: add corruption check in ext4_xattr_set_entry()") Signed-off-by: Daniel Rosenberg <drosen(a)google.com> --- Apply to 4.9 fs/ext4/xattr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index c10180d0b0189..7d6da09e637b7 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -657,7 +657,7 @@ ext4_xattr_set_entry(struct ext4_xattr_info *i, struct ext4_xattr_search *s, next = EXT4_XATTR_NEXT(last); if ((void *)next >= s->end) { EXT4_ERROR_INODE(inode, "corrupted xattr entries"); - return -EIO; + return -EFSCORRUPTED; } if (last->e_value_size) { size_t offs = le16_to_cpu(last->e_value_offs); -- 2.19.1.331.ge82ca0e54c-goog

7 years

1
0
0 0

[PATCH v2] ext4: add corruption check in ext4_xattr_set_entry()

by Daniel Rosenberg

From: Theodore Ts'o <tytso(a)mit.edu> commit 5369a762c882c0b6e9599e4ebbb3a9ba9eee7e2d upstream. In theory this should have been caught earlier when the xattr list was verified, but in case it got missed, it's simple enough to add check to make sure we don't overrun the xattr buffer. This addresses CVE-2018-10879. https://bugzilla.kernel.org/show_bug.cgi?id=200001 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Reviewed-by: Andreas Dilger <adilger(a)dilger.ca> [bwh: Backported to 3.16: - Add inode parameter to ext4_xattr_set_entry() and update callers - Adjust context] Signed-off-by: Ben Hutchings <ben(a)decadent.org.uk> [adjusted for 4.4 context] Signed-off-by: Daniel Rosenberg <drosen(a)google.com> --- fs/ext4/xattr.c | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index d0aaf338fa9fa..d6bae37489af0 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -638,14 +638,20 @@ static size_t ext4_xattr_free_space(struct ext4_xattr_entry *last, } static int -ext4_xattr_set_entry(struct ext4_xattr_info *i, struct ext4_xattr_search *s) +ext4_xattr_set_entry(struct ext4_xattr_info *i, struct ext4_xattr_search *s, + struct inode *inode) { - struct ext4_xattr_entry *last; + struct ext4_xattr_entry *last, *next; size_t free, min_offs = s->end - s->base, name_len = strlen(i->name); /* Compute min_offs and last. */ last = s->first; - for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) { + for (; !IS_LAST_ENTRY(last); last = next) { + next = EXT4_XATTR_NEXT(last); + if ((void *)next >= s->end) { + EXT4_ERROR_INODE(inode, "corrupted xattr entries"); + return -EFSCORRUPTED; + } if (!last->e_value_block && last->e_value_size) { size_t offs = le16_to_cpu(last->e_value_offs); if (offs < min_offs) @@ -825,7 +831,7 @@ ext4_xattr_block_set(handle_t *handle, struct inode *inode, ce = NULL; } ea_bdebug(bs->bh, "modifying in-place"); - error = ext4_xattr_set_entry(i, s); + error = ext4_xattr_set_entry(i, s, inode); if (!error) { if (!IS_LAST_ENTRY(s->first)) ext4_xattr_rehash(header(s->base), @@ -875,7 +881,7 @@ ext4_xattr_block_set(handle_t *handle, struct inode *inode, s->end = s->base + sb->s_blocksize; } - error = ext4_xattr_set_entry(i, s); + error = ext4_xattr_set_entry(i, s, inode); if (error == -EFSCORRUPTED) goto bad_block; if (error) @@ -1037,7 +1043,7 @@ int ext4_xattr_ibody_inline_set(handle_t *handle, struct inode *inode, if (EXT4_I(inode)->i_extra_isize == 0) return -ENOSPC; - error = ext4_xattr_set_entry(i, s); + error = ext4_xattr_set_entry(i, s, inode); if (error) { if (error == -ENOSPC && ext4_has_inline_data(inode)) { @@ -1049,7 +1055,7 @@ int ext4_xattr_ibody_inline_set(handle_t *handle, struct inode *inode, error = ext4_xattr_ibody_find(inode, i, is); if (error) return error; - error = ext4_xattr_set_entry(i, s); + error = ext4_xattr_set_entry(i, s, inode); } if (error) return error; @@ -1075,7 +1081,7 @@ static int ext4_xattr_ibody_set(handle_t *handle, struct inode *inode, if (EXT4_I(inode)->i_extra_isize == 0) return -ENOSPC; - error = ext4_xattr_set_entry(i, s); + error = ext4_xattr_set_entry(i, s, inode); if (error) return error; header = IHDR(inode, ext4_raw_inode(&is->iloc)); -- 2.19.1.331.ge82ca0e54c-goog

7 years

1
0
0 0

[PATCH] Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM

by Mikhail Nikiforov

Add ELAN061C to the ACPI table to support Elan touchpad found in Lenovo IdeaPad 330-15IGM. Signed-off-by: Mikhail Nikiforov <jackxviichaos(a)gmail.com> Cc: stable(a)vger.kernel.org --- drivers/input/mouse/elan_i2c_core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/input/mouse/elan_i2c_core.c b/drivers/input/mouse/elan_i2c_core.c index f5ae24865355..b0f9d19b3410 100644 --- a/drivers/input/mouse/elan_i2c_core.c +++ b/drivers/input/mouse/elan_i2c_core.c @@ -1346,6 +1346,7 @@ static const struct acpi_device_id elan_acpi_id[] = { { "ELAN0611", 0 }, { "ELAN0612", 0 }, { "ELAN0618", 0 }, + { "ELAN061C", 0 }, { "ELAN061D", 0 }, { "ELAN0622", 0 }, { "ELAN1000", 0 }, -- 2.17.1

7 years

2
1
0 0

[PATCH] acpi, nfit: Fix Address Range Scrub completion tracking

by Dan Williams

The Address Range Scrub implementation tried to skip running scrubs against ranges that were already scrubbed by the BIOS. Unfortunately that support also resulted in early scrub completions as evidenced by this debug output from nfit_test: nd_region region9: ARS: range 1 short complete nd_region region3: ARS: range 1 short complete nd_region region4: ARS: range 2 ARS start (0) nd_region region4: ARS: range 2 short complete ...i.e. completions without any indications that the scrub was started. This state of affairs was hard to see in the code due to the proliferation of state bits and mistakenly trying to track done state per-range when the completion is a global property of the bus. So, kill the four ARS state bits (ARS_REQ, ARS_REQ_REDO, ARS_DONE, and ARS_SHORT), and replace them with just 2 request flags ARS_REQ_SHORT and ARS_REQ_LONG. The implementation will still complete and reap the results of BIOS initiated ARS, but it will not attempt to use that information to affect the completion status of scrubbing the ranges from a Linux perspective. Instead, try to synchronously run a short ARS per range at init time and schedule a long scrub in the background. If ARS is busy with an ARS request schedule both a short and a long scrub for when ARS returns to idle. This logic also satisfies the intent of what ARS_REQ_REDO was trying to achieve. The new rule is that the REQ flag stays set until the next successful ars_start() for that range. With the new policy that the REQ flags are not cleared until the next start, the implementation no longer loses requests as can be seen from the following log: nd_region region3: ARS: range 1 ARS start short (0) nd_region region9: ARS: range 1 ARS start short (0) nd_region region3: ARS: range 1 complete nd_region region4: ARS: range 2 ARS start short (0) nd_region region9: ARS: range 1 complete nd_region region9: ARS: range 1 ARS start long (0) nd_region region4: ARS: range 2 complete nd_region region3: ARS: range 1 ARS start long (0) nd_region region9: ARS: range 1 complete nd_region region3: ARS: range 1 complete nd_region region4: ARS: range 2 ARS start long (0) nd_region region4: ARS: range 2 complete ...note that the nfit_test emulated driver provides 2 buses, that is why some of the range indices are duplicated. Notice that each range now successfully completes a short and long scrub. Cc: <stable(a)vger.kernel.org> Fixes: 14c73f997a5e ("nfit, address-range-scrub: introduce nfit_spa->ars_state") Fixes: cc3d3458d46f ("acpi/nfit: queue issuing of ars when an uc error...") Reported-by: Jacek Zloch <jacek.zloch(a)intel.com> Reported-by: Krzysztof Rusocki <krzysztof.rusocki(a)intel.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- drivers/acpi/nfit/core.c | 169 ++++++++++++++++++++++++++-------------------- drivers/acpi/nfit/nfit.h | 10 +-- 2 files changed, 101 insertions(+), 78 deletions(-) diff --git a/drivers/acpi/nfit/core.c b/drivers/acpi/nfit/core.c index a0dfbcf8220d..f7efcd9843e0 100644 --- a/drivers/acpi/nfit/core.c +++ b/drivers/acpi/nfit/core.c @@ -2572,7 +2572,8 @@ static int ars_get_cap(struct acpi_nfit_desc *acpi_desc, return cmd_rc; } -static int ars_start(struct acpi_nfit_desc *acpi_desc, struct nfit_spa *nfit_spa) +static int ars_start(struct acpi_nfit_desc *acpi_desc, + struct nfit_spa *nfit_spa, enum nfit_ars_state req_type) { int rc; int cmd_rc; @@ -2583,7 +2584,7 @@ static int ars_start(struct acpi_nfit_desc *acpi_desc, struct nfit_spa *nfit_spa memset(&ars_start, 0, sizeof(ars_start)); ars_start.address = spa->address; ars_start.length = spa->length; - if (test_bit(ARS_SHORT, &nfit_spa->ars_state)) + if (req_type == ARS_REQ_SHORT) ars_start.flags = ND_ARS_RETURN_PREV_DATA; if (nfit_spa_type(spa) == NFIT_SPA_PM) ars_start.type = ND_ARS_PERSISTENT; @@ -2640,6 +2641,15 @@ static void ars_complete(struct acpi_nfit_desc *acpi_desc, struct nd_region *nd_region = nfit_spa->nd_region; struct device *dev; + lockdep_assert_held(&acpi_desc->init_mutex); + /* + * Only advance the ARS state for ARS runs initiated by the + * kernel, ignore ARS results from BIOS initiated runs for scrub + * completion tracking. + */ + if (acpi_desc->scrub_spa != nfit_spa) + return; + if ((ars_status->address >= spa->address && ars_status->address < spa->address + spa->length) || (ars_status->address < spa->address)) { @@ -2659,28 +2669,13 @@ static void ars_complete(struct acpi_nfit_desc *acpi_desc, } else return; - if (test_bit(ARS_DONE, &nfit_spa->ars_state)) - return; - - if (!test_and_clear_bit(ARS_REQ, &nfit_spa->ars_state)) - return; - + acpi_desc->scrub_spa = NULL; if (nd_region) { dev = nd_region_dev(nd_region); nvdimm_region_notify(nd_region, NVDIMM_REVALIDATE_POISON); } else dev = acpi_desc->dev; - - dev_dbg(dev, "ARS: range %d %s complete\n", spa->range_index, - test_bit(ARS_SHORT, &nfit_spa->ars_state) - ? "short" : "long"); - clear_bit(ARS_SHORT, &nfit_spa->ars_state); - if (test_and_clear_bit(ARS_REQ_REDO, &nfit_spa->ars_state)) { - set_bit(ARS_SHORT, &nfit_spa->ars_state); - set_bit(ARS_REQ, &nfit_spa->ars_state); - dev_dbg(dev, "ARS: processing scrub request received while in progress\n"); - } else - set_bit(ARS_DONE, &nfit_spa->ars_state); + dev_dbg(dev, "ARS: range %d complete\n", spa->range_index); } static int ars_status_process_records(struct acpi_nfit_desc *acpi_desc) @@ -2961,46 +2956,55 @@ static int acpi_nfit_query_poison(struct acpi_nfit_desc *acpi_desc) return 0; } -static int ars_register(struct acpi_nfit_desc *acpi_desc, struct nfit_spa *nfit_spa, - int *query_rc) +static int ars_register(struct acpi_nfit_desc *acpi_desc, + struct nfit_spa *nfit_spa) { - int rc = *query_rc; + int rc; - if (no_init_ars) + if (no_init_ars || test_bit(ARS_FAILED, &nfit_spa->ars_state)) return acpi_nfit_register_region(acpi_desc, nfit_spa); - set_bit(ARS_REQ, &nfit_spa->ars_state); - set_bit(ARS_SHORT, &nfit_spa->ars_state); + set_bit(ARS_REQ_SHORT, &nfit_spa->ars_state); + set_bit(ARS_REQ_LONG, &nfit_spa->ars_state); - switch (rc) { + switch (acpi_nfit_query_poison(acpi_desc)) { case 0: case -EAGAIN: - rc = ars_start(acpi_desc, nfit_spa); - if (rc == -EBUSY) { - *query_rc = rc; + rc = ars_start(acpi_desc, nfit_spa, ARS_REQ_SHORT); + /* shouldn't happen, try again later */ + if (rc == -EBUSY) break; - } else if (rc == 0) { - rc = acpi_nfit_query_poison(acpi_desc); - } else { + if (rc) { set_bit(ARS_FAILED, &nfit_spa->ars_state); break; } - if (rc == -EAGAIN) - clear_bit(ARS_SHORT, &nfit_spa->ars_state); - else if (rc == 0) - ars_complete(acpi_desc, nfit_spa); + clear_bit(ARS_REQ_SHORT, &nfit_spa->ars_state); + rc = acpi_nfit_query_poison(acpi_desc); + if (rc) + break; + acpi_desc->scrub_spa = nfit_spa; + ars_complete(acpi_desc, nfit_spa); + /* + * If ars_complete() says we didn't complete the + * short scrub, we'll try again with a long + * request. + */ + acpi_desc->scrub_spa = NULL; break; case -EBUSY: + case -ENOMEM: case -ENOSPC: + /* + * BIOS was using ARS, wait for it to complete (or + * resources to become available) and then perform our + * own scrubs. + */ break; default: set_bit(ARS_FAILED, &nfit_spa->ars_state); break; } - if (test_and_clear_bit(ARS_DONE, &nfit_spa->ars_state)) - set_bit(ARS_REQ, &nfit_spa->ars_state); - return acpi_nfit_register_region(acpi_desc, nfit_spa); } @@ -3022,6 +3026,8 @@ static unsigned int __acpi_nfit_scrub(struct acpi_nfit_desc *acpi_desc, struct device *dev = acpi_desc->dev; struct nfit_spa *nfit_spa; + lockdep_assert_held(&acpi_desc->init_mutex); + if (acpi_desc->cancel) return 0; @@ -3045,21 +3051,49 @@ static unsigned int __acpi_nfit_scrub(struct acpi_nfit_desc *acpi_desc, ars_complete_all(acpi_desc); list_for_each_entry(nfit_spa, &acpi_desc->spas, list) { + enum nfit_ars_state req_type; + int rc; + if (test_bit(ARS_FAILED, &nfit_spa->ars_state)) continue; - if (test_bit(ARS_REQ, &nfit_spa->ars_state)) { - int rc = ars_start(acpi_desc, nfit_spa); - - clear_bit(ARS_DONE, &nfit_spa->ars_state); - dev = nd_region_dev(nfit_spa->nd_region); - dev_dbg(dev, "ARS: range %d ARS start (%d)\n", - nfit_spa->spa->range_index, rc); - if (rc == 0 || rc == -EBUSY) - return 1; - dev_err(dev, "ARS: range %d ARS failed (%d)\n", - nfit_spa->spa->range_index, rc); - set_bit(ARS_FAILED, &nfit_spa->ars_state); + + /* prefer short ARS requests first */ + if (test_bit(ARS_REQ_SHORT, &nfit_spa->ars_state)) + req_type = ARS_REQ_SHORT; + else if (test_bit(ARS_REQ_LONG, &nfit_spa->ars_state)) + req_type = ARS_REQ_LONG; + else + continue; + rc = ars_start(acpi_desc, nfit_spa, req_type); + + dev = nd_region_dev(nfit_spa->nd_region); + dev_dbg(dev, "ARS: range %d ARS start %s (%d)\n", + nfit_spa->spa->range_index, + req_type == ARS_REQ_SHORT ? "short" : "long", + rc); + /* + * Hmm, we raced someone else starting ARS? Try again in + * a bit. + */ + if (rc == -EBUSY) + return 1; + if (rc == 0) { + dev_WARN_ONCE(dev, acpi_desc->scrub_spa, + "scrub start while range %d active\n", + acpi_desc->scrub_spa->spa->range_index); + clear_bit(req_type, &nfit_spa->ars_state); + acpi_desc->scrub_spa = nfit_spa; + /* + * Consider this spa last for future scrub + * requests + */ + list_move_tail(&nfit_spa->list, &acpi_desc->spas); + return 1; } + + dev_err(dev, "ARS: range %d ARS failed (%d)\n", + nfit_spa->spa->range_index, rc); + set_bit(ARS_FAILED, &nfit_spa->ars_state); } return 0; } @@ -3115,6 +3149,7 @@ static void acpi_nfit_init_ars(struct acpi_nfit_desc *acpi_desc, struct nd_cmd_ars_cap ars_cap; int rc; + set_bit(ARS_FAILED, &nfit_spa->ars_state); memset(&ars_cap, 0, sizeof(ars_cap)); rc = ars_get_cap(acpi_desc, &ars_cap, nfit_spa); if (rc < 0) @@ -3131,16 +3166,14 @@ static void acpi_nfit_init_ars(struct acpi_nfit_desc *acpi_desc, nfit_spa->clear_err_unit = ars_cap.clear_err_unit; acpi_desc->max_ars = max(nfit_spa->max_ars, acpi_desc->max_ars); clear_bit(ARS_FAILED, &nfit_spa->ars_state); - set_bit(ARS_REQ, &nfit_spa->ars_state); } static int acpi_nfit_register_regions(struct acpi_nfit_desc *acpi_desc) { struct nfit_spa *nfit_spa; - int rc, query_rc; + int rc; list_for_each_entry(nfit_spa, &acpi_desc->spas, list) { - set_bit(ARS_FAILED, &nfit_spa->ars_state); switch (nfit_spa_type(nfit_spa->spa)) { case NFIT_SPA_VOLATILE: case NFIT_SPA_PM: @@ -3149,20 +3182,12 @@ static int acpi_nfit_register_regions(struct acpi_nfit_desc *acpi_desc) } } - /* - * Reap any results that might be pending before starting new - * short requests. - */ - query_rc = acpi_nfit_query_poison(acpi_desc); - if (query_rc == 0) - ars_complete_all(acpi_desc); - list_for_each_entry(nfit_spa, &acpi_desc->spas, list) switch (nfit_spa_type(nfit_spa->spa)) { case NFIT_SPA_VOLATILE: case NFIT_SPA_PM: /* register regions and kick off initial ARS run */ - rc = ars_register(acpi_desc, nfit_spa, &query_rc); + rc = ars_register(acpi_desc, nfit_spa); if (rc) return rc; break; @@ -3374,7 +3399,8 @@ static int acpi_nfit_clear_to_send(struct nvdimm_bus_descriptor *nd_desc, return __acpi_nfit_clear_to_send(nd_desc, nvdimm, cmd); } -int acpi_nfit_ars_rescan(struct acpi_nfit_desc *acpi_desc, unsigned long flags) +int acpi_nfit_ars_rescan(struct acpi_nfit_desc *acpi_desc, + enum nfit_ars_state req_type) { struct device *dev = acpi_desc->dev; int scheduled = 0, busy = 0; @@ -3394,14 +3420,10 @@ int acpi_nfit_ars_rescan(struct acpi_nfit_desc *acpi_desc, unsigned long flags) if (test_bit(ARS_FAILED, &nfit_spa->ars_state)) continue; - if (test_and_set_bit(ARS_REQ, &nfit_spa->ars_state)) { + if (test_and_set_bit(req_type, &nfit_spa->ars_state)) busy++; - set_bit(ARS_REQ_REDO, &nfit_spa->ars_state); - } else { - if (test_bit(ARS_SHORT, &flags)) - set_bit(ARS_SHORT, &nfit_spa->ars_state); + else scheduled++; - } } if (scheduled) { sched_ars(acpi_desc); @@ -3587,10 +3609,11 @@ static void acpi_nfit_update_notify(struct device *dev, acpi_handle handle) static void acpi_nfit_uc_error_notify(struct device *dev, acpi_handle handle) { struct acpi_nfit_desc *acpi_desc = dev_get_drvdata(dev); - unsigned long flags = (acpi_desc->scrub_mode == HW_ERROR_SCRUB_ON) ? - 0 : 1 << ARS_SHORT; - acpi_nfit_ars_rescan(acpi_desc, flags); + if (acpi_desc->scrub_mode == HW_ERROR_SCRUB_ON) + acpi_nfit_ars_rescan(acpi_desc, ARS_REQ_LONG); + else + acpi_nfit_ars_rescan(acpi_desc, ARS_REQ_SHORT); } void __acpi_nfit_notify(struct device *dev, acpi_handle handle, u32 event) diff --git a/drivers/acpi/nfit/nfit.h b/drivers/acpi/nfit/nfit.h index 8c1af38a5dee..a7d95b427efd 100644 --- a/drivers/acpi/nfit/nfit.h +++ b/drivers/acpi/nfit/nfit.h @@ -133,10 +133,8 @@ enum nfit_dimm_notifiers { }; enum nfit_ars_state { - ARS_REQ, - ARS_REQ_REDO, - ARS_DONE, - ARS_SHORT, + ARS_REQ_SHORT, + ARS_REQ_LONG, ARS_FAILED, }; @@ -223,6 +221,7 @@ struct acpi_nfit_desc { struct device *dev; u8 ars_start_flags; struct nd_cmd_ars_status *ars_status; + struct nfit_spa *scrub_spa; struct delayed_work dwork; struct list_head list; struct kernfs_node *scrub_count_state; @@ -277,7 +276,8 @@ struct nfit_blk { extern struct list_head acpi_descs; extern struct mutex acpi_desc_lock; -int acpi_nfit_ars_rescan(struct acpi_nfit_desc *acpi_desc, unsigned long flags); +int acpi_nfit_ars_rescan(struct acpi_nfit_desc *acpi_desc, + enum nfit_ars_state req_type); #ifdef CONFIG_X86_MCE void nfit_mce_register(void);

7 years

2
1
0 0

Working test 5

by Judy

Did you get my email from last week? Let me know if you have photos for cutting out or retouching? We are an image team who can do editing for your the web store photos, industry photos or portrait photos. Send photos, we will do testing for you to check quality. Waiting for your reply soon. Thanks, Judy

7 years

1
0
0 0

[PATCH] afs: Fix clearance of reply

by David Howells

The recent patch to fix the afs_server struct leak didn't actually fix the bug, but rather fixed some of the symptoms. The problem is that an asynchronous call that holds a resource pointed to by call->reply[0] will find the pointer cleared in the call destructor, thereby preventing the resource from being cleaned up. In the case of the server record leak, the afs_fs_get_capabilities() function in devel code sets up a call with reply[0] pointing at the server record that should be altered when the result is obtained, but this was being cleared before the destructor was called, so the put in the destructor does nothing and the record is leaked. Commit f014ffb025c1 removed the additional ref obtained by afs_install_server(), but the removal of this ref is actually used by the garbage collector to mark a server record as being defunct after the record has expired through lack of use. The offending clearance of call->reply[0] upon completion in afs_process_async_call() has been there from the origin of the code, but none of the asynchronous calls actually use that pointer currently, so it should be safe to remove (note that synchronous calls don't involve this function). Fix this by the following means: (1) Revert commit f014ffb025c1. (2) Remove the clearance of reply[0] from afs_process_async_call(). Without this, afs_manage_servers() will suffer an assertion failure if it sees a server record that didn't get used because the usage count is not 1. Fixes: f014ffb025c1 ("afs: Fix afs_server struct leak") Fixes: 08e0e7c82eea ("[AF_RXRPC]: Make the in-kernel AFS filesystem use AF_RXRPC.") Signed-off-by: David Howells <dhowells(a)redhat.com> --- fs/afs/rxrpc.c | 2 -- fs/afs/server.c | 2 -- 2 files changed, 4 deletions(-) diff --git a/fs/afs/rxrpc.c b/fs/afs/rxrpc.c index 748b37b130a2..9bbb8af000b4 100644 --- a/fs/afs/rxrpc.c +++ b/fs/afs/rxrpc.c @@ -620,8 +620,6 @@ static void afs_process_async_call(struct work_struct *work) } if (call->state == AFS_CALL_COMPLETE) { - call->reply[0] = NULL; - /* We have two refs to release - one from the alloc and one * queued with the work item - and we can't just deallocate the * call because the work item may be queued again. diff --git a/fs/afs/server.c b/fs/afs/server.c index d5ef05e24e18..1a087eb8f2d7 100644 --- a/fs/afs/server.c +++ b/fs/afs/server.c @@ -199,11 +199,9 @@ static struct afs_server *afs_install_server(struct afs_net *net, write_sequnlock(&net->fs_addr_lock); ret = 0; - goto out; exists: afs_get_server(server); -out: write_sequnlock(&net->fs_lock); return server; }

7 years

2
1
0 0

[git:media_tree/master] media: cec: forgot to cancel delayed work

by Mauro Carvalho Chehab

This is an automatic generated email to let you know that the following patch were queued: Subject: media: cec: forgot to cancel delayed work Author: Hans Verkuil <hverkuil(a)xs4all.nl> Date: Mon Oct 15 06:14:22 2018 -0400 If the wait for completion was interrupted, then make sure to cancel any delayed work. This can only happen if a transmit is waiting for a reply, and you press Ctrl-C or reboot/poweroff or something like that which interrupts the thread waiting for the reply and then proceeds to delete the CEC message. Since the delayed work wasn't canceled, once it would trigger it referred to stale data and resulted in a kernel oops. Fixes: 7ec2b3b941a6 ("cec: add new tx/rx status bits to detect aborts/timeouts") Signed-off-by: Hans Verkuil <hans.verkuil(a)cisco.com> Cc: <stable(a)vger.kernel.org> # for v4.18 and up Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> drivers/media/cec/cec-adap.c | 2 ++ 1 file changed, 2 insertions(+) --- diff --git a/drivers/media/cec/cec-adap.c b/drivers/media/cec/cec-adap.c index 0c0d9107383e..31d1f4ab915e 100644 --- a/drivers/media/cec/cec-adap.c +++ b/drivers/media/cec/cec-adap.c @@ -844,6 +844,8 @@ int cec_transmit_msg_fh(struct cec_adapter *adap, struct cec_msg *msg, */ mutex_unlock(&adap->lock); wait_for_completion_killable(&data->c); + if (!data->completed) + cancel_delayed_work_sync(&data->work); mutex_lock(&adap->lock); /* Cancel the transmit if it was interrupted */

7 years

1
0
0 0

[PATCHv5 0/7] tty: Hold write ldisc sem in tty_reopen()

by Dmitry Safonov

Hi all, Three fixes that worth to have in the @stable, as they were hit by different people, including Arista on v4.9 stable. And for linux-next - adding lockdep asserts for line discipline changing code, verifying that write ldisc sem will be held forthwith. The last patch is an optional and probably, timeout can be dropped for read_lock(). I'll do it if everyone agrees. (Or as per discussion with Peter in v3, just convert ldisc to a regular rwsem). Thanks, Dima Changes since v4: - back to lock ldisc with (5*HZ) timeout in tty_reopen() (LKP report link: lkml.kernel.org/r/<1536940609.3185.29.camel(a)arista.com>) - reordered 3/7 with 2/7 for LKP robot Changes since v3: - Added tested-by Mark Rutland (thanks!) - Dropped patch with smp_wmb() - wrong idea - lockdep_assert_held() should be actually lockdep_assert_held_exclusive() - Described why tty_ldisc_open() can be called without ldisc_sem held for pty slave end (o_tty). - Added Peter's patch for dropping self-made lockdep annotations - Fix for a reader(s) of ldisc semaphore waiting for an active reader(s) Changes since v2: - Added reviewed-by tags - Hopefully, fixed reported by 0-day issue. - Added optional fix for wait_readers decrement Changes since v1: - Added tested-by/reported-by tags - Dropped 3/4 (locking tty pair for lockdep sake), Because of that - not adding lockdep_assert_held() in tty_ldisc_open() - Added 4/4 cleanup to inc tty->count only on success of tty_ldisc_reinit() - lock ldisc without (5*HZ) timeout in tty_reopen() v1 link: lkml.kernel.org/r/<20180829022353.23568-1-dima(a)arista.com> v2 link: lkml.kernel.org/r/<20180903165257.29227-1-dima(a)arista.com> v3 link: lkml.kernel.org/r/<20180911014821.26286-1-dima(a)arista.com> v4 link: lkml.kernel.org/r/<20180912001702.18522-1-dima(a)arista.com> Cc: Daniel Axtens <dja(a)axtens.net> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Michael Neuling <mikey(a)neuling.org> Cc: Mikulas Patocka <mpatocka(a)redhat.com> Cc: Nathan March <nathan(a)gt.net> Cc: Pasi Kärkkäinen <pasik(a)iki.fi> Cc: Peter Hurley <peter(a)hurleysoftware.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: "Rong, Chen" <rong.a.chen(a)intel.com> Cc: Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> Cc: Tan Xiaojun <tanxiaojun(a)huawei.com> Cc: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> (please, ignore if I Cc'ed you mistakenly) Dmitry Safonov (6): tty: Drop tty->count on tty_reopen() failure tty/ldsem: Wake up readers after timed out down_write() tty: Hold tty_ldisc_lock() during tty_reopen() tty: Simplify tty->count math in tty_reopen() tty/ldsem: Add lockdep asserts for ldisc_sem tty/ldsem: Decrement wait_readers on timeouted down_read() Peter Zijlstra (1): tty/ldsem: Convert to regular lockdep annotations drivers/tty/tty_io.c | 13 ++++++++--- drivers/tty/tty_ldisc.c | 9 +++++++ drivers/tty/tty_ldsem.c | 62 ++++++++++++++++++++----------------------------- 3 files changed, 44 insertions(+), 40 deletions(-) -- 2.13.6

7 years

4
13
0 0

[PATCH] fs: fix possible Spectre V1 indexing in __close_fd()

by Greg Hackmann

__close_fd() is reachable via the close() syscall with a userspace-controlled fd. Ensure that it can't be used to speculatively access past the end of current->fdt. Reported-by: Omer Tripp <trippo(a)google.com> Cc: stable(a)vger.kernel.org Signed-off-by: Greg Hackmann <ghackmann(a)google.com> --- fs/file.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/file.c b/fs/file.c index 7ffd6e9d103d..a80cf82be96b 100644 --- a/fs/file.c +++ b/fs/file.c @@ -18,6 +18,7 @@ #include <linux/bitops.h> #include <linux/spinlock.h> #include <linux/rcupdate.h> +#include <linux/nospec.h> unsigned int sysctl_nr_open __read_mostly = 1024*1024; unsigned int sysctl_nr_open_min = BITS_PER_LONG; @@ -626,6 +627,7 @@ int __close_fd(struct files_struct *files, unsigned fd) fdt = files_fdtable(files); if (fd >= fdt->max_fds) goto out_unlock; + fd = array_index_nospec(fd, fdt->max_fds); file = fdt->fd[fd]; if (!file) goto out_unlock; -- 2.19.0.397.gdd90340f6a-goog

7 years

2
2
0 0

Apply For Affordable Loan Offer

by rifat

Do you need a loan? If YES Kindly contact us via: citigrouploaninvestment(a)aol.com

7 years

1
0
0 0

Re: [PATCH 3.16 194/366] drivers: tty: Merge alloc_tty_struct and initialize_tty_struct

by Ben Hutchings

On Sun, 2018-10-14 at 19:22 +0200, Rasmus Villemoes wrote: > IIRC, I messed up back then, so you'll need some followup as well, but I'm > on my phone ATM. I guess that's commit 07584d4a356e "drivers: tty: Fix use-after-free in pty_common_install"? I missed that but will add it now. > I assume you're taking this to make it easier to backport > some actual fix? This is required as preparation for commit 903f9db10f18 "tty: Don't call panic() at tty_ldisc_init()". Ben. > > On Sun, Oct 14, 2018, 17:39 Ben Hutchings <ben(a)decadent.org.uk> wrote: > > > 3.16.60-rc1 review patch. If anyone has any objections, please let me > > know. > > > > ------------------ > > > > From: Rasmus Villemoes <linux(a)rasmusvillemoes.dk> > > > > commit 2c964a2f4191f2229566895f1a0e85f8339f5dd1 upstream. > > > > The two functions alloc_tty_struct and initialize_tty_struct are > > always called together. Merge them into alloc_tty_struct, updating its > > prototype and the only two callers of these functions. > > > > Signed-off-by: Rasmus Villemoes <linux(a)rasmusvillemoes.dk> > > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > > Signed-off-by: Ben Hutchings <ben(a)decadent.org.uk> > > --- > > drivers/tty/pty.c | 19 +++++++++---------- > > drivers/tty/tty_io.c | 37 +++++++++++++------------------------ > > include/linux/tty.h | 4 +--- > > 3 files changed, 23 insertions(+), 37 deletions(-) > > > > --- a/drivers/tty/pty.c > > +++ b/drivers/tty/pty.c > > @@ -319,7 +319,7 @@ done: > > * pty_common_install - set up the pty pair > > * @driver: the pty driver > > * @tty: the tty being instantiated > > - * @bool: legacy, true if this is BSD style > > + * @legacy: true if this is BSD style > > * > > * Perform the initial set up for the tty/pty pair. Called from the > > * tty layer when the port is first opened. > > @@ -334,18 +334,17 @@ static int pty_common_install(struct tty > > int idx = tty->index; > > int retval = -ENOMEM; > > > > - o_tty = alloc_tty_struct(); > > - if (!o_tty) > > - goto err; > > ports[0] = kmalloc(sizeof **ports, GFP_KERNEL); > > ports[1] = kmalloc(sizeof **ports, GFP_KERNEL); > > if (!ports[0] || !ports[1]) > > - goto err_free_tty; > > + goto err; > > if (!try_module_get(driver->other->owner)) { > > /* This cannot in fact currently happen */ > > - goto err_free_tty; > > + goto err; > > } > > - initialize_tty_struct(o_tty, driver->other, idx); > > + o_tty = alloc_tty_struct(driver->other, idx); > > + if (!o_tty) > > + goto err_put_module; > > > > if (legacy) { > > /* We always use new tty termios data so we can do this > > @@ -390,12 +389,12 @@ err_free_termios: > > tty_free_termios(tty); > > err_deinit_tty: > > deinitialize_tty_struct(o_tty); > > + free_tty_struct(o_tty); > > +err_put_module: > > module_put(o_tty->driver->owner); > > -err_free_tty: > > +err: > > kfree(ports[0]); > > kfree(ports[1]); > > - free_tty_struct(o_tty); > > -err: > > return retval; > > } > > > > --- a/drivers/tty/tty_io.c > > +++ b/drivers/tty/tty_io.c > > @@ -157,20 +157,6 @@ static void __proc_set_tty(struct task_s > > static void proc_set_tty(struct task_struct *tsk, struct tty_struct *tty); > > > > /** > > - * alloc_tty_struct - allocate a tty object > > - * > > - * Return a new empty tty structure. The data fields have not > > - * been initialized in any way but has been zeroed > > - * > > - * Locking: none > > - */ > > - > > -struct tty_struct *alloc_tty_struct(void) > > -{ > > - return kzalloc(sizeof(struct tty_struct), GFP_KERNEL); > > -} > > - > > -/** > > * free_tty_struct - free a disused tty > > * @tty: tty struct to free > > * > > @@ -1455,12 +1441,11 @@ struct tty_struct *tty_init_dev(struct t > > if (!try_module_get(driver->owner)) > > return ERR_PTR(-ENODEV); > > > > - tty = alloc_tty_struct(); > > + tty = alloc_tty_struct(driver, idx); > > if (!tty) { > > retval = -ENOMEM; > > goto err_module_put; > > } > > - initialize_tty_struct(tty, driver, idx); > > > > tty_lock(tty); > > retval = tty_driver_install_tty(driver, tty); > > @@ -3034,19 +3019,21 @@ static struct device *tty_get_device(str > > > > > > /** > > - * initialize_tty_struct > > - * @tty: tty to initialize > > + * alloc_tty_struct > > * > > - * This subroutine initializes a tty structure that has been newly > > - * allocated. > > + * This subroutine allocates and initializes a tty structure. > > * > > - * Locking: none - tty in question must not be exposed at this point > > + * Locking: none - tty in question is not exposed at this point > > */ > > > > -void initialize_tty_struct(struct tty_struct *tty, > > - struct tty_driver *driver, int idx) > > +struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx) > > { > > - memset(tty, 0, sizeof(struct tty_struct)); > > + struct tty_struct *tty; > > + > > + tty = kzalloc(sizeof(*tty), GFP_KERNEL); > > + if (!tty) > > + return NULL; > > + > > kref_init(&tty->kref); > > tty->magic = TTY_MAGIC; > > tty_ldisc_init(tty); > > @@ -3070,6 +3057,8 @@ void initialize_tty_struct(struct tty_st > > tty->index = idx; > > tty_line_name(driver, idx, tty->name); > > tty->dev = tty_get_device(tty); > > + > > + return tty; > > } > > > > /** > > --- a/include/linux/tty.h > > +++ b/include/linux/tty.h > > @@ -477,13 +477,11 @@ extern int tty_mode_ioctl(struct tty_str > > unsigned int cmd, unsigned long arg); > > extern int tty_perform_flush(struct tty_struct *tty, unsigned long arg); > > extern void tty_default_fops(struct file_operations *fops); > > -extern struct tty_struct *alloc_tty_struct(void); > > +extern struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int > > idx); > > extern int tty_alloc_file(struct file *file); > > extern void tty_add_file(struct tty_struct *tty, struct file *file); > > extern void tty_free_file(struct file *file); > > extern void free_tty_struct(struct tty_struct *tty); > > -extern void initialize_tty_struct(struct tty_struct *tty, > > - struct tty_driver *driver, int idx); > > extern void deinitialize_tty_struct(struct tty_struct *tty); > > extern struct tty_struct *tty_init_dev(struct tty_driver *driver, int > > idx); > > extern int tty_release(struct inode *inode, struct file *filp); > > > > -- Ben Hutchings I haven't lost my mind; it's backed up on tape somewhere.

7 years

1
0
0 0

What is the expected date of release for 4.19

by salil GK

Hello I would like to know the expected date of release of 4.19 kernel. Thanks ~S

7 years

2
1
0 0

URGENT RESPONSE NEEDED

by Sean Kim.

Hello my dear. Did you receive my email message to you? Please, get back to me ASAP as the matter is becoming late. Expecting your urgent response. Sean.

7 years

1
0
0 0

patch "usb: xhci: pci: Enable Intel USB role mux on Apollo Lake platforms" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usb: xhci: pci: Enable Intel USB role mux on Apollo Lake platforms to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From c02588a352defaf985fc1816eb6232663159e1b8 Mon Sep 17 00:00:00 2001 From: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> Date: Mon, 1 Oct 2018 18:53:05 +0300 Subject: usb: xhci: pci: Enable Intel USB role mux on Apollo Lake platforms Intel Apollo Lake has the same internal USB role mux as Intel Cherry Trail. Cc: <stable(a)vger.kernel.org> Signed-off-by: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/host/xhci-pci.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/usb/host/xhci-pci.c b/drivers/usb/host/xhci-pci.c index 722860eb5a91..51dd8e00c4f8 100644 --- a/drivers/usb/host/xhci-pci.c +++ b/drivers/usb/host/xhci-pci.c @@ -179,10 +179,12 @@ static void xhci_pci_quirks(struct device *dev, struct xhci_hcd *xhci) xhci->quirks |= XHCI_PME_STUCK_QUIRK; } if (pdev->vendor == PCI_VENDOR_ID_INTEL && - pdev->device == PCI_DEVICE_ID_INTEL_CHERRYVIEW_XHCI) { + pdev->device == PCI_DEVICE_ID_INTEL_CHERRYVIEW_XHCI) xhci->quirks |= XHCI_SSIC_PORT_UNUSED; + if (pdev->vendor == PCI_VENDOR_ID_INTEL && + (pdev->device == PCI_DEVICE_ID_INTEL_CHERRYVIEW_XHCI || + pdev->device == PCI_DEVICE_ID_INTEL_APL_XHCI)) xhci->quirks |= XHCI_INTEL_USB_ROLE_SW; - } if (pdev->vendor == PCI_VENDOR_ID_INTEL && (pdev->device == PCI_DEVICE_ID_INTEL_CHERRYVIEW_XHCI || pdev->device == PCI_DEVICE_ID_INTEL_SUNRISEPOINT_LP_XHCI || -- 2.19.1

7 years

1
0
0 0

patch "usb: roles: intel_xhci: Fix Unbalanced pm_runtime_enable" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usb: roles: intel_xhci: Fix Unbalanced pm_runtime_enable to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 009b1948e153ae448f62f1887e2b58d0e05db51b Mon Sep 17 00:00:00 2001 From: Wan Ahmad Zainie <wan.ahmad.zainie.wan.mohamad(a)intel.com> Date: Tue, 9 Oct 2018 12:52:47 +0800 Subject: usb: roles: intel_xhci: Fix Unbalanced pm_runtime_enable Add missing pm_runtime_disable() to remove(), in order to avoid an Unbalanced pm_runtime_enable when the module is removed and re-probed. Error log: root@intel-corei7-64:~# modprobe -r intel_xhci_usb_role_switch root@intel-corei7-64:~# modprobe intel_xhci_usb_role_switch intel_xhci_usb_sw intel_xhci_usb_sw: Unbalanced pm_runtime_enable! Fixes: cb2968468605 (usb: roles: intel_xhci: Enable runtime PM) Cc: <stable(a)vger.kernel.org> Reviewed-by: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> Signed-off-by: Wan Ahmad Zainie <wan.ahmad.zainie.wan.mohamad(a)intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/roles/intel-xhci-usb-role-switch.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/drivers/usb/roles/intel-xhci-usb-role-switch.c b/drivers/usb/roles/intel-xhci-usb-role-switch.c index 1fb3dd0f1dfa..277de96181f9 100644 --- a/drivers/usb/roles/intel-xhci-usb-role-switch.c +++ b/drivers/usb/roles/intel-xhci-usb-role-switch.c @@ -161,6 +161,8 @@ static int intel_xhci_usb_remove(struct platform_device *pdev) { struct intel_xhci_usb_data *data = platform_get_drvdata(pdev); + pm_runtime_disable(&pdev->dev); + usb_role_switch_unregister(data->role_sw); return 0; } -- 2.19.1

7 years

1
0
0 0

patch "cdc-acm: correct counting of UART states in serial state notification" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled cdc-acm: correct counting of UART states in serial state notification to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From f976d0e5747ca65ccd0fb2a4118b193d70aa1836 Mon Sep 17 00:00:00 2001 From: Tobias Herzog <t-herzog(a)gmx.de> Date: Sat, 22 Sep 2018 22:11:11 +0200 Subject: cdc-acm: correct counting of UART states in serial state notification The usb standard ("Universal Serial Bus Class Definitions for Communication Devices") distiguishes between "consistent signals" (DSR, DCD), and "irregular signals" (break, ring, parity error, framing error, overrun). The bits of "irregular signals" are set, if this error/event occurred on the device side and are immeadeatly unset, if the serial state notification was sent. Like other drivers of real serial ports do, just the occurence of those events should be counted in serial_icounter_struct (but no 1->0 transitions). Signed-off-by: Tobias Herzog <t-herzog(a)gmx.de> Acked-by: Oliver Neukum <oneukum(a)suse.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/class/cdc-acm.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c index e43ea9641416..9ede35cecb12 100644 --- a/drivers/usb/class/cdc-acm.c +++ b/drivers/usb/class/cdc-acm.c @@ -310,17 +310,17 @@ static void acm_process_notification(struct acm *acm, unsigned char *buf) if (difference & ACM_CTRL_DSR) acm->iocount.dsr++; - if (difference & ACM_CTRL_BRK) - acm->iocount.brk++; - if (difference & ACM_CTRL_RI) - acm->iocount.rng++; if (difference & ACM_CTRL_DCD) acm->iocount.dcd++; - if (difference & ACM_CTRL_FRAMING) + if (newctrl & ACM_CTRL_BRK) + acm->iocount.brk++; + if (newctrl & ACM_CTRL_RI) + acm->iocount.rng++; + if (newctrl & ACM_CTRL_FRAMING) acm->iocount.frame++; - if (difference & ACM_CTRL_PARITY) + if (newctrl & ACM_CTRL_PARITY) acm->iocount.parity++; - if (difference & ACM_CTRL_OVERRUN) + if (newctrl & ACM_CTRL_OVERRUN) acm->iocount.overrun++; spin_unlock_irqrestore(&acm->read_lock, flags); -- 2.19.1

7 years

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror