- Linux-stable-mirror - lists.linaro.org

[PATCH 2/3] IB/srpt: Fix srpt_cm_req_recv() error path (2/2)

by Bart Van Assche

If a login request was received through the RDMA/CM and if an error occurs during login, clear rdma_cm_id->context instead of ib_cm_id->context. Fixes: 63cf1a902c9d ("IB/srpt: Add RDMA/CM support") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: <stable(a)vger.kernel.org> --- drivers/infiniband/ulp/srpt/ib_srpt.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/infiniband/ulp/srpt/ib_srpt.c b/drivers/infiniband/ulp/srpt/ib_srpt.c index e95d0c1c0652..325bae29e90d 100644 --- a/drivers/infiniband/ulp/srpt/ib_srpt.c +++ b/drivers/infiniband/ulp/srpt/ib_srpt.c @@ -2361,8 +2361,11 @@ static int srpt_cm_req_recv(struct srpt_device *const sdev, srpt_free_ioctx_ring((struct srpt_ioctx **)ch->ioctx_ring, ch->sport->sdev, ch->rq_size, ch->max_rsp_size, DMA_TO_DEVICE); + free_ch: - if (ib_cm_id) + if (rdma_cm_id) + rdma_cm_id->context = NULL; + else ib_cm_id->context = NULL; kfree(ch); ch = NULL; -- 2.18.0

7 years, 2 months

1
0
0 0

[PATCH 1/3] IB/srpt: Fix srpt_cm_req_recv() error path (1/2)

by Bart Van Assche

Once a target session has been allocated, if an error occurs, the session must be freed. Since it is not safe to call blocking code from the context of an connection manager callback, trigger target session release in this case by calling srpt_close_ch(). Fixes: db7683d7deb2 ("IB/srpt: Fix login-related race conditions") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: <stable(a)vger.kernel.org> --- drivers/infiniband/ulp/srpt/ib_srpt.c | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/drivers/infiniband/ulp/srpt/ib_srpt.c b/drivers/infiniband/ulp/srpt/ib_srpt.c index 538b9013e815..e95d0c1c0652 100644 --- a/drivers/infiniband/ulp/srpt/ib_srpt.c +++ b/drivers/infiniband/ulp/srpt/ib_srpt.c @@ -2088,7 +2088,7 @@ static int srpt_cm_req_recv(struct srpt_device *const sdev, struct rdma_conn_param rdma_cm; struct ib_cm_rep_param ib_cm; } *rep_param = NULL; - struct srpt_rdma_ch *ch; + struct srpt_rdma_ch *ch = NULL; char i_port_id[36]; u32 it_iu_len; int i, ret; @@ -2235,13 +2235,15 @@ static int srpt_cm_req_recv(struct srpt_device *const sdev, TARGET_PROT_NORMAL, i_port_id + 2, ch, NULL); if (IS_ERR_OR_NULL(ch->sess)) { + WARN_ON_ONCE(ch->sess == NULL); ret = PTR_ERR(ch->sess); + ch->sess = NULL; pr_info("Rejected login for initiator %s: ret = %d.\n", ch->sess_name, ret); rej->reason = cpu_to_be32(ret == -ENOMEM ? SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES : SRP_LOGIN_REJ_CHANNEL_LIMIT_REACHED); - goto reject; + goto destroy_ib; } mutex_lock(&sport->mutex); @@ -2280,7 +2282,7 @@ static int srpt_cm_req_recv(struct srpt_device *const sdev, rej->reason = cpu_to_be32(SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES); pr_err("rejected SRP_LOGIN_REQ because enabling RTR failed (error code = %d)\n", ret); - goto destroy_ib; + goto reject; } pr_debug("Establish connection sess=%p name=%s ch=%p\n", ch->sess, @@ -2380,6 +2382,15 @@ static int srpt_cm_req_recv(struct srpt_device *const sdev, ib_send_cm_rej(ib_cm_id, IB_CM_REJ_CONSUMER_DEFINED, NULL, 0, rej, sizeof(*rej)); + if (ch && ch->sess) { + srpt_close_ch(ch); + /* + * Tell the caller not to free cm_id since + * srpt_release_channel_work() will do that. + */ + ret = 0; + } + out: kfree(rep_param); kfree(rsp); -- 2.18.0

7 years, 2 months

1
0
0 0

[PATCH] ext4: fix inline data updates with checksums enabled

by Theodore Ts'o

The inline data code was updating the raw inode directly; this is problematic since if metadata checksums are enabled, ext4_mark_inode_dirty() must be called to update the inode's checksum. In addition, the jbd2 layer requires that get_write_access() be called before the metadata buffer is modified. Fix both of these problems. https://bugzilla.kernel.org/show_bug.cgi?id=200443 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)vger.kernel.org --- fs/ext4/inline.c | 19 +++++++++++-------- fs/ext4/inode.c | 16 +++++++--------- 2 files changed, 18 insertions(+), 17 deletions(-) diff --git a/fs/ext4/inline.c b/fs/ext4/inline.c index e55a8bc870bd..3543fe80a3c4 100644 --- a/fs/ext4/inline.c +++ b/fs/ext4/inline.c @@ -682,6 +682,10 @@ int ext4_try_to_write_inline_data(struct address_space *mapping, goto convert; } + ret = ext4_journal_get_write_access(handle, iloc.bh); + if (ret) + goto out; + flags |= AOP_FLAG_NOFS; page = grab_cache_page_write_begin(mapping, 0, flags); @@ -710,7 +714,7 @@ int ext4_try_to_write_inline_data(struct address_space *mapping, out_up_read: up_read(&EXT4_I(inode)->xattr_sem); out: - if (handle) + if (handle && (ret != 1)) ext4_journal_stop(handle); brelse(iloc.bh); return ret; @@ -752,6 +756,7 @@ int ext4_write_inline_data_end(struct inode *inode, loff_t pos, unsigned len, ext4_write_unlock_xattr(inode, &no_expand); brelse(iloc.bh); + mark_inode_dirty(inode); out: return copied; } @@ -898,7 +903,6 @@ int ext4_da_write_inline_data_begin(struct address_space *mapping, goto out; } - page = grab_cache_page_write_begin(mapping, 0, flags); if (!page) { ret = -ENOMEM; @@ -916,6 +920,9 @@ int ext4_da_write_inline_data_begin(struct address_space *mapping, if (ret < 0) goto out_release_page; } + ret = ext4_journal_get_write_access(handle, iloc.bh); + if (ret) + goto out_release_page; up_read(&EXT4_I(inode)->xattr_sem); *pagep = page; @@ -936,7 +943,6 @@ int ext4_da_write_inline_data_end(struct inode *inode, loff_t pos, unsigned len, unsigned copied, struct page *page) { - int i_size_changed = 0; int ret; ret = ext4_write_inline_data_end(inode, pos, len, copied, page); @@ -954,10 +960,8 @@ int ext4_da_write_inline_data_end(struct inode *inode, loff_t pos, * But it's important to update i_size while still holding page lock: * page writeout could otherwise come in and zero beyond i_size. */ - if (pos+copied > inode->i_size) { + if (pos+copied > inode->i_size) i_size_write(inode, pos+copied); - i_size_changed = 1; - } unlock_page(page); put_page(page); @@ -967,8 +971,7 @@ int ext4_da_write_inline_data_end(struct inode *inode, loff_t pos, * ordering of page lock and transaction start for journaling * filesystems. */ - if (i_size_changed) - mark_inode_dirty(inode); + mark_inode_dirty(inode); return copied; } diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c index 7d6c10017bdf..4efe77286ecd 100644 --- a/fs/ext4/inode.c +++ b/fs/ext4/inode.c @@ -1389,9 +1389,10 @@ static int ext4_write_end(struct file *file, loff_t old_size = inode->i_size; int ret = 0, ret2; int i_size_changed = 0; + int inline_data = ext4_has_inline_data(inode); trace_ext4_write_end(inode, pos, len, copied); - if (ext4_has_inline_data(inode)) { + if (inline_data) { ret = ext4_write_inline_data_end(inode, pos, len, copied, page); if (ret < 0) { @@ -1419,7 +1420,7 @@ static int ext4_write_end(struct file *file, * ordering of page lock and transaction start for journaling * filesystems. */ - if (i_size_changed) + if (i_size_changed || inline_data) ext4_mark_inode_dirty(handle, inode); if (pos + len > inode->i_size && ext4_can_truncate(inode)) @@ -1493,6 +1494,7 @@ static int ext4_journalled_write_end(struct file *file, int partial = 0; unsigned from, to; int size_changed = 0; + int inline_data = ext4_has_inline_data(inode); trace_ext4_journalled_write_end(inode, pos, len, copied); from = pos & (PAGE_SIZE - 1); @@ -1500,7 +1502,7 @@ static int ext4_journalled_write_end(struct file *file, BUG_ON(!ext4_handle_valid(handle)); - if (ext4_has_inline_data(inode)) { + if (inline_data) { ret = ext4_write_inline_data_end(inode, pos, len, copied, page); if (ret < 0) { @@ -1531,7 +1533,7 @@ static int ext4_journalled_write_end(struct file *file, if (old_size < pos) pagecache_isize_extended(inode, old_size, pos); - if (size_changed) { + if (size_changed || inline_data) { ret2 = ext4_mark_inode_dirty(handle, inode); if (!ret) ret = ret2; @@ -2028,11 +2030,7 @@ static int __ext4_journalled_writepage(struct page *page, } if (inline_data) { - BUFFER_TRACE(inode_bh, "get write access"); - ret = ext4_journal_get_write_access(handle, inode_bh); - - err = ext4_handle_dirty_metadata(handle, inode, inode_bh); - + ret = ext4_mark_inode_dirty(handle, inode); } else { ret = ext4_walk_page_buffers(handle, page_bufs, 0, len, NULL, do_journal_get_write_access); -- 2.18.0.rc0

7 years, 2 months

1
0
0 0

sched, tracing: Fix trace_sched_pi_setprio() for deboosting

by Sebastian Andrzej Siewior

Upstream commit 4ff648decf4712d39f184fc2df3163f43975575a Fixes output of the trace_sched_pi_setprio() trace event during deboost. Please include the patch in everything maintained since v4.12 which is v4.14 and v4.17. Sebastian

7 years, 2 months

2
1
0 0

[PATCH stable 4.4] staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()

by Ian Abbott

From: Dan Carpenter <dan.carpenter(a)oracle.com> [ Upstream commit 1376b0a2160319125c3a2822e8c09bd283cd8141 ] There is a '>' vs '<' typo so this loop is a no-op. Fixes: d35dcc89fc93 ("staging: comedi: quatech_daqp_cs: fix daqp_ao_insn_write()") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> Reviewed-by: Ian Abbott <abbotti(a)mev.co.uk> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/staging/comedi/drivers/quatech_daqp_cs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/comedi/drivers/quatech_daqp_cs.c b/drivers/staging/comedi/drivers/quatech_daqp_cs.c index e9e43139157d..769a94015117 100644 --- a/drivers/staging/comedi/drivers/quatech_daqp_cs.c +++ b/drivers/staging/comedi/drivers/quatech_daqp_cs.c @@ -642,7 +642,7 @@ static int daqp_ao_insn_write(struct comedi_device *dev, /* Make sure D/A update mode is direct update */ outb(0, dev->iobase + DAQP_AUX_REG); - for (i = 0; i > insn->n; i++) { + for (i = 0; i < insn->n; i++) { unsigned val = data[i]; int ret; -- 2.18.0

7 years, 2 months

2
1
0 0

[PATCH stable 4.8 to 4.17] staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()

by Ian Abbott

From: Dan Carpenter <dan.carpenter(a)oracle.com> [ Upstream commit 1376b0a2160319125c3a2822e8c09bd283cd8141 ] There is a '>' vs '<' typo so this loop is a no-op. Fixes: d35dcc89fc93 ("staging: comedi: quatech_daqp_cs: fix daqp_ao_insn_write()") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> Reviewed-by: Ian Abbott <abbotti(a)mev.co.uk> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/staging/comedi/drivers/quatech_daqp_cs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/comedi/drivers/quatech_daqp_cs.c b/drivers/staging/comedi/drivers/quatech_daqp_cs.c index ea194aa01a64..257b0daff01f 100644 --- a/drivers/staging/comedi/drivers/quatech_daqp_cs.c +++ b/drivers/staging/comedi/drivers/quatech_daqp_cs.c @@ -642,7 +642,7 @@ static int daqp_ao_insn_write(struct comedi_device *dev, /* Make sure D/A update mode is direct update */ outb(0, dev->iobase + DAQP_AUX_REG); - for (i = 0; i > insn->n; i++) { + for (i = 0; i < insn->n; i++) { unsigned int val = data[i]; int ret; -- 2.18.0

7 years, 2 months

2
1
0 0

patch "driver core: Partially revert "driver core: correct device's shutdown" added to driver-core-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled driver core: Partially revert "driver core: correct device's shutdown to my driver-core git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core.git in the driver-core-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 722e5f2b1eec7de61117b7c0a7914761e3da2eda Mon Sep 17 00:00:00 2001 From: "Rafael J. Wysocki" <rafael.j.wysocki(a)intel.com> Date: Tue, 10 Jul 2018 14:51:33 +0200 Subject: driver core: Partially revert "driver core: correct device's shutdown order" Commit 52cdbdd49853 (driver core: correct device's shutdown order) introduced a regression by breaking device shutdown on some systems. Namely, the devices_kset_move_last() call in really_probe() added by that commit is a mistake as it may cause parents to follow children in the devices_kset list which then causes shutdown to fail. For example, if a device has children before really_probe() is called for it (which is not uncommon), that call will cause it to be reordered after the children in the devices_kset list and the ordering of that list will not reflect the correct device shutdown order any more. Also it causes the devices_kset list to be constantly reordered until all drivers have been probed which is totally pointless overhead in the majority of cases and it only covered an issue with system shutdown, while system-wide suspend/resume potentially had the same issue on the affected platforms (which was not covered). Moreover, the shutdown issue originally addressed by the change in really_probe() made by commit 52cdbdd49853 is not present in 4.18-rc any more, since dra7 started to use the sdhci-omap driver which doesn't disable any regulators during shutdown, so the really_probe() part of commit 52cdbdd49853 can be safely reverted. [The original issue was related to the omap_hsmmc driver used by dra7 previously.] For the above reasons, revert the really_probe() modifications made by commit 52cdbdd49853. The other code changes made by commit 52cdbdd49853 are useful and they need not be reverted. Fixes: 52cdbdd49853 (driver core: correct device's shutdown order) Link: https://lore.kernel.org/lkml/CAFgQCTt7VfqM=UyCnvNFxrSw8Z6cUtAi3HUwR4_xPAc03… Reported-by: Pingfan Liu <kernelfans(a)gmail.com> Tested-by: Pingfan Liu <kernelfans(a)gmail.com> Reviewed-by: Kishon Vijay Abraham I <kishon(a)ti.com> Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/base/dd.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/drivers/base/dd.c b/drivers/base/dd.c index 1435d7281c66..6ebcd65d64b6 100644 --- a/drivers/base/dd.c +++ b/drivers/base/dd.c @@ -434,14 +434,6 @@ static int really_probe(struct device *dev, struct device_driver *drv) goto probe_failed; } - /* - * Ensure devices are listed in devices_kset in correct order - * It's important to move Dev to the end of devices_kset before - * calling .probe, because it could be recursive and parent Dev - * should always go first - */ - devices_kset_move_last(dev); - if (dev->bus->probe) { ret = dev->bus->probe(dev); if (ret) -- 2.18.0

7 years, 2 months

1
0
0 0

[PATCH] hfs/hfsplus: use documented official timestamp range

by Arnd Bergmann

According to the official documentation for HFS+ [1], inode timestamps are supposed to cover the time range from 1904 to 2040 as originally used in classic MacOS. The traditional Linux usage is to convert the timestamps into an unsigned 32-bit number based on the Unix epoch and from there to a time_t. On 32-bit systems, that wraps the time from 2038 to 1902, so the last two years of the valid time range become garbled. On 64-bit systems, all times before 1970 get turned into timestamps between 2038 and 2106, which is more convenient but also different from the documented behavior. The same behavior is used in Darwin and presumaby all versions of MacOS X, as seen in the to_hfs_time() function in [2]. It is unclear whether this is a bug in the file system code, or intentional but undocumented behavior. This changes Linux over to the traditional MacOS (pre MacOS X) behavior. This means all files that are created on MacOS X or Linux with future timestamps between 2040 and 2106 will now show up as past dates. Timestamps between 2038 and 2040 will still be represented incorrectly on 32-bit architectures as times between 1902 and 1904, but that will be fixed once we have user space with 64-bit time_t. Cc: stable(a)vger.kernel.org Link: [1] https://developer.apple.com/library/archive/technotes/tn/tn1150.html Link: [2] https://opensource.apple.com/source/xnu/xnu-344/bsd/hfs/MacOSStubs.c Suggested-by: Viacheslav Dubeyko <slava(a)dubeyko.com> Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> --- Note: This is the patch that Viacheslav asked for, but given how MacOS X behaves, I'm increasingly thinking this is a bad idea. --- fs/hfs/hfs_fs.h | 2 +- fs/hfsplus/hfsplus_fs.h | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/fs/hfs/hfs_fs.h b/fs/hfs/hfs_fs.h index 6d0783e2e276..39c1f3a43ed8 100644 --- a/fs/hfs/hfs_fs.h +++ b/fs/hfs/hfs_fs.h @@ -247,7 +247,7 @@ extern void hfs_mark_mdb_dirty(struct super_block *sb); * */ #define __hfs_u_to_mtime(sec) cpu_to_be32(sec + 2082844800U - sys_tz.tz_minuteswest * 60) -#define __hfs_m_to_utime(sec) (be32_to_cpu(sec) - 2082844800U + sys_tz.tz_minuteswest * 60) +#define __hfs_m_to_utime(sec) ((time64_t)be32_to_cpu(sec) - 2082844800U + sys_tz.tz_minuteswest * 60) #define HFS_I(inode) (container_of(inode, struct hfs_inode_info, vfs_inode)) #define HFS_SB(sb) ((struct hfs_sb_info *)(sb)->s_fs_info) diff --git a/fs/hfsplus/hfsplus_fs.h b/fs/hfsplus/hfsplus_fs.h index d9255abafb81..57838ef4dcdc 100644 --- a/fs/hfsplus/hfsplus_fs.h +++ b/fs/hfsplus/hfsplus_fs.h @@ -530,8 +530,9 @@ int hfsplus_submit_bio(struct super_block *sb, sector_t sector, void *buf, void **data, int op, int op_flags); int hfsplus_read_wrapper(struct super_block *sb); -/* time macros */ -#define __hfsp_mt2ut(t) (be32_to_cpu(t) - 2082844800U) +/* time macros: convert between 1904-2040 and 1970-2106 range, + * pre-1970 timestamps are interpreted as post-2038 times after wrap-around */ +#define __hfsp_mt2ut(t) ((time64_t)be32_to_cpu(t) - 2082844800U) #define __hfsp_ut2mt(t) (cpu_to_be32(t + 2082844800U)) /* compatibility */ -- 2.9.0

7 years, 2 months

2
2
0 0

[v4.14-stable 0/5] Fix DM DAX handling

by Ross Zwisler

This is a v4.14-stable backport of my "Fix DM DAX handling" series which had backport collisions. This series also includes a few patches that were backport dependencies. Changes from the v4.17-stable version: * DAX on raw mode namespace is allowed in this baseline, so we allow it for DM devices as well. This meant dropping the patch "pmem: only set QUEUE_FLAG_DAX for fsdax mode". * Pulled in one additional patch from Mike as a backport dependency. Darrick J. Wong (1): fs: allow per-device dax status checking for filesystems Dave Jiang (1): dax: change bdev_dax_supported() to support boolean returns Mike Snitzer (1): dm: set QUEUE_FLAG_DAX accordingly in dm_table_set_restrictions() Ross Zwisler (2): dax: check for QUEUE_FLAG_DAX in bdev_dax_supported() dm: prevent DAX mounts if not supported drivers/dax/super.c | 42 +++++++++++++++++++++++++----------------- drivers/md/dm-table.c | 9 ++++++--- drivers/md/dm.c | 6 +----- fs/ext2/super.c | 3 +-- fs/ext4/super.c | 3 +-- fs/xfs/xfs_ioctl.c | 3 ++- fs/xfs/xfs_iops.c | 30 +++++++++++++++++++++++++----- fs/xfs/xfs_super.c | 10 ++++++++-- include/linux/dax.h | 11 ++++++----- 9 files changed, 75 insertions(+), 42 deletions(-) -- 2.14.4

7 years, 2 months

2
6
0 0

[v4.17-stable v2 0/5] Fix DM DAX handling

by Ross Zwisler

This is a v4.17-stable backport of my "Fix DM DAX handling" series which had backport collisions. Greg, please let me know if I need to adjust anything in my backport formatting. --- Changes since v1: * Fixed formatting of my "commit X upstream." lines to include the full hash to match other existing backports in stable. * Fixed a few of the commit IDs which were from a dev branch and not the actual upstream commit ID. * Pulled in updated tags and changlog wording differences from upstream commits vs commits in my dev branch. Darrick J. Wong (1): fs: allow per-device dax status checking for filesystems Dave Jiang (1): dax: change bdev_dax_supported() to support boolean returns Ross Zwisler (3): pmem: only set QUEUE_FLAG_DAX for fsdax mode dax: check for QUEUE_FLAG_DAX in bdev_dax_supported() dm: prevent DAX mounts if not supported drivers/dax/super.c | 48 ++++++++++++++++++++++++++++-------------------- drivers/md/dm-table.c | 7 ++++--- drivers/md/dm.c | 3 +-- drivers/nvdimm/pmem.c | 3 ++- fs/ext2/super.c | 3 +-- fs/ext4/super.c | 3 +-- fs/xfs/xfs_ioctl.c | 3 ++- fs/xfs/xfs_iops.c | 30 +++++++++++++++++++++++++----- fs/xfs/xfs_super.c | 10 ++++++++-- include/linux/dax.h | 11 ++++++----- 10 files changed, 78 insertions(+), 43 deletions(-) -- 2.14.4

7 years, 2 months

2
7
0 0

[PATCH] Kbuild: fix # escaping in .cmd files for future Make

by Paul Menzel

From: Rasmus Villemoes <linux(a)rasmusvillemoes.dk> Date: Sun, 8 Apr 2018 23:35:28 +0200 commit 9564a8cf422d7b58f6e857e3546d346fa970191e upstream. I tried building using a freshly built Make (4.2.1-69-g8a731d1), but already the objtool build broke with orc_dump.c: In function ‘orc_dump’: orc_dump.c:106:2: error: ‘elf_getshnum’ is deprecated [-Werror=deprecated-declarations] if (elf_getshdrnum(elf, &nr_sections)) { Turns out that with that new Make, the backslash was not removed, so cpp didn't see a #include directive, grep found nothing, and -DLIBELF_USE_DEPRECATED was wrongly put in CFLAGS. Now, that new Make behaviour is documented in their NEWS file: * WARNING: Backward-incompatibility! Number signs (#) appearing inside a macro reference or function invocation no longer introduce comments and should not be escaped with backslashes: thus a call such as: foo := $(shell echo '#') is legal. Previously the number sign needed to be escaped, for example: foo := $(shell echo '\#') Now this latter will resolve to "\#". If you want to write makefiles portable to both versions, assign the number sign to a variable: C := \# foo := $(shell echo '$C') This was claimed to be fixed in 3.81, but wasn't, for some reason. To detect this change search for 'nocomment' in the .FEATURES variable. This also fixes up the two make-cmd instances to replace # with $(pound) rather than with \#. There might very well be other places that need similar fixup in preparation for whatever future Make release contains the above change, but at least this builds an x86_64 defconfig with the new make. Link: https://bugzilla.kernel.org/show_bug.cgi?id=197847 Cc: Randy Dunlap <rdunlap(a)infradead.org> Signed-off-by: Rasmus Villemoes <linux(a)rasmusvillemoes.dk> Signed-off-by: Masahiro Yamada <yamada.masahiro(a)socionext.com> Signed-off-by: Paul Menzel <pmenzel(a)molgen.mpg.de> --- Fix one conflict in `scripts/Kbuild.include`. scripts/Kbuild.include | 5 +++-- tools/build/Build.include | 5 +++-- tools/objtool/Makefile | 2 +- tools/scripts/Makefile.include | 2 ++ 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/scripts/Kbuild.include b/scripts/Kbuild.include index 97769465de13..fcbbecf92395 100644 --- a/scripts/Kbuild.include +++ b/scripts/Kbuild.include @@ -8,6 +8,7 @@ squote := ' empty := space := $(empty) $(empty) space_escape := _-_SPACE_-_ +pound := \# ### # Name of target with a '.' as filename prefix. foo/bar.o => foo/.bar.o @@ -251,11 +252,11 @@ endif # Replace >$< with >$$< to preserve $ when reloading the .cmd file # (needed for make) -# Replace >#< with >\#< to avoid starting a comment in the .cmd file +# Replace >#< with >$(pound)< to avoid starting a comment in the .cmd file # (needed for make) # Replace >'< with >'\''< to be able to enclose the whole string in '...' # (needed for the shell) -make-cmd = $(call escsq,$(subst \#,\\\#,$(subst $$,$$$$,$(cmd_$(1))))) +make-cmd = $(call escsq,$(subst $(pound),$$(pound),$(subst $$,$$$$,$(cmd_$(1))))) # Find any prerequisites that is newer than target or that does not exist. # PHONY targets skipped in both cases. diff --git a/tools/build/Build.include b/tools/build/Build.include index 418871d02ebf..a4bbb984941d 100644 --- a/tools/build/Build.include +++ b/tools/build/Build.include @@ -12,6 +12,7 @@ # Convenient variables comma := , squote := ' +pound := \# ### # Name of target with a '.' as filename prefix. foo/bar.o => foo/.bar.o @@ -43,11 +44,11 @@ echo-cmd = $(if $($(quiet)cmd_$(1)),\ ### # Replace >$< with >$$< to preserve $ when reloading the .cmd file # (needed for make) -# Replace >#< with >\#< to avoid starting a comment in the .cmd file +# Replace >#< with >$(pound)< to avoid starting a comment in the .cmd file # (needed for make) # Replace >'< with >'\''< to be able to enclose the whole string in '...' # (needed for the shell) -make-cmd = $(call escsq,$(subst \#,\\\#,$(subst $$,$$$$,$(cmd_$(1))))) +make-cmd = $(call escsq,$(subst $(pound),$$(pound),$(subst $$,$$$$,$(cmd_$(1))))) ### # Find any prerequisites that is newer than target or that does not exist. diff --git a/tools/objtool/Makefile b/tools/objtool/Makefile index e6acc281dd37..8ae824dbfca3 100644 --- a/tools/objtool/Makefile +++ b/tools/objtool/Makefile @@ -35,7 +35,7 @@ CFLAGS += -Wall -Werror $(WARNINGS) -fomit-frame-pointer -O2 -g $(INCLUDES) LDFLAGS += -lelf $(LIBSUBCMD) # Allow old libelf to be used: -elfshdr := $(shell echo '\#include <libelf.h>' | $(CC) $(CFLAGS) -x c -E - | grep elf_getshdr) +elfshdr := $(shell echo '$(pound)include <libelf.h>' | $(CC) $(CFLAGS) -x c -E - | grep elf_getshdr) CFLAGS += $(if $(elfshdr),,-DLIBELF_USE_DEPRECATED) AWK = awk diff --git a/tools/scripts/Makefile.include b/tools/scripts/Makefile.include index 654efd9768fd..5f3f1f44ed0a 100644 --- a/tools/scripts/Makefile.include +++ b/tools/scripts/Makefile.include @@ -101,3 +101,5 @@ ifneq ($(silent),1) QUIET_INSTALL = @printf ' INSTALL %s\n' $1; endif endif + +pound := \# -- 2.17.1

7 years, 2 months

2
5
0 0

[PATCH 4.4, 4.9] dm bufio: don't take the lock in dm_bufio_shrink_count

by Mikulas Patocka

This is backport of the upstream patch d12067f428c037b4575aaeb2be00847fc214c24a. It should be backported to stable kernels because this performance problem was seen on the android 4.4 kernel. commit d12067f428c037b4575aaeb2be00847fc214c24a Author: Mikulas Patocka <mpatocka(a)redhat.com> Date: Wed Nov 23 16:52:01 2016 -0500 dm bufio: don't take the lock in dm_bufio_shrink_count dm_bufio_shrink_count() is called from do_shrink_slab to find out how many freeable objects are there. The reported value doesn't have to be precise, so we don't need to take the dm-bufio lock. Suggested-by: David Rientjes <rientjes(a)google.com> Signed-off-by: Mikulas Patocka <mpatocka(a)redhat.com> Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> --- drivers/md/dm-bufio.c | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) Index: linux-stable/drivers/md/dm-bufio.c =================================================================== --- linux-stable.orig/drivers/md/dm-bufio.c 2018-07-04 15:25:41.000000000 +0200 +++ linux-stable/drivers/md/dm-bufio.c 2018-07-04 15:33:59.000000000 +0200 @@ -1574,19 +1574,11 @@ dm_bufio_shrink_scan(struct shrinker *sh static unsigned long dm_bufio_shrink_count(struct shrinker *shrink, struct shrink_control *sc) { - struct dm_bufio_client *c; - unsigned long count; - unsigned long retain_target; + struct dm_bufio_client *c = container_of(shrink, struct dm_bufio_client, shrinker); + unsigned long count = READ_ONCE(c->n_buffers[LIST_CLEAN]) + + READ_ONCE(c->n_buffers[LIST_DIRTY]); + unsigned long retain_target = get_retain_buffers(c); - c = container_of(shrink, struct dm_bufio_client, shrinker); - if (sc->gfp_mask & __GFP_FS) - dm_bufio_lock(c); - else if (!dm_bufio_trylock(c)) - return 0; - - count = c->n_buffers[LIST_CLEAN] + c->n_buffers[LIST_DIRTY]; - retain_target = get_retain_buffers(c); - dm_bufio_unlock(c); return (count < retain_target) ? 0 : (count - retain_target); }

7 years, 2 months

2
1
0 0

FAILED: patch "[PATCH] mtd: rawnand: mxc: set spare area size register explicitly" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 3f77f244d8ec28e3a0a81240ffac7d626390060c Mon Sep 17 00:00:00 2001 From: Martin Kaiser <martin(a)kaiser.cx> Date: Mon, 18 Jun 2018 22:41:03 +0200 Subject: [PATCH] mtd: rawnand: mxc: set spare area size register explicitly The v21 version of the NAND flash controller contains a Spare Area Size Register (SPAS) at offset 0x10. Its setting defaults to the maximum spare area size of 218 bytes. The size that is set in this register is used by the controller when it calculates the ECC bytes internally in hardware. Usually, this register is updated from settings in the IIM fuses when the system is booting from NAND flash. For other boot media, however, the SPAS register remains at the default setting, which may not work for the particular flash chip on the board. The same goes for flash chips whose configuration cannot be set in the IIM fuses (e.g. chips with 2k sector size and 128 bytes spare area size can't be configured in the IIM fuses on imx25 systems). Set the SPAS register explicitly during the preset operation. Derive the register value from mtd->oobsize that was detected during probe by decoding the flash chip's ID bytes. While at it, rename the define for the spare area register's offset to NFC_V21_RSLTSPARE_AREA. The register at offset 0x10 on v1 controllers is different from the register on v21 controllers. Fixes: d484018 ("mtd: mxc_nand: set NFC registers after reset") Cc: stable(a)vger.kernel.org Signed-off-by: Martin Kaiser <martin(a)kaiser.cx> Reviewed-by: Sascha Hauer <s.hauer(a)pengutronix.de> Reviewed-by: Miquel Raynal <miquel.raynal(a)bootlin.com> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> diff --git a/drivers/mtd/nand/raw/mxc_nand.c b/drivers/mtd/nand/raw/mxc_nand.c index 45786e707b7b..26cef218bb43 100644 --- a/drivers/mtd/nand/raw/mxc_nand.c +++ b/drivers/mtd/nand/raw/mxc_nand.c @@ -48,7 +48,7 @@ #define NFC_V1_V2_CONFIG (host->regs + 0x0a) #define NFC_V1_V2_ECC_STATUS_RESULT (host->regs + 0x0c) #define NFC_V1_V2_RSLTMAIN_AREA (host->regs + 0x0e) -#define NFC_V1_V2_RSLTSPARE_AREA (host->regs + 0x10) +#define NFC_V21_RSLTSPARE_AREA (host->regs + 0x10) #define NFC_V1_V2_WRPROT (host->regs + 0x12) #define NFC_V1_UNLOCKSTART_BLKADDR (host->regs + 0x14) #define NFC_V1_UNLOCKEND_BLKADDR (host->regs + 0x16) @@ -1274,6 +1274,9 @@ static void preset_v2(struct mtd_info *mtd) writew(config1, NFC_V1_V2_CONFIG1); /* preset operation */ + /* spare area size in 16-bit half-words */ + writew(mtd->oobsize / 2, NFC_V21_RSLTSPARE_AREA); + /* Unlock the internal RAM Buffer */ writew(0x2, NFC_V1_V2_CONFIG);

7 years, 2 months

3
2
0 0

FAILED: patch "[PATCH] i2c: smbus: kill memory leak on emulated and failed DMA SMBus" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 9aa613674f89d01248ae2e4afe691b515ff8fbb6 Mon Sep 17 00:00:00 2001 From: Peter Rosin <peda(a)axentia.se> Date: Wed, 20 Jun 2018 11:43:23 +0200 Subject: [PATCH] i2c: smbus: kill memory leak on emulated and failed DMA SMBus xfers If DMA safe memory was allocated, but the subsequent I2C transfer fails the memory is leaked. Plug this leak. Fixes: 8a77821e74d6 ("i2c: smbus: use DMA safe buffers for emulated SMBus transactions") Signed-off-by: Peter Rosin <peda(a)axentia.se> Signed-off-by: Wolfram Sang <wsa(a)the-dreams.de> Cc: stable(a)kernel.org diff --git a/drivers/i2c/i2c-core-smbus.c b/drivers/i2c/i2c-core-smbus.c index f3f683041e7f..51970bae3c4a 100644 --- a/drivers/i2c/i2c-core-smbus.c +++ b/drivers/i2c/i2c-core-smbus.c @@ -465,15 +465,18 @@ static s32 i2c_smbus_xfer_emulated(struct i2c_adapter *adapter, u16 addr, status = i2c_transfer(adapter, msg, num); if (status < 0) - return status; - if (status != num) - return -EIO; + goto cleanup; + if (status != num) { + status = -EIO; + goto cleanup; + } + status = 0; /* Check PEC if last message is a read */ if (i && (msg[num-1].flags & I2C_M_RD)) { status = i2c_smbus_check_pec(partial_pec, &msg[num-1]); if (status < 0) - return status; + goto cleanup; } if (read_write == I2C_SMBUS_READ) @@ -499,12 +502,13 @@ static s32 i2c_smbus_xfer_emulated(struct i2c_adapter *adapter, u16 addr, break; } +cleanup: if (msg[0].flags & I2C_M_DMA_SAFE) kfree(msg[0].buf); if (msg[1].flags & I2C_M_DMA_SAFE) kfree(msg[1].buf); - return 0; + return status; } /**

7 years, 2 months

3
2
0 0

FAILED: patch "[PATCH] mm, page_alloc: do not break __GFP_THISNODE by zonelist reset" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 7810e6781e0fcbca78b91cf65053f895bf59e85f Mon Sep 17 00:00:00 2001 From: Vlastimil Babka <vbabka(a)suse.cz> Date: Thu, 7 Jun 2018 17:09:29 -0700 Subject: [PATCH] mm, page_alloc: do not break __GFP_THISNODE by zonelist reset In __alloc_pages_slowpath() we reset zonelist and preferred_zoneref for allocations that can ignore memory policies. The zonelist is obtained from current CPU's node. This is a problem for __GFP_THISNODE allocations that want to allocate on a different node, e.g. because the allocating thread has been migrated to a different CPU. This has been observed to break SLAB in our 4.4-based kernel, because there it relies on __GFP_THISNODE working as intended. If a slab page is put on wrong node's list, then further list manipulations may corrupt the list because page_to_nid() is used to determine which node's list_lock should be locked and thus we may take a wrong lock and race. Current SLAB implementation seems to be immune by luck thanks to commit 511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on arbitrary node") but there may be others assuming that __GFP_THISNODE works as promised. We can fix it by simply removing the zonelist reset completely. There is actually no reason to reset it, because memory policies and cpusets don't affect the zonelist choice in the first place. This was different when commit 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") introduced the code, as mempolicies provided their own restricted zonelists. We might consider this for 4.17 although I don't know if there's anything currently broken. SLAB is currently not affected, but in kernels older than 4.7 that don't yet have 511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on arbitrary node") it is. That's at least 4.4 LTS. Older ones I'll have to check. So stable backports should be more important, but will have to be reviewed carefully, as the code went through many changes. BTW I think that also the ac->preferred_zoneref reset is currently useless if we don't also reset ac->nodemask from a mempolicy to NULL first (which we probably should for the OOM victims etc?), but I would leave that for a separate patch. Link: http://lkml.kernel.org/r/20180525130853.13915-1-vbabka@suse.cz Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Fixes: 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") Acked-by: Mel Gorman <mgorman(a)techsingularity.net> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: David Rientjes <rientjes(a)google.com> Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/mm/page_alloc.c b/mm/page_alloc.c index ef1811531999..07b3c23762ad 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -4169,7 +4169,6 @@ __alloc_pages_slowpath(gfp_t gfp_mask, unsigned int order, * orientated. */ if (!(alloc_flags & ALLOC_CPUSET) || reserve_flags) { - ac->zonelist = node_zonelist(numa_node_id(), gfp_mask); ac->preferred_zoneref = first_zones_zonelist(ac->zonelist, ac->high_zoneidx, ac->nodemask); }

7 years, 2 months

3
2
0 0

[PATCH 4.4 000/268] 4.4.134-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.134 release. There are 268 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed May 30 10:00:40 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.134-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.134-rc1 Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390/ftrace: use expoline for indirect branches Randy Dunlap <rdunlap(a)infradead.org> kdb: make "mdr" command repeat Larry Finger <Larry.Finger(a)lwfinger.net> Bluetooth: btusb: Add device ID for RTL8822BE Sylwester Nawrocki <s.nawrocki(a)samsung.com> ASoC: samsung: i2s: Ensure the RCLK rate is properly determined Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> regulator: of: Add a missing 'of_node_put()' in an error handling path of 'of_regulator_match()' James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix frequency of Release WQE CQEs James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix issue_lip if link is disabled Richard Haines <richard_c_haines(a)btinternet.com> netlabel: If PF_INET6, check sk_buff ip header version Prashant Bhole <bhole_prashant_q7(a)lab.ntt.co.jp> selftests/net: fixes psock_fanout eBPF test case Jiri Olsa <jolsa(a)redhat.com> perf report: Fix memory corruption in --branch-history mode --branch-history Jiri Olsa <jolsa(a)kernel.org> perf tests: Use arch__compare_symbol_names to compare symbols Baoquan He <bhe(a)redhat.com> x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified Ørjan Eide <orjan.eide(a)arm.com> drm/rockchip: Respect page offset for PRIME mmap calls Joe Perches <joe(a)perches.com> MIPS: Octeon: Fix logging messages with spurious periods after newlines Richard Guy Briggs <rgb(a)redhat.com> audit: return on memory error to avoid null pointer dereference Peter Robinson <pbrobinson(a)gmail.com> crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss Andrzej Hajda <a.hajda(a)samsung.com> clk: samsung: exynos3250: Fix PLL rates Andrzej Hajda <a.hajda(a)samsung.com> clk: samsung: exynos5250: Fix PLL rates Andrzej Hajda <a.hajda(a)samsung.com> clk: samsung: exynos5433: Fix PLL rates Andrzej Hajda <a.hajda(a)samsung.com> clk: samsung: exynos5260: Fix PLL rates Andrzej Hajda <a.hajda(a)samsung.com> clk: samsung: s3c2410: Fix PLL rates Colin Ian King <colin.king(a)canonical.com> media: cx25821: prevent out-of-bounds read on array card Jan Kara <jack(a)suse.cz> udf: Provide saner default for invalid uid / gid Thomas Vincent-Cross <me(a)tvc.id.au> PCI: Add function 1 DMA alias quirk for Marvell 88SE9220 Geert Uytterhoeven <geert+renesas(a)glider.be> serial: arc_uart: Fix out-of-bounds access through DT alias Geert Uytterhoeven <geert+renesas(a)glider.be> serial: fsl_lpuart: Fix out-of-bounds access through DT alias Geert Uytterhoeven <geert+renesas(a)glider.be> serial: imx: Fix out-of-bounds access through serial port index Geert Uytterhoeven <geert+renesas(a)glider.be> serial: mxs-auart: Fix out-of-bounds access through serial port index Geert Uytterhoeven <geert+renesas(a)glider.be> serial: samsung: Fix out-of-bounds access through serial port index Geert Uytterhoeven <geert+renesas(a)glider.be> serial: xuartps: Fix out-of-bounds access through DT alias Colin Ian King <colin.king(a)canonical.com> rtc: tx4939: avoid unintended sign extension on a 24 bit shift Colin Ian King <colin.king(a)canonical.com> staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr lionel.debieve(a)st.com <lionel.debieve(a)st.com> hwrng: stm32 - add reset during probe Govindarajulu Varadarajan <gvaradar(a)cisco.com> enic: enable rq before updating rq descriptors Shawn Lin <shawn.lin(a)rock-chips.com> clk: rockchip: Prevent calculating mmc phase if clock rate is zero Brad Love <brad(a)nextdimension.cc> media: em28xx: USB bulk packet size fix Qi Hou <qi.hou(a)windriver.com> dmaengine: pl330: fix a race condition in case of threaded irqs Arnd Bergmann <arnd(a)arndb.de> media: s3c-camif: fix out-of-bounds array access Brad Love <brad(a)nextdimension.cc> media: cx23885: Set subdev host data to clk_freq pointer Brad Love <brad(a)nextdimension.cc> media: cx23885: Override 888 ImpactVCBe crystal frequency Takashi Iwai <tiwai(a)suse.de> ALSA: vmaster: Propagate slave error Ivan Gorinov <ivan.gorinov(a)intel.com> x86/devicetree: Fix device IRQ settings in DT Ivan Gorinov <ivan.gorinov(a)intel.com> x86/devicetree: Initialize device tree before using it Chris Dickens <christopher.a.dickens(a)gmail.com> usb: gadget: composite: fix incorrect handling of OS desc requests Wolfram Sang <wsa+renesas(a)sang-engineering.com> usb: gadget: udc: change comparison to bitshift when dealing with a mask Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Fix fallocate chunk size Maurizio Lombardi <mlombard(a)redhat.com> cdrom: do not call check_disk_change() inside cdrom_open() Guenter Roeck <linux(a)roeck-us.net> hwmon: (pmbus/adm1275) Accept negative page register values Guenter Roeck <linux(a)roeck-us.net> hwmon: (pmbus/max8688) Accept negative page register values Peter Zijlstra <peterz(a)infradead.org> perf/core: Fix perf_output_read_group() Ranjani Sridharan <ranjani.sridharan(a)linux.intel.com> ASoC: topology: create TLV data for dapm widgets Mathieu Malaterre <malat(a)debian.org> powerpc: Add missing prototype for arch_irq_work_raise() Lars-Peter Clausen <lars(a)metafoo.de> usb: gadget: ffs: Execute copy_to_user() with USER_DS set Lars-Peter Clausen <lars(a)metafoo.de> usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS Grigor Tovmasyan <Grigor.Tovmasyan(a)synopsys.com> usb: dwc2: Fix interval type issue Kamlakant Patel <kamlakant.patel(a)cavium.com> ipmi_ssif: Fix kernel panic at msg_done_handler Rafael J. Wysocki <rjw(a)rjwysocki.net> PCI: Restore config space on runtime resume despite being unbound Mathias Kresin <dev(a)kresin.me> MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: zero usb device slot_id member when disabling and freeing a xhci slot Vitaly Kuznetsov <vkuznets(a)redhat.com> KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use Gregory CLEMENT <gregory.clement(a)bootlin.com> i2c: mv64xxx: Apply errata delay only in standard mode Seunghun Han <kkamagui(a)gmail.com> ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c Erik Schmauss <erik.schmauss(a)intel.com> ACPICA: Events: add a return on failure from acpi_hw_register_read Coly Li <colyli(a)suse.de> bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set Michael Schmitz <schmitzmic(a)gmail.com> zorro: Set up z->dev.dma_mask for the DMA API Shawn Lin <shawn.lin(a)rock-chips.com> clk: Don't show the incorrect clock phase Chunyu Hu <chuhu(a)redhat.com> cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields Philipp Puschmann <pp(a)emlix.com> arm: dts: socfpga: fix GIC PPI warning Jay Vosburgh <jay.vosburgh(a)canonical.com> virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS Petr Vorel <pvorel(a)suse.cz> ima: Fallback to the builtin hash algorithm Jiandi An <anjiandi(a)codeaurora.org> ima: Fix Kconfig to select TPM 2.0 CRB interface Karthikeyan Periyasamy <periyasa(a)codeaurora.org> ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) Leon Romanovsky <leonro(a)mellanox.com> net/mlx5: Protect from command bit overflow Michael Ellerman <mpe(a)ellerman.id.au> selftests: Print the test we're running to /dev/kmsg Frank Asseg <frank.asseg(a)objecthunter.net> tools/thermal: tmon: fix for segfault Michael Ellerman <mpe(a)ellerman.id.au> powerpc/perf: Fix kernel address leak via sampling registers Madhavan Srinivasan <maddy(a)linux.vnet.ibm.com> powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: hctosys: Ensure system time doesn't overflow time_t Guenter Roeck <linux(a)roeck-us.net> hwmon: (nct6775) Fix writing pwmX_mode Helge Deller <deller(a)gmx.de> parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode Greg Ungerer <gerg(a)linux-m68k.org> m68k: set dma and coherent masks for platform FEC ethernets Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mpic: Check if cpu_possible() in mpic_physmask() Lenny Szubowicz <lszubowi(a)redhat.com> ACPI: acpi_pad: Fix memory leak in power saving threads Dan Carpenter <dan.carpenter(a)oracle.com> xen/acpi: off by one in read_acpi_id() Jeff Mahoney <jeffm(a)suse.com> btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers Filipe Manana <fdmanana(a)suse.com> Btrfs: fix copy_items() return value when logging an inode Qu Wenruo <wqu(a)suse.com> btrfs: tests/qgroup: Fix wrong tree backref level Vicente Bergas <vicencb(a)gmail.com> Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB Florian Fainelli <f.fainelli(a)gmail.com> net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() Bryan O'Donoghue <pure.logic(a)nexus-software.ie> rtc: snvs: Fix usage of snvs_rtc_enable David S. Miller <davem(a)davemloft.net> sparc64: Make atomic_xchg() an inline function rather than a macro. David Howells <dhowells(a)redhat.com> fscache: Fix hanging wait on page discarded by writeback Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: VMX: raise internal error for exception during invalid protected mode state Davidlohr Bueso <dave(a)stgolabs.net> sched/rt: Fix rq->clock_update_flags < RQCF_ACT_SKIP warning Jun Piao <piaojun(a)huawei.com> ocfs2/dlm: don't handle migrate lockres if already in shutdown Nikolay Borisov <nborisov(a)suse.com> btrfs: Fix possible softlock on single core machines Liu Bo <bo.liu(a)linux.alibaba.com> Btrfs: fix NULL pointer dereference in log_dir_items Liu Bo <bo.liu(a)linux.alibaba.com> Btrfs: bail out on error during replay_dir_deletes Huang Ying <ying.huang(a)intel.com> mm: fix races between address_space dereference and free in page_evicatable Claudio Imbrenda <imbrenda(a)linux.vnet.ibm.com> mm/ksm: fix interaction with THP Esben Haabendal <eha(a)deif.com> dp83640: Ensure against premature access to PHY registers after reset Dave Carroll <david.carroll(a)microsemi.com> scsi: aacraid: Insure command thread is not recursively stopped Shunyong Yang <shunyong.yang(a)hxt-semitech.com> cpufreq: CPPC: Initialize shared perf capabilities of CPUs Carlos Maiolino <cmaiolino(a)redhat.com> Force log to disk before reading the AGF during a fstrim Jens Axboe <axboe(a)kernel.dk> sr: get/drop reference to device in revalidate and check_events Tom Abraham <tabraham(a)suse.com> swap: divide-by-zero when zero length swap file on ssd Danilo Krummrich <danilokrummrich(a)dk-develop.de> fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table Joerg Roedel <joro(a)8bytes.org> x86/pgtable: Don't set huge PUD/PMD on non-leaf entries Rich Felker <dalias(a)libc.org> sh: fix debug trap failure to process signals before return to user Yelena Krivosheev <yelena(a)marvell.com> net: mvneta: fix enable of all initialized RXQs Toshiaki Makita <makita.toshiaki(a)lab.ntt.co.jp> net: Fix untag for vlan packets without ethernet header Vinayak Menon <vinmenon(a)codeaurora.org> mm/kmemleak.c: wait for scan completion before disabling free Cong Wang <xiyou.wangcong(a)gmail.com> llc: properly handle dev_queue_xmit() return value Giuseppe Lippolis <giu.lippolis(a)gmail.com> net-usb: add qmi_wwan if on lte modem wistron neweb d18q1 Torsten Hilbrich <torsten.hilbrich(a)secunet.com> net/usb/qmi_wwan.c: Add USB id for lt4120 modem Pawel Dembicki <paweldembicki(a)gmail.com> net: qmi_wwan: add BroadMobi BM806U 2020:2033 Jinbum Park <jinb.park7(a)gmail.com> ARM: 8748/1: mm: Define vdso_start, vdso_end as array Linus Lüssing <linus.luessing(a)c0d3.blue> batman-adv: fix packet loss for broadcasted DHCP packets to a server Linus Lüssing <linus.luessing(a)c0d3.blue> batman-adv: fix multicast-via-unicast transmission with AP isolation Masami Hiramatsu <mhiramat(a)kernel.org> selftests: ftrace: Add a testcase for probepoint Masami Hiramatsu <mhiramat(a)kernel.org> selftests: ftrace: Add a testcase for string type with kprobe_event Masami Hiramatsu <mhiramat(a)kernel.org> selftests: ftrace: Add probe event argument syntax testcase Yisheng Xie <xieyisheng1(a)huawei.com> mm/mempolicy.c: avoid use uninitialized preferred_node Chien Tin Tung <chien.tin.tung(a)intel.com> RDMA/ucma: Correct option size check using optlen Song Liu <songliubraving(a)fb.com> perf/cgroup: Fix child event counting bug Stefano Brivio <sbrivio(a)redhat.com> vti4: Don't override MTU passed on link creation via IFLA_MTU Stefano Brivio <sbrivio(a)redhat.com> vti4: Don't count header length twice on tunnel setup Matthias Schiffer <mschiffer(a)universe-factory.net> batman-adv: fix header size check in batadv_dbg_arp() Toshiaki Makita <makita.toshiaki(a)lab.ntt.co.jp> net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off Rob Herring <robh(a)kernel.org> microblaze: switch to NO_BOOTMEM Cathy Zhou <Cathy.Zhou(a)Oracle.COM> sunvnet: does not support GSO for sctp Sabrina Dubroca <sd(a)queasysnail.net> ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu Arvind Yadav <arvind.yadav.cs(a)gmail.com> workqueue: use put_device() instead of kfree() Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa(). Florian Westphal <fw(a)strlen.de> netfilter: ebtables: fix erroneous reject of last rule Fredrik Noring <noring(a)nocrew.org> USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM Arvind Yadav <arvind.yadav.cs(a)gmail.com> xen: xenbus: use put_device() instead of kfree() Peter Malone <peter.malone(a)gmail.com> fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper(). Jeremy Cline <jeremy(a)jcline.org> scsi: sd: Keep disk read-only when re-reading partition Hannes Reinecke <hare(a)suse.de> scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM Merlijn Wajer <merlijn(a)wizzup.org> usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers Pierre-Yves Kerbrat <pkerbrat(a)kalray.eu> e1000e: allocate ring descriptors with dma_zalloc_coherent Benjamin Poirier <bpoirier(a)suse.com> e1000e: Fix check_for_link return value with autoneg off Igor Pylypiv <igor.pylypiv(a)gmail.com> watchdog: f71808e_wdt: Fix magic close handling Paul Mackerras <paulus(a)ozlabs.org> KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing Michael Ellerman <mpe(a)ellerman.id.au> selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable Filipe Manana <fdmanana(a)suse.com> Btrfs: send, fix issuing write op when processing hole in no data mode Roger Pau Monne <roger.pau(a)citrix.com> xen/pirq: fix error path cleanup when binding MSIs Joey Pabalinas <joeypabalinas(a)gmail.com> net/tcp/illinois: replace broken algorithm reference link Claudiu Manoil <claudiu.manoil(a)nxp.com> gianfar: Fix Rx byte accounting for ndev stats Xin Long <lucien.xin(a)gmail.com> sit: fix IFLA_MTU ignored on NEWLINK Tang Junhui <tang.junhui(a)zte.com.cn> bcache: fix kcrashes with fio in RAID5 backend dev Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3 Dave Airlie <airlied(a)redhat.com> virtio-gpu: fix ioctl and expose the fixed status to userspace. Eric Dumazet <edumazet(a)google.com> r8152: fix tx packets accounting Colin Ian King <colin.king(a)canonical.com> clocksource/drivers/fsl_ftm_timer: Fix error return checking Jianchao Wang <jianchao.w.wang(a)oracle.com> nvme-pci: Fix nvme queue cleanup if IRQ setup fails Florian Westphal <fw(a)strlen.de> netfilter: ebtables: convert BUG_ONs to WARN_ONs Matthias Schiffer <mschiffer(a)universe-factory.net> batman-adv: invalidate checksum on fragment reassembly Matthias Schiffer <mschiffer(a)universe-factory.net> batman-adv: fix packet checksum in receive path Yufen Yu <yuyufen(a)huawei.com> md/raid1: fix NULL pointer dereference Mauro Carvalho Chehab <mchehab(a)s-opensource.com> media: dmxdev: fix error code for invalid ioctls Samuel Neves <sneves(a)dei.uc.pt> x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations Andrea Parri <parri.andrea(a)gmail.com> locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs Johannes Berg <johannes.berg(a)intel.com> regulatory: add NUL to request alpha2 Eric Dumazet <edumazet(a)google.com> smsc75xx: fix smsc75xx_set_features() Tony Lindgren <tony(a)atomide.com> ARM: OMAP: Fix dmtimer init for omap1 Sebastian Ott <sebott(a)linux.vnet.ibm.com> s390/cio: clear timer when terminating driver I/O Sebastian Ott <sebott(a)linux.vnet.ibm.com> s390/cio: fix return code after missing interrupt Mark Lord <mlord(a)pobox.com> powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access David Rientjes <rientjes(a)google.com> kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE Arnd Bergmann <arnd(a)arndb.de> md: raid5: avoid string overflow warning Andrea Parri <parri.andrea(a)gmail.com> locking/xchg/alpha: Add unconditional memory barrier to cmpxchg() Andreas Kemnade <andreas(a)kemnade.info> usb: musb: fix enumeration after resume Markus Elfring <elfring(a)users.sourceforge.net> drm/exynos: g2d: Delete an error message for a failed memory allocation in two functions Wolfram Sang <wsa+renesas(a)sang-engineering.com> drm/exynos: fix comparison to bitshift when dealing with a mask Yufen Yu <yuyufen(a)huawei.com> md raid10: fix NULL deference in handle_write_completed() Felix Fietkau <nbd(a)nbd.name> mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 Kees Cook <keescook(a)chromium.org> NFC: llcp: Limit size of SDP URI Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: OMAP1: clock: Fix debugfs_create_*() usage Tony Lindgren <tony(a)atomide.com> ARM: OMAP3: Fix prm wake interrupt for resume Qi Hou <qi.hou(a)windriver.com> ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt Manish Rangankar <manish.rangankar(a)cavium.com> scsi: qla4xxx: skip error recovery in case of register disconnect. Meelis Roos <mroos(a)linux.ee> scsi: aacraid: fix shutdown crash when init fails Michael Kelley (EOSG) <Michael.H.Kelley(a)microsoft.com> scsi: storvsc: Increase cmd_per_lun for higher speed devices Anders Roxell <anders.roxell(a)linaro.org> selftests: memfd: add config fragment for fuse Vardan Mikayelyan <mvardan(a)synopsys.com> usb: dwc2: Fix dwc2_hsotg_core_init_disconnected() Stefan Agner <stefan(a)agner.ch> usb: gadget: fsl_udc_core: fix ep valid checks John Keeping <john(a)metanate.com> usb: gadget: f_uac2: fix bFirstInterface in composite gadget Ulf Magnusson <ulfalizer(a)gmail.com> ARC: Fix malformed ARC_EMUL_UNALIGNED default Bart Van Assche <bart.vanassche(a)wdc.com> scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() Dan Carpenter <dan.carpenter(a)oracle.com> scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() Dan Carpenter <dan.carpenter(a)oracle.com> scsi: sym53c8xx_2: iterator underflow in sym_getsync() Chad Dupuis <chad.dupuis(a)cavium.com> scsi: bnx2fc: Fix check in SCSI completion handler for timed out request Sujit Reddy Thumma <sthumma(a)codeaurora.org> scsi: ufs: Enable quirk to ignore sending WRITE_SAME command Mark Salter <msalter(a)redhat.com> irqchip/gic-v3: Change pr_debug message to pr_devel Will Deacon <will.deacon(a)arm.com> locking/qspinlock: Ensure node->count is updated before initialising node Jesper Dangaard Brouer <brouer(a)redhat.com> tools/libbpf: handle issues with bpf ELF objects containing .eh_frames Tang Junhui <tang.junhui(a)zte.com.cn> bcache: return attach error when no cache set exist Tang Junhui <tang.junhui(a)zte.com.cn> bcache: fix for data collapse after re-attaching an attached device Tang Junhui <tang.junhui(a)zte.com.cn> bcache: fix for allocator and register thread race Coly Li <colyli(a)suse.de> bcache: properly set task state in bch_writeback_thread() Arnd Bergmann <arnd(a)arndb.de> cifs: silence compiler warnings showing up with gcc-8.0.0 Alexey Dobriyan <adobriyan(a)gmail.com> proc: fix /proc/*/map_files lookup Will Deacon <will.deacon(a)arm.com> arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics Guanglei Li <guanglei.li(a)oracle.com> RDS: IB: Fix null pointer issue Ross Lagerwall <ross.lagerwall(a)citrix.com> xen/grant-table: Use put_page instead of free_page Ross Lagerwall <ross.lagerwall(a)citrix.com> xen-netfront: Fix race between device setup and open Matt Redfearn <matt.redfearn(a)mips.com> MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS Yonghong Song <yhs(a)fb.com> bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y Chen Yu <yu.c.chen(a)intel.com> ACPI: processor_perflib: Do not send _PPC change notification if not ready Jean Delvare <jdelvare(a)suse.de> firmware: dmi_scan: Fix handling of empty DMI strings Arnd Bergmann <arnd(a)arndb.de> x86/power: Fix swsusp_arch_resume prototype Alex Estrin <alex.estrin(a)intel.com> IB/ipoib: Fix for potential no-carrier state Mel Gorman <mgorman(a)techsingularity.net> mm: pin address_space before dereferencing it while isolating an LRU page Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> asm-generic: provide generic_pmdp_establish() Yisheng Xie <xieyisheng1(a)huawei.com> mm/mempolicy: add nodes_empty check in SYSC_migrate_pages Yisheng Xie <xieyisheng1(a)huawei.com> mm/mempolicy: fix the check of nodemask from user piaojun <piaojun(a)huawei.com> ocfs2: return error when we attempt to access a dirty bh in jbd2 piaojun <piaojun(a)huawei.com> ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute piaojun <piaojun(a)huawei.com> ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid Logan Gunthorpe <logang(a)deltatee.com> ntb_transport: Fix bug with max_mw_size parameter Leon Romanovsky <leonro(a)mellanox.com> RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure Michael Bringmann <mwb(a)linux.vnet.ibm.com> powerpc/numa: Ensure nodes initialized for hotplug Michael Bringmann <mwb(a)linux.vnet.ibm.com> powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes Jake Daryll Obina <jake.obina(a)gmail.com> jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path Dan Carpenter <dan.carpenter(a)oracle.com> HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() Arnd Bergmann <arnd(a)arndb.de> scsi: fas216: fix sense buffer initialization Liu Bo <bo.li.liu(a)oracle.com> Btrfs: fix scrub to repair raid6 corruption Nikolay Borisov <nborisov(a)suse.com> btrfs: Fix out of bounds access in btrfs_search_slot Liu Bo <bo.li.liu(a)oracle.com> Btrfs: set plug for fsync Wei Yongjun <weiyongjun1(a)huawei.com> ipmi/powernv: Fix error return code in ipmi_powernv_probe() weiyongjun (A) <weiyongjun1(a)huawei.com> mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl() Ulf Magnusson <ulfalizer(a)gmail.com> kconfig: Fix expr_free() E_NOT leak Ulf Magnusson <ulfalizer(a)gmail.com> kconfig: Fix automatic menu creation mem leak Ulf Magnusson <ulfalizer(a)gmail.com> kconfig: Don't leak main menus during parsing Guenter Roeck <linux(a)roeck-us.net> watchdog: sp5100_tco: Fix watchdog disable bit Jan Chochol <jan(a)chochol.info> nfs: Do not convert nfs_idmap_cache_timeout to jiffies mulhern <amulhern(a)redhat.com> dm thin: fix documentation relative to low water mark threshold Steven Rostedt (VMware) <rostedt(a)goodmis.org> tools lib traceevent: Fix get_field_str() for dynamic strings Arnaldo Carvalho de Melo <acme(a)redhat.com> perf callchain: Fix attr.sample_max_stack setting Steven Rostedt (VMware) <rostedt(a)goodmis.org> tools lib traceevent: Simplify pointer print logic and fix %pF Alex Williamson <alex.williamson(a)redhat.com> PCI: Add function 1 DMA alias quirk for Marvell 9128 Anna-Maria Gleixner <anna-maria(a)linutronix.de> tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account Paolo Bonzini <pbonzini(a)redhat.com> kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl Dan Carpenter <dan.carpenter(a)oracle.com> ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() Takashi Iwai <tiwai(a)suse.de> ALSA: hda - Use IS_REACHABLE() for dependency on input NeilBrown <neilb(a)suse.com> NFSv4: always set NFS_LOCK_LOST when a lock is lost. Hector Martin <marcan(a)marcan.st> firewire-ohci: work around oversized DMA reads on JMicron controllers Al Viro <viro(a)zeniv.linux.org.uk> do d_instantiate/unlock_new_inode combinations safely Brian Foster <bfoster(a)redhat.com> xfs: remove racy hasattr check from attr ops zhongjiang <zhongjiang(a)huawei.com> kernel/signal.c: avoid undefined behaviour in kill_something_info Gustavo A. R. Silva <gustavo(a)embeddedor.com> kernel/sys.c: fix potential Spectre v1 issue David Hildenbrand <david(a)redhat.com> kasan: fix memory hotplug during boot Davidlohr Bueso <dave(a)stgolabs.net> ipc/shm: fix shmat() nil address after round-down when remapping Davidlohr Bueso <dave(a)stgolabs.net> Revert "ipc/shm: Fix shmat mmap nil-page protection" Joe Jin <joe.jin(a)oracle.com> xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent Sudip Mukherjee <sudipm.mukherjee(a)gmail.com> libata: blacklist Micron 500IT SSD with MU01 firmware Tejun Heo <tj(a)kernel.org> libata: Blacklist some Sandisk SSDs for NCQ Corneliu Doban <corneliu.doban(a)broadcom.com> mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register Ben Hutchings <ben.hutchings(a)codethink.co.uk> ALSA: timer: Fix pause event notification Al Viro <viro(a)zeniv.linux.org.uk> aio: fix io_destroy(2) vs. lookup_ioctx() race Al Viro <viro(a)zeniv.linux.org.uk> affs_lookup(): close a race with affs_remove_link() Colin Ian King <colin.king(a)canonical.com> KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable" Maciej W. Rozycki <macro(a)mips.com> MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs Maciej W. Rozycki <macro(a)mips.com> MIPS: ptrace: Expose FIR register through FP regset ------------- Diffstat: Documentation/device-mapper/thin-provisioning.txt | 8 +- Makefile | 4 +- arch/alpha/include/asm/xchg.h | 30 +++++-- arch/arc/Kconfig | 1 - arch/arm/boot/dts/socfpga.dtsi | 2 +- arch/arm/include/asm/vdso.h | 2 - arch/arm/kernel/vdso.c | 12 +-- arch/arm/mach-omap1/clock.c | 6 +- arch/arm/mach-omap2/pm.c | 4 +- arch/arm/mach-omap2/timer.c | 19 +++-- arch/arm/plat-omap/dmtimer.c | 7 +- arch/arm64/include/asm/spinlock.h | 4 +- arch/m68k/coldfire/device.c | 12 ++- arch/microblaze/Kconfig | 1 + arch/microblaze/mm/init.c | 56 ++----------- arch/mips/cavium-octeon/octeon-irq.c | 10 +-- arch/mips/include/asm/mach-ath79/ar71xx_regs.h | 2 +- arch/mips/kernel/ptrace.c | 22 ++++- arch/mips/kernel/ptrace32.c | 4 +- arch/mips/kvm/mips.c | 2 +- arch/mips/txx9/rbtx4939/setup.c | 4 +- arch/powerpc/include/asm/irq_work.h | 1 + arch/powerpc/kvm/book3s_hv.c | 12 +-- arch/powerpc/mm/numa.c | 78 ++++++++++++++--- arch/powerpc/net/bpf_jit_comp.c | 3 + arch/powerpc/perf/core-book3s.c | 25 ++++++ arch/powerpc/sysdev/mpic.c | 2 +- arch/s390/include/asm/nospec-insn.h | 13 +++ arch/s390/kernel/asm-offsets.c | 1 + arch/s390/kernel/mcount.S | 14 ++-- arch/sh/kernel/entry-common.S | 2 +- arch/sparc/include/asm/atomic_64.h | 6 +- arch/x86/kernel/apic/apic.c | 2 +- arch/x86/kernel/devicetree.c | 21 +++-- arch/x86/kernel/smpboot.c | 1 + arch/x86/kvm/lapic.c | 10 ++- arch/x86/kvm/vmx.c | 20 +++-- arch/x86/kvm/x86.c | 7 +- arch/x86/mm/pgtable.c | 9 ++ arch/x86/power/hibernate_32.c | 2 +- arch/x86/power/hibernate_64.c | 2 +- drivers/acpi/acpi_pad.c | 3 + drivers/acpi/acpica/evevent.c | 9 +- drivers/acpi/acpica/nseval.c | 8 ++ drivers/acpi/processor_perflib.c | 2 +- drivers/ata/libata-core.c | 6 ++ drivers/block/paride/pcd.c | 2 + drivers/bluetooth/btusb.c | 6 ++ drivers/cdrom/cdrom.c | 3 - drivers/cdrom/gdrom.c | 3 + drivers/char/hw_random/stm32-rng.c | 9 ++ drivers/char/ipmi/ipmi_powernv.c | 5 +- drivers/char/ipmi/ipmi_ssif.c | 4 +- drivers/clk/clk.c | 3 + drivers/clk/rockchip/clk-mmc-phase.c | 23 +++++ drivers/clk/samsung/clk-exynos3250.c | 4 +- drivers/clk/samsung/clk-exynos5250.c | 8 +- drivers/clk/samsung/clk-exynos5260.c | 2 +- drivers/clk/samsung/clk-exynos5433.c | 12 +-- drivers/clk/samsung/clk-s3c2410.c | 16 ++-- drivers/clocksource/fsl_ftm_timer.c | 2 +- drivers/cpufreq/cppc_cpufreq.c | 23 ++++- drivers/crypto/sunxi-ss/sun4i-ss-core.c | 1 + drivers/dma/pl330.c | 6 +- drivers/dma/sh/rcar-dmac.c | 2 +- drivers/firewire/ohci.c | 8 +- drivers/firmware/dmi_scan.c | 22 ++--- drivers/gpu/drm/exynos/exynos_drm_g2d.c | 6 +- drivers/gpu/drm/exynos/regs-fimc.h | 2 +- drivers/gpu/drm/rockchip/rockchip_drm_gem.c | 7 +- drivers/gpu/drm/virtio/virtgpu_ioctl.c | 17 ++-- drivers/hid/hid-roccat-kovaplus.c | 2 + drivers/hwmon/nct6775.c | 10 +-- drivers/hwmon/pmbus/adm1275.c | 4 +- drivers/hwmon/pmbus/max8688.c | 2 +- drivers/i2c/busses/i2c-mv64xxx.c | 8 +- drivers/ide/ide-cd.c | 2 + drivers/infiniband/core/ucma.c | 2 +- drivers/infiniband/hw/mlx5/qp.c | 5 +- drivers/infiniband/ulp/ipoib/ipoib_main.c | 3 + drivers/irqchip/irq-gic-v3.c | 2 +- drivers/md/bcache/alloc.c | 4 +- drivers/md/bcache/bcache.h | 2 +- drivers/md/bcache/btree.c | 9 +- drivers/md/bcache/request.c | 2 +- drivers/md/bcache/super.c | 23 +++-- drivers/md/bcache/sysfs.c | 11 ++- drivers/md/bcache/writeback.c | 27 ++++-- drivers/md/raid1.c | 11 +++ drivers/md/raid10.c | 6 +- drivers/md/raid5.c | 7 +- drivers/media/dvb-core/dmxdev.c | 2 +- drivers/media/pci/cx23885/cx23885-cards.c | 4 + drivers/media/pci/cx23885/cx23885-core.c | 10 +++ drivers/media/pci/cx25821/cx25821-core.c | 7 +- drivers/media/platform/s3c-camif/camif-capture.c | 7 +- drivers/media/usb/em28xx/em28xx.h | 2 +- drivers/message/fusion/mptctl.c | 2 + drivers/mmc/host/sdhci-iproc.c | 30 +++++-- drivers/net/ethernet/broadcom/bgmac.c | 3 +- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 + drivers/net/ethernet/cisco/enic/enic_main.c | 10 ++- drivers/net/ethernet/freescale/gianfar.c | 7 +- drivers/net/ethernet/intel/e1000e/ich8lan.c | 2 +- drivers/net/ethernet/intel/e1000e/mac.c | 2 +- drivers/net/ethernet/intel/e1000e/netdev.c | 4 +- drivers/net/ethernet/marvell/mvneta.c | 1 + drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 2 +- drivers/net/ethernet/sun/sunvnet.c | 2 +- drivers/net/phy/dp83640.c | 18 ++++ drivers/net/usb/qmi_wwan.c | 5 ++ drivers/net/usb/r8152.c | 2 +- drivers/net/usb/smsc75xx.c | 7 +- drivers/net/virtio_net.c | 2 +- drivers/net/wireless/ath/ath10k/mac.c | 10 +++ drivers/net/wireless/mac80211_hwsim.c | 4 +- drivers/net/xen-netfront.c | 46 +++++----- drivers/ntb/ntb_transport.c | 3 + drivers/nvme/host/pci.c | 5 +- drivers/parisc/lba_pci.c | 20 ++++- drivers/pci/pci-driver.c | 17 ++-- drivers/pci/quirks.c | 5 ++ drivers/regulator/of_regulator.c | 1 + drivers/rtc/hctosys.c | 5 ++ drivers/rtc/rtc-snvs.c | 15 +++- drivers/rtc/rtc-tx4939.c | 6 +- drivers/s390/cio/device_fsm.c | 7 +- drivers/s390/cio/io_sch.h | 1 + drivers/scsi/aacraid/commsup.c | 4 +- drivers/scsi/aacraid/linit.c | 5 +- drivers/scsi/arm/fas216.c | 2 +- drivers/scsi/bnx2fc/bnx2fc_io.c | 1 + drivers/scsi/lpfc/lpfc_attr.c | 5 ++ drivers/scsi/lpfc/lpfc_hbadisc.c | 5 +- drivers/scsi/lpfc/lpfc_sli.c | 2 + drivers/scsi/mpt3sas/mpt3sas_scsih.c | 2 +- drivers/scsi/qla2xxx/qla_isr.c | 6 +- drivers/scsi/qla4xxx/ql4_def.h | 2 + drivers/scsi/qla4xxx/ql4_os.c | 46 ++++++++++ drivers/scsi/sd.c | 3 +- drivers/scsi/sr.c | 21 ++++- drivers/scsi/storvsc_drv.c | 2 +- drivers/scsi/sym53c8xx_2/sym_hipd.c | 2 +- drivers/scsi/ufs/ufshcd.c | 2 + drivers/staging/rtl8192u/r8192U_core.c | 2 + drivers/tty/serial/arc_uart.c | 5 ++ drivers/tty/serial/fsl_lpuart.c | 4 + drivers/tty/serial/imx.c | 6 ++ drivers/tty/serial/mxs-auart.c | 4 + drivers/tty/serial/samsung.c | 4 + drivers/tty/serial/xilinx_uartps.c | 2 +- drivers/usb/dwc2/core.h | 2 +- drivers/usb/dwc2/gadget.c | 12 +-- drivers/usb/dwc3/core.h | 2 + drivers/usb/gadget/composite.c | 40 +++++---- drivers/usb/gadget/function/f_fs.c | 6 +- drivers/usb/gadget/function/f_uac2.c | 2 + drivers/usb/gadget/udc/fsl_udc_core.c | 4 +- drivers/usb/gadget/udc/goku_udc.h | 2 +- drivers/usb/host/ohci-hcd.c | 3 +- drivers/usb/host/xhci-mem.c | 2 + drivers/usb/musb/musb_core.c | 5 +- drivers/video/fbdev/sbuslib.c | 4 +- drivers/watchdog/f71808e_wdt.c | 3 +- drivers/watchdog/sp5100_tco.h | 2 +- drivers/xen/events/events_base.c | 4 +- drivers/xen/grant-table.c | 4 +- drivers/xen/swiotlb-xen.c | 2 +- drivers/xen/xen-acpi-processor.c | 6 +- drivers/xen/xenbus/xenbus_probe.c | 5 +- drivers/zorro/zorro.c | 12 +++ fs/affs/namei.c | 10 ++- fs/aio.c | 4 +- fs/btrfs/ctree.c | 12 ++- fs/btrfs/disk-io.c | 2 +- fs/btrfs/extent-tree.c | 1 + fs/btrfs/file.c | 9 ++ fs/btrfs/inode.c | 16 +--- fs/btrfs/raid56.c | 18 +++- fs/btrfs/send.c | 3 + fs/btrfs/tests/qgroup-tests.c | 2 +- fs/btrfs/tree-log.c | 12 ++- fs/btrfs/volumes.c | 9 +- fs/cifs/cifssmb.c | 4 +- fs/dcache.c | 22 +++++ fs/ecryptfs/inode.c | 3 +- fs/ext2/namei.c | 6 +- fs/ext4/namei.c | 6 +- fs/f2fs/namei.c | 12 +-- fs/fscache/page.c | 13 ++- fs/gfs2/file.c | 5 +- fs/gfs2/quota.h | 2 + fs/jffs2/dir.c | 12 +-- fs/jffs2/fs.c | 1 - fs/jfs/namei.c | 12 +-- fs/nfs/nfs4proc.c | 12 ++- fs/nfs/nfs4state.c | 5 +- fs/nfs/nfs4sysctl.c | 2 +- fs/nilfs2/namei.c | 6 +- fs/ocfs2/acl.c | 6 ++ fs/ocfs2/dlm/dlmdomain.c | 14 ---- fs/ocfs2/dlm/dlmdomain.h | 25 +++++- fs/ocfs2/dlm/dlmrecovery.c | 9 ++ fs/ocfs2/journal.c | 23 ++--- fs/ocfs2/super.c | 5 +- fs/ocfs2/xattr.c | 2 + fs/proc/base.c | 29 ++++++- fs/proc/proc_sysctl.c | 3 + fs/reiserfs/namei.c | 12 +-- fs/udf/namei.c | 6 +- fs/udf/super.c | 5 +- fs/ufs/namei.c | 6 +- fs/xfs/libxfs/xfs_attr.c | 6 -- fs/xfs/xfs_discard.c | 14 ++-- include/asm-generic/pgtable.h | 15 ++++ include/linux/dcache.h | 1 + include/linux/suspend.h | 2 + include/linux/usb/composite.h | 3 + include/net/ip.h | 11 ++- include/net/ip_fib.h | 1 + include/net/llc_conn.h | 2 +- include/net/mac80211.h | 2 +- include/net/regulatory.h | 2 +- include/net/route.h | 3 +- include/trace/events/timer.h | 20 ++++- include/uapi/drm/virtgpu_drm.h | 1 + include/uapi/linux/if_ether.h | 1 + ipc/shm.c | 19 +++-- kernel/audit.c | 2 + kernel/debug/kdb/kdb_main.c | 27 ++++-- kernel/events/core.c | 24 ++++-- kernel/locking/qspinlock.c | 8 ++ kernel/power/power.h | 3 - kernel/relay.c | 2 +- kernel/sched/rt.c | 2 + kernel/signal.c | 4 + kernel/sys.c | 3 + kernel/workqueue.c | 2 +- lib/test_bpf.c | 31 +++++-- mm/kasan/kasan.c | 2 +- mm/kmemleak.c | 12 +-- mm/ksm.c | 28 +++++++ mm/mempolicy.c | 36 ++++++-- mm/swapfile.c | 4 + mm/vmscan.c | 22 ++++- net/batman-adv/distributed-arp-table.c | 2 +- net/batman-adv/fragmentation.c | 3 +- net/batman-adv/gateway_client.c | 3 + net/batman-adv/multicast.c | 4 +- net/batman-adv/soft-interface.c | 8 +- net/bridge/netfilter/ebtables.c | 33 +++++--- net/core/skbuff.c | 9 +- net/ipv4/ip_vti.c | 2 - net/ipv4/route.c | 26 ++++-- net/ipv4/tcp_illinois.c | 2 +- net/ipv4/xfrm4_policy.c | 1 + net/ipv6/sit.c | 7 ++ net/llc/llc_c_ac.c | 15 ++-- net/llc/llc_conn.c | 32 +++++-- net/netlabel/netlabel_unlabeled.c | 10 +++ net/nfc/llcp_commands.c | 4 + net/nfc/netlink.c | 3 +- net/rds/ib.c | 3 +- scripts/kconfig/expr.c | 2 +- scripts/kconfig/menu.c | 1 + scripts/kconfig/zconf.y | 33 ++++++-- security/integrity/ima/Kconfig | 1 + security/integrity/ima/ima_crypto.c | 2 + security/integrity/ima/ima_main.c | 13 +++ sound/core/timer.c | 4 +- sound/core/vmaster.c | 5 +- sound/pci/hda/Kconfig | 1 - sound/pci/hda/patch_realtek.c | 5 ++ sound/soc/au1x/ac97c.c | 6 +- sound/soc/samsung/i2s.c | 13 ++- sound/soc/soc-topology.c | 3 + tools/lib/bpf/libbpf.c | 26 ++++++ tools/lib/traceevent/event-parse.c | 17 ++-- tools/lib/traceevent/parse-filter.c | 10 ++- tools/perf/tests/vmlinux-kallsyms.c | 2 +- tools/perf/util/evsel.c | 8 +- tools/perf/util/hist.c | 4 +- tools/perf/util/hist.h | 1 - tools/testing/selftests/Makefile | 1 + .../ftrace/test.d/kprobe/kprobe_args_string.tc | 46 ++++++++++ .../ftrace/test.d/kprobe/kprobe_args_syntax.tc | 97 ++++++++++++++++++++++ .../selftests/ftrace/test.d/kprobe/probepoint.tc | 43 ++++++++++ tools/testing/selftests/memfd/config | 1 + tools/testing/selftests/net/psock_fanout.c | 3 +- tools/testing/selftests/powerpc/mm/subpage_prot.c | 14 ++++ tools/thermal/tmon/sysfs.c | 12 +-- tools/thermal/tmon/tmon.c | 1 - 292 files changed, 1883 insertions(+), 687 deletions(-)

7 years, 2 months

17
294
0 0

[PATCHES] Networking

by David Miller

Please queue up the following networking bug fixes for v4.14 and v4.15 -stable, respecetively. Thank you!

7 years, 2 months

6
7
0 0

FAILED: patch "[PATCH] f2fs: truncate preallocated blocks in error case" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From dc7a10ddee0c56c6d891dd18de5c4ee9869545e0 Mon Sep 17 00:00:00 2001 From: Jaegeuk Kim <jaegeuk(a)kernel.org> Date: Fri, 30 Mar 2018 17:58:13 -0700 Subject: [PATCH] f2fs: truncate preallocated blocks in error case If write is failed, we must deallocate the blocks that we couldn't write. Cc: stable(a)vger.kernel.org Reviewed-by: Chao Yu <yuchao0(a)huawei.com> Signed-off-by: Jaegeuk Kim <jaegeuk(a)kernel.org> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c index 8068b015ece5..6b94f19b3fa8 100644 --- a/fs/f2fs/file.c +++ b/fs/f2fs/file.c @@ -2911,6 +2911,8 @@ static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from) ret = generic_write_checks(iocb, from); if (ret > 0) { + bool preallocated = false; + size_t target_size = 0; int err; if (iov_iter_fault_in_readable(from, iov_iter_count(from))) @@ -2927,6 +2929,9 @@ static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from) } } else { + preallocated = true; + target_size = iocb->ki_pos + iov_iter_count(from); + err = f2fs_preallocate_blocks(iocb, from); if (err) { clear_inode_flag(inode, FI_NO_PREALLOC); @@ -2939,6 +2944,10 @@ static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from) blk_finish_plug(&plug); clear_inode_flag(inode, FI_NO_PREALLOC); + /* if we couldn't write data, we should deallocate blocks. */ + if (preallocated && i_size_read(inode) < target_size) + f2fs_truncate(inode); + if (ret > 0) f2fs_update_iostat(F2FS_I_SB(inode), APP_WRITE_IO, ret); }

7 years, 2 months

3
2
0 0

FAILED: patch "[PATCH] mm: hwpoison: disable memory error handling on 1GB hugepage" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 31286a8484a85e8b4e91ddb0f5415aee8a416827 Mon Sep 17 00:00:00 2001 From: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Date: Thu, 5 Apr 2018 16:23:05 -0700 Subject: [PATCH] mm: hwpoison: disable memory error handling on 1GB hugepage Recently the following BUG was reported: Injecting memory failure for pfn 0x3c0000 at process virtual address 0x7fe300000000 Memory failure: 0x3c0000: recovery action for huge page: Recovered BUG: unable to handle kernel paging request at ffff8dfcc0003000 IP: gup_pgd_range+0x1f0/0xc20 PGD 17ae72067 P4D 17ae72067 PUD 0 Oops: 0000 [#1] SMP PTI ... CPU: 3 PID: 5467 Comm: hugetlb_1gb Not tainted 4.15.0-rc8-mm1-abc+ #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-1.fc25 04/01/2014 You can easily reproduce this by calling madvise(MADV_HWPOISON) twice on a 1GB hugepage. This happens because get_user_pages_fast() is not aware of a migration entry on pud that was created in the 1st madvise() event. I think that conversion to pud-aligned migration entry is working, but other MM code walking over page table isn't prepared for it. We need some time and effort to make all this work properly, so this patch avoids the reported bug by just disabling error handling for 1GB hugepage. [n-horiguchi(a)ah.jp.nec.com: v2] Link: http://lkml.kernel.org/r/1517284444-18149-1-git-send-email-n-horiguchi@ah.j… Link: http://lkml.kernel.org/r/1517207283-15769-1-git-send-email-n-horiguchi@ah.j… Signed-off-by: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Punit Agrawal <punit.agrawal(a)arm.com> Tested-by: Michael Ellerman <mpe(a)ellerman.id.au> Cc: Anshuman Khandual <khandual(a)linux.vnet.ibm.com> Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)linux.vnet.ibm.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/include/linux/mm.h b/include/linux/mm.h index 2e40a44a1fae..2e2be527642a 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -2613,6 +2613,7 @@ enum mf_action_page_type { MF_MSG_POISONED_HUGE, MF_MSG_HUGE, MF_MSG_FREE_HUGE, + MF_MSG_NON_PMD_HUGE, MF_MSG_UNMAP_FAILED, MF_MSG_DIRTY_SWAPCACHE, MF_MSG_CLEAN_SWAPCACHE, diff --git a/mm/memory-failure.c b/mm/memory-failure.c index 8291b75f42c8..2d4bf647cf01 100644 --- a/mm/memory-failure.c +++ b/mm/memory-failure.c @@ -502,6 +502,7 @@ static const char * const action_page_types[] = { [MF_MSG_POISONED_HUGE] = "huge page already hardware poisoned", [MF_MSG_HUGE] = "huge page", [MF_MSG_FREE_HUGE] = "free huge page", + [MF_MSG_NON_PMD_HUGE] = "non-pmd-sized huge page", [MF_MSG_UNMAP_FAILED] = "unmapping failed page", [MF_MSG_DIRTY_SWAPCACHE] = "dirty swapcache page", [MF_MSG_CLEAN_SWAPCACHE] = "clean swapcache page", @@ -1084,6 +1085,21 @@ static int memory_failure_hugetlb(unsigned long pfn, int flags) return 0; } + /* + * TODO: hwpoison for pud-sized hugetlb doesn't work right now, so + * simply disable it. In order to make it work properly, we need + * make sure that: + * - conversion of a pud that maps an error hugetlb into hwpoison + * entry properly works, and + * - other mm code walking over page table is aware of pud-aligned + * hwpoison entries. + */ + if (huge_page_size(page_hstate(head)) > PMD_SIZE) { + action_result(pfn, MF_MSG_NON_PMD_HUGE, MF_IGNORED); + res = -EBUSY; + goto out; + } + if (!hwpoison_user_mappings(p, pfn, flags, &head)) { action_result(pfn, MF_MSG_UNMAP_FAILED, MF_IGNORED); res = -EBUSY;

7 years, 2 months

3
2
0 0

[v4.14-stable] arm64: dts: stratix10: Fix SPI IRQ for Stratix10

by thor.thayer＠linux.intel.com

From: Thor Thayer <thor.thayer(a)linux.intel.com> Fix the SPI interrupt numbers for Stratix10. This is a backport for stable 4.9.x and 4.14.x branches. (original includes other changes that are not relevant to this branch): [backport 'commit 889d15090420 ("arm64: dts: stratix10: fix SPI settings")'] Cc: <stable(a)vger.kernel.org> # 4.9.x Cc: <stable(a)vger.kernel.org> # 4.14.x Fixes: 78cd6a9d8e154 ("arm64: dts: Add base stratix 10 dtsi") Signed-off-by: Thor Thayer <thor.thayer(a)linux.intel.com> --- arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi index 57f75453ee93..5db972c0492f 100644 --- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi +++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi @@ -230,7 +230,7 @@ #address-cells = <1>; #size-cells = <0>; reg = <0xffda4000 0x1000>; - interrupts = <0 101 4>; + interrupts = <0 99 4>; num-cs = <4>; status = "disabled"; }; @@ -240,7 +240,7 @@ #address-cells = <1>; #size-cells = <0>; reg = <0xffda5000 0x1000>; - interrupts = <0 102 4>; + interrupts = <0 100 4>; num-cs = <4>; status = "disabled"; }; -- 2.7.4

7 years, 2 months

2
1
0 0

10d94ff4d558b96b for 4.14.y

by Janne Huttunen

Please consider the upstream commit below for the 4.14.y branch. Without the fix the configuration mentioned in the commit message crashes every time immediately at boot. What's even worse, at least in our setup this crash is completely silent and the computer just seems to hang, so the user gets no hints what actually happened. commit 10d94ff4d558b96bfc4f55bb0051ae4d938246fe Author: Rakib Mullick <rakib.mullick(a)gmail.com> Date: Wed Nov 1 10:14:51 2017 +0600 irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1)

7 years, 2 months

2
2
0 0

[PATCH 4.9 v2] mlxsw: spectrum: Forbid linking of VLAN devices to devices that have uppers

by Ido Schimmel

Jiri Slaby noticed that the backport of upstream commit 25cc72a33835 ("mlxsw: spectrum: Forbid linking to devices that have uppers") to kernel 4.9.y introduced the same check twice in the same function instead of in two different places. Fix this by relocating one of the checks to its intended place, thus preventing unsupported configurations as described in the original commit. Fixes: 73ee5a73e75f ("mlxsw: spectrum: Forbid linking to devices that have uppers") Signed-off-by: Ido Schimmel <idosch(a)mellanox.com> Reported-by: Jiri Slaby <jslaby(a)suse.cz> --- Greg, didn't hear from you, so posting v2. Removed the "commit <sha1> upstream" line from the changelog which I think is what caused the confusion. Please let me know if further changes are required. Thanks. --- drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c index d50350c7adc4..22a5916e477e 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c @@ -4187,10 +4187,6 @@ static int mlxsw_sp_netdevice_port_upper_event(struct net_device *dev, if (netif_is_lag_port(dev) && is_vlan_dev(upper_dev) && !netif_is_lag_master(vlan_dev_real_dev(upper_dev))) return -EINVAL; - if (!info->linking) - break; - if (netdev_has_any_upper_dev(upper_dev)) - return -EINVAL; break; case NETDEV_CHANGEUPPER: upper_dev = info->upper_dev; @@ -4566,6 +4562,8 @@ static int mlxsw_sp_netdevice_vport_event(struct net_device *dev, return -EINVAL; if (!info->linking) break; + if (netdev_has_any_upper_dev(upper_dev)) + return -EINVAL; /* We can't have multiple VLAN interfaces configured on * the same port and being members in the same bridge. */ -- 2.14.4

7 years, 2 months

2
1
0 0

Request: d5ce4c31d6df518d for 4.14.y

by Janne Huttunen

Please consider the two upstream commits below for the 4.14.y branch. As a part of an automated test setup, we deploy a disk image into various types of hardware. With the current 4.14.y kernel and certain hardware configurations, the first attempt to write the image to the disk always fails with 'Remote I/O error'. Retrying the exact same command then always succeeds. The second patch below fixes this issue allowing the first attempt to work. It requires the first patch to compile without errors. commit 425a4dba7953e35ffd096771973add6d2f40d2ed Author: Ilya Dryomov <idryomov(a)gmail.com> Date: Mon Oct 16 15:59:09 2017 +0200 block: factor out __blkdev_issue_zero_pages() commit d5ce4c31d6df518dd8f63bbae20d7423c5018a6c Author: Ilya Dryomov <idryomov(a)gmail.com> Date: Mon Oct 16 15:59:10 2017 +0200 block: cope with WRITE ZEROES failing in blkdev_issue_zeroout()

7 years, 2 months

2
1
0 0

FAILED: patch "[PATCH] ext4: do not update s_last_mounted of a frozen fs" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From db6516a5e7ddb6dc72d167b920f2f272596ea22d Mon Sep 17 00:00:00 2001 From: Amir Goldstein <amir73il(a)gmail.com> Date: Sun, 13 May 2018 22:54:44 -0400 Subject: [PATCH] ext4: do not update s_last_mounted of a frozen fs If fs is frozen after mount and before the first file open, the update of s_last_mounted bypasses freeze protection and prints out a WARNING splat: $ mount /vdf $ fsfreeze -f /vdf $ cat /vdf/foo [ 31.578555] WARNING: CPU: 1 PID: 1415 at fs/ext4/ext4_jbd2.c:53 ext4_journal_check_start+0x48/0x82 [ 31.614016] Call Trace: [ 31.614997] __ext4_journal_start_sb+0xe4/0x1a4 [ 31.616771] ? ext4_file_open+0xb6/0x189 [ 31.618094] ext4_file_open+0xb6/0x189 If fs is frozen, skip s_last_mounted update. [backport hint: to apply to stable tree, need to apply also patches vfs: add the sb_start_intwrite_trylock() helper ext4: factor out helper ext4_sample_last_mounted()] Cc: stable(a)vger.kernel.org Fixes: bc0b0d6d69ee ("ext4: update the s_last_mounted field in the superblock") Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Reviewed-by: Jan Kara <jack(a)suse.cz> diff --git a/fs/ext4/file.c b/fs/ext4/file.c index c48ea76b63e4..7f8023340eb8 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -393,7 +393,7 @@ static int ext4_sample_last_mounted(struct super_block *sb, if (likely(sbi->s_mount_flags & EXT4_MF_MNTDIR_SAMPLED)) return 0; - if (sb_rdonly(sb)) + if (sb_rdonly(sb) || !sb_start_intwrite_trylock(sb)) return 0; sbi->s_mount_flags |= EXT4_MF_MNTDIR_SAMPLED; @@ -407,21 +407,25 @@ static int ext4_sample_last_mounted(struct super_block *sb, path.mnt = mnt; path.dentry = mnt->mnt_root; cp = d_path(&path, buf, sizeof(buf)); + err = 0; if (IS_ERR(cp)) - return 0; + goto out; handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1); + err = PTR_ERR(handle); if (IS_ERR(handle)) - return PTR_ERR(handle); + goto out; BUFFER_TRACE(sbi->s_sbh, "get_write_access"); err = ext4_journal_get_write_access(handle, sbi->s_sbh); if (err) - goto out; + goto out_journal; strlcpy(sbi->s_es->s_last_mounted, cp, sizeof(sbi->s_es->s_last_mounted)); ext4_handle_dirty_super(handle, sb); -out: +out_journal: ext4_journal_stop(handle); +out: + sb_end_intwrite(sb); return err; }

7 years, 2 months

4
10
0 0

FAILED: patch "[PATCH] ext4: avoid running out of journal credits when appending to" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8bc1379b82b8e809eef77a9fedbb75c6c297be19 Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Sat, 16 Jun 2018 23:41:59 -0400 Subject: [PATCH] ext4: avoid running out of journal credits when appending to an inline file Use a separate journal transaction if it turns out that we need to convert an inline file to use an data block. Otherwise we could end up failing due to not having journal credits. This addresses CVE-2018-10883. https://bugzilla.kernel.org/show_bug.cgi?id=200071 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)kernel.org diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index 856b6a54d82b..859d6433dcc1 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -3013,9 +3013,6 @@ extern int ext4_inline_data_fiemap(struct inode *inode, struct iomap; extern int ext4_inline_data_iomap(struct inode *inode, struct iomap *iomap); -extern int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed); extern int ext4_inline_data_truncate(struct inode *inode, int *has_inline); extern int ext4_convert_inline_data(struct inode *inode); diff --git a/fs/ext4/inline.c b/fs/ext4/inline.c index d79115d8d716..851bc552d849 100644 --- a/fs/ext4/inline.c +++ b/fs/ext4/inline.c @@ -887,11 +887,11 @@ int ext4_da_write_inline_data_begin(struct address_space *mapping, flags |= AOP_FLAG_NOFS; if (ret == -ENOSPC) { + ext4_journal_stop(handle); ret = ext4_da_convert_inline_data_to_extent(mapping, inode, flags, fsdata); - ext4_journal_stop(handle); if (ret == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) goto retry_journal; @@ -1891,42 +1891,6 @@ int ext4_inline_data_fiemap(struct inode *inode, return (error < 0 ? error : 0); } -/* - * Called during xattr set, and if we can sparse space 'needed', - * just create the extent tree evict the data to the outer block. - * - * We use jbd2 instead of page cache to move data to the 1st block - * so that the whole transaction can be committed as a whole and - * the data isn't lost because of the delayed page cache write. - */ -int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed) -{ - int error; - struct ext4_xattr_entry *entry; - struct ext4_inode *raw_inode; - struct ext4_iloc iloc; - - error = ext4_get_inode_loc(inode, &iloc); - if (error) - return error; - - raw_inode = ext4_raw_inode(&iloc); - entry = (struct ext4_xattr_entry *)((void *)raw_inode + - EXT4_I(inode)->i_inline_off); - if (EXT4_XATTR_LEN(entry->e_name_len) + - EXT4_XATTR_SIZE(le32_to_cpu(entry->e_value_size)) < needed) { - error = -ENOSPC; - goto out; - } - - error = ext4_convert_inline_data_nolock(handle, inode, &iloc); -out: - brelse(iloc.bh); - return error; -} - int ext4_inline_data_truncate(struct inode *inode, int *has_inline) { handle_t *handle; diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 72377b77fbd7..723df14f4084 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -2212,23 +2212,8 @@ int ext4_xattr_ibody_inline_set(handle_t *handle, struct inode *inode, if (EXT4_I(inode)->i_extra_isize == 0) return -ENOSPC; error = ext4_xattr_set_entry(i, s, handle, inode, false /* is_block */); - if (error) { - if (error == -ENOSPC && - ext4_has_inline_data(inode)) { - error = ext4_try_to_evict_inline_data(handle, inode, - EXT4_XATTR_LEN(strlen(i->name) + - EXT4_XATTR_SIZE(i->value_len))); - if (error) - return error; - error = ext4_xattr_ibody_find(inode, i, is); - if (error) - return error; - error = ext4_xattr_set_entry(i, s, handle, inode, - false /* is_block */); - } - if (error) - return error; - } + if (error) + return error; header = IHDR(inode, ext4_raw_inode(&is->iloc)); if (!IS_LAST_ENTRY(s->first)) { header->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC);

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] ext4: avoid running out of journal credits when appending to" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8bc1379b82b8e809eef77a9fedbb75c6c297be19 Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Sat, 16 Jun 2018 23:41:59 -0400 Subject: [PATCH] ext4: avoid running out of journal credits when appending to an inline file Use a separate journal transaction if it turns out that we need to convert an inline file to use an data block. Otherwise we could end up failing due to not having journal credits. This addresses CVE-2018-10883. https://bugzilla.kernel.org/show_bug.cgi?id=200071 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)kernel.org diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index 856b6a54d82b..859d6433dcc1 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -3013,9 +3013,6 @@ extern int ext4_inline_data_fiemap(struct inode *inode, struct iomap; extern int ext4_inline_data_iomap(struct inode *inode, struct iomap *iomap); -extern int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed); extern int ext4_inline_data_truncate(struct inode *inode, int *has_inline); extern int ext4_convert_inline_data(struct inode *inode); diff --git a/fs/ext4/inline.c b/fs/ext4/inline.c index d79115d8d716..851bc552d849 100644 --- a/fs/ext4/inline.c +++ b/fs/ext4/inline.c @@ -887,11 +887,11 @@ int ext4_da_write_inline_data_begin(struct address_space *mapping, flags |= AOP_FLAG_NOFS; if (ret == -ENOSPC) { + ext4_journal_stop(handle); ret = ext4_da_convert_inline_data_to_extent(mapping, inode, flags, fsdata); - ext4_journal_stop(handle); if (ret == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) goto retry_journal; @@ -1891,42 +1891,6 @@ int ext4_inline_data_fiemap(struct inode *inode, return (error < 0 ? error : 0); } -/* - * Called during xattr set, and if we can sparse space 'needed', - * just create the extent tree evict the data to the outer block. - * - * We use jbd2 instead of page cache to move data to the 1st block - * so that the whole transaction can be committed as a whole and - * the data isn't lost because of the delayed page cache write. - */ -int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed) -{ - int error; - struct ext4_xattr_entry *entry; - struct ext4_inode *raw_inode; - struct ext4_iloc iloc; - - error = ext4_get_inode_loc(inode, &iloc); - if (error) - return error; - - raw_inode = ext4_raw_inode(&iloc); - entry = (struct ext4_xattr_entry *)((void *)raw_inode + - EXT4_I(inode)->i_inline_off); - if (EXT4_XATTR_LEN(entry->e_name_len) + - EXT4_XATTR_SIZE(le32_to_cpu(entry->e_value_size)) < needed) { - error = -ENOSPC; - goto out; - } - - error = ext4_convert_inline_data_nolock(handle, inode, &iloc); -out: - brelse(iloc.bh); - return error; -} - int ext4_inline_data_truncate(struct inode *inode, int *has_inline) { handle_t *handle; diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 72377b77fbd7..723df14f4084 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -2212,23 +2212,8 @@ int ext4_xattr_ibody_inline_set(handle_t *handle, struct inode *inode, if (EXT4_I(inode)->i_extra_isize == 0) return -ENOSPC; error = ext4_xattr_set_entry(i, s, handle, inode, false /* is_block */); - if (error) { - if (error == -ENOSPC && - ext4_has_inline_data(inode)) { - error = ext4_try_to_evict_inline_data(handle, inode, - EXT4_XATTR_LEN(strlen(i->name) + - EXT4_XATTR_SIZE(i->value_len))); - if (error) - return error; - error = ext4_xattr_ibody_find(inode, i, is); - if (error) - return error; - error = ext4_xattr_set_entry(i, s, handle, inode, - false /* is_block */); - } - if (error) - return error; - } + if (error) + return error; header = IHDR(inode, ext4_raw_inode(&is->iloc)); if (!IS_LAST_ENTRY(s->first)) { header->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC);

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] ext4: never move the system.data xattr out of the inode body" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8cdb5240ec5928b20490a2bb34cb87e9a5f40226 Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Sat, 16 Jun 2018 15:40:48 -0400 Subject: [PATCH] ext4: never move the system.data xattr out of the inode body When expanding the extra isize space, we must never move the system.data xattr out of the inode body. For performance reasons, it doesn't make any sense, and the inline data implementation assumes that system.data xattr is never in the external xattr block. This addresses CVE-2018-10880 https://bugzilla.kernel.org/show_bug.cgi?id=200005 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)kernel.org diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 0263692979ec..72377b77fbd7 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -2657,6 +2657,11 @@ static int ext4_xattr_make_inode_space(handle_t *handle, struct inode *inode, last = IFIRST(header); /* Find the entry best suited to be pushed into EA block */ for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) { + /* never move system.data out of the inode */ + if ((last->e_name_len == 4) && + (last->e_name_index == EXT4_XATTR_INDEX_SYSTEM) && + !memcmp(last->e_name, "data", 4)) + continue; total_size = EXT4_XATTR_LEN(last->e_name_len); if (!last->e_value_inum) total_size += EXT4_XATTR_SIZE(

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] ext4: never move the system.data xattr out of the inode body" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8cdb5240ec5928b20490a2bb34cb87e9a5f40226 Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Sat, 16 Jun 2018 15:40:48 -0400 Subject: [PATCH] ext4: never move the system.data xattr out of the inode body When expanding the extra isize space, we must never move the system.data xattr out of the inode body. For performance reasons, it doesn't make any sense, and the inline data implementation assumes that system.data xattr is never in the external xattr block. This addresses CVE-2018-10880 https://bugzilla.kernel.org/show_bug.cgi?id=200005 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)kernel.org diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 0263692979ec..72377b77fbd7 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -2657,6 +2657,11 @@ static int ext4_xattr_make_inode_space(handle_t *handle, struct inode *inode, last = IFIRST(header); /* Find the entry best suited to be pushed into EA block */ for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) { + /* never move system.data out of the inode */ + if ((last->e_name_len == 4) && + (last->e_name_index == EXT4_XATTR_INDEX_SYSTEM) && + !memcmp(last->e_name, "data", 4)) + continue; total_size = EXT4_XATTR_LEN(last->e_name_len); if (!last->e_value_inum) total_size += EXT4_XATTR_SIZE(

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] ext4: always verify the magic number in xattr blocks" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 513f86d73855ce556ea9522b6bfd79f87356dc3a Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Wed, 13 Jun 2018 00:51:28 -0400 Subject: [PATCH] ext4: always verify the magic number in xattr blocks If there an inode points to a block which is also some other type of metadata block (such as a block allocation bitmap), the buffer_verified flag can be set when it was validated as that other metadata block type; however, it would make a really terrible external attribute block. The reason why we use the verified flag is to avoid constantly reverifying the block. However, it doesn't take much overhead to make sure the magic number of the xattr block is correct, and this will avoid potential crashes. This addresses CVE-2018-10879. https://bugzilla.kernel.org/show_bug.cgi?id=200001 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Reviewed-by: Andreas Dilger <adilger(a)dilger.ca> Cc: stable(a)kernel.org diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 230ba79715f6..0263692979ec 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -230,12 +230,12 @@ __ext4_xattr_check_block(struct inode *inode, struct buffer_head *bh, { int error = -EFSCORRUPTED; - if (buffer_verified(bh)) - return 0; - if (BHDR(bh)->h_magic != cpu_to_le32(EXT4_XATTR_MAGIC) || BHDR(bh)->h_blocks != cpu_to_le32(1)) goto errout; + if (buffer_verified(bh)) + return 0; + error = -EFSBADCRC; if (!ext4_xattr_block_csum_verify(inode, bh)) goto errout;

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] ext4: always verify the magic number in xattr blocks" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 513f86d73855ce556ea9522b6bfd79f87356dc3a Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Wed, 13 Jun 2018 00:51:28 -0400 Subject: [PATCH] ext4: always verify the magic number in xattr blocks If there an inode points to a block which is also some other type of metadata block (such as a block allocation bitmap), the buffer_verified flag can be set when it was validated as that other metadata block type; however, it would make a really terrible external attribute block. The reason why we use the verified flag is to avoid constantly reverifying the block. However, it doesn't take much overhead to make sure the magic number of the xattr block is correct, and this will avoid potential crashes. This addresses CVE-2018-10879. https://bugzilla.kernel.org/show_bug.cgi?id=200001 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Reviewed-by: Andreas Dilger <adilger(a)dilger.ca> Cc: stable(a)kernel.org diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 230ba79715f6..0263692979ec 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -230,12 +230,12 @@ __ext4_xattr_check_block(struct inode *inode, struct buffer_head *bh, { int error = -EFSCORRUPTED; - if (buffer_verified(bh)) - return 0; - if (BHDR(bh)->h_magic != cpu_to_le32(EXT4_XATTR_MAGIC) || BHDR(bh)->h_blocks != cpu_to_le32(1)) goto errout; + if (buffer_verified(bh)) + return 0; + error = -EFSBADCRC; if (!ext4_xattr_block_csum_verify(inode, bh)) goto errout;

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] ext4: add corruption check in ext4_xattr_set_entry()" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 5369a762c882c0b6e9599e4ebbb3a9ba9eee7e2d Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Wed, 13 Jun 2018 00:23:11 -0400 Subject: [PATCH] ext4: add corruption check in ext4_xattr_set_entry() In theory this should have been caught earlier when the xattr list was verified, but in case it got missed, it's simple enough to add check to make sure we don't overrun the xattr buffer. This addresses CVE-2018-10879. https://bugzilla.kernel.org/show_bug.cgi?id=200001 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Reviewed-by: Andreas Dilger <adilger(a)dilger.ca> Cc: stable(a)kernel.org diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index fc4ced59c565..230ba79715f6 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -1560,7 +1560,7 @@ static int ext4_xattr_set_entry(struct ext4_xattr_info *i, handle_t *handle, struct inode *inode, bool is_block) { - struct ext4_xattr_entry *last; + struct ext4_xattr_entry *last, *next; struct ext4_xattr_entry *here = s->here; size_t min_offs = s->end - s->base, name_len = strlen(i->name); int in_inode = i->in_inode; @@ -1595,7 +1595,13 @@ static int ext4_xattr_set_entry(struct ext4_xattr_info *i, /* Compute min_offs and last. */ last = s->first; - for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) { + for (; !IS_LAST_ENTRY(last); last = next) { + next = EXT4_XATTR_NEXT(last); + if ((void *)next >= s->end) { + EXT4_ERROR_INODE(inode, "corrupted xattr entries"); + ret = -EFSCORRUPTED; + goto out; + } if (!last->e_value_inum && last->e_value_size) { size_t offs = le16_to_cpu(last->e_value_offs); if (offs < min_offs)

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] ext4: add corruption check in ext4_xattr_set_entry()" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 5369a762c882c0b6e9599e4ebbb3a9ba9eee7e2d Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Wed, 13 Jun 2018 00:23:11 -0400 Subject: [PATCH] ext4: add corruption check in ext4_xattr_set_entry() In theory this should have been caught earlier when the xattr list was verified, but in case it got missed, it's simple enough to add check to make sure we don't overrun the xattr buffer. This addresses CVE-2018-10879. https://bugzilla.kernel.org/show_bug.cgi?id=200001 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Reviewed-by: Andreas Dilger <adilger(a)dilger.ca> Cc: stable(a)kernel.org diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index fc4ced59c565..230ba79715f6 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -1560,7 +1560,7 @@ static int ext4_xattr_set_entry(struct ext4_xattr_info *i, handle_t *handle, struct inode *inode, bool is_block) { - struct ext4_xattr_entry *last; + struct ext4_xattr_entry *last, *next; struct ext4_xattr_entry *here = s->here; size_t min_offs = s->end - s->base, name_len = strlen(i->name); int in_inode = i->in_inode; @@ -1595,7 +1595,13 @@ static int ext4_xattr_set_entry(struct ext4_xattr_info *i, /* Compute min_offs and last. */ last = s->first; - for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) { + for (; !IS_LAST_ENTRY(last); last = next) { + next = EXT4_XATTR_NEXT(last); + if ((void *)next >= s->end) { + EXT4_ERROR_INODE(inode, "corrupted xattr entries"); + ret = -EFSCORRUPTED; + goto out; + } if (!last->e_value_inum && last->e_value_size) { size_t offs = le16_to_cpu(last->e_value_offs); if (offs < min_offs)

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] drm/amdgpu: fix user fence write race condition" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From c660f40b711980b42d8beac4b395a10645b20d5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolai=20H=C3=A4hnle?= <nicolai.haehnle(a)amd.com> Date: Fri, 29 Jun 2018 13:23:25 +0200 Subject: [PATCH] drm/amdgpu: fix user fence write race condition MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The buffer object backing the user fence is reserved using the non-user fence, i.e., as soon as the non-user fence is signaled, the user fence buffer object can be moved or even destroyed. Therefore, emit the user fence first. Both fences have the same cache invalidation behavior, so this should have no user-visible effect. Signed-off-by: Nicolai Hähnle <nicolai.haehnle(a)amd.com> Reviewed-by: Alex Deucher <alexander.deucher(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c index f70eeed9ed76..7aaa263ad8c7 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c @@ -231,6 +231,12 @@ int amdgpu_ib_schedule(struct amdgpu_ring *ring, unsigned num_ibs, if (ib->flags & AMDGPU_IB_FLAG_TC_WB_NOT_INVALIDATE) fence_flags |= AMDGPU_FENCE_FLAG_TC_WB_ONLY; + /* wrap the last IB with fence */ + if (job && job->uf_addr) { + amdgpu_ring_emit_fence(ring, job->uf_addr, job->uf_sequence, + fence_flags | AMDGPU_FENCE_FLAG_64BIT); + } + r = amdgpu_fence_emit(ring, f, fence_flags); if (r) { dev_err(adev->dev, "failed to emit fence (%d)\n", r); @@ -243,12 +249,6 @@ int amdgpu_ib_schedule(struct amdgpu_ring *ring, unsigned num_ibs, if (ring->funcs->insert_end) ring->funcs->insert_end(ring); - /* wrap the last IB with fence */ - if (job && job->uf_addr) { - amdgpu_ring_emit_fence(ring, job->uf_addr, job->uf_sequence, - fence_flags | AMDGPU_FENCE_FLAG_64BIT); - } - if (patch_offset != ~0 && ring->funcs->patch_cond_exec) amdgpu_ring_patch_cond_exec(ring, patch_offset);

7 years, 2 months

1
0
0 0

[RESEND PATCH v2] devres: Really align data field to unsigned long long

by Alexey Brodkin

Depending on ABI "long long" type of a particular 32-bit CPU might be aligned by either word (32-bits) or double word (64-bits). Make sure "data" is really 64-bit aligned for any 32-bit CPU. At least for 32-bit ARC cores ABI requires "long long" types to be aligned by normal 32-bit word. This makes "data" field aligned to 12 bytes. Which is still OK as long as we use 32-bit data only. But once we want to use native atomic64_t type (i.e. when we use special instructions LLOCKD/SCONDD for accessing 64-bit data) we easily hit misaligned access exception. That's because even on CPUs capable of non-aligned data access LL/SC instructions require strict alignment. Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org --- Changes v1 -> v2: * Reworded commit message * Inserted comment right in source [Thomas] drivers/base/devres.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/drivers/base/devres.c b/drivers/base/devres.c index f98a097e73f2..466fa59c866a 100644 --- a/drivers/base/devres.c +++ b/drivers/base/devres.c @@ -24,8 +24,12 @@ struct devres_node { struct devres { struct devres_node node; - /* -- 3 pointers */ - unsigned long long data[]; /* guarantee ull alignment */ + /* + * Depending on ABI "long long" type of a particular 32-bit CPU + * might be aligned by either word (32-bits) or double word (64-bits). + * Make sure "data" is really 64-bit aligned for any 32-bit CPU. + */ + unsigned long long data[] __aligned(sizeof(unsigned long long)); }; struct devres_group { -- 2.17.1

7 years, 2 months

6
18
0 0

[PATCH] i2c: tegra: Fix NACK error handling

by Jon Hunter

On Tegra30 Cardhu the PCA9546 I2C mux is not ACK'ing I2C commands on resume from suspend (which is caused by the reset signal for the I2C mux not being configured correctl). However, this NACK is causing the Tegra30 to hang on resuming from suspend which is not expected as we detect NACKs and handle them. The hang observed appears to occur when resetting the I2C controller to recover from the NACK. Commit 77821b4678f9 ("i2c: tegra: proper handling of error cases") added additional error handling for some error cases including NACK, however, it appears that this change conflicts with an early fix by commit f70893d08338 ("i2c: tegra: Add delay before resetting the controller after NACK"). After commit 77821b4678f9 was made we now disable 'packet mode' before the delay from commit f70893d08338 happens. Testing shows that moving the delay to before disabling 'packet mode' fixes the hang observed on Tegra30. The delay was added to give the I2C controller chance to send a stop condition and so it makes sense to move this to before we disable packet mode. Please note that packet mode is always enabled for Tegra. Fixes: 77821b4678f9 ("i2c: tegra: proper handling of error cases") Cc: stable(a)vger.kernel.org Signed-off-by: Jon Hunter <jonathanh(a)nvidia.com> --- drivers/i2c/busses/i2c-tegra.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/drivers/i2c/busses/i2c-tegra.c b/drivers/i2c/busses/i2c-tegra.c index 5fccd1f1bca8..797def5319f1 100644 --- a/drivers/i2c/busses/i2c-tegra.c +++ b/drivers/i2c/busses/i2c-tegra.c @@ -545,6 +545,14 @@ static int tegra_i2c_disable_packet_mode(struct tegra_i2c_dev *i2c_dev) { u32 cnfg; + /* + * NACK interrupt is generated before the I2C controller generates + * the STOP condition on the bus. So wait for 2 clock periods + * before disabling the controller so that the STOP condition has + * been delivered properly. + */ + udelay(DIV_ROUND_UP(2 * 1000000, i2c_dev->bus_clk_rate)); + cnfg = i2c_readl(i2c_dev, I2C_CNFG); if (cnfg & I2C_CNFG_PACKET_MODE_EN) i2c_writel(i2c_dev, cnfg & ~I2C_CNFG_PACKET_MODE_EN, I2C_CNFG); @@ -706,15 +714,6 @@ static int tegra_i2c_xfer_msg(struct tegra_i2c_dev *i2c_dev, if (likely(i2c_dev->msg_err == I2C_ERR_NONE)) return 0; - /* - * NACK interrupt is generated before the I2C controller generates - * the STOP condition on the bus. So wait for 2 clock periods - * before resetting the controller so that the STOP condition has - * been delivered properly. - */ - if (i2c_dev->msg_err == I2C_ERR_NO_ACK) - udelay(DIV_ROUND_UP(2 * 1000000, i2c_dev->bus_clk_rate)); - tegra_i2c_init(i2c_dev); if (i2c_dev->msg_err == I2C_ERR_NO_ACK) { if (msg->flags & I2C_M_IGNORE_NAK) -- 1.9.1

7 years, 2 months

3
2
0 0

Important Notice...Reply Now

by Richard & Angela Maxwell

My wife and I won the Euro Millions Lottery of £53 Million British Pounds and we have voluntarily decided to donate 1,000,000EUR(One Million Euros) to 5 individuals randomly as part of our own charity project. To verify our lottery winnings,please see our interview by visiting the web page below: telegraph.co.uk/news/newstopics/howaboutthat/11511467/Lincolnshire-couple-win-53m-on-EuroMillions.html Your email address was among the emails which were submitted to us by the Google Inc. as a web user; if you have received our email,kindly send us the below details so that we can transfer your 1,000,000.00 EUR(One Million Euros) to you in your own country. Full Names: Mobile No: Age: Occupation: Country: Send your response to: rmaxwell81(a)yahoo.com Best Regards, Richard & Angela Maxwell

7 years, 2 months

1
0
0 0

[PATCH 1/2] clk: mvebu: armada-37xx-periph: Fix switching CPU rate from 300Mhz to 1.2GHz

by Gregory CLEMENT

Switching the CPU from the L2 or L3 frequencies (300 and 200 Mhz respectively) to L0 frequency (1.2 Ghz) requires a significant amount of time to let VDD stabilize to the appropriate voltage. This amount of time is large enough that it cannot be covered by the hardware countdown register. Due to this, the CPU might start operating at L0 before the voltage is stabilized, leading to CPU stalls. To work around this problem, we prevent switching directly from the L2/L3 frequencies to the L0 frequency, and instead switch to the L1 frequency in-between. The sequence therefore becomes: 1. First switch from L2/L3(200/300MHz) to L1(600MHZ) 2. Sleep 20ms for stabling VDD voltage 3. Then switch from L1(600MHZ) to L0(1200Mhz). It is based on the work done by Ken Ma <make(a)marvell.com> Cc: stable(a)vger.kernel.org Fixes: 2089dc33ea0e ("clk: mvebu: armada-37xx-periph: add DVFS support for cpu clocks") Signed-off-by: Gregory CLEMENT <gregory.clement(a)bootlin.com> --- drivers/clk/mvebu/armada-37xx-periph.c | 38 ++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/drivers/clk/mvebu/armada-37xx-periph.c b/drivers/clk/mvebu/armada-37xx-periph.c index 6860bd5a37c5..44e4e27eddad 100644 --- a/drivers/clk/mvebu/armada-37xx-periph.c +++ b/drivers/clk/mvebu/armada-37xx-periph.c @@ -35,6 +35,7 @@ #define CLK_SEL 0x10 #define CLK_DIS 0x14 +#define ARMADA_37XX_DVFS_LOAD_1 1 #define LOAD_LEVEL_NR 4 #define ARMADA_37XX_NB_L0L1 0x18 @@ -507,6 +508,40 @@ static long clk_pm_cpu_round_rate(struct clk_hw *hw, unsigned long rate, return -EINVAL; } +/* + * Switching the CPU from the L2 or L3 frequencies (300 and 200 Mhz + * respectively) to L0 frequency (1.2 Ghz) requires a significant + * amount of time to let VDD stabilize to the appropriate + * voltage. This amount of time is large enough that it cannot be + * covered by the hardware countdown register. Due to this, the CPU + * might start operating at L0 before the voltage is stabilized, + * leading to CPU stalls. + * + * To work around this problem, we prevent switching directly from the + * L2/L3 frequencies to the L0 frequency, and instead switch to the L1 + * frequency in-between. The sequence therefore becomes: + * 1. First switch from L2/L3(200/300MHz) to L1(600MHZ) + * 2. Sleep 20ms for stabling VDD voltage + * 3. Then switch from L1(600MHZ) to L0(1200Mhz). + */ +static void clk_pm_cpu_set_rate_wa(unsigned long rate, struct regmap *base) +{ + unsigned int cur_level; + + if (rate != 1200 * 1000 * 1000) + return; + + regmap_read(base, ARMADA_37XX_NB_CPU_LOAD, &cur_level); + cur_level &= ARMADA_37XX_NB_CPU_LOAD_MASK; + if (cur_level <= ARMADA_37XX_DVFS_LOAD_1) + return; + + regmap_update_bits(base, ARMADA_37XX_NB_CPU_LOAD, + ARMADA_37XX_NB_CPU_LOAD_MASK, + ARMADA_37XX_DVFS_LOAD_1); + msleep(20); +} + static int clk_pm_cpu_set_rate(struct clk_hw *hw, unsigned long rate, unsigned long parent_rate) { @@ -537,6 +572,9 @@ static int clk_pm_cpu_set_rate(struct clk_hw *hw, unsigned long rate, */ reg = ARMADA_37XX_NB_CPU_LOAD; mask = ARMADA_37XX_NB_CPU_LOAD_MASK; + + clk_pm_cpu_set_rate_wa(rate, base); + regmap_update_bits(base, reg, mask, load_level); return rate; -- 2.17.1

7 years, 2 months

2
4
0 0

[PATCH] ARM: tegra: Fix Tegra30 Cardhu PCA954x reset

by Jon Hunter

On all versions of Tegra30 Cardhu, the reset signal to the NXP PCA9546 I2C mux is connected to the Tegra GPIO BB0. Currently, this pin on the Tegra is not configured as a GPIO but as a special-function IO (SFIO) that is multiplexing the pin to an I2S controller. On exiting system suspend, I2C commands sent to the PCA9546 are failing because there is no ACK. Although it is not possible to see exactly what is happening to the reset during suspend, by ensuring it is configured as a GPIO and driven high, to de-assert the reset, the failures are no longer seen. Please note that this GPIO is also used to drive the reset signal going to the camera connector on the board. However, given that there is no camera support currently for Cardhu, this should not have any impact. Fixes: 40431d16ff11 ("ARM: tegra: enable PCA9546 on Cardhu") Cc: stable(a)vger.kernel.org Signed-off-by: Jon Hunter <jonathanh(a)nvidia.com> --- arch/arm/boot/dts/tegra30-cardhu.dtsi | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm/boot/dts/tegra30-cardhu.dtsi b/arch/arm/boot/dts/tegra30-cardhu.dtsi index 92a9740c533f..3b1db7b9ec50 100644 --- a/arch/arm/boot/dts/tegra30-cardhu.dtsi +++ b/arch/arm/boot/dts/tegra30-cardhu.dtsi @@ -206,6 +206,7 @@ #address-cells = <1>; #size-cells = <0>; reg = <0x70>; + reset-gpio = <&gpio TEGRA_GPIO(BB, 0) GPIO_ACTIVE_LOW>; }; }; -- 1.9.1

7 years, 2 months

2
1
0 0

[PATCH] x86/apm: Don't access __preempt_count with zeroed fs

by Ville Syrjala

From: Ville Syrjälä <ville.syrjala(a)linux.intel.com> APM_DO_POP_SEGS does not restore fs/gs which were zeroed by APM_DO_ZERO_SEGS. Trying to access __preempt_count with zeroed fs doesn't really work. Move the ibrs stuff outside the APM_DO_SAVE_SEGS/APM_DO_RESTORE_SEGS invocations so that fs is actually restored before we call preempt_enable(). Fixes the following sort of oopses: [ 0.313581] general protection fault: 0000 [#1] PREEMPT SMP [ 0.313803] Modules linked in: [ 0.314040] CPU: 0 PID: 268 Comm: kapmd Not tainted 4.16.0-rc1-triton-bisect-00090-gdd84441a7971 #19 [ 0.316161] EIP: __apm_bios_call_simple+0xc8/0x170 [ 0.316161] EFLAGS: 00210016 CPU: 0 [ 0.316161] EAX: 00000102 EBX: 00000000 ECX: 00000102 EDX: 00000000 [ 0.316161] ESI: 0000530e EDI: dea95f64 EBP: dea95f18 ESP: dea95ef0 [ 0.316161] DS: 007b ES: 007b FS: 0000 GS: 0000 SS: 0068 [ 0.316161] CR0: 80050033 CR2: 00000000 CR3: 015d3000 CR4: 000006d0 [ 0.316161] Call Trace: [ 0.316161] ? cpumask_weight.constprop.15+0x20/0x20 [ 0.316161] on_cpu0+0x44/0x70 [ 0.316161] apm+0x54e/0x720 [ 0.316161] ? __switch_to_asm+0x26/0x40 [ 0.316161] ? __schedule+0x17d/0x590 [ 0.316161] kthread+0xc0/0xf0 [ 0.316161] ? proc_apm_show+0x150/0x150 [ 0.316161] ? kthread_create_worker_on_cpu+0x20/0x20 [ 0.316161] ret_from_fork+0x2e/0x38 [ 0.316161] Code: da 8e c2 8e e2 8e ea 57 55 2e ff 1d e0 bb 5d b1 0f 92 c3 5d 5f 07 1f 89 47 0c 90 8d b4 26 00 00 00 00 90 8d b4 26 00 00 00 00 90 <64> ff 0d 84 16 5c b1 74 7f 8b 45 dc 8e e0 8b 45 d8 8e e8 8b 45 [ 0.316161] EIP: __apm_bios_call_simple+0xc8/0x170 SS:ESP: 0068:dea95ef0 [ 0.316161] ---[ end trace 656253db2deaa12c ]--- Cc: stable(a)vger.kernel.org Cc: David Woodhouse <dwmw(a)amazon.co.uk> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Ingo Molnar <mingo(a)kernel.org> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: x86(a)kernel.org Fixes: dd84441a7971 ("x86/speculation: Use IBRS if available before calling into firmware") Signed-off-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> --- arch/x86/include/asm/apm.h | 6 ------ arch/x86/kernel/apm_32.c | 5 +++++ 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/apm.h b/arch/x86/include/asm/apm.h index c356098b6fb9..4d4015ddcf26 100644 --- a/arch/x86/include/asm/apm.h +++ b/arch/x86/include/asm/apm.h @@ -7,8 +7,6 @@ #ifndef _ASM_X86_MACH_DEFAULT_APM_H #define _ASM_X86_MACH_DEFAULT_APM_H -#include <asm/nospec-branch.h> - #ifdef APM_ZERO_SEGS # define APM_DO_ZERO_SEGS \ "pushl %%ds\n\t" \ @@ -34,7 +32,6 @@ static inline void apm_bios_call_asm(u32 func, u32 ebx_in, u32 ecx_in, * N.B. We do NOT need a cld after the BIOS call * because we always save and restore the flags. */ - firmware_restrict_branch_speculation_start(); __asm__ __volatile__(APM_DO_ZERO_SEGS "pushl %%edi\n\t" "pushl %%ebp\n\t" @@ -47,7 +44,6 @@ static inline void apm_bios_call_asm(u32 func, u32 ebx_in, u32 ecx_in, "=S" (*esi) : "a" (func), "b" (ebx_in), "c" (ecx_in) : "memory", "cc"); - firmware_restrict_branch_speculation_end(); } static inline bool apm_bios_call_simple_asm(u32 func, u32 ebx_in, @@ -60,7 +56,6 @@ static inline bool apm_bios_call_simple_asm(u32 func, u32 ebx_in, * N.B. We do NOT need a cld after the BIOS call * because we always save and restore the flags. */ - firmware_restrict_branch_speculation_start(); __asm__ __volatile__(APM_DO_ZERO_SEGS "pushl %%edi\n\t" "pushl %%ebp\n\t" @@ -73,7 +68,6 @@ static inline bool apm_bios_call_simple_asm(u32 func, u32 ebx_in, "=S" (si) : "a" (func), "b" (ebx_in), "c" (ecx_in) : "memory", "cc"); - firmware_restrict_branch_speculation_end(); return error; } diff --git a/arch/x86/kernel/apm_32.c b/arch/x86/kernel/apm_32.c index 5d0de79fdab0..ec00d1ff5098 100644 --- a/arch/x86/kernel/apm_32.c +++ b/arch/x86/kernel/apm_32.c @@ -240,6 +240,7 @@ #include <asm/olpc.h> #include <asm/paravirt.h> #include <asm/reboot.h> +#include <asm/nospec-branch.h> #if defined(CONFIG_APM_DISPLAY_BLANK) && defined(CONFIG_VT) extern int (*console_blank_hook)(int); @@ -614,11 +615,13 @@ static long __apm_bios_call(void *_call) gdt[0x40 / 8] = bad_bios_desc; apm_irq_save(flags); + firmware_restrict_branch_speculation_start(); APM_DO_SAVE_SEGS; apm_bios_call_asm(call->func, call->ebx, call->ecx, &call->eax, &call->ebx, &call->ecx, &call->edx, &call->esi); APM_DO_RESTORE_SEGS; + firmware_restrict_branch_speculation_end(); apm_irq_restore(flags); gdt[0x40 / 8] = save_desc_40; put_cpu(); @@ -690,10 +693,12 @@ static long __apm_bios_call_simple(void *_call) gdt[0x40 / 8] = bad_bios_desc; apm_irq_save(flags); + firmware_restrict_branch_speculation_start(); APM_DO_SAVE_SEGS; error = apm_bios_call_simple_asm(call->func, call->ebx, call->ecx, &call->eax); APM_DO_RESTORE_SEGS; + firmware_restrict_branch_speculation_end(); apm_irq_restore(flags); gdt[0x40 / 8] = save_desc_40; put_cpu(); -- 2.16.4

7 years, 2 months

1
0
0 0

[PATCH 4.14 00/61] 4.14.54-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.54 release. There are 61 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Jul 8 05:46:58 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.54-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.54-rc1 Damien Thébault <damien.thebault(a)vitec.com> net: dsa: b53: Add BCM5389 support Finn Thain <fthain(a)telegraphics.com.au> net/sonic: Use dma_mapping_error() João Paulo Rechi Vita <jprvita(a)endlessm.com> platform/x86: asus-wmi: Fix NULL pointer dereference Paul Burton <paul.burton(a)mips.com> sched/core: Require cpu_active() in select_task_rq(), for user tasks Peter Zijlstra <peterz(a)infradead.org> sched/core: Fix rules for running on online && !active CPUs Darrick J. Wong <darrick.wong(a)oracle.com> fs: clear writeback errors in inode_init_always YueHaibing <yuehaibing(a)huawei.com> perf bpf: Fix NULL return handling in bpf__prepare_load() Thomas Richter <tmricht(a)linux.ibm.com> perf test: "Session topology" dumps core on s390 Josh Hill <josh(a)joshuajhill.com> net: qmi_wwan: Add Netgear Aircard 779S Ivan Bornyakov <brnkv.i1(a)gmail.com> atm: zatm: fix memcmp casting Hao Wei Tee <angelsl(a)in04.sg> iwlwifi: pcie: compare with number of IRQs requested for, not number of CPUs Julian Anastasov <ja(a)ssi.bg> ipvs: fix buffer overflow with sync daemon and service Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nft_limit: fix packet ratelimiting Sebastian Ott <sebott(a)linux.ibm.com> s390/dasd: use blk_mq_rq_from_pdu for per request data Paolo Abeni <pabeni(a)redhat.com> netfilter: ebtables: handle string from userspace with care David Howells <dhowells(a)redhat.com> afs: Fix directory permissions check Eric Dumazet <edumazet(a)google.com> xfrm6: avoid potential infinite loop in _decode_session6() Abhishek Sahu <absahu(a)codeaurora.org> mtd: rawnand: fix return value check for bad block status Sean Nyekjaer <sean.nyekjaer(a)prevas.dk> ARM: dts: imx6q: Use correct SDMA script for SPI5 core Taehee Yoo <ap420073(a)gmail.com> netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() Vincent Bernat <vincent(a)bernat.im> netfilter: ip6t_rpfilter: provide input interface for route lookup Florian Westphal <fw(a)strlen.de> netfilter: don't set F_IFACE on ipv6 fib lookups NeilBrown <neilb(a)suse.com> md: remove special meaning of ->quiesce(.., 2) NeilBrown <neilb(a)suse.com> md: allow metadata update while suspending. NeilBrown <neilb(a)suse.com> md: use mddev_suspend/resume instead of ->quiesce() NeilBrown <neilb(a)suse.com> md: move suspend_hi/lo handling into core md code NeilBrown <neilb(a)suse.com> md: don't call bitmap_create() while array is quiesced. NeilBrown <neilb(a)suse.com> md: always hold reconfig_mutex when calling mddev_suspend() Taehee Yoo <ap420073(a)gmail.com> netfilter: nf_tables: fix NULL-ptr in nf_tables_dump_obj() Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: add missing netlink attrs to policies Colin Ian King <colin.king(a)canonical.com> netfilter: nf_tables: fix memory leak on error exit return Taehee Yoo <ap420073(a)gmail.com> netfilter: nf_tables: increase nft_counters_enabled in nft_chain_stats_replace() Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: disable preemption in nft_update_chain_stats() Taehee Yoo <ap420073(a)gmail.com> netfilter: nft_meta: fix wrong value dereference in nft_meta_set_eval Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: bogus EBUSY in chain deletions Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: don't assume chain stats are set when jumplabel is set Florian Westphal <fw(a)strlen.de> netfilter: nft_compat: fix handling of large matchinfo size Florian Westphal <fw(a)strlen.de> netfilter: nft_compat: prepare for indirect info storage Florian Westphal <fw(a)strlen.de> netfilter: nf_tables: nft_compat: fix refcount leak on xt module Kenneth Graunke <kenneth(a)whitecape.org> drm/i915: Enable provoking vertex fix on Gen9 systems. Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Refactor amdgpu_vram_mgr_bo_invisible_size helper Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Use kvmalloc_array for allocating VRAM manager nodes array Stefan Agner <stefan(a)agner.ch> drm/atmel-hlcdc: check stride values in the first plane Jeremy Cline <jcline(a)redhat.com> drm/qxl: Call qxl_bo_unref outside atomic context Huang Rui <ray.huang(a)amd.com> drm/amdgpu: fix the missed vcn fw version report Rex Zhu <Rex.Zhu(a)amd.com> drm/amdgpu: Add APU support in vi_set_vce_clocks Rex Zhu <Rex.Zhu(a)amd.com> drm/amdgpu: Add APU support in vi_set_uvd_clocks Alexander Potapenko <glider(a)google.com> vt: prevent leaking uninitialized data to userspace via /dev/vcs* Johan Hovold <johan(a)kernel.org> serdev: fix memleak on module unload Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> serial: 8250_pci: Remove stalled entries in blacklist Laura Abbott <labbott(a)redhat.com> staging: android: ion: Return an ERR_PTR in ion_map_kernel Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> n_tty: Access echo_* variables carefully. Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> n_tty: Fix stall at n_tty_receive_char_special(). Zhengjun Xing <zhengjun.xing(a)linux.intel.com> xhci: Fix kernel oops in trace_xhci_free_virt_device Heikki Krogerus <heikki.krogerus(a)linux.intel.com> usb: typec: ucsi: Fix for incorrect status data issue Heikki Krogerus <heikki.krogerus(a)linux.intel.com> usb: typec: ucsi: acpi: Workaround for cache mode issue Heikki Krogerus <heikki.krogerus(a)linux.intel.com> acpi: Add helper for deactivating memory region William Wu <william.wu(a)rock-chips.com> usb: dwc2: fix the incorrect bitmaps for the ports of multi_tt hub Karoly Pados <pados(a)pados.hu> USB: serial: cp210x: add Silicon Labs IDs for Windows Update Johan Hovold <johan(a)kernel.org> USB: serial: cp210x: add CESINEL device ids Houston Yaroschoff <hstn(a)4ever3.net> usb: cdc_acm: Add quirk for Uniden UBC125 scanner ------------- Diffstat: Documentation/devicetree/bindings/net/dsa/b53.txt | 1 + Makefile | 4 +- arch/arm/boot/dts/imx6q.dtsi | 2 +- drivers/acpi/osl.c | 72 ++++++++ drivers/atm/zatm.c | 4 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 6 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c | 23 ++- drivers/gpu/drm/amd/amdgpu/vce_v3_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/vi.c | 77 +++++++-- drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c | 2 +- drivers/gpu/drm/i915/i915_reg.h | 5 + drivers/gpu/drm/i915/intel_lrc.c | 12 +- drivers/gpu/drm/qxl/qxl_display.c | 7 +- drivers/md/dm-raid.c | 10 +- drivers/md/md-cluster.c | 6 +- drivers/md/md.c | 90 ++++++---- drivers/md/md.h | 15 +- drivers/md/raid0.c | 2 +- drivers/md/raid1.c | 27 +-- drivers/md/raid10.c | 10 +- drivers/md/raid5-cache.c | 30 ++-- drivers/md/raid5-log.h | 2 +- drivers/md/raid5.c | 40 +---- drivers/mtd/nand/nand_base.c | 2 +- drivers/net/dsa/b53/b53_common.c | 13 ++ drivers/net/dsa/b53/b53_mdio.c | 5 +- drivers/net/dsa/b53/b53_priv.h | 1 + drivers/net/ethernet/natsemi/sonic.c | 2 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/net/wireless/intel/iwlwifi/pcie/trans.c | 10 +- drivers/platform/x86/asus-wmi.c | 23 +-- drivers/s390/block/dasd.c | 7 +- drivers/staging/android/ion/ion_heap.c | 2 +- drivers/tty/n_tty.c | 55 +++--- drivers/tty/serdev/core.c | 1 + drivers/tty/serial/8250/8250_pci.c | 2 - drivers/tty/vt/vt.c | 4 +- drivers/usb/class/cdc-acm.c | 3 + drivers/usb/dwc2/hcd_queue.c | 2 +- drivers/usb/host/xhci-mem.c | 4 +- drivers/usb/host/xhci-trace.h | 36 +++- drivers/usb/serial/cp210x.c | 14 ++ drivers/usb/typec/ucsi/ucsi.c | 13 ++ drivers/usb/typec/ucsi/ucsi_acpi.c | 5 + fs/afs/security.c | 10 +- fs/inode.c | 1 + include/linux/acpi.h | 3 + include/net/netfilter/nf_tables.h | 5 + kernel/sched/core.c | 45 +++-- net/bridge/netfilter/ebtables.c | 3 +- net/ipv6/netfilter/ip6t_rpfilter.c | 4 +- net/ipv6/netfilter/nft_fib_ipv6.c | 12 +- net/ipv6/xfrm6_policy.c | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 21 ++- net/netfilter/nf_tables_api.c | 61 ++++++- net/netfilter/nf_tables_core.c | 20 ++- net/netfilter/nft_compat.c | 201 +++++++++++++++++----- net/netfilter/nft_immediate.c | 15 +- net/netfilter/nft_limit.c | 38 ++-- net/netfilter/nft_meta.c | 14 +- tools/perf/tests/topology.c | 30 +++- tools/perf/util/bpf-loader.c | 6 +- 64 files changed, 809 insertions(+), 340 deletions(-)

7 years, 2 months

4
57
0 0

[PATCH v2 0/3] printk: Deadlock in NMI regression

by Petr Mladek

The commit 719f6a7040f1bdaf96 ("printk: Use the main logbuf in NMI when logbuf_lock is available") brought back the possible deadlocks in printk() and NMI. This is rework of the proposed fix, see https://lkml.kernel.org/r/20180606111557.xzs6l3lkvg7lq3ts@pathway.suse.cz I realized that we could rather easily move the check to vprintk_func() and still avoid any race. I believe that this is a win-win solution. Changes against v1: + Move the check from vprintk_emit() to vprintk_func() + More straightforward commit message + Fix build with CONFIG_PRINTK_NMI disabled Petr Mladek (3): printk: Split the code for storing a message into the log buffer printk: Create helper function to queue deferred console handling printk/nmi: Prevent deadlock when accessing the main log buffer in NMI include/linux/printk.h | 4 ++++ kernel/printk/internal.h | 9 ++++++- kernel/printk/printk.c | 57 +++++++++++++++++++++++++++----------------- kernel/printk/printk_safe.c | 58 +++++++++++++++++++++++++++++---------------- kernel/trace/trace.c | 4 +++- lib/nmi_backtrace.c | 3 --- 6 files changed, 87 insertions(+), 48 deletions(-) -- 2.13.7

7 years, 2 months

3
19
0 0

[PATCH] i2c-hid: Fix "incomplete report" noise

by Jason Andryuk

Commit ac75a041048b ("HID: i2c-hid: fix size check and type usage") started writing messages when the ret_size is <= 2 from i2c_master_recv. However, my device i2c-DLL07D1 returns 2 for a short period of time (~0.5s) after I stop moving the pointing stick or touchpad. It varies, but you get ~50 messages each time which spams the log hard. [ 95.925055] i2c_hid i2c-DLL07D1:01: i2c_hid_get_input: incomplete report (83/2) This has also been observed with a i2c-ALP0017. [ 1781.266353] i2c_hid i2c-ALP0017:00: i2c_hid_get_input: incomplete report (30/2) Only print the message when ret_size is totally invalid and less than 2 to cut down on the log spam. Reported-by: John Smith <john-s-84(a)gmx.net> Cc: stable(a)vger.kernel.org Signed-off-by: Jason Andryuk <jandryuk(a)gmail.com> --- John Smith originally reported this, but his post did not include a git formatted patch nor a Signed-off-by. https://www.spinics.net/lists/linux-input/msg56171.html https://patchwork.kernel.org/patch/10374383/ When ret_size is 2, hid_input_report is passed 0 and returns early. ret_size == 2 seems to be a header size saying there is no content. Should i2c_hid_get_input just return early in that case? Also, should this condition be noted to stop an interrupt from firing to avoid the ~50 bogus messages? drivers/hid/i2c-hid/i2c-hid.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/hid/i2c-hid/i2c-hid.c b/drivers/hid/i2c-hid/i2c-hid.c index c1652bb7bd15..eae0cb3ddec6 100644 --- a/drivers/hid/i2c-hid/i2c-hid.c +++ b/drivers/hid/i2c-hid/i2c-hid.c @@ -484,7 +484,7 @@ static void i2c_hid_get_input(struct i2c_hid *ihid) return; } - if ((ret_size > size) || (ret_size <= 2)) { + if ((ret_size > size) || (ret_size < 2)) { dev_err(&ihid->client->dev, "%s: incomplete report (%d/%d)\n", __func__, size, ret_size); return; -- 2.17.1

7 years, 2 months

2
2
0 0

[char-misc-next] mei: don't update offset in write

by Tomas Winkler

From: Alexander Usyskin <alexander.usyskin(a)intel.com> MEI enables writes of complete messages only while read can be performed in parts, hence write should not update the file offset to not break interleaving partial reads with writes. Cc: <stable(a)vger.kernel.org> Signed-off-by: Alexander Usyskin <alexander.usyskin(a)intel.com> Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> --- drivers/misc/mei/main.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/misc/mei/main.c b/drivers/misc/mei/main.c index f690918f7817..302ba7a63bd2 100644 --- a/drivers/misc/mei/main.c +++ b/drivers/misc/mei/main.c @@ -312,7 +312,6 @@ static ssize_t mei_write(struct file *file, const char __user *ubuf, } } - *offset = 0; cb = mei_cl_alloc_cb(cl, length, MEI_FOP_WRITE, file); if (!cb) { rets = -ENOMEM; -- 2.14.4

7 years, 2 months

1
0
0 0

[PATCH 1/4] rtc: omap: fix potential crash on power off

by Johan Hovold

Do not set the system power-off callback and omap power-off rtc pointer until we're done setting up our device to avoid leaving stale pointers around after a late probe error. Fixes: 97ea1906b3c2 ("rtc: omap: Support ext_wakeup configuration") Cc: stable <stable(a)vger.kernel.org> # 4.9 Cc: Marcin Niestroj <m.niestroj(a)grinn-global.com> Cc: Tony Lindgren <tony(a)atomide.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/rtc/rtc-omap.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/drivers/rtc/rtc-omap.c b/drivers/rtc/rtc-omap.c index 39086398833e..c214b69a8787 100644 --- a/drivers/rtc/rtc-omap.c +++ b/drivers/rtc/rtc-omap.c @@ -861,13 +861,6 @@ static int omap_rtc_probe(struct platform_device *pdev) goto err; } - if (rtc->is_pmic_controller) { - if (!pm_power_off) { - omap_rtc_power_off_rtc = rtc; - pm_power_off = omap_rtc_power_off; - } - } - /* Support ext_wakeup pinconf */ rtc_pinctrl_desc.name = dev_name(&pdev->dev); @@ -884,6 +877,13 @@ static int omap_rtc_probe(struct platform_device *pdev) rtc_nvmem_register(rtc->rtc, &omap_rtc_nvmem_config); + if (rtc->is_pmic_controller) { + if (!pm_power_off) { + omap_rtc_power_off_rtc = rtc; + pm_power_off = omap_rtc_power_off; + } + } + return 0; err: -- 2.18.0

7 years, 2 months

3
2
0 0

[PATCH v2 4.9.y] x86/fpu: Remove use_eager_fpu()

by Daniel Sangorrin

From: Andy Lutomirski <luto(a)kernel.org> commit c592b57347069abfc0dcad3b3a302cf882602597 upstream This removes all the obvious code paths that depend on lazy FPU mode. It shouldn't change the generated code at all. Signed-off-by: Andy Lutomirski <luto(a)kernel.org> Signed-off-by: Rik van Riel <riel(a)redhat.com> Cc: Borislav Petkov <bp(a)alien8.de> Cc: Brian Gerst <brgerst(a)gmail.com> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Denys Vlasenko <dvlasenk(a)redhat.com> Cc: Fenghua Yu <fenghua.yu(a)intel.com> Cc: H. Peter Anvin <hpa(a)zytor.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Oleg Nesterov <oleg(a)redhat.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Quentin Casasnovas <quentin.casasnovas(a)oracle.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: pbonzini(a)redhat.com Link: http://lkml.kernel.org/r/1475627678-20788-5-git-send-email-riel@redhat.com Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Daniel Sangorrin <daniel.sangorrin(a)toshiba.co.jp> --- I backported this patch to remove the final fpu lazy mode deadcode from stable 4.9.y. I only had to solve a small conflict caused by the fact that commit b22cbe404a9c ("x86/fpu: Fix invalid FPU ptrace state after execve()") had been applied before in stable (it was supposed to come after) After applying this patch please do the following to remove more deadcode: - cherry-pick: 3913cc350757 ("x86/fpu: Remove struct fpu::counter") - revert: f09a7b0eead7 ("perf: sync up x86/.../cpufeatures.h") - cherry-pick: e63650840e8b ("x86/fpu: Finish excising 'eagerfpu'") arch/x86/crypto/crc32c-intel_glue.c | 17 ++++------------- arch/x86/include/asm/fpu/internal.h | 34 +--------------------------------- arch/x86/kernel/fpu/core.c | 36 ++++-------------------------------- arch/x86/kernel/fpu/signal.c | 8 +++----- arch/x86/kernel/fpu/xstate.c | 9 --------- arch/x86/kvm/cpuid.c | 4 +--- arch/x86/kvm/x86.c | 10 ---------- 7 files changed, 13 insertions(+), 105 deletions(-) diff --git a/arch/x86/crypto/crc32c-intel_glue.c b/arch/x86/crypto/crc32c-intel_glue.c index dd19584..5773e11 100644 --- a/arch/x86/crypto/crc32c-intel_glue.c +++ b/arch/x86/crypto/crc32c-intel_glue.c @@ -48,21 +48,13 @@ #ifdef CONFIG_X86_64 /* * use carryless multiply version of crc32c when buffer - * size is >= 512 (when eager fpu is enabled) or - * >= 1024 (when eager fpu is disabled) to account + * size is >= 512 to account * for fpu state save/restore overhead. */ -#define CRC32C_PCL_BREAKEVEN_EAGERFPU 512 -#define CRC32C_PCL_BREAKEVEN_NOEAGERFPU 1024 +#define CRC32C_PCL_BREAKEVEN 512 asmlinkage unsigned int crc_pcl(const u8 *buffer, int len, unsigned int crc_init); -static int crc32c_pcl_breakeven = CRC32C_PCL_BREAKEVEN_EAGERFPU; -#define set_pcl_breakeven_point() \ -do { \ - if (!use_eager_fpu()) \ - crc32c_pcl_breakeven = CRC32C_PCL_BREAKEVEN_NOEAGERFPU; \ -} while (0) #endif /* CONFIG_X86_64 */ static u32 crc32c_intel_le_hw_byte(u32 crc, unsigned char const *data, size_t length) @@ -185,7 +177,7 @@ static int crc32c_pcl_intel_update(struct shash_desc *desc, const u8 *data, * use faster PCL version if datasize is large enough to * overcome kernel fpu state save/restore overhead */ - if (len >= crc32c_pcl_breakeven && irq_fpu_usable()) { + if (len >= CRC32C_PCL_BREAKEVEN && irq_fpu_usable()) { kernel_fpu_begin(); *crcp = crc_pcl(data, len, *crcp); kernel_fpu_end(); @@ -197,7 +189,7 @@ static int crc32c_pcl_intel_update(struct shash_desc *desc, const u8 *data, static int __crc32c_pcl_intel_finup(u32 *crcp, const u8 *data, unsigned int len, u8 *out) { - if (len >= crc32c_pcl_breakeven && irq_fpu_usable()) { + if (len >= CRC32C_PCL_BREAKEVEN && irq_fpu_usable()) { kernel_fpu_begin(); *(__le32 *)out = ~cpu_to_le32(crc_pcl(data, len, *crcp)); kernel_fpu_end(); @@ -257,7 +249,6 @@ static int __init crc32c_intel_mod_init(void) alg.update = crc32c_pcl_intel_update; alg.finup = crc32c_pcl_intel_finup; alg.digest = crc32c_pcl_intel_digest; - set_pcl_breakeven_point(); } #endif return crypto_register_shash(&alg); diff --git a/arch/x86/include/asm/fpu/internal.h b/arch/x86/include/asm/fpu/internal.h index 8852e3a..7801d32 100644 --- a/arch/x86/include/asm/fpu/internal.h +++ b/arch/x86/include/asm/fpu/internal.h @@ -60,11 +60,6 @@ extern u64 fpu__get_supported_xfeatures_mask(void); /* * FPU related CPU feature flag helper routines: */ -static __always_inline __pure bool use_eager_fpu(void) -{ - return true; -} - static __always_inline __pure bool use_xsaveopt(void) { return static_cpu_has(X86_FEATURE_XSAVEOPT); @@ -501,24 +496,6 @@ static inline int fpu_want_lazy_restore(struct fpu *fpu, unsigned int cpu) } -/* - * Wrap lazy FPU TS handling in a 'hw fpregs activation/deactivation' - * idiom, which is then paired with the sw-flag (fpregs_active) later on: - */ - -static inline void __fpregs_activate_hw(void) -{ - if (!use_eager_fpu()) - clts(); -} - -static inline void __fpregs_deactivate_hw(void) -{ - if (!use_eager_fpu()) - stts(); -} - -/* Must be paired with an 'stts' (fpregs_deactivate_hw()) after! */ static inline void __fpregs_deactivate(struct fpu *fpu) { WARN_ON_FPU(!fpu->fpregs_active); @@ -528,7 +505,6 @@ static inline void __fpregs_deactivate(struct fpu *fpu) trace_x86_fpu_regs_deactivated(fpu); } -/* Must be paired with a 'clts' (fpregs_activate_hw()) before! */ static inline void __fpregs_activate(struct fpu *fpu) { WARN_ON_FPU(fpu->fpregs_active); @@ -554,22 +530,17 @@ static inline int fpregs_active(void) } /* - * Encapsulate the CR0.TS handling together with the - * software flag. - * * These generally need preemption protection to work, * do try to avoid using these on their own. */ static inline void fpregs_activate(struct fpu *fpu) { - __fpregs_activate_hw(); __fpregs_activate(fpu); } static inline void fpregs_deactivate(struct fpu *fpu) { __fpregs_deactivate(fpu); - __fpregs_deactivate_hw(); } /* @@ -596,8 +567,7 @@ switch_fpu_prepare(struct fpu *old_fpu, struct fpu *new_fpu, int cpu) * or if the past 5 consecutive context-switches used math. */ fpu.preload = static_cpu_has(X86_FEATURE_FPU) && - new_fpu->fpstate_active && - (use_eager_fpu() || new_fpu->counter > 5); + new_fpu->fpstate_active; if (old_fpu->fpregs_active) { if (!copy_fpregs_to_fpstate(old_fpu)) @@ -615,8 +585,6 @@ switch_fpu_prepare(struct fpu *old_fpu, struct fpu *new_fpu, int cpu) __fpregs_activate(new_fpu); trace_x86_fpu_regs_activated(new_fpu); prefetch(&new_fpu->state); - } else { - __fpregs_deactivate_hw(); } } else { old_fpu->counter = 0; diff --git a/arch/x86/kernel/fpu/core.c b/arch/x86/kernel/fpu/core.c index 96d80df..2dc1927 100644 --- a/arch/x86/kernel/fpu/core.c +++ b/arch/x86/kernel/fpu/core.c @@ -58,27 +58,9 @@ static bool kernel_fpu_disabled(void) return this_cpu_read(in_kernel_fpu); } -/* - * Were we in an interrupt that interrupted kernel mode? - * - * On others, we can do a kernel_fpu_begin/end() pair *ONLY* if that - * pair does nothing at all: the thread must not have fpu (so - * that we don't try to save the FPU state), and TS must - * be set (so that the clts/stts pair does nothing that is - * visible in the interrupted kernel thread). - * - * Except for the eagerfpu case when we return true; in the likely case - * the thread has FPU but we are not going to set/clear TS. - */ static bool interrupted_kernel_fpu_idle(void) { - if (kernel_fpu_disabled()) - return false; - - if (use_eager_fpu()) - return true; - - return !current->thread.fpu.fpregs_active && (read_cr0() & X86_CR0_TS); + return !kernel_fpu_disabled(); } /* @@ -126,7 +108,6 @@ void __kernel_fpu_begin(void) copy_fpregs_to_fpstate(fpu); } else { this_cpu_write(fpu_fpregs_owner_ctx, NULL); - __fpregs_activate_hw(); } } EXPORT_SYMBOL(__kernel_fpu_begin); @@ -137,8 +118,6 @@ void __kernel_fpu_end(void) if (fpu->fpregs_active) copy_kernel_to_fpregs(&fpu->state); - else - __fpregs_deactivate_hw(); kernel_fpu_enable(); } @@ -200,10 +179,7 @@ void fpu__save(struct fpu *fpu) trace_x86_fpu_before_save(fpu); if (fpu->fpregs_active) { if (!copy_fpregs_to_fpstate(fpu)) { - if (use_eager_fpu()) - copy_kernel_to_fpregs(&fpu->state); - else - fpregs_deactivate(fpu); + copy_kernel_to_fpregs(&fpu->state); } } trace_x86_fpu_after_save(fpu); @@ -261,8 +237,7 @@ int fpu__copy(struct fpu *dst_fpu, struct fpu *src_fpu) * Don't let 'init optimized' areas of the XSAVE area * leak into the child task: */ - if (use_eager_fpu()) - memset(&dst_fpu->state.xsave, 0, fpu_kernel_xstate_size); + memset(&dst_fpu->state.xsave, 0, fpu_kernel_xstate_size); /* * Save current FPU registers directly into the child @@ -284,10 +259,7 @@ int fpu__copy(struct fpu *dst_fpu, struct fpu *src_fpu) memcpy(&src_fpu->state, &dst_fpu->state, fpu_kernel_xstate_size); - if (use_eager_fpu()) - copy_kernel_to_fpregs(&src_fpu->state); - else - fpregs_deactivate(src_fpu); + copy_kernel_to_fpregs(&src_fpu->state); } preempt_enable(); diff --git a/arch/x86/kernel/fpu/signal.c b/arch/x86/kernel/fpu/signal.c index 3ec0d2d..3a93186 100644 --- a/arch/x86/kernel/fpu/signal.c +++ b/arch/x86/kernel/fpu/signal.c @@ -344,11 +344,9 @@ static int __fpu__restore_sig(void __user *buf, void __user *buf_fx, int size) } fpu->fpstate_active = 1; - if (use_eager_fpu()) { - preempt_disable(); - fpu__restore(fpu); - preempt_enable(); - } + preempt_disable(); + fpu__restore(fpu); + preempt_enable(); return err; } else { diff --git a/arch/x86/kernel/fpu/xstate.c b/arch/x86/kernel/fpu/xstate.c index abfbb61b..e9d7f46 100644 --- a/arch/x86/kernel/fpu/xstate.c +++ b/arch/x86/kernel/fpu/xstate.c @@ -890,15 +890,6 @@ int arch_set_user_pkey_access(struct task_struct *tsk, int pkey, */ if (!boot_cpu_has(X86_FEATURE_OSPKE)) return -EINVAL; - /* - * For most XSAVE components, this would be an arduous task: - * brining fpstate up to date with fpregs, updating fpstate, - * then re-populating fpregs. But, for components that are - * never lazily managed, we can just access the fpregs - * directly. PKRU is never managed lazily, so we can just - * manipulate it directly. Make sure it stays that way. - */ - WARN_ON_ONCE(!use_eager_fpu()); /* Set the bits we need in PKRU: */ if (init_val & PKEY_DISABLE_ACCESS) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index 7e5119c..c17d389 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -16,7 +16,6 @@ #include <linux/export.h> #include <linux/vmalloc.h> #include <linux/uaccess.h> -#include <asm/fpu/internal.h> /* For use_eager_fpu. Ugh! */ #include <asm/user.h> #include <asm/fpu/xstate.h> #include "cpuid.h" @@ -114,8 +113,7 @@ int kvm_update_cpuid(struct kvm_vcpu *vcpu) if (best && (best->eax & (F(XSAVES) | F(XSAVEC)))) best->ebx = xstate_required_size(vcpu->arch.xcr0, true); - if (use_eager_fpu()) - kvm_x86_ops->fpu_activate(vcpu); + kvm_x86_ops->fpu_activate(vcpu); /* * The existing code assumes virtual address is 48-bit in the canonical diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 5ca23af..0754dae 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -7513,16 +7513,6 @@ void kvm_put_guest_fpu(struct kvm_vcpu *vcpu) copy_fpregs_to_fpstate(&vcpu->arch.guest_fpu); __kernel_fpu_end(); ++vcpu->stat.fpu_reload; - /* - * If using eager FPU mode, or if the guest is a frequent user - * of the FPU, just leave the FPU active for next time. - * Every 255 times fpu_counter rolls over to 0; a guest that uses - * the FPU in bursts will revert to loading it on demand. - */ - if (!use_eager_fpu()) { - if (++vcpu->fpu_counter < 5) - kvm_make_request(KVM_REQ_DEACTIVATE_FPU, vcpu); - } trace_kvm_fpu(0); } -- 2.1.4

7 years, 2 months

1
0
0 0

[PATCH] mtd: rawnand: hynix: Use ->exec_op() in hynix_nand_reg_write_op()

by Boris Brezillon

Modern NAND controller drivers implement ->exec_op() instead of ->cmdfunc(), make sure we don't end up with a NULL pointer dereference when hynix_nand_reg_write_op() is called. Fixes: 8878b126df76 ("mtd: nand: add ->exec_op() implementation") Cc: <stable(a)vger.kernel.org> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> --- drivers/mtd/nand/raw/nand_hynix.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/drivers/mtd/nand/raw/nand_hynix.c b/drivers/mtd/nand/raw/nand_hynix.c index 8cbe77f447c7..4ffbb26e76d6 100644 --- a/drivers/mtd/nand/raw/nand_hynix.c +++ b/drivers/mtd/nand/raw/nand_hynix.c @@ -100,6 +100,16 @@ static int hynix_nand_reg_write_op(struct nand_chip *chip, u8 addr, u8 val) struct mtd_info *mtd = nand_to_mtd(chip); u16 column = ((u16)addr << 8) | addr; + if (chip->exec_op) { + struct nand_op_instr instrs[] = { + NAND_OP_ADDR(1, &addr, 0), + NAND_OP_8BIT_DATA_OUT(1, &val, 0), + }; + struct nand_operation op = NAND_OPERATION(instrs); + + return nand_exec_op(chip, &op); + } + chip->cmdfunc(mtd, NAND_CMD_NONE, column, -1); chip->write_byte(mtd, val); -- 2.14.1

7 years, 2 months

2
2
0 0

[PATCH v2] devres: Really align data field to unsigned long long

by Alexey Brodkin

Depending on ABI "long long" type of a particular 32-bit CPU might be aligned by either word (32-bits) or double word (64-bits). Make sure "data" is really 64-bit aligned for any 32-bit CPU. At least for 32-bit ARC cores ABI requires "long long" types to be aligned by normal 32-bit word. This makes "data" field aligned to 12 bytes. Which is still OK as long as we use 32-bit data only. But once we want to use native atomic64_t type (i.e. when we use special instructions LLOCKD/SCONDD for accessing 64-bit data) we easily hit misaligned access exception. That's because even on CPUs capable of non-aligned data access LL/SC instructions require strict alignment. Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org --- Changes v1 -> v2: * Reworded commit message * Inserted comment right in source [Thomas] drivers/base/devres.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/drivers/base/devres.c b/drivers/base/devres.c index f98a097e73f2..466fa59c866a 100644 --- a/drivers/base/devres.c +++ b/drivers/base/devres.c @@ -24,8 +24,12 @@ struct devres_node { struct devres { struct devres_node node; - /* -- 3 pointers */ - unsigned long long data[]; /* guarantee ull alignment */ + /* + * Depending on ABI "long long" type of a particular 32-bit CPU + * might be aligned by either word (32-bits) or double word (64-bits). + * Make sure "data" is really 64-bit aligned for any 32-bit CPU. + */ + unsigned long long data[] __aligned(sizeof(unsigned long long)); }; struct devres_group { -- 2.17.1

7 years, 2 months

3
3
0 0

Re: [PATCH 4.16 234/279] x86/pkeys/selftests: Adjust the self-test to fresh distros that export the pkeys ABI

by Vlastimil Babka

On 06/18/2018 10:13 AM, Greg Kroah-Hartman wrote: > 4.16-stable review patch. If anyone has any objections, please let me know. So I was wondering, why backport such a considerable number of *selftests* to stable, given the stable policy? Surely selftests don't affect the kernel itself breaking for users? Thanks, Vlastimil

7 years, 2 months

4
6
0 0

[Linux-stable-mirror] [PATCH] scsi: lpfc: Switch memcpy_fromio() to __read32_copy()

by Huacai Chen

In commit bc73905abf770192 ("[SCSI] lpfc 8.3.16: SLI Additions, updates, and code cleanup"), lpfc_memcpy_to_slim() have switched memcpy_toio() to __write32_copy() in order to prevent unaligned 64 bit copy. Recently, we found that lpfc_memcpy_from_slim() have similar issues, so let it switch memcpy_fromio() to __read32_copy(). Cc: stable(a)vger.kernel.org Signed-off-by: Huacai Chen <chenhc(a)lemote.com> --- drivers/scsi/lpfc/lpfc_compat.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/scsi/lpfc/lpfc_compat.h b/drivers/scsi/lpfc/lpfc_compat.h index 6b32b0a..47d4fad 100644 --- a/drivers/scsi/lpfc/lpfc_compat.h +++ b/drivers/scsi/lpfc/lpfc_compat.h @@ -91,8 +91,8 @@ lpfc_memcpy_to_slim( void __iomem *dest, void *src, unsigned int bytes) static inline void lpfc_memcpy_from_slim( void *dest, void __iomem *src, unsigned int bytes) { - /* actually returns 1 byte past dest */ - memcpy_fromio( dest, src, bytes); + /* convert bytes in argument list to word count for copy function */ + __ioread32_copy(dest, src, bytes / sizeof(uint32_t)); } #endif /* __BIG_ENDIAN */ -- 2.7.0

7 years, 2 months

3
5
0 0

[PATCH v3 1/3] mtd: rawnand: marvell: add suspend and resume hooks

by Daniel Mack

This patch restores the suspend and resume hooks that the old driver used to have. Apart from stopping and starting the clocks, the resume callback also nullifies the selected_chip pointer, so the next command that is issued will re-select the chip and thereby restore the timing registers. Without this patch, a PXA3xx based system would cough up an error similar to the one below after resume. [ 44.660162] marvell-nfc 43100000.nand-controller: Timeout waiting for RB signal [ 44.671492] ubi0 error: ubi_io_write: error -110 while writing 2048 bytes to PEB 102:38912, written 0 bytes [ 44.682887] CPU: 0 PID: 1417 Comm: remote-control Not tainted 4.18.0-rc2+ #344 [ 44.691197] Hardware name: Marvell PXA3xx (Device Tree Support) [ 44.697111] Backtrace: [ 44.699593] [<c0106458>] (dump_backtrace) from [<c0106718>] (show_stack+0x18/0x1c) [ 44.708931] r7:00000800 r6:00009800 r5:00000066 r4:c6139000 [ 44.715833] [<c0106700>] (show_stack) from [<c0678a60>] (dump_stack+0x20/0x28) [ 44.724206] [<c0678a40>] (dump_stack) from [<c0456cbc>] (ubi_io_write+0x3d4/0x630) [ 44.732925] [<c04568e8>] (ubi_io_write) from [<c0454428>] (ubi_eba_write_leb+0x690/0x6fc) ... Signed-off-by: Daniel Mack <daniel(a)zonque.org> Fixes: 02f26ecf8c77 ("mtd: nand: add reworked Marvell NAND controller driver") Cc: stable(a)vger.kernel.org --- drivers/mtd/nand/raw/marvell_nand.c | 49 +++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/drivers/mtd/nand/raw/marvell_nand.c b/drivers/mtd/nand/raw/marvell_nand.c index 00d9f29bbdb6..4644f6e3b930 100644 --- a/drivers/mtd/nand/raw/marvell_nand.c +++ b/drivers/mtd/nand/raw/marvell_nand.c @@ -2825,6 +2825,54 @@ static int marvell_nfc_remove(struct platform_device *pdev) return 0; } +static int __maybe_unused marvell_nfc_suspend(struct device *dev) +{ + struct marvell_nfc *nfc = dev_get_drvdata(dev); + struct marvell_nand_chip *chip; + + list_for_each_entry(chip, &nfc->chips, node) + marvell_nfc_wait_ndrun(&chip->chip); + + clk_disable_unprepare(nfc->reg_clk); + clk_disable_unprepare(nfc->core_clk); + + return 0; +} + +static int __maybe_unused marvell_nfc_resume(struct device *dev) +{ + struct marvell_nfc *nfc = dev_get_drvdata(dev); + int ret; + + ret = clk_prepare_enable(nfc->core_clk); + if (ret < 0) + return ret; + + if (!IS_ERR(nfc->reg_clk)) { + ret = clk_prepare_enable(nfc->reg_clk); + if (ret < 0) + return ret; + } + + /* + * Reset nfc->selected_chip so the next command will cause the timing + * registers to be restored in marvell_nfc_select_chip(). + */ + nfc->selected_chip = NULL; + + /* Reset registers that have lots its contents */ + writel_relaxed(NDCR_ALL_INT | NDCR_ND_ARB_EN | NDCR_SPARE_EN | + NDCR_RD_ID_CNT(NFCV1_READID_LEN), nfc->regs + NDCR); + writel_relaxed(0xFFFFFFFF, nfc->regs + NDSR); + writel_relaxed(0, nfc->regs + NDECCCTRL); + + return 0; +} + +static const struct dev_pm_ops marvell_nfc_pm_ops = { + SET_SYSTEM_SLEEP_PM_OPS(marvell_nfc_suspend, marvell_nfc_resume) +}; + static const struct marvell_nfc_caps marvell_armada_8k_nfc_caps = { .max_cs_nb = 4, .max_rb_nb = 2, @@ -2909,6 +2957,7 @@ static struct platform_driver marvell_nfc_driver = { .driver = { .name = "marvell-nfc", .of_match_table = marvell_nfc_of_ids, + .pm = &marvell_nfc_pm_ops, }, .id_table = marvell_nfc_platform_ids, .probe = marvell_nfc_probe, -- 2.17.1

7 years, 2 months

2
5
0 0

[PATCH] ubifs: xattr: Don't operate on deleted inodes

by Richard Weinberger

xattr operations can race with unlink and the following assert triggers: UBIFS assert failed in ubifs_jnl_change_xattr at 1606 (pid 6256) Fix this by checking i_nlink before working on the host inode. Cc: <stable(a)vger.kernel.org> Fixes: 1e51764a3c2a ("UBIFS: add new flash file system") Signed-off-by: Richard Weinberger <richard(a)nod.at> --- fs/ubifs/xattr.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/fs/ubifs/xattr.c b/fs/ubifs/xattr.c index 6f720fdf5020..09e37e63bddd 100644 --- a/fs/ubifs/xattr.c +++ b/fs/ubifs/xattr.c @@ -152,6 +152,12 @@ static int create_xattr(struct ubifs_info *c, struct inode *host, ui->data_len = size; mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_cnt += 1; host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); @@ -184,6 +190,7 @@ static int create_xattr(struct ubifs_info *c, struct inode *host, host_ui->xattr_size -= CALC_XATTR_BYTES(size); host_ui->xattr_names -= fname_len(nm); host_ui->flags &= ~UBIFS_CRYPT_FL; +out_noent: mutex_unlock(&host_ui->ui_mutex); out_free: make_bad_inode(inode); @@ -235,6 +242,12 @@ static int change_xattr(struct ubifs_info *c, struct inode *host, mutex_unlock(&ui->ui_mutex); mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_size -= CALC_XATTR_BYTES(old_size); host_ui->xattr_size += CALC_XATTR_BYTES(size); @@ -256,6 +269,7 @@ static int change_xattr(struct ubifs_info *c, struct inode *host, out_cancel: host_ui->xattr_size -= CALC_XATTR_BYTES(size); host_ui->xattr_size += CALC_XATTR_BYTES(old_size); +out_noent: mutex_unlock(&host_ui->ui_mutex); make_bad_inode(inode); out_free: @@ -482,6 +496,12 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host, return err; mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_cnt -= 1; host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm)); @@ -501,6 +521,7 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host, host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len); host_ui->xattr_names += fname_len(nm); +out_noent: mutex_unlock(&host_ui->ui_mutex); ubifs_release_budget(c, &req); make_bad_inode(inode); @@ -540,6 +561,9 @@ static int ubifs_xattr_remove(struct inode *host, const char *name) ubifs_assert(inode_is_locked(host)); + if (!host->i_nlink) + return -ENOENT; + if (fname_len(&nm) > UBIFS_MAX_NLEN) return -ENAMETOOLONG; -- 2.18.0

7 years, 2 months

1
0
0 0

v4.14.54 build: 0 failures 0 warnings (v4.14.54)

by Build bot for Mark Brown

Tree/Branch: v4.14.54 Git describe: v4.14.54 Commit: 5893f4c3fb Linux 4.14.54 Build Time: 98 min 57 sec Passed: 11 / 11 (100.00 %) Failed: 0 / 11 ( 0.00 %) Errors: 0 Warnings: 0 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): ------------------------------------------------------------------------------- =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm64-allmodconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm64-defconfig close failed in file object destructor: sys.excepthook is missing lost sys.stderr

7 years, 2 months

1
0
0 0

[PATCH] ACPI: save NVS memory for ASUS 1025C laptop

by Willy Tarreau

Every time I tried to upgrade my laptop from 3.10.x to 4.x I faced an issue by which the fan would run at full speed upon resume. Bisecting it showed me the issue was introduced in 3.17 by commit 821d6f0359b0 (ACPI / sleep: Do not save NVS for new machines to accelerate S3). This code only affects machines built starting as of 2012, but this Asus 1025C laptop was made in 2012 and apparently needs the NVS data to be saved, otherwise the CPU's thermal state is not properly reported on resume and the fan runs at full speed upon resume. Here's a very simple way to check if such a machine is affected : # cat /sys/class/thermal/thermal_zone0/temp 55000 ( now suspend, wait one second and resume ) # cat /sys/class/thermal/thermal_zone0/temp 0 (and after ~15 seconds the fan starts to spin) Let's apply the same quirk as commit cbc00c13 (ACPI: save NVS memory for Lenovo G50-45) and reuse the function it provides. Note that this commit was already backported to 4.9.x but not 4.4.x. Cc: <stable(a)vger.kernel.org> # 3.17+: requires cbc00c13 Signed-off-by: Willy Tarreau <w(a)1wt.eu> --- drivers/acpi/sleep.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/acpi/sleep.c b/drivers/acpi/sleep.c index 974e584..af54d7b 100644 --- a/drivers/acpi/sleep.c +++ b/drivers/acpi/sleep.c @@ -338,6 +338,14 @@ static const struct dmi_system_id acpisleep_dmi_table[] __initconst = { DMI_MATCH(DMI_PRODUCT_NAME, "K54HR"), }, }, + { + .callback = init_nvs_save_s3, + .ident = "Asus 1025C", + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "ASUSTeK COMPUTER INC."), + DMI_MATCH(DMI_PRODUCT_NAME, "1025C"), + }, + }, /* * https://bugzilla.kernel.org/show_bug.cgi?id=189431 * Lenovo G50-45 is a platform later than 2012, but needs nvs memory -- 2.8.0.rc2.1.gbe9624a

7 years, 2 months

1
0
0 0

Linux 4.17.5

by Greg KH

I'm announcing the release of the 4.17.5 kernel. All users of the 4.17 kernel series must upgrade. The updated 4.17.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.17.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/boot/dts/imx6q.dtsi | 2 arch/arm64/boot/dts/amlogic/meson-gxl-s905x-p212.dtsi | 7 + arch/x86/include/asm/pgalloc.h | 3 drivers/acpi/osl.c | 72 ++++++++++++++++ drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 10 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 24 ++--- drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 14 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c | 39 ++++++++- drivers/gpu/drm/amd/amdgpu/vce_v3_0.c | 4 drivers/gpu/drm/amd/amdgpu/vi.c | 77 ++++++++++++++---- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 22 ++++- drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c | 2 drivers/gpu/drm/i915/i915_irq.c | 12 ++ drivers/gpu/drm/i915/i915_reg.h | 5 + drivers/gpu/drm/i915/intel_crt.c | 20 ++++ drivers/gpu/drm/i915/intel_ddi.c | 8 + drivers/gpu/drm/i915/intel_display.c | 16 +++ drivers/gpu/drm/i915/intel_dp.c | 34 +++---- drivers/gpu/drm/i915/intel_dp_mst.c | 14 +++ drivers/gpu/drm/i915/intel_dsi.c | 6 + drivers/gpu/drm/i915/intel_dvo.c | 6 + drivers/gpu/drm/i915/intel_hdmi.c | 6 + drivers/gpu/drm/i915/intel_lrc.c | 12 ++ drivers/gpu/drm/i915/intel_lvds.c | 5 + drivers/gpu/drm/i915/intel_sdvo.c | 6 + drivers/gpu/drm/i915/intel_tv.c | 12 ++ drivers/gpu/drm/qxl/qxl_display.c | 7 + drivers/gpu/drm/sti/Kconfig | 3 drivers/gpu/drm/sun4i/sun4i_tcon.c | 25 ----- drivers/iio/accel/mma8452.c | 2 drivers/staging/android/ion/ion_heap.c | 2 drivers/tty/n_tty.c | 55 +++++++----- drivers/tty/serdev/core.c | 1 drivers/tty/serial/8250/8250_pci.c | 2 drivers/tty/vt/vt.c | 4 drivers/usb/class/cdc-acm.c | 3 drivers/usb/dwc2/hcd_queue.c | 2 drivers/usb/host/xhci-mem.c | 4 drivers/usb/host/xhci-trace.h | 36 +++++++- drivers/usb/serial/cp210x.c | 14 +++ drivers/usb/typec/tcpm.c | 7 - drivers/usb/typec/ucsi/ucsi.c | 13 +++ drivers/usb/typec/ucsi/ucsi_acpi.c | 5 + include/linux/acpi.h | 3 net/ipv6/netfilter/ip6t_rpfilter.c | 2 net/netfilter/nf_tables_core.c | 3 net/netfilter/xt_connmark.c | 2 50 files changed, 488 insertions(+), 149 deletions(-) Alexander Potapenko (1): vt: prevent leaking uninitialized data to userspace via /dev/vcs* Andrey Ryabinin (1): x86/mm: Don't free P4D table when it is folded at runtime Andy Shevchenko (1): serial: 8250_pci: Remove stalled entries in blacklist Florian Westphal (1): netfilter: xt_connmark: fix list corruption on rmmod Greg Kroah-Hartman (1): Linux 4.17.5 Harry Wentland (1): drm/amdgpu: Don't default to DC support for Kaveri and older Heikki Krogerus (3): acpi: Add helper for deactivating memory region usb: typec: ucsi: acpi: Workaround for cache mode issue usb: typec: ucsi: Fix for incorrect status data issue Houston Yaroschoff (1): usb: cdc_acm: Add quirk for Uniden UBC125 scanner Huang Rui (1): drm/amdgpu: fix the missed vcn fw version report Jeremy Cline (1): drm/qxl: Call qxl_bo_unref outside atomic context Johan Hovold (2): USB: serial: cp210x: add CESINEL device ids serdev: fix memleak on module unload Junwei Zhang (1): drm/amdgpu: fix clear_all and replace handling in the VM (v2) Karoly Pados (1): USB: serial: cp210x: add Silicon Labs IDs for Windows Update Kenneth Graunke (1): drm/i915: Enable provoking vertex fix on Gen9 systems. Laura Abbott (1): staging: android: ion: Return an ERR_PTR in ion_map_kernel Leonard Crestez (1): iio: mma8452: Fix ignoring MMA8452_INT_DRDY Lyude Paul (3): drm/amdgpu: Grab/put runtime PM references in atomic_commit_tail() drm/i915/dp: Send DPCD ON for MST before phy_up drm/amdgpu: Count disabled CRTCs in commit tail earlier Michel Dänzer (5): drm/amdgpu: Use kvmalloc_array for allocating VRAM manager nodes array drm/amdgpu: Refactor amdgpu_vram_mgr_bo_invisible_size helper drm/amdgpu: Make amdgpu_vram_mgr_bo_invisible_size always accurate drm/amdgpu: Update pin_size values before unpinning BO drm/amdgpu: GPU vs CPU page size fixes in amdgpu_vm_bo_split_mapping Mikita Lipski (1): drm/amd/display: Clear connector's edid pointer Neil Armstrong (1): ARM64: dts: meson-gxl-s905x-p212: Add phy-supply for usb0 Oliver O'Halloran (1): drm/sti: Depend on OF rather than selecting it Paul Kocialkowski (1): Revert "drm/sun4i: Handle DRM_BUS_FLAG_PIXDATA_*EDGE" Peter Chen (1): usb: typec: tcpm: fix logbuffer index is wrong if _tcpm_log is re-entered Rex Zhu (2): drm/amdgpu: Add APU support in vi_set_uvd_clocks drm/amdgpu: Add APU support in vi_set_vce_clocks Sean Nyekjaer (1): ARM: dts: imx6q: Use correct SDMA script for SPI5 core Shirish S (1): drm/amd/display: release spinlock before committing updates to stream Stefan Agner (1): drm/atmel-hlcdc: check stride values in the first plane Taehee Yoo (1): netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() Tetsuo Handa (2): n_tty: Fix stall at n_tty_receive_char_special(). n_tty: Access echo_* variables carefully. Ville Syrjälä (4): drm/i915: Allow DBLSCAN user modes with eDP/LVDS/DSI drm/i915: Fix PIPESTAT irq ack on i965/g4x drm/i915: Disallow interlaced modes on g4x DP outputs drm/i915: Turn off g4x DP port in .post_disable() Vincent Bernat (1): netfilter: ip6t_rpfilter: provide input interface for route lookup William Wu (1): usb: dwc2: fix the incorrect bitmaps for the ports of multi_tt hub Zhengjun Xing (1): xhci: Fix kernel oops in trace_xhci_free_virt_device

7 years, 2 months

1
1
0 0

Linux 4.14.54

by Greg KH

I'm announcing the release of the 4.14.54 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/net/dsa/b53.txt | 1 Makefile | 2 arch/arm/boot/dts/imx6q.dtsi | 2 drivers/acpi/osl.c | 72 +++++++ drivers/atm/zatm.c | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 6 drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c | 23 ++ drivers/gpu/drm/amd/amdgpu/vce_v3_0.c | 4 drivers/gpu/drm/amd/amdgpu/vi.c | 77 ++++++-- drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c | 2 drivers/gpu/drm/i915/i915_reg.h | 5 drivers/gpu/drm/i915/intel_lrc.c | 12 + drivers/gpu/drm/qxl/qxl_display.c | 7 drivers/md/dm-raid.c | 10 - drivers/md/md-cluster.c | 6 drivers/md/md.c | 90 ++++++--- drivers/md/md.h | 15 + drivers/md/raid0.c | 2 drivers/md/raid1.c | 27 -- drivers/md/raid10.c | 10 - drivers/md/raid5-cache.c | 30 ++- drivers/md/raid5-log.h | 2 drivers/md/raid5.c | 40 ---- drivers/mtd/nand/nand_base.c | 2 drivers/net/dsa/b53/b53_common.c | 13 + drivers/net/dsa/b53/b53_mdio.c | 5 drivers/net/dsa/b53/b53_priv.h | 1 drivers/net/ethernet/natsemi/sonic.c | 2 drivers/net/usb/qmi_wwan.c | 1 drivers/net/wireless/intel/iwlwifi/pcie/trans.c | 10 - drivers/platform/x86/asus-wmi.c | 23 +- drivers/s390/block/dasd.c | 7 drivers/staging/android/ion/ion_heap.c | 2 drivers/tty/n_tty.c | 55 +++--- drivers/tty/serdev/core.c | 1 drivers/tty/serial/8250/8250_pci.c | 2 drivers/tty/vt/vt.c | 4 drivers/usb/class/cdc-acm.c | 3 drivers/usb/dwc2/hcd_queue.c | 2 drivers/usb/host/xhci-mem.c | 4 drivers/usb/host/xhci-trace.h | 36 +++ drivers/usb/serial/cp210x.c | 14 + drivers/usb/typec/ucsi/ucsi.c | 13 + drivers/usb/typec/ucsi/ucsi_acpi.c | 5 fs/afs/security.c | 10 - fs/inode.c | 1 include/linux/acpi.h | 3 include/net/netfilter/nf_tables.h | 5 kernel/sched/core.c | 45 +++- net/bridge/netfilter/ebtables.c | 3 net/ipv6/netfilter/ip6t_rpfilter.c | 4 net/ipv6/netfilter/nft_fib_ipv6.c | 12 - net/ipv6/xfrm6_policy.c | 2 net/netfilter/ipvs/ip_vs_ctl.c | 21 +- net/netfilter/nf_tables_api.c | 61 +++++- net/netfilter/nf_tables_core.c | 20 +- net/netfilter/nft_compat.c | 201 +++++++++++++++++----- net/netfilter/nft_immediate.c | 15 + net/netfilter/nft_limit.c | 38 ++-- net/netfilter/nft_meta.c | 14 - tools/perf/tests/topology.c | 30 ++- tools/perf/util/bpf-loader.c | 6 64 files changed, 808 insertions(+), 339 deletions(-) Abhishek Sahu (1): mtd: rawnand: fix return value check for bad block status Alexander Potapenko (1): vt: prevent leaking uninitialized data to userspace via /dev/vcs* Andy Shevchenko (1): serial: 8250_pci: Remove stalled entries in blacklist Colin Ian King (1): netfilter: nf_tables: fix memory leak on error exit return Damien Thébault (1): net: dsa: b53: Add BCM5389 support Darrick J. Wong (1): fs: clear writeback errors in inode_init_always David Howells (1): afs: Fix directory permissions check Eric Dumazet (1): xfrm6: avoid potential infinite loop in _decode_session6() Finn Thain (1): net/sonic: Use dma_mapping_error() Florian Westphal (6): netfilter: nf_tables: nft_compat: fix refcount leak on xt module netfilter: nft_compat: prepare for indirect info storage netfilter: nft_compat: fix handling of large matchinfo size netfilter: nf_tables: don't assume chain stats are set when jumplabel is set netfilter: nf_tables: add missing netlink attrs to policies netfilter: don't set F_IFACE on ipv6 fib lookups Greg Kroah-Hartman (1): Linux 4.14.54 Hao Wei Tee (1): iwlwifi: pcie: compare with number of IRQs requested for, not number of CPUs Heikki Krogerus (3): acpi: Add helper for deactivating memory region usb: typec: ucsi: acpi: Workaround for cache mode issue usb: typec: ucsi: Fix for incorrect status data issue Houston Yaroschoff (1): usb: cdc_acm: Add quirk for Uniden UBC125 scanner Huang Rui (1): drm/amdgpu: fix the missed vcn fw version report Ivan Bornyakov (1): atm: zatm: fix memcmp casting Jeremy Cline (1): drm/qxl: Call qxl_bo_unref outside atomic context Johan Hovold (2): USB: serial: cp210x: add CESINEL device ids serdev: fix memleak on module unload Josh Hill (1): net: qmi_wwan: Add Netgear Aircard 779S João Paulo Rechi Vita (1): platform/x86: asus-wmi: Fix NULL pointer dereference Julian Anastasov (1): ipvs: fix buffer overflow with sync daemon and service Karoly Pados (1): USB: serial: cp210x: add Silicon Labs IDs for Windows Update Kenneth Graunke (1): drm/i915: Enable provoking vertex fix on Gen9 systems. Laura Abbott (1): staging: android: ion: Return an ERR_PTR in ion_map_kernel Michel Dänzer (2): drm/amdgpu: Use kvmalloc_array for allocating VRAM manager nodes array drm/amdgpu: Refactor amdgpu_vram_mgr_bo_invisible_size helper NeilBrown (6): md: always hold reconfig_mutex when calling mddev_suspend() md: don't call bitmap_create() while array is quiesced. md: move suspend_hi/lo handling into core md code md: use mddev_suspend/resume instead of ->quiesce() md: allow metadata update while suspending. md: remove special meaning of ->quiesce(.., 2) Pablo Neira Ayuso (3): netfilter: nf_tables: bogus EBUSY in chain deletions netfilter: nf_tables: disable preemption in nft_update_chain_stats() netfilter: nft_limit: fix packet ratelimiting Paolo Abeni (1): netfilter: ebtables: handle string from userspace with care Paul Burton (1): sched/core: Require cpu_active() in select_task_rq(), for user tasks Peter Zijlstra (1): sched/core: Fix rules for running on online && !active CPUs Rex Zhu (2): drm/amdgpu: Add APU support in vi_set_uvd_clocks drm/amdgpu: Add APU support in vi_set_vce_clocks Sean Nyekjaer (1): ARM: dts: imx6q: Use correct SDMA script for SPI5 core Sebastian Ott (1): s390/dasd: use blk_mq_rq_from_pdu for per request data Stefan Agner (1): drm/atmel-hlcdc: check stride values in the first plane Taehee Yoo (4): netfilter: nft_meta: fix wrong value dereference in nft_meta_set_eval netfilter: nf_tables: increase nft_counters_enabled in nft_chain_stats_replace() netfilter: nf_tables: fix NULL-ptr in nf_tables_dump_obj() netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() Tetsuo Handa (2): n_tty: Fix stall at n_tty_receive_char_special(). n_tty: Access echo_* variables carefully. Thomas Richter (1): perf test: "Session topology" dumps core on s390 Vincent Bernat (1): netfilter: ip6t_rpfilter: provide input interface for route lookup William Wu (1): usb: dwc2: fix the incorrect bitmaps for the ports of multi_tt hub YueHaibing (1): perf bpf: Fix NULL return handling in bpf__prepare_load() Zhengjun Xing (1): xhci: Fix kernel oops in trace_xhci_free_virt_device

7 years, 2 months

1
1
0 0

[PATCH v4 1/3] mtd: rawnand: marvell: add suspend and resume hooks

by Daniel Mack

This patch restores the suspend and resume hooks that the old driver used to have. Apart from stopping and starting the clocks, the resume callback also nullifies the selected_chip pointer, so the next command that is issued will re-select the chip and thereby restore the timing registers. Factor out some code from marvell_nfc_init() into a new function marvell_nfc_reset() and also call it at resume time to reset some registers that don't retain their contents during low-power mode. Without this patch, a PXA3xx based system would cough up an error similar to the one below after resume. [ 44.660162] marvell-nfc 43100000.nand-controller: Timeout waiting for RB signal [ 44.671492] ubi0 error: ubi_io_write: error -110 while writing 2048 bytes to PEB 102:38912, written 0 bytes [ 44.682887] CPU: 0 PID: 1417 Comm: remote-control Not tainted 4.18.0-rc2+ #344 [ 44.691197] Hardware name: Marvell PXA3xx (Device Tree Support) [ 44.697111] Backtrace: [ 44.699593] [<c0106458>] (dump_backtrace) from [<c0106718>] (show_stack+0x18/0x1c) [ 44.708931] r7:00000800 r6:00009800 r5:00000066 r4:c6139000 [ 44.715833] [<c0106700>] (show_stack) from [<c0678a60>] (dump_stack+0x20/0x28) [ 44.724206] [<c0678a40>] (dump_stack) from [<c0456cbc>] (ubi_io_write+0x3d4/0x630) [ 44.732925] [<c04568e8>] (ubi_io_write) from [<c0454428>] (ubi_eba_write_leb+0x690/0x6fc) ... Signed-off-by: Daniel Mack <daniel(a)zonque.org> Fixes: 02f26ecf8c77 ("mtd: nand: add reworked Marvell NAND controller driver") Cc: stable(a)vger.kernel.org --- drivers/mtd/nand/raw/marvell_nand.c | 73 ++++++++++++++++++++++++----- 1 file changed, 62 insertions(+), 11 deletions(-) diff --git a/drivers/mtd/nand/raw/marvell_nand.c b/drivers/mtd/nand/raw/marvell_nand.c index 00d9f29bbdb6..03ee016d7516 100644 --- a/drivers/mtd/nand/raw/marvell_nand.c +++ b/drivers/mtd/nand/raw/marvell_nand.c @@ -2662,6 +2662,21 @@ static int marvell_nfc_init_dma(struct marvell_nfc *nfc) return 0; } +static void marvell_nfc_reset(struct marvell_nfc *nfc) +{ + /* + * ECC operations and interruptions are only enabled when specifically + * needed. ECC shall not be activated in the early stages (fails probe). + * Arbiter flag, even if marked as "reserved", must be set (empirical). + * SPARE_EN bit must always be set or ECC bytes will not be at the same + * offset in the read page and this will fail the protection. + */ + writel_relaxed(NDCR_ALL_INT | NDCR_ND_ARB_EN | NDCR_SPARE_EN | + NDCR_RD_ID_CNT(NFCV1_READID_LEN), nfc->regs + NDCR); + writel_relaxed(0xFFFFFFFF, nfc->regs + NDSR); + writel_relaxed(0, nfc->regs + NDECCCTRL); +} + static int marvell_nfc_init(struct marvell_nfc *nfc) { struct device_node *np = nfc->dev->of_node; @@ -2700,17 +2715,7 @@ static int marvell_nfc_init(struct marvell_nfc *nfc) if (!nfc->caps->is_nfcv2) marvell_nfc_init_dma(nfc); - /* - * ECC operations and interruptions are only enabled when specifically - * needed. ECC shall not be activated in the early stages (fails probe). - * Arbiter flag, even if marked as "reserved", must be set (empirical). - * SPARE_EN bit must always be set or ECC bytes will not be at the same - * offset in the read page and this will fail the protection. - */ - writel_relaxed(NDCR_ALL_INT | NDCR_ND_ARB_EN | NDCR_SPARE_EN | - NDCR_RD_ID_CNT(NFCV1_READID_LEN), nfc->regs + NDCR); - writel_relaxed(0xFFFFFFFF, nfc->regs + NDSR); - writel_relaxed(0, nfc->regs + NDECCCTRL); + marvell_nfc_reset(nfc); return 0; } @@ -2825,6 +2830,51 @@ static int marvell_nfc_remove(struct platform_device *pdev) return 0; } +static int __maybe_unused marvell_nfc_suspend(struct device *dev) +{ + struct marvell_nfc *nfc = dev_get_drvdata(dev); + struct marvell_nand_chip *chip; + + list_for_each_entry(chip, &nfc->chips, node) + marvell_nfc_wait_ndrun(&chip->chip); + + clk_disable_unprepare(nfc->reg_clk); + clk_disable_unprepare(nfc->core_clk); + + return 0; +} + +static int __maybe_unused marvell_nfc_resume(struct device *dev) +{ + struct marvell_nfc *nfc = dev_get_drvdata(dev); + int ret; + + ret = clk_prepare_enable(nfc->core_clk); + if (ret < 0) + return ret; + + if (!IS_ERR(nfc->reg_clk)) { + ret = clk_prepare_enable(nfc->reg_clk); + if (ret < 0) + return ret; + } + + /* + * Reset nfc->selected_chip so the next command will cause the timing + * registers to be restored in marvell_nfc_select_chip(). + */ + nfc->selected_chip = NULL; + + /* Reset registers that have lost their contents */ + marvell_nfc_reset(nfc); + + return 0; +} + +static const struct dev_pm_ops marvell_nfc_pm_ops = { + SET_SYSTEM_SLEEP_PM_OPS(marvell_nfc_suspend, marvell_nfc_resume) +}; + static const struct marvell_nfc_caps marvell_armada_8k_nfc_caps = { .max_cs_nb = 4, .max_rb_nb = 2, @@ -2909,6 +2959,7 @@ static struct platform_driver marvell_nfc_driver = { .driver = { .name = "marvell-nfc", .of_match_table = marvell_nfc_of_ids, + .pm = &marvell_nfc_pm_ops, }, .id_table = marvell_nfc_platform_ids, .probe = marvell_nfc_probe, -- 2.17.1

7 years, 2 months

1
0
0 0

[PATCH 4.17 00/46] 4.17.5-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.17.5 release. There are 46 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Jul 8 05:45:10 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.17.5-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.17.5-rc1 Sean Nyekjaer <sean.nyekjaer(a)prevas.dk> ARM: dts: imx6q: Use correct SDMA script for SPI5 core Andrey Ryabinin <aryabinin(a)virtuozzo.com> x86/mm: Don't free P4D table when it is folded at runtime Neil Armstrong <narmstrong(a)baylibre.com> ARM64: dts: meson-gxl-s905x-p212: Add phy-supply for usb0 Taehee Yoo <ap420073(a)gmail.com> netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() Florian Westphal <fw(a)strlen.de> netfilter: xt_connmark: fix list corruption on rmmod Vincent Bernat <vincent(a)bernat.im> netfilter: ip6t_rpfilter: provide input interface for route lookup Kenneth Graunke <kenneth(a)whitecape.org> drm/i915: Enable provoking vertex fix on Gen9 systems. Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915: Turn off g4x DP port in .post_disable() Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915: Disallow interlaced modes on g4x DP outputs Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915: Fix PIPESTAT irq ack on i965/g4x Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915: Allow DBLSCAN user modes with eDP/LVDS/DSI Shirish S <shirish.s(a)amd.com> drm/amd/display: release spinlock before committing updates to stream Lyude Paul <lyude(a)redhat.com> drm/amdgpu: Count disabled CRTCs in commit tail earlier Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: GPU vs CPU page size fixes in amdgpu_vm_bo_split_mapping Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Update pin_size values before unpinning BO Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Make amdgpu_vram_mgr_bo_invisible_size always accurate Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Refactor amdgpu_vram_mgr_bo_invisible_size helper Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Use kvmalloc_array for allocating VRAM manager nodes array Harry Wentland <harry.wentland(a)amd.com> drm/amdgpu: Don't default to DC support for Kaveri and older Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> Revert "drm/sun4i: Handle DRM_BUS_FLAG_PIXDATA_*EDGE" Stefan Agner <stefan(a)agner.ch> drm/atmel-hlcdc: check stride values in the first plane Jeremy Cline <jcline(a)redhat.com> drm/qxl: Call qxl_bo_unref outside atomic context Lyude Paul <lyude(a)redhat.com> drm/i915/dp: Send DPCD ON for MST before phy_up Mikita Lipski <mikita.lipski(a)amd.com> drm/amd/display: Clear connector's edid pointer Oliver O'Halloran <oohall(a)gmail.com> drm/sti: Depend on OF rather than selecting it Junwei Zhang <Jerry.Zhang(a)amd.com> drm/amdgpu: fix clear_all and replace handling in the VM (v2) Lyude Paul <lyude(a)redhat.com> drm/amdgpu: Grab/put runtime PM references in atomic_commit_tail() Huang Rui <ray.huang(a)amd.com> drm/amdgpu: fix the missed vcn fw version report Rex Zhu <Rex.Zhu(a)amd.com> drm/amdgpu: Add APU support in vi_set_vce_clocks Rex Zhu <Rex.Zhu(a)amd.com> drm/amdgpu: Add APU support in vi_set_uvd_clocks Alexander Potapenko <glider(a)google.com> vt: prevent leaking uninitialized data to userspace via /dev/vcs* Johan Hovold <johan(a)kernel.org> serdev: fix memleak on module unload Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> serial: 8250_pci: Remove stalled entries in blacklist Leonard Crestez <leonard.crestez(a)nxp.com> iio: mma8452: Fix ignoring MMA8452_INT_DRDY Laura Abbott <labbott(a)redhat.com> staging: android: ion: Return an ERR_PTR in ion_map_kernel Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> n_tty: Access echo_* variables carefully. Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> n_tty: Fix stall at n_tty_receive_char_special(). Zhengjun Xing <zhengjun.xing(a)linux.intel.com> xhci: Fix kernel oops in trace_xhci_free_virt_device Heikki Krogerus <heikki.krogerus(a)linux.intel.com> usb: typec: ucsi: Fix for incorrect status data issue Heikki Krogerus <heikki.krogerus(a)linux.intel.com> usb: typec: ucsi: acpi: Workaround for cache mode issue Heikki Krogerus <heikki.krogerus(a)linux.intel.com> acpi: Add helper for deactivating memory region Peter Chen <peter.chen(a)nxp.com> usb: typec: tcpm: fix logbuffer index is wrong if _tcpm_log is re-entered William Wu <william.wu(a)rock-chips.com> usb: dwc2: fix the incorrect bitmaps for the ports of multi_tt hub Karoly Pados <pados(a)pados.hu> USB: serial: cp210x: add Silicon Labs IDs for Windows Update Johan Hovold <johan(a)kernel.org> USB: serial: cp210x: add CESINEL device ids Houston Yaroschoff <hstn(a)4ever3.net> usb: cdc_acm: Add quirk for Uniden UBC125 scanner ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/imx6q.dtsi | 2 +- .../boot/dts/amlogic/meson-gxl-s905x-p212.dtsi | 7 ++ arch/x86/include/asm/pgalloc.h | 3 + drivers/acpi/osl.c | 72 ++++++++++++++++++++ drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 10 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 24 +++---- drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c | 14 ++-- drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c | 39 ++++++++++- drivers/gpu/drm/amd/amdgpu/vce_v3_0.c | 4 +- drivers/gpu/drm/amd/amdgpu/vi.c | 77 +++++++++++++++++----- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 22 +++++-- drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c | 2 +- drivers/gpu/drm/i915/i915_irq.c | 12 +++- drivers/gpu/drm/i915/i915_reg.h | 5 ++ drivers/gpu/drm/i915/intel_crt.c | 20 ++++++ drivers/gpu/drm/i915/intel_ddi.c | 8 ++- drivers/gpu/drm/i915/intel_display.c | 16 ++++- drivers/gpu/drm/i915/intel_dp.c | 34 +++++----- drivers/gpu/drm/i915/intel_dp_mst.c | 14 +++- drivers/gpu/drm/i915/intel_dsi.c | 6 ++ drivers/gpu/drm/i915/intel_dvo.c | 6 ++ drivers/gpu/drm/i915/intel_hdmi.c | 6 ++ drivers/gpu/drm/i915/intel_lrc.c | 12 +++- drivers/gpu/drm/i915/intel_lvds.c | 5 ++ drivers/gpu/drm/i915/intel_sdvo.c | 6 ++ drivers/gpu/drm/i915/intel_tv.c | 12 +++- drivers/gpu/drm/qxl/qxl_display.c | 7 +- drivers/gpu/drm/sti/Kconfig | 3 +- drivers/gpu/drm/sun4i/sun4i_tcon.c | 25 ------- drivers/iio/accel/mma8452.c | 2 +- drivers/staging/android/ion/ion_heap.c | 2 +- drivers/tty/n_tty.c | 55 +++++++++------- drivers/tty/serdev/core.c | 1 + drivers/tty/serial/8250/8250_pci.c | 2 - drivers/tty/vt/vt.c | 4 +- drivers/usb/class/cdc-acm.c | 3 + drivers/usb/dwc2/hcd_queue.c | 2 +- drivers/usb/host/xhci-mem.c | 4 +- drivers/usb/host/xhci-trace.h | 36 ++++++++-- drivers/usb/serial/cp210x.c | 14 ++++ drivers/usb/typec/tcpm.c | 7 +- drivers/usb/typec/ucsi/ucsi.c | 13 ++++ drivers/usb/typec/ucsi/ucsi_acpi.c | 5 ++ include/linux/acpi.h | 3 + net/ipv6/netfilter/ip6t_rpfilter.c | 2 + net/netfilter/nf_tables_core.c | 3 +- net/netfilter/xt_connmark.c | 2 +- 50 files changed, 489 insertions(+), 150 deletions(-)

7 years, 2 months

4
34
0 0

Re: [PATCH 1/2] usb: dwc2: Fix DMA alignment to start at allocated boundary

by Doug Anderson

Hi, On Thu, Jul 5, 2018 at 7:31 AM, Antti Seppälä <a.seppala(a)gmail.com> wrote: > The commit 3bc04e28a030 ("usb: dwc2: host: Get aligned DMA in a more > supported way") introduced a common way to align DMA allocations. > The code in the commit aligns the struct dma_aligned_buffer but the > actual DMA address pointed by data[0] gets aligned to an offset from > the allocated boundary by the kmalloc_ptr and the old_xfer_buffer > pointers. > > This is against the recommendation in Documentation/DMA-API.txt which > states: > > Therefore, it is recommended that driver writers who don't take > special care to determine the cache line size at run time only map > virtual regions that begin and end on page boundaries (which are > guaranteed also to be cache line boundaries). > > The effect of this is that architectures with non-coherent DMA caches > may run into memory corruption or kernel crashes with Unhandled > kernel unaligned accesses exceptions. > > Fix the alignment by positioning the DMA area in front of the allocation > and use memory at the end of the area for storing the orginal > transfer_buffer pointer. This may have the added benefit of increased > performance as the DMA area is now fully aligned on all architectures. > > Tested with Lantiq xRX200 (MIPS) and RPi Model B Rev 2 (ARM). > > Fixes: 3bc04e28a030 ("usb: dwc2: host: Get aligned DMA in a more > supported way") > > Signed-off-by: Antti Seppälä <a.seppala(a)gmail.com> > --- > drivers/usb/dwc2/hcd.c | 44 +++++++++++++++++++++++--------------------- > 1 file changed, 23 insertions(+), 21 deletions(-) Thanks for tracking this down and sorry for the original regression. Seems like a good fix. With this fix, I'd be curious of your observations on how dwc2 performs (both performance and compatibility under stress) with the newest driver compared to whatever you were using before. Also: you're using the dwc2_set_ltq_params() parameters? Have you checked if removing the "max_transfer_size" limit boosts your performance? Cc: stable(a)vger.kernel.org Reviewed-by: Douglas Anderson <dianders(a)chromium.org>

7 years, 2 months

2
1
0 0

[PATCH] compiler.h, sparse, smatch: Do not define COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW

by Bart Van Assche

Both sparse and smatch identify themselves as gcc. However, neither static analyzer supports any of the __builtin_*_overflow() functions. Hence do not define COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW for these static checkers. Fixes: f0907827a8a9 ("compiler.h: enable builtin overflow checkers and add fallback code") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Rasmus Villemoes <linux(a)rasmusvillemoes.dk> Cc: Kees Cook <keescook(a)chromium.org> Cc: Dan Carpenter <dan.carpenter(a)oracle.com> Cc: Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> Cc: <stable(a)vger.kernel.org> --- include/linux/compiler-gcc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h index f1a7492a5cc8..15e55b89e952 100644 --- a/include/linux/compiler-gcc.h +++ b/include/linux/compiler-gcc.h @@ -344,6 +344,6 @@ */ #define uninitialized_var(x) x = x -#if GCC_VERSION >= 50100 +#if GCC_VERSION >= 50100 && !defined(__CHECKER__) #define COMPILER_HAS_GENERIC_BUILTIN_OVERFLOW 1 #endif -- 2.18.0

7 years, 2 months

3
5
0 0

+ mm-do-not-bug_on-on-incorrect-lenght-in-__mm_populate.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: do not bug_on on incorrect length in __mm_populate() has been added to the -mm tree. Its filename is mm-do-not-bug_on-on-incorrect-lenght-in-__mm_populate.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-do-not-bug_on-on-incorrect-leng… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-do-not-bug_on-on-incorrect-leng… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Michal Hocko <mhocko(a)suse.com> Subject: mm: do not bug_on on incorrect length in __mm_populate() syzbot has noticed that a specially crafted library can easily hit VM_BUG_ON in __mm_populate localhost login: [ 81.210241] emacs (9634) used greatest stack depth: 10416 bytes left [ 140.099935] ------------[ cut here ]------------ [ 140.101904] kernel BUG at mm/gup.c:1242! [ 140.103572] invalid opcode: 0000 [#1] SMP [ 140.105220] CPU: 2 PID: 9667 Comm: a.out Not tainted 4.18.0-rc3 #644 [ 140.107762] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 05/19/2017 [ 140.112000] RIP: 0010:__mm_populate+0x1e2/0x1f0 [ 140.113875] Code: 55 d0 65 48 33 14 25 28 00 00 00 89 d8 75 21 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 75 18 f1 ff 0f 0b e8 6e 18 f1 ff <0f> 0b 31 db eb c9 e8 93 06 e0 ff 0f 1f 00 55 48 89 e5 53 48 89 fb [ 140.121403] RSP: 0018:ffffc90000dffd78 EFLAGS: 00010293 [ 140.123516] RAX: ffff8801366c63c0 RBX: 000000007bf81000 RCX: ffffffff813e4ee2 [ 140.126352] RDX: 0000000000000000 RSI: 0000000000007676 RDI: 000000007bf81000 [ 140.129236] RBP: ffffc90000dffdc0 R08: 0000000000000000 R09: 0000000000000000 [ 140.132110] R10: ffff880135895c80 R11: 0000000000000000 R12: 0000000000007676 [ 140.134955] R13: 0000000000008000 R14: 0000000000000000 R15: 0000000000007676 [ 140.137785] FS: 0000000000000000(0000) GS:ffff88013a680000(0063) knlGS:00000000f7db9700 [ 140.140998] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 140.143303] CR2: 00000000f7ea56e0 CR3: 0000000134674004 CR4: 00000000000606e0 [ 140.145906] Call Trace: [ 140.146728] vm_brk_flags+0xc3/0x100 [ 140.147830] vm_brk+0x1f/0x30 [ 140.148714] load_elf_library+0x281/0x2e0 [ 140.149875] __ia32_sys_uselib+0x170/0x1e0 [ 140.151028] ? copy_overflow+0x30/0x30 [ 140.152105] ? __ia32_sys_uselib+0x170/0x1e0 [ 140.153301] do_fast_syscall_32+0xca/0x420 [ 140.154455] entry_SYSENTER_compat+0x70/0x7f The reason is that the length of the new brk is not page aligned when we try to populate the it. There is no reason to bug on that though. do_brk_flags already aligns the length properly so the mapping is expanded as it should. All we need is to tell mm_populate about it. Besides that there is absolutely no reason to to bug_on in the first place. The worst thing that could happen is that the last page wouldn't get populated and that is far from putting system into an inconsistent state. Fix the issue by moving the length sanitization code from do_brk_flags up to vm_brk_flags. The only other caller of do_brk_flags is brk syscall entry and it makes sure to provide the proper length so t here is no need for sanitation and so we can use do_brk_flags without it. Also remove the bogus BUG_ONs. [osalvador(a)techadventures.net: fix up vm_brk_flags s@request@len@] Link: http://lkml.kernel.org/r/20180706090217.GI32658@dhcp22.suse.cz Signed-off-by: Michal Hocko <mhocko(a)suse.com> Reported-by: syzbot <syzbot+5dcb560fe12aa5091c06(a)syzkaller.appspotmail.com> Tested-by: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> Cc: Oscar Salvador <osalvador(a)techadventures.net> Cc: Zi Yan <zi.yan(a)cs.rutgers.edu> Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)linux.vnet.ibm.com> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: "Kirill A. Shutemov" <kirill.shutemov(a)linux.intel.com> Cc: Michael S. Tsirkin <mst(a)redhat.com> Cc: Al Viro <viro(a)zeniv.linux.org.uk> Cc: "Huang, Ying" <ying.huang(a)intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/gup.c | 2 -- mm/mmap.c | 29 ++++++++++++----------------- 2 files changed, 12 insertions(+), 19 deletions(-) diff -puN mm/gup.c~mm-do-not-bug_on-on-incorrect-lenght-in-__mm_populate mm/gup.c --- a/mm/gup.c~mm-do-not-bug_on-on-incorrect-lenght-in-__mm_populate +++ a/mm/gup.c @@ -1238,8 +1238,6 @@ int __mm_populate(unsigned long start, u int locked = 0; long ret = 0; - VM_BUG_ON(start & ~PAGE_MASK); - VM_BUG_ON(len != PAGE_ALIGN(len)); end = start + len; for (nstart = start; nstart < end; nstart = nend) { diff -puN mm/mmap.c~mm-do-not-bug_on-on-incorrect-lenght-in-__mm_populate mm/mmap.c --- a/mm/mmap.c~mm-do-not-bug_on-on-incorrect-lenght-in-__mm_populate +++ a/mm/mmap.c @@ -186,8 +186,8 @@ static struct vm_area_struct *remove_vma return next; } -static int do_brk(unsigned long addr, unsigned long len, struct list_head *uf); - +static int do_brk_flags(unsigned long addr, unsigned long request, unsigned long flags, + struct list_head *uf); SYSCALL_DEFINE1(brk, unsigned long, brk) { unsigned long retval; @@ -245,7 +245,7 @@ SYSCALL_DEFINE1(brk, unsigned long, brk) goto out; /* Ok, looks good - let it rip. */ - if (do_brk(oldbrk, newbrk-oldbrk, &uf) < 0) + if (do_brk_flags(oldbrk, newbrk-oldbrk, 0, &uf) < 0) goto out; set_brk: @@ -2929,21 +2929,14 @@ static inline void verify_mm_writelocked * anonymous maps. eventually we may be able to do some * brk-specific accounting here. */ -static int do_brk_flags(unsigned long addr, unsigned long request, unsigned long flags, struct list_head *uf) +static int do_brk_flags(unsigned long addr, unsigned long len, unsigned long flags, struct list_head *uf) { struct mm_struct *mm = current->mm; struct vm_area_struct *vma, *prev; - unsigned long len; struct rb_node **rb_link, *rb_parent; pgoff_t pgoff = addr >> PAGE_SHIFT; int error; - len = PAGE_ALIGN(request); - if (len < request) - return -ENOMEM; - if (!len) - return 0; - /* Until we need other flags, refuse anything except VM_EXEC. */ if ((flags & (~VM_EXEC)) != 0) return -EINVAL; @@ -3015,18 +3008,20 @@ out: return 0; } -static int do_brk(unsigned long addr, unsigned long len, struct list_head *uf) -{ - return do_brk_flags(addr, len, 0, uf); -} - -int vm_brk_flags(unsigned long addr, unsigned long len, unsigned long flags) +int vm_brk_flags(unsigned long addr, unsigned long request, unsigned long flags) { struct mm_struct *mm = current->mm; + unsigned long len; int ret; bool populate; LIST_HEAD(uf); + len = PAGE_ALIGN(request); + if (len < request) + return -ENOMEM; + if (!len) + return 0; + if (down_write_killable(&mm->mmap_sem)) return -EINTR; _ Patches currently in -mm which might be from mhocko(a)suse.com are memblock-do-not-complain-about-top-down-allocations-for-memory_hotremove.patch mm-do-not-bug_on-on-incorrect-lenght-in-__mm_populate.patch mm-drop-vm_bug_on-from-__get_free_pages.patch memcg-oom-move-out_of_memory-back-to-the-charge-path.patch mm-oom-docs-describe-the-cgroup-aware-oom-killer-fix-2.patch

7 years, 2 months

1
0
0 0

+ x86-purgatory-add-missing-force-to-makefile-target.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: x86/purgatory: add missing FORCE to Makefile target has been added to the -mm tree. Its filename is x86-purgatory-add-missing-force-to-makefile-target.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/x86-purgatory-add-missing-force-to… and later at http://ozlabs.org/~akpm/mmotm/broken-out/x86-purgatory-add-missing-force-to… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Philipp Rudo <prudo(a)linux.ibm.com> Subject: x86/purgatory: add missing FORCE to Makefile target - Build the kernel without the fix - Add some flag to the purgatories KBUILD_CFLAGS,I used -fno-asynchronous-unwind-tables - Re-build the kernel When you look at makes output you see that sha256.o is not re-build in the last step. Also readelf -S still shows the .eh_frame section for sha256.o. With the fix sha256.o is rebuilt in the last step. Without FORCE make does not detect changes only made to the command line options. So object files might not be re-built even when they should be. Fix this by adding FORCE where it is missing. Link: http://lkml.kernel.org/r/20180704110044.29279-2-prudo@linux.ibm.com Fixes: df6f2801f511 ("kernel/kexec_file.c: move purgatories sha256 to common code") Signed-off-by: Philipp Rudo <prudo(a)linux.ibm.com> Acked-by: Dave Young <dyoung(a)redhat.com> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: <stable(a)vger.kernel.org> [4.17+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- arch/x86/purgatory/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff -puN arch/x86/purgatory/Makefile~x86-purgatory-add-missing-force-to-makefile-target arch/x86/purgatory/Makefile --- a/arch/x86/purgatory/Makefile~x86-purgatory-add-missing-force-to-makefile-target +++ a/arch/x86/purgatory/Makefile @@ -6,7 +6,7 @@ purgatory-y := purgatory.o stack.o setup targets += $(purgatory-y) PURGATORY_OBJS = $(addprefix $(obj)/,$(purgatory-y)) -$(obj)/sha256.o: $(srctree)/lib/sha256.c +$(obj)/sha256.o: $(srctree)/lib/sha256.c FORCE $(call if_changed_rule,cc_o_c) LDFLAGS_purgatory.ro := -e purgatory_start -r --no-undefined -nostdlib -z nodefaultlib _ Patches currently in -mm which might be from prudo(a)linux.ibm.com are x86-purgatory-add-missing-force-to-makefile-target.patch

7 years, 2 months

1
0
0 0

[PATCH] clk: aspeed: Mark bclk (PCIe) and dclk (VGA) as critical

by Joel Stanley

This is used by the host to talk to the BMC's PCIe slave device. The BMC is not involved, but the clock needs to be enabled so the host can use the device. Fixes: 15ed8ce5f84e ("clk: aspeed: Register gated clocks") Cc: stable(a)vger.kernel.org # 4.15 Acked-by: Andrew Jeffery <andrew(a)aj.id.au> Tested-by: Lei YU <mine260309(a)gmail.com> Signed-off-by: Joel Stanley <joel(a)jms.id.au> --- drivers/clk/clk-aspeed.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/clk/clk-aspeed.c b/drivers/clk/clk-aspeed.c index 4d425594999d..c17032bc853a 100644 --- a/drivers/clk/clk-aspeed.c +++ b/drivers/clk/clk-aspeed.c @@ -91,8 +91,8 @@ static const struct aspeed_gate_data aspeed_gates[] = { [ASPEED_CLK_GATE_GCLK] = { 1, 7, "gclk-gate", NULL, 0 }, /* 2D engine */ [ASPEED_CLK_GATE_MCLK] = { 2, -1, "mclk-gate", "mpll", CLK_IS_CRITICAL }, /* SDRAM */ [ASPEED_CLK_GATE_VCLK] = { 3, 6, "vclk-gate", NULL, 0 }, /* Video Capture */ - [ASPEED_CLK_GATE_BCLK] = { 4, 8, "bclk-gate", "bclk", 0 }, /* PCIe/PCI */ - [ASPEED_CLK_GATE_DCLK] = { 5, -1, "dclk-gate", NULL, 0 }, /* DAC */ + [ASPEED_CLK_GATE_BCLK] = { 4, 8, "bclk-gate", "bclk", CLK_IS_CRITICAL }, /* PCIe/PCI */ + [ASPEED_CLK_GATE_DCLK] = { 5, -1, "dclk-gate", NULL, CLK_IS_CRITICAL }, /* DAC */ [ASPEED_CLK_GATE_REFCLK] = { 6, -1, "refclk-gate", "clkin", CLK_IS_CRITICAL }, [ASPEED_CLK_GATE_USBPORT2CLK] = { 7, 3, "usb-port2-gate", NULL, 0 }, /* USB2.0 Host port 2 */ [ASPEED_CLK_GATE_LCLK] = { 8, 5, "lclk-gate", NULL, 0 }, /* LPC */ -- 2.17.1

7 years, 2 months

2
1
0 0

[PATCH v2] acpi, nfit: Fix scrub idle detection

by Dan Williams

The notification of scrub completion happens within the scrub workqueue. That can clearly race someone running scrub_show() and work_busy() before the workqueue has a chance to flush the recently completed work. Add a flag to reliably indicate the idle vs busy state. Without this change applications using poll(2) to wait for scrub-completion may falsely wakeup and read ARS as being busy even though the thread is going idle and then hang indefinitely. Fixes: bc6ba8085842 ("nfit, address-range-scrub: rework and simplify ARS...") Cc: <stable(a)vger.kernel.org> Reported-by: Vishal Verma <vishal.l.verma(a)intel.com> Tested-by: Vishal Verma <vishal.l.verma(a)intel.com> Reported-by: Lukasz Dorau <lukasz.dorau(a)intel.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- Changes in v2: * Don't touch ->tmo outside of the workqueue itself, it is a private field for the workqueue to manage. (Vishal) drivers/acpi/nfit/core.c | 44 +++++++++++++++++++++++++++++++++----------- drivers/acpi/nfit/nfit.h | 1 + 2 files changed, 34 insertions(+), 11 deletions(-) diff --git a/drivers/acpi/nfit/core.c b/drivers/acpi/nfit/core.c index 471402cee1f1..b8040fed2a69 100644 --- a/drivers/acpi/nfit/core.c +++ b/drivers/acpi/nfit/core.c @@ -1275,7 +1275,7 @@ static ssize_t scrub_show(struct device *dev, mutex_lock(&acpi_desc->init_mutex); rc = sprintf(buf, "%d%s", acpi_desc->scrub_count, - work_busy(&acpi_desc->dwork.work) + acpi_desc->scrub_busy && !acpi_desc->cancel ? "+\n" : "\n"); mutex_unlock(&acpi_desc->init_mutex); } @@ -2941,6 +2941,32 @@ static unsigned int __acpi_nfit_scrub(struct acpi_nfit_desc *acpi_desc, return 0; } +static void __sched_ars(struct acpi_nfit_desc *acpi_desc, unsigned int tmo) +{ + lockdep_assert_held(&acpi_desc->init_mutex); + + acpi_desc->scrub_busy = 1; + /* note this should only be set from within the workqueue */ + if (tmo) + acpi_desc->scrub_tmo = tmo; + queue_delayed_work(nfit_wq, &acpi_desc->dwork, tmo * HZ); +} + +static void sched_ars(struct acpi_nfit_desc *acpi_desc) +{ + __sched_ars(acpi_desc, 0); +} + +static void notify_ars_done(struct acpi_nfit_desc *acpi_desc) +{ + lockdep_assert_held(&acpi_desc->init_mutex); + + acpi_desc->scrub_busy = 0; + acpi_desc->scrub_count++; + if (acpi_desc->scrub_count_state) + sysfs_notify_dirent(acpi_desc->scrub_count_state); +} + static void acpi_nfit_scrub(struct work_struct *work) { struct acpi_nfit_desc *acpi_desc; @@ -2951,14 +2977,10 @@ static void acpi_nfit_scrub(struct work_struct *work) mutex_lock(&acpi_desc->init_mutex); query_rc = acpi_nfit_query_poison(acpi_desc); tmo = __acpi_nfit_scrub(acpi_desc, query_rc); - if (tmo) { - queue_delayed_work(nfit_wq, &acpi_desc->dwork, tmo * HZ); - acpi_desc->scrub_tmo = tmo; - } else { - acpi_desc->scrub_count++; - if (acpi_desc->scrub_count_state) - sysfs_notify_dirent(acpi_desc->scrub_count_state); - } + if (tmo) + __sched_ars(acpi_desc, tmo); + else + notify_ars_done(acpi_desc); memset(acpi_desc->ars_status, 0, acpi_desc->max_ars); mutex_unlock(&acpi_desc->init_mutex); } @@ -3039,7 +3061,7 @@ static int acpi_nfit_register_regions(struct acpi_nfit_desc *acpi_desc) break; } - queue_delayed_work(nfit_wq, &acpi_desc->dwork, 0); + sched_ars(acpi_desc); return 0; } @@ -3241,7 +3263,7 @@ int acpi_nfit_ars_rescan(struct acpi_nfit_desc *acpi_desc, unsigned long flags) } } if (scheduled) { - queue_delayed_work(nfit_wq, &acpi_desc->dwork, 0); + sched_ars(acpi_desc); dev_dbg(dev, "ars_scan triggered\n"); } mutex_unlock(&acpi_desc->init_mutex); diff --git a/drivers/acpi/nfit/nfit.h b/drivers/acpi/nfit/nfit.h index 7d15856a739f..a97ff42fe311 100644 --- a/drivers/acpi/nfit/nfit.h +++ b/drivers/acpi/nfit/nfit.h @@ -203,6 +203,7 @@ struct acpi_nfit_desc { unsigned int max_ars; unsigned int scrub_count; unsigned int scrub_mode; + unsigned int scrub_busy:1; unsigned int cancel:1; unsigned long dimm_cmd_force_en; unsigned long bus_cmd_force_en;

7 years, 2 months

1
0
0 0

[PATCH] devres: Really align data field to unsigned long long

by Alexey Brodkin

It looks like on most of architectures "data" member of devres struture gets aligned to 8-byte "unsigned long long" boundary as one may expect: if we don't explicitly pack a structure then natural alignment (which matches each member data type) is used. But at least on 32-bit ARC architecture ABI requires "long long" types to be aligned by normal 32-bit word. This makes "data" field aligned to 12 bytes. This is still OK as long as we use 32-bit data only. But once we want to use native atomic64_t type (i.e. when we use special instructions LLOCKD/SCONDD for accessing 64-bit data) we easily hit misaligned access exception. That's because even on CPUs capable of non-aligned data access LL/SC instructions require strict alignment. Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com> Cc: stable(a)vger.kernel.org --- drivers/base/devres.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/base/devres.c b/drivers/base/devres.c index f98a097e73f2..35ddc8b66bc9 100644 --- a/drivers/base/devres.c +++ b/drivers/base/devres.c @@ -25,7 +25,7 @@ struct devres_node { struct devres { struct devres_node node; /* -- 3 pointers */ - unsigned long long data[]; /* guarantee ull alignment */ + unsigned long long data[] __aligned(sizeof(unsigned long long)); }; struct devres_group { -- 2.17.1

7 years, 2 months

2
1
0 0

[PATCH] acpi, nfit: Fix scrub idle detection

by Dan Williams

The notification of scrub completion happens within the scrub workqueue. That can clearly race someone running scrub_show() and work_busy() before the workqueue has a chance to flush the recently completed work. Add a flag to reliably indicate the idle vs busy state. Without this change applications using poll(2) to wait for scrub-completion may falsely wakeup and read ARS as being busy even though the thread is going idle and then hang indefinitely. Fixes: bc6ba8085842 ("nfit, address-range-scrub: rework and simplify ARS...") Cc: <stable(a)vger.kernel.org> Reported-by: Vishal Verma <vishal.l.verma(a)intel.com> Reported-by: Lukasz Dorau <lukasz.dorau(a)intel.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- drivers/acpi/nfit/core.c | 37 ++++++++++++++++++++++++++----------- drivers/acpi/nfit/nfit.h | 1 + 2 files changed, 27 insertions(+), 11 deletions(-) diff --git a/drivers/acpi/nfit/core.c b/drivers/acpi/nfit/core.c index 471402cee1f1..cd26484d1cee 100644 --- a/drivers/acpi/nfit/core.c +++ b/drivers/acpi/nfit/core.c @@ -1275,7 +1275,7 @@ static ssize_t scrub_show(struct device *dev, mutex_lock(&acpi_desc->init_mutex); rc = sprintf(buf, "%d%s", acpi_desc->scrub_count, - work_busy(&acpi_desc->dwork.work) + acpi_desc->scrub_busy && !acpi_desc->cancel ? "+\n" : "\n"); mutex_unlock(&acpi_desc->init_mutex); } @@ -2941,6 +2941,25 @@ static unsigned int __acpi_nfit_scrub(struct acpi_nfit_desc *acpi_desc, return 0; } +static void sched_ars(struct acpi_nfit_desc *acpi_desc, unsigned int tmo) +{ + lockdep_assert_held(&acpi_desc->init_mutex); + + acpi_desc->scrub_busy = 1; + acpi_desc->scrub_tmo = tmo; + queue_delayed_work(nfit_wq, &acpi_desc->dwork, tmo * HZ); +} + +static void notify_ars_done(struct acpi_nfit_desc *acpi_desc) +{ + lockdep_assert_held(&acpi_desc->init_mutex); + + acpi_desc->scrub_busy = 0; + acpi_desc->scrub_count++; + if (acpi_desc->scrub_count_state) + sysfs_notify_dirent(acpi_desc->scrub_count_state); +} + static void acpi_nfit_scrub(struct work_struct *work) { struct acpi_nfit_desc *acpi_desc; @@ -2951,14 +2970,10 @@ static void acpi_nfit_scrub(struct work_struct *work) mutex_lock(&acpi_desc->init_mutex); query_rc = acpi_nfit_query_poison(acpi_desc); tmo = __acpi_nfit_scrub(acpi_desc, query_rc); - if (tmo) { - queue_delayed_work(nfit_wq, &acpi_desc->dwork, tmo * HZ); - acpi_desc->scrub_tmo = tmo; - } else { - acpi_desc->scrub_count++; - if (acpi_desc->scrub_count_state) - sysfs_notify_dirent(acpi_desc->scrub_count_state); - } + if (tmo) + sched_ars(acpi_desc, tmo); + else + notify_ars_done(acpi_desc); memset(acpi_desc->ars_status, 0, acpi_desc->max_ars); mutex_unlock(&acpi_desc->init_mutex); } @@ -3039,7 +3054,7 @@ static int acpi_nfit_register_regions(struct acpi_nfit_desc *acpi_desc) break; } - queue_delayed_work(nfit_wq, &acpi_desc->dwork, 0); + sched_ars(acpi_desc, 0); return 0; } @@ -3241,7 +3256,7 @@ int acpi_nfit_ars_rescan(struct acpi_nfit_desc *acpi_desc, unsigned long flags) } } if (scheduled) { - queue_delayed_work(nfit_wq, &acpi_desc->dwork, 0); + sched_ars(acpi_desc, 0); dev_dbg(dev, "ars_scan triggered\n"); } mutex_unlock(&acpi_desc->init_mutex); diff --git a/drivers/acpi/nfit/nfit.h b/drivers/acpi/nfit/nfit.h index 7d15856a739f..a97ff42fe311 100644 --- a/drivers/acpi/nfit/nfit.h +++ b/drivers/acpi/nfit/nfit.h @@ -203,6 +203,7 @@ struct acpi_nfit_desc { unsigned int max_ars; unsigned int scrub_count; unsigned int scrub_mode; + unsigned int scrub_busy:1; unsigned int cancel:1; unsigned long dimm_cmd_force_en; unsigned long bus_cmd_force_en;

7 years, 2 months

1
0
0 0

[PATCH] clk: aspeed: Support HPLL strapping on ast2400

by Joel Stanley

The HPLL can be configured through a register (SCU24), however some platforms chose to configure it through the strapping settings and do not use the register. This was not noticed as the logic for bit 18 in SCU24 was confused: set means programmed, but the driver read it as set means strapped. This gives us the correct HPLL value on Palmetto systems, from which most of the peripheral clocks are generated. Fixes: 5eda5d79e4be ("clk: Add clock driver for ASPEED BMC SoCs") Cc: stable(a)vger.kernel.org # v4.15 Reviewed-by: Cédric Le Goater <clg(a)kaod.org> Signed-off-by: Joel Stanley <joel(a)jms.id.au> --- drivers/clk/clk-aspeed.c | 42 +++++++++++++++++++++++++++------------- 1 file changed, 29 insertions(+), 13 deletions(-) diff --git a/drivers/clk/clk-aspeed.c b/drivers/clk/clk-aspeed.c index 38b366b00c57..2ef4ad7bdbdc 100644 --- a/drivers/clk/clk-aspeed.c +++ b/drivers/clk/clk-aspeed.c @@ -24,7 +24,7 @@ #define ASPEED_MPLL_PARAM 0x20 #define ASPEED_HPLL_PARAM 0x24 #define AST2500_HPLL_BYPASS_EN BIT(20) -#define AST2400_HPLL_STRAPPED BIT(18) +#define AST2400_HPLL_PROGRAMMED BIT(18) #define AST2400_HPLL_BYPASS_EN BIT(17) #define ASPEED_MISC_CTRL 0x2c #define UART_DIV13_EN BIT(12) @@ -565,29 +565,45 @@ builtin_platform_driver(aspeed_clk_driver); static void __init aspeed_ast2400_cc(struct regmap *map) { struct clk_hw *hw; - u32 val, freq, div; + u32 val, div, clkin, hpll; + const u16 hpll_rates[][4] = { + {384, 360, 336, 408}, + {400, 375, 350, 425}, + }; + int rate; /* * CLKIN is the crystal oscillator, 24, 48 or 25MHz selected by * strapping */ regmap_read(map, ASPEED_STRAP, &val); - if (val & CLKIN_25MHZ_EN) - freq = 25000000; - else if (val & AST2400_CLK_SOURCE_SEL) - freq = 48000000; - else - freq = 24000000; - hw = clk_hw_register_fixed_rate(NULL, "clkin", NULL, 0, freq); - pr_debug("clkin @%u MHz\n", freq / 1000000); + rate = (val >> 8) & 3; + if (val & CLKIN_25MHZ_EN) { + clkin = 25000000; + hpll = hpll_rates[1][rate]; + } else if (val & AST2400_CLK_SOURCE_SEL) { + clkin = 48000000; + hpll = hpll_rates[0][rate]; + } else { + clkin = 24000000; + hpll = hpll_rates[0][rate]; + } + hw = clk_hw_register_fixed_rate(NULL, "clkin", NULL, 0, clkin); + pr_debug("clkin @%u MHz\n", clkin / 1000000); /* * High-speed PLL clock derived from the crystal. This the CPU clock, - * and we assume that it is enabled + * and we assume that it is enabled. It can be configured through the + * HPLL_PARAM register, or set to a specified frequency by strapping. */ regmap_read(map, ASPEED_HPLL_PARAM, &val); - WARN(val & AST2400_HPLL_STRAPPED, "hpll is strapped not configured"); - aspeed_clk_data->hws[ASPEED_CLK_HPLL] = aspeed_ast2400_calc_pll("hpll", val); + if (val & AST2400_HPLL_PROGRAMMED) + hw = aspeed_ast2400_calc_pll("hpll", val); + else + hw = clk_hw_register_fixed_rate(NULL, "hpll", "clkin", 0, + hpll * 1000000); + + aspeed_clk_data->hws[ASPEED_CLK_HPLL] = hw; /* * Strap bits 11:10 define the CPU/AHB clock frequency ratio (aka HCLK) -- 2.17.1

7 years, 2 months

2
1
0 0

patch "misc: sram: fix resource leaks in probe error path" added to char-misc-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled misc: sram: fix resource leaks in probe error path to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From f294d00961d1d869ecffa60e280eeeee1ccf9a49 Mon Sep 17 00:00:00 2001 From: Johan Hovold <johan(a)kernel.org> Date: Tue, 3 Jul 2018 12:05:47 +0200 Subject: misc: sram: fix resource leaks in probe error path Make sure to disable clocks and deregister any exported partitions before returning on late probe errors. Note that since commit ee895ccdf776 ("misc: sram: fix enabled clock leak on error path"), partitions are deliberately exported before enabling the clock so we stick to that logic here. A follow up patch will address this. Fixes: 2ae2e28852f2 ("misc: sram: add Atmel securam support") Cc: stable <stable(a)vger.kernel.org> # 4.9 Cc: Alexandre Belloni <alexandre.belloni(a)free-electrons.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/misc/sram.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/misc/sram.c b/drivers/misc/sram.c index c5dc6095686a..679647713e36 100644 --- a/drivers/misc/sram.c +++ b/drivers/misc/sram.c @@ -407,13 +407,20 @@ static int sram_probe(struct platform_device *pdev) if (init_func) { ret = init_func(); if (ret) - return ret; + goto err_disable_clk; } dev_dbg(sram->dev, "SRAM pool: %zu KiB @ 0x%p\n", gen_pool_size(sram->pool) / 1024, sram->virt_base); return 0; + +err_disable_clk: + if (sram->clk) + clk_disable_unprepare(sram->clk); + sram_free_partitions(sram); + + return ret; } static int sram_remove(struct platform_device *pdev) -- 2.18.0

7 years, 2 months

1
0
0 0

patch "staging: r8822be: Fix RTL8822be can't find any wireless AP" added to staging-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled staging: r8822be: Fix RTL8822be can't find any wireless AP to my staging git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git in the staging-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From d59d2f9995d28974877750f429e821324bd603c7 Mon Sep 17 00:00:00 2001 From: Ping-Ke Shih <pkshih(a)realtek.com> Date: Fri, 6 Jul 2018 13:44:35 +0800 Subject: staging: r8822be: Fix RTL8822be can't find any wireless AP RTL8822be can't bring up properly on ASUS X530UN, and dmesg says: [ 8.591333] r8822be: module is from the staging directory, the quality is unknown, you have been warned. [ 8.593122] r8822be 0000:02:00.0: enabling device (0000 -> 0003) [ 8.669163] r8822be: Using firmware rtlwifi/rtl8822befw.bin [ 9.289939] r8822be: rtlwifi: wireless switch is on [ 10.056426] r8822be 0000:02:00.0 wlp2s0: renamed from wlan0 ... [ 11.952534] r8822be: halmac_init_hal failed [ 11.955933] r8822be: halmac_init_hal failed [ 11.956227] r8822be: halmac_init_hal failed [ 22.007942] r8822be: halmac_init_hal failed Jian-Hong reported it works if turn off ASPM with module parameter aspm=0. In order to fix this problem kindly, this commit don't turn off aspm but enlarge ASPM L1 latency to 7. Reported-by: Jian-Hong Pan <jian-hong(a)endlessm.com> Tested-by: Jian-Hong Pan <jian-hong(a)endlessm.com> Signed-off-by: Ping-Ke Shih <pkshih(a)realtek.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/staging/rtlwifi/rtl8822be/hw.c | 2 +- drivers/staging/rtlwifi/wifi.h | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/staging/rtlwifi/rtl8822be/hw.c b/drivers/staging/rtlwifi/rtl8822be/hw.c index 7947edb239a1..88ba5b2fea6a 100644 --- a/drivers/staging/rtlwifi/rtl8822be/hw.c +++ b/drivers/staging/rtlwifi/rtl8822be/hw.c @@ -803,7 +803,7 @@ static void _rtl8822be_enable_aspm_back_door(struct ieee80211_hw *hw) return; pci_read_config_byte(rtlpci->pdev, 0x70f, &tmp); - pci_write_config_byte(rtlpci->pdev, 0x70f, tmp | BIT(7)); + pci_write_config_byte(rtlpci->pdev, 0x70f, tmp | ASPM_L1_LATENCY << 3); pci_read_config_byte(rtlpci->pdev, 0x719, &tmp); pci_write_config_byte(rtlpci->pdev, 0x719, tmp | BIT(3) | BIT(4)); diff --git a/drivers/staging/rtlwifi/wifi.h b/drivers/staging/rtlwifi/wifi.h index 012fb618840b..a45f0eb69d3f 100644 --- a/drivers/staging/rtlwifi/wifi.h +++ b/drivers/staging/rtlwifi/wifi.h @@ -88,6 +88,7 @@ #define RTL_USB_MAX_RX_COUNT 100 #define QBSS_LOAD_SIZE 5 #define MAX_WMMELE_LENGTH 64 +#define ASPM_L1_LATENCY 7 #define TOTAL_CAM_ENTRY 32 -- 2.18.0

7 years, 2 months

1
0
0 0

patch "USB: yurex: fix out-of-bounds uaccess in read handler" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: yurex: fix out-of-bounds uaccess in read handler to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From f1e255d60ae66a9f672ff9a207ee6cd8e33d2679 Mon Sep 17 00:00:00 2001 From: Jann Horn <jannh(a)google.com> Date: Fri, 6 Jul 2018 17:12:56 +0200 Subject: USB: yurex: fix out-of-bounds uaccess in read handler In general, accessing userspace memory beyond the length of the supplied buffer in VFS read/write handlers can lead to both kernel memory corruption (via kernel_read()/kernel_write(), which can e.g. be triggered via sys_splice()) and privilege escalation inside userspace. Fix it by using simple_read_from_buffer() instead of custom logic. Fixes: 6bc235a2e24a ("USB: add driver for Meywa-Denki & Kayac YUREX") Signed-off-by: Jann Horn <jannh(a)google.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/misc/yurex.c | 23 ++++++----------------- 1 file changed, 6 insertions(+), 17 deletions(-) diff --git a/drivers/usb/misc/yurex.c b/drivers/usb/misc/yurex.c index 8abb6cbbd98a..3be40eaa1ac9 100644 --- a/drivers/usb/misc/yurex.c +++ b/drivers/usb/misc/yurex.c @@ -396,8 +396,7 @@ static ssize_t yurex_read(struct file *file, char __user *buffer, size_t count, loff_t *ppos) { struct usb_yurex *dev; - int retval = 0; - int bytes_read = 0; + int len = 0; char in_buffer[20]; unsigned long flags; @@ -405,26 +404,16 @@ static ssize_t yurex_read(struct file *file, char __user *buffer, size_t count, mutex_lock(&dev->io_mutex); if (!dev->interface) { /* already disconnected */ - retval = -ENODEV; - goto exit; + mutex_unlock(&dev->io_mutex); + return -ENODEV; } spin_lock_irqsave(&dev->lock, flags); - bytes_read = snprintf(in_buffer, 20, "%lld\n", dev->bbu); + len = snprintf(in_buffer, 20, "%lld\n", dev->bbu); spin_unlock_irqrestore(&dev->lock, flags); - - if (*ppos < bytes_read) { - if (copy_to_user(buffer, in_buffer + *ppos, bytes_read - *ppos)) - retval = -EFAULT; - else { - retval = bytes_read - *ppos; - *ppos += bytes_read; - } - } - -exit: mutex_unlock(&dev->io_mutex); - return retval; + + return simple_read_from_buffer(buffer, count, ppos, in_buffer, len); } static ssize_t yurex_write(struct file *file, const char __user *user_buffer, -- 2.18.0

7 years, 2 months

1
0
0 0

patch "misc: sram: fix resource leaks in probe error path" added to char-misc-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled misc: sram: fix resource leaks in probe error path to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the char-misc-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From f294d00961d1d869ecffa60e280eeeee1ccf9a49 Mon Sep 17 00:00:00 2001 From: Johan Hovold <johan(a)kernel.org> Date: Tue, 3 Jul 2018 12:05:47 +0200 Subject: misc: sram: fix resource leaks in probe error path Make sure to disable clocks and deregister any exported partitions before returning on late probe errors. Note that since commit ee895ccdf776 ("misc: sram: fix enabled clock leak on error path"), partitions are deliberately exported before enabling the clock so we stick to that logic here. A follow up patch will address this. Fixes: 2ae2e28852f2 ("misc: sram: add Atmel securam support") Cc: stable <stable(a)vger.kernel.org> # 4.9 Cc: Alexandre Belloni <alexandre.belloni(a)free-electrons.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/misc/sram.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/misc/sram.c b/drivers/misc/sram.c index c5dc6095686a..679647713e36 100644 --- a/drivers/misc/sram.c +++ b/drivers/misc/sram.c @@ -407,13 +407,20 @@ static int sram_probe(struct platform_device *pdev) if (init_func) { ret = init_func(); if (ret) - return ret; + goto err_disable_clk; } dev_dbg(sram->dev, "SRAM pool: %zu KiB @ 0x%p\n", gen_pool_size(sram->pool) / 1024, sram->virt_base); return 0; + +err_disable_clk: + if (sram->clk) + clk_disable_unprepare(sram->clk); + sram_free_partitions(sram); + + return ret; } static int sram_remove(struct platform_device *pdev) -- 2.18.0

7 years, 2 months

1
0
0 0

patch "xhci: xhci-mem: off by one in xhci_stream_id_to_ring()" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled xhci: xhci-mem: off by one in xhci_stream_id_to_ring() to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 313db3d6488bb03b61b99de9dbca061f1fd838e1 Mon Sep 17 00:00:00 2001 From: Dan Carpenter <dan.carpenter(a)oracle.com> Date: Wed, 4 Jul 2018 12:48:53 +0300 Subject: xhci: xhci-mem: off by one in xhci_stream_id_to_ring() The > should be >= here so that we don't read one element beyond the end of the ep->stream_info->stream_rings[] array. Fixes: e9df17eb1408 ("USB: xhci: Correct assumptions about number of rings per endpoint.") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/host/xhci-mem.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/host/xhci-mem.c b/drivers/usb/host/xhci-mem.c index 8a62eee9eee1..ef350c33dc4a 100644 --- a/drivers/usb/host/xhci-mem.c +++ b/drivers/usb/host/xhci-mem.c @@ -595,7 +595,7 @@ struct xhci_ring *xhci_stream_id_to_ring( if (!ep->stream_info) return NULL; - if (stream_id > ep->stream_info->num_streams) + if (stream_id >= ep->stream_info->num_streams) return NULL; return ep->stream_info->stream_rings[stream_id]; } -- 2.18.0

7 years, 2 months

1
0
0 0

patch "usb: quirks: add delay quirks for Corsair Strafe" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usb: quirks: add delay quirks for Corsair Strafe to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From bba57eddadda936c94b5dccf73787cb9e159d0a5 Mon Sep 17 00:00:00 2001 From: Nico Sneck <snecknico(a)gmail.com> Date: Mon, 2 Jul 2018 19:26:07 +0300 Subject: usb: quirks: add delay quirks for Corsair Strafe Corsair Strafe appears to suffer from the same issues as the Corsair Strafe RGB. Apply the same quirks (control message delay and init delay) that the RGB version has to 1b1c:1b15. With these quirks in place the keyboard works correctly upon booting the system, and no longer requires reattaching the device. Signed-off-by: Nico Sneck <snecknico(a)gmail.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/core/quirks.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/usb/core/quirks.c b/drivers/usb/core/quirks.c index c55def2f1320..097057d2eacf 100644 --- a/drivers/usb/core/quirks.c +++ b/drivers/usb/core/quirks.c @@ -378,6 +378,10 @@ static const struct usb_device_id usb_quirk_list[] = { /* Corsair K70 RGB */ { USB_DEVICE(0x1b1c, 0x1b13), .driver_info = USB_QUIRK_DELAY_INIT }, + /* Corsair Strafe */ + { USB_DEVICE(0x1b1c, 0x1b15), .driver_info = USB_QUIRK_DELAY_INIT | + USB_QUIRK_DELAY_CTRL_MSG }, + /* Corsair Strafe RGB */ { USB_DEVICE(0x1b1c, 0x1b20), .driver_info = USB_QUIRK_DELAY_INIT | USB_QUIRK_DELAY_CTRL_MSG }, -- 2.18.0

7 years, 2 months

1
0
0 0

patch "USB: serial: mos7840: fix status-register error handling" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: mos7840: fix status-register error handling to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 794744abfffef8b1f3c0c8a4896177d6d13d653d Mon Sep 17 00:00:00 2001 From: Johan Hovold <johan(a)kernel.org> Date: Wed, 4 Jul 2018 17:02:17 +0200 Subject: USB: serial: mos7840: fix status-register error handling Add missing transfer-length sanity check to the status-register completion handler to avoid leaking bits of uninitialised slab data to user space. Fixes: 3f5429746d91 ("USB: Moschip 7840 USB-Serial Driver") Cc: stable <stable(a)vger.kernel.org> # 2.6.19 Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/mos7840.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/usb/serial/mos7840.c b/drivers/usb/serial/mos7840.c index fdceb46d9fc6..b580b4c7fa48 100644 --- a/drivers/usb/serial/mos7840.c +++ b/drivers/usb/serial/mos7840.c @@ -468,6 +468,9 @@ static void mos7840_control_callback(struct urb *urb) } dev_dbg(dev, "%s urb buffer size is %d\n", __func__, urb->actual_length); + if (urb->actual_length < 1) + goto out; + dev_dbg(dev, "%s mos7840_port->MsrLsr is %d port %d\n", __func__, mos7840_port->MsrLsr, mos7840_port->port_num); data = urb->transfer_buffer; -- 2.18.0

7 years, 2 months

1
0
0 0

patch "USB: serial: ch341: fix type promotion bug in ch341_control_in()" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: ch341: fix type promotion bug in ch341_control_in() to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From e33eab9ded328ccc14308afa51b5be7cbe78d30b Mon Sep 17 00:00:00 2001 From: Dan Carpenter <dan.carpenter(a)oracle.com> Date: Wed, 4 Jul 2018 12:29:38 +0300 Subject: USB: serial: ch341: fix type promotion bug in ch341_control_in() The "r" variable is an int and "bufsize" is an unsigned int so the comparison is type promoted to unsigned. If usb_control_msg() returns a negative that is treated as a high positive value and the error handling doesn't work. Fixes: 2d5a9c72d0c4 ("USB: serial: ch341: fix control-message error handling") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/ch341.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/serial/ch341.c b/drivers/usb/serial/ch341.c index bdd7a5ad3bf1..3bb1fff02bed 100644 --- a/drivers/usb/serial/ch341.c +++ b/drivers/usb/serial/ch341.c @@ -128,7 +128,7 @@ static int ch341_control_in(struct usb_device *dev, r = usb_control_msg(dev, usb_rcvctrlpipe(dev, 0), request, USB_TYPE_VENDOR | USB_RECIP_DEVICE | USB_DIR_IN, value, index, buf, bufsize, DEFAULT_TIMEOUT); - if (r < bufsize) { + if (r < (int)bufsize) { if (r >= 0) { dev_err(&dev->dev, "short control message received (%d < %u)\n", -- 2.18.0

7 years, 2 months

1
0
0 0

patch "USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 367b160fe4717c14a2a978b6f9ffb75a7762d3ed Mon Sep 17 00:00:00 2001 From: Olli Salonen <olli.salonen(a)iki.fi> Date: Wed, 4 Jul 2018 14:07:42 +0300 Subject: USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick There are two versions of the Qivicon Zigbee stick in circulation. This adds the second USB ID to the cp210x driver. Signed-off-by: Olli Salonen <olli.salonen(a)iki.fi> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/cp210x.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/usb/serial/cp210x.c b/drivers/usb/serial/cp210x.c index ee0cc1d90b51..626a29d9aa58 100644 --- a/drivers/usb/serial/cp210x.c +++ b/drivers/usb/serial/cp210x.c @@ -149,6 +149,7 @@ static const struct usb_device_id id_table[] = { { USB_DEVICE(0x10C4, 0x8977) }, /* CEL MeshWorks DevKit Device */ { USB_DEVICE(0x10C4, 0x8998) }, /* KCF Technologies PRN */ { USB_DEVICE(0x10C4, 0x89A4) }, /* CESINEL FTBC Flexible Thyristor Bridge Controller */ + { USB_DEVICE(0x10C4, 0x89FB) }, /* Qivicon ZigBee USB Radio Stick */ { USB_DEVICE(0x10C4, 0x8A2A) }, /* HubZ dual ZigBee and Z-Wave dongle */ { USB_DEVICE(0x10C4, 0x8A5E) }, /* CEL EM3588 ZigBee USB Stick Long Range */ { USB_DEVICE(0x10C4, 0x8B34) }, /* Qivicon ZigBee USB Radio Stick */ -- 2.18.0

7 years, 2 months

1
0
0 0

patch "USB: serial: keyspan_pda: fix modem-status error handling" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: keyspan_pda: fix modem-status error handling to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 01b3cdfca263a17554f7b249d20a247b2a751521 Mon Sep 17 00:00:00 2001 From: Johan Hovold <johan(a)kernel.org> Date: Wed, 4 Jul 2018 17:02:16 +0200 Subject: USB: serial: keyspan_pda: fix modem-status error handling Fix broken modem-status error handling which could lead to bits of slab data leaking to user space. Fixes: 3b36a8fd6777 ("usb: fix uninitialized variable warning in keyspan_pda") Cc: stable <stable(a)vger.kernel.org> # 2.6.27 Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/keyspan_pda.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/usb/serial/keyspan_pda.c b/drivers/usb/serial/keyspan_pda.c index 5169624d8b11..38d43c4b7ce5 100644 --- a/drivers/usb/serial/keyspan_pda.c +++ b/drivers/usb/serial/keyspan_pda.c @@ -369,8 +369,10 @@ static int keyspan_pda_get_modem_info(struct usb_serial *serial, 3, /* get pins */ USB_TYPE_VENDOR|USB_RECIP_INTERFACE|USB_DIR_IN, 0, 0, data, 1, 2000); - if (rc >= 0) + if (rc == 1) *value = *data; + else if (rc >= 0) + rc = -EIO; kfree(data); return rc; -- 2.18.0

7 years, 2 months

1
0
0 0

Re: Patch "drm/amd/display: release spinlock before committing updates to stream" has been added to the 4.17-stable tree

by Andrey Grodzovsky

This patch is wrong as noted by MIchel a while ago - quote from his review of the patch. "Actually, pflip_status should really only be set to AMDGPU_FLIP_SUBMITTED after the flip has been programmed to the hardware, at least as far as the lock holder is concerned. That's why the code was previously holding the lock until after the dc_commit_updates_for_stream call. Otherwise, it's at least theoretically possible that either: * dm_pflip_high_irq is called before dc_commit_updates_for_stream, but sees flip_status == AMDGPU_FLIP_SUBMITTED and sends the event to userspace prematurely * dm_pflip_high_irq is called after dc_commit_updates_for_stream, but sees flip_status != AMDGPU_FLIP_SUBMITTED, so it incorrectly doesn't send the event to userspace " It shouldn't go in. Andrey On 07/05/2018 11:59 AM, gregkh(a)linuxfoundation.org wrote: > This is a note to let you know that I've just added the patch titled > > drm/amd/display: release spinlock before committing updates to stream > > to the 4.17-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > drm-amd-display-release-spinlock-before-committing-updates-to-stream.patch > and it can be found in the queue-4.17 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > From 4de9f38bb2cce3a4821ffb8a83d6b08f6e37d905 Mon Sep 17 00:00:00 2001 > From: Shirish S <shirish.s(a)amd.com> > Date: Tue, 26 Jun 2018 09:32:39 +0530 > Subject: drm/amd/display: release spinlock before committing updates to stream > MIME-Version: 1.0 > Content-Type: text/plain; charset=UTF-8 > Content-Transfer-Encoding: 8bit > > From: Shirish S <shirish.s(a)amd.com> > > commit 4de9f38bb2cce3a4821ffb8a83d6b08f6e37d905 upstream. > > Currently, amdgpu_do_flip() spinlocks crtc->dev->event_lock and > releases it only after committing updates to the stream. > > dc_commit_updates_for_stream() should be moved out of > spinlock for the below reasons: > > 1. event_lock is supposed to protect access to acrct->pflip_status _only_ > 2. dc_commit_updates_for_stream() has potential sleep's > and also its not appropriate to be in an atomic state > for such long sequences of code. > > Signed-off-by: Shirish S <shirish.s(a)amd.com> > Suggested-by: Andrey Grodzovsky <andrey.grodzovsky(a)amd.com> > Reviewed-by: Michel Dänzer <michel.daenzer(a)amd.com> > Reviewed-by: Harry Wentland <harry.wentland(a)amd.com> > Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> > Cc: stable(a)vger.kernel.org > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > > --- > drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 6 ++---- > 1 file changed, 2 insertions(+), 4 deletions(-) > > --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c > +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c > @@ -3967,10 +3967,11 @@ static void amdgpu_dm_do_flip(struct drm > if (acrtc->base.state->event) > prepare_flip_isr(acrtc); > > + spin_unlock_irqrestore(&crtc->dev->event_lock, flags); > + > surface_updates->surface = dc_stream_get_status(acrtc_state->stream)->plane_states[0]; > surface_updates->flip_addr = &addr; > > - > dc_commit_updates_for_stream(adev->dm.dc, > surface_updates, > 1, > @@ -3983,9 +3984,6 @@ static void amdgpu_dm_do_flip(struct drm > __func__, > addr.address.grph.addr.high_part, > addr.address.grph.addr.low_part); > - > - > - spin_unlock_irqrestore(&crtc->dev->event_lock, flags); > } > > static void amdgpu_dm_commit_planes(struct drm_atomic_state *state, > > > Patches currently in stable-queue which might be from shirish.s(a)amd.com are > > queue-4.17/drm-amdgpu-add-apu-support-in-vi_set_vce_clocks.patch > queue-4.17/drm-amdgpu-add-apu-support-in-vi_set_uvd_clocks.patch > queue-4.17/drm-amd-display-release-spinlock-before-committing-updates-to-stream.patch

7 years, 2 months

4
5
0 0

[PATCH] soc: qcom: rmtfs-mem: fix memleak in probe error paths

by Johan Hovold

Make sure to set the mem device release callback before calling put_device() in a couple of probe error paths so that the containing object also gets freed. Fixes: d1de6d6c639b ("soc: qcom: Remote filesystem memory driver") Cc: stable <stable(a)vger.kernel.org> # 4.15 Cc: Bjorn Andersson <bjorn.andersson(a)linaro.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/soc/qcom/rmtfs_mem.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/soc/qcom/rmtfs_mem.c b/drivers/soc/qcom/rmtfs_mem.c index c8999e38b005..8a3678c2e83c 100644 --- a/drivers/soc/qcom/rmtfs_mem.c +++ b/drivers/soc/qcom/rmtfs_mem.c @@ -184,6 +184,7 @@ static int qcom_rmtfs_mem_probe(struct platform_device *pdev) device_initialize(&rmtfs_mem->dev); rmtfs_mem->dev.parent = &pdev->dev; rmtfs_mem->dev.groups = qcom_rmtfs_mem_groups; + rmtfs_mem->dev.release = qcom_rmtfs_mem_release_device; rmtfs_mem->base = devm_memremap(&rmtfs_mem->dev, rmtfs_mem->addr, rmtfs_mem->size, MEMREMAP_WC); @@ -206,8 +207,6 @@ static int qcom_rmtfs_mem_probe(struct platform_device *pdev) goto put_device; } - rmtfs_mem->dev.release = qcom_rmtfs_mem_release_device; - ret = of_property_read_u32(node, "qcom,vmid", &vmid); if (ret < 0 && ret != -EINVAL) { dev_err(&pdev->dev, "failed to parse qcom,vmid\n"); -- 2.17.1

7 years, 2 months

1
1
0 0

[PATCH] ALSA: hda/realtek - two more lenovo models need fixup of MIC_LOCATION

by Hui Wang

We have two new lenovo desktop models which need to apply the fixup of ALC294_FIXUP_LENOVO_MIC_LOCATION, and they have the same pin cfg as the machine with subsystem id:0x17aa3136, now use the pincfg table to apply the fixup for them. Cc: <stable(a)vger.kernel.org> Signed-off-by: Hui Wang <hui.wang(a)canonical.com> --- sound/pci/hda/patch_realtek.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c index 63154b9..666713e 100644 --- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -6556,7 +6556,6 @@ static const struct snd_pci_quirk alc269_fixup_tbl[] = { SND_PCI_QUIRK(0x17aa, 0x310c, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), SND_PCI_QUIRK(0x17aa, 0x312a, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), SND_PCI_QUIRK(0x17aa, 0x312f, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), - SND_PCI_QUIRK(0x17aa, 0x3136, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), SND_PCI_QUIRK(0x17aa, 0x313c, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), SND_PCI_QUIRK(0x17aa, 0x3902, "Lenovo E50-80", ALC269_FIXUP_DMIC_THINKPAD_ACPI), SND_PCI_QUIRK(0x17aa, 0x3977, "IdeaPad S210", ALC283_FIXUP_INT_MIC), @@ -6822,6 +6821,11 @@ static const struct snd_hda_pin_quirk alc269_pin_fixup_tbl[] = { {0x1a, 0x02a11040}, {0x1b, 0x01014020}, {0x21, 0x0221101f}), + SND_HDA_PIN_QUIRK(0x10ec0235, 0x17aa, "Lenovo", ALC294_FIXUP_LENOVO_MIC_LOCATION, + {0x14, 0x90170110}, + {0x19, 0x02a11020}, + {0x1a, 0x02a11030}, + {0x21, 0x0221101f}), SND_HDA_PIN_QUIRK(0x10ec0236, 0x1028, "Dell", ALC255_FIXUP_DELL1_MIC_NO_PRESENCE, {0x12, 0x90a60140}, {0x14, 0x90170110}, -- 2.7.4

7 years, 2 months

2
1
0 0

Sitio web

by David Carreras

Estimados/as señores/as: Tras realizar un análisis previo de tu página web hemos descubierto errores en el código que influyen de manera significativa en la baja posición de tu página en buscadores, incluido Googl Les proponemos la optimización de su página web sin necesidad de contrato, de pagos mensuales, sin costes ocultos y sin penalizaciones por rescisión de contrato. Se trata de una de las mejores ofertas que existe actualmente en el mercado. La optimización de la página de su empresa consiste en hacer que resulte más fácil de encontrar para los buscadores, mejorando así su posición en el ranking de Google y otros buscadores. Les invitamos a visitar nuestra página web: http://www.webanalytics-google.com David Carreras. WebAnalytics

7 years, 2 months

1
0
0 0

[stable-4.14 0/6] md fixes for 4.14

by Jack Wang

Hi Greg, We hit a panic in 4.14.43 with md raid1. It's easy to reproduce with a test case, running Fio, and doing mdadm --grow bitmap=none /dev/mdx && mdadm --grow bitmap=internal /dev/mdx in a loop. With following patches applied, we can no longer reproduce the problem. Please consider to apply the patches to 4.14, they can be applied cleanly on 4.14.52. Cheers, Jack NeilBrown (6): md: always hold reconfig_mutex when calling mddev_suspend() md: don't call bitmap_create() while array is quiesced. md: move suspend_hi/lo handling into core md code md: use mddev_suspend/resume instead of ->quiesce() md: allow metadata update while suspending. md: remove special meaning of ->quiesce(.., 2) drivers/md/dm-raid.c | 10 ++++-- drivers/md/md-cluster.c | 6 ++-- drivers/md/md.c | 90 ++++++++++++++++++++++++++++++------------------ drivers/md/md.h | 15 +++++--- drivers/md/raid0.c | 2 +- drivers/md/raid1.c | 27 +++++---------- drivers/md/raid10.c | 10 ++---- drivers/md/raid5-cache.c | 30 ++++++++++------ drivers/md/raid5-log.h | 2 +- drivers/md/raid5.c | 40 ++++----------------- 10 files changed, 116 insertions(+), 116 deletions(-) -- 2.7.4

7 years, 2 months

3
8
0 0

[PATCH 6/6] tracing: Fix missing return symbol in function_graph output

by Steven Rostedt

From: Changbin Du <changbin.du(a)intel.com> The function_graph tracer does not show the interrupt return marker for the leaf entry. On leaf entries, we see an unbalanced interrupt marker (the interrupt was entered, but nevern left). Before: 1) | SyS_write() { 1) | __fdget_pos() { 1) 0.061 us | __fget_light(); 1) 0.289 us | } 1) | vfs_write() { 1) 0.049 us | rw_verify_area(); 1) + 15.424 us | __vfs_write(); 1) ==========> | 1) 6.003 us | smp_apic_timer_interrupt(); 1) 0.055 us | __fsnotify_parent(); 1) 0.073 us | fsnotify(); 1) + 23.665 us | } 1) + 24.501 us | } After: 0) | SyS_write() { 0) | __fdget_pos() { 0) 0.052 us | __fget_light(); 0) 0.328 us | } 0) | vfs_write() { 0) 0.057 us | rw_verify_area(); 0) | __vfs_write() { 0) ==========> | 0) 8.548 us | smp_apic_timer_interrupt(); 0) <========== | 0) + 36.507 us | } /* __vfs_write */ 0) 0.049 us | __fsnotify_parent(); 0) 0.066 us | fsnotify(); 0) + 50.064 us | } 0) + 50.952 us | } Link: http://lkml.kernel.org/r/1517413729-20411-1-git-send-email-changbin.du@inte… Cc: stable(a)vger.kernel.org Fixes: f8b755ac8e0cc ("tracing/function-graph-tracer: Output arrows signal on hardirq call/return") Signed-off-by: Changbin Du <changbin.du(a)intel.com> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> --- kernel/trace/trace_functions_graph.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c index 23c0b0cb5fb9..169b3c44ee97 100644 --- a/kernel/trace/trace_functions_graph.c +++ b/kernel/trace/trace_functions_graph.c @@ -831,6 +831,7 @@ print_graph_entry_leaf(struct trace_iterator *iter, struct ftrace_graph_ret *graph_ret; struct ftrace_graph_ent *call; unsigned long long duration; + int cpu = iter->cpu; int i; graph_ret = &ret_entry->ret; @@ -839,7 +840,6 @@ print_graph_entry_leaf(struct trace_iterator *iter, if (data) { struct fgraph_cpu_data *cpu_data; - int cpu = iter->cpu; cpu_data = per_cpu_ptr(data->cpu_data, cpu); @@ -869,6 +869,9 @@ print_graph_entry_leaf(struct trace_iterator *iter, trace_seq_printf(s, "%ps();\n", (void *)call->func); + print_graph_irq(iter, graph_ret->func, TRACE_GRAPH_RET, + cpu, iter->ent->pid, flags); + return trace_handle_return(s); } -- 2.17.1

7 years, 2 months

1
0
0 0

[PATCH 1/6] tracing: Avoid string overflow

by Steven Rostedt

From: Arnd Bergmann <arnd(a)arndb.de> 'err' is used as a NUL-terminated string, but using strncpy() with the length equal to the buffer size may result in lack of the termination: kernel/trace/trace_events_hist.c: In function 'hist_err_event': kernel/trace/trace_events_hist.c:396:3: error: 'strncpy' specified bound 256 equals destination size [-Werror=stringop-truncation] strncpy(err, var, MAX_FILTER_STR_VAL); This changes it to use the safer strscpy() instead. Link: http://lkml.kernel.org/r/20180328140920.2842153-1-arnd@arndb.de Cc: stable(a)vger.kernel.org Fixes: f404da6e1d46 ("tracing: Add 'last error' error facility for hist triggers") Acked-by: Tom Zanussi <tom.zanussi(a)linux.intel.com> Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> --- kernel/trace/trace_events_hist.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c index 046c716a6536..aae18af94c94 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -393,7 +393,7 @@ static void hist_err_event(char *str, char *system, char *event, char *var) else if (system) snprintf(err, MAX_FILTER_STR_VAL, "%s.%s", system, event); else - strncpy(err, var, MAX_FILTER_STR_VAL); + strscpy(err, var, MAX_FILTER_STR_VAL); hist_err(str, err); } -- 2.17.1

7 years, 2 months

1
0
0 0

[PATCH] arm64: dts: stratix10: Fix SPI nodes for Stratix10

by thor.thayer＠linux.intel.com

From: Thor Thayer <thor.thayer(a)linux.intel.com> Patch did not apply cleanly to 4.9 and 4.14 stable branches because of additional node properties added after 4.14. So backport patch and cleanup commit 4595299c5eae ("arm64: dts: stratix10: Fix SPI nodes for Stratix10") Remove the unused bus-num node and change num-chipselect to num-cs to match SPI bindings. Cc: stable(a)vger.kernel.org # 4.14.x Cc: stable(a)vger.kernel.org # 4.9.x Fixes: 78cd6a9d8e154 ("arm64: dts: Add base stratix 10 dtsi") Signed-off-by: Thor Thayer <thor.thayer(a)linux.intel.com> Signed-off-by: Dinh Nguyen <dinguyen(a)kernel.org> Signed-off-by: Olof Johansson <olof(a)lixom.net> --- arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi index c2b9bcb0ef61..57f75453ee93 100644 --- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi +++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi @@ -231,8 +231,7 @@ #size-cells = <0>; reg = <0xffda4000 0x1000>; interrupts = <0 101 4>; - num-chipselect = <4>; - bus-num = <0>; + num-cs = <4>; status = "disabled"; }; @@ -242,8 +241,7 @@ #size-cells = <0>; reg = <0xffda5000 0x1000>; interrupts = <0 102 4>; - num-chipselect = <4>; - bus-num = <0>; + num-cs = <4>; status = "disabled"; }; -- 2.7.4

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] dm: prevent DAX mounts if not supported" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From dbc626597c39b24cefce09fbd8e9dea85869a801 Mon Sep 17 00:00:00 2001 From: Ross Zwisler <ross.zwisler(a)linux.intel.com> Date: Tue, 26 Jun 2018 16:30:41 -0600 Subject: [PATCH] dm: prevent DAX mounts if not supported Currently device_supports_dax() just checks to see if the QUEUE_FLAG_DAX flag is set on the device's request queue to decide whether or not the device supports filesystem DAX. Really we should be using bdev_dax_supported() like filesystems do at mount time. This performs other tests like checking to make sure the dax_direct_access() path works. We also explicitly clear QUEUE_FLAG_DAX on the DM device's request queue if any of the underlying devices do not support DAX. This makes the handling of QUEUE_FLAG_DAX consistent with the setting/clearing of most other flags in dm_table_set_restrictions(). Now that bdev_dax_supported() explicitly checks for QUEUE_FLAG_DAX, this will ensure that filesystems built upon DM devices will only be able to mount with DAX if all underlying devices also support DAX. Signed-off-by: Ross Zwisler <ross.zwisler(a)linux.intel.com> Fixes: commit 545ed20e6df6 ("dm: add infrastructure for DAX support") Cc: stable(a)vger.kernel.org Acked-by: Dan Williams <dan.j.williams(a)intel.com> Reviewed-by: Toshi Kani <toshi.kani(a)hpe.com> Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> diff --git a/drivers/md/dm-table.c b/drivers/md/dm-table.c index 938766794c2e..3d0e2c198f06 100644 --- a/drivers/md/dm-table.c +++ b/drivers/md/dm-table.c @@ -885,9 +885,7 @@ EXPORT_SYMBOL_GPL(dm_table_set_type); static int device_supports_dax(struct dm_target *ti, struct dm_dev *dev, sector_t start, sector_t len, void *data) { - struct request_queue *q = bdev_get_queue(dev->bdev); - - return q && blk_queue_dax(q); + return bdev_dax_supported(dev->bdev, PAGE_SIZE); } static bool dm_table_supports_dax(struct dm_table *t) @@ -1907,6 +1905,9 @@ void dm_table_set_restrictions(struct dm_table *t, struct request_queue *q, if (dm_table_supports_dax(t)) blk_queue_flag_set(QUEUE_FLAG_DAX, q); + else + blk_queue_flag_clear(QUEUE_FLAG_DAX, q); + if (dm_table_supports_dax_write_cache(t)) dax_write_cache(t->md->dax_dev, true); diff --git a/drivers/md/dm.c b/drivers/md/dm.c index a3b103e8e3ce..b0dd7027848b 100644 --- a/drivers/md/dm.c +++ b/drivers/md/dm.c @@ -1056,8 +1056,7 @@ static long dm_dax_direct_access(struct dax_device *dax_dev, pgoff_t pgoff, if (len < 1) goto out; nr_pages = min(len, nr_pages); - if (ti->type->direct_access) - ret = ti->type->direct_access(ti, pgoff, nr_pages, kaddr, pfn); + ret = ti->type->direct_access(ti, pgoff, nr_pages, kaddr, pfn); out: dm_put_live_table(md, srcu_idx);

7 years, 2 months

2
1
0 0

[PATCH] MIPS: Fix ioremap() RAM check

by Paul Burton

We currently attempt to check whether a physical address range provided to __ioremap() may be in use by the page allocator by examining the value of PageReserved for each page in the region - lowmem pages not marked reserved are presumed to be in use by the page allocator, and requests to ioremap them fail. The way we check this has been broken since commit 92923ca3aace ("mm: meminit: only set page reserved in the memblock region"), because memblock will typically not have any knowledge of non-RAM pages and therefore those pages will not have the PageReserved flag set. Thus when we attempt to ioremap a region outside of RAM we incorrectly fail believing that the region is RAM that may be in use. In most cases ioremap() on MIPS will take a fast-path to use the unmapped kseg1 or xkphys virtual address spaces and never hit this path, so the only way to hit it is for a MIPS32 system to attempt to ioremap() an address range in lowmem with flags other than _CACHE_UNCACHED. Perhaps the most straightforward way to do this is using ioremap_uncached_accelerated(), which is how the problem was discovered. Fix this by making use of walk_system_ram_range() to test the address range provided to __ioremap() against only RAM pages, rather than all lowmem pages. This means that if we have a lowmem I/O region, which is very common for MIPS systems, we're free to ioremap() address ranges within it. A nice bonus is that the test is no longer limited to lowmem. The approach here matches the way x86 performed the same test after commit c81c8a1eeede ("x86, ioremap: Speed up check for RAM pages") until x86 moved towards a slightly more complicated check using walk_mem_res() for unrelated reasons with commit 0e4c12b45aa8 ("x86/mm, resource: Use PAGE_KERNEL protection for ioremap of memory pages"). Signed-off-by: Paul Burton <paul.burton(a)mips.com> Reported-by: Serge Semin <fancer.lancer(a)gmail.com> Tested-by: Serge Semin <fancer.lancer(a)gmail.com> Fixes: 92923ca3aace ("mm: meminit: only set page reserved in the memblock region") Cc: James Hogan <jhogan(a)kernel.org> Cc: Ralf Baechle <ralf(a)linux-mips.org> Cc: linux-mips(a)linux-mips.org Cc: stable(a)vger.kernel.org # v4.2+ --- arch/mips/mm/ioremap.c | 37 +++++++++++++++++++++++++------------ 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/arch/mips/mm/ioremap.c b/arch/mips/mm/ioremap.c index 1986e09fb457..1601d90b087b 100644 --- a/arch/mips/mm/ioremap.c +++ b/arch/mips/mm/ioremap.c @@ -9,6 +9,7 @@ #include <linux/export.h> #include <asm/addrspace.h> #include <asm/byteorder.h> +#include <linux/ioport.h> #include <linux/sched.h> #include <linux/slab.h> #include <linux/vmalloc.h> @@ -98,6 +99,20 @@ static int remap_area_pages(unsigned long address, phys_addr_t phys_addr, return error; } +static int __ioremap_check_ram(unsigned long start_pfn, unsigned long nr_pages, + void *arg) +{ + unsigned long i; + + for (i = 0; i < nr_pages; i++) { + if (pfn_valid(start_pfn + i) && + !PageReserved(pfn_to_page(start_pfn + i))) + return 1; + } + + return 0; +} + /* * Generic mapping function (not visible outside): */ @@ -116,8 +131,8 @@ static int remap_area_pages(unsigned long address, phys_addr_t phys_addr, void __iomem * __ioremap(phys_addr_t phys_addr, phys_addr_t size, unsigned long flags) { + unsigned long offset, pfn, last_pfn; struct vm_struct * area; - unsigned long offset; phys_addr_t last_addr; void * addr; @@ -137,18 +152,16 @@ void __iomem * __ioremap(phys_addr_t phys_addr, phys_addr_t size, unsigned long return (void __iomem *) CKSEG1ADDR(phys_addr); /* - * Don't allow anybody to remap normal RAM that we're using.. + * Don't allow anybody to remap RAM that may be allocated by the page + * allocator, since that could lead to races & data clobbering. */ - if (phys_addr < virt_to_phys(high_memory)) { - char *t_addr, *t_end; - struct page *page; - - t_addr = __va(phys_addr); - t_end = t_addr + (size - 1); - - for(page = virt_to_page(t_addr); page <= virt_to_page(t_end); page++) - if(!PageReserved(page)) - return NULL; + pfn = PFN_DOWN(phys_addr); + last_pfn = PFN_DOWN(last_addr); + if (walk_system_ram_range(pfn, last_pfn - pfn + 1, NULL, + __ioremap_check_ram) == 1) { + WARN_ONCE(1, "ioremap on RAM at %pa - %pa\n", + &phys_addr, &last_addr); + return NULL; } /* -- 2.18.0

7 years, 2 months

1
0
0 0

[PATCH v2] dm-zoned: Avoid triggering reclaim from inside dmz_map()

by Bart Van Assche

This patch avoids that lockdep reports the following: ====================================================== WARNING: possible circular locking dependency detected 4.18.0-rc1 #62 Not tainted ------------------------------------------------------ kswapd0/84 is trying to acquire lock: 00000000c313516d (&xfs_nondir_ilock_class){++++}, at: xfs_free_eofblocks+0xa2/0x1e0 but task is already holding lock: 00000000591c83ae (fs_reclaim){+.+.}, at: __fs_reclaim_acquire+0x5/0x30 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (fs_reclaim){+.+.}: kmem_cache_alloc+0x2c/0x2b0 radix_tree_node_alloc.constprop.19+0x3d/0xc0 __radix_tree_create+0x161/0x1c0 __radix_tree_insert+0x45/0x210 dmz_map+0x245/0x2d0 [dm_zoned] __map_bio+0x40/0x260 __split_and_process_non_flush+0x116/0x220 __split_and_process_bio+0x81/0x180 __dm_make_request.isra.32+0x5a/0x100 generic_make_request+0x36e/0x690 submit_bio+0x6c/0x140 mpage_readpages+0x19e/0x1f0 read_pages+0x6d/0x1b0 __do_page_cache_readahead+0x21b/0x2d0 force_page_cache_readahead+0xc4/0x100 generic_file_read_iter+0x7c6/0xd20 __vfs_read+0x102/0x180 vfs_read+0x9b/0x140 ksys_read+0x55/0xc0 do_syscall_64+0x5a/0x1f0 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #1 (&dmz->chunk_lock){+.+.}: dmz_map+0x133/0x2d0 [dm_zoned] __map_bio+0x40/0x260 __split_and_process_non_flush+0x116/0x220 __split_and_process_bio+0x81/0x180 __dm_make_request.isra.32+0x5a/0x100 generic_make_request+0x36e/0x690 submit_bio+0x6c/0x140 _xfs_buf_ioapply+0x31c/0x590 xfs_buf_submit_wait+0x73/0x520 xfs_buf_read_map+0x134/0x2f0 xfs_trans_read_buf_map+0xc3/0x580 xfs_read_agf+0xa5/0x1e0 xfs_alloc_read_agf+0x59/0x2b0 xfs_alloc_pagf_init+0x27/0x60 xfs_bmap_longest_free_extent+0x43/0xb0 xfs_bmap_btalloc_nullfb+0x7f/0xf0 xfs_bmap_btalloc+0x428/0x7c0 xfs_bmapi_write+0x598/0xcc0 xfs_iomap_write_allocate+0x15a/0x330 xfs_map_blocks+0x1cf/0x3f0 xfs_do_writepage+0x15f/0x7b0 write_cache_pages+0x1ca/0x540 xfs_vm_writepages+0x65/0xa0 do_writepages+0x48/0xf0 __writeback_single_inode+0x58/0x730 writeback_sb_inodes+0x249/0x5c0 wb_writeback+0x11e/0x550 wb_workfn+0xa3/0x670 process_one_work+0x228/0x670 worker_thread+0x3c/0x390 kthread+0x11c/0x140 ret_from_fork+0x3a/0x50 -> #0 (&xfs_nondir_ilock_class){++++}: down_read_nested+0x43/0x70 xfs_free_eofblocks+0xa2/0x1e0 xfs_fs_destroy_inode+0xac/0x270 dispose_list+0x51/0x80 prune_icache_sb+0x52/0x70 super_cache_scan+0x127/0x1a0 shrink_slab.part.47+0x1bd/0x590 shrink_node+0x3b5/0x470 balance_pgdat+0x158/0x3b0 kswapd+0x1ba/0x600 kthread+0x11c/0x140 ret_from_fork+0x3a/0x50 other info that might help us debug this: Chain exists of: &xfs_nondir_ilock_class --> &dmz->chunk_lock --> fs_reclaim Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(fs_reclaim); lock(&dmz->chunk_lock); lock(fs_reclaim); lock(&xfs_nondir_ilock_class); *** DEADLOCK *** 3 locks held by kswapd0/84: #0: 00000000591c83ae (fs_reclaim){+.+.}, at: __fs_reclaim_acquire+0x5/0x30 #1: 000000000f8208f5 (shrinker_rwsem){++++}, at: shrink_slab.part.47+0x3f/0x590 #2: 00000000cacefa54 (&type->s_umount_key#43){.+.+}, at: trylock_super+0x16/0x50 stack backtrace: CPU: 7 PID: 84 Comm: kswapd0 Not tainted 4.18.0-rc1 #62 Hardware name: Supermicro Super Server/X10SRL-F, BIOS 2.0 12/17/2015 Call Trace: dump_stack+0x85/0xcb print_circular_bug.isra.36+0x1ce/0x1db __lock_acquire+0x124e/0x1310 lock_acquire+0x9f/0x1f0 down_read_nested+0x43/0x70 xfs_free_eofblocks+0xa2/0x1e0 xfs_fs_destroy_inode+0xac/0x270 dispose_list+0x51/0x80 prune_icache_sb+0x52/0x70 super_cache_scan+0x127/0x1a0 shrink_slab.part.47+0x1bd/0x590 shrink_node+0x3b5/0x470 balance_pgdat+0x158/0x3b0 kswapd+0x1ba/0x600 kthread+0x11c/0x140 ret_from_fork+0x3a/0x50 Reported-by: Masato Suzuki <masato.suzuki(a)wdc.com> Fixes: 4218a9554653 ("dm zoned: use GFP_NOIO in I/O path") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Damien Le Moal <Damien.LeMoal(a)wdc.com> Cc: Mikulas Patocka <mpatocka(a)redhat.com> Cc: <stable(a)vger.kernel.org> --- Changes compared to v1: added "Cc: stable" drivers/md/dm-zoned-target.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/md/dm-zoned-target.c b/drivers/md/dm-zoned-target.c index 3c0e45f4dcf5..a44183ff4be0 100644 --- a/drivers/md/dm-zoned-target.c +++ b/drivers/md/dm-zoned-target.c @@ -787,7 +787,7 @@ static int dmz_ctr(struct dm_target *ti, unsigned int argc, char **argv) /* Chunk BIO work */ mutex_init(&dmz->chunk_lock); - INIT_RADIX_TREE(&dmz->chunk_rxtree, GFP_KERNEL); + INIT_RADIX_TREE(&dmz->chunk_rxtree, GFP_NOIO); dmz->chunk_wq = alloc_workqueue("dmz_cwq_%s", WQ_MEM_RECLAIM | WQ_UNBOUND, 0, dev->name); if (!dmz->chunk_wq) { -- 2.17.1

7 years, 2 months

3
2
0 0

[merged] mm-teach-dump_page-to-correctly-output-poisoned-struct-pages.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: teach dump_page() to correctly output poisoned struct pages has been removed from the -mm tree. Its filename was mm-teach-dump_page-to-correctly-output-poisoned-struct-pages.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Pavel Tatashin <pasha.tatashin(a)oracle.com> Subject: mm: teach dump_page() to correctly output poisoned struct pages If struct page is poisoned, and uninitialized access is detected via PF_POISONED_CHECK(page) dump_page() is called to output the page. But, the dump_page() itself accesses struct page to determine how to print it, and therefore gets into a recursive loop. For example: dump_page() __dump_page() PageSlab(page) PF_POISONED_CHECK(page) VM_BUG_ON_PGFLAGS(PagePoisoned(page), page) dump_page() recursion loop. Link: http://lkml.kernel.org/r/20180702180536.2552-1-pasha.tatashin@oracle.com Fixes: f165b378bbdf ("mm: uninitialized struct page poisoning sanity checking") Signed-off-by: Pavel Tatashin <pasha.tatashin(a)oracle.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/debug.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff -puN mm/debug.c~mm-teach-dump_page-to-correctly-output-poisoned-struct-pages mm/debug.c --- a/mm/debug.c~mm-teach-dump_page-to-correctly-output-poisoned-struct-pages +++ a/mm/debug.c @@ -43,12 +43,25 @@ const struct trace_print_flags vmaflag_n void __dump_page(struct page *page, const char *reason) { + bool page_poisoned = PagePoisoned(page); + int mapcount; + + /* + * If struct page is poisoned don't access Page*() functions as that + * leads to recursive loop. Page*() check for poisoned pages, and calls + * dump_page() when detected. + */ + if (page_poisoned) { + pr_emerg("page:%px is uninitialized and poisoned", page); + goto hex_only; + } + /* * Avoid VM_BUG_ON() in page_mapcount(). * page->_mapcount space in struct page is used by sl[aou]b pages to * encode own info. */ - int mapcount = PageSlab(page) ? 0 : page_mapcount(page); + mapcount = PageSlab(page) ? 0 : page_mapcount(page); pr_emerg("page:%px count:%d mapcount:%d mapping:%px index:%#lx", page, page_ref_count(page), mapcount, @@ -60,6 +73,7 @@ void __dump_page(struct page *page, cons pr_emerg("flags: %#lx(%pGp)\n", page->flags, &page->flags); +hex_only: print_hex_dump(KERN_ALERT, "raw: ", DUMP_PREFIX_NONE, 32, sizeof(unsigned long), page, sizeof(struct page), false); @@ -68,7 +82,7 @@ void __dump_page(struct page *page, cons pr_alert("page dumped because: %s\n", reason); #ifdef CONFIG_MEMCG - if (page->mem_cgroup) + if (!page_poisoned && page->mem_cgroup) pr_alert("page->mem_cgroup:%px\n", page->mem_cgroup); #endif } _ Patches currently in -mm which might be from pasha.tatashin(a)oracle.com are mm-skip-invalid-pages-block-at-a-time-in-zero_resv_unresv.patch sparc64-ng4-memset-32-bits-overflow.patch

7 years, 2 months

1
0
0 0

[merged] mm-hugetlb-yield-when-prepping-struct-pages.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: hugetlb: yield when prepping struct pages has been removed from the -mm tree. Its filename was mm-hugetlb-yield-when-prepping-struct-pages.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Cannon Matthews <cannonmatthews(a)google.com> Subject: mm: hugetlb: yield when prepping struct pages When booting with very large numbers of gigantic (i.e. 1G) pages, the operations in the loop of gather_bootmem_prealloc, and specifically prep_compound_gigantic_page, takes a very long time, and can cause a softlockup if enough pages are requested at boot. For example booting with 3844 1G pages requires prepping (set_compound_head, init the count) over 1 billion 4K tail pages, which takes considerable time. Add a cond_resched() to the outer loop in gather_bootmem_prealloc() to prevent this lockup. Tested: Booted with softlockup_panic=1 hugepagesz=1G hugepages=3844 and no softlockup is reported, and the hugepages are reported as successfully setup. Link: http://lkml.kernel.org/r/20180627214447.260804-1-cannonmatthews@google.com Signed-off-by: Cannon Matthews <cannonmatthews(a)google.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: Andres Lagar-Cavilla <andreslc(a)google.com> Cc: Peter Feiner <pfeiner(a)google.com> Cc: Greg Thelen <gthelen(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hugetlb.c | 1 + 1 file changed, 1 insertion(+) diff -puN mm/hugetlb.c~mm-hugetlb-yield-when-prepping-struct-pages mm/hugetlb.c --- a/mm/hugetlb.c~mm-hugetlb-yield-when-prepping-struct-pages +++ a/mm/hugetlb.c @@ -2163,6 +2163,7 @@ static void __init gather_bootmem_preall */ if (hstate_is_gigantic(h)) adjust_managed_page_count(page, 1 << h->order); + cond_resched(); } } _ Patches currently in -mm which might be from cannonmatthews(a)google.com are

7 years, 2 months

1
0
0 0

[merged] userfaultfd-hugetlbfs-fix-userfaultfd_huge_must_wait-pte-access.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access has been removed from the -mm tree. Its filename was userfaultfd-hugetlbfs-fix-userfaultfd_huge_must_wait-pte-access.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Janosch Frank <frankja(a)linux.ibm.com> Subject: userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access Use huge_ptep_get() to translate huge ptes to normal ptes so we can check them with the huge_pte_* functions. Otherwise some architectures will check the wrong values and will not wait for userspace to bring in the memory. Link: http://lkml.kernel.org/r/20180626132421.78084-1-frankja@linux.ibm.com Fixes: 369cd2121be4 ("userfaultfd: hugetlbfs: userfaultfd_huge_must_wait for hugepmd ranges") Signed-off-by: Janosch Frank <frankja(a)linux.ibm.com> Reviewed-by: David Hildenbrand <david(a)redhat.com> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/userfaultfd.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff -puN fs/userfaultfd.c~userfaultfd-hugetlbfs-fix-userfaultfd_huge_must_wait-pte-access fs/userfaultfd.c --- a/fs/userfaultfd.c~userfaultfd-hugetlbfs-fix-userfaultfd_huge_must_wait-pte-access +++ a/fs/userfaultfd.c @@ -222,24 +222,26 @@ static inline bool userfaultfd_huge_must unsigned long reason) { struct mm_struct *mm = ctx->mm; - pte_t *pte; + pte_t *ptep, pte; bool ret = true; VM_BUG_ON(!rwsem_is_locked(&mm->mmap_sem)); - pte = huge_pte_offset(mm, address, vma_mmu_pagesize(vma)); - if (!pte) + ptep = huge_pte_offset(mm, address, vma_mmu_pagesize(vma)); + + if (!ptep) goto out; ret = false; + pte = huge_ptep_get(ptep); /* * Lockless access: we're in a wait_event so it's ok if it * changes under us. */ - if (huge_pte_none(*pte)) + if (huge_pte_none(pte)) ret = true; - if (!huge_pte_write(*pte) && (reason & VM_UFFD_WP)) + if (!huge_pte_write(pte) && (reason & VM_UFFD_WP)) ret = true; out: return ret; _ Patches currently in -mm which might be from frankja(a)linux.ibm.com are

7 years, 2 months

1
0
0 0

[GIT PULL] commits for Linux 4.4

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.4 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit dc45cafe612ec6960fe728f3260a0b751c73f4aa: Linux 4.4.136 (2018-06-06 16:46:24 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.4-20062018 for you to fetch changes up to 340dc6e834545e08109b42402fe692c097446c90: net/sonic: Use dma_mapping_error() (2018-06-07 15:40:15 -0400) - ---------------------------------------------------------------- for-greg-4.4-20062018 - ---------------------------------------------------------------- Eric Dumazet (1): xfrm6: avoid potential infinite loop in _decode_session6() Finn Thain (1): net/sonic: Use dma_mapping_error() Ivan Bornyakov (1): atm: zatm: fix memcmp casting Josh Hill (1): net: qmi_wwan: Add Netgear Aircard 779S Julian Anastasov (1): ipvs: fix buffer overflow with sync daemon and service Paolo Abeni (1): netfilter: ebtables: handle string from userspace with care drivers/atm/zatm.c | 4 ++-- drivers/net/ethernet/natsemi/sonic.c | 2 +- drivers/net/usb/qmi_wwan.c | 1 + net/bridge/netfilter/ebtables.c | 3 ++- net/ipv6/xfrm6_policy.c | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 21 +++++++++++++++------ 6 files changed, 22 insertions(+), 11 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlsrD2AACgkQ3qZv95d3 LNxa4hAAsH8GdIusq8gBegjlwklVZiCo2zvrWbwohM7Sc1TpuAjLWSVh9iuFRPKn fAAuQYlY3oTDpq/bnje4c+JTnNsjcikDETycZ3diWCiG28c9DjKatsJt/fH9yP/V vAzCboTy38kbizNpXBam6KniZ48qEvFZt2zsYpFL5HzlgHTlBOcOup7iL3P04i1S +v/QCS+OApv0VZR84Nq4mx5ofYILO7ty2xzLCTHHqzLWCEyaX3SbJXBKF5lf3Cu2 WU35HQsnTxKaM3fa7+nSsZu2xkqwNit/xAeAdf0e3ymgBc1G+DezZTJFk/+BbD1N /zWs7AN757Ae6p5HB4eV5KGM5hO8bhqtNuGv6T0eAbqi4MwNclY+J0VCTVbtDrjT bPyJHdfjNc175M2wZDw0HJWWYIHUroQ1Qcao6V9DchVPKtsLd3ICj9sXNNhp1VMo zNLfj9hRcOY/cZtj8tNC6QyoOZX1QBiTGKxDvQbQvmWsrKWQCDOCPHOJh/AycH9a jQYl4+DPMYMFh0ahrrDNBkbmI10Jcg170vQ4CEppRP1zkwbSNtHzfMlp8t2kXXTV uc2rxh/MY2DwBoXqGs6HrxH1Z/A2gcwcu8xqNAGJhaleWQEae2qFQx6eEUKekjhm +EfJIG7v2blVcMLpp06kaAwlIUK4hV2F/Tn9BoQajbBA5Lq9whI= =0hTA -----END PGP SIGNATURE-----

7 years, 2 months

2
2
0 0

[PATCH 4.9] mlxsw: spectrum: Forbid linking of VLAN devices to devices that have uppers

by Ido Schimmel

commit 25cc72a33835ed8a6f53180a822cadab855852ac upstream. Jiri Slaby noticed that the backport of upstream commit 25cc72a33835 ("mlxsw: spectrum: Forbid linking to devices that have uppers") to kernel 4.9.y introduced the same check twice in the same function instead of in two different places. Fix this by relocating one of the checks to its intended place, thus preventing unsupported configurations as described in the original commit. Fixes: 73ee5a73e75f ("mlxsw: spectrum: Forbid linking to devices that have uppers") Signed-off-by: Ido Schimmel <idosch(a)mellanox.com> Reported-by: Jiri Slaby <jslaby(a)suse.cz> --- Greg, I read Documentation/stable_kernel_rules.txt, so I hope the patch is fine. Please let me know if v2 is required. Thanks --- drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c index d50350c7adc4..22a5916e477e 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c @@ -4187,10 +4187,6 @@ static int mlxsw_sp_netdevice_port_upper_event(struct net_device *dev, if (netif_is_lag_port(dev) && is_vlan_dev(upper_dev) && !netif_is_lag_master(vlan_dev_real_dev(upper_dev))) return -EINVAL; - if (!info->linking) - break; - if (netdev_has_any_upper_dev(upper_dev)) - return -EINVAL; break; case NETDEV_CHANGEUPPER: upper_dev = info->upper_dev; @@ -4566,6 +4562,8 @@ static int mlxsw_sp_netdevice_vport_event(struct net_device *dev, return -EINVAL; if (!info->linking) break; + if (netdev_has_any_upper_dev(upper_dev)) + return -EINVAL; /* We can't have multiple VLAN interfaces configured on * the same port and being members in the same bridge. */ -- 2.14.4

7 years, 2 months

2
4
0 0

FAILED: patch "[PATCH] x86/mce: Fix incorrect "Machine check from unknown source"" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 40c36e2741d7fe1e66d6ec55477ba5fd19c9c5d2 Mon Sep 17 00:00:00 2001 From: Tony Luck <tony.luck(a)intel.com> Date: Fri, 22 Jun 2018 11:54:23 +0200 Subject: [PATCH] x86/mce: Fix incorrect "Machine check from unknown source" message Some injection testing resulted in the following console log: mce: [Hardware Error]: CPU 22: Machine Check Exception: f Bank 1: bd80000000100134 mce: [Hardware Error]: RIP 10:<ffffffffc05292dd> {pmem_do_bvec+0x11d/0x330 [nd_pmem]} mce: [Hardware Error]: TSC c51a63035d52 ADDR 3234bc4000 MISC 88 mce: [Hardware Error]: PROCESSOR 0:50654 TIME 1526502199 SOCKET 0 APIC 38 microcode 2000043 mce: [Hardware Error]: Run the above through 'mcelog --ascii' Kernel panic - not syncing: Machine check from unknown source This confused everybody because the first line quite clearly shows that we found a logged error in "Bank 1", while the last line says "unknown source". The problem is that the Linux code doesn't do the right thing for a local machine check that results in a fatal error. It turns out that we know very early in the handler whether the machine check is fatal. The call to mce_no_way_out() has checked all the banks for the CPU that took the local machine check. If it says we must crash, we can do so right away with the right messages. We do scan all the banks again. This means that we might initially not see a problem, but during the second scan find something fatal. If this happens we print a slightly different message (so I can see if it actually every happens). [ bp: Remove unneeded severity assignment. ] Signed-off-by: Tony Luck <tony.luck(a)intel.com> Signed-off-by: Borislav Petkov <bp(a)suse.de> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: Ashok Raj <ashok.raj(a)intel.com> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> Cc: linux-edac <linux-edac(a)vger.kernel.org> Cc: stable(a)vger.kernel.org # 4.2 Link: http://lkml.kernel.org/r/52e049a497e86fd0b71c529651def8871c804df0.152728389… diff --git a/arch/x86/kernel/cpu/mcheck/mce.c b/arch/x86/kernel/cpu/mcheck/mce.c index 7e6f51a9d917..e93670d736a6 100644 --- a/arch/x86/kernel/cpu/mcheck/mce.c +++ b/arch/x86/kernel/cpu/mcheck/mce.c @@ -1207,13 +1207,18 @@ void do_machine_check(struct pt_regs *regs, long error_code) lmce = m.mcgstatus & MCG_STATUS_LMCES; /* + * Local machine check may already know that we have to panic. + * Broadcast machine check begins rendezvous in mce_start() * Go through all banks in exclusion of the other CPUs. This way we * don't report duplicated events on shared banks because the first one - * to see it will clear it. If this is a Local MCE, then no need to - * perform rendezvous. + * to see it will clear it. */ - if (!lmce) + if (lmce) { + if (no_way_out) + mce_panic("Fatal local machine check", &m, msg); + } else { order = mce_start(&no_way_out); + } for (i = 0; i < cfg->banks; i++) { __clear_bit(i, toclear); @@ -1289,12 +1294,17 @@ void do_machine_check(struct pt_regs *regs, long error_code) no_way_out = worst >= MCE_PANIC_SEVERITY; } else { /* - * Local MCE skipped calling mce_reign() - * If we found a fatal error, we need to panic here. + * If there was a fatal machine check we should have + * already called mce_panic earlier in this function. + * Since we re-read the banks, we might have found + * something new. Check again to see if we found a + * fatal error. We call "mce_severity()" again to + * make sure we have the right "msg". */ - if (worst >= MCE_PANIC_SEVERITY && mca_cfg.tolerant < 3) - mce_panic("Machine check from unknown source", - NULL, NULL); + if (worst >= MCE_PANIC_SEVERITY && mca_cfg.tolerant < 3) { + mce_severity(&m, cfg->tolerant, &msg, true); + mce_panic("Local fatal machine check!", &m, msg); + } } /*

7 years, 2 months

3
4
0 0

[GIT PULL] commits for Linux 3.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 3.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit b0b357c20ca6171b8ac698351f5202402b7ad7d5: Linux 3.18.112 (2018-05-30 22:08:04 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-3.18-20062018 for you to fetch changes up to b73b55ee0dd09bb24fa6a4fee94b21d97dbc51ba: net/sonic: Use dma_mapping_error() (2018-06-07 15:40:45 -0400) - ---------------------------------------------------------------- for-greg-3.18-20062018 - ---------------------------------------------------------------- Finn Thain (1): net/sonic: Use dma_mapping_error() Ivan Bornyakov (1): atm: zatm: fix memcmp casting Josh Hill (1): net: qmi_wwan: Add Netgear Aircard 779S Paolo Abeni (1): netfilter: ebtables: handle string from userspace with care drivers/atm/zatm.c | 4 ++-- drivers/net/ethernet/natsemi/sonic.c | 2 +- drivers/net/usb/qmi_wwan.c | 1 + net/bridge/netfilter/ebtables.c | 3 ++- 4 files changed, 6 insertions(+), 4 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlsrD34ACgkQ3qZv95d3 LNxyQA//Td2TjwiNv4O7a5DTBTY11L1m/4aM/Sg9AR3yUtykiIfatVi5rAwdKzXl ZBhutqVj7eK7STEyNfvqT0p/qwzoXWQUMSq0BpaH+D6Vfcvo3WNfXSdwODVsYy7D d8N814Libu3zUHj4x+KXp2og8SCKqAYNgyBhd45bnrRUVbq/UQPcZsXqDSUIX6WK RHkGU96VogA/4VEdD8Tiv9wX86L4PTQwve+GpYdxRc6Cc5rAuu3tS1BQgl50nfSU MSgorHcL+RO9wWu/Ij6L1SDOgNfxrk9b9DPt9Jahm5NeF+et5t/vLuJ804osJRYE dbXk6NQ+8EMQmgCOdDKUZhiHjN6ztk2NMsqmQb1z9hsPB+5gmmPMP2vZVA0BUyjl UZVQcRwYC1+s/bOb/uqhvBD4DH5pj76hMMkz10rR8pAvVRCvoBGFU9uwtSlu3gZo 24xHREUUSrpecc61tUq3QyomzlUZUQgyvkU8GnqD+2vhiJfsuyZ33AfjVmwEl+Vn 37qgenBJLBKhXzDxOMqg+xg0mUGo63CQeIx2ERSp3DiTHOElOWJINu5MVZQYKC8w rxSBacxj+5w24IM/OxNpWZ3PAoUSlAAvmkPiQJ5Aavw0StpqvNHN+DElmLf6eVrl 2Q5ZnkFhUOB2xSRkCYpkRhq9GZWGLkWjn4ePToil4z1+X13T6Zs= =mpuV -----END PGP SIGNATURE-----

7 years, 2 months

2
1
0 0

[GIT PULL] commits for Linux 4.14

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.14 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 2c6025ebc7fd8e0a8ca785d778dc6ae25225744b: Linux 4.14.48 (2018-06-05 11:42:00 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.14-20062018 for you to fetch changes up to 5cca1f6fec1180fca1be5bc6f5068b96832646db: net: usb: cdc_mbim: add flag FLAG_SEND_ZLP (2018-06-06 23:16:01 -0400) - ---------------------------------------------------------------- for-greg-4.14-20062018 - ---------------------------------------------------------------- Alexander Duyck (1): net-sysfs: Fix memory leak in XPS configuration Damien ThÃ©bault (1): net: dsa: b53: Add BCM5389 support Daniele Palmas (1): net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Darrick J. Wong (1): fs: clear writeback errors in inode_init_always David Howells (1): afs: Fix directory permissions check Eric Dumazet (1): xfrm6: avoid potential infinite loop in _decode_session6() Finn Thain (1): net/sonic: Use dma_mapping_error() Hao Wei Tee (1): iwlwifi: pcie: compare with number of IRQs requested for, not number of CPUs Ivan Bornyakov (1): atm: zatm: fix memcmp casting Josh Hill (1): net: qmi_wwan: Add Netgear Aircard 779S JoÃ£o Paulo Rechi Vita (1): platform/x86: asus-wmi: Fix NULL pointer dereference Julian Anastasov (1): ipvs: fix buffer overflow with sync daemon and service Kirill Tkhai (1): kcm: Fix use-after-free caused by clonned sockets Mathieu Xhonneux (1): ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline Pablo Neira Ayuso (1): netfilter: nft_limit: fix packet ratelimiting Paolo Abeni (1): netfilter: ebtables: handle string from userspace with care Paul Burton (1): sched/core: Require cpu_active() in select_task_rq(), for user tasks Peter Zijlstra (1): sched/core: Fix rules for running on online && !active CPUs Sebastian Ott (1): s390/dasd: use blk_mq_rq_from_pdu for per request data Suresh Reddy (1): be2net: Fix error detection logic for BE3 Taehee Yoo (3): netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() netfilter: nft_meta: fix wrong value dereference in nft_meta_set_eval netfilter: nf_tables: increase nft_counters_enabled in nft_chain_stats_replace() Thomas Richter (1): perf test: "Session topology" dumps core on s390 YueHaibing (1): perf bpf: Fix NULL return handling in bpf__prepare_load() Documentation/devicetree/bindings/net/dsa/b53.txt | 1 + drivers/atm/zatm.c | 4 +- drivers/net/dsa/b53/b53_common.c | 13 +++++++ drivers/net/dsa/b53/b53_mdio.c | 5 ++- drivers/net/dsa/b53/b53_priv.h | 1 + drivers/net/ethernet/emulex/benet/be_main.c | 4 +- drivers/net/ethernet/natsemi/sonic.c | 2 +- drivers/net/usb/cdc_mbim.c | 2 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/net/wireless/intel/iwlwifi/pcie/trans.c | 10 ++--- drivers/platform/x86/asus-wmi.c | 23 +++++++----- drivers/s390/block/dasd.c | 7 +++- fs/afs/security.c | 10 ++--- fs/inode.c | 1 + kernel/sched/core.c | 45 ++++++++++++++++------- net/bridge/netfilter/ebtables.c | 3 +- net/core/net-sysfs.c | 6 +-- net/ipv6/seg6_iptunnel.c | 4 +- net/ipv6/xfrm6_policy.c | 2 +- net/kcm/kcmsock.c | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 21 ++++++++--- net/netfilter/nf_tables_api.c | 4 +- net/netfilter/nft_ct.c | 20 ++++++---- net/netfilter/nft_limit.c | 38 ++++++++++++------- net/netfilter/nft_meta.c | 14 ++++--- tools/perf/tests/topology.c | 30 ++++++++++++--- tools/perf/util/bpf-loader.c | 6 +-- 27 files changed, 183 insertions(+), 96 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlsrD0EACgkQ3qZv95d3 LNykIRAAuOxrTFNkFNHbmF4ETHaQC1RA65ebzaxqTVO1HQUylrdU6XtGijfFfl2Q mLhFk1Om1AYOanQgOO3fPVohS+6lu4M/ld4/gfoVFOOE/Bjc2JsMO9I9OiZ5LCZQ AzToRfu7jjnvmdMhTgM+ek3/OJfDOtD4KskNZV1rjVTnYQbjblk/QonYibTgVsOm BFc5VQyKkUVrnDa+0Zcdbc2OfHSrGYoCsEIus7stBnbjGOR84qIDUTL9vMkDX0Vf 6o6QiwDkcY5sYGf5ob9BL7Bix3axAccA3Rp7Yq1GXglFFB4dwl6HBfAC6+liHTqF 2GvMDLktkZ1d4SGdabAdJahh04LFCQjgg1m7ZR61tzKzxBpu8D7eTiRQ/EPH0qrV Nob6oBoBIy4qk6KnAhPtY04TjDtK9/J6wUbG+rwYj9V5QAknrvT5zVdGsZTeVuEa R2pG6BJU7hAHv+Ndzey6c0ZxBH9fKdz7h/7ioeQGWPbmVGsebJoi+b4f5pOA31Wv 56Ne1IkhWGfCsBZMieBmWVrQrDVLoUk4DqjJW6TNXx5LvdxIDxP//oMy1plQUhS5 Mq7Ln3HKtNAnKSHgHd4RNWcE4kzvbviBxQHvVgdWTIpNTWEHrnz7L6Sh7HE6SWHJ qz2AtGJKCJL8KvmdQgbhtcYor5oOfZLDe1pZzetWLZ4yQnjJCdM= =Fakc -----END PGP SIGNATURE-----

7 years, 2 months

2
1
0 0

[GIT PULL] commits for Linux 4.9

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.9 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 3c3d05fc6e6653bdf9f7fb3fb6922b199c7ba3ec: Linux 4.9.107 (2018-06-06 16:44:39 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.9-20062018 for you to fetch changes up to e957f7485f14affccc5f60f19dcce3a4f674cc0d: net: usb: cdc_mbim: add flag FLAG_SEND_ZLP (2018-06-07 15:39:36 -0400) - ---------------------------------------------------------------- for-greg-4.9-20062018 - ---------------------------------------------------------------- Damien ThÃ©bault (1): net: dsa: b53: Add BCM5389 support Daniele Palmas (1): net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Eric Dumazet (1): xfrm6: avoid potential infinite loop in _decode_session6() Finn Thain (1): net/sonic: Use dma_mapping_error() Hao Wei Tee (1): iwlwifi: pcie: compare with number of IRQs requested for, not number of CPUs Ivan Bornyakov (1): atm: zatm: fix memcmp casting Josh Hill (1): net: qmi_wwan: Add Netgear Aircard 779S JoÃ£o Paulo Rechi Vita (1): platform/x86: asus-wmi: Fix NULL pointer dereference Julian Anastasov (1): ipvs: fix buffer overflow with sync daemon and service Kirill Tkhai (1): kcm: Fix use-after-free caused by clonned sockets Paolo Abeni (1): netfilter: ebtables: handle string from userspace with care Documentation/devicetree/bindings/net/dsa/b53.txt | 1 + drivers/atm/zatm.c | 4 ++-- drivers/net/dsa/b53/b53_common.c | 13 +++++++++++++ drivers/net/dsa/b53/b53_mdio.c | 5 ++++- drivers/net/dsa/b53/b53_priv.h | 1 + drivers/net/ethernet/natsemi/sonic.c | 2 +- drivers/net/usb/cdc_mbim.c | 2 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/net/wireless/intel/iwlwifi/pcie/trans.c | 10 +++++----- drivers/platform/x86/asus-wmi.c | 23 +++++++++++++---------- net/bridge/netfilter/ebtables.c | 3 ++- net/ipv6/xfrm6_policy.c | 2 +- net/kcm/kcmsock.c | 2 +- net/netfilter/ipvs/ip_vs_ctl.c | 21 +++++++++++++++------ 14 files changed, 61 insertions(+), 29 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlsrD08ACgkQ3qZv95d3 LNz7JhAAlyrbs4NT1tU0ZjZYQ78hQbojWTDyMBQSz1+SIKwey/6Mp7HFizAXghY/ 3f4KECTu8a/5P35Jo7euTy7C3RDKOnHtP2yQENuu4AGe/pivIfqqVsIANmdy+sAi BY2iXJllGYeV8777nE0lm3cQrXnAMWhTsMmwKbJk6gHHx9ueaSRns7tajiD4lXm0 Z+F07jReymaOEvi3bNAKZTSU0swprprXTG9GfKPDyfPdB7fu4J7t+HkWI071mTj+ L1gJdcW5XOPuB1Tmu0ES5rRrFsDYdeUEwFoJBq0TplmOEKSNZO+xLWgTLfRZZ3T2 W6YIM+jOs44MfI4Sy5PDmM1jHwnvyUplOxApfx570F7CiSwU8xyuDwpQZIsNrBPn FrsDIy8X7uLLCN0MG0HMO/0P8RhL2tHKwG9gN/xRPo0fOLhVprABj8fTi3FCQhTU /BYAdmj4s58BuEEPND9swFYx96UTNuVVb47HB0+3FasPmCnGdhiVXb+HSSY6tW1a GNQqpcsUUtVoe4sFgb4s2pqZjnXfepvd4EhsI8cGU4KoTQ/vbwK4OVJS+MrSehoB yi169EwX0jL6ILtLNDBm2SVVcw7ukAEq4aDJRjko+X6xWFZxhnGTnFsZldkOEjld DVDGFhcTyUiGE7wVsnZGANMhHhT2LjtyeGDKpQiFn6lMagp0IM4= =gZsz -----END PGP SIGNATURE-----

7 years, 2 months

2
1
0 0

FAILED: patch "[PATCH] ubi: fastmap: Correctly handle interrupted erasures in EBA" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 781932375ffc6411713ee0926ccae8596ed0261c Mon Sep 17 00:00:00 2001 From: Richard Weinberger <richard(a)nod.at> Date: Mon, 28 May 2018 22:04:32 +0200 Subject: [PATCH] ubi: fastmap: Correctly handle interrupted erasures in EBA Fastmap cannot track the LEB unmap operation, therefore it can happen that after an interrupted erasure the mapping still looks good from Fastmap's point of view, while reading from the PEB will cause an ECC error and confuses the upper layer. Instead of teaching users of UBI how to deal with that, we read back the VID header and check for errors. If the PEB is empty or shows ECC errors we fixup the mapping and schedule the PEB for erasure. Fixes: dbb7d2a88d2a ("UBI: Add fastmap core") Cc: <stable(a)vger.kernel.org> Reported-by: martin bayern <Martinbayern(a)outlook.com> Signed-off-by: Richard Weinberger <richard(a)nod.at> diff --git a/drivers/mtd/ubi/eba.c b/drivers/mtd/ubi/eba.c index 250e30fac61b..593a4f9d97e3 100644 --- a/drivers/mtd/ubi/eba.c +++ b/drivers/mtd/ubi/eba.c @@ -490,6 +490,82 @@ int ubi_eba_unmap_leb(struct ubi_device *ubi, struct ubi_volume *vol, return err; } +#ifdef CONFIG_MTD_UBI_FASTMAP +/** + * check_mapping - check and fixup a mapping + * @ubi: UBI device description object + * @vol: volume description object + * @lnum: logical eraseblock number + * @pnum: physical eraseblock number + * + * Checks whether a given mapping is valid. Fastmap cannot track LEB unmap + * operations, if such an operation is interrupted the mapping still looks + * good, but upon first read an ECC is reported to the upper layer. + * Normaly during the full-scan at attach time this is fixed, for Fastmap + * we have to deal with it while reading. + * If the PEB behind a LEB shows this symthom we change the mapping to + * %UBI_LEB_UNMAPPED and schedule the PEB for erasure. + * + * Returns 0 on success, negative error code in case of failure. + */ +static int check_mapping(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, + int *pnum) +{ + int err; + struct ubi_vid_io_buf *vidb; + + if (!ubi->fast_attach) + return 0; + + vidb = ubi_alloc_vid_buf(ubi, GFP_NOFS); + if (!vidb) + return -ENOMEM; + + err = ubi_io_read_vid_hdr(ubi, *pnum, vidb, 0); + if (err > 0 && err != UBI_IO_BITFLIPS) { + int torture = 0; + + switch (err) { + case UBI_IO_FF: + case UBI_IO_FF_BITFLIPS: + case UBI_IO_BAD_HDR: + case UBI_IO_BAD_HDR_EBADMSG: + break; + default: + ubi_assert(0); + } + + if (err == UBI_IO_BAD_HDR_EBADMSG || err == UBI_IO_FF_BITFLIPS) + torture = 1; + + down_read(&ubi->fm_eba_sem); + vol->eba_tbl->entries[lnum].pnum = UBI_LEB_UNMAPPED; + up_read(&ubi->fm_eba_sem); + ubi_wl_put_peb(ubi, vol->vol_id, lnum, *pnum, torture); + + *pnum = UBI_LEB_UNMAPPED; + } else if (err < 0) { + ubi_err(ubi, "unable to read VID header back from PEB %i: %i", + *pnum, err); + + goto out_free; + } + + err = 0; + +out_free: + ubi_free_vid_buf(vidb); + + return err; +} +#else +static int check_mapping(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, + int *pnum) +{ + return 0; +} +#endif + /** * ubi_eba_read_leb - read data. * @ubi: UBI device description object @@ -522,7 +598,13 @@ int ubi_eba_read_leb(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, return err; pnum = vol->eba_tbl->entries[lnum].pnum; - if (pnum < 0) { + if (pnum >= 0) { + err = check_mapping(ubi, vol, lnum, &pnum); + if (err < 0) + goto out_unlock; + } + + if (pnum == UBI_LEB_UNMAPPED) { /* * The logical eraseblock is not mapped, fill the whole buffer * with 0xFF bytes. The exception is static volumes for which @@ -930,6 +1012,12 @@ int ubi_eba_write_leb(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, return err; pnum = vol->eba_tbl->entries[lnum].pnum; + if (pnum >= 0) { + err = check_mapping(ubi, vol, lnum, &pnum); + if (err < 0) + goto out; + } + if (pnum >= 0) { dbg_eba("write %d bytes at offset %d of LEB %d:%d, PEB %d", len, offset, vol_id, lnum, pnum);

7 years, 2 months

3
2
0 0

FAILED: patch "[PATCH] ubi: fastmap: Correctly handle interrupted erasures in EBA" failed to apply to 3.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 3.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 781932375ffc6411713ee0926ccae8596ed0261c Mon Sep 17 00:00:00 2001 From: Richard Weinberger <richard(a)nod.at> Date: Mon, 28 May 2018 22:04:32 +0200 Subject: [PATCH] ubi: fastmap: Correctly handle interrupted erasures in EBA Fastmap cannot track the LEB unmap operation, therefore it can happen that after an interrupted erasure the mapping still looks good from Fastmap's point of view, while reading from the PEB will cause an ECC error and confuses the upper layer. Instead of teaching users of UBI how to deal with that, we read back the VID header and check for errors. If the PEB is empty or shows ECC errors we fixup the mapping and schedule the PEB for erasure. Fixes: dbb7d2a88d2a ("UBI: Add fastmap core") Cc: <stable(a)vger.kernel.org> Reported-by: martin bayern <Martinbayern(a)outlook.com> Signed-off-by: Richard Weinberger <richard(a)nod.at> diff --git a/drivers/mtd/ubi/eba.c b/drivers/mtd/ubi/eba.c index 250e30fac61b..593a4f9d97e3 100644 --- a/drivers/mtd/ubi/eba.c +++ b/drivers/mtd/ubi/eba.c @@ -490,6 +490,82 @@ int ubi_eba_unmap_leb(struct ubi_device *ubi, struct ubi_volume *vol, return err; } +#ifdef CONFIG_MTD_UBI_FASTMAP +/** + * check_mapping - check and fixup a mapping + * @ubi: UBI device description object + * @vol: volume description object + * @lnum: logical eraseblock number + * @pnum: physical eraseblock number + * + * Checks whether a given mapping is valid. Fastmap cannot track LEB unmap + * operations, if such an operation is interrupted the mapping still looks + * good, but upon first read an ECC is reported to the upper layer. + * Normaly during the full-scan at attach time this is fixed, for Fastmap + * we have to deal with it while reading. + * If the PEB behind a LEB shows this symthom we change the mapping to + * %UBI_LEB_UNMAPPED and schedule the PEB for erasure. + * + * Returns 0 on success, negative error code in case of failure. + */ +static int check_mapping(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, + int *pnum) +{ + int err; + struct ubi_vid_io_buf *vidb; + + if (!ubi->fast_attach) + return 0; + + vidb = ubi_alloc_vid_buf(ubi, GFP_NOFS); + if (!vidb) + return -ENOMEM; + + err = ubi_io_read_vid_hdr(ubi, *pnum, vidb, 0); + if (err > 0 && err != UBI_IO_BITFLIPS) { + int torture = 0; + + switch (err) { + case UBI_IO_FF: + case UBI_IO_FF_BITFLIPS: + case UBI_IO_BAD_HDR: + case UBI_IO_BAD_HDR_EBADMSG: + break; + default: + ubi_assert(0); + } + + if (err == UBI_IO_BAD_HDR_EBADMSG || err == UBI_IO_FF_BITFLIPS) + torture = 1; + + down_read(&ubi->fm_eba_sem); + vol->eba_tbl->entries[lnum].pnum = UBI_LEB_UNMAPPED; + up_read(&ubi->fm_eba_sem); + ubi_wl_put_peb(ubi, vol->vol_id, lnum, *pnum, torture); + + *pnum = UBI_LEB_UNMAPPED; + } else if (err < 0) { + ubi_err(ubi, "unable to read VID header back from PEB %i: %i", + *pnum, err); + + goto out_free; + } + + err = 0; + +out_free: + ubi_free_vid_buf(vidb); + + return err; +} +#else +static int check_mapping(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, + int *pnum) +{ + return 0; +} +#endif + /** * ubi_eba_read_leb - read data. * @ubi: UBI device description object @@ -522,7 +598,13 @@ int ubi_eba_read_leb(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, return err; pnum = vol->eba_tbl->entries[lnum].pnum; - if (pnum < 0) { + if (pnum >= 0) { + err = check_mapping(ubi, vol, lnum, &pnum); + if (err < 0) + goto out_unlock; + } + + if (pnum == UBI_LEB_UNMAPPED) { /* * The logical eraseblock is not mapped, fill the whole buffer * with 0xFF bytes. The exception is static volumes for which @@ -930,6 +1012,12 @@ int ubi_eba_write_leb(struct ubi_device *ubi, struct ubi_volume *vol, int lnum, return err; pnum = vol->eba_tbl->entries[lnum].pnum; + if (pnum >= 0) { + err = check_mapping(ubi, vol, lnum, &pnum); + if (err < 0) + goto out; + } + if (pnum >= 0) { dbg_eba("write %d bytes at offset %d of LEB %d:%d, PEB %d", len, offset, vol_id, lnum, pnum);

7 years, 2 months

3
2
0 0

Please apply to stable 4.9 kernel

by Juergen Gross

Hi Greg, please apply the attched backported patch to the 4.9 stable tree. Juergen

7 years, 2 months

2
2
0 0

[BACKPORT PATCH] mtd: nand: fix return value check for bad block status

by Abhishek Sahu

commit e9893e6fa932f42c90c4ac5849fa9aa0f0f00a34 upstream. Positive return value from read_oob() is making false BAD blocks. For some of the NAND controllers, OOB bytes will be protected with ECC and read_oob() will return number of bitflips. If there is any bitflip in ECC protected OOB bytes for BAD block status page, then that block is getting treated as BAD. Fixes: c120e75e0e7d ("mtd: nand: use read_oob() instead of cmdfunc() for bad block check") Cc: <stable(a)vger.kernel.org> Signed-off-by: Abhishek Sahu <absahu(a)codeaurora.org> Reviewed-by: Miquel Raynal <miquel.raynal(a)bootlin.com> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> [backported to 4.14.y] Signed-off-by: Abhishek Sahu <absahu(a)codeaurora.org> --- This is backported patch for failed patch mentioned in https://www.spinics.net/lists/stable/msg245833.html The failure happened due to file rename. drivers/mtd/nand/nand_base.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/mtd/nand/nand_base.c b/drivers/mtd/nand/nand_base.c index 528e04f..d410de3 100644 --- a/drivers/mtd/nand/nand_base.c +++ b/drivers/mtd/nand/nand_base.c @@ -440,7 +440,7 @@ static int nand_block_bad(struct mtd_info *mtd, loff_t ofs) for (; page < page_end; page++) { res = chip->ecc.read_oob(mtd, chip, page); - if (res) + if (res < 0) return res; bad = chip->oob_poi[chip->badblockpos]; -- QUALCOMM INDIA, on behalf of Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, hosted by The Linux Foundation

7 years, 2 months

2
2
0 0

Please apply to stable 4.9 kernel

by Juergen Gross

Hi Greg, please apply the attched backported patch to the 4.9 stable tree. It is needed to boot Xen PV guests (broken since commit c43b4ff972a986c85bdd8dc1aa05fe23b29ef99c which I didn't realize due to my kernel parameters when testing). Juergen

7 years, 2 months

2
1
0 0

stable request for v4.17.x, v4.14.x, v4.9.x, v4.4.x: ARM: dts: imx6q: Use correct SDMA script for SPI5 core

by Sean Nyekjær

Hi Greg, subject "ARM: dts: imx6q: Use correct SDMA script for SPI5 core" commit df07101e1c4a29e820df02f9989a066988b160e6 upstream. Please apply to v4.17.x, v4.14.x, v4.9.x, v4.4.x. I forgot to write CC: <stable(a)vger.kernel.org> in the commit msg. I hope this can go in the stable trees. Please let me know if the commit was in the queue already and I had done everything correctly. :-) BR /Sean

7 years, 2 months

2
1
0 0

Backport request: bfe72442578b to 4.9.y

by Dan Rue

Hi Greg - Please apply bfe72442578b ("net: phy: micrel: fix crash when statistic requested for KSZ9031 phy") to 4.9.y. Since at least 4.9.95 (this was discussed during 4.9.95 release cycle), 'ethtool --phy-statistics eth0' causes a system crash on micrel systems. This is still happening, and this patch fixes the issue. Thanks! Dan

7 years, 2 months

2
1
0 0

[PATCH] cifs: Fix slab-out-of-bounds in send_set_info() on SMB2 ACE setting

by Stefano Brivio

A "small" CIFS buffer is not big enough in general to hold a setacl request for SMB2, and we end up overflowing the buffer in send_set_info(). For instance: # mount.cifs //127.0.0.1/test /mnt/test -o username=test,password=test,nounix,cifsacl # touch /mnt/test/acltest # getcifsacl /mnt/test/acltest REVISION:0x1 CONTROL:0x9004 OWNER:S-1-5-21-2926364953-924364008-418108241-1000 GROUP:S-1-22-2-1001 ACL:S-1-5-21-2926364953-924364008-418108241-1000:ALLOWED/0x0/0x1e01ff ACL:S-1-22-2-1001:ALLOWED/0x0/R ACL:S-1-22-2-1001:ALLOWED/0x0/R ACL:S-1-5-21-2926364953-924364008-418108241-1000:ALLOWED/0x0/0x1e01ff ACL:S-1-1-0:ALLOWED/0x0/R # setcifsacl -a "ACL:S-1-22-2-1004:ALLOWED/0x0/R" /mnt/test/acltest this setacl will cause the following KASAN splat: [ 330.777927] BUG: KASAN: slab-out-of-bounds in send_set_info+0x4dd/0xc20 [cifs] [ 330.779696] Write of size 696 at addr ffff88010d5e2860 by task setcifsacl/1012 [ 330.781882] CPU: 1 PID: 1012 Comm: setcifsacl Not tainted 4.18.0-rc2+ #2 [ 330.783140] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014 [ 330.784395] Call Trace: [ 330.784789] dump_stack+0xc2/0x16b [ 330.786777] print_address_description+0x6a/0x270 [ 330.787520] kasan_report+0x258/0x380 [ 330.788845] memcpy+0x34/0x50 [ 330.789369] send_set_info+0x4dd/0xc20 [cifs] [ 330.799511] SMB2_set_acl+0x76/0xa0 [cifs] [ 330.801395] set_smb2_acl+0x7ac/0xf30 [cifs] [ 330.830888] cifs_xattr_set+0x963/0xe40 [cifs] [ 330.840367] __vfs_setxattr+0x84/0xb0 [ 330.842060] __vfs_setxattr_noperm+0xe6/0x370 [ 330.843848] vfs_setxattr+0xc2/0xd0 [ 330.845519] setxattr+0x258/0x320 [ 330.859211] path_setxattr+0x15b/0x1b0 [ 330.864392] __x64_sys_setxattr+0xc0/0x160 [ 330.866133] do_syscall_64+0x14e/0x4b0 [ 330.876631] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 330.878503] RIP: 0033:0x7ff2e507db0a [ 330.880151] Code: 48 8b 0d 89 93 2c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 bc 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 56 93 2c 00 f7 d8 64 89 01 48 [ 330.885358] RSP: 002b:00007ffdc4903c18 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc [ 330.887733] RAX: ffffffffffffffda RBX: 000055d1170de140 RCX: 00007ff2e507db0a [ 330.890067] RDX: 000055d1170de7d0 RSI: 000055d115b39184 RDI: 00007ffdc4904818 [ 330.892410] RBP: 0000000000000001 R08: 0000000000000000 R09: 000055d1170de7e4 [ 330.894785] R10: 00000000000002b8 R11: 0000000000000246 R12: 0000000000000007 [ 330.897148] R13: 000055d1170de0c0 R14: 0000000000000008 R15: 000055d1170de550 [ 330.901057] Allocated by task 1012: [ 330.902888] kasan_kmalloc+0xa0/0xd0 [ 330.904714] kmem_cache_alloc+0xc8/0x1d0 [ 330.906615] mempool_alloc+0x11e/0x380 [ 330.908496] cifs_small_buf_get+0x35/0x60 [cifs] [ 330.910510] smb2_plain_req_init+0x4a/0xd60 [cifs] [ 330.912551] send_set_info+0x198/0xc20 [cifs] [ 330.914535] SMB2_set_acl+0x76/0xa0 [cifs] [ 330.916465] set_smb2_acl+0x7ac/0xf30 [cifs] [ 330.918453] cifs_xattr_set+0x963/0xe40 [cifs] [ 330.920426] __vfs_setxattr+0x84/0xb0 [ 330.922284] __vfs_setxattr_noperm+0xe6/0x370 [ 330.924213] vfs_setxattr+0xc2/0xd0 [ 330.926008] setxattr+0x258/0x320 [ 330.927762] path_setxattr+0x15b/0x1b0 [ 330.929592] __x64_sys_setxattr+0xc0/0x160 [ 330.931459] do_syscall_64+0x14e/0x4b0 [ 330.933314] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 330.936843] Freed by task 0: [ 330.938588] (stack is not available) [ 330.941886] The buggy address belongs to the object at ffff88010d5e2800 which belongs to the cache cifs_small_rq of size 448 [ 330.946362] The buggy address is located 96 bytes inside of 448-byte region [ffff88010d5e2800, ffff88010d5e29c0) [ 330.950722] The buggy address belongs to the page: [ 330.952789] page:ffffea0004357880 count:1 mapcount:0 mapping:ffff880108fdca80 index:0x0 compound_mapcount: 0 [ 330.955665] flags: 0x17ffffc0008100(slab|head) [ 330.957760] raw: 0017ffffc0008100 dead000000000100 dead000000000200 ffff880108fdca80 [ 330.960356] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 330.963005] page dumped because: kasan: bad access detected [ 330.967039] Memory state around the buggy address: [ 330.969255] ffff88010d5e2880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 330.971833] ffff88010d5e2900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 330.974397] >ffff88010d5e2980: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 330.976956] ^ [ 330.979226] ffff88010d5e2a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 330.981755] ffff88010d5e2a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 330.984225] ================================================================== Fix this by allocating a regular CIFS buffer in smb2_plain_req_init() if the request command is SMB2_SET_INFO. Reported-by: Jianhong Yin <jiyin(a)redhat.com> Fixes: 366ed846df60 ("cifs: Use smb 2 - 3 and cifsacl mount options setacl function") Signed-off-by: Stefano Brivio <sbrivio(a)redhat.com> --- fs/cifs/smb2pdu.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index 7608c241b1ef..b2fa834da210 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -340,7 +340,10 @@ smb2_plain_req_init(__le16 smb2_command, struct cifs_tcon *tcon, return rc; /* BB eventually switch this to SMB2 specific small buf size */ - *request_buf = cifs_small_buf_get(); + if (smb2_command == SMB2_SET_INFO) + *request_buf = cifs_buf_get(); + else + *request_buf = cifs_small_buf_get(); if (*request_buf == NULL) { /* BB should we add a retry in here if not a writepage? */ return -ENOMEM; @@ -3720,7 +3723,7 @@ send_set_info(const unsigned int xid, struct cifs_tcon *tcon, rc = cifs_send_recv(xid, ses, &rqst, &resp_buftype, flags, &rsp_iov); - cifs_small_buf_release(req); + cifs_buf_release(req); rsp = (struct smb2_set_info_rsp *)rsp_iov.iov_base; if (rc != 0) { -- 2.15.1

7 years, 2 months

3
7
0 0

[PATCH v4 2/3] ioremap: Update pgtable free interfaces with addr

by Toshi Kani

From: Chintan Pandya <cpandya(a)codeaurora.org> The following kernel panic was observed on ARM64 platform due to a stale TLB entry. 1. ioremap with 4K size, a valid pte page table is set. 2. iounmap it, its pte entry is set to 0. 3. ioremap the same address with 2M size, update its pmd entry with a new value. 4. CPU may hit an exception because the old pmd entry is still in TLB, which leads to a kernel panic. Commit b6bdb7517c3d ("mm/vmalloc: add interfaces to free unmapped page table") has addressed this panic by falling to pte mappings in the above case on ARM64. To support pmd mappings in all cases, TLB purge needs to be performed in this case on ARM64. Add a new arg, 'addr', to pud_free_pmd_page() and pmd_free_pte_page() so that TLB purge can be added later in seprate patches. [toshi.kani(a)hpe.com: merge changes, rewrite patch description] Fixes: 28ee90fe6048 ("x86/mm: implement free pmd/pte page interfaces") Signed-off-by: Chintan Pandya <cpandya(a)codeaurora.org> Signed-off-by: Toshi Kani <toshi.kani(a)hpe.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: Joerg Roedel <joro(a)8bytes.org> Cc: <stable(a)vger.kernel.org> --- arch/arm64/mm/mmu.c | 4 ++-- arch/x86/mm/pgtable.c | 12 +++++++----- include/asm-generic/pgtable.h | 8 ++++---- lib/ioremap.c | 4 ++-- 4 files changed, 15 insertions(+), 13 deletions(-) diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c index 493ff75670ff..8ae5d7ae4af3 100644 --- a/arch/arm64/mm/mmu.c +++ b/arch/arm64/mm/mmu.c @@ -977,12 +977,12 @@ int pmd_clear_huge(pmd_t *pmdp) return 1; } -int pud_free_pmd_page(pud_t *pud) +int pud_free_pmd_page(pud_t *pud, unsigned long addr) { return pud_none(*pud); } -int pmd_free_pte_page(pmd_t *pmd) +int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) { return pmd_none(*pmd); } diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index 1aeb7a5dbce5..fbd14e506758 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -723,11 +723,12 @@ int pmd_clear_huge(pmd_t *pmd) /** * pud_free_pmd_page - Clear pud entry and free pmd page. * @pud: Pointer to a PUD. + * @addr: Virtual address associated with pud. * * Context: The pud range has been unmaped and TLB purged. * Return: 1 if clearing the entry succeeded. 0 otherwise. */ -int pud_free_pmd_page(pud_t *pud) +int pud_free_pmd_page(pud_t *pud, unsigned long addr) { pmd_t *pmd; int i; @@ -738,7 +739,7 @@ int pud_free_pmd_page(pud_t *pud) pmd = (pmd_t *)pud_page_vaddr(*pud); for (i = 0; i < PTRS_PER_PMD; i++) - if (!pmd_free_pte_page(&pmd[i])) + if (!pmd_free_pte_page(&pmd[i], addr + (i * PMD_SIZE))) return 0; pud_clear(pud); @@ -750,11 +751,12 @@ int pud_free_pmd_page(pud_t *pud) /** * pmd_free_pte_page - Clear pmd entry and free pte page. * @pmd: Pointer to a PMD. + * @addr: Virtual address associated with pmd. * * Context: The pmd range has been unmaped and TLB purged. * Return: 1 if clearing the entry succeeded. 0 otherwise. */ -int pmd_free_pte_page(pmd_t *pmd) +int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) { pte_t *pte; @@ -770,7 +772,7 @@ int pmd_free_pte_page(pmd_t *pmd) #else /* !CONFIG_X86_64 */ -int pud_free_pmd_page(pud_t *pud) +int pud_free_pmd_page(pud_t *pud, unsigned long addr) { return pud_none(*pud); } @@ -779,7 +781,7 @@ int pud_free_pmd_page(pud_t *pud) * Disable free page handling on x86-PAE. This assures that ioremap() * does not update sync'd pmd entries. See vmalloc_sync_one(). */ -int pmd_free_pte_page(pmd_t *pmd) +int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) { return pmd_none(*pmd); } diff --git a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h index f59639afaa39..b081794ba135 100644 --- a/include/asm-generic/pgtable.h +++ b/include/asm-generic/pgtable.h @@ -1019,8 +1019,8 @@ int pud_set_huge(pud_t *pud, phys_addr_t addr, pgprot_t prot); int pmd_set_huge(pmd_t *pmd, phys_addr_t addr, pgprot_t prot); int pud_clear_huge(pud_t *pud); int pmd_clear_huge(pmd_t *pmd); -int pud_free_pmd_page(pud_t *pud); -int pmd_free_pte_page(pmd_t *pmd); +int pud_free_pmd_page(pud_t *pud, unsigned long addr); +int pmd_free_pte_page(pmd_t *pmd, unsigned long addr); #else /* !CONFIG_HAVE_ARCH_HUGE_VMAP */ static inline int p4d_set_huge(p4d_t *p4d, phys_addr_t addr, pgprot_t prot) { @@ -1046,11 +1046,11 @@ static inline int pmd_clear_huge(pmd_t *pmd) { return 0; } -static inline int pud_free_pmd_page(pud_t *pud) +static inline int pud_free_pmd_page(pud_t *pud, unsigned long addr) { return 0; } -static inline int pmd_free_pte_page(pmd_t *pmd) +static inline int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) { return 0; } diff --git a/lib/ioremap.c b/lib/ioremap.c index 54e5bbaa3200..517f5853ffed 100644 --- a/lib/ioremap.c +++ b/lib/ioremap.c @@ -92,7 +92,7 @@ static inline int ioremap_pmd_range(pud_t *pud, unsigned long addr, if (ioremap_pmd_enabled() && ((next - addr) == PMD_SIZE) && IS_ALIGNED(phys_addr + addr, PMD_SIZE) && - pmd_free_pte_page(pmd)) { + pmd_free_pte_page(pmd, addr)) { if (pmd_set_huge(pmd, phys_addr + addr, prot)) continue; } @@ -119,7 +119,7 @@ static inline int ioremap_pud_range(p4d_t *p4d, unsigned long addr, if (ioremap_pud_enabled() && ((next - addr) == PUD_SIZE) && IS_ALIGNED(phys_addr + addr, PUD_SIZE) && - pud_free_pmd_page(pud)) { + pud_free_pmd_page(pud, addr)) { if (pud_set_huge(pud, phys_addr + addr, prot)) continue; }

7 years, 2 months

5
9
0 0

[PATCH] cifs: Fix infinite loop when using hard mount option

by Paulo Alcantara

For every request we send, whether it is SMB1 or SMB2+, we attempt to reconnect tcon (cifs_reconnect_tcon or smb2_reconnect) before carrying out the request. So, while server->tcpStatus != CifsNeedReconnect, we wait for the reconnection to succeed on wait_event_interruptible_timeout(). If it returns, that means that either the condition was evaluated to true, or timeout elapsed, or it was interrupted by a signal. Since we're not handling the case where the process woke up due to a received signal (-ERESTARTSYS), the next call to wait_event_interruptible_timeout() will _always_ fail and we end up looping forever inside either cifs_reconnect_tcon() or smb2_reconnect(). Here's an example of how to trigger that: $ mount.cifs //foo/share /mnt/test -o username=foo,password=foo,vers=1.0,hard (break connection to server before executing bellow cmd) $ stat -f /mnt/test & sleep 140 [1] 2511 $ ps -aux -q 2511 USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 2511 0.0 0.0 12892 1008 pts/0 S 12:24 0:00 stat -f /mnt/test $ kill -9 2511 (wait for a while; process is stuck in the kernel) $ ps -aux -q 2511 USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 2511 83.2 0.0 12892 1008 pts/0 R 12:24 30:01 stat -f /mnt/test By using 'hard' mount point means that cifs.ko will keep retrying indefinitely, however we must allow the process to be killed otherwise it would hang the system. Signed-off-by: Paulo Alcantara <palcantara(a)suse.de> Cc: stable(a)vger.kernel.org --- fs/cifs/cifssmb.c | 10 ++++++++-- fs/cifs/smb2pdu.c | 18 ++++++++++++------ 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index d352da325de3..93408eab92e7 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -157,8 +157,14 @@ cifs_reconnect_tcon(struct cifs_tcon *tcon, int smb_command) * greater than cifs socket timeout which is 7 seconds */ while (server->tcpStatus == CifsNeedReconnect) { - wait_event_interruptible_timeout(server->response_q, - (server->tcpStatus != CifsNeedReconnect), 10 * HZ); + rc = wait_event_interruptible_timeout(server->response_q, + (server->tcpStatus != CifsNeedReconnect), + 10 * HZ); + if (rc < 0) { + cifs_dbg(FYI, "%s: aborting reconnect due to a received" + " signal by the process\n", __func__); + return -ERESTARTSYS; + } /* are we still trying to reconnect? */ if (server->tcpStatus != CifsNeedReconnect) diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index 810b85787c91..086629b0d59c 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -155,7 +155,7 @@ smb2_hdr_assemble(struct smb2_sync_hdr *shdr, __le16 smb2_cmd, static int smb2_reconnect(__le16 smb2_command, struct cifs_tcon *tcon) { - int rc = 0; + int rc; struct nls_table *nls_codepage; struct cifs_ses *ses; struct TCP_Server_Info *server; @@ -166,10 +166,10 @@ smb2_reconnect(__le16 smb2_command, struct cifs_tcon *tcon) * for those three - in the calling routine. */ if (tcon == NULL) - return rc; + return 0; if (smb2_command == SMB2_TREE_CONNECT) - return rc; + return 0; if (tcon->tidStatus == CifsExiting) { /* @@ -212,8 +212,14 @@ smb2_reconnect(__le16 smb2_command, struct cifs_tcon *tcon) return -EAGAIN; } - wait_event_interruptible_timeout(server->response_q, - (server->tcpStatus != CifsNeedReconnect), 10 * HZ); + rc = wait_event_interruptible_timeout(server->response_q, + (server->tcpStatus != CifsNeedReconnect), + 10 * HZ); + if (rc < 0) { + cifs_dbg(FYI, "%s: aborting reconnect due to a received" + " signal by the process\n", __func__); + return -ERESTARTSYS; + } /* are we still trying to reconnect? */ if (server->tcpStatus != CifsNeedReconnect) @@ -231,7 +237,7 @@ smb2_reconnect(__le16 smb2_command, struct cifs_tcon *tcon) } if (!tcon->ses->need_reconnect && !tcon->need_reconnect) - return rc; + return 0; nls_codepage = load_nls_default(); -- 2.18.0

7 years, 2 months

2
1
0 0

Re: [PATCH] ARM64: dts: meson-gxl-s905x-p212: Add phy-supply for usb0

by Neil Armstrong

Hi Stable Maintainers, On 05/06/2018 10:52, Neil Armstrong wrote: > Like LibreTech-CC, the USB0 needs the 5V regulator to be enabled to power the > devices on the P212 Reference Design based boards. > > Fixes: b9f07cb4f41f ("ARM64: dts: meson-gxl-s905x-p212: enable the USB controller") > Signed-off-by: Neil Armstrong <narmstrong(a)baylibre.com> > --- This commit hit Linus master with commit sha d511b3e4087eedbe11c7496c396432b8b7c2d7d9 Can this fix be applied to 4.17 stable kernel ? Thanks, Neil > arch/arm64/boot/dts/amlogic/meson-gxl-s905x-p212.dtsi | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/arch/arm64/boot/dts/amlogic/meson-gxl-s905x-p212.dtsi b/arch/arm64/boot/dts/amlogic/meson-gxl-s905x-p212.dtsi > index 0cfd701..a1b3101 100644 > --- a/arch/arm64/boot/dts/amlogic/meson-gxl-s905x-p212.dtsi > +++ b/arch/arm64/boot/dts/amlogic/meson-gxl-s905x-p212.dtsi > @@ -189,3 +189,10 @@ > &usb0 { > status = "okay"; > }; > + > +&usb2_phy0 { > + /* > + * HDMI_5V is also used as supply for the USB VBUS. > + */ > + phy-supply = <&hdmi_5v>; > +}; >

7 years, 2 months

2
1
0 0

stable request: Revert "sit: reload iphdr in ipip6_rcv"

by Luca Boccassi

Hello, Please consider backporting to 4.9.y the following commit from DaveM [CC'ed]: f4eb17e1efe538d4da7d574bedb00a8dafcc26b7 ("Revert "sit: reload iphdr in ipip6_rcv"") It cherry-picks cleanly and builds fine. The original commit was introduced and reverted in v4.12-rc5, but only the original made its way into the 4.9 stable release (v4.9.94). It causes a regression: pings to v6 hosts over a SIT tunnel do not work anymore, and the following error appears in dmesg: kernel: sit: non-ECT from 0.0.0.0 with TOS=0xd This was also reported and reverted downstream by Ubuntu: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772775 Thanks! -- Kind regards, Luca Boccassi

7 years, 2 months

2
1
0 0

897366537f("genhd: Fix use after free in __blkdev_get()")

by Zubin Mithra

Hello, Syzkaller has reported a crash here[1] for a UAF in disk_unblock_events. Could the following patches be applied in order to 4.14? 517bf3c30("block: don't look at the struct device dev_t in disk_devt") 8ddcd653("block: introduce GENHD_FL_HIDDEN") f0fba398fe("block: avoid null pointer dereference on null disk") d52987b5("genhd: Fix leaked module reference for NVME devices") 9df6c2991("genhd: Add helper put_disk_and_module()") 89736653("genhd: Fix use after free in __blkdev_get()") [1] https://syzkaller.appspot.com/bug?id=d932bb61fb530dc6816b87b4649f3b6925f510… Thanks, Zubin

7 years, 2 months

2
1
0 0

stable request: don't set F_IFACE on ipv6 fib lookups and followup fix

by Florian Westphal

Hi. Please consider applying 47b7e7f82802 ("netfilter: don't set F_IFACE on ipv6 fib lookups") and its followup commit: cede24d1b21d ("netfilter: ip6t_rpfilter: provide input interface for route lookup") to 4.14.y. For 4.16.y and 4.17.y, please consider applying cede24d1b21d ("netfilter: ip6t_rpfilter: provide input interface for route lookup") For 4.17.y, consider fc6ddbecce44 ("netfilter: xt_connmark: fix list corruption on rmmod"). For all maintained trees, consider following candiate: adc972c5b88829d3 ("netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain()") Thanks, Florian

7 years, 2 months

2
1
0 0

[PATCH 4.14.y] netfilter: nf_tables: fix NULL-ptr in nf_tables_dump_obj()

by Florian Westphal

From: Taehee Yoo <ap420073(a)gmail.com> commit 360cc79d9d299ce297b205508276285ceffc5fa8 upstream. The table field in nft_obj_filter is not an array. In order to check tablename, we should check if the pointer is set. Test commands: %nft add table ip filter %nft add counter ip filter ct1 %nft reset counters Splat looks like: [ 306.510504] kasan: CONFIG_KASAN_INLINE enabled [ 306.516184] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 306.524775] general protection fault: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN PTI [ 306.528284] Modules linked in: nft_objref nft_counter nf_tables nfnetlink ip_tables x_tables [ 306.528284] CPU: 0 PID: 1488 Comm: nft Not tainted 4.17.0-rc4+ #17 [ 306.528284] Hardware name: To be filled by O.E.M. To be filled by O.E.M./Aptio CRB, BIOS 5.6.5 07/08/2015 [ 306.528284] RIP: 0010:nf_tables_dump_obj+0x52c/0xa70 [nf_tables] [ 306.528284] RSP: 0018:ffff8800b6cb7520 EFLAGS: 00010246 [ 306.528284] RAX: 0000000000000000 RBX: ffff8800b6c49820 RCX: 0000000000000000 [ 306.528284] RDX: 0000000000000000 RSI: dffffc0000000000 RDI: ffffed0016d96e9a [ 306.528284] RBP: ffff8800b6cb75c0 R08: ffffed00236fce7c R09: ffffed00236fce7b [ 306.528284] R10: ffffffff9f6241e8 R11: ffffed00236fce7c R12: ffff880111365108 [ 306.528284] R13: 0000000000000000 R14: ffff8800b6c49860 R15: ffff8800b6c49860 [ 306.528284] FS: 00007f838b007700(0000) GS:ffff88011b600000(0000) knlGS:0000000000000000 [ 306.528284] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 306.528284] CR2: 00007ffeafabcf78 CR3: 00000000b6cbe000 CR4: 00000000001006f0 [ 306.528284] Call Trace: [ 306.528284] netlink_dump+0x470/0xa20 [ 306.528284] __netlink_dump_start+0x5ae/0x690 [ 306.528284] ? nf_tables_getobj+0x1b3/0x740 [nf_tables] [ 306.528284] nf_tables_getobj+0x2f5/0x740 [nf_tables] [ 306.528284] ? nft_obj_notify+0x100/0x100 [nf_tables] [ 306.528284] ? nf_tables_getobj+0x740/0x740 [nf_tables] [ 306.528284] ? nf_tables_dump_flowtable_done+0x70/0x70 [nf_tables] [ 306.528284] ? nft_obj_notify+0x100/0x100 [nf_tables] [ 306.528284] nfnetlink_rcv_msg+0x8ff/0x932 [nfnetlink] [ 306.528284] ? nfnetlink_rcv_msg+0x216/0x932 [nfnetlink] [ 306.528284] netlink_rcv_skb+0x1c9/0x2f0 [ 306.528284] ? nfnetlink_bind+0x1d0/0x1d0 [nfnetlink] [ 306.528284] ? debug_check_no_locks_freed+0x270/0x270 [ 306.528284] ? netlink_ack+0x7a0/0x7a0 [ 306.528284] ? ns_capable_common+0x6e/0x110 [ ... ] Fixes: e46abbcc05aa8 ("netfilter: nf_tables: Allow table names of up to 255 chars") Signed-off-by: Taehee Yoo <ap420073(a)gmail.com> Acked-by: Florian Westphal <fw(a)strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> Signed-off-by: Florian Westphal <fw(a)strlen.de> --- net/netfilter/nf_tables_api.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index 60936bca3181..85b549e84104 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -4614,7 +4614,7 @@ static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb) if (idx > s_idx) memset(&cb->args[1], 0, sizeof(cb->args) - sizeof(cb->args[0])); - if (filter && filter->table[0] && + if (filter && filter->table && strcmp(filter->table, table->name)) goto cont; if (filter && -- 2.16.4

7 years, 2 months

2
1
0 0

Re: [PATCHES] Networking

by Jiri Slaby

On 09/15/2017, 06:57 AM, David Miller wrote: > Please queue up the following networking bug fixes for v4.9, v4.12, and > v4.13 -stable, respectively. Hi, while walking through some fixes, I wonder, whether backports of 25cc72a33835 (mlxsw: spectrum: Forbid linking to devices that have uppers) to 4.9 and 4.12 are correct. Part of the original commit: --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c @@ -4139,6 +4139,8 @@ static int mlxsw_sp_netdevice_port_upper_event(struct net_device *lower_dev, return -EINVAL; if (!info->linking) break; + if (netdev_has_any_upper_dev(upper_dev)) + return -EINVAL; if (netif_is_lag_master(upper_dev) && !mlxsw_sp_master_lag_check(mlxsw_sp, upper_dev, info->upper_info)) @@ -4258,6 +4260,10 @@ static int mlxsw_sp_netdevice_port_vlan_event(struct net_device *vlan_dev, upper_dev = info->upper_dev; if (!netif_is_bridge_master(upper_dev)) return -EINVAL; + if (!info->linking) + break; + if (netdev_has_any_upper_dev(upper_dev)) + return -EINVAL; break; case NETDEV_CHANGEUPPER: upper_dev = info->upper_dev; It changes mlxsw_sp_netdevice_port_upper_event and mlxsw_sp_netdevice_port_vlan_event. 4.9 backport (73ee5a73e75): --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c @@ -4172,6 +4172,8 @@ static int mlxsw_sp_netdevice_port_upper_event(struct net_device *dev, return -EINVAL; if (!info->linking) break; + if (netdev_has_any_upper_dev(upper_dev)) + return -EINVAL; /* HW limitation forbids to put ports to multiple bridges. */ if (netif_is_bridge_master(upper_dev) && !mlxsw_sp_master_bridge_check(mlxsw_sp, upper_dev)) @@ -4185,6 +4187,10 @@ static int mlxsw_sp_netdevice_port_upper_event(struct net_device *dev, if (netif_is_lag_port(dev) && is_vlan_dev(upper_dev) && !netif_is_lag_master(vlan_dev_real_dev(upper_dev))) return -EINVAL; + if (!info->linking) + break; + if (netdev_has_any_upper_dev(upper_dev)) + return -EINVAL; break; case NETDEV_CHANGEUPPER: upper_dev = info->upper_dev; It changes mlxsw_sp_netdevice_port_upper_event *twice* instead of mlxsw_sp_netdevice_port_vlan_event, which was named mlxsw_sp_netdevice_vport_event in 4.9 yet. 4.12 backport (2f4232ba8001): --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c @@ -4110,6 +4110,8 @@ static int mlxsw_sp_netdevice_port_upper_event(struct net_device *dev, return -EINVAL; if (!info->linking) break; + if (netdev_has_any_upper_dev(upper_dev)) + return -EINVAL; /* HW limitation forbids to put ports to multiple bridges. */ if (netif_is_bridge_master(upper_dev) && !mlxsw_sp_master_bridge_check(mlxsw_sp, upper_dev)) @@ -4274,6 +4276,10 @@ static int mlxsw_sp_netdevice_bridge_event(struct net_device *br_dev, if (is_vlan_dev(upper_dev) && br_dev != mlxsw_sp->master_bridge.dev) return -EINVAL; + if (!info->linking) + break; + if (netdev_has_any_upper_dev(upper_dev)) + return -EINVAL; break; case NETDEV_CHANGEUPPER: upper_dev = info->upper_dev; It changes mlxsw_sp_netdevice_port_upper_event (OK) and mlxsw_sp_netdevice_bridge_event (not OK) instead of mlxsw_sp_netdevice_vport_event. Did I miss something or is this a mistake? thanks, -- js suse labs

7 years, 2 months

3
5
0 0

netfilter stable requests for 4.14, 4.16

by Florian Westphal

Hello, Here is a list of netfilter bug fixes that I'd like to see in 4.16 and 4.14. I've cherry-picked these and with one exception (noted below) all pick cleanly. Patches are listed in top-down order. For v4.16.y and v4.14.y: b8e9dc1c75714ceb53615743e1036f76e00f5a17 ("netfilter: nf_tables: nft_compat: fix refcount leak on xt module") 8bdf164744b2c7f63561846c01cff3db597f282d ("netfilter: nft_compat: prepare for indirect info storage") Necessary to make the fix (next patch below) apply. 732a8049f365f514d0607e03938491bf6cb0d620 ("netfilter: nft_compat: fix handling of large matchinfo size") Without it, some iptables -A will fail when using iptables via nfnetlink (notably the cgroup match). 009240940e84c1c089af88b454f7e804a4c5bd1b ("netfilter: nf_tables: don't assume chain stats are set when jumplabel is set") Fixes null-ptr deref. bb7b40aecbf778c0c83a5bd62b0f03ca9f49a618 ("netfilter: nf_tables: bogus EBUSY in chain deletions") Fixes erroneous reject of some valid rulesets. 97a0549b15a0b466c47f6a0143a490a082c64b4e ("netfilter: nft_meta: fix wrong value dereference in nft_meta_set_eval") This fixes a bug where 'nft ... meta nftrace set 0' may set a nonzero value instead. ad9d9e85072b668731f356be0a3750a3ba22a607 ("netfilter: nf_tables: disable preemption in nft_update_chain_stats()") 360cc79d9d299ce297b205508276285ceffc5fa8 ("netfilter: nf_tables: fix NULL-ptr in nf_tables_dump_obj()"), bug added in v4.14-rc1 Applies cleanly to 4.16 but in 4.14 tjis fails as the 2nd location that is patched (nf_tables_dump_flowtable) doesn't exist. So in 4.14 this is a one-line change: - if (filter && filter->table[0] && + if (filter && filter->table && bbb8c61f97e3a2dd91b30d3e57b7964a67569d11 ("netfilter: nf_tables: increase nft_counters_enabled in nft_chain_stats_replace()" This fixes underflow of the static_key used for the base chain counters. f0dfd7a2b35b02030949100247d851b793cb275f ("netfilter: nf_tables: fix memory leak on error exit return"), since 4.12 additional change for v4.14.y (its already in 4.16): 467697d289e7e6e1b15910d99096c0da08c56d5b ("netfilter: nf_tables: add missing netlink attrs to policies") If you'd like me to handle such larger requests differently please let me know your preferenced way to handle this. Thanks, Florian

7 years, 2 months

2
2
0 0

[PATCH 4.4 00/56] 4.4.132-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.132 release. There are 56 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed May 16 06:47:39 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.132-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.132-rc1 Peter Zijlstra <peterz(a)infradead.org> perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() Peter Zijlstra <peterz(a)infradead.org> perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[] Peter Zijlstra <peterz(a)infradead.org> perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver Peter Zijlstra <peterz(a)infradead.org> perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr Peter Zijlstra <peterz(a)infradead.org> perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* Masami Hiramatsu <mhiramat(a)kernel.org> tracing/uprobe_event: Fix strncpy corner case Hans de Goede <hdegoede(a)redhat.com> Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174" Gustavo A. R. Silva <gustavo(a)embeddedor.com> atm: zatm: Fix potential Spectre v1 Gustavo A. R. Silva <gustavo(a)embeddedor.com> net: atm: Fix potential Spectre v1 Jimmy Assarsson <extja(a)kvaser.com> can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix regex_match_front() to not over compare the test string Hans de Goede <hdegoede(a)redhat.com> libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs Johan Hovold <johan(a)kernel.org> rfkill: gpio: fix memory leak in probe error path Yi Zhao <yi.zhao(a)windriver.com> xfrm_user: fix return value from xfrm_user_rcv_msg Wei Fang <fangwei1(a)huawei.com> f2fs: fix a dead loop in f2fs_fiemap() Jan Kara <jack(a)suse.cz> bdi: Fix oops in wb_workfn() Eric Dumazet <edumazet(a)google.com> tcp: fix TCP_REPAIR_QUEUE bound checking Jiri Olsa <jolsa(a)kernel.org> perf: Remove superfluous allocation error check Eric Dumazet <edumazet(a)google.com> soreuseport: initialise timewait reuseport field Eric Dumazet <edumazet(a)google.com> dccp: initialize ireq->ir_mark Eric Dumazet <edumazet(a)google.com> net: fix uninit-value in __hw_addr_add_ex() Eric Dumazet <edumazet(a)google.com> net: initialize skb->peeked when cloning Eric Dumazet <edumazet(a)google.com> net: fix rtnh_ok() Eric Dumazet <edumazet(a)google.com> netlink: fix uninit-value in netlink_sendmsg Eric Dumazet <edumazet(a)google.com> crypto: af_alg - fix possible uninit-value in alg_bind() Julian Anastasov <ja(a)ssi.bg> ipvs: fix rtnl_lock lockups caused by start_sync_thread Bin Liu <b-liu(a)ti.com> usb: musb: host: fix potential NULL pointer dereference SZ Lin (林上智) <sz.lin(a)moxa.com> USB: serial: option: adding support for ublox R410M Johan Hovold <johan(a)kernel.org> USB: serial: option: reimplement interface masking Alan Stern <stern(a)rowland.harvard.edu> USB: Accept bulk endpoints with 1024-byte maxpacket Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> USB: serial: visor: handle potential invalid device configuration Ben Hutchings <ben.hutchings(a)codethink.co.uk> test_firmware: fix setting old custom fw path back on exit, second try Thomas Hellstrom <thellstrom(a)vmware.com> drm/vmwgfx: Fix a buffer object leak Danit Goldberg <danitg(a)mellanox.com> IB/mlx5: Use unlimited rate when static rate is not supported SZ Lin (林上智) <sz.lin(a)moxa.com> NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2 Leon Romanovsky <leonro(a)mellanox.com> RDMA/mlx5: Protect from shift operand overflow Roland Dreier <roland(a)purestorage.com> RDMA/ucma: Allow resolving address w/o specifying source address Darrick J. Wong <darrick.wong(a)oracle.com> xfs: prevent creating negative-sized file via INSERT_RANGE Vittorio Gambaletta (VittGam) <linuxbugs(a)vittgam.net> Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: leds - fix out of bound access Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> tracepoint: Do not warn on ENOMEM Takashi Iwai <tiwai(a)suse.de> ALSA: aloop: Add missing cable lock to ctl API callbacks Robert Rosengren <robert.rosengren(a)axis.com> ALSA: aloop: Mark paused device as inactive Takashi Iwai <tiwai(a)suse.de> ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger() Takashi Iwai <tiwai(a)suse.de> ALSA: pcm: Check PCM state at xfern compat ioctl Kristian Evensen <kristian.evensen(a)gmail.com> USB: serial: option: Add support for Quectel EP06 Markus Pargmann <mpa(a)pengutronix.de> gpmi-nand: Handle ECC Errors in erased pages Vasanthakumar Thiagarajan <vthiagar(a)qti.qualcomm.com> ath10k: rebuild crypto header in rx data frames Vasanthakumar Thiagarajan <vthiagar(a)qti.qualcomm.com> ath10k: fix rfc1042 header retrieval in QCA4019 with eth decap mode David Spinadel <david.spinadel(a)intel.com> mac80211: Add RX flag to indicate ICV stripped Sara Sharon <sara.sharon(a)intel.com> mac80211: allow same PN for AMSDU sub-frames Sara Sharon <sara.sharon(a)intel.com> mac80211: allow not sending MIC up from driver for HW crypto Tejun Heo <tj(a)kernel.org> percpu: include linux/sched.h for cond_resched() Alexander Yarygin <yarygin(a)linux.vnet.ibm.com> KVM: s390: Enable all facility bits that are known good for passthrough Teng Qin <qinteng(a)fb.com> bpf: map_get_next_key to return first key on NULL Tan Xiaojun <tanxiaojun(a)huawei.com> perf/core: Fix the perf_cpu_time_max_percent check ------------- Diffstat: Makefile | 4 +- arch/s390/kvm/kvm-s390.c | 4 +- arch/x86/kernel/cpu/perf_event.c | 8 +- arch/x86/kernel/cpu/perf_event_intel_cstate.c | 2 + arch/x86/kernel/cpu/perf_event_msr.c | 9 +- crypto/af_alg.c | 8 +- drivers/ata/libata-core.c | 3 + drivers/atm/zatm.c | 3 + drivers/bluetooth/btusb.c | 2 +- drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 1 + drivers/infiniband/core/ucma.c | 2 +- drivers/infiniband/hw/mlx5/qp.c | 22 +- drivers/input/input-leds.c | 8 +- drivers/input/touchscreen/atmel_mxt_ts.c | 9 + drivers/mtd/nand/gpmi-nand/gpmi-nand.c | 78 +++- drivers/net/can/usb/kvaser_usb.c | 2 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/net/wireless/ath/ath10k/core.c | 8 + drivers/net/wireless/ath/ath10k/core.h | 4 + drivers/net/wireless/ath/ath10k/htt_rx.c | 100 ++++- drivers/net/wireless/ath/wcn36xx/txrx.c | 2 +- drivers/usb/core/config.c | 4 +- drivers/usb/musb/musb_host.c | 4 +- drivers/usb/serial/option.c | 448 ++++++++-------------- drivers/usb/serial/visor.c | 69 ++-- fs/f2fs/data.c | 2 +- fs/fs-writeback.c | 2 +- fs/xfs/xfs_file.c | 14 +- include/net/inet_timewait_sock.h | 1 + include/net/mac80211.h | 14 +- include/net/nexthop.h | 2 +- kernel/bpf/arraymap.c | 2 +- kernel/bpf/hashtab.c | 9 +- kernel/bpf/syscall.c | 20 +- kernel/events/callchain.c | 10 +- kernel/events/core.c | 2 +- kernel/events/ring_buffer.c | 7 +- kernel/trace/trace_events_filter.c | 3 + kernel/trace/trace_uprobe.c | 2 + kernel/tracepoint.c | 4 +- mm/percpu.c | 1 + net/atm/lec.c | 9 +- net/core/dev_addr_lists.c | 4 +- net/core/skbuff.c | 1 + net/dccp/ipv4.c | 1 + net/dccp/ipv6.c | 1 + net/ipv4/inet_timewait_sock.c | 1 + net/ipv4/tcp.c | 2 +- net/mac80211/util.c | 5 +- net/mac80211/wep.c | 3 +- net/mac80211/wpa.c | 45 ++- net/netfilter/ipvs/ip_vs_ctl.c | 8 - net/netfilter/ipvs/ip_vs_sync.c | 155 ++++---- net/netlink/af_netlink.c | 2 + net/rfkill/rfkill-gpio.c | 7 +- net/xfrm/xfrm_user.c | 2 +- sound/core/pcm_compat.c | 2 + sound/core/seq/seq_virmidi.c | 4 +- sound/drivers/aloop.c | 29 +- tools/testing/selftests/firmware/fw_filesystem.sh | 6 +- 60 files changed, 656 insertions(+), 531 deletions(-)

7 years, 2 months

7
62
0 0

[PATCH 4.4 00/24] 4.4.138-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.138 release. There are 24 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Jun 16 13:27:15 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.138-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.138-rc1 Michael Ellerman <mpe(a)ellerman.id.au> crypto: vmx - Remove overly verbose printk from AES init routines Johannes Wienke <languitar(a)semipol.de> Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID Ethan Lee <flibitijibibo(a)gmail.com> Input: goodix - add new ACPI id for GPD Win 2 touch screen Paolo Bonzini <pbonzini(a)redhat.com> kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access Gil Kupfer <gilkup(a)gmail.com> vmw_balloon: fixing double free when batching mode is off Marek Szyprowski <m.szyprowski(a)samsung.com> serial: samsung: fix maxburst parameter for DMA transactions Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: introduce linear_{read,write}_system Linus Torvalds <torvalds(a)linux-foundation.org> Clarify (and fix) MAX_LFS_FILESIZE macros Linus Walleij <linus.walleij(a)linaro.org> gpio: No NULL owner Andy Lutomirski <luto(a)kernel.org> x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code Kevin Easton <kevin(a)guarana.org> af_key: Always verify length of provided sadb_key Andy Lutomirski <luto(a)kernel.org> x86/fpu: Fix math emulation in eager fpu mode Andy Lutomirski <luto(a)kernel.org> x86/fpu: Fix FNSAVE usage in eagerfpu mode Andy Lutomirski <luto(a)kernel.org> x86/fpu: Hard-disable lazy FPU mode Borislav Petkov <bp(a)alien8.de> x86/fpu: Fix eager-FPU handling on legacy FPU machines Yu-cheng Yu <yu-cheng.yu(a)intel.com> x86/fpu: Revert ("x86/fpu: Disable AVX when eagerfpu is off") Andy Lutomirski <luto(a)kernel.org> x86/fpu: Fix 'no387' regression Andy Lutomirski <luto(a)kernel.org> x86/fpu: Default eagerfpu=on on all CPUs yu-cheng yu <yu-cheng.yu(a)intel.com> x86/fpu: Disable AVX when eagerfpu is off yu-cheng yu <yu-cheng.yu(a)intel.com> x86/fpu: Disable MPX when eagerfpu is off Borislav Petkov <bp(a)suse.de> x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros Juergen Gross <jgross(a)suse.com> x86: Remove unused function cpu_has_ht_siblings() yu-cheng yu <yu-cheng.yu(a)intel.com> x86/fpu: Fix early FPU command-line parsing ------------- Diffstat: Makefile | 4 +- arch/x86/crypto/chacha20_glue.c | 2 +- arch/x86/crypto/crc32c-intel_glue.c | 7 +- arch/x86/include/asm/cmpxchg_32.h | 2 +- arch/x86/include/asm/cmpxchg_64.h | 2 +- arch/x86/include/asm/cpufeature.h | 39 +------ arch/x86/include/asm/fpu/internal.h | 6 +- arch/x86/include/asm/fpu/xstate.h | 2 +- arch/x86/include/asm/kvm_emulate.h | 6 +- arch/x86/include/asm/smp.h | 9 -- arch/x86/include/asm/xor_32.h | 2 +- arch/x86/kernel/cpu/amd.c | 4 +- arch/x86/kernel/cpu/common.c | 4 +- arch/x86/kernel/cpu/intel.c | 3 +- arch/x86/kernel/cpu/intel_cacheinfo.c | 6 +- arch/x86/kernel/cpu/mtrr/generic.c | 2 +- arch/x86/kernel/cpu/mtrr/main.c | 2 +- arch/x86/kernel/cpu/perf_event_amd.c | 4 +- arch/x86/kernel/cpu/perf_event_amd_uncore.c | 11 +- arch/x86/kernel/fpu/core.c | 24 +++- arch/x86/kernel/fpu/init.c | 169 +++++++--------------------- arch/x86/kernel/fpu/xstate.c | 3 +- arch/x86/kernel/hw_breakpoint.c | 6 +- arch/x86/kernel/smpboot.c | 2 +- arch/x86/kernel/traps.c | 1 - arch/x86/kernel/vm86_32.c | 4 +- arch/x86/kvm/emulate.c | 72 ++++++------ arch/x86/kvm/vmx.c | 23 ++-- arch/x86/kvm/x86.c | 51 ++++++--- arch/x86/kvm/x86.h | 4 +- arch/x86/mm/setup_nx.c | 4 +- drivers/char/hw_random/via-rng.c | 5 +- drivers/crypto/padlock-aes.c | 2 +- drivers/crypto/padlock-sha.c | 2 +- drivers/crypto/vmx/aes.c | 2 - drivers/crypto/vmx/aes_cbc.c | 2 - drivers/crypto/vmx/aes_ctr.c | 2 - drivers/crypto/vmx/ghash.c | 2 - drivers/gpio/gpiolib.c | 9 +- drivers/input/mouse/elan_i2c_core.c | 1 + drivers/input/touchscreen/goodix.c | 1 + drivers/iommu/intel_irq_remapping.c | 2 +- drivers/misc/vmw_balloon.c | 23 ++-- drivers/tty/serial/samsung.c | 7 +- fs/btrfs/disk-io.c | 2 +- include/linux/fs.h | 4 +- net/key/af_key.c | 45 ++++++-- 47 files changed, 259 insertions(+), 332 deletions(-)

7 years, 2 months

8
38
0 0

FAILED: patch "[PATCH] n_tty: Access echo_* variables carefully." failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From ebec3f8f5271139df618ebdf8427e24ba102ba94 Mon Sep 17 00:00:00 2001 From: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> Date: Sat, 26 May 2018 09:53:14 +0900 Subject: [PATCH] n_tty: Access echo_* variables carefully. syzbot is reporting stalls at __process_echoes() [1]. This is because since ldata->echo_commit < ldata->echo_tail becomes true for some reason, the discard loop is serving as almost infinite loop. This patch tries to avoid falling into ldata->echo_commit < ldata->echo_tail situation by making access to echo_* variables more carefully. Since reset_buffer_flags() is called without output_lock held, it should not touch echo_* variables. And omit a call to reset_buffer_flags() from n_tty_open() by using vzalloc(). Since add_echo_byte() is called without output_lock held, it needs memory barrier between storing into echo_buf[] and incrementing echo_head counter. echo_buf() needs corresponding memory barrier before reading echo_buf[]. Lack of handling the possibility of not-yet-stored multi-byte operation might be the reason of falling into ldata->echo_commit < ldata->echo_tail situation, for if I do WARN_ON(ldata->echo_commit == tail + 1) prior to echo_buf(ldata, tail + 1), the WARN_ON() fires. Also, explicitly masking with buffer for the former "while" loop, and use ldata->echo_commit > tail for the latter "while" loop. [1] https://syzkaller.appspot.com/bug?id=17f23b094cd80df750e5b0f8982c521ee6bcbf… Signed-off-by: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> Reported-by: syzbot <syzbot+108696293d7a21ab688f(a)syzkaller.appspotmail.com> Cc: Peter Hurley <peter(a)hurleysoftware.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c index b279f8730e04..431742201709 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c @@ -143,6 +143,7 @@ static inline unsigned char *read_buf_addr(struct n_tty_data *ldata, size_t i) static inline unsigned char echo_buf(struct n_tty_data *ldata, size_t i) { + smp_rmb(); /* Matches smp_wmb() in add_echo_byte(). */ return ldata->echo_buf[i & (N_TTY_BUF_SIZE - 1)]; } @@ -318,9 +319,7 @@ static inline void put_tty_queue(unsigned char c, struct n_tty_data *ldata) static void reset_buffer_flags(struct n_tty_data *ldata) { ldata->read_head = ldata->canon_head = ldata->read_tail = 0; - ldata->echo_head = ldata->echo_tail = ldata->echo_commit = 0; ldata->commit_head = 0; - ldata->echo_mark = 0; ldata->line_start = 0; ldata->erasing = 0; @@ -619,12 +618,19 @@ static size_t __process_echoes(struct tty_struct *tty) old_space = space = tty_write_room(tty); tail = ldata->echo_tail; - while (ldata->echo_commit != tail) { + while (MASK(ldata->echo_commit) != MASK(tail)) { c = echo_buf(ldata, tail); if (c == ECHO_OP_START) { unsigned char op; int no_space_left = 0; + /* + * Since add_echo_byte() is called without holding + * output_lock, we might see only portion of multi-byte + * operation. + */ + if (MASK(ldata->echo_commit) == MASK(tail + 1)) + goto not_yet_stored; /* * If the buffer byte is the start of a multi-byte * operation, get the next byte, which is either the @@ -636,6 +642,8 @@ static size_t __process_echoes(struct tty_struct *tty) unsigned int num_chars, num_bs; case ECHO_OP_ERASE_TAB: + if (MASK(ldata->echo_commit) == MASK(tail + 2)) + goto not_yet_stored; num_chars = echo_buf(ldata, tail + 2); /* @@ -730,7 +738,8 @@ static size_t __process_echoes(struct tty_struct *tty) /* If the echo buffer is nearly full (so that the possibility exists * of echo overrun before the next commit), then discard enough * data at the tail to prevent a subsequent overrun */ - while (ldata->echo_commit - tail >= ECHO_DISCARD_WATERMARK) { + while (ldata->echo_commit > tail && + ldata->echo_commit - tail >= ECHO_DISCARD_WATERMARK) { if (echo_buf(ldata, tail) == ECHO_OP_START) { if (echo_buf(ldata, tail + 1) == ECHO_OP_ERASE_TAB) tail += 3; @@ -740,6 +749,7 @@ static size_t __process_echoes(struct tty_struct *tty) tail++; } + not_yet_stored: ldata->echo_tail = tail; return old_space - space; } @@ -750,6 +760,7 @@ static void commit_echoes(struct tty_struct *tty) size_t nr, old, echoed; size_t head; + mutex_lock(&ldata->output_lock); head = ldata->echo_head; ldata->echo_mark = head; old = ldata->echo_commit - ldata->echo_tail; @@ -758,10 +769,12 @@ static void commit_echoes(struct tty_struct *tty) * is over the threshold (and try again each time another * block is accumulated) */ nr = head - ldata->echo_tail; - if (nr < ECHO_COMMIT_WATERMARK || (nr % ECHO_BLOCK > old % ECHO_BLOCK)) + if (nr < ECHO_COMMIT_WATERMARK || + (nr % ECHO_BLOCK > old % ECHO_BLOCK)) { + mutex_unlock(&ldata->output_lock); return; + } - mutex_lock(&ldata->output_lock); ldata->echo_commit = head; echoed = __process_echoes(tty); mutex_unlock(&ldata->output_lock); @@ -812,7 +825,9 @@ static void flush_echoes(struct tty_struct *tty) static inline void add_echo_byte(unsigned char c, struct n_tty_data *ldata) { - *echo_buf_addr(ldata, ldata->echo_head++) = c; + *echo_buf_addr(ldata, ldata->echo_head) = c; + smp_wmb(); /* Matches smp_rmb() in echo_buf(). */ + ldata->echo_head++; } /** @@ -1881,30 +1896,21 @@ static int n_tty_open(struct tty_struct *tty) struct n_tty_data *ldata; /* Currently a malloc failure here can panic */ - ldata = vmalloc(sizeof(*ldata)); + ldata = vzalloc(sizeof(*ldata)); if (!ldata) - goto err; + return -ENOMEM; ldata->overrun_time = jiffies; mutex_init(&ldata->atomic_read_lock); mutex_init(&ldata->output_lock); tty->disc_data = ldata; - reset_buffer_flags(tty->disc_data); - ldata->column = 0; - ldata->canon_column = 0; - ldata->num_overrun = 0; - ldata->no_room = 0; - ldata->lnext = 0; tty->closing = 0; /* indicate buffer work may resume */ clear_bit(TTY_LDISC_HALTED, &tty->flags); n_tty_set_termios(tty, NULL); tty_unthrottle(tty); - return 0; -err: - return -ENOMEM; } static inline int input_available_p(struct tty_struct *tty, int poll)

7 years, 2 months

3
2
0 0

FAILED: patch "[PATCH] drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 0c79f9cb77eae28d48a4f9fc1b3341aacbbd260c Mon Sep 17 00:00:00 2001 From: Michel Thierry <michel.thierry(a)intel.com> Date: Thu, 10 May 2018 13:07:08 -0700 Subject: [PATCH] drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk Factor in clear values wherever required while updating destination min/max. References: HSDES#1604444184 Signed-off-by: Michel Thierry <michel.thierry(a)intel.com> Cc: mesa-dev(a)lists.freedesktop.org Cc: Mika Kuoppala <mika.kuoppala(a)linux.intel.com> Cc: Oscar Mateo <oscar.mateo(a)intel.com> Reviewed-by: Mika Kuoppala <mika.kuoppala(a)linux.intel.com> Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Link: https://patchwork.freedesktop.org/patch/msgid/20180510200708.18097-1-michel… Cc: stable(a)vger.kernel.org diff --git a/drivers/gpu/drm/i915/i915_reg.h b/drivers/gpu/drm/i915/i915_reg.h index 14491782aa9e..f11bb213ec07 100644 --- a/drivers/gpu/drm/i915/i915_reg.h +++ b/drivers/gpu/drm/i915/i915_reg.h @@ -7259,6 +7259,9 @@ enum { #define SLICE_ECO_CHICKEN0 _MMIO(0x7308) #define PIXEL_MASK_CAMMING_DISABLE (1 << 14) +#define GEN9_WM_CHICKEN3 _MMIO(0x5588) +#define GEN9_FACTOR_IN_CLR_VAL_HIZ (1 << 9) + /* WaCatErrorRejectionIssue */ #define GEN7_SQ_CHICKEN_MBCUNIT_CONFIG _MMIO(0x9030) #define GEN7_SQ_CHICKEN_MBCUNIT_SQINTMOB (1<<11) diff --git a/drivers/gpu/drm/i915/intel_workarounds.c b/drivers/gpu/drm/i915/intel_workarounds.c index 5eec4ce965a5..2df3538ceba5 100644 --- a/drivers/gpu/drm/i915/intel_workarounds.c +++ b/drivers/gpu/drm/i915/intel_workarounds.c @@ -270,6 +270,10 @@ static int gen9_ctx_workarounds_init(struct drm_i915_private *dev_priv) GEN9_PREEMPT_GPGPU_LEVEL_MASK, GEN9_PREEMPT_GPGPU_COMMAND_LEVEL); + /* WaClearHIZ_WM_CHICKEN3:bxt,glk */ + if (IS_GEN9_LP(dev_priv)) + WA_SET_BIT_MASKED(GEN9_WM_CHICKEN3, GEN9_FACTOR_IN_CLR_VAL_HIZ); + return 0; }

7 years, 2 months

3
2
0 0

FAILED: patch "[PATCH] drm/atmel-hlcdc: check stride values in the first plane" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 9fcf2b3c1c0276650fea537c71b513d27d929b05 Mon Sep 17 00:00:00 2001 From: Stefan Agner <stefan(a)agner.ch> Date: Sun, 17 Jun 2018 10:48:22 +0200 Subject: [PATCH] drm/atmel-hlcdc: check stride values in the first plane The statement always evaluates to true since the struct fields are arrays. This has shown up as a warning when compiling with clang: warning: address of array 'desc->layout.xstride' will always evaluate to 'true' [-Wpointer-bool-conversion] Check for values in the first plane instead. Fixes: 1a396789f65a ("drm: add Atmel HLCDC Display Controller support") Cc: <stable(a)vger.kernel.org> Signed-off-by: Stefan Agner <stefan(a)agner.ch> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180617084826.31885-1-stefan… diff --git a/drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c b/drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c index e18800ed7cd1..7b8191eae68a 100644 --- a/drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c +++ b/drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c @@ -875,7 +875,7 @@ static int atmel_hlcdc_plane_init_properties(struct atmel_hlcdc_plane *plane, drm_object_attach_property(&plane->base.base, props->alpha, 255); - if (desc->layout.xstride && desc->layout.pstride) { + if (desc->layout.xstride[0] && desc->layout.pstride[0]) { int ret; ret = drm_plane_create_rotation_property(&plane->base,

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] drm/atmel-hlcdc: check stride values in the first plane" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 9fcf2b3c1c0276650fea537c71b513d27d929b05 Mon Sep 17 00:00:00 2001 From: Stefan Agner <stefan(a)agner.ch> Date: Sun, 17 Jun 2018 10:48:22 +0200 Subject: [PATCH] drm/atmel-hlcdc: check stride values in the first plane The statement always evaluates to true since the struct fields are arrays. This has shown up as a warning when compiling with clang: warning: address of array 'desc->layout.xstride' will always evaluate to 'true' [-Wpointer-bool-conversion] Check for values in the first plane instead. Fixes: 1a396789f65a ("drm: add Atmel HLCDC Display Controller support") Cc: <stable(a)vger.kernel.org> Signed-off-by: Stefan Agner <stefan(a)agner.ch> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180617084826.31885-1-stefan… diff --git a/drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c b/drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c index e18800ed7cd1..7b8191eae68a 100644 --- a/drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c +++ b/drivers/gpu/drm/atmel-hlcdc/atmel_hlcdc_plane.c @@ -875,7 +875,7 @@ static int atmel_hlcdc_plane_init_properties(struct atmel_hlcdc_plane *plane, drm_object_attach_property(&plane->base.base, props->alpha, 255); - if (desc->layout.xstride && desc->layout.pstride) { + if (desc->layout.xstride[0] && desc->layout.pstride[0]) { int ret; ret = drm_plane_create_rotation_property(&plane->base,

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] drm/amd/pp: initialize result to before or'ing in data" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From c4ff91dd40e2253ab6dd028011469c2c694e1e19 Mon Sep 17 00:00:00 2001 From: Colin Ian King <colin.king(a)canonical.com> Date: Wed, 6 Jun 2018 13:18:31 +0100 Subject: [PATCH] drm/amd/pp: initialize result to before or'ing in data The current use of result is or'ing in values and checking for a non-zero result, however, result is not initialized to zero so it potentially contains garbage to start with. Fix this by initializing it to the first return from the call to vega10_program_didt_config_registers. Detected by cppcheck: "(error) Uninitialized variable: result" Fixes: 9b7b8154cdb8 ("drm/amd/powerplay: added didt support for vega10") Signed-off-by: Colin Ian King <colin.king(a)canonical.com> Acked-by: Huang Rui <ray.huang(a)amd.com> [Fix the subject as Colin's comment] Signed-off-by: Huang Rui <ray.huang(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org diff --git a/drivers/gpu/drm/amd/powerplay/hwmgr/vega10_powertune.c b/drivers/gpu/drm/amd/powerplay/hwmgr/vega10_powertune.c index a9efd8554fbc..dbe4b1f66784 100644 --- a/drivers/gpu/drm/amd/powerplay/hwmgr/vega10_powertune.c +++ b/drivers/gpu/drm/amd/powerplay/hwmgr/vega10_powertune.c @@ -1104,7 +1104,7 @@ static int vega10_enable_psm_gc_edc_config(struct pp_hwmgr *hwmgr) for (count = 0; count < num_se; count++) { data = GRBM_GFX_INDEX__INSTANCE_BROADCAST_WRITES_MASK | GRBM_GFX_INDEX__SH_BROADCAST_WRITES_MASK | ( count << GRBM_GFX_INDEX__SE_INDEX__SHIFT); WREG32_SOC15(GC, 0, mmGRBM_GFX_INDEX, data); - result |= vega10_program_didt_config_registers(hwmgr, PSMSEEDCStallPatternConfig_Vega10, VEGA10_CONFIGREG_DIDT); + result = vega10_program_didt_config_registers(hwmgr, PSMSEEDCStallPatternConfig_Vega10, VEGA10_CONFIGREG_DIDT); result |= vega10_program_didt_config_registers(hwmgr, PSMSEEDCStallDelayConfig_Vega10, VEGA10_CONFIGREG_DIDT); result |= vega10_program_didt_config_registers(hwmgr, PSMSEEDCCtrlResetConfig_Vega10, VEGA10_CONFIGREG_DIDT); result |= vega10_program_didt_config_registers(hwmgr, PSMSEEDCCtrlConfig_Vega10, VEGA10_CONFIGREG_DIDT);

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] Revert "drm/i915/edp: Allow alternate fixed mode for eDP if" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 368b554d63948133aca05e63ff8f5f4fbc2804d4 Mon Sep 17 00:00:00 2001 From: Jani Nikula <jani.nikula(a)intel.com> Date: Wed, 16 May 2018 11:01:10 +0300 Subject: [PATCH] Revert "drm/i915/edp: Allow alternate fixed mode for eDP if available." This reverts commit dc911f5bd8aacfcf8aabd5c26c88e04c837a938e. Per the report, no matter what display mode you select with xrandr, the i915 driver will always select the alternate fixed mode. For the reporter this means that the display will always run at 40Hz which is quite annoying. This may be due to the mode comparison. But there are some other potential issues. The choice of alt_fixed_mode seems dubious. It's the first non-preferred mode, but there are no guarantees that the only difference would be refresh rate. Similarly, there may be more than one preferred mode in the probed modes list, and the commit changes the preferred mode selection to choose the last one on the list instead of the first. (Note that the probed modes list is the raw, unfiltered, unsorted list of modes from drm_add_edid_modes(), not the pretty result after a drm_helper_probe_single_connector_modes() call.) Finally, we already have eerily similar code in place to find the downclock mode for DRRS that seems like could be reused here. Back to the drawing board. Note: This is a hand-crafted revert due to conflicts. If it fails to backport, please just try reverting the original commit directly. Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=105469 Reported-by: Rune Petersen <rune(a)megahurts.dk> Reported-by: Mark Spencer <n7u4722r35(a)ynzlx.anonbox.net> Fixes: dc911f5bd8aa ("drm/i915/edp: Allow alternate fixed mode for eDP if available.") Cc: Clint Taylor <clinton.a.taylor(a)intel.com> Cc: David Weinehall <david.weinehall(a)linux.intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: Paulo Zanoni <paulo.r.zanoni(a)intel.com> Cc: Jani Nikula <jani.nikula(a)intel.com> Cc: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Jim Bride <jim.bride(a)linux.intel.com> Cc: Jani Nikula <jani.nikula(a)linux.intel.com> Cc: Joonas Lahtinen <joonas.lahtinen(a)linux.intel.com> Cc: intel-gfx(a)lists.freedesktop.org Cc: <stable(a)vger.kernel.org> # v4.14+ Signed-off-by: Jani Nikula <jani.nikula(a)intel.com> Reviewed-by: Dhinakaran Pandiyan <dhinakaran.pandiyan(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180516080110.22770-1-jani.n… (cherry picked from commit d93fa1b47b8fcd149b5091f18385304f402a8e15) Signed-off-by: Jani Nikula <jani.nikula(a)intel.com> diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c index dde92e4af5d3..8320f0e8e3be 100644 --- a/drivers/gpu/drm/i915/intel_dp.c +++ b/drivers/gpu/drm/i915/intel_dp.c @@ -1679,23 +1679,6 @@ static int intel_dp_compute_bpp(struct intel_dp *intel_dp, return bpp; } -static bool intel_edp_compare_alt_mode(struct drm_display_mode *m1, - struct drm_display_mode *m2) -{ - bool bres = false; - - if (m1 && m2) - bres = (m1->hdisplay == m2->hdisplay && - m1->hsync_start == m2->hsync_start && - m1->hsync_end == m2->hsync_end && - m1->htotal == m2->htotal && - m1->vdisplay == m2->vdisplay && - m1->vsync_start == m2->vsync_start && - m1->vsync_end == m2->vsync_end && - m1->vtotal == m2->vtotal); - return bres; -} - /* Adjust link config limits based on compliance test requests. */ static void intel_dp_adjust_compliance_config(struct intel_dp *intel_dp, @@ -1860,16 +1843,8 @@ intel_dp_compute_config(struct intel_encoder *encoder, pipe_config->has_audio = intel_conn_state->force_audio == HDMI_AUDIO_ON; if (intel_dp_is_edp(intel_dp) && intel_connector->panel.fixed_mode) { - struct drm_display_mode *panel_mode = - intel_connector->panel.alt_fixed_mode; - struct drm_display_mode *req_mode = &pipe_config->base.mode; - - if (!intel_edp_compare_alt_mode(req_mode, panel_mode)) - panel_mode = intel_connector->panel.fixed_mode; - - drm_mode_debug_printmodeline(panel_mode); - - intel_fixed_panel_mode(panel_mode, adjusted_mode); + intel_fixed_panel_mode(intel_connector->panel.fixed_mode, + adjusted_mode); if (INTEL_GEN(dev_priv) >= 9) { int ret; @@ -6159,7 +6134,6 @@ static bool intel_edp_init_connector(struct intel_dp *intel_dp, struct drm_i915_private *dev_priv = to_i915(dev); struct drm_connector *connector = &intel_connector->base; struct drm_display_mode *fixed_mode = NULL; - struct drm_display_mode *alt_fixed_mode = NULL; struct drm_display_mode *downclock_mode = NULL; bool has_dpcd; struct drm_display_mode *scan; @@ -6214,14 +6188,13 @@ static bool intel_edp_init_connector(struct intel_dp *intel_dp, } intel_connector->edid = edid; - /* prefer fixed mode from EDID if available, save an alt mode also */ + /* prefer fixed mode from EDID if available */ list_for_each_entry(scan, &connector->probed_modes, head) { if ((scan->type & DRM_MODE_TYPE_PREFERRED)) { fixed_mode = drm_mode_duplicate(dev, scan); downclock_mode = intel_dp_drrs_init( intel_connector, fixed_mode); - } else if (!alt_fixed_mode) { - alt_fixed_mode = drm_mode_duplicate(dev, scan); + break; } } @@ -6258,8 +6231,7 @@ static bool intel_edp_init_connector(struct intel_dp *intel_dp, pipe_name(pipe)); } - intel_panel_init(&intel_connector->panel, fixed_mode, alt_fixed_mode, - downclock_mode); + intel_panel_init(&intel_connector->panel, fixed_mode, downclock_mode); intel_connector->panel.backlight.power = intel_edp_backlight_power; intel_panel_setup_backlight(connector, pipe); diff --git a/drivers/gpu/drm/i915/intel_drv.h b/drivers/gpu/drm/i915/intel_drv.h index d7dbca1aabff..0361130500a6 100644 --- a/drivers/gpu/drm/i915/intel_drv.h +++ b/drivers/gpu/drm/i915/intel_drv.h @@ -277,7 +277,6 @@ struct intel_encoder { struct intel_panel { struct drm_display_mode *fixed_mode; - struct drm_display_mode *alt_fixed_mode; struct drm_display_mode *downclock_mode; /* backlight */ @@ -1850,7 +1849,6 @@ void intel_overlay_reset(struct drm_i915_private *dev_priv); /* intel_panel.c */ int intel_panel_init(struct intel_panel *panel, struct drm_display_mode *fixed_mode, - struct drm_display_mode *alt_fixed_mode, struct drm_display_mode *downclock_mode); void intel_panel_fini(struct intel_panel *panel); void intel_fixed_panel_mode(const struct drm_display_mode *fixed_mode, diff --git a/drivers/gpu/drm/i915/intel_dsi.c b/drivers/gpu/drm/i915/intel_dsi.c index 51a1d6868b1e..cf39ca90d887 100644 --- a/drivers/gpu/drm/i915/intel_dsi.c +++ b/drivers/gpu/drm/i915/intel_dsi.c @@ -1846,7 +1846,7 @@ void intel_dsi_init(struct drm_i915_private *dev_priv) connector->display_info.width_mm = fixed_mode->width_mm; connector->display_info.height_mm = fixed_mode->height_mm; - intel_panel_init(&intel_connector->panel, fixed_mode, NULL, NULL); + intel_panel_init(&intel_connector->panel, fixed_mode, NULL); intel_panel_setup_backlight(connector, INVALID_PIPE); intel_dsi_add_properties(intel_connector); diff --git a/drivers/gpu/drm/i915/intel_dvo.c b/drivers/gpu/drm/i915/intel_dvo.c index eb0c559b2715..a70d767313aa 100644 --- a/drivers/gpu/drm/i915/intel_dvo.c +++ b/drivers/gpu/drm/i915/intel_dvo.c @@ -536,7 +536,7 @@ void intel_dvo_init(struct drm_i915_private *dev_priv) */ intel_panel_init(&intel_connector->panel, intel_dvo_get_current_mode(intel_encoder), - NULL, NULL); + NULL); intel_dvo->panel_wants_dither = true; } diff --git a/drivers/gpu/drm/i915/intel_lvds.c b/drivers/gpu/drm/i915/intel_lvds.c index 8691c86f579c..d8ece907ff54 100644 --- a/drivers/gpu/drm/i915/intel_lvds.c +++ b/drivers/gpu/drm/i915/intel_lvds.c @@ -1140,8 +1140,7 @@ void intel_lvds_init(struct drm_i915_private *dev_priv) out: mutex_unlock(&dev->mode_config.mutex); - intel_panel_init(&intel_connector->panel, fixed_mode, NULL, - downclock_mode); + intel_panel_init(&intel_connector->panel, fixed_mode, downclock_mode); intel_panel_setup_backlight(connector, INVALID_PIPE); lvds_encoder->is_dual_link = compute_is_dual_link_lvds(lvds_encoder); diff --git a/drivers/gpu/drm/i915/intel_panel.c b/drivers/gpu/drm/i915/intel_panel.c index 41d00b1603e3..b443278e569c 100644 --- a/drivers/gpu/drm/i915/intel_panel.c +++ b/drivers/gpu/drm/i915/intel_panel.c @@ -1928,13 +1928,11 @@ intel_panel_init_backlight_funcs(struct intel_panel *panel) int intel_panel_init(struct intel_panel *panel, struct drm_display_mode *fixed_mode, - struct drm_display_mode *alt_fixed_mode, struct drm_display_mode *downclock_mode) { intel_panel_init_backlight_funcs(panel); panel->fixed_mode = fixed_mode; - panel->alt_fixed_mode = alt_fixed_mode; panel->downclock_mode = downclock_mode; return 0; @@ -1948,10 +1946,6 @@ void intel_panel_fini(struct intel_panel *panel) if (panel->fixed_mode) drm_mode_destroy(intel_connector->base.dev, panel->fixed_mode); - if (panel->alt_fixed_mode) - drm_mode_destroy(intel_connector->base.dev, - panel->alt_fixed_mode); - if (panel->downclock_mode) drm_mode_destroy(intel_connector->base.dev, panel->downclock_mode);

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] Revert "drm/i915/edp: Allow alternate fixed mode for eDP if" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 368b554d63948133aca05e63ff8f5f4fbc2804d4 Mon Sep 17 00:00:00 2001 From: Jani Nikula <jani.nikula(a)intel.com> Date: Wed, 16 May 2018 11:01:10 +0300 Subject: [PATCH] Revert "drm/i915/edp: Allow alternate fixed mode for eDP if available." This reverts commit dc911f5bd8aacfcf8aabd5c26c88e04c837a938e. Per the report, no matter what display mode you select with xrandr, the i915 driver will always select the alternate fixed mode. For the reporter this means that the display will always run at 40Hz which is quite annoying. This may be due to the mode comparison. But there are some other potential issues. The choice of alt_fixed_mode seems dubious. It's the first non-preferred mode, but there are no guarantees that the only difference would be refresh rate. Similarly, there may be more than one preferred mode in the probed modes list, and the commit changes the preferred mode selection to choose the last one on the list instead of the first. (Note that the probed modes list is the raw, unfiltered, unsorted list of modes from drm_add_edid_modes(), not the pretty result after a drm_helper_probe_single_connector_modes() call.) Finally, we already have eerily similar code in place to find the downclock mode for DRRS that seems like could be reused here. Back to the drawing board. Note: This is a hand-crafted revert due to conflicts. If it fails to backport, please just try reverting the original commit directly. Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=105469 Reported-by: Rune Petersen <rune(a)megahurts.dk> Reported-by: Mark Spencer <n7u4722r35(a)ynzlx.anonbox.net> Fixes: dc911f5bd8aa ("drm/i915/edp: Allow alternate fixed mode for eDP if available.") Cc: Clint Taylor <clinton.a.taylor(a)intel.com> Cc: David Weinehall <david.weinehall(a)linux.intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: Paulo Zanoni <paulo.r.zanoni(a)intel.com> Cc: Jani Nikula <jani.nikula(a)intel.com> Cc: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Jim Bride <jim.bride(a)linux.intel.com> Cc: Jani Nikula <jani.nikula(a)linux.intel.com> Cc: Joonas Lahtinen <joonas.lahtinen(a)linux.intel.com> Cc: intel-gfx(a)lists.freedesktop.org Cc: <stable(a)vger.kernel.org> # v4.14+ Signed-off-by: Jani Nikula <jani.nikula(a)intel.com> Reviewed-by: Dhinakaran Pandiyan <dhinakaran.pandiyan(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180516080110.22770-1-jani.n… (cherry picked from commit d93fa1b47b8fcd149b5091f18385304f402a8e15) Signed-off-by: Jani Nikula <jani.nikula(a)intel.com> diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c index dde92e4af5d3..8320f0e8e3be 100644 --- a/drivers/gpu/drm/i915/intel_dp.c +++ b/drivers/gpu/drm/i915/intel_dp.c @@ -1679,23 +1679,6 @@ static int intel_dp_compute_bpp(struct intel_dp *intel_dp, return bpp; } -static bool intel_edp_compare_alt_mode(struct drm_display_mode *m1, - struct drm_display_mode *m2) -{ - bool bres = false; - - if (m1 && m2) - bres = (m1->hdisplay == m2->hdisplay && - m1->hsync_start == m2->hsync_start && - m1->hsync_end == m2->hsync_end && - m1->htotal == m2->htotal && - m1->vdisplay == m2->vdisplay && - m1->vsync_start == m2->vsync_start && - m1->vsync_end == m2->vsync_end && - m1->vtotal == m2->vtotal); - return bres; -} - /* Adjust link config limits based on compliance test requests. */ static void intel_dp_adjust_compliance_config(struct intel_dp *intel_dp, @@ -1860,16 +1843,8 @@ intel_dp_compute_config(struct intel_encoder *encoder, pipe_config->has_audio = intel_conn_state->force_audio == HDMI_AUDIO_ON; if (intel_dp_is_edp(intel_dp) && intel_connector->panel.fixed_mode) { - struct drm_display_mode *panel_mode = - intel_connector->panel.alt_fixed_mode; - struct drm_display_mode *req_mode = &pipe_config->base.mode; - - if (!intel_edp_compare_alt_mode(req_mode, panel_mode)) - panel_mode = intel_connector->panel.fixed_mode; - - drm_mode_debug_printmodeline(panel_mode); - - intel_fixed_panel_mode(panel_mode, adjusted_mode); + intel_fixed_panel_mode(intel_connector->panel.fixed_mode, + adjusted_mode); if (INTEL_GEN(dev_priv) >= 9) { int ret; @@ -6159,7 +6134,6 @@ static bool intel_edp_init_connector(struct intel_dp *intel_dp, struct drm_i915_private *dev_priv = to_i915(dev); struct drm_connector *connector = &intel_connector->base; struct drm_display_mode *fixed_mode = NULL; - struct drm_display_mode *alt_fixed_mode = NULL; struct drm_display_mode *downclock_mode = NULL; bool has_dpcd; struct drm_display_mode *scan; @@ -6214,14 +6188,13 @@ static bool intel_edp_init_connector(struct intel_dp *intel_dp, } intel_connector->edid = edid; - /* prefer fixed mode from EDID if available, save an alt mode also */ + /* prefer fixed mode from EDID if available */ list_for_each_entry(scan, &connector->probed_modes, head) { if ((scan->type & DRM_MODE_TYPE_PREFERRED)) { fixed_mode = drm_mode_duplicate(dev, scan); downclock_mode = intel_dp_drrs_init( intel_connector, fixed_mode); - } else if (!alt_fixed_mode) { - alt_fixed_mode = drm_mode_duplicate(dev, scan); + break; } } @@ -6258,8 +6231,7 @@ static bool intel_edp_init_connector(struct intel_dp *intel_dp, pipe_name(pipe)); } - intel_panel_init(&intel_connector->panel, fixed_mode, alt_fixed_mode, - downclock_mode); + intel_panel_init(&intel_connector->panel, fixed_mode, downclock_mode); intel_connector->panel.backlight.power = intel_edp_backlight_power; intel_panel_setup_backlight(connector, pipe); diff --git a/drivers/gpu/drm/i915/intel_drv.h b/drivers/gpu/drm/i915/intel_drv.h index d7dbca1aabff..0361130500a6 100644 --- a/drivers/gpu/drm/i915/intel_drv.h +++ b/drivers/gpu/drm/i915/intel_drv.h @@ -277,7 +277,6 @@ struct intel_encoder { struct intel_panel { struct drm_display_mode *fixed_mode; - struct drm_display_mode *alt_fixed_mode; struct drm_display_mode *downclock_mode; /* backlight */ @@ -1850,7 +1849,6 @@ void intel_overlay_reset(struct drm_i915_private *dev_priv); /* intel_panel.c */ int intel_panel_init(struct intel_panel *panel, struct drm_display_mode *fixed_mode, - struct drm_display_mode *alt_fixed_mode, struct drm_display_mode *downclock_mode); void intel_panel_fini(struct intel_panel *panel); void intel_fixed_panel_mode(const struct drm_display_mode *fixed_mode, diff --git a/drivers/gpu/drm/i915/intel_dsi.c b/drivers/gpu/drm/i915/intel_dsi.c index 51a1d6868b1e..cf39ca90d887 100644 --- a/drivers/gpu/drm/i915/intel_dsi.c +++ b/drivers/gpu/drm/i915/intel_dsi.c @@ -1846,7 +1846,7 @@ void intel_dsi_init(struct drm_i915_private *dev_priv) connector->display_info.width_mm = fixed_mode->width_mm; connector->display_info.height_mm = fixed_mode->height_mm; - intel_panel_init(&intel_connector->panel, fixed_mode, NULL, NULL); + intel_panel_init(&intel_connector->panel, fixed_mode, NULL); intel_panel_setup_backlight(connector, INVALID_PIPE); intel_dsi_add_properties(intel_connector); diff --git a/drivers/gpu/drm/i915/intel_dvo.c b/drivers/gpu/drm/i915/intel_dvo.c index eb0c559b2715..a70d767313aa 100644 --- a/drivers/gpu/drm/i915/intel_dvo.c +++ b/drivers/gpu/drm/i915/intel_dvo.c @@ -536,7 +536,7 @@ void intel_dvo_init(struct drm_i915_private *dev_priv) */ intel_panel_init(&intel_connector->panel, intel_dvo_get_current_mode(intel_encoder), - NULL, NULL); + NULL); intel_dvo->panel_wants_dither = true; } diff --git a/drivers/gpu/drm/i915/intel_lvds.c b/drivers/gpu/drm/i915/intel_lvds.c index 8691c86f579c..d8ece907ff54 100644 --- a/drivers/gpu/drm/i915/intel_lvds.c +++ b/drivers/gpu/drm/i915/intel_lvds.c @@ -1140,8 +1140,7 @@ void intel_lvds_init(struct drm_i915_private *dev_priv) out: mutex_unlock(&dev->mode_config.mutex); - intel_panel_init(&intel_connector->panel, fixed_mode, NULL, - downclock_mode); + intel_panel_init(&intel_connector->panel, fixed_mode, downclock_mode); intel_panel_setup_backlight(connector, INVALID_PIPE); lvds_encoder->is_dual_link = compute_is_dual_link_lvds(lvds_encoder); diff --git a/drivers/gpu/drm/i915/intel_panel.c b/drivers/gpu/drm/i915/intel_panel.c index 41d00b1603e3..b443278e569c 100644 --- a/drivers/gpu/drm/i915/intel_panel.c +++ b/drivers/gpu/drm/i915/intel_panel.c @@ -1928,13 +1928,11 @@ intel_panel_init_backlight_funcs(struct intel_panel *panel) int intel_panel_init(struct intel_panel *panel, struct drm_display_mode *fixed_mode, - struct drm_display_mode *alt_fixed_mode, struct drm_display_mode *downclock_mode) { intel_panel_init_backlight_funcs(panel); panel->fixed_mode = fixed_mode; - panel->alt_fixed_mode = alt_fixed_mode; panel->downclock_mode = downclock_mode; return 0; @@ -1948,10 +1946,6 @@ void intel_panel_fini(struct intel_panel *panel) if (panel->fixed_mode) drm_mode_destroy(intel_connector->base.dev, panel->fixed_mode); - if (panel->alt_fixed_mode) - drm_mode_destroy(intel_connector->base.dev, - panel->alt_fixed_mode); - if (panel->downclock_mode) drm_mode_destroy(intel_connector->base.dev, panel->downclock_mode);

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] drm/i915/psr: Chase psr.enabled only under the psr.lock" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From daeb725e919c0d2d4b628aeaa1fa053125f888b2 Mon Sep 17 00:00:00 2001 From: Chris Wilson <chris(a)chris-wilson.co.uk> Date: Thu, 5 Apr 2018 12:49:15 +0100 Subject: [PATCH] drm/i915/psr: Chase psr.enabled only under the psr.lock Inside the psr work function, we want to wait for PSR to idle first and wish to do so without blocking the normal modeset path, so we do so without holding the PSR lock. However, we first have to find which pipe PSR was enabled on, which requires chasing into the PSR struct and requires locking to prevent intel_psr_disable() from concurrently setting our pointer to NULL. Fixes: 995d30477496 ("drm/i915: VLV/CHV PSR Software timer mode") Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Durgadoss R <durgadoss.r(a)intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: <stable(a)vger.kernel.org> # v4.0+ Reviewed-by: Jose Roberto de Souza <jose.souza(a)intel.com> Acked-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180405114915.29609-1-chris@… diff --git a/drivers/gpu/drm/i915/intel_psr.c b/drivers/gpu/drm/i915/intel_psr.c index 2d53f7398a6d..69a5b276f4d8 100644 --- a/drivers/gpu/drm/i915/intel_psr.c +++ b/drivers/gpu/drm/i915/intel_psr.c @@ -775,53 +775,59 @@ void intel_psr_disable(struct intel_dp *intel_dp, cancel_delayed_work_sync(&dev_priv->psr.work); } -static void intel_psr_work(struct work_struct *work) +static bool psr_wait_for_idle(struct drm_i915_private *dev_priv) { - struct drm_i915_private *dev_priv = - container_of(work, typeof(*dev_priv), psr.work.work); - struct intel_dp *intel_dp = dev_priv->psr.enabled; - struct drm_crtc *crtc = dp_to_dig_port(intel_dp)->base.base.crtc; - enum pipe pipe = to_intel_crtc(crtc)->pipe; + struct intel_dp *intel_dp; + i915_reg_t reg; + u32 mask; + int err; + + intel_dp = dev_priv->psr.enabled; + if (!intel_dp) + return false; - /* We have to make sure PSR is ready for re-enable - * otherwise it keeps disabled until next full enable/disable cycle. - * PSR might take some time to get fully disabled - * and be ready for re-enable. - */ if (HAS_DDI(dev_priv)) { if (dev_priv->psr.psr2_enabled) { - if (intel_wait_for_register(dev_priv, - EDP_PSR2_STATUS, - EDP_PSR2_STATUS_STATE_MASK, - 0, - 50)) { - DRM_ERROR("Timed out waiting for PSR2 Idle for re-enable\n"); - return; - } + reg = EDP_PSR2_STATUS; + mask = EDP_PSR2_STATUS_STATE_MASK; } else { - if (intel_wait_for_register(dev_priv, - EDP_PSR_STATUS, - EDP_PSR_STATUS_STATE_MASK, - 0, - 50)) { - DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); - return; - } + reg = EDP_PSR_STATUS; + mask = EDP_PSR_STATUS_STATE_MASK; } } else { - if (intel_wait_for_register(dev_priv, - VLV_PSRSTAT(pipe), - VLV_EDP_PSR_IN_TRANS, - 0, - 1)) { - DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); - return; - } + struct drm_crtc *crtc = + dp_to_dig_port(intel_dp)->base.base.crtc; + enum pipe pipe = to_intel_crtc(crtc)->pipe; + + reg = VLV_PSRSTAT(pipe); + mask = VLV_EDP_PSR_IN_TRANS; } + + mutex_unlock(&dev_priv->psr.lock); + + err = intel_wait_for_register(dev_priv, reg, mask, 0, 50); + if (err) + DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); + + /* After the unlocked wait, verify that PSR is still wanted! */ mutex_lock(&dev_priv->psr.lock); - intel_dp = dev_priv->psr.enabled; + return err == 0 && dev_priv->psr.enabled; +} - if (!intel_dp) +static void intel_psr_work(struct work_struct *work) +{ + struct drm_i915_private *dev_priv = + container_of(work, typeof(*dev_priv), psr.work.work); + + mutex_lock(&dev_priv->psr.lock); + + /* + * We have to make sure PSR is ready for re-enable + * otherwise it keeps disabled until next full enable/disable cycle. + * PSR might take some time to get fully disabled + * and be ready for re-enable. + */ + if (!psr_wait_for_idle(dev_priv)) goto unlock; /* @@ -832,7 +838,7 @@ static void intel_psr_work(struct work_struct *work) if (dev_priv->psr.busy_frontbuffer_bits) goto unlock; - intel_psr_activate(intel_dp); + intel_psr_activate(dev_priv->psr.enabled); unlock: mutex_unlock(&dev_priv->psr.lock); }

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] drm/i915/psr: Chase psr.enabled only under the psr.lock" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From daeb725e919c0d2d4b628aeaa1fa053125f888b2 Mon Sep 17 00:00:00 2001 From: Chris Wilson <chris(a)chris-wilson.co.uk> Date: Thu, 5 Apr 2018 12:49:15 +0100 Subject: [PATCH] drm/i915/psr: Chase psr.enabled only under the psr.lock Inside the psr work function, we want to wait for PSR to idle first and wish to do so without blocking the normal modeset path, so we do so without holding the PSR lock. However, we first have to find which pipe PSR was enabled on, which requires chasing into the PSR struct and requires locking to prevent intel_psr_disable() from concurrently setting our pointer to NULL. Fixes: 995d30477496 ("drm/i915: VLV/CHV PSR Software timer mode") Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Durgadoss R <durgadoss.r(a)intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: <stable(a)vger.kernel.org> # v4.0+ Reviewed-by: Jose Roberto de Souza <jose.souza(a)intel.com> Acked-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180405114915.29609-1-chris@… diff --git a/drivers/gpu/drm/i915/intel_psr.c b/drivers/gpu/drm/i915/intel_psr.c index 2d53f7398a6d..69a5b276f4d8 100644 --- a/drivers/gpu/drm/i915/intel_psr.c +++ b/drivers/gpu/drm/i915/intel_psr.c @@ -775,53 +775,59 @@ void intel_psr_disable(struct intel_dp *intel_dp, cancel_delayed_work_sync(&dev_priv->psr.work); } -static void intel_psr_work(struct work_struct *work) +static bool psr_wait_for_idle(struct drm_i915_private *dev_priv) { - struct drm_i915_private *dev_priv = - container_of(work, typeof(*dev_priv), psr.work.work); - struct intel_dp *intel_dp = dev_priv->psr.enabled; - struct drm_crtc *crtc = dp_to_dig_port(intel_dp)->base.base.crtc; - enum pipe pipe = to_intel_crtc(crtc)->pipe; + struct intel_dp *intel_dp; + i915_reg_t reg; + u32 mask; + int err; + + intel_dp = dev_priv->psr.enabled; + if (!intel_dp) + return false; - /* We have to make sure PSR is ready for re-enable - * otherwise it keeps disabled until next full enable/disable cycle. - * PSR might take some time to get fully disabled - * and be ready for re-enable. - */ if (HAS_DDI(dev_priv)) { if (dev_priv->psr.psr2_enabled) { - if (intel_wait_for_register(dev_priv, - EDP_PSR2_STATUS, - EDP_PSR2_STATUS_STATE_MASK, - 0, - 50)) { - DRM_ERROR("Timed out waiting for PSR2 Idle for re-enable\n"); - return; - } + reg = EDP_PSR2_STATUS; + mask = EDP_PSR2_STATUS_STATE_MASK; } else { - if (intel_wait_for_register(dev_priv, - EDP_PSR_STATUS, - EDP_PSR_STATUS_STATE_MASK, - 0, - 50)) { - DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); - return; - } + reg = EDP_PSR_STATUS; + mask = EDP_PSR_STATUS_STATE_MASK; } } else { - if (intel_wait_for_register(dev_priv, - VLV_PSRSTAT(pipe), - VLV_EDP_PSR_IN_TRANS, - 0, - 1)) { - DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); - return; - } + struct drm_crtc *crtc = + dp_to_dig_port(intel_dp)->base.base.crtc; + enum pipe pipe = to_intel_crtc(crtc)->pipe; + + reg = VLV_PSRSTAT(pipe); + mask = VLV_EDP_PSR_IN_TRANS; } + + mutex_unlock(&dev_priv->psr.lock); + + err = intel_wait_for_register(dev_priv, reg, mask, 0, 50); + if (err) + DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); + + /* After the unlocked wait, verify that PSR is still wanted! */ mutex_lock(&dev_priv->psr.lock); - intel_dp = dev_priv->psr.enabled; + return err == 0 && dev_priv->psr.enabled; +} - if (!intel_dp) +static void intel_psr_work(struct work_struct *work) +{ + struct drm_i915_private *dev_priv = + container_of(work, typeof(*dev_priv), psr.work.work); + + mutex_lock(&dev_priv->psr.lock); + + /* + * We have to make sure PSR is ready for re-enable + * otherwise it keeps disabled until next full enable/disable cycle. + * PSR might take some time to get fully disabled + * and be ready for re-enable. + */ + if (!psr_wait_for_idle(dev_priv)) goto unlock; /* @@ -832,7 +838,7 @@ static void intel_psr_work(struct work_struct *work) if (dev_priv->psr.busy_frontbuffer_bits) goto unlock; - intel_psr_activate(intel_dp); + intel_psr_activate(dev_priv->psr.enabled); unlock: mutex_unlock(&dev_priv->psr.lock); }

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] drm/i915/psr: Chase psr.enabled only under the psr.lock" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From daeb725e919c0d2d4b628aeaa1fa053125f888b2 Mon Sep 17 00:00:00 2001 From: Chris Wilson <chris(a)chris-wilson.co.uk> Date: Thu, 5 Apr 2018 12:49:15 +0100 Subject: [PATCH] drm/i915/psr: Chase psr.enabled only under the psr.lock Inside the psr work function, we want to wait for PSR to idle first and wish to do so without blocking the normal modeset path, so we do so without holding the PSR lock. However, we first have to find which pipe PSR was enabled on, which requires chasing into the PSR struct and requires locking to prevent intel_psr_disable() from concurrently setting our pointer to NULL. Fixes: 995d30477496 ("drm/i915: VLV/CHV PSR Software timer mode") Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Durgadoss R <durgadoss.r(a)intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: <stable(a)vger.kernel.org> # v4.0+ Reviewed-by: Jose Roberto de Souza <jose.souza(a)intel.com> Acked-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180405114915.29609-1-chris@… diff --git a/drivers/gpu/drm/i915/intel_psr.c b/drivers/gpu/drm/i915/intel_psr.c index 2d53f7398a6d..69a5b276f4d8 100644 --- a/drivers/gpu/drm/i915/intel_psr.c +++ b/drivers/gpu/drm/i915/intel_psr.c @@ -775,53 +775,59 @@ void intel_psr_disable(struct intel_dp *intel_dp, cancel_delayed_work_sync(&dev_priv->psr.work); } -static void intel_psr_work(struct work_struct *work) +static bool psr_wait_for_idle(struct drm_i915_private *dev_priv) { - struct drm_i915_private *dev_priv = - container_of(work, typeof(*dev_priv), psr.work.work); - struct intel_dp *intel_dp = dev_priv->psr.enabled; - struct drm_crtc *crtc = dp_to_dig_port(intel_dp)->base.base.crtc; - enum pipe pipe = to_intel_crtc(crtc)->pipe; + struct intel_dp *intel_dp; + i915_reg_t reg; + u32 mask; + int err; + + intel_dp = dev_priv->psr.enabled; + if (!intel_dp) + return false; - /* We have to make sure PSR is ready for re-enable - * otherwise it keeps disabled until next full enable/disable cycle. - * PSR might take some time to get fully disabled - * and be ready for re-enable. - */ if (HAS_DDI(dev_priv)) { if (dev_priv->psr.psr2_enabled) { - if (intel_wait_for_register(dev_priv, - EDP_PSR2_STATUS, - EDP_PSR2_STATUS_STATE_MASK, - 0, - 50)) { - DRM_ERROR("Timed out waiting for PSR2 Idle for re-enable\n"); - return; - } + reg = EDP_PSR2_STATUS; + mask = EDP_PSR2_STATUS_STATE_MASK; } else { - if (intel_wait_for_register(dev_priv, - EDP_PSR_STATUS, - EDP_PSR_STATUS_STATE_MASK, - 0, - 50)) { - DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); - return; - } + reg = EDP_PSR_STATUS; + mask = EDP_PSR_STATUS_STATE_MASK; } } else { - if (intel_wait_for_register(dev_priv, - VLV_PSRSTAT(pipe), - VLV_EDP_PSR_IN_TRANS, - 0, - 1)) { - DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); - return; - } + struct drm_crtc *crtc = + dp_to_dig_port(intel_dp)->base.base.crtc; + enum pipe pipe = to_intel_crtc(crtc)->pipe; + + reg = VLV_PSRSTAT(pipe); + mask = VLV_EDP_PSR_IN_TRANS; } + + mutex_unlock(&dev_priv->psr.lock); + + err = intel_wait_for_register(dev_priv, reg, mask, 0, 50); + if (err) + DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); + + /* After the unlocked wait, verify that PSR is still wanted! */ mutex_lock(&dev_priv->psr.lock); - intel_dp = dev_priv->psr.enabled; + return err == 0 && dev_priv->psr.enabled; +} - if (!intel_dp) +static void intel_psr_work(struct work_struct *work) +{ + struct drm_i915_private *dev_priv = + container_of(work, typeof(*dev_priv), psr.work.work); + + mutex_lock(&dev_priv->psr.lock); + + /* + * We have to make sure PSR is ready for re-enable + * otherwise it keeps disabled until next full enable/disable cycle. + * PSR might take some time to get fully disabled + * and be ready for re-enable. + */ + if (!psr_wait_for_idle(dev_priv)) goto unlock; /* @@ -832,7 +838,7 @@ static void intel_psr_work(struct work_struct *work) if (dev_priv->psr.busy_frontbuffer_bits) goto unlock; - intel_psr_activate(intel_dp); + intel_psr_activate(dev_priv->psr.enabled); unlock: mutex_unlock(&dev_priv->psr.lock); }

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] drm/i915/psr: Chase psr.enabled only under the psr.lock" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From daeb725e919c0d2d4b628aeaa1fa053125f888b2 Mon Sep 17 00:00:00 2001 From: Chris Wilson <chris(a)chris-wilson.co.uk> Date: Thu, 5 Apr 2018 12:49:15 +0100 Subject: [PATCH] drm/i915/psr: Chase psr.enabled only under the psr.lock Inside the psr work function, we want to wait for PSR to idle first and wish to do so without blocking the normal modeset path, so we do so without holding the PSR lock. However, we first have to find which pipe PSR was enabled on, which requires chasing into the PSR struct and requires locking to prevent intel_psr_disable() from concurrently setting our pointer to NULL. Fixes: 995d30477496 ("drm/i915: VLV/CHV PSR Software timer mode") Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Durgadoss R <durgadoss.r(a)intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: <stable(a)vger.kernel.org> # v4.0+ Reviewed-by: Jose Roberto de Souza <jose.souza(a)intel.com> Acked-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180405114915.29609-1-chris@… diff --git a/drivers/gpu/drm/i915/intel_psr.c b/drivers/gpu/drm/i915/intel_psr.c index 2d53f7398a6d..69a5b276f4d8 100644 --- a/drivers/gpu/drm/i915/intel_psr.c +++ b/drivers/gpu/drm/i915/intel_psr.c @@ -775,53 +775,59 @@ void intel_psr_disable(struct intel_dp *intel_dp, cancel_delayed_work_sync(&dev_priv->psr.work); } -static void intel_psr_work(struct work_struct *work) +static bool psr_wait_for_idle(struct drm_i915_private *dev_priv) { - struct drm_i915_private *dev_priv = - container_of(work, typeof(*dev_priv), psr.work.work); - struct intel_dp *intel_dp = dev_priv->psr.enabled; - struct drm_crtc *crtc = dp_to_dig_port(intel_dp)->base.base.crtc; - enum pipe pipe = to_intel_crtc(crtc)->pipe; + struct intel_dp *intel_dp; + i915_reg_t reg; + u32 mask; + int err; + + intel_dp = dev_priv->psr.enabled; + if (!intel_dp) + return false; - /* We have to make sure PSR is ready for re-enable - * otherwise it keeps disabled until next full enable/disable cycle. - * PSR might take some time to get fully disabled - * and be ready for re-enable. - */ if (HAS_DDI(dev_priv)) { if (dev_priv->psr.psr2_enabled) { - if (intel_wait_for_register(dev_priv, - EDP_PSR2_STATUS, - EDP_PSR2_STATUS_STATE_MASK, - 0, - 50)) { - DRM_ERROR("Timed out waiting for PSR2 Idle for re-enable\n"); - return; - } + reg = EDP_PSR2_STATUS; + mask = EDP_PSR2_STATUS_STATE_MASK; } else { - if (intel_wait_for_register(dev_priv, - EDP_PSR_STATUS, - EDP_PSR_STATUS_STATE_MASK, - 0, - 50)) { - DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); - return; - } + reg = EDP_PSR_STATUS; + mask = EDP_PSR_STATUS_STATE_MASK; } } else { - if (intel_wait_for_register(dev_priv, - VLV_PSRSTAT(pipe), - VLV_EDP_PSR_IN_TRANS, - 0, - 1)) { - DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); - return; - } + struct drm_crtc *crtc = + dp_to_dig_port(intel_dp)->base.base.crtc; + enum pipe pipe = to_intel_crtc(crtc)->pipe; + + reg = VLV_PSRSTAT(pipe); + mask = VLV_EDP_PSR_IN_TRANS; } + + mutex_unlock(&dev_priv->psr.lock); + + err = intel_wait_for_register(dev_priv, reg, mask, 0, 50); + if (err) + DRM_ERROR("Timed out waiting for PSR Idle for re-enable\n"); + + /* After the unlocked wait, verify that PSR is still wanted! */ mutex_lock(&dev_priv->psr.lock); - intel_dp = dev_priv->psr.enabled; + return err == 0 && dev_priv->psr.enabled; +} - if (!intel_dp) +static void intel_psr_work(struct work_struct *work) +{ + struct drm_i915_private *dev_priv = + container_of(work, typeof(*dev_priv), psr.work.work); + + mutex_lock(&dev_priv->psr.lock); + + /* + * We have to make sure PSR is ready for re-enable + * otherwise it keeps disabled until next full enable/disable cycle. + * PSR might take some time to get fully disabled + * and be ready for re-enable. + */ + if (!psr_wait_for_idle(dev_priv)) goto unlock; /* @@ -832,7 +838,7 @@ static void intel_psr_work(struct work_struct *work) if (dev_priv->psr.busy_frontbuffer_bits) goto unlock; - intel_psr_activate(intel_dp); + intel_psr_activate(dev_priv->psr.enabled); unlock: mutex_unlock(&dev_priv->psr.lock); }

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] Revert "drm/amd/display: fix dereferencing possible" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 642ad57058baaa2c105925a75c153bb486877513 Mon Sep 17 00:00:00 2001 From: Harry Wentland <harry.wentland(a)amd.com> Date: Thu, 12 Apr 2018 10:51:51 -0400 Subject: [PATCH] Revert "drm/amd/display: fix dereferencing possible ERR_PTR()" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit cd2d6c92a8e39d7e50a5af9fcc67d07e6a89e91d. Cc: Shirish S <shirish.s(a)amd.com> Cc: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org Reviewed-by: Michel Dänzer <michel.daenzer(a)amd.com> Signed-off-by: Harry Wentland <harry.wentland(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> diff --git a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c index 265f0166f688..0c29f3b97398 100644 --- a/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c +++ b/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c @@ -4941,9 +4941,6 @@ static int dm_atomic_check_plane_state_fb(struct drm_atomic_state *state, return -EDEADLK; crtc_state = drm_atomic_get_crtc_state(plane_state->state, crtc); - if (IS_ERR(crtc_state)) - return PTR_ERR(crtc_state); - if (crtc->primary == plane && crtc_state->active) { if (!plane_state->fb) return -EINVAL;

7 years, 2 months

1
0
0 0

4.17.2 -> 4.17.3 iwlwifi regression

by Yan, Zheng

I started to get following warning and unstable connection after upgrading kernel to 4.17.3 (from 4.17.2). iwlwifi 0000:04:00.0: loaded firmware version 38.c0e03d94.0 op_mode iwlmvm iwlwifi 0000:04:00.0: Detected Intel(R) Dual Band Wireless AC 9260, REV=0x324 audit: type=1130 audit(1529640588.009:69): pid=1 uid=0 auid=4294967295 ses=4294967295 msg='unit=systemd-rfkill comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' iwlwifi 0000:04:00.0: base HW address: 74:e5:f9:a6:bb:52 … WARNING: CPU: 1 PID: 0 at drivers/net/wireless/intel/iwlwifi/mvm/tx.c:710 iwl_mvm_tx_tso_segment+0x28a/0x2a0 [iwlmvm] Modules linked in: joydev(E) xt_nat(E) it87(OE) netconsole(E) rmd160(E) ip_vti(E) ip_tunnel(E) af_key(E) ah6(E) ah4(E) esp6(E) esp4(E) xfrm4_mode_beet(E) xfrm4_tunnel(E) tunnel4(E) xfrm4_mode_tunnel(E) xfrm4_mode_transport(E) xfrm6_mode_transport(E) xfrm6_mode_ro(E) xfrm6_mode_beet(E) xfrm6_mode_tunnel(E) ipcomp(E) ipcomp6(E) xfrm6_tunnel(E) xfrm_ipcomp(E) tunnel6(E) sha1_ssse3(E) salsa20_x86_64(E) salsa20_generic(E) poly1305_x86_64(E) poly1305_generic(E) des3_ede_x86_64(E) chacha20_x86_64(E) chacha20_generic(E) chacha20poly1305(E) camellia_generic(E) camellia_aesni_avx2(E) camellia_aesni_avx_x86_64(E) camellia_x86_64(E) cast6_avx_x86_64(E) cast6_generic(E) cast5_avx_x86_64(E) cast5_generic(E) cast_common(E) serpent_avx2(E) serpent_avx_x86_64(E) serpent_sse2_x86_64(E) serpent_generic(E) blowfish_generic(E) blowfish_x86_64(E) blowfish_common(E) twofish_generic(E) twofish_avx_x86_64(E) twofish_x86_64_3way(E) twofish_x86_64(E) twofish_common(E) xcbc(E) sha256_mb(E) sha256_ssse3(E) sha512_mb(E) mcryptd(E) sha512_ssse3(E) sha512_generic(E) des_generic(E) xt_CHECKSUM(E) ipt_MASQUERADE(E) nf_nat_masquerade_ipv4(E) tun(E) ccm(E) nf_conntrack_netbios_ns(E) nf_conntrack_broadcast(E) xt_CT(E) ip6t_rpfilter(E) ip6t_REJECT(E) nf_reject_ipv6(E) xt_conntrack(E) ip_set(E) nfnetlink(E) ebtable_nat(E) ebtable_broute(E) bridge(E) stp(E) llc(E) ip6table_nat(E) nf_conntrack_ipv6(E) nf_defrag_ipv6(E) nf_nat_ipv6(E) ip6table_mangle(E) ip6table_raw(E) ip6table_security(E) iptable_nat(E) nf_conntrack_ipv4(E) nf_defrag_ipv4(E) nf_nat_ipv4(E) nf_nat(E) nf_conntrack(E) iptable_mangle(E) iptable_raw(E) iptable_security(E) ebtable_filter(E) ebtables(E) ip6table_filter(E) ip6_tables(E) cmac(E) bnep(E) hwmon_vid(E) ib_isert(E) iscsi_target_mod(E) ib_srpt(E) target_core_mod(E) ib_srp(E) scsi_transport_srp(E) vfat(E) fat(E) xfs(E) libcrc32c(E) ib_ucm(E) arc4(E) rpcrdma(E) sunrpc(E) iwlmvm(E) mac80211(E) rdma_ucm(E) ib_uverbs(E) ib_iser(E) snd_hda_codec_realtek(E) rdma_cm(E) btusb(E) snd_hda_codec_generic(E) snd_hda_codec_hdmi(E) iw_cm(E) btrtl(E) snd_hda_intel(E) btbcm(E) btintel(E) snd_hda_codec(E) bluetooth(E) snd_hda_core(E) ib_umad(E) edac_mce_amd(E) snd_hwdep(E) ib_ipoib(E) libiscsi(E) scsi_transport_iscsi(E) iwlwifi(E) snd_seq(E) snd_seq_device(E) kvm_amd(E) ib_cm(E) mlx4_ib(E) ib_core(E) kvm(E) snd_pcm(E) snd_timer(E) sp5100_tco(E) snd(E) i2c_piix4(E) soundcore(E) gpio_amdpt(E) gpio_generic(E) ecdh_generic(E) cfg80211(E) irqbypass(E) mxm_wmi(E) rfkill(E) wmi_bmof(E) crct10dif_pclmul(E) crc32_pclmul(E) wmi(E) ghash_clmulni_intel(E) k10temp(E) ccp(E) pinctrl_amd(E) shpchp(E) pcspkr(E) acpi_cpufreq(E) mlx4_en(E) amdkfd(E) amd_iommu_v2(E) amdgpu(E) chash(E) gpu_sched(E) drm_kms_helper(E) ttm(E) crc32c_intel(E) mlx4_core(E) igb(E) devlink(E) drm(E) ptp(E) pps_core(E) dca(E) i2c_algo_bit(E) nvme(E) nvme_core(E) tcp_bbr(E) CPU: 1 PID: 0 Comm: swapper/1 Tainted: G OE 4.17.2 #4 Hardware name: System manufacturer System Product Name/PRIME X370-PRO, BIOS 3803 01/22/2018 RIP: 0010:iwl_mvm_tx_tso_segment+0x28a/0x2a0 [iwlmvm] RSP: 0018:ffff961e1ec437c0 EFLAGS: 00010202 RAX: 00000000000002c0 RBX: fffffffffffffff4 RCX: ffff961c38339c64 RDX: ffff961c38339c00 RSI: 0000000000000000 RDI: ffff961c38339c64 RBP: ffff961e1ec43850 R08: ffff9618f295b700 R09: fffffffffffffff4 R10: 0000000000000000 R11: 0000000000000000 R12: 000000000000dc6f R13: 0000000000000008 R14: 0000000000000000 R15: 00000000000005a8 FS: 0000000000000000(0000) GS:ffff961e1ec40000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000559b4fc3e240 CR3: 000000063c20a000 CR4: 00000000003406e0 Call Trace: <IRQ> ? iwl_mvm_tx_mpdu+0x1a2/0x5b0 [iwlmvm] iwl_mvm_tx_skb+0x3f0/0x440 [iwlmvm] iwl_mvm_mac_tx+0xb5/0x1b0 [iwlmvm] ieee80211_tx_frags+0x14c/0x220 [mac80211] ieee80211_xmit_fast+0x7ea/0x8b0 [mac80211] ? sched_clock+0x5/0x10 ? sched_clock_cpu+0xc/0xb0 __ieee80211_subif_start_xmit+0xa9/0x1e0 [mac80211] ieee80211_subif_start_xmit+0x44/0x2d0 [mac80211] dev_hard_start_xmit+0xa5/0x210 sch_direct_xmit+0x158/0x340 __dev_queue_xmit+0x53b/0x7e0 ? xfrm_lookup+0x2f2/0x930 ip_finish_output2+0x29c/0x3b0 ip_output+0x6c/0xe0 ? ip_append_data.part.50+0xc0/0xc0 ip_forward+0x396/0x450 ? ip_defrag.cold.17+0x22/0x22 ip_rcv+0x26e/0x3a6 ? inet_add_protocol.cold.1+0x1e/0x1e __netif_receive_skb_core+0x4fb/0xb30 ? mlx4_en_process_rx_cq+0x9b5/0xc60 [mlx4_en] ? ktime_get_with_offset+0x4d/0xc0 netif_receive_skb_internal+0x42/0xf0 napi_gro_flush+0x50/0x70 napi_complete_done+0x39/0xf0 mlx4_en_poll_rx_cq+0xa4/0xf0 [mlx4_en] net_rx_action+0x149/0x3a0 __do_softirq+0xe3/0x2d4 irq_exit+0xe8/0xf0 do_IRQ+0x7d/0xc0 common_interrupt+0xf/0xf </IRQ> RIP: 0010:native_safe_halt+0x2/0x10 RSP: 0018:ffffaeb84323be40 EFLAGS: 00000246 ORIG_RAX: ffffffffffffffda RAX: 0000000080000000 RBX: ffff961dfa98dc00 RCX: ffff961e1ec40000 RDX: 4ec4ec4ec4ec4ec5 RSI: 0000000000000034 RDI: ffff961dfa98dc64 RBP: ffff961dfa98dc64 R08: 00002b4f757437c4 R09: 0000000000000249 R10: 000000000000024b R11: ffff961e1ec5fae8 R12: 0000000000000001 R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000000 acpi_safe_halt+0x1b/0x30 acpi_idle_enter+0xf3/0x2b0 cpuidle_enter_state+0x70/0x2a0 do_idle+0x21d/0x260 cpu_startup_entry+0x6f/0x80 start_secondary+0x1a4/0x1f0 secondary_startup_64+0xa5/0xb0 Code: 00 48 03 bb d0 00 00 00 44 89 44 24 14 48 89 74 24 08 48 89 0c 24 e8 76 ba 94 ea 44 8b 44 24 14 48 8b 74 24 08 48 8b 0c 24 eb aa <0f> 0b b8 ea ff ff ff e9 78 ff ff ff e8 45 19 22 ea 0f 1f 44 00

7 years, 2 months

3
3
0 0

[PATCH] arm64: dts: marvell: fix CP110 ICU node size

by Miquel Raynal

commit 2f872ddcdb1e8e2186162616cea4581b8403849d upstream. ICU size in CP110 is not 0x10 but at least 0x440 bytes long (from the specification). Fixes: 6ef84a827c37 ("arm64: dts: marvell: enable GICP and ICU on Armada 7K/8K") Cc: stable(a)vger.kernel.org # 4.14.x Signed-off-by: Miquel Raynal <miquel.raynal(a)bootlin.com> Reviewed-by: Thomas Petazzoni <thomas.petazzoni(a)bootlin.com> Signed-off-by: Gregory CLEMENT <gregory.clement(a)bootlin.com> --- Backport to 4.14 stable tree: the original patch did not applied because of the effort of DT de-duplication that merged two files in one. arch/arm64/boot/dts/marvell/armada-cp110-master.dtsi | 2 +- arch/arm64/boot/dts/marvell/armada-cp110-slave.dtsi | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm64/boot/dts/marvell/armada-cp110-master.dtsi b/arch/arm64/boot/dts/marvell/armada-cp110-master.dtsi index 9a7b63cd63a3..7c19f32d0f44 100644 --- a/arch/arm64/boot/dts/marvell/armada-cp110-master.dtsi +++ b/arch/arm64/boot/dts/marvell/armada-cp110-master.dtsi @@ -169,7 +169,7 @@ cpm_icu: interrupt-controller@1e0000 { compatible = "marvell,cp110-icu"; - reg = <0x1e0000 0x10>; + reg = <0x1e0000 0x440>; #interrupt-cells = <3>; interrupt-controller; msi-parent = <&gicp>; diff --git a/arch/arm64/boot/dts/marvell/armada-cp110-slave.dtsi b/arch/arm64/boot/dts/marvell/armada-cp110-slave.dtsi index faf28633a309..150e97a1dfea 100644 --- a/arch/arm64/boot/dts/marvell/armada-cp110-slave.dtsi +++ b/arch/arm64/boot/dts/marvell/armada-cp110-slave.dtsi @@ -169,7 +169,7 @@ cps_icu: interrupt-controller@1e0000 { compatible = "marvell,cp110-icu"; - reg = <0x1e0000 0x10>; + reg = <0x1e0000 0x440>; #interrupt-cells = <3>; interrupt-controller; msi-parent = <&gicp>; -- 2.14.1

7 years, 2 months

2
2
0 0

[PATCH] HID: debug: check length before copy_to_user()

by Daniel Rosenberg

If our length is greater than the size of the buffer, we overflow the buffer Signed-off-by: Daniel Rosenberg <drosen(a)google.com> Cc: stable(a)vger.kernel.org --- drivers/hid/hid-debug.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/hid/hid-debug.c b/drivers/hid/hid-debug.c index 8469b6964ff64..b48100236df89 100644 --- a/drivers/hid/hid-debug.c +++ b/drivers/hid/hid-debug.c @@ -1154,6 +1154,8 @@ static ssize_t hid_debug_events_read(struct file *file, char __user *buffer, goto out; if (list->tail > list->head) { len = list->tail - list->head; + if (len > count) + len = count; if (copy_to_user(buffer + ret, &list->hid_debug_buf[list->head], len)) { ret = -EFAULT; @@ -1163,6 +1165,8 @@ static ssize_t hid_debug_events_read(struct file *file, char __user *buffer, list->head += len; } else { len = HID_DEBUG_BUFSIZE - list->head; + if (len > count) + len = count; if (copy_to_user(buffer, &list->hid_debug_buf[list->head], len)) { ret = -EFAULT; @@ -1170,7 +1174,9 @@ static ssize_t hid_debug_events_read(struct file *file, char __user *buffer, } list->head = 0; ret += len; - goto copy_rest; + count -= len; + if (count > 0) + goto copy_rest; } } -- 2.18.0.399.gad0ab374a1-goog

7 years, 2 months

4
3
0 0

[PATCH v4 3/3] x86/mm: add TLB purge to free pmd/pte page interfaces

by Toshi Kani

ioremap() calls pud_free_pmd_page() / pmd_free_pte_page() when it creates a pud / pmd map. The following preconditions are met at their entry. - All pte entries for a target pud/pmd address range have been cleared. - System-wide TLB purges have been peformed for a target pud/pmd address range. The preconditions assure that there is no stale TLB entry for the range. Speculation may not cache TLB entries since it requires all levels of page entries, including ptes, to have P & A-bits set for an associated address. However, speculation may cache pud/pmd entries (paging-structure caches) when they have P-bit set. Add a system-wide TLB purge (INVLPG) to a single page after clearing pud/pmd entry's P-bit. SDM 4.10.4.1, Operation that Invalidate TLBs and Paging-Structure Caches, states that: INVLPG invalidates all paging-structure caches associated with the current PCID regardless of the liner addresses to which they correspond. Fixes: 28ee90fe6048 ("x86/mm: implement free pmd/pte page interfaces") Signed-off-by: Toshi Kani <toshi.kani(a)hpe.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Joerg Roedel <joro(a)8bytes.org> Cc: <stable(a)vger.kernel.org> --- arch/x86/mm/pgtable.c | 36 ++++++++++++++++++++++++++++++------ 1 file changed, 30 insertions(+), 6 deletions(-) diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index fbd14e506758..e3deefb891da 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -725,24 +725,44 @@ int pmd_clear_huge(pmd_t *pmd) * @pud: Pointer to a PUD. * @addr: Virtual address associated with pud. * - * Context: The pud range has been unmaped and TLB purged. + * Context: The pud range has been unmapped and TLB purged. * Return: 1 if clearing the entry succeeded. 0 otherwise. + * + * NOTE: Callers must allow a single page allocation. */ int pud_free_pmd_page(pud_t *pud, unsigned long addr) { - pmd_t *pmd; + pmd_t *pmd, *pmd_sv; + pte_t *pte; int i; if (pud_none(*pud)) return 1; pmd = (pmd_t *)pud_page_vaddr(*pud); + pmd_sv = (pmd_t *)__get_free_page(GFP_KERNEL); + if (!pmd_sv) + return 0; - for (i = 0; i < PTRS_PER_PMD; i++) - if (!pmd_free_pte_page(&pmd[i], addr + (i * PMD_SIZE))) - return 0; + for (i = 0; i < PTRS_PER_PMD; i++) { + pmd_sv[i] = pmd[i]; + if (!pmd_none(pmd[i])) + pmd_clear(&pmd[i]); + } pud_clear(pud); + + /* INVLPG to clear all paging-structure caches */ + flush_tlb_kernel_range(addr, addr + PAGE_SIZE-1); + + for (i = 0; i < PTRS_PER_PMD; i++) { + if (!pmd_none(pmd_sv[i])) { + pte = (pte_t *)pmd_page_vaddr(pmd_sv[i]); + free_page((unsigned long)pte); + } + } + + free_page((unsigned long)pmd_sv); free_page((unsigned long)pmd); return 1; @@ -753,7 +773,7 @@ int pud_free_pmd_page(pud_t *pud, unsigned long addr) * @pmd: Pointer to a PMD. * @addr: Virtual address associated with pmd. * - * Context: The pmd range has been unmaped and TLB purged. + * Context: The pmd range has been unmapped and TLB purged. * Return: 1 if clearing the entry succeeded. 0 otherwise. */ int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) @@ -765,6 +785,10 @@ int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) pte = (pte_t *)pmd_page_vaddr(*pmd); pmd_clear(pmd); + + /* INVLPG to clear all paging-structure caches */ + flush_tlb_kernel_range(addr, addr + PAGE_SIZE-1); + free_page((unsigned long)pte); return 1;

7 years, 2 months

2
1
0 0

[PATCH v4 1/3] x86/mm: disable ioremap free page handling on x86-PAE

by Toshi Kani

ioremap() supports pmd mappings on x86-PAE. However, kernel's pmd tables are not shared among processes on x86-PAE. Therefore, any update to sync'd pmd entries need re-syncing. Freeing a pte page also leads to a vmalloc fault and hits the BUG_ON in vmalloc_sync_one(). Disable free page handling on x86-PAE. pud_free_pmd_page() and pmd_free_pte_page() simply return 0 if a given pud/pmd entry is present. This assures that ioremap() does not update sync'd pmd entries at the cost of falling back to pte mappings. Fixes: 28ee90fe6048 ("x86/mm: implement free pmd/pte page interfaces") Reported-by: Joerg Roedel <joro(a)8bytes.org> Signed-off-by: Toshi Kani <toshi.kani(a)hpe.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Joerg Roedel <joro(a)8bytes.org> Cc: <stable(a)vger.kernel.org> --- arch/x86/mm/pgtable.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index 47b5951e592b..1aeb7a5dbce5 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -719,6 +719,7 @@ int pmd_clear_huge(pmd_t *pmd) return 0; } +#ifdef CONFIG_X86_64 /** * pud_free_pmd_page - Clear pud entry and free pmd page. * @pud: Pointer to a PUD. @@ -766,4 +767,22 @@ int pmd_free_pte_page(pmd_t *pmd) return 1; } + +#else /* !CONFIG_X86_64 */ + +int pud_free_pmd_page(pud_t *pud) +{ + return pud_none(*pud); +} + +/* + * Disable free page handling on x86-PAE. This assures that ioremap() + * does not update sync'd pmd entries. See vmalloc_sync_one(). + */ +int pmd_free_pte_page(pmd_t *pmd) +{ + return pmd_none(*pmd); +} + +#endif /* CONFIG_X86_64 */ #endif /* CONFIG_HAVE_ARCH_HUGE_VMAP */

7 years, 2 months

2
1
0 0

[PATCH] cifs: Fix memory leak in smb2_set_ea()

by Paulo Alcantara

This patch fixes a memory leak when doing a setxattr(2) in SMB2+. Signed-off-by: Paulo Alcantara <palcantara(a)suse.de> Cc: stable(a)vger.kernel.org --- fs/cifs/smb2ops.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c index 0356b5559c71..957ea2a5cf1d 100644 --- a/fs/cifs/smb2ops.c +++ b/fs/cifs/smb2ops.c @@ -855,6 +855,8 @@ smb2_set_ea(const unsigned int xid, struct cifs_tcon *tcon, rc = SMB2_set_ea(xid, tcon, fid.persistent_fid, fid.volatile_fid, ea, len); + kfree(ea); + SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid); return rc; -- 2.18.0

7 years, 2 months

1
0
0 0

[PATCH 1/4] USB: serial: keyspan_pda: fix modem-status error handling

by Johan Hovold

Fix broken modem-status error handling which could lead to bits of slab data leaking to user space. Fixes: 3b36a8fd6777 ("usb: fix uninitialized variable warning in keyspan_pda") Cc: stable <stable(a)vger.kernel.org> # 2.6.27 Cc: Benny Halevy <bhalevy(a)panasas.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/keyspan_pda.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/usb/serial/keyspan_pda.c b/drivers/usb/serial/keyspan_pda.c index 5169624d8b11..38d43c4b7ce5 100644 --- a/drivers/usb/serial/keyspan_pda.c +++ b/drivers/usb/serial/keyspan_pda.c @@ -369,8 +369,10 @@ static int keyspan_pda_get_modem_info(struct usb_serial *serial, 3, /* get pins */ USB_TYPE_VENDOR|USB_RECIP_INTERFACE|USB_DIR_IN, 0, 0, data, 1, 2000); - if (rc >= 0) + if (rc == 1) *value = *data; + else if (rc >= 0) + rc = -EIO; kfree(data); return rc; -- 2.18.0

7 years, 2 months

1
1
0 0

[PATCH v3] block: don't use blocking queue entered for recursive bio submits

by Alexandru Moise

From: Jens Axboe <axboe(a)kernel.dk> commit cd4a4ae4683dc2e09380118e205e057896dcda2b upstream If we end up splitting a bio and the queue goes away between the initial submission and the later split submission, then we can block forever in blk_queue_enter() waiting for the reference to drop to zero. This will never happen, since we already hold a reference. Mark a split bio as already having entered the queue, so we can just use the live non-blocking queue enter variant. Thanks to Tetsuo Handa for the analysis. We're running fio tests and the tasks get stuck in a D state forever when systemd-udevd tries to read the partition table. This patch solves it. Please apply to 4.17 stable. Reported-by: syzbot+c4f9cebf9d651f6e54de(a)syzkaller.appspotmail.com Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Alexandru Moise <00moses.alexander00(a)gmail.com> --- v2: Fixed "From:" v3: Added "From: Jens Axboe" above commit sha block/blk-core.c | 4 +++- block/blk-merge.c | 10 ++++++++++ include/linux/blk_types.h | 2 ++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/block/blk-core.c b/block/blk-core.c index b559b9d4f1a2..47ab2d9d02d9 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -2392,7 +2392,9 @@ blk_qc_t generic_make_request(struct bio *bio) if (bio->bi_opf & REQ_NOWAIT) flags = BLK_MQ_REQ_NOWAIT; - if (blk_queue_enter(q, flags) < 0) { + if (bio_flagged(bio, BIO_QUEUE_ENTERED)) + blk_queue_enter_live(q); + else if (blk_queue_enter(q, flags) < 0) { if (!blk_queue_dying(q) && (bio->bi_opf & REQ_NOWAIT)) bio_wouldblock_error(bio); else diff --git a/block/blk-merge.c b/block/blk-merge.c index 782940c65d8a..481dc02668f9 100644 --- a/block/blk-merge.c +++ b/block/blk-merge.c @@ -210,6 +210,16 @@ void blk_queue_split(struct request_queue *q, struct bio **bio) /* there isn't chance to merge the splitted bio */ split->bi_opf |= REQ_NOMERGE; + /* + * Since we're recursing into make_request here, ensure + * that we mark this bio as already having entered the queue. + * If not, and the queue is going away, we can get stuck + * forever on waiting for the queue reference to drop. But + * that will never happen, as we're already holding a + * reference to it. + */ + bio_set_flag(*bio, BIO_QUEUE_ENTERED); + bio_chain(split, *bio); trace_block_split(q, split, (*bio)->bi_iter.bi_sector); generic_make_request(*bio); diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h index 17b18b91ebac..1602bf4ab4cd 100644 --- a/include/linux/blk_types.h +++ b/include/linux/blk_types.h @@ -186,6 +186,8 @@ struct bio { * throttling rules. Don't do it again. */ #define BIO_TRACE_COMPLETION 10 /* bio_endio() should trace the final completion * of this bio. */ +#define BIO_QUEUE_ENTERED 11 /* can use blk_queue_enter_live() */ + /* See BVEC_POOL_OFFSET below before adding new flags */ /* -- 2.18.0

7 years, 2 months

2
1
0 0

[PATCH v2] ARM: dts: armada-38x: use the new thermal binding

by Baruch Siach

Commit 2f28e4c24b10e (thermal: armada: Clarify control registers accesses) introduced the new thermal binding. The new binding extends the second registers field size to 8. Switch to the new binding to fix thermal reading values. Without this change the fix for errata #132698 introduced in commit 8c0b888f661 (thermal: armada: Change sensors trim default value) has no effect. Cc: stable(a)vger.kernel.org # v4.16+ Reviewed-by: Miquel Raynal <miquel.raynal(a)bootlin.com> Signed-off-by: Baruch Siach <baruch(a)tkos.co.il> --- v2: * Typo fixes (Andreas Färber) * Add Miquel's review tag * Minor wording changes * Cc stable --- arch/arm/boot/dts/armada-38x.dtsi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/boot/dts/armada-38x.dtsi b/arch/arm/boot/dts/armada-38x.dtsi index 18edc9bc7927..929459c42760 100644 --- a/arch/arm/boot/dts/armada-38x.dtsi +++ b/arch/arm/boot/dts/armada-38x.dtsi @@ -547,7 +547,7 @@ thermal: thermal@e8078 { compatible = "marvell,armada380-thermal"; - reg = <0xe4078 0x4>, <0xe4074 0x4>; + reg = <0xe4078 0x4>, <0xe4070 0x8>; status = "okay"; }; -- 2.18.0

7 years, 2 months

2
1
0 0

[PATCH v2] block: don't use blocking queue entered for recursive bio submits

by Alexandru Moise

commit cd4a4ae4683dc2e09380118e205e057896dcda2b upstream. If we end up splitting a bio and the queue goes away between the initial submission and the later split submission, then we can block forever in blk_queue_enter() waiting for the reference to drop to zero. This will never happen, since we already hold a reference. Mark a split bio as already having entered the queue, so we can just use the live non-blocking queue enter variant. Thanks to Tetsuo Handa for the analysis. We're running fio tests and the tasks get stuck in a D state forever when systemd-udevd tries to read the partition table. This patch solves it. Please apply to 4.17 stable. Reported-by: syzbot+c4f9cebf9d651f6e54de(a)syzkaller.appspotmail.com Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Alexandru Moise <00moses.alexander00(a)gmail.com> --- v2: Changed "From:" The email sent as being from Jens instead of me, sorry again Jens. block/blk-core.c | 4 +++- block/blk-merge.c | 10 ++++++++++ include/linux/blk_types.h | 2 ++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/block/blk-core.c b/block/blk-core.c index b559b9d4f1a2..47ab2d9d02d9 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -2392,7 +2392,9 @@ blk_qc_t generic_make_request(struct bio *bio) if (bio->bi_opf & REQ_NOWAIT) flags = BLK_MQ_REQ_NOWAIT; - if (blk_queue_enter(q, flags) < 0) { + if (bio_flagged(bio, BIO_QUEUE_ENTERED)) + blk_queue_enter_live(q); + else if (blk_queue_enter(q, flags) < 0) { if (!blk_queue_dying(q) && (bio->bi_opf & REQ_NOWAIT)) bio_wouldblock_error(bio); else diff --git a/block/blk-merge.c b/block/blk-merge.c index 782940c65d8a..481dc02668f9 100644 --- a/block/blk-merge.c +++ b/block/blk-merge.c @@ -210,6 +210,16 @@ void blk_queue_split(struct request_queue *q, struct bio **bio) /* there isn't chance to merge the splitted bio */ split->bi_opf |= REQ_NOMERGE; + /* + * Since we're recursing into make_request here, ensure + * that we mark this bio as already having entered the queue. + * If not, and the queue is going away, we can get stuck + * forever on waiting for the queue reference to drop. But + * that will never happen, as we're already holding a + * reference to it. + */ + bio_set_flag(*bio, BIO_QUEUE_ENTERED); + bio_chain(split, *bio); trace_block_split(q, split, (*bio)->bi_iter.bi_sector); generic_make_request(*bio); diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h index 17b18b91ebac..1602bf4ab4cd 100644 --- a/include/linux/blk_types.h +++ b/include/linux/blk_types.h @@ -186,6 +186,8 @@ struct bio { * throttling rules. Don't do it again. */ #define BIO_TRACE_COMPLETION 10 /* bio_endio() should trace the final completion * of this bio. */ +#define BIO_QUEUE_ENTERED 11 /* can use blk_queue_enter_live() */ + /* See BVEC_POOL_OFFSET below before adding new flags */ /* -- 2.18.0

7 years, 2 months

3
6
0 0

[PATCH] ubifs: log: Don't leak kernel memory to the MTD

by Richard Weinberger

ubifs_log_start_commit() allocates a buffer with kmalloc(), this buffer is used to build UBIFS CS and REF nodes, all structure attributes get set, except for the padding field in the ubifs_ref_node. That way we leak 28 bytes of kernel memory to the MTD. Fix it by using kzalloc(). Cc: stable(a)vger.kernel.org Fixes: 1e51764a3c2a ("UBIFS: add new flash file system") Signed-off-by: Richard Weinberger <richard(a)nod.at> --- fs/ubifs/log.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ubifs/log.c b/fs/ubifs/log.c index 7cffa120a750..60d49c6dd470 100644 --- a/fs/ubifs/log.c +++ b/fs/ubifs/log.c @@ -369,7 +369,7 @@ int ubifs_log_start_commit(struct ubifs_info *c, int *ltail_lnum) max_len = UBIFS_CS_NODE_SZ + c->jhead_cnt * UBIFS_REF_NODE_SZ; max_len = ALIGN(max_len, c->min_io_size); - buf = cs = kmalloc(max_len, GFP_NOFS); + buf = cs = kzalloc(max_len, GFP_NOFS); if (!buf) return -ENOMEM; -- 2.18.0

7 years, 2 months

1
0
0 0

[PATCH 2/4] rtc: omap: fix resource leak in registration error path

by Johan Hovold

Make sure to deregister the pin controller in case rtc registration fails. Fixes: 57072758623f ("rtc: omap: switch to rtc_register_device") Cc: stable <stable(a)vger.kernel.org> # 4.14 Cc: Alexandre Belloni <alexandre.belloni(a)free-electrons.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/rtc/rtc-omap.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/rtc/rtc-omap.c b/drivers/rtc/rtc-omap.c index c214b69a8787..6a7b804c3074 100644 --- a/drivers/rtc/rtc-omap.c +++ b/drivers/rtc/rtc-omap.c @@ -873,7 +873,7 @@ static int omap_rtc_probe(struct platform_device *pdev) ret = rtc_register_device(rtc->rtc); if (ret) - goto err; + goto err_deregister_pinctrl; rtc_nvmem_register(rtc->rtc, &omap_rtc_nvmem_config); @@ -886,6 +886,8 @@ static int omap_rtc_probe(struct platform_device *pdev) return 0; +err_deregister_pinctrl: + pinctrl_unregister(rtc->pctldev); err: clk_disable_unprepare(rtc->clk); device_init_wakeup(&pdev->dev, false); -- 2.18.0

7 years, 2 months

1
0
0 0

Offerte

by Firma

Sehr geehrte Damen und Herren, ich habe bemerkt, dass Sie Ihr Angebot zum größten Teil an Firmen richten und deswegen möchte ich Ihnen ein Produkt anbieten, welches zur Erhöhung der Anzahl Ihrer Kunden erheblich beitragen wird. Die Datenbanken der Firmen sind in für Sie interessante und relevante Zielgruppen untergliedert. Der neue Katalog enthält 187.764 schweizerische Firmen und stellt solche Daten zur Verfügung wie: Namen der Firma, Firmenanschrift, Kontaktdaten des Firmeninhabers oder des Managers, E-Mail-Adresse, Telefonummer, Faxnummer, Branche usw. http://www.topadressen-ch.net/?page=catalog *** 1. Schweiz 2018 ( 187 764 ) - 149 EUR ( bis zum 04.07.2018 ) *** Die Verwendungsmöglichkeiten der Datenbanken sind praktisch unbegrenzt und Sie können durch Verwendung der von uns entwickelten Programme des personalisierten Versendens von Angeboten u.ä. mittels E-mailing bzw. Fax effektive und sichere Werbekampagnen damit durchführen. Bitte informieren Sie sich über die weiteren Details einmal unverbindlich auf unseren Webseite: http://www.topadressen-ch.net/?page=catalog MfG GL-Team

7 years, 2 months

1
0
0 0

[PATCH] drm/amdgpu: Reserve fence slots for command submission

by Junwei Zhang

From: Michel Dänzer <michel.daenzer(a)amd.com> Without this, there could not be enough slots, which could trigger the BUG_ON in reservation_object_add_shared_fence. v2: * Jump to the error label instead of returning directly (Jerry Zhang) v3: * Reserve slots for command submission after VM updates (Christian König) Cc: stable(a)vger.kernel.org Bugzilla: https://bugs.freedesktop.org/106418 Reported-by: mikhail.v.gavrilov(a)gmail.com Signed-off-by: Michel Dänzer <michel.daenzer(a)amd.com> Signed-off-by: Junwei Zhang <Jerry.Zhang(a)amd.com> --- drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c index 7a625f3..1bc0281 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c @@ -928,6 +928,10 @@ static int amdgpu_cs_ib_vm_chunk(struct amdgpu_device *adev, r = amdgpu_bo_vm_update_pte(p); if (r) return r; + + r = reservation_object_reserve_shared(vm->root.base.bo->tbo.resv); + if (r) + return r; } return amdgpu_cs_sync_rings(p); -- 1.9.1

7 years, 2 months

3
2
0 0

v4.14.53 build: 0 failures 0 warnings (v4.14.53)

by Build bot for Mark Brown

Tree/Branch: v4.14.53 Git describe: v4.14.53 Commit: fa745a1bd9 Linux 4.14.53 Build Time: 98 min 43 sec Passed: 11 / 11 (100.00 %) Failed: 0 / 11 ( 0.00 %) Errors: 0 Warnings: 0 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): ------------------------------------------------------------------------------- =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm64-allmodconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm64-defconfig close failed in file object destructor: sys.excepthook is missing lost sys.stderr

7 years, 2 months

1
0
0 0

v3.18.114 build: 0 failures 1 warnings (v3.18.114)

by Build bot for Mark Brown

Tree/Branch: v3.18.114 Git describe: v3.18.114 Commit: e903eb4a70 Linux 3.18.114 Build Time: 45 min 20 sec Passed: 10 / 10 (100.00 %) Failed: 0 / 10 ( 0.00 %) Errors: 0 Warnings: 1 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 7 warnings 0 mismatches : x86_64-allmodconfig 2 warnings 0 mismatches : x86_64-defconfig ------------------------------------------------------------------------------- Warnings Summary: 1 9 ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 7 warnings, 0 section mismatches Warnings: ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ------------------------------------------------------------------------------- x86_64-defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm64-allmodconfig arm-multi_v5_defconfig arm-multi_v7_defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm64-defconfig

7 years, 2 months

1
0
0 0

[patch 5/5] mm: teach dump_page() to correctly output poisoned struct pages

by akpm＠linux-foundation.org

From: Pavel Tatashin <pasha.tatashin(a)oracle.com> Subject: mm: teach dump_page() to correctly output poisoned struct pages If struct page is poisoned, and uninitialized access is detected via PF_POISONED_CHECK(page) dump_page() is called to output the page. But, the dump_page() itself accesses struct page to determine how to print it, and therefore gets into a recursive loop. For example: dump_page() __dump_page() PageSlab(page) PF_POISONED_CHECK(page) VM_BUG_ON_PGFLAGS(PagePoisoned(page), page) dump_page() recursion loop. Link: http://lkml.kernel.org/r/20180702180536.2552-1-pasha.tatashin@oracle.com Fixes: f165b378bbdf ("mm: uninitialized struct page poisoning sanity checking") Signed-off-by: Pavel Tatashin <pasha.tatashin(a)oracle.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/debug.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff -puN mm/debug.c~mm-teach-dump_page-to-correctly-output-poisoned-struct-pages mm/debug.c --- a/mm/debug.c~mm-teach-dump_page-to-correctly-output-poisoned-struct-pages +++ a/mm/debug.c @@ -43,12 +43,25 @@ const struct trace_print_flags vmaflag_n void __dump_page(struct page *page, const char *reason) { + bool page_poisoned = PagePoisoned(page); + int mapcount; + + /* + * If struct page is poisoned don't access Page*() functions as that + * leads to recursive loop. Page*() check for poisoned pages, and calls + * dump_page() when detected. + */ + if (page_poisoned) { + pr_emerg("page:%px is uninitialized and poisoned", page); + goto hex_only; + } + /* * Avoid VM_BUG_ON() in page_mapcount(). * page->_mapcount space in struct page is used by sl[aou]b pages to * encode own info. */ - int mapcount = PageSlab(page) ? 0 : page_mapcount(page); + mapcount = PageSlab(page) ? 0 : page_mapcount(page); pr_emerg("page:%px count:%d mapcount:%d mapping:%px index:%#lx", page, page_ref_count(page), mapcount, @@ -60,6 +73,7 @@ void __dump_page(struct page *page, cons pr_emerg("flags: %#lx(%pGp)\n", page->flags, &page->flags); +hex_only: print_hex_dump(KERN_ALERT, "raw: ", DUMP_PREFIX_NONE, 32, sizeof(unsigned long), page, sizeof(struct page), false); @@ -68,7 +82,7 @@ void __dump_page(struct page *page, cons pr_alert("page dumped because: %s\n", reason); #ifdef CONFIG_MEMCG - if (page->mem_cgroup) + if (!page_poisoned && page->mem_cgroup) pr_alert("page->mem_cgroup:%px\n", page->mem_cgroup); #endif } _

7 years, 2 months

1
0
0 0

[patch 2/5] mm: hugetlb: yield when prepping struct pages

by akpm＠linux-foundation.org

From: Cannon Matthews <cannonmatthews(a)google.com> Subject: mm: hugetlb: yield when prepping struct pages When booting with very large numbers of gigantic (i.e. 1G) pages, the operations in the loop of gather_bootmem_prealloc, and specifically prep_compound_gigantic_page, takes a very long time, and can cause a softlockup if enough pages are requested at boot. For example booting with 3844 1G pages requires prepping (set_compound_head, init the count) over 1 billion 4K tail pages, which takes considerable time. Add a cond_resched() to the outer loop in gather_bootmem_prealloc() to prevent this lockup. Tested: Booted with softlockup_panic=1 hugepagesz=1G hugepages=3844 and no softlockup is reported, and the hugepages are reported as successfully setup. Link: http://lkml.kernel.org/r/20180627214447.260804-1-cannonmatthews@google.com Signed-off-by: Cannon Matthews <cannonmatthews(a)google.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: Andres Lagar-Cavilla <andreslc(a)google.com> Cc: Peter Feiner <pfeiner(a)google.com> Cc: Greg Thelen <gthelen(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/hugetlb.c | 1 + 1 file changed, 1 insertion(+) diff -puN mm/hugetlb.c~mm-hugetlb-yield-when-prepping-struct-pages mm/hugetlb.c --- a/mm/hugetlb.c~mm-hugetlb-yield-when-prepping-struct-pages +++ a/mm/hugetlb.c @@ -2163,6 +2163,7 @@ static void __init gather_bootmem_preall */ if (hstate_is_gigantic(h)) adjust_managed_page_count(page, 1 << h->order); + cond_resched(); } } _

7 years, 2 months

1
0
0 0

[patch 1/5] userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access

by akpm＠linux-foundation.org

From: Janosch Frank <frankja(a)linux.ibm.com> Subject: userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access Use huge_ptep_get() to translate huge ptes to normal ptes so we can check them with the huge_pte_* functions. Otherwise some architectures will check the wrong values and will not wait for userspace to bring in the memory. Link: http://lkml.kernel.org/r/20180626132421.78084-1-frankja@linux.ibm.com Fixes: 369cd2121be4 ("userfaultfd: hugetlbfs: userfaultfd_huge_must_wait for hugepmd ranges") Signed-off-by: Janosch Frank <frankja(a)linux.ibm.com> Reviewed-by: David Hildenbrand <david(a)redhat.com> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/userfaultfd.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff -puN fs/userfaultfd.c~userfaultfd-hugetlbfs-fix-userfaultfd_huge_must_wait-pte-access fs/userfaultfd.c --- a/fs/userfaultfd.c~userfaultfd-hugetlbfs-fix-userfaultfd_huge_must_wait-pte-access +++ a/fs/userfaultfd.c @@ -222,24 +222,26 @@ static inline bool userfaultfd_huge_must unsigned long reason) { struct mm_struct *mm = ctx->mm; - pte_t *pte; + pte_t *ptep, pte; bool ret = true; VM_BUG_ON(!rwsem_is_locked(&mm->mmap_sem)); - pte = huge_pte_offset(mm, address, vma_mmu_pagesize(vma)); - if (!pte) + ptep = huge_pte_offset(mm, address, vma_mmu_pagesize(vma)); + + if (!ptep) goto out; ret = false; + pte = huge_ptep_get(ptep); /* * Lockless access: we're in a wait_event so it's ok if it * changes under us. */ - if (huge_pte_none(*pte)) + if (huge_pte_none(pte)) ret = true; - if (!huge_pte_write(*pte) && (reason & VM_UFFD_WP)) + if (!huge_pte_write(pte) && (reason & VM_UFFD_WP)) ret = true; out: return ret; _

7 years, 2 months

1
0
0 0

+ mm-fix-locked-field-in-proc-pid-smaps.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: fs/proc/task_mmu.c: fix Locked field in /proc/pid/smaps* has been added to the -mm tree. Its filename is mm-fix-locked-field-in-proc-pid-smaps.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-fix-locked-field-in-proc-pid-sm… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-fix-locked-field-in-proc-pid-sm… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Vlastimil Babka <vbabka(a)suse.cz> Subject: fs/proc/task_mmu.c: fix Locked field in /proc/pid/smaps* Thomas reports: : While looking around in /proc on my v4.14.52 system I noticed that : all processes got a lot of "Locked" memory in /proc/*/smaps. A lot : more memory than a regular user can usually lock with mlock(). : : commit 493b0e9d945fa9dfe96be93ae41b4ca4b6fdb317 (v4.14-rc1) seems : to have changed the behavior of "Locked". : : Before that commit the code was like this. Notice the VM_LOCKED : check. : : (vma->vm_flags & VM_LOCKED) ? : (unsigned long)(mss.pss >> (10 + PSS_SHIFT)) : 0); : : After that commit Locked is now the same as Pss. This looks like a : mistake. : : (unsigned long)(mss->pss >> (10 + PSS_SHIFT))); Indeed, the commit has added mss->pss_locked with the correct value that depends on VM_LOCKED, but forgot to actually use it. Fix it. Link: http://lkml.kernel.org/r/ebf6c7fb-fec3-6a26-544f-710ed193c154@suse.cz Fixes: 493b0e9d945f ("mm: add /proc/pid/smaps_rollup") Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Reported-by: Thomas Lindroth <thomas.lindroth(a)gmail.com> Cc: Alexey Dobriyan <adobriyan(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/proc/task_mmu.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff -puN fs/proc/task_mmu.c~mm-fix-locked-field-in-proc-pid-smaps fs/proc/task_mmu.c --- a/fs/proc/task_mmu.c~mm-fix-locked-field-in-proc-pid-smaps +++ a/fs/proc/task_mmu.c @@ -831,7 +831,8 @@ static int show_smap(struct seq_file *m, SEQ_PUT_DEC(" kB\nSwap: ", mss->swap); SEQ_PUT_DEC(" kB\nSwapPss: ", mss->swap_pss >> PSS_SHIFT); - SEQ_PUT_DEC(" kB\nLocked: ", mss->pss >> PSS_SHIFT); + SEQ_PUT_DEC(" kB\nLocked: ", + mss->pss_locked >> PSS_SHIFT); seq_puts(m, " kB\n"); } if (!rollup_mode) { _ Patches currently in -mm which might be from vbabka(a)suse.cz are mm-page_alloc-actually-ignore-mempolicies-for-high-priority-allocations.patch mm-fix-locked-field-in-proc-pid-smaps.patch

7 years, 2 months

1
0
0 0

v4.9.111 build: 0 failures 0 warnings (v4.9.111)

by Build bot for Mark Brown

Tree/Branch: v4.9.111 Git describe: v4.9.111 Commit: e692f66fab Linux 4.9.111 Build Time: 83 min 48 sec Passed: 11 / 11 (100.00 %) Failed: 0 / 11 ( 0.00 %) Errors: 0 Warnings: 0 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): ------------------------------------------------------------------------------- =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm64-allmodconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm64-defconfig close failed in file object destructor: sys.excepthook is missing lost sys.stderr

7 years, 2 months

1
0
0 0

[PATCH 2/2] drm/nouveau: Fix runtime PM leak in nv50_disp_atomic_commit()

by Lyude Paul

A CRTC being enabled doesn't mean it's on! It doesn't even necessarily mean it's being used. This fixes runtime PM leaks on the P50 I've got next to me. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/dispnv50/disp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpu/drm/nouveau/dispnv50/disp.c b/drivers/gpu/drm/nouveau/dispnv50/disp.c index d9da69c83ae7..9bae4db84cfb 100644 --- a/drivers/gpu/drm/nouveau/dispnv50/disp.c +++ b/drivers/gpu/drm/nouveau/dispnv50/disp.c @@ -1878,7 +1878,7 @@ nv50_disp_atomic_commit(struct drm_device *dev, nv50_disp_atomic_commit_tail(state); drm_for_each_crtc(crtc, dev) { - if (crtc->state->enable) { + if (crtc->state->active) { if (!drm->have_disp_power_ref) { drm->have_disp_power_ref = true; return 0; -- 2.17.1

7 years, 2 months

1
0
0 0

[PATCH 1/2] drm/nouveau: Fix runtime PM leak in drm_open()

by Lyude Paul

Noticed this as I was skimming through, if we fail to allocate memory for cli we'll end up returning without dropping the runtime PM ref we got. Additionally, we'll even return the wrong return code! (ret most likely will == 0 here, we want -ENOMEM). Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_drm.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index 0452b18d36b9..0f668e275ee1 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -919,8 +919,10 @@ nouveau_drm_open(struct drm_device *dev, struct drm_file *fpriv) get_task_comm(tmpname, current); snprintf(name, sizeof(name), "%s[%d]", tmpname, pid_nr(fpriv->pid)); - if (!(cli = kzalloc(sizeof(*cli), GFP_KERNEL))) - return ret; + if (!(cli = kzalloc(sizeof(*cli), GFP_KERNEL))) { + ret = -ENOMEM; + goto done; + } ret = nouveau_cli_init(drm, name, cli); if (ret) -- 2.17.1

7 years, 2 months

1
0
0 0

FAILED: patch "[PATCH] f2fs: truncate preallocated blocks in error case" failed to apply to 4.16-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.16-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From dc7a10ddee0c56c6d891dd18de5c4ee9869545e0 Mon Sep 17 00:00:00 2001 From: Jaegeuk Kim <jaegeuk(a)kernel.org> Date: Fri, 30 Mar 2018 17:58:13 -0700 Subject: [PATCH] f2fs: truncate preallocated blocks in error case If write is failed, we must deallocate the blocks that we couldn't write. Cc: stable(a)vger.kernel.org Reviewed-by: Chao Yu <yuchao0(a)huawei.com> Signed-off-by: Jaegeuk Kim <jaegeuk(a)kernel.org> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c index 8068b015ece5..6b94f19b3fa8 100644 --- a/fs/f2fs/file.c +++ b/fs/f2fs/file.c @@ -2911,6 +2911,8 @@ static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from) ret = generic_write_checks(iocb, from); if (ret > 0) { + bool preallocated = false; + size_t target_size = 0; int err; if (iov_iter_fault_in_readable(from, iov_iter_count(from))) @@ -2927,6 +2929,9 @@ static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from) } } else { + preallocated = true; + target_size = iocb->ki_pos + iov_iter_count(from); + err = f2fs_preallocate_blocks(iocb, from); if (err) { clear_inode_flag(inode, FI_NO_PREALLOC); @@ -2939,6 +2944,10 @@ static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from) blk_finish_plug(&plug); clear_inode_flag(inode, FI_NO_PREALLOC); + /* if we couldn't write data, we should deallocate blocks. */ + if (preallocated && i_size_read(inode) < target_size) + f2fs_truncate(inode); + if (ret > 0) f2fs_update_iostat(F2FS_I_SB(inode), APP_WRITE_IO, ret); }

7 years, 2 months

2
1
0 0

[PATCH v3] stop_machine: Disable preemption when waking two stopper threads

by Isaac J. Manjarres

When cpu_stop_queue_two_works() begins to wake the stopper threads, it does so without preemption disabled, which leads to the following race condition: The source CPU calls cpu_stop_queue_two_works(), with cpu1 as the source CPU, and cpu2 as the destination CPU. When adding the stopper threads to the wake queue used in this function, the source CPU stopper thread is added first, and the destination CPU stopper thread is added last. When wake_up_q() is invoked to wake the stopper threads, the threads are woken up in the order that they are queued in, so the source CPU's stopper thread is woken up first, and it preempts the thread running on the source CPU. The stopper thread will then execute on the source CPU, disable preemption, and begin executing multi_cpu_stop(), and wait for an ack from the destination CPU's stopper thread, with preemption still disabled. Since the worker thread that woke up the stopper thread on the source CPU is affine to the source CPU, and preemption is disabled on the source CPU, that thread will never run to dequeue the destination CPU's stopper thread from the wake queue, and thus, the destination CPU's stopper thread will never run, causing the source CPU's stopper thread to wait forever, and stall. Disable preemption when waking the stopper threads in cpu_stop_queue_two_works(). Fixes: 0b26351b910f ("stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock") Co-Developed-by: Prasad Sodagudi <psodagud(a)codeaurora.org> Co-Developed-by: Pavankumar Kondeti <pkondeti(a)codeaurora.org> Signed-off-by: Isaac J. Manjarres <isaacm(a)codeaurora.org> Signed-off-by: Prasad Sodagudi <psodagud(a)codeaurora.org> Signed-off-by: Pavankumar Kondeti <pkondeti(a)codeaurora.org> Cc: stable(a)vger.kernel.org --- kernel/stop_machine.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/kernel/stop_machine.c b/kernel/stop_machine.c index f89014a..1ff523d 100644 --- a/kernel/stop_machine.c +++ b/kernel/stop_machine.c @@ -270,7 +270,11 @@ static int cpu_stop_queue_two_works(int cpu1, struct cpu_stop_work *work1, goto retry; } - wake_up_q(&wakeq); + if (!err) { + preempt_disable(); + wake_up_q(&wakeq); + preempt_enable(); + } return err; } -- The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum, a Linux Foundation Collaborative Project

7 years, 2 months

1
0
0 0

[v4.17-stable 0/5] Fix DM DAX handling

by Ross Zwisler

This is a v4.17-stable backport of my "Fix DM DAX handling" series which had backport collisions. Greg, please let me know if I need to adjust anything in my backport formatting. Darrick J. Wong (1): fs: allow per-device dax status checking for filesystems Dave Jiang (1): dax: change bdev_dax_supported() to support boolean returns Ross Zwisler (3): pmem: only set QUEUE_FLAG_DAX for fsdax mode dax: bdev_dax_supported() check for QUEUE_FLAG_DAX dm: prevent DAX mounts if not supported drivers/dax/super.c | 48 ++++++++++++++++++++++++++++-------------------- drivers/md/dm-table.c | 7 ++++--- drivers/md/dm.c | 3 +-- drivers/nvdimm/pmem.c | 3 ++- fs/ext2/super.c | 3 +-- fs/ext4/super.c | 3 +-- fs/xfs/xfs_ioctl.c | 3 ++- fs/xfs/xfs_iops.c | 30 +++++++++++++++++++++++++----- fs/xfs/xfs_super.c | 10 ++++++++-- include/linux/dax.h | 11 ++++++----- 10 files changed, 78 insertions(+), 43 deletions(-) -- 2.14.4

7 years, 2 months

1
6
0 0

[PATCH] block: don't use blocking queue entered for recursive bio submits

by Jens Axboe

commit cd4a4ae4683dc2e09380118e205e057896dcda2b upstream. If we end up splitting a bio and the queue goes away between the initial submission and the later split submission, then we can block forever in blk_queue_enter() waiting for the reference to drop to zero. This will never happen, since we already hold a reference. Mark a split bio as already having entered the queue, so we can just use the live non-blocking queue enter variant. Thanks to Tetsuo Handa for the analysis. We're running fio tests and the tasks get stuck in a D state forever when systemd-udevd tries to read the partition table. This patch solves it. Please apply to 4.17 stable. Reported-by: syzbot+c4f9cebf9d651f6e54de(a)syzkaller.appspotmail.com Signed-off-by: Jens Axboe <axboe(a)kernel.dk> Signed-off-by: Alexandru Moise <00moses.alexander00(a)gmail.com> --- block/blk-core.c | 4 +++- block/blk-merge.c | 10 ++++++++++ include/linux/blk_types.h | 2 ++ 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/block/blk-core.c b/block/blk-core.c index b559b9d4f1a2..47ab2d9d02d9 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -2392,7 +2392,9 @@ blk_qc_t generic_make_request(struct bio *bio) if (bio->bi_opf & REQ_NOWAIT) flags = BLK_MQ_REQ_NOWAIT; - if (blk_queue_enter(q, flags) < 0) { + if (bio_flagged(bio, BIO_QUEUE_ENTERED)) + blk_queue_enter_live(q); + else if (blk_queue_enter(q, flags) < 0) { if (!blk_queue_dying(q) && (bio->bi_opf & REQ_NOWAIT)) bio_wouldblock_error(bio); else diff --git a/block/blk-merge.c b/block/blk-merge.c index 782940c65d8a..481dc02668f9 100644 --- a/block/blk-merge.c +++ b/block/blk-merge.c @@ -210,6 +210,16 @@ void blk_queue_split(struct request_queue *q, struct bio **bio) /* there isn't chance to merge the splitted bio */ split->bi_opf |= REQ_NOMERGE; + /* + * Since we're recursing into make_request here, ensure + * that we mark this bio as already having entered the queue. + * If not, and the queue is going away, we can get stuck + * forever on waiting for the queue reference to drop. But + * that will never happen, as we're already holding a + * reference to it. + */ + bio_set_flag(*bio, BIO_QUEUE_ENTERED); + bio_chain(split, *bio); trace_block_split(q, split, (*bio)->bi_iter.bi_sector); generic_make_request(*bio); diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h index 17b18b91ebac..1602bf4ab4cd 100644 --- a/include/linux/blk_types.h +++ b/include/linux/blk_types.h @@ -186,6 +186,8 @@ struct bio { * throttling rules. Don't do it again. */ #define BIO_TRACE_COMPLETION 10 /* bio_endio() should trace the final completion * of this bio. */ +#define BIO_QUEUE_ENTERED 11 /* can use blk_queue_enter_live() */ + /* See BVEC_POOL_OFFSET below before adding new flags */ /* -- 2.18.0

7 years, 2 months

3
2
0 0

[PATCH] drm/nouveau: Set DRIVER_ATOMIC cap earlier to fix debugfs

by Lyude Paul

Currently nouveau doesn't actually expose the state debugfs file that's usually provided for any modesetting driver that supports atomic, even if nouveau is loaded with atomic=1. This is due to the fact that the standard debugfs files that DRM creates for atomic drivers is called when drm_get_pci_dev() is called from nouveau_drm.c. This happens well before we've initialized the display core, which is currently responsible for setting the DRIVER_ATOMIC cap. So, move the atomic option into nouveau_drm.c and just add the DRIVER_ATOMIC cap whenever it's enabled on the kernel commandline. This shouldn't cause any actual issues, as the atomic ioctl will still fail as expected even if the display core doesn't disable it until later in the init sequence. This also provides the added benefit of being able to use the state debugfs file to check the current display state even if clients aren't allowed to modify it through anything other than the legacy ioctls. Additionally, disable the DRIVER_ATOMIC cap in nv04's display core, as this was already disabled there previously. Signed-off-by: Lyude Paul <lyude(a)redhat.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/dispnv04/disp.c | 3 +++ drivers/gpu/drm/nouveau/dispnv50/disp.c | 6 ------ drivers/gpu/drm/nouveau/nouveau_drm.c | 7 +++++++ 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/drivers/gpu/drm/nouveau/dispnv04/disp.c b/drivers/gpu/drm/nouveau/dispnv04/disp.c index 501d2d290e9c..70dce544984e 100644 --- a/drivers/gpu/drm/nouveau/dispnv04/disp.c +++ b/drivers/gpu/drm/nouveau/dispnv04/disp.c @@ -55,6 +55,9 @@ nv04_display_create(struct drm_device *dev) nouveau_display(dev)->init = nv04_display_init; nouveau_display(dev)->fini = nv04_display_fini; + /* Pre-nv50 doesn't support atomic, so don't expose the ioctls */ + dev->driver->driver_features &= ~DRIVER_ATOMIC; + nouveau_hw_save_vga_fonts(dev, 1); nv04_crtc_create(dev, 0); diff --git a/drivers/gpu/drm/nouveau/dispnv50/disp.c b/drivers/gpu/drm/nouveau/dispnv50/disp.c index 9382e99a0bc7..d9da69c83ae7 100644 --- a/drivers/gpu/drm/nouveau/dispnv50/disp.c +++ b/drivers/gpu/drm/nouveau/dispnv50/disp.c @@ -2126,10 +2126,6 @@ nv50_display_destroy(struct drm_device *dev) kfree(disp); } -MODULE_PARM_DESC(atomic, "Expose atomic ioctl (default: disabled)"); -static int nouveau_atomic = 0; -module_param_named(atomic, nouveau_atomic, int, 0400); - int nv50_display_create(struct drm_device *dev) { @@ -2154,8 +2150,6 @@ nv50_display_create(struct drm_device *dev) disp->disp = &nouveau_display(dev)->disp; dev->mode_config.funcs = &nv50_disp_func; dev->driver->driver_features |= DRIVER_PREFER_XBGR_30BPP; - if (nouveau_atomic) - dev->driver->driver_features |= DRIVER_ATOMIC; /* small shared memory area we use for notifiers and semaphores */ ret = nouveau_bo_new(&drm->client, 4096, 0x1000, TTM_PL_FLAG_VRAM, diff --git a/drivers/gpu/drm/nouveau/nouveau_drm.c b/drivers/gpu/drm/nouveau/nouveau_drm.c index 775443c9af94..0452b18d36b9 100644 --- a/drivers/gpu/drm/nouveau/nouveau_drm.c +++ b/drivers/gpu/drm/nouveau/nouveau_drm.c @@ -81,6 +81,10 @@ MODULE_PARM_DESC(modeset, "enable driver (default: auto, " int nouveau_modeset = -1; module_param_named(modeset, nouveau_modeset, int, 0400); +MODULE_PARM_DESC(atomic, "Expose atomic ioctl (default: disabled)"); +static int nouveau_atomic = 0; +module_param_named(atomic, nouveau_atomic, int, 0400); + MODULE_PARM_DESC(runpm, "disable (0), force enable (1), optimus only default (-1)"); static int nouveau_runtime_pm = -1; module_param_named(runpm, nouveau_runtime_pm, int, 0400); @@ -509,6 +513,9 @@ static int nouveau_drm_probe(struct pci_dev *pdev, pci_set_master(pdev); + if (nouveau_atomic) + driver_pci.driver_features |= DRIVER_ATOMIC; + ret = drm_get_pci_dev(pdev, pent, &driver_pci); if (ret) { nvkm_device_del(&device); -- 2.17.1

7 years, 2 months

1
0
0 0

[PATCH] ib_srpt: Fix a use-after-free in __srpt_close_all_ch()

by Bart Van Assche

BUG: KASAN: use-after-free in srpt_set_enabled+0x1a9/0x1e0 [ib_srpt] Read of size 4 at addr ffff8801269d23f8 by task check/29726 CPU: 4 PID: 29726 Comm: check Not tainted 4.18.0-rc2-dbg+ #4 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 Call Trace: dump_stack+0xa4/0xf5 print_address_description+0x6f/0x270 kasan_report+0x241/0x360 __asan_load4+0x78/0x80 srpt_set_enabled+0x1a9/0x1e0 [ib_srpt] srpt_tpg_enable_store+0xb8/0x120 [ib_srpt] configfs_write_file+0x14e/0x1d0 [configfs] __vfs_write+0xd2/0x3b0 vfs_write+0x101/0x270 ksys_write+0xab/0x120 __x64_sys_write+0x43/0x50 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f235cfe6154 Fixes: aaf45bd83eba ("IB/srpt: Detect session shutdown reliably") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: <stable(a)vger.kernel.org> --- drivers/infiniband/ulp/srpt/ib_srpt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/infiniband/ulp/srpt/ib_srpt.c b/drivers/infiniband/ulp/srpt/ib_srpt.c index 36d9fab7c998..3acb0c16b7ac 100644 --- a/drivers/infiniband/ulp/srpt/ib_srpt.c +++ b/drivers/infiniband/ulp/srpt/ib_srpt.c @@ -1941,8 +1941,8 @@ static void __srpt_close_all_ch(struct srpt_port *sport) list_for_each_entry(nexus, &sport->nexus_list, entry) { list_for_each_entry(ch, &nexus->ch_list, list) { if (srpt_disconnect_ch(ch) >= 0) - pr_info("Closing channel %s-%d because target %s_%d has been disabled\n", - ch->sess_name, ch->qp->qp_num, + pr_info("Closing channel %s because target %s_%d has been disabled\n", + ch->sess_name, sport->sdev->device->name, sport->port); srpt_close_ch(ch); } -- 2.18.0

7 years, 2 months

2
1
0 0

[PATCH] ib_srpt: Fix a use-after-free in srpt_close_ch()

by Bart Van Assche

Avoid that KASAN reports the following: BUG: KASAN: use-after-free in srpt_close_ch+0x4f/0x1b0 [ib_srpt] Read of size 4 at addr ffff880151180cb8 by task check/4681 CPU: 15 PID: 4681 Comm: check Not tainted 4.18.0-rc2-dbg+ #4 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 Call Trace: dump_stack+0xa4/0xf5 print_address_description+0x6f/0x270 kasan_report+0x241/0x360 __asan_load4+0x78/0x80 srpt_close_ch+0x4f/0x1b0 [ib_srpt] srpt_set_enabled+0xf7/0x1e0 [ib_srpt] srpt_tpg_enable_store+0xb8/0x120 [ib_srpt] configfs_write_file+0x14e/0x1d0 [configfs] __vfs_write+0xd2/0x3b0 vfs_write+0x101/0x270 ksys_write+0xab/0x120 __x64_sys_write+0x43/0x50 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe Fixes: aaf45bd83eba ("IB/srpt: Detect session shutdown reliably") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: <stable(a)vger.kernel.org> --- drivers/infiniband/ulp/srpt/ib_srpt.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/infiniband/ulp/srpt/ib_srpt.c b/drivers/infiniband/ulp/srpt/ib_srpt.c index 3acb0c16b7ac..e42eec20c631 100644 --- a/drivers/infiniband/ulp/srpt/ib_srpt.c +++ b/drivers/infiniband/ulp/srpt/ib_srpt.c @@ -1834,8 +1834,7 @@ static bool srpt_close_ch(struct srpt_rdma_ch *ch) int ret; if (!srpt_set_ch_state(ch, CH_DRAINING)) { - pr_debug("%s-%d: already closed\n", ch->sess_name, - ch->qp->qp_num); + pr_debug("%s: already closed\n", ch->sess_name); return false; } -- 2.18.0

7 years, 2 months

2
1
0 0

patch "Drivers: hv: vmbus: Fix the offer_in_progress in" added to char-misc-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled Drivers: hv: vmbus: Fix the offer_in_progress in to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 50229128727f7e11840ca1b2b501f880818d56b6 Mon Sep 17 00:00:00 2001 From: Dexuan Cui <decui(a)microsoft.com> Date: Tue, 5 Jun 2018 13:37:52 -0700 Subject: Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer() I didn't really hit a real bug, but just happened to spot the bug: we have decreased the counter at the beginning of vmbus_process_offer(), so we mustn't decrease it again. Fixes: 6f3d791f3006 ("Drivers: hv: vmbus: Fix rescind handling issues") Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Cc: stable(a)vger.kernel.org Cc: Stephen Hemminger <sthemmin(a)microsoft.com> Cc: K. Y. Srinivasan <kys(a)microsoft.com> Cc: Stable <stable(a)vger.kernel.org> # 4.14 and above Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/hv/channel_mgmt.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/drivers/hv/channel_mgmt.c b/drivers/hv/channel_mgmt.c index ecc2bd275a73..f3b551a50653 100644 --- a/drivers/hv/channel_mgmt.c +++ b/drivers/hv/channel_mgmt.c @@ -527,10 +527,8 @@ static void vmbus_process_offer(struct vmbus_channel *newchannel) struct hv_device *dev = newchannel->primary_channel->device_obj; - if (vmbus_add_channel_kobj(dev, newchannel)) { - atomic_dec(&vmbus_connection.offer_in_progress); + if (vmbus_add_channel_kobj(dev, newchannel)) goto err_free_chan; - } if (channel->sc_creation_callback != NULL) channel->sc_creation_callback(newchannel); -- 2.18.0

7 years, 2 months

1
0
0 0

Linux 3.18.114

by Philip Müller

Hi Greg, for this kernel there are now patches generated on kernel.org homepage. Best, Philip

7 years, 2 months

2
3
0 0

+ mm-do-not-drop-unused-pages-when-userfaultd-is-running.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: do not drop unused pages when userfaultd is running has been added to the -mm tree. Its filename is mm-do-not-drop-unused-pages-when-userfaultd-is-running.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-do-not-drop-unused-pages-when-u… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-do-not-drop-unused-pages-when-u… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Christian Borntraeger <borntraeger(a)de.ibm.com> Subject: mm: do not drop unused pages when userfaultd is running KVM guests on s390 can notify the host of unused pages. This can result in pte_unused callbacks to be true for KVM guest memory. If a page is unused (checked with pte_unused) we might drop this page instead of paging it. This can have side-effects on userfaultd, when the page in question was already migrated: The next access of that page will trigger a fault and a user fault instead of faulting in a new and empty zero page. As QEMU does not expect a userfault on an already migrated page this migration will fail. The most straightforward solution is to ignore the pte_unused hint if a userfault context is active for this VMA. Link: http://lkml.kernel.org/r/20180703171854.63981-1-borntraeger@de.ibm.com Signed-off-by: Christian Borntraeger <borntraeger(a)de.ibm.com> Cc: Martin Schwidefsky <schwidefsky(a)de.ibm.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Cc: Janosch Frank <frankja(a)linux.ibm.com> Cc: David Hildenbrand <david(a)redhat.com> Cc: Cornelia Huck <cohuck(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/rmap.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff -puN mm/rmap.c~mm-do-not-drop-unused-pages-when-userfaultd-is-running mm/rmap.c --- a/mm/rmap.c~mm-do-not-drop-unused-pages-when-userfaultd-is-running +++ a/mm/rmap.c @@ -64,6 +64,7 @@ #include <linux/backing-dev.h> #include <linux/page_idle.h> #include <linux/memremap.h> +#include <linux/userfaultfd_k.h> #include <asm/tlbflush.h> @@ -1481,11 +1482,16 @@ static bool try_to_unmap_one(struct page set_pte_at(mm, address, pvmw.pte, pteval); } - } else if (pte_unused(pteval)) { + } else if (pte_unused(pteval) && !userfaultfd_armed(vma)) { /* * The guest indicated that the page content is of no * interest anymore. Simply discard the pte, vmscan * will take care of the rest. + * A future reference will then fault in a new zero + * page. When userfaultfd is active, we must not drop + * this page though, as its main user (postcopy + * migration) will not expect userfaults on already + * copied pages. */ dec_mm_counter(mm, mm_counter(page)); /* We have to invalidate as we cleared the pte */ _ Patches currently in -mm which might be from borntraeger(a)de.ibm.com are mm-do-not-drop-unused-pages-when-userfaultd-is-running.patch

7 years, 2 months

1
0
0 0

v4.4.139 build: 0 failures 31 warnings (v4.4.139)

by Build bot for Mark Brown

Tree/Branch: v4.4.139 Git describe: v4.4.139 Commit: 16af098616 Linux 4.4.139 Build Time: 63 min 11 sec Passed: 10 / 10 (100.00 %) Failed: 0 / 10 ( 0.00 %) Errors: 0 Warnings: 31 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 19 warnings 0 mismatches : arm64-allmodconfig 17 warnings 0 mismatches : x86_64-allmodconfig ------------------------------------------------------------------------------- Warnings Summary: 31 3 warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) 2 ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] 2 ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 2 ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm64-allmodconfig : PASS, 0 errors, 19 warnings, 0 section mismatches Warnings: warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=] ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 17 warnings, 0 section mismatches Warnings: ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm64-defconfig

7 years, 2 months

1
0
0 0

[PATCH 1/9] dm-integrity: change the variable suspending from bool to int

by Mikulas Patocka

The early alpha processors can't write a byte or short atomically - they read 8 bytes, modify the byte or two bytes in registers and write back 8 bytes. The modification of the variable "suspending" may race with modification of the variable "failed". This patch changes suspending to an int. Signed-off-by: Mikulas Patocka <mpatocka(a)redhat.com> Cc: stable(a)vger.kernel.org --- drivers/md/dm-integrity.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) Index: linux-2.6/drivers/md/dm-integrity.c =================================================================== --- linux-2.6.orig/drivers/md/dm-integrity.c 2018-06-29 23:13:54.990000000 +0200 +++ linux-2.6/drivers/md/dm-integrity.c 2018-06-29 23:13:54.980000000 +0200 @@ -178,7 +178,7 @@ struct dm_integrity_c { __u8 sectors_per_block; unsigned char mode; - bool suspending; + int suspending; int failed; @@ -2214,7 +2214,7 @@ static void dm_integrity_postsuspend(str del_timer_sync(&ic->autocommit_timer); - ic->suspending = true; + WRITE_ONCE(ic->suspending, 1); queue_work(ic->commit_wq, &ic->commit_work); drain_workqueue(ic->commit_wq); @@ -2224,7 +2224,7 @@ static void dm_integrity_postsuspend(str dm_integrity_flush_buffers(ic); } - ic->suspending = false; + WRITE_ONCE(ic->suspending, 0); BUG_ON(!RB_EMPTY_ROOT(&ic->in_progress));

7 years, 2 months

1
0
0 0

linux-4.14.y build: 0 failures 0 warnings (v4.14.52-158-gfa745a1bd983)

by Build bot for Mark Brown

Tree/Branch: linux-4.14.y Git describe: v4.14.52-158-gfa745a1bd983 Commit: fa745a1bd9 Linux 4.14.53 Build Time: 98 min 39 sec Passed: 11 / 11 (100.00 %) Failed: 0 / 11 ( 0.00 %) Errors: 0 Warnings: 0 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): ------------------------------------------------------------------------------- =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm64-allmodconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm64-defconfig close failed in file object destructor: sys.excepthook is missing lost sys.stderr

7 years, 2 months

1
0
0 0

[PATCH 1/4] drm/i915: Fix PIPESTATE irq ack on i965/g4x

by Ville Syrjala

From: Ville Syrjälä <ville.syrjala(a)linux.intel.com> On i965/g4x IIR is edge triggered. So in order for IIR to notice that there is still a pending interrupt we have to force and edge in ISR. For the ISR/IIR pipe event bits we can do that by temporarily clearing all the PIPESTAT enable bits when we ack the status bits. This will force the ISR pipe event bit low, and it can then go back high when we restore the PIPESTAT enable bits. This avoids the following race: 1. stat = read(PIPESTAT) 2. an enabled PIPESTAT status bit goes high 3. write(PIPESTAT, enable|stat); 4. write(IIR, PIPE_EVENT) The end result is IIR==0 and ISR!=0. This can lead to nasty vblank wait/flip_done timeouts if another interrupt source doesn't trick us into looking at the PIPESTAT status bits despite the IIR PIPE_EVENT bit being low. Before i965 IIR was level triggered so this problem can't actually happen there. And curiously VLV/CHV went back to the level triggered scheme as well. But for simplicity we'll use the same i965/g4x compatible code for all platforms. Cc: stable(a)vger.kernel.org Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=106033 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=105225 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=106030 Signed-off-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> --- drivers/gpu/drm/i915/i915_irq.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/i915/i915_irq.c b/drivers/gpu/drm/i915/i915_irq.c index 2fd92a886789..364e1c85315e 100644 --- a/drivers/gpu/drm/i915/i915_irq.c +++ b/drivers/gpu/drm/i915/i915_irq.c @@ -1893,9 +1893,17 @@ static void i9xx_pipestat_irq_ack(struct drm_i915_private *dev_priv, /* * Clear the PIPE*STAT regs before the IIR + * + * Toggle the enable bits to make sure we get an + * edge in the ISR pipe event bit if we don't clear + * all the enabled status bits. Otherwise the edge + * triggered IIR on i965/g4x wouldn't notice that + * an interrupt is still pending. */ - if (pipe_stats[pipe]) - I915_WRITE(reg, enable_mask | pipe_stats[pipe]); + if (pipe_stats[pipe]) { + I915_WRITE(reg, pipe_stats[pipe]); + I915_WRITE(reg, enable_mask); + } } spin_unlock(&dev_priv->irq_lock); } -- 2.16.4

7 years, 2 months

4
9
0 0

Linux 4.17.4

by Greg KH

I'm announcing the release of the 4.17.4 kernel. All users of the 4.17 kernel series must upgrade. The updated 4.17.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.17.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-cxl | 4 Documentation/core-api/printk-formats.rst | 3 Makefile | 2 arch/arm/boot/dts/mt7623.dtsi | 3 arch/arm/boot/dts/mt7623n-bananapi-bpi-r2.dts | 1 arch/arm/boot/dts/mt7623n-rfb.dtsi | 1 arch/arm/boot/dts/socfpga.dtsi | 4 arch/arm/boot/dts/socfpga_arria10.dtsi | 5 arch/arm/boot/dts/sun8i-h3-libretech-all-h3-cc.dts | 8 arch/arm/include/asm/kgdb.h | 2 arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 6 arch/arm64/boot/dts/amlogic/meson-gx.dtsi | 6 arch/arm64/boot/dts/amlogic/meson-gxl-s905x-libretech-cc.dts | 3 arch/arm64/boot/dts/amlogic/meson-gxl.dtsi | 8 arch/arm64/boot/dts/marvell/armada-cp110.dtsi | 2 arch/arm64/crypto/aes-glue.c | 2 arch/arm64/kernel/cpufeature.c | 2 arch/arm64/kernel/signal.c | 5 arch/arm64/mm/proc.S | 5 arch/m68k/mac/config.c | 2 arch/m68k/mm/kmap.c | 3 arch/mips/ath79/mach-pb44.c | 2 arch/mips/bcm47xx/setup.c | 6 arch/mips/include/asm/io.h | 2 arch/mips/include/asm/mipsregs.h | 3 arch/mips/kernel/mcount.S | 27 +- arch/powerpc/Makefile | 1 arch/powerpc/kernel/dt_cpu_ftrs.c | 3 arch/powerpc/kernel/entry_64.S | 1 arch/powerpc/kernel/fadump.c | 3 arch/powerpc/kernel/hw_breakpoint.c | 4 arch/powerpc/kernel/ptrace.c | 1 arch/powerpc/mm/pkeys.c | 4 arch/powerpc/mm/tlb-radix.c | 2 arch/powerpc/perf/imc-pmu.c | 4 arch/powerpc/platforms/powernv/copy-paste.h | 3 arch/powerpc/platforms/powernv/idle.c | 4 arch/powerpc/platforms/powernv/pci-ioda.c | 1 arch/um/drivers/vector_kern.c | 20 + arch/x86/entry/entry_64_compat.S | 16 - arch/x86/include/asm/barrier.h | 2 arch/x86/kernel/apic/x2apic_uv_x.c | 60 +++++ arch/x86/kernel/cpu/mcheck/mce-severity.c | 5 arch/x86/kernel/cpu/mcheck/mce.c | 44 ++- arch/x86/kernel/e820.c | 15 + arch/x86/kernel/quirks.c | 11 arch/x86/kernel/traps.c | 14 - arch/x86/mm/init.c | 4 arch/x86/mm/init_64.c | 20 + arch/x86/platform/efi/efi_64.c | 4 arch/x86/xen/smp_pv.c | 5 arch/xtensa/kernel/traps.c | 2 block/blk-core.c | 4 crypto/asymmetric_keys/x509_cert_parser.c | 9 drivers/acpi/acpi_lpss.c | 20 + drivers/auxdisplay/Kconfig | 10 drivers/base/core.c | 15 - drivers/base/power/domain.c | 3 drivers/block/rbd.c | 2 drivers/bluetooth/hci_qca.c | 6 drivers/char/hw_random/core.c | 11 drivers/char/ipmi/ipmi_bt_sm.c | 3 drivers/char/tpm/tpm-dev-common.c | 40 +-- drivers/char/tpm/tpm-dev.h | 2 drivers/char/tpm/tpm2-space.c | 3 drivers/clk/at91/clk-pll.c | 13 - drivers/clk/clk-aspeed.c | 4 drivers/clk/meson/meson8b.c | 7 drivers/clk/renesas/renesas-cpg-mssr.c | 9 drivers/cpufreq/intel_pstate.c | 27 +- drivers/cpuidle/cpuidle-powernv.c | 32 ++ drivers/firmware/efi/libstub/tpm.c | 2 drivers/hwmon/k10temp.c | 5 drivers/i2c/algos/i2c-algo-bit.c | 5 drivers/i2c/busses/i2c-gpio.c | 4 drivers/iio/accel/sca3000.c | 9 drivers/iio/adc/ad7791.c | 49 ---- drivers/infiniband/core/umem.c | 11 drivers/infiniband/core/uverbs_main.c | 14 - drivers/infiniband/core/verbs.c | 14 - drivers/infiniband/hw/hfi1/chip.c | 8 drivers/infiniband/hw/hfi1/debugfs.c | 8 drivers/infiniband/hw/hfi1/file_ops.c | 4 drivers/infiniband/hw/hfi1/hfi.h | 1 drivers/infiniband/hw/hfi1/init.c | 22 + drivers/infiniband/hw/hfi1/pio.c | 44 +++ drivers/infiniband/hw/mlx4/mad.c | 1 drivers/infiniband/hw/mlx4/mr.c | 50 +++- drivers/infiniband/hw/mlx5/cq.c | 15 + drivers/infiniband/hw/qib/qib.h | 4 drivers/infiniband/hw/qib/qib_file_ops.c | 10 drivers/infiniband/hw/qib/qib_init.c | 13 + drivers/infiniband/hw/qib/qib_user_pages.c | 20 + drivers/infiniband/sw/rdmavt/cq.c | 31 +- drivers/infiniband/ulp/isert/ib_isert.c | 28 +- drivers/input/joystick/xpad.c | 2 drivers/input/mouse/elan_i2c.h | 2 drivers/input/mouse/elan_i2c_core.c | 3 drivers/input/mouse/elan_i2c_smbus.c | 10 drivers/input/mouse/elantech.c | 11 drivers/input/mouse/psmouse-base.c | 12 - drivers/input/touchscreen/silead.c | 1 drivers/iommu/Kconfig | 1 drivers/iommu/amd_iommu.c | 68 ++++-- drivers/irqchip/irq-gic-v3-its.c | 9 drivers/md/dm-thin.c | 11 drivers/md/dm-zoned-target.c | 2 drivers/md/dm.c | 5 drivers/md/md.c | 4 drivers/media/dvb-core/dvb_frontend.c | 23 +- drivers/media/platform/vsp1/vsp1_video.c | 21 + drivers/media/rc/ir-mce_kbd-decoder.c | 2 drivers/media/usb/cx231xx/cx231xx-cards.c | 3 drivers/media/usb/cx231xx/cx231xx-dvb.c | 2 drivers/media/usb/uvc/uvc_video.c | 24 +- drivers/media/v4l2-core/v4l2-compat-ioctl32.c | 2 drivers/mfd/intel-lpss-pci.c | 25 +- drivers/mfd/intel-lpss.c | 4 drivers/mfd/twl-core.c | 2 drivers/misc/cxl/pci.c | 4 drivers/misc/cxl/sysfs.c | 16 + drivers/mmc/host/renesas_sdhi_core.c | 5 drivers/mmc/host/renesas_sdhi_internal_dmac.c | 1 drivers/mmc/host/renesas_sdhi_sys_dmac.c | 3 drivers/mtd/chips/cfi_cmdset_0002.c | 21 + drivers/mtd/nand/raw/denali_dt.c | 6 drivers/mtd/nand/raw/mxc_nand.c | 5 drivers/mtd/nand/raw/nand_base.c | 29 -- drivers/mtd/nand/raw/nand_macronix.c | 48 +++- drivers/mtd/nand/raw/nand_micron.c | 2 drivers/mtd/spi-nor/intel-spi.c | 76 +++++- drivers/mtd/ubi/build.c | 3 drivers/mtd/ubi/eba.c | 90 +++++++- drivers/mtd/ubi/wl.c | 4 drivers/net/ethernet/ti/davinci_emac.c | 15 + drivers/nvdimm/bus.c | 14 - drivers/nvdimm/pmem.c | 10 drivers/nvdimm/region_devs.c | 3 drivers/of/platform.c | 5 drivers/of/resolver.c | 5 drivers/of/unittest.c | 8 drivers/opp/core.c | 2 drivers/pci/host/pci-hyperv.c | 11 drivers/pci/hotplug/pciehp.h | 2 drivers/pci/hotplug/pciehp_core.c | 2 drivers/pci/hotplug/pciehp_hpc.c | 13 + drivers/pci/pci-driver.c | 5 drivers/pci/probe.c | 15 + drivers/pci/quirks.c | 20 + drivers/pinctrl/devicetree.c | 7 drivers/pinctrl/mvebu/pinctrl-armada-37xx.c | 3 drivers/pinctrl/samsung/pinctrl-exynos-arm.c | 4 drivers/platform/chrome/cros_ec_lpc.c | 13 - drivers/pwm/pwm-lpss-platform.c | 5 drivers/pwm/pwm-lpss.c | 30 ++ drivers/pwm/pwm-lpss.h | 2 drivers/remoteproc/qcom_q6v5_pil.c | 10 drivers/rpmsg/qcom_smd.c | 18 - drivers/rtc/rtc-sun6i.c | 4 drivers/s390/scsi/zfcp_dbf.c | 40 +++ drivers/s390/scsi/zfcp_erp.c | 123 ++++++++--- drivers/s390/scsi/zfcp_ext.h | 5 drivers/s390/scsi/zfcp_scsi.c | 18 + drivers/scsi/hpsa.c | 10 drivers/scsi/qla2xxx/qla_gs.c | 4 drivers/scsi/qla2xxx/qla_init.c | 3 drivers/scsi/qla2xxx/qla_isr.c | 8 drivers/scsi/qla2xxx/qla_target.c | 7 drivers/scsi/scsi_debug.c | 2 drivers/soc/rockchip/pm_domains.c | 2 drivers/thermal/broadcom/bcm2835_thermal.c | 4 drivers/tty/serial/sh-sci.c | 8 drivers/usb/core/hub.c | 4 drivers/video/backlight/as3711_bl.c | 33 ++ drivers/video/backlight/max8925_bl.c | 4 drivers/video/backlight/tps65217_bl.c | 4 drivers/video/fbdev/uvesafb.c | 3 drivers/virt/vboxguest/vboxguest_linux.c | 4 drivers/w1/w1.c | 2 drivers/xen/events/events_base.c | 2 fs/btrfs/inode.c | 4 fs/f2fs/checkpoint.c | 4 fs/f2fs/inode.c | 4 fs/f2fs/segment.c | 3 fs/f2fs/segment.h | 1 fs/fuse/control.c | 13 - fs/fuse/dev.c | 3 fs/fuse/dir.c | 13 + fs/fuse/inode.c | 1 fs/nfs/callback_proc.c | 7 fs/nfs/nfs4idmap.c | 5 fs/nfs/nfs4proc.c | 2 fs/nfsd/nfs4xdr.c | 5 fs/ubifs/journal.c | 5 fs/udf/directory.c | 3 include/dt-bindings/clock/aspeed-clock.h | 2 include/linux/blkdev.h | 4 include/linux/compiler.h | 2 include/linux/memory.h | 1 include/linux/slub_def.h | 4 include/rdma/ib_verbs.h | 27 +- include/rdma/rdma_vt.h | 2 kernel/locking/rwsem.c | 1 kernel/printk/printk_safe.c | 5 kernel/softirq.c | 6 kernel/time/time.c | 6 kernel/trace/trace_events_filter.c | 10 lib/Kconfig.kasan | 1 lib/vsprintf.c | 3 mm/gup.c | 36 ++- mm/ksm.c | 14 - mm/slab_common.c | 4 mm/slub.c | 7 net/sunrpc/xprtrdma/rpc_rdma.c | 2 security/selinux/selinuxfs.c | 78 ++---- sound/core/timer.c | 2 sound/pci/hda/hda_codec.c | 5 sound/pci/hda/hda_codec.h | 1 sound/pci/hda/patch_hdmi.c | 5 sound/pci/hda/patch_realtek.c | 20 + sound/soc/cirrus/edb93xx.c | 2 sound/soc/cirrus/ep93xx-i2s.c | 26 +- sound/soc/cirrus/snappercl15.c | 2 sound/soc/codecs/cs35l35.c | 1 sound/soc/mediatek/common/mtk-afe-platform-driver.c | 4 sound/soc/soc-dapm.c | 2 tools/perf/util/dso.c | 2 tools/perf/util/intel-pt-decoder/intel-pt-decoder.c | 23 +- tools/perf/util/intel-pt-decoder/intel-pt-decoder.h | 9 tools/perf/util/intel-pt-decoder/intel-pt-pkt-decoder.c | 2 tools/perf/util/intel-pt.c | 5 tools/testing/selftests/ftrace/test.d/functions | 21 + 232 files changed, 1705 insertions(+), 755 deletions(-) ??? (1): Input: elantech - fix V4 report decoding for module with middle key Aaron Ma (1): Input: elantech - enable middle button of touchpads on ThinkPad P52 Abhishek Sahu (1): mtd: rawnand: fix return value check for bad block status Adrian Hunter (6): perf tools: Fix symbol and object code resolution for vdso32 and vdsox32 perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP perf intel-pt: Fix MTC timing after overflow perf intel-pt: Fix "Unexpected indirect branch" error perf intel-pt: Fix packet decoding of CYC packets Akshay Adiga (1): powerpc/powernv/cpuidle: Init all present cpus for deep states Alex Estrin (2): IB/{hfi1, qib}: Add handling of kernel restart IB/isert: Fix for lib/dma_debug check_sync warning Alex Williamson (1): PCI: Add ACS quirk for Intel 7th & 8th Gen mobile Alexander Sverdlin (2): ASoC: cirrus: i2s: Fix LRCLK configuration ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup Alexandr Savca (1): Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID Alexandru Ardelean (1): iio: adc: ad7791: remove sample freq sysfs attributes Alexey Kardashevskiy (1): powerpc/powernv/ioda2: Remove redundant free of TCE pages Amit Pundir (1): Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader Andy Lutomirski (1): x86/entry/64/compat: Fix "x86/entry/64/compat: Preserve r8-r11 in int $0x80" Andy Shevchenko (1): mfd: intel-lpss: Program REMAP register in PIO mode Aneesh Kumar K.V (1): powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch Anil Gurumurthy (1): scsi: qla2xxx: Mask off Scope bits in retry delay Anju T Sudhakar (1): powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() Anton Ivanov (2): um: Fix initialization of vector queues um: Fix raw interface options Bart Van Assche (2): block: Fix cloning of requests with a special payload dm zoned: avoid triggering reclaim from inside dmz_map() Bartosz Golaszewski (1): net: ethernet: fix suspend/resume in davinci_emac Ben Hutchings (1): Input: elan_i2c_smbus - fix more potential stack buffer overflows Bharat Potnuri (1): RDMA/core: Save kernel caller name when creating CQ using ib_create_cq() Boris Brezillon (1): mtd: rawnand: Do not check FAIL bit when executing a SET_FEATURES op Boris Ostrovsky (1): xen: Remove unnecessary BUG_ON from __unbind_from_irq() Borislav Petkov (1): x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() Brad Love (1): media: cx231xx: Ignore an i2c mux adapter Chao Yu (1): f2fs: don't use GFP_ZERO for page caches Chen-Yu Tsai (1): ARM: dts: sun8i: h3: fix ALL-H3-CC H3 ver VCC-1V2 regulator voltage Chris Packham (1): mtd: rawnand: micron: add ONFI_FEATURE_ON_DIE_ECC to supported features Christophe JAILLET (1): iio: sca3000: Fix an error handling path in 'sca3000_probe()' Chuck Lever (1): xprtrdma: Return -ENOBUFS when no pages are available Corey Minyard (1): ipmi:bt: Set the timeout before doing a capabilities check Dan Williams (3): x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec() mm: fix __gup_device_huge vs unmap mm: fix devmem_is_allowed() for sub-page System RAM intersections Daniel Wagner (1): serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version Dave Martin (1): arm64: Fix syscall restarting around signal suppressed by tracer Dave Wysochanski (1): NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message David Rivshin (1): ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size Dinh Nguyen (1): ARM: dts: socfpga: Fix NAND controller node compatible for Arria10 Dmitry Torokhov (2): platform/chrome: cros_ec_lpc: do not try DMI match when ACPI device found Input: psmouse - fix button reporting for basic protocols Dongsheng Yang (1): rbd: flush rbd_dev->watch_dwork after watch is unregistered Enno Boland (1): Input: xpad - fix GPD Win 2 controller name Erez Shitrit (1): IB/mlx5: Fetch soft WQE's on fatal error state Eric W. Biederman (1): signal/xtensa: Consistenly use SIGBUS in do_unaligned_user Fabio Estevam (1): pinctrl: devicetree: Fix pctldev pointer overwrite Filipe Manana (1): Btrfs: fix return value on rename exchange failure Finley Xiao (1): soc: rockchip: power-domain: Fix wrong value when power up pd with writemask Finn Thain (1): m68k/mac: Fix SWIM memory resource end address Frank Rowand (1): of: overlay: validate offset from property fixups Gautham R. Shenoy (1): cpuidle: powernv: Fix promotion from snooze if next state disabled Geert Uytterhoeven (4): thermal: bcm2835: Stop using printk format %pCr clk: renesas: cpg-mssr: Stop using printk format %pCr lib/vsprintf: Remove atomic-unsafe support for %pCr time: Make sure jiffies_to_msecs() preserves non-zero time periods Greg Kroah-Hartman (1): Linux 4.17.4 Guenter Roeck (1): hwmon: (k10temp) Add support for Stoney Ridge and Bristol Ridge CPUs Hans de Goede (4): efi/libstub/tpm: Initialize efi_physical_addr_t vars to zero for mixed mode ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices Input: silead - add MSSL0002 ACPI HID pwm: lpss: platform: Save/restore the ctrl register over a suspend/resume Haren Myneni (1): powerpc/powernv: copy/paste - Mask SO bit in CR Himanshu Madhani (1): scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails Huacai Chen (1): MIPS: io: Add barrier after register read in inX() Hui Wang (1): ALSA: hda/realtek - Fix the problem of two front mics on more machines Icenowy Zheng (1): ARM: dts: sun8i: h3: fix ALL-H3-CC H3 ver VDD-CPUX voltage Ingo Flaschberger (1): 1wire: family module autoload fails because of upper/lower case mismatch. Jack Morgenstein (2): IB/mlx4: Mark user MR as writable if actual virtual memory is writable IB/core: Make testing MR flags for writability a static inline function Jae Hyun Yoo (1): clk:aspeed: Fix reset bits for PCI/VGA and PECI Jan Kara (1): udf: Detect incorrect directory size Jann Horn (1): selinux: move user accesses in selinuxfs out of locked regions Jarkko Nikula (1): mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock Jason A. Donenfeld (1): kasan: depend on CONFIG_SLUB_DEBUG Jason Gunthorpe (1): IB/uverbs: Fix ordering of ucontext check in ib_uverbs_write Jerome Brunet (1): ARM64: dts: meson: disable sd-uhs modes on the libretech-cc Jia He (2): crypto: arm64/aes-blk - fix and move skcipher_walk_done out of kernel_neon_begin, _end mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm() Joakim Tjernlund (4): mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock() mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking. Joel Fernandes (Google) (1): softirq: Reorder trace_softirqs_on to prevent lockdep splat Johan Hovold (3): backlight: as3711_bl: Fix Device Tree node lookup backlight: max8925_bl: Fix Device Tree node lookup backlight: tps65217_bl: Fix Device Tree node lookup Juergen Gross (1): x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths Kai Chieh Chuang (1): ASoC: mediatek: preallocate pages use platform device Kai-Heng Feng (1): media: cx231xx: Add support for AverMedia DVD EZMaker 7 Kees Cook (1): video: uvesafb: Fix integer overflow in allocation Keith Busch (1): block: Fix transfer when chunk sectors exceeds max Kevin Hilman (1): ARM64: dts: meson-gx: fix ATF reserved memory region Kieran Bingham (1): media: vsp1: Release buffers for each video node Kirill A. Shutemov (1): x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y Leon Romanovsky (1): RDMA/mlx4: Discard unknown SQP work requests Linus Torvalds (1): Revert "iommu/amd_iommu: Use CONFIG_DMA_DIRECT_OPS=y and dma_direct_{alloc,free}()" Linus Walleij (1): MIPS: pb44: Fix i2c-gpio GPIO descriptor table Luis Henriques (1): scsi: scsi_debug: Fix memory leak on module unload Maciej S. Szmigiero (1): X.509: unpack RSA signatureValue field from BIT STRING Mahesh Salgaonkar (1): powerpc/fadump: Unregister fadump on kexec down path. Marcin Ziemianowicz (1): clk: at91: PLL recalc_rate() now using cached MUL and DIV values Marek Vasut (2): ARM: dts: socfpga: Fix NAND controller node compatible ARM: dts: socfpga: Fix NAND controller clock supply Martin Blumenstingl (1): clk: meson: meson8b: mark fclk_div2 gate clocks as CLK_IS_CRITICAL Martin Kaiser (1): mtd: rawnand: mxc: set spare area size register explicitly Masahiro Yamada (1): mtd: rawnand: denali_dt: set clk_x_rate to 200 MHz unconditionally Mason Yang (1): mtd: rawnand: All AC chips have a broken GET_FEATURES(TIMINGS). Matthias Schiffer (1): mips: ftrace: fix static function graph tracing Mauro Carvalho Chehab (2): media: v4l2-compat-ioctl32: prevent go past max size media: dvb_frontend: fix locking issues at dvb_frontend_get_event() Max Gurtovoy (1): IB/isert: fix T10-pi check mask setting Maxim Moseychuk (1): usb: do not reset if a low-speed or full-speed device timed out Michael Buesch (1): hwrng: core - Always drop the RNG in hwrng_unregister() Michael Ellerman (1): powerpc/64s: Fix DT CPU features Power9 DD2.1 logic Michael J. Ruhl (1): IB/hfi1: Reorder incorrect send context disable Michael Jeanson (1): powerpc/e500mc: Set assembler machine type to e500mc Michael Neuling (2): powerpc/ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG powerpc/ptrace: Fix enforcement of DAWR constraints Michael Schmitz (1): m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap() Michael Trimarchi (1): rtc: sun6i: Fix bit_idx value for clk_register_gate Mika Westerberg (4): mtd: spi-nor: intel-spi: Fix atomic sequence handling PCI: Add ACS quirk for Intel 300 series PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume PCI: Account for all bridges on bus when distributing bus numbers Mike Marciniszyn (3): IB/qib: Fix DMA api warning with debug kernel IB/hfi1: Fix fault injection init/exit issues IB/hfi1: Fix user context tail allocation for DMA_RTAIL Mike Snitzer (2): dm: use bio_split() when splitting out the already processed bio dm thin: handle running out of data space vs concurrent discard Mikhail Malygin (1): scsi: qla2xxx: Spinlock recursion in qla_target Miklos Szeredi (2): fuse: atomic_o_trunc should truncate pagecache fuse: fix control dir setup and teardown Mikulas Patocka (2): branch-check: fix long->int truncation when profiling branches slub: fix failure when we delete and create a slab cache Miquel Raynal (1): arm64: dts: marvell: fix CP110 ICU node size Naoya Horiguchi (1): x86/e820: put !E820_TYPE_RAM regions into memblock.reserved NeilBrown (1): md: fix two problems with setting the "re-add" device state. Nicholas Piggin (1): powerpc/64s/radix: Fix radix_kvm_prefetch_workaround paca access of not possible CPU Paul Handrigan (1): ASoC: cs35l35: Add use_single_rw to regmap config Paweł Chmiel (1): pinctrl: samsung: Correct EINTG banks order Peter Ujfalusi (1): mfd: twl-core: Fix clock initialization Quinn Tran (1): scsi: qla2xxx: Delete session for nport id change Rafael J. Wysocki (3): PCI / PM: Do not clear state_saved for devices that remain suspended ACPI / LPSS: Avoid PM quirks on suspend and resume from S3 PM / core: Fix supplier device runtime PM usage counter imbalance Ram Pai (1): powerpc/pkeys: Detach execute_only key on !PROT_EXEC Randy Dunlap (1): auxdisplay: fix broken menu Richard Weinberger (2): ubi: fastmap: Cancel work upon detach ubi: fastmap: Correctly handle interrupted erasures in EBA Robert Elliott (1): linvdimm, pmem: Preserve read-only setting for pmem devices Ross Zwisler (3): libnvdimm, pmem: Do not flush power-fail protected CPU caches libnvdimm, pmem: Unconditionally deep flush on *sync pmem: only set QUEUE_FLAG_DAX for fsdax mode Scott Mayhew (1): nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir Sean Wang (1): arm: dts: mt7623: fix invalid memory node being generated Sean Young (1): media: rc: mce_kbd decoder: fix stuck keys Sebastian Sanchez (1): IB/hfi1: Optimize kthread pointer locking when queuing CQ entries Siarhei Liakh (1): x86: Call fixup_exception() before notify_die() in math_error() Sibi Sankar (1): remoteproc: Prevent incorrect rproc state on xfer mem ownership failure Silvio Cesare (1): UBIFS: Fix potential integer overflow in allocation Sinan Kaya (1): scsi: hpsa: disable device during shutdown Sridhar Pitchai (1): PCI: hv: Make sure the bus domain is really unique Srinivas Kandagatla (3): ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it of: platform: stop accessing invalid dev in of_platform_device_destroy rpmsg: smd: do not use mananged resources for endpoints and channels Srinivas Pandruvada (1): cpufreq: intel_pstate: Fix scaling max/min limits with Turbo 3.0 Stefan M Schaeckeler (1): of: unittest: for strings, account for trailing \0 in property length field Steffen Maier (7): scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread Steven Rostedt (VMware) (2): ftrace/selftest: Have the reset_trigger code be a bit more careful tracing: Check for no filter when processing event filters Tadeusz Struk (2): tpm: fix use after free in tpm2_load_context() tpm: fix race condition in tpm_common_write() Takashi Iwai (4): ALSA: timer: Fix UBSAN warning at SNDRV_TIMER_IOCTL_NEXT_DEVICE ioctl ALSA: hda - Force to link down at runtime suspend on ATI/AMD HDMI ALSA: hda/realtek - Fix pop noise on Lenovo P50 & co ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210 Tejun Heo (1): fuse: fix congested state leak on aborted connections Terry Zhou (1): pinctrl: armada-37xx: Fix spurious irq management Tetsuo Handa (2): printk: fix possible reuse of va_list variable fuse: don't keep dead fuse_conn at fuse_fill_super(). Thor Thayer (2): ARM: dts: Fix SPI node for Arria10 arm64: dts: stratix10: Fix SPI nodes for Stratix10 Tokunori Ikegami (2): mtd: cfi_cmdset_0002: Change write buffer to check correct value MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum Tony Luck (3): x86/mce: Improve error message when kernel cannot recover x86/mce: Check for alternate indication of machine check recovery on Skylake x86/mce: Fix incorrect "Machine check from unknown source" message Trond Myklebust (2): NFSv4: Revert commit 5f83d86cf531d ("NFSv4.x: Fix wraparound issues..") NFSv4: Fix a typo in nfs41_sequence_process Ulf Hansson (1): PM / Domains: Fix error path during attach in genpd Vaibhav Jain (2): cxl: Configure PSL to not use APC virtual machines cxl: Disable prefault_mode in Radix mode Waiman Long (1): locking/rwsem: Fix up_read_non_owner() warning with DEBUG_RWSEMS Waldemar Rymarkiewicz (1): PM / OPP: Update voltage in case freq == old_freq Wenwen Wang (1): virt: vbox: Only copy_from_user the request-header once Will Deacon (2): arm64: kpti: Use early_param for kpti= command-line option arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance Wolfram Sang (3): mmc: renesas_sdhi: really fix WP logic regressions Revert "i2c: algo-bit: init the bus to a known state" i2c: gpio: initialize SCL to HIGH again Yang Yingliang (1): irqchip/gic-v3-its: Don't bind LPI to unavailable NUMA node mike.travis(a)hpe.com (3): x86/platform/UV: Add adjustable set memory block size function x86/platform/UV: Use new set memory block size function x86/platform/UV: Add kernel parameter to set memory block size ming_qian (1): media: uvcvideo: Support realtek's UVC 1.5 device

7 years, 2 months

1
1
0 0

Linux 4.14.53

by Greg KH

I'm announcing the release of the 4.14.53 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-class-cxl | 4 Documentation/printk-formats.txt | 3 Makefile | 2 arch/arm/boot/dts/mt7623.dtsi | 3 arch/arm/boot/dts/mt7623n-bananapi-bpi-r2.dts | 1 arch/arm/boot/dts/mt7623n-rfb.dtsi | 1 arch/arm/boot/dts/socfpga.dtsi | 4 arch/arm/boot/dts/socfpga_arria10.dtsi | 5 arch/arm/include/asm/kgdb.h | 2 arch/arm64/boot/dts/amlogic/meson-gxl-s905x-libretech-cc.dts | 3 arch/arm64/kernel/cpufeature.c | 2 arch/arm64/kernel/signal.c | 5 arch/arm64/mm/proc.S | 5 arch/m68k/mac/config.c | 2 arch/m68k/mm/kmap.c | 3 arch/mips/bcm47xx/setup.c | 6 arch/mips/include/asm/io.h | 2 arch/mips/include/asm/mipsregs.h | 3 arch/mips/kernel/mcount.S | 27 arch/powerpc/kernel/entry_64.S | 1 arch/powerpc/kernel/fadump.c | 3 arch/powerpc/kernel/hw_breakpoint.c | 4 arch/powerpc/kernel/ptrace.c | 1 arch/powerpc/perf/imc-pmu.c | 4 arch/powerpc/platforms/powernv/copy-paste.h | 3 arch/powerpc/platforms/powernv/idle.c | 4 arch/powerpc/platforms/powernv/pci-ioda.c | 1 arch/x86/events/intel/uncore_snbep.c | 8 arch/x86/include/asm/barrier.h | 2 arch/x86/kernel/cpu/mcheck/mce-severity.c | 5 arch/x86/kernel/cpu/mcheck/mce.c | 44 arch/x86/kernel/quirks.c | 11 arch/x86/kernel/traps.c | 14 arch/x86/mm/init.c | 4 arch/x86/platform/efi/efi_64.c | 4 arch/x86/xen/smp_pv.c | 5 arch/xtensa/kernel/traps.c | 2 block/blk-core.c | 4 crypto/asymmetric_keys/x509_cert_parser.c | 9 drivers/acpi/acpi_lpss.c | 2 drivers/auxdisplay/Kconfig | 10 drivers/base/core.c | 15 drivers/base/power/domain.c | 3 drivers/base/power/opp/core.c | 2 drivers/block/rbd.c | 2 drivers/bluetooth/hci_qca.c | 6 drivers/char/ipmi/ipmi_bt_sm.c | 3 drivers/char/tpm/tpm-dev-common.c | 40 drivers/char/tpm/tpm-dev.h | 2 drivers/char/tpm/tpm2-space.c | 3 drivers/clk/at91/clk-pll.c | 13 drivers/clk/renesas/renesas-cpg-mssr.c | 9 drivers/cpufreq/intel_pstate.c | 27 drivers/cpuidle/cpuidle-powernv.c | 32 drivers/iio/accel/sca3000.c | 9 drivers/iio/adc/ad7791.c | 49 drivers/infiniband/core/umem.c | 11 drivers/infiniband/hw/hfi1/chip.c | 8 drivers/infiniband/hw/hfi1/debugfs.c | 8 drivers/infiniband/hw/hfi1/file_ops.c | 4 drivers/infiniband/hw/hfi1/hfi.h | 1 drivers/infiniband/hw/hfi1/init.c | 22 drivers/infiniband/hw/hfi1/pio.c | 44 drivers/infiniband/hw/mlx4/mad.c | 1 drivers/infiniband/hw/mlx4/mr.c | 50 drivers/infiniband/hw/mlx5/cq.c | 15 drivers/infiniband/hw/qib/qib.h | 4 drivers/infiniband/hw/qib/qib_file_ops.c | 10 drivers/infiniband/hw/qib/qib_init.c | 13 drivers/infiniband/hw/qib/qib_user_pages.c | 20 drivers/infiniband/sw/rdmavt/cq.c | 31 drivers/infiniband/ulp/isert/ib_isert.c | 28 drivers/input/joystick/xpad.c | 2 drivers/input/mouse/elan_i2c.h | 2 drivers/input/mouse/elan_i2c_core.c | 3 drivers/input/mouse/elan_i2c_smbus.c | 10 drivers/input/mouse/elantech.c | 11 drivers/irqchip/irq-gic-v3-its.c | 9 drivers/md/dm-thin.c | 11 drivers/md/dm-zoned-target.c | 2 drivers/md/md.c | 4 drivers/media/dvb-core/dvb_frontend.c | 23 drivers/media/platform/vsp1/vsp1_video.c | 21 drivers/media/usb/cx231xx/cx231xx-cards.c | 3 drivers/media/v4l2-core/v4l2-compat-ioctl32.c | 2 drivers/mfd/intel-lpss-pci.c | 25 drivers/mfd/intel-lpss.c | 4 drivers/misc/cxl/sysfs.c | 16 drivers/mtd/chips/cfi_cmdset_0002.c | 21 drivers/mtd/ubi/build.c | 3 drivers/mtd/ubi/eba.c | 90 drivers/mtd/ubi/wl.c | 4 drivers/nvdimm/bus.c | 14 drivers/of/platform.c | 5 drivers/of/resolver.c | 5 drivers/of/unittest.c | 8 drivers/pci/host/pci-hyperv.c | 11 drivers/pci/hotplug/pciehp.h | 2 drivers/pci/hotplug/pciehp_core.c | 2 drivers/pci/hotplug/pciehp_hpc.c | 13 drivers/pci/quirks.c | 20 drivers/pinctrl/devicetree.c | 7 drivers/pinctrl/samsung/pinctrl-exynos-arm.c | 4 drivers/pwm/pwm-lpss-platform.c | 5 drivers/pwm/pwm-lpss.c | 30 drivers/pwm/pwm-lpss.h | 2 drivers/rpmsg/qcom_smd.c | 18 drivers/rtc/rtc-sun6i.c | 4 drivers/s390/scsi/zfcp_dbf.c | 40 drivers/s390/scsi/zfcp_erp.c | 123 drivers/s390/scsi/zfcp_ext.h | 5 drivers/s390/scsi/zfcp_scsi.c | 18 drivers/scsi/hpsa.c | 10 drivers/scsi/qla2xxx/qla_init.c | 3 drivers/scsi/qla2xxx/qla_isr.c | 8 drivers/soc/rockchip/pm_domains.c | 2 drivers/thermal/broadcom/bcm2835_thermal.c | 4 drivers/tty/serial/sh-sci.c | 8 drivers/usb/core/hub.c | 4 drivers/usb/host/xhci.c | 1 drivers/video/backlight/as3711_bl.c | 33 drivers/video/backlight/max8925_bl.c | 4 drivers/video/backlight/tps65217_bl.c | 4 drivers/video/fbdev/uvesafb.c | 3 drivers/w1/w1.c | 2 drivers/xen/events/events_base.c | 2 fs/btrfs/inode.c | 4 fs/fuse/control.c | 13 fs/fuse/dev.c | 3 fs/fuse/dir.c | 13 fs/fuse/inode.c | 1 fs/nfs/callback_proc.c | 7 fs/nfs/nfs4idmap.c | 5 fs/nfs/nfs4proc.c | 2 fs/nfsd/nfs4xdr.c | 5 fs/ubifs/journal.c | 5 fs/udf/directory.c | 3 include/linux/blkdev.h | 4 include/linux/compiler.h | 2 include/linux/slub_def.h | 4 include/rdma/ib_verbs.h | 14 include/rdma/rdma_vt.h | 2 kernel/printk/printk_safe.c | 5 kernel/time/time.c | 6 lib/vsprintf.c | 3 mm/gup.c | 36 mm/ksm.c | 14 mm/slab_common.c | 4 mm/slub.c | 7 net/sunrpc/xprtrdma/rpc_rdma.c | 2 sound/core/timer.c | 2 sound/pci/hda/patch_realtek.c | 20 sound/soc/cirrus/edb93xx.c | 2 sound/soc/cirrus/ep93xx-i2s.c | 26 sound/soc/cirrus/snappercl15.c | 2 sound/soc/codecs/cs35l35.c | 1 sound/soc/soc-dapm.c | 2 tools/perf/pmu-events/arch/x86/goldmontplus/cache.json | 1453 ++++++++++ tools/perf/pmu-events/arch/x86/goldmontplus/frontend.json | 62 tools/perf/pmu-events/arch/x86/goldmontplus/memory.json | 38 tools/perf/pmu-events/arch/x86/goldmontplus/other.json | 98 tools/perf/pmu-events/arch/x86/goldmontplus/pipeline.json | 544 +++ tools/perf/pmu-events/arch/x86/goldmontplus/virtual-memory.json | 218 + tools/perf/pmu-events/arch/x86/mapfile.csv | 1 tools/perf/util/dso.c | 2 tools/perf/util/intel-pt-decoder/intel-pt-decoder.c | 23 tools/perf/util/intel-pt-decoder/intel-pt-decoder.h | 9 tools/perf/util/intel-pt-decoder/intel-pt-pkt-decoder.c | 2 tools/perf/util/intel-pt.c | 5 tools/testing/selftests/ftrace/test.d/functions | 21 170 files changed, 3594 insertions(+), 504 deletions(-) ??? (1): Input: elantech - fix V4 report decoding for module with middle key Aaron Ma (1): Input: elantech - enable middle button of touchpads on ThinkPad P52 Adrian Hunter (6): perf tools: Fix symbol and object code resolution for vdso32 and vdsox32 perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP perf intel-pt: Fix MTC timing after overflow perf intel-pt: Fix "Unexpected indirect branch" error perf intel-pt: Fix packet decoding of CYC packets Akshay Adiga (1): powerpc/powernv/cpuidle: Init all present cpus for deep states Alex Estrin (2): IB/{hfi1, qib}: Add handling of kernel restart IB/isert: Fix for lib/dma_debug check_sync warning Alex Williamson (1): PCI: Add ACS quirk for Intel 7th & 8th Gen mobile Alexander Sverdlin (2): ASoC: cirrus: i2s: Fix LRCLK configuration ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup Alexandr Savca (1): Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID Alexandru Ardelean (1): iio: adc: ad7791: remove sample freq sysfs attributes Alexey Kardashevskiy (1): powerpc/powernv/ioda2: Remove redundant free of TCE pages Amit Pundir (1): Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader Andy Shevchenko (1): mfd: intel-lpss: Program REMAP register in PIO mode Aneesh Kumar K.V (1): powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch Anil Gurumurthy (1): scsi: qla2xxx: Mask off Scope bits in retry delay Anju T Sudhakar (1): powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() Bart Van Assche (2): block: Fix cloning of requests with a special payload dm zoned: avoid triggering reclaim from inside dmz_map() Ben Hutchings (1): Input: elan_i2c_smbus - fix more potential stack buffer overflows Boris Ostrovsky (1): xen: Remove unnecessary BUG_ON from __unbind_from_irq() Borislav Petkov (1): x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() Christophe JAILLET (1): iio: sca3000: Fix an error handling path in 'sca3000_probe()' Chuck Lever (1): xprtrdma: Return -ENOBUFS when no pages are available Corey Minyard (1): ipmi:bt: Set the timeout before doing a capabilities check Dan Williams (3): x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec() mm: fix __gup_device_huge vs unmap mm: fix devmem_is_allowed() for sub-page System RAM intersections Daniel Wagner (1): serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version Dave Martin (1): arm64: Fix syscall restarting around signal suppressed by tracer Dave Wysochanski (1): NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message David Rivshin (1): ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size Dinh Nguyen (1): ARM: dts: socfpga: Fix NAND controller node compatible for Arria10 Dongsheng Yang (1): rbd: flush rbd_dev->watch_dwork after watch is unregistered Enno Boland (1): Input: xpad - fix GPD Win 2 controller name Erez Shitrit (1): IB/mlx5: Fetch soft WQE's on fatal error state Eric W. Biederman (1): signal/xtensa: Consistenly use SIGBUS in do_unaligned_user Fabio Estevam (1): pinctrl: devicetree: Fix pctldev pointer overwrite Filipe Manana (1): Btrfs: fix return value on rename exchange failure Finley Xiao (1): soc: rockchip: power-domain: Fix wrong value when power up pd with writemask Finn Thain (1): m68k/mac: Fix SWIM memory resource end address Frank Rowand (1): of: overlay: validate offset from property fixups Gautham R. Shenoy (1): cpuidle: powernv: Fix promotion from snooze if next state disabled Geert Uytterhoeven (4): thermal: bcm2835: Stop using printk format %pCr clk: renesas: cpg-mssr: Stop using printk format %pCr lib/vsprintf: Remove atomic-unsafe support for %pCr time: Make sure jiffies_to_msecs() preserves non-zero time periods Greg Kroah-Hartman (1): Linux 4.14.53 Hans de Goede (2): ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices pwm: lpss: platform: Save/restore the ctrl register over a suspend/resume Haren Myneni (1): powerpc/powernv: copy/paste - Mask SO bit in CR Himanshu Madhani (1): scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails Huacai Chen (1): MIPS: io: Add barrier after register read in inX() Hui Wang (1): ALSA: hda/realtek - Fix the problem of two front mics on more machines Ingo Flaschberger (1): 1wire: family module autoload fails because of upper/lower case mismatch. Jack Morgenstein (2): IB/mlx4: Mark user MR as writable if actual virtual memory is writable IB/core: Make testing MR flags for writability a static inline function Jan Kara (1): udf: Detect incorrect directory size Jarkko Nikula (1): mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock Jerome Brunet (1): ARM64: dts: meson: disable sd-uhs modes on the libretech-cc Jia He (1): mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm() Joakim Tjernlund (4): mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock() mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking. Johan Hovold (3): backlight: as3711_bl: Fix Device Tree node lookup backlight: max8925_bl: Fix Device Tree node lookup backlight: tps65217_bl: Fix Device Tree node lookup Juergen Gross (1): x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths Kai-Heng Feng (1): media: cx231xx: Add support for AverMedia DVD EZMaker 7 Kan Liang (2): perf vendor events: Add Goldmont Plus V1 event file perf/x86/intel/uncore: Add event constraint for BDX PCU Kees Cook (1): video: uvesafb: Fix integer overflow in allocation Keith Busch (1): block: Fix transfer when chunk sectors exceeds max Kieran Bingham (1): media: vsp1: Release buffers for each video node Kirill A. Shutemov (1): x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y Leon Romanovsky (1): RDMA/mlx4: Discard unknown SQP work requests Maciej S. Szmigiero (1): X.509: unpack RSA signatureValue field from BIT STRING Mahesh Salgaonkar (1): powerpc/fadump: Unregister fadump on kexec down path. Marcin Ziemianowicz (1): clk: at91: PLL recalc_rate() now using cached MUL and DIV values Marek Vasut (2): ARM: dts: socfpga: Fix NAND controller node compatible ARM: dts: socfpga: Fix NAND controller clock supply Mathias Nyman (1): xhci: Fix use-after-free in xhci_free_virt_device Matthias Schiffer (1): mips: ftrace: fix static function graph tracing Mauro Carvalho Chehab (2): media: v4l2-compat-ioctl32: prevent go past max size media: dvb_frontend: fix locking issues at dvb_frontend_get_event() Max Gurtovoy (1): IB/isert: fix T10-pi check mask setting Maxim Moseychuk (1): usb: do not reset if a low-speed or full-speed device timed out Michael J. Ruhl (1): IB/hfi1: Reorder incorrect send context disable Michael Neuling (2): powerpc/ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG powerpc/ptrace: Fix enforcement of DAWR constraints Michael Schmitz (1): m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap() Michael Trimarchi (1): rtc: sun6i: Fix bit_idx value for clk_register_gate Mika Westerberg (2): PCI: Add ACS quirk for Intel 300 series PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume Mike Marciniszyn (3): IB/qib: Fix DMA api warning with debug kernel IB/hfi1: Fix fault injection init/exit issues IB/hfi1: Fix user context tail allocation for DMA_RTAIL Mike Snitzer (1): dm thin: handle running out of data space vs concurrent discard Miklos Szeredi (2): fuse: atomic_o_trunc should truncate pagecache fuse: fix control dir setup and teardown Mikulas Patocka (2): branch-check: fix long->int truncation when profiling branches slub: fix failure when we delete and create a slab cache NeilBrown (1): md: fix two problems with setting the "re-add" device state. Paul Handrigan (1): ASoC: cs35l35: Add use_single_rw to regmap config Paweł Chmiel (1): pinctrl: samsung: Correct EINTG banks order Rafael J. Wysocki (1): PM / core: Fix supplier device runtime PM usage counter imbalance Randy Dunlap (1): auxdisplay: fix broken menu Richard Weinberger (2): ubi: fastmap: Cancel work upon detach ubi: fastmap: Correctly handle interrupted erasures in EBA Robert Elliott (1): linvdimm, pmem: Preserve read-only setting for pmem devices Scott Mayhew (1): nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir Sean Wang (1): arm: dts: mt7623: fix invalid memory node being generated Sebastian Sanchez (1): IB/hfi1: Optimize kthread pointer locking when queuing CQ entries Siarhei Liakh (1): x86: Call fixup_exception() before notify_die() in math_error() Silvio Cesare (1): UBIFS: Fix potential integer overflow in allocation Sinan Kaya (1): scsi: hpsa: disable device during shutdown Sridhar Pitchai (1): PCI: hv: Make sure the bus domain is really unique Srinivas Kandagatla (3): ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it of: platform: stop accessing invalid dev in of_platform_device_destroy rpmsg: smd: do not use mananged resources for endpoints and channels Srinivas Pandruvada (1): cpufreq: intel_pstate: Fix scaling max/min limits with Turbo 3.0 Stefan M Schaeckeler (1): of: unittest: for strings, account for trailing \0 in property length field Steffen Maier (7): scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread Steven Rostedt (VMware) (1): ftrace/selftest: Have the reset_trigger code be a bit more careful Tadeusz Struk (2): tpm: fix use after free in tpm2_load_context() tpm: fix race condition in tpm_common_write() Takashi Iwai (3): ALSA: timer: Fix UBSAN warning at SNDRV_TIMER_IOCTL_NEXT_DEVICE ioctl ALSA: hda/realtek - Fix pop noise on Lenovo P50 & co ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210 Tejun Heo (1): fuse: fix congested state leak on aborted connections Tetsuo Handa (2): printk: fix possible reuse of va_list variable fuse: don't keep dead fuse_conn at fuse_fill_super(). Thor Thayer (1): ARM: dts: Fix SPI node for Arria10 Tokunori Ikegami (2): mtd: cfi_cmdset_0002: Change write buffer to check correct value MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum Tony Luck (3): x86/mce: Improve error message when kernel cannot recover x86/mce: Check for alternate indication of machine check recovery on Skylake x86/mce: Fix incorrect "Machine check from unknown source" message Trond Myklebust (2): NFSv4: Revert commit 5f83d86cf531d ("NFSv4.x: Fix wraparound issues..") NFSv4: Fix a typo in nfs41_sequence_process Ulf Hansson (1): PM / Domains: Fix error path during attach in genpd Vaibhav Jain (1): cxl: Disable prefault_mode in Radix mode Waldemar Rymarkiewicz (1): PM / OPP: Update voltage in case freq == old_freq Will Deacon (2): arm64: kpti: Use early_param for kpti= command-line option arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance Yang Yingliang (1): irqchip/gic-v3-its: Don't bind LPI to unavailable NUMA node

7 years, 2 months

1
1
0 0

Linux 4.9.111

by Greg KH

I'm announcing the release of the 4.9.111 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/printk-formats.txt | 3 Makefile | 2 arch/arm/include/asm/kgdb.h | 2 arch/arm64/kernel/cpufeature.c | 2 arch/arm64/mm/proc.S | 5 arch/m68k/mm/kmap.c | 3 arch/mips/bcm47xx/setup.c | 6 arch/mips/include/asm/io.h | 2 arch/mips/include/asm/mipsregs.h | 3 arch/mips/kernel/mcount.S | 27 +-- arch/powerpc/kernel/entry_64.S | 1 arch/powerpc/kernel/fadump.c | 3 arch/powerpc/kernel/hw_breakpoint.c | 4 arch/powerpc/kernel/ptrace.c | 1 arch/powerpc/platforms/powernv/pci-ioda.c | 1 arch/x86/include/asm/barrier.h | 2 arch/x86/kernel/cpu/mcheck/mce-severity.c | 5 arch/x86/kernel/cpu/mcheck/mce.c | 44 +++-- arch/x86/kernel/quirks.c | 11 + arch/x86/kernel/traps.c | 14 + arch/x86/mm/init.c | 4 arch/xtensa/kernel/traps.c | 2 crypto/asymmetric_keys/x509_cert_parser.c | 9 + drivers/block/rbd.c | 2 drivers/bluetooth/hci_qca.c | 6 drivers/char/ipmi/ipmi_bt_sm.c | 3 drivers/clk/at91/clk-pll.c | 13 - drivers/clk/renesas/renesas-cpg-mssr.c | 9 - drivers/cpuidle/cpuidle-powernv.c | 32 +++- drivers/iio/buffer/kfifo_buf.c | 4 drivers/infiniband/hw/hfi1/hfi.h | 1 drivers/infiniband/hw/hfi1/init.c | 13 + drivers/infiniband/hw/mlx4/mad.c | 1 drivers/infiniband/hw/mlx5/cq.c | 15 + drivers/infiniband/hw/qib/qib.h | 4 drivers/infiniband/hw/qib/qib_file_ops.c | 10 - drivers/infiniband/hw/qib/qib_init.c | 13 + drivers/infiniband/hw/qib/qib_user_pages.c | 20 +- drivers/infiniband/ulp/isert/ib_isert.c | 28 ++- drivers/input/mouse/elan_i2c.h | 2 drivers/input/mouse/elan_i2c_core.c | 3 drivers/input/mouse/elan_i2c_smbus.c | 10 + drivers/input/mouse/elantech.c | 11 + drivers/md/dm-thin.c | 11 + drivers/md/md.c | 4 drivers/media/dvb-core/dvb_frontend.c | 23 +- drivers/media/usb/cx231xx/cx231xx-cards.c | 3 drivers/media/v4l2-core/v4l2-compat-ioctl32.c | 2 drivers/mfd/intel-lpss.c | 4 drivers/mtd/chips/cfi_cmdset_0002.c | 21 +- drivers/mtd/ubi/build.c | 3 drivers/mtd/ubi/eba.c | 90 +++++++++++ drivers/mtd/ubi/wl.c | 4 drivers/net/usb/cdc_ncm.c | 4 drivers/nvdimm/bus.c | 14 + drivers/of/unittest.c | 8 - drivers/pci/hotplug/pciehp.h | 2 drivers/pci/hotplug/pciehp_core.c | 2 drivers/pci/hotplug/pciehp_hpc.c | 13 + drivers/pci/quirks.c | 20 ++ drivers/pwm/pwm-lpss-platform.c | 5 drivers/pwm/pwm-lpss.c | 30 +++ drivers/pwm/pwm-lpss.h | 2 drivers/rpmsg/qcom_smd.c | 18 +- drivers/s390/scsi/zfcp_dbf.c | 40 +++++ drivers/s390/scsi/zfcp_erp.c | 123 ++++++++++++---- drivers/s390/scsi/zfcp_ext.h | 5 drivers/s390/scsi/zfcp_scsi.c | 18 +- drivers/scsi/qla2xxx/qla_init.c | 3 drivers/tty/serial/sh-sci.c | 8 - drivers/usb/core/hub.c | 4 drivers/video/backlight/as3711_bl.c | 33 ++-- drivers/video/backlight/max8925_bl.c | 4 drivers/video/backlight/tps65217_bl.c | 4 drivers/video/fbdev/uvesafb.c | 3 drivers/w1/w1.c | 2 drivers/xen/events/events_base.c | 2 fs/btrfs/inode.c | 37 ++++ fs/fuse/control.c | 13 + fs/fuse/dir.c | 13 + fs/fuse/inode.c | 1 fs/nfs/callback_proc.c | 7 fs/nfs/nfs4idmap.c | 5 fs/nfsd/nfs4xdr.c | 5 fs/ubifs/journal.c | 2 fs/udf/directory.c | 3 include/linux/blkdev.h | 4 include/linux/compiler.h | 2 include/linux/iio/buffer.h | 6 kernel/printk/nmi.c | 5 kernel/time/time.c | 6 lib/vsprintf.c | 3 sound/pci/hda/patch_realtek.c | 11 + sound/soc/cirrus/edb93xx.c | 2 sound/soc/cirrus/ep93xx-i2s.c | 26 +-- sound/soc/cirrus/snappercl15.c | 2 sound/soc/soc-dapm.c | 2 tools/perf/util/dso.c | 2 tools/perf/util/intel-pt-decoder/intel-pt-decoder.c | 23 ++ tools/perf/util/intel-pt-decoder/intel-pt-decoder.h | 9 + tools/perf/util/intel-pt-decoder/intel-pt-pkt-decoder.c | 2 tools/perf/util/intel-pt.c | 5 102 files changed, 816 insertions(+), 268 deletions(-) ??? (1): Input: elantech - fix V4 report decoding for module with middle key Aaron Ma (1): Input: elantech - enable middle button of touchpads on ThinkPad P52 Adrian Hunter (6): perf tools: Fix symbol and object code resolution for vdso32 and vdsox32 perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP perf intel-pt: Fix MTC timing after overflow perf intel-pt: Fix "Unexpected indirect branch" error perf intel-pt: Fix packet decoding of CYC packets Alex Estrin (2): IB/{hfi1, qib}: Add handling of kernel restart IB/isert: Fix for lib/dma_debug check_sync warning Alex Williamson (1): PCI: Add ACS quirk for Intel 7th & 8th Gen mobile Alexander Sverdlin (2): ASoC: cirrus: i2s: Fix LRCLK configuration ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup Alexandr Savca (1): Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID Alexey Kardashevskiy (1): powerpc/powernv/ioda2: Remove redundant free of TCE pages Amit Pundir (1): Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader Andy Shevchenko (1): mfd: intel-lpss: Program REMAP register in PIO mode Aneesh Kumar K.V (1): powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch Ben Hutchings (1): Input: elan_i2c_smbus - fix more potential stack buffer overflows Bjørn Mork (1): cdc_ncm: avoid padding beyond end of skb Boris Ostrovsky (1): xen: Remove unnecessary BUG_ON from __unbind_from_irq() Borislav Petkov (1): x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() Corey Minyard (1): ipmi:bt: Set the timeout before doing a capabilities check Dan Williams (2): x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec() mm: fix devmem_is_allowed() for sub-page System RAM intersections Daniel Wagner (1): serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version Dave Wysochanski (1): NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message David Rivshin (1): ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size Dongsheng Yang (1): rbd: flush rbd_dev->watch_dwork after watch is unregistered Erez Shitrit (1): IB/mlx5: Fetch soft WQE's on fatal error state Eric W. Biederman (1): signal/xtensa: Consistenly use SIGBUS in do_unaligned_user Filipe Manana (1): Btrfs: fix return value on rename exchange failure Gautham R. Shenoy (1): cpuidle: powernv: Fix promotion from snooze if next state disabled Geert Uytterhoeven (3): clk: renesas: cpg-mssr: Stop using printk format %pCr lib/vsprintf: Remove atomic-unsafe support for %pCr time: Make sure jiffies_to_msecs() preserves non-zero time periods Greg Kroah-Hartman (1): Linux 4.9.111 Hans de Goede (1): pwm: lpss: platform: Save/restore the ctrl register over a suspend/resume Himanshu Madhani (1): scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails Huacai Chen (1): MIPS: io: Add barrier after register read in inX() Ingo Flaschberger (1): 1wire: family module autoload fails because of upper/lower case mismatch. Jan Kara (1): udf: Detect incorrect directory size Joakim Tjernlund (4): mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock() mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking. Johan Hovold (3): backlight: as3711_bl: Fix Device Tree node lookup backlight: max8925_bl: Fix Device Tree node lookup backlight: tps65217_bl: Fix Device Tree node lookup Kai-Heng Feng (1): media: cx231xx: Add support for AverMedia DVD EZMaker 7 Kees Cook (1): video: uvesafb: Fix integer overflow in allocation Keith Busch (1): block: Fix transfer when chunk sectors exceeds max Leon Romanovsky (1): RDMA/mlx4: Discard unknown SQP work requests Liu Bo (1): Btrfs: fix unexpected cow in run_delalloc_nocow Maciej S. Szmigiero (1): X.509: unpack RSA signatureValue field from BIT STRING Mahesh Salgaonkar (1): powerpc/fadump: Unregister fadump on kexec down path. Marcin Ziemianowicz (1): clk: at91: PLL recalc_rate() now using cached MUL and DIV values Martin Kelly (1): iio:buffer: make length types match kfifo types Matthias Schiffer (1): mips: ftrace: fix static function graph tracing Mauro Carvalho Chehab (2): media: v4l2-compat-ioctl32: prevent go past max size media: dvb_frontend: fix locking issues at dvb_frontend_get_event() Max Gurtovoy (1): IB/isert: fix T10-pi check mask setting Maxim Moseychuk (1): usb: do not reset if a low-speed or full-speed device timed out Michael Neuling (2): powerpc/ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG powerpc/ptrace: Fix enforcement of DAWR constraints Michael Schmitz (1): m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap() Mika Westerberg (2): PCI: Add ACS quirk for Intel 300 series PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume Mike Marciniszyn (1): IB/qib: Fix DMA api warning with debug kernel Mike Snitzer (1): dm thin: handle running out of data space vs concurrent discard Miklos Szeredi (2): fuse: atomic_o_trunc should truncate pagecache fuse: fix control dir setup and teardown Mikulas Patocka (1): branch-check: fix long->int truncation when profiling branches NeilBrown (1): md: fix two problems with setting the "re-add" device state. Richard Weinberger (2): ubi: fastmap: Cancel work upon detach ubi: fastmap: Correctly handle interrupted erasures in EBA Robert Elliott (1): linvdimm, pmem: Preserve read-only setting for pmem devices Scott Mayhew (1): nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir Siarhei Liakh (1): x86: Call fixup_exception() before notify_die() in math_error() Silvio Cesare (1): UBIFS: Fix potential integer overflow in allocation Srinivas Kandagatla (2): ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it rpmsg: smd: do not use mananged resources for endpoints and channels Stefan M Schaeckeler (1): of: unittest: for strings, account for trailing \0 in property length field Steffen Maier (7): scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread Takashi Iwai (2): ALSA: hda/realtek - Fix pop noise on Lenovo P50 & co ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210 Tetsuo Handa (2): fuse: don't keep dead fuse_conn at fuse_fill_super(). printk: fix possible reuse of va_list variable Tokunori Ikegami (2): mtd: cfi_cmdset_0002: Change write buffer to check correct value MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum Tony Luck (3): x86/mce: Improve error message when kernel cannot recover x86/mce: Check for alternate indication of machine check recovery on Skylake x86/mce: Fix incorrect "Machine check from unknown source" message Trond Myklebust (1): NFSv4: Revert commit 5f83d86cf531d ("NFSv4.x: Fix wraparound issues..") Will Deacon (2): arm64: kpti: Use early_param for kpti= command-line option arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance

7 years, 2 months

1
1
0 0

Linux 4.4.139

by Greg KH

I'm announcing the release of the 4.4.139 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/printk-formats.txt | 3 Makefile | 2 arch/arm/include/asm/kgdb.h | 2 arch/m68k/mm/kmap.c | 3 arch/mips/bcm47xx/setup.c | 6 arch/mips/include/asm/io.h | 2 arch/mips/include/asm/mipsregs.h | 3 arch/mips/kernel/mcount.S | 27 +-- arch/powerpc/kernel/entry_64.S | 1 arch/powerpc/kernel/fadump.c | 3 arch/powerpc/kernel/hw_breakpoint.c | 4 arch/powerpc/kernel/ptrace.c | 1 arch/x86/include/asm/barrier.h | 2 arch/xtensa/kernel/traps.c | 2 drivers/ata/libata-core.c | 3 drivers/ata/libata-zpodd.c | 4 drivers/atm/zatm.c | 4 drivers/base/core.c | 14 + drivers/bluetooth/hci_qca.c | 6 drivers/char/ipmi/ipmi_bt_sm.c | 3 drivers/cpufreq/cpufreq.c | 2 drivers/cpuidle/cpuidle-powernv.c | 32 +++- drivers/iio/buffer/kfifo_buf.c | 4 drivers/infiniband/hw/mlx4/mad.c | 1 drivers/infiniband/hw/qib/qib.h | 3 drivers/infiniband/hw/qib/qib_file_ops.c | 10 - drivers/infiniband/hw/qib/qib_user_pages.c | 20 +- drivers/input/mouse/elan_i2c.h | 2 drivers/input/mouse/elan_i2c_core.c | 3 drivers/input/mouse/elan_i2c_smbus.c | 10 + drivers/input/mouse/elantech.c | 11 + drivers/md/dm-thin.c | 11 + drivers/md/md.c | 4 drivers/media/dvb-core/dvb_frontend.c | 23 +- drivers/media/usb/cx231xx/cx231xx-cards.c | 3 drivers/media/v4l2-core/v4l2-compat-ioctl32.c | 2 drivers/mfd/intel-lpss.c | 4 drivers/mtd/chips/cfi_cmdset_0002.c | 21 +- drivers/mtd/ubi/build.c | 3 drivers/mtd/ubi/wl.c | 4 drivers/net/bonding/bond_options.c | 1 drivers/net/ethernet/natsemi/sonic.c | 2 drivers/net/usb/cdc_ncm.c | 4 drivers/net/usb/qmi_wwan.c | 1 drivers/nvdimm/bus.c | 14 + drivers/of/unittest.c | 8 - drivers/pci/hotplug/pciehp.h | 2 drivers/pci/hotplug/pciehp_core.c | 2 drivers/pci/hotplug/pciehp_hpc.c | 13 + drivers/s390/scsi/zfcp_dbf.c | 40 +++++ drivers/s390/scsi/zfcp_erp.c | 123 ++++++++++++---- drivers/s390/scsi/zfcp_ext.h | 5 drivers/s390/scsi/zfcp_scsi.c | 18 +- drivers/scsi/qla2xxx/qla_init.c | 3 drivers/spi/spi.c | 10 + drivers/tty/serial/sh-sci.c | 8 - drivers/usb/core/hub.c | 4 drivers/usb/musb/musb_host.c | 5 drivers/usb/musb/musb_host.h | 7 drivers/usb/musb/musb_virthub.c | 25 +-- drivers/video/backlight/as3711_bl.c | 33 ++-- drivers/video/backlight/max8925_bl.c | 4 drivers/video/backlight/tps65217_bl.c | 4 drivers/video/fbdev/uvesafb.c | 3 drivers/w1/masters/mxc_w1.c | 20 +- drivers/w1/w1.c | 2 drivers/xen/events/events_base.c | 2 fs/binfmt_misc.c | 12 + fs/btrfs/inode.c | 33 +++- fs/btrfs/ioctl.c | 12 - fs/btrfs/scrub.c | 2 fs/ext4/inode.c | 36 ++-- fs/ext4/resize.c | 2 fs/fuse/control.c | 13 + fs/fuse/dir.c | 13 + fs/fuse/inode.c | 1 fs/nfs/nfs4idmap.c | 5 fs/nfsd/nfs4xdr.c | 5 fs/ubifs/journal.c | 2 fs/udf/directory.c | 3 include/linux/blkdev.h | 4 include/linux/compiler.h | 2 include/linux/iio/buffer.h | 6 include/net/bluetooth/hci_core.h | 2 kernel/time/time.c | 6 lib/vsprintf.c | 3 net/bluetooth/hci_conn.c | 27 ++- net/bluetooth/hci_event.c | 15 + net/bridge/netfilter/ebtables.c | 3 net/ipv4/tcp_input.c | 2 net/ipv4/tcp_ipv4.c | 4 net/ipv6/tcp_ipv6.c | 4 net/ipv6/xfrm6_policy.c | 2 net/netfilter/ipvs/ip_vs_ctl.c | 21 +- net/xfrm/xfrm_policy.c | 5 sound/pci/hda/hda_controller.c | 4 sound/pci/hda/patch_conexant.c | 2 sound/pci/hda/patch_realtek.c | 1 sound/soc/cirrus/edb93xx.c | 2 sound/soc/cirrus/ep93xx-i2s.c | 26 +-- sound/soc/cirrus/snappercl15.c | 2 sound/soc/soc-dapm.c | 2 tools/perf/util/dso.c | 2 tools/perf/util/intel-pt-decoder/intel-pt-decoder.c | 23 ++ tools/perf/util/intel-pt-decoder/intel-pt-decoder.h | 9 + tools/perf/util/intel-pt-decoder/intel-pt-pkt-decoder.c | 2 tools/perf/util/intel-pt.c | 5 107 files changed, 684 insertions(+), 272 deletions(-) ??? (1): Input: elantech - fix V4 report decoding for module with middle key Aaron Ma (1): Input: elantech - enable middle button of touchpads on ThinkPad P52 Adrian Hunter (6): perf tools: Fix symbol and object code resolution for vdso32 and vdsox32 perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP perf intel-pt: Fix MTC timing after overflow perf intel-pt: Fix "Unexpected indirect branch" error perf intel-pt: Fix packet decoding of CYC packets Alexander Sverdlin (2): ASoC: cirrus: i2s: Fix LRCLK configuration ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup Alexandr Savca (1): Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID Amit Pundir (1): Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader Andy Shevchenko (1): mfd: intel-lpss: Program REMAP register in PIO mode Aneesh Kumar K.V (1): powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch Ben Hutchings (1): Input: elan_i2c_smbus - fix more potential stack buffer overflows Bjørn Mork (1): cdc_ncm: avoid padding beyond end of skb Bo Chen (1): ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream() Boris Ostrovsky (1): xen: Remove unnecessary BUG_ON from __unbind_from_irq() Colin Ian King (1): libata: zpodd: make arrays cdb static, reduces object code size Corey Minyard (1): ipmi:bt: Set the timeout before doing a capabilities check Dan Carpenter (1): libata: zpodd: small read overflow in eject_tray() Dan Williams (1): x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec() Daniel Glöckner (1): usb: musb: fix remote wakeup racing with suspend Daniel Wagner (1): serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version Dave Wysochanski (1): NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message David Rivshin (1): ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size Dennis Wassenberg (2): ALSA: hda: add dock and led support for HP EliteBook 830 G5 ALSA: hda: add dock and led support for HP ProBook 640 G4 Eric Dumazet (2): xfrm6: avoid potential infinite loop in _decode_session6() tcp: do not overshoot window_clamp in tcp_rcv_space_adjust() Eric W. Biederman (1): signal/xtensa: Consistenly use SIGBUS in do_unaligned_user Finn Thain (1): net/sonic: Use dma_mapping_error() Florian Westphal (1): xfrm: skip policies marked as dead while rehashing Frank van der Linden (1): tcp: verify the checksum of the first data segment in a new connection Gautham R. Shenoy (1): cpuidle: powernv: Fix promotion from snooze if next state disabled Geert Uytterhoeven (2): lib/vsprintf: Remove atomic-unsafe support for %pCr time: Make sure jiffies_to_msecs() preserves non-zero time periods Greg Kroah-Hartman (1): Linux 4.4.139 Hans de Goede (1): libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk Himanshu Madhani (1): scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails Huacai Chen (1): MIPS: io: Add barrier after register read in inX() Ingo Flaschberger (1): 1wire: family module autoload fails because of upper/lower case mismatch. Ivan Bornyakov (1): atm: zatm: fix memcmp casting Jan Kara (2): ext4: fix fencepost error in check for inode count overflow during resize udf: Detect incorrect directory size Joakim Tjernlund (4): mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock() mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking. Johan Hovold (3): backlight: as3711_bl: Fix Device Tree node lookup backlight: max8925_bl: Fix Device Tree node lookup backlight: tps65217_bl: Fix Device Tree node lookup Josh Hill (1): net: qmi_wwan: Add Netgear Aircard 779S Julian Anastasov (1): ipvs: fix buffer overflow with sync daemon and service Kai-Heng Feng (1): media: cx231xx: Add support for AverMedia DVD EZMaker 7 Kees Cook (1): video: uvesafb: Fix integer overflow in allocation Keith Busch (1): block: Fix transfer when chunk sectors exceeds max Leon Romanovsky (1): RDMA/mlx4: Discard unknown SQP work requests Liu Bo (2): Btrfs: make raid6 rebuild retry more Btrfs: fix unexpected cow in run_delalloc_nocow Lukas Czerner (1): ext4: update mtime in ext4_punch_hole even if no blocks are released Mahesh Salgaonkar (1): powerpc/fadump: Unregister fadump on kexec down path. Martin Kelly (1): iio:buffer: make length types match kfifo types Matthias Schiffer (1): mips: ftrace: fix static function graph tracing Mauro Carvalho Chehab (2): media: v4l2-compat-ioctl32: prevent go past max size media: dvb_frontend: fix locking issues at dvb_frontend_get_event() Maxim Moseychuk (1): usb: do not reset if a low-speed or full-speed device timed out Maxime Chevallier (1): spi: Fix scatterlist elements size in spi_map_buf Michael Neuling (2): powerpc/ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG powerpc/ptrace: Fix enforcement of DAWR constraints Michael Schmitz (1): m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap() Mika Westerberg (1): PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume Mike Marciniszyn (1): IB/qib: Fix DMA api warning with debug kernel Mike Snitzer (1): dm thin: handle running out of data space vs concurrent discard Miklos Szeredi (2): fuse: atomic_o_trunc should truncate pagecache fuse: fix control dir setup and teardown Mikulas Patocka (1): branch-check: fix long->int truncation when profiling branches NeilBrown (1): md: fix two problems with setting the "re-add" device state. Omar Sandoval (1): Btrfs: fix clone vs chattr NODATASUM race Paolo Abeni (1): netfilter: ebtables: handle string from userspace with care Qu Wenruo (1): btrfs: scrub: Don't use inode pages for device replace Richard Weinberger (1): ubi: fastmap: Cancel work upon detach Robert Elliott (1): linvdimm, pmem: Preserve read-only setting for pmem devices Sasha Levin (1): Revert "Btrfs: fix scrub to repair raid6 corruption" Scott Mayhew (1): nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir Silvio Cesare (1): UBIFS: Fix potential integer overflow in allocation Srinivas Kandagatla (1): ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it Stefan M Schaeckeler (1): of: unittest: for strings, account for trailing \0 in property length field Stefan Potyra (1): w1: mxc_w1: Enable clock before calling clk_get_rate() on it Steffen Maier (7): scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread Szymon Janc (1): Bluetooth: Fix connection if directed advertising and privacy is used Takashi Iwai (1): ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210 Tao Wang (1): cpufreq: Fix new policy initialization during limits updates via sysfs Tetsuo Handa (2): driver core: Don't ignore class_dir_create_and_add() failure. fuse: don't keep dead fuse_conn at fuse_fill_super(). Thadeu Lima de Souza Cascardo (1): fs/binfmt_misc.c: do not allow offset overflow Tobias Brunner (1): xfrm: Ignore socket policies when rebuilding hash tables Tokunori Ikegami (2): mtd: cfi_cmdset_0002: Change write buffer to check correct value MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum Xiangning Yu (1): bonding: re-evaluate force_primary when the primary slave name changes

7 years, 2 months

1
1
0 0

Linux 3.18.114

by Greg KH

I'm announcing the release of the 3.18.114 kernel. All users of the 3.18 kernel series must upgrade. The updated 3.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 7 - arch/arm/boot/compressed/head.S | 16 +-- arch/arm/include/asm/kgdb.h | 2 arch/arm/mach-davinci/board-dm355-evm.c | 6 + arch/arm/mach-davinci/board-dm646x-evm.c | 3 arch/arm/mach-keystone/pm_domain.c | 1 arch/arm64/kernel/ptrace.c | 6 - arch/hexagon/include/asm/io.h | 6 + arch/hexagon/lib/checksum.c | 1 arch/m68k/mm/kmap.c | 3 arch/mips/bcm47xx/setup.c | 6 + arch/mips/include/asm/io.h | 4 arch/mips/include/asm/mipsregs.h | 3 arch/mips/kernel/mcount.S | 27 ++---- arch/parisc/kernel/time.c | 2 arch/powerpc/kernel/entry_64.S | 1 arch/powerpc/kernel/fadump.c | 3 arch/powerpc/kernel/hw_breakpoint.c | 4 arch/powerpc/kernel/ptrace.c | 1 arch/x86/kernel/cpu/intel.c | 3 arch/xtensa/kernel/traps.c | 2 drivers/ata/libata-core.c | 3 drivers/ata/libata-eh.c | 4 drivers/ata/libata-zpodd.c | 4 drivers/char/agp/uninorth-agp.c | 4 drivers/char/ipmi/ipmi_bt_sm.c | 3 drivers/gpu/drm/msm/msm_gem.c | 20 ++-- drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 6 + drivers/i2c/busses/i2c-pmcmsp.c | 4 drivers/i2c/busses/i2c-viperboard.c | 2 drivers/md/dm-thin.c | 11 ++ drivers/media/dvb-core/dvb_frontend.c | 23 +++-- drivers/media/usb/cx231xx/cx231xx-cards.c | 3 drivers/media/v4l2-core/v4l2-compat-ioctl32.c | 2 drivers/mtd/chips/cfi_cmdset_0002.c | 21 ++-- drivers/net/can/dev.c | 2 drivers/net/phy/marvell.c | 9 ++ drivers/pci/hotplug/pciehp.h | 2 drivers/pci/hotplug/pciehp_core.c | 2 drivers/pci/hotplug/pciehp_hpc.c | 13 ++ drivers/s390/net/smsgiucv.c | 2 drivers/scsi/isci/port_config.c | 3 drivers/scsi/qla2xxx/qla_init.c | 3 drivers/scsi/scsi_transport_iscsi.c | 29 ++++-- drivers/scsi/vmw_pvscsi.c | 2 drivers/usb/core/hub.c | 4 drivers/usb/musb/musb_host.c | 5 - drivers/usb/musb/musb_host.h | 7 + drivers/usb/musb/musb_virthub.c | 25 +++-- drivers/video/backlight/as3711_bl.c | 33 +++++-- drivers/video/backlight/max8925_bl.c | 4 drivers/video/backlight/tps65217_bl.c | 4 drivers/video/fbdev/uvesafb.c | 3 drivers/w1/masters/mxc_w1.c | 20 ++-- drivers/xen/events/events_base.c | 2 fs/binfmt_misc.c | 12 ++ fs/btrfs/scrub.c | 2 fs/ext4/inode.c | 36 ++++---- fs/ext4/resize.c | 2 fs/fuse/dir.c | 13 ++ fs/fuse/inode.c | 1 fs/isofs/inode.c | 3 fs/nfsd/nfs4xdr.c | 5 - fs/notify/fsnotify.c | 25 ++--- fs/ubifs/journal.c | 2 fs/udf/directory.c | 3 include/linux/blkdev.h | 4 include/linux/compiler.h | 2 kernel/kthread.c | 7 - kernel/time/time.c | 6 - net/ipv4/tcp_input.c | 2 net/key/af_key.c | 45 +++++++--- net/mac80211/mlme.c | 25 ++++- net/rds/ib_cm.c | 3 sound/pci/hda/hda_controller.c | 4 sound/soc/cirrus/edb93xx.c | 2 sound/soc/cirrus/ep93xx-i2s.c | 26 +++-- sound/soc/cirrus/snappercl15.c | 2 sound/soc/soc-dapm.c | 2 tools/Makefile | 20 +++- tools/net/bpf_dbg.c | 7 + tools/testing/selftests/ftrace/test.d/trigger/inter-event/trigger-multi-actions-accept.tc | 44 +++++++++ 82 files changed, 466 insertions(+), 230 deletions(-) Alexander Sverdlin (2): ASoC: cirrus: i2s: Fix LRCLK configuration ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup Amir Goldstein (1): fsnotify: fix ignore mask logic in send_to_group() Aneesh Kumar K.V (1): powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch Arnd Bergmann (2): hexagon: add memset_io() helper hexagon: export csum_partial_copy_nocheck Baolin Wang (1): parisc: time: Convert read_persistent_clock() to read_persistent_clock64() Ben Hutchings (1): drm/msm: Fix possible null dereference on failure of get_pages() Bo Chen (1): ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream() Boris Ostrovsky (1): xen: Remove unnecessary BUG_ON from __unbind_from_irq() Chengguang Xu (1): isofs: fix potential memory leak in mount option parsing Chris Leech (1): scsi: iscsi: respond to netlink with unicast when appropriate Colin Ian King (2): scsi: isci: Fix infinite loop in while loop libata: zpodd: make arrays cdb static, reduces object code size Corey Minyard (1): ipmi:bt: Set the timeout before doing a capabilities check Dag Moxnes (1): rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp Dan Carpenter (1): libata: zpodd: small read overflow in eject_tray() Daniel Glöckner (1): usb: musb: fix remote wakeup racing with suspend David Rivshin (1): ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size Eric Dumazet (1): tcp: do not overshoot window_clamp in tcp_rcv_space_adjust() Eric W. Biederman (1): signal/xtensa: Consistenly use SIGBUS in do_unaligned_user Geert Uytterhoeven (1): time: Make sure jiffies_to_msecs() preserves non-zero time periods Greg Kroah-Hartman (1): Linux 3.18.114 Hans de Goede (1): libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk Himanshu Madhani (1): scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails Huacai Chen (1): MIPS: io: Add barrier after register read in inX() Ilan Peer (1): mac80211: Adjust SAE authentication timeout Jakob Unterwurzacher (1): can: dev: increase bus-off message severity Jan Kara (2): ext4: fix fencepost error in check for inode count overflow during resize udf: Detect incorrect directory size Jim Gill (1): scsi: vmw-pvscsi: return DID_BUS_BUSY for adapter-initated aborts Jingju Hou (1): net: phy: marvell: clear wol event before setting it Jiri Olsa (2): tools build: No need to make libapi for perf explicitly tools build: Fix Makefile(s) to properly invoke tools build Joakim Tjernlund (4): mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock() mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking. Johan Hovold (3): backlight: as3711_bl: Fix Device Tree node lookup backlight: max8925_bl: Fix Device Tree node lookup backlight: tps65217_bl: Fix Device Tree node lookup John Fastabend (1): bpf: fix uninitialized variable in bpf tools Kai-Heng Feng (1): media: cx231xx: Add support for AverMedia DVD EZMaker 7 Kees Cook (1): video: uvesafb: Fix integer overflow in allocation Keith Busch (1): block: Fix transfer when chunk sectors exceeds max Kevin Easton (1): af_key: Always verify length of provided sadb_key Lukas Czerner (1): ext4: update mtime in ext4_punch_hole even if no blocks are released Mahesh Salgaonkar (1): powerpc/fadump: Unregister fadump on kexec down path. Mark Rutland (1): arm64: ptrace: remove addr_limit manipulation Martin Schwidefsky (1): s390/smsgiucv: disable SMSG on module unload Masami Hiramatsu (1): selftests: ftrace: Add a testcase for multiple actions on trigger Mathieu Malaterre (2): driver core: add __printf verification to __ata_ehi_pushv_desc agp: uninorth: make two functions static Matthias Schiffer (1): mips: ftrace: fix static function graph tracing Mauro Carvalho Chehab (2): media: v4l2-compat-ioctl32: prevent go past max size media: dvb_frontend: fix locking issues at dvb_frontend_get_event() Maxim Moseychuk (1): usb: do not reset if a low-speed or full-speed device timed out Michael Neuling (2): powerpc/ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG powerpc/ptrace: Fix enforcement of DAWR constraints Michael Schmitz (1): m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap() Mika Westerberg (1): PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume Mike Snitzer (1): dm thin: handle running out of data space vs concurrent discard Miklos Szeredi (1): fuse: atomic_o_trunc should truncate pagecache Mikulas Patocka (1): branch-check: fix long->int truncation when profiling branches Peter Rosin (3): i2c: pmcmsp: return message count on master_xfer success i2c: pmcmsp: fix error return from master_xfer i2c: viperboard: return message count on master_xfer success Peter Zijlstra (1): kthread, sched/wait: Fix kthread_parkme() wait-loop Qu Wenruo (1): btrfs: scrub: Don't use inode pages for device replace Russell King (1): ARM: keystone: fix platform_domain_notifier array overrun Scott Mayhew (1): nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir Sekhar Nori (2): ARM: davinci: board-dm355-evm: fix broken networking ARM: davinci: board-dm646x-evm: set VPIF capture card name Silvio Cesare (1): UBIFS: Fix potential integer overflow in allocation Sinan Kaya (1): MIPS: io: Add barrier after register read in readX() Srinivas Kandagatla (1): ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it Stefan Potyra (1): w1: mxc_w1: Enable clock before calling clk_get_rate() on it Tetsuo Handa (1): fuse: don't keep dead fuse_conn at fuse_fill_super(). Thadeu Lima de Souza Cascardo (1): fs/binfmt_misc.c: do not allow offset overflow Tokunori Ikegami (2): mtd: cfi_cmdset_0002: Change write buffer to check correct value MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum Tomi Valkeinen (1): drm/omap: fix possible NULL ref issue in tiler_reserve_2d jacek.tomaka(a)poczta.fm (1): x86/cpu/intel: Add missing TLB cpuid values Łukasz Stelmach (1): ARM: 8753/1: decompressor: add a missing parameter to the addruart macro

7 years, 2 months

1
1
0 0

patch "mei: discard messages from not connected client during power down." added to char-misc-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled mei: discard messages from not connected client during power down. to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From b7a020bff31318fc8785e6f96b1d38c1625cf1fb Mon Sep 17 00:00:00 2001 From: Alexander Usyskin <alexander.usyskin(a)intel.com> Date: Thu, 7 Jun 2018 00:31:48 +0300 Subject: mei: discard messages from not connected client during power down. This fixes regression introduced by commit 8d52af6795c0 ("mei: speed up the power down flow") In power down or suspend flow a message can still be received from the FW because the clients fake disconnection. In normal case we interpret messages w/o destination as corrupted and link reset is performed in order to clean the channel, but during power down link reset is already in progress resulting in endless loop. To resolve the issue under power down flow we discard messages silently. Cc: <stable(a)vger.kernel.org> 4.16+ Fixes: 8d52af6795c0 ("mei: speed up the power down flow") Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199541 Signed-off-by: Alexander Usyskin <alexander.usyskin(a)intel.com> Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/misc/mei/interrupt.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/misc/mei/interrupt.c b/drivers/misc/mei/interrupt.c index b0b8f18a85e3..6649f0d56d2f 100644 --- a/drivers/misc/mei/interrupt.c +++ b/drivers/misc/mei/interrupt.c @@ -310,8 +310,11 @@ int mei_irq_read_handler(struct mei_device *dev, if (&cl->link == &dev->file_list) { /* A message for not connected fixed address clients * should be silently discarded + * On power down client may be force cleaned, + * silently discard such messages */ - if (hdr_is_fixed(mei_hdr)) { + if (hdr_is_fixed(mei_hdr) || + dev->dev_state == MEI_DEV_POWER_DOWN) { mei_irq_discard_msg(dev, mei_hdr); ret = 0; goto reset_slots; -- 2.18.0

7 years, 2 months

1
0
0 0

patch "Drivers: hv: vmbus: Fix the offer_in_progress in" added to char-misc-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled Drivers: hv: vmbus: Fix the offer_in_progress in to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the char-misc-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 50229128727f7e11840ca1b2b501f880818d56b6 Mon Sep 17 00:00:00 2001 From: Dexuan Cui <decui(a)microsoft.com> Date: Tue, 5 Jun 2018 13:37:52 -0700 Subject: Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer() I didn't really hit a real bug, but just happened to spot the bug: we have decreased the counter at the beginning of vmbus_process_offer(), so we mustn't decrease it again. Fixes: 6f3d791f3006 ("Drivers: hv: vmbus: Fix rescind handling issues") Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Cc: stable(a)vger.kernel.org Cc: Stephen Hemminger <sthemmin(a)microsoft.com> Cc: K. Y. Srinivasan <kys(a)microsoft.com> Cc: Stable <stable(a)vger.kernel.org> # 4.14 and above Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/hv/channel_mgmt.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/drivers/hv/channel_mgmt.c b/drivers/hv/channel_mgmt.c index ecc2bd275a73..f3b551a50653 100644 --- a/drivers/hv/channel_mgmt.c +++ b/drivers/hv/channel_mgmt.c @@ -527,10 +527,8 @@ static void vmbus_process_offer(struct vmbus_channel *newchannel) struct hv_device *dev = newchannel->primary_channel->device_obj; - if (vmbus_add_channel_kobj(dev, newchannel)) { - atomic_dec(&vmbus_connection.offer_in_progress); + if (vmbus_add_channel_kobj(dev, newchannel)) goto err_free_chan; - } if (channel->sc_creation_callback != NULL) channel->sc_creation_callback(newchannel); -- 2.18.0

7 years, 2 months

1
0
0 0

patch "staging: rtl8723bs: Prevent an underflow in rtw_check_beacon_data()." added to staging-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled staging: rtl8723bs: Prevent an underflow in rtw_check_beacon_data(). to my staging git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git in the staging-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 920c92448839bd4f8eb87a92b08cad56d449caff Mon Sep 17 00:00:00 2001 From: Murray McAllister <murray.mcallister(a)insomniasec.com> Date: Mon, 2 Jul 2018 13:07:28 +1200 Subject: staging: rtl8723bs: Prevent an underflow in rtw_check_beacon_data(). Dan Carpenter reported an integer underflow issue in the rtl8188eu driver. This is also needed for the length (signed integer) in rtl8723bs, as it is later converted to an unsigned integer and used in a memcpy operation. Original issue is at https://patchwork.kernel.org/patch/9796371/ Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com> Signed-off-by: Murray McAllister <murray.mcallister(a)insomniasec.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/staging/rtl8723bs/core/rtw_ap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/rtl8723bs/core/rtw_ap.c b/drivers/staging/rtl8723bs/core/rtw_ap.c index 45c05527a57a..faf4b4158cfa 100644 --- a/drivers/staging/rtl8723bs/core/rtw_ap.c +++ b/drivers/staging/rtl8723bs/core/rtw_ap.c @@ -1051,7 +1051,7 @@ int rtw_check_beacon_data(struct adapter *padapter, u8 *pbuf, int len) return _FAIL; - if (len > MAX_IE_SZ) + if (len < 0 || len > MAX_IE_SZ) return _FAIL; pbss_network->IELength = len; -- 2.18.0

7 years, 2 months

3
2
0 0

[PATCH v5 0/7] powerpc/pseries: Machien check handler improvements.

by Mahesh J Salgaonkar

This patch series includes some improvement to Machine check handler for pseries. Patch 1 fixes a buffer overrun issue if rtas extended error log size is greater than RTAS_ERROR_LOG_MAX. Patch 2 fixes an issue where machine check handler crashes kernel while accessing vmalloc-ed buffer while in nmi context. Patch 3 fixes endain bug while restoring of r3 in MCE handler. Patch 5 implements a real mode mce handler and flushes the SLBs on SLB error. Patch 6 display's the MCE error details on console. Patch 7 saves and dumps the SLB contents on SLB MCE errors to improve the debugability. Change in V5: - Use min_t instead of max_t. - Fix an issue reported by kbuild test robot and addressed review comments. Change in V4: - Flush the SLBs in real mode mce handler to handle SLB errors for entry 0. - Allocate buffers per cpu to hold rtas error log and old slb contents. - Defer the logging of rtas error log to irq work queue. Change in V3: - Moved patch 5 to patch 2 Change in V2: - patch 3: Display additional info (NIP and task info) in MCE error details. - patch 5: Fix endain bug while restoring of r3 in MCE handler. --- Mahesh Salgaonkar (7): powerpc/pseries: Avoid using the size greater than powerpc/pseries: Defer the logging of rtas error to irq work queue. powerpc/pseries: Fix endainness while restoring of r3 in MCE handler. powerpc/pseries: Define MCE error event section. powerpc/pseries: flush SLB contents on SLB MCE errors. powerpc/pseries: Display machine check error details. powerpc/pseries: Dump the SLB contents on SLB MCE errors. arch/powerpc/include/asm/book3s/64/mmu-hash.h | 8 + arch/powerpc/include/asm/machdep.h | 1 arch/powerpc/include/asm/paca.h | 4 arch/powerpc/include/asm/rtas.h | 116 ++++++++++++ arch/powerpc/kernel/exceptions-64s.S | 42 ++++ arch/powerpc/kernel/mce.c | 16 +- arch/powerpc/mm/slb.c | 63 +++++++ arch/powerpc/platforms/powernv/opal.c | 1 arch/powerpc/platforms/pseries/pseries.h | 1 arch/powerpc/platforms/pseries/ras.c | 241 +++++++++++++++++++++++-- arch/powerpc/platforms/pseries/setup.c | 27 +++ 11 files changed, 499 insertions(+), 21 deletions(-) -- Signature

7 years, 2 months

3
4
0 0

[PATCH 1/2] misc: sram: fix resource leaks in probe error path

by Johan Hovold

Make sure to disable clocks and deregister any exported partitions before returning on late probe errors. Note that since commit ee895ccdf776 ("misc: sram: fix enabled clock leak on error path"), partitions are deliberately exported before enabling the clock so we stick to that logic here. A follow up patch will address this. Fixes: 2ae2e28852f2 ("misc: sram: add Atmel securam support") Cc: stable <stable(a)vger.kernel.org> # 4.9 Cc: Alexandre Belloni <alexandre.belloni(a)free-electrons.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/misc/sram.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/misc/sram.c b/drivers/misc/sram.c index c5dc6095686a..679647713e36 100644 --- a/drivers/misc/sram.c +++ b/drivers/misc/sram.c @@ -407,13 +407,20 @@ static int sram_probe(struct platform_device *pdev) if (init_func) { ret = init_func(); if (ret) - return ret; + goto err_disable_clk; } dev_dbg(sram->dev, "SRAM pool: %zu KiB @ 0x%p\n", gen_pool_size(sram->pool) / 1024, sram->virt_base); return 0; + +err_disable_clk: + if (sram->clk) + clk_disable_unprepare(sram->clk); + sram_free_partitions(sram); + + return ret; } static int sram_remove(struct platform_device *pdev) -- 2.18.0

7 years, 2 months

1
0
0 0

[PATCH 3.18 00/85] 3.18.114-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 3.18.114 release. There are 85 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Tue Jul 3 15:31:04 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v3.x/stable-review/patch-3.18.114-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-3.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 3.18.114-rc1 Mike Snitzer <snitzer(a)redhat.com> dm thin: handle running out of data space vs concurrent discard Keith Busch <keith.busch(a)intel.com> block: Fix transfer when chunk sectors exceeds max Jan Kara <jack(a)suse.cz> udf: Detect incorrect directory size Boris Ostrovsky <boris.ostrovsky(a)oracle.com> xen: Remove unnecessary BUG_ON from __unbind_from_irq() Kees Cook <keescook(a)chromium.org> video: uvesafb: Fix integer overflow in allocation Scott Mayhew <smayhew(a)redhat.com> nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir Mauro Carvalho Chehab <mchehab(a)s-opensource.com> media: dvb_frontend: fix locking issues at dvb_frontend_get_event() Kai-Heng Feng <kai.heng.feng(a)canonical.com> media: cx231xx: Add support for AverMedia DVD EZMaker 7 Mauro Carvalho Chehab <mchehab(a)s-opensource.com> media: v4l2-compat-ioctl32: prevent go past max size Johan Hovold <johan(a)kernel.org> backlight: tps65217_bl: Fix Device Tree node lookup Johan Hovold <johan(a)kernel.org> backlight: max8925_bl: Fix Device Tree node lookup Johan Hovold <johan(a)kernel.org> backlight: as3711_bl: Fix Device Tree node lookup Silvio Cesare <silvio.cesare(a)gmail.com> UBIFS: Fix potential integer overflow in allocation Himanshu Madhani <himanshu.madhani(a)cavium.com> scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails Geert Uytterhoeven <geert(a)linux-m68k.org> time: Make sure jiffies_to_msecs() preserves non-zero time periods Huacai Chen <chenhc(a)lemote.com> MIPS: io: Add barrier after register read in inX() Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume Tokunori Ikegami <ikegami(a)allied-telesis.co.jp> MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking. Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock() Tokunori Ikegami <ikegami(a)allied-telesis.co.jp> mtd: cfi_cmdset_0002: Change write buffer to check correct value David Rivshin <DRivshin(a)allworx.com> ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/fadump: Unregister fadump on kexec down path. Michael Neuling <mikey(a)neuling.org> powerpc/ptrace: Fix enforcement of DAWR constraints Michael Neuling <mikey(a)neuling.org> powerpc/ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> fuse: don't keep dead fuse_conn at fuse_fill_super(). Miklos Szeredi <mszeredi(a)redhat.com> fuse: atomic_o_trunc should truncate pagecache Corey Minyard <cminyard(a)mvista.com> ipmi:bt: Set the timeout before doing a capabilities check Mikulas Patocka <mpatocka(a)redhat.com> branch-check: fix long->int truncation when profiling branches Matthias Schiffer <mschiffer(a)universe-factory.net> mips: ftrace: fix static function graph tracing Alexander Sverdlin <alexander.sverdlin(a)gmail.com> ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup Alexander Sverdlin <alexander.sverdlin(a)gmail.com> ASoC: cirrus: i2s: Fix LRCLK configuration Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it Maxim Moseychuk <franchesko.salias.hudro.pedros(a)gmail.com> usb: do not reset if a low-speed or full-speed device timed out Eric W. Biederman <ebiederm(a)xmission.com> signal/xtensa: Consistenly use SIGBUS in do_unaligned_user Michael Schmitz <schmitzmic(a)gmail.com> m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap() Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> fs/binfmt_misc.c: do not allow offset overflow Stefan Potyra <Stefan.Potyra(a)elektrobit.com> w1: mxc_w1: Enable clock before calling clk_get_rate() on it Hans de Goede <hdegoede(a)redhat.com> libata: Drop SanDisk SD7UB3Q*G1001 NOLPM quirk Dan Carpenter <dan.carpenter(a)oracle.com> libata: zpodd: small read overflow in eject_tray() Colin Ian King <colin.king(a)canonical.com> libata: zpodd: make arrays cdb static, reduces object code size Bo Chen <chenbo(a)pdx.edu> ALSA: hda - Handle kzalloc() failure in snd_hda_attach_pcm_stream() Qu Wenruo <wqu(a)suse.com> btrfs: scrub: Don't use inode pages for device replace Jan Kara <jack(a)suse.cz> ext4: fix fencepost error in check for inode count overflow during resize Lukas Czerner <lczerner(a)redhat.com> ext4: update mtime in ext4_punch_hole even if no blocks are released Eric Dumazet <edumazet(a)google.com> tcp: do not overshoot window_clamp in tcp_rcv_space_adjust() Łukasz Stelmach <l.stelmach(a)samsung.com> ARM: 8753/1: decompressor: add a missing parameter to the addruart macro Helge Deller <deller(a)gmx.de> parisc: Move setup_profiling_timer() out of init section Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-dm646x-evm: set VPIF capture card name Peter Rosin <peda(a)axentia.se> i2c: viperboard: return message count on master_xfer success Peter Rosin <peda(a)axentia.se> i2c: pmcmsp: fix error return from master_xfer Peter Rosin <peda(a)axentia.se> i2c: pmcmsp: return message count on master_xfer success Russell King <rmk+kernel(a)armlinux.org.uk> ARM: keystone: fix platform_domain_notifier array overrun Daniel Glöckner <dg(a)emlix.com> usb: musb: fix remote wakeup racing with suspend Mathieu Malaterre <malat(a)debian.org> agp: uninorth: make two functions static Jakob Unterwurzacher <jakob.unterwurzacher(a)theobroma-systems.com> can: dev: increase bus-off message severity Mathieu Malaterre <malat(a)debian.org> driver core: add __printf verification to __ata_ehi_pushv_desc Tomi Valkeinen <tomi.valkeinen(a)ti.com> drm/omap: fix possible NULL ref issue in tiler_reserve_2d Ilan Peer <ilan.peer(a)intel.com> mac80211: Adjust SAE authentication timeout Peter Zijlstra <peterz(a)infradead.org> kthread, sched/wait: Fix kthread_parkme() wait-loop Helge Deller <deller(a)gmx.de> parisc: drivers.c: Fix section mismatches Jim Gill <jgill(a)vmware.com> scsi: vmw-pvscsi: return DID_BUS_BUSY for adapter-initated aborts Arnd Bergmann <arnd(a)arndb.de> hexagon: export csum_partial_copy_nocheck Arnd Bergmann <arnd(a)arndb.de> hexagon: add memset_io() helper Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-dm355-evm: fix broken networking John Fastabend <john.fastabend(a)gmail.com> bpf: fix uninitialized variable in bpf tools jacek.tomaka(a)poczta.fm <jacek.tomaka(a)poczta.fm> x86/cpu/intel: Add missing TLB cpuid values Dag Moxnes <dag.moxnes(a)oracle.com> rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp Masami Hiramatsu <mhiramat(a)kernel.org> selftests: ftrace: Add a testcase for multiple actions on trigger Mark Rutland <mark.rutland(a)arm.com> arm64: ptrace: remove addr_limit manipulation Jingju Hou <Jingju.Hou(a)synaptics.com> net: phy: marvell: clear wol event before setting it Colin Ian King <colin.king(a)canonical.com> scsi: isci: Fix infinite loop in while loop Baolin Wang <baolin.wang(a)linaro.org> parisc: time: Convert read_persistent_clock() to read_persistent_clock64() Ben Hutchings <ben.hutchings(a)codethink.co.uk> drm/msm: Fix possible null dereference on failure of get_pages() Chris Leech <cleech(a)redhat.com> scsi: iscsi: respond to netlink with unicast when appropriate Chengguang Xu <cgxu519(a)gmx.com> isofs: fix potential memory leak in mount option parsing Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390/smsgiucv: disable SMSG on module unload Sinan Kaya <okaya(a)codeaurora.org> MIPS: io: Add barrier after register read in readX() Amir Goldstein <amir73il(a)gmail.com> fsnotify: fix ignore mask logic in send_to_group() Kevin Easton <kevin(a)guarana.org> af_key: Always verify length of provided sadb_key Jiri Olsa <jolsa(a)kernel.org> tools build: Fix Makefile(s) to properly invoke tools build Jiri Olsa <jolsa(a)kernel.org> tools build: No need to make libapi for perf explicitly ------------- Diffstat: Makefile | 9 ++--- arch/arm/boot/compressed/head.S | 16 ++++---- arch/arm/include/asm/kgdb.h | 2 +- arch/arm/mach-davinci/board-dm355-evm.c | 6 +++ arch/arm/mach-davinci/board-dm646x-evm.c | 3 +- arch/arm/mach-keystone/pm_domain.c | 1 + arch/arm64/kernel/ptrace.c | 6 --- arch/hexagon/include/asm/io.h | 6 +++ arch/hexagon/lib/checksum.c | 1 + arch/m68k/mm/kmap.c | 3 +- arch/mips/bcm47xx/setup.c | 6 +++ arch/mips/include/asm/io.h | 4 ++ arch/mips/include/asm/mipsregs.h | 3 ++ arch/mips/kernel/mcount.S | 27 ++++++------- arch/parisc/kernel/drivers.c | 7 ++-- arch/parisc/kernel/smp.c | 3 +- arch/parisc/kernel/time.c | 2 +- arch/powerpc/kernel/entry_64.S | 1 + arch/powerpc/kernel/fadump.c | 3 ++ arch/powerpc/kernel/hw_breakpoint.c | 4 +- arch/powerpc/kernel/ptrace.c | 1 + arch/x86/kernel/cpu/intel.c | 3 ++ arch/xtensa/kernel/traps.c | 2 +- drivers/ata/libata-core.c | 3 -- drivers/ata/libata-eh.c | 4 +- drivers/ata/libata-zpodd.c | 4 +- drivers/char/agp/uninorth-agp.c | 4 +- drivers/char/ipmi/ipmi_bt_sm.c | 3 +- drivers/gpu/drm/msm/msm_gem.c | 20 +++++----- drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 6 ++- drivers/i2c/busses/i2c-pmcmsp.c | 4 +- drivers/i2c/busses/i2c-viperboard.c | 2 +- drivers/md/dm-thin.c | 11 +++++- drivers/media/dvb-core/dvb_frontend.c | 23 +++++++---- drivers/media/usb/cx231xx/cx231xx-cards.c | 3 ++ drivers/media/v4l2-core/v4l2-compat-ioctl32.c | 2 +- drivers/mtd/chips/cfi_cmdset_0002.c | 21 +++++----- drivers/net/can/dev.c | 2 +- drivers/net/phy/marvell.c | 9 +++++ drivers/pci/hotplug/pciehp.h | 2 +- drivers/pci/hotplug/pciehp_core.c | 2 +- drivers/pci/hotplug/pciehp_hpc.c | 13 ++++++- drivers/s390/net/smsgiucv.c | 2 +- drivers/scsi/isci/port_config.c | 3 +- drivers/scsi/qla2xxx/qla_init.c | 3 +- drivers/scsi/scsi_transport_iscsi.c | 29 ++++++++------ drivers/scsi/vmw_pvscsi.c | 2 +- drivers/usb/core/hub.c | 4 +- drivers/usb/musb/musb_host.c | 5 ++- drivers/usb/musb/musb_host.h | 7 +++- drivers/usb/musb/musb_virthub.c | 25 +++++++----- drivers/video/backlight/as3711_bl.c | 33 +++++++++++----- drivers/video/backlight/max8925_bl.c | 4 +- drivers/video/backlight/tps65217_bl.c | 4 +- drivers/video/fbdev/uvesafb.c | 3 +- drivers/w1/masters/mxc_w1.c | 20 ++++++---- drivers/xen/events/events_base.c | 2 - fs/binfmt_misc.c | 12 ++++-- fs/btrfs/scrub.c | 2 +- fs/ext4/inode.c | 36 ++++++++--------- fs/ext4/resize.c | 2 +- fs/fuse/dir.c | 13 ++++++- fs/fuse/inode.c | 1 + fs/isofs/inode.c | 3 ++ fs/nfsd/nfs4xdr.c | 5 ++- fs/notify/fsnotify.c | 25 ++++++------ fs/ubifs/journal.c | 2 +- fs/udf/directory.c | 3 ++ include/linux/blkdev.h | 4 +- include/linux/compiler.h | 2 +- kernel/kthread.c | 7 ++-- kernel/time/time.c | 6 ++- net/ipv4/tcp_input.c | 2 +- net/key/af_key.c | 45 +++++++++++++++++----- net/mac80211/mlme.c | 25 ++++++++---- net/rds/ib_cm.c | 3 +- sound/pci/hda/hda_controller.c | 4 +- sound/soc/cirrus/edb93xx.c | 2 +- sound/soc/cirrus/ep93xx-i2s.c | 26 +++++++------ sound/soc/cirrus/snappercl15.c | 2 +- sound/soc/soc-dapm.c | 2 + tools/Makefile | 20 +++++++--- tools/net/bpf_dbg.c | 7 +++- .../inter-event/trigger-multi-actions-accept.tc | 44 +++++++++++++++++++++ 84 files changed, 472 insertions(+), 236 deletions(-)

7 years, 2 months

5
83
0 0

[PATCH V3] ARM: dts: omap3: Fix am3517 mdio and emac clock references

by Adam Ford

A previous patch removed OMAP clock aliases that were perceived to be unnecessary. Unfortunately, it broke the ethernet on the am3517-evm. This patch enables the MDIO clock and EMAC clock. Fixes: 0ed266d7ae5e ("clk: ti: omap3: cleanup unnecessary clock aliases") Cc: stable(a)vger.kernel.org #4.16+ Signed-off-by: Adam Ford <aford173(a)gmail.com> --- V3: Fix subject heading since we're no longer modifying the clk driver V2: Instead of modifying clk-3xxx.c, this patch modifie the device tree to work like the original patch intended. diff --git a/arch/arm/boot/dts/am3517.dtsi b/arch/arm/boot/dts/am3517.dtsi index ca294914bbb1..4b6062b631b1 100644 --- a/arch/arm/boot/dts/am3517.dtsi +++ b/arch/arm/boot/dts/am3517.dtsi @@ -39,6 +39,8 @@ ti,davinci-ctrl-ram-size = <0x2000>; ti,davinci-rmii-en = /bits/ 8 <1>; local-mac-address = [ 00 00 00 00 00 00 ]; + clocks = <&emac_ick>; + clock-names = "ick"; }; davinci_mdio: ethernet@5c030000 { @@ -49,6 +51,8 @@ bus_freq = <1000000>; #address-cells = <1>; #size-cells = <0>; + clocks = <&emac_fck>; + clock-names = "fck"; }; uart4: serial@4809e000 { -- 2.17.1

7 years, 2 months

3
2
0 0

[PATCH 4.17 000/220] 4.17.4-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.17.4 release. There are 220 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Tue Jul 3 16:08:27 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.17.4-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.17.4-rc1 Wenwen Wang <wang6495(a)umn.edu> virt: vbox: Only copy_from_user the request-header once Mike Snitzer <snitzer(a)redhat.com> dm thin: handle running out of data space vs concurrent discard Bart Van Assche <bart.vanassche(a)wdc.com> dm zoned: avoid triggering reclaim from inside dmz_map() Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y Andy Lutomirski <luto(a)kernel.org> x86/entry/64/compat: Fix "x86/entry/64/compat: Preserve r8-r11 in int $0x80" Jann Horn <jannh(a)google.com> selinux: move user accesses in selinuxfs out of locked regions Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> x86/e820: put !E820_TYPE_RAM regions into memblock.reserved Bart Van Assche <bart.vanassche(a)wdc.com> block: Fix cloning of requests with a special payload Keith Busch <keith.busch(a)intel.com> block: Fix transfer when chunk sectors exceeds max Ross Zwisler <ross.zwisler(a)linux.intel.com> pmem: only set QUEUE_FLAG_DAX for fsdax mode Mike Snitzer <snitzer(a)redhat.com> dm: use bio_split() when splitting out the already processed bio Jason A. Donenfeld <Jason(a)zx2c4.com> kasan: depend on CONFIG_SLUB_DEBUG Mikulas Patocka <mpatocka(a)redhat.com> slub: fix failure when we delete and create a slab cache Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: gpio: initialize SCL to HIGH again Wolfram Sang <wsa+renesas(a)sang-engineering.com> Revert "i2c: algo-bit: init the bus to a known state" Hui Wang <hui.wang(a)canonical.com> ALSA: hda/realtek - Fix the problem of two front mics on more machines Takashi Iwai <tiwai(a)suse.de> ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210 Takashi Iwai <tiwai(a)suse.de> ALSA: hda/realtek - Fix pop noise on Lenovo P50 & co Takashi Iwai <tiwai(a)suse.de> ALSA: hda - Force to link down at runtime suspend on ATI/AMD HDMI Takashi Iwai <tiwai(a)suse.de> ALSA: timer: Fix UBSAN warning at SNDRV_TIMER_IOCTL_NEXT_DEVICE ioctl ??? <kt.liao(a)emc.com.tw> Input: elantech - fix V4 report decoding for module with middle key Aaron Ma <aaron.ma(a)canonical.com> Input: elantech - enable middle button of touchpads on ThinkPad P52 Ben Hutchings <ben.hutchings(a)codethink.co.uk> Input: elan_i2c_smbus - fix more potential stack buffer overflows Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: psmouse - fix button reporting for basic protocols Enno Boland <gottox(a)voidlinux.eu> Input: xpad - fix GPD Win 2 controller name Jan Kara <jack(a)suse.cz> udf: Detect incorrect directory size Bartosz Golaszewski <bgolaszewski(a)baylibre.com> net: ethernet: fix suspend/resume in davinci_emac Boris Ostrovsky <boris.ostrovsky(a)oracle.com> xen: Remove unnecessary BUG_ON from __unbind_from_irq() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Check for no filter when processing event filters Dan Williams <dan.j.williams(a)intel.com> mm: fix devmem_is_allowed() for sub-page System RAM intersections Jia He <jia.he(a)hxt-semitech.com> mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm() Dongsheng Yang <dongsheng.yang(a)easystack.cn> rbd: flush rbd_dev->watch_dwork after watch is unregistered Hans de Goede <hdegoede(a)redhat.com> pwm: lpss: platform: Save/restore the ctrl register over a suspend/resume Alexandr Savca <alexandr.savca(a)saltedge.com> Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID Hans de Goede <hdegoede(a)redhat.com> Input: silead - add MSSL0002 ACPI HID Hans de Goede <hdegoede(a)redhat.com> ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices Kees Cook <keescook(a)chromium.org> video: uvesafb: Fix integer overflow in allocation Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Fix a typo in nfs41_sequence_process Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Revert commit 5f83d86cf531d ("NFSv4.x: Fix wraparound issues..") Dave Wysochanski <dwysocha(a)redhat.com> NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message Scott Mayhew <smayhew(a)redhat.com> nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir Mauro Carvalho Chehab <mchehab(a)kernel.org> media: dvb_frontend: fix locking issues at dvb_frontend_get_event() Sean Young <sean(a)mess.org> media: rc: mce_kbd decoder: fix stuck keys Kai-Heng Feng <kai.heng.feng(a)canonical.com> media: cx231xx: Add support for AverMedia DVD EZMaker 7 Mauro Carvalho Chehab <mchehab(a)kernel.org> media: v4l2-compat-ioctl32: prevent go past max size Brad Love <brad(a)nextdimension.cc> media: cx231xx: Ignore an i2c mux adapter ming_qian <ming_qian(a)realsil.com.cn> media: uvcvideo: Support realtek's UVC 1.5 device Kieran Bingham <kieran.bingham+renesas(a)ideasonboard.com> media: vsp1: Release buffers for each video node Adrian Hunter <adrian.hunter(a)intel.com> perf intel-pt: Fix packet decoding of CYC packets Adrian Hunter <adrian.hunter(a)intel.com> perf intel-pt: Fix "Unexpected indirect branch" error Adrian Hunter <adrian.hunter(a)intel.com> perf intel-pt: Fix MTC timing after overflow Adrian Hunter <adrian.hunter(a)intel.com> perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP Adrian Hunter <adrian.hunter(a)intel.com> perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING Adrian Hunter <adrian.hunter(a)intel.com> perf tools: Fix symbol and object code resolution for vdso32 and vdsox32 Sean Wang <sean.wang(a)mediatek.com> arm: dts: mt7623: fix invalid memory node being generated Sibi Sankar <sibis(a)codeaurora.org> remoteproc: Prevent incorrect rproc state on xfer mem ownership failure Jarkko Nikula <jarkko.nikula(a)linux.intel.com> mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> mfd: intel-lpss: Program REMAP register in PIO mode Peter Ujfalusi <peter.ujfalusi(a)ti.com> mfd: twl-core: Fix clock initialization Anton Ivanov <anton.ivanov(a)cambridgegreys.com> um: Fix raw interface options Anton Ivanov <anton.ivanov(a)cambridgegreys.com> um: Fix initialization of vector queues Chao Yu <yuchao0(a)huawei.com> f2fs: don't use GFP_ZERO for page caches Linus Torvalds <torvalds(a)linux-foundation.org> Revert "iommu/amd_iommu: Use CONFIG_DMA_DIRECT_OPS=y and dma_direct_{alloc,free}()" Johan Hovold <johan(a)kernel.org> backlight: tps65217_bl: Fix Device Tree node lookup Johan Hovold <johan(a)kernel.org> backlight: max8925_bl: Fix Device Tree node lookup Johan Hovold <johan(a)kernel.org> backlight: as3711_bl: Fix Device Tree node lookup Silvio Cesare <silvio.cesare(a)gmail.com> UBIFS: Fix potential integer overflow in allocation Richard Weinberger <richard(a)nod.at> ubi: fastmap: Correctly handle interrupted erasures in EBA Richard Weinberger <richard(a)nod.at> ubi: fastmap: Cancel work upon detach Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> rpmsg: smd: do not use mananged resources for endpoints and channels NeilBrown <neilb(a)suse.com> md: fix two problems with setting the "re-add" device state. Michael Trimarchi <michael(a)amarulasolutions.com> rtc: sun6i: Fix bit_idx value for clk_register_gate Marcin Ziemianowicz <marcin(a)ziemianowicz.com> clk: at91: PLL recalc_rate() now using cached MUL and DIV values Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> clk: meson: meson8b: mark fclk_div2 gate clocks as CLK_IS_CRITICAL Ross Zwisler <ross.zwisler(a)linux.intel.com> libnvdimm, pmem: Unconditionally deep flush on *sync Robert Elliott <elliott(a)hpe.com> linvdimm, pmem: Preserve read-only setting for pmem devices Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler Mikhail Malygin <m.malygin(a)yadro.com> scsi: qla2xxx: Spinlock recursion in qla_target Anil Gurumurthy <anil.gurumurthy(a)cavium.com> scsi: qla2xxx: Mask off Scope bits in retry delay Himanshu Madhani <himanshu.madhani(a)cavium.com> scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails Quinn Tran <quinn.tran(a)cavium.com> scsi: qla2xxx: Delete session for nport id change Sinan Kaya <okaya(a)codeaurora.org> scsi: hpsa: disable device during shutdown Luis Henriques <lhenriques(a)suse.com> scsi: scsi_debug: Fix memory leak on module unload Dan Williams <dan.j.williams(a)intel.com> mm: fix __gup_device_huge vs unmap Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> iio: sca3000: Fix an error handling path in 'sca3000_probe()' Alexandru Ardelean <alexandru.ardelean(a)analog.com> iio: adc: ad7791: remove sample freq sysfs attributes Filipe Manana <fdmanana(a)suse.com> Btrfs: fix return value on rename exchange failure Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> X.509: unpack RSA signatureValue field from BIT STRING Waiman Long <longman(a)redhat.com> locking/rwsem: Fix up_read_non_owner() warning with DEBUG_RWSEMS Yang Yingliang <yangyingliang(a)huawei.com> irqchip/gic-v3-its: Don't bind LPI to unavailable NUMA node Geert Uytterhoeven <geert(a)linux-m68k.org> time: Make sure jiffies_to_msecs() preserves non-zero time periods Huacai Chen <chenhc(a)lemote.com> MIPS: io: Add barrier after register read in inX() Linus Walleij <linus.walleij(a)linaro.org> MIPS: pb44: Fix i2c-gpio GPIO descriptor table Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> cpufreq: intel_pstate: Fix scaling max/min limits with Turbo 3.0 Fabio Estevam <fabio.estevam(a)nxp.com> pinctrl: devicetree: Fix pctldev pointer overwrite Paweł Chmiel <pawel.mikolaj.chmiel(a)gmail.com> pinctrl: samsung: Correct EINTG banks order Terry Zhou <bjzhou(a)marvell.com> pinctrl: armada-37xx: Fix spurious irq management Randy Dunlap <rdunlap(a)infradead.org> auxdisplay: fix broken menu Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: Account for all bridges on bus when distributing bus numbers Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: Add ACS quirk for Intel 300 series Alex Williamson <alex.williamson(a)redhat.com> PCI: Add ACS quirk for Intel 7th & 8th Gen mobile Sridhar Pitchai <Sridhar.Pitchai(a)microsoft.com> PCI: hv: Make sure the bus domain is really unique Jae Hyun Yoo <jae.hyun.yoo(a)linux.intel.com> clk:aspeed: Fix reset bits for PCI/VGA and PECI Tokunori Ikegami <ikegami(a)allied-telesis.co.jp> MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking. Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock() Mason Yang <masonccyang(a)mxic.com.tw> mtd: rawnand: All AC chips have a broken GET_FEATURES(TIMINGS). Chris Packham <chris.packham(a)alliedtelesis.co.nz> mtd: rawnand: micron: add ONFI_FEATURE_ON_DIE_ECC to supported features Martin Kaiser <martin(a)kaiser.cx> mtd: rawnand: mxc: set spare area size register explicitly Abhishek Sahu <absahu(a)codeaurora.org> mtd: rawnand: fix return value check for bad block status Masahiro Yamada <yamada.masahiro(a)socionext.com> mtd: rawnand: denali_dt: set clk_x_rate to 200 MHz unconditionally Tokunori Ikegami <ikegami(a)allied-telesis.co.jp> mtd: cfi_cmdset_0002: Change write buffer to check correct value Boris Brezillon <boris.brezillon(a)bootlin.com> mtd: rawnand: Do not check FAIL bit when executing a SET_FEATURES op Bharat Potnuri <bharat(a)chelsio.com> RDMA/core: Save kernel caller name when creating CQ using ib_create_cq() Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Return -ENOBUFS when no pages are available Leon Romanovsky <leon(a)kernel.org> RDMA/mlx4: Discard unknown SQP work requests Jason Gunthorpe <jgg(a)ziepe.ca> IB/uverbs: Fix ordering of ucontext check in ib_uverbs_write Mike Marciniszyn <mike.marciniszyn(a)intel.com> IB/hfi1: Fix user context tail allocation for DMA_RTAIL Sebastian Sanchez <sebastian.sanchez(a)intel.com> IB/hfi1: Optimize kthread pointer locking when queuing CQ entries Michael J. Ruhl <michael.j.ruhl(a)intel.com> IB/hfi1: Reorder incorrect send context disable Mike Marciniszyn <mike.marciniszyn(a)intel.com> IB/hfi1: Fix fault injection init/exit issues Max Gurtovoy <maxg(a)mellanox.com> IB/isert: fix T10-pi check mask setting Alex Estrin <alex.estrin(a)intel.com> IB/isert: Fix for lib/dma_debug check_sync warning Erez Shitrit <erezsh(a)mellanox.com> IB/mlx5: Fetch soft WQE's on fatal error state Jack Morgenstein <jackm(a)dev.mellanox.co.il> IB/core: Make testing MR flags for writability a static inline function Jack Morgenstein <jackm(a)dev.mellanox.co.il> IB/mlx4: Mark user MR as writable if actual virtual memory is writable Alex Estrin <alex.estrin(a)intel.com> IB/{hfi1, qib}: Add handling of kernel restart Mike Marciniszyn <mike.marciniszyn(a)intel.com> IB/qib: Fix DMA api warning with debug kernel Hans de Goede <hdegoede(a)redhat.com> efi/libstub/tpm: Initialize efi_physical_addr_t vars to zero for mixed mode Tadeusz Struk <tadeusz.struk(a)intel.com> tpm: fix race condition in tpm_common_write() Tadeusz Struk <tadeusz.struk(a)intel.com> tpm: fix use after free in tpm2_load_context() Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> of: platform: stop accessing invalid dev in of_platform_device_destroy Stefan M Schaeckeler <sschaeck(a)cisco.com> of: unittest: for strings, account for trailing \0 in property length field Frank Rowand <frank.rowand(a)sony.com> of: overlay: validate offset from property fixups Kevin Hilman <khilman(a)baylibre.com> ARM64: dts: meson-gx: fix ATF reserved memory region Jerome Brunet <jbrunet(a)baylibre.com> ARM64: dts: meson: disable sd-uhs modes on the libretech-cc Thor Thayer <thor.thayer(a)linux.intel.com> arm64: dts: stratix10: Fix SPI nodes for Stratix10 Miquel Raynal <miquel.raynal(a)bootlin.com> arm64: dts: marvell: fix CP110 ICU node size Will Deacon <will.deacon(a)arm.com> arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance Will Deacon <will.deacon(a)arm.com> arm64: kpti: Use early_param for kpti= command-line option Jia He <hejianet(a)gmail.com> crypto: arm64/aes-blk - fix and move skcipher_walk_done out of kernel_neon_begin, _end Dave Martin <Dave.Martin(a)arm.com> arm64: Fix syscall restarting around signal suppressed by tracer Joel Fernandes (Google) <joel(a)joelfernandes.org> softirq: Reorder trace_softirqs_on to prevent lockdep splat Michael Buesch <m(a)bues.ch> hwrng: core - Always drop the RNG in hwrng_unregister() Dinh Nguyen <dinguyen(a)kernel.org> ARM: dts: socfpga: Fix NAND controller node compatible for Arria10 Marek Vasut <marex(a)denx.de> ARM: dts: socfpga: Fix NAND controller clock supply Marek Vasut <marex(a)denx.de> ARM: dts: socfpga: Fix NAND controller node compatible Thor Thayer <thor.thayer(a)linux.intel.com> ARM: dts: Fix SPI node for Arria10 Chen-Yu Tsai <wens(a)csie.org> ARM: dts: sun8i: h3: fix ALL-H3-CC H3 ver VCC-1V2 regulator voltage Icenowy Zheng <icenowy(a)aosc.io> ARM: dts: sun8i: h3: fix ALL-H3-CC H3 ver VDD-CPUX voltage David Rivshin <DRivshin(a)allworx.com> ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size Vaibhav Jain <vaibhav(a)linux.ibm.com> cxl: Disable prefault_mode in Radix mode Vaibhav Jain <vaibhav(a)linux.vnet.ibm.com> cxl: Configure PSL to not use APC virtual machines Michael Ellerman <mpe(a)ellerman.id.au> powerpc/64s: Fix DT CPU features Power9 DD2.1 logic Michael Jeanson <mjeanson(a)efficios.com> powerpc/e500mc: Set assembler machine type to e500mc Nicholas Piggin <npiggin(a)gmail.com> powerpc/64s/radix: Fix radix_kvm_prefetch_workaround paca access of not possible CPU Finley Xiao <finley.xiao(a)rock-chips.com> soc: rockchip: power-domain: Fix wrong value when power up pd with writemask Ross Zwisler <ross.zwisler(a)linux.intel.com> libnvdimm, pmem: Do not flush power-fail protected CPU caches Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/fadump: Unregister fadump on kexec down path. Gautham R. Shenoy <ego(a)linux.vnet.ibm.com> cpuidle: powernv: Fix promotion from snooze if next state disabled Akshay Adiga <akshay.adiga(a)linux.vnet.ibm.com> powerpc/powernv/cpuidle: Init all present cpus for deep states Haren Myneni <haren(a)us.ibm.com> powerpc/powernv: copy/paste - Mask SO bit in CR Alexey Kardashevskiy <aik(a)ozlabs.ru> powerpc/powernv/ioda2: Remove redundant free of TCE pages Michael Neuling <mikey(a)neuling.org> powerpc/ptrace: Fix enforcement of DAWR constraints Anju T Sudhakar <anju(a)linux.vnet.ibm.com> powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() Michael Neuling <mikey(a)neuling.org> powerpc/ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG Ram Pai <linuxram(a)us.ibm.com> powerpc/pkeys: Detach execute_only key on !PROT_EXEC Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix control dir setup and teardown Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> fuse: don't keep dead fuse_conn at fuse_fill_super(). Miklos Szeredi <mszeredi(a)redhat.com> fuse: atomic_o_trunc should truncate pagecache Tejun Heo <tj(a)kernel.org> fuse: fix congested state leak on aborted connections Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> printk: fix possible reuse of va_list variable Amit Pundir <amit.pundir(a)linaro.org> Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader Corey Minyard <cminyard(a)mvista.com> ipmi:bt: Set the timeout before doing a capabilities check Mikulas Patocka <mpatocka(a)redhat.com> branch-check: fix long->int truncation when profiling branches Matthias Schiffer <mschiffer(a)universe-factory.net> mips: ftrace: fix static function graph tracing Steven Rostedt (VMware) <rostedt(a)goodmis.org> ftrace/selftest: Have the reset_trigger code be a bit more careful Geert Uytterhoeven <geert+renesas(a)glider.be> lib/vsprintf: Remove atomic-unsafe support for %pCr Geert Uytterhoeven <geert+renesas(a)glider.be> clk: renesas: cpg-mssr: Stop using printk format %pCr Geert Uytterhoeven <geert+renesas(a)glider.be> thermal: bcm2835: Stop using printk format %pCr Alexander Sverdlin <alexander.sverdlin(a)gmail.com> ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup Alexander Sverdlin <alexander.sverdlin(a)gmail.com> ASoC: cirrus: i2s: Fix LRCLK configuration Kai Chieh Chuang <kaichieh.chuang(a)mediatek.com> ASoC: mediatek: preallocate pages use platform device Paul Handrigan <Paul.Handrigan(a)cirrus.com> ASoC: cs35l35: Add use_single_rw to regmap config Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it Ingo Flaschberger <ingo.flaschberger(a)gmail.com> 1wire: family module autoload fails because of upper/lower case mismatch. Maxim Moseychuk <franchesko.salias.hudro.pedros(a)gmail.com> usb: do not reset if a low-speed or full-speed device timed out Wolfram Sang <wsa+renesas(a)sang-engineering.com> mmc: renesas_sdhi: really fix WP logic regressions Waldemar Rymarkiewicz <waldemar.rymarkiewicz(a)gmail.com> PM / OPP: Update voltage in case freq == old_freq Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM / core: Fix supplier device runtime PM usage counter imbalance Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPI / LPSS: Avoid PM quirks on suspend and resume from S3 Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PCI / PM: Do not clear state_saved for devices that remain suspended Ulf Hansson <ulf.hansson(a)linaro.org> PM / Domains: Fix error path during attach in genpd Eric W. Biederman <ebiederm(a)xmission.com> signal/xtensa: Consistenly use SIGBUS in do_unaligned_user Daniel Wagner <daniel.wagner(a)siemens.com> serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version Mika Westerberg <mika.westerberg(a)linux.intel.com> mtd: spi-nor: intel-spi: Fix atomic sequence handling Guenter Roeck <linux(a)roeck-us.net> hwmon: (k10temp) Add support for Stoney Ridge and Bristol Ridge CPUs Dmitry Torokhov <dmitry.torokhov(a)gmail.com> platform/chrome: cros_ec_lpc: do not try DMI match when ACPI device found Finn Thain <fthain(a)telegraphics.com.au> m68k/mac: Fix SWIM memory resource end address Michael Schmitz <schmitzmic(a)gmail.com> m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap() Siarhei Liakh <Siarhei.Liakh(a)concurrent-rt.com> x86: Call fixup_exception() before notify_die() in math_error() Borislav Petkov <bp(a)suse.de> x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() Tony Luck <tony.luck(a)intel.com> x86/mce: Fix incorrect "Machine check from unknown source" message Tony Luck <tony.luck(a)intel.com> x86/mce: Check for alternate indication of machine check recovery on Skylake Tony Luck <tony.luck(a)intel.com> x86/mce: Improve error message when kernel cannot recover mike.travis(a)hpe.com <mike.travis(a)hpe.com> x86/platform/UV: Add kernel parameter to set memory block size mike.travis(a)hpe.com <mike.travis(a)hpe.com> x86/platform/UV: Use new set memory block size function mike.travis(a)hpe.com <mike.travis(a)hpe.com> x86/platform/UV: Add adjustable set memory block size function Juergen Gross <jgross(a)suse.com> x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths Dan Williams <dan.j.williams(a)intel.com> x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec() ------------- Diffstat: Documentation/ABI/testing/sysfs-class-cxl | 4 +- Documentation/core-api/printk-formats.rst | 3 +- Makefile | 4 +- arch/arm/boot/dts/mt7623.dtsi | 3 +- arch/arm/boot/dts/mt7623n-bananapi-bpi-r2.dts | 1 + arch/arm/boot/dts/mt7623n-rfb.dtsi | 1 + arch/arm/boot/dts/socfpga.dtsi | 4 +- arch/arm/boot/dts/socfpga_arria10.dtsi | 5 +- arch/arm/boot/dts/sun8i-h3-libretech-all-h3-cc.dts | 8 +- arch/arm/include/asm/kgdb.h | 2 +- arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 6 +- arch/arm64/boot/dts/amlogic/meson-gx.dtsi | 6 + .../dts/amlogic/meson-gxl-s905x-libretech-cc.dts | 3 - arch/arm64/boot/dts/amlogic/meson-gxl.dtsi | 8 -- arch/arm64/boot/dts/marvell/armada-cp110.dtsi | 2 +- arch/arm64/crypto/aes-glue.c | 2 +- arch/arm64/kernel/cpufeature.c | 2 +- arch/arm64/kernel/signal.c | 5 +- arch/arm64/mm/proc.S | 5 +- arch/m68k/mac/config.c | 2 +- arch/m68k/mm/kmap.c | 3 +- arch/mips/ath79/mach-pb44.c | 2 +- arch/mips/bcm47xx/setup.c | 6 + arch/mips/include/asm/io.h | 2 + arch/mips/include/asm/mipsregs.h | 3 + arch/mips/kernel/mcount.S | 27 ++--- arch/powerpc/Makefile | 1 + arch/powerpc/kernel/dt_cpu_ftrs.c | 3 +- arch/powerpc/kernel/entry_64.S | 1 + arch/powerpc/kernel/fadump.c | 3 + arch/powerpc/kernel/hw_breakpoint.c | 4 +- arch/powerpc/kernel/ptrace.c | 1 + arch/powerpc/mm/pkeys.c | 4 +- arch/powerpc/mm/tlb-radix.c | 2 + arch/powerpc/perf/imc-pmu.c | 4 +- arch/powerpc/platforms/powernv/copy-paste.h | 3 +- arch/powerpc/platforms/powernv/idle.c | 4 +- arch/powerpc/platforms/powernv/pci-ioda.c | 1 - arch/um/drivers/vector_kern.c | 20 +++- arch/x86/entry/entry_64_compat.S | 16 +-- arch/x86/include/asm/barrier.h | 2 +- arch/x86/kernel/apic/x2apic_uv_x.c | 60 +++++++++- arch/x86/kernel/cpu/mcheck/mce-severity.c | 5 + arch/x86/kernel/cpu/mcheck/mce.c | 44 +++++--- arch/x86/kernel/e820.c | 15 ++- arch/x86/kernel/quirks.c | 11 +- arch/x86/kernel/traps.c | 14 ++- arch/x86/mm/init.c | 4 +- arch/x86/mm/init_64.c | 20 +++- arch/x86/platform/efi/efi_64.c | 4 +- arch/x86/xen/smp_pv.c | 5 + arch/xtensa/kernel/traps.c | 2 +- block/blk-core.c | 4 + crypto/asymmetric_keys/x509_cert_parser.c | 9 ++ drivers/acpi/acpi_lpss.c | 20 ++-- drivers/auxdisplay/Kconfig | 10 +- drivers/base/core.c | 15 ++- drivers/base/power/domain.c | 3 + drivers/block/rbd.c | 2 +- drivers/bluetooth/hci_qca.c | 6 + drivers/char/hw_random/core.c | 11 +- drivers/char/ipmi/ipmi_bt_sm.c | 3 +- drivers/char/tpm/tpm-dev-common.c | 40 +++---- drivers/char/tpm/tpm-dev.h | 2 +- drivers/char/tpm/tpm2-space.c | 3 +- drivers/clk/at91/clk-pll.c | 13 +-- drivers/clk/clk-aspeed.c | 4 +- drivers/clk/meson/meson8b.c | 7 ++ drivers/clk/renesas/renesas-cpg-mssr.c | 9 +- drivers/cpufreq/intel_pstate.c | 27 ++++- drivers/cpuidle/cpuidle-powernv.c | 32 +++++- drivers/firmware/efi/libstub/tpm.c | 2 +- drivers/hwmon/k10temp.c | 5 + drivers/i2c/algos/i2c-algo-bit.c | 5 - drivers/i2c/busses/i2c-gpio.c | 4 +- drivers/iio/accel/sca3000.c | 9 +- drivers/iio/adc/ad7791.c | 49 -------- drivers/infiniband/core/umem.c | 11 +- drivers/infiniband/core/uverbs_main.c | 14 ++- drivers/infiniband/core/verbs.c | 14 ++- drivers/infiniband/hw/hfi1/chip.c | 8 +- drivers/infiniband/hw/hfi1/debugfs.c | 8 +- drivers/infiniband/hw/hfi1/file_ops.c | 4 +- drivers/infiniband/hw/hfi1/hfi.h | 1 + drivers/infiniband/hw/hfi1/init.c | 22 +++- drivers/infiniband/hw/hfi1/pio.c | 44 ++++++-- drivers/infiniband/hw/mlx4/mad.c | 1 - drivers/infiniband/hw/mlx4/mr.c | 50 +++++++-- drivers/infiniband/hw/mlx5/cq.c | 15 ++- drivers/infiniband/hw/qib/qib.h | 4 +- drivers/infiniband/hw/qib/qib_file_ops.c | 10 +- drivers/infiniband/hw/qib/qib_init.c | 13 +++ drivers/infiniband/hw/qib/qib_user_pages.c | 20 ++-- drivers/infiniband/sw/rdmavt/cq.c | 31 ++++-- drivers/infiniband/ulp/isert/ib_isert.c | 28 +++-- drivers/input/joystick/xpad.c | 2 +- drivers/input/mouse/elan_i2c.h | 2 + drivers/input/mouse/elan_i2c_core.c | 3 +- drivers/input/mouse/elan_i2c_smbus.c | 10 +- drivers/input/mouse/elantech.c | 11 +- drivers/input/mouse/psmouse-base.c | 12 +- drivers/input/touchscreen/silead.c | 1 + drivers/iommu/Kconfig | 1 - drivers/iommu/amd_iommu.c | 68 ++++++++---- drivers/irqchip/irq-gic-v3-its.c | 9 +- drivers/md/dm-thin.c | 11 +- drivers/md/dm-zoned-target.c | 2 +- drivers/md/dm.c | 5 +- drivers/md/md.c | 4 +- drivers/media/dvb-core/dvb_frontend.c | 23 ++-- drivers/media/platform/vsp1/vsp1_video.c | 21 ++-- drivers/media/rc/ir-mce_kbd-decoder.c | 2 + drivers/media/usb/cx231xx/cx231xx-cards.c | 3 + drivers/media/usb/cx231xx/cx231xx-dvb.c | 2 +- drivers/media/usb/uvc/uvc_video.c | 24 +++- drivers/media/v4l2-core/v4l2-compat-ioctl32.c | 2 +- drivers/mfd/intel-lpss-pci.c | 25 +++-- drivers/mfd/intel-lpss.c | 4 +- drivers/mfd/twl-core.c | 2 +- drivers/misc/cxl/pci.c | 4 +- drivers/misc/cxl/sysfs.c | 16 ++- drivers/mmc/host/renesas_sdhi_core.c | 5 + drivers/mmc/host/renesas_sdhi_internal_dmac.c | 1 + drivers/mmc/host/renesas_sdhi_sys_dmac.c | 3 + drivers/mtd/chips/cfi_cmdset_0002.c | 21 ++-- drivers/mtd/nand/raw/denali_dt.c | 6 +- drivers/mtd/nand/raw/mxc_nand.c | 5 +- drivers/mtd/nand/raw/nand_base.c | 29 ++--- drivers/mtd/nand/raw/nand_macronix.c | 48 ++++++-- drivers/mtd/nand/raw/nand_micron.c | 2 + drivers/mtd/spi-nor/intel-spi.c | 76 +++++++++++-- drivers/mtd/ubi/build.c | 3 + drivers/mtd/ubi/eba.c | 90 ++++++++++++++- drivers/mtd/ubi/wl.c | 4 +- drivers/net/ethernet/ti/davinci_emac.c | 15 ++- drivers/nvdimm/bus.c | 14 ++- drivers/nvdimm/pmem.c | 10 +- drivers/nvdimm/region_devs.c | 3 +- drivers/of/platform.c | 5 +- drivers/of/resolver.c | 5 + drivers/of/unittest.c | 8 +- drivers/opp/core.c | 2 +- drivers/pci/host/pci-hyperv.c | 11 -- drivers/pci/hotplug/pciehp.h | 2 +- drivers/pci/hotplug/pciehp_core.c | 2 +- drivers/pci/hotplug/pciehp_hpc.c | 13 ++- drivers/pci/pci-driver.c | 5 +- drivers/pci/probe.c | 15 ++- drivers/pci/quirks.c | 20 ++++ drivers/pinctrl/devicetree.c | 7 +- drivers/pinctrl/mvebu/pinctrl-armada-37xx.c | 3 +- drivers/pinctrl/samsung/pinctrl-exynos-arm.c | 4 +- drivers/platform/chrome/cros_ec_lpc.c | 13 ++- drivers/pwm/pwm-lpss-platform.c | 5 + drivers/pwm/pwm-lpss.c | 30 +++++ drivers/pwm/pwm-lpss.h | 2 + drivers/remoteproc/qcom_q6v5_pil.c | 10 +- drivers/rpmsg/qcom_smd.c | 18 +-- drivers/rtc/rtc-sun6i.c | 4 +- drivers/s390/scsi/zfcp_dbf.c | 40 +++++++ drivers/s390/scsi/zfcp_erp.c | 123 ++++++++++++++++----- drivers/s390/scsi/zfcp_ext.h | 5 + drivers/s390/scsi/zfcp_scsi.c | 18 ++- drivers/scsi/hpsa.c | 10 +- drivers/scsi/qla2xxx/qla_gs.c | 4 +- drivers/scsi/qla2xxx/qla_init.c | 3 +- drivers/scsi/qla2xxx/qla_isr.c | 8 +- drivers/scsi/qla2xxx/qla_target.c | 7 +- drivers/scsi/scsi_debug.c | 2 +- drivers/soc/rockchip/pm_domains.c | 2 +- drivers/thermal/broadcom/bcm2835_thermal.c | 4 +- drivers/tty/serial/sh-sci.c | 8 +- drivers/usb/core/hub.c | 4 +- drivers/video/backlight/as3711_bl.c | 33 ++++-- drivers/video/backlight/max8925_bl.c | 4 +- drivers/video/backlight/tps65217_bl.c | 4 +- drivers/video/fbdev/uvesafb.c | 3 +- drivers/virt/vboxguest/vboxguest_linux.c | 4 +- drivers/w1/w1.c | 2 +- drivers/xen/events/events_base.c | 2 - fs/btrfs/inode.c | 4 +- fs/f2fs/checkpoint.c | 4 +- fs/f2fs/inode.c | 4 +- fs/f2fs/segment.c | 3 + fs/f2fs/segment.h | 1 + fs/fuse/control.c | 13 ++- fs/fuse/dev.c | 3 +- fs/fuse/dir.c | 13 ++- fs/fuse/inode.c | 1 + fs/nfs/callback_proc.c | 7 +- fs/nfs/nfs4idmap.c | 5 +- fs/nfs/nfs4proc.c | 2 +- fs/nfsd/nfs4xdr.c | 5 +- fs/ubifs/journal.c | 5 +- fs/udf/directory.c | 3 + include/dt-bindings/clock/aspeed-clock.h | 2 +- include/linux/blkdev.h | 4 +- include/linux/compiler.h | 2 +- include/linux/memory.h | 1 + include/linux/slub_def.h | 4 + include/rdma/ib_verbs.h | 27 ++++- include/rdma/rdma_vt.h | 2 +- kernel/locking/rwsem.c | 1 + kernel/printk/printk_safe.c | 5 +- kernel/softirq.c | 6 +- kernel/time/time.c | 6 +- kernel/trace/trace_events_filter.c | 10 +- lib/Kconfig.kasan | 1 + lib/vsprintf.c | 3 - mm/gup.c | 36 ++++-- mm/ksm.c | 14 ++- mm/slab_common.c | 4 + mm/slub.c | 7 +- net/sunrpc/xprtrdma/rpc_rdma.c | 2 +- security/selinux/selinuxfs.c | 78 ++++++------- sound/core/timer.c | 2 +- sound/pci/hda/hda_codec.c | 5 +- sound/pci/hda/hda_codec.h | 1 + sound/pci/hda/patch_hdmi.c | 5 + sound/pci/hda/patch_realtek.c | 20 +++- sound/soc/cirrus/edb93xx.c | 2 +- sound/soc/cirrus/ep93xx-i2s.c | 26 +++-- sound/soc/cirrus/snappercl15.c | 2 +- sound/soc/codecs/cs35l35.c | 1 + .../soc/mediatek/common/mtk-afe-platform-driver.c | 4 +- sound/soc/soc-dapm.c | 2 + tools/perf/util/dso.c | 2 + .../perf/util/intel-pt-decoder/intel-pt-decoder.c | 23 +++- .../perf/util/intel-pt-decoder/intel-pt-decoder.h | 9 ++ .../util/intel-pt-decoder/intel-pt-pkt-decoder.c | 2 +- tools/perf/util/intel-pt.c | 5 + tools/testing/selftests/ftrace/test.d/functions | 21 +++- 232 files changed, 1706 insertions(+), 756 deletions(-)

7 years, 2 months

4
218
0 0

[PATCH] vmw_balloon: fix inflation with batching

by Nadav Amit

Embarrassingly, the recent fix introduced worse problem than it solved, causing the balloon not to inflate. The VM informed the hypervisor that the pages for lock/unlock are sitting in the wrong address, as it used the page that is used the uninitialized page variable. Fixes: b23220fe054e9 ("vmw_balloon: fixing double free when batching mode is off") Cc: stable(a)vger.kernel.org Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com> Signed-off-by: Nadav Amit <namit(a)vmware.com> --- drivers/misc/vmw_balloon.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c index efd733472a35..56c6f79a5c5a 100644 --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -467,7 +467,7 @@ static int vmballoon_send_batched_lock(struct vmballoon *b, unsigned int num_pages, bool is_2m_pages, unsigned int *target) { unsigned long status; - unsigned long pfn = page_to_pfn(b->page); + unsigned long pfn = PHYS_PFN(virt_to_phys(b->batch_page)); STATS_INC(b->stats.lock[is_2m_pages]); @@ -515,7 +515,7 @@ static bool vmballoon_send_batched_unlock(struct vmballoon *b, unsigned int num_pages, bool is_2m_pages, unsigned int *target) { unsigned long status; - unsigned long pfn = page_to_pfn(b->page); + unsigned long pfn = PHYS_PFN(virt_to_phys(b->batch_page)); STATS_INC(b->stats.unlock[is_2m_pages]); -- 2.17.1

7 years, 2 months

1
0
0 0

[PATCH 1/2] Revert "UBIFS: Fix potential integer overflow in allocation"

by Richard Weinberger

This reverts commit 353748a359f1821ee934afc579cf04572406b420. It bypassed the linux-mtd review process and fixes the issue not as it should. Cc: Kees Cook <keescook(a)chromium.org> Cc: Silvio Cesare <silvio.cesare(a)gmail.com> Cc: stable(a)vger.kernel.org Signed-off-by: Richard Weinberger <richard(a)nod.at> --- fs/ubifs/journal.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/fs/ubifs/journal.c b/fs/ubifs/journal.c index 07b4956e0425..da8afdfccaa6 100644 --- a/fs/ubifs/journal.c +++ b/fs/ubifs/journal.c @@ -1282,11 +1282,10 @@ static int truncate_data_node(const struct ubifs_info *c, const struct inode *in int *new_len) { void *buf; - int err, compr_type; - u32 dlen, out_len, old_dlen; + int err, dlen, compr_type, out_len, old_dlen; out_len = le32_to_cpu(dn->size); - buf = kmalloc_array(out_len, WORST_COMPR_FACTOR, GFP_NOFS); + buf = kmalloc(out_len * WORST_COMPR_FACTOR, GFP_NOFS); if (!buf) return -ENOMEM; -- 2.18.0

7 years, 2 months

2
7
0 0

+ mm-teach-dump_page-to-correctly-output-poisoned-struct-pages.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: teach dump_page() to correctly output poisoned struct pages has been added to the -mm tree. Its filename is mm-teach-dump_page-to-correctly-output-poisoned-struct-pages.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-teach-dump_page-to-correctly-ou… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-teach-dump_page-to-correctly-ou… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Pavel Tatashin <pasha.tatashin(a)oracle.com> Subject: mm: teach dump_page() to correctly output poisoned struct pages If struct page is poisoned, and uninitialized access is detected via PF_POISONED_CHECK(page) dump_page() is called to output the page. But, the dump_page() itself accesses struct page to determine how to print it, and therefore gets into a recursive loop. For example: dump_page() __dump_page() PageSlab(page) PF_POISONED_CHECK(page) VM_BUG_ON_PGFLAGS(PagePoisoned(page), page) dump_page() recursion loop. Link: http://lkml.kernel.org/r/20180702180536.2552-1-pasha.tatashin@oracle.com Fixes: f165b378bbdf ("mm: uninitialized struct page poisoning sanity checking") Signed-off-by: Pavel Tatashin <pasha.tatashin(a)oracle.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/debug.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff -puN mm/debug.c~mm-teach-dump_page-to-correctly-output-poisoned-struct-pages mm/debug.c --- a/mm/debug.c~mm-teach-dump_page-to-correctly-output-poisoned-struct-pages +++ a/mm/debug.c @@ -43,12 +43,25 @@ const struct trace_print_flags vmaflag_n void __dump_page(struct page *page, const char *reason) { + bool page_poisoned = PagePoisoned(page); + int mapcount; + + /* + * If struct page is poisoned don't access Page*() functions as that + * leads to recursive loop. Page*() check for poisoned pages, and calls + * dump_page() when detected. + */ + if (page_poisoned) { + pr_emerg("page:%px is uninitialized and poisoned", page); + goto hex_only; + } + /* * Avoid VM_BUG_ON() in page_mapcount(). * page->_mapcount space in struct page is used by sl[aou]b pages to * encode own info. */ - int mapcount = PageSlab(page) ? 0 : page_mapcount(page); + mapcount = PageSlab(page) ? 0 : page_mapcount(page); pr_emerg("page:%px count:%d mapcount:%d mapping:%px index:%#lx", page, page_ref_count(page), mapcount, @@ -60,6 +73,7 @@ void __dump_page(struct page *page, cons pr_emerg("flags: %#lx(%pGp)\n", page->flags, &page->flags); +hex_only: print_hex_dump(KERN_ALERT, "raw: ", DUMP_PREFIX_NONE, 32, sizeof(unsigned long), page, sizeof(struct page), false); @@ -68,7 +82,7 @@ void __dump_page(struct page *page, cons pr_alert("page dumped because: %s\n", reason); #ifdef CONFIG_MEMCG - if (page->mem_cgroup) + if (!page_poisoned && page->mem_cgroup) pr_alert("page->mem_cgroup:%px\n", page->mem_cgroup); #endif } _ Patches currently in -mm which might be from pasha.tatashin(a)oracle.com are mm-teach-dump_page-to-correctly-output-poisoned-struct-pages.patch mm-skip-invalid-pages-block-at-a-time-in-zero_resv_unresv.patch sparc64-ng4-memset-32-bits-overflow.patch

7 years, 2 months

1
0
0 0

[PATCH 4.14 000/157] 4.14.53-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.53 release. There are 157 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Tue Jul 3 16:08:21 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.53-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.53-rc1 Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Fix use-after-free in xhci_free_virt_device Mike Snitzer <snitzer(a)redhat.com> dm thin: handle running out of data space vs concurrent discard Bart Van Assche <bart.vanassche(a)wdc.com> dm zoned: avoid triggering reclaim from inside dmz_map() Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y Bart Van Assche <bart.vanassche(a)wdc.com> block: Fix cloning of requests with a special payload Keith Busch <keith.busch(a)intel.com> block: Fix transfer when chunk sectors exceeds max Mikulas Patocka <mpatocka(a)redhat.com> slub: fix failure when we delete and create a slab cache Hui Wang <hui.wang(a)canonical.com> ALSA: hda/realtek - Fix the problem of two front mics on more machines Takashi Iwai <tiwai(a)suse.de> ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210 Takashi Iwai <tiwai(a)suse.de> ALSA: hda/realtek - Fix pop noise on Lenovo P50 & co Takashi Iwai <tiwai(a)suse.de> ALSA: timer: Fix UBSAN warning at SNDRV_TIMER_IOCTL_NEXT_DEVICE ioctl ??? <kt.liao(a)emc.com.tw> Input: elantech - fix V4 report decoding for module with middle key Aaron Ma <aaron.ma(a)canonical.com> Input: elantech - enable middle button of touchpads on ThinkPad P52 Ben Hutchings <ben.hutchings(a)codethink.co.uk> Input: elan_i2c_smbus - fix more potential stack buffer overflows Enno Boland <gottox(a)voidlinux.eu> Input: xpad - fix GPD Win 2 controller name Jan Kara <jack(a)suse.cz> udf: Detect incorrect directory size Boris Ostrovsky <boris.ostrovsky(a)oracle.com> xen: Remove unnecessary BUG_ON from __unbind_from_irq() Dan Williams <dan.j.williams(a)intel.com> mm: fix devmem_is_allowed() for sub-page System RAM intersections Jia He <jia.he(a)hxt-semitech.com> mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm() Dongsheng Yang <dongsheng.yang(a)easystack.cn> rbd: flush rbd_dev->watch_dwork after watch is unregistered Hans de Goede <hdegoede(a)redhat.com> pwm: lpss: platform: Save/restore the ctrl register over a suspend/resume Alexandr Savca <alexandr.savca(a)saltedge.com> Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID Hans de Goede <hdegoede(a)redhat.com> ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices Kees Cook <keescook(a)chromium.org> video: uvesafb: Fix integer overflow in allocation Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Fix a typo in nfs41_sequence_process Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4: Revert commit 5f83d86cf531d ("NFSv4.x: Fix wraparound issues..") Dave Wysochanski <dwysocha(a)redhat.com> NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message Scott Mayhew <smayhew(a)redhat.com> nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir Mauro Carvalho Chehab <mchehab(a)kernel.org> media: dvb_frontend: fix locking issues at dvb_frontend_get_event() Kai-Heng Feng <kai.heng.feng(a)canonical.com> media: cx231xx: Add support for AverMedia DVD EZMaker 7 Mauro Carvalho Chehab <mchehab(a)kernel.org> media: v4l2-compat-ioctl32: prevent go past max size Kieran Bingham <kieran.bingham+renesas(a)ideasonboard.com> media: vsp1: Release buffers for each video node Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Add event constraint for BDX PCU Kan Liang <Kan.liang(a)intel.com> perf vendor events: Add Goldmont Plus V1 event file Adrian Hunter <adrian.hunter(a)intel.com> perf intel-pt: Fix packet decoding of CYC packets Adrian Hunter <adrian.hunter(a)intel.com> perf intel-pt: Fix "Unexpected indirect branch" error Adrian Hunter <adrian.hunter(a)intel.com> perf intel-pt: Fix MTC timing after overflow Adrian Hunter <adrian.hunter(a)intel.com> perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP Adrian Hunter <adrian.hunter(a)intel.com> perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING Adrian Hunter <adrian.hunter(a)intel.com> perf tools: Fix symbol and object code resolution for vdso32 and vdsox32 Sean Wang <sean.wang(a)mediatek.com> arm: dts: mt7623: fix invalid memory node being generated Jarkko Nikula <jarkko.nikula(a)linux.intel.com> mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> mfd: intel-lpss: Program REMAP register in PIO mode Johan Hovold <johan(a)kernel.org> backlight: tps65217_bl: Fix Device Tree node lookup Johan Hovold <johan(a)kernel.org> backlight: max8925_bl: Fix Device Tree node lookup Johan Hovold <johan(a)kernel.org> backlight: as3711_bl: Fix Device Tree node lookup Silvio Cesare <silvio.cesare(a)gmail.com> UBIFS: Fix potential integer overflow in allocation Richard Weinberger <richard(a)nod.at> ubi: fastmap: Correctly handle interrupted erasures in EBA Richard Weinberger <richard(a)nod.at> ubi: fastmap: Cancel work upon detach Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> rpmsg: smd: do not use mananged resources for endpoints and channels NeilBrown <neilb(a)suse.com> md: fix two problems with setting the "re-add" device state. Michael Trimarchi <michael(a)amarulasolutions.com> rtc: sun6i: Fix bit_idx value for clk_register_gate Marcin Ziemianowicz <marcin(a)ziemianowicz.com> clk: at91: PLL recalc_rate() now using cached MUL and DIV values Robert Elliott <elliott(a)hpe.com> linvdimm, pmem: Preserve read-only setting for pmem devices Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF Steffen Maier <maier(a)linux.ibm.com> scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler Anil Gurumurthy <anil.gurumurthy(a)cavium.com> scsi: qla2xxx: Mask off Scope bits in retry delay Himanshu Madhani <himanshu.madhani(a)cavium.com> scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails Sinan Kaya <okaya(a)codeaurora.org> scsi: hpsa: disable device during shutdown Dan Williams <dan.j.williams(a)intel.com> mm: fix __gup_device_huge vs unmap Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> iio: sca3000: Fix an error handling path in 'sca3000_probe()' Alexandru Ardelean <alexandru.ardelean(a)analog.com> iio: adc: ad7791: remove sample freq sysfs attributes Filipe Manana <fdmanana(a)suse.com> Btrfs: fix return value on rename exchange failure Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> X.509: unpack RSA signatureValue field from BIT STRING Yang Yingliang <yangyingliang(a)huawei.com> irqchip/gic-v3-its: Don't bind LPI to unavailable NUMA node Geert Uytterhoeven <geert(a)linux-m68k.org> time: Make sure jiffies_to_msecs() preserves non-zero time periods Huacai Chen <chenhc(a)lemote.com> MIPS: io: Add barrier after register read in inX() Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> cpufreq: intel_pstate: Fix scaling max/min limits with Turbo 3.0 Fabio Estevam <fabio.estevam(a)nxp.com> pinctrl: devicetree: Fix pctldev pointer overwrite Paweł Chmiel <pawel.mikolaj.chmiel(a)gmail.com> pinctrl: samsung: Correct EINTG banks order Randy Dunlap <rdunlap(a)infradead.org> auxdisplay: fix broken menu Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: Add ACS quirk for Intel 300 series Alex Williamson <alex.williamson(a)redhat.com> PCI: Add ACS quirk for Intel 7th & 8th Gen mobile Sridhar Pitchai <Sridhar.Pitchai(a)microsoft.com> PCI: hv: Make sure the bus domain is really unique Tokunori Ikegami <ikegami(a)allied-telesis.co.jp> MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking. Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips Joakim Tjernlund <joakim.tjernlund(a)infinera.com> mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock() Tokunori Ikegami <ikegami(a)allied-telesis.co.jp> mtd: cfi_cmdset_0002: Change write buffer to check correct value Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Return -ENOBUFS when no pages are available Leon Romanovsky <leonro(a)mellanox.com> RDMA/mlx4: Discard unknown SQP work requests Mike Marciniszyn <mike.marciniszyn(a)intel.com> IB/hfi1: Fix user context tail allocation for DMA_RTAIL Sebastian Sanchez <sebastian.sanchez(a)intel.com> IB/hfi1: Optimize kthread pointer locking when queuing CQ entries Michael J. Ruhl <michael.j.ruhl(a)intel.com> IB/hfi1: Reorder incorrect send context disable Mike Marciniszyn <mike.marciniszyn(a)intel.com> IB/hfi1: Fix fault injection init/exit issues Max Gurtovoy <maxg(a)mellanox.com> IB/isert: fix T10-pi check mask setting Alex Estrin <alex.estrin(a)intel.com> IB/isert: Fix for lib/dma_debug check_sync warning Erez Shitrit <erezsh(a)mellanox.com> IB/mlx5: Fetch soft WQE's on fatal error state Jack Morgenstein <jackm(a)dev.mellanox.co.il> IB/core: Make testing MR flags for writability a static inline function Jack Morgenstein <jackm(a)dev.mellanox.co.il> IB/mlx4: Mark user MR as writable if actual virtual memory is writable Alex Estrin <alex.estrin(a)intel.com> IB/{hfi1, qib}: Add handling of kernel restart Mike Marciniszyn <mike.marciniszyn(a)intel.com> IB/qib: Fix DMA api warning with debug kernel Tadeusz Struk <tadeusz.struk(a)intel.com> tpm: fix race condition in tpm_common_write() Tadeusz Struk <tadeusz.struk(a)intel.com> tpm: fix use after free in tpm2_load_context() Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> of: platform: stop accessing invalid dev in of_platform_device_destroy Stefan M Schaeckeler <sschaeck(a)cisco.com> of: unittest: for strings, account for trailing \0 in property length field Frank Rowand <frank.rowand(a)sony.com> of: overlay: validate offset from property fixups Jerome Brunet <jbrunet(a)baylibre.com> ARM64: dts: meson: disable sd-uhs modes on the libretech-cc Will Deacon <will.deacon(a)arm.com> arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance Will Deacon <will.deacon(a)arm.com> arm64: kpti: Use early_param for kpti= command-line option Dave Martin <Dave.Martin(a)arm.com> arm64: Fix syscall restarting around signal suppressed by tracer Dinh Nguyen <dinguyen(a)kernel.org> ARM: dts: socfpga: Fix NAND controller node compatible for Arria10 Marek Vasut <marex(a)denx.de> ARM: dts: socfpga: Fix NAND controller clock supply Marek Vasut <marex(a)denx.de> ARM: dts: socfpga: Fix NAND controller node compatible Thor Thayer <thor.thayer(a)linux.intel.com> ARM: dts: Fix SPI node for Arria10 David Rivshin <DRivshin(a)allworx.com> ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size Vaibhav Jain <vaibhav(a)linux.ibm.com> cxl: Disable prefault_mode in Radix mode Finley Xiao <finley.xiao(a)rock-chips.com> soc: rockchip: power-domain: Fix wrong value when power up pd with writemask Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/fadump: Unregister fadump on kexec down path. Gautham R. Shenoy <ego(a)linux.vnet.ibm.com> cpuidle: powernv: Fix promotion from snooze if next state disabled Akshay Adiga <akshay.adiga(a)linux.vnet.ibm.com> powerpc/powernv/cpuidle: Init all present cpus for deep states Haren Myneni <haren(a)us.ibm.com> powerpc/powernv: copy/paste - Mask SO bit in CR Alexey Kardashevskiy <aik(a)ozlabs.ru> powerpc/powernv/ioda2: Remove redundant free of TCE pages Michael Neuling <mikey(a)neuling.org> powerpc/ptrace: Fix enforcement of DAWR constraints Anju T Sudhakar <anju(a)linux.vnet.ibm.com> powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() Michael Neuling <mikey(a)neuling.org> powerpc/ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix control dir setup and teardown Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> fuse: don't keep dead fuse_conn at fuse_fill_super(). Miklos Szeredi <mszeredi(a)redhat.com> fuse: atomic_o_trunc should truncate pagecache Tejun Heo <tj(a)kernel.org> fuse: fix congested state leak on aborted connections Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> printk: fix possible reuse of va_list variable Amit Pundir <amit.pundir(a)linaro.org> Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader Corey Minyard <cminyard(a)mvista.com> ipmi:bt: Set the timeout before doing a capabilities check Mikulas Patocka <mpatocka(a)redhat.com> branch-check: fix long->int truncation when profiling branches Matthias Schiffer <mschiffer(a)universe-factory.net> mips: ftrace: fix static function graph tracing Steven Rostedt (VMware) <rostedt(a)goodmis.org> ftrace/selftest: Have the reset_trigger code be a bit more careful Geert Uytterhoeven <geert+renesas(a)glider.be> lib/vsprintf: Remove atomic-unsafe support for %pCr Geert Uytterhoeven <geert+renesas(a)glider.be> clk: renesas: cpg-mssr: Stop using printk format %pCr Geert Uytterhoeven <geert+renesas(a)glider.be> thermal: bcm2835: Stop using printk format %pCr Alexander Sverdlin <alexander.sverdlin(a)gmail.com> ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup Alexander Sverdlin <alexander.sverdlin(a)gmail.com> ASoC: cirrus: i2s: Fix LRCLK configuration Paul Handrigan <Paul.Handrigan(a)cirrus.com> ASoC: cs35l35: Add use_single_rw to regmap config Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it Ingo Flaschberger <ingo.flaschberger(a)gmail.com> 1wire: family module autoload fails because of upper/lower case mismatch. Maxim Moseychuk <franchesko.salias.hudro.pedros(a)gmail.com> usb: do not reset if a low-speed or full-speed device timed out Waldemar Rymarkiewicz <waldemar.rymarkiewicz(a)gmail.com> PM / OPP: Update voltage in case freq == old_freq Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> PM / core: Fix supplier device runtime PM usage counter imbalance Ulf Hansson <ulf.hansson(a)linaro.org> PM / Domains: Fix error path during attach in genpd Eric W. Biederman <ebiederm(a)xmission.com> signal/xtensa: Consistenly use SIGBUS in do_unaligned_user Daniel Wagner <daniel.wagner(a)siemens.com> serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version Finn Thain <fthain(a)telegraphics.com.au> m68k/mac: Fix SWIM memory resource end address Michael Schmitz <schmitzmic(a)gmail.com> m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap() Siarhei Liakh <Siarhei.Liakh(a)concurrent-rt.com> x86: Call fixup_exception() before notify_die() in math_error() Borislav Petkov <bp(a)suse.de> x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() Tony Luck <tony.luck(a)intel.com> x86/mce: Fix incorrect "Machine check from unknown source" message Tony Luck <tony.luck(a)intel.com> x86/mce: Check for alternate indication of machine check recovery on Skylake Tony Luck <tony.luck(a)intel.com> x86/mce: Improve error message when kernel cannot recover Juergen Gross <jgross(a)suse.com> x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths Dan Williams <dan.j.williams(a)intel.com> x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec() ------------- Diffstat: Documentation/ABI/testing/sysfs-class-cxl | 4 +- Documentation/printk-formats.txt | 3 +- Makefile | 4 +- arch/arm/boot/dts/mt7623.dtsi | 3 +- arch/arm/boot/dts/mt7623n-bananapi-bpi-r2.dts | 1 + arch/arm/boot/dts/mt7623n-rfb.dtsi | 1 + arch/arm/boot/dts/socfpga.dtsi | 4 +- arch/arm/boot/dts/socfpga_arria10.dtsi | 5 +- arch/arm/include/asm/kgdb.h | 2 +- .../dts/amlogic/meson-gxl-s905x-libretech-cc.dts | 3 - arch/arm64/kernel/cpufeature.c | 2 +- arch/arm64/kernel/signal.c | 5 +- arch/arm64/mm/proc.S | 5 +- arch/m68k/mac/config.c | 2 +- arch/m68k/mm/kmap.c | 3 +- arch/mips/bcm47xx/setup.c | 6 + arch/mips/include/asm/io.h | 2 + arch/mips/include/asm/mipsregs.h | 3 + arch/mips/kernel/mcount.S | 27 +- arch/powerpc/kernel/entry_64.S | 1 + arch/powerpc/kernel/fadump.c | 3 + arch/powerpc/kernel/hw_breakpoint.c | 4 +- arch/powerpc/kernel/ptrace.c | 1 + arch/powerpc/perf/imc-pmu.c | 4 +- arch/powerpc/platforms/powernv/copy-paste.h | 3 +- arch/powerpc/platforms/powernv/idle.c | 4 +- arch/powerpc/platforms/powernv/pci-ioda.c | 1 - arch/x86/events/intel/uncore_snbep.c | 8 + arch/x86/include/asm/barrier.h | 2 +- arch/x86/kernel/cpu/mcheck/mce-severity.c | 5 + arch/x86/kernel/cpu/mcheck/mce.c | 44 +- arch/x86/kernel/quirks.c | 11 +- arch/x86/kernel/traps.c | 14 +- arch/x86/mm/init.c | 4 +- arch/x86/platform/efi/efi_64.c | 4 +- arch/x86/xen/smp_pv.c | 5 + arch/xtensa/kernel/traps.c | 2 +- block/blk-core.c | 4 + crypto/asymmetric_keys/x509_cert_parser.c | 9 + drivers/acpi/acpi_lpss.c | 2 + drivers/auxdisplay/Kconfig | 10 +- drivers/base/core.c | 15 +- drivers/base/power/domain.c | 3 + drivers/base/power/opp/core.c | 2 +- drivers/block/rbd.c | 2 +- drivers/bluetooth/hci_qca.c | 6 + drivers/char/ipmi/ipmi_bt_sm.c | 3 +- drivers/char/tpm/tpm-dev-common.c | 40 +- drivers/char/tpm/tpm-dev.h | 2 +- drivers/char/tpm/tpm2-space.c | 3 +- drivers/clk/at91/clk-pll.c | 13 +- drivers/clk/renesas/renesas-cpg-mssr.c | 9 +- drivers/cpufreq/intel_pstate.c | 27 +- drivers/cpuidle/cpuidle-powernv.c | 32 +- drivers/iio/accel/sca3000.c | 9 +- drivers/iio/adc/ad7791.c | 49 - drivers/infiniband/core/umem.c | 11 +- drivers/infiniband/hw/hfi1/chip.c | 8 +- drivers/infiniband/hw/hfi1/debugfs.c | 8 +- drivers/infiniband/hw/hfi1/file_ops.c | 4 +- drivers/infiniband/hw/hfi1/hfi.h | 1 + drivers/infiniband/hw/hfi1/init.c | 22 +- drivers/infiniband/hw/hfi1/pio.c | 44 +- drivers/infiniband/hw/mlx4/mad.c | 1 - drivers/infiniband/hw/mlx4/mr.c | 50 +- drivers/infiniband/hw/mlx5/cq.c | 15 +- drivers/infiniband/hw/qib/qib.h | 4 +- drivers/infiniband/hw/qib/qib_file_ops.c | 10 +- drivers/infiniband/hw/qib/qib_init.c | 13 + drivers/infiniband/hw/qib/qib_user_pages.c | 20 +- drivers/infiniband/sw/rdmavt/cq.c | 31 +- drivers/infiniband/ulp/isert/ib_isert.c | 28 +- drivers/input/joystick/xpad.c | 2 +- drivers/input/mouse/elan_i2c.h | 2 + drivers/input/mouse/elan_i2c_core.c | 3 +- drivers/input/mouse/elan_i2c_smbus.c | 10 +- drivers/input/mouse/elantech.c | 11 +- drivers/irqchip/irq-gic-v3-its.c | 9 +- drivers/md/dm-thin.c | 11 +- drivers/md/dm-zoned-target.c | 2 +- drivers/md/md.c | 4 +- drivers/media/dvb-core/dvb_frontend.c | 23 +- drivers/media/platform/vsp1/vsp1_video.c | 21 +- drivers/media/usb/cx231xx/cx231xx-cards.c | 3 + drivers/media/v4l2-core/v4l2-compat-ioctl32.c | 2 +- drivers/mfd/intel-lpss-pci.c | 25 +- drivers/mfd/intel-lpss.c | 4 +- drivers/misc/cxl/sysfs.c | 16 +- drivers/mtd/chips/cfi_cmdset_0002.c | 21 +- drivers/mtd/ubi/build.c | 3 + drivers/mtd/ubi/eba.c | 90 +- drivers/mtd/ubi/wl.c | 4 +- drivers/nvdimm/bus.c | 14 +- drivers/of/platform.c | 5 +- drivers/of/resolver.c | 5 + drivers/of/unittest.c | 8 +- drivers/pci/host/pci-hyperv.c | 11 - drivers/pci/hotplug/pciehp.h | 2 +- drivers/pci/hotplug/pciehp_core.c | 2 +- drivers/pci/hotplug/pciehp_hpc.c | 13 +- drivers/pci/quirks.c | 20 + drivers/pinctrl/devicetree.c | 7 +- drivers/pinctrl/samsung/pinctrl-exynos-arm.c | 4 +- drivers/pwm/pwm-lpss-platform.c | 5 + drivers/pwm/pwm-lpss.c | 30 + drivers/pwm/pwm-lpss.h | 2 + drivers/rpmsg/qcom_smd.c | 18 +- drivers/rtc/rtc-sun6i.c | 4 +- drivers/s390/scsi/zfcp_dbf.c | 40 + drivers/s390/scsi/zfcp_erp.c | 123 +- drivers/s390/scsi/zfcp_ext.h | 5 + drivers/s390/scsi/zfcp_scsi.c | 18 +- drivers/scsi/hpsa.c | 10 +- drivers/scsi/qla2xxx/qla_init.c | 3 +- drivers/scsi/qla2xxx/qla_isr.c | 8 +- drivers/soc/rockchip/pm_domains.c | 2 +- drivers/thermal/broadcom/bcm2835_thermal.c | 4 +- drivers/tty/serial/sh-sci.c | 8 +- drivers/usb/core/hub.c | 4 +- drivers/usb/host/xhci.c | 1 + drivers/video/backlight/as3711_bl.c | 33 +- drivers/video/backlight/max8925_bl.c | 4 +- drivers/video/backlight/tps65217_bl.c | 4 +- drivers/video/fbdev/uvesafb.c | 3 +- drivers/w1/w1.c | 2 +- drivers/xen/events/events_base.c | 2 - fs/btrfs/inode.c | 4 +- fs/fuse/control.c | 13 +- fs/fuse/dev.c | 3 +- fs/fuse/dir.c | 13 +- fs/fuse/inode.c | 1 + fs/nfs/callback_proc.c | 7 +- fs/nfs/nfs4idmap.c | 5 +- fs/nfs/nfs4proc.c | 2 +- fs/nfsd/nfs4xdr.c | 5 +- fs/ubifs/journal.c | 5 +- fs/udf/directory.c | 3 + include/linux/blkdev.h | 4 +- include/linux/compiler.h | 2 +- include/linux/slub_def.h | 4 + include/rdma/ib_verbs.h | 14 + include/rdma/rdma_vt.h | 2 +- kernel/printk/printk_safe.c | 5 +- kernel/time/time.c | 6 +- lib/vsprintf.c | 3 - mm/gup.c | 36 +- mm/ksm.c | 14 +- mm/slab_common.c | 4 + mm/slub.c | 7 +- net/sunrpc/xprtrdma/rpc_rdma.c | 2 +- sound/core/timer.c | 2 +- sound/pci/hda/patch_realtek.c | 20 +- sound/soc/cirrus/edb93xx.c | 2 +- sound/soc/cirrus/ep93xx-i2s.c | 26 +- sound/soc/cirrus/snappercl15.c | 2 +- sound/soc/codecs/cs35l35.c | 1 + sound/soc/soc-dapm.c | 2 + .../pmu-events/arch/x86/goldmontplus/cache.json | 1453 ++++++++++++++++++++ .../pmu-events/arch/x86/goldmontplus/frontend.json | 62 + .../pmu-events/arch/x86/goldmontplus/memory.json | 38 + .../pmu-events/arch/x86/goldmontplus/other.json | 98 ++ .../pmu-events/arch/x86/goldmontplus/pipeline.json | 544 ++++++++ .../arch/x86/goldmontplus/virtual-memory.json | 218 +++ tools/perf/pmu-events/arch/x86/mapfile.csv | 1 + tools/perf/util/dso.c | 2 + .../perf/util/intel-pt-decoder/intel-pt-decoder.c | 23 +- .../perf/util/intel-pt-decoder/intel-pt-decoder.h | 9 + .../util/intel-pt-decoder/intel-pt-pkt-decoder.c | 2 +- tools/perf/util/intel-pt.c | 5 + tools/testing/selftests/ftrace/test.d/functions | 21 +- 170 files changed, 3595 insertions(+), 505 deletions(-)

7 years, 2 months

4
155
0 0

[PATCH] usb/host/pci-quirks: Only reset USB bus on NVIDIA devices

by Paul Menzel

Currently, on the AMD board Asus F2A85-M Pro there is a 100 ms delay as the USB bus of each of the two OHCI PCI devices is reset. As a 50 ms delay is done per the USB specification. Commit c6187597 (OHCI: final fix for NVIDIA problems (I hope)) unconditionally does the bus reset for all chipsets, while it was only doen for NVIDIA chipsets before. As it should not be needed for non-NVIDIA chipsets, only do the reset for Nvidia devices. Tested on Asus F2A85-M PRO and ASRock E350M1. The USB keyboard works and the LUKS passphrase can be e ntered. Signed-off-by: Paul Menzel <pmenzel(a)molgen.mpg.de> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: linux-usb(a)vger.kernel.org Cc: Alan Stern <stern(a)rowland.harvard.edu> Cc: linux-kernel(a)vger.kernel.org Cc: stable(a)vger.kernel.org --- drivers/usb/host/pci-quirks.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/host/pci-quirks.c b/drivers/usb/host/pci-quirks.c index 3625a5c1a41b..f6b1a9bbe301 100644 --- a/drivers/usb/host/pci-quirks.c +++ b/drivers/usb/host/pci-quirks.c @@ -784,7 +784,7 @@ static void quirk_usb_handoff_ohci(struct pci_dev *pdev) writel((u32) ~0, base + OHCI_INTRDISABLE); /* Reset the USB bus, if the controller isn't already in RESET */ - if (control & OHCI_HCFS) { + if ((pdev->vendor == PCI_VENDOR_ID_NVIDIA) && (control & OHCI_HCFS)) { /* Go into RESET, preserving RWC (and possibly IR) */ writel(control & OHCI_CTRL_MASK, base + OHCI_CONTROL); readl(base + OHCI_CONTROL); -- 2.17.1

7 years, 2 months

2
1
0 0

[PATCH] IB/hfi1: Fix user context tail allocation for DMA_RTAIL

by Mike Marciniszyn

commit 1bc0299d976e000ececc6acd76e33b4582646cb7 upstream. The following code fails to allocate a buffer for the tail address that the hardware DMAs into when the user context DMA_RTAIL is set. if (HFI1_CAP_KGET_MASK(rcd->flags, DMA_RTAIL)) { rcd->rcvhdrtail_kvaddr = dma_zalloc_coherent( &dd->pcidev->dev, PAGE_SIZE, &dma_hdrqtail, gfp_flags); if (!rcd->rcvhdrtail_kvaddr) goto bail_free; rcd->rcvhdrqtailaddr_dma = dma_hdrqtail; } So the rcvhdrtail_kvaddr would then be NULL. The mmap logic fails to check for a NULL rcvhdrtail_kvaddr. The fix is to test for both user and kernel DMA_TAIL options during the allocation as well as testing for a NULL rcvhdrtail_kvaddr during the mmap processing. Additionally, all downstream testing of the capmask for DMA_RTAIL have been eliminated in favor of testing rcvhdrtail_kvaddr. The patch had to be adjusted for lack of VNIC and interating contexts differently in the 4.9 code base. Reviewed-by: Michael J. Ruhl <michael.j.ruhl(a)intel.com> Signed-off-by: Mike Marciniszyn <mike.marciniszyn(a)intel.com> Signed-off-by: Dennis Dalessandro <dennis.dalessandro(a)intel.com> Signed-off-by: Jason Gunthorpe <jgg(a)mellanox.com> --- drivers/infiniband/hw/hfi1/chip.c | 8 ++++---- drivers/infiniband/hw/hfi1/file_ops.c | 2 +- drivers/infiniband/hw/hfi1/init.c | 9 ++++----- 3 files changed, 9 insertions(+), 10 deletions(-) diff --git a/drivers/infiniband/hw/hfi1/chip.c b/drivers/infiniband/hw/hfi1/chip.c index 148b313..d30b3b9 100644 --- a/drivers/infiniband/hw/hfi1/chip.c +++ b/drivers/infiniband/hw/hfi1/chip.c @@ -6717,7 +6717,7 @@ static void rxe_kernel_unfreeze(struct hfi1_devdata *dd) for (i = 0; i < dd->n_krcv_queues; i++) { rcvmask = HFI1_RCVCTRL_CTXT_ENB; /* HFI1_RCVCTRL_TAILUPD_[ENB|DIS] needs to be set explicitly */ - rcvmask |= HFI1_CAP_KGET_MASK(dd->rcd[i]->flags, DMA_RTAIL) ? + rcvmask |= dd->rcd[i]->rcvhdrtail_kvaddr ? HFI1_RCVCTRL_TAILUPD_ENB : HFI1_RCVCTRL_TAILUPD_DIS; hfi1_rcvctrl(dd, rcvmask, i); } @@ -8211,7 +8211,7 @@ static inline int check_packet_present(struct hfi1_ctxtdata *rcd) u32 tail; int present; - if (!HFI1_CAP_IS_KSET(DMA_RTAIL)) + if (!rcd->rcvhdrtail_kvaddr) present = (rcd->seq_cnt == rhf_rcv_seq(rhf_to_cpu(get_rhf_addr(rcd)))); else /* is RDMA rtail */ @@ -11550,7 +11550,7 @@ void hfi1_rcvctrl(struct hfi1_devdata *dd, unsigned int op, int ctxt) /* reset the tail and hdr addresses, and sequence count */ write_kctxt_csr(dd, ctxt, RCV_HDR_ADDR, rcd->rcvhdrq_dma); - if (HFI1_CAP_KGET_MASK(rcd->flags, DMA_RTAIL)) + if (rcd->rcvhdrtail_kvaddr) write_kctxt_csr(dd, ctxt, RCV_HDR_TAIL_ADDR, rcd->rcvhdrqtailaddr_dma); rcd->seq_cnt = 1; @@ -11630,7 +11630,7 @@ void hfi1_rcvctrl(struct hfi1_devdata *dd, unsigned int op, int ctxt) rcvctrl |= RCV_CTXT_CTRL_INTR_AVAIL_SMASK; if (op & HFI1_RCVCTRL_INTRAVAIL_DIS) rcvctrl &= ~RCV_CTXT_CTRL_INTR_AVAIL_SMASK; - if (op & HFI1_RCVCTRL_TAILUPD_ENB && rcd->rcvhdrqtailaddr_dma) + if ((op & HFI1_RCVCTRL_TAILUPD_ENB) && rcd->rcvhdrtail_kvaddr) rcvctrl |= RCV_CTXT_CTRL_TAIL_UPD_SMASK; if (op & HFI1_RCVCTRL_TAILUPD_DIS) { /* See comment on RcvCtxtCtrl.TailUpd above */ diff --git a/drivers/infiniband/hw/hfi1/file_ops.c b/drivers/infiniband/hw/hfi1/file_ops.c index bb72976..d612f9d 100644 --- a/drivers/infiniband/hw/hfi1/file_ops.c +++ b/drivers/infiniband/hw/hfi1/file_ops.c @@ -609,7 +609,7 @@ static int hfi1_file_mmap(struct file *fp, struct vm_area_struct *vma) ret = -EINVAL; goto done; } - if (flags & VM_WRITE) { + if ((flags & VM_WRITE) || !uctxt->rcvhdrtail_kvaddr) { ret = -EPERM; goto done; } diff --git a/drivers/infiniband/hw/hfi1/init.c b/drivers/infiniband/hw/hfi1/init.c index ae1f90d..28f4079 100644 --- a/drivers/infiniband/hw/hfi1/init.c +++ b/drivers/infiniband/hw/hfi1/init.c @@ -1605,7 +1605,6 @@ int hfi1_create_rcvhdrq(struct hfi1_devdata *dd, struct hfi1_ctxtdata *rcd) u64 reg; if (!rcd->rcvhdrq) { - dma_addr_t dma_hdrqtail; gfp_t gfp_flags; /* @@ -1628,13 +1627,13 @@ int hfi1_create_rcvhdrq(struct hfi1_devdata *dd, struct hfi1_ctxtdata *rcd) goto bail; } - if (HFI1_CAP_KGET_MASK(rcd->flags, DMA_RTAIL)) { + if (HFI1_CAP_KGET_MASK(rcd->flags, DMA_RTAIL) || + HFI1_CAP_UGET_MASK(rcd->flags, DMA_RTAIL)) { rcd->rcvhdrtail_kvaddr = dma_zalloc_coherent( - &dd->pcidev->dev, PAGE_SIZE, &dma_hdrqtail, - gfp_flags); + &dd->pcidev->dev, PAGE_SIZE, + &rcd->rcvhdrqtailaddr_dma, gfp_flags); if (!rcd->rcvhdrtail_kvaddr) goto bail_free; - rcd->rcvhdrqtailaddr_dma = dma_hdrqtail; } rcd->rcvhdrq_size = amt;

7 years, 2 months

1
0
0 0

[PATCH] sched/nohz: Skip remote tick on idle task entirely

by Frederic Weisbecker

Some people have reported that the warning in sched_tick_remote() occasionally triggers, especially in favour of some RCU-Torture pressure: WARNING: CPU: 11 PID: 906 at kernel/sched/core.c:3138 sched_tick_remote+0xb6/0xc0 Modules linked in: CPU: 11 PID: 906 Comm: kworker/u32:3 Not tainted 4.18.0-rc2+ #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014 Workqueue: events_unbound sched_tick_remote RIP: 0010:sched_tick_remote+0xb6/0xc0 Code: e8 0f 06 b8 00 c6 03 00 fb eb 9d 8b 43 04 85 c0 75 8d 48 8b 83 e0 0a 00 00 48 85 c0 75 81 eb 88 48 89 df e8 bc fe ff ff eb aa <0f> 0b eb +c5 66 0f 1f 44 00 00 bf 17 00 00 00 e8 b6 2e fe ff 0f b6 Call Trace: process_one_work+0x1df/0x3b0 worker_thread+0x44/0x3d0 kthread+0xf3/0x130 ? set_worker_desc+0xb0/0xb0 ? kthread_create_worker_on_cpu+0x70/0x70 ret_from_fork+0x35/0x40 This happens when the remote tick applies on an idle task. Usually the idle_cpu() check avoids that, but it is performed before we lock the runqueue and it is therefore racy. It was intended to be that way in order to prevent from useless runqueue locks since idle task tick callback is a no-op. Now if the racy check slips out of our hands and we end up remotely ticking an idle task, the empty task_tick_idle() is harmless. Still it won't pass the WARN_ON_ONCE() test that ensures rq_clock_task() is not too far from curr->se.exec_start because update_curr_idle() doesn't update the exec_start value like other scheduler policies. Hence the reported false positive. So let's have another check, while the rq is locked, to make sure we don't remote tick on an idle task. The lockless idle_cpu() still applies to avoid unecessary rq lock contention. Reported-by: Jacek Tomaka <jacekt(a)dug.com> Reported-by: Paul E. McKenney <paulmck(a)linux.vnet.ibm.com> Reported-by: Anna-Maria Gleixner <anna-maria(a)linutronix.de> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Ingo Molnar <mingo(a)kernel.org> Cc: stable(a)vger.kernel.org Signed-off-by: Frederic Weisbecker <frederic(a)kernel.org> --- kernel/sched/core.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/kernel/sched/core.c b/kernel/sched/core.c index 78d8fac..da8f121 100644 --- a/kernel/sched/core.c +++ b/kernel/sched/core.c @@ -3127,16 +3127,18 @@ static void sched_tick_remote(struct work_struct *work) u64 delta; rq_lock_irq(rq, &rf); - update_rq_clock(rq); curr = rq->curr; - delta = rq_clock_task(rq) - curr->se.exec_start; + if (!is_idle_task(curr)) { + update_rq_clock(rq); + delta = rq_clock_task(rq) - curr->se.exec_start; - /* - * Make sure the next tick runs within a reasonable - * amount of time. - */ - WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3); - curr->sched_class->task_tick(rq, curr, 0); + /* + * Make sure the next tick runs within a reasonable + * amount of time. + */ + WARN_ON_ONCE(delta > (u64)NSEC_PER_SEC * 3); + curr->sched_class->task_tick(rq, curr, 0); + } rq_unlock_irq(rq, &rf); } -- 2.7.4

7 years, 2 months

3
2
0 0

[PATCH] ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS

by Hans de Goede

There have been several reports of LPM related hard freezes about once a day on multiple Lenovo 50 series models. Strange enough these reports where not disk model specific as LPM issues usually are and some users with the exact same disk + laptop where seeing them while other users where not seeing these issues. It turns out that enabling LPM triggers a firmware bug somewhere, which has been fixed in later BIOS versions. This commit adds a new ahci_broken_lpm() function and a new ATA_FLAG_NO_LPM for dealing with this. The ahci_broken_lpm() function contains DMI match info for the 4 models which are known to be affected by this and the DMI BIOS date field for known good BIOS versions. If the BIOS date is older then the one in the table LPM will be disabled and a warning will be printed. Note the BIOS dates are for known good versions, some older versions may work too, but we don't know for sure, the table is using dates from BIOS versions for which users have confirmed that upgrading to that version makes the problem go away. Unfortunately I've been unable to get hold of the reporter who reported that BIOS version 2.35 fixed the problems on the W541 for him. I've been able to verify the DMI_SYS_VENDOR and DMI_PRODUCT_VERSION from an older dmidecode, but I don't know the exact BIOS date as reported in the DMI. Lenovo keeps a changelog with dates in their release notes, but the dates there are the release dates not the build dates which are in DMI. So I've chosen to set the date to which we compare to one day past the release date of the 2.34 BIOS. I plan to fix this with a follow up commit once I've the necessary info. Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> --- drivers/ata/ahci.c | 59 +++++++++++++++++++++++++++++++++++++++ drivers/ata/libata-core.c | 3 ++ include/linux/libata.h | 1 + 3 files changed, 63 insertions(+) diff --git a/drivers/ata/ahci.c b/drivers/ata/ahci.c index 738fb22978dd..fdeb3b4d0f4a 100644 --- a/drivers/ata/ahci.c +++ b/drivers/ata/ahci.c @@ -1280,6 +1280,59 @@ static bool ahci_broken_suspend(struct pci_dev *pdev) return strcmp(buf, dmi->driver_data) < 0; } +static bool ahci_broken_lpm(struct pci_dev *pdev) +{ + static const struct dmi_system_id sysids[] = { + /* Various Lenovo 50 series have LPM issues with older BIOSen */ + { + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "LENOVO"), + DMI_MATCH(DMI_PRODUCT_VERSION, "ThinkPad X250"), + }, + .driver_data = "20180406", /* 1.31 */ + }, + { + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "LENOVO"), + DMI_MATCH(DMI_PRODUCT_VERSION, "ThinkPad L450"), + }, + .driver_data = "20180420", /* 1.28 */ + }, + { + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "LENOVO"), + DMI_MATCH(DMI_PRODUCT_VERSION, "ThinkPad T450s"), + }, + .driver_data = "20180315", /* 1.33 */ + }, + { + .matches = { + DMI_MATCH(DMI_SYS_VENDOR, "LENOVO"), + DMI_MATCH(DMI_PRODUCT_VERSION, "ThinkPad W541"), + }, + /* + * Note date based on release notes, 2.35 has been + * reported to be good, but I've been unable to get + * a hold of the reporter to get the DMI BIOS date. + * TODO: fix this. + */ + .driver_data = "20180310", /* 2.35 */ + }, + { } /* terminate list */ + }; + const struct dmi_system_id *dmi = dmi_first_match(sysids); + int year, month, date; + char buf[9]; + + if (!dmi) + return false; + + dmi_get_date(DMI_BIOS_DATE, &year, &month, &date); + snprintf(buf, sizeof(buf), "%04d%02d%02d", year, month, date); + + return strcmp(buf, dmi->driver_data) < 0; +} + static bool ahci_broken_online(struct pci_dev *pdev) { #define ENCODE_BUSDEVFN(bus, slot, func) \ @@ -1694,6 +1747,12 @@ static int ahci_init_one(struct pci_dev *pdev, const struct pci_device_id *ent) "quirky BIOS, skipping spindown on poweroff\n"); } + if (ahci_broken_lpm(pdev)) { + pi.flags |= ATA_FLAG_NO_LPM; + dev_warn(&pdev->dev, + "BIOS update required for Link Power Management support\n"); + } + if (ahci_broken_suspend(pdev)) { hpriv->flags |= AHCI_HFLAG_NO_SUSPEND; dev_warn(&pdev->dev, diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c index 27d15ed7fa3d..cc71c63df381 100644 --- a/drivers/ata/libata-core.c +++ b/drivers/ata/libata-core.c @@ -2493,6 +2493,9 @@ int ata_dev_configure(struct ata_device *dev) (id[ATA_ID_SATA_CAPABILITY] & 0xe) == 0x2) dev->horkage |= ATA_HORKAGE_NOLPM; + if (ap->flags & ATA_FLAG_NO_LPM) + dev->horkage |= ATA_HORKAGE_NOLPM; + if (dev->horkage & ATA_HORKAGE_NOLPM) { ata_dev_warn(dev, "LPM support broken, forcing max_power\n"); dev->link->ap->target_lpm_policy = ATA_LPM_MAX_POWER; diff --git a/include/linux/libata.h b/include/linux/libata.h index 8b8946dd63b9..26719233a5b1 100644 --- a/include/linux/libata.h +++ b/include/linux/libata.h @@ -210,6 +210,7 @@ enum { ATA_FLAG_SLAVE_POSS = (1 << 0), /* host supports slave dev */ /* (doesn't imply presence) */ ATA_FLAG_SATA = (1 << 1), + ATA_FLAG_NO_LPM = (1 << 2), /* host not happy with LPM */ ATA_FLAG_NO_LOG_PAGE = (1 << 5), /* do not issue log page read */ ATA_FLAG_NO_ATAPI = (1 << 6), /* No ATAPI support */ ATA_FLAG_PIO_DMA = (1 << 7), /* PIO cmds via DMA */ -- 2.17.1

7 years, 2 months

2
1
0 0

[PATCH v2 0/2] mmc: renesas_sdhi_internal_dmac: fix two issues for error path

by Yoshihiro Shimoda

This patch set is based on the mmc.git / fixes branch. Changes from v1: - Add Reviewed-by Geert-san. - Add a new goto label for error path. Yoshihiro Shimoda (2): mmc: renesas_sdhi_internal_dmac: Fix missing unmap in error patch mmc: renesas_sdhi_internal_dmac: Cannot clear the RX_IN_USE in abort drivers/mmc/host/renesas_sdhi_internal_dmac.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) -- 1.9.1

7 years, 2 months

3
5
0 0

[PATCH] spi: spi-fsl-dspi: Fix imprecise abort on VF500 during probe

by Krzysztof Kozlowski

Registers of DSPI should not be accessed before enabling its clock. On Toradex Colibri VF50 on Iris carrier board this could be seen during bootup as imprecise abort: Unhandled fault: imprecise external abort (0x1c06) at 0x00000000 Internal error: : 1c06 [#1] ARM Modules linked in: CPU: 0 PID: 1 Comm: swapper Not tainted 4.14.39-dirty #97 Hardware name: Freescale Vybrid VF5xx/VF6xx (Device Tree) Backtrace: [<804166a8>] (regmap_write) from [<80466b5c>] (dspi_probe+0x1f0/0x8dc) [<8046696c>] (dspi_probe) from [<8040107c>] (platform_drv_probe+0x54/0xb8) [<80401028>] (platform_drv_probe) from [<803ff53c>] (driver_probe_device+0x280/0x2f8) [<803ff2bc>] (driver_probe_device) from [<803ff674>] (__driver_attach+0xc0/0xc4) [<803ff5b4>] (__driver_attach) from [<803fd818>] (bus_for_each_dev+0x70/0xa4) [<803fd7a8>] (bus_for_each_dev) from [<803fee74>] (driver_attach+0x24/0x28) [<803fee50>] (driver_attach) from [<803fe980>] (bus_add_driver+0x1a0/0x218) [<803fe7e0>] (bus_add_driver) from [<803fffe8>] (driver_register+0x80/0x100) [<803fff68>] (driver_register) from [<80400fdc>] (__platform_driver_register+0x48/0x50) [<80400f94>] (__platform_driver_register) from [<8091cf7c>] (fsl_dspi_driver_init+0x1c/0x20) [<8091cf60>] (fsl_dspi_driver_init) from [<8010195c>] (do_one_initcall+0x4c/0x174) [<80101910>] (do_one_initcall) from [<80900e8c>] (kernel_init_freeable+0x144/0x1d8) [<80900d48>] (kernel_init_freeable) from [<805ff6a8>] (kernel_init+0x10/0x114) [<805ff698>] (kernel_init) from [<80107be8>] (ret_from_fork+0x14/0x2c) Cc: <stable(a)vger.kernel.org> Fixes: 5ee67b587a2b ("spi: dspi: clear SPI_SR before enable interrupt") Signed-off-by: Krzysztof Kozlowski <krzk(a)kernel.org> --- drivers/spi/spi-fsl-dspi.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/drivers/spi/spi-fsl-dspi.c b/drivers/spi/spi-fsl-dspi.c index ff7456be9d6d..89a1e7a4fe5d 100644 --- a/drivers/spi/spi-fsl-dspi.c +++ b/drivers/spi/spi-fsl-dspi.c @@ -1071,30 +1071,30 @@ static int dspi_probe(struct platform_device *pdev) } } + dspi->clk = devm_clk_get(&pdev->dev, "dspi"); + if (IS_ERR(dspi->clk)) { + ret = PTR_ERR(dspi->clk); + dev_err(&pdev->dev, "unable to get clock\n"); + goto out_master_put; + } + ret = clk_prepare_enable(dspi->clk); + if (ret) + goto out_master_put; + dspi_init(dspi); dspi->irq = platform_get_irq(pdev, 0); if (dspi->irq < 0) { dev_err(&pdev->dev, "can't get platform irq\n"); ret = dspi->irq; - goto out_master_put; + goto out_clk_put; } ret = devm_request_irq(&pdev->dev, dspi->irq, dspi_interrupt, 0, pdev->name, dspi); if (ret < 0) { dev_err(&pdev->dev, "Unable to attach DSPI interrupt\n"); - goto out_master_put; - } - - dspi->clk = devm_clk_get(&pdev->dev, "dspi"); - if (IS_ERR(dspi->clk)) { - ret = PTR_ERR(dspi->clk); - dev_err(&pdev->dev, "unable to get clock\n"); - goto out_master_put; + goto out_clk_put; } - ret = clk_prepare_enable(dspi->clk); - if (ret) - goto out_master_put; if (dspi->devtype_data->trans_mode == DSPI_DMA_MODE) { ret = dspi_request_dma(dspi, res->start); -- 2.7.4

7 years, 2 months

3
2
0 0

Re: [Xen-devel] [PATCH] xen: setup pv irq ops vector earlier

by Juergen Gross

On 02/07/18 13:18, Jan Beulich wrote: >>>> On 02.07.18 at 12:00, <jgross(a)suse.com> wrote: >> --- a/arch/x86/xen/enlighten_pv.c >> +++ b/arch/x86/xen/enlighten_pv.c >> @@ -1213,6 +1213,7 @@ asmlinkage __visible void __init xen_start_kernel(void) >> pv_info = xen_info; >> pv_init_ops.patch = paravirt_patch_default; >> pv_cpu_ops = xen_cpu_ops; >> + xen_init_irq_ops(); > > Isn't this still too late? xen_setup_machphys_mapping(), for example, > has a WARN_ON(), which implies multiple printk()s. Seems as if it would be a good idea to move calling xen_setup_machphys_mapping() into xen_init_mmu_ops(). There is really no need to do it earlier. Juergen

7 years, 2 months

1
0
0 0

[PATCH 1/5] ARM: dts: dra7: Disable metastability workaround for USB2

by Roger Quadros

Disable the metastability workaround for USB2. The original patch disabled the workaround on the wrong USB port. Fixes: b8c9c6fa2002 ("ARM: dts: dra7: Disable USB metastability workaround for USB2") Cc: <stable(a)vger.kernel.org> [4.16+] Signed-off-by: Roger Quadros <rogerq(a)ti.com> --- arch/arm/boot/dts/dra7.dtsi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/boot/dts/dra7.dtsi b/arch/arm/boot/dts/dra7.dtsi index f4ddd86..9cace9f 100644 --- a/arch/arm/boot/dts/dra7.dtsi +++ b/arch/arm/boot/dts/dra7.dtsi @@ -1582,7 +1582,6 @@ dr_mode = "otg"; snps,dis_u3_susphy_quirk; snps,dis_u2_susphy_quirk; - snps,dis_metastability_quirk; }; }; @@ -1610,6 +1609,7 @@ dr_mode = "otg"; snps,dis_u3_susphy_quirk; snps,dis_u2_susphy_quirk; + snps,dis_metastability_quirk; }; }; -- cheers, -roger Texas Instruments Finland Oy, Porkkalankatu 22, 00180 Helsinki. Y-tunnus/Business ID: 0615521-4. Kotipaikka/Domicile: Helsinki

7 years, 2 months

2
1
0 0

[PATCH] arm64: Use aarch64elf and aarch64elfb emulation mode variants

by Paul Kocialkowski

The aarch64linux and aarch64linuxb emulation modes are not supported by bare-metal toolchains and Linux using them forbids building the kernel with these toolchains. Since there is apparently no reason to target these emulation modes, the more generic elf modes are used instead, allowing to build on bare-metal toolchains as well as the already-supported ones. Fixes: 3d6a7b99e3fa ("arm64: ensure the kernel is compiled for LP64") Cc: stable(a)vger.kernel.org Signed-off-by: Paul Kocialkowski <contact(a)paulk.fr> --- arch/arm64/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile index 87f7d2f9f17c..3e959ac43b40 100644 --- a/arch/arm64/Makefile +++ b/arch/arm64/Makefile @@ -67,14 +67,14 @@ KBUILD_CPPFLAGS += -mbig-endian CHECKFLAGS += -D__AARCH64EB__ AS += -EB LD += -EB -LDFLAGS += -maarch64linuxb +LDFLAGS += -maarch64elfb UTS_MACHINE := aarch64_be else KBUILD_CPPFLAGS += -mlittle-endian CHECKFLAGS += -D__AARCH64EL__ AS += -EL LD += -EL -LDFLAGS += -maarch64linux +LDFLAGS += -maarch64elf UTS_MACHINE := aarch64 endif -- 2.17.1

7 years, 2 months

2
1
0 0

[PATCH 4.17 v2] x86/mm: Don't free P4D table when it is folded at runtime

by Andrey Ryabinin

commit 0e311d237d7f3022b7dafb639b42541bfb42fe94 upstream. When the P4D page table layer is folded at runtime, the p4d_free() should do nothing, the same as in <asm-generic/pgtable-nop4d.h>. It seems this bug should cause double-free in efi_call_phys_epilog(), but I don't know how to trigger that code path, so I can't confirm that by testing. Signed-off-by: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Reviewed-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org # 4.17 Fixes: 98219dda2ab5 ("x86/mm: Fold p4d page table layer at runtime") Link: http://lkml.kernel.org/r/20180625102427.15015-1-aryabinin@virtuozzo.com Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Andrey Ryabinin <aryabinin(a)virtuozzo.com> --- Changes since v1: - Fix wrong "From:" field arch/x86/include/asm/pgalloc.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/include/asm/pgalloc.h b/arch/x86/include/asm/pgalloc.h index 263c142a6a6c..f65e9e1cea4c 100644 --- a/arch/x86/include/asm/pgalloc.h +++ b/arch/x86/include/asm/pgalloc.h @@ -184,6 +184,9 @@ static inline p4d_t *p4d_alloc_one(struct mm_struct *mm, unsigned long addr) static inline void p4d_free(struct mm_struct *mm, p4d_t *p4d) { + if (!pgtable_l5_enabled) + return; + BUG_ON((unsigned long)p4d & (PAGE_SIZE-1)); free_page((unsigned long)p4d); } -- 2.16.4

7 years, 2 months

2
3
0 0

[PATCH 4.17] x86/mm: Don't free P4D table when it is folded at runtime

by Andrey Ryabinin

From: "gregkh(a)linuxfoundation.org" <gregkh(a)linuxfoundation.org> commit 0e311d237d7f3022b7dafb639b42541bfb42fe94 upstream. When the P4D page table layer is folded at runtime, the p4d_free() should do nothing, the same as in <asm-generic/pgtable-nop4d.h>. It seems this bug should cause double-free in efi_call_phys_epilog(), but I don't know how to trigger that code path, so I can't confirm that by testing. Signed-off-by: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Reviewed-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: stable(a)vger.kernel.org # 4.17 Fixes: 98219dda2ab5 ("x86/mm: Fold p4d page table layer at runtime") Link: http://lkml.kernel.org/r/20180625102427.15015-1-aryabinin@virtuozzo.com Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Andrey Ryabinin <aryabinin(a)virtuozzo.com> --- arch/x86/include/asm/pgalloc.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/arch/x86/include/asm/pgalloc.h b/arch/x86/include/asm/pgalloc.h index 263c142a6a6c..f65e9e1cea4c 100644 --- a/arch/x86/include/asm/pgalloc.h +++ b/arch/x86/include/asm/pgalloc.h @@ -184,6 +184,9 @@ static inline p4d_t *p4d_alloc_one(struct mm_struct *mm, unsigned long addr) static inline void p4d_free(struct mm_struct *mm, p4d_t *p4d) { + if (!pgtable_l5_enabled) + return; + BUG_ON((unsigned long)p4d & (PAGE_SIZE-1)); free_page((unsigned long)p4d); } -- 2.16.4

7 years, 2 months

2
2
0 0

nfp: don't tell FW about the reserved buffer space

by Jakub Kicinski

Hi! Can we get the following backported to the 4.9 branch? commit 9383b33771e566fa547daa2d09c6e0f1aaa298c3 Author: Jakub Kicinski <jakub.kicinski(a)netronome.com> Date: Thu Mar 2 15:26:20 2017 -0800 nfp: don't tell FW about the reserved buffer space Since commit c0f031bc8866 ("nfp_net: use alloc_frag() and build_skb()") we are allocating buffers which have to hold both the data and skb to be created in place by build_skb(). FW should only be told about the buffer space it can DMA to, that is without the build_skb() headroom and tailroom. Note: firmware applications should validate the buffers against both MTU and free list buffer size so oversized packets would not pass through the NIC anyway. Fixes: c0f031bc8866 ("nfp: use alloc_frag() and build_skb()") Signed-off-by: Jakub Kicinski <jakub.kicinski(a)netronome.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Thank you!

7 years, 2 months

2
3
0 0

[PATCH 4/4] mtd: cfi_cmdset_0002: Change erase functions to check chip good only

by Tokunori Ikegami

Currently the functions use to check both chip ready and good. But the chip ready is not enough to check the operation status. So change this to check the chip good instead of this. About the retry functions to make sure the error handling remain it. Signed-off-by: Tokunori Ikegami <ikegami(a)allied-telesis.co.jp> Reviewed-by: Joakim Tjernlund <Joakim.Tjernlund(a)infinera.com> Cc: Chris Packham <chris.packham(a)alliedtelesis.co.nz> Cc: Brian Norris <computersforpeace(a)gmail.com> Cc: David Woodhouse <dwmw2(a)infradead.org> Cc: Boris Brezillon <boris.brezillon(a)free-electrons.com> Cc: Marek Vasut <marek.vasut(a)gmail.com> Cc: Richard Weinberger <richard(a)nod.at> Cc: Cyrille Pitchen <cyrille.pitchen(a)wedev4u.fr> Cc: linux-mtd(a)lists.infradead.org Cc: stable(a)vger.kernel.org Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> --- drivers/mtd/chips/cfi_cmdset_0002.c | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/drivers/mtd/chips/cfi_cmdset_0002.c b/drivers/mtd/chips/cfi_cmdset_0002.c index 13ce64362db8..2a39dc3a4760 100644 --- a/drivers/mtd/chips/cfi_cmdset_0002.c +++ b/drivers/mtd/chips/cfi_cmdset_0002.c @@ -2296,12 +2296,13 @@ static int __xipram do_erase_chip(struct map_info *map, struct flchip *chip) chip->erase_suspended = 0; } - if (chip_ready(map, adr)) + if (chip_good(map, adr, map_word_ff(map))) break; if (time_after(jiffies, timeo)) { printk(KERN_WARNING "MTD %s(): software timeout\n", __func__ ); + ret = -EIO; break; } @@ -2309,15 +2310,15 @@ static int __xipram do_erase_chip(struct map_info *map, struct flchip *chip) UDELAY(map, chip, adr, 1000000/HZ); } /* Did we succeed? */ - if (!chip_good(map, adr, map_word_ff(map))) { + if (ret) { /* reset on all failures. */ map_write( map, CMD(0xF0), chip->start ); /* FIXME - should have reset delay before continuing */ - if (++retry_cnt <= MAX_RETRIES) + if (++retry_cnt <= MAX_RETRIES) { + ret = 0; goto retry; - - ret = -EIO; + } } chip->state = FL_READY; @@ -2391,7 +2392,7 @@ static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip, chip->erase_suspended = 0; } - if (chip_ready(map, adr)) { + if (chip_good(map, adr, map_word_ff(map))) { xip_enable(map, chip, adr); break; } @@ -2400,6 +2401,7 @@ static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip, xip_enable(map, chip, adr); printk(KERN_WARNING "MTD %s(): software timeout\n", __func__ ); + ret = -EIO; break; } @@ -2407,15 +2409,15 @@ static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip, UDELAY(map, chip, adr, 1000000/HZ); } /* Did we succeed? */ - if (!chip_good(map, adr, map_word_ff(map))) { + if (ret) { /* reset on all failures. */ map_write( map, CMD(0xF0), chip->start ); /* FIXME - should have reset delay before continuing */ - if (++retry_cnt <= MAX_RETRIES) + if (++retry_cnt <= MAX_RETRIES) { + ret = 0; goto retry; - - ret = -EIO; + } } chip->state = FL_READY; -- 2.16.1

7 years, 2 months

1
0
0 0

[PATCH 3/4] mtd: cfi_cmdset_0002: Change erase functions to retry for error

by Tokunori Ikegami

For the word write functions it is retried for error. But it is not implemented to retry for the erase functions. To make sure for the erase functions change to retry as same. This is needed to prevent the flash erase error caused only once. It was caused by the error case of chip_good() in the do_erase_oneblock(). Also it was confirmed on the MACRONIX flash device MX29GL512FHT2I-11G. But the error issue behavior is not able to reproduce at this moment. The flash controller is parallel Flash interface integrated on BCM53003. Signed-off-by: Tokunori Ikegami <ikegami(a)allied-telesis.co.jp> Reviewed-by: Joakim Tjernlund <Joakim.Tjernlund(a)infinera.com> Cc: Chris Packham <chris.packham(a)alliedtelesis.co.nz> Cc: Brian Norris <computersforpeace(a)gmail.com> Cc: David Woodhouse <dwmw2(a)infradead.org> Cc: Boris Brezillon <boris.brezillon(a)free-electrons.com> Cc: Marek Vasut <marek.vasut(a)gmail.com> Cc: Richard Weinberger <richard(a)nod.at> Cc: Cyrille Pitchen <cyrille.pitchen(a)wedev4u.fr> Cc: linux-mtd(a)lists.infradead.org Cc: stable(a)vger.kernel.org Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> --- drivers/mtd/chips/cfi_cmdset_0002.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/drivers/mtd/chips/cfi_cmdset_0002.c b/drivers/mtd/chips/cfi_cmdset_0002.c index 29913eeac5fb..13ce64362db8 100644 --- a/drivers/mtd/chips/cfi_cmdset_0002.c +++ b/drivers/mtd/chips/cfi_cmdset_0002.c @@ -2241,6 +2241,7 @@ static int __xipram do_erase_chip(struct map_info *map, struct flchip *chip) unsigned long int adr; DECLARE_WAITQUEUE(wait, current); int ret = 0; + int retry_cnt = 0; adr = cfi->addr_unlock1; @@ -2258,6 +2259,7 @@ static int __xipram do_erase_chip(struct map_info *map, struct flchip *chip) ENABLE_VPP(map); xip_disable(map, chip, adr); + retry: cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL); cfi_send_gen_cmd(0x80, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); @@ -2312,6 +2314,9 @@ static int __xipram do_erase_chip(struct map_info *map, struct flchip *chip) map_write( map, CMD(0xF0), chip->start ); /* FIXME - should have reset delay before continuing */ + if (++retry_cnt <= MAX_RETRIES) + goto retry; + ret = -EIO; } @@ -2331,6 +2336,7 @@ static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip, unsigned long timeo = jiffies + HZ; DECLARE_WAITQUEUE(wait, current); int ret = 0; + int retry_cnt = 0; adr += chip->start; @@ -2348,6 +2354,7 @@ static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip, ENABLE_VPP(map); xip_disable(map, chip, adr); + retry: cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL); cfi_send_gen_cmd(0x80, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); @@ -2405,6 +2412,9 @@ static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip, map_write( map, CMD(0xF0), chip->start ); /* FIXME - should have reset delay before continuing */ + if (++retry_cnt <= MAX_RETRIES) + goto retry; + ret = -EIO; } -- 2.16.1

7 years, 2 months

1
0
0 0

[PATCH 2/4] mtd: cfi_cmdset_0002: Change definition naming to retry write operation

by Tokunori Ikegami

The definition can be used for other program and erase operations also. So change the naming to MAX_RETRIES from MAX_WORD_RETRIES. Signed-off-by: Tokunori Ikegami <ikegami(a)allied-telesis.co.jp> Reviewed-by: Joakim Tjernlund <Joakim.Tjernlund(a)infinera.com> Cc: Chris Packham <chris.packham(a)alliedtelesis.co.nz> Cc: Brian Norris <computersforpeace(a)gmail.com> Cc: David Woodhouse <dwmw2(a)infradead.org> Cc: Boris Brezillon <boris.brezillon(a)free-electrons.com> Cc: Marek Vasut <marek.vasut(a)gmail.com> Cc: Richard Weinberger <richard(a)nod.at> Cc: Cyrille Pitchen <cyrille.pitchen(a)wedev4u.fr> Cc: linux-mtd(a)lists.infradead.org Cc: stable(a)vger.kernel.org Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> --- drivers/mtd/chips/cfi_cmdset_0002.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/mtd/chips/cfi_cmdset_0002.c b/drivers/mtd/chips/cfi_cmdset_0002.c index 9ab521d25ea2..29913eeac5fb 100644 --- a/drivers/mtd/chips/cfi_cmdset_0002.c +++ b/drivers/mtd/chips/cfi_cmdset_0002.c @@ -42,7 +42,7 @@ #define AMD_BOOTLOC_BUG #define FORCE_WORD_WRITE 0 -#define MAX_WORD_RETRIES 3 +#define MAX_RETRIES 3 #define SST49LF004B 0x0060 #define SST49LF040B 0x0050 @@ -1647,7 +1647,7 @@ static int __xipram do_write_oneword(struct map_info *map, struct flchip *chip, map_write( map, CMD(0xF0), chip->start ); /* FIXME - should have reset delay before continuing */ - if (++retry_cnt <= MAX_WORD_RETRIES) + if (++retry_cnt <= MAX_RETRIES) goto retry; ret = -EIO; @@ -2106,7 +2106,7 @@ static int do_panic_write_oneword(struct map_info *map, struct flchip *chip, map_write(map, CMD(0xF0), chip->start); /* FIXME - should have reset delay before continuing */ - if (++retry_cnt <= MAX_WORD_RETRIES) + if (++retry_cnt <= MAX_RETRIES) goto retry; ret = -EIO; -- 2.16.1

7 years, 2 months

1
0
0 0

virt: vbox: Only copy_from_user the request-header once

by Justin Forbes

I didn't see this one sent to stable, though it probably should be. commit bd23a7269834dc7c1f93e83535d16ebc44b75eba Author: Wenwen Wang <wang6495(a)umn.edu> Date: Tue May 8 08:50:28 2018 -0500 virt: vbox: Only copy_from_user the request-header once Thanks, Justin

7 years, 2 months

2
1
0 0

FAILED: patch "[PATCH] Bluetooth: Fix connection if directed advertising and privacy" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 082f2300cfa1a3d9d5221c38c5eba85d4ab98bd8 Mon Sep 17 00:00:00 2001 From: Szymon Janc <szymon.janc(a)codecoup.pl> Date: Tue, 3 Apr 2018 13:40:06 +0200 Subject: [PATCH] Bluetooth: Fix connection if directed advertising and privacy is used Local random address needs to be updated before creating connection if RPA from LE Direct Advertising Report was resolved in host. Otherwise remote device might ignore connection request due to address mismatch. This was affecting following qualification test cases: GAP/CONN/SCEP/BV-03-C, GAP/CONN/GCEP/BV-05-C, GAP/CONN/DCEP/BV-05-C Before patch: < HCI Command: LE Set Random Address (0x08|0x0005) plen 6 #11350 [hci0] 84680.231216 Address: 56:BC:E8:24:11:68 (Resolvable) Identity type: Random (0x01) Identity: F2:F1:06:3D:9C:42 (Static) > HCI Event: Command Complete (0x0e) plen 4 #11351 [hci0] 84680.246022 LE Set Random Address (0x08|0x0005) ncmd 1 Status: Success (0x00) < HCI Command: LE Set Scan Parameters (0x08|0x000b) plen 7 #11352 [hci0] 84680.246417 Type: Passive (0x00) Interval: 60.000 msec (0x0060) Window: 30.000 msec (0x0030) Own address type: Random (0x01) Filter policy: Accept all advertisement, inc. directed unresolved RPA (0x02) > HCI Event: Command Complete (0x0e) plen 4 #11353 [hci0] 84680.248854 LE Set Scan Parameters (0x08|0x000b) ncmd 1 Status: Success (0x00) < HCI Command: LE Set Scan Enable (0x08|0x000c) plen 2 #11354 [hci0] 84680.249466 Scanning: Enabled (0x01) Filter duplicates: Enabled (0x01) > HCI Event: Command Complete (0x0e) plen 4 #11355 [hci0] 84680.253222 LE Set Scan Enable (0x08|0x000c) ncmd 1 Status: Success (0x00) > HCI Event: LE Meta Event (0x3e) plen 18 #11356 [hci0] 84680.458387 LE Direct Advertising Report (0x0b) Num reports: 1 Event type: Connectable directed - ADV_DIRECT_IND (0x01) Address type: Random (0x01) Address: 53:38:DA:46:8C:45 (Resolvable) Identity type: Public (0x00) Identity: 11:22:33:44:55:66 (OUI 11-22-33) Direct address type: Random (0x01) Direct address: 7C:D6:76:8C:DF:82 (Resolvable) Identity type: Random (0x01) Identity: F2:F1:06:3D:9C:42 (Static) RSSI: -74 dBm (0xb6) < HCI Command: LE Set Scan Enable (0x08|0x000c) plen 2 #11357 [hci0] 84680.458737 Scanning: Disabled (0x00) Filter duplicates: Disabled (0x00) > HCI Event: Command Complete (0x0e) plen 4 #11358 [hci0] 84680.469982 LE Set Scan Enable (0x08|0x000c) ncmd 1 Status: Success (0x00) < HCI Command: LE Create Connection (0x08|0x000d) plen 25 #11359 [hci0] 84680.470444 Scan interval: 60.000 msec (0x0060) Scan window: 60.000 msec (0x0060) Filter policy: White list is not used (0x00) Peer address type: Random (0x01) Peer address: 53:38:DA:46:8C:45 (Resolvable) Identity type: Public (0x00) Identity: 11:22:33:44:55:66 (OUI 11-22-33) Own address type: Random (0x01) Min connection interval: 30.00 msec (0x0018) Max connection interval: 50.00 msec (0x0028) Connection latency: 0 (0x0000) Supervision timeout: 420 msec (0x002a) Min connection length: 0.000 msec (0x0000) Max connection length: 0.000 msec (0x0000) > HCI Event: Command Status (0x0f) plen 4 #11360 [hci0] 84680.474971 LE Create Connection (0x08|0x000d) ncmd 1 Status: Success (0x00) < HCI Command: LE Create Connection Cancel (0x08|0x000e) plen 0 #11361 [hci0] 84682.545385 > HCI Event: Command Complete (0x0e) plen 4 #11362 [hci0] 84682.551014 LE Create Connection Cancel (0x08|0x000e) ncmd 1 Status: Success (0x00) > HCI Event: LE Meta Event (0x3e) plen 19 #11363 [hci0] 84682.551074 LE Connection Complete (0x01) Status: Unknown Connection Identifier (0x02) Handle: 0 Role: Master (0x00) Peer address type: Public (0x00) Peer address: 00:00:00:00:00:00 (OUI 00-00-00) Connection interval: 0.00 msec (0x0000) Connection latency: 0 (0x0000) Supervision timeout: 0 msec (0x0000) Master clock accuracy: 0x00 After patch: < HCI Command: LE Set Scan Parameters (0x08|0x000b) plen 7 #210 [hci0] 667.152459 Type: Passive (0x00) Interval: 60.000 msec (0x0060) Window: 30.000 msec (0x0030) Own address type: Random (0x01) Filter policy: Accept all advertisement, inc. directed unresolved RPA (0x02) > HCI Event: Command Complete (0x0e) plen 4 #211 [hci0] 667.153613 LE Set Scan Parameters (0x08|0x000b) ncmd 1 Status: Success (0x00) < HCI Command: LE Set Scan Enable (0x08|0x000c) plen 2 #212 [hci0] 667.153704 Scanning: Enabled (0x01) Filter duplicates: Enabled (0x01) > HCI Event: Command Complete (0x0e) plen 4 #213 [hci0] 667.154584 LE Set Scan Enable (0x08|0x000c) ncmd 1 Status: Success (0x00) > HCI Event: LE Meta Event (0x3e) plen 18 #214 [hci0] 667.182619 LE Direct Advertising Report (0x0b) Num reports: 1 Event type: Connectable directed - ADV_DIRECT_IND (0x01) Address type: Random (0x01) Address: 50:52:D9:A6:48:A0 (Resolvable) Identity type: Public (0x00) Identity: 11:22:33:44:55:66 (OUI 11-22-33) Direct address type: Random (0x01) Direct address: 7C:C1:57:A5:B7:A8 (Resolvable) Identity type: Random (0x01) Identity: F4:28:73:5D:38:B0 (Static) RSSI: -70 dBm (0xba) < HCI Command: LE Set Scan Enable (0x08|0x000c) plen 2 #215 [hci0] 667.182704 Scanning: Disabled (0x00) Filter duplicates: Disabled (0x00) > HCI Event: Command Complete (0x0e) plen 4 #216 [hci0] 667.183599 LE Set Scan Enable (0x08|0x000c) ncmd 1 Status: Success (0x00) < HCI Command: LE Set Random Address (0x08|0x0005) plen 6 #217 [hci0] 667.183645 Address: 7C:C1:57:A5:B7:A8 (Resolvable) Identity type: Random (0x01) Identity: F4:28:73:5D:38:B0 (Static) > HCI Event: Command Complete (0x0e) plen 4 #218 [hci0] 667.184590 LE Set Random Address (0x08|0x0005) ncmd 1 Status: Success (0x00) < HCI Command: LE Create Connection (0x08|0x000d) plen 25 #219 [hci0] 667.184613 Scan interval: 60.000 msec (0x0060) Scan window: 60.000 msec (0x0060) Filter policy: White list is not used (0x00) Peer address type: Random (0x01) Peer address: 50:52:D9:A6:48:A0 (Resolvable) Identity type: Public (0x00) Identity: 11:22:33:44:55:66 (OUI 11-22-33) Own address type: Random (0x01) Min connection interval: 30.00 msec (0x0018) Max connection interval: 50.00 msec (0x0028) Connection latency: 0 (0x0000) Supervision timeout: 420 msec (0x002a) Min connection length: 0.000 msec (0x0000) Max connection length: 0.000 msec (0x0000) > HCI Event: Command Status (0x0f) plen 4 #220 [hci0] 667.186558 LE Create Connection (0x08|0x000d) ncmd 1 Status: Success (0x00) > HCI Event: LE Meta Event (0x3e) plen 19 #221 [hci0] 667.485824 LE Connection Complete (0x01) Status: Success (0x00) Handle: 0 Role: Master (0x00) Peer address type: Random (0x01) Peer address: 50:52:D9:A6:48:A0 (Resolvable) Identity type: Public (0x00) Identity: 11:22:33:44:55:66 (OUI 11-22-33) Connection interval: 50.00 msec (0x0028) Connection latency: 0 (0x0000) Supervision timeout: 420 msec (0x002a) Master clock accuracy: 0x07 @ MGMT Event: Device Connected (0x000b) plen 13 {0x0002} [hci0] 667.485996 LE Address: 11:22:33:44:55:66 (OUI 11-22-33) Flags: 0x00000000 Data length: 0 Signed-off-by: Szymon Janc <szymon.janc(a)codecoup.pl> Signed-off-by: Marcel Holtmann <marcel(a)holtmann.org> Cc: stable(a)vger.kernel.org diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h index 95ccc1eef558..b619a190ff12 100644 --- a/include/net/bluetooth/hci_core.h +++ b/include/net/bluetooth/hci_core.h @@ -895,7 +895,7 @@ struct hci_conn *hci_connect_le_scan(struct hci_dev *hdev, bdaddr_t *dst, u16 conn_timeout); struct hci_conn *hci_connect_le(struct hci_dev *hdev, bdaddr_t *dst, u8 dst_type, u8 sec_level, u16 conn_timeout, - u8 role); + u8 role, bdaddr_t *direct_rpa); struct hci_conn *hci_connect_acl(struct hci_dev *hdev, bdaddr_t *dst, u8 sec_level, u8 auth_type); struct hci_conn *hci_connect_sco(struct hci_dev *hdev, int type, bdaddr_t *dst, diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c index a9682534c377..45ff5dc124cc 100644 --- a/net/bluetooth/hci_conn.c +++ b/net/bluetooth/hci_conn.c @@ -749,18 +749,31 @@ static bool conn_use_rpa(struct hci_conn *conn) } static void hci_req_add_le_create_conn(struct hci_request *req, - struct hci_conn *conn) + struct hci_conn *conn, + bdaddr_t *direct_rpa) { struct hci_cp_le_create_conn cp; struct hci_dev *hdev = conn->hdev; u8 own_addr_type; - /* Update random address, but set require_privacy to false so - * that we never connect with an non-resolvable address. + /* If direct address was provided we use it instead of current + * address. */ - if (hci_update_random_address(req, false, conn_use_rpa(conn), - &own_addr_type)) - return; + if (direct_rpa) { + if (bacmp(&req->hdev->random_addr, direct_rpa)) + hci_req_add(req, HCI_OP_LE_SET_RANDOM_ADDR, 6, + direct_rpa); + + /* direct address is always RPA */ + own_addr_type = ADDR_LE_DEV_RANDOM; + } else { + /* Update random address, but set require_privacy to false so + * that we never connect with an non-resolvable address. + */ + if (hci_update_random_address(req, false, conn_use_rpa(conn), + &own_addr_type)) + return; + } memset(&cp, 0, sizeof(cp)); @@ -825,7 +838,7 @@ static void hci_req_directed_advertising(struct hci_request *req, struct hci_conn *hci_connect_le(struct hci_dev *hdev, bdaddr_t *dst, u8 dst_type, u8 sec_level, u16 conn_timeout, - u8 role) + u8 role, bdaddr_t *direct_rpa) { struct hci_conn_params *params; struct hci_conn *conn; @@ -940,7 +953,7 @@ struct hci_conn *hci_connect_le(struct hci_dev *hdev, bdaddr_t *dst, hci_dev_set_flag(hdev, HCI_LE_SCAN_INTERRUPTED); } - hci_req_add_le_create_conn(&req, conn); + hci_req_add_le_create_conn(&req, conn, direct_rpa); create_conn: err = hci_req_run(&req, create_le_conn_complete); diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c index cd3bbb766c24..139707cd9d35 100644 --- a/net/bluetooth/hci_event.c +++ b/net/bluetooth/hci_event.c @@ -4648,7 +4648,8 @@ static void hci_le_conn_update_complete_evt(struct hci_dev *hdev, /* This function requires the caller holds hdev->lock */ static struct hci_conn *check_pending_le_conn(struct hci_dev *hdev, bdaddr_t *addr, - u8 addr_type, u8 adv_type) + u8 addr_type, u8 adv_type, + bdaddr_t *direct_rpa) { struct hci_conn *conn; struct hci_conn_params *params; @@ -4699,7 +4700,8 @@ static struct hci_conn *check_pending_le_conn(struct hci_dev *hdev, } conn = hci_connect_le(hdev, addr, addr_type, BT_SECURITY_LOW, - HCI_LE_AUTOCONN_TIMEOUT, HCI_ROLE_MASTER); + HCI_LE_AUTOCONN_TIMEOUT, HCI_ROLE_MASTER, + direct_rpa); if (!IS_ERR(conn)) { /* If HCI_AUTO_CONN_EXPLICIT is set, conn is already owned * by higher layer that tried to connect, if no then @@ -4808,8 +4810,13 @@ static void process_adv_report(struct hci_dev *hdev, u8 type, bdaddr_t *bdaddr, bdaddr_type = irk->addr_type; } - /* Check if we have been requested to connect to this device */ - conn = check_pending_le_conn(hdev, bdaddr, bdaddr_type, type); + /* Check if we have been requested to connect to this device. + * + * direct_addr is set only for directed advertising reports (it is NULL + * for advertising reports) and is already verified to be RPA above. + */ + conn = check_pending_le_conn(hdev, bdaddr, bdaddr_type, type, + direct_addr); if (conn && type == LE_ADV_IND) { /* Store report for later inclusion by * mgmt_device_connected diff --git a/net/bluetooth/l2cap_core.c b/net/bluetooth/l2cap_core.c index fc6615d59165..9b7907ebfa01 100644 --- a/net/bluetooth/l2cap_core.c +++ b/net/bluetooth/l2cap_core.c @@ -7156,7 +7156,7 @@ int l2cap_chan_connect(struct l2cap_chan *chan, __le16 psm, u16 cid, hcon = hci_connect_le(hdev, dst, dst_type, chan->sec_level, HCI_LE_CONN_TIMEOUT, - HCI_ROLE_SLAVE); + HCI_ROLE_SLAVE, NULL); else hcon = hci_connect_le_scan(hdev, dst, dst_type, chan->sec_level,

7 years, 2 months

3
2
0 0

[PATCH stable 4.9 and 4.4] cdc_ncm: avoid padding beyond end of skb

by Bjørn Mork

[ Upstream commit 49c2c3f246e2fc3009039e31a826333dcd0283cd ] Commit 4a0e3e989d66 ("cdc_ncm: Add support for moving NDP to end of NCM frame") added logic to reserve space for the NDP at the end of the NTB/skb. This reservation did not take the final alignment of the NDP into account, causing us to reserve too little space. Additionally the padding prior to NDP addition did not ensure there was enough space for the NDP. The NTB/skb with the NDP appended would then exceed the configured max size. This caused the final padding of the NTB to use a negative count, padding to almost INT_MAX, and resulting in: [60103.825970] BUG: unable to handle kernel paging request at ffff9641f2004000 [60103.825998] IP: __memset+0x24/0x30 [60103.826001] PGD a6a06067 P4D a6a06067 PUD 4f65a063 PMD 72003063 PTE 0 [60103.826013] Oops: 0002 [#1] SMP NOPTI [60103.826018] Modules linked in: (removed( [60103.826158] CPU: 0 PID: 5990 Comm: Chrome_DevTools Tainted: G O 4.14.0-3-amd64 #1 Debian 4.14.17-1 [60103.826162] Hardware name: LENOVO 20081 BIOS 41CN28WW(V2.04) 05/03/2012 [60103.826166] task: ffff964193484fc0 task.stack: ffffb2890137c000 [60103.826171] RIP: 0010:__memset+0x24/0x30 [60103.826174] RSP: 0000:ffff964316c03b68 EFLAGS: 00010216 [60103.826178] RAX: 0000000000000000 RBX: 00000000fffffffd RCX: 000000001ffa5000 [60103.826181] RDX: 0000000000000005 RSI: 0000000000000000 RDI: ffff9641f2003ffc [60103.826184] RBP: ffff964192f6c800 R08: 00000000304d434e R09: ffff9641f1d2c004 [60103.826187] R10: 0000000000000002 R11: 00000000000005ae R12: ffff9642e6957a80 [60103.826190] R13: ffff964282ff2ee8 R14: 000000000000000d R15: ffff9642e4843900 [60103.826194] FS: 00007f395aaf6700(0000) GS:ffff964316c00000(0000) knlGS:0000000000000000 [60103.826197] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [60103.826200] CR2: ffff9641f2004000 CR3: 0000000013b0c000 CR4: 00000000000006f0 [60103.826204] Call Trace: [60103.826212] <IRQ> [60103.826225] cdc_ncm_fill_tx_frame+0x5e3/0x740 [cdc_ncm] [60103.826236] cdc_ncm_tx_fixup+0x57/0x70 [cdc_ncm] [60103.826246] usbnet_start_xmit+0x5d/0x710 [usbnet] [60103.826254] ? netif_skb_features+0x119/0x250 [60103.826259] dev_hard_start_xmit+0xa1/0x200 [60103.826267] sch_direct_xmit+0xf2/0x1b0 [60103.826273] __dev_queue_xmit+0x5e3/0x7c0 [60103.826280] ? ip_finish_output2+0x263/0x3c0 [60103.826284] ip_finish_output2+0x263/0x3c0 [60103.826289] ? ip_output+0x6c/0xe0 [60103.826293] ip_output+0x6c/0xe0 [60103.826298] ? ip_forward_options+0x1a0/0x1a0 [60103.826303] tcp_transmit_skb+0x516/0x9b0 [60103.826309] tcp_write_xmit+0x1aa/0xee0 [60103.826313] ? sch_direct_xmit+0x71/0x1b0 [60103.826318] tcp_tasklet_func+0x177/0x180 [60103.826325] tasklet_action+0x5f/0x110 [60103.826332] __do_softirq+0xde/0x2b3 [60103.826337] irq_exit+0xae/0xb0 [60103.826342] do_IRQ+0x81/0xd0 [60103.826347] common_interrupt+0x98/0x98 [60103.826351] </IRQ> [60103.826355] RIP: 0033:0x7f397bdf2282 [60103.826358] RSP: 002b:00007f395aaf57d8 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff6e [60103.826362] RAX: 0000000000000000 RBX: 00002f07bc6d0900 RCX: 00007f39752d7fe7 [60103.826365] RDX: 0000000000000022 RSI: 0000000000000147 RDI: 00002f07baea02c0 [60103.826368] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [60103.826371] R10: 00000000ffffffff R11: 0000000000000000 R12: 00002f07baea02c0 [60103.826373] R13: 00002f07bba227a0 R14: 00002f07bc6d090c R15: 0000000000000000 [60103.826377] Code: 90 90 90 90 90 90 90 0f 1f 44 00 00 49 89 f9 48 89 d1 83 e2 07 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 <f3> 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 [60103.826442] RIP: __memset+0x24/0x30 RSP: ffff964316c03b68 [60103.826444] CR2: ffff9641f2004000 Commit e1069bbfcf3b ("net: cdc_ncm: Reduce memory use when kernel memory low") made this bug much more likely to trigger by reducing the NTB size under memory pressure. Link: https://bugs.debian.org/893393 Reported-by: Горбешко Богдан <bodqhrohro(a)gmail.com> Reported-and-tested-by: Dennis Wassenberg <dennis.wassenberg(a)secunet.com> Cc: Enrico Mioso <mrkiko.rs(a)gmail.com> Fixes: 4a0e3e989d66 ("cdc_ncm: Add support for moving NDP to end of NCM frame") [ bmork: tx_curr_size => tx_max and context fixup for v4.12 and older ] Signed-off-by: Bjørn Mork <bjorn(a)mork.no> Signed-off-by: David S. Miller <davem(a)davemloft.net> --- This has already been applied to stable 4.14 and newer, but needed two minor changes for anything older than v4.13. The bug is only present in v4.3 and and newer, so there is no need to consider this backport for anything older than stable 4.4. Please apply to 4.4 and 4.9 stable. Thanks, Bjørn drivers/net/usb/cdc_ncm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/usb/cdc_ncm.c b/drivers/net/usb/cdc_ncm.c index feb61eaffe32..3086cae62fdc 100644 --- a/drivers/net/usb/cdc_ncm.c +++ b/drivers/net/usb/cdc_ncm.c @@ -1124,7 +1124,7 @@ cdc_ncm_fill_tx_frame(struct usbnet *dev, struct sk_buff *skb, __le32 sign) * accordingly. Otherwise, we should check here. */ if (ctx->drvflags & CDC_NCM_FLAG_NDP_TO_END) - delayed_ndp_size = ctx->max_ndp_size; + delayed_ndp_size = ALIGN(ctx->max_ndp_size, ctx->tx_ndp_modulus); else delayed_ndp_size = 0; @@ -1257,7 +1257,7 @@ cdc_ncm_fill_tx_frame(struct usbnet *dev, struct sk_buff *skb, __le32 sign) /* If requested, put NDP at end of frame. */ if (ctx->drvflags & CDC_NCM_FLAG_NDP_TO_END) { nth16 = (struct usb_cdc_ncm_nth16 *)skb_out->data; - cdc_ncm_align_tail(skb_out, ctx->tx_ndp_modulus, 0, ctx->tx_max); + cdc_ncm_align_tail(skb_out, ctx->tx_ndp_modulus, 0, ctx->tx_max - ctx->max_ndp_size); nth16->wNdpIndex = cpu_to_le16(skb_out->len); memcpy(skb_put(skb_out, ctx->max_ndp_size), ctx->delayed_ndp16, ctx->max_ndp_size); -- 2.11.0

7 years, 2 months

2
1
0 0

stable request for v4.14.x: xhci: Fix use-after-free in xhci_free_virt_device

by Sudip Mukherjee

Hi Greg, This fix missed the v4.14.x stable tree. The original patch with the bug was added in v4.14.44. The backported patch is attached with this mail, please apply to v4.14.x. -- Regards Sudip

7 years, 2 months

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror