- Linux-stable-mirror - lists.linaro.org

FAILED: patch "[PATCH] ARC: [plat-axs*]: Enable SWAP" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From c83532fb0fe053d2e43e9387354cb1b52ba26427 Mon Sep 17 00:00:00 2001 From: Alexey Brodkin <abrodkin(a)synopsys.com> Date: Thu, 2 Aug 2018 11:50:16 +0300 Subject: [PATCH] ARC: [plat-axs*]: Enable SWAP SWAP support on ARC was fixed earlier by commit 6e3761145a9b ("ARC: Fix CONFIG_SWAP") so now we may safely enable it on platforms that have external media like USB and SD-card. Note: it was already allowed for HSDK Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com> Cc: stable(a)vger.kernel.org # 6e3761145a9b: ARC: Fix CONFIG_SWAP Signed-off-by: Vineet Gupta <vgupta(a)synopsys.com> diff --git a/arch/arc/configs/axs101_defconfig b/arch/arc/configs/axs101_defconfig index 41a97eb7598d..41bc08be6a3b 100644 --- a/arch/arc/configs/axs101_defconfig +++ b/arch/arc/configs/axs101_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set diff --git a/arch/arc/configs/axs103_defconfig b/arch/arc/configs/axs103_defconfig index d8e2ca2385cc..1e1c4a8011b5 100644 --- a/arch/arc/configs/axs103_defconfig +++ b/arch/arc/configs/axs103_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set diff --git a/arch/arc/configs/axs103_smp_defconfig b/arch/arc/configs/axs103_smp_defconfig index 1e729b9726cd..6b0c0cfd5c30 100644 --- a/arch/arc/configs/axs103_smp_defconfig +++ b/arch/arc/configs/axs103_smp_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set

7 years, 1 month

2
2
0 0

Re: [PATCH v2] [v2] crypto: aes-generic - fix aes-generic regression on powerpc

by Horia Geanta

On 1/20/2018 2:44 AM, Herbert Xu wrote: > On Mon, Jan 15, 2018 at 05:07:22PM +0100, Arnd Bergmann wrote: >> My last bugfix added -Os on the command line, which unfortunately caused >> a build regression on powerpc in some configurations. >> >> I've done some more analysis of the original problem and found slightly >> different workaround that avoids this regression and also results in >> better performance on gcc-7.0: -fcode-hoisting is an optimization step >> that got added in gcc-7 and that for all gcc-7 versions causes worse >> performance. >> >> This disables -fcode-hoisting on all compilers that understand the option. >> For gcc-7.1 and 7.2 I found the same performance as my previous patch >> (using -Os), in gcc-7.0 it was even better. On gcc-8 I could see no >> change in performance from this patch. In theory, code hoisting should >> not be able make things better for the AES cipher, so leaving it >> disabled for gcc-8 only serves to simplify the Makefile change. >> >> Reported-by: kbuild test robot <fengguang.wu(a)intel.com> >> Link: https://www.mail-archive.com/linux-crypto@vger.kernel.org/msg30418.html >> Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83356 >> Link: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83651 >> Fixes: 148b974deea9 ("crypto: aes-generic - build with -Os on gcc-7+") >> Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> > > Patch applied. Thanks. > This fix ("commit 6e36719fbe90213fbba9f50093fa2d4d69b0e93c upstream") is needed also in 4.14.y stable tree, since it contains commit 7cae67e31292 ("crypto: aes-generic - build with -Os on gcc-7+") Compilation fails without it: crypto/aes_generic.o: In function `crypto_aes_set_key': crypto/aes_generic.c:1300: undefined reference to `_restgpr_31_x' Thanks, Horia

7 years, 1 month

2
1
0 0

[PATCH 4.18 000/197] 4.18.8-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.18.8 release. There are 197 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Sep 15 13:17:57 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.18.8-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.18.8-rc1 Gustavo A. R. Silva <gustavo(a)embeddedor.com> ASoC: wm8994: Fix missing break in switch Robert Munteanu <rombert(a)apache.org> HID: redragon: fix num lock and caps lock LEDs Arnd Bergmann <arnd(a)arndb.de> x86: kvm: avoid unused variable warning Junaid Shahid <junaids(a)google.com> kvm: x86: Set highest physical address bits in non-present/reserved SPTEs Randy Dunlap <rdunlap(a)infradead.org> kbuild: make missing $DEPMOD a Warning instead of an Error Juergen Gross <jgross(a)suse.com> x86/xen: don't write ptes directly in 32-bit PV guests Juergen Gross <jgross(a)suse.com> x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear Joel Fernandes (Google) <joel(a)joelfernandes.org> debugobjects: Make stack check warning more informative Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Don't warn on destroying a pinned BO Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Warn and update pin_size values when destroying a pinned BO Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Make pin_size values atomic Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Keep track of amount of pinned CPU visible VRAM Chuanhua Lei <chuanhua.lei(a)linux.intel.com> x86/tsc: Prevent result truncation on 32bit Jani Nikula <jani.nikula(a)intel.com> drm/i915: set DP Main Stream Attribute for color range on DDI platforms Nadav Amit <namit(a)vmware.com> mm: respect arch_dup_mmap() return value Randy Dunlap <rdunlap(a)infradead.org> uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name Jan-Marek Glogowski <glogow(a)fbihome.de> drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse" Christian König <christian.koenig(a)amd.com> drm/amdgpu: fix incorrect use of drm_file->pid Christian König <christian.koenig(a)amd.com> drm/amdgpu: fix incorrect use of fcheck Likun Gao <Likun.Gao(a)amd.com> drm/amdgpu:add VCN booting with firmware loaded by PSP Likun Gao <Likun.Gao(a)amd.com> drm/amdgpu:add VCN support in PSP driver Likun Gao <Likun.Gao(a)amd.com> drm/amdgpu:add new firmware id for VCN James Zhu <jzhums(a)gmail.com> drm/amdgpu:add tmr mc address into amdgpu_firmware_info James Zhu <jzhums(a)gmail.com> drm/amdgpu: update tmr mc address Mikita Lipski <mikita.lipski(a)amd.com> drm/amd/display: Check if clock source in use before disabling Mikita Lipski <mikita.lipski(a)amd.com> drm/amd/display: Pass connector id when executing VBIOS CT Sandy Huang <hjc(a)rock-chips.com> drm/rockchip: vop: fix irq disabled after vop driver probed Heiko Stuebner <heiko(a)sntech.de> drm/rockchip: vop: split out core clock enablement into separate functions Julia Lawall <Julia.Lawall(a)lip6.fr> drm/rockchip: lvds: add missing of_node_put Harry Wentland <harry.wentland(a)amd.com> drm/amd/display: Report non-DP display as disconnected without EDID Leo (Sunpeng) Li <sunpeng.li(a)amd.com> drm/amd/display: Use requested HDMI aspect ratio Mikita Lipski <mikita.lipski(a)amd.com> drm/amd/display: update clk for various HDMI color depths Mikita Lipski <mikita.lipski(a)amd.com> drm/amd/display: Don't share clk source between DP and HDMI Gustavo A. R. Silva <gustavo(a)embeddedor.com> drm/amd/display: fix type of variable Kai-Heng Feng <kai.heng.feng(a)canonical.com> drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 Lubosz Sarnecki <lubosz.sarnecki(a)collabora.com> drm/edid: Quirk Vive Pro VR headset non-desktop. Rex Zhu <rex.zhu(a)amd.com> drm/amd/pp/Polaris12: Fix a chunk of registers missed to program Evan Quan <evan.quan(a)amd.com> drm/amd/powerplay: fixed uninitialized value Rex Zhu <rex.zhu(a)amd.com> drm/amd/pp: Convert voltage unit in mV*4 to mV on CZ/ST Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode Rex Zhu <rex.zhu(a)amd.com> drm/amdgpu: fix a reversed condition Alex Deucher <alexander.deucher(a)amd.com> drm/amdgpu: update uvd_v6_0_ring_vm_funcs to use new nop packet Rodrigo Vivi <rodrigo.vivi(a)intel.com> drm/i915: Free write_buf that we allocated with kzalloc. Fredrik Schön <fredrikschon(a)gmail.com> drm/i915: Increase LSPCON timeout Ville Syrjälä <ville.syrjala(a)linux.intel.com> drm/i915: Nuke the LVDS lid notifier Chris Wilson <chris(a)chris-wilson.co.uk> drm/i915/lpe: Mark LPE audio runtime pm as "no callbacks" David Sterba <dsterba(a)suse.com> btrfs: fix mount and ioctl device scan ioctl race David Sterba <dsterba(a)suse.com> btrfs: reorder initialization before the mount locks uuid_mutex David Sterba <dsterba(a)suse.com> btrfs: lift uuid_mutex to callers of btrfs_parse_early_options David Sterba <dsterba(a)suse.com> btrfs: lift uuid_mutex to callers of btrfs_scan_one_device Anand Jain <anand.jain(a)oracle.com> btrfs: use device_list_mutex when removing stale devices Anand Jain <anand.jain(a)oracle.com> btrfs: rename local devices for fs_devices in btrfs_free_stale_devices( Anand Jain <anand.jain(a)oracle.com> btrfs: extend locked section when adding a new device in device_list_add Anand Jain <anand.jain(a)oracle.com> btrfs: do btrfs_free_stale_devices outside of device_list_add Marc Zyngier <marc.zyngier(a)arm.com> ARM: rockchip: Force CONFIG_PM on Rockchip systems Marc Zyngier <marc.zyngier(a)arm.com> arm64: rockchip: Force CONFIG_PM on Rockchip systems Bart Van Assche <bart.vanassche(a)wdc.com> btrfs: Fix a C compliance issue Qu Wenruo <wqu(a)suse.com> btrfs: Don't remove block group that still has pinned down bytes David Sterba <dsterba(a)suse.com> btrfs: lift uuid_mutex to callers of btrfs_open_devices Qu Wenruo <wqu(a)suse.com> btrfs: check-integrity: Fix NULL pointer dereference for degraded mount Qu Wenruo <wqu(a)suse.com> btrfs: tree-checker: Detect invalid and empty essential trees Qu Wenruo <wqu(a)suse.com> btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized Anand Jain <anand.jain(a)oracle.com> btrfs: fix in-memory value of total_devices after seed device deletion Misono Tomohiro <misono.tomohiro(a)jp.fujitsu.com> btrfs: replace: Reset on-disk dev stats value after replace Qu Wenruo <wqu(a)suse.com> btrfs: Exit gracefully when chunk map cannot be inserted to the tree Lucas Stach <l.stach(a)pengutronix.de> drm/etnaviv: fix crash in GPU suspend when init failed due to buffer placement Jim Mattson <jmattson(a)google.com> kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: vmx: track host_state.loaded using a loaded_vmcs pointer David Francis <David.Francis(a)amd.com> drm/amd/display: Read back max backlight value at boot Levin Du <djw(a)t-chip.com.cn> clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Masahiro Yamada <yamada.masahiro(a)socionext.com> um: fix parallel building with O= option Michael Ellerman <mpe(a)ellerman.id.au> powerpc/64s: Make rfi_flush_fallback a little more robust Randy Dunlap <rdunlap(a)infradead.org> powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning Steve French <stfrench(a)microsoft.com> smb3: if server does not support posix do not allow posix mount option Steve French <stfrench(a)microsoft.com> SMB3: Number of requests sent should be displayed for SMB3 not just CIFS Aurelien Aptel <aaptel(a)suse.com> CIFS: fix memory leak and remove dead code Steve French <stfrench(a)microsoft.com> smb3: fix reset of bytes read and written stats Bart Van Assche <bart.vanassche(a)wdc.com> cfq: Suppress compiler warnings about comparisons YueHaibing <yuehaibing(a)huawei.com> RDS: IB: fix 'passing zero to ERR_PTR()' warning nixiaoming <nixiaoming(a)huawei.com> selinux: cleanup dentry and inodes on error in selinuxfs Breno Leitao <leitao(a)debian.org> selftests/powerpc: Kill child processes on SIGINT Ralf Goebel <ralf.goebel(a)imago-technologies.com> iommu/omap: Fix cache flushes on L2 table entries Matthias Kaehlcke <mka(a)chromium.org> ASoC: rt5677: Fix initialization of rt5677_of_match.data Ian Abbott <abbotti(a)mev.co.uk> staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice John Pittman <jpittman(a)redhat.com> dm kcopyd: avoid softlockup in run_complete_job Thomas Petazzoni <thomas.petazzoni(a)bootlin.com> PCI: mvebu: Fix I/O space end address calculation Roger Pau Monne <roger.pau(a)citrix.com> xen/balloon: fix balloon initialization for PVH Dom0 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: do not use WARN() in input_alloc_absinfo() Wei Yongjun <weiyongjun1(a)huawei.com> NFSv4: Fix error handling in nfs4_sp4_select_mode() Dan Carpenter <dan.carpenter(a)oracle.com> scsi: aic94xx: fix an error code in aic94xx_init() Jianchao Wang <jianchao.w.wang(a)oracle.com> blk-mq: count the hctx as active before allocating tag Hans de Goede <hdegoede(a)redhat.com> ACPI / scan: Initialize status to ACPI_STA_DEFAULT Stefan Haberland <sth(a)linux.ibm.com> s390/dasd: fix panic for failed online processing Stefan Haberland <sth(a)linux.ibm.com> s390/dasd: fix hanging offline processing due to canceled worker Winnie Chang <winnie.chang(a)cypress.com> brcmfmac: fix brcmf_wiphy_wowl_params() NULL pointer dereference Greg Edwards <gedwards(a)ddn.com> block: bvec_nr_vecs() returns value for wrong slab Sandipan Das <sandipan(a)linux.ibm.com> perf probe powerpc: Fix trace event post-processing Dan Carpenter <dan.carpenter(a)oracle.com> powerpc: Fix size calculation using resource_size() Michael Ellerman <mpe(a)ellerman.id.au> powerpc/uaccess: Enable get_user(u64, *p) on 32-bit Yonghong Song <yhs(a)fb.com> bpf: fix bpffs non-array map seq_show issue Anton Vasilyev <vasilyev(a)ispras.ru> pinctrl: axp209: Fix NULL pointer dereference after allocation Chao Yu <yuchao0(a)huawei.com> f2fs: fix to clear PG_checked flag in set_page_dirty() Jean-Philippe Brucker <jean-philippe.brucker(a)arm.com> net/9p: fix error path of p9_virtio_probe Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/trans_fd.c: fix race by holding the lock Jonas Gorski <jonas.gorski(a)gmail.com> irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Dan Carpenter <dan.carpenter(a)oracle.com> irqchip/stm32: Fix init error handling Palmer Dabbelt <palmer(a)sifive.com> RISC-V: Use KBUILD_CFLAGS instead of KCFLAGS when building the vDSO Chao Yu <yuchao0(a)huawei.com> f2fs: fix avoid race between truncate and background GC Chao Yu <yuchao0(a)huawei.com> f2fs: avoid race between zero_range and background GC Benno Evers <bevers(a)mesosphere.com> perf tools: Check for null when copying nsinfo. Denis Efremov <efremov(a)linux.com> coccicheck: return proper error code on fail Nicholas Kazlauskas <nicholas.kazlauskas(a)amd.com> drm/amd/display: Guard against null crtc in CRC IRQ Myron Stowe <myron.stowe(a)redhat.com> PCI: Match Root Port's MPS to endpoint's MPSS as necessary Jian Shen <shenjian15(a)huawei.com> net: hns3: Fix for phy link issue when using marvell phy driver Jens Axboe <axboe(a)kernel.dk> block: don't warn for flush on read-only device Xi Wang <wangxi11(a)huawei.com> net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero Kim Phillips <kim.phillips(a)arm.com> perf arm spe: Fix uninitialized record error variable Erik Schmauss <erik.schmauss(a)intel.com> ACPICA: ACPICA: add status check for acpi_hw_read before assigning return value Gal Pressman <pressmangal(a)gmail.com> RDMA/hns: Fix usage of bitmap allocation functions return values Richard Weinberger <richard(a)nod.at> ubi: Initialize Fastmap checkmapping correctly Daniel Borkmann <daniel(a)iogearbox.net> tcp, ulp: add alias for all ulp modules Florian Westphal <fw(a)strlen.de> netfilter: fix memory leaks on netlink_dump_start error Aleh Filipovich <aleh(a)vaolix.com> platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Michal Hocko <mhocko(a)suse.com> netfilter: x_tables: do not fail xt_alloc_table_info too easilly Guenter Roeck <linux(a)roeck-us.net> mfd: sm501: Set coherent_dma_mask when creating subdevices Tan Hu <tan.hu(a)zte.com.cn> ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Philipp Rudo <prudo(a)linux.ibm.com> s390/kdump: Fix memleak in nt_vmcoreinfo Florian Westphal <fw(a)strlen.de> netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses Jesper Dangaard Brouer <brouer(a)redhat.com> samples/bpf: all XDP samples should unload xdp/bpf prog on SIGTERM Daniel Borkmann <daniel(a)iogearbox.net> bpf, sockmap: fix leakage of smap_psock_map_entry Tariq Toukan <tariqt(a)mellanox.com> net/xdp: Fix suspicious RCU usage warning Daniel Borkmann <daniel(a)iogearbox.net> bpf, sockmap: fix sock_map_ctx_update_elem race with exist/noexist Daniel Borkmann <daniel(a)iogearbox.net> tcp, ulp: fix leftover icsk_ulp_ops preventing sock from reattach Daniel Borkmann <daniel(a)iogearbox.net> bpf, sockmap: fix map elem deletion race with smap_stop_sock Randy Dunlap <rdunlap(a)infradead.org> platform/x86: intel_punit_ipc: fix build errors Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Mike Rapoport <rppt(a)linux.vnet.ibm.com> mm: make DEFERRED_STRUCT_PAGE_INIT explicitly depend on SPARSEMEM Andrey Ryabinin <aryabinin(a)virtuozzo.com> mm/fadvise.c: fix signed overflow UBSAN complaint Srikar Dronamraju <srikar(a)linux.vnet.ibm.com> powerpc/topology: Get topology for shared processors at boot Jerome Brunet <jbrunet(a)baylibre.com> pwm: meson: Fix mux clock names Michael J. Ruhl <michael.j.ruhl(a)intel.com> IB/hfi1: Invalid NUMA node information can cause a divide by zero Hans de Goede <hdegoede(a)redhat.com> i2c: core: ACPI: Make acpi_gsb_i2c_read_bytes() check i2c_transfer return value Arnd Bergmann <arnd(a)arndb.de> x86/mce: Add notifier_block forward declaration Suzuki K Poulose <suzuki.poulose(a)arm.com> virtio: pci-legacy: Validate queue pfn Dan Carpenter <dan.carpenter(a)oracle.com> apparmor: fix an error code in __aa_create_ns() Randy Dunlap <rdunlap(a)infradead.org> scripts: modpost: check memory allocation results Johannes Berg <johannes.berg(a)intel.com> workqueue: re-add lockdep dependencies for flushing Johannes Berg <johannes.berg(a)intel.com> workqueue: skip lockdep wq dependency in cancel_work_sync() OGAWA Hirofumi <hirofumi(a)mail.parknet.co.jp> fat: validate ->i_start before using James Morse <james.morse(a)arm.com> fs/proc/kcore.c: use __pa_symbol() for KCORE_TEXT list entries Marc Zyngier <marc.zyngier(a)arm.com> iommu/rockchip: Move irq request past pm_runtime_enable Ernesto A. Fernández <ernesto.mnd.fernandez(a)gmail.com> hfsplus: fix NULL dereference in hfsplus_lookup() Marc Zyngier <marc.zyngier(a)arm.com> iommu/rockchip: Handle errors returned from PM framework Arnd Bergmann <arnd(a)arndb.de> reiserfs: change j_timestamp type to time64_t Arnd Bergmann <arnd(a)arndb.de> fs/proc/vmcore.c: hide vmcoredd_mmap_dumps() for nommu builds Jann Horn <jannh(a)google.com> fork: don't copy inconsistent signal handler state to child Laura Abbott <labbott(a)redhat.com> sunrpc: Don't use stack buffer with scatterlist Ernesto A. Fernández <ernesto.mnd.fernandez(a)gmail.com> hfs: prevent crash on exit from failed search Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> hfsplus: don't return 0 when fill_super() failed Ronnie Sahlberg <lsahlber(a)redhat.com> cifs: check if SMB2 PDU size has been padded and suppress the warning Stephen Hemminger <stephen(a)networkplumber.org> hv_netvsc: ignore devices that are not PCI Jason Wang <jasowang(a)redhat.com> vhost: correctly check the iova range when waking virtqueue Ido Schimmel <idosch(a)mellanox.com> mlxsw: spectrum_switchdev: Do not leak RIFs when removing bridge Xin Long <lucien.xin(a)gmail.com> sctp: hold transport before accessing its asoc in sctp_transport_get_next Jakub Kicinski <jakub.kicinski(a)netronome.com> nfp: wait for posted reconfigs when disabling the device Haishuang Yan <yanhaishuang(a)cmss.chinamobile.com> ip6_vti: fix a null pointer deference when destroy vti6 tunnel Haishuang Yan <yanhaishuang(a)cmss.chinamobile.com> ip6_vti: fix creating fallback tunnel device for vti6 Jerome Brunet <jbrunet(a)baylibre.com> Revert "net: stmmac: Do not keep rearming the coalesce timer in stmmac_xmit" Azat Khuzhin <a3at.mail(a)gmail.com> r8169: set RxConfig after tx/rx is enabled for RTL8169sb/8110sb devices Tariq Toukan <tariqt(a)mellanox.com> net/mlx5: Fix SQ offset in QPs with small RQ David Ahern <dsahern(a)gmail.com> net/ipv6: Put lwtstate when destroying fib6_info David Ahern <dsahern(a)gmail.com> net/ipv6: Only update MTU metric if it set Hangbin Liu <liuhangbin(a)gmail.com> net/ipv6: init ip6 anycast rt->dst.input as ip6_input Alexey Kodanev <alexey.kodanev(a)oracle.com> ipv6: don't get lwtstate twice in ip6_rt_copy_init() Ahmad Fatoum <a.fatoum(a)pengutronix.de> net: macb: Fix regression breaking non-MDIO fixed-link PHYs Xin Long <lucien.xin(a)gmail.com> erspan: set erspan_ver to 1 by default when adding an erspan dev Xin Long <lucien.xin(a)gmail.com> sctp: remove useless start_fail from sctp_ht_iter in proc Haiqing Bai <Haiqing.Bai(a)windriver.com> tipc: fix the big/little endian issue in tipc_dest Dexuan Cui <decui(a)microsoft.com> hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() Cong Wang <xiyou.wangcong(a)gmail.com> tipc: fix a missing rhashtable_walk_exit() Davide Caratti <dcaratti(a)redhat.com> net/sched: act_pedit: fix dump of extended layered op Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA. Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Clean up unused functions. Vlad Buslov <vladbu(a)mellanox.com> net: sched: action_ife: take reference to meta module Cong Wang <xiyou.wangcong(a)gmail.com> act_ife: fix a potential deadlock Cong Wang <xiyou.wangcong(a)gmail.com> act_ife: move tcfa_lock down to where necessary Alexey Kodanev <alexey.kodanev(a)oracle.com> vti6: remove !skb->ignore_df check from vti6_xmit() Florian Westphal <fw(a)strlen.de> tcp: do not restart timewait timer on rst reception Anthony Wong <anthony.wong(a)ubuntu.com> r8169: add support for NCube 8168 network card Kai-Heng Feng <kai.heng.feng(a)canonical.com> r8152: disable RX aggregation on new Dell TB16 dock Manish Chopra <manish.chopra(a)cavium.com> qlge: Fix netdev features configuration. Kees Cook <keescook(a)chromium.org> net: sched: Fix memory exposure from short TCA_U32_SEL Anssi Hannula <anssi.hannula(a)bitwise.fi> net: macb: do not disable MDIO bus at open/close time Doug Berger <opendmb(a)gmail.com> net: bcmgenet: use MAC link status for fixed phy Eric Dumazet <edumazet(a)google.com> ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state Cong Wang <xiyou.wangcong(a)gmail.com> act_ife: fix a potential use-after-free ------------- Diffstat: Makefile | 4 +- arch/arm/mach-rockchip/Kconfig | 1 + arch/arm64/Kconfig.platforms | 1 + arch/powerpc/include/asm/topology.h | 5 + arch/powerpc/include/asm/uaccess.h | 13 +- arch/powerpc/kernel/exceptions-64s.S | 6 + arch/powerpc/kernel/smp.c | 5 + arch/powerpc/mm/numa.c | 20 +-- arch/powerpc/platforms/85xx/t1042rdb_diu.c | 4 + arch/powerpc/platforms/pseries/ras.c | 2 +- arch/powerpc/sysdev/mpic_msgr.c | 2 +- arch/riscv/kernel/vdso/Makefile | 4 +- arch/s390/kernel/crash_dump.c | 17 ++- arch/um/Makefile | 3 +- arch/x86/include/asm/mce.h | 1 + arch/x86/include/asm/pgtable-3level.h | 7 +- arch/x86/kernel/tsc.c | 4 +- arch/x86/kvm/mmu.c | 43 ++++++- arch/x86/kvm/vmx.c | 26 ++-- arch/x86/kvm/x86.c | 12 +- arch/x86/xen/mmu_pv.c | 7 +- block/bio.c | 2 +- block/blk-core.c | 4 +- block/blk-mq-tag.c | 3 + block/blk-mq.c | 8 +- block/cfq-iosched.c | 22 ++-- drivers/acpi/acpica/hwregs.c | 9 +- drivers/acpi/scan.c | 5 +- drivers/clk/rockchip/clk-rk3399.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu.h | 6 +- drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c | 23 ++-- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 38 ++++-- drivers/gpu/drm/amd/amdgpu/amdgpu_pm.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 5 + drivers/gpu/drm/amd/amdgpu/amdgpu_sched.c | 21 +--- drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.h | 4 + drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 17 +-- drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c | 20 ++- drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 2 +- drivers/gpu/drm/amd/amdgpu/psp_v10_0.c | 3 + drivers/gpu/drm/amd/amdgpu/uvd_v6_0.c | 3 +- drivers/gpu/drm/amd/amdgpu/vcn_v1_0.c | 40 ++++-- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 10 +- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crc.c | 10 +- .../gpu/drm/amd/display/dc/bios/command_table.c | 18 +++ drivers/gpu/drm/amd/display/dc/core/dc_link.c | 11 ++ drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 68 ++++++++--- drivers/gpu/drm/amd/display/dc/dc.h | 1 + .../gpu/drm/amd/display/dc/dce/dce_link_encoder.c | 4 +- .../drm/amd/display/dc/dce100/dce100_resource.c | 2 +- .../drm/amd/display/dc/dce110/dce110_compressor.c | 2 +- .../amd/display/dc/dce110/dce110_hw_sequencer.c | 4 +- .../gpu/drm/amd/display/dc/dce80/dce80_resource.c | 3 + drivers/gpu/drm/amd/display/dc/inc/resource.h | 5 + .../gpu/drm/amd/powerplay/hwmgr/smu7_powertune.c | 43 +++++++ drivers/gpu/drm/amd/powerplay/hwmgr/smu8_hwmgr.c | 5 +- drivers/gpu/drm/amd/powerplay/hwmgr/vega12_hwmgr.c | 2 +- drivers/gpu/drm/drm_edid.c | 6 +- drivers/gpu/drm/etnaviv/etnaviv_gpu.c | 1 + drivers/gpu/drm/i915/i915_drv.c | 10 -- drivers/gpu/drm/i915/i915_drv.h | 8 -- drivers/gpu/drm/i915/i915_reg.h | 1 + drivers/gpu/drm/i915/intel_ddi.c | 4 + drivers/gpu/drm/i915/intel_dp.c | 33 ++--- drivers/gpu/drm/i915/intel_hdmi.c | 8 +- drivers/gpu/drm/i915/intel_lpe_audio.c | 4 +- drivers/gpu/drm/i915/intel_lspcon.c | 2 +- drivers/gpu/drm/i915/intel_lvds.c | 136 +-------------------- drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 69 +++++++---- drivers/gpu/drm/rockchip/rockchip_lvds.c | 4 +- drivers/hid/hid-redragon.c | 26 +--- drivers/i2c/i2c-core-acpi.c | 8 +- drivers/infiniband/hw/hfi1/affinity.c | 24 +++- drivers/infiniband/hw/hns/hns_roce_pd.c | 2 +- drivers/infiniband/hw/hns/hns_roce_qp.c | 5 +- drivers/input/input.c | 16 ++- drivers/iommu/omap-iommu.c | 4 +- drivers/iommu/rockchip-iommu.c | 45 ++++--- drivers/irqchip/irq-bcm7038-l1.c | 4 + drivers/irqchip/irq-stm32-exti.c | 25 ++-- drivers/md/dm-kcopyd.c | 2 + drivers/mfd/sm501.c | 1 + drivers/mtd/ubi/vtbl.c | 20 +-- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 9 +- drivers/net/ethernet/broadcom/bnxt/bnxt.h | 3 +- drivers/net/ethernet/broadcom/bnxt/bnxt_sriov.c | 7 +- drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.c | 20 --- drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.h | 1 - drivers/net/ethernet/broadcom/genet/bcmgenet.h | 3 + drivers/net/ethernet/broadcom/genet/bcmmii.c | 10 +- drivers/net/ethernet/cadence/macb_main.c | 36 ++++-- .../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 2 +- .../ethernet/hisilicon/hns3/hns3pf/hclge_mdio.c | 2 + drivers/net/ethernet/mellanox/mlx5/core/wq.c | 5 +- drivers/net/ethernet/mellanox/mlxsw/spectrum.h | 2 + .../net/ethernet/mellanox/mlxsw/spectrum_router.c | 11 ++ .../ethernet/mellanox/mlxsw/spectrum_switchdev.c | 20 +++ .../net/ethernet/netronome/nfp/nfp_net_common.c | 48 +++++--- drivers/net/ethernet/qlogic/qlge/qlge_main.c | 23 ++-- drivers/net/ethernet/realtek/r8169.c | 7 +- drivers/net/ethernet/stmicro/stmmac/stmmac.h | 1 - drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 5 +- drivers/net/hyperv/netvsc_drv.c | 16 ++- drivers/net/usb/r8152.c | 4 +- .../broadcom/brcm80211/brcmfmac/cfg80211.c | 8 +- drivers/pci/controller/pci-mvebu.c | 2 +- drivers/pci/probe.c | 12 +- drivers/pinctrl/pinctrl-axp209.c | 26 +++- drivers/platform/x86/asus-nb-wmi.c | 1 + drivers/platform/x86/intel_punit_ipc.c | 1 + drivers/pwm/pwm-meson.c | 3 +- drivers/s390/block/dasd_eckd.c | 10 +- drivers/scsi/aic94xx/aic94xx_init.c | 4 +- drivers/staging/comedi/drivers/ni_mio_common.c | 3 +- drivers/vhost/vhost.c | 2 +- drivers/virtio/virtio_pci_legacy.c | 14 ++- drivers/xen/xen-balloon.c | 2 +- fs/btrfs/check-integrity.c | 7 +- fs/btrfs/dev-replace.c | 6 + fs/btrfs/extent-tree.c | 2 +- fs/btrfs/relocation.c | 23 ++-- fs/btrfs/super.c | 44 ++++--- fs/btrfs/tree-checker.c | 15 ++- fs/btrfs/volumes.c | 94 ++++++++------ fs/cifs/cifs_debug.c | 8 ++ fs/cifs/connect.c | 8 +- fs/cifs/smb2misc.c | 7 ++ fs/cifs/smb2pdu.c | 103 ++++++++-------- fs/dcache.c | 3 +- fs/f2fs/data.c | 8 ++ fs/f2fs/file.c | 48 +++++--- fs/fat/cache.c | 19 +-- fs/fat/fat.h | 5 + fs/fat/fatent.c | 6 +- fs/hfs/brec.c | 7 +- fs/hfsplus/dir.c | 4 +- fs/hfsplus/super.c | 4 +- fs/nfs/nfs4proc.c | 2 +- fs/proc/kcore.c | 4 +- fs/proc/vmcore.c | 2 + fs/reiserfs/reiserfs.h | 2 +- include/linux/pci_ids.h | 2 + include/net/tcp.h | 4 + include/uapi/linux/keyctl.h | 2 +- kernel/bpf/inode.c | 8 +- kernel/bpf/sockmap.c | 120 ++++++++++-------- kernel/fork.c | 5 +- kernel/workqueue.c | 45 ++++--- lib/debugobjects.c | 7 +- mm/Kconfig | 2 +- mm/fadvise.c | 8 +- net/9p/trans_fd.c | 10 +- net/9p/trans_virtio.c | 3 +- net/core/xdp.c | 14 +-- net/ipv4/ip_gre.c | 3 + net/ipv4/tcp_ipv4.c | 6 + net/ipv4/tcp_minisocks.c | 3 +- net/ipv4/tcp_ulp.c | 4 +- net/ipv6/ip6_fib.c | 7 +- net/ipv6/ip6_gre.c | 1 + net/ipv6/ip6_vti.c | 7 +- net/ipv6/netfilter/ip6t_rpfilter.c | 12 +- net/ipv6/route.c | 3 +- net/netfilter/ipvs/ip_vs_core.c | 15 ++- net/netfilter/nf_conntrack_netlink.c | 26 ++-- net/netfilter/nfnetlink_acct.c | 29 ++--- net/netfilter/x_tables.c | 7 +- net/rds/ib_frmr.c | 1 + net/sched/act_ife.c | 78 +++++++----- net/sched/act_pedit.c | 18 ++- net/sched/cls_u32.c | 10 +- net/sctp/proc.c | 8 -- net/sctp/socket.c | 22 ++-- net/sunrpc/auth_gss/gss_krb5_crypto.c | 12 +- net/tipc/name_table.c | 10 +- net/tipc/name_table.h | 9 +- net/tipc/socket.c | 2 + net/tls/tls_main.c | 1 + samples/bpf/xdp_redirect_cpu_user.c | 3 +- samples/bpf/xdp_rxq_info_user.c | 3 +- scripts/coccicheck | 5 +- scripts/depmod.sh | 4 +- scripts/mod/modpost.c | 8 +- security/apparmor/policy_ns.c | 2 +- security/keys/dh.c | 2 +- security/selinux/selinuxfs.c | 33 +++-- sound/soc/codecs/rt5677.c | 2 +- sound/soc/codecs/wm8994.c | 1 + tools/perf/arch/arm64/util/arm-spe.c | 1 + tools/perf/arch/powerpc/util/sym-handling.c | 4 +- tools/perf/util/namespaces.c | 3 + tools/testing/selftests/powerpc/harness.c | 18 ++- 194 files changed, 1498 insertions(+), 954 deletions(-)

7 years, 1 month

4
204
0 0

[PATCH 1/2] Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect()

by kys＠linuxonhyperv.com

From: Dexuan Cui <decui(a)microsoft.com> With CONFIG_DEBUG_PREEMPT=y, I always see this warning: BUG: using smp_processor_id() in preemptible [00000000] Fix the false warning by using get/put_cpu(). Here vmbus_connect() sends a message to the host and waits for the host's response. The host will deliver the response message and an interrupt on CPU msg->target_vcpu, and later the interrupt handler will wake up vmbus_connect(). vmbus_connect() doesn't really have to run on the same cpu as CPU msg->target_vcpu, so it's safe to call put_cpu() just here. Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Cc: stable(a)vger.kernel.org Cc: K. Y. Srinivasan <kys(a)microsoft.com> Cc: Haiyang Zhang <haiyangz(a)microsoft.com> Cc: Stephen Hemminger <sthemmin(a)microsoft.com> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> --- drivers/hv/connection.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/hv/connection.c b/drivers/hv/connection.c index ced041899456..f4d08c8ac7f8 100644 --- a/drivers/hv/connection.c +++ b/drivers/hv/connection.c @@ -76,6 +76,7 @@ static int vmbus_negotiate_version(struct vmbus_channel_msginfo *msginfo, __u32 version) { int ret = 0; + unsigned int cur_cpu; struct vmbus_channel_initiate_contact *msg; unsigned long flags; @@ -118,9 +119,10 @@ static int vmbus_negotiate_version(struct vmbus_channel_msginfo *msginfo, * the CPU attempting to connect may not be CPU 0. */ if (version >= VERSION_WIN8_1) { - msg->target_vcpu = - hv_cpu_number_to_vp_number(smp_processor_id()); - vmbus_connection.connect_cpu = smp_processor_id(); + cur_cpu = get_cpu(); + msg->target_vcpu = hv_cpu_number_to_vp_number(cur_cpu); + vmbus_connection.connect_cpu = cur_cpu; + put_cpu(); } else { msg->target_vcpu = 0; vmbus_connection.connect_cpu = 0; -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH] dm-mpath: Fix setup_scsi_dh()

by Bart Van Assche

This patch fixes two bugs that got introduced recently in setup_scsi_dh(): - Avoid that a memory leak occurs if attached_handler_name is not assigned to m->hw_handler_name. - Avoid that m->hw_handler_name becomes a dangling pointer if the RETAIN_ATTACHED_HW_HANDLER flag is set and scsi_dh_attach() returns -EBUSY. Fixes: e8f74a0f0011 ("dm mpath: eliminate need to use scsi_device_from_queue") Signed-off-by: Bart Van Assche <bvanassche(a)acm.org> Cc: Martin K. Petersen <martin.petersen(a)oracle.com> Cc: <stable(a)vger.kernel.org> --- drivers/md/dm-mpath.c | 14 +++++++++----- include/scsi/scsi_device.h | 9 +++++++++ 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/drivers/md/dm-mpath.c b/drivers/md/dm-mpath.c index d94ba6f72ff5..0ba58a537182 100644 --- a/drivers/md/dm-mpath.c +++ b/drivers/md/dm-mpath.c @@ -22,6 +22,7 @@ #include <linux/time.h> #include <linux/workqueue.h> #include <linux/delay.h> +#include <scsi/scsi_device.h> #include <scsi/scsi_dh.h> #include <linux/atomic.h> #include <linux/blk-mq.h> @@ -806,13 +807,15 @@ static int parse_path_selector(struct dm_arg_set *as, struct priority_group *pg, } static int setup_scsi_dh(struct block_device *bdev, struct multipath *m, - const char *attached_handler_name, char **error) + char **error) { struct request_queue *q = bdev_get_queue(bdev); + const char *attached_handler_name; int r; if (test_bit(MPATHF_RETAIN_ATTACHED_HW_HANDLER, &m->flags)) { retain: + attached_handler_name = scsi_dh_attached_handler_name(q, GFP_KERNEL); if (attached_handler_name) { /* * Clear any hw_handler_params associated with a @@ -867,7 +870,7 @@ static struct pgpath *parse_path(struct dm_arg_set *as, struct path_selector *ps struct pgpath *p; struct multipath *m = ti->private; struct request_queue *q; - const char *attached_handler_name; + struct scsi_device *sdev; /* we need at least a path arg */ if (as->argc < 1) { @@ -887,10 +890,11 @@ static struct pgpath *parse_path(struct dm_arg_set *as, struct path_selector *ps } q = bdev_get_queue(p->path.dev->bdev); - attached_handler_name = scsi_dh_attached_handler_name(q, GFP_KERNEL); - if (attached_handler_name || m->hw_handler_name) { + sdev = scsi_device_from_queue(q); + if (sdev) { + put_device(&sdev->sdev_gendev); INIT_DELAYED_WORK(&p->activate_path, activate_path_work); - r = setup_scsi_dh(p->path.dev->bdev, m, attached_handler_name, &ti->error); + r = setup_scsi_dh(p->path.dev->bdev, m, &ti->error); if (r) { dm_put_device(ti, p->path.dev); goto bad; diff --git a/include/scsi/scsi_device.h b/include/scsi/scsi_device.h index 202f4d6a4342..1c839089c711 100644 --- a/include/scsi/scsi_device.h +++ b/include/scsi/scsi_device.h @@ -2,6 +2,7 @@ #ifndef _SCSI_SCSI_DEVICE_H #define _SCSI_SCSI_DEVICE_H +#include <linux/kconfig.h> #include <linux/list.h> #include <linux/spinlock.h> #include <linux/workqueue.h> @@ -335,7 +336,15 @@ extern void scsi_remove_device(struct scsi_device *); extern int scsi_unregister_device_handler(struct scsi_device_handler *scsi_dh); void scsi_attach_vpd(struct scsi_device *sdev); +#if IS_ENABLED(CONFIG_SCSI) extern struct scsi_device *scsi_device_from_queue(struct request_queue *q); +#else +static inline struct scsi_device * +scsi_device_from_queue(struct request_queue *q) +{ + return NULL; +} +#endif extern int __must_check scsi_device_get(struct scsi_device *); extern void scsi_device_put(struct scsi_device *); extern struct scsi_device *scsi_device_lookup(struct Scsi_Host *, -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH AUTOSEL 3.18 01/29] crypto: skcipher - Fix -Wstringop-truncation warnings

by Sasha Levin

From: Stafford Horne <shorne(a)gmail.com> [ Upstream commit cefd769fd0192c84d638f66da202459ed8ad63ba ] As of GCC 9.0.0 the build is reporting warnings like: crypto/ablkcipher.c: In function ‘crypto_ablkcipher_report’: crypto/ablkcipher.c:374:2: warning: ‘strncpy’ specified bound 64 equals destination size [-Wstringop-truncation] strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<default>", ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ sizeof(rblkcipher.geniv)); ~~~~~~~~~~~~~~~~~~~~~~~~~ This means the strnycpy might create a non null terminated string. Fix this by explicitly performing '\0' termination. Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Arnd Bergmann <arnd(a)arndb.de> Cc: Max Filippov <jcmvbkbc(a)gmail.com> Cc: Eric Biggers <ebiggers3(a)gmail.com> Cc: Nick Desaulniers <nick.desaulniers(a)gmail.com> Signed-off-by: Stafford Horne <shorne(a)gmail.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- crypto/ablkcipher.c | 2 ++ crypto/blkcipher.c | 1 + 2 files changed, 3 insertions(+) diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c index 5061d7ad33e4..cad66af5a1ae 100644 --- a/crypto/ablkcipher.c +++ b/crypto/ablkcipher.c @@ -382,6 +382,7 @@ static int crypto_ablkcipher_report(struct sk_buff *skb, struct crypto_alg *alg) strncpy(rblkcipher.type, "ablkcipher", sizeof(rblkcipher.type)); strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<default>", sizeof(rblkcipher.geniv)); + rblkcipher.geniv[sizeof(rblkcipher.geniv) - 1] = '\0'; rblkcipher.blocksize = alg->cra_blocksize; rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize; @@ -463,6 +464,7 @@ static int crypto_givcipher_report(struct sk_buff *skb, struct crypto_alg *alg) strncpy(rblkcipher.type, "givcipher", sizeof(rblkcipher.type)); strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<built-in>", sizeof(rblkcipher.geniv)); + rblkcipher.geniv[sizeof(rblkcipher.geniv) - 1] = '\0'; rblkcipher.blocksize = alg->cra_blocksize; rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize; diff --git a/crypto/blkcipher.c b/crypto/blkcipher.c index 5ebfdd0d4543..5ba9916a33c8 100644 --- a/crypto/blkcipher.c +++ b/crypto/blkcipher.c @@ -514,6 +514,7 @@ static int crypto_blkcipher_report(struct sk_buff *skb, struct crypto_alg *alg) strncpy(rblkcipher.type, "blkcipher", sizeof(rblkcipher.type)); strncpy(rblkcipher.geniv, alg->cra_blkcipher.geniv ?: "<default>", sizeof(rblkcipher.geniv)); + rblkcipher.geniv[sizeof(rblkcipher.geniv) - 1] = '\0'; rblkcipher.blocksize = alg->cra_blocksize; rblkcipher.min_keysize = alg->cra_blkcipher.min_keysize; -- 2.17.1

7 years, 1 month

1
28
0 0

[PATCH AUTOSEL 4.4 01/43] crypto: skcipher - Fix -Wstringop-truncation warnings

by Sasha Levin

From: Stafford Horne <shorne(a)gmail.com> [ Upstream commit cefd769fd0192c84d638f66da202459ed8ad63ba ] As of GCC 9.0.0 the build is reporting warnings like: crypto/ablkcipher.c: In function ‘crypto_ablkcipher_report’: crypto/ablkcipher.c:374:2: warning: ‘strncpy’ specified bound 64 equals destination size [-Wstringop-truncation] strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<default>", ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ sizeof(rblkcipher.geniv)); ~~~~~~~~~~~~~~~~~~~~~~~~~ This means the strnycpy might create a non null terminated string. Fix this by explicitly performing '\0' termination. Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: Arnd Bergmann <arnd(a)arndb.de> Cc: Max Filippov <jcmvbkbc(a)gmail.com> Cc: Eric Biggers <ebiggers3(a)gmail.com> Cc: Nick Desaulniers <nick.desaulniers(a)gmail.com> Signed-off-by: Stafford Horne <shorne(a)gmail.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- crypto/ablkcipher.c | 2 ++ crypto/blkcipher.c | 1 + 2 files changed, 3 insertions(+) diff --git a/crypto/ablkcipher.c b/crypto/ablkcipher.c index 149e7a7f04fe..b524f702e658 100644 --- a/crypto/ablkcipher.c +++ b/crypto/ablkcipher.c @@ -384,6 +384,7 @@ static int crypto_ablkcipher_report(struct sk_buff *skb, struct crypto_alg *alg) strncpy(rblkcipher.type, "ablkcipher", sizeof(rblkcipher.type)); strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<default>", sizeof(rblkcipher.geniv)); + rblkcipher.geniv[sizeof(rblkcipher.geniv) - 1] = '\0'; rblkcipher.blocksize = alg->cra_blocksize; rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize; @@ -465,6 +466,7 @@ static int crypto_givcipher_report(struct sk_buff *skb, struct crypto_alg *alg) strncpy(rblkcipher.type, "givcipher", sizeof(rblkcipher.type)); strncpy(rblkcipher.geniv, alg->cra_ablkcipher.geniv ?: "<built-in>", sizeof(rblkcipher.geniv)); + rblkcipher.geniv[sizeof(rblkcipher.geniv) - 1] = '\0'; rblkcipher.blocksize = alg->cra_blocksize; rblkcipher.min_keysize = alg->cra_ablkcipher.min_keysize; diff --git a/crypto/blkcipher.c b/crypto/blkcipher.c index 2d08e59b3212..d524f838eb10 100644 --- a/crypto/blkcipher.c +++ b/crypto/blkcipher.c @@ -515,6 +515,7 @@ static int crypto_blkcipher_report(struct sk_buff *skb, struct crypto_alg *alg) strncpy(rblkcipher.type, "blkcipher", sizeof(rblkcipher.type)); strncpy(rblkcipher.geniv, alg->cra_blkcipher.geniv ?: "<default>", sizeof(rblkcipher.geniv)); + rblkcipher.geniv[sizeof(rblkcipher.geniv) - 1] = '\0'; rblkcipher.blocksize = alg->cra_blocksize; rblkcipher.min_keysize = alg->cra_blkcipher.min_keysize; -- 2.17.1

7 years, 1 month

1
42
0 0

[PATCH] Revert "ubifs: xattr: Don't operate on deleted inodes"

by Richard Weinberger

This reverts commit 11a6fc3dc743e22fb50f2196ec55bee5140d3c52. UBIFS wants to assert that xattr operations are only issued on files with positive link count. The said patch made this operations return -ENOENT for unlinked files such that the asserts will no longer trigger. This was wrong since xattr operations are perfectly fine on unlinked files. Instead the assertions need to be fixed/removed. Cc: <stable(a)vger.kernel.org> Fixes: 11a6fc3dc743 ("ubifs: xattr: Don't operate on deleted inodes") Reported-by: Koen Vandeputte <koen.vandeputte(a)ncentric.com> Signed-off-by: Richard Weinberger <richard(a)nod.at> --- fs/ubifs/xattr.c | 24 ------------------------ 1 file changed, 24 deletions(-) diff --git a/fs/ubifs/xattr.c b/fs/ubifs/xattr.c index 61afdfee4b28..f5ad1ede7990 100644 --- a/fs/ubifs/xattr.c +++ b/fs/ubifs/xattr.c @@ -152,12 +152,6 @@ static int create_xattr(struct ubifs_info *c, struct inode *host, ui->data_len = size; mutex_lock(&host_ui->ui_mutex); - - if (!host->i_nlink) { - err = -ENOENT; - goto out_noent; - } - host->i_ctime = current_time(host); host_ui->xattr_cnt += 1; host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); @@ -190,7 +184,6 @@ static int create_xattr(struct ubifs_info *c, struct inode *host, host_ui->xattr_size -= CALC_XATTR_BYTES(size); host_ui->xattr_names -= fname_len(nm); host_ui->flags &= ~UBIFS_CRYPT_FL; -out_noent: mutex_unlock(&host_ui->ui_mutex); out_free: make_bad_inode(inode); @@ -242,12 +235,6 @@ static int change_xattr(struct ubifs_info *c, struct inode *host, mutex_unlock(&ui->ui_mutex); mutex_lock(&host_ui->ui_mutex); - - if (!host->i_nlink) { - err = -ENOENT; - goto out_noent; - } - host->i_ctime = current_time(host); host_ui->xattr_size -= CALC_XATTR_BYTES(old_size); host_ui->xattr_size += CALC_XATTR_BYTES(size); @@ -269,7 +256,6 @@ static int change_xattr(struct ubifs_info *c, struct inode *host, out_cancel: host_ui->xattr_size -= CALC_XATTR_BYTES(size); host_ui->xattr_size += CALC_XATTR_BYTES(old_size); -out_noent: mutex_unlock(&host_ui->ui_mutex); make_bad_inode(inode); out_free: @@ -496,12 +482,6 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host, return err; mutex_lock(&host_ui->ui_mutex); - - if (!host->i_nlink) { - err = -ENOENT; - goto out_noent; - } - host->i_ctime = current_time(host); host_ui->xattr_cnt -= 1; host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm)); @@ -521,7 +501,6 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host, host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len); host_ui->xattr_names += fname_len(nm); -out_noent: mutex_unlock(&host_ui->ui_mutex); ubifs_release_budget(c, &req); make_bad_inode(inode); @@ -561,9 +540,6 @@ static int ubifs_xattr_remove(struct inode *host, const char *name) ubifs_assert(c, inode_is_locked(host)); - if (!host->i_nlink) - return -ENOENT; - if (fname_len(&nm) > UBIFS_MAX_NLEN) return -ENAMETOOLONG; -- 2.19.0

7 years, 1 month

1
0
0 0

[PATCH RESEND] tpm: Restore functionality to xen vtpm driver.

by Boris Ostrovsky

From: "Dr. Greg Wettstein" <greg(a)wind.enjellic.com> Functionality of the xen-tpmfront driver was lost secondary to the introduction of xenbus multi-page support in commit ccc9d90a9a8b ("xenbus_client: Extend interface to support multi-page ring"). In this commit a pointer to the shared page address was being passed to the xenbus_grant_ring() function rather then the address of the shared page itself. This resulted in a situation where the driver would attach to the vtpm-stubdom but any attempt to send a command to the stub domain would timeout. A diagnostic finding for this regression is the following error message being generated when the xen-tpmfront driver probes for a device: <3>vtpm vtpm-0: tpm_transmit: tpm_send: error -62 <3>vtpm vtpm-0: A TPM error (-62) occurred attempting to determine the timeouts This fix is relevant to all kernels from 4.1 forward which is the release in which multi-page xenbus support was introduced. Daniel De Graaf formulated the fix by code inspection after the regression point was located. Signed-off-by: Dr. Greg Wettstein <greg(a)enjellic.com> [boris: fixed commit message formatting] Signed-off-by: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Cc: stable(a)vger.kernel.org # v4.1+ --- We've lost this patch a couple of years ago, re-submitting. drivers/char/tpm/xen-tpmfront.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/char/tpm/xen-tpmfront.c b/drivers/char/tpm/xen-tpmfront.c index 911475d36800..b150f87f38f5 100644 --- a/drivers/char/tpm/xen-tpmfront.c +++ b/drivers/char/tpm/xen-tpmfront.c @@ -264,7 +264,7 @@ static int setup_ring(struct xenbus_device *dev, struct tpm_private *priv) return -ENOMEM; } - rv = xenbus_grant_ring(dev, &priv->shr, 1, &gref); + rv = xenbus_grant_ring(dev, priv->shr, 1, &gref); if (rv < 0) return rv; -- 2.17.1

7 years, 1 month

3
2
0 0

[PATCH for-4.9.y 00/14] Few upstream fixes from OnePlus6's kernel tree

by Amit Pundir

Hi Greg, For your consideration, few upstream fixes picked up from Qcom's android-4.9 BSP tree for OnePlus 6 device. Cherry-picked and build tested for ARCH=x86_64/mips on v4.9.124. Few patches are applicable for 4.4.y and 3.18.y as well and explicitly marked so respectively. Regards, Amit Pundir Daniel Micay (1): staging/rts5208: Fix read overflow in memcpy Jason A. Donenfeld (1): random: convert get_random_int/long into get_random_u32/u64 Jia-Ju Bai (1): staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page Johannes Berg (1): nl80211: fix null-ptr dereference on invalid mesh configuration Johannes Weiner (1): mm: remove seemingly spurious reclaimability check from laptop_mode gating Kees Cook (1): IB/rxe: do not copy extra stack memory to skb Mel Gorman (1): mm, vmscan: clear PGDAT_WRITEBACK when zone is balanced Michal Hocko (1): selinux: use GFP_NOWAIT in the AVC kmem_caches Prateek Sood (2): locking/rwsem-xadd: Fix missed wakeup due to reordering of load locking/osq_lock: Fix osq_lock queue corruption Ritesh Harjani (1): cfq: Give a chance for arming slice idle timer in case of group_idle Tejun Heo (1): block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg Vegard Nossum (2): kthread: Fix use-after-free if kthread fork fails kthread: fix boot hang (regression) on MIPS/OpenRISC arch/mips/kernel/process.c | 1 - arch/openrisc/kernel/process.c | 2 -- block/blk-cgroup.c | 9 +++--- block/cfq-iosched.c | 6 ++-- drivers/char/random.c | 55 ++++++++++++++++++------------------ drivers/infiniband/sw/rxe/rxe_resp.c | 4 ++- drivers/staging/rts5208/rtsx_scsi.c | 2 +- drivers/staging/rts5208/xd.c | 2 +- include/linux/random.h | 17 +++++++++-- kernel/fork.c | 17 +++++++---- kernel/locking/osq_lock.c | 13 +++++++++ kernel/locking/rwsem-xadd.c | 27 ++++++++++++++++++ mm/vmscan.c | 3 +- net/wireless/nl80211.c | 3 ++ security/selinux/avc.c | 14 ++++----- 15 files changed, 119 insertions(+), 56 deletions(-) -- 2.7.4

7 years, 1 month

2
16
0 0

FAILED: patch "[PATCH] x86/mm: Use WRITE_ONCE() when setting PTEs" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 9bc4f28af75a91aea0ae383f50b0a430c4509303 Mon Sep 17 00:00:00 2001 From: Nadav Amit <namit(a)vmware.com> Date: Sun, 2 Sep 2018 11:14:50 -0700 Subject: [PATCH] x86/mm: Use WRITE_ONCE() when setting PTEs When page-table entries are set, the compiler might optimize their assignment by using multiple instructions to set the PTE. This might turn into a security hazard if the user somehow manages to use the interim PTE. L1TF does not make our lives easier, making even an interim non-present PTE a security hazard. Using WRITE_ONCE() to set PTEs and friends should prevent this potential security hazard. I skimmed the differences in the binary with and without this patch. The differences are (obviously) greater when CONFIG_PARAVIRT=n as more code optimizations are possible. For better and worse, the impact on the binary with this patch is pretty small. Skimming the code did not cause anything to jump out as a security hazard, but it seems that at least move_soft_dirty_pte() caused set_pte_at() to use multiple writes. Signed-off-by: Nadav Amit <namit(a)vmware.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Acked-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Andi Kleen <ak(a)linux.intel.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Sean Christopherson <sean.j.christopherson(a)intel.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: stable(a)vger.kernel.org Link: https://lkml.kernel.org/r/20180902181451.80520-1-namit@vmware.com diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h index e4ffa565a69f..690c0307afed 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -1195,7 +1195,7 @@ static inline pmd_t pmdp_establish(struct vm_area_struct *vma, return xchg(pmdp, pmd); } else { pmd_t old = *pmdp; - *pmdp = pmd; + WRITE_ONCE(*pmdp, pmd); return old; } } diff --git a/arch/x86/include/asm/pgtable_64.h b/arch/x86/include/asm/pgtable_64.h index f773d5e6c8cc..ce2b59047cb8 100644 --- a/arch/x86/include/asm/pgtable_64.h +++ b/arch/x86/include/asm/pgtable_64.h @@ -55,15 +55,15 @@ struct mm_struct; void set_pte_vaddr_p4d(p4d_t *p4d_page, unsigned long vaddr, pte_t new_pte); void set_pte_vaddr_pud(pud_t *pud_page, unsigned long vaddr, pte_t new_pte); -static inline void native_pte_clear(struct mm_struct *mm, unsigned long addr, - pte_t *ptep) +static inline void native_set_pte(pte_t *ptep, pte_t pte) { - *ptep = native_make_pte(0); + WRITE_ONCE(*ptep, pte); } -static inline void native_set_pte(pte_t *ptep, pte_t pte) +static inline void native_pte_clear(struct mm_struct *mm, unsigned long addr, + pte_t *ptep) { - *ptep = pte; + native_set_pte(ptep, native_make_pte(0)); } static inline void native_set_pte_atomic(pte_t *ptep, pte_t pte) @@ -73,7 +73,7 @@ static inline void native_set_pte_atomic(pte_t *ptep, pte_t pte) static inline void native_set_pmd(pmd_t *pmdp, pmd_t pmd) { - *pmdp = pmd; + WRITE_ONCE(*pmdp, pmd); } static inline void native_pmd_clear(pmd_t *pmd) @@ -109,7 +109,7 @@ static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp) static inline void native_set_pud(pud_t *pudp, pud_t pud) { - *pudp = pud; + WRITE_ONCE(*pudp, pud); } static inline void native_pud_clear(pud_t *pud) @@ -137,13 +137,13 @@ static inline void native_set_p4d(p4d_t *p4dp, p4d_t p4d) pgd_t pgd; if (pgtable_l5_enabled() || !IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) { - *p4dp = p4d; + WRITE_ONCE(*p4dp, p4d); return; } pgd = native_make_pgd(native_p4d_val(p4d)); pgd = pti_set_user_pgtbl((pgd_t *)p4dp, pgd); - *p4dp = native_make_p4d(native_pgd_val(pgd)); + WRITE_ONCE(*p4dp, native_make_p4d(native_pgd_val(pgd))); } static inline void native_p4d_clear(p4d_t *p4d) @@ -153,7 +153,7 @@ static inline void native_p4d_clear(p4d_t *p4d) static inline void native_set_pgd(pgd_t *pgdp, pgd_t pgd) { - *pgdp = pti_set_user_pgtbl(pgdp, pgd); + WRITE_ONCE(*pgdp, pti_set_user_pgtbl(pgdp, pgd)); } static inline void native_pgd_clear(pgd_t *pgd) diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index e848a4811785..ae394552fb94 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -269,7 +269,7 @@ static void mop_up_one_pmd(struct mm_struct *mm, pgd_t *pgdp) if (pgd_val(pgd) != 0) { pmd_t *pmd = (pmd_t *)pgd_page_vaddr(pgd); - *pgdp = native_make_pgd(0); + pgd_clear(pgdp); paravirt_release_pmd(pgd_val(pgd) >> PAGE_SHIFT); pmd_free(mm, pmd); @@ -494,7 +494,7 @@ int ptep_set_access_flags(struct vm_area_struct *vma, int changed = !pte_same(*ptep, entry); if (changed && dirty) - *ptep = entry; + set_pte(ptep, entry); return changed; } @@ -509,7 +509,7 @@ int pmdp_set_access_flags(struct vm_area_struct *vma, VM_BUG_ON(address & ~HPAGE_PMD_MASK); if (changed && dirty) { - *pmdp = entry; + set_pmd(pmdp, entry); /* * We had a write-protection fault here and changed the pmd * to to more permissive. No need to flush the TLB for that, @@ -529,7 +529,7 @@ int pudp_set_access_flags(struct vm_area_struct *vma, unsigned long address, VM_BUG_ON(address & ~HPAGE_PUD_MASK); if (changed && dirty) { - *pudp = entry; + set_pud(pudp, entry); /* * We had a write-protection fault here and changed the pud * to to more permissive. No need to flush the TLB for that,

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] x86/mm: Use WRITE_ONCE() when setting PTEs" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 9bc4f28af75a91aea0ae383f50b0a430c4509303 Mon Sep 17 00:00:00 2001 From: Nadav Amit <namit(a)vmware.com> Date: Sun, 2 Sep 2018 11:14:50 -0700 Subject: [PATCH] x86/mm: Use WRITE_ONCE() when setting PTEs When page-table entries are set, the compiler might optimize their assignment by using multiple instructions to set the PTE. This might turn into a security hazard if the user somehow manages to use the interim PTE. L1TF does not make our lives easier, making even an interim non-present PTE a security hazard. Using WRITE_ONCE() to set PTEs and friends should prevent this potential security hazard. I skimmed the differences in the binary with and without this patch. The differences are (obviously) greater when CONFIG_PARAVIRT=n as more code optimizations are possible. For better and worse, the impact on the binary with this patch is pretty small. Skimming the code did not cause anything to jump out as a security hazard, but it seems that at least move_soft_dirty_pte() caused set_pte_at() to use multiple writes. Signed-off-by: Nadav Amit <namit(a)vmware.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Acked-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Cc: Dave Hansen <dave.hansen(a)linux.intel.com> Cc: Andi Kleen <ak(a)linux.intel.com> Cc: Josh Poimboeuf <jpoimboe(a)redhat.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Sean Christopherson <sean.j.christopherson(a)intel.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: stable(a)vger.kernel.org Link: https://lkml.kernel.org/r/20180902181451.80520-1-namit@vmware.com diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h index e4ffa565a69f..690c0307afed 100644 --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -1195,7 +1195,7 @@ static inline pmd_t pmdp_establish(struct vm_area_struct *vma, return xchg(pmdp, pmd); } else { pmd_t old = *pmdp; - *pmdp = pmd; + WRITE_ONCE(*pmdp, pmd); return old; } } diff --git a/arch/x86/include/asm/pgtable_64.h b/arch/x86/include/asm/pgtable_64.h index f773d5e6c8cc..ce2b59047cb8 100644 --- a/arch/x86/include/asm/pgtable_64.h +++ b/arch/x86/include/asm/pgtable_64.h @@ -55,15 +55,15 @@ struct mm_struct; void set_pte_vaddr_p4d(p4d_t *p4d_page, unsigned long vaddr, pte_t new_pte); void set_pte_vaddr_pud(pud_t *pud_page, unsigned long vaddr, pte_t new_pte); -static inline void native_pte_clear(struct mm_struct *mm, unsigned long addr, - pte_t *ptep) +static inline void native_set_pte(pte_t *ptep, pte_t pte) { - *ptep = native_make_pte(0); + WRITE_ONCE(*ptep, pte); } -static inline void native_set_pte(pte_t *ptep, pte_t pte) +static inline void native_pte_clear(struct mm_struct *mm, unsigned long addr, + pte_t *ptep) { - *ptep = pte; + native_set_pte(ptep, native_make_pte(0)); } static inline void native_set_pte_atomic(pte_t *ptep, pte_t pte) @@ -73,7 +73,7 @@ static inline void native_set_pte_atomic(pte_t *ptep, pte_t pte) static inline void native_set_pmd(pmd_t *pmdp, pmd_t pmd) { - *pmdp = pmd; + WRITE_ONCE(*pmdp, pmd); } static inline void native_pmd_clear(pmd_t *pmd) @@ -109,7 +109,7 @@ static inline pmd_t native_pmdp_get_and_clear(pmd_t *xp) static inline void native_set_pud(pud_t *pudp, pud_t pud) { - *pudp = pud; + WRITE_ONCE(*pudp, pud); } static inline void native_pud_clear(pud_t *pud) @@ -137,13 +137,13 @@ static inline void native_set_p4d(p4d_t *p4dp, p4d_t p4d) pgd_t pgd; if (pgtable_l5_enabled() || !IS_ENABLED(CONFIG_PAGE_TABLE_ISOLATION)) { - *p4dp = p4d; + WRITE_ONCE(*p4dp, p4d); return; } pgd = native_make_pgd(native_p4d_val(p4d)); pgd = pti_set_user_pgtbl((pgd_t *)p4dp, pgd); - *p4dp = native_make_p4d(native_pgd_val(pgd)); + WRITE_ONCE(*p4dp, native_make_p4d(native_pgd_val(pgd))); } static inline void native_p4d_clear(p4d_t *p4d) @@ -153,7 +153,7 @@ static inline void native_p4d_clear(p4d_t *p4d) static inline void native_set_pgd(pgd_t *pgdp, pgd_t pgd) { - *pgdp = pti_set_user_pgtbl(pgdp, pgd); + WRITE_ONCE(*pgdp, pti_set_user_pgtbl(pgdp, pgd)); } static inline void native_pgd_clear(pgd_t *pgd) diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index e848a4811785..ae394552fb94 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -269,7 +269,7 @@ static void mop_up_one_pmd(struct mm_struct *mm, pgd_t *pgdp) if (pgd_val(pgd) != 0) { pmd_t *pmd = (pmd_t *)pgd_page_vaddr(pgd); - *pgdp = native_make_pgd(0); + pgd_clear(pgdp); paravirt_release_pmd(pgd_val(pgd) >> PAGE_SHIFT); pmd_free(mm, pmd); @@ -494,7 +494,7 @@ int ptep_set_access_flags(struct vm_area_struct *vma, int changed = !pte_same(*ptep, entry); if (changed && dirty) - *ptep = entry; + set_pte(ptep, entry); return changed; } @@ -509,7 +509,7 @@ int pmdp_set_access_flags(struct vm_area_struct *vma, VM_BUG_ON(address & ~HPAGE_PMD_MASK); if (changed && dirty) { - *pmdp = entry; + set_pmd(pmdp, entry); /* * We had a write-protection fault here and changed the pmd * to to more permissive. No need to flush the TLB for that, @@ -529,7 +529,7 @@ int pudp_set_access_flags(struct vm_area_struct *vma, unsigned long address, VM_BUG_ON(address & ~HPAGE_PUD_MASK); if (changed && dirty) { - *pudp = entry; + set_pud(pudp, entry); /* * We had a write-protection fault here and changed the pud * to to more permissive. No need to flush the TLB for that,

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] x86/process: Don't mix user/kernel regs in 64bit" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 9fe6299dde587788f245e9f7a5a1b296fad4e8c7 Mon Sep 17 00:00:00 2001 From: Jann Horn <jannh(a)google.com> Date: Fri, 31 Aug 2018 21:41:51 +0200 Subject: [PATCH] x86/process: Don't mix user/kernel regs in 64bit __show_regs() When the kernel.print-fatal-signals sysctl has been enabled, a simple userspace crash will cause the kernel to write a crash dump that contains, among other things, the kernel gsbase into dmesg. As suggested by Andy, limit output to pt_regs, FS_BASE and KERNEL_GS_BASE in this case. This also moves the bitness-specific logic from show_regs() into process_{32,64}.c. Fixes: 45807a1df9f5 ("vdso: print fatal signals") Signed-off-by: Jann Horn <jannh(a)google.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: stable(a)vger.kernel.org Link: https://lkml.kernel.org/r/20180831194151.123586-1-jannh@google.com diff --git a/arch/x86/include/asm/kdebug.h b/arch/x86/include/asm/kdebug.h index 395c9631e000..75f1e35e7c15 100644 --- a/arch/x86/include/asm/kdebug.h +++ b/arch/x86/include/asm/kdebug.h @@ -22,10 +22,20 @@ enum die_val { DIE_NMIUNKNOWN, }; +enum show_regs_mode { + SHOW_REGS_SHORT, + /* + * For when userspace crashed, but we don't think it's our fault, and + * therefore don't print kernel registers. + */ + SHOW_REGS_USER, + SHOW_REGS_ALL +}; + extern void die(const char *, struct pt_regs *,long); extern int __must_check __die(const char *, struct pt_regs *, long); extern void show_stack_regs(struct pt_regs *regs); -extern void __show_regs(struct pt_regs *regs, int all); +extern void __show_regs(struct pt_regs *regs, enum show_regs_mode); extern void show_iret_regs(struct pt_regs *regs); extern unsigned long oops_begin(void); extern void oops_end(unsigned long, struct pt_regs *, int signr); diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c index f56895106ccf..2b5886401e5f 100644 --- a/arch/x86/kernel/dumpstack.c +++ b/arch/x86/kernel/dumpstack.c @@ -146,7 +146,7 @@ static void show_regs_if_on_stack(struct stack_info *info, struct pt_regs *regs, * they can be printed in the right context. */ if (!partial && on_stack(info, regs, sizeof(*regs))) { - __show_regs(regs, 0); + __show_regs(regs, SHOW_REGS_SHORT); } else if (partial && on_stack(info, (void *)regs + IRET_FRAME_OFFSET, IRET_FRAME_SIZE)) { @@ -344,7 +344,7 @@ void oops_end(unsigned long flags, struct pt_regs *regs, int signr) oops_exit(); /* Executive summary in case the oops scrolled away */ - __show_regs(&exec_summary_regs, true); + __show_regs(&exec_summary_regs, SHOW_REGS_ALL); if (!signr) return; @@ -407,14 +407,9 @@ void die(const char *str, struct pt_regs *regs, long err) void show_regs(struct pt_regs *regs) { - bool all = true; - show_regs_print_info(KERN_DEFAULT); - if (IS_ENABLED(CONFIG_X86_32)) - all = !user_mode(regs); - - __show_regs(regs, all); + __show_regs(regs, user_mode(regs) ? SHOW_REGS_USER : SHOW_REGS_ALL); /* * When in-kernel, we also print out the stack at the time of the fault.. diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c index 2924fd447e61..5046a3c9dec2 100644 --- a/arch/x86/kernel/process_32.c +++ b/arch/x86/kernel/process_32.c @@ -59,7 +59,7 @@ #include <asm/intel_rdt_sched.h> #include <asm/proto.h> -void __show_regs(struct pt_regs *regs, int all) +void __show_regs(struct pt_regs *regs, enum show_regs_mode mode) { unsigned long cr0 = 0L, cr2 = 0L, cr3 = 0L, cr4 = 0L; unsigned long d0, d1, d2, d3, d6, d7; @@ -85,7 +85,7 @@ void __show_regs(struct pt_regs *regs, int all) printk(KERN_DEFAULT "DS: %04x ES: %04x FS: %04x GS: %04x SS: %04x EFLAGS: %08lx\n", (u16)regs->ds, (u16)regs->es, (u16)regs->fs, gs, ss, regs->flags); - if (!all) + if (mode != SHOW_REGS_ALL) return; cr0 = read_cr0(); diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index a451bc374b9b..ea5ea850348d 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -62,7 +62,7 @@ __visible DEFINE_PER_CPU(unsigned long, rsp_scratch); /* Prints also some state that isn't saved in the pt_regs */ -void __show_regs(struct pt_regs *regs, int all) +void __show_regs(struct pt_regs *regs, enum show_regs_mode mode) { unsigned long cr0 = 0L, cr2 = 0L, cr3 = 0L, cr4 = 0L, fs, gs, shadowgs; unsigned long d0, d1, d2, d3, d6, d7; @@ -87,9 +87,17 @@ void __show_regs(struct pt_regs *regs, int all) printk(KERN_DEFAULT "R13: %016lx R14: %016lx R15: %016lx\n", regs->r13, regs->r14, regs->r15); - if (!all) + if (mode == SHOW_REGS_SHORT) return; + if (mode == SHOW_REGS_USER) { + rdmsrl(MSR_FS_BASE, fs); + rdmsrl(MSR_KERNEL_GS_BASE, shadowgs); + printk(KERN_DEFAULT "FS: %016lx GS: %016lx\n", + fs, shadowgs); + return; + } + asm("movl %%ds,%0" : "=r" (ds)); asm("movl %%cs,%0" : "=r" (cs)); asm("movl %%es,%0" : "=r" (es));

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] x86/process: Don't mix user/kernel regs in 64bit" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 9fe6299dde587788f245e9f7a5a1b296fad4e8c7 Mon Sep 17 00:00:00 2001 From: Jann Horn <jannh(a)google.com> Date: Fri, 31 Aug 2018 21:41:51 +0200 Subject: [PATCH] x86/process: Don't mix user/kernel regs in 64bit __show_regs() When the kernel.print-fatal-signals sysctl has been enabled, a simple userspace crash will cause the kernel to write a crash dump that contains, among other things, the kernel gsbase into dmesg. As suggested by Andy, limit output to pt_regs, FS_BASE and KERNEL_GS_BASE in this case. This also moves the bitness-specific logic from show_regs() into process_{32,64}.c. Fixes: 45807a1df9f5 ("vdso: print fatal signals") Signed-off-by: Jann Horn <jannh(a)google.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: stable(a)vger.kernel.org Link: https://lkml.kernel.org/r/20180831194151.123586-1-jannh@google.com diff --git a/arch/x86/include/asm/kdebug.h b/arch/x86/include/asm/kdebug.h index 395c9631e000..75f1e35e7c15 100644 --- a/arch/x86/include/asm/kdebug.h +++ b/arch/x86/include/asm/kdebug.h @@ -22,10 +22,20 @@ enum die_val { DIE_NMIUNKNOWN, }; +enum show_regs_mode { + SHOW_REGS_SHORT, + /* + * For when userspace crashed, but we don't think it's our fault, and + * therefore don't print kernel registers. + */ + SHOW_REGS_USER, + SHOW_REGS_ALL +}; + extern void die(const char *, struct pt_regs *,long); extern int __must_check __die(const char *, struct pt_regs *, long); extern void show_stack_regs(struct pt_regs *regs); -extern void __show_regs(struct pt_regs *regs, int all); +extern void __show_regs(struct pt_regs *regs, enum show_regs_mode); extern void show_iret_regs(struct pt_regs *regs); extern unsigned long oops_begin(void); extern void oops_end(unsigned long, struct pt_regs *, int signr); diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c index f56895106ccf..2b5886401e5f 100644 --- a/arch/x86/kernel/dumpstack.c +++ b/arch/x86/kernel/dumpstack.c @@ -146,7 +146,7 @@ static void show_regs_if_on_stack(struct stack_info *info, struct pt_regs *regs, * they can be printed in the right context. */ if (!partial && on_stack(info, regs, sizeof(*regs))) { - __show_regs(regs, 0); + __show_regs(regs, SHOW_REGS_SHORT); } else if (partial && on_stack(info, (void *)regs + IRET_FRAME_OFFSET, IRET_FRAME_SIZE)) { @@ -344,7 +344,7 @@ void oops_end(unsigned long flags, struct pt_regs *regs, int signr) oops_exit(); /* Executive summary in case the oops scrolled away */ - __show_regs(&exec_summary_regs, true); + __show_regs(&exec_summary_regs, SHOW_REGS_ALL); if (!signr) return; @@ -407,14 +407,9 @@ void die(const char *str, struct pt_regs *regs, long err) void show_regs(struct pt_regs *regs) { - bool all = true; - show_regs_print_info(KERN_DEFAULT); - if (IS_ENABLED(CONFIG_X86_32)) - all = !user_mode(regs); - - __show_regs(regs, all); + __show_regs(regs, user_mode(regs) ? SHOW_REGS_USER : SHOW_REGS_ALL); /* * When in-kernel, we also print out the stack at the time of the fault.. diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c index 2924fd447e61..5046a3c9dec2 100644 --- a/arch/x86/kernel/process_32.c +++ b/arch/x86/kernel/process_32.c @@ -59,7 +59,7 @@ #include <asm/intel_rdt_sched.h> #include <asm/proto.h> -void __show_regs(struct pt_regs *regs, int all) +void __show_regs(struct pt_regs *regs, enum show_regs_mode mode) { unsigned long cr0 = 0L, cr2 = 0L, cr3 = 0L, cr4 = 0L; unsigned long d0, d1, d2, d3, d6, d7; @@ -85,7 +85,7 @@ void __show_regs(struct pt_regs *regs, int all) printk(KERN_DEFAULT "DS: %04x ES: %04x FS: %04x GS: %04x SS: %04x EFLAGS: %08lx\n", (u16)regs->ds, (u16)regs->es, (u16)regs->fs, gs, ss, regs->flags); - if (!all) + if (mode != SHOW_REGS_ALL) return; cr0 = read_cr0(); diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index a451bc374b9b..ea5ea850348d 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -62,7 +62,7 @@ __visible DEFINE_PER_CPU(unsigned long, rsp_scratch); /* Prints also some state that isn't saved in the pt_regs */ -void __show_regs(struct pt_regs *regs, int all) +void __show_regs(struct pt_regs *regs, enum show_regs_mode mode) { unsigned long cr0 = 0L, cr2 = 0L, cr3 = 0L, cr4 = 0L, fs, gs, shadowgs; unsigned long d0, d1, d2, d3, d6, d7; @@ -87,9 +87,17 @@ void __show_regs(struct pt_regs *regs, int all) printk(KERN_DEFAULT "R13: %016lx R14: %016lx R15: %016lx\n", regs->r13, regs->r14, regs->r15); - if (!all) + if (mode == SHOW_REGS_SHORT) return; + if (mode == SHOW_REGS_USER) { + rdmsrl(MSR_FS_BASE, fs); + rdmsrl(MSR_KERNEL_GS_BASE, shadowgs); + printk(KERN_DEFAULT "FS: %016lx GS: %016lx\n", + fs, shadowgs); + return; + } + asm("movl %%ds,%0" : "=r" (ds)); asm("movl %%cs,%0" : "=r" (cs)); asm("movl %%es,%0" : "=r" (es));

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] x86/process: Don't mix user/kernel regs in 64bit" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 9fe6299dde587788f245e9f7a5a1b296fad4e8c7 Mon Sep 17 00:00:00 2001 From: Jann Horn <jannh(a)google.com> Date: Fri, 31 Aug 2018 21:41:51 +0200 Subject: [PATCH] x86/process: Don't mix user/kernel regs in 64bit __show_regs() When the kernel.print-fatal-signals sysctl has been enabled, a simple userspace crash will cause the kernel to write a crash dump that contains, among other things, the kernel gsbase into dmesg. As suggested by Andy, limit output to pt_regs, FS_BASE and KERNEL_GS_BASE in this case. This also moves the bitness-specific logic from show_regs() into process_{32,64}.c. Fixes: 45807a1df9f5 ("vdso: print fatal signals") Signed-off-by: Jann Horn <jannh(a)google.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Andy Lutomirski <luto(a)kernel.org> Cc: Borislav Petkov <bpetkov(a)suse.de> Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: stable(a)vger.kernel.org Link: https://lkml.kernel.org/r/20180831194151.123586-1-jannh@google.com diff --git a/arch/x86/include/asm/kdebug.h b/arch/x86/include/asm/kdebug.h index 395c9631e000..75f1e35e7c15 100644 --- a/arch/x86/include/asm/kdebug.h +++ b/arch/x86/include/asm/kdebug.h @@ -22,10 +22,20 @@ enum die_val { DIE_NMIUNKNOWN, }; +enum show_regs_mode { + SHOW_REGS_SHORT, + /* + * For when userspace crashed, but we don't think it's our fault, and + * therefore don't print kernel registers. + */ + SHOW_REGS_USER, + SHOW_REGS_ALL +}; + extern void die(const char *, struct pt_regs *,long); extern int __must_check __die(const char *, struct pt_regs *, long); extern void show_stack_regs(struct pt_regs *regs); -extern void __show_regs(struct pt_regs *regs, int all); +extern void __show_regs(struct pt_regs *regs, enum show_regs_mode); extern void show_iret_regs(struct pt_regs *regs); extern unsigned long oops_begin(void); extern void oops_end(unsigned long, struct pt_regs *, int signr); diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c index f56895106ccf..2b5886401e5f 100644 --- a/arch/x86/kernel/dumpstack.c +++ b/arch/x86/kernel/dumpstack.c @@ -146,7 +146,7 @@ static void show_regs_if_on_stack(struct stack_info *info, struct pt_regs *regs, * they can be printed in the right context. */ if (!partial && on_stack(info, regs, sizeof(*regs))) { - __show_regs(regs, 0); + __show_regs(regs, SHOW_REGS_SHORT); } else if (partial && on_stack(info, (void *)regs + IRET_FRAME_OFFSET, IRET_FRAME_SIZE)) { @@ -344,7 +344,7 @@ void oops_end(unsigned long flags, struct pt_regs *regs, int signr) oops_exit(); /* Executive summary in case the oops scrolled away */ - __show_regs(&exec_summary_regs, true); + __show_regs(&exec_summary_regs, SHOW_REGS_ALL); if (!signr) return; @@ -407,14 +407,9 @@ void die(const char *str, struct pt_regs *regs, long err) void show_regs(struct pt_regs *regs) { - bool all = true; - show_regs_print_info(KERN_DEFAULT); - if (IS_ENABLED(CONFIG_X86_32)) - all = !user_mode(regs); - - __show_regs(regs, all); + __show_regs(regs, user_mode(regs) ? SHOW_REGS_USER : SHOW_REGS_ALL); /* * When in-kernel, we also print out the stack at the time of the fault.. diff --git a/arch/x86/kernel/process_32.c b/arch/x86/kernel/process_32.c index 2924fd447e61..5046a3c9dec2 100644 --- a/arch/x86/kernel/process_32.c +++ b/arch/x86/kernel/process_32.c @@ -59,7 +59,7 @@ #include <asm/intel_rdt_sched.h> #include <asm/proto.h> -void __show_regs(struct pt_regs *regs, int all) +void __show_regs(struct pt_regs *regs, enum show_regs_mode mode) { unsigned long cr0 = 0L, cr2 = 0L, cr3 = 0L, cr4 = 0L; unsigned long d0, d1, d2, d3, d6, d7; @@ -85,7 +85,7 @@ void __show_regs(struct pt_regs *regs, int all) printk(KERN_DEFAULT "DS: %04x ES: %04x FS: %04x GS: %04x SS: %04x EFLAGS: %08lx\n", (u16)regs->ds, (u16)regs->es, (u16)regs->fs, gs, ss, regs->flags); - if (!all) + if (mode != SHOW_REGS_ALL) return; cr0 = read_cr0(); diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index a451bc374b9b..ea5ea850348d 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -62,7 +62,7 @@ __visible DEFINE_PER_CPU(unsigned long, rsp_scratch); /* Prints also some state that isn't saved in the pt_regs */ -void __show_regs(struct pt_regs *regs, int all) +void __show_regs(struct pt_regs *regs, enum show_regs_mode mode) { unsigned long cr0 = 0L, cr2 = 0L, cr3 = 0L, cr4 = 0L, fs, gs, shadowgs; unsigned long d0, d1, d2, d3, d6, d7; @@ -87,9 +87,17 @@ void __show_regs(struct pt_regs *regs, int all) printk(KERN_DEFAULT "R13: %016lx R14: %016lx R15: %016lx\n", regs->r13, regs->r14, regs->r15); - if (!all) + if (mode == SHOW_REGS_SHORT) return; + if (mode == SHOW_REGS_USER) { + rdmsrl(MSR_FS_BASE, fs); + rdmsrl(MSR_KERNEL_GS_BASE, shadowgs); + printk(KERN_DEFAULT "FS: %016lx GS: %016lx\n", + fs, shadowgs); + return; + } + asm("movl %%ds,%0" : "=r" (ds)); asm("movl %%cs,%0" : "=r" (cs)); asm("movl %%es,%0" : "=r" (es));

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] ARC: [plat-axs*]: Enable SWAP" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From c83532fb0fe053d2e43e9387354cb1b52ba26427 Mon Sep 17 00:00:00 2001 From: Alexey Brodkin <abrodkin(a)synopsys.com> Date: Thu, 2 Aug 2018 11:50:16 +0300 Subject: [PATCH] ARC: [plat-axs*]: Enable SWAP SWAP support on ARC was fixed earlier by commit 6e3761145a9b ("ARC: Fix CONFIG_SWAP") so now we may safely enable it on platforms that have external media like USB and SD-card. Note: it was already allowed for HSDK Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com> Cc: stable(a)vger.kernel.org # 6e3761145a9b: ARC: Fix CONFIG_SWAP Signed-off-by: Vineet Gupta <vgupta(a)synopsys.com> diff --git a/arch/arc/configs/axs101_defconfig b/arch/arc/configs/axs101_defconfig index 41a97eb7598d..41bc08be6a3b 100644 --- a/arch/arc/configs/axs101_defconfig +++ b/arch/arc/configs/axs101_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set diff --git a/arch/arc/configs/axs103_defconfig b/arch/arc/configs/axs103_defconfig index d8e2ca2385cc..1e1c4a8011b5 100644 --- a/arch/arc/configs/axs103_defconfig +++ b/arch/arc/configs/axs103_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set diff --git a/arch/arc/configs/axs103_smp_defconfig b/arch/arc/configs/axs103_smp_defconfig index 1e729b9726cd..6b0c0cfd5c30 100644 --- a/arch/arc/configs/axs103_smp_defconfig +++ b/arch/arc/configs/axs103_smp_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] ARC: [plat-axs*]: Enable SWAP" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From c83532fb0fe053d2e43e9387354cb1b52ba26427 Mon Sep 17 00:00:00 2001 From: Alexey Brodkin <abrodkin(a)synopsys.com> Date: Thu, 2 Aug 2018 11:50:16 +0300 Subject: [PATCH] ARC: [plat-axs*]: Enable SWAP SWAP support on ARC was fixed earlier by commit 6e3761145a9b ("ARC: Fix CONFIG_SWAP") so now we may safely enable it on platforms that have external media like USB and SD-card. Note: it was already allowed for HSDK Signed-off-by: Alexey Brodkin <abrodkin(a)synopsys.com> Cc: stable(a)vger.kernel.org # 6e3761145a9b: ARC: Fix CONFIG_SWAP Signed-off-by: Vineet Gupta <vgupta(a)synopsys.com> diff --git a/arch/arc/configs/axs101_defconfig b/arch/arc/configs/axs101_defconfig index 41a97eb7598d..41bc08be6a3b 100644 --- a/arch/arc/configs/axs101_defconfig +++ b/arch/arc/configs/axs101_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set diff --git a/arch/arc/configs/axs103_defconfig b/arch/arc/configs/axs103_defconfig index d8e2ca2385cc..1e1c4a8011b5 100644 --- a/arch/arc/configs/axs103_defconfig +++ b/arch/arc/configs/axs103_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set diff --git a/arch/arc/configs/axs103_smp_defconfig b/arch/arc/configs/axs103_smp_defconfig index 1e729b9726cd..6b0c0cfd5c30 100644 --- a/arch/arc/configs/axs103_smp_defconfig +++ b/arch/arc/configs/axs103_smp_defconfig @@ -1,4 +1,3 @@ -# CONFIG_SWAP is not set CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y # CONFIG_CROSS_MEMORY_ATTACH is not set

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] KVM: x86: Do not re-{try, execute} after failed emulation in" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 6c3dfeb6a48b1562bd5b8ec5f3317ef34d0134ef Mon Sep 17 00:00:00 2001 From: Sean Christopherson <sean.j.christopherson(a)intel.com> Date: Thu, 23 Aug 2018 13:56:51 -0700 Subject: [PATCH] KVM: x86: Do not re-{try,execute} after failed emulation in L2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Commit a6f177efaa58 ("KVM: Reenter guest after emulation failure if due to access to non-mmio address") added reexecute_instruction() to handle the scenario where two (or more) vCPUS race to write a shadowed page, i.e. reexecute_instruction() is intended to return true if and only if the instruction being emulated was accessing a shadowed page. As L0 is only explicitly shadowing L1 tables, an emulation failure of a nested VM instruction cannot be due to a race to write a shadowed page and so should never be re-executed. This fixes an issue where an "MMIO" emulation failure[1] in L2 is all but guaranteed to result in an infinite loop when TDP is enabled. Because "cr2" is actually an L2 GPA when TDP is enabled, calling kvm_mmu_gva_to_gpa_write() to translate cr2 in the non-direct mapped case (L2 is never direct mapped) will almost always yield UNMAPPED_GVA and cause reexecute_instruction() to immediately return true. The !mmio_info_in_cache() check in kvm_mmu_page_fault() doesn't catch this case because mmio_info_in_cache() returns false for a nested MMU (the MMIO caching currently handles L1 only, e.g. to cache nested guests' GPAs we'd have to manually flush the cache when switching between VMs and when L1 updated its page tables controlling the nested guest). Way back when, commit 68be0803456b ("KVM: x86: never re-execute instruction with enabled tdp") changed reexecute_instruction() to always return false when using TDP under the assumption that KVM would only get into the emulator for MMIO. Commit 95b3cf69bdf8 ("KVM: x86: let reexecute_instruction work for tdp") effectively reverted that behavior in order to handle the scenario where emulation failed due to an access from L1 to the shadow page tables for L2, but it didn't account for the case where emulation failed in L2 with TDP enabled. All of the above logic also applies to retry_instruction(), added by commit 1cb3f3ae5a38 ("KVM: x86: retry non-page-table writing instructions"). An indefinite loop in retry_instruction() should be impossible as it protects against retrying the same instruction over and over, but it's still correct to not retry an L2 instruction in the first place. Fix the immediate issue by adding a check for a nested guest when determining whether or not to allow retry in kvm_mmu_page_fault(). In addition to fixing the immediate bug, add WARN_ON_ONCE in the retry functions since they are not designed to handle nested cases, i.e. they need to be modified even if there is some scenario in the future where we want to allow retrying a nested guest. [1] This issue was encountered after commit 3a2936dedd20 ("kvm: mmu: Don't expose private memslots to L2") changed the page fault path to return KVM_PFN_NOSLOT when translating an L2 access to a prive memslot. Returning KVM_PFN_NOSLOT is semantically correct when we want to hide a memslot from L2, i.e. there effectively is no defined memory region for L2, but it has the unfortunate side effect of making KVM think the GFN is a MMIO page, thus triggering emulation. The failure occurred with in-development code that deliberately exposed a private memslot to L2, which L2 accessed with an instruction that is not emulated by KVM. Fixes: 95b3cf69bdf8 ("KVM: x86: let reexecute_instruction work for tdp") Fixes: 1cb3f3ae5a38 ("KVM: x86: retry non-page-table writing instructions") Signed-off-by: Sean Christopherson <sean.j.christopherson(a)intel.com> Cc: Jim Mattson <jmattson(a)google.com> Cc: Krish Sadhukhan <krish.sadhukhan(a)oracle.com> Cc: Xiao Guangrong <xiaoguangrong(a)tencent.com> Cc: stable(a)vger.kernel.org Signed-off-by: Radim Krčmář <rkrcmar(a)redhat.com> diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index 01fb8701ccd0..f7e83b1e0eb2 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c @@ -5264,9 +5264,12 @@ int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t cr2, u64 error_code, * re-execute the instruction that caused the page fault. Do not allow * retrying MMIO emulation, as it's not only pointless but could also * cause us to enter an infinite loop because the processor will keep - * faulting on the non-existent MMIO address. + * faulting on the non-existent MMIO address. Retrying an instruction + * from a nested guest is also pointless and dangerous as we are only + * explicitly shadowing L1's page tables, i.e. unprotecting something + * for L1 isn't going to magically fix whatever issue cause L2 to fail. */ - if (!mmio_info_in_cache(vcpu, cr2, direct)) + if (!mmio_info_in_cache(vcpu, cr2, direct) && !is_guest_mode(vcpu)) emulation_type = EMULTYPE_ALLOW_RETRY; emulate: /* diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 924ce28723c4..cbe2921e972b 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -5873,6 +5873,9 @@ static bool reexecute_instruction(struct kvm_vcpu *vcpu, gva_t cr2, if (!(emulation_type & EMULTYPE_ALLOW_RETRY)) return false; + if (WARN_ON_ONCE(is_guest_mode(vcpu))) + return false; + if (!vcpu->arch.mmu.direct_map) { /* * Write permission should be allowed since only @@ -5961,6 +5964,9 @@ static bool retry_instruction(struct x86_emulate_ctxt *ctxt, if (!(emulation_type & EMULTYPE_ALLOW_RETRY)) return false; + if (WARN_ON_ONCE(is_guest_mode(vcpu))) + return false; + if (x86_page_table_writing_insn(ctxt)) return false;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] KVM: x86: Do not re-{try, execute} after failed emulation in" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 6c3dfeb6a48b1562bd5b8ec5f3317ef34d0134ef Mon Sep 17 00:00:00 2001 From: Sean Christopherson <sean.j.christopherson(a)intel.com> Date: Thu, 23 Aug 2018 13:56:51 -0700 Subject: [PATCH] KVM: x86: Do not re-{try,execute} after failed emulation in L2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Commit a6f177efaa58 ("KVM: Reenter guest after emulation failure if due to access to non-mmio address") added reexecute_instruction() to handle the scenario where two (or more) vCPUS race to write a shadowed page, i.e. reexecute_instruction() is intended to return true if and only if the instruction being emulated was accessing a shadowed page. As L0 is only explicitly shadowing L1 tables, an emulation failure of a nested VM instruction cannot be due to a race to write a shadowed page and so should never be re-executed. This fixes an issue where an "MMIO" emulation failure[1] in L2 is all but guaranteed to result in an infinite loop when TDP is enabled. Because "cr2" is actually an L2 GPA when TDP is enabled, calling kvm_mmu_gva_to_gpa_write() to translate cr2 in the non-direct mapped case (L2 is never direct mapped) will almost always yield UNMAPPED_GVA and cause reexecute_instruction() to immediately return true. The !mmio_info_in_cache() check in kvm_mmu_page_fault() doesn't catch this case because mmio_info_in_cache() returns false for a nested MMU (the MMIO caching currently handles L1 only, e.g. to cache nested guests' GPAs we'd have to manually flush the cache when switching between VMs and when L1 updated its page tables controlling the nested guest). Way back when, commit 68be0803456b ("KVM: x86: never re-execute instruction with enabled tdp") changed reexecute_instruction() to always return false when using TDP under the assumption that KVM would only get into the emulator for MMIO. Commit 95b3cf69bdf8 ("KVM: x86: let reexecute_instruction work for tdp") effectively reverted that behavior in order to handle the scenario where emulation failed due to an access from L1 to the shadow page tables for L2, but it didn't account for the case where emulation failed in L2 with TDP enabled. All of the above logic also applies to retry_instruction(), added by commit 1cb3f3ae5a38 ("KVM: x86: retry non-page-table writing instructions"). An indefinite loop in retry_instruction() should be impossible as it protects against retrying the same instruction over and over, but it's still correct to not retry an L2 instruction in the first place. Fix the immediate issue by adding a check for a nested guest when determining whether or not to allow retry in kvm_mmu_page_fault(). In addition to fixing the immediate bug, add WARN_ON_ONCE in the retry functions since they are not designed to handle nested cases, i.e. they need to be modified even if there is some scenario in the future where we want to allow retrying a nested guest. [1] This issue was encountered after commit 3a2936dedd20 ("kvm: mmu: Don't expose private memslots to L2") changed the page fault path to return KVM_PFN_NOSLOT when translating an L2 access to a prive memslot. Returning KVM_PFN_NOSLOT is semantically correct when we want to hide a memslot from L2, i.e. there effectively is no defined memory region for L2, but it has the unfortunate side effect of making KVM think the GFN is a MMIO page, thus triggering emulation. The failure occurred with in-development code that deliberately exposed a private memslot to L2, which L2 accessed with an instruction that is not emulated by KVM. Fixes: 95b3cf69bdf8 ("KVM: x86: let reexecute_instruction work for tdp") Fixes: 1cb3f3ae5a38 ("KVM: x86: retry non-page-table writing instructions") Signed-off-by: Sean Christopherson <sean.j.christopherson(a)intel.com> Cc: Jim Mattson <jmattson(a)google.com> Cc: Krish Sadhukhan <krish.sadhukhan(a)oracle.com> Cc: Xiao Guangrong <xiaoguangrong(a)tencent.com> Cc: stable(a)vger.kernel.org Signed-off-by: Radim Krčmář <rkrcmar(a)redhat.com> diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index 01fb8701ccd0..f7e83b1e0eb2 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c @@ -5264,9 +5264,12 @@ int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t cr2, u64 error_code, * re-execute the instruction that caused the page fault. Do not allow * retrying MMIO emulation, as it's not only pointless but could also * cause us to enter an infinite loop because the processor will keep - * faulting on the non-existent MMIO address. + * faulting on the non-existent MMIO address. Retrying an instruction + * from a nested guest is also pointless and dangerous as we are only + * explicitly shadowing L1's page tables, i.e. unprotecting something + * for L1 isn't going to magically fix whatever issue cause L2 to fail. */ - if (!mmio_info_in_cache(vcpu, cr2, direct)) + if (!mmio_info_in_cache(vcpu, cr2, direct) && !is_guest_mode(vcpu)) emulation_type = EMULTYPE_ALLOW_RETRY; emulate: /* diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 924ce28723c4..cbe2921e972b 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -5873,6 +5873,9 @@ static bool reexecute_instruction(struct kvm_vcpu *vcpu, gva_t cr2, if (!(emulation_type & EMULTYPE_ALLOW_RETRY)) return false; + if (WARN_ON_ONCE(is_guest_mode(vcpu))) + return false; + if (!vcpu->arch.mmu.direct_map) { /* * Write permission should be allowed since only @@ -5961,6 +5964,9 @@ static bool retry_instruction(struct x86_emulate_ctxt *ctxt, if (!(emulation_type & EMULTYPE_ALLOW_RETRY)) return false; + if (WARN_ON_ONCE(is_guest_mode(vcpu))) + return false; + if (x86_page_table_writing_insn(ctxt)) return false;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] KVM: x86: Do not re-{try, execute} after failed emulation in" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 6c3dfeb6a48b1562bd5b8ec5f3317ef34d0134ef Mon Sep 17 00:00:00 2001 From: Sean Christopherson <sean.j.christopherson(a)intel.com> Date: Thu, 23 Aug 2018 13:56:51 -0700 Subject: [PATCH] KVM: x86: Do not re-{try,execute} after failed emulation in L2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Commit a6f177efaa58 ("KVM: Reenter guest after emulation failure if due to access to non-mmio address") added reexecute_instruction() to handle the scenario where two (or more) vCPUS race to write a shadowed page, i.e. reexecute_instruction() is intended to return true if and only if the instruction being emulated was accessing a shadowed page. As L0 is only explicitly shadowing L1 tables, an emulation failure of a nested VM instruction cannot be due to a race to write a shadowed page and so should never be re-executed. This fixes an issue where an "MMIO" emulation failure[1] in L2 is all but guaranteed to result in an infinite loop when TDP is enabled. Because "cr2" is actually an L2 GPA when TDP is enabled, calling kvm_mmu_gva_to_gpa_write() to translate cr2 in the non-direct mapped case (L2 is never direct mapped) will almost always yield UNMAPPED_GVA and cause reexecute_instruction() to immediately return true. The !mmio_info_in_cache() check in kvm_mmu_page_fault() doesn't catch this case because mmio_info_in_cache() returns false for a nested MMU (the MMIO caching currently handles L1 only, e.g. to cache nested guests' GPAs we'd have to manually flush the cache when switching between VMs and when L1 updated its page tables controlling the nested guest). Way back when, commit 68be0803456b ("KVM: x86: never re-execute instruction with enabled tdp") changed reexecute_instruction() to always return false when using TDP under the assumption that KVM would only get into the emulator for MMIO. Commit 95b3cf69bdf8 ("KVM: x86: let reexecute_instruction work for tdp") effectively reverted that behavior in order to handle the scenario where emulation failed due to an access from L1 to the shadow page tables for L2, but it didn't account for the case where emulation failed in L2 with TDP enabled. All of the above logic also applies to retry_instruction(), added by commit 1cb3f3ae5a38 ("KVM: x86: retry non-page-table writing instructions"). An indefinite loop in retry_instruction() should be impossible as it protects against retrying the same instruction over and over, but it's still correct to not retry an L2 instruction in the first place. Fix the immediate issue by adding a check for a nested guest when determining whether or not to allow retry in kvm_mmu_page_fault(). In addition to fixing the immediate bug, add WARN_ON_ONCE in the retry functions since they are not designed to handle nested cases, i.e. they need to be modified even if there is some scenario in the future where we want to allow retrying a nested guest. [1] This issue was encountered after commit 3a2936dedd20 ("kvm: mmu: Don't expose private memslots to L2") changed the page fault path to return KVM_PFN_NOSLOT when translating an L2 access to a prive memslot. Returning KVM_PFN_NOSLOT is semantically correct when we want to hide a memslot from L2, i.e. there effectively is no defined memory region for L2, but it has the unfortunate side effect of making KVM think the GFN is a MMIO page, thus triggering emulation. The failure occurred with in-development code that deliberately exposed a private memslot to L2, which L2 accessed with an instruction that is not emulated by KVM. Fixes: 95b3cf69bdf8 ("KVM: x86: let reexecute_instruction work for tdp") Fixes: 1cb3f3ae5a38 ("KVM: x86: retry non-page-table writing instructions") Signed-off-by: Sean Christopherson <sean.j.christopherson(a)intel.com> Cc: Jim Mattson <jmattson(a)google.com> Cc: Krish Sadhukhan <krish.sadhukhan(a)oracle.com> Cc: Xiao Guangrong <xiaoguangrong(a)tencent.com> Cc: stable(a)vger.kernel.org Signed-off-by: Radim Krčmář <rkrcmar(a)redhat.com> diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c index 01fb8701ccd0..f7e83b1e0eb2 100644 --- a/arch/x86/kvm/mmu.c +++ b/arch/x86/kvm/mmu.c @@ -5264,9 +5264,12 @@ int kvm_mmu_page_fault(struct kvm_vcpu *vcpu, gva_t cr2, u64 error_code, * re-execute the instruction that caused the page fault. Do not allow * retrying MMIO emulation, as it's not only pointless but could also * cause us to enter an infinite loop because the processor will keep - * faulting on the non-existent MMIO address. + * faulting on the non-existent MMIO address. Retrying an instruction + * from a nested guest is also pointless and dangerous as we are only + * explicitly shadowing L1's page tables, i.e. unprotecting something + * for L1 isn't going to magically fix whatever issue cause L2 to fail. */ - if (!mmio_info_in_cache(vcpu, cr2, direct)) + if (!mmio_info_in_cache(vcpu, cr2, direct) && !is_guest_mode(vcpu)) emulation_type = EMULTYPE_ALLOW_RETRY; emulate: /* diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 924ce28723c4..cbe2921e972b 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -5873,6 +5873,9 @@ static bool reexecute_instruction(struct kvm_vcpu *vcpu, gva_t cr2, if (!(emulation_type & EMULTYPE_ALLOW_RETRY)) return false; + if (WARN_ON_ONCE(is_guest_mode(vcpu))) + return false; + if (!vcpu->arch.mmu.direct_map) { /* * Write permission should be allowed since only @@ -5961,6 +5964,9 @@ static bool retry_instruction(struct x86_emulate_ctxt *ctxt, if (!(emulation_type & EMULTYPE_ALLOW_RETRY)) return false; + if (WARN_ON_ONCE(is_guest_mode(vcpu))) + return false; + if (x86_page_table_writing_insn(ctxt)) return false;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] Btrfs: fix data corruption when deduplicating between" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From de02b9f6bb65a6a1848f346f7a3617b7a9b930c0 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Fri, 17 Aug 2018 09:38:59 +0100 Subject: [PATCH] Btrfs: fix data corruption when deduplicating between different files If we deduplicate extents between two different files we can end up corrupting data if the source range ends at the size of the source file, the source file's size is not aligned to the filesystem's block size and the destination range does not go past the size of the destination file size. Example: $ mkfs.btrfs -f /dev/sdb $ mount /dev/sdb /mnt $ xfs_io -f -c "pwrite -S 0x6b 0 2518890" /mnt/foo # The first byte with a value of 0xae starts at an offset (2518890) # which is not a multiple of the sector size. $ xfs_io -c "pwrite -S 0xae 2518890 102398" /mnt/foo # Confirm the file content is full of bytes with values 0x6b and 0xae. $ od -t x1 /mnt/foo 0000000 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b * 11467540 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b ae ae ae ae ae ae 11467560 ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae * 11777540 ae ae ae ae ae ae ae ae 11777550 # Create a second file with a length not aligned to the sector size, # whose bytes all have the value 0x6b, so that its extent(s) can be # deduplicated with the first file. $ xfs_io -f -c "pwrite -S 0x6b 0 557771" /mnt/bar # Now deduplicate the entire second file into a range of the first file # that also has all bytes with the value 0x6b. The destination range's # end offset must not be aligned to the sector size and must be less # then the offset of the first byte with the value 0xae (byte at offset # 2518890). $ xfs_io -c "dedupe /mnt/bar 0 1957888 557771" /mnt/foo # The bytes in the range starting at offset 2515659 (end of the # deduplication range) and ending at offset 2519040 (start offset # rounded up to the block size) must all have the value 0xae (and not # replaced with 0x00 values). In other words, we should have exactly # the same data we had before we asked for deduplication. $ od -t x1 /mnt/foo 0000000 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b * 11467540 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b ae ae ae ae ae ae 11467560 ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae * 11777540 ae ae ae ae ae ae ae ae 11777550 # Unmount the filesystem and mount it again. This guarantees any file # data in the page cache is dropped. $ umount /dev/sdb $ mount /dev/sdb /mnt $ od -t x1 /mnt/foo 0000000 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b * 11461300 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 00 11461320 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 * 11470000 ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae * 11777540 ae ae ae ae ae ae ae ae 11777550 # The bytes in range 2515659 to 2519040 have a value of 0x00 and not a # value of 0xae, data corruption happened due to the deduplication # operation. So fix this by rounding down, to the sector size, the length used for the deduplication when the following conditions are met: 1) Source file's range ends at its i_size; 2) Source file's i_size is not aligned to the sector size; 3) Destination range does not cross the i_size of the destination file. Fixes: e1d227a42ea2 ("btrfs: Handle unaligned length in extent_same") CC: stable(a)vger.kernel.org # 4.2+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c index 85c4284bb2cf..011ddfcc96e2 100644 --- a/fs/btrfs/ioctl.c +++ b/fs/btrfs/ioctl.c @@ -3469,6 +3469,25 @@ static int btrfs_extent_same_range(struct inode *src, u64 loff, u64 olen, same_lock_start = min_t(u64, loff, dst_loff); same_lock_len = max_t(u64, loff, dst_loff) + len - same_lock_start; + } else { + /* + * If the source and destination inodes are different, the + * source's range end offset matches the source's i_size, that + * i_size is not a multiple of the sector size, and the + * destination range does not go past the destination's i_size, + * we must round down the length to the nearest sector size + * multiple. If we don't do this adjustment we end replacing + * with zeroes the bytes in the range that starts at the + * deduplication range's end offset and ends at the next sector + * size multiple. + */ + if (loff + olen == i_size_read(src) && + dst_loff + len < i_size_read(dst)) { + const u64 sz = BTRFS_I(src)->root->fs_info->sectorsize; + + len = round_down(i_size_read(src), sz) - loff; + olen = len; + } } again:

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] Btrfs: fix data corruption when deduplicating between" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From de02b9f6bb65a6a1848f346f7a3617b7a9b930c0 Mon Sep 17 00:00:00 2001 From: Filipe Manana <fdmanana(a)suse.com> Date: Fri, 17 Aug 2018 09:38:59 +0100 Subject: [PATCH] Btrfs: fix data corruption when deduplicating between different files If we deduplicate extents between two different files we can end up corrupting data if the source range ends at the size of the source file, the source file's size is not aligned to the filesystem's block size and the destination range does not go past the size of the destination file size. Example: $ mkfs.btrfs -f /dev/sdb $ mount /dev/sdb /mnt $ xfs_io -f -c "pwrite -S 0x6b 0 2518890" /mnt/foo # The first byte with a value of 0xae starts at an offset (2518890) # which is not a multiple of the sector size. $ xfs_io -c "pwrite -S 0xae 2518890 102398" /mnt/foo # Confirm the file content is full of bytes with values 0x6b and 0xae. $ od -t x1 /mnt/foo 0000000 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b * 11467540 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b ae ae ae ae ae ae 11467560 ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae * 11777540 ae ae ae ae ae ae ae ae 11777550 # Create a second file with a length not aligned to the sector size, # whose bytes all have the value 0x6b, so that its extent(s) can be # deduplicated with the first file. $ xfs_io -f -c "pwrite -S 0x6b 0 557771" /mnt/bar # Now deduplicate the entire second file into a range of the first file # that also has all bytes with the value 0x6b. The destination range's # end offset must not be aligned to the sector size and must be less # then the offset of the first byte with the value 0xae (byte at offset # 2518890). $ xfs_io -c "dedupe /mnt/bar 0 1957888 557771" /mnt/foo # The bytes in the range starting at offset 2515659 (end of the # deduplication range) and ending at offset 2519040 (start offset # rounded up to the block size) must all have the value 0xae (and not # replaced with 0x00 values). In other words, we should have exactly # the same data we had before we asked for deduplication. $ od -t x1 /mnt/foo 0000000 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b * 11467540 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b ae ae ae ae ae ae 11467560 ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae * 11777540 ae ae ae ae ae ae ae ae 11777550 # Unmount the filesystem and mount it again. This guarantees any file # data in the page cache is dropped. $ umount /dev/sdb $ mount /dev/sdb /mnt $ od -t x1 /mnt/foo 0000000 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b * 11461300 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 00 11461320 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 * 11470000 ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae ae * 11777540 ae ae ae ae ae ae ae ae 11777550 # The bytes in range 2515659 to 2519040 have a value of 0x00 and not a # value of 0xae, data corruption happened due to the deduplication # operation. So fix this by rounding down, to the sector size, the length used for the deduplication when the following conditions are met: 1) Source file's range ends at its i_size; 2) Source file's i_size is not aligned to the sector size; 3) Destination range does not cross the i_size of the destination file. Fixes: e1d227a42ea2 ("btrfs: Handle unaligned length in extent_same") CC: stable(a)vger.kernel.org # 4.2+ Signed-off-by: Filipe Manana <fdmanana(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c index 85c4284bb2cf..011ddfcc96e2 100644 --- a/fs/btrfs/ioctl.c +++ b/fs/btrfs/ioctl.c @@ -3469,6 +3469,25 @@ static int btrfs_extent_same_range(struct inode *src, u64 loff, u64 olen, same_lock_start = min_t(u64, loff, dst_loff); same_lock_len = max_t(u64, loff, dst_loff) + len - same_lock_start; + } else { + /* + * If the source and destination inodes are different, the + * source's range end offset matches the source's i_size, that + * i_size is not a multiple of the sector size, and the + * destination range does not go past the destination's i_size, + * we must round down the length to the nearest sector size + * multiple. If we don't do this adjustment we end replacing + * with zeroes the bytes in the range that starts at the + * deduplication range's end offset and ends at the next sector + * size multiple. + */ + if (loff + olen == i_size_read(src) && + dst_loff + len < i_size_read(dst)) { + const u64 sz = BTRFS_I(src)->root->fs_info->sectorsize; + + len = round_down(i_size_read(src), sz) - loff; + olen = len; + } } again:

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] MIPS: VDSO: Match data page cache colouring when D$ aliases" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 0f02cfbc3d9e413d450d8d0fd660077c23f67eff Mon Sep 17 00:00:00 2001 From: Paul Burton <paul.burton(a)mips.com> Date: Thu, 30 Aug 2018 11:01:21 -0700 Subject: [PATCH] MIPS: VDSO: Match data page cache colouring when D$ aliases When a system suffers from dcache aliasing a user program may observe stale VDSO data from an aliased cache line. Notably this can break the expectation that clock_gettime(CLOCK_MONOTONIC, ...) is, as its name suggests, monotonic. In order to ensure that users observe updates to the VDSO data page as intended, align the user mappings of the VDSO data page such that their cache colouring matches that of the virtual address range which the kernel will use to update the data page - typically its unmapped address within kseg0. This ensures that we don't introduce aliasing cache lines for the VDSO data page, and therefore that userland will observe updates without requiring cache invalidation. Signed-off-by: Paul Burton <paul.burton(a)mips.com> Reported-by: Hauke Mehrtens <hauke(a)hauke-m.de> Reported-by: Rene Nielsen <rene.nielsen(a)microsemi.com> Reported-by: Alexandre Belloni <alexandre.belloni(a)bootlin.com> Fixes: ebb5e78cc634 ("MIPS: Initial implementation of a VDSO") Patchwork: https://patchwork.linux-mips.org/patch/20344/ Tested-by: Alexandre Belloni <alexandre.belloni(a)bootlin.com> Tested-by: Hauke Mehrtens <hauke(a)hauke-m.de> Cc: James Hogan <jhogan(a)kernel.org> Cc: linux-mips(a)linux-mips.org Cc: stable(a)vger.kernel.org # v4.4+ diff --git a/arch/mips/kernel/vdso.c b/arch/mips/kernel/vdso.c index 019035d7225c..8f845f6e5f42 100644 --- a/arch/mips/kernel/vdso.c +++ b/arch/mips/kernel/vdso.c @@ -13,6 +13,7 @@ #include <linux/err.h> #include <linux/init.h> #include <linux/ioport.h> +#include <linux/kernel.h> #include <linux/mm.h> #include <linux/sched.h> #include <linux/slab.h> @@ -20,6 +21,7 @@ #include <asm/abi.h> #include <asm/mips-cps.h> +#include <asm/page.h> #include <asm/vdso.h> /* Kernel-provided data used by the VDSO. */ @@ -128,12 +130,30 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) vvar_size = gic_size + PAGE_SIZE; size = vvar_size + image->size; + /* + * Find a region that's large enough for us to perform the + * colour-matching alignment below. + */ + if (cpu_has_dc_aliases) + size += shm_align_mask + 1; + base = get_unmapped_area(NULL, 0, size, 0, 0); if (IS_ERR_VALUE(base)) { ret = base; goto out; } + /* + * If we suffer from dcache aliasing, ensure that the VDSO data page + * mapping is coloured the same as the kernel's mapping of that memory. + * This ensures that when the kernel updates the VDSO data userland + * will observe it without requiring cache invalidations. + */ + if (cpu_has_dc_aliases) { + base = __ALIGN_MASK(base, shm_align_mask); + base += ((unsigned long)&vdso_data - gic_size) & shm_align_mask; + } + data_addr = base + gic_size; vdso_addr = data_addr + PAGE_SIZE;

7 years, 1 month

1
0
0 0

v4.4.156 build: 0 failures 31 warnings (v4.4.156)

by Build bot for Mark Brown

Tree/Branch: v4.4.156 Git describe: v4.4.156 Commit: c40a7b3592 Linux 4.4.156 Build Time: 68 min 54 sec Passed: 10 / 10 (100.00 %) Failed: 0 / 10 ( 0.00 %) Errors: 0 Warnings: 31 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 19 warnings 0 mismatches : arm64-allmodconfig 17 warnings 0 mismatches : x86_64-allmodconfig ------------------------------------------------------------------------------- Warnings Summary: 31 3 warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) 2 ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] 2 ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 2 ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm64-allmodconfig : PASS, 0 errors, 19 warnings, 0 section mismatches Warnings: warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=] ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 17 warnings, 0 section mismatches Warnings: ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm64-defconfig

7 years, 1 month

1
0
0 0

[PATCH v2 2/3] ext4, dax: set ext4_dax_aops for dax files

by Toshi Kani

Sync syscall to DAX file needs to flush processor cache, but it currently does not flush to existing DAX files. This is because 'ext4_da_aops' is set to address_space_operations of existing DAX files, instead of 'ext4_dax_aops', since S_DAX flag is set after ext4_set_aops() in the open path. New file -------- lookup_open ext4_create __ext4_new_inode ext4_set_inode_flags // Set S_DAX flag ext4_set_aops // Set aops to ext4_dax_aops Existing file ------------- lookup_open ext4_lookup ext4_iget ext4_set_aops // Set aops to ext4_da_aops ext4_set_inode_flags // Set S_DAX flag Change ext4_iget() to initialize i_flags before ext4_set_aops(). Fixes: 5f0663bb4a64 ("ext4, dax: introduce ext4_dax_aops") Signed-off-by: Toshi Kani <toshi.kani(a)hpe.com> Suggested-by: Jan Kara <jack(a)suse.cz> Cc: Jan Kara <jack(a)suse.cz> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: "Theodore Ts'o" <tytso(a)mit.edu> Cc: Andreas Dilger <adilger.kernel(a)dilger.ca> Cc: <stable(a)vger.kernel.org> --- fs/ext4/inode.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c index e4acaa980467..b19387b75f2b 100644 --- a/fs/ext4/inode.c +++ b/fs/ext4/inode.c @@ -4896,6 +4896,7 @@ struct inode *ext4_iget(struct super_block *sb, unsigned long ino) * not initialized on a new filesystem. */ } ei->i_flags = le32_to_cpu(raw_inode->i_flags); + ext4_set_inode_flags(inode); inode->i_blocks = ext4_inode_blocks(raw_inode, ei); ei->i_file_acl = le32_to_cpu(raw_inode->i_file_acl_lo); if (ext4_has_feature_64bit(sb)) @@ -5042,7 +5043,6 @@ struct inode *ext4_iget(struct super_block *sb, unsigned long ino) goto bad_inode; } brelse(iloc.bh); - ext4_set_inode_flags(inode); unlock_new_inode(inode); return inode;

7 years, 1 month

2
1
0 0

[PATCH v2 1/3] ext4, dax: add ext4_bmap to ext4_dax_aops

by Toshi Kani

Ext4 mount path calls .bmap to the journal inode. This currently works for the DAX mount case because ext4_iget() always set 'ext4_da_aops' to any regular files. In preparation to fix ext4_iget() to set 'ext4_dax_aops' for ext4 DAX files, add ext4_bmap() to 'ext4_dax_aops'. .bmap works for DAX inodes. [1] [1]: https://lkml.org/lkml/2018/9/12/803 Fixes: 5f0663bb4a64 ("ext4, dax: introduce ext4_dax_aops") Signed-off-by: Toshi Kani <toshi.kani(a)hpe.com> Suggested-by: Jan Kara <jack(a)suse.cz> Cc: Jan Kara <jack(a)suse.cz> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: "Theodore Ts'o" <tytso(a)mit.edu> Cc: Andreas Dilger <adilger.kernel(a)dilger.ca> Cc: <stable(a)vger.kernel.org> --- fs/ext4/inode.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c index d0dd585add6a..e4acaa980467 100644 --- a/fs/ext4/inode.c +++ b/fs/ext4/inode.c @@ -3948,6 +3948,7 @@ static const struct address_space_operations ext4_dax_aops = { .writepages = ext4_dax_writepages, .direct_IO = noop_direct_IO, .set_page_dirty = noop_set_page_dirty, + .bmap = ext4_bmap, .invalidatepage = noop_invalidatepage, };

7 years, 1 month

2
1
0 0

v4.18.8 build: 0 failures 3 warnings (v4.18.8)

by Build bot for Mark Brown

Tree/Branch: v4.18.8 Git describe: v4.18.8 Commit: dfba61ec76 Linux 4.18.8 Build Time: 123 min 29 sec Passed: 11 / 11 (100.00 %) Failed: 0 / 11 ( 0.00 %) Errors: 0 Warnings: 3 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 1 warnings 0 mismatches : arm64-allnoconfig 3 warnings 0 mismatches : arm64-allmodconfig 2 warnings 0 mismatches : arm-multi_v5_defconfig 2 warnings 0 mismatches : arm-multi_v7_defconfig 2 warnings 0 mismatches : arm-allmodconfig 1 warnings 0 mismatches : arm-allnoconfig 1 warnings 0 mismatches : arm-multi_v4t_defconfig 2 warnings 0 mismatches : arm64-defconfig ------------------------------------------------------------------------------- Warnings Summary: 3 8 <stdin>:1332:2: warning: #warning syscall io_pgetevents not implemented [-Wcpp] 5 <stdin>:1335:2: warning: #warning syscall rseq not implemented [-Wcpp] 1 ../drivers/isdn/hardware/eicon/message.c:5985:1: warning: the frame size of 2064 bytes is larger than 2048 bytes [-Wframe-larger-than=] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm64-allnoconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: <stdin>:1335:2: warning: #warning syscall rseq not implemented [-Wcpp] ------------------------------------------------------------------------------- arm64-allmodconfig : PASS, 0 errors, 3 warnings, 0 section mismatches Warnings: <stdin>:1335:2: warning: #warning syscall rseq not implemented [-Wcpp] ../drivers/isdn/hardware/eicon/message.c:5985:1: warning: the frame size of 2064 bytes is larger than 2048 bytes [-Wframe-larger-than=] <stdin>:1335:2: warning: #warning syscall rseq not implemented [-Wcpp] ------------------------------------------------------------------------------- arm-multi_v5_defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: <stdin>:1332:2: warning: #warning syscall io_pgetevents not implemented [-Wcpp] <stdin>:1332:2: warning: #warning syscall io_pgetevents not implemented [-Wcpp] ------------------------------------------------------------------------------- arm-multi_v7_defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: <stdin>:1332:2: warning: #warning syscall io_pgetevents not implemented [-Wcpp] <stdin>:1332:2: warning: #warning syscall io_pgetevents not implemented [-Wcpp] ------------------------------------------------------------------------------- arm-allmodconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: <stdin>:1332:2: warning: #warning syscall io_pgetevents not implemented [-Wcpp] <stdin>:1332:2: warning: #warning syscall io_pgetevents not implemented [-Wcpp] ------------------------------------------------------------------------------- arm-allnoconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: <stdin>:1332:2: warning: #warning syscall io_pgetevents not implemented [-Wcpp] ------------------------------------------------------------------------------- arm-multi_v4t_defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: <stdin>:1332:2: warning: #warning syscall io_pgetevents not implemented [-Wcpp] ------------------------------------------------------------------------------- arm64-defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: <stdin>:1335:2: warning: #warning syscall rseq not implemented [-Wcpp] <stdin>:1335:2: warning: #warning syscall rseq not implemented [-Wcpp] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: x86_64-allnoconfig x86_64-allmodconfig x86_64-defconfig

7 years, 1 month

1
0
0 0

Linux 4.18.8

by Greg KH

I'm announcing the release of the 4.18.8 kernel. All users of the 4.18 kernel series must upgrade. The updated 4.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/mach-rockchip/Kconfig | 1 arch/arm64/Kconfig.platforms | 1 arch/powerpc/include/asm/topology.h | 5 arch/powerpc/include/asm/uaccess.h | 13 - arch/powerpc/kernel/exceptions-64s.S | 6 arch/powerpc/kernel/smp.c | 5 arch/powerpc/mm/numa.c | 20 - arch/powerpc/platforms/85xx/t1042rdb_diu.c | 4 arch/powerpc/platforms/pseries/ras.c | 2 arch/powerpc/sysdev/mpic_msgr.c | 2 arch/riscv/kernel/vdso/Makefile | 4 arch/s390/kernel/crash_dump.c | 17 + arch/um/Makefile | 3 arch/x86/include/asm/mce.h | 1 arch/x86/include/asm/pgtable-3level.h | 7 arch/x86/kernel/tsc.c | 4 arch/x86/kvm/mmu.c | 43 +++ arch/x86/kvm/vmx.c | 26 +- arch/x86/kvm/x86.c | 12 - arch/x86/xen/mmu_pv.c | 7 block/bio.c | 2 block/blk-core.c | 4 block/blk-mq-tag.c | 3 block/blk-mq.c | 8 block/cfq-iosched.c | 22 + drivers/acpi/acpica/hwregs.c | 9 drivers/acpi/scan.c | 5 drivers/clk/rockchip/clk-rk3399.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu.h | 6 drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c | 23 -- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 38 ++- drivers/gpu/drm/amd/amdgpu/amdgpu_pm.c | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_sched.c | 21 - drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h | 2 drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.h | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 17 - drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c | 20 - drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 2 drivers/gpu/drm/amd/amdgpu/psp_v10_0.c | 3 drivers/gpu/drm/amd/amdgpu/uvd_v6_0.c | 3 drivers/gpu/drm/amd/amdgpu/vcn_v1_0.c | 40 ++- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 10 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crc.c | 10 drivers/gpu/drm/amd/display/dc/bios/command_table.c | 18 + drivers/gpu/drm/amd/display/dc/core/dc_link.c | 11 drivers/gpu/drm/amd/display/dc/core/dc_resource.c | 68 ++++-- drivers/gpu/drm/amd/display/dc/dc.h | 1 drivers/gpu/drm/amd/display/dc/dce/dce_link_encoder.c | 4 drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c | 2 drivers/gpu/drm/amd/display/dc/dce110/dce110_compressor.c | 2 drivers/gpu/drm/amd/display/dc/dce110/dce110_hw_sequencer.c | 4 drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c | 3 drivers/gpu/drm/amd/display/dc/inc/resource.h | 5 drivers/gpu/drm/amd/powerplay/hwmgr/smu7_powertune.c | 43 +++ drivers/gpu/drm/amd/powerplay/hwmgr/smu8_hwmgr.c | 5 drivers/gpu/drm/amd/powerplay/hwmgr/vega12_hwmgr.c | 2 drivers/gpu/drm/drm_edid.c | 6 drivers/gpu/drm/etnaviv/etnaviv_gpu.c | 1 drivers/gpu/drm/i915/i915_drv.c | 10 drivers/gpu/drm/i915/i915_drv.h | 8 drivers/gpu/drm/i915/i915_reg.h | 1 drivers/gpu/drm/i915/intel_ddi.c | 4 drivers/gpu/drm/i915/intel_dp.c | 33 +- drivers/gpu/drm/i915/intel_hdmi.c | 8 drivers/gpu/drm/i915/intel_lpe_audio.c | 4 drivers/gpu/drm/i915/intel_lspcon.c | 2 drivers/gpu/drm/i915/intel_lvds.c | 136 ------------ drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 69 ++++-- drivers/gpu/drm/rockchip/rockchip_lvds.c | 4 drivers/hid/hid-redragon.c | 26 -- drivers/i2c/i2c-core-acpi.c | 8 drivers/infiniband/hw/hfi1/affinity.c | 24 +- drivers/infiniband/hw/hns/hns_roce_pd.c | 2 drivers/infiniband/hw/hns/hns_roce_qp.c | 5 drivers/input/input.c | 16 + drivers/iommu/omap-iommu.c | 4 drivers/iommu/rockchip-iommu.c | 45 ++- drivers/irqchip/irq-bcm7038-l1.c | 4 drivers/irqchip/irq-stm32-exti.c | 25 +- drivers/md/dm-kcopyd.c | 2 drivers/mfd/sm501.c | 1 drivers/mtd/ubi/vtbl.c | 20 - drivers/net/ethernet/broadcom/bnxt/bnxt.c | 9 drivers/net/ethernet/broadcom/bnxt/bnxt.h | 3 drivers/net/ethernet/broadcom/bnxt/bnxt_sriov.c | 7 drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.c | 20 - drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.h | 1 drivers/net/ethernet/broadcom/genet/bcmgenet.h | 3 drivers/net/ethernet/broadcom/genet/bcmmii.c | 10 drivers/net/ethernet/cadence/macb_main.c | 36 ++- drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 2 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_mdio.c | 2 drivers/net/ethernet/mellanox/mlx5/core/wq.c | 5 drivers/net/ethernet/mellanox/mlxsw/spectrum.h | 2 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c | 11 drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c | 20 + drivers/net/ethernet/netronome/nfp/nfp_net_common.c | 48 ++-- drivers/net/ethernet/qlogic/qlge/qlge_main.c | 23 -- drivers/net/ethernet/realtek/r8169.c | 7 drivers/net/ethernet/stmicro/stmmac/stmmac.h | 1 drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 5 drivers/net/hyperv/netvsc_drv.c | 16 + drivers/net/usb/r8152.c | 4 drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c | 8 drivers/pci/controller/pci-mvebu.c | 2 drivers/pci/probe.c | 12 - drivers/pinctrl/pinctrl-axp209.c | 26 +- drivers/platform/x86/asus-nb-wmi.c | 1 drivers/platform/x86/intel_punit_ipc.c | 1 drivers/pwm/pwm-meson.c | 3 drivers/s390/block/dasd_eckd.c | 10 drivers/scsi/aic94xx/aic94xx_init.c | 4 drivers/staging/comedi/drivers/ni_mio_common.c | 3 drivers/vhost/vhost.c | 2 drivers/virtio/virtio_pci_legacy.c | 14 + drivers/xen/xen-balloon.c | 2 fs/btrfs/check-integrity.c | 7 fs/btrfs/dev-replace.c | 6 fs/btrfs/extent-tree.c | 2 fs/btrfs/relocation.c | 23 +- fs/btrfs/super.c | 44 ++- fs/btrfs/tree-checker.c | 15 + fs/btrfs/volumes.c | 94 +++++--- fs/cifs/cifs_debug.c | 8 fs/cifs/connect.c | 8 fs/cifs/smb2misc.c | 7 fs/cifs/smb2pdu.c | 103 ++++----- fs/dcache.c | 3 fs/f2fs/data.c | 8 fs/f2fs/file.c | 48 ++-- fs/fat/cache.c | 19 + fs/fat/fat.h | 5 fs/fat/fatent.c | 6 fs/hfs/brec.c | 7 fs/hfsplus/dir.c | 4 fs/hfsplus/super.c | 4 fs/nfs/nfs4proc.c | 2 fs/proc/kcore.c | 4 fs/proc/vmcore.c | 2 fs/reiserfs/reiserfs.h | 2 include/linux/pci_ids.h | 2 include/net/tcp.h | 4 include/uapi/linux/keyctl.h | 2 kernel/bpf/inode.c | 8 kernel/bpf/sockmap.c | 120 ++++++---- kernel/fork.c | 5 kernel/workqueue.c | 45 ++- lib/debugobjects.c | 7 mm/Kconfig | 2 mm/fadvise.c | 8 net/9p/trans_fd.c | 10 net/9p/trans_virtio.c | 3 net/core/xdp.c | 14 - net/ipv4/ip_gre.c | 3 net/ipv4/tcp_ipv4.c | 6 net/ipv4/tcp_minisocks.c | 3 net/ipv4/tcp_ulp.c | 4 net/ipv6/ip6_fib.c | 7 net/ipv6/ip6_gre.c | 1 net/ipv6/ip6_vti.c | 7 net/ipv6/netfilter/ip6t_rpfilter.c | 12 - net/ipv6/route.c | 3 net/netfilter/ipvs/ip_vs_core.c | 15 - net/netfilter/nf_conntrack_netlink.c | 26 +- net/netfilter/nfnetlink_acct.c | 29 +- net/netfilter/x_tables.c | 7 net/rds/ib_frmr.c | 1 net/sched/act_ife.c | 78 +++--- net/sched/act_pedit.c | 18 + net/sched/cls_u32.c | 10 net/sctp/proc.c | 8 net/sctp/socket.c | 22 + net/sunrpc/auth_gss/gss_krb5_crypto.c | 12 - net/tipc/name_table.c | 10 net/tipc/name_table.h | 9 net/tipc/socket.c | 2 net/tls/tls_main.c | 1 samples/bpf/xdp_redirect_cpu_user.c | 3 samples/bpf/xdp_rxq_info_user.c | 3 scripts/coccicheck | 5 scripts/depmod.sh | 4 scripts/mod/modpost.c | 8 security/apparmor/policy_ns.c | 2 security/keys/dh.c | 2 security/selinux/selinuxfs.c | 33 ++ sound/soc/codecs/rt5677.c | 2 sound/soc/codecs/wm8994.c | 1 tools/perf/arch/arm64/util/arm-spe.c | 1 tools/perf/arch/powerpc/util/sym-handling.c | 4 tools/perf/util/namespaces.c | 3 tools/testing/selftests/powerpc/harness.c | 18 + 194 files changed, 1497 insertions(+), 953 deletions(-) Ahmad Fatoum (1): net: macb: Fix regression breaking non-MDIO fixed-link PHYs Aleh Filipovich (1): platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Alex Deucher (1): drm/amdgpu: update uvd_v6_0_ring_vm_funcs to use new nop packet Alexey Kodanev (2): vti6: remove !skb->ignore_df check from vti6_xmit() ipv6: don't get lwtstate twice in ip6_rt_copy_init() Anand Jain (5): btrfs: fix in-memory value of total_devices after seed device deletion btrfs: do btrfs_free_stale_devices outside of device_list_add btrfs: extend locked section when adding a new device in device_list_add btrfs: rename local devices for fs_devices in btrfs_free_stale_devices( btrfs: use device_list_mutex when removing stale devices Andrey Ryabinin (1): mm/fadvise.c: fix signed overflow UBSAN complaint Anssi Hannula (1): net: macb: do not disable MDIO bus at open/close time Anthony Wong (1): r8169: add support for NCube 8168 network card Anton Vasilyev (1): pinctrl: axp209: Fix NULL pointer dereference after allocation Arnd Bergmann (4): fs/proc/vmcore.c: hide vmcoredd_mmap_dumps() for nommu builds reiserfs: change j_timestamp type to time64_t x86/mce: Add notifier_block forward declaration x86: kvm: avoid unused variable warning Aurelien Aptel (1): CIFS: fix memory leak and remove dead code Azat Khuzhin (1): r8169: set RxConfig after tx/rx is enabled for RTL8169sb/8110sb devices Bart Van Assche (2): cfq: Suppress compiler warnings about comparisons btrfs: Fix a C compliance issue Benno Evers (1): perf tools: Check for null when copying nsinfo. Breno Leitao (1): selftests/powerpc: Kill child processes on SIGINT Chao Yu (3): f2fs: avoid race between zero_range and background GC f2fs: fix avoid race between truncate and background GC f2fs: fix to clear PG_checked flag in set_page_dirty() Chris Wilson (1): drm/i915/lpe: Mark LPE audio runtime pm as "no callbacks" Christian König (2): drm/amdgpu: fix incorrect use of fcheck drm/amdgpu: fix incorrect use of drm_file->pid Chuanhua Lei (1): x86/tsc: Prevent result truncation on 32bit Cong Wang (4): act_ife: fix a potential use-after-free act_ife: move tcfa_lock down to where necessary act_ife: fix a potential deadlock tipc: fix a missing rhashtable_walk_exit() Dan Carpenter (4): apparmor: fix an error code in __aa_create_ns() irqchip/stm32: Fix init error handling powerpc: Fix size calculation using resource_size() scsi: aic94xx: fix an error code in aic94xx_init() Daniel Borkmann (5): bpf, sockmap: fix map elem deletion race with smap_stop_sock tcp, ulp: fix leftover icsk_ulp_ops preventing sock from reattach bpf, sockmap: fix sock_map_ctx_update_elem race with exist/noexist bpf, sockmap: fix leakage of smap_psock_map_entry tcp, ulp: add alias for all ulp modules David Ahern (2): net/ipv6: Only update MTU metric if it set net/ipv6: Put lwtstate when destroying fib6_info David Francis (1): drm/amd/display: Read back max backlight value at boot David Sterba (5): btrfs: lift uuid_mutex to callers of btrfs_open_devices btrfs: lift uuid_mutex to callers of btrfs_scan_one_device btrfs: lift uuid_mutex to callers of btrfs_parse_early_options btrfs: reorder initialization before the mount locks uuid_mutex btrfs: fix mount and ioctl device scan ioctl race Davide Caratti (1): net/sched: act_pedit: fix dump of extended layered op Denis Efremov (1): coccicheck: return proper error code on fail Dexuan Cui (1): hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() Dmitry Torokhov (1): Input: do not use WARN() in input_alloc_absinfo() Doug Berger (1): net: bcmgenet: use MAC link status for fixed phy Eric Dumazet (1): ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state Erik Schmauss (1): ACPICA: ACPICA: add status check for acpi_hw_read before assigning return value Ernesto A. Fernández (2): hfs: prevent crash on exit from failed search hfsplus: fix NULL dereference in hfsplus_lookup() Evan Quan (1): drm/amd/powerplay: fixed uninitialized value Florian Westphal (3): tcp: do not restart timewait timer on rst reception netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses netfilter: fix memory leaks on netlink_dump_start error Fredrik Schön (1): drm/i915: Increase LSPCON timeout Gal Pressman (1): RDMA/hns: Fix usage of bitmap allocation functions return values Greg Edwards (1): block: bvec_nr_vecs() returns value for wrong slab Greg Kroah-Hartman (1): Linux 4.18.8 Guenter Roeck (1): mfd: sm501: Set coherent_dma_mask when creating subdevices Gustavo A. R. Silva (2): drm/amd/display: fix type of variable ASoC: wm8994: Fix missing break in switch Haiqing Bai (1): tipc: fix the big/little endian issue in tipc_dest Haishuang Yan (2): ip6_vti: fix creating fallback tunnel device for vti6 ip6_vti: fix a null pointer deference when destroy vti6 tunnel Hangbin Liu (1): net/ipv6: init ip6 anycast rt->dst.input as ip6_input Hans de Goede (2): i2c: core: ACPI: Make acpi_gsb_i2c_read_bytes() check i2c_transfer return value ACPI / scan: Initialize status to ACPI_STA_DEFAULT Harry Wentland (1): drm/amd/display: Report non-DP display as disconnected without EDID Heiko Stuebner (1): drm/rockchip: vop: split out core clock enablement into separate functions Ian Abbott (1): staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice Ido Schimmel (1): mlxsw: spectrum_switchdev: Do not leak RIFs when removing bridge Jakub Kicinski (1): nfp: wait for posted reconfigs when disabling the device James Morse (1): fs/proc/kcore.c: use __pa_symbol() for KCORE_TEXT list entries James Zhu (2): drm/amdgpu: update tmr mc address drm/amdgpu:add tmr mc address into amdgpu_firmware_info Jan-Marek Glogowski (1): drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse" Jani Nikula (1): drm/i915: set DP Main Stream Attribute for color range on DDI platforms Jann Horn (1): fork: don't copy inconsistent signal handler state to child Jason Wang (1): vhost: correctly check the iova range when waking virtqueue Jean-Philippe Brucker (1): net/9p: fix error path of p9_virtio_probe Jens Axboe (1): block: don't warn for flush on read-only device Jerome Brunet (2): Revert "net: stmmac: Do not keep rearming the coalesce timer in stmmac_xmit" pwm: meson: Fix mux clock names Jesper Dangaard Brouer (1): samples/bpf: all XDP samples should unload xdp/bpf prog on SIGTERM Jian Shen (1): net: hns3: Fix for phy link issue when using marvell phy driver Jianchao Wang (1): blk-mq: count the hctx as active before allocating tag Jim Mattson (1): kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 Joel Fernandes (Google) (1): debugobjects: Make stack check warning more informative Johannes Berg (2): workqueue: skip lockdep wq dependency in cancel_work_sync() workqueue: re-add lockdep dependencies for flushing John Pittman (1): dm kcopyd: avoid softlockup in run_complete_job Jonas Gorski (1): irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Juergen Gross (2): x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear x86/xen: don't write ptes directly in 32-bit PV guests Julia Lawall (1): drm/rockchip: lvds: add missing of_node_put Junaid Shahid (1): kvm: x86: Set highest physical address bits in non-present/reserved SPTEs Kai-Heng Feng (2): r8152: disable RX aggregation on new Dell TB16 dock drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 Kees Cook (1): net: sched: Fix memory exposure from short TCA_U32_SEL Kim Phillips (1): perf arm spe: Fix uninitialized record error variable Laura Abbott (1): sunrpc: Don't use stack buffer with scatterlist Leo (Sunpeng) Li (1): drm/amd/display: Use requested HDMI aspect ratio Levin Du (1): clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 Likun Gao (3): drm/amdgpu:add new firmware id for VCN drm/amdgpu:add VCN support in PSP driver drm/amdgpu:add VCN booting with firmware loaded by PSP Lubosz Sarnecki (1): drm/edid: Quirk Vive Pro VR headset non-desktop. Lucas Stach (1): drm/etnaviv: fix crash in GPU suspend when init failed due to buffer placement Mahesh Salgaonkar (1): powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Manish Chopra (1): qlge: Fix netdev features configuration. Marc Zyngier (4): iommu/rockchip: Handle errors returned from PM framework iommu/rockchip: Move irq request past pm_runtime_enable arm64: rockchip: Force CONFIG_PM on Rockchip systems ARM: rockchip: Force CONFIG_PM on Rockchip systems Masahiro Yamada (1): um: fix parallel building with O= option Matthias Kaehlcke (1): ASoC: rt5677: Fix initialization of rt5677_of_match.data Michael Chan (2): bnxt_en: Clean up unused functions. bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA. Michael Ellerman (2): powerpc/uaccess: Enable get_user(u64, *p) on 32-bit powerpc/64s: Make rfi_flush_fallback a little more robust Michael J. Ruhl (1): IB/hfi1: Invalid NUMA node information can cause a divide by zero Michal Hocko (1): netfilter: x_tables: do not fail xt_alloc_table_info too easilly Michel Dänzer (5): drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode drm/amdgpu: Keep track of amount of pinned CPU visible VRAM drm/amdgpu: Make pin_size values atomic drm/amdgpu: Warn and update pin_size values when destroying a pinned BO drm/amdgpu: Don't warn on destroying a pinned BO Mike Rapoport (1): mm: make DEFERRED_STRUCT_PAGE_INIT explicitly depend on SPARSEMEM Mikita Lipski (4): drm/amd/display: Don't share clk source between DP and HDMI drm/amd/display: update clk for various HDMI color depths drm/amd/display: Pass connector id when executing VBIOS CT drm/amd/display: Check if clock source in use before disabling Misono Tomohiro (1): btrfs: replace: Reset on-disk dev stats value after replace Myron Stowe (1): PCI: Match Root Port's MPS to endpoint's MPSS as necessary Nadav Amit (1): mm: respect arch_dup_mmap() return value Nicholas Kazlauskas (1): drm/amd/display: Guard against null crtc in CRC IRQ OGAWA Hirofumi (1): fat: validate ->i_start before using Palmer Dabbelt (1): RISC-V: Use KBUILD_CFLAGS instead of KCFLAGS when building the vDSO Philipp Rudo (1): s390/kdump: Fix memleak in nt_vmcoreinfo Qu Wenruo (5): btrfs: Exit gracefully when chunk map cannot be inserted to the tree btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized btrfs: tree-checker: Detect invalid and empty essential trees btrfs: check-integrity: Fix NULL pointer dereference for degraded mount btrfs: Don't remove block group that still has pinned down bytes Ralf Goebel (1): iommu/omap: Fix cache flushes on L2 table entries Randy Dunlap (5): scripts: modpost: check memory allocation results platform/x86: intel_punit_ipc: fix build errors powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name kbuild: make missing $DEPMOD a Warning instead of an Error Rex Zhu (3): drm/amdgpu: fix a reversed condition drm/amd/pp: Convert voltage unit in mV*4 to mV on CZ/ST drm/amd/pp/Polaris12: Fix a chunk of registers missed to program Richard Weinberger (1): ubi: Initialize Fastmap checkmapping correctly Robert Munteanu (1): HID: redragon: fix num lock and caps lock LEDs Rodrigo Vivi (1): drm/i915: Free write_buf that we allocated with kzalloc. Roger Pau Monne (1): xen/balloon: fix balloon initialization for PVH Dom0 Ronnie Sahlberg (1): cifs: check if SMB2 PDU size has been padded and suppress the warning Sandipan Das (1): perf probe powerpc: Fix trace event post-processing Sandy Huang (1): drm/rockchip: vop: fix irq disabled after vop driver probed Sean Christopherson (1): KVM: vmx: track host_state.loaded using a loaded_vmcs pointer Srikar Dronamraju (1): powerpc/topology: Get topology for shared processors at boot Stefan Haberland (2): s390/dasd: fix hanging offline processing due to canceled worker s390/dasd: fix panic for failed online processing Stephen Hemminger (1): hv_netvsc: ignore devices that are not PCI Steve French (3): smb3: fix reset of bytes read and written stats SMB3: Number of requests sent should be displayed for SMB3 not just CIFS smb3: if server does not support posix do not allow posix mount option Suzuki K Poulose (1): virtio: pci-legacy: Validate queue pfn Tan Hu (1): ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Tariq Toukan (2): net/mlx5: Fix SQ offset in QPs with small RQ net/xdp: Fix suspicious RCU usage warning Tetsuo Handa (2): hfsplus: don't return 0 when fill_super() failed fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Thomas Petazzoni (1): PCI: mvebu: Fix I/O space end address calculation Tomas Bortoli (1): net/9p/trans_fd.c: fix race by holding the lock Ville Syrjälä (1): drm/i915: Nuke the LVDS lid notifier Vlad Buslov (1): net: sched: action_ife: take reference to meta module Wei Yongjun (1): NFSv4: Fix error handling in nfs4_sp4_select_mode() Winnie Chang (1): brcmfmac: fix brcmf_wiphy_wowl_params() NULL pointer dereference Xi Wang (1): net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero Xin Long (3): sctp: remove useless start_fail from sctp_ht_iter in proc erspan: set erspan_ver to 1 by default when adding an erspan dev sctp: hold transport before accessing its asoc in sctp_transport_get_next Yonghong Song (1): bpf: fix bpffs non-array map seq_show issue YueHaibing (1): RDS: IB: fix 'passing zero to ERR_PTR()' warning nixiaoming (1): selinux: cleanup dentry and inodes on error in selinuxfs

7 years, 1 month

1
1
0 0

Linux 4.14.70

by Greg KH

I'm announcing the release of the 4.14.70 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/configs/imx_v6_v7_defconfig | 2 arch/arm/mach-rockchip/Kconfig | 1 arch/arm64/Kconfig.platforms | 1 arch/arm64/include/asm/cache.h | 5 arch/arm64/include/asm/cpucaps.h | 3 arch/arm64/kernel/cpu_errata.c | 25 +++- arch/arm64/kernel/cpufeature.c | 4 arch/powerpc/include/asm/uaccess.h | 13 +- arch/powerpc/kernel/exceptions-64s.S | 6 + arch/powerpc/platforms/85xx/t1042rdb_diu.c | 4 arch/powerpc/platforms/pseries/ras.c | 2 arch/powerpc/sysdev/mpic_msgr.c | 2 arch/s390/kernel/crash_dump.c | 17 ++- arch/s390/lib/mem.S | 12 +- arch/x86/include/asm/mce.h | 1 arch/x86/include/asm/pgtable-3level.h | 7 - arch/x86/kvm/mmu.c | 43 +++++++- arch/x86/kvm/vmx.c | 26 +++- arch/x86/kvm/x86.c | 12 +- arch/x86/xen/mmu_pv.c | 7 - block/bio.c | 2 block/cfq-iosched.c | 22 ++-- drivers/acpi/scan.c | 5 drivers/clk/rockchip/clk-rk3399.c | 1 drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 5 drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.h | 4 drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 17 +-- drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 2 drivers/gpu/drm/amd/amdgpu/psp_v10_0.c | 3 drivers/gpu/drm/amd/amdgpu/vcn_v1_0.c | 40 +++++-- drivers/gpu/drm/amd/powerplay/hwmgr/smu7_powertune.c | 43 ++++++++ drivers/gpu/drm/drm_edid.c | 3 drivers/gpu/drm/i915/intel_lpe_audio.c | 4 drivers/gpu/drm/i915/intel_lspcon.c | 2 drivers/hid/hid-ids.h | 1 drivers/hid/usbhid/hid-quirks.c | 1 drivers/infiniband/hw/hfi1/affinity.c | 24 +++- drivers/infiniband/hw/hns/hns_roce_pd.c | 2 drivers/infiniband/hw/hns/hns_roce_qp.c | 5 drivers/input/input.c | 16 ++- drivers/iommu/omap-iommu.c | 4 drivers/irqchip/irq-bcm7038-l1.c | 4 drivers/lightnvm/pblk-core.c | 1 drivers/lightnvm/pblk-write.c | 7 + drivers/md/dm-kcopyd.c | 2 drivers/mfd/sm501.c | 1 drivers/net/ethernet/broadcom/genet/bcmgenet.h | 3 drivers/net/ethernet/broadcom/genet/bcmmii.c | 10 + drivers/net/ethernet/cadence/macb_main.c | 9 + drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 2 drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_mdio.c | 2 drivers/net/ethernet/mellanox/mlxsw/spectrum.h | 2 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c | 11 ++ drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c | 20 +++ drivers/net/ethernet/netronome/nfp/nfp_net_common.c | 48 ++++++--- drivers/net/ethernet/qlogic/qlge/qlge_main.c | 23 +--- drivers/net/ethernet/realtek/r8169.c | 1 drivers/net/hyperv/netvsc_drv.c | 16 ++- drivers/pci/host/pci-mvebu.c | 2 drivers/platform/x86/asus-nb-wmi.c | 1 drivers/platform/x86/intel_punit_ipc.c | 1 drivers/pwm/pwm-meson.c | 3 drivers/s390/block/dasd_eckd.c | 10 + drivers/scsi/aic94xx/aic94xx_init.c | 4 drivers/staging/comedi/drivers/ni_mio_common.c | 3 drivers/staging/irda/net/af_irda.c | 13 ++ drivers/usb/dwc3/core.c | 47 ++++++-- drivers/usb/dwc3/core.h | 5 drivers/vhost/vhost.c | 2 drivers/virtio/virtio_pci_legacy.c | 14 ++ drivers/xen/xen-balloon.c | 2 fs/btrfs/dev-replace.c | 6 + fs/btrfs/extent-tree.c | 2 fs/btrfs/relocation.c | 23 ++-- fs/btrfs/volumes.c | 8 + fs/cifs/cifs_debug.c | 8 + fs/cifs/smb2misc.c | 7 + fs/cifs/smb2pdu.c | 2 fs/dcache.c | 3 fs/f2fs/data.c | 4 fs/fat/cache.c | 19 ++- fs/fat/fat.h | 5 fs/fat/fatent.c | 6 - fs/hfs/brec.c | 7 - fs/hfsplus/dir.c | 4 fs/hfsplus/super.c | 4 fs/nfs/nfs4proc.c | 2 fs/proc/kcore.c | 4 fs/reiserfs/reiserfs.h | 2 include/linux/pci_ids.h | 2 include/net/tcp.h | 4 include/uapi/linux/keyctl.h | 2 kernel/fork.c | 2 kernel/memremap.c | 11 +- kernel/sched/deadline.c | 11 -- lib/debugobjects.c | 7 - mm/fadvise.c | 8 + net/9p/trans_fd.c | 10 - net/9p/trans_virtio.c | 3 net/ipv4/tcp_ipv4.c | 6 + net/ipv4/tcp_minisocks.c | 3 net/ipv4/tcp_ulp.c | 2 net/ipv6/ip6_vti.c | 2 net/ipv6/netfilter/ip6t_rpfilter.c | 12 ++ net/netfilter/ipvs/ip_vs_core.c | 15 ++ net/netfilter/nf_conntrack_netlink.c | 26 +++- net/netfilter/nfnetlink_acct.c | 29 ++--- net/rds/ib_frmr.c | 1 net/sched/act_ife.c | 79 ++++++++------- net/sched/act_pedit.c | 18 ++- net/sched/cls_u32.c | 8 + net/sctp/proc.c | 4 net/sctp/socket.c | 22 ++-- net/sunrpc/auth_gss/gss_krb5_crypto.c | 12 +- net/tipc/socket.c | 2 net/tls/tls_main.c | 1 scripts/depmod.sh | 4 scripts/mod/modpost.c | 8 - security/keys/dh.c | 2 sound/soc/codecs/rt5677.c | 2 sound/soc/codecs/wm8994.c | 1 tools/perf/arch/powerpc/util/sym-handling.c | 4 tools/perf/util/namespaces.c | 3 tools/testing/selftests/powerpc/harness.c | 18 ++- 125 files changed, 811 insertions(+), 319 deletions(-) Aleh Filipovich (1): platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Alexey Kodanev (1): vti6: remove !skb->ignore_df check from vti6_xmit() Andrey Ryabinin (1): mm/fadvise.c: fix signed overflow UBSAN complaint Anssi Hannula (1): net: macb: do not disable MDIO bus at open/close time Anthony Wong (1): r8169: add support for NCube 8168 network card Arnd Bergmann (4): reiserfs: change j_timestamp type to time64_t x86/mce: Add notifier_block forward declaration x86: kvm: avoid unused variable warning arm64: cpu_errata: include required headers Bart Van Assche (1): cfq: Suppress compiler warnings about comparisons Benno Evers (1): perf tools: Check for null when copying nsinfo. Breno Leitao (1): selftests/powerpc: Kill child processes on SIGINT Chao Yu (1): f2fs: fix to clear PG_checked flag in set_page_dirty() Chris Wilson (1): drm/i915/lpe: Mark LPE audio runtime pm as "no callbacks" Cong Wang (4): act_ife: fix a potential use-after-free tipc: fix a missing rhashtable_walk_exit() act_ife: move tcfa_lock down to where necessary act_ife: fix a potential deadlock Dan Carpenter (2): powerpc: Fix size calculation using resource_size() scsi: aic94xx: fix an error code in aic94xx_init() Daniel Borkmann (1): tcp, ulp: add alias for all ulp modules Dave Young (1): HID: add quirk for another PIXART OEM mouse used by HP Davide Caratti (1): net/sched: act_pedit: fix dump of extended layered op Dexuan Cui (1): hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() Dmitry Torokhov (1): Input: do not use WARN() in input_alloc_absinfo() Doug Berger (1): net: bcmgenet: use MAC link status for fixed phy Eric Dumazet (1): ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state Ernesto A. Fernández (2): hfs: prevent crash on exit from failed search hfsplus: fix NULL dereference in hfsplus_lookup() Fabio Estevam (1): Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" Florian Westphal (3): tcp: do not restart timewait timer on rst reception netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses netfilter: fix memory leaks on netlink_dump_start error Fredrik Schön (1): drm/i915: Increase LSPCON timeout Gal Pressman (1): RDMA/hns: Fix usage of bitmap allocation functions return values Greg Edwards (1): block: bvec_nr_vecs() returns value for wrong slab Greg Kroah-Hartman (1): Linux 4.14.70 Guenter Roeck (1): mfd: sm501: Set coherent_dma_mask when creating subdevices Gustavo A. R. Silva (1): ASoC: wm8994: Fix missing break in switch Hans de Goede (1): ACPI / scan: Initialize status to ACPI_STA_DEFAULT Ian Abbott (1): staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice Ido Schimmel (1): mlxsw: spectrum_switchdev: Do not leak RIFs when removing bridge Jakub Kicinski (1): nfp: wait for posted reconfigs when disabling the device James Morse (1): fs/proc/kcore.c: use __pa_symbol() for KCORE_TEXT list entries James Zhu (2): drm/amdgpu: update tmr mc address drm/amdgpu:add tmr mc address into amdgpu_firmware_info Jan H. Schönherr (1): mm: Fix devm_memremap_pages() collision handling Jann Horn (1): fork: don't copy inconsistent signal handler state to child Jason Wang (1): vhost: correctly check the iova range when waking virtqueue Javier González (1): lightnvm: pblk: free padded entries in write buffer Jean-Philippe Brucker (1): net/9p: fix error path of p9_virtio_probe Jerome Brunet (1): pwm: meson: Fix mux clock names Jian Shen (1): net: hns3: Fix for phy link issue when using marvell phy driver Jim Mattson (1): kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 Joel Fernandes (Google) (1): debugobjects: Make stack check warning more informative John Pittman (1): dm kcopyd: avoid softlockup in run_complete_job Jonas Gorski (1): irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Juergen Gross (2): x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear x86/xen: don't write ptes directly in 32-bit PV guests Junaid Shahid (1): kvm: x86: Set highest physical address bits in non-present/reserved SPTEs Kai-Heng Feng (1): drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 Kees Cook (1): net: sched: Fix memory exposure from short TCA_U32_SEL Laura Abbott (1): sunrpc: Don't use stack buffer with scatterlist Levin Du (1): clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 Likun Gao (3): drm/amdgpu:add new firmware id for VCN drm/amdgpu:add VCN support in PSP driver drm/amdgpu:add VCN booting with firmware loaded by PSP Luca Abeni (1): sched/deadline: Fix switching to -deadline Mahesh Salgaonkar (1): powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Manish Chopra (1): qlge: Fix netdev features configuration. Marc Zyngier (2): arm64: rockchip: Force CONFIG_PM on Rockchip systems ARM: rockchip: Force CONFIG_PM on Rockchip systems Martin Schwidefsky (1): s390/lib: use expoline for all bcr instructions Matthias Kaehlcke (1): ASoC: rt5677: Fix initialization of rt5677_of_match.data Michael Ellerman (2): powerpc/uaccess: Enable get_user(u64, *p) on 32-bit powerpc/64s: Make rfi_flush_fallback a little more robust Michael J. Ruhl (1): IB/hfi1: Invalid NUMA node information can cause a divide by zero Michel Dänzer (1): drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode Misono Tomohiro (1): btrfs: replace: Reset on-disk dev stats value after replace OGAWA Hirofumi (1): fat: validate ->i_start before using Philipp Rudo (1): s390/kdump: Fix memleak in nt_vmcoreinfo Qu Wenruo (3): btrfs: Exit gracefully when chunk map cannot be inserted to the tree btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized btrfs: Don't remove block group that still has pinned down bytes Ralf Goebel (1): iommu/omap: Fix cache flushes on L2 table entries Randy Dunlap (5): scripts: modpost: check memory allocation results platform/x86: intel_punit_ipc: fix build errors powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name kbuild: make missing $DEPMOD a Warning instead of an Error Rex Zhu (1): drm/amd/pp/Polaris12: Fix a chunk of registers missed to program Roger Pau Monne (1): xen/balloon: fix balloon initialization for PVH Dom0 Roger Quadros (1): usb: dwc3: core: Fix ULPI PHYs and prevent phy_get/ulpi_init during suspend/resume Ronnie Sahlberg (1): cifs: check if SMB2 PDU size has been padded and suppress the warning Sandipan Das (1): perf probe powerpc: Fix trace event post-processing Sean Christopherson (1): KVM: vmx: track host_state.loaded using a loaded_vmcs pointer Stefan Haberland (2): s390/dasd: fix hanging offline processing due to canceled worker s390/dasd: fix panic for failed online processing Stephen Hemminger (1): hv_netvsc: ignore devices that are not PCI Steve French (2): smb3: fix reset of bytes read and written stats SMB3: Number of requests sent should be displayed for SMB3 not just CIFS Suzuki K Poulose (3): virtio: pci-legacy: Validate queue pfn arm64: Fix mismatched cache line size detection arm64: Handle mismatched cache type Tan Hu (1): ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Tetsuo Handa (2): hfsplus: don't return 0 when fill_super() failed fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Thomas Petazzoni (1): PCI: mvebu: Fix I/O space end address calculation Tomas Bortoli (1): net/9p/trans_fd.c: fix race by holding the lock Tyler Hicks (2): irda: Fix memory leak caused by repeated binds of irda socket irda: Only insert new objects into the global database via setsockopt Vlad Buslov (1): net: sched: action_ife: take reference to meta module Wei Yongjun (1): NFSv4: Fix error handling in nfs4_sp4_select_mode() Xi Wang (1): net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero Xin Long (1): sctp: hold transport before accessing its asoc in sctp_transport_get_next YueHaibing (1): RDS: IB: fix 'passing zero to ERR_PTR()' warning

7 years, 1 month

1
1
0 0

Linux 4.9.127

by Greg KH

I'm announcing the release of the 4.9.127 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/configs/imx_v6_v7_defconfig | 2 arch/arm/mach-rockchip/Kconfig | 1 arch/arm64/Kconfig.platforms | 1 arch/arm64/include/asm/cachetype.h | 5 + arch/arm64/include/asm/cpucaps.h | 3 arch/arm64/kernel/cpu_errata.c | 24 ++++++- arch/arm64/kernel/cpufeature.c | 4 - arch/powerpc/platforms/pseries/ras.c | 2 arch/powerpc/sysdev/mpic_msgr.c | 2 arch/s390/kernel/crash_dump.c | 17 +++-- arch/s390/lib/mem.S | 9 +- arch/x86/include/asm/pgtable-3level.h | 7 -- arch/x86/include/asm/pgtable.h | 2 block/bio.c | 2 drivers/acpi/scan.c | 5 - drivers/clk/rockchip/clk-rk3399.c | 1 drivers/gpu/drm/drm_edid.c | 3 drivers/infiniband/hw/hns/hns_roce_pd.c | 2 drivers/infiniband/hw/hns/hns_roce_qp.c | 5 + drivers/irqchip/irq-bcm7038-l1.c | 4 + drivers/md/dm-kcopyd.c | 2 drivers/mfd/sm501.c | 1 drivers/misc/mei/pci-me.c | 5 + drivers/net/ethernet/broadcom/genet/bcmgenet.h | 3 drivers/net/ethernet/broadcom/genet/bcmmii.c | 10 ++- drivers/net/ethernet/cisco/enic/enic_main.c | 2 drivers/net/ethernet/qlogic/qlge/qlge_main.c | 23 ++----- drivers/net/ethernet/realtek/r8169.c | 1 drivers/net/hyperv/netvsc_drv.c | 5 + drivers/pci/host/pci-mvebu.c | 2 drivers/platform/x86/asus-nb-wmi.c | 1 drivers/platform/x86/intel_punit_ipc.c | 1 drivers/s390/block/dasd_eckd.c | 10 ++- drivers/scsi/aic94xx/aic94xx_init.c | 4 - drivers/staging/comedi/drivers/ni_mio_common.c | 3 drivers/vhost/vhost.c | 2 drivers/virtio/virtio_pci_legacy.c | 14 +++- fs/btrfs/dev-replace.c | 6 + fs/btrfs/disk-io.c | 10 +-- fs/btrfs/extent-tree.c | 2 fs/btrfs/relocation.c | 23 +++---- fs/cifs/cifs_debug.c | 8 ++ fs/cifs/smb2misc.c | 7 ++ fs/cifs/smb2pdu.c | 2 fs/dcache.c | 3 fs/fat/cache.c | 19 +++--- fs/fat/fat.h | 5 + fs/fat/fatent.c | 6 - fs/hfs/brec.c | 7 +- fs/hfsplus/dir.c | 4 - fs/hfsplus/super.c | 4 - fs/reiserfs/reiserfs.h | 2 include/linux/pci_ids.h | 2 kernel/fork.c | 2 lib/debugobjects.c | 7 +- mm/fadvise.c | 8 +- mm/huge_memory.c | 2 net/9p/trans_fd.c | 10 +-- net/9p/trans_virtio.c | 3 net/ipv4/tcp_ipv4.c | 6 + net/ipv4/tcp_minisocks.c | 3 net/ipv4/tcp_probe.c | 4 - net/ipv6/ip6_vti.c | 2 net/irda/af_irda.c | 13 +++- net/netfilter/ipvs/ip_vs_core.c | 15 +++- net/rds/ib_frmr.c | 1 net/sched/act_ife.c | 79 ++++++++++++++----------- net/sched/cls_u32.c | 8 +- net/sched/sch_hhf.c | 3 net/sched/sch_htb.c | 5 - net/sched/sch_multiq.c | 9 -- net/sched/sch_netem.c | 4 - net/sched/sch_tbf.c | 5 - net/sctp/proc.c | 4 - net/sctp/socket.c | 22 ++++-- net/sunrpc/auth_gss/gss_krb5_crypto.c | 12 ++- scripts/depmod.sh | 4 - scripts/mod/modpost.c | 8 +- sound/soc/codecs/wm8994.c | 1 tools/perf/arch/powerpc/util/sym-handling.c | 4 - tools/testing/selftests/powerpc/harness.c | 18 +++-- 82 files changed, 375 insertions(+), 189 deletions(-) Aleh Filipovich (1): platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Alexey Kodanev (1): vti6: remove !skb->ignore_df check from vti6_xmit() Andrey Ryabinin (1): mm/fadvise.c: fix signed overflow UBSAN complaint Anthony Wong (1): r8169: add support for NCube 8168 network card Arnd Bergmann (1): reiserfs: change j_timestamp type to time64_t Breno Leitao (1): selftests/powerpc: Kill child processes on SIGINT Chas Williams (1): Fixes: Commit 2aa6d036b716 ("mm: numa: avoid waiting on freed migrated pages") Cong Wang (3): act_ife: fix a potential use-after-free act_ife: move tcfa_lock down to where necessary act_ife: fix a potential deadlock Dan Carpenter (2): powerpc: Fix size calculation using resource_size() scsi: aic94xx: fix an error code in aic94xx_init() Doug Berger (1): net: bcmgenet: use MAC link status for fixed phy Eric Dumazet (2): ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state tcp: Revert "tcp: tcp_probe: use spin_lock_bh()" Ernesto A. Fernández (2): hfs: prevent crash on exit from failed search hfsplus: fix NULL dereference in hfsplus_lookup() Ethan Lien (1): btrfs: use correct compare function of dirty_metadata_bytes Fabio Estevam (1): Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" Florian Westphal (1): tcp: do not restart timewait timer on rst reception Gal Pressman (1): RDMA/hns: Fix usage of bitmap allocation functions return values Govindarajulu Varadarajan (1): enic: do not call enic_change_mtu in enic_probe Greg Edwards (1): block: bvec_nr_vecs() returns value for wrong slab Greg Kroah-Hartman (1): Linux 4.9.127 Guenter Roeck (1): mfd: sm501: Set coherent_dma_mask when creating subdevices Gustavo A. R. Silva (1): ASoC: wm8994: Fix missing break in switch Hans de Goede (1): ACPI / scan: Initialize status to ACPI_STA_DEFAULT Ian Abbott (1): staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice Jann Horn (1): fork: don't copy inconsistent signal handler state to child Jason Wang (1): vhost: correctly check the iova range when waking virtqueue Jean-Philippe Brucker (1): net/9p: fix error path of p9_virtio_probe Joel Fernandes (Google) (1): debugobjects: Make stack check warning more informative John Pittman (1): dm kcopyd: avoid softlockup in run_complete_job Jonas Gorski (1): irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Juergen Gross (1): x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear Kai-Heng Feng (1): drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 Kees Cook (1): net: sched: Fix memory exposure from short TCA_U32_SEL Laura Abbott (1): sunrpc: Don't use stack buffer with scatterlist Levin Du (1): clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 Mahesh Salgaonkar (1): powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Manish Chopra (1): qlge: Fix netdev features configuration. Marc Zyngier (2): arm64: rockchip: Force CONFIG_PM on Rockchip systems ARM: rockchip: Force CONFIG_PM on Rockchip systems Martin Schwidefsky (1): s390/lib: use expoline for all bcr instructions Michal Hocko (1): x86/speculation/l1tf: Fix up pte->pfn conversion for PAE Misono Tomohiro (1): btrfs: replace: Reset on-disk dev stats value after replace Nikolay Aleksandrov (5): sch_htb: fix crash on init failure sch_multiq: fix double free on init failure sch_hhf: fix null pointer dereference on init failure sch_netem: avoid null pointer deref on init failure sch_tbf: fix two null pointer dereferences on init failure OGAWA Hirofumi (1): fat: validate ->i_start before using Philipp Rudo (1): s390/kdump: Fix memleak in nt_vmcoreinfo Qu Wenruo (2): btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized btrfs: Don't remove block group that still has pinned down bytes Randy Dunlap (3): scripts: modpost: check memory allocation results platform/x86: intel_punit_ipc: fix build errors kbuild: make missing $DEPMOD a Warning instead of an Error Ronnie Sahlberg (1): cifs: check if SMB2 PDU size has been padded and suppress the warning Sandipan Das (1): perf probe powerpc: Fix trace event post-processing Stefan Haberland (2): s390/dasd: fix hanging offline processing due to canceled worker s390/dasd: fix panic for failed online processing Stephen Hemminger (1): hv_netvsc: ignore devices that are not PCI Steve French (2): smb3: fix reset of bytes read and written stats SMB3: Number of requests sent should be displayed for SMB3 not just CIFS Suzuki K Poulose (3): virtio: pci-legacy: Validate queue pfn arm64: Fix mismatched cache line size detection arm64: Handle mismatched cache type Tan Hu (1): ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Tetsuo Handa (2): hfsplus: don't return 0 when fill_super() failed fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Thomas Petazzoni (1): PCI: mvebu: Fix I/O space end address calculation Tomas Bortoli (1): net/9p/trans_fd.c: fix race by holding the lock Tomas Winkler (1): mei: me: allow runtime pm for platform with D0i3 Tyler Hicks (2): irda: Fix memory leak caused by repeated binds of irda socket irda: Only insert new objects into the global database via setsockopt Vlad Buslov (1): net: sched: action_ife: take reference to meta module Xin Long (1): sctp: hold transport before accessing its asoc in sctp_transport_get_next YueHaibing (1): RDS: IB: fix 'passing zero to ERR_PTR()' warning

7 years, 1 month

1
1
0 0

Linux 4.4.156

by Greg KH

I'm announcing the release of the 4.4.156 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/configs/imx_v6_v7_defconfig | 2 arch/arm/include/asm/arch_gicv3.h | 1 arch/powerpc/platforms/pseries/ras.c | 2 arch/powerpc/sysdev/mpic_msgr.c | 2 arch/s390/lib/mem.S | 9 +- arch/x86/include/asm/pgtable-3level.h | 7 - arch/x86/include/asm/pgtable.h | 2 drivers/irqchip/irq-bcm7038-l1.c | 4 + drivers/irqchip/irq-gic-v3-its.c | 34 +++++---- drivers/irqchip/irq-gic.c | 2 drivers/md/dm-kcopyd.c | 2 drivers/mfd/sm501.c | 1 drivers/misc/mei/pci-me.c | 5 + drivers/net/ethernet/broadcom/genet/bcmgenet.h | 3 drivers/net/ethernet/broadcom/genet/bcmmii.c | 10 ++ drivers/net/ethernet/cisco/enic/enic_main.c | 2 drivers/net/ethernet/qlogic/qlge/qlge_main.c | 23 ++---- drivers/pci/host/pci-mvebu.c | 2 drivers/platform/x86/asus-nb-wmi.c | 1 drivers/s390/block/dasd_eckd.c | 7 + drivers/scsi/aic94xx/aic94xx_init.c | 4 - drivers/staging/android/ion/ion.c | 60 +++++++++------- drivers/staging/comedi/drivers/ni_mio_common.c | 3 fs/btrfs/dev-replace.c | 6 + fs/btrfs/disk-io.c | 10 +- fs/btrfs/extent-tree.c | 2 fs/btrfs/relocation.c | 23 +++--- fs/cifs/cifs_debug.c | 8 ++ fs/cifs/smb2misc.c | 7 + fs/cifs/smb2pdu.c | 2 fs/dcache.c | 3 fs/fat/cache.c | 19 +++-- fs/fat/fat.h | 5 + fs/fat/fatent.c | 6 - fs/hfs/brec.c | 7 + fs/hfsplus/dir.c | 4 - fs/hfsplus/super.c | 4 - fs/overlayfs/copy_up.c | 26 ------ fs/overlayfs/dir.c | 67 +----------------- fs/overlayfs/overlayfs.h | 3 fs/overlayfs/readdir.c | 93 +++++++++++++++++++------ fs/overlayfs/super.c | 20 ++++- fs/reiserfs/reiserfs.h | 2 kernel/fork.c | 2 kernel/irq/chip.c | 8 +- lib/debugobjects.c | 7 + mm/fadvise.c | 8 +- mm/huge_memory.c | 2 net/9p/trans_virtio.c | 3 net/ipv4/tcp_minisocks.c | 3 net/ipv6/ip6_vti.c | 2 net/irda/af_irda.c | 13 +++ net/netfilter/ipvs/ip_vs_core.c | 15 ++-- net/sched/sch_hhf.c | 3 net/sched/sch_htb.c | 5 - net/sched/sch_multiq.c | 9 -- net/sched/sch_netem.c | 4 - net/sched/sch_tbf.c | 5 - scripts/depmod.sh | 4 - scripts/mod/modpost.c | 8 +- sound/soc/codecs/wm8994.c | 1 tools/testing/selftests/powerpc/harness.c | 18 +++- 63 files changed, 368 insertions(+), 259 deletions(-) Aleh Filipovich (1): platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Alexey Kodanev (1): vti6: remove !skb->ignore_df check from vti6_xmit() Andrey Ryabinin (1): mm/fadvise.c: fix signed overflow UBSAN complaint Antonio Murdaca (1): ovl: override creds with the ones from the superblock mounter Arnd Bergmann (1): reiserfs: change j_timestamp type to time64_t Breno Leitao (1): selftests/powerpc: Kill child processes on SIGINT Chas Williams (1): Fixes: Commit cdbf92675fad ("mm: numa: avoid waiting on freed migrated pages") Dan Carpenter (2): powerpc: Fix size calculation using resource_size() scsi: aic94xx: fix an error code in aic94xx_init() Doug Berger (1): net: bcmgenet: use MAC link status for fixed phy Ernesto A. Fernández (2): hfs: prevent crash on exit from failed search hfsplus: fix NULL dereference in hfsplus_lookup() Ethan Lien (1): btrfs: use correct compare function of dirty_metadata_bytes Fabio Estevam (1): Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" Florian Westphal (1): tcp: do not restart timewait timer on rst reception Govindarajulu Varadarajan (1): enic: do not call enic_change_mtu in enic_probe Greg Hackmann (1): staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free Greg Kroah-Hartman (1): Linux 4.4.156 Guenter Roeck (1): mfd: sm501: Set coherent_dma_mask when creating subdevices Gustavo A. R. Silva (1): ASoC: wm8994: Fix missing break in switch Ian Abbott (1): staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice Jann Horn (1): fork: don't copy inconsistent signal handler state to child Jean-Philippe Brucker (1): net/9p: fix error path of p9_virtio_probe Joel Fernandes (Google) (1): debugobjects: Make stack check warning more informative John Pittman (1): dm kcopyd: avoid softlockup in run_complete_job Jonas Gorski (1): irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Juergen Gross (1): x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear Mahesh Salgaonkar (1): powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Manish Chopra (1): qlge: Fix netdev features configuration. Marc Zyngier (3): irqchip/gic-v3-its: Recompute the number of pages on page size change irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar() irqchip/gic: Make interrupt ID 1020 invalid Martin Schwidefsky (1): s390/lib: use expoline for all bcr instructions Michal Hocko (1): x86/speculation/l1tf: Fix up pte->pfn conversion for PAE Miklos Szeredi (2): ovl: rename is_merge to is_lowest ovl: proper cleanup of workdir Misono Tomohiro (1): btrfs: replace: Reset on-disk dev stats value after replace Nikolay Aleksandrov (5): sch_htb: fix crash on init failure sch_multiq: fix double free on init failure sch_hhf: fix null pointer dereference on init failure sch_netem: avoid null pointer deref on init failure sch_tbf: fix two null pointer dereferences on init failure OGAWA Hirofumi (1): fat: validate ->i_start before using Qu Wenruo (2): btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized btrfs: Don't remove block group that still has pinned down bytes Randy Dunlap (2): scripts: modpost: check memory allocation results kbuild: make missing $DEPMOD a Warning instead of an Error Ronnie Sahlberg (1): cifs: check if SMB2 PDU size has been padded and suppress the warning Shanker Donthineni (2): irqchip/gicv3-its: Fix memory leak in its_free_tables() irqchip/gicv3-its: Avoid cache flush beyond ITS_BASERn memory size Stefan Haberland (1): s390/dasd: fix hanging offline processing due to canceled worker Steve French (2): smb3: fix reset of bytes read and written stats SMB3: Number of requests sent should be displayed for SMB3 not just CIFS Sudeep Holla (1): genirq: Delay incrementing interrupt count if it's disabled/pending Tan Hu (1): ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Tetsuo Handa (2): hfsplus: don't return 0 when fill_super() failed fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Thomas Petazzoni (1): PCI: mvebu: Fix I/O space end address calculation Tomas Winkler (1): mei: me: allow runtime pm for platform with D0i3 Tyler Hicks (2): irda: Fix memory leak caused by repeated binds of irda socket irda: Only insert new objects into the global database via setsockopt

7 years, 1 month

1
1
0 0

[PATCH 4.14 000/115] 4.14.70-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.70 release. There are 115 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Sep 15 13:17:48 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.70-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.70-rc1 Suzuki K Poulose <suzuki.poulose(a)arm.com> arm64: Handle mismatched cache type Suzuki K Poulose <suzuki.poulose(a)arm.com> arm64: Fix mismatched cache line size detection Gustavo A. R. Silva <gustavo(a)embeddedor.com> ASoC: wm8994: Fix missing break in switch Arnd Bergmann <arnd(a)arndb.de> arm64: cpu_errata: include required headers Arnd Bergmann <arnd(a)arndb.de> x86: kvm: avoid unused variable warning Junaid Shahid <junaids(a)google.com> kvm: x86: Set highest physical address bits in non-present/reserved SPTEs Fabio Estevam <fabio.estevam(a)nxp.com> Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" Tyler Hicks <tyhicks(a)canonical.com> irda: Only insert new objects into the global database via setsockopt Tyler Hicks <tyhicks(a)canonical.com> irda: Fix memory leak caused by repeated binds of irda socket Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390/lib: use expoline for all bcr instructions Randy Dunlap <rdunlap(a)infradead.org> kbuild: make missing $DEPMOD a Warning instead of an Error Fredrik Schön <fredrikschon(a)gmail.com> drm/i915: Increase LSPCON timeout Juergen Gross <jgross(a)suse.com> x86/xen: don't write ptes directly in 32-bit PV guests Juergen Gross <jgross(a)suse.com> x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear Roger Quadros <rogerq(a)ti.com> usb: dwc3: core: Fix ULPI PHYs and prevent phy_get/ulpi_init during suspend/resume Dave Young <dyoung(a)redhat.com> HID: add quirk for another PIXART OEM mouse used by HP Jan H. Schönherr <jschoenh(a)amazon.de> mm: Fix devm_memremap_pages() collision handling Javier González <javier(a)cnexlabs.com> lightnvm: pblk: free padded entries in write buffer Luca Abeni <luca.abeni(a)santannapisa.it> sched/deadline: Fix switching to -deadline Joel Fernandes (Google) <joel(a)joelfernandes.org> debugobjects: Make stack check warning more informative Randy Dunlap <rdunlap(a)infradead.org> uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name Likun Gao <Likun.Gao(a)amd.com> drm/amdgpu:add VCN booting with firmware loaded by PSP Likun Gao <Likun.Gao(a)amd.com> drm/amdgpu:add VCN support in PSP driver Likun Gao <Likun.Gao(a)amd.com> drm/amdgpu:add new firmware id for VCN James Zhu <jzhums(a)gmail.com> drm/amdgpu:add tmr mc address into amdgpu_firmware_info James Zhu <jzhums(a)gmail.com> drm/amdgpu: update tmr mc address Kai-Heng Feng <kai.heng.feng(a)canonical.com> drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 Rex Zhu <rex.zhu(a)amd.com> drm/amd/pp/Polaris12: Fix a chunk of registers missed to program Michel Dänzer <michel.daenzer(a)amd.com> drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode Chris Wilson <chris(a)chris-wilson.co.uk> drm/i915/lpe: Mark LPE audio runtime pm as "no callbacks" Marc Zyngier <marc.zyngier(a)arm.com> ARM: rockchip: Force CONFIG_PM on Rockchip systems Marc Zyngier <marc.zyngier(a)arm.com> arm64: rockchip: Force CONFIG_PM on Rockchip systems Qu Wenruo <wqu(a)suse.com> btrfs: Don't remove block group that still has pinned down bytes Qu Wenruo <wqu(a)suse.com> btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized Misono Tomohiro <misono.tomohiro(a)jp.fujitsu.com> btrfs: replace: Reset on-disk dev stats value after replace Qu Wenruo <wqu(a)suse.com> btrfs: Exit gracefully when chunk map cannot be inserted to the tree Jim Mattson <jmattson(a)google.com> kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: vmx: track host_state.loaded using a loaded_vmcs pointer Levin Du <djw(a)t-chip.com.cn> clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Michael Ellerman <mpe(a)ellerman.id.au> powerpc/64s: Make rfi_flush_fallback a little more robust Randy Dunlap <rdunlap(a)infradead.org> powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning Steve French <stfrench(a)microsoft.com> SMB3: Number of requests sent should be displayed for SMB3 not just CIFS Steve French <stfrench(a)microsoft.com> smb3: fix reset of bytes read and written stats Bart Van Assche <bart.vanassche(a)wdc.com> cfq: Suppress compiler warnings about comparisons YueHaibing <yuehaibing(a)huawei.com> RDS: IB: fix 'passing zero to ERR_PTR()' warning Breno Leitao <leitao(a)debian.org> selftests/powerpc: Kill child processes on SIGINT Ralf Goebel <ralf.goebel(a)imago-technologies.com> iommu/omap: Fix cache flushes on L2 table entries Matthias Kaehlcke <mka(a)chromium.org> ASoC: rt5677: Fix initialization of rt5677_of_match.data Ian Abbott <abbotti(a)mev.co.uk> staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice John Pittman <jpittman(a)redhat.com> dm kcopyd: avoid softlockup in run_complete_job Thomas Petazzoni <thomas.petazzoni(a)bootlin.com> PCI: mvebu: Fix I/O space end address calculation Roger Pau Monne <roger.pau(a)citrix.com> xen/balloon: fix balloon initialization for PVH Dom0 Dmitry Torokhov <dmitry.torokhov(a)gmail.com> Input: do not use WARN() in input_alloc_absinfo() Wei Yongjun <weiyongjun1(a)huawei.com> NFSv4: Fix error handling in nfs4_sp4_select_mode() Dan Carpenter <dan.carpenter(a)oracle.com> scsi: aic94xx: fix an error code in aic94xx_init() Hans de Goede <hdegoede(a)redhat.com> ACPI / scan: Initialize status to ACPI_STA_DEFAULT Stefan Haberland <sth(a)linux.ibm.com> s390/dasd: fix panic for failed online processing Stefan Haberland <sth(a)linux.ibm.com> s390/dasd: fix hanging offline processing due to canceled worker Greg Edwards <gedwards(a)ddn.com> block: bvec_nr_vecs() returns value for wrong slab Sandipan Das <sandipan(a)linux.ibm.com> perf probe powerpc: Fix trace event post-processing Dan Carpenter <dan.carpenter(a)oracle.com> powerpc: Fix size calculation using resource_size() Michael Ellerman <mpe(a)ellerman.id.au> powerpc/uaccess: Enable get_user(u64, *p) on 32-bit Chao Yu <yuchao0(a)huawei.com> f2fs: fix to clear PG_checked flag in set_page_dirty() Jean-Philippe Brucker <jean-philippe.brucker(a)arm.com> net/9p: fix error path of p9_virtio_probe Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/trans_fd.c: fix race by holding the lock Jonas Gorski <jonas.gorski(a)gmail.com> irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Benno Evers <bevers(a)mesosphere.com> perf tools: Check for null when copying nsinfo. Jian Shen <shenjian15(a)huawei.com> net: hns3: Fix for phy link issue when using marvell phy driver Xi Wang <wangxi11(a)huawei.com> net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero Gal Pressman <pressmangal(a)gmail.com> RDMA/hns: Fix usage of bitmap allocation functions return values Daniel Borkmann <daniel(a)iogearbox.net> tcp, ulp: add alias for all ulp modules Florian Westphal <fw(a)strlen.de> netfilter: fix memory leaks on netlink_dump_start error Aleh Filipovich <aleh(a)vaolix.com> platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Guenter Roeck <linux(a)roeck-us.net> mfd: sm501: Set coherent_dma_mask when creating subdevices Tan Hu <tan.hu(a)zte.com.cn> ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Philipp Rudo <prudo(a)linux.ibm.com> s390/kdump: Fix memleak in nt_vmcoreinfo Florian Westphal <fw(a)strlen.de> netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses Randy Dunlap <rdunlap(a)infradead.org> platform/x86: intel_punit_ipc: fix build errors Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Andrey Ryabinin <aryabinin(a)virtuozzo.com> mm/fadvise.c: fix signed overflow UBSAN complaint Jerome Brunet <jbrunet(a)baylibre.com> pwm: meson: Fix mux clock names Michael J. Ruhl <michael.j.ruhl(a)intel.com> IB/hfi1: Invalid NUMA node information can cause a divide by zero Arnd Bergmann <arnd(a)arndb.de> x86/mce: Add notifier_block forward declaration Suzuki K Poulose <suzuki.poulose(a)arm.com> virtio: pci-legacy: Validate queue pfn Randy Dunlap <rdunlap(a)infradead.org> scripts: modpost: check memory allocation results OGAWA Hirofumi <hirofumi(a)mail.parknet.co.jp> fat: validate ->i_start before using James Morse <james.morse(a)arm.com> fs/proc/kcore.c: use __pa_symbol() for KCORE_TEXT list entries Ernesto A. Fernández <ernesto.mnd.fernandez(a)gmail.com> hfsplus: fix NULL dereference in hfsplus_lookup() Arnd Bergmann <arnd(a)arndb.de> reiserfs: change j_timestamp type to time64_t Jann Horn <jannh(a)google.com> fork: don't copy inconsistent signal handler state to child Laura Abbott <labbott(a)redhat.com> sunrpc: Don't use stack buffer with scatterlist Ernesto A. Fernández <ernesto.mnd.fernandez(a)gmail.com> hfs: prevent crash on exit from failed search Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> hfsplus: don't return 0 when fill_super() failed Ronnie Sahlberg <lsahlber(a)redhat.com> cifs: check if SMB2 PDU size has been padded and suppress the warning Vlad Buslov <vladbu(a)mellanox.com> net: sched: action_ife: take reference to meta module Cong Wang <xiyou.wangcong(a)gmail.com> act_ife: fix a potential deadlock Cong Wang <xiyou.wangcong(a)gmail.com> act_ife: move tcfa_lock down to where necessary Dexuan Cui <decui(a)microsoft.com> hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() Stephen Hemminger <stephen(a)networkplumber.org> hv_netvsc: ignore devices that are not PCI Jason Wang <jasowang(a)redhat.com> vhost: correctly check the iova range when waking virtqueue Ido Schimmel <idosch(a)mellanox.com> mlxsw: spectrum_switchdev: Do not leak RIFs when removing bridge Xin Long <lucien.xin(a)gmail.com> sctp: hold transport before accessing its asoc in sctp_transport_get_next Jakub Kicinski <jakub.kicinski(a)netronome.com> nfp: wait for posted reconfigs when disabling the device Cong Wang <xiyou.wangcong(a)gmail.com> tipc: fix a missing rhashtable_walk_exit() Davide Caratti <dcaratti(a)redhat.com> net/sched: act_pedit: fix dump of extended layered op Alexey Kodanev <alexey.kodanev(a)oracle.com> vti6: remove !skb->ignore_df check from vti6_xmit() Florian Westphal <fw(a)strlen.de> tcp: do not restart timewait timer on rst reception Anthony Wong <anthony.wong(a)ubuntu.com> r8169: add support for NCube 8168 network card Manish Chopra <manish.chopra(a)cavium.com> qlge: Fix netdev features configuration. Kees Cook <keescook(a)chromium.org> net: sched: Fix memory exposure from short TCA_U32_SEL Anssi Hannula <anssi.hannula(a)bitwise.fi> net: macb: do not disable MDIO bus at open/close time Doug Berger <opendmb(a)gmail.com> net: bcmgenet: use MAC link status for fixed phy Eric Dumazet <edumazet(a)google.com> ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state Cong Wang <xiyou.wangcong(a)gmail.com> act_ife: fix a potential use-after-free ------------- Diffstat: Makefile | 4 +- arch/arm/configs/imx_v6_v7_defconfig | 2 - arch/arm/mach-rockchip/Kconfig | 1 + arch/arm64/Kconfig.platforms | 1 + arch/arm64/include/asm/cache.h | 5 ++ arch/arm64/include/asm/cpucaps.h | 3 +- arch/arm64/kernel/cpu_errata.c | 25 +++++-- arch/arm64/kernel/cpufeature.c | 4 +- arch/powerpc/include/asm/uaccess.h | 13 +++- arch/powerpc/kernel/exceptions-64s.S | 6 ++ arch/powerpc/platforms/85xx/t1042rdb_diu.c | 4 ++ arch/powerpc/platforms/pseries/ras.c | 2 +- arch/powerpc/sysdev/mpic_msgr.c | 2 +- arch/s390/kernel/crash_dump.c | 17 +++-- arch/s390/lib/mem.S | 12 ++-- arch/x86/include/asm/mce.h | 1 + arch/x86/include/asm/pgtable-3level.h | 7 +- arch/x86/kvm/mmu.c | 43 ++++++++++-- arch/x86/kvm/vmx.c | 26 ++++--- arch/x86/kvm/x86.c | 12 ++-- arch/x86/xen/mmu_pv.c | 7 +- block/bio.c | 2 +- block/cfq-iosched.c | 22 +++--- drivers/acpi/scan.c | 5 +- drivers/clk/rockchip/clk-rk3399.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_psp.c | 5 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_ucode.h | 4 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_vcn.c | 17 +++-- drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 2 +- drivers/gpu/drm/amd/amdgpu/psp_v10_0.c | 3 + drivers/gpu/drm/amd/amdgpu/vcn_v1_0.c | 40 ++++++++--- .../gpu/drm/amd/powerplay/hwmgr/smu7_powertune.c | 43 ++++++++++++ drivers/gpu/drm/drm_edid.c | 3 + drivers/gpu/drm/i915/intel_lpe_audio.c | 4 +- drivers/gpu/drm/i915/intel_lspcon.c | 2 +- drivers/hid/hid-ids.h | 1 + drivers/hid/usbhid/hid-quirks.c | 1 + drivers/infiniband/hw/hfi1/affinity.c | 24 ++++++- drivers/infiniband/hw/hns/hns_roce_pd.c | 2 +- drivers/infiniband/hw/hns/hns_roce_qp.c | 5 +- drivers/input/input.c | 16 +++-- drivers/iommu/omap-iommu.c | 4 +- drivers/irqchip/irq-bcm7038-l1.c | 4 ++ drivers/lightnvm/pblk-core.c | 1 - drivers/lightnvm/pblk-write.c | 7 +- drivers/md/dm-kcopyd.c | 2 + drivers/mfd/sm501.c | 1 + drivers/net/ethernet/broadcom/genet/bcmgenet.h | 3 + drivers/net/ethernet/broadcom/genet/bcmmii.c | 10 ++- drivers/net/ethernet/cadence/macb_main.c | 9 ++- .../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 2 +- .../ethernet/hisilicon/hns3/hns3pf/hclge_mdio.c | 2 + drivers/net/ethernet/mellanox/mlxsw/spectrum.h | 2 + .../net/ethernet/mellanox/mlxsw/spectrum_router.c | 11 +++ .../ethernet/mellanox/mlxsw/spectrum_switchdev.c | 20 ++++++ .../net/ethernet/netronome/nfp/nfp_net_common.c | 48 +++++++++---- drivers/net/ethernet/qlogic/qlge/qlge_main.c | 23 +++---- drivers/net/ethernet/realtek/r8169.c | 1 + drivers/net/hyperv/netvsc_drv.c | 16 ++++- drivers/pci/host/pci-mvebu.c | 2 +- drivers/platform/x86/asus-nb-wmi.c | 1 + drivers/platform/x86/intel_punit_ipc.c | 1 + drivers/pwm/pwm-meson.c | 3 +- drivers/s390/block/dasd_eckd.c | 10 ++- drivers/scsi/aic94xx/aic94xx_init.c | 4 +- drivers/staging/comedi/drivers/ni_mio_common.c | 3 +- drivers/staging/irda/net/af_irda.c | 13 +++- drivers/usb/dwc3/core.c | 47 ++++++++++--- drivers/usb/dwc3/core.h | 5 ++ drivers/vhost/vhost.c | 2 +- drivers/virtio/virtio_pci_legacy.c | 14 +++- drivers/xen/xen-balloon.c | 2 +- fs/btrfs/dev-replace.c | 6 ++ fs/btrfs/extent-tree.c | 2 +- fs/btrfs/relocation.c | 23 ++++--- fs/btrfs/volumes.c | 8 ++- fs/cifs/cifs_debug.c | 8 +++ fs/cifs/smb2misc.c | 7 ++ fs/cifs/smb2pdu.c | 2 +- fs/dcache.c | 3 +- fs/f2fs/data.c | 4 ++ fs/fat/cache.c | 19 ++++-- fs/fat/fat.h | 5 ++ fs/fat/fatent.c | 6 +- fs/hfs/brec.c | 7 +- fs/hfsplus/dir.c | 4 +- fs/hfsplus/super.c | 4 +- fs/nfs/nfs4proc.c | 2 +- fs/proc/kcore.c | 4 +- fs/reiserfs/reiserfs.h | 2 +- include/linux/pci_ids.h | 2 + include/net/tcp.h | 4 ++ include/uapi/linux/keyctl.h | 2 +- kernel/fork.c | 2 + kernel/memremap.c | 11 +-- kernel/sched/deadline.c | 11 ++- lib/debugobjects.c | 7 +- mm/fadvise.c | 8 ++- net/9p/trans_fd.c | 10 +-- net/9p/trans_virtio.c | 3 +- net/ipv4/tcp_ipv4.c | 6 ++ net/ipv4/tcp_minisocks.c | 3 +- net/ipv4/tcp_ulp.c | 2 +- net/ipv6/ip6_vti.c | 2 +- net/ipv6/netfilter/ip6t_rpfilter.c | 12 +++- net/netfilter/ipvs/ip_vs_core.c | 15 ++-- net/netfilter/nf_conntrack_netlink.c | 26 ++++--- net/netfilter/nfnetlink_acct.c | 29 ++++---- net/rds/ib_frmr.c | 1 + net/sched/act_ife.c | 79 ++++++++++++---------- net/sched/act_pedit.c | 18 +++-- net/sched/cls_u32.c | 8 ++- net/sctp/proc.c | 4 -- net/sctp/socket.c | 22 ++++-- net/sunrpc/auth_gss/gss_krb5_crypto.c | 12 +++- net/tipc/socket.c | 2 + net/tls/tls_main.c | 1 + scripts/depmod.sh | 4 +- scripts/mod/modpost.c | 8 +-- security/keys/dh.c | 2 +- sound/soc/codecs/rt5677.c | 2 +- sound/soc/codecs/wm8994.c | 1 + tools/perf/arch/powerpc/util/sym-handling.c | 4 +- tools/perf/util/namespaces.c | 3 + tools/testing/selftests/powerpc/harness.c | 18 +++-- 125 files changed, 812 insertions(+), 320 deletions(-)

7 years, 1 month

7
127
0 0

[PATCH AUTOSEL 3.18 01/11] binfmt_elf: Respect error return from `regset->active'

by Sasha Levin

From: "Maciej W. Rozycki" <macro(a)mips.com> [ Upstream commit 2f819db565e82e5f73cd42b39925098986693378 ] The regset API documented in <linux/regset.h> defines -ENODEV as the result of the `->active' handler to be used where the feature requested is not available on the hardware found. However code handling core file note generation in `fill_thread_core_info' interpretes any non-zero result from the `->active' handler as the regset requested being active. Consequently processing continues (and hopefully gracefully fails later on) rather than being abandoned right away for the regset requested. Fix the problem then by making the code proceed only if a positive result is returned from the `->active' handler. Signed-off-by: Maciej W. Rozycki <macro(a)mips.com> Signed-off-by: Paul Burton <paul.burton(a)mips.com> Fixes: 4206d3aa1978 ("elf core dump: notes user_regset") Patchwork: https://patchwork.linux-mips.org/patch/19332/ Cc: Alexander Viro <viro(a)zeniv.linux.org.uk> Cc: James Hogan <jhogan(a)kernel.org> Cc: Ralf Baechle <ralf(a)linux-mips.org> Cc: linux-fsdevel(a)vger.kernel.org Cc: linux-mips(a)linux-mips.org Cc: linux-kernel(a)vger.kernel.org Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- fs/binfmt_elf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index e39fe28f1ea0..c3b57886b5bc 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -1552,7 +1552,7 @@ static int fill_thread_core_info(struct elf_thread_core_info *t, const struct user_regset *regset = &view->regsets[i]; do_thread_regset_writeback(t->task, regset); if (regset->core_note_type && regset->get && - (!regset->active || regset->active(t->task, regset))) { + (!regset->active || regset->active(t->task, regset) > 0)) { int ret; size_t size = regset->n * regset->size; void *data = kmalloc(size, GFP_KERNEL); -- 2.17.1

7 years, 1 month

1
10
0 0

[PATCH AUTOSEL 4.4 01/20] binfmt_elf: Respect error return from `regset->active'

by Sasha Levin

From: "Maciej W. Rozycki" <macro(a)mips.com> [ Upstream commit 2f819db565e82e5f73cd42b39925098986693378 ] The regset API documented in <linux/regset.h> defines -ENODEV as the result of the `->active' handler to be used where the feature requested is not available on the hardware found. However code handling core file note generation in `fill_thread_core_info' interpretes any non-zero result from the `->active' handler as the regset requested being active. Consequently processing continues (and hopefully gracefully fails later on) rather than being abandoned right away for the regset requested. Fix the problem then by making the code proceed only if a positive result is returned from the `->active' handler. Signed-off-by: Maciej W. Rozycki <macro(a)mips.com> Signed-off-by: Paul Burton <paul.burton(a)mips.com> Fixes: 4206d3aa1978 ("elf core dump: notes user_regset") Patchwork: https://patchwork.linux-mips.org/patch/19332/ Cc: Alexander Viro <viro(a)zeniv.linux.org.uk> Cc: James Hogan <jhogan(a)kernel.org> Cc: Ralf Baechle <ralf(a)linux-mips.org> Cc: linux-fsdevel(a)vger.kernel.org Cc: linux-mips(a)linux-mips.org Cc: linux-kernel(a)vger.kernel.org Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- fs/binfmt_elf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index f44e93d2650d..62bc72001fce 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -1707,7 +1707,7 @@ static int fill_thread_core_info(struct elf_thread_core_info *t, const struct user_regset *regset = &view->regsets[i]; do_thread_regset_writeback(t->task, regset); if (regset->core_note_type && regset->get && - (!regset->active || regset->active(t->task, regset))) { + (!regset->active || regset->active(t->task, regset) > 0)) { int ret; size_t size = regset->n * regset->size; void *data = kmalloc(size, GFP_KERNEL); -- 2.17.1

7 years, 1 month

1
19
0 0

[PATCH AUTOSEL 4.14 01/57] binfmt_elf: Respect error return from `regset->active'

by Sasha Levin

From: "Maciej W. Rozycki" <macro(a)mips.com> [ Upstream commit 2f819db565e82e5f73cd42b39925098986693378 ] The regset API documented in <linux/regset.h> defines -ENODEV as the result of the `->active' handler to be used where the feature requested is not available on the hardware found. However code handling core file note generation in `fill_thread_core_info' interpretes any non-zero result from the `->active' handler as the regset requested being active. Consequently processing continues (and hopefully gracefully fails later on) rather than being abandoned right away for the regset requested. Fix the problem then by making the code proceed only if a positive result is returned from the `->active' handler. Signed-off-by: Maciej W. Rozycki <macro(a)mips.com> Signed-off-by: Paul Burton <paul.burton(a)mips.com> Fixes: 4206d3aa1978 ("elf core dump: notes user_regset") Patchwork: https://patchwork.linux-mips.org/patch/19332/ Cc: Alexander Viro <viro(a)zeniv.linux.org.uk> Cc: James Hogan <jhogan(a)kernel.org> Cc: Ralf Baechle <ralf(a)linux-mips.org> Cc: linux-fsdevel(a)vger.kernel.org Cc: linux-mips(a)linux-mips.org Cc: linux-kernel(a)vger.kernel.org Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- fs/binfmt_elf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index c0e3f91e28e9..469666df91da 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -1725,7 +1725,7 @@ static int fill_thread_core_info(struct elf_thread_core_info *t, const struct user_regset *regset = &view->regsets[i]; do_thread_regset_writeback(t->task, regset); if (regset->core_note_type && regset->get && - (!regset->active || regset->active(t->task, regset))) { + (!regset->active || regset->active(t->task, regset) > 0)) { int ret; size_t size = regset->n * regset->size; void *data = kmalloc(size, GFP_KERNEL); -- 2.17.1

7 years, 1 month

1
56
0 0

[GIT PULL] commits for Linux 3.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 3.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit c0305995d3676c8f7764eb79a7f99de8d18c591a: Linux 3.18.122 (2018-09-09 20:07:57 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-3.18-14092018 for you to fetch changes up to e4c98cce78e482450a6e2e1c8deaca6298c357e7: MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON (2018-09-14 13:55:22 -0400) - ---------------------------------------------------------------- for-greg-3.18-14092018 - ---------------------------------------------------------------- Anton Vasilyev (3): tty: rocket: Fix possible buffer overwrite on register_PCI scsi: 3ware: fix return 0 on the error path of probe gpio: ml-ioh: Fix buffer underwrite on probe error path BingJing Chang (1): md/raid5: fix data corruption of replacements after originals dropped Chao Yu (1): f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize Dan Carpenter (1): uio: potential double frees if __uio_register_device() fails Finn Thain (1): macintosh/via-pmu: Add missing mmio accessors Joerg Roedel (2): x86/mm: Remove in_nmi() warning from vmalloc_fault() x86/kexec: Allocate 8k PGDs for PTI Johan Hedberg (1): Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV Marcel Holtmann (1): Bluetooth: hidp: Fix handling of strncpy for hid->name information Mauricio Faria de Oliveira (2): partitions/aix: append null character to print data from disk partitions/aix: fix usage of uninitialized lv_info and lvname structures Mike Christie (1): scsi: target: fix __transport_register_session locking Paul Burton (2): MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON Petr Machata (1): net: dcb: For wild-card lookups, use priority -1, not 0 Srinivas Pandruvada (1): ata: libahci: Correct setting of DEVSLP register Sven Eckelmann (1): ath10k: prevent active scans on potential unusable channels Takashi Iwai (6): ALSA: riptide: Properly endian notations ALSA: wss: Fix sparse warning wrt PCM format type ALSA: sb: Fix PCM format bit calculation ALSA: asihpi: Fix PCM format notations ALSA: ad1816a: Fix sparse warning wrt PCM format type ALSA: sb: Fix sparse warning wrt PCM format type Yelena Krivosheev (1): net: mvneta: fix mtu change on port without link Zumeng Chen (1): mfd: ti_am335x_tscadc: Fix struct clk memory leak arch/mips/include/asm/io.h | 8 ++++---- arch/mips/mm/c-r4k.c | 6 ++++-- arch/x86/kernel/machine_kexec_32.c | 5 +++-- arch/x86/mm/fault.c | 2 -- block/partitions/aix.c | 13 +++++++++---- drivers/ata/libahci.c | 2 ++ drivers/bluetooth/Kconfig | 1 + drivers/gpio/gpio-ml-ioh.c | 3 ++- drivers/macintosh/via-pmu.c | 9 +++++---- drivers/md/raid5.c | 6 ++++++ drivers/mfd/ti_am335x_tscadc.c | 3 +-- drivers/net/ethernet/marvell/mvneta.c | 1 - drivers/net/wireless/ath/ath10k/mac.c | 7 +++++++ drivers/scsi/3w-9xxx.c | 6 +++++- drivers/scsi/3w-sas.c | 3 +++ drivers/scsi/3w-xxxx.c | 2 ++ drivers/target/target_core_transport.c | 5 +++-- drivers/tty/rocket.c | 2 +- drivers/uio/uio.c | 3 +-- fs/f2fs/super.c | 21 +++++++++++++++++++-- include/sound/sb16_csp.h | 2 +- net/bluetooth/hidp/core.c | 2 +- net/dcb/dcbnl.c | 11 +++++++---- sound/isa/ad1816a/ad1816a_lib.c | 3 ++- sound/isa/sb/sb16_csp.c | 6 +++--- sound/isa/sb/sb16_main.c | 9 ++++++--- sound/isa/wss/wss_lib.c | 2 +- sound/pci/asihpi/asihpi.c | 24 +++++++++++++----------- sound/pci/riptide/riptide.c | 8 ++++---- 29 files changed, 116 insertions(+), 59 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlucANUACgkQ3qZv95d3 LNxaDw//WkPpTwRqcEN9E8xNACn01MdW2LnsNxFhvj2jr47AIREd5UlJVqgnFRkf y0/dDBlROHWBeTY3nXvovH79+/J2wuK3oz6L/lu+Uzvy3V4i4X7/WMB2w1Tbf5Z+ NyDGjFLBOVxWiCJHjnEwoM2cvINzHYMBCbB11XXwWNQEnPmJR9O/BDqjL+PzEXSz vikV7z/T/JvpJblQUG770qnYSAjZYNIGP80avd40hvgY7XBZiCNaFXh67iV8Lshm I+uNAPZPNcesHeD4181ELx+dD43Qb+SYauXOju5/ZaE273HgTFNpmfQPhvoUgJXt 2FRS49gqQ6ioBrNxqV7Jm3gbrOOfLC00MsOWuVpclmAdRxtEr5fpf0mY9wiMZQ5e f4zfbihbkg6ucY0WHwAR31nFl5TTQbVgBmXHl5D/tXcJ5o+WGYLgNJeqso1zAFpR 8+GT2mkp6yKnBAa3+mOFwB24lJOTcX5xGpo6BaDIli3Sc+B7MC6cJyg9TGJ1Lk8M piaB2rV1sEkLIrpXDcTyKT3P9oe3oOAULgQRc3NC2yHx/M8IlQ+98KIdK0HMzWuw 8Ph1xDRv+MPqm8DYkN5KniR1bqLTYw0GpWsT5NJwRgwhzZN6n7WelzDBoAq1hpFa Eqae22hDXGc/oxtnFtGZCY0KazilZfCVJGrU3WVN+qP9jrLq0gk= =RJup -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[GIT PULL] commits for Linux 4.4

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.4 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit fdf53713aebb1e8ccbfcadade2b8449e62394547: Linux 4.4.155 (2018-09-09 20:04:37 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.4-14092018 for you to fetch changes up to a83251f1538b537c5fb4a07825e6dbd52be7d8f9: RDMA/cma: Do not ignore net namespace for unbound cm_id (2018-09-14 13:54:45 -0400) - ---------------------------------------------------------------- for-greg-4.4-14092018 - ---------------------------------------------------------------- Anton Vasilyev (4): misc: ti-st: Fix memory leak in the error path of probe() tty: rocket: Fix possible buffer overwrite on register_PCI scsi: 3ware: fix return 0 on the error path of probe gpio: ml-ioh: Fix buffer underwrite on probe error path BingJing Chang (1): md/raid5: fix data corruption of replacements after originals dropped Chao Yu (1): f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize Christophe Leroy (1): perf tools: Allow overriding MAX_NR_CPUS at compile time Dan Carpenter (2): misc: mic: SCIF Fix scif_get_new_port() error handling uio: potential double frees if __uio_register_device() fails Dmitry Osipenko (1): gpio: tegra: Move driver registration to subsys_init level Finn Thain (1): macintosh/via-pmu: Add missing mmio accessors Florian Fainelli (1): ethtool: Remove trailing semicolon for static inline Geert Uytterhoeven (1): iommu/ipmmu-vmsa: Fix allocation in atomic context Joerg Roedel (2): x86/mm: Remove in_nmi() warning from vmalloc_fault() x86/kexec: Allocate 8k PGDs for PTI Johan Hedberg (1): Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV Marcel Holtmann (1): Bluetooth: hidp: Fix handling of strncpy for hid->name information Mauricio Faria de Oliveira (2): partitions/aix: append null character to print data from disk partitions/aix: fix usage of uninitialized lv_info and lvname structures Mike Christie (1): scsi: target: fix __transport_register_session locking Nicholas Mc Guire (1): MIPS: Octeon: add missing of_node_put() Nick Dyer (1): Input: atmel_mxt_ts - only use first T9 instance Olga Kornievskaia (1): NFSv4.0 fix client reference leak in callback Parav Pandit (1): RDMA/cma: Do not ignore net namespace for unbound cm_id Paul Burton (2): MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON Petr Machata (1): net: dcb: For wild-card lookups, use priority -1, not 0 Srinivas Pandruvada (1): ata: libahci: Correct setting of DEVSLP register Surabhi Vishnoi (1): ath10k: disable bundle mgmt tx completion event support Sven Eckelmann (1): ath10k: prevent active scans on potential unusable channels Takashi Iwai (8): ALSA: riptide: Properly endian notations ALSA: wss: Fix sparse warning wrt PCM format type ALSA: sb: Fix PCM format bit calculation ALSA: asihpi: Fix PCM format notations ALSA: ad1816a: Fix sparse warning wrt PCM format type ALSA: hda: Fix implicit PCM format type conversion ALSA: au88x0: Fix sparse warning wrt PCM format type ALSA: sb: Fix sparse warning wrt PCM format type Yelena Krivosheev (1): net: mvneta: fix mtu change on port without link Yunlong Song (1): f2fs: do not set free of current section Zumeng Chen (1): mfd: ti_am335x_tscadc: Fix struct clk memory leak arch/mips/cavium-octeon/octeon-platform.c | 2 ++ arch/mips/include/asm/io.h | 8 ++++---- arch/mips/mm/c-r4k.c | 6 ++++-- arch/x86/kernel/machine_kexec_32.c | 5 +++-- arch/x86/mm/fault.c | 2 -- block/partitions/aix.c | 13 +++++++++---- drivers/ata/libahci.c | 2 ++ drivers/bluetooth/Kconfig | 1 + drivers/gpio/gpio-ml-ioh.c | 3 ++- drivers/gpio/gpio-tegra.c | 2 +- drivers/infiniband/core/cma.c | 13 ++++++++++--- drivers/input/touchscreen/atmel_mxt_ts.c | 7 ++++--- drivers/iommu/ipmmu-vmsa.c | 9 ++++----- drivers/macintosh/via-pmu.c | 9 +++++---- drivers/md/raid5.c | 6 ++++++ drivers/mfd/ti_am335x_tscadc.c | 3 +-- drivers/misc/mic/scif/scif_api.c | 20 +++++++++----------- drivers/misc/ti-st/st_kim.c | 4 ++-- drivers/net/ethernet/marvell/mvneta.c | 1 - drivers/net/wireless/ath/ath10k/mac.c | 7 +++++++ drivers/net/wireless/ath/ath10k/wmi-tlv.c | 5 +++++ drivers/net/wireless/ath/ath10k/wmi-tlv.h | 5 +++++ drivers/scsi/3w-9xxx.c | 6 +++++- drivers/scsi/3w-sas.c | 3 +++ drivers/scsi/3w-xxxx.c | 2 ++ drivers/target/target_core_transport.c | 5 +++-- drivers/tty/rocket.c | 2 +- drivers/uio/uio.c | 3 +-- fs/f2fs/segment.h | 3 +++ fs/f2fs/super.c | 21 +++++++++++++++++++-- fs/nfs/callback_xdr.c | 11 ++++++++--- include/sound/hdaudio.h | 3 ++- include/sound/sb16_csp.h | 2 +- include/uapi/linux/ethtool.h | 4 ++-- net/bluetooth/hidp/core.c | 2 +- net/dcb/dcbnl.c | 11 +++++++---- sound/hda/hdac_device.c | 2 +- sound/isa/ad1816a/ad1816a_lib.c | 3 ++- sound/isa/sb/sb16_csp.c | 6 +++--- sound/isa/sb/sb16_main.c | 9 ++++++--- sound/isa/wss/wss_lib.c | 2 +- sound/pci/asihpi/asihpi.c | 24 +++++++++++++----------- sound/pci/au88x0/au88x0.h | 2 +- sound/pci/au88x0/au88x0_core.c | 2 +- sound/pci/riptide/riptide.c | 8 ++++---- tools/perf/perf.h | 2 ++ 46 files changed, 178 insertions(+), 93 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlucAM0ACgkQ3qZv95d3 LNwPCQ/+Jp22S8x7mUnB4lWAOg5KY5u8p/z12JcdHQXpE0vmP/Ktyuth7Yd4jUKG RmTpCIzxoafI9vLMK9I7YyDTQ8ryP22E9oVk0MQ4IcdetKJmeDuKQVYkDjIOwG+1 lqVxMHNWalzhPFJ7gglKEhlNbrZlb/w5hRAEJMxsQOAe3uX3fEJyhD/RPv1Rygvj hNXzZ/Pn8Y72QevxiymXGqfNVgGgpJGetvqVpcdDXOtZw36xYcVQFqkDlIDFfQEe 3aDto8ZNoC9GTV8rSxQU+fOYFakmnkCqchcSICB/4HNImPFVoLT8NkW3ndfXryPL n7ILkgdKcIwMz5xTHcEL3boJD6mZwry7zX1MVM9RomEnx6jptzCAxScITXoMiXW8 q44ey4kiuLN0I6ekBFUt9PR8I/d2bO5G3HSkKnd8vo9UEYEcZb0r4cNlI1XKqHo5 lN6OHkc9Otuji26aasLO1VriF1kGoFcJuoIKE+xdVJGC3LloQ/eiS6pKL+SgjEXa YDyQWrah6b3dlifYuiKf6Yl1R8GctLBL/yS2zDiFlu72pIY02c7Dac3ux+Xa376L R4TL4WKyZmpJzDOlAks7vCHgn9eVUcyXOp7WGK7OWLKd3GYzMmeg36qAMt5e3Q0R HY+eJulDot8sdWYwvuaAn1Ef+VCyHMueR5gufkbTuQ/GPk5kH4M= =jTFn -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[GIT PULL] commits for Linux 4.9

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.9 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 66f5a871e5987c8f4bff333b66c361a53cdcd350: Linux 4.9.126 (2018-09-09 20:01:26 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.9-14092018 for you to fetch changes up to 5b34947d3bfebf469858630b9c882a6d1e1ed353: RDMA/cma: Do not ignore net namespace for unbound cm_id (2018-09-14 00:38:45 -0400) - ---------------------------------------------------------------- for-greg-4.9-14092018 - ---------------------------------------------------------------- Anton Vasilyev (4): misc: ti-st: Fix memory leak in the error path of probe() tty: rocket: Fix possible buffer overwrite on register_PCI scsi: 3ware: fix return 0 on the error path of probe gpio: ml-ioh: Fix buffer underwrite on probe error path Arun Parameswaran (1): net: phy: Fix the register offsets in Broadcom iProc mdio mux driver BingJing Chang (1): md/raid5: fix data corruption of replacements after originals dropped Chao Yu (4): f2fs: try grabbing node page lock aggressively in sync scenario f2fs: fix to skip GC if type in SSA and SIT is inconsistent f2fs: fix to do sanity check with reserved blkaddr of inline inode f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize Christophe Leroy (1): perf tools: Allow overriding MAX_NR_CPUS at compile time Dan Carpenter (3): misc: mic: SCIF Fix scif_get_new_port() error handling uio: potential double frees if __uio_register_device() fails f2fs: Fix uninitialized return in f2fs_ioc_shutdown() Dmitry Osipenko (1): gpio: tegra: Move driver registration to subsys_init level Felix Fietkau (2): ath9k: report tx status on EOSP ath9k_hw: fix channel maximum power level test Finn Thain (1): macintosh/via-pmu: Add missing mmio accessors Florian Fainelli (1): ethtool: Remove trailing semicolon for static inline Gaurav Kohli (1): timers: Clear timer_base::must_forward_clk with timer_base::lock held Geert Uytterhoeven (1): iommu/ipmmu-vmsa: Fix allocation in atomic context Joerg Roedel (2): x86/mm: Remove in_nmi() warning from vmalloc_fault() x86/kexec: Allocate 8k PGDs for PTI Johan Hedberg (1): Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV Katsuhiro Suzuki (1): media: helene: fix xtal frequency setting at power on Linus Walleij (1): tpm_tis_spi: Pass the SPI IRQ down to the driver Loic Poulain (1): wlcore: Set rx_status boottime_ns field on rx Marcel Holtmann (1): Bluetooth: hidp: Fix handling of strncpy for hid->name information Mauricio Faria de Oliveira (2): partitions/aix: append null character to print data from disk partitions/aix: fix usage of uninitialized lv_info and lvname structures Mike Christie (1): scsi: target: fix __transport_register_session locking Nicholas Mc Guire (2): MIPS: Octeon: add missing of_node_put() MIPS: generic: fix missing of_node_put() Nick Dyer (1): Input: atmel_mxt_ts - only use first T9 instance Olga Kornievskaia (1): NFSv4.0 fix client reference leak in callback Parav Pandit (1): RDMA/cma: Do not ignore net namespace for unbound cm_id Paul Burton (2): MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON Peter Rosin (1): tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) Petr Machata (1): net: dcb: For wild-card lookups, use priority -1, not 0 Srinivas Pandruvada (1): ata: libahci: Correct setting of DEVSLP register Surabhi Vishnoi (1): ath10k: disable bundle mgmt tx completion event support Sven Eckelmann (1): ath10k: prevent active scans on potential unusable channels Sylwester Nawrocki (1): media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions Takashi Iwai (8): ALSA: riptide: Properly endian notations ALSA: wss: Fix sparse warning wrt PCM format type ALSA: sb: Fix PCM format bit calculation ALSA: asihpi: Fix PCM format notations ALSA: ad1816a: Fix sparse warning wrt PCM format type ALSA: hda: Fix implicit PCM format type conversion ALSA: au88x0: Fix sparse warning wrt PCM format type ALSA: sb: Fix sparse warning wrt PCM format type Trond Myklebust (1): NFSv4.1: Fix a potential layoutget/layoutrecall deadlock Yelena Krivosheev (1): net: mvneta: fix mtu change on port without link Yunlong Song (1): f2fs: do not set free of current section Zumeng Chen (1): mfd: ti_am335x_tscadc: Fix struct clk memory leak arch/mips/cavium-octeon/octeon-platform.c | 2 ++ arch/mips/generic/init.c | 1 + arch/mips/include/asm/io.h | 8 ++++---- arch/mips/mm/c-r4k.c | 6 ++++-- arch/x86/kernel/machine_kexec_32.c | 5 +++-- arch/x86/mm/fault.c | 2 -- block/partitions/aix.c | 13 +++++++++---- drivers/ata/libahci.c | 2 ++ drivers/bluetooth/Kconfig | 1 + drivers/char/tpm/tpm_i2c_infineon.c | 8 ++++---- drivers/char/tpm/tpm_tis_spi.c | 9 ++++++++- drivers/gpio/gpio-ml-ioh.c | 3 ++- drivers/gpio/gpio-tegra.c | 2 +- drivers/infiniband/core/cma.c | 13 ++++++++++--- drivers/input/touchscreen/atmel_mxt_ts.c | 7 ++++--- drivers/iommu/ipmmu-vmsa.c | 9 ++++----- drivers/macintosh/via-pmu.c | 9 +++++---- drivers/md/raid5.c | 6 ++++++ drivers/media/dvb-frontends/helene.c | 5 ++++- drivers/media/platform/s5p-mfc/s5p_mfc.c | 23 ++++++++++++----------- drivers/mfd/ti_am335x_tscadc.c | 3 +-- drivers/misc/mic/scif/scif_api.c | 20 +++++++++----------- drivers/misc/ti-st/st_kim.c | 4 ++-- drivers/net/ethernet/marvell/mvneta.c | 1 - drivers/net/phy/mdio-mux-bcm-iproc.c | 20 +++++++++++++++----- drivers/net/wireless/ath/ath10k/mac.c | 7 +++++++ drivers/net/wireless/ath/ath10k/wmi-tlv.c | 5 +++++ drivers/net/wireless/ath/ath10k/wmi-tlv.h | 5 +++++ drivers/net/wireless/ath/ath9k/hw.c | 7 +++++-- drivers/net/wireless/ath/ath9k/xmit.c | 3 ++- drivers/net/wireless/ti/wlcore/rx.c | 8 ++++++-- drivers/scsi/3w-9xxx.c | 6 +++++- drivers/scsi/3w-sas.c | 3 +++ drivers/scsi/3w-xxxx.c | 2 ++ drivers/target/target_core_transport.c | 5 +++-- drivers/tty/rocket.c | 2 +- drivers/uio/uio.c | 3 +-- fs/f2fs/file.c | 2 +- fs/f2fs/gc.c | 8 +++++++- fs/f2fs/inline.c | 21 +++++++++++++++++++++ fs/f2fs/node.c | 4 +++- fs/f2fs/segment.h | 3 +++ fs/f2fs/super.c | 21 +++++++++++++++++++-- fs/nfs/callback_proc.c | 4 ++-- fs/nfs/callback_xdr.c | 11 ++++++++--- include/sound/hdaudio.h | 3 ++- include/sound/sb16_csp.h | 2 +- include/uapi/linux/ethtool.h | 4 ++-- kernel/time/timer.c | 29 ++++++++++++++++------------- net/bluetooth/hidp/core.c | 2 +- net/dcb/dcbnl.c | 11 +++++++---- sound/hda/hdac_device.c | 2 +- sound/isa/ad1816a/ad1816a_lib.c | 3 ++- sound/isa/sb/sb16_csp.c | 6 +++--- sound/isa/sb/sb16_main.c | 9 ++++++--- sound/isa/wss/wss_lib.c | 2 +- sound/pci/asihpi/asihpi.c | 24 +++++++++++++----------- sound/pci/au88x0/au88x0.h | 2 +- sound/pci/au88x0/au88x0_core.c | 2 +- sound/pci/riptide/riptide.c | 8 ++++---- tools/perf/perf.h | 2 ++ 61 files changed, 285 insertions(+), 138 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlucAMYACgkQ3qZv95d3 LNzY+Q//RPPJzj9m2Ig9GxCgCQP9NvaTuUOwqngLIU80+jRF+7s918cYHM5p7zGQ 48KVqHm0LENam6MyvnP2u+sj9OfTvgtSHS6e8JjPUySudjmUI8MUfhdGSLfaVFdk JF5T+R0tIjmsOQIY8fZifDVVeAYiWTt2QF9R2twMnxiZOj3mYJPoMtLbjmPRQPDf U/Xdr6f7DvuGqj2JliOcMj+KPA5Aql78H3wis9msLuMTto4n0ih4SalF+XjMM+YY K3IM6kHnItDRGg6T0n9e5KKgxg5tsPY0LtOeGp8h435KmJEnYteG/HFud5P95bsD 8bGCxyrYJIYVJ2YUIS/HNKvUfGwxAr65qfDdtaVe/SK34bd2hZqMnVV9OCXkZoJ9 fEd0SOMfBdBMk4aTkVdkZ41jvwFokI5W8QBkjVzFYChXD/Fi1JvOJxVOM0VOI1Sm lp6qhhXZL+n0NG+bZ55NS9MmbIxhXFx4m2zQsvI1RRa6AEW0pWWRHRvw4Xi8WXNP c43Nq8BdVi4s+fpwaPDp9QSq1mnXAPgAtbo08dD8iFHrVHr6kTMDISEcW0Fz7Nlb rZ8waTRisKMnFY8CV5MlKcukaiHoGfjKfhUHP9hjC6sIVMVcHSLIEVy6Efuf1kgp fDJY0e08524WvXdMSNRTgGLKNPuq03qbyI6m7YPsQ7qKs5JWgFY= =7XBU -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[GIT PULL] commits for Linux 4.14

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.14 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 7fe7a0f4c5cf9e7f5b7cb67c1341cdbf62ed4c30: Linux 4.14.69 (2018-09-09 19:56:02 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.14-14092018 for you to fetch changes up to b3db45c5ba72779f6c94653444e2aba53a887bc2: RDMA/cma: Do not ignore net namespace for unbound cm_id (2018-09-14 00:37:54 -0400) - ---------------------------------------------------------------- for-greg-4.14-14092018 - ---------------------------------------------------------------- Anton Vasilyev (7): media: davinci: vpif_display: Mix memory leak on probe error path media: dw2102: Fix memleak on sequence of probes misc: ti-st: Fix memory leak in the error path of probe() firmware: vpd: Fix section enabled flag on vpd_section_destroy tty: rocket: Fix possible buffer overwrite on register_PCI scsi: 3ware: fix return 0 on the error path of probe gpio: ml-ioh: Fix buffer underwrite on probe error path Arun Parameswaran (1): net: phy: Fix the register offsets in Broadcom iProc mdio mux driver BingJing Chang (1): md/raid5: fix data corruption of replacements after originals dropped Chao Yu (6): f2fs: fix to active page in lru list for read path f2fs: try grabbing node page lock aggressively in sync scenario f2fs: fix to skip GC if type in SSA and SIT is inconsistent f2fs: fix to do sanity check with reserved blkaddr of inline inode f2fs: fix to wait on page writeback before updating page f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize Christophe Leroy (1): perf tools: Allow overriding MAX_NR_CPUS at compile time Dan Carpenter (4): misc: mic: SCIF Fix scif_get_new_port() error handling uio: potential double frees if __uio_register_device() fails pinctrl: imx: off by one in imx_pinconf_group_dbg_show() f2fs: Fix uninitialized return in f2fs_ioc_shutdown() Daniel Kurtz (1): pinctrl/amd: only handle irq if it is pending and unmasked Dmitry Osipenko (1): gpio: tegra: Move driver registration to subsys_init level Felix Fietkau (2): ath9k: report tx status on EOSP ath9k_hw: fix channel maximum power level test Finn Thain (1): macintosh/via-pmu: Add missing mmio accessors Florian Fainelli (1): ethtool: Remove trailing semicolon for static inline Gaurav Kohli (1): timers: Clear timer_base::must_forward_clk with timer_base::lock held Geert Uytterhoeven (1): iommu/ipmmu-vmsa: Fix allocation in atomic context Huaisheng Ye (1): tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() Jae Hyun Yoo (1): i2c: aspeed: Add an explicit type casting for *get_clk_reg_val Jinbum Park (1): pktcdvd: Fix possible Spectre-v1 for pkt_devs Jiri Olsa (1): perf c2c report: Fix crash for empty browser Joerg Roedel (2): x86/mm: Remove in_nmi() warning from vmalloc_fault() x86/kexec: Allocate 8k PGDs for PTI Johan Hedberg (1): Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV John Pittman (1): dm cache: only allow a single io_mode cache feature to be requested Kan Liang (1): perf evlist: Fix error out while applying initial delay and LBR Katsuhiro Suzuki (1): media: helene: fix xtal frequency setting at power on Linus Walleij (1): tpm_tis_spi: Pass the SPI IRQ down to the driver Loic Poulain (1): wlcore: Set rx_status boottime_ns field on rx Marcel Holtmann (1): Bluetooth: hidp: Fix handling of strncpy for hid->name information Mauricio Faria de Oliveira (2): partitions/aix: append null character to print data from disk partitions/aix: fix usage of uninitialized lv_info and lvname structures Michael Kelley (1): Drivers: hv: vmbus: Cleanup synic memory free path Mike Christie (1): scsi: target: fix __transport_register_session locking Ming Lei (1): blk-mq: fix updating tags depth Nicholas Mc Guire (2): MIPS: Octeon: add missing of_node_put() MIPS: generic: fix missing of_node_put() Nick Dyer (1): Input: atmel_mxt_ts - only use first T9 instance Olga Kornievskaia (1): NFSv4.0 fix client reference leak in callback Parav Pandit (1): RDMA/cma: Do not ignore net namespace for unbound cm_id Paul Burton (2): MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON Peter Rosin (1): tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) Petr Machata (1): net: dcb: For wild-card lookups, use priority -1, not 0 Philipp Zabel (1): gpu: ipu-v3: default to id 0 on missing OF alias Randy Dunlap (1): f2fs: fix defined but not used build warnings Reza Arbab (1): powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage Roman Gushchin (1): selftests/bpf: fix a typo in map in map test Srinivas Kandagatla (1): rpmsg: core: add support to power domains for devices Srinivas Pandruvada (2): ata: libahci: Allow reconfigure of DEVSLP register ata: libahci: Correct setting of DEVSLP register Surabhi Vishnoi (1): ath10k: disable bundle mgmt tx completion event support Sven Eckelmann (1): ath10k: prevent active scans on potential unusable channels Sylwester Nawrocki (1): media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions Takashi Iwai (9): ALSA: riptide: Properly endian notations ALSA: pcm: Fix sparse warning wrt PCM format type ALSA: wss: Fix sparse warning wrt PCM format type ALSA: sb: Fix PCM format bit calculation ALSA: asihpi: Fix PCM format notations ALSA: ad1816a: Fix sparse warning wrt PCM format type ALSA: hda: Fix implicit PCM format type conversion ALSA: au88x0: Fix sparse warning wrt PCM format type ALSA: sb: Fix sparse warning wrt PCM format type Todor Tomov (1): media: camss: csid: Configure data type and decode format properly Trond Myklebust (1): NFSv4.1: Fix a potential layoutget/layoutrecall deadlock Yelena Krivosheev (1): net: mvneta: fix mtu change on port without link Yunlong Song (1): f2fs: do not set free of current section Zumeng Chen (1): mfd: ti_am335x_tscadc: Fix struct clk memory leak arch/mips/cavium-octeon/octeon-platform.c | 2 ++ arch/mips/generic/init.c | 1 + arch/mips/include/asm/io.h | 8 +++--- arch/mips/mm/c-r4k.c | 6 +++-- arch/powerpc/platforms/powernv/npu-dma.c | 5 ++-- arch/x86/kernel/machine_kexec_32.c | 5 ++-- arch/x86/mm/fault.c | 2 -- block/blk-mq-tag.c | 8 +++--- block/partitions/aix.c | 13 +++++++--- drivers/ata/libahci.c | 20 +++++++++------ drivers/block/pktcdvd.c | 4 ++- drivers/bluetooth/Kconfig | 1 + drivers/char/tpm/tpm_i2c_infineon.c | 8 +++--- drivers/char/tpm/tpm_tis_spi.c | 9 ++++++- drivers/firmware/google/vpd.c | 5 +++- drivers/gpio/gpio-ml-ioh.c | 3 ++- drivers/gpio/gpio-tegra.c | 2 +- drivers/gpu/ipu-v3/ipu-common.c | 2 ++ drivers/hv/hv.c | 14 ++++++----- drivers/i2c/busses/i2c-aspeed.c | 2 +- drivers/infiniband/core/cma.c | 13 +++++++--- drivers/input/touchscreen/atmel_mxt_ts.c | 7 +++--- drivers/iommu/ipmmu-vmsa.c | 9 +++---- drivers/macintosh/via-pmu.c | 9 ++++--- drivers/md/dm-cache-target.c | 19 +++++++++++--- drivers/md/raid5.c | 6 +++++ drivers/media/dvb-frontends/helene.c | 5 +++- drivers/media/platform/davinci/vpif_display.c | 24 ++++++++++++------ .../media/platform/qcom/camss-8x16/camss-csid.c | 16 ++++++++---- drivers/media/platform/s5p-mfc/s5p_mfc.c | 23 +++++++++-------- drivers/media/usb/dvb-usb/dw2102.c | 19 ++++++++++---- drivers/mfd/ti_am335x_tscadc.c | 3 +-- drivers/misc/mic/scif/scif_api.c | 20 +++++++-------- drivers/misc/ti-st/st_kim.c | 4 +-- drivers/net/ethernet/marvell/mvneta.c | 1 - drivers/net/phy/mdio-mux-bcm-iproc.c | 20 +++++++++++---- drivers/net/wireless/ath/ath10k/mac.c | 7 ++++++ drivers/net/wireless/ath/ath10k/wmi-tlv.c | 5 ++++ drivers/net/wireless/ath/ath10k/wmi-tlv.h | 5 ++++ drivers/net/wireless/ath/ath9k/hw.c | 7 ++++-- drivers/net/wireless/ath/ath9k/xmit.c | 3 ++- drivers/net/wireless/ti/wlcore/rx.c | 8 ++++-- drivers/pinctrl/freescale/pinctrl-imx.c | 2 +- drivers/pinctrl/pinctrl-amd.c | 3 ++- drivers/rpmsg/rpmsg_core.c | 7 ++++++ drivers/scsi/3w-9xxx.c | 6 ++++- drivers/scsi/3w-sas.c | 3 +++ drivers/scsi/3w-xxxx.c | 2 ++ drivers/target/target_core_transport.c | 5 ++-- drivers/tty/rocket.c | 2 +- drivers/uio/uio.c | 3 +-- fs/f2fs/f2fs.h | 7 +++++- fs/f2fs/file.c | 2 +- fs/f2fs/gc.c | 8 +++++- fs/f2fs/inline.c | 22 ++++++++++++++++ fs/f2fs/node.c | 4 ++- fs/f2fs/segment.h | 3 +++ fs/f2fs/super.c | 21 ++++++++++++++-- fs/f2fs/sysfs.c | 10 +++++--- fs/nfs/callback_proc.c | 4 +-- fs/nfs/callback_xdr.c | 11 +++++--- include/sound/hdaudio.h | 3 ++- include/sound/sb16_csp.h | 2 +- include/uapi/linux/ethtool.h | 4 +-- kernel/time/timer.c | 29 ++++++++++++---------- net/bluetooth/hidp/core.c | 2 +- net/dcb/dcbnl.c | 11 +++++--- sound/core/oss/pcm_oss.c | 2 +- sound/hda/hdac_device.c | 2 +- sound/isa/ad1816a/ad1816a_lib.c | 3 ++- sound/isa/sb/sb16_csp.c | 6 ++--- sound/isa/sb/sb16_main.c | 9 ++++--- sound/isa/wss/wss_lib.c | 2 +- sound/pci/asihpi/asihpi.c | 24 ++++++++++-------- sound/pci/au88x0/au88x0.h | 2 +- sound/pci/au88x0/au88x0_core.c | 2 +- sound/pci/riptide/riptide.c | 8 +++--- tools/perf/builtin-c2c.c | 3 +++ tools/perf/perf.h | 2 ++ tools/perf/util/evsel.c | 14 +++++++++++ tools/testing/nvdimm/pmem-dax.c | 12 ++++++--- tools/testing/selftests/bpf/test_verifier.c | 6 ++--- 82 files changed, 429 insertions(+), 197 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlucAMAACgkQ3qZv95d3 LNweWxAAr245ZB5Sncig3/LPMKemr9z0rXkq6dp1Ie5ezR4vzi0m6ns4q9yAudTl qwajoVktYDuf5HYCsaFmWsbhSXM3Jb2Atn9np8KLAH780eN3UvAPF7n5vBBouFAK SMGPWEtoRrIv4VAoA+zj9VkZrkTbzs8gqubJsbNXaBPBZq79Rrl4QFE3J44I7sqx jItmiTu2ptsbYteJtPIDQnt5XPQ/id+RdDE/kBL8goxpE0O3WhjMVOFdE39Fs5Cg 6IHpFCNpFC76BHxOHWhMSI6T6d+VSQxwCKPeNL31zXSfKAge3xeI23mnDY12KcE8 geF0Ufyy2wTxt5Zah6VCPOc4WB7kiGTYG7toAMBfEITeI4bsvvpqCDpwGkcWIxZk XKbtpaxa50Tji4qdBwxmP99aykDE3RO0/ajxR5rt/MilT0nADHJUUic/EzV9oDcF q9tZ4mRnMXbBuGJDZVx511vtA+6LqejGhTIuybC9RkKsbxoICb3+cU3qfikKJThF uG3jUiAMiy3mpyfQJX4HelRO0jzNSM34etV4E1Xia3EgiX4zi/EkwrTTNYEFMTO0 Ne7I486x7c6JitpfAvx7N3PimuGbljILBonZy5Uw9ErRmqsQlMUM8+A5zvg7J0Fd OrJ7DBpuWrRU2tWnx8kEKuVOAc+FKAgQ9QcbzuEXPjMpRJ/1GN8= =5M/x -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[PATCH] scripts: unifdef: fix stringop-truncation warning

by Harshit Jain

From: Harshit Jain <dev-harsh1998(a)hotmail.com> * This commit resolves the following warning when the mainline kernel is build with the android environment. -> warning :-> https://gist.github.com/dev-harsh1998/757427b16a58f5498db3d87212a9651b * This warning is persistant in all the currently maintained android kernel i.e 3.18, 4.4, 4.9, 4.14. Signed-off-by: Harshit Jain <dev-harsh1998(a)hotmail.com> --- scripts/unifdef.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/unifdef.c b/scripts/unifdef.c index 7493c0ee51cc..4ce008eda362 100644 --- a/scripts/unifdef.c +++ b/scripts/unifdef.c @@ -395,8 +395,8 @@ usage(void) * When we have processed a group that starts off with a known-false * #if/#elif sequence (which has therefore been deleted) followed by a * #elif that we don't understand and therefore must keep, we edit the - * latter into a #if to keep the nesting correct. We use strncpy() to - * overwrite the 4 byte token "elif" with "if " without a '\0' byte. + * latter into a #if to keep the nesting correct. We use the memcpy() + * from the string header overwrite the 4 byte token "elif" with "if ". * * When we find a true #elif in a group, the following block will * always be kept and the rest of the sequence after the next #elif or @@ -450,7 +450,7 @@ static void Idrop (void) { Fdrop(); ignoreon(); } static void Itrue (void) { Ftrue(); ignoreon(); } static void Ifalse(void) { Ffalse(); ignoreon(); } /* modify this line */ -static void Mpass (void) { strncpy(keyword, "if ", 4); Pelif(); } +static void Mpass (void) { memcpy(keyword, "if ", 4); Pelif(); } static void Mtrue (void) { keywordedit("else"); state(IS_TRUE_MIDDLE); } static void Melif (void) { keywordedit("endif"); state(IS_FALSE_TRAILER); } static void Melse (void) { keywordedit("endif"); state(IS_FALSE_ELSE); } -- 2.18.0

7 years, 1 month

2
2
0 0

[PATCH] xen-blkback: Switch to closed state after releasing the backing device

by Valentin Vidic

Switching to closed state earlier can cause the block-drbd script to fail with 'Device is held open by someone': root: /etc/xen/scripts/block-drbd: remove XENBUS_PATH=backend/vbd/6/51712 kernel: [ 2222.278235] block drbd6: State change failed: Device is held open by someone kernel: [ 2222.278304] block drbd6: state = { cs:Connected ro:Primary/Secondary ds:UpToDate/UpToDate r----- } kernel: [ 2222.278340] block drbd6: wanted = { cs:Connected ro:Secondary/Secondary ds:UpToDate/UpToDate r----- } root: /etc/xen/scripts/block-drbd: Writing backend/vbd/6/51712/hotplug-error /etc/xen/scripts/block-drbd failed; error detected. backend/vbd/6/51712/hotplug-status error to xenstore. root: /etc/xen/scripts/block-drbd: /etc/xen/scripts/block-drbd failed; error detected. Signed-off-by: Valentin Vidic <Valentin.Vidic(a)CARNet.hr> Cc: stable(a)vger.kernel.org --- drivers/block/xen-blkback/xenbus.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/block/xen-blkback/xenbus.c b/drivers/block/xen-blkback/xenbus.c index a4bc74e72c39..43bddc996709 100644 --- a/drivers/block/xen-blkback/xenbus.c +++ b/drivers/block/xen-blkback/xenbus.c @@ -323,6 +323,7 @@ static void xen_blkif_free(struct xen_blkif *blkif) { WARN_ON(xen_blkif_disconnect(blkif)); xen_vbd_free(&blkif->vbd); + xenbus_switch_state(blkif->be->dev, XenbusStateClosed); kfree(blkif->be->mode); kfree(blkif->be); @@ -814,7 +815,6 @@ static void frontend_changed(struct xenbus_device *dev, case XenbusStateClosed: xen_blkif_disconnect(be->blkif); - xenbus_switch_state(dev, XenbusStateClosed); if (xenbus_dev_is_online(dev)) break; /* fall through */ -- 2.18.0

7 years, 1 month

4
22
0 0

[PATCH v3.1 2/2] btrfs: Ensure btrfs_trim_fs can trim the whole fs

by Qu Wenruo

[BUG] fstrim on some btrfs only trims the unallocated space, not trimming any space in existing block groups. [CAUSE] Before fstrim_range passed to btrfs_trim_fs(), it get truncated to range [0, super->total_bytes). So later btrfs_trim_fs() will only be able to trim block groups in range [0, super->total_bytes). While for btrfs, any bytenr aligned to sector size is valid, since btrfs use its logical address space, there is nothing limiting the location where we put block groups. For btrfs with routine balance, it's quite easy to relocate all block groups and bytenr of block groups will start beyond super->total_bytes. In that case, btrfs will not trim existing block groups. [FIX] Just remove the truncation in btrfs_ioctl_fitrim(), so btrfs_trim_fs() can get the unmodified range, which is normally set to [0, U64_MAX]. Reported-by: Chris Murphy <lists(a)colorremedies.com> Fixes: f4c697e6406d ("btrfs: return EINVAL if start > total_bytes in fitrim ioctl") Cc: <stable(a)vger.kernel.org> # v4.0+ Signed-off-by: Qu Wenruo <wqu(a)suse.com> --- fs/btrfs/extent-tree.c | 10 +--------- fs/btrfs/ioctl.c | 11 +++++++---- 2 files changed, 8 insertions(+), 13 deletions(-) diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c index 2cc449190578..c6a9cca8ddca 100644 --- a/fs/btrfs/extent-tree.c +++ b/fs/btrfs/extent-tree.c @@ -10851,21 +10851,13 @@ int btrfs_trim_fs(struct btrfs_fs_info *fs_info, struct fstrim_range *range) u64 start; u64 end; u64 trimmed = 0; - u64 total_bytes = btrfs_super_total_bytes(fs_info->super_copy); u64 bg_failed = 0; u64 dev_failed = 0; int bg_ret = 0; int dev_ret = 0; int ret = 0; - /* - * try to trim all FS space, our block group may start from non-zero. - */ - if (range->len == total_bytes) - cache = btrfs_lookup_first_block_group(fs_info, range->start); - else - cache = btrfs_lookup_block_group(fs_info, range->start); - + cache = btrfs_lookup_first_block_group(fs_info, range->start); for (; cache; cache = next_block_group(fs_info, cache)) { if (cache->key.objectid >= (range->start + range->len)) { btrfs_put_block_group(cache); diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c index 63600dc2ac4c..8165a4bfa579 100644 --- a/fs/btrfs/ioctl.c +++ b/fs/btrfs/ioctl.c @@ -491,7 +491,6 @@ static noinline int btrfs_ioctl_fitrim(struct file *file, void __user *arg) struct fstrim_range range; u64 minlen = ULLONG_MAX; u64 num_devices = 0; - u64 total_bytes = btrfs_super_total_bytes(fs_info->super_copy); int ret; if (!capable(CAP_SYS_ADMIN)) @@ -515,11 +514,15 @@ static noinline int btrfs_ioctl_fitrim(struct file *file, void __user *arg) return -EOPNOTSUPP; if (copy_from_user(&range, arg, sizeof(range))) return -EFAULT; - if (range.start > total_bytes || - range.len < fs_info->sb->s_blocksize) + + /* + * NOTE: Don't truncate the range using super->total_bytes. + * Bytenr of btrfs block group is in btrfs logical address space, + * which can be any sector size aligned bytenr in [0, U64_MAX]. + */ + if (range.len < fs_info->sb->s_blocksize) return -EINVAL; - range.len = min(range.len, total_bytes - range.start); range.minlen = max(range.minlen, minlen); ret = btrfs_trim_fs(fs_info, &range); if (ret < 0) -- 2.18.0

7 years, 1 month

2
1
0 0

[PATCHv4 0/7] tty: Hold write ldisc sem in tty_reopen()

by Dmitry Safonov

Hi all, Three fixes that worth to have in the @stable, as they were hit by different people, including Arista on v4.9 stable. And for linux-next - adding lockdep asserts for line discipline changing code, verifying that write ldisc sem will be held forthwith. The last patch is an optional and probably, timeout can be dropped for read_lock(). I'll do it if everyone agrees. (Or as per discussion with Peter in v3, just convert ldisc to a regular rwsem). Thanks, Dima Changes since v3: - Added tested-by Mark Rutland (thanks!) - Dropped patch with smp_wmb() - wrong idea - lockdep_assert_held() should be actually lockdep_assert_held_exclusive() - Described why tty_ldisc_open() can be called without ldisc_sem held for pty slave end (o_tty). - Added Peter's patch for dropping self-made lockdep annotations - Fix for a reader(s) of ldisc semaphore waiting for an active reader(s) Changes since v2: - Added reviewed-by tags - Hopefully, fixed reported by 0-day issue. - Added optional fix for wait_readers decrement Changes since v1: - Added tested-by/reported-by tags - Dropped 3/4 (locking tty pair for lockdep sake), Because of that - not adding lockdep_assert_held() in tty_ldisc_open() - Added 4/4 cleanup to inc tty->count only on success of tty_ldisc_reinit() - lock ldisc without (5*HZ) timeout in tty_reopen() v1 link: lkml.kernel.org/r/<20180829022353.23568-1-dima(a)arista.com> v2 link: lkml.kernel.org/r/<20180903165257.29227-1-dima(a)arista.com> v3 link: lkml.kernel.org/r/<20180911014821.26286-1-dima(a)arista.com> Cc: Daniel Axtens <dja(a)axtens.net> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Michael Neuling <mikey(a)neuling.org> Cc: Mikulas Patocka <mpatocka(a)redhat.com> Cc: Nathan March <nathan(a)gt.net> Cc: Pasi Kärkkäinen <pasik(a)iki.fi> Cc: Peter Hurley <peter(a)hurleysoftware.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: "Rong, Chen" <rong.a.chen(a)intel.com> Cc: Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> Cc: Tan Xiaojun <tanxiaojun(a)huawei.com> Cc: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> (please, ignore if I Cc'ed you mistakenly) Dmitry Safonov (6): tty: Drop tty->count on tty_reopen() failure tty: Hold tty_ldisc_lock() during tty_reopen() tty/ldsem: Wake up readers after timed out down_write() tty: Simplify tty->count math in tty_reopen() tty/ldsem: Add lockdep asserts for ldisc_sem tty/ldsem: Decrement wait_readers on timeouted down_read() Peter Zijlstra (1): tty/ldsem: Convert to regular lockdep annotations drivers/tty/tty_io.c | 12 ++++++---- drivers/tty/tty_ldisc.c | 9 +++++++ drivers/tty/tty_ldsem.c | 62 ++++++++++++++++++++----------------------------- 3 files changed, 42 insertions(+), 41 deletions(-) -- 2.13.6

7 years, 1 month

2
4
0 0

[PATCH 4.9 00/78] 4.9.127-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.127 release. There are 78 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Sep 15 13:17:41 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.127-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.127-rc1 Suzuki K Poulose <suzuki.poulose(a)arm.com> arm64: Handle mismatched cache type Suzuki K Poulose <suzuki.poulose(a)arm.com> arm64: Fix mismatched cache line size detection Ethan Lien <ethanlien(a)synology.com> btrfs: use correct compare function of dirty_metadata_bytes Gustavo A. R. Silva <gustavo(a)embeddedor.com> ASoC: wm8994: Fix missing break in switch Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390/lib: use expoline for all bcr instructions Tomas Winkler <tomas.winkler(a)intel.com> mei: me: allow runtime pm for platform with D0i3 Nikolay Aleksandrov <nikolay(a)cumulusnetworks.com> sch_tbf: fix two null pointer dereferences on init failure Nikolay Aleksandrov <nikolay(a)cumulusnetworks.com> sch_netem: avoid null pointer deref on init failure Nikolay Aleksandrov <nikolay(a)cumulusnetworks.com> sch_hhf: fix null pointer dereference on init failure Nikolay Aleksandrov <nikolay(a)cumulusnetworks.com> sch_multiq: fix double free on init failure Nikolay Aleksandrov <nikolay(a)cumulusnetworks.com> sch_htb: fix crash on init failure Chas Williams <chas3(a)att.com> Fixes: Commit 2aa6d036b716 ("mm: numa: avoid waiting on freed migrated pages") Govindarajulu Varadarajan <gvaradar(a)cisco.com> enic: do not call enic_change_mtu in enic_probe Fabio Estevam <fabio.estevam(a)nxp.com> Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" Tyler Hicks <tyhicks(a)canonical.com> irda: Only insert new objects into the global database via setsockopt Tyler Hicks <tyhicks(a)canonical.com> irda: Fix memory leak caused by repeated binds of irda socket Randy Dunlap <rdunlap(a)infradead.org> kbuild: make missing $DEPMOD a Warning instead of an Error Juergen Gross <jgross(a)suse.com> x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear Joel Fernandes (Google) <joel(a)joelfernandes.org> debugobjects: Make stack check warning more informative Eric Dumazet <edumazet(a)google.com> tcp: Revert "tcp: tcp_probe: use spin_lock_bh()" Kai-Heng Feng <kai.heng.feng(a)canonical.com> drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 Marc Zyngier <marc.zyngier(a)arm.com> ARM: rockchip: Force CONFIG_PM on Rockchip systems Marc Zyngier <marc.zyngier(a)arm.com> arm64: rockchip: Force CONFIG_PM on Rockchip systems Qu Wenruo <wqu(a)suse.com> btrfs: Don't remove block group that still has pinned down bytes Qu Wenruo <wqu(a)suse.com> btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized Misono Tomohiro <misono.tomohiro(a)jp.fujitsu.com> btrfs: replace: Reset on-disk dev stats value after replace Levin Du <djw(a)t-chip.com.cn> clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Steve French <stfrench(a)microsoft.com> SMB3: Number of requests sent should be displayed for SMB3 not just CIFS Steve French <stfrench(a)microsoft.com> smb3: fix reset of bytes read and written stats YueHaibing <yuehaibing(a)huawei.com> RDS: IB: fix 'passing zero to ERR_PTR()' warning Breno Leitao <leitao(a)debian.org> selftests/powerpc: Kill child processes on SIGINT Ian Abbott <abbotti(a)mev.co.uk> staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice John Pittman <jpittman(a)redhat.com> dm kcopyd: avoid softlockup in run_complete_job Thomas Petazzoni <thomas.petazzoni(a)bootlin.com> PCI: mvebu: Fix I/O space end address calculation Dan Carpenter <dan.carpenter(a)oracle.com> scsi: aic94xx: fix an error code in aic94xx_init() Hans de Goede <hdegoede(a)redhat.com> ACPI / scan: Initialize status to ACPI_STA_DEFAULT Stefan Haberland <sth(a)linux.ibm.com> s390/dasd: fix panic for failed online processing Stefan Haberland <sth(a)linux.ibm.com> s390/dasd: fix hanging offline processing due to canceled worker Greg Edwards <gedwards(a)ddn.com> block: bvec_nr_vecs() returns value for wrong slab Sandipan Das <sandipan(a)linux.ibm.com> perf probe powerpc: Fix trace event post-processing Dan Carpenter <dan.carpenter(a)oracle.com> powerpc: Fix size calculation using resource_size() Jean-Philippe Brucker <jean-philippe.brucker(a)arm.com> net/9p: fix error path of p9_virtio_probe Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/trans_fd.c: fix race by holding the lock Jonas Gorski <jonas.gorski(a)gmail.com> irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Gal Pressman <pressmangal(a)gmail.com> RDMA/hns: Fix usage of bitmap allocation functions return values Aleh Filipovich <aleh(a)vaolix.com> platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Guenter Roeck <linux(a)roeck-us.net> mfd: sm501: Set coherent_dma_mask when creating subdevices Tan Hu <tan.hu(a)zte.com.cn> ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Philipp Rudo <prudo(a)linux.ibm.com> s390/kdump: Fix memleak in nt_vmcoreinfo Randy Dunlap <rdunlap(a)infradead.org> platform/x86: intel_punit_ipc: fix build errors Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Andrey Ryabinin <aryabinin(a)virtuozzo.com> mm/fadvise.c: fix signed overflow UBSAN complaint Suzuki K Poulose <suzuki.poulose(a)arm.com> virtio: pci-legacy: Validate queue pfn Randy Dunlap <rdunlap(a)infradead.org> scripts: modpost: check memory allocation results OGAWA Hirofumi <hirofumi(a)mail.parknet.co.jp> fat: validate ->i_start before using Ernesto A. Fernández <ernesto.mnd.fernandez(a)gmail.com> hfsplus: fix NULL dereference in hfsplus_lookup() Arnd Bergmann <arnd(a)arndb.de> reiserfs: change j_timestamp type to time64_t Jann Horn <jannh(a)google.com> fork: don't copy inconsistent signal handler state to child Laura Abbott <labbott(a)redhat.com> sunrpc: Don't use stack buffer with scatterlist Ernesto A. Fernández <ernesto.mnd.fernandez(a)gmail.com> hfs: prevent crash on exit from failed search Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> hfsplus: don't return 0 when fill_super() failed Ronnie Sahlberg <lsahlber(a)redhat.com> cifs: check if SMB2 PDU size has been padded and suppress the warning Vlad Buslov <vladbu(a)mellanox.com> net: sched: action_ife: take reference to meta module Cong Wang <xiyou.wangcong(a)gmail.com> act_ife: fix a potential deadlock Cong Wang <xiyou.wangcong(a)gmail.com> act_ife: move tcfa_lock down to where necessary Stephen Hemminger <stephen(a)networkplumber.org> hv_netvsc: ignore devices that are not PCI Jason Wang <jasowang(a)redhat.com> vhost: correctly check the iova range when waking virtqueue Xin Long <lucien.xin(a)gmail.com> sctp: hold transport before accessing its asoc in sctp_transport_get_next Alexey Kodanev <alexey.kodanev(a)oracle.com> vti6: remove !skb->ignore_df check from vti6_xmit() Florian Westphal <fw(a)strlen.de> tcp: do not restart timewait timer on rst reception Anthony Wong <anthony.wong(a)ubuntu.com> r8169: add support for NCube 8168 network card Manish Chopra <manish.chopra(a)cavium.com> qlge: Fix netdev features configuration. Kees Cook <keescook(a)chromium.org> net: sched: Fix memory exposure from short TCA_U32_SEL Doug Berger <opendmb(a)gmail.com> net: bcmgenet: use MAC link status for fixed phy Eric Dumazet <edumazet(a)google.com> ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state Cong Wang <xiyou.wangcong(a)gmail.com> act_ife: fix a potential use-after-free Michal Hocko <mhocko(a)suse.cz> x86/speculation/l1tf: Fix up pte->pfn conversion for PAE ------------- Diffstat: Makefile | 4 +- arch/arm/configs/imx_v6_v7_defconfig | 2 - arch/arm/mach-rockchip/Kconfig | 1 + arch/arm64/Kconfig.platforms | 1 + arch/arm64/include/asm/cachetype.h | 5 ++ arch/arm64/include/asm/cpucaps.h | 3 +- arch/arm64/kernel/cpu_errata.c | 24 ++++++-- arch/arm64/kernel/cpufeature.c | 4 +- arch/powerpc/platforms/pseries/ras.c | 2 +- arch/powerpc/sysdev/mpic_msgr.c | 2 +- arch/s390/kernel/crash_dump.c | 17 ++++-- arch/s390/lib/mem.S | 9 ++- arch/x86/include/asm/pgtable-3level.h | 7 +-- arch/x86/include/asm/pgtable.h | 2 +- block/bio.c | 2 +- drivers/acpi/scan.c | 5 +- drivers/clk/rockchip/clk-rk3399.c | 1 + drivers/gpu/drm/drm_edid.c | 3 + drivers/infiniband/hw/hns/hns_roce_pd.c | 2 +- drivers/infiniband/hw/hns/hns_roce_qp.c | 5 +- drivers/irqchip/irq-bcm7038-l1.c | 4 ++ drivers/md/dm-kcopyd.c | 2 + drivers/mfd/sm501.c | 1 + drivers/misc/mei/pci-me.c | 5 +- drivers/net/ethernet/broadcom/genet/bcmgenet.h | 3 + drivers/net/ethernet/broadcom/genet/bcmmii.c | 10 +++- drivers/net/ethernet/cisco/enic/enic_main.c | 2 +- drivers/net/ethernet/qlogic/qlge/qlge_main.c | 23 +++----- drivers/net/ethernet/realtek/r8169.c | 1 + drivers/net/hyperv/netvsc_drv.c | 5 ++ drivers/pci/host/pci-mvebu.c | 2 +- drivers/platform/x86/asus-nb-wmi.c | 1 + drivers/platform/x86/intel_punit_ipc.c | 1 + drivers/s390/block/dasd_eckd.c | 10 +++- drivers/scsi/aic94xx/aic94xx_init.c | 4 +- drivers/staging/comedi/drivers/ni_mio_common.c | 3 +- drivers/vhost/vhost.c | 2 +- drivers/virtio/virtio_pci_legacy.c | 14 ++++- fs/btrfs/dev-replace.c | 6 ++ fs/btrfs/disk-io.c | 10 ++-- fs/btrfs/extent-tree.c | 2 +- fs/btrfs/relocation.c | 23 ++++---- fs/cifs/cifs_debug.c | 8 +++ fs/cifs/smb2misc.c | 7 +++ fs/cifs/smb2pdu.c | 2 +- fs/dcache.c | 3 +- fs/fat/cache.c | 19 ++++--- fs/fat/fat.h | 5 ++ fs/fat/fatent.c | 6 +- fs/hfs/brec.c | 7 ++- fs/hfsplus/dir.c | 4 +- fs/hfsplus/super.c | 4 +- fs/reiserfs/reiserfs.h | 2 +- include/linux/pci_ids.h | 2 + kernel/fork.c | 2 + lib/debugobjects.c | 7 ++- mm/fadvise.c | 8 ++- mm/huge_memory.c | 2 +- net/9p/trans_fd.c | 10 ++-- net/9p/trans_virtio.c | 3 +- net/ipv4/tcp_ipv4.c | 6 ++ net/ipv4/tcp_minisocks.c | 3 +- net/ipv4/tcp_probe.c | 4 +- net/ipv6/ip6_vti.c | 2 +- net/irda/af_irda.c | 13 ++++- net/netfilter/ipvs/ip_vs_core.c | 15 +++-- net/rds/ib_frmr.c | 1 + net/sched/act_ife.c | 79 +++++++++++++++----------- net/sched/cls_u32.c | 8 ++- net/sched/sch_hhf.c | 3 + net/sched/sch_htb.c | 5 +- net/sched/sch_multiq.c | 9 +-- net/sched/sch_netem.c | 4 +- net/sched/sch_tbf.c | 5 +- net/sctp/proc.c | 4 -- net/sctp/socket.c | 22 ++++--- net/sunrpc/auth_gss/gss_krb5_crypto.c | 12 +++- scripts/depmod.sh | 4 +- scripts/mod/modpost.c | 8 +-- sound/soc/codecs/wm8994.c | 1 + tools/perf/arch/powerpc/util/sym-handling.c | 4 +- tools/testing/selftests/powerpc/harness.c | 18 ++++-- 82 files changed, 376 insertions(+), 190 deletions(-)

7 years, 1 month

4
81
0 0

[PATCH 4.4 00/60] 4.4.156-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.156 release. There are 60 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Sep 15 13:17:29 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.156-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.156-rc1 Ethan Lien <ethanlien(a)synology.com> btrfs: use correct compare function of dirty_metadata_bytes Gustavo A. R. Silva <gustavo(a)embeddedor.com> ASoC: wm8994: Fix missing break in switch Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390/lib: use expoline for all bcr instructions Tomas Winkler <tomas.winkler(a)intel.com> mei: me: allow runtime pm for platform with D0i3 Nikolay Aleksandrov <nikolay(a)cumulusnetworks.com> sch_tbf: fix two null pointer dereferences on init failure Nikolay Aleksandrov <nikolay(a)cumulusnetworks.com> sch_netem: avoid null pointer deref on init failure Nikolay Aleksandrov <nikolay(a)cumulusnetworks.com> sch_hhf: fix null pointer dereference on init failure Nikolay Aleksandrov <nikolay(a)cumulusnetworks.com> sch_multiq: fix double free on init failure Nikolay Aleksandrov <nikolay(a)cumulusnetworks.com> sch_htb: fix crash on init failure Miklos Szeredi <mszeredi(a)redhat.com> ovl: proper cleanup of workdir Antonio Murdaca <amurdaca(a)redhat.com> ovl: override creds with the ones from the superblock mounter Miklos Szeredi <mszeredi(a)redhat.com> ovl: rename is_merge to is_lowest Marc Zyngier <marc.zyngier(a)arm.com> irqchip/gic: Make interrupt ID 1020 invalid Marc Zyngier <marc.zyngier(a)arm.com> irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar() Shanker Donthineni <shankerd(a)codeaurora.org> irqchip/gicv3-its: Avoid cache flush beyond ITS_BASERn memory size Shanker Donthineni <shankerd(a)codeaurora.org> irqchip/gicv3-its: Fix memory leak in its_free_tables() Marc Zyngier <marc.zyngier(a)arm.com> irqchip/gic-v3-its: Recompute the number of pages on page size change Sudeep Holla <sudeep.holla(a)arm.com> genirq: Delay incrementing interrupt count if it's disabled/pending Chas Williams <chas3(a)att.com> Fixes: Commit cdbf92675fad ("mm: numa: avoid waiting on freed migrated pages") Govindarajulu Varadarajan <gvaradar(a)cisco.com> enic: do not call enic_change_mtu in enic_probe Fabio Estevam <fabio.estevam(a)nxp.com> Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" Tyler Hicks <tyhicks(a)canonical.com> irda: Only insert new objects into the global database via setsockopt Tyler Hicks <tyhicks(a)canonical.com> irda: Fix memory leak caused by repeated binds of irda socket Randy Dunlap <rdunlap(a)infradead.org> kbuild: make missing $DEPMOD a Warning instead of an Error Juergen Gross <jgross(a)suse.com> x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear Joel Fernandes (Google) <joel(a)joelfernandes.org> debugobjects: Make stack check warning more informative Qu Wenruo <wqu(a)suse.com> btrfs: Don't remove block group that still has pinned down bytes Qu Wenruo <wqu(a)suse.com> btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized Misono Tomohiro <misono.tomohiro(a)jp.fujitsu.com> btrfs: replace: Reset on-disk dev stats value after replace Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Steve French <stfrench(a)microsoft.com> SMB3: Number of requests sent should be displayed for SMB3 not just CIFS Steve French <stfrench(a)microsoft.com> smb3: fix reset of bytes read and written stats Breno Leitao <leitao(a)debian.org> selftests/powerpc: Kill child processes on SIGINT Ian Abbott <abbotti(a)mev.co.uk> staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice John Pittman <jpittman(a)redhat.com> dm kcopyd: avoid softlockup in run_complete_job Thomas Petazzoni <thomas.petazzoni(a)bootlin.com> PCI: mvebu: Fix I/O space end address calculation Dan Carpenter <dan.carpenter(a)oracle.com> scsi: aic94xx: fix an error code in aic94xx_init() Stefan Haberland <sth(a)linux.ibm.com> s390/dasd: fix hanging offline processing due to canceled worker Dan Carpenter <dan.carpenter(a)oracle.com> powerpc: Fix size calculation using resource_size() Jean-Philippe Brucker <jean-philippe.brucker(a)arm.com> net/9p: fix error path of p9_virtio_probe Jonas Gorski <jonas.gorski(a)gmail.com> irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Aleh Filipovich <aleh(a)vaolix.com> platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Guenter Roeck <linux(a)roeck-us.net> mfd: sm501: Set coherent_dma_mask when creating subdevices Tan Hu <tan.hu(a)zte.com.cn> ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Andrey Ryabinin <aryabinin(a)virtuozzo.com> mm/fadvise.c: fix signed overflow UBSAN complaint Randy Dunlap <rdunlap(a)infradead.org> scripts: modpost: check memory allocation results OGAWA Hirofumi <hirofumi(a)mail.parknet.co.jp> fat: validate ->i_start before using Ernesto A. Fernández <ernesto.mnd.fernandez(a)gmail.com> hfsplus: fix NULL dereference in hfsplus_lookup() Arnd Bergmann <arnd(a)arndb.de> reiserfs: change j_timestamp type to time64_t Jann Horn <jannh(a)google.com> fork: don't copy inconsistent signal handler state to child Ernesto A. Fernández <ernesto.mnd.fernandez(a)gmail.com> hfs: prevent crash on exit from failed search Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> hfsplus: don't return 0 when fill_super() failed Ronnie Sahlberg <lsahlber(a)redhat.com> cifs: check if SMB2 PDU size has been padded and suppress the warning Alexey Kodanev <alexey.kodanev(a)oracle.com> vti6: remove !skb->ignore_df check from vti6_xmit() Florian Westphal <fw(a)strlen.de> tcp: do not restart timewait timer on rst reception Manish Chopra <manish.chopra(a)cavium.com> qlge: Fix netdev features configuration. Doug Berger <opendmb(a)gmail.com> net: bcmgenet: use MAC link status for fixed phy Greg Hackmann <ghackmann(a)android.com> staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free Michal Hocko <mhocko(a)suse.cz> x86/speculation/l1tf: Fix up pte->pfn conversion for PAE ------------- Diffstat: Makefile | 4 +- arch/arm/configs/imx_v6_v7_defconfig | 2 - arch/arm/include/asm/arch_gicv3.h | 1 + arch/powerpc/platforms/pseries/ras.c | 2 +- arch/powerpc/sysdev/mpic_msgr.c | 2 +- arch/s390/lib/mem.S | 9 ++- arch/x86/include/asm/pgtable-3level.h | 7 +- arch/x86/include/asm/pgtable.h | 2 +- drivers/irqchip/irq-bcm7038-l1.c | 4 ++ drivers/irqchip/irq-gic-v3-its.c | 34 ++++++---- drivers/irqchip/irq-gic.c | 2 +- drivers/md/dm-kcopyd.c | 2 + drivers/mfd/sm501.c | 1 + drivers/misc/mei/pci-me.c | 5 +- drivers/net/ethernet/broadcom/genet/bcmgenet.h | 3 + drivers/net/ethernet/broadcom/genet/bcmmii.c | 10 ++- drivers/net/ethernet/cisco/enic/enic_main.c | 2 +- drivers/net/ethernet/qlogic/qlge/qlge_main.c | 23 +++---- drivers/pci/host/pci-mvebu.c | 2 +- drivers/platform/x86/asus-nb-wmi.c | 1 + drivers/s390/block/dasd_eckd.c | 7 +- drivers/scsi/aic94xx/aic94xx_init.c | 4 +- drivers/staging/android/ion/ion.c | 60 ++++++++++------- drivers/staging/comedi/drivers/ni_mio_common.c | 3 +- fs/btrfs/dev-replace.c | 6 ++ fs/btrfs/disk-io.c | 10 +-- fs/btrfs/extent-tree.c | 2 +- fs/btrfs/relocation.c | 23 ++++--- fs/cifs/cifs_debug.c | 8 +++ fs/cifs/smb2misc.c | 7 ++ fs/cifs/smb2pdu.c | 2 +- fs/dcache.c | 3 +- fs/fat/cache.c | 19 ++++-- fs/fat/fat.h | 5 ++ fs/fat/fatent.c | 6 +- fs/hfs/brec.c | 7 +- fs/hfsplus/dir.c | 4 +- fs/hfsplus/super.c | 4 +- fs/overlayfs/copy_up.c | 26 +------ fs/overlayfs/dir.c | 67 ++----------------- fs/overlayfs/overlayfs.h | 3 + fs/overlayfs/readdir.c | 93 ++++++++++++++++++++------ fs/overlayfs/super.c | 20 +++++- fs/reiserfs/reiserfs.h | 2 +- kernel/fork.c | 2 + kernel/irq/chip.c | 8 +-- lib/debugobjects.c | 7 +- mm/fadvise.c | 8 ++- mm/huge_memory.c | 2 +- net/9p/trans_virtio.c | 3 +- net/ipv4/tcp_minisocks.c | 3 +- net/ipv6/ip6_vti.c | 2 +- net/irda/af_irda.c | 13 +++- net/netfilter/ipvs/ip_vs_core.c | 15 +++-- net/sched/sch_hhf.c | 3 + net/sched/sch_htb.c | 5 +- net/sched/sch_multiq.c | 9 +-- net/sched/sch_netem.c | 4 +- net/sched/sch_tbf.c | 5 +- scripts/depmod.sh | 4 +- scripts/mod/modpost.c | 8 +-- sound/soc/codecs/wm8994.c | 1 + tools/testing/selftests/powerpc/harness.c | 18 +++-- 63 files changed, 369 insertions(+), 260 deletions(-)

7 years, 1 month

4
63
0 0

FAILED: patch "[PATCH] drm/i915: Increase LSPCON timeout" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 299c2a904b1e8d5096d4813df6371357d97a6cd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fredrik=20Sch=C3=B6n?= <fredrikschon(a)gmail.com> Date: Fri, 17 Aug 2018 22:07:28 +0200 Subject: [PATCH] drm/i915: Increase LSPCON timeout MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 100 ms is not enough time for the LSPCON adapter on Intel NUC devices to settle. This causes dropped display modes at boot or screen reconfiguration. Empirical testing can reproduce the error up to a timeout of 190 ms. Basic boot and stress testing at 200 ms has not (yet) failed. Increase timeout to 400 ms to get some margin of error. Changes from v1: The initial suggestion of 1000 ms was lowered due to concerns about delaying valid timeout cases. Update patch metadata. Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=107503 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1570392 Fixes: 357c0ae9198a ("drm/i915/lspcon: Wait for expected LSPCON mode to settle") Cc: Shashank Sharma <shashank.sharma(a)intel.com> Cc: Imre Deak <imre.deak(a)intel.com> Cc: Jani Nikula <jani.nikula(a)intel.com> Cc: <stable(a)vger.kernel.org> # v4.11+ Reviewed-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Reviewed-by: Shashank Sharma <shashank.sharma(a)intel.com> Signed-off-by: Fredrik Schön <fredrik.schon(a)gmail.com> Signed-off-by: Jani Nikula <jani.nikula(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180817200728.8154-1-fredrik… (cherry picked from commit 59f1c8ab30d6f9042562949f42cbd3f3cf69de94) Signed-off-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> diff --git a/drivers/gpu/drm/i915/intel_lspcon.c b/drivers/gpu/drm/i915/intel_lspcon.c index 5dae16ccd9f1..3e085c5f2b81 100644 --- a/drivers/gpu/drm/i915/intel_lspcon.c +++ b/drivers/gpu/drm/i915/intel_lspcon.c @@ -74,7 +74,7 @@ static enum drm_lspcon_mode lspcon_wait_mode(struct intel_lspcon *lspcon, DRM_DEBUG_KMS("Waiting for LSPCON mode %s to settle\n", lspcon_mode_name(mode)); - wait_for((current_mode = lspcon_get_current_mode(lspcon)) == mode, 100); + wait_for((current_mode = lspcon_get_current_mode(lspcon)) == mode, 400); if (current_mode != mode) DRM_ERROR("LSPCON mode hasn't settled\n");

7 years, 1 month

4
3
0 0

[PATCH] serial: cpm_uart: return immediately from console poll

by Christophe Leroy

kgdb expects poll function to return immediately and returning NO_POLL_CHAR when no character is available. Fixes: f5316b4aea024 ("kgdb,8250,pl011: Return immediately from console poll") Cc: Jason Wessel <jason.wessel(a)windriver.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Christophe Leroy <christophe.leroy(a)c-s.fr> --- drivers/tty/serial/cpm_uart/cpm_uart_core.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/drivers/tty/serial/cpm_uart/cpm_uart_core.c b/drivers/tty/serial/cpm_uart/cpm_uart_core.c index cd3f3fc4e0a5..280acc4dfa90 100644 --- a/drivers/tty/serial/cpm_uart/cpm_uart_core.c +++ b/drivers/tty/serial/cpm_uart/cpm_uart_core.c @@ -1093,8 +1093,8 @@ static int poll_wait_key(char *obuf, struct uart_cpm_port *pinfo) /* Get the address of the host memory buffer. */ bdp = pinfo->rx_cur; - while (bdp->cbd_sc & BD_SC_EMPTY) - ; + if (bdp->cbd_sc & BD_SC_EMPTY) + return NO_POLL_CHAR; /* If the buffer address is in the CPM DPRAM, don't * convert it. @@ -1129,7 +1129,11 @@ static int cpm_get_poll_char(struct uart_port *port) poll_chars = 0; } if (poll_chars <= 0) { - poll_chars = poll_wait_key(poll_buf, pinfo); + int ret = poll_wait_key(poll_buf, pinfo); + + if (ret == NO_POLL_CHAR) + return ret; + poll_chars = ret; pollp = poll_buf; } poll_chars--; -- 2.13.3

7 years, 1 month

1
0
0 0

[PATCH] gpiolib: fix freeing of descriptors on error

by Jim Paris

When the main loop in linehandle_create() encounters an error, it fails to free one of the previously-requested GPIO descriptors. This renders the unfreed GPIO unusable until reboot, and leaves its label pointing to free'd kernel memory. Cc: stable(a)vger.kernel.org Fixes: ab3dbcf78f60 ("gpioib: do not free unrequested descriptors") Signed-off-by: Jim Paris <jim(a)jtan.com> --- drivers/gpio/gpiolib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/gpio/gpiolib.c b/drivers/gpio/gpiolib.c index e8f8a1999393..a57300c1d649 100644 --- a/drivers/gpio/gpiolib.c +++ b/drivers/gpio/gpiolib.c @@ -571,7 +571,7 @@ static int linehandle_create(struct gpio_device *gdev, void __user *ip) if (ret) goto out_free_descs; lh->descs[i] = desc; - count = i; + count = i + 1; if (lflags & GPIOHANDLE_REQUEST_ACTIVE_LOW) set_bit(FLAG_ACTIVE_LOW, &desc->flags); -- 2.18.0

7 years, 1 month

3
2
0 0

[PATCH] crypto: x86/aegis,morus - Do not require OSXSAVE for SSE2

by Ondrej Mosnacek

It turns out OSXSAVE needs to be checked only for AVX, not for SSE. Without this patch the affected modules refuse to load on CPUs with SSE2 but without AVX support. Fixes: 877ccce7cbe8 ("crypto: x86/aegis,morus - Fix and simplify CPUID checks") Cc: <stable(a)vger.kernel.org> # 4.18 Reported-by: Zdenek Kaspar <zkaspar82(a)gmail.com> Signed-off-by: Ondrej Mosnacek <omosnace(a)redhat.com> --- arch/x86/crypto/aegis128-aesni-glue.c | 1 - arch/x86/crypto/aegis128l-aesni-glue.c | 1 - arch/x86/crypto/aegis256-aesni-glue.c | 1 - arch/x86/crypto/morus1280-sse2-glue.c | 1 - arch/x86/crypto/morus640-sse2-glue.c | 1 - 5 files changed, 5 deletions(-) NOTE: This patch doesn't apply to the current crypto-2.6 tree [1], since it is based on v4.18-rc7, which doesn't contain the commit this patch is fixing. It needs to merge in the v4.18 tag before this patch can be applied. Thanks, Ondrej [1] https://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6.git/ diff --git a/arch/x86/crypto/aegis128-aesni-glue.c b/arch/x86/crypto/aegis128-aesni-glue.c index acd11b3bf639..2a356b948720 100644 --- a/arch/x86/crypto/aegis128-aesni-glue.c +++ b/arch/x86/crypto/aegis128-aesni-glue.c @@ -379,7 +379,6 @@ static int __init crypto_aegis128_aesni_module_init(void) { if (!boot_cpu_has(X86_FEATURE_XMM2) || !boot_cpu_has(X86_FEATURE_AES) || - !boot_cpu_has(X86_FEATURE_OSXSAVE) || !cpu_has_xfeatures(XFEATURE_MASK_SSE, NULL)) return -ENODEV; diff --git a/arch/x86/crypto/aegis128l-aesni-glue.c b/arch/x86/crypto/aegis128l-aesni-glue.c index 2071c3d1ae07..dbe8bb980da1 100644 --- a/arch/x86/crypto/aegis128l-aesni-glue.c +++ b/arch/x86/crypto/aegis128l-aesni-glue.c @@ -379,7 +379,6 @@ static int __init crypto_aegis128l_aesni_module_init(void) { if (!boot_cpu_has(X86_FEATURE_XMM2) || !boot_cpu_has(X86_FEATURE_AES) || - !boot_cpu_has(X86_FEATURE_OSXSAVE) || !cpu_has_xfeatures(XFEATURE_MASK_SSE, NULL)) return -ENODEV; diff --git a/arch/x86/crypto/aegis256-aesni-glue.c b/arch/x86/crypto/aegis256-aesni-glue.c index b5f2a8fd5a71..8bebda2de92f 100644 --- a/arch/x86/crypto/aegis256-aesni-glue.c +++ b/arch/x86/crypto/aegis256-aesni-glue.c @@ -379,7 +379,6 @@ static int __init crypto_aegis256_aesni_module_init(void) { if (!boot_cpu_has(X86_FEATURE_XMM2) || !boot_cpu_has(X86_FEATURE_AES) || - !boot_cpu_has(X86_FEATURE_OSXSAVE) || !cpu_has_xfeatures(XFEATURE_MASK_SSE, NULL)) return -ENODEV; diff --git a/arch/x86/crypto/morus1280-sse2-glue.c b/arch/x86/crypto/morus1280-sse2-glue.c index 95cf857d2cbb..f40244eaf14d 100644 --- a/arch/x86/crypto/morus1280-sse2-glue.c +++ b/arch/x86/crypto/morus1280-sse2-glue.c @@ -40,7 +40,6 @@ MORUS1280_DECLARE_ALGS(sse2, "morus1280-sse2", 350); static int __init crypto_morus1280_sse2_module_init(void) { if (!boot_cpu_has(X86_FEATURE_XMM2) || - !boot_cpu_has(X86_FEATURE_OSXSAVE) || !cpu_has_xfeatures(XFEATURE_MASK_SSE, NULL)) return -ENODEV; diff --git a/arch/x86/crypto/morus640-sse2-glue.c b/arch/x86/crypto/morus640-sse2-glue.c index 615fb7bc9a32..9afaf8f8565a 100644 --- a/arch/x86/crypto/morus640-sse2-glue.c +++ b/arch/x86/crypto/morus640-sse2-glue.c @@ -40,7 +40,6 @@ MORUS640_DECLARE_ALGS(sse2, "morus640-sse2", 400); static int __init crypto_morus640_sse2_module_init(void) { if (!boot_cpu_has(X86_FEATURE_XMM2) || - !boot_cpu_has(X86_FEATURE_OSXSAVE) || !cpu_has_xfeatures(XFEATURE_MASK_SSE, NULL)) return -ENODEV; -- 2.17.1

7 years, 1 month

2
1
0 0

[PATCH stable 4.4 0/9] fix SegmentSmack in stable branch (CVE-2018-5390)

by Mao Wenan

There are five patches to fix CVE-2018-5390 in latest mainline branch, but only two patches exist in stable 4.4 and 3.18: dc6ae4d tcp: detect malicious patterns in tcp_collapse_ofo_queue() 5fbec48 tcp: avoid collapses in tcp_prune_queue() if possible I have tested with stable 4.4 kernel, and found the cpu usage was very high. So I think only two patches can't fix the CVE-2018-5390. test results: with fix patch： 78.2% ksoftirqd withoutfix patch： 90% ksoftirqd Then I try to imitate 72cd43ba(tcp: free batches of packets in tcp_prune_ofo_queue()) to drop at least 12.5 % of sk_rcvbuf to avoid malicious attacks with simple queue instead of RB tree. The result is not very well. After analysing the codes of stable 4.4, and debuging the system, shows that search of ofo_queue(tcp ofo using a simple queue) cost more cycles. So I try to backport "tcp: use an RB tree for ooo receive queue" using RB tree instead of simple queue, then backport Eric Dumazet 5 fixed patches in mainline, good news is that ksoftirqd is turn to about 20%, which is the same with mainline now. Stable 4.4 have already back port two patches, f4a3313d(tcp: avoid collapses in tcp_prune_queue() if possible) 3d4bf93a(tcp: detect malicious patterns in tcp_collapse_ofo_queue()) If we want to change simple queue to RB tree to finally resolve, we should apply previous patch 9f5afeae(tcp: use an RB tree for ooo receive queue.) firstly, but 9f5afeae have many conflicts with 3d4bf93a and f4a3313d, which are part of patch series from Eric in mainline to fix CVE-2018-5390, so I need revert part of patches in stable 4.4 firstly, then apply 9f5afeae, and reapply five patches from Eric. Eric Dumazet (6): tcp: increment sk_drops for dropped rx packets tcp: free batches of packets in tcp_prune_ofo_queue() tcp: avoid collapses in tcp_prune_queue() if possible tcp: detect malicious patterns in tcp_collapse_ofo_queue() tcp: call tcp_drop() from tcp_data_queue_ofo() tcp: add tcp_ooo_try_coalesce() helper Mao Wenan (2): Revert "tcp: detect malicious patterns in tcp_collapse_ofo_queue()" Revert "tcp: avoid collapses in tcp_prune_queue() if possible" Yaogong Wang (1): tcp: use an RB tree for ooo receive queue include/linux/skbuff.h | 8 + include/linux/tcp.h | 7 +- include/net/sock.h | 7 + include/net/tcp.h | 2 +- net/core/skbuff.c | 19 +++ net/ipv4/tcp.c | 4 +- net/ipv4/tcp_input.c | 412 +++++++++++++++++++++++++++++------------------ net/ipv4/tcp_ipv4.c | 3 +- net/ipv4/tcp_minisocks.c | 1 - net/ipv6/tcp_ipv6.c | 1 + 10 files changed, 294 insertions(+), 170 deletions(-) -- 1.8.3.1

7 years, 1 month

5
27
0 0

[linux-stable-rc:linux-4.4.y] vmw_balloon: include asm/io.h

by Nadav Amit

Fix a build error due to missing virt_to_phys() Fixes: f0a1bf29d821b ("vmw_balloon: fix inflation with batching") Cc: stable(a)vger.kernel.org Cc: Xavier Deguillard <xdeguillard(a)vmware.com> Signed-off-by: Nadav Amit <namit(a)vmware.com> --- drivers/misc/vmw_balloon.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c index 518e2dec2aa2..5e9122cd3898 100644 --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -45,6 +45,7 @@ #include <linux/seq_file.h> #include <linux/vmw_vmci_defs.h> #include <linux/vmw_vmci_api.h> +#include <linux/io.h> #include <asm/hypervisor.h> MODULE_AUTHOR("VMware, Inc."); -- 2.17.1

7 years, 1 month

2
2
0 0

[linux-stable-rc:linux-4.4.y v2] vmw_balloon: include asm/io.h

by Nadav Amit

Fix a build error due to missing virt_to_phys() Reported-by: kbuild test robot <lkp(a)intel.com> Fixes: f0a1bf29d821b ("vmw_balloon: fix inflation with batching") Cc: stable(a)vger.kernel.org Cc: Xavier Deguillard <xdeguillard(a)vmware.com> Signed-off-by: Nadav Amit <namit(a)vmware.com> --- drivers/misc/vmw_balloon.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c index 518e2dec2aa2..5e9122cd3898 100644 --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -45,6 +45,7 @@ #include <linux/seq_file.h> #include <linux/vmw_vmci_defs.h> #include <linux/vmw_vmci_api.h> +#include <linux/io.h> #include <asm/hypervisor.h> MODULE_AUTHOR("VMware, Inc."); -- 2.17.1

7 years, 1 month

1
0
0 0

[PATCH] xen/netfront: don't bug in case of too many frags

by Juergen Gross

Commit 57f230ab04d291 ("xen/netfront: raise max number of slots in xennet_get_responses()") raised the max number of allowed slots by one. This seems to be problematic in some configurations with netback using a larger MAX_SKB_FRAGS value (e.g. old Linux kernel with MAX_SKB_FRAGS defined as 18 instead of nowadays 17). Instead of BUG_ON() in this case just fall back to retransmission. Fixes: 57f230ab04d291 ("xen/netfront: raise max number of slots in xennet_get_responses()") Cc: stable(a)vger.kernel.org Signed-off-by: Juergen Gross <jgross(a)suse.com> --- drivers/net/xen-netfront.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/net/xen-netfront.c b/drivers/net/xen-netfront.c index 9407acbd19a9..f17f602e6171 100644 --- a/drivers/net/xen-netfront.c +++ b/drivers/net/xen-netfront.c @@ -908,7 +908,11 @@ static RING_IDX xennet_fill_frags(struct netfront_queue *queue, BUG_ON(pull_to <= skb_headlen(skb)); __pskb_pull_tail(skb, pull_to - skb_headlen(skb)); } - BUG_ON(skb_shinfo(skb)->nr_frags >= MAX_SKB_FRAGS); + if (unlikely(skb_shinfo(skb)->nr_frags >= MAX_SKB_FRAGS)) { + queue->rx.rsp_cons = ++cons; + kfree_skb(nskb); + return ~0U; + } skb_add_rx_frag(skb, skb_shinfo(skb)->nr_frags, skb_frag_page(nfrag), @@ -1045,6 +1049,8 @@ static int xennet_poll(struct napi_struct *napi, int budget) skb->len += rx->status; i = xennet_fill_frags(queue, skb, &tmpq); + if (unlikely(i == ~0U)) + goto err; if (rx->flags & XEN_NETRXF_csum_blank) skb->ip_summed = CHECKSUM_PARTIAL; -- 2.16.4

7 years, 1 month

2
1
0 0

[PATCH] ALSA: oxfw: fix memory leak of private data

by Takashi Sakamoto

Although private data of sound card instance is usually allocated in the tail of the instance, drivers in ALSA firewire stack allocate the private data before allocating the instance. In this case, the private data should be released explicitly at .private_free callback of the instance. This commit fixes memory leak following to the above design. Fixes: 6c29230e2a5f ('ALSA: oxfw: delayed registration of sound card') Cc: <stable(a)vger.kernel.org> # v4.7+ Signed-off-by: Takashi Sakamoto <o-takashi(a)sakamocchi.jp> --- sound/firewire/oxfw/oxfw.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sound/firewire/oxfw/oxfw.c b/sound/firewire/oxfw/oxfw.c index 1e5b2c802635..fd34ef2ac679 100644 --- a/sound/firewire/oxfw/oxfw.c +++ b/sound/firewire/oxfw/oxfw.c @@ -130,6 +130,7 @@ static void oxfw_free(struct snd_oxfw *oxfw) kfree(oxfw->spec); mutex_destroy(&oxfw->mutex); + kfree(oxfw); } /* -- 2.17.1

7 years, 1 month

2
1
0 0

[PATCH] ALSA: firewire-tascam: fix memory leak of private data

by Takashi Sakamoto

Although private data of sound card instance is usually allocated in the tail of the instance, drivers in ALSA firewire stack allocate the private data before allocating the instance. In this case, the private data should be released explicitly at .private_free callback of the instance. This commit fixes memory leak following to the above design. Fixes: b610386c8afb ('ALSA: firewire-tascam: deleyed registration of sound card') Cc: <stable(a)vger.kernel.org> # v4.7+ Signed-off-by: Takashi Sakamoto <o-takashi(a)sakamocchi.jp> --- sound/firewire/tascam/tascam.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sound/firewire/tascam/tascam.c b/sound/firewire/tascam/tascam.c index 44ad41fb7374..d3fdc463a884 100644 --- a/sound/firewire/tascam/tascam.c +++ b/sound/firewire/tascam/tascam.c @@ -93,6 +93,7 @@ static void tscm_free(struct snd_tscm *tscm) fw_unit_put(tscm->unit); mutex_destroy(&tscm->mutex); + kfree(tscm); } static void tscm_card_free(struct snd_card *card) -- 2.17.1

7 years, 1 month

2
1
0 0

[PATCH] ALSA: firewire-digi00x: fix memory leak of private data

by Takashi Sakamoto

Although private data of sound card instance is usually allocated in the tail of the instance, drivers in ALSA firewire stack allocate the private data before allocating the instance. In this case, the private data should be released explicitly at .private_free callback of the instance. This commit fixes memory leak following to the above design. Fixes: 86c8dd7f4da3 ('ALSA: firewire-digi00x: delayed registration of sound card') Cc: <stable(a)vger.kernel.org> # v4.7+ Signed-off-by: Takashi Sakamoto <o-takashi(a)sakamocchi.jp> --- sound/firewire/digi00x/digi00x.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sound/firewire/digi00x/digi00x.c b/sound/firewire/digi00x/digi00x.c index 1f5e1d23f31a..ef689997d6a5 100644 --- a/sound/firewire/digi00x/digi00x.c +++ b/sound/firewire/digi00x/digi00x.c @@ -49,6 +49,7 @@ static void dg00x_free(struct snd_dg00x *dg00x) fw_unit_put(dg00x->unit); mutex_destroy(&dg00x->mutex); + kfree(dg00x); } static void dg00x_card_free(struct snd_card *card) -- 2.17.1

7 years, 1 month

2
1
0 0

[stable PATCH 1/2] arm64: Fix mismatched cache line size detection

by Suzuki K Poulose

commit 4c4a39dd5fe2d13e2d2fa5fceb8ef95d19fc389a upstream If there is a mismatch in the I/D min line size, we must always use the system wide safe value both in applications and in the kernel, while performing cache operations. However, we have been checking more bits than just the min line sizes, which triggers false negatives. We may need to trap the user accesses in such cases, but not necessarily patch the kernel. This patch fixes the check to do the right thing as advertised. A new capability will be added to check mismatches in other fields and ensure we trap the CTR accesses. Fixes: be68a8aaf925 ("arm64: cpufeature: Fix CTR_EL0 field definitions") Cc: <stable(a)vger.kernel.org> # v4.9 Cc: Mark Rutland <mark.rutland(a)arm.com> Cc: Catalin Marinas <catalin.marinas(a)arm.com> Reported-by: Will Deacon <will.deacon(a)arm.com> Signed-off-by: Suzuki K Poulose <suzuki.poulose(a)arm.com> Signed-off-by: Will Deacon <will.deacon(a)arm.com> --- arch/arm64/include/asm/cachetype.h | 5 +++++ arch/arm64/kernel/cpu_errata.c | 7 +++++-- arch/arm64/kernel/cpufeature.c | 4 ++-- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/arch/arm64/include/asm/cachetype.h b/arch/arm64/include/asm/cachetype.h index f558869..877d478 100644 --- a/arch/arm64/include/asm/cachetype.h +++ b/arch/arm64/include/asm/cachetype.h @@ -22,6 +22,11 @@ #define CTR_L1IP_MASK 3 #define CTR_CWG_SHIFT 24 #define CTR_CWG_MASK 15 +#define CTR_DMINLINE_SHIFT 16 +#define CTR_IMINLINE_SHIFT 0 + +#define CTR_CACHE_MINLINE_MASK \ + ((0xf << CTR_DMINLINE_SHIFT) | (0xf << CTR_IMINLINE_SHIFT)) #define ICACHE_POLICY_RESERVED 0 #define ICACHE_POLICY_AIVIVT 1 diff --git a/arch/arm64/kernel/cpu_errata.c b/arch/arm64/kernel/cpu_errata.c index 1db97ad..fe604bb 100644 --- a/arch/arm64/kernel/cpu_errata.c +++ b/arch/arm64/kernel/cpu_errata.c @@ -17,6 +17,7 @@ */ #include <linux/types.h> +#include <asm/cachetype.h> #include <asm/cpu.h> #include <asm/cputype.h> #include <asm/cpufeature.h> @@ -34,9 +35,11 @@ static bool has_mismatched_cache_line_size(const struct arm64_cpu_capabilities *entry, int scope) { + u64 mask = CTR_CACHE_MINLINE_MASK; + WARN_ON(scope != SCOPE_LOCAL_CPU || preemptible()); - return (read_cpuid_cachetype() & arm64_ftr_reg_ctrel0.strict_mask) != - (arm64_ftr_reg_ctrel0.sys_val & arm64_ftr_reg_ctrel0.strict_mask); + return (read_cpuid_cachetype() & mask) != + (arm64_ftr_reg_ctrel0.sys_val & mask); } static int cpu_enable_trap_ctr_access(void *__unused) diff --git a/arch/arm64/kernel/cpufeature.c b/arch/arm64/kernel/cpufeature.c index ab15747..a3ab7df 100644 --- a/arch/arm64/kernel/cpufeature.c +++ b/arch/arm64/kernel/cpufeature.c @@ -152,7 +152,7 @@ static const struct arm64_ftr_bits ftr_ctr[] = { ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, 28, 3, 0), ARM64_FTR_BITS(FTR_STRICT, FTR_HIGHER_SAFE, 24, 4, 0), /* CWG */ ARM64_FTR_BITS(FTR_STRICT, FTR_LOWER_SAFE, 20, 4, 0), /* ERG */ - ARM64_FTR_BITS(FTR_STRICT, FTR_LOWER_SAFE, 16, 4, 1), /* DminLine */ + ARM64_FTR_BITS(FTR_STRICT, FTR_LOWER_SAFE, CTR_DMINLINE_SHIFT, 4, 1), /* * Linux can handle differing I-cache policies. Userspace JITs will * make use of *minLine. @@ -160,7 +160,7 @@ static const struct arm64_ftr_bits ftr_ctr[] = { */ ARM64_FTR_BITS(FTR_NONSTRICT, FTR_EXACT, 14, 2, ICACHE_POLICY_AIVIVT), /* L1Ip */ ARM64_FTR_BITS(FTR_STRICT, FTR_EXACT, 4, 10, 0), /* RAZ */ - ARM64_FTR_BITS(FTR_STRICT, FTR_LOWER_SAFE, 0, 4, 0), /* IminLine */ + ARM64_FTR_BITS(FTR_STRICT, FTR_LOWER_SAFE, CTR_IMINLINE_SHIFT, 4, 0), ARM64_FTR_END, }; -- 2.7.4

7 years, 1 month

4
6
0 0

[PATCH v2 for-4.9.y 0/5] net/sched: init failure fixes

by Amit Pundir

Hi Greg, Kindly consider/review following net/sched fixes for stable 4.9.y. This patchset is a follow-up of upstream fix 87b60cfacf9f ("net_sched: fix error recovery at qdisc creation") cherry-picked on stable 4.9.y. It fix null pointer dereferences due to uninitialized timer (qdisc watchdog) or double frees due to ->destroy cleaning up a second time. Here is the original submission https://www.mail-archive.com/netdev@vger.kernel.org/msg186003.html Cherry-picked and build tested on Linux 4.9.123 for ARCH=x86_64. These fixes are applicable for stable 4.4.y kernel as well, but one of the patches needed a minor rebasing, so I'm resending this series for 4.4.y in a separate thread to avoid any confusion. Regards, Amit Pundir Change since v1: Rebased "sch_multiq: fix double free on init failure" patch and fixed "unused variable" build warning. Nikolay Aleksandrov (5): sch_htb: fix crash on init failure sch_multiq: fix double free on init failure sch_hhf: fix null pointer dereference on init failure sch_netem: avoid null pointer deref on init failure sch_tbf: fix two null pointer dereferences on init failure net/sched/sch_hhf.c | 3 +++ net/sched/sch_htb.c | 5 +++-- net/sched/sch_multiq.c | 9 ++------- net/sched/sch_netem.c | 4 ++-- net/sched/sch_tbf.c | 5 +++-- 5 files changed, 13 insertions(+), 13 deletions(-) -- 2.7.4

7 years, 1 month

2
6
0 0

[PATCH 4.4 0/3] Fix read-only issue with non-empty workdir

by SZ Lin (林上智)

Hi, This patch series fixes read-only issue when non-empty workdir occurred in overlayfs, the non-empty workdir could be easily reproduced in power-failure test during write operations. These patches have passed basic test in unionmount-testsuite. Antonio Murdaca (1): ovl: override creds with the ones from the superblock mounter Miklos Szeredi (2): ovl: rename is_merge to is_lowest ovl: proper cleanup of workdir fs/overlayfs/copy_up.c | 26 +---------- fs/overlayfs/dir.c | 67 +++-------------------------- fs/overlayfs/overlayfs.h | 3 ++ fs/overlayfs/readdir.c | 93 +++++++++++++++++++++++++++++++--------- fs/overlayfs/super.c | 20 ++++++++- 5 files changed, 100 insertions(+), 109 deletions(-) -- 2.18.0

7 years, 1 month

2
4
0 0

[PATCH 4.4 0/6] irqchip fixes for stable 4.4

by Hanjun Guo

From: Hanjun Guo <hanjun.guo(a)linaro.org> Hi Greg, When I was migrating the kernel from 4.1 to 4.4, I found some irqchip (and one genirq) bugfix patches are missing in 4.4, please take a look and consider apply them. Thanks Hanjun Marc Zyngier (3): irqchip/gic-v3-its: Recompute the number of pages on page size change irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar() irqchip/gic: Make interrupt ID 1020 invalid Shanker Donthineni (2): irqchip/gicv3-its: Fix memory leak in its_free_tables() irqchip/gicv3-its: Avoid cache flush beyond ITS_BASERn memory size Sudeep Holla (1): genirq: Delay incrementing interrupt count if it's disabled/pending arch/arm/include/asm/arch_gicv3.h | 1 + drivers/irqchip/irq-gic-v3-its.c | 34 ++++++++++++++++++++++------------ drivers/irqchip/irq-gic.c | 2 +- kernel/irq/chip.c | 8 ++++---- 4 files changed, 28 insertions(+), 17 deletions(-) -- 1.7.12.4

7 years, 1 month

2
10
0 0

[PATCH 1/2] USB: serial: option: improve Quectel EP06 detection

by Johan Hovold

From: Kristian Evensen <kristian.evensen(a)gmail.com> The Quectel EP06 (and EM06/EG06) LTE modem supports updating the USB configuration, without the VID/PID or configuration number changing. When the configuration is updated and interfaces are added/removed, the interface numbers are updated. This causes our current code for matching EP06 not to work as intended, as the assumption about reserved interfaces no longer holds. If for example the diagnostic (first) interface is removed, option will (try to) bind to the QMI interface. This patch improves EP06 detection by replacing the current match with two matches, and those matches check class, subclass and protocol as well as VID and PID. The diag interface exports class, subclass and protocol as 0xff. For the other serial interfaces, class is 0xff and subclass and protocol are both 0x0. The modem can export the following devices and always in this order: diag, nmea, at, ppp. qmi and adb. This means that diag can only ever be interface 0, and interface numbers 1-5 should be marked as reserved. The three other serial devices can have interface numbers 0-3, but I have not marked any interfaces as reserved. The reason is that the serial devices are the only interfaces exported by the device where subclass and protocol is 0x0. QMI exports the same class, subclass and protocol values as the diag interface. However, the two interfaces have different number of endpoints, QMI has three and diag two. I have added a check for number of interfaces if VID/PID matches the EP06, and we ignore the device if number of interfaces equals three (and subclass is set). Signed-off-by: Kristian Evensen <kristian.evensen(a)gmail.com> Acked-by: Dan Williams <dcbw(a)redhat.com> [ johan: drop uneeded RSVD(5) for ADB ] Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/option.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/drivers/usb/serial/option.c b/drivers/usb/serial/option.c index 0215b70c4efc..382feafbd127 100644 --- a/drivers/usb/serial/option.c +++ b/drivers/usb/serial/option.c @@ -1081,8 +1081,9 @@ static const struct usb_device_id option_ids[] = { .driver_info = RSVD(4) }, { USB_DEVICE(QUECTEL_VENDOR_ID, QUECTEL_PRODUCT_BG96), .driver_info = RSVD(4) }, - { USB_DEVICE(QUECTEL_VENDOR_ID, QUECTEL_PRODUCT_EP06), - .driver_info = RSVD(4) | RSVD(5) }, + { USB_DEVICE_AND_INTERFACE_INFO(QUECTEL_VENDOR_ID, QUECTEL_PRODUCT_EP06, 0xff, 0xff, 0xff), + .driver_info = RSVD(1) | RSVD(2) | RSVD(3) | RSVD(4) }, + { USB_DEVICE_AND_INTERFACE_INFO(QUECTEL_VENDOR_ID, QUECTEL_PRODUCT_EP06, 0xff, 0, 0) }, { USB_DEVICE(CMOTECH_VENDOR_ID, CMOTECH_PRODUCT_6001) }, { USB_DEVICE(CMOTECH_VENDOR_ID, CMOTECH_PRODUCT_CMU_300) }, { USB_DEVICE(CMOTECH_VENDOR_ID, CMOTECH_PRODUCT_6003), @@ -1985,6 +1986,7 @@ static int option_probe(struct usb_serial *serial, { struct usb_interface_descriptor *iface_desc = &serial->interface->cur_altsetting->desc; + struct usb_device_descriptor *dev_desc = &serial->dev->descriptor; unsigned long device_flags = id->driver_info; /* Never bind to the CD-Rom emulation interface */ @@ -1999,6 +2001,18 @@ static int option_probe(struct usb_serial *serial, if (device_flags & RSVD(iface_desc->bInterfaceNumber)) return -ENODEV; + /* + * Don't bind to the QMI device of the Quectel EP06/EG06/EM06. Class, + * subclass and protocol is 0xff for both the diagnostic port and the + * QMI interface, but the diagnostic port only has two endpoints (QMI + * has three). + */ + if (dev_desc->idVendor == cpu_to_le16(QUECTEL_VENDOR_ID) && + dev_desc->idProduct == cpu_to_le16(QUECTEL_PRODUCT_EP06) && + iface_desc->bInterfaceSubClass && iface_desc->bNumEndpoints == 3) { + return -ENODEV; + } + /* Store the device flags so we can use them during attach. */ usb_set_serial_data(serial, (void *)device_flags); -- 2.19.0

7 years, 1 month

1
1
0 0

[PATCH v4 1/4] crypto: lrw - Fix out-of bounds access on counter overflow

by Ondrej Mosnacek

When the LRW block counter overflows, the current implementation returns 128 as the index to the precomputed multiplication table, which has 128 entries. This patch fixes it to return the correct value (127). Fixes: 64470f1b8510 ("[CRYPTO] lrw: Liskov Rivest Wagner, a tweakable narrow block cipher mode") Cc: <stable(a)vger.kernel.org> # 2.6.20+ Reported-by: Eric Biggers <ebiggers(a)kernel.org> Signed-off-by: Ondrej Mosnacek <omosnace(a)redhat.com> --- crypto/lrw.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/crypto/lrw.c b/crypto/lrw.c index 393a782679c7..5504d1325a56 100644 --- a/crypto/lrw.c +++ b/crypto/lrw.c @@ -143,7 +143,12 @@ static inline int get_index128(be128 *block) return x + ffz(val); } - return x; + /* + * If we get here, then x == 128 and we are incrementing the counter + * from all ones to all zeros. This means we must return index 127, i.e. + * the one corresponding to key2*{ 1,...,1 }. + */ + return 127; } static int post_crypt(struct skcipher_request *req) -- 2.17.1

7 years, 1 month

1
0
0 0

[4.14.y] request commit 94a5d8790e79 ("arm64: cpu_errata: include required headers")

by Jisheng Zhang

Hi Greg, I think we missed the commit 94a5d8790e79 ("arm64: cpu_errata: include required headers"), could you please include it in next stable release? Thanks, Jisheng

7 years, 1 month

3
5
0 0

WTF: patch "[PATCH] x86: kvm: avoid unused variable warning" was seriously submitted to be applied to the 4.18-stable tree?

by gregkh＠linuxfoundation.org

The patch below was submitted to be applied to the 4.18-stable tree. I fail to see how this patch meets the stable kernel rules as found at Documentation/process/stable-kernel-rules.rst. I could be totally wrong, and if so, please respond to <stable(a)vger.kernel.org> and let me know why this patch should be applied. Otherwise, it is now dropped from my patch queues, never to be seen again. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 7288bde1f9df6c1475675419bdd7725ce84dec56 Mon Sep 17 00:00:00 2001 From: Arnd Bergmann <arnd(a)arndb.de> Date: Mon, 20 Aug 2018 23:37:50 +0200 Subject: [PATCH] x86: kvm: avoid unused variable warning Removing one of the two accesses of the maxphyaddr variable led to a harmless warning: arch/x86/kvm/x86.c: In function 'kvm_set_mmio_spte_mask': arch/x86/kvm/x86.c:6563:6: error: unused variable 'maxphyaddr' [-Werror=unused-variable] Removing the #ifdef seems to be the nicest workaround, as it makes the code look cleaner than adding another #ifdef. Fixes: 28a1f3ac1d0c ("kvm: x86: Set highest physical address bits in non-present/reserved SPTEs") Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> Cc: stable(a)vger.kernel.org # L1TF Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index f7dff0457846..14ee9a814888 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -6576,14 +6576,12 @@ static void kvm_set_mmio_spte_mask(void) /* Set the present bit. */ mask |= 1ull; -#ifdef CONFIG_X86_64 /* * If reserved bit is not supported, clear the present bit to disable * mmio page fault. */ - if (maxphyaddr == 52) + if (IS_ENABLED(CONFIG_X86_64) && maxphyaddr == 52) mask &= ~1ull; -#endif kvm_mmu_set_mmio_spte_mask(mask, mask); }

7 years, 1 month

5
4
0 0

[PATCH 4.4 00/80] 4.4.154-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.154 release. There are 80 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Sep 5 16:49:18 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.154-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.154-rc1 Scott Bauer <scott.bauer(a)intel.com> cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Mike Christie <mchristi(a)redhat.com> iscsi target: fix session creation failure handling Bart Van Assche <bart.vanassche(a)wdc.com> scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Bart Van Assche <bart.vanassche(a)wdc.com> scsi: sysfs: Introduce sysfs_{un,}break_active_protection() Paul Burton <paul.burton(a)mips.com> MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 Maciej W. Rozycki <macro(a)mips.com> MIPS: Correct the 64-bit DSP accumulator register size Masami Hiramatsu <mhiramat(a)kernel.org> kprobes: Make list and blacklist root user read only Sebastian Ott <sebott(a)linux.ibm.com> s390/pci: fix out of bounds access during irq setup Julian Wiedmann <jwi(a)linux.ibm.com> s390/qdio: reset old sbal_state flags Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390: fix br_r1_trampoline for machines without exrl Andi Kleen <ak(a)linux.intel.com> x86/spectre: Add missing family 6 check to microcode check Nick Desaulniers <ndesaulniers(a)google.com> x86/irqflags: Mark native_restore_fl extern inline Dan Carpenter <dan.carpenter(a)oracle.com> pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() Gustavo A. R. Silva <gustavo(a)embeddedor.com> ASoC: sirf: Fix potential NULL pointer dereference Jerome Brunet <jbrunet(a)baylibre.com> ASoC: dpcm: don't merge format from invalid codec dai Mikulas Patocka <mpatocka(a)redhat.com> udl-kms: fix crash due to uninitialized memory Mikulas Patocka <mpatocka(a)redhat.com> udl-kms: handle allocation failure Mikulas Patocka <mpatocka(a)redhat.com> udl-kms: change down_interruptible to down Kirill Tkhai <ktkhai(a)virtuozzo.com> fuse: Add missed unlock_page() to fuse_readpages_fill() Miklos Szeredi <mszeredi(a)redhat.com> fuse: Fix oops at process_init_reply() Miklos Szeredi <mszeredi(a)redhat.com> fuse: umount should wait for all requests Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix unlocked access to processing queue Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix double request_end() Andrey Ryabinin <aryabinin(a)virtuozzo.com> fuse: Don't access pipe->buffers without pipe_lock() Rian Hunter <rian(a)alum.mit.edu> x86/process: Re-export start_thread() Vlastimil Babka <vbabka(a)suse.cz> x86/speculation/l1tf: Suggest what to do on systems with too much RAM Vlastimil Babka <vbabka(a)suse.cz> x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM Vlastimil Babka <vbabka(a)suse.cz> x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit Punit Agrawal <punit.agrawal(a)arm.com> KVM: arm/arm64: Skip updating PMD entry if no change Punit Agrawal <punit.agrawal(a)arm.com> KVM: arm/arm64: Skip updating PTE entry if no change Greg Hackmann <ghackmann(a)android.com> arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() Eric Sandeen <sandeen(a)redhat.com> ext4: reset error code in ext4_find_entry in fallback Arnd Bergmann <arnd(a)arndb.de> ext4: sysfs: print ext4_super_block fields as little-endian Theodore Ts'o <tytso(a)mit.edu> ext4: check for NUL characters in extended attribute's name Claudio Imbrenda <imbrenda(a)linux.vnet.ibm.com> s390/kvm: fix deadlock when killed by oom Josef Bacik <josef(a)toxicpanda.com> btrfs: don't leak ret from do_chunk_alloc Steve French <stfrench(a)microsoft.com> smb3: don't request leases in symlink creation and query Steve French <stfrench(a)microsoft.com> smb3: Do not send SMB3 SET_INFO if nothing changed Nicholas Mc Guire <hofrat(a)osadl.org> cifs: check kmalloc before use Steve French <stfrench(a)microsoft.com> cifs: add missing debug entries for kconfig options jie@chenjie6@huwei.com <jie@chenjie6@huwei.com> mm/memory.c: check return value of ioremap_prot Jim Gill <jgill(a)vmware.com> scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED Johannes Thumshirn <jthumshirn(a)suse.de> scsi: fcoe: drop frames in ELS LOGO error path Colin Ian King <colin.king(a)canonical.com> drivers: net: lmc: fix case value for target abort error Randy Dunlap <rdunlap(a)infradead.org> arc: fix type warnings in arc/mm/cache.c Randy Dunlap <rdunlap(a)infradead.org> arc: fix build errors in arc/include/asm/delay.h Govindarajulu Varadarajan <gvaradar(a)cisco.com> enic: handle mtu change for vf properly Rafał Miłecki <rafal(a)milecki.pl> Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum" Calvin Walton <calvin.walton(a)kepstin.ca> tools/power turbostat: Read extended processor family from CPUID Li Wang <liwang(a)redhat.com> zswap: re-check zswap_is_full() after do zswap_shrink() Masami Hiramatsu <mhiramat(a)kernel.org> selftests/ftrace: Add snapshot and tracing_on test case Kiran Kumar Modukuri <kiran.modukuri(a)gmail.com> cachefiles: Wait rather than BUG'ing on "Unexpected object collision" Kiran Kumar Modukuri <kiran.modukuri(a)gmail.com> cachefiles: Fix refcounting bug in backing-file read monitoring Kiran Kumar Modukuri <kiran.modukuri(a)gmail.com> fscache: Allow cancelled operations to be enqueued Shubhrajyoti Datta <shubhrajyoti.datta(a)xilinx.com> net: axienet: Fix double deregister of mdio Sudarsana Reddy Kalluru <sudarsana.kalluru(a)cavium.com> bnx2x: Fix invalid memory access in rss hash config path. Guenter Roeck <linux(a)roeck-us.net> media: staging: omap4iss: Include asm/cacheflush.h after generic includes Alexander Sverdlin <alexander.sverdlin(a)nokia.com> i2c: davinci: Avoid zero value of CLKH Nicholas Mc Guire <hofrat(a)osadl.org> can: mpc5xxx_can: check of_iomap return before use Randy Dunlap <rdunlap(a)infradead.org> net: prevent ISA drivers from building on PPC32 Florian Westphal <fw(a)strlen.de> atl1c: reserve min skb headroom Sudarsana Reddy Kalluru <sudarsana.kalluru(a)cavium.com> qed: Fix possible race for the link state value. YueHaibing <yuehaibing(a)huawei.com> net: caif: Add a missing rcu_read_unlock() in caif_flow_cb Len Brown <len.brown(a)intel.com> tools/power turbostat: fix -S on UP systems Eugeniu Rosca <roscaeugeniu(a)gmail.com> usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' Peter Senna Tschudin <peter.senna(a)gmail.com> tools: usb: ffs-test: Fix build on big endian systems Randy Dunlap <rdunlap(a)infradead.org> usb/phy: fix PPC64 build errors in phy-fsl-usb.c Jia-Ju Bai <baijiaju1990(a)gmail.com> usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() Jia-Ju Bai <baijiaju1990(a)gmail.com> usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() Lucas Stach <l.stach(a)pengutronix.de> drm/imx: imx-ldb: check if channel is enabled before printing warning Lucas Stach <l.stach(a)pengutronix.de> drm/imx: imx-ldb: disable LDB on driver bind Varun Prakash <varun(a)chelsio.com> scsi: libiscsi: fix possible NULL pointer dereference in case of TMF Sean Paul <seanpaul(a)chromium.org> drm/bridge: adv7511: Reset registers on hotplug Bernd Edlinger <bernd.edlinger(a)hotmail.de> nl80211: Add a missing break in parse_station_flags mpubbise(a)codeaurora.org <mpubbise(a)codeaurora.org> mac80211: add stations tied to AP_VLANs during hw reconfig Florian Westphal <fw(a)strlen.de> xfrm: free skb if nlsk pointer is NULL Tommi Rantala <tommi.t.rantala(a)nokia.com> xfrm: fix missing dst_release() after policy blocking lbcast and multicast Eyal Birger <eyal.birger(a)gmail.com> vti6: fix PMTU caching and reporting on xmit yujuan.qi <yujuan.qi(a)mediatek.com> Cipso: cipso_v4_optptr enter infinite loop Ethan Zhao <ethan.zhao(a)oracle.com> sched/sysctl: Check user input value of sysctl_sched_time_avg ------------- Diffstat: Makefile | 4 +- arch/arc/include/asm/delay.h | 3 + arch/arc/mm/cache.c | 7 +- arch/arm/kvm/mmu.c | 42 +++++++++--- arch/arm64/mm/init.c | 6 +- arch/mips/bcm47xx/setup.c | 6 -- arch/mips/include/asm/mipsregs.h | 3 - arch/mips/include/asm/processor.h | 2 +- arch/mips/kernel/ptrace.c | 2 +- arch/mips/kernel/ptrace32.c | 2 +- arch/mips/lib/multi3.c | 6 +- arch/s390/include/asm/qdio.h | 1 - arch/s390/mm/fault.c | 2 + arch/s390/net/bpf_jit_comp.c | 2 - arch/s390/pci/pci.c | 2 + arch/x86/include/asm/irqflags.h | 3 +- arch/x86/include/asm/processor.h | 4 +- arch/x86/kernel/cpu/bugs.c | 4 ++ arch/x86/kernel/cpu/intel.c | 3 + arch/x86/kernel/process_64.c | 1 + arch/x86/mm/init.c | 4 +- arch/x86/mm/mmap.c | 2 +- drivers/cdrom/cdrom.c | 2 +- drivers/gpu/drm/i2c/adv7511.c | 12 ++++ drivers/gpu/drm/imx/imx-ldb.c | 9 ++- drivers/gpu/drm/udl/udl_fb.c | 2 +- drivers/gpu/drm/udl/udl_main.c | 35 +++++----- drivers/i2c/busses/i2c-davinci.c | 8 ++- drivers/net/can/mscan/mpc5xxx_can.c | 5 ++ drivers/net/ethernet/3com/Kconfig | 2 +- drivers/net/ethernet/amd/Kconfig | 4 +- drivers/net/ethernet/atheros/atl1c/atl1c_main.c | 1 + .../net/ethernet/broadcom/bnx2x/bnx2x_ethtool.c | 13 +++- drivers/net/ethernet/cirrus/Kconfig | 1 + drivers/net/ethernet/cisco/enic/enic_main.c | 78 ++++++++-------------- drivers/net/ethernet/qlogic/qed/qed_mcp.c | 1 + drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c | 1 + drivers/net/wan/lmc/lmc_main.c | 2 +- drivers/pinctrl/freescale/pinctrl-imx1-core.c | 2 +- drivers/s390/cio/qdio_main.c | 5 +- drivers/scsi/fcoe/fcoe_ctlr.c | 4 +- drivers/scsi/libiscsi.c | 12 ++-- drivers/scsi/scsi_sysfs.c | 20 +++++- drivers/scsi/vmw_pvscsi.c | 11 ++- drivers/staging/media/omap4iss/iss_video.c | 3 +- drivers/target/iscsi/iscsi_target_login.c | 35 ++++++---- drivers/usb/gadget/function/f_uac2.c | 20 +++--- drivers/usb/gadget/udc/r8a66597-udc.c | 6 +- drivers/usb/phy/phy-fsl-usb.c | 4 +- fs/btrfs/extent-tree.c | 2 +- fs/cachefiles/namei.c | 1 - fs/cachefiles/rdwr.c | 17 +++-- fs/cifs/cifs_debug.c | 30 +++++++-- fs/cifs/inode.c | 2 + fs/cifs/link.c | 4 +- fs/cifs/sess.c | 6 ++ fs/cifs/smb2inode.c | 2 +- fs/ext4/namei.c | 1 + fs/ext4/sysfs.c | 13 +++- fs/ext4/xattr.c | 2 + fs/fscache/operation.c | 6 +- fs/fuse/dev.c | 39 +++++++++-- fs/fuse/file.c | 1 + fs/fuse/fuse_i.h | 1 + fs/fuse/inode.c | 23 +++---- fs/sysfs/file.c | 44 ++++++++++++ include/linux/sysfs.h | 14 ++++ kernel/kprobes.c | 4 +- kernel/sysctl.c | 3 +- mm/memory.c | 3 + mm/zswap.c | 9 +++ net/caif/caif_dev.c | 4 +- net/ipv4/cipso_ipv4.c | 12 +++- net/ipv6/ip6_vti.c | 11 +-- net/mac80211/util.c | 3 +- net/wireless/nl80211.c | 1 + net/xfrm/xfrm_policy.c | 3 + net/xfrm/xfrm_user.c | 10 +-- sound/soc/sirf/sirf-usp.c | 7 +- sound/soc/soc-pcm.c | 8 +++ tools/power/x86/turbostat/turbostat.c | 8 +-- .../selftests/ftrace/test.d/00basic/snapshot.tc | 28 ++++++++ tools/usb/ffs-test.c | 19 +++++- 83 files changed, 514 insertions(+), 236 deletions(-)

7 years, 1 month

6
86
0 0

[PATCH 4.4 00/79] 4.4.152-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.152 release. There are 79 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Aug 25 07:48:51 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.152-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.152-rc1 Jann Horn <jannh(a)google.com> reiserfs: fix broken xattr handling (heap corruption, bad retval) Esben Haabendal <eha(a)deif.com> i2c: imx: Fix race condition in dma read Lukas Wunner <lukas(a)wunner.de> PCI: pciehp: Fix use-after-free on unplug Myron Stowe <myron.stowe(a)redhat.com> PCI: Skip MPS logic for Virtual Functions (VFs) Lukas Wunner <lukas(a)wunner.de> PCI: hotplug: Don't leak pci_slot on registration failure John David Anglin <dave.anglin(a)bell.net> parisc: Remove unnecessary barriers from spinlock.h Elad Raz <eladr(a)mellanox.com> bridge: Propagate vlan add failure to user Willem de Bruijn <willemb(a)google.com> packet: refine ring v3 block size test to hold one frame Florian Westphal <fw(a)strlen.de> netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state Eric Dumazet <edumazet(a)google.com> xfrm_user: prevent leaking 2 bytes of kernel memory John David Anglin <dave.anglin(a)bell.net> parisc: Remove ordered stores from syscall.S Jeremy Cline <jcline(a)redhat.com> ext4: fix spectre gadget in ext4_mb_regular_allocator() Paolo Bonzini <pbonzini(a)redhat.com> KVM: irqfd: fix race between EPOLLHUP and irq_bypass_register_consumer Daniel Rosenberg <drosen(a)google.com> staging: android: ion: check for kref overflow Randy Dunlap <rdunlap(a)infradead.org> tcp: identify cryptic messages as TCP seq # bugs Stefan Wahren <stefan.wahren(a)i2se.com> net: qca_spi: Fix log level if probe fails Stefan Wahren <stefan.wahren(a)i2se.com> net: qca_spi: Make sure the QCA7000 reset is triggered Stefan Wahren <stefan.wahren(a)i2se.com> net: qca_spi: Avoid packet drop during initial sync David Lechner <david(a)lechnology.com> net: usb: rtl8150: demote allmulti message to dev_dbg() Randy Dunlap <rdunlap(a)infradead.org> net/ethernet/freescale/fman: fix cross-build error Dan Carpenter <dan.carpenter(a)oracle.com> drm/nouveau/gem: off by one bugs in nouveau_gem_pushbuf_reloc_apply() Yuchung Cheng <ycheng(a)google.com> tcp: remove DELAYED ACK events in DCTCP Dan Carpenter <dan.carpenter(a)oracle.com> qlogic: check kstrtoul() for errors Willem de Bruijn <willemb(a)google.com> packet: reset network header if packet shorter than ll reserved space Alexander Duyck <alexander.h.duyck(a)intel.com> ixgbe: Be more careful when modifying MAC filters Adam Ford <aford173(a)gmail.com> ARM: dts: am3517.dtsi: Disable reference to OMAP3 OTG controller Steven Rostedt (VMware) <rostedt(a)goodmis.org> ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot Kim Phillips <kim.phillips(a)arm.com> perf llvm-utils: Remove bashism from kernel include fetch script Vikas Gupta <vikas.gupta(a)broadcom.com> bnxt_en: Fix for system hang if request_irq fails Russell King <rmk+kernel(a)armlinux.org.uk> drm/armada: fix colorkey mode property Stefan Schmidt <stefan(a)datenfreihafen.org> ieee802154: fakelb: switch from BUG_ON() to WARN_ON() on problem Stefan Schmidt <stefan(a)datenfreihafen.org> ieee802154: at86rf230: use __func__ macro for debug messages Stefan Schmidt <stefan(a)datenfreihafen.org> ieee802154: at86rf230: switch from BUG_ON() to WARN_ON() on problem Daniel Mack <daniel(a)zonque.org> ARM: pxa: irq: fix handling of ICMR registers in suspend/resume Florian Westphal <fw(a)strlen.de> netfilter: x_tables: set module owner for icmp(6) matches Yuiko Oshino <yuiko.oshino(a)microchip.com> smsc75xx: Add workaround for gigabit link up hardware errata. Zhen Lei <thunder.leizhen(a)huawei.com> kasan: fix shadow_size calculation error in kasan_module_alloc Mathieu Malaterre <malat(a)debian.org> tracing: Use __printf markup to silence compiler Fabio Estevam <fabio.estevam(a)nxp.com> ARM: imx_v4_v5_defconfig: Select ULPI support Fabio Estevam <fabio.estevam(a)nxp.com> ARM: imx_v6_v7_defconfig: Select ULPI support Jason Gerecke <killertofu(a)gmail.com> HID: wacom: Correct touch maximum XY of 2nd-gen Intuos Greg Ungerer <gerg(a)linux-m68k.org> m68k: fix "bad page state" oops on ColdFire boot Sudarsana Reddy Kalluru <sudarsana.kalluru(a)cavium.com> bnx2x: Fix receiving tx-timeout in error or recovery state. Marek Szyprowski <m.szyprowski(a)samsung.com> drm/exynos: decon5433: Fix WINCONx reset value Marek Szyprowski <m.szyprowski(a)samsung.com> drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes Marek Szyprowski <m.szyprowski(a)samsung.com> drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes BingJing Chang <bingjingc(a)synology.com> md/raid10: fix that replacement cannot complete recovery after reassemble Dan Carpenter <dan.carpenter(a)oracle.com> dmaengine: k3dma: Off by one in k3_of_dma_simple_xlate() Keerthy <j-keerthy(a)ti.com> ARM: dts: da850: Fix interrups property for gpio Andy Lutomirski <luto(a)kernel.org> selftests/x86/sigreturn/64: Fix spurious failures on AMD CPUs Jiri Olsa <jolsa(a)kernel.org> perf tests: Add event parsing error handling to parse events test Sandipan Das <sandipan(a)linux.ibm.com> perf report powerpc: Fix crash if callchain is empty Thomas Richter <tmricht(a)linux.ibm.com> perf test session topology: Fix test on s390 Ajay Gupta <ajaykuee(a)gmail.com> usb: xhci: increase CRS timeout value Daniel Mack <daniel(a)zonque.org> ARM: dts: am437x: make edt-ft5x06 a wakeup source Michael Trimarchi <michael(a)amarulasolutions.com> brcmfmac: stop watchdog before detach and free everything Ganesh Goudar <ganeshgr(a)chelsio.com> cxgb4: when disabling dcb set txq dcb priority to 0 Casey Schaufler <casey(a)schaufler-ca.com> Smack: Mark inode instant in smack_task_to_inode Hangbin Liu <liuhangbin(a)gmail.com> ipv6: mcast: fix unsolicited report interval after receiving querys Steven Rostedt (VMware) <rostedt(a)goodmis.org> locking/lockdep: Do not record IRQ state within lockdep code Bartosz Golaszewski <bgolaszewski(a)baylibre.com> net: davinci_emac: match the mdio device against its compatible if possible Alexey Brodkin <Alexey.Brodkin(a)synopsys.com> ARC: Enable machine_desc->init_per_cpu for !CONFIG_SMP Li RongQing <lirongqing(a)baidu.com> net: propagate dev_get_valid_name return code Stefan Agner <stefan(a)agner.ch> net: hamradio: use eth_broadcast_addr Govindarajulu Varadarajan <gvaradar(a)cisco.com> enic: initialize enic->rfs_h.lock in enic_probe Sudarsana Reddy Kalluru <sudarsana.kalluru(a)cavium.com> qed: Add sanity check for SIMD fastpath handler. Zhizhou Zhang <zhizhouzhang(a)asrmicro.com> arm64: make secondary_start_kernel() notrace Zhouyang Jia <jiazhouyang09(a)gmail.com> scsi: xen-scsifront: add error handling for xenbus_printf Grigor Tovmasyan <Grigor.Tovmasyan(a)synopsys.com> usb: gadget: dwc2: fix memory leak in gadget_init() Chunfeng Yun <chunfeng.yun(a)mediatek.com> usb: gadget: composite: fix delayed_status race condition when set_interface William Wu <william.wu(a)rock-chips.com> usb: dwc2: fix isoc split in transfer with no data Ray Jui <ray.jui(a)broadcom.com> ARM: dts: Cygnus: Fix I2C controller interrupt type Fathi Boudra <fathi.boudra(a)linaro.org> selftests: sync: add config fragment for testing sync framework Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: zram: return Kselftest Skip code for skipped tests Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: user: return Kselftest Skip code for skipped tests Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: static_keys: return Kselftest Skip code for skipped tests Shuah Khan (Samsung OSG) <shuah(a)kernel.org> selftests: pstore: return Kselftest Skip code for skipped tests Eric Dumazet <edumazet(a)google.com> netfilter: ipv6: nf_defrag: reduce struct net memory waste Alexey Brodkin <abrodkin(a)synopsys.com> ARC: Explicitly add -mmedium-calls to CFLAGS ------------- Diffstat: Makefile | 4 +- arch/arc/Makefile | 15 +----- arch/arc/include/asm/mach_desc.h | 2 - arch/arc/kernel/irq.c | 2 +- arch/arm/boot/dts/am3517.dtsi | 5 ++ arch/arm/boot/dts/am437x-sk-evm.dts | 2 + arch/arm/boot/dts/bcm-cygnus.dtsi | 4 +- arch/arm/boot/dts/da850.dtsi | 6 +-- arch/arm/configs/imx_v4_v5_defconfig | 2 + arch/arm/configs/imx_v6_v7_defconfig | 2 + arch/arm/mach-pxa/irq.c | 4 +- arch/arm/mm/init.c | 9 ++++ arch/arm64/kernel/smp.c | 2 +- arch/m68k/include/asm/mcf_pgalloc.h | 4 +- arch/parisc/include/asm/spinlock.h | 8 +-- arch/parisc/kernel/syscall.S | 24 ++++----- drivers/dma/k3dma.c | 2 +- drivers/gpu/drm/armada/armada_hw.h | 1 + drivers/gpu/drm/armada/armada_overlay.c | 30 ++++++++--- drivers/gpu/drm/exynos/exynos5433_drm_decon.c | 6 +-- drivers/gpu/drm/exynos/exynos_drm_gsc.c | 29 ++++++---- drivers/gpu/drm/exynos/regs-gsc.h | 1 + drivers/gpu/drm/nouveau/nouveau_gem.c | 4 +- drivers/hid/wacom_wac.c | 10 +++- drivers/i2c/busses/i2c-imx.c | 8 +-- drivers/md/raid10.c | 7 +++ drivers/net/ethernet/broadcom/bnx2x/bnx2x.h | 1 + drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c | 6 +++ drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c | 6 +++ drivers/net/ethernet/broadcom/bnxt/bnxt.c | 4 +- drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 2 +- drivers/net/ethernet/cisco/enic/enic_clsf.c | 3 +- drivers/net/ethernet/cisco/enic/enic_main.c | 3 +- drivers/net/ethernet/intel/ixgbe/ixgbe_common.c | 12 ++++- drivers/net/ethernet/qlogic/qed/qed_main.c | 12 ++++- drivers/net/ethernet/qlogic/qlcnic/qlcnic_sysfs.c | 2 + drivers/net/ethernet/qualcomm/qca_spi.c | 21 ++++---- drivers/net/ethernet/ti/davinci_emac.c | 4 ++ drivers/net/hamradio/bpqether.c | 8 +-- drivers/net/ieee802154/at86rf230.c | 15 ++---- drivers/net/ieee802154/fakelb.c | 2 +- drivers/net/usb/rtl8150.c | 2 +- drivers/net/usb/smsc75xx.c | 62 ++++++++++++++++++++++ drivers/net/wireless/brcm80211/brcmfmac/sdio.c | 7 +++ drivers/pci/hotplug/pci_hotplug_core.c | 9 ++++ drivers/pci/hotplug/pciehp.h | 1 + drivers/pci/hotplug/pciehp_core.c | 7 +++ drivers/pci/hotplug/pciehp_hpc.c | 5 +- drivers/pci/probe.c | 4 ++ drivers/scsi/xen-scsifront.c | 33 +++++++++--- drivers/staging/android/ion/ion.c | 17 ++++-- drivers/usb/dwc2/gadget.c | 7 ++- drivers/usb/dwc2/hcd_intr.c | 3 +- drivers/usb/gadget/composite.c | 3 ++ drivers/usb/host/xhci.c | 7 ++- fs/ext4/mballoc.c | 4 +- fs/reiserfs/xattr.c | 4 +- include/linux/fsl/guts.h | 1 + include/net/net_namespace.h | 1 + include/net/netns/ipv6.h | 1 - include/net/tcp.h | 2 - kernel/locking/lockdep.c | 12 ++--- kernel/trace/trace.c | 5 ++ mm/kasan/kasan.c | 5 +- net/bridge/br_if.c | 11 +++- net/core/dev.c | 4 +- net/ipv4/netfilter/ip_tables.c | 1 + net/ipv4/tcp.c | 4 +- net/ipv4/tcp_dctcp.c | 25 --------- net/ipv4/tcp_output.c | 4 -- net/ipv6/mcast.c | 9 ++-- net/ipv6/netfilter/ip6_tables.c | 1 + net/ipv6/netfilter/nf_conntrack_reasm.c | 6 +-- net/netfilter/nf_conntrack_proto_dccp.c | 8 +-- net/packet/af_packet.c | 12 +++-- net/xfrm/xfrm_user.c | 8 +-- security/smack/smack_lsm.c | 1 + tools/perf/arch/powerpc/util/skip-callchain-idx.c | 2 +- tools/perf/tests/parse-events.c | 8 +-- tools/perf/tests/topology.c | 1 + tools/perf/util/llvm-utils.c | 6 +-- .../selftests/pstore/pstore_post_reboot_tests | 5 +- .../selftests/static_keys/test_static_keys.sh | 13 +++++ tools/testing/selftests/sync/config | 4 ++ tools/testing/selftests/user/test_user_copy.sh | 7 +++ tools/testing/selftests/x86/sigreturn.c | 46 ++++++++++------ tools/testing/selftests/zram/zram.sh | 5 +- tools/testing/selftests/zram/zram_lib.sh | 5 +- virt/kvm/eventfd.c | 11 ++-- 89 files changed, 477 insertions(+), 226 deletions(-)

7 years, 1 month

7
88
0 0

[STABLE 4.14+][PATCH 0/2] IRDA fixes

by Tyler Hicks

Hello - Two issues were reported to Ubuntu in the IRDA subsystem. IRDA is no longer present in the upstream kernel as of 4.17 but the stable tree is affected. This patch set addresses the issues in 4.14 to 4.17. Tyler

7 years, 1 month

3
7
0 0

FAILED: patch "[PATCH] s390/lib: use expoline for all bcr instructions" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 5eda25b10297684c1f46a14199ec00210f3c346e Mon Sep 17 00:00:00 2001 From: Martin Schwidefsky <schwidefsky(a)de.ibm.com> Date: Mon, 6 Aug 2018 13:49:47 +0200 Subject: [PATCH] s390/lib: use expoline for all bcr instructions The memove, memset, memcpy, __memset16, __memset32 and __memset64 function have an additional indirect return branch in form of a "bzr" instruction. These need to use expolines as well. Cc: <stable(a)vger.kernel.org> # v4.17+ Fixes: 97489e0663 ("s390/lib: use expoline for indirect branches") Reviewed-by: Heiko Carstens <heiko.carstens(a)de.ibm.com> Signed-off-by: Martin Schwidefsky <schwidefsky(a)de.ibm.com> diff --git a/arch/s390/lib/mem.S b/arch/s390/lib/mem.S index 2311f15be9cf..40c4d59c926e 100644 --- a/arch/s390/lib/mem.S +++ b/arch/s390/lib/mem.S @@ -17,7 +17,7 @@ ENTRY(memmove) ltgr %r4,%r4 lgr %r1,%r2 - bzr %r14 + jz .Lmemmove_exit aghi %r4,-1 clgr %r2,%r3 jnh .Lmemmove_forward @@ -36,6 +36,7 @@ ENTRY(memmove) .Lmemmove_forward_remainder: larl %r5,.Lmemmove_mvc ex %r4,0(%r5) +.Lmemmove_exit: BR_EX %r14 .Lmemmove_reverse: ic %r0,0(%r4,%r3) @@ -65,7 +66,7 @@ EXPORT_SYMBOL(memmove) */ ENTRY(memset) ltgr %r4,%r4 - bzr %r14 + jz .Lmemset_exit ltgr %r3,%r3 jnz .Lmemset_fill aghi %r4,-1 @@ -80,6 +81,7 @@ ENTRY(memset) .Lmemset_clear_remainder: larl %r3,.Lmemset_xc ex %r4,0(%r3) +.Lmemset_exit: BR_EX %r14 .Lmemset_fill: cghi %r4,1 @@ -115,7 +117,7 @@ EXPORT_SYMBOL(memset) */ ENTRY(memcpy) ltgr %r4,%r4 - bzr %r14 + jz .Lmemcpy_exit aghi %r4,-1 srlg %r5,%r4,8 ltgr %r5,%r5 @@ -124,6 +126,7 @@ ENTRY(memcpy) .Lmemcpy_remainder: larl %r5,.Lmemcpy_mvc ex %r4,0(%r5) +.Lmemcpy_exit: BR_EX %r14 .Lmemcpy_loop: mvc 0(256,%r1),0(%r3) @@ -145,9 +148,9 @@ EXPORT_SYMBOL(memcpy) .macro __MEMSET bits,bytes,insn ENTRY(__memset\bits) ltgr %r4,%r4 - bzr %r14 + jz .L__memset_exit\bits cghi %r4,\bytes - je .L__memset_exit\bits + je .L__memset_store\bits aghi %r4,-(\bytes+1) srlg %r5,%r4,8 ltgr %r5,%r5 @@ -163,8 +166,9 @@ ENTRY(__memset\bits) larl %r5,.L__memset_mvc\bits ex %r4,0(%r5) BR_EX %r14 -.L__memset_exit\bits: +.L__memset_store\bits: \insn %r3,0(%r2) +.L__memset_exit\bits: BR_EX %r14 .L__memset_mvc\bits: mvc \bytes(1,%r1),0(%r1)

7 years, 1 month

3
4
0 0

[PATCH v3.18] kbuild: make missing $DEPMOD a Warning instead of an Error

by Maxim Zhukov

From: Randy Dunlap <rdunlap(a)infradead.org> [ Upstream commit 914b087ff9e0e9a399a4927fa30793064afc0178 ] When $DEPMOD is not found, only print a warning instead of exiting with an error message and error status: Warning: 'make modules_install' requires /sbin/depmod. Please install it. This is probably in the kmod package. Change the Error to a Warning because "not all build hosts for cross compiling Linux are Linux systems and are able to provide a working port of depmod, especially at the file patch /sbin/depmod." I.e., "make modules_install" may be used to copy/install the loadable modules files to a target directory on a build system and then transferred to an embedded device where /sbin/depmod is run instead of it being run on the build system. Fixes: 934193a654c1 ("kbuild: verify that $DEPMOD is installed") Signed-off-by: Randy Dunlap <rdunlap(a)infradead.org> Reported-by: H. Nikolaus Schaller <hns(a)goldelico.com> Cc: stable(a)vger.kernel.org Cc: Lucas De Marchi <lucas.demarchi(a)profusion.mobi> Cc: Lucas De Marchi <lucas.de.marchi(a)gmail.com> Cc: Michal Marek <michal.lkml(a)markovi.net> Cc: Jessica Yu <jeyu(a)kernel.org> Cc: Chih-Wei Huang <cwhuang(a)linux.org.tw> Signed-off-by: Masahiro Yamada <yamada.masahiro(a)socionext.com> Signed-off-by: Maxim Zhukov <mussitantesmortem(a)gmail.com> --- scripts/depmod.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/depmod.sh b/scripts/depmod.sh index ea1e96921e3b..baedaef53ca0 100755 --- a/scripts/depmod.sh +++ b/scripts/depmod.sh @@ -15,9 +15,9 @@ if ! test -r System.map ; then fi if [ -z $(command -v $DEPMOD) ]; then - echo "'make modules_install' requires $DEPMOD. Please install it." >&2 + echo "Warning: 'make modules_install' requires $DEPMOD. Please install it." >&2 echo "This is probably in the kmod package." >&2 - exit 1 + exit 0 fi # older versions of depmod don't support -P <symbol-prefix> -- 2.19.0

7 years, 1 month

1
0
0 0

[PATCH v4.4] kbuild: make missing $DEPMOD a Warning instead of an Error

by Maxim Zhukov

From: Randy Dunlap <rdunlap(a)infradead.org> [ Upstream commit 914b087ff9e0e9a399a4927fa30793064afc0178 ] When $DEPMOD is not found, only print a warning instead of exiting with an error message and error status: Warning: 'make modules_install' requires /sbin/depmod. Please install it. This is probably in the kmod package. Change the Error to a Warning because "not all build hosts for cross compiling Linux are Linux systems and are able to provide a working port of depmod, especially at the file patch /sbin/depmod." I.e., "make modules_install" may be used to copy/install the loadable modules files to a target directory on a build system and then transferred to an embedded device where /sbin/depmod is run instead of it being run on the build system. Fixes: 934193a654c1 ("kbuild: verify that $DEPMOD is installed") Signed-off-by: Randy Dunlap <rdunlap(a)infradead.org> Reported-by: H. Nikolaus Schaller <hns(a)goldelico.com> Cc: stable(a)vger.kernel.org Cc: Lucas De Marchi <lucas.demarchi(a)profusion.mobi> Cc: Lucas De Marchi <lucas.de.marchi(a)gmail.com> Cc: Michal Marek <michal.lkml(a)markovi.net> Cc: Jessica Yu <jeyu(a)kernel.org> Cc: Chih-Wei Huang <cwhuang(a)linux.org.tw> Signed-off-by: Masahiro Yamada <yamada.masahiro(a)socionext.com> Signed-off-by: Maxim Zhukov <mussitantesmortem(a)gmail.com> --- scripts/depmod.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/depmod.sh b/scripts/depmod.sh index ea1e96921e3b..baedaef53ca0 100755 --- a/scripts/depmod.sh +++ b/scripts/depmod.sh @@ -15,9 +15,9 @@ if ! test -r System.map ; then fi if [ -z $(command -v $DEPMOD) ]; then - echo "'make modules_install' requires $DEPMOD. Please install it." >&2 + echo "Warning: 'make modules_install' requires $DEPMOD. Please install it." >&2 echo "This is probably in the kmod package." >&2 - exit 1 + exit 0 fi # older versions of depmod don't support -P <symbol-prefix> -- 2.19.0

7 years, 1 month

1
0
0 0

[PATCH v4.9] kbuild: make missing $DEPMOD a Warning instead of an Error

by Maxim Zhukov

From: Randy Dunlap <rdunlap(a)infradead.org> [ Upstream commit 914b087ff9e0e9a399a4927fa30793064afc0178 ] When $DEPMOD is not found, only print a warning instead of exiting with an error message and error status: Warning: 'make modules_install' requires /sbin/depmod. Please install it. This is probably in the kmod package. Change the Error to a Warning because "not all build hosts for cross compiling Linux are Linux systems and are able to provide a working port of depmod, especially at the file patch /sbin/depmod." I.e., "make modules_install" may be used to copy/install the loadable modules files to a target directory on a build system and then transferred to an embedded device where /sbin/depmod is run instead of it being run on the build system. Fixes: 934193a654c1 ("kbuild: verify that $DEPMOD is installed") Signed-off-by: Randy Dunlap <rdunlap(a)infradead.org> Reported-by: H. Nikolaus Schaller <hns(a)goldelico.com> Cc: stable(a)vger.kernel.org Cc: Lucas De Marchi <lucas.demarchi(a)profusion.mobi> Cc: Lucas De Marchi <lucas.de.marchi(a)gmail.com> Cc: Michal Marek <michal.lkml(a)markovi.net> Cc: Jessica Yu <jeyu(a)kernel.org> Cc: Chih-Wei Huang <cwhuang(a)linux.org.tw> Signed-off-by: Masahiro Yamada <yamada.masahiro(a)socionext.com> Signed-off-by: Maxim Zhukov <mussitantesmortem(a)gmail.com> --- scripts/depmod.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/depmod.sh b/scripts/depmod.sh index ea1e96921e3b..baedaef53ca0 100755 --- a/scripts/depmod.sh +++ b/scripts/depmod.sh @@ -15,9 +15,9 @@ if ! test -r System.map ; then fi if [ -z $(command -v $DEPMOD) ]; then - echo "'make modules_install' requires $DEPMOD. Please install it." >&2 + echo "Warning: 'make modules_install' requires $DEPMOD. Please install it." >&2 echo "This is probably in the kmod package." >&2 - exit 1 + exit 0 fi # older versions of depmod don't support -P <symbol-prefix> -- 2.19.0

7 years, 1 month

1
0
0 0

[PATCH v4.14] kbuild: make missing $DEPMOD a Warning instead of an Error

by Maxim Zhukov

From: Randy Dunlap <rdunlap(a)infradead.org> [ Upstream commit 914b087ff9e0e9a399a4927fa30793064afc0178 ] When $DEPMOD is not found, only print a warning instead of exiting with an error message and error status: Warning: 'make modules_install' requires /sbin/depmod. Please install it. This is probably in the kmod package. Change the Error to a Warning because "not all build hosts for cross compiling Linux are Linux systems and are able to provide a working port of depmod, especially at the file patch /sbin/depmod." I.e., "make modules_install" may be used to copy/install the loadable modules files to a target directory on a build system and then transferred to an embedded device where /sbin/depmod is run instead of it being run on the build system. Fixes: 934193a654c1 ("kbuild: verify that $DEPMOD is installed") Signed-off-by: Randy Dunlap <rdunlap(a)infradead.org> Reported-by: H. Nikolaus Schaller <hns(a)goldelico.com> Cc: stable(a)vger.kernel.org Cc: Lucas De Marchi <lucas.demarchi(a)profusion.mobi> Cc: Lucas De Marchi <lucas.de.marchi(a)gmail.com> Cc: Michal Marek <michal.lkml(a)markovi.net> Cc: Jessica Yu <jeyu(a)kernel.org> Cc: Chih-Wei Huang <cwhuang(a)linux.org.tw> Signed-off-by: Masahiro Yamada <yamada.masahiro(a)socionext.com> Signed-off-by: Maxim Zhukov <mussitantesmortem(a)gmail.com> --- scripts/depmod.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/depmod.sh b/scripts/depmod.sh index f41b0a4b575c..cf5b2b24b3cf 100755 --- a/scripts/depmod.sh +++ b/scripts/depmod.sh @@ -16,9 +16,9 @@ if ! test -r System.map ; then fi if [ -z $(command -v $DEPMOD) ]; then - echo "'make modules_install' requires $DEPMOD. Please install it." >&2 + echo "Warning: 'make modules_install' requires $DEPMOD. Please install it." >&2 echo "This is probably in the kmod package." >&2 - exit 1 + exit 0 fi # older versions of depmod don't support -P <symbol-prefix> -- 2.19.0

7 years, 1 month

1
0
0 0

[PATCH v2 04/17] ceph: fix compat_ioctl for ceph_dir_operations

by Arnd Bergmann

The ceph_ioctl function is used both for files and directories, but only the files support doing that in 32-bit compat mode. For consistency, add the same compat handler to the dir operations as well. Cc: stable(a)vger.kernel.org Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> --- fs/ceph/dir.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 82928cea0209..da73f29d7faa 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c @@ -1489,6 +1489,7 @@ const struct file_operations ceph_dir_fops = { .open = ceph_open, .release = ceph_release, .unlocked_ioctl = ceph_ioctl, + .compat_ioctl = ceph_ioctl, .fsync = ceph_fsync, .lock = ceph_lock, .flock = ceph_flock, -- 2.18.0

7 years, 1 month

3
3
0 0

[PATCH] mm, thp: Fix mlocking THP page with migration enabled

by Kirill A. Shutemov

A transparent huge page is represented by a single entry on an LRU list. Therefore, we can only make unevictable an entire compound page, not individual subpages. If a user tries to mlock() part of a huge page, we want the rest of the page to be reclaimable. We handle this by keeping PTE-mapped huge pages on normal LRU lists: the PMD on border of VM_LOCKED VMA will be split into PTE table. Introduction of THP migration breaks the rules around mlocking THP pages. If we had a single PMD mapping of the page in mlocked VMA, the page will get mlocked, regardless of PTE mappings of the page. For tmpfs/shmem it's easy to fix by checking PageDoubleMap() in remove_migration_pmd(). Anon THP pages can only be shared between processes via fork(). Mlocked page can only be shared if parent mlocked it before forking, otherwise CoW will be triggered on mlock(). For Anon-THP, we can fix the issue by munlocking the page on removing PTE migration entry for the page. PTEs for the page will always come after mlocked PMD: rmap walks VMAs from oldest to newest. Test-case: #include <unistd.h> #include <sys/mman.h> #include <sys/wait.h> #include <linux/mempolicy.h> #include <numaif.h> int main(void) { unsigned long nodemask = 4; void *addr; addr = mmap((void *)0x20000000UL, 2UL << 20, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS | MAP_LOCKED, -1, 0); if (fork()) { wait(NULL); return 0; } mlock(addr, 4UL << 10); mbind(addr, 2UL << 20, MPOL_PREFERRED | MPOL_F_RELATIVE_NODES, &nodemask, 4, MPOL_MF_MOVE | MPOL_MF_MOVE_ALL); return 0; } Signed-off-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Reported-by: Vegard Nossum <vegard.nossum(a)gmail.com> Fixes: 616b8371539a ("mm: thp: enable thp migration in generic path") Cc: <stable(a)vger.kernel.org> [v4.14+] Cc: Zi Yan <zi.yan(a)cs.rutgers.edu> Cc: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: Andrea Arcangeli <aarcange(a)redhat.com> --- mm/huge_memory.c | 2 +- mm/migrate.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/mm/huge_memory.c b/mm/huge_memory.c index 533f9b00147d..00704060b7f7 100644 --- a/mm/huge_memory.c +++ b/mm/huge_memory.c @@ -2931,7 +2931,7 @@ void remove_migration_pmd(struct page_vma_mapped_walk *pvmw, struct page *new) else page_add_file_rmap(new, true); set_pmd_at(mm, mmun_start, pvmw->pmd, pmde); - if (vma->vm_flags & VM_LOCKED) + if ((vma->vm_flags & VM_LOCKED) && !PageDoubleMap(new)) mlock_vma_page(new); update_mmu_cache_pmd(vma, address, pvmw->pmd); } diff --git a/mm/migrate.c b/mm/migrate.c index d6a2e89b086a..01dad96b25b5 100644 --- a/mm/migrate.c +++ b/mm/migrate.c @@ -275,6 +275,9 @@ static bool remove_migration_pte(struct page *page, struct vm_area_struct *vma, if (vma->vm_flags & VM_LOCKED && !PageTransCompound(new)) mlock_vma_page(new); + if (PageTransCompound(new) && PageMlocked(page)) + clear_page_mlock(page); + /* No need to invalidate - it was non-present before */ update_mmu_cache(vma, pvmw.address, pvmw.pte); } -- 2.18.0

7 years, 1 month

5
5
0 0

+ ocfs2-fix-ocfs2-read-block-panic.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: ocfs2: fix ocfs2 read block panic has been added to the -mm tree. Its filename is ocfs2-fix-ocfs2-read-block-panic.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/ocfs2-fix-ocfs2-read-block-panic.p… and later at http://ozlabs.org/~akpm/mmotm/broken-out/ocfs2-fix-ocfs2-read-block-panic.p… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Junxiao Bi <junxiao.bi(a)oracle.com> Subject: ocfs2: fix ocfs2 read block panic While reading block, it is possible that io error return due to underlying storage issue, in this case, BH_NeedsValidate was left in the buffer head. Then when reading the very block next time, if it was already linked into journal, that will trigger the following panic. [203748.702517] kernel BUG at fs/ocfs2/buffer_head_io.c:342! [203748.702533] invalid opcode: 0000 [#1] SMP [203748.702561] Modules linked in: ocfs2 ocfs2_dlmfs ocfs2_stack_o2cb ocfs2_dlm ocfs2_nodemanager ocfs2_stackglue configfs sunrpc dm_switch dm_queue_length dm_multipath bonding be2iscsi iscsi_boot_sysfs bnx2i cnic uio cxgb4i iw_cxgb4 cxgb4 cxgb3i libcxgbi iw_cxgb3 cxgb3 mdio ib_iser rdma_cm ib_cm iw_cm ib_sa ib_mad ib_core ib_addr ipv6 iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ipmi_devintf iTCO_wdt iTCO_vendor_support dcdbas ipmi_ssif i2c_core ipmi_si ipmi_msghandler acpi_pad pcspkr sb_edac edac_core lpc_ich mfd_core shpchp sg tg3 ptp pps_core ext4 jbd2 mbcache2 sr_mod cdrom sd_mod ahci libahci megaraid_sas wmi dm_mirror dm_region_hash dm_log dm_mod [203748.703024] CPU: 7 PID: 38369 Comm: touch Not tainted 4.1.12-124.18.6.el6uek.x86_64 #2 [203748.703045] Hardware name: Dell Inc. PowerEdge R620/0PXXHP, BIOS 2.5.2 01/28/2015 [203748.703067] task: ffff880768139c00 ti: ffff88006ff48000 task.ti: ffff88006ff48000 [203748.703088] RIP: 0010:[<ffffffffa05e9f09>] [<ffffffffa05e9f09>] ocfs2_read_blocks+0x669/0x7f0 [ocfs2] [203748.703130] RSP: 0018:ffff88006ff4b818 EFLAGS: 00010206 [203748.703389] RAX: 0000000008620029 RBX: ffff88006ff4b910 RCX: 0000000000000000 [203748.703885] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 00000000023079fe [203748.704382] RBP: ffff88006ff4b8d8 R08: 0000000000000000 R09: ffff8807578c25b0 [203748.704877] R10: 000000000f637376 R11: 000000003030322e R12: 0000000000000000 [203748.705373] R13: ffff88006ff4b910 R14: ffff880732fe38f0 R15: 0000000000000000 [203748.705871] FS: 00007f401992c700(0000) GS:ffff880bfebc0000(0000) knlGS:0000000000000000 [203748.706370] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [203748.706627] CR2: 00007f4019252440 CR3: 00000000a621e000 CR4: 0000000000060670 [203748.707124] Stack: [203748.707371] ffff88006ff4b828 ffffffffa0609f52 ffff88006ff4b838 0000000000000001 [203748.707885] 0000000000000000 0000000000000000 ffff880bf67c3800 ffffffffa05eca00 [203748.708399] 00000000023079ff ffffffff81c58b80 0000000000000000 0000000000000000 [203748.708915] Call Trace: [203748.709175] [<ffffffffa0609f52>] ? ocfs2_inode_cache_io_unlock+0x12/0x20 [ocfs2] [203748.709680] [<ffffffffa05eca00>] ? ocfs2_empty_dir_filldir+0x80/0x80 [ocfs2] [203748.710185] [<ffffffffa05ec0cb>] ocfs2_read_dir_block_direct+0x3b/0x200 [ocfs2] [203748.710691] [<ffffffffa05f0fbf>] ocfs2_prepare_dx_dir_for_insert.isra.57+0x19f/0xf60 [ocfs2] [203748.711204] [<ffffffffa065660f>] ? ocfs2_metadata_cache_io_unlock+0x1f/0x30 [ocfs2] [203748.711716] [<ffffffffa05f4f3a>] ocfs2_prepare_dir_for_insert+0x13a/0x890 [ocfs2] [203748.712227] [<ffffffffa05f442e>] ? ocfs2_check_dir_for_entry+0x8e/0x140 [ocfs2] [203748.712737] [<ffffffffa061b2f2>] ocfs2_mknod+0x4b2/0x1370 [ocfs2] [203748.713003] [<ffffffffa061c385>] ocfs2_create+0x65/0x170 [ocfs2] [203748.713263] [<ffffffff8121714b>] vfs_create+0xdb/0x150 [203748.713518] [<ffffffff8121b225>] do_last+0x815/0x1210 [203748.713772] [<ffffffff812192e9>] ? path_init+0xb9/0x450 [203748.714123] [<ffffffff8121bca0>] path_openat+0x80/0x600 [203748.714378] [<ffffffff811bcd45>] ? handle_pte_fault+0xd15/0x1620 [203748.714634] [<ffffffff8121d7ba>] do_filp_open+0x3a/0xb0 [203748.714888] [<ffffffff8122a767>] ? __alloc_fd+0xa7/0x130 [203748.715143] [<ffffffff81209ffc>] do_sys_open+0x12c/0x220 [203748.715403] [<ffffffff81026ddb>] ? syscall_trace_enter_phase1+0x11b/0x180 [203748.715668] [<ffffffff816f0c9f>] ? system_call_after_swapgs+0xe9/0x190 [203748.715928] [<ffffffff8120a10e>] SyS_open+0x1e/0x20 [203748.716184] [<ffffffff816f0d5e>] system_call_fastpath+0x18/0xd7 [203748.716440] Code: 00 00 48 8b 7b 08 48 83 c3 10 45 89 f8 44 89 e1 44 89 f2 4c 89 ee e8 07 06 11 e1 48 8b 03 48 85 c0 75 df 8b 5d c8 e9 4d fa ff ff <0f> 0b 48 8b 7d a0 e8 dc c6 06 00 48 b8 00 00 00 00 00 00 00 10 [203748.717505] RIP [<ffffffffa05e9f09>] ocfs2_read_blocks+0x669/0x7f0 [ocfs2] [203748.717775] RSP <ffff88006ff4b818> Joesph ever reported a similar panic. Link: https://oss.oracle.com/pipermail/ocfs2-devel/2013-May/008931.html Link: http://lkml.kernel.org/r/20180912063207.29484-1-junxiao.bi@oracle.com Signed-off-by: Junxiao Bi <junxiao.bi(a)oracle.com> Cc: Joseph Qi <jiangqi903(a)gmail.com> Cc: Mark Fasheh <mark(a)fasheh.com> Cc: Joel Becker <jlbec(a)evilplan.org> Cc: Changwei Ge <ge.changwei(a)h3c.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/ocfs2/buffer_head_io.c | 1 + 1 file changed, 1 insertion(+) --- a/fs/ocfs2/buffer_head_io.c~ocfs2-fix-ocfs2-read-block-panic +++ a/fs/ocfs2/buffer_head_io.c @@ -342,6 +342,7 @@ int ocfs2_read_blocks(struct ocfs2_cachi * for this bh as it's not marked locally * uptodate. */ status = -EIO; + clear_buffer_needs_validate(bh); put_bh(bh); bhs[i] = NULL; continue; _ Patches currently in -mm which might be from junxiao.bi(a)oracle.com are ocfs2-fix-ocfs2-read-block-panic.patch

7 years, 1 month

1
0
0 0

Please consider for stable

by Juergen Gross

Upstream commit f7c90c2aa4004808dff777ba6ae2c7294dd06851 ("x86/xen: don't write ptes directly in 32-bit PV guests") should be considered for stable kernels from 4.14 up (I'll send backports for older kernels when I know you are taking the patch). The patch avoids 32-bit Xen PV guests creating intermediate L1TF vulnerable PTEs. Juergen

7 years, 1 month

2
1
0 0

Please consider for stable

by Juergen Gross

Upstream commit b2d7a075a1ccef2fb321d595802190c8e9b39004 ("x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear") should be considered for stable kernels from 4.17 up (I'll send backports for older kernels when I know you are taking the patch). The patch seems not only to avoid intermediate L1TF vulnerable PTEs, but there are reports of it fixing the issue mentioned in https://bugzilla.kernel.org/show_bug.cgi?id=198497 Juergen

7 years, 1 month

2
1
0 0

[PATCH 7/7] perf tools: Fix maps__find_symbol_by_name()

by Arnaldo Carvalho de Melo

From: Adrian Hunter <adrian.hunter(a)intel.com> Commit 1c5aae7710bb ("perf machine: Create maps for x86 PTI entry trampolines") revealed a problem with maps__find_symbol_by_name() that resulted in probes not being found e.g. $ sudo perf probe xsk_mmap xsk_mmap is out of .text, skip it. Probe point 'xsk_mmap' not found. Error: Failed to add events. maps__find_symbol_by_name() can optionally return the map of the found symbol. It can get the map wrong because, in fact, the symbol is found on the map's dso, not allowing for the possibility that the dso has more than one map. Fix by always checking the map contains the symbol. Reported-by: Björn Töpel <bjorn.topel(a)intel.com> Signed-off-by: Adrian Hunter <adrian.hunter(a)intel.com> Tested-by: Björn Töpel <bjorn.topel(a)intel.com> Cc: Jiri Olsa <jolsa(a)redhat.com> Cc: stable(a)vger.kernel.org Fixes: 1c5aae7710bb ("perf machine: Create maps for x86 PTI entry trampolines") Link: http://lkml.kernel.org/r/20180907085116.25782-1-adrian.hunter@intel.com Signed-off-by: Arnaldo Carvalho de Melo <acme(a)redhat.com> --- tools/perf/util/map.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tools/perf/util/map.c b/tools/perf/util/map.c index 36d0763311ef..6a6929f208b4 100644 --- a/tools/perf/util/map.c +++ b/tools/perf/util/map.c @@ -576,6 +576,13 @@ struct symbol *map_groups__find_symbol(struct map_groups *mg, return NULL; } +static bool map__contains_symbol(struct map *map, struct symbol *sym) +{ + u64 ip = map->unmap_ip(map, sym->start); + + return ip >= map->start && ip < map->end; +} + struct symbol *maps__find_symbol_by_name(struct maps *maps, const char *name, struct map **mapp) { @@ -591,6 +598,10 @@ struct symbol *maps__find_symbol_by_name(struct maps *maps, const char *name, if (sym == NULL) continue; + if (!map__contains_symbol(pos, sym)) { + sym = NULL; + continue; + } if (mapp != NULL) *mapp = pos; goto out; -- 2.14.4

7 years, 1 month

1
0
0 0

[PATCH 4.4 00/31] 4.4.143-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.143 release. There are 31 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Jul 22 12:13:28 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.143-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.143-rc1 Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL. Santosh Shilimkar <santosh.shilimkar(a)oracle.com> rds: avoid unenecessary cong_update in loop transport Eric Biggers <ebiggers(a)google.com> KEYS: DNS: fix parsing multiple options Florian Westphal <fw(a)strlen.de> netfilter: ebtables: reject non-bridge targets Paul Burton <paul.burton(a)mips.com> MIPS: Use async IPIs for arch_trigger_cpumask_backtrace() Paul Burton <paul.burton(a)mips.com> MIPS: Call dump_stack() from show_regs() Ping-Ke Shih <pkshih(a)realtek.com> rtlwifi: rtl8821ae: fix firmware is not ready to run Gustavo A. R. Silva <gustavo(a)embeddedor.com> net: cxgb3_main: fix potential Spectre v1 Alex Vesker <valex(a)mellanox.com> net/mlx5: Fix command interface race in polling mode Konstantin Khlebnikov <khlebnikov(a)yandex-team.ru> net_sched: blackhole: tell upper qdisc about dropped packets Jason Wang <jasowang(a)redhat.com> vhost_net: validate sock before trying to put its fd Ilpo Järvinen <ilpo.jarvinen(a)helsinki.fi> tcp: prevent bogus FRTO undos with non-SACK flows Yuchung Cheng <ycheng(a)google.com> tcp: fix Fast Open key endianness Jiri Slaby <jslaby(a)suse.cz> r8152: napi hangup fix after disconnect Sudarsana Reddy Kalluru <sudarsana.kalluru(a)cavium.com> qed: Limit msix vectors in kdump kernel to the minimum required count. Eric Dumazet <edumazet(a)google.com> net: sungem: fix rx checksum support Alex Vesker <valex(a)mellanox.com> net/mlx5: Fix incorrect raw command length parsing Eric Dumazet <edumazet(a)google.com> net: dccp: switch rx_tstamp_last_feedback to monotonic clock Eric Dumazet <edumazet(a)google.com> net: dccp: avoid crash in ccid3_hc_rx_send_feedback() Gustavo A. R. Silva <gustavo(a)embeddedor.com> atm: zatm: Fix potential Spectre v1 Christian Lamparter <chunkeey(a)googlemail.com> crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak Christian Lamparter <chunkeey(a)googlemail.com> crypto: crypto4xx - remove bad list_del Jonas Gorski <jonas.gorski(a)gmail.com> bcm63xx_enet: do not write to random DMA channel on BCM6345 Jonas Gorski <jonas.gorski(a)gmail.com> bcm63xx_enet: correct clock usage alex chen <alex.chen(a)huawei.com> ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent David S. Miller <davem(a)davemloft.net> Revert "sit: reload iphdr in ipip6_rcv" H. Peter Anvin <hpa(a)linux.intel.com> x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h> Nick Desaulniers <ndesaulniers(a)google.com> compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations David Rientjes <rientjes(a)google.com> compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled Linus Torvalds <torvalds(a)linux-foundation.org> compiler, clang: properly override 'inline' for clang David Rientjes <rientjes(a)google.com> compiler, clang: suppress warning for unused static inline functions ------------- Diffstat: Makefile | 4 +- arch/mips/kernel/process.c | 31 +++++++++++- arch/mips/kernel/traps.c | 1 + arch/x86/include/asm/asm.h | 59 +++++++++++++++++++++++ drivers/atm/zatm.c | 2 + drivers/crypto/amcc/crypto4xx_core.c | 23 +++++---- drivers/net/ethernet/broadcom/bcm63xx_enet.c | 34 +++++++++---- drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c | 2 + drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 8 ++-- drivers/net/ethernet/qlogic/qed/qed_main.c | 9 ++++ drivers/net/ethernet/sun/sungem.c | 22 +++++---- drivers/net/usb/r8152.c | 3 +- drivers/net/wireless/realtek/rtlwifi/core.c | 1 - drivers/vhost/net.c | 3 +- fs/ocfs2/cluster/nodemanager.c | 63 +++++++++++++++++++++---- include/linux/compiler-gcc.h | 35 ++++++++++---- net/bridge/netfilter/ebtables.c | 13 +++++ net/dccp/ccids/ccid3.c | 16 ++++--- net/dns_resolver/dns_key.c | 28 ++++++----- net/ipv4/sysctl_net_ipv4.c | 18 +++++-- net/ipv4/tcp_input.c | 9 ++++ net/ipv6/sit.c | 1 - net/nfc/llcp_commands.c | 9 ++-- net/rds/loop.c | 1 + net/rds/rds.h | 5 ++ net/rds/recv.c | 5 ++ net/sched/sch_blackhole.c | 2 +- 27 files changed, 320 insertions(+), 87 deletions(-)

7 years, 1 month

6
36
0 0

[PATCH] tcp: Revert "tcp: tcp_probe: use spin_lock_bh()"

by Matthieu Baerts

From: Eric Dumazet <edumazet(a)google.com> commit 29869d66870a715177bfb505f66a7e0e8bcc89c3 upstream. This reverts commit e70ac171658679ecf6bea4bbd9e9325cd6079d2b. jtcp_rcv_established() is in fact called with hard irq being disabled. Initial bug report from Ricardo Nabinger Sanchez [1] still needs to be investigated, but does not look like a TCP bug. [1] https://www.spinics.net/lists/netdev/msg420960.html Note: reasons for the backport in v4.9.y are described there: https://www.spinics.net/lists/stable/msg255166.html Signed-off-by: Eric Dumazet <edumazet(a)google.com> Reported-by: kernel test robot <xiaolong.ye(a)intel.com> Cc: Ricardo Nabinger Sanchez <rnsanchez(a)gmail.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Cc: stable(a)vger.kernel.org # 4.9 Signed-off-by: Matthieu Baerts <matthieu.baerts(a)tessares.net> --- net/ipv4/tcp_probe.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/ipv4/tcp_probe.c b/net/ipv4/tcp_probe.c index 3d063eb37848..f6c50af24a64 100644 --- a/net/ipv4/tcp_probe.c +++ b/net/ipv4/tcp_probe.c @@ -117,7 +117,7 @@ static void jtcp_rcv_established(struct sock *sk, struct sk_buff *skb, (fwmark > 0 && skb->mark == fwmark)) && (full || tp->snd_cwnd != tcp_probe.lastcwnd)) { - spin_lock_bh(&tcp_probe.lock); + spin_lock(&tcp_probe.lock); /* If log fills, just silently drop */ if (tcp_probe_avail() > 1) { struct tcp_log *p = tcp_probe.log + tcp_probe.head; @@ -157,7 +157,7 @@ static void jtcp_rcv_established(struct sock *sk, struct sk_buff *skb, tcp_probe.head = (tcp_probe.head + 1) & (bufsize - 1); } tcp_probe.lastcwnd = tp->snd_cwnd; - spin_unlock_bh(&tcp_probe.lock); + spin_unlock(&tcp_probe.lock); wake_up(&tcp_probe.wait); } -- 2.17.1

7 years, 1 month

2
1
0 0

Nomination of amdgpu fixes for stable backport

by Michel Dänzer

Hi stable kernel maintainers, please squash these amdgpu fixes together and backport them to all applicable stable branches: 15e6b76880e65be24250e30986084b5569b7a06f "drm/amdgpu: Warn and update pin_size values when destroying a pinned BO" 456607d816d89a442a3d5ec98b02c8bc950b5228 "drm/amdgpu: Don't warn on destroying a pinned BO" (These depend on commits a5ccfe5c20740f2fbf00291490cdf8d2373ec255 and ddc21af4d0f37f42b33c54cb69b215997fe5b082, which already have Cc: stable) -- Earthling Michel Dänzer | http://www.amd.com Libre software enthusiast | Mesa and X developer

7 years, 1 month

3
11
0 0

[PATCH stable] x86/tsc: Prevent result truncation on 32 bit

by Thomas Gleixner

Subject: x86/tsc: Prevent result truncation on 32 bit From: Chuanhua Lei <chuanhua.lei(a)linux.intel.com> Date: Thu Sep 6 18:03:23 2018 +0800 From: Chuanhua Lei <chuanhua.lei(a)linux.intel.com> Commit 17f6bac2249356c795339e03a0742cd79be3cab8 upstream. Loops per jiffy is calculated by multiplying tsc_khz with 1e3 and then dividing it by HZ. Both tsc_khz and the temporary variable holding the multiplication result are of type unsigned long, so on 32bit the result is truncated to the lower 32bit. Use u64 as type for the temporary variable and cast tsc_khz to it before multiplying. [ tglx: Backport to stable. Due to massive code changes is the upstream commit not applicable anymore. The issue has gone unnoticed in kernels pre 4.19 because the bogus LPJ value gets fixed up in a later stage of early boot, but it still might cause subtle and hard to debug issues between these two points. ] Fixes: dd759d93f4dd ("x86/timers: Add simple udelay calibration") Signed-off-by: Chuanhua Lei <chuanhua.lei(a)linux.intel.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: yixin.zhu(a)linux.intel.com Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Len Brown <len.brown(a)intel.com> Cc: Pavel Tatashin <pavel.tatashin(a)microsoft.com> Cc: Rajvi Jingar <rajvi.jingar(a)intel.com> Cc: Dou Liyang <douly.fnst(a)cn.fujitsu.com> Cc: Ville Syrjala <ville.syrjala(a)linux.intel.com> Link: https://lkml.kernel.org/r/1536228203-18701-1-git-send-email-chuanhua.lei@li… --- arch/x86/kernel/tsc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/arch/x86/kernel/tsc.c +++ b/arch/x86/kernel/tsc.c @@ -1343,7 +1343,7 @@ device_initcall(init_tsc_clocksource); void __init tsc_early_delay_calibrate(void) { - unsigned long lpj; + u64 lpj; if (!boot_cpu_has(X86_FEATURE_TSC)) return; @@ -1355,7 +1355,7 @@ void __init tsc_early_delay_calibrate(vo if (!tsc_khz) return; - lpj = tsc_khz * 1000; + lpj = (u64)tsc_khz * 1000; do_div(lpj, HZ); loops_per_jiffy = lpj; }

7 years, 1 month

2
1
0 0

[STABLE v4.18 BACKPORT] drm/i915: set DP Main Stream Attribute for color range on DDI platforms

by Jani Nikula

commit 6209c285e7a5e68dbcdf8fd2456c6dd68433806b upstream. Since Haswell we have no color range indication either in the pipe or port registers for DP. Instead, there's a separate register for setting the DP Main Stream Attributes (MSA) directly. The MSA register definition makes no references to colorimetry, just a vague reference to the DP spec. The connection to the color range was lost. Apparently we've failed to set the proper MSA bit for limited, or CEA, range ever since the first DDI platforms. We've started setting other MSA parameters since commit dae847991a43 ("drm/i915: add intel_ddi_set_pipe_settings"). Without the crucial bit of information, the DP sink has no way of knowing the source is actually transmitting limited range RGB, leading to "washed out" colors. With the colorimetry information, compliant sinks should be able to handle the limited range properly. Native (i.e. non-LSPCON) HDMI was not affected because we do pass the color range via AVI infoframes. Though not the root cause, the problem was made worse for DDI platforms with commit 55bc60db5988 ("drm/i915: Add "Automatic" mode for the "Broadcast RGB" property"), which selects limited range RGB automatically based on the mode, as per the DP, HDMI and CEA specs. After all these years, the fix boils down to flipping one bit. [Per testing reports, this fixes DP sinks, but not the LSPCON. My educated guess is that the LSPCON fails to turn the CEA range MSA into AVI infoframes for HDMI.] Reported-by: Michał Kopeć <mkopec12(a)gmail.com> Reported-by: N. W. <nw9165-3201(a)yahoo.com> Reported-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> Reported-by: Tom Yan <tom.ty89(a)gmail.com> Tested-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> References: https://bugs.freedesktop.org/show_bug.cgi?id=100023 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=107476 Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=94921 Cc: Paulo Zanoni <paulo.r.zanoni(a)intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> # v3.9+ Reviewed-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Signed-off-by: Jani Nikula <jani.nikula(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180814060001.18224-1-jani.n… (cherry picked from commit dc5977da99ea28094b8fa4e9bacbd29bedc41de5) Signed-off-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> --- drivers/gpu/drm/i915/i915_reg.h | 1 + drivers/gpu/drm/i915/intel_ddi.c | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/drivers/gpu/drm/i915/i915_reg.h b/drivers/gpu/drm/i915/i915_reg.h index 7720569f2024..6e048ee88e3f 100644 --- a/drivers/gpu/drm/i915/i915_reg.h +++ b/drivers/gpu/drm/i915/i915_reg.h @@ -8825,6 +8825,7 @@ enum skl_power_gate { #define TRANS_MSA_10_BPC (2<<5) #define TRANS_MSA_12_BPC (3<<5) #define TRANS_MSA_16_BPC (4<<5) +#define TRANS_MSA_CEA_RANGE (1<<3) /* LCPLL Control */ #define LCPLL_CTL _MMIO(0x130040) diff --git a/drivers/gpu/drm/i915/intel_ddi.c b/drivers/gpu/drm/i915/intel_ddi.c index fed26d6e4e27..e195c287c263 100644 --- a/drivers/gpu/drm/i915/intel_ddi.c +++ b/drivers/gpu/drm/i915/intel_ddi.c @@ -1659,6 +1659,10 @@ void intel_ddi_set_pipe_settings(const struct intel_crtc_state *crtc_state) WARN_ON(transcoder_is_dsi(cpu_transcoder)); temp = TRANS_MSA_SYNC_CLK; + + if (crtc_state->limited_color_range) + temp |= TRANS_MSA_CEA_RANGE; + switch (crtc_state->pipe_bpp) { case 18: temp |= TRANS_MSA_6_BPC; -- 2.11.0

7 years, 1 month

2
1
0 0

FAILED: patch "[PATCH] drm/i915: set DP Main Stream Attribute for color range on DDI" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 6209c285e7a5e68dbcdf8fd2456c6dd68433806b Mon Sep 17 00:00:00 2001 From: Jani Nikula <jani.nikula(a)intel.com> Date: Tue, 14 Aug 2018 09:00:01 +0300 Subject: [PATCH] drm/i915: set DP Main Stream Attribute for color range on DDI platforms MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Since Haswell we have no color range indication either in the pipe or port registers for DP. Instead, there's a separate register for setting the DP Main Stream Attributes (MSA) directly. The MSA register definition makes no references to colorimetry, just a vague reference to the DP spec. The connection to the color range was lost. Apparently we've failed to set the proper MSA bit for limited, or CEA, range ever since the first DDI platforms. We've started setting other MSA parameters since commit dae847991a43 ("drm/i915: add intel_ddi_set_pipe_settings"). Without the crucial bit of information, the DP sink has no way of knowing the source is actually transmitting limited range RGB, leading to "washed out" colors. With the colorimetry information, compliant sinks should be able to handle the limited range properly. Native (i.e. non-LSPCON) HDMI was not affected because we do pass the color range via AVI infoframes. Though not the root cause, the problem was made worse for DDI platforms with commit 55bc60db5988 ("drm/i915: Add "Automatic" mode for the "Broadcast RGB" property"), which selects limited range RGB automatically based on the mode, as per the DP, HDMI and CEA specs. After all these years, the fix boils down to flipping one bit. [Per testing reports, this fixes DP sinks, but not the LSPCON. My educated guess is that the LSPCON fails to turn the CEA range MSA into AVI infoframes for HDMI.] Reported-by: Michał Kopeć <mkopec12(a)gmail.com> Reported-by: N. W. <nw9165-3201(a)yahoo.com> Reported-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> Reported-by: Tom Yan <tom.ty89(a)gmail.com> Tested-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> References: https://bugs.freedesktop.org/show_bug.cgi?id=100023 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=107476 Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=94921 Cc: Paulo Zanoni <paulo.r.zanoni(a)intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> # v3.9+ Reviewed-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Signed-off-by: Jani Nikula <jani.nikula(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180814060001.18224-1-jani.n… (cherry picked from commit dc5977da99ea28094b8fa4e9bacbd29bedc41de5) Signed-off-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> diff --git a/drivers/gpu/drm/i915/i915_reg.h b/drivers/gpu/drm/i915/i915_reg.h index 91e7483228e1..08ec7446282e 100644 --- a/drivers/gpu/drm/i915/i915_reg.h +++ b/drivers/gpu/drm/i915/i915_reg.h @@ -9201,6 +9201,7 @@ enum skl_power_gate { #define TRANS_MSA_10_BPC (2 << 5) #define TRANS_MSA_12_BPC (3 << 5) #define TRANS_MSA_16_BPC (4 << 5) +#define TRANS_MSA_CEA_RANGE (1 << 3) /* LCPLL Control */ #define LCPLL_CTL _MMIO(0x130040) diff --git a/drivers/gpu/drm/i915/intel_ddi.c b/drivers/gpu/drm/i915/intel_ddi.c index 39d66f8493fa..8761513f3532 100644 --- a/drivers/gpu/drm/i915/intel_ddi.c +++ b/drivers/gpu/drm/i915/intel_ddi.c @@ -1685,6 +1685,10 @@ void intel_ddi_set_pipe_settings(const struct intel_crtc_state *crtc_state) WARN_ON(transcoder_is_dsi(cpu_transcoder)); temp = TRANS_MSA_SYNC_CLK; + + if (crtc_state->limited_color_range) + temp |= TRANS_MSA_CEA_RANGE; + switch (crtc_state->pipe_bpp) { case 18: temp |= TRANS_MSA_6_BPC;

7 years, 1 month

3
2
0 0

perf fails to build in v4.18.y.queue

by Guenter Roeck

Building x86_64:tools/perf ... failed -------------- Error log: tools/perf/util/python.c: In function ‘get_md’: tools/perf/util/python.c:987:9: error: ‘struct perf_mmap’ has no member named ‘cpu’ At top level: cc1: error: unrecognized command line option ‘-Wno-cast-function-type’ [-Werror] cc1: all warnings being treated as errors error: command 'gcc' failed with exit status 1 Guenter

7 years, 1 month

2
1
0 0

Re: Patch "tracing: Handle CC_FLAGS_FTRACE more accurately" has been added to the ...-stable tree

by Vasily Gorbik

On Tue, Sep 11, 2018 at 12:14:30PM +0200, gregkh(a)linuxfoundation.org wrote: > > This is a note to let you know that I've just added the patch titled > > tracing: Handle CC_FLAGS_FTRACE more accurately > > to the 4.14-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… ... > to the 4.18-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… ... > to the 4.4-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… ... > to the 4.9-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > I believe there is no need to backport this patch in neither of stable branches listed above. This patch is the first one in the patch series: http://lkml.kernel.org/r/cover.thread-aa7b8d.your-ad-here.call-01533557518-… The patch series adds s390 support for utilizing newly available for s390 in gcc 9 flags -fentry -mrecord-mcount and -mnop-mcount, and adds generic -mnop-mcount support. And there is no benefit in backporting just the first one. Moreover this patch cause kernel recompile for intdeb-pkg and tar%pkg targets (i.e. make targz-pkg), because those targets call make recursively (they do extra "make modules_install"), and exported variable cause duplicated build flags in sub-make. There is a potential fix: https://www.spinics.net/lists/linux-kbuild/msg19297.html > The filename of the patch is: > tracing-handle-cc_flags_ftrace-more-accurately.patch > and it can be found in the queue-4.9 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. > > > From foo@baz Tue Sep 11 12:09:55 CEST 2018 > From: Vasily Gorbik <gor(a)linux.ibm.com> > Date: Mon, 6 Aug 2018 15:17:42 +0200 > Subject: tracing: Handle CC_FLAGS_FTRACE more accurately > > From: Vasily Gorbik <gor(a)linux.ibm.com> > > [ Upstream commit f28bc3c32c059ab4d13f52155fabd3e20f477f65 ] > > CC_FLAGS_FTRACE is exported and later used to remove ftrace relevant > build flags from files which should be built without ftrace support. > For that reason add -mfentry to CC_FLAGS_FTRACE as well. That fixes > a problem with vdso32 build on s390, where -mfentry could not be used > together with -m31 flag. > > At the same time flags like -pg and -mfentry are not relevant for asm > files, so avoid adding them to KBUILD_AFLAGS. > > Introduce CC_FLAGS_USING instead of CC_USING_FENTRY to collect > -DCC_USING_FENTRY (and future alike) which are relevant for both > KBUILD_CFLAGS and KBUILD_AFLAGS. > > Link: http://lkml.kernel.org/r/patch-1.thread-aa7b8d.git-42971afe87de.your-ad-her… > > Signed-off-by: Vasily Gorbik <gor(a)linux.ibm.com> > Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> > Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > --- > Makefile | 11 +++++++---- > 1 file changed, 7 insertions(+), 4 deletions(-) > > --- a/Makefile > +++ b/Makefile > @@ -760,12 +760,15 @@ ifdef CONFIG_FUNCTION_TRACER > ifndef CC_FLAGS_FTRACE > CC_FLAGS_FTRACE := -pg > endif > -export CC_FLAGS_FTRACE > ifdef CONFIG_HAVE_FENTRY > -CC_USING_FENTRY := $(call cc-option, -mfentry -DCC_USING_FENTRY) > + ifeq ($(call cc-option-yn, -mfentry),y) > + CC_FLAGS_FTRACE += -mfentry > + CC_FLAGS_USING += -DCC_USING_FENTRY > + endif > endif > -KBUILD_CFLAGS += $(CC_FLAGS_FTRACE) $(CC_USING_FENTRY) > -KBUILD_AFLAGS += $(CC_USING_FENTRY) > +export CC_FLAGS_FTRACE > +KBUILD_CFLAGS += $(CC_FLAGS_FTRACE) $(CC_FLAGS_USING) > +KBUILD_AFLAGS += $(CC_FLAGS_USING) > ifdef CONFIG_DYNAMIC_FTRACE > ifdef CONFIG_HAVE_C_RECORDMCOUNT > BUILD_C_RECORDMCOUNT := y > > > Patches currently in stable-queue which might be from gor(a)linux.ibm.com are > > queue-4.9/tracing-handle-cc_flags_ftrace-more-accurately.patch >

7 years, 1 month

2
1
0 0

[PATCH AUTOSEL 4.14 01/67] usb: dwc3: change stream event enable bit back to 13

by Sasha Levin

From: "Erich E. Hoover" <ehoover(a)sweptlaser.com> [ Upstream commit 9a7faac3650216112e034b157289bf1a48a99e2d ] Commit ff3f0789b3dc ("usb: dwc3: use BIT() macro where possible") changed DWC3_DEPCFG_STREAM_EVENT_EN from bit 13 to bit 12. Spotted this cleanup typo while looking at diffs between 4.9.35 and 4.14.16 for a separate issue. Fixes: ff3f0789b3dc ("usb: dwc3: use BIT() macro where possible") Signed-off-by: Erich E. Hoover <ehoover(a)sweptlaser.com> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/usb/dwc3/gadget.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/dwc3/gadget.h b/drivers/usb/dwc3/gadget.h index 4a3227543255..5cc9fd730656 100644 --- a/drivers/usb/dwc3/gadget.h +++ b/drivers/usb/dwc3/gadget.h @@ -33,7 +33,7 @@ struct dwc3; #define DWC3_DEPCFG_XFER_IN_PROGRESS_EN BIT(9) #define DWC3_DEPCFG_XFER_NOT_READY_EN BIT(10) #define DWC3_DEPCFG_FIFO_ERROR_EN BIT(11) -#define DWC3_DEPCFG_STREAM_EVENT_EN BIT(12) +#define DWC3_DEPCFG_STREAM_EVENT_EN BIT(13) #define DWC3_DEPCFG_BINTERVAL_M1(n) (((n) & 0xff) << 16) #define DWC3_DEPCFG_STREAM_CAPABLE BIT(24) #define DWC3_DEPCFG_EP_NUMBER(n) (((n) & 0x1f) << 25) -- 2.17.1

7 years, 1 month

3
69
0 0

[PATCH AUTOSEL 4.18 01/88] usb: dwc3: change stream event enable bit back to 13

by Sasha Levin

From: "Erich E. Hoover" <ehoover(a)sweptlaser.com> [ Upstream commit 9a7faac3650216112e034b157289bf1a48a99e2d ] Commit ff3f0789b3dc ("usb: dwc3: use BIT() macro where possible") changed DWC3_DEPCFG_STREAM_EVENT_EN from bit 13 to bit 12. Spotted this cleanup typo while looking at diffs between 4.9.35 and 4.14.16 for a separate issue. Fixes: ff3f0789b3dc ("usb: dwc3: use BIT() macro where possible") Signed-off-by: Erich E. Hoover <ehoover(a)sweptlaser.com> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/usb/dwc3/gadget.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/dwc3/gadget.h b/drivers/usb/dwc3/gadget.h index db610c56f1d6..2aacd1afd9ff 100644 --- a/drivers/usb/dwc3/gadget.h +++ b/drivers/usb/dwc3/gadget.h @@ -25,7 +25,7 @@ struct dwc3; #define DWC3_DEPCFG_XFER_IN_PROGRESS_EN BIT(9) #define DWC3_DEPCFG_XFER_NOT_READY_EN BIT(10) #define DWC3_DEPCFG_FIFO_ERROR_EN BIT(11) -#define DWC3_DEPCFG_STREAM_EVENT_EN BIT(12) +#define DWC3_DEPCFG_STREAM_EVENT_EN BIT(13) #define DWC3_DEPCFG_BINTERVAL_M1(n) (((n) & 0xff) << 16) #define DWC3_DEPCFG_STREAM_CAPABLE BIT(24) #define DWC3_DEPCFG_EP_NUMBER(n) (((n) & 0x1f) << 25) -- 2.17.1

7 years, 1 month

3
91
0 0

[PATCH v4 1/3] fs/dcache: Fix incorrect nr_dentry_unused accounting in shrink_dcache_sb()

by Waiman Long

The nr_dentry_unused per-cpu counter tracks dentries in both the LRU lists and the shrink lists where the DCACHE_LRU_LIST bit is set. The shrink_dcache_sb() function moves dentries from the LRU list to a shrink list and subtracts the dentry count from nr_dentry_unused. This is incorrect as the nr_dentry_unused count Will also be decremented in shrink_dentry_list() via d_shrink_del(). To fix this double decrement, the decrement in the shrink_dcache_sb() function is taken out. Fixes: 4e717f5c1083 ("list_lru: remove special case function list_lru_dispose_all." Cc: stable(a)vger.kernel.org Signed-off-by: Waiman Long <longman(a)redhat.com> Reviewed-by: Dave Chinner <dchinner(a)redhat.com> --- fs/dcache.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/fs/dcache.c b/fs/dcache.c index 2e7e8d8..cb515f1 100644 --- a/fs/dcache.c +++ b/fs/dcache.c @@ -1202,15 +1202,11 @@ static enum lru_status dentry_lru_isolate_shrink(struct list_head *item, */ void shrink_dcache_sb(struct super_block *sb) { - long freed; - do { LIST_HEAD(dispose); - freed = list_lru_walk(&sb->s_dentry_lru, + list_lru_walk(&sb->s_dentry_lru, dentry_lru_isolate_shrink, &dispose, 1024); - - this_cpu_sub(nr_dentry_unused, freed); shrink_dentry_list(&dispose); } while (list_lru_count(&sb->s_dentry_lru) > 0); } -- 1.8.3.1

7 years, 1 month

1
0
0 0

[PATCH AUTOSEL 4.14 01/89] misc: mic: SCIF Fix scif_get_new_port() error handling

by Sasha Levin

From: Dan Carpenter <dan.carpenter(a)oracle.com> [ Upstream commit a39284ae9d2ad09975c8ae33f1bd0f05fbfbf6ee ] There are only 2 callers of scif_get_new_port() and both appear to get the error handling wrong. Both treat zero returns as error, but it actually returns negative error codes and >= 0 on success. Fixes: e9089f43c9a7 ("misc: mic: SCIF open close bind and listen APIs") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/misc/mic/scif/scif_api.c | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/drivers/misc/mic/scif/scif_api.c b/drivers/misc/mic/scif/scif_api.c index ddc9e4b08b5c..56efa9d18a9a 100644 --- a/drivers/misc/mic/scif/scif_api.c +++ b/drivers/misc/mic/scif/scif_api.c @@ -370,11 +370,10 @@ int scif_bind(scif_epd_t epd, u16 pn) goto scif_bind_exit; } } else { - pn = scif_get_new_port(); - if (!pn) { - ret = -ENOSPC; + ret = scif_get_new_port(); + if (ret < 0) goto scif_bind_exit; - } + pn = ret; } ep->state = SCIFEP_BOUND; @@ -648,13 +647,12 @@ int __scif_connect(scif_epd_t epd, struct scif_port_id *dst, bool non_block) err = -EISCONN; break; case SCIFEP_UNBOUND: - ep->port.port = scif_get_new_port(); - if (!ep->port.port) { - err = -ENOSPC; - } else { - ep->port.node = scif_info.nodeid; - ep->conn_async_state = ASYNC_CONN_IDLE; - } + err = scif_get_new_port(); + if (err < 0) + break; + ep->port.port = err; + ep->port.node = scif_info.nodeid; + ep->conn_async_state = ASYNC_CONN_IDLE; /* Fall through */ case SCIFEP_BOUND: /* -- 2.17.1

7 years, 1 month

2
91
0 0

[PATCH 1/2] platform/x86: dell-smbios-wmi: Correct a memory leak

by Mario Limonciello

ACPI buffers were being allocated but never freed. Reported-by: Pinzhen Xu <pinzhen.xu(a)intel.com> Signed-off-by: Mario Limonciello <mario.limonciello(a)dell.com> Cc: stable(a)vger.kernel.org --- drivers/platform/x86/dell-smbios-wmi.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/platform/x86/dell-smbios-wmi.c b/drivers/platform/x86/dell-smbios-wmi.c index 88afe56..cf2229e 100644 --- a/drivers/platform/x86/dell-smbios-wmi.c +++ b/drivers/platform/x86/dell-smbios-wmi.c @@ -78,6 +78,7 @@ static int run_smbios_call(struct wmi_device *wdev) dev_dbg(&wdev->dev, "result: [%08x,%08x,%08x,%08x]\n", priv->buf->std.output[0], priv->buf->std.output[1], priv->buf->std.output[2], priv->buf->std.output[3]); + kfree(output.pointer); return 0; } -- 2.7.4

7 years, 1 month

3
4
0 0

FAILED: patch "[PATCH] drm/i915/gvt: move intel_runtime_pm_get out of spin_lock in" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From b2b599fb54f90ae395ddc51f0d49e4f28244a8f8 Mon Sep 17 00:00:00 2001 From: Hang Yuan <hang.yuan(a)linux.intel.com> Date: Wed, 29 Aug 2018 17:15:56 +0800 Subject: [PATCH] drm/i915/gvt: move intel_runtime_pm_get out of spin_lock in stop_schedule pm_runtime_get_sync in intel_runtime_pm_get might sleep if i915 device is not active. When stop vgpu schedule, the device may be inactive. So need to move runtime_pm_get out of spin_lock/unlock. Fixes: b24881e0b0b6("drm/i915/gvt: Add runtime_pm_get/put into gvt_switch_mmio Cc: <stable(a)vger.kernel.org> Signed-off-by: Hang Yuan <hang.yuan(a)linux.intel.com> Signed-off-by: Xiong Zhang <xiong.y.zhang(a)intel.com> Signed-off-by: Zhenyu Wang <zhenyuw(a)linux.intel.com> diff --git a/drivers/gpu/drm/i915/gvt/mmio_context.c b/drivers/gpu/drm/i915/gvt/mmio_context.c index 42e1e6bdcc2c..e872f4847fbe 100644 --- a/drivers/gpu/drm/i915/gvt/mmio_context.c +++ b/drivers/gpu/drm/i915/gvt/mmio_context.c @@ -562,11 +562,9 @@ void intel_gvt_switch_mmio(struct intel_vgpu *pre, * performace for batch mmio read/write, so we need * handle forcewake mannually. */ - intel_runtime_pm_get(dev_priv); intel_uncore_forcewake_get(dev_priv, FORCEWAKE_ALL); switch_mmio(pre, next, ring_id); intel_uncore_forcewake_put(dev_priv, FORCEWAKE_ALL); - intel_runtime_pm_put(dev_priv); } /** diff --git a/drivers/gpu/drm/i915/gvt/sched_policy.c b/drivers/gpu/drm/i915/gvt/sched_policy.c index 09d7bb72b4ff..985fe81794dd 100644 --- a/drivers/gpu/drm/i915/gvt/sched_policy.c +++ b/drivers/gpu/drm/i915/gvt/sched_policy.c @@ -426,6 +426,7 @@ void intel_vgpu_stop_schedule(struct intel_vgpu *vgpu) &vgpu->gvt->scheduler; int ring_id; struct vgpu_sched_data *vgpu_data = vgpu->sched_data; + struct drm_i915_private *dev_priv = vgpu->gvt->dev_priv; if (!vgpu_data->active) return; @@ -444,6 +445,7 @@ void intel_vgpu_stop_schedule(struct intel_vgpu *vgpu) scheduler->current_vgpu = NULL; } + intel_runtime_pm_get(dev_priv); spin_lock_bh(&scheduler->mmio_context_lock); for (ring_id = 0; ring_id < I915_NUM_ENGINES; ring_id++) { if (scheduler->engine_owner[ring_id] == vgpu) { @@ -452,5 +454,6 @@ void intel_vgpu_stop_schedule(struct intel_vgpu *vgpu) } } spin_unlock_bh(&scheduler->mmio_context_lock); + intel_runtime_pm_put(dev_priv); mutex_unlock(&vgpu->gvt->sched_lock); }

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] drm/amdgpu: Make pin_size values atomic" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From a5ccfe5c20740f2fbf00291490cdf8d2373ec255 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michel=20D=C3=A4nzer?= <michel.daenzer(a)amd.com> Date: Wed, 11 Jul 2018 12:00:40 +0200 Subject: [PATCH] drm/amdgpu: Make pin_size values atomic MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Concurrent execution of the non-atomic arithmetic could result in completely bogus values. v2: * Rebased on v2 of the previous patch Cc: stable(a)vger.kernel.org Bugzilla: https://bugs.freedesktop.org/106872 Reviewed-by: Christian König <christian.koenig(a)amd.com> Signed-off-by: Michel Dänzer <michel.daenzer(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu.h b/drivers/gpu/drm/amd/amdgpu/amdgpu.h index 51b16de008bb..53435da158c2 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu.h +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu.h @@ -1589,9 +1589,9 @@ struct amdgpu_device { DECLARE_HASHTABLE(mn_hash, 7); /* tracking pinned memory */ - u64 vram_pin_size; - u64 visible_pin_size; - u64 gart_pin_size; + atomic64_t vram_pin_size; + atomic64_t visible_pin_size; + atomic64_t gart_pin_size; /* amdkfd interface */ struct kfd_dev *kfd; diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c index 9881a1e55df3..5a2a5ba29f9a 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c @@ -262,7 +262,7 @@ static void amdgpu_cs_get_threshold_for_moves(struct amdgpu_device *adev, return; } - total_vram = adev->gmc.real_vram_size - adev->vram_pin_size; + total_vram = adev->gmc.real_vram_size - atomic64_read(&adev->vram_pin_size); used_vram = amdgpu_vram_mgr_usage(&adev->mman.bdev.man[TTM_PL_VRAM]); free_vram = used_vram >= total_vram ? 0 : total_vram - used_vram; diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c index c00bd9591dad..207f238649b4 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c @@ -501,13 +501,13 @@ static int amdgpu_info_ioctl(struct drm_device *dev, void *data, struct drm_file case AMDGPU_INFO_VRAM_GTT: { struct drm_amdgpu_info_vram_gtt vram_gtt; - vram_gtt.vram_size = adev->gmc.real_vram_size; - vram_gtt.vram_size -= adev->vram_pin_size; - vram_gtt.vram_cpu_accessible_size = adev->gmc.visible_vram_size; - vram_gtt.vram_cpu_accessible_size -= adev->visible_pin_size; + vram_gtt.vram_size = adev->gmc.real_vram_size - + atomic64_read(&adev->vram_pin_size); + vram_gtt.vram_cpu_accessible_size = adev->gmc.visible_vram_size - + atomic64_read(&adev->visible_pin_size); vram_gtt.gtt_size = adev->mman.bdev.man[TTM_PL_TT].size; vram_gtt.gtt_size *= PAGE_SIZE; - vram_gtt.gtt_size -= adev->gart_pin_size; + vram_gtt.gtt_size -= atomic64_read(&adev->gart_pin_size); return copy_to_user(out, &vram_gtt, min((size_t)size, sizeof(vram_gtt))) ? -EFAULT : 0; } @@ -516,16 +516,16 @@ static int amdgpu_info_ioctl(struct drm_device *dev, void *data, struct drm_file memset(&mem, 0, sizeof(mem)); mem.vram.total_heap_size = adev->gmc.real_vram_size; - mem.vram.usable_heap_size = - adev->gmc.real_vram_size - adev->vram_pin_size; + mem.vram.usable_heap_size = adev->gmc.real_vram_size - + atomic64_read(&adev->vram_pin_size); mem.vram.heap_usage = amdgpu_vram_mgr_usage(&adev->mman.bdev.man[TTM_PL_VRAM]); mem.vram.max_allocation = mem.vram.usable_heap_size * 3 / 4; mem.cpu_accessible_vram.total_heap_size = adev->gmc.visible_vram_size; - mem.cpu_accessible_vram.usable_heap_size = - adev->gmc.visible_vram_size - adev->visible_pin_size; + mem.cpu_accessible_vram.usable_heap_size = adev->gmc.visible_vram_size - + atomic64_read(&adev->visible_pin_size); mem.cpu_accessible_vram.heap_usage = amdgpu_vram_mgr_vis_usage(&adev->mman.bdev.man[TTM_PL_VRAM]); mem.cpu_accessible_vram.max_allocation = @@ -533,8 +533,8 @@ static int amdgpu_info_ioctl(struct drm_device *dev, void *data, struct drm_file mem.gtt.total_heap_size = adev->mman.bdev.man[TTM_PL_TT].size; mem.gtt.total_heap_size *= PAGE_SIZE; - mem.gtt.usable_heap_size = mem.gtt.total_heap_size - - adev->gart_pin_size; + mem.gtt.usable_heap_size = mem.gtt.total_heap_size - + atomic64_read(&adev->gart_pin_size); mem.gtt.heap_usage = amdgpu_gtt_mgr_usage(&adev->mman.bdev.man[TTM_PL_TT]); mem.gtt.max_allocation = mem.gtt.usable_heap_size * 3 / 4; diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_object.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_object.c index f0239feceab4..1fd83ed175fa 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_object.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_object.c @@ -916,10 +916,11 @@ int amdgpu_bo_pin_restricted(struct amdgpu_bo *bo, u32 domain, domain = amdgpu_mem_type_to_domain(bo->tbo.mem.mem_type); if (domain == AMDGPU_GEM_DOMAIN_VRAM) { - adev->vram_pin_size += amdgpu_bo_size(bo); - adev->visible_pin_size += amdgpu_vram_mgr_bo_visible_size(bo); + atomic64_add(amdgpu_bo_size(bo), &adev->vram_pin_size); + atomic64_add(amdgpu_vram_mgr_bo_visible_size(bo), + &adev->visible_pin_size); } else if (domain == AMDGPU_GEM_DOMAIN_GTT) { - adev->gart_pin_size += amdgpu_bo_size(bo); + atomic64_add(amdgpu_bo_size(bo), &adev->gart_pin_size); } error: @@ -968,10 +969,11 @@ int amdgpu_bo_unpin(struct amdgpu_bo *bo) return 0; if (bo->tbo.mem.mem_type == TTM_PL_VRAM) { - adev->vram_pin_size -= amdgpu_bo_size(bo); - adev->visible_pin_size -= amdgpu_vram_mgr_bo_visible_size(bo); + atomic64_sub(amdgpu_bo_size(bo), &adev->vram_pin_size); + atomic64_sub(amdgpu_vram_mgr_bo_visible_size(bo), + &adev->visible_pin_size); } else if (bo->tbo.mem.mem_type == TTM_PL_TT) { - adev->gart_pin_size -= amdgpu_bo_size(bo); + atomic64_sub(amdgpu_bo_size(bo), &adev->gart_pin_size); } for (i = 0; i < bo->placement.num_placement; i++) {

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] drm/amdgpu: Keep track of amount of pinned CPU visible VRAM" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From ddc21af4d0f37f42b33c54cb69b215997fe5b082 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michel=20D=C3=A4nzer?= <michel.daenzer(a)amd.com> Date: Wed, 11 Jul 2018 12:06:31 +0200 Subject: [PATCH] drm/amdgpu: Keep track of amount of pinned CPU visible VRAM MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Instead of CPU invisible VRAM. Preparation for the following, no functional change intended. v2: * Also change amdgpu_vram_mgr_bo_invisible_size to amdgpu_vram_mgr_bo_visible_size, allowing further simplification (Christian König) Cc: stable(a)vger.kernel.org Reviewed-by: Christian König <christian.koenig(a)amd.com> Signed-off-by: Michel Dänzer <michel.daenzer(a)amd.com> Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu.h b/drivers/gpu/drm/amd/amdgpu/amdgpu.h index b38c170fb95c..51b16de008bb 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu.h +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu.h @@ -1590,7 +1590,7 @@ struct amdgpu_device { /* tracking pinned memory */ u64 vram_pin_size; - u64 invisible_pin_size; + u64 visible_pin_size; u64 gart_pin_size; /* amdkfd interface */ diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c index 2060f208e60b..c00bd9591dad 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_kms.c @@ -504,7 +504,7 @@ static int amdgpu_info_ioctl(struct drm_device *dev, void *data, struct drm_file vram_gtt.vram_size = adev->gmc.real_vram_size; vram_gtt.vram_size -= adev->vram_pin_size; vram_gtt.vram_cpu_accessible_size = adev->gmc.visible_vram_size; - vram_gtt.vram_cpu_accessible_size -= (adev->vram_pin_size - adev->invisible_pin_size); + vram_gtt.vram_cpu_accessible_size -= adev->visible_pin_size; vram_gtt.gtt_size = adev->mman.bdev.man[TTM_PL_TT].size; vram_gtt.gtt_size *= PAGE_SIZE; vram_gtt.gtt_size -= adev->gart_pin_size; @@ -525,8 +525,7 @@ static int amdgpu_info_ioctl(struct drm_device *dev, void *data, struct drm_file mem.cpu_accessible_vram.total_heap_size = adev->gmc.visible_vram_size; mem.cpu_accessible_vram.usable_heap_size = - adev->gmc.visible_vram_size - - (adev->vram_pin_size - adev->invisible_pin_size); + adev->gmc.visible_vram_size - adev->visible_pin_size; mem.cpu_accessible_vram.heap_usage = amdgpu_vram_mgr_vis_usage(&adev->mman.bdev.man[TTM_PL_VRAM]); mem.cpu_accessible_vram.max_allocation = diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_object.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_object.c index 9ee678d63890..f0239feceab4 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_object.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_object.c @@ -917,7 +917,7 @@ int amdgpu_bo_pin_restricted(struct amdgpu_bo *bo, u32 domain, domain = amdgpu_mem_type_to_domain(bo->tbo.mem.mem_type); if (domain == AMDGPU_GEM_DOMAIN_VRAM) { adev->vram_pin_size += amdgpu_bo_size(bo); - adev->invisible_pin_size += amdgpu_vram_mgr_bo_invisible_size(bo); + adev->visible_pin_size += amdgpu_vram_mgr_bo_visible_size(bo); } else if (domain == AMDGPU_GEM_DOMAIN_GTT) { adev->gart_pin_size += amdgpu_bo_size(bo); } @@ -969,7 +969,7 @@ int amdgpu_bo_unpin(struct amdgpu_bo *bo) if (bo->tbo.mem.mem_type == TTM_PL_VRAM) { adev->vram_pin_size -= amdgpu_bo_size(bo); - adev->invisible_pin_size -= amdgpu_vram_mgr_bo_invisible_size(bo); + adev->visible_pin_size -= amdgpu_vram_mgr_bo_visible_size(bo); } else if (bo->tbo.mem.mem_type == TTM_PL_TT) { adev->gart_pin_size -= amdgpu_bo_size(bo); } diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h index e5da4654b630..8b3cc6687769 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h @@ -73,7 +73,7 @@ bool amdgpu_gtt_mgr_has_gart_addr(struct ttm_mem_reg *mem); uint64_t amdgpu_gtt_mgr_usage(struct ttm_mem_type_manager *man); int amdgpu_gtt_mgr_recover(struct ttm_mem_type_manager *man); -u64 amdgpu_vram_mgr_bo_invisible_size(struct amdgpu_bo *bo); +u64 amdgpu_vram_mgr_bo_visible_size(struct amdgpu_bo *bo); uint64_t amdgpu_vram_mgr_usage(struct ttm_mem_type_manager *man); uint64_t amdgpu_vram_mgr_vis_usage(struct ttm_mem_type_manager *man); diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c index f7a4bd5885a3..9cfa8a9ada92 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_vram_mgr.c @@ -97,33 +97,29 @@ static u64 amdgpu_vram_mgr_vis_size(struct amdgpu_device *adev, } /** - * amdgpu_vram_mgr_bo_invisible_size - CPU invisible BO size + * amdgpu_vram_mgr_bo_visible_size - CPU visible BO size * * @bo: &amdgpu_bo buffer object (must be in VRAM) * * Returns: - * How much of the given &amdgpu_bo buffer object lies in CPU invisible VRAM. + * How much of the given &amdgpu_bo buffer object lies in CPU visible VRAM. */ -u64 amdgpu_vram_mgr_bo_invisible_size(struct amdgpu_bo *bo) +u64 amdgpu_vram_mgr_bo_visible_size(struct amdgpu_bo *bo) { struct amdgpu_device *adev = amdgpu_ttm_adev(bo->tbo.bdev); struct ttm_mem_reg *mem = &bo->tbo.mem; struct drm_mm_node *nodes = mem->mm_node; unsigned pages = mem->num_pages; - u64 usage = 0; + u64 usage; if (amdgpu_gmc_vram_full_visible(&adev->gmc)) - return 0; + return amdgpu_bo_size(bo); if (mem->start >= adev->gmc.visible_vram_size >> PAGE_SHIFT) - return amdgpu_bo_size(bo); + return 0; - while (nodes && pages) { - usage += nodes->size << PAGE_SHIFT; - usage -= amdgpu_vram_mgr_vis_size(adev, nodes); - pages -= nodes->size; - ++nodes; - } + for (usage = 0; nodes && pages; pages -= nodes->size, nodes++) + usage += amdgpu_vram_mgr_vis_size(adev, nodes); return usage; }

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] drm/i915: set DP Main Stream Attribute for color range on DDI" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 6209c285e7a5e68dbcdf8fd2456c6dd68433806b Mon Sep 17 00:00:00 2001 From: Jani Nikula <jani.nikula(a)intel.com> Date: Tue, 14 Aug 2018 09:00:01 +0300 Subject: [PATCH] drm/i915: set DP Main Stream Attribute for color range on DDI platforms MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Since Haswell we have no color range indication either in the pipe or port registers for DP. Instead, there's a separate register for setting the DP Main Stream Attributes (MSA) directly. The MSA register definition makes no references to colorimetry, just a vague reference to the DP spec. The connection to the color range was lost. Apparently we've failed to set the proper MSA bit for limited, or CEA, range ever since the first DDI platforms. We've started setting other MSA parameters since commit dae847991a43 ("drm/i915: add intel_ddi_set_pipe_settings"). Without the crucial bit of information, the DP sink has no way of knowing the source is actually transmitting limited range RGB, leading to "washed out" colors. With the colorimetry information, compliant sinks should be able to handle the limited range properly. Native (i.e. non-LSPCON) HDMI was not affected because we do pass the color range via AVI infoframes. Though not the root cause, the problem was made worse for DDI platforms with commit 55bc60db5988 ("drm/i915: Add "Automatic" mode for the "Broadcast RGB" property"), which selects limited range RGB automatically based on the mode, as per the DP, HDMI and CEA specs. After all these years, the fix boils down to flipping one bit. [Per testing reports, this fixes DP sinks, but not the LSPCON. My educated guess is that the LSPCON fails to turn the CEA range MSA into AVI infoframes for HDMI.] Reported-by: Michał Kopeć <mkopec12(a)gmail.com> Reported-by: N. W. <nw9165-3201(a)yahoo.com> Reported-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> Reported-by: Tom Yan <tom.ty89(a)gmail.com> Tested-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> References: https://bugs.freedesktop.org/show_bug.cgi?id=100023 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=107476 Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=94921 Cc: Paulo Zanoni <paulo.r.zanoni(a)intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> # v3.9+ Reviewed-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Signed-off-by: Jani Nikula <jani.nikula(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180814060001.18224-1-jani.n… (cherry picked from commit dc5977da99ea28094b8fa4e9bacbd29bedc41de5) Signed-off-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> diff --git a/drivers/gpu/drm/i915/i915_reg.h b/drivers/gpu/drm/i915/i915_reg.h index 91e7483228e1..08ec7446282e 100644 --- a/drivers/gpu/drm/i915/i915_reg.h +++ b/drivers/gpu/drm/i915/i915_reg.h @@ -9201,6 +9201,7 @@ enum skl_power_gate { #define TRANS_MSA_10_BPC (2 << 5) #define TRANS_MSA_12_BPC (3 << 5) #define TRANS_MSA_16_BPC (4 << 5) +#define TRANS_MSA_CEA_RANGE (1 << 3) /* LCPLL Control */ #define LCPLL_CTL _MMIO(0x130040) diff --git a/drivers/gpu/drm/i915/intel_ddi.c b/drivers/gpu/drm/i915/intel_ddi.c index 39d66f8493fa..8761513f3532 100644 --- a/drivers/gpu/drm/i915/intel_ddi.c +++ b/drivers/gpu/drm/i915/intel_ddi.c @@ -1685,6 +1685,10 @@ void intel_ddi_set_pipe_settings(const struct intel_crtc_state *crtc_state) WARN_ON(transcoder_is_dsi(cpu_transcoder)); temp = TRANS_MSA_SYNC_CLK; + + if (crtc_state->limited_color_range) + temp |= TRANS_MSA_CEA_RANGE; + switch (crtc_state->pipe_bpp) { case 18: temp |= TRANS_MSA_6_BPC;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] drm/i915: set DP Main Stream Attribute for color range on DDI" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 6209c285e7a5e68dbcdf8fd2456c6dd68433806b Mon Sep 17 00:00:00 2001 From: Jani Nikula <jani.nikula(a)intel.com> Date: Tue, 14 Aug 2018 09:00:01 +0300 Subject: [PATCH] drm/i915: set DP Main Stream Attribute for color range on DDI platforms MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Since Haswell we have no color range indication either in the pipe or port registers for DP. Instead, there's a separate register for setting the DP Main Stream Attributes (MSA) directly. The MSA register definition makes no references to colorimetry, just a vague reference to the DP spec. The connection to the color range was lost. Apparently we've failed to set the proper MSA bit for limited, or CEA, range ever since the first DDI platforms. We've started setting other MSA parameters since commit dae847991a43 ("drm/i915: add intel_ddi_set_pipe_settings"). Without the crucial bit of information, the DP sink has no way of knowing the source is actually transmitting limited range RGB, leading to "washed out" colors. With the colorimetry information, compliant sinks should be able to handle the limited range properly. Native (i.e. non-LSPCON) HDMI was not affected because we do pass the color range via AVI infoframes. Though not the root cause, the problem was made worse for DDI platforms with commit 55bc60db5988 ("drm/i915: Add "Automatic" mode for the "Broadcast RGB" property"), which selects limited range RGB automatically based on the mode, as per the DP, HDMI and CEA specs. After all these years, the fix boils down to flipping one bit. [Per testing reports, this fixes DP sinks, but not the LSPCON. My educated guess is that the LSPCON fails to turn the CEA range MSA into AVI infoframes for HDMI.] Reported-by: Michał Kopeć <mkopec12(a)gmail.com> Reported-by: N. W. <nw9165-3201(a)yahoo.com> Reported-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> Reported-by: Tom Yan <tom.ty89(a)gmail.com> Tested-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> References: https://bugs.freedesktop.org/show_bug.cgi?id=100023 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=107476 Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=94921 Cc: Paulo Zanoni <paulo.r.zanoni(a)intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> # v3.9+ Reviewed-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Signed-off-by: Jani Nikula <jani.nikula(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180814060001.18224-1-jani.n… (cherry picked from commit dc5977da99ea28094b8fa4e9bacbd29bedc41de5) Signed-off-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> diff --git a/drivers/gpu/drm/i915/i915_reg.h b/drivers/gpu/drm/i915/i915_reg.h index 91e7483228e1..08ec7446282e 100644 --- a/drivers/gpu/drm/i915/i915_reg.h +++ b/drivers/gpu/drm/i915/i915_reg.h @@ -9201,6 +9201,7 @@ enum skl_power_gate { #define TRANS_MSA_10_BPC (2 << 5) #define TRANS_MSA_12_BPC (3 << 5) #define TRANS_MSA_16_BPC (4 << 5) +#define TRANS_MSA_CEA_RANGE (1 << 3) /* LCPLL Control */ #define LCPLL_CTL _MMIO(0x130040) diff --git a/drivers/gpu/drm/i915/intel_ddi.c b/drivers/gpu/drm/i915/intel_ddi.c index 39d66f8493fa..8761513f3532 100644 --- a/drivers/gpu/drm/i915/intel_ddi.c +++ b/drivers/gpu/drm/i915/intel_ddi.c @@ -1685,6 +1685,10 @@ void intel_ddi_set_pipe_settings(const struct intel_crtc_state *crtc_state) WARN_ON(transcoder_is_dsi(cpu_transcoder)); temp = TRANS_MSA_SYNC_CLK; + + if (crtc_state->limited_color_range) + temp |= TRANS_MSA_CEA_RANGE; + switch (crtc_state->pipe_bpp) { case 18: temp |= TRANS_MSA_6_BPC;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] drm/i915: Nuke the LVDS lid notifier" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 05c72e77ccda89ff624108b1b59a0fc43843f343 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ville=20Syrj=C3=A4l=C3=A4?= <ville.syrjala(a)linux.intel.com> Date: Tue, 17 Jul 2018 20:42:14 +0300 Subject: [PATCH] drm/i915: Nuke the LVDS lid notifier MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We broke the LVDS notifier resume thing in (presumably) commit e2c8b8701e2d ("drm/i915: Use atomic helpers for suspend, v2.") as we no longer duplicate the current state in the LVDS notifier and thus we never resume it properly either. Instead of trying to fix it again let's just kill off the lid notifier entirely. None of the machines tested thus far have apparently needed it. Originally the lid notifier was added to work around cases where the VBIOS was clobbering some of the hardware state behind the driver's back, mostly on Thinkpads. We now have a few report of Thinkpads working just fine without the notifier. So maybe it was misdiagnosed originally, or something else has changed (ACPI video stuff perhaps?). If we do end up finding a machine where the VBIOS is still causing problems I would suggest that we first try setting various bits in the VBIOS scratch registers. There are several to choose from that may instruct the VBIOS to steer clear. With the notifier gone we'll also stop looking at the panel status in ->detect(). v2: Nuke enum modeset_restore (Rodrigo) Cc: stable(a)vger.kernel.org Cc: Wolfgang Draxinger <wdraxinger.maillist(a)draxit.de> Cc: Vito Caputo <vcaputo(a)pengaru.com> Cc: kitsunyan <kitsunyan(a)airmail.cc> Cc: Joonas Saarinen <jza(a)saunalahti.fi> Tested-by: Vito Caputo <vcaputo(a)pengaru.com> # Thinkapd X61s Tested-by: kitsunyan <kitsunyan(a)airmail.cc> # ThinkPad X200 Tested-by: Joonas Saarinen <jza(a)saunalahti.fi> # Fujitsu Siemens U9210 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=105902 References: https://lists.freedesktop.org/archives/intel-gfx/2018-June/169315.html References: https://bugs.freedesktop.org/show_bug.cgi?id=21230 Fixes: e2c8b8701e2d ("drm/i915: Use atomic helpers for suspend, v2.") Signed-off-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180717174216.22252-1-ville.… Reviewed-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> diff --git a/drivers/gpu/drm/i915/i915_drv.c b/drivers/gpu/drm/i915/i915_drv.c index 337b1aad5212..343e79a44abd 100644 --- a/drivers/gpu/drm/i915/i915_drv.c +++ b/drivers/gpu/drm/i915/i915_drv.c @@ -900,7 +900,6 @@ static int i915_driver_init_early(struct drm_i915_private *dev_priv, spin_lock_init(&dev_priv->uncore.lock); mutex_init(&dev_priv->sb_lock); - mutex_init(&dev_priv->modeset_restore_lock); mutex_init(&dev_priv->av_mutex); mutex_init(&dev_priv->wm.wm_mutex); mutex_init(&dev_priv->pps_mutex); @@ -1570,11 +1569,6 @@ static int i915_drm_suspend(struct drm_device *dev) struct pci_dev *pdev = dev_priv->drm.pdev; pci_power_t opregion_target_state; - /* ignore lid events during suspend */ - mutex_lock(&dev_priv->modeset_restore_lock); - dev_priv->modeset_restore = MODESET_SUSPENDED; - mutex_unlock(&dev_priv->modeset_restore_lock); - disable_rpm_wakeref_asserts(dev_priv); /* We do a lot of poking in a lot of registers, make sure they work @@ -1770,10 +1764,6 @@ static int i915_drm_resume(struct drm_device *dev) intel_fbdev_set_suspend(dev, FBINFO_STATE_RUNNING, false); - mutex_lock(&dev_priv->modeset_restore_lock); - dev_priv->modeset_restore = MODESET_DONE; - mutex_unlock(&dev_priv->modeset_restore_lock); - intel_opregion_notify_adapter(dev_priv, PCI_D0); enable_rpm_wakeref_asserts(dev_priv); diff --git a/drivers/gpu/drm/i915/i915_drv.h b/drivers/gpu/drm/i915/i915_drv.h index 08d4303abb14..995656f51b57 100644 --- a/drivers/gpu/drm/i915/i915_drv.h +++ b/drivers/gpu/drm/i915/i915_drv.h @@ -1002,12 +1002,6 @@ struct i915_gem_mm { #define I915_ENGINE_WEDGED_TIMEOUT (60 * HZ) /* Reset but no recovery? */ -enum modeset_restore { - MODESET_ON_LID_OPEN, - MODESET_DONE, - MODESET_SUSPENDED, -}; - #define DP_AUX_A 0x40 #define DP_AUX_B 0x10 #define DP_AUX_C 0x20 @@ -1730,8 +1724,6 @@ struct drm_i915_private { unsigned long quirks; - enum modeset_restore modeset_restore; - struct mutex modeset_restore_lock; struct drm_atomic_state *modeset_restore_state; struct drm_modeset_acquire_ctx reset_ctx; diff --git a/drivers/gpu/drm/i915/intel_lvds.c b/drivers/gpu/drm/i915/intel_lvds.c index bb06744d28a4..a35404119257 100644 --- a/drivers/gpu/drm/i915/intel_lvds.c +++ b/drivers/gpu/drm/i915/intel_lvds.c @@ -44,8 +44,6 @@ /* Private structure for the integrated LVDS support */ struct intel_lvds_connector { struct intel_connector base; - - struct notifier_block lid_notifier; }; struct intel_lvds_pps { @@ -452,26 +450,9 @@ static bool intel_lvds_compute_config(struct intel_encoder *intel_encoder, return true; } -/* - * Detect the LVDS connection. - * - * Since LVDS doesn't have hotlug, we use the lid as a proxy. Open means - * connected and closed means disconnected. We also send hotplug events as - * needed, using lid status notification from the input layer. - */ static enum drm_connector_status intel_lvds_detect(struct drm_connector *connector, bool force) { - struct drm_i915_private *dev_priv = to_i915(connector->dev); - enum drm_connector_status status; - - DRM_DEBUG_KMS("[CONNECTOR:%d:%s]\n", - connector->base.id, connector->name); - - status = intel_panel_detect(dev_priv); - if (status != connector_status_unknown) - return status; - return connector_status_connected; } @@ -496,117 +477,6 @@ static int intel_lvds_get_modes(struct drm_connector *connector) return 1; } -static int intel_no_modeset_on_lid_dmi_callback(const struct dmi_system_id *id) -{ - DRM_INFO("Skipping forced modeset for %s\n", id->ident); - return 1; -} - -/* The GPU hangs up on these systems if modeset is performed on LID open */ -static const struct dmi_system_id intel_no_modeset_on_lid[] = { - { - .callback = intel_no_modeset_on_lid_dmi_callback, - .ident = "Toshiba Tecra A11", - .matches = { - DMI_MATCH(DMI_SYS_VENDOR, "TOSHIBA"), - DMI_MATCH(DMI_PRODUCT_NAME, "TECRA A11"), - }, - }, - - { } /* terminating entry */ -}; - -/* - * Lid events. Note the use of 'modeset': - * - we set it to MODESET_ON_LID_OPEN on lid close, - * and set it to MODESET_DONE on open - * - we use it as a "only once" bit (ie we ignore - * duplicate events where it was already properly set) - * - the suspend/resume paths will set it to - * MODESET_SUSPENDED and ignore the lid open event, - * because they restore the mode ("lid open"). - */ -static int intel_lid_notify(struct notifier_block *nb, unsigned long val, - void *unused) -{ - struct intel_lvds_connector *lvds_connector = - container_of(nb, struct intel_lvds_connector, lid_notifier); - struct drm_connector *connector = &lvds_connector->base.base; - struct drm_device *dev = connector->dev; - struct drm_i915_private *dev_priv = to_i915(dev); - - if (dev->switch_power_state != DRM_SWITCH_POWER_ON) - return NOTIFY_OK; - - mutex_lock(&dev_priv->modeset_restore_lock); - if (dev_priv->modeset_restore == MODESET_SUSPENDED) - goto exit; - /* - * check and update the status of LVDS connector after receiving - * the LID nofication event. - */ - connector->status = connector->funcs->detect(connector, false); - - /* Don't force modeset on machines where it causes a GPU lockup */ - if (dmi_check_system(intel_no_modeset_on_lid)) - goto exit; - if (!acpi_lid_open()) { - /* do modeset on next lid open event */ - dev_priv->modeset_restore = MODESET_ON_LID_OPEN; - goto exit; - } - - if (dev_priv->modeset_restore == MODESET_DONE) - goto exit; - - /* - * Some old platform's BIOS love to wreak havoc while the lid is closed. - * We try to detect this here and undo any damage. The split for PCH - * platforms is rather conservative and a bit arbitrary expect that on - * those platforms VGA disabling requires actual legacy VGA I/O access, - * and as part of the cleanup in the hw state restore we also redisable - * the vga plane. - */ - if (!HAS_PCH_SPLIT(dev_priv)) - intel_display_resume(dev); - - dev_priv->modeset_restore = MODESET_DONE; - -exit: - mutex_unlock(&dev_priv->modeset_restore_lock); - return NOTIFY_OK; -} - -static int -intel_lvds_connector_register(struct drm_connector *connector) -{ - struct intel_lvds_connector *lvds = to_lvds_connector(connector); - int ret; - - ret = intel_connector_register(connector); - if (ret) - return ret; - - lvds->lid_notifier.notifier_call = intel_lid_notify; - if (acpi_lid_notifier_register(&lvds->lid_notifier)) { - DRM_DEBUG_KMS("lid notifier registration failed\n"); - lvds->lid_notifier.notifier_call = NULL; - } - - return 0; -} - -static void -intel_lvds_connector_unregister(struct drm_connector *connector) -{ - struct intel_lvds_connector *lvds = to_lvds_connector(connector); - - if (lvds->lid_notifier.notifier_call) - acpi_lid_notifier_unregister(&lvds->lid_notifier); - - intel_connector_unregister(connector); -} - /** * intel_lvds_destroy - unregister and free LVDS structures * @connector: connector to free @@ -639,8 +509,8 @@ static const struct drm_connector_funcs intel_lvds_connector_funcs = { .fill_modes = drm_helper_probe_single_connector_modes, .atomic_get_property = intel_digital_connector_atomic_get_property, .atomic_set_property = intel_digital_connector_atomic_set_property, - .late_register = intel_lvds_connector_register, - .early_unregister = intel_lvds_connector_unregister, + .late_register = intel_connector_register, + .early_unregister = intel_connector_unregister, .destroy = intel_lvds_destroy, .atomic_destroy_state = drm_atomic_helper_connector_destroy_state, .atomic_duplicate_state = intel_digital_connector_duplicate_state, @@ -1114,8 +984,6 @@ void intel_lvds_init(struct drm_i915_private *dev_priv) * 2) check for VBT data * 3) check to see if LVDS is already on * if none of the above, no panel - * 4) make sure lid is open - * if closed, act like it's not there for now */ /*

7 years, 1 month

1
0
0 0

patch "vmbus: don't return values for uninitalized channels" added to char-misc-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled vmbus: don't return values for uninitalized channels to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 6712cc9c22117a8af9f3df272b4a44fd2e4201cd Mon Sep 17 00:00:00 2001 From: Stephen Hemminger <stephen(a)networkplumber.org> Date: Mon, 20 Aug 2018 21:16:40 +0000 Subject: vmbus: don't return values for uninitalized channels For unsupported device types, the vmbus channel ringbuffer is never initialized, and therefore reading the sysfs files will return garbage or cause a kernel OOPS. Fixes: c2e5df616e1a ("vmbus: add per-channel sysfs info") Signed-off-by: Stephen Hemminger <sthemmin(a)microsoft.com> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> Cc: <stable(a)vger.kernel.org> # 4.15 Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/hv/vmbus_drv.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/hv/vmbus_drv.c b/drivers/hv/vmbus_drv.c index b1b548a21f91..c71cc857b649 100644 --- a/drivers/hv/vmbus_drv.c +++ b/drivers/hv/vmbus_drv.c @@ -1291,6 +1291,9 @@ static ssize_t vmbus_chan_attr_show(struct kobject *kobj, if (!attribute->show) return -EIO; + if (chan->state != CHANNEL_OPENED_STATE) + return -EINVAL; + return attribute->show(chan, buf); } -- 2.18.0

7 years, 1 month

1
0
0 0

patch "Tools: hv: Fix a bug in the key delete code" added to char-misc-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled Tools: hv: Fix a bug in the key delete code to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 86503bd35dec0ce363e9fdbf5299927422ed3899 Mon Sep 17 00:00:00 2001 From: "K. Y. Srinivasan" <kys(a)microsoft.com> Date: Fri, 10 Aug 2018 23:06:07 +0000 Subject: Tools: hv: Fix a bug in the key delete code Fix a bug in the key delete code - the num_records range from 0 to num_records-1. Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> Reported-by: David Binderman <dcb314(a)hotmail.com> Cc: <stable(a)vger.kernel.org> Reviewed-by: Michael Kelley <mikelley(a)microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- tools/hv/hv_kvp_daemon.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c index dbf6e8bd98ba..bbb2a8ef367c 100644 --- a/tools/hv/hv_kvp_daemon.c +++ b/tools/hv/hv_kvp_daemon.c @@ -286,7 +286,7 @@ static int kvp_key_delete(int pool, const __u8 *key, int key_size) * Found a match; just move the remaining * entries up. */ - if (i == num_records) { + if (i == (num_records - 1)) { kvp_file_info[pool].num_records--; kvp_update_file(pool); return 0; -- 2.18.0

7 years, 1 month

1
0
0 0

patch "misc: ibmvsm: Fix wrong assignment of return code" added to char-misc-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled misc: ibmvsm: Fix wrong assignment of return code to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From c55e9318871cd06e4aa10f5023cc2dcdfbb08577 Mon Sep 17 00:00:00 2001 From: "Bryant G. Ly" <bryantly(a)linux.ibm.com> Date: Mon, 6 Aug 2018 08:31:00 -0500 Subject: misc: ibmvsm: Fix wrong assignment of return code Currently the assignment is flipped and rc is always 0. Signed-off-by: Bryant G. Ly <bryantly(a)linux.ibm.com> Fixes: 0eca353e7ae7 ("misc: IBM Virtual Management Channel Driver (VMC)") Reviewed-by: Bradley Warrum <bwarrum(a)us.ibm.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/misc/ibmvmc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/misc/ibmvmc.c b/drivers/misc/ibmvmc.c index 8f82bb9d11e2..b8aaa684c397 100644 --- a/drivers/misc/ibmvmc.c +++ b/drivers/misc/ibmvmc.c @@ -2131,7 +2131,7 @@ static int ibmvmc_init_crq_queue(struct crq_server_adapter *adapter) retrc = plpar_hcall_norets(H_REG_CRQ, vdev->unit_address, queue->msg_token, PAGE_SIZE); - retrc = rc; + rc = retrc; if (rc == H_RESOURCE) rc = ibmvmc_reset_crq_queue(adapter); -- 2.18.0

7 years, 1 month

1
0
0 0

patch "android: binder: fix the race mmap and alloc_new_buf_locked" added to char-misc-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled android: binder: fix the race mmap and alloc_new_buf_locked to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From da1b9564e85b1d7baf66cbfabcab27e183a1db63 Mon Sep 17 00:00:00 2001 From: Minchan Kim <minchan(a)kernel.org> Date: Thu, 23 Aug 2018 14:29:56 +0900 Subject: android: binder: fix the race mmap and alloc_new_buf_locked There is RaceFuzzer report like below because we have no lock to close below the race between binder_mmap and binder_alloc_new_buf_locked. To close the race, let's use memory barrier so that if someone see alloc->vma is not NULL, alloc->vma_vm_mm should be never NULL. (I didn't add stable mark intentionallybecause standard android userspace libraries that interact with binder (libbinder & libhwbinder) prevent the mmap/ioctl race. - from Todd) " Thread interleaving: CPU0 (binder_alloc_mmap_handler) CPU1 (binder_alloc_new_buf_locked) ===== ===== // drivers/android/binder_alloc.c // #L718 (v4.18-rc3) alloc->vma = vma; // drivers/android/binder_alloc.c // #L346 (v4.18-rc3) if (alloc->vma == NULL) { ... // alloc->vma is not NULL at this point return ERR_PTR(-ESRCH); } ... // #L438 binder_update_page_range(alloc, 0, (void *)PAGE_ALIGN((uintptr_t)buffer->data), end_page_addr); // In binder_update_page_range() #L218 // But still alloc->vma_vm_mm is NULL here if (need_mm && mmget_not_zero(alloc->vma_vm_mm)) alloc->vma_vm_mm = vma->vm_mm; Crash Log: ================================================================== BUG: KASAN: null-ptr-deref in __atomic_add_unless include/asm-generic/atomic-instrumented.h:89 [inline] BUG: KASAN: null-ptr-deref in atomic_add_unless include/linux/atomic.h:533 [inline] BUG: KASAN: null-ptr-deref in mmget_not_zero include/linux/sched/mm.h:75 [inline] BUG: KASAN: null-ptr-deref in binder_update_page_range+0xece/0x18e0 drivers/android/binder_alloc.c:218 Write of size 4 at addr 0000000000000058 by task syz-executor0/11184 CPU: 1 PID: 11184 Comm: syz-executor0 Not tainted 4.18.0-rc3 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.8.2-0-g33fbe13 by qemu-project.org 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x16e/0x22c lib/dump_stack.c:113 kasan_report_error mm/kasan/report.c:352 [inline] kasan_report+0x163/0x380 mm/kasan/report.c:412 check_memory_region_inline mm/kasan/kasan.c:260 [inline] check_memory_region+0x140/0x1a0 mm/kasan/kasan.c:267 kasan_check_write+0x14/0x20 mm/kasan/kasan.c:278 __atomic_add_unless include/asm-generic/atomic-instrumented.h:89 [inline] atomic_add_unless include/linux/atomic.h:533 [inline] mmget_not_zero include/linux/sched/mm.h:75 [inline] binder_update_page_range+0xece/0x18e0 drivers/android/binder_alloc.c:218 binder_alloc_new_buf_locked drivers/android/binder_alloc.c:443 [inline] binder_alloc_new_buf+0x467/0xc30 drivers/android/binder_alloc.c:513 binder_transaction+0x125b/0x4fb0 drivers/android/binder.c:2957 binder_thread_write+0xc08/0x2770 drivers/android/binder.c:3528 binder_ioctl_write_read.isra.39+0x24f/0x8e0 drivers/android/binder.c:4456 binder_ioctl+0xa86/0xf34 drivers/android/binder.c:4596 vfs_ioctl fs/ioctl.c:46 [inline] do_vfs_ioctl+0x154/0xd40 fs/ioctl.c:686 ksys_ioctl+0x94/0xb0 fs/ioctl.c:701 __do_sys_ioctl fs/ioctl.c:708 [inline] __se_sys_ioctl fs/ioctl.c:706 [inline] __x64_sys_ioctl+0x43/0x50 fs/ioctl.c:706 do_syscall_64+0x167/0x4b0 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe " Signed-off-by: Todd Kjos <tkjos(a)google.com> Signed-off-by: Minchan Kim <minchan(a)kernel.org> Reviewed-by: Martijn Coenen <maco(a)android.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/android/binder_alloc.c | 43 +++++++++++++++++++++++++++------- 1 file changed, 35 insertions(+), 8 deletions(-) diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c index 3f3b7b253445..64fd96eada31 100644 --- a/drivers/android/binder_alloc.c +++ b/drivers/android/binder_alloc.c @@ -332,6 +332,35 @@ static int binder_update_page_range(struct binder_alloc *alloc, int allocate, return vma ? -ENOMEM : -ESRCH; } + +static inline void binder_alloc_set_vma(struct binder_alloc *alloc, + struct vm_area_struct *vma) +{ + if (vma) + alloc->vma_vm_mm = vma->vm_mm; + /* + * If we see alloc->vma is not NULL, buffer data structures set up + * completely. Look at smp_rmb side binder_alloc_get_vma. + * We also want to guarantee new alloc->vma_vm_mm is always visible + * if alloc->vma is set. + */ + smp_wmb(); + alloc->vma = vma; +} + +static inline struct vm_area_struct *binder_alloc_get_vma( + struct binder_alloc *alloc) +{ + struct vm_area_struct *vma = NULL; + + if (alloc->vma) { + /* Look at description in binder_alloc_set_vma */ + smp_rmb(); + vma = alloc->vma; + } + return vma; +} + static struct binder_buffer *binder_alloc_new_buf_locked( struct binder_alloc *alloc, size_t data_size, @@ -348,7 +377,7 @@ static struct binder_buffer *binder_alloc_new_buf_locked( size_t size, data_offsets_size; int ret; - if (alloc->vma == NULL) { + if (!binder_alloc_get_vma(alloc)) { binder_alloc_debug(BINDER_DEBUG_USER_ERROR, "%d: binder_alloc_buf, no vma\n", alloc->pid); @@ -723,9 +752,7 @@ int binder_alloc_mmap_handler(struct binder_alloc *alloc, buffer->free = 1; binder_insert_free_buffer(alloc, buffer); alloc->free_async_space = alloc->buffer_size / 2; - barrier(); - alloc->vma = vma; - alloc->vma_vm_mm = vma->vm_mm; + binder_alloc_set_vma(alloc, vma); mmgrab(alloc->vma_vm_mm); return 0; @@ -754,10 +781,10 @@ void binder_alloc_deferred_release(struct binder_alloc *alloc) int buffers, page_count; struct binder_buffer *buffer; - BUG_ON(alloc->vma); - buffers = 0; mutex_lock(&alloc->mutex); + BUG_ON(alloc->vma); + while ((n = rb_first(&alloc->allocated_buffers))) { buffer = rb_entry(n, struct binder_buffer, rb_node); @@ -900,7 +927,7 @@ int binder_alloc_get_allocated_count(struct binder_alloc *alloc) */ void binder_alloc_vma_close(struct binder_alloc *alloc) { - WRITE_ONCE(alloc->vma, NULL); + binder_alloc_set_vma(alloc, NULL); } /** @@ -935,7 +962,7 @@ enum lru_status binder_alloc_free_page(struct list_head *item, index = page - alloc->pages; page_addr = (uintptr_t)alloc->buffer + index * PAGE_SIZE; - vma = alloc->vma; + vma = binder_alloc_get_vma(alloc); if (vma) { if (!mmget_not_zero(alloc->vma_vm_mm)) goto err_mmget; -- 2.18.0

7 years, 1 month

1
0
0 0

patch "mei: bus: need to unlink client before freeing" added to char-misc-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled mei: bus: need to unlink client before freeing to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 34f1166afd67f9f48a08c52f36180048908506a4 Mon Sep 17 00:00:00 2001 From: Tomas Winkler <tomas.winkler(a)intel.com> Date: Mon, 27 Aug 2018 22:40:16 +0300 Subject: mei: bus: need to unlink client before freeing MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In case a client fails to connect in mei_cldev_enable(), the caller won't call the mei_cldev_disable leaving the client in a linked stated. Upon driver unload the client structure will be freed in mei_cl_bus_dev_release(), leaving a stale pointer on a fail_list. This will eventually end up in crash during power down flow in mei_cl_set_disonnected(). RIP: mei_cl_set_disconnected+0x5/0x260[mei] Call trace: mei_cl_all_disconnect+0x22/0x30 mei_reset+0x194/0x250 __synchronize_hardirq+0x43/0x50 _cond_resched+0x15/0x30 mei_me_intr_clear+0x20/0x100 mei_stop+0x76/0xb0 mei_me_shutdown+0x3f/0x80 pci_device_shutdown+0x34/0x60 kernel_restart+0x0e/0x30 Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=200455 Fixes: 'c110cdb17148 ("mei: bus: make a client pointer always available")' Cc: <stable(a)vger.kernel.org> 4.10+ Tested-by: Georg Müller <georgmueller(a)gmx.net> Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/misc/mei/bus.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/drivers/misc/mei/bus.c b/drivers/misc/mei/bus.c index 13c6c9a2248a..fc3872fe7b25 100644 --- a/drivers/misc/mei/bus.c +++ b/drivers/misc/mei/bus.c @@ -521,17 +521,15 @@ int mei_cldev_enable(struct mei_cl_device *cldev) cl = cldev->cl; + mutex_lock(&bus->device_lock); if (cl->state == MEI_FILE_UNINITIALIZED) { - mutex_lock(&bus->device_lock); ret = mei_cl_link(cl); - mutex_unlock(&bus->device_lock); if (ret) - return ret; + goto out; /* update pointers */ cl->cldev = cldev; } - mutex_lock(&bus->device_lock); if (mei_cl_is_connected(cl)) { ret = 0; goto out; @@ -875,12 +873,13 @@ static void mei_cl_bus_dev_release(struct device *dev) mei_me_cl_put(cldev->me_cl); mei_dev_bus_put(cldev->bus); + mei_cl_unlink(cldev->cl); kfree(cldev->cl); kfree(cldev); } static const struct device_type mei_cl_device_type = { - .release = mei_cl_bus_dev_release, + .release = mei_cl_bus_dev_release, }; /** -- 2.18.0

7 years, 1 month

1
0
0 0

patch "mei: bus: fix hw module get/put balance" added to char-misc-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled mei: bus: fix hw module get/put balance to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 69bf5313035926b0b6a6578de4f3168a8f5c19b8 Mon Sep 17 00:00:00 2001 From: Tomas Winkler <tomas.winkler(a)intel.com> Date: Mon, 27 Aug 2018 22:40:15 +0300 Subject: mei: bus: fix hw module get/put balance MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In case the device is not connected it doesn't 'get' hw module and hence should not 'put' it on disable. Cc: <stable(a)vger.kernel.org> 4.16+ Fixes:'commit 257355a44b99 ("mei: make module referencing local to the bus.c")' Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=200455 Tested-by: Georg Müller <georgmueller(a)gmx.net> Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/misc/mei/bus.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/misc/mei/bus.c b/drivers/misc/mei/bus.c index 7bba62a72921..13c6c9a2248a 100644 --- a/drivers/misc/mei/bus.c +++ b/drivers/misc/mei/bus.c @@ -616,9 +616,8 @@ int mei_cldev_disable(struct mei_cl_device *cldev) if (err < 0) dev_err(bus->dev, "Could not disconnect from the ME client\n"); -out: mei_cl_bus_module_put(cldev); - +out: /* Flush queues and remove any pending read */ mei_cl_flush_queues(cl, NULL); mei_cl_unlink(cl); -- 2.18.0

7 years, 1 month

1
0
0 0

patch "mei: ignore not found client in the enumeration" added to char-misc-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled mei: ignore not found client in the enumeration to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 8d2d8935d30cc2acc57a3196dc10dfa8d5cbcdab Mon Sep 17 00:00:00 2001 From: Alexander Usyskin <alexander.usyskin(a)intel.com> Date: Mon, 6 Aug 2018 17:47:33 +0300 Subject: mei: ignore not found client in the enumeration Some of the ME clients are available only for BIOS operation and are removed during hand off to an OS. However the removal is not instant. A client may be visible on the client list when the mei driver requests for enumeration, while the subsequent request for properties will be answered with client not found error value. The default behavior for an error is to perform client reset while this error is harmless and the link reset should be prevented. This issue started to be visible due to suspend/resume timing changes. Currently reported only on the Haswell based system. Fixes: [33.564957] mei_me 0000:00:16.0: hbm: properties response: wrong status = 1 CLIENT_NOT_FOUND [33.564978] mei_me 0000:00:16.0: mei_irq_read_handler ret = -71. [33.565270] mei_me 0000:00:16.0: unexpected reset: dev_state = INIT_CLIENTS fw status = 1E000255 60002306 00000200 00004401 00000000 00000010 Cc: <stable(a)vger.kernel.org> Reported-by: Heiner Kallweit <hkallweit1(a)gmail.com> Signed-off-by: Alexander Usyskin <alexander.usyskin(a)intel.com> Signed-off-by: Tomas Winkler <tomas.winkler(a)intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/misc/mei/hbm.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/drivers/misc/mei/hbm.c b/drivers/misc/mei/hbm.c index 09e233d4c0de..e56f3e72d57a 100644 --- a/drivers/misc/mei/hbm.c +++ b/drivers/misc/mei/hbm.c @@ -1161,15 +1161,18 @@ int mei_hbm_dispatch(struct mei_device *dev, struct mei_msg_hdr *hdr) props_res = (struct hbm_props_response *)mei_msg; - if (props_res->status) { + if (props_res->status == MEI_HBMS_CLIENT_NOT_FOUND) { + dev_dbg(dev->dev, "hbm: properties response: %d CLIENT_NOT_FOUND\n", + props_res->me_addr); + } else if (props_res->status) { dev_err(dev->dev, "hbm: properties response: wrong status = %d %s\n", props_res->status, mei_hbm_status_str(props_res->status)); return -EPROTO; + } else { + mei_hbm_me_cl_add(dev, props_res); } - mei_hbm_me_cl_add(dev, props_res); - /* request property for the next client */ if (mei_hbm_prop_req(dev, props_res->me_addr + 1)) return -EIO; -- 2.18.0

7 years, 1 month

1
0
0 0

Re: [PATCH] x86/EISA: Don't probe EISA bus for Xen PV guests

by Boris Ostrovsky

On 9/11/18 4:20 PM, Thomas Gleixner wrote: > On Tue, 11 Sep 2018, Boris Ostrovsky wrote: > >> For unprivileged Xen PV guests this is normal memory and ioremap will >> not be able to properly map it. >> >> While at it, since ioremap may return NULL, add a test for pointer's >> validity. > I assume this goes back to very dead kernels, so that should go with a Cc > stable, right? > Yes, I forgot to add those (and now I did), thanks for pointing this out. It has to go at least all the way back to 4.13 since before f7eaf6e00fd58 ("x86/boot: Move EISA setup to a separate file"), just by luck, early_ioremap() worked for the guests. -boris

7 years, 1 month

1
0
0 0

[PATCH for-rc 0/2] IB/hfi1: RC patches

by Dennis Dalessandro

Hi Doug and Jason, Here are two patches that should probably land in the RC. The first one ensures we don't index beyond the end of an array. The other is more subtle but arguably more important. The bug it fixes results in incorrect IRQ bits to be set and the result is we do not get an interrupt for an error and have to wait for another interrupt to fire to see said error. --- Dennis Dalessandro (1): IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds Michael J. Ruhl (1): IB/hfi1: set_intr_bits uses incorrect source for register modification drivers/infiniband/hw/hfi1/chip.c | 2 +- drivers/infiniband/ulp/opa_vnic/opa_vnic_encap.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) -- -Denny

7 years, 1 month

2
5
0 0

[PATCH 4.4 000/124] 4.4.146-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.146 release. There are 124 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon Aug 6 08:26:39 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.146-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.146-rc1 Tony Battersby <tonyb(a)cybernetics.com> scsi: sg: fix minor memory leak in error path Herbert Xu <herbert(a)gondor.apana.org.au> crypto: padlock-aes - Fix Nano workaround data corruption Roman Kagan <rkagan(a)virtuozzo.com> kvm: x86: vmx: fix vpid leak Jiang Biao <jiang.biao2(a)zte.com.cn> virtio_balloon: fix another race between migration and ballooning Jeremy Cline <jcline(a)redhat.com> net: socket: fix potential spectre v1 gadget in socketcall Anton Vasilyev <vasilyev(a)ispras.ru> can: ems_usb: Fix memory leak on ems_usb_disconnect() Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: more metadata hardenings Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: more metadata hardening Jeremy Cline <jcline(a)redhat.com> netlink: Fix spectre v1 gadget in netlink_create() Florian Fainelli <f.fainelli(a)gmail.com> net: dsa: Do not suspend/resume closed slave_dev Eric Dumazet <edumazet(a)google.com> inet: frag: enforce memory limits earlier Eric Dumazet <edumazet(a)google.com> tcp: add one more quick ack after after ECN events Yousuk Seung <ysseung(a)google.com> tcp: refactor tcp_ecn_check_ce to remove sk type cast Eric Dumazet <edumazet(a)google.com> tcp: do not aggressively quick ack after ECN events Eric Dumazet <edumazet(a)google.com> tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode Eric Dumazet <edumazet(a)google.com> tcp: do not force quickack when receiving out-of-order packets Eugeniy Paltsev <Eugeniy.Paltsev(a)synopsys.com> NET: stmmac: align DMA stuff to largest cache line length Dmitry Safonov <dima(a)arista.com> netlink: Don't shift with UB on nlk->ngroups Dmitry Safonov <dima(a)arista.com> netlink: Do not subscribe to non-existent groups Xiao Liang <xiliang(a)redhat.com> xen-netfront: wait xenbus state change when load module manually Stefan Wahren <stefan.wahren(a)i2se.com> net: lan78xx: fix rx handling before first packet is send tangpengpeng <tangpengpeng(a)higon.com> net: fix amd-xgbe flow-control issue Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> ipv4: remove BUG_ON() from fib_compute_spec_dst Andrea Adami <andrea.adami(a)gmail.com> ASoC: pxa: Fix module autoload for platform drivers Eric Engestrom <eric.engestrom(a)imgtec.com> dmaengine: pxa_dma: remove duplicate const qualifier Theodore Ts'o <tytso(a)mit.edu> ext4: check for allocation block validity with block group locked Theodore Ts'o <tytso(a)mit.edu> ext4: fix inline data updates with checksums enabled Linus Torvalds <torvalds(a)linux-foundation.org> squashfs: be more careful about metadata corruption Theodore Ts'o <tytso(a)mit.edu> random: mix rdrand with entropy sent in from userspace José Roberto de Souza <jose.souza(a)intel.com> drm: Add DP PSR2 sink enable bit Mauro Carvalho Chehab <mchehab(a)s-opensource.com> media: si470x: fix __be16 annotations Shivasharan S <shivasharan.srikanteshwara(a)broadcom.com> scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Xose Vazquez Perez <xose.vazquez(a)gmail.com> scsi: scsi_dh: replace too broad "TP9" string with the exact models Suman Anna <s-anna(a)ti.com> media: omap3isp: fix unbalanced dma_iommu_mapping Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authenc - don't leak pointers to authenc keys Tudor-Dan Ambarus <tudor.ambarus(a)microchip.com> crypto: authencesn - don't leak pointers to authenc keys Dominik Bozek <dominikx.bozek(a)intel.com> usb: hub: Don't wait for connect state at resume for powered-off ports Michal Simek <michal.simek(a)xilinx.com> microblaze: Fix simpleImage format generation Ondrej Mosnáček <omosnace(a)redhat.com> audit: allow not equal op for audit by executable Siva Rebbagondla <siva.rebbagondla(a)redpinesignals.com> rsi: Fix 'invalid vdd' warning in mmc Chris Novakovic <chris(a)chrisn.me.uk> ipconfig: Correctly initialise ic_nameservers Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Apply interrupts mask per SoC Dmitry Osipenko <digetx(a)gmail.com> memory: tegra: Do not handle spurious interrupts Takashi Sakamoto <o-takashi(a)sakamocchi.jp> ALSA: hda/ca0132: fix build failure when a local macro is defined Satendra Singh Thakur <satendra.t(a)samsung.com> drm/atomic: Handling the case when setting old crtc for plane Mauro Carvalho Chehab <mchehab(a)s-opensource.com> media: siano: get rid of __le32/__le16 cast warnings Jakub Kicinski <jakub.kicinski(a)netronome.com> bpf: fix references to free_bpf_prog_info() in comments Bartlomiej Zolnierkiewicz <b.zolnierkie(a)samsung.com> thermal: exynos: fix setting rising_threshold for Exynos5433 Dan Carpenter <dan.carpenter(a)oracle.com> scsi: megaraid: silence a static checker bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-xxxx: fix a missing-check bug Wenwen Wang <wang6495(a)umn.edu> scsi: 3w-9xxx: fix a missing-check bug Thomas Richter <tmricht(a)linux.ibm.com> perf: fix invalid bit in diagnostic entry Thomas Richter <tmricht(a)linux.ibm.com> s390/cpum_sf: Add data entry sizes to sampling trailer entry Sean Lanigan <sean(a)lano.id.au> brcmfmac: Add support for bcm43364 wireless chipset Jane Wan <Jane.Wan(a)nokia.com> mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Brad Love <brad(a)nextdimension.cc> media: saa7164: Fix driver name in debug output Damien Le Moal <damien.lemoal(a)wdc.com> libata: Fix command retry decision Wei Yongjun <yongjun_wei(a)trendmicro.com.cn> media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Marc Zyngier <marc.zyngier(a)arm.com> dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA DaeRyong Jeong <threeearcat(a)gmail.com> tty: Fix data race in tty_insert_flip_string_fixed_flag Dmitry Torokhov <dtor(a)chromium.org> HID: i2c-hid: check if device is there before really probing Jonathan Neuschäfer <j.neuschaefer(a)gmx.net> powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet Luc Van Oostenryck <luc.vanoostenryck(a)gmail.com> drm/radeon: fix mode_valid's return type Terry Junge <terry.junge(a)plantronics.com> HID: hid-plantronics: Re-resend Update to map button for PTT products Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Colin Ian King <colin.king(a)canonical.com> media: smiapp: fix timeout checking in smiapp_read_nvm Yufen Yu <yuyufen(a)huawei.com> md: fix NULL dereference of mddev->pers in remove_and_add_spares() Anson Huang <Anson.Huang(a)nxp.com> regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Takashi Iwai <tiwai(a)suse.de> ALSA: emu10k1: Rate-limit error messages about page errors Maya Erez <merez(a)codeaurora.org> scsi: ufs: fix exception event handling Xinming Hu <huxm(a)marvell.com> mwifiex: correct histogram data with appropriate index Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI: pciehp: Request control of native hotplug only if supported Julia Lawall <Julia.Lawall(a)lip6.fr> pinctrl: at91-pio4: add missing of_node_put Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/8xx: fix invalid register expression in head_8xx.S Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Mark variable x as unused Mathieu Malaterre <malat(a)debian.org> powerpc/powermac: Add missing prototype for note_bootable_part() Mathieu Malaterre <malat(a)debian.org> powerpc/chrp/time: Make some functions static, add missing header include Mathieu Malaterre <malat(a)debian.org> powerpc/32: Add a missing include header Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bahamas Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Bermuda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Serbia Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Tanzania Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for Uganda Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL2_FCCA Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for APL13_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for ETSI8_WORLD Sven Eckelmann <sven.eckelmann(a)openmesh.com> ath: Add regulatory mapping for FCC3_ETSIC Christoph Hellwig <hch(a)lst.de> PCI: Prevent sysfs disable of device while driver is attached Qu Wenruo <wqu(a)suse.com> btrfs: qgroup: Finish rescan when hit the last leaf of extent tree David Sterba <dsterba(a)suse.com> btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Hans Verkuil <hans.verkuil(a)cisco.com> media: videobuf2-core: don't call memop 'finish' when queueing Eyal Reizer <eyalreizer(a)gmail.com> wlcore: sdio: check for valid platform device data before suspend Ganapathi Bhat <gbhat(a)marvell.com> mwifiex: handle race during mwifiex_usb_disconnect Vincent Palatin <vpalatin(a)chromium.org> mfd: cros_ec: Fail early if we cannot identify the EC Kai Chieh Chuang <kaichieh.chuang(a)mediatek.com> ASoC: dpcm: fix BE dai not hw_free and shutdown Jian-Hong Pan <jian-hong(a)endlessm.com> Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Thierry Escande <thierry.escande(a)linaro.org> Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Shaul Triebitz <shaul.triebitz(a)intel.com> iwlwifi: pcie: fix race in Rx buffer allocator Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check for NHM Kan Liang <kan.liang(a)intel.com> perf/x86/intel/uncore: Correct fixed counter index check in generic code Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip: usbip_detach: Fix memory, udev context and udev leak Chao Yu <yuchao0(a)huawei.com> f2fs: fix to don't trigger writeback during recovery Anatoly Pugachev <matorola(a)gmail.com> disable loading f2fs module on PAGE_SIZE > 4KB Leon Romanovsky <leonro(a)mellanox.com> RDMA/mad: Convert BUG_ONs to error flows Nicholas Piggin <npiggin(a)gmail.com> powerpc/64s: Fix compiler store ordering to SLB shadow area Stewart Smith <stewart(a)linux.ibm.com> hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Cong Wang <xiyou.wangcong(a)gmail.com> infiniband: fix a possible use-after-free bug Jozsef Kadlecsik <kadlec(a)blackhole.kfki.hu> netfilter: ipset: List timing out entries with "timeout 1" instead of zero Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: ensure rtc_set_alarm fails when alarms are not supported Mathieu Malaterre <malat(a)debian.org> mm/slub.c: add __printf verification to slab_err() Chintan Pandya <cpandya(a)codeaurora.org> mm: vmalloc: avoid racy handling of debugobjects in vunmap Scott Mayhew <smayhew(a)redhat.com> nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: fm801: add error handling for snd_ctl_add Zhouyang Jia <jiazhouyang09(a)gmail.com> ALSA: emu10k1: add error handling for snd_ctl_add Juergen Gross <jgross(a)suse.com> xen/netfront: raise max number of slots in xennet_get_responses() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Quiet gcc warning about maybe unused link variable Artem Savkov <asavkov(a)redhat.com> tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix possible double free in event_enable_trigger_func() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix double free of event_trigger_data KT Liao <kt.liao(a)emc.com.tw> Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST Chen-Yu Tsai <wens(a)csie.org> Input: i8042 - add Lenovo LaVie Z to the i8042 reset list Donald Shanty III <dshanty(a)protonmail.com> Input: elan_i2c - add ACPI ID for lenovo ideapad 330 Paul Burton <paul.burton(a)mips.com> MIPS: Fix off-by-one in pci_resource_to_user() ------------- Diffstat: Makefile | 4 +- arch/microblaze/boot/Makefile | 10 +++-- arch/mips/include/asm/pci.h | 2 +- arch/powerpc/kernel/head_8xx.S | 2 +- arch/powerpc/kernel/pci_32.c | 1 + arch/powerpc/mm/slb.c | 8 ++-- arch/powerpc/platforms/chrp/time.c | 6 ++- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 +++ arch/powerpc/platforms/powermac/bootx_init.c | 4 +- arch/powerpc/platforms/powermac/setup.c | 1 + arch/s390/include/asm/cpu_mf.h | 6 ++- arch/x86/kernel/cpu/perf_event_intel_uncore.c | 2 +- .../x86/kernel/cpu/perf_event_intel_uncore_nhmex.c | 2 +- arch/x86/kvm/vmx.c | 7 ++-- crypto/authenc.c | 1 + crypto/authencesn.c | 1 + drivers/acpi/pci_root.c | 4 +- drivers/ata/libata-eh.c | 12 ++++-- drivers/bluetooth/btusb.c | 3 ++ drivers/bluetooth/hci_qca.c | 2 +- drivers/char/random.c | 10 ++++- drivers/crypto/padlock-aes.c | 8 +++- drivers/dma/pxa_dma.c | 2 +- drivers/gpu/drm/drm_atomic.c | 4 +- drivers/gpu/drm/gma500/psb_intel_drv.h | 2 +- drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 +- drivers/gpu/drm/radeon/radeon_connectors.c | 10 ++--- drivers/hid/hid-plantronics.c | 6 ++- drivers/hid/i2c-hid/i2c-hid.c | 8 ++++ drivers/infiniband/core/mad.c | 11 +++-- drivers/infiniband/core/ucma.c | 6 ++- drivers/input/mouse/elan_i2c_core.c | 2 + drivers/input/serio/i8042-x86ia64io.h | 7 ++++ drivers/md/md.c | 3 ++ drivers/media/common/siano/smsendian.c | 14 +++---- drivers/media/i2c/smiapp/smiapp-core.c | 11 +++-- drivers/media/pci/saa7164/saa7164-fw.c | 3 +- drivers/media/platform/omap3isp/isp.c | 7 ++-- drivers/media/platform/rcar_jpu.c | 4 +- drivers/media/radio/si470x/radio-si470x-i2c.c | 6 +-- drivers/media/v4l2-core/videobuf2-core.c | 9 ++-- drivers/memory/tegra/mc.c | 22 +++------- drivers/memory/tegra/mc.h | 9 ++++ drivers/memory/tegra/tegra114.c | 2 + drivers/memory/tegra/tegra124.c | 6 +++ drivers/memory/tegra/tegra210.c | 3 ++ drivers/memory/tegra/tegra30.c | 2 + drivers/mfd/cros_ec.c | 6 ++- drivers/mtd/nand/fsl_ifc_nand.c | 17 ++++---- drivers/net/can/usb/ems_usb.c | 1 + drivers/net/ethernet/amd/xgbe/xgbe-mdio.c | 4 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/usb/lan78xx.c | 2 + drivers/net/wireless/ath/regd.h | 5 +++ drivers/net/wireless/ath/regd_common.h | 13 ++++++ drivers/net/wireless/brcm80211/brcmfmac/bcmsdh.c | 1 + drivers/net/wireless/iwlwifi/pcie/rx.c | 2 + drivers/net/wireless/mwifiex/usb.c | 3 ++ drivers/net/wireless/mwifiex/util.c | 8 ++-- drivers/net/wireless/rsi/rsi_91x_sdio.c | 2 - drivers/net/wireless/ti/wlcore/sdio.c | 5 +++ drivers/net/xen-netfront.c | 10 ++++- drivers/pci/pci-sysfs.c | 15 ++++--- drivers/pinctrl/pinctrl-at91-pio4.c | 4 +- drivers/regulator/pfuze100-regulator.c | 1 + drivers/rtc/interface.c | 5 +++ drivers/scsi/3w-9xxx.c | 5 +++ drivers/scsi/3w-xxxx.c | 3 ++ drivers/scsi/megaraid.c | 3 ++ drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 ++ drivers/scsi/scsi_dh.c | 5 ++- drivers/scsi/sg.c | 1 + drivers/scsi/ufs/ufshcd.c | 2 + drivers/thermal/samsung/exynos_tmu.c | 1 + drivers/tty/hvc/hvc_opal.c | 1 - drivers/tty/pty.c | 3 ++ drivers/usb/core/hub.c | 4 ++ drivers/virtio/virtio_balloon.c | 2 + fs/btrfs/qgroup.c | 19 +++++++++ fs/btrfs/tree-log.c | 10 ++++- fs/ext4/balloc.c | 3 ++ fs/ext4/ialloc.c | 3 ++ fs/ext4/inline.c | 19 +++++---- fs/ext4/inode.c | 16 ++++---- fs/f2fs/segment.c | 3 ++ fs/f2fs/super.c | 6 +++ fs/nfsd/nfs4xdr.c | 2 + fs/squashfs/block.c | 2 + fs/squashfs/cache.c | 3 ++ fs/squashfs/file.c | 8 +++- fs/squashfs/fragment.c | 17 ++++---- fs/squashfs/squashfs_fs.h | 6 +++ fs/squashfs/squashfs_fs_sb.h | 1 + fs/squashfs/super.c | 5 ++- include/drm/drm_dp_helper.h | 1 + include/linux/dma-iommu.h | 1 + include/linux/mmc/sdio_ids.h | 1 + include/linux/netfilter/ipset/ip_set_timeout.h | 10 ++++- include/net/tcp.h | 2 +- include/soc/tegra/mc.h | 2 + kernel/auditfilter.c | 2 +- kernel/auditsc.c | 2 + kernel/bpf/verifier.c | 4 +- kernel/trace/trace_events_trigger.c | 18 +++++--- kernel/trace/trace_kprobe.c | 15 ++++++- mm/slub.c | 2 +- mm/vmalloc.c | 3 +- net/dsa/slave.c | 6 +++ net/ipv4/fib_frontend.c | 4 +- net/ipv4/inet_fragment.c | 10 ++--- net/ipv4/ipconfig.c | 13 ++++++ net/ipv4/tcp_dctcp.c | 4 +- net/ipv4/tcp_input.c | 48 +++++++++++----------- net/netlink/af_netlink.c | 7 ++++ net/socket.c | 2 + sound/pci/emu10k1/emupcm.c | 4 +- sound/pci/emu10k1/memory.c | 6 +-- sound/pci/fm801.c | 16 ++++++-- sound/pci/hda/patch_ca0132.c | 8 +++- sound/soc/pxa/brownstone.c | 1 + sound/soc/pxa/mioa701_wm9713.c | 1 + sound/soc/pxa/mmp-pcm.c | 1 + sound/soc/pxa/mmp-sspa.c | 1 + sound/soc/pxa/palm27x.c | 1 + sound/soc/pxa/pxa-ssp.c | 1 + sound/soc/pxa/pxa2xx-ac97.c | 1 + sound/soc/pxa/pxa2xx-pcm.c | 1 + sound/soc/soc-pcm.c | 6 ++- sound/usb/pcm.c | 2 +- tools/usb/usbip/src/usbip_detach.c | 9 ++-- 130 files changed, 532 insertions(+), 208 deletions(-)

7 years, 1 month

10
143
0 0

[PATCH] of: fix phandle cache creation for DTs with no phandles

by Rob Herring

With commit 0b3ce78e90fc ("of: cache phandle nodes to reduce cost of of_find_node_by_phandle()"), a G3 PowerMac fails to boot. The root cause is the DT for this system has no phandle properties when booted with BootX. of_populate_phandle_cache() does not handle the case of no phandles correctly. The problem is roundup_pow_of_two() for 0 is undefined. The implementation subtracts 1 underflowing and then things are in the weeds. Fixes: 0b3ce78e90fc ("of: cache phandle nodes to reduce cost of of_find_node_by_phandle()") Cc: stable(a)vger.kernel.org # 4.17+ Reported-by: Finn Thain <fthain(a)telegraphics.com.au> Tested-by: Stan Johnson <userm57(a)yahoo.com> Cc: Frank Rowand <frowand.list(a)gmail.com> Cc: Benjamin Herrenschmidt <benh(a)kernel.crashing.org> Signed-off-by: Rob Herring <robh(a)kernel.org> --- Here's a formal patch of what Stan tested. Will send to Linus this week. Rob drivers/of/base.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/of/base.c b/drivers/of/base.c index a055cd1ef96d..17ae594b7014 100644 --- a/drivers/of/base.c +++ b/drivers/of/base.c @@ -140,6 +140,9 @@ void of_populate_phandle_cache(void) if (np->phandle && np->phandle != OF_PHANDLE_ILLEGAL) phandles++; + if (!phandles) + goto out; + cache_entries = roundup_pow_of_two(phandles); phandle_cache_mask = cache_entries - 1; -- 2.17.1

7 years, 1 month

2
1
0 0

[GIT PULL] commits for Linux 4.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 96158f3a9e7027056a2e35cff5212434294b3b34: Linux 4.18.5 (2018-08-24 13:04:51 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.18-10092018 for you to fetch changes up to 3b1e50a5e5450260aeb29ff819b638cd90e5ec80: btrfs: fix mount and ioctl device scan ioctl race (2018-09-06 20:20:27 -0400) - ---------------------------------------------------------------- for-greg-4.18-10092018 - ---------------------------------------------------------------- Aleh Filipovich (1): platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Anand Jain (5): btrfs: fix in-memory value of total_devices after seed device deletion btrfs: do btrfs_free_stale_devices outside of device_list_add btrfs: extend locked section when adding a new device in device_list_add btrfs: rename local devices for fs_devices in btrfs_free_stale_devices( btrfs: use device_list_mutex when removing stale devices Andrey Ryabinin (1): mm/fadvise.c: fix signed overflow UBSAN complaint Anton Vasilyev (1): pinctrl: axp209: Fix NULL pointer dereference after allocation Arnd Bergmann (3): fs/proc/vmcore.c: hide vmcoredd_mmap_dumps() for nommu builds reiserfs: change j_timestamp type to time64_t x86/mce: Add notifier_block forward declaration Aurelien Aptel (1): CIFS: fix memory leak and remove dead code Bart Van Assche (2): cfq: Suppress compiler warnings about comparisons btrfs: Fix a C compliance issue Benno Evers (1): perf tools: Check for null when copying nsinfo. Breno Leitao (1): selftests/powerpc: Kill child processes on SIGINT Chao Yu (3): f2fs: avoid race between zero_range and background GC f2fs: fix avoid race between truncate and background GC f2fs: fix to clear PG_checked flag in set_page_dirty() Dan Carpenter (4): apparmor: fix an error code in __aa_create_ns() irqchip/stm32: Fix init error handling powerpc: Fix size calculation using resource_size() scsi: aic94xx: fix an error code in aic94xx_init() Daniel Borkmann (5): bpf, sockmap: fix map elem deletion race with smap_stop_sock tcp, ulp: fix leftover icsk_ulp_ops preventing sock from reattach bpf, sockmap: fix sock_map_ctx_update_elem race with exist/noexist bpf, sockmap: fix leakage of smap_psock_map_entry tcp, ulp: add alias for all ulp modules David Francis (1): drm/amd/display: Read back max backlight value at boot David Sterba (5): btrfs: lift uuid_mutex to callers of btrfs_open_devices btrfs: lift uuid_mutex to callers of btrfs_scan_one_device btrfs: lift uuid_mutex to callers of btrfs_parse_early_options btrfs: reorder initialization before the mount locks uuid_mutex btrfs: fix mount and ioctl device scan ioctl race Denis Efremov (1): coccicheck: return proper error code on fail Dmitry Torokhov (1): Input: do not use WARN() in input_alloc_absinfo() Erik Schmauss (1): ACPICA: ACPICA: add status check for acpi_hw_read before assigning return value Ernesto A. FernÃ¡ndez (2): hfs: prevent crash on exit from failed search hfsplus: fix NULL dereference in hfsplus_lookup() Florian Westphal (2): netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses netfilter: fix memory leaks on netlink_dump_start error Gal Pressman (1): RDMA/hns: Fix usage of bitmap allocation functions return values Greg Edwards (1): block: bvec_nr_vecs() returns value for wrong slab Guenter Roeck (1): mfd: sm501: Set coherent_dma_mask when creating subdevices Hans de Goede (2): i2c: core: ACPI: Make acpi_gsb_i2c_read_bytes() check i2c_transfer return value ACPI / scan: Initialize status to ACPI_STA_DEFAULT Ian Abbott (1): staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice James Morse (1): fs/proc/kcore.c: use __pa_symbol() for KCORE_TEXT list entries Jann Horn (1): fork: don't copy inconsistent signal handler state to child Jean-Philippe Brucker (1): net/9p: fix error path of p9_virtio_probe Jens Axboe (1): block: don't warn for flush on read-only device Jerome Brunet (1): pwm: meson: Fix mux clock names Jesper Dangaard Brouer (1): samples/bpf: all XDP samples should unload xdp/bpf prog on SIGTERM Jian Shen (1): net: hns3: Fix for phy link issue when using marvell phy driver Jianchao Wang (1): blk-mq: count the hctx as active before allocating tag Jim Mattson (1): kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 Jiri Olsa (1): perf python: Fix pyrf_evlist__read_on_cpu() interface Johannes Berg (2): workqueue: skip lockdep wq dependency in cancel_work_sync() workqueue: re-add lockdep dependencies for flushing John Pittman (1): dm kcopyd: avoid softlockup in run_complete_job Jonas Gorski (1): irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Kim Phillips (1): perf arm spe: Fix uninitialized record error variable Laura Abbott (1): sunrpc: Don't use stack buffer with scatterlist Levin Du (1): clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 Lucas Stach (1): drm/etnaviv: fix crash in GPU suspend when init failed due to buffer placement Mahesh Salgaonkar (1): powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Marc Zyngier (4): iommu/rockchip: Handle errors returned from PM framework iommu/rockchip: Move irq request past pm_runtime_enable arm64: rockchip: Force CONFIG_PM on Rockchip systems ARM: rockchip: Force CONFIG_PM on Rockchip systems Masahiro Yamada (1): um: fix parallel building with O= option Matthias Kaehlcke (1): ASoC: rt5677: Fix initialization of rt5677_of_match.data Michael Ellerman (2): powerpc/uaccess: Enable get_user(u64, *p) on 32-bit powerpc/64s: Make rfi_flush_fallback a little more robust Michael J. Ruhl (1): IB/hfi1: Invalid NUMA node information can cause a divide by zero Michal Hocko (1): netfilter: x_tables: do not fail xt_alloc_table_info too easilly Mike Rapoport (1): mm: make DEFERRED_STRUCT_PAGE_INIT explicitly depend on SPARSEMEM Misono Tomohiro (1): btrfs: replace: Reset on-disk dev stats value after replace Myron Stowe (1): PCI: Match Root Port's MPS to endpoint's MPSS as necessary Nicholas Kazlauskas (1): drm/amd/display: Guard against null crtc in CRC IRQ OGAWA Hirofumi (1): fat: validate ->i_start before using Palmer Dabbelt (1): RISC-V: Use KBUILD_CFLAGS instead of KCFLAGS when building the vDSO Peter Zijlstra (1): mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE Philipp Rudo (1): s390/kdump: Fix memleak in nt_vmcoreinfo Qu Wenruo (5): btrfs: Exit gracefully when chunk map cannot be inserted to the tree btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized btrfs: tree-checker: Detect invalid and empty essential trees btrfs: check-integrity: Fix NULL pointer dereference for degraded mount btrfs: Don't remove block group that still has pinned down bytes Ralf Goebel (1): iommu/omap: Fix cache flushes on L2 table entries Randy Dunlap (3): scripts: modpost: check memory allocation results platform/x86: intel_punit_ipc: fix build errors powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning Richard Weinberger (1): ubi: Initialize Fastmap checkmapping correctly Roger Pau Monne (1): xen/balloon: fix balloon initialization for PVH Dom0 Ronnie Sahlberg (1): cifs: check if SMB2 PDU size has been padded and suppress the warning Sandipan Das (1): perf probe powerpc: Fix trace event post-processing Sean Christopherson (1): KVM: vmx: track host_state.loaded using a loaded_vmcs pointer Srikar Dronamraju (1): powerpc/topology: Get topology for shared processors at boot Stefan Haberland (2): s390/dasd: fix hanging offline processing due to canceled worker s390/dasd: fix panic for failed online processing Steve French (3): smb3: fix reset of bytes read and written stats SMB3: Number of requests sent should be displayed for SMB3 not just CIFS smb3: if server does not support posix do not allow posix mount option Suzuki K Poulose (1): virtio: pci-legacy: Validate queue pfn Tan Hu (1): ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Tariq Toukan (1): net/xdp: Fix suspicious RCU usage warning Tetsuo Handa (2): hfsplus: don't return 0 when fill_super() failed fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Thomas Petazzoni (1): PCI: mvebu: Fix I/O space end address calculation Tomas Bortoli (1): net/9p/trans_fd.c: fix race by holding the lock Vasily Gorbik (1): tracing: Handle CC_FLAGS_FTRACE more accurately Wei Yongjun (1): NFSv4: Fix error handling in nfs4_sp4_select_mode() Winnie Chang (1): brcmfmac: fix brcmf_wiphy_wowl_params() NULL pointer dereference Xi Wang (1): net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero Yonghong Song (1): bpf: fix bpffs non-array map seq_show issue YueHaibing (1): RDS: IB: fix 'passing zero to ERR_PTR()' warning nixiaoming (1): selinux: cleanup dentry and inodes on error in selinuxfs Makefile | 11 +- arch/Kconfig | 3 + arch/arm/mach-rockchip/Kconfig | 1 + arch/arm64/Kconfig.platforms | 1 + arch/powerpc/include/asm/topology.h | 5 + arch/powerpc/include/asm/uaccess.h | 13 ++- arch/powerpc/kernel/exceptions-64s.S | 6 ++ arch/powerpc/kernel/smp.c | 5 + arch/powerpc/mm/numa.c | 20 ++-- arch/powerpc/platforms/85xx/t1042rdb_diu.c | 4 + arch/powerpc/platforms/pseries/ras.c | 2 +- arch/powerpc/sysdev/mpic_msgr.c | 2 +- arch/riscv/kernel/vdso/Makefile | 4 +- arch/s390/kernel/crash_dump.c | 17 ++- arch/um/Makefile | 3 +- arch/x86/Kconfig | 1 + arch/x86/include/asm/mce.h | 1 + arch/x86/kvm/vmx.c | 26 +++-- block/bio.c | 2 +- block/blk-core.c | 4 +- block/blk-mq-tag.c | 3 + block/blk-mq.c | 8 +- block/cfq-iosched.c | 22 ++-- drivers/acpi/acpica/hwregs.c | 9 +- drivers/acpi/scan.c | 5 +- drivers/clk/rockchip/clk-rk3399.c | 1 + drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 1 + .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_crc.c | 10 +- drivers/gpu/drm/etnaviv/etnaviv_gpu.c | 1 + drivers/i2c/i2c-core-acpi.c | 8 +- drivers/infiniband/hw/hfi1/affinity.c | 24 ++++- drivers/infiniband/hw/hns/hns_roce_pd.c | 2 +- drivers/infiniband/hw/hns/hns_roce_qp.c | 5 +- drivers/input/input.c | 16 ++- drivers/iommu/omap-iommu.c | 4 +- drivers/iommu/rockchip-iommu.c | 45 +++++--- drivers/irqchip/irq-bcm7038-l1.c | 4 + drivers/irqchip/irq-stm32-exti.c | 25 ++--- drivers/md/dm-kcopyd.c | 2 + drivers/mfd/sm501.c | 1 + drivers/mtd/ubi/vtbl.c | 20 ++-- .../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 2 +- .../ethernet/hisilicon/hns3/hns3pf/hclge_mdio.c | 2 + .../broadcom/brcm80211/brcmfmac/cfg80211.c | 8 +- drivers/pci/controller/pci-mvebu.c | 2 +- drivers/pci/probe.c | 12 ++- drivers/pinctrl/pinctrl-axp209.c | 26 +++-- drivers/platform/x86/asus-nb-wmi.c | 1 + drivers/platform/x86/intel_punit_ipc.c | 1 + drivers/pwm/pwm-meson.c | 3 +- drivers/s390/block/dasd_eckd.c | 10 +- drivers/scsi/aic94xx/aic94xx_init.c | 4 +- drivers/staging/comedi/drivers/ni_mio_common.c | 3 +- drivers/virtio/virtio_pci_legacy.c | 14 ++- drivers/xen/xen-balloon.c | 2 +- fs/btrfs/check-integrity.c | 7 +- fs/btrfs/dev-replace.c | 6 ++ fs/btrfs/extent-tree.c | 2 +- fs/btrfs/relocation.c | 23 ++-- fs/btrfs/super.c | 44 +++++--- fs/btrfs/tree-checker.c | 15 ++- fs/btrfs/volumes.c | 94 ++++++++++------ fs/cifs/cifs_debug.c | 8 ++ fs/cifs/connect.c | 8 +- fs/cifs/smb2misc.c | 7 ++ fs/cifs/smb2pdu.c | 103 +++++++++--------- fs/dcache.c | 3 +- fs/f2fs/data.c | 8 ++ fs/f2fs/file.c | 48 ++++++--- fs/fat/cache.c | 19 ++-- fs/fat/fat.h | 5 + fs/fat/fatent.c | 6 +- fs/hfs/brec.c | 7 +- fs/hfsplus/dir.c | 4 +- fs/hfsplus/super.c | 4 +- fs/nfs/nfs4proc.c | 2 +- fs/proc/kcore.c | 4 +- fs/proc/vmcore.c | 2 + fs/reiserfs/reiserfs.h | 2 +- include/net/tcp.h | 4 + kernel/bpf/inode.c | 8 +- kernel/bpf/sockmap.c | 120 ++++++++++++--------- kernel/fork.c | 2 + kernel/workqueue.c | 45 +++++--- mm/Kconfig | 2 +- mm/fadvise.c | 8 +- mm/memory.c | 18 ++++ net/9p/trans_fd.c | 10 +- net/9p/trans_virtio.c | 3 +- net/core/xdp.c | 14 +-- net/ipv4/tcp_ulp.c | 4 +- net/ipv6/netfilter/ip6t_rpfilter.c | 12 ++- net/netfilter/ipvs/ip_vs_core.c | 15 ++- net/netfilter/nf_conntrack_netlink.c | 26 +++-- net/netfilter/nfnetlink_acct.c | 29 +++-- net/netfilter/x_tables.c | 7 +- net/rds/ib_frmr.c | 1 + net/sunrpc/auth_gss/gss_krb5_crypto.c | 12 ++- net/tls/tls_main.c | 1 + samples/bpf/xdp_redirect_cpu_user.c | 3 +- samples/bpf/xdp_rxq_info_user.c | 3 +- scripts/coccicheck | 5 +- scripts/mod/modpost.c | 8 +- security/apparmor/policy_ns.c | 2 +- security/selinux/selinuxfs.c | 33 ++++-- sound/soc/codecs/rt5677.c | 2 +- tools/perf/arch/arm64/util/arm-spe.c | 1 + tools/perf/arch/powerpc/util/sym-handling.c | 4 +- tools/perf/util/namespaces.c | 3 + tools/perf/util/python.c | 20 +++- tools/testing/selftests/powerpc/harness.c | 18 ++-- 111 files changed, 867 insertions(+), 444 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAluWf24ACgkQ3qZv95d3 LNxuFBAAr+l/WNnmTQhFbp5xDf2nIDxLkbO2rw+xfMvCx5XYSrFYEXpZJAiqZr0A a8dBrxraHh20ay2bdPp7W/63PwT0zP9SLQVqwUYrPWO41CTPFytmPLN5dPZiLoa1 YxTz+ytbW5/3PTKSkX46oHxC7yXEfKVxhN32cDQETFcHvjYXohN4aI5cGX2ePgDx VF1WRBEHm2jgZZdCAlY2vPStckijpc2/tSOFHCAXl7vk/PpL2sPuE4atGq7jzK4I 3saGuWSebQuvBy7Hx0P2E1BJpvu0HnJmdAK2ba2xjNclO7Yta6dwgi4KK0a1MsjS rnkDjNFtFw486zuBVwPxkP5B2sNC8YjJ6yuEeU6ExVwkByOFqk4lVJxuIZop9a+3 cncSrVQEYY1USbdmQKb5egVJXj0FgBA940OiP4egQV97nK4VXi70Pk+RhPbGGbvJ tZlqbi6P9ssqm257a2mnvRqB1P+lVA/eL/2wHU3HbUTnfTaXSISYsiYekL9iSWGR rGfj6LPhswXu7J9Q78Aplc1JAhiSFbF1wyY4LVcfFE+8cwtwzhrjx88OvT1YluEz uLE1NIwzRNWJOnF6Vvmhn+j2qNMv2nEcKTzaSSGYjB4A1TIZG5wYwJNBAxgHYfiv lRC4eaQz58Ggf+1F0tu7BhODb3ShEva9yb4MvDZM0WpsIX7Wt2s= =iX5M -----END PGP SIGNATURE-----

7 years, 1 month

2
1
0 0

Missing mei patches

by Georg Müller

Is there a chance of getting the two mei patches into 4.19 and 4.18.y? https://www.spinics.net/lists/stable/msg253484.html https://www.spinics.net/lists/stable/msg253485.html Bugzilla entries: https://bugzilla.kernel.org/show_bug.cgi?id=200455 https://bugzilla.redhat.com/show_bug.cgi?id=1597481 Even if maybe only a couple of systems are affected, this is causing a dead system on second suspend which could cause data loss. Maybe the patches were not merged because of a typo in the subject (4.9 instead of 4.19)? Best regards, Georg

7 years, 1 month

2
1
0 0

[PATCHv3 0/6] tty: Hold write ldisc sem in tty_reopen()

by Dmitry Safonov

Hi all, Three fixes that worth to have in the @stable, as we've hit them on v4.9 stable. And for linux-next - adding lockdep asserts for line discipline changing code, verifying that write ldisc sem will be held forthwith. The last patch is optional and probably, timeout can be dropped for read_lock(). I'll do it if everyone agrees. Rong Chen, could you kindly re-run this version to see if the lockup from v1 still happens? I wasn't able to reproduce it.. Thanks, Dima Changes since v2: - Added reviewed-by tags - Hopefully, fixed reported by 0-day issue. - Added optional fix for wait_readers decrement Changes since v1: - Added tested-by/reported-by tags - Dropped 3/4 (locking tty pair for lockdep sake), Because of that - not adding lockdep_assert_held() in tty_ldisc_open() - Added 4/4 cleanup to inc tty->count only on success of tty_ldisc_reinit() - lock ldisc without (5*HZ) timeout in tty_reopen() v1 link: lkml.kernel.org/r/<20180829022353.23568-1-dima(a)arista.com> Huuge cc list: Cc: Daniel Axtens <dja(a)axtens.net> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Michael Neuling <mikey(a)neuling.org> Cc: Mikulas Patocka <mpatocka(a)redhat.com> Cc: Nathan March <nathan(a)gt.net> Cc: Pasi Kärkkäinen <pasik(a)iki.fi> Cc: Peter Hurley <peter(a)hurleysoftware.com> Cc: "Rong, Chen" <rong.a.chen(a)intel.com> Cc: Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> Cc: Tan Xiaojun <tanxiaojun(a)huawei.com> Cc: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> (please, ignore if I Cc'ed you mistakenly) Dmitry Safonov (6): tty: Drop tty->count on tty_reopen() failure tty/ldsem: Update waiter->task before waking up reader tty: Hold tty_ldisc_lock() during tty_reopen() tty/lockdep: Add ldisc_sem asserts tty: Simplify tty->count math in tty_reopen() tty/ldsem: Decrement wait_readers on timeouted down_read() drivers/tty/tty_io.c | 12 ++++++++---- drivers/tty/tty_ldisc.c | 5 +++++ drivers/tty/tty_ldsem.c | 5 ++++- 3 files changed, 17 insertions(+), 5 deletions(-) -- 2.13.6

7 years, 1 month

5
12
0 0

[PATCH 04/26] drm/i915: Handle incomplete Z_FINISH for compressed error states

by Chris Wilson

The final call to zlib_deflate(Z_FINISH) may require more output space to be allocated and so needs to re-invoked. Failure to do so in the current code leads to incomplete zlib streams (albeit intact due to the use of Z_SYNC_FLUSH) resulting in the occasional short object capture. Testcase: igt/i915-error-capture.js Fixes: 0a97015d45ee ("drm/i915: Compress GPU objects in error state") Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Joonas Lahtinen <joonas.lahtinen(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> # v4.10+ --- drivers/gpu/drm/i915/i915_gpu_error.c | 60 +++++++++++++++++++++------ 1 file changed, 47 insertions(+), 13 deletions(-) diff --git a/drivers/gpu/drm/i915/i915_gpu_error.c b/drivers/gpu/drm/i915/i915_gpu_error.c index 2835cacd0d08..9789f4ff8c32 100644 --- a/drivers/gpu/drm/i915/i915_gpu_error.c +++ b/drivers/gpu/drm/i915/i915_gpu_error.c @@ -237,6 +237,7 @@ static int compress_page(struct compress *c, struct drm_i915_error_object *dst) { struct z_stream_s *zstream = &c->zstream; + int flush = Z_NO_FLUSH; zstream->next_in = src; if (c->tmp && i915_memcpy_from_wc(c->tmp, src, PAGE_SIZE)) @@ -257,8 +258,11 @@ static int compress_page(struct compress *c, zstream->avail_out = PAGE_SIZE; } - if (zlib_deflate(zstream, Z_SYNC_FLUSH) != Z_OK) + if (zlib_deflate(zstream, flush) != Z_OK) return -EIO; + + if (zstream->avail_out) + flush = Z_SYNC_FLUSH; } while (zstream->avail_in); /* Fallback to uncompressed if we increase size? */ @@ -268,19 +272,43 @@ static int compress_page(struct compress *c, return 0; } -static void compress_fini(struct compress *c, +static int compress_flush(struct compress *c, struct drm_i915_error_object *dst) { struct z_stream_s *zstream = &c->zstream; + unsigned long page; - if (dst) { - zlib_deflate(zstream, Z_FINISH); - dst->unused = zstream->avail_out; - } + do { + switch (zlib_deflate(zstream, Z_FINISH)) { + case Z_OK: /* more space requested */ + page = __get_free_page(GFP_ATOMIC | __GFP_NOWARN); + if (!page) + return -ENOMEM; + + dst->pages[dst->page_count++] = (void *)page; + zstream->next_out = (void *)page; + zstream->avail_out = PAGE_SIZE; + break; + case Z_STREAM_END: + goto end; + default: /* any error */ + return -EIO; + } + } while (1); + +end: + memset(zstream->next_out, 0, zstream->avail_out); + dst->unused = zstream->avail_out; + return 0; +} + +static void compress_fini(struct compress *c, + struct drm_i915_error_object *dst) +{ + struct z_stream_s *zstream = &c->zstream; zlib_deflateEnd(zstream); kfree(zstream->workspace); - if (c->tmp) free_page((unsigned long)c->tmp); } @@ -319,6 +347,12 @@ static int compress_page(struct compress *c, return 0; } +static int compress_flush(struct compress *c, + struct drm_i915_error_object *dst) +{ + return 0; +} + static void compress_fini(struct compress *c, struct drm_i915_error_object *dst) { @@ -951,15 +985,15 @@ i915_error_object_create(struct drm_i915_private *i915, if (ret) goto unwind; } - goto out; + if (compress_flush(&compress, dst)) { unwind: - while (dst->page_count--) - free_page((unsigned long)dst->pages[dst->page_count]); - kfree(dst); - dst = NULL; + while (dst->page_count--) + free_page((unsigned long)dst->pages[dst->page_count]); + kfree(dst); + dst = NULL; + } -out: compress_fini(&compress, dst); ggtt->vm.clear_range(&ggtt->vm, slot, PAGE_SIZE); return dst; -- 2.19.0.rc2

7 years, 1 month

1
0
0 0

[PATCH v4 02/10] usb: roles: Handle driver reference counting

by Heikki Krogerus

This fixes potential "BUG: unable to handle kernel paging request at ..." from happening. Fixes: fde0aa6c175a ("usb: common: Small class for USB role switches") Cc: <stable(a)vger.kernel.org> Signed-off-by: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> --- drivers/usb/common/roles.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/drivers/usb/common/roles.c b/drivers/usb/common/roles.c index 15cc76e22123..99116af07f1d 100644 --- a/drivers/usb/common/roles.c +++ b/drivers/usb/common/roles.c @@ -109,8 +109,15 @@ static void *usb_role_switch_match(struct device_connection *con, int ep, */ struct usb_role_switch *usb_role_switch_get(struct device *dev) { - return device_connection_find_match(dev, "usb-role-switch", NULL, - usb_role_switch_match); + struct usb_role_switch *sw; + + sw = device_connection_find_match(dev, "usb-role-switch", NULL, + usb_role_switch_match); + + if (!IS_ERR_OR_NULL(sw)) + WARN_ON(!try_module_get(sw->dev.parent->driver->owner)); + + return sw; } EXPORT_SYMBOL_GPL(usb_role_switch_get); @@ -122,8 +129,10 @@ EXPORT_SYMBOL_GPL(usb_role_switch_get); */ void usb_role_switch_put(struct usb_role_switch *sw) { - if (!IS_ERR_OR_NULL(sw)) + if (!IS_ERR_OR_NULL(sw)) { put_device(&sw->dev); + module_put(sw->dev.parent->driver->owner); + } } EXPORT_SYMBOL_GPL(usb_role_switch_put); -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH v4 01/10] usb: typec: Take care of driver module reference counting

by Heikki Krogerus

Functions typec_mux_get() and typec_switch_get() already make sure that the mux device reference count is incremented, but the same must be done to the driver module as well to prevent the drivers from being unloaded in the middle of operation. This fixes a potential "BUG: unable to handle kernel paging request at ..." from happening. Fixes: 93dd2112c7b2 ("usb: typec: mux: Get the mux identifier from function parameter") Cc: <stable(a)vger.kernel.org> Signed-off-by: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> --- drivers/usb/typec/mux.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/drivers/usb/typec/mux.c b/drivers/usb/typec/mux.c index ddaac63ecf12..d990aa510fab 100644 --- a/drivers/usb/typec/mux.c +++ b/drivers/usb/typec/mux.c @@ -9,6 +9,7 @@ #include <linux/device.h> #include <linux/list.h> +#include <linux/module.h> #include <linux/mutex.h> #include <linux/usb/typec_mux.h> @@ -49,8 +50,10 @@ struct typec_switch *typec_switch_get(struct device *dev) mutex_lock(&switch_lock); sw = device_connection_find_match(dev, "typec-switch", NULL, typec_switch_match); - if (!IS_ERR_OR_NULL(sw)) + if (!IS_ERR_OR_NULL(sw)) { + WARN_ON(!try_module_get(sw->dev->driver->owner)); get_device(sw->dev); + } mutex_unlock(&switch_lock); return sw; @@ -65,8 +68,10 @@ EXPORT_SYMBOL_GPL(typec_switch_get); */ void typec_switch_put(struct typec_switch *sw) { - if (!IS_ERR_OR_NULL(sw)) + if (!IS_ERR_OR_NULL(sw)) { + module_put(sw->dev->driver->owner); put_device(sw->dev); + } } EXPORT_SYMBOL_GPL(typec_switch_put); @@ -136,8 +141,10 @@ struct typec_mux *typec_mux_get(struct device *dev, const char *name) mutex_lock(&mux_lock); mux = device_connection_find_match(dev, name, NULL, typec_mux_match); - if (!IS_ERR_OR_NULL(mux)) + if (!IS_ERR_OR_NULL(mux)) { + WARN_ON(!try_module_get(mux->dev->driver->owner)); get_device(mux->dev); + } mutex_unlock(&mux_lock); return mux; @@ -152,8 +159,10 @@ EXPORT_SYMBOL_GPL(typec_mux_get); */ void typec_mux_put(struct typec_mux *mux) { - if (!IS_ERR_OR_NULL(mux)) + if (!IS_ERR_OR_NULL(mux)) { + module_put(mux->dev->driver->owner); put_device(mux->dev); + } } EXPORT_SYMBOL_GPL(typec_mux_put); -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCHES] Networking

by David Miller

Please queue up the following networking bug fixes for v4.17 and v4.18 -stable, respectively. Thanks!

7 years, 1 month

2
1
0 0

Editing 5

by Aaron

Hi, If you have photos for editing, please send email to: hansrekan(a)outlook.com We have 12 in house image editors and we can help you for cutting out your photos, or path the photos. Includes retouching if needed. Used for products photos or portrait photos, catalog photos. You may drop us one photo, we can send you the testing work. Thanks, Aaron Williams Email: hansrekan(a)outlook.com

7 years, 1 month

1
0
0 0

Editing 4

by Aaron

Hi, If you have photos for editing, please send email to: hansrekan(a)outlook.com We have 12 in house image editors and we can help you for cutting out your photos, or path the photos. Includes retouching if needed. Used for products photos or portrait photos, catalog photos. You may drop us one photo, we can send you the testing work. Thanks, Aaron Williams Email: hansrekan(a)outlook.com

7 years, 1 month

1
0
0 0

Editing 6

by Aaron

Hi, If you have photos for editing, please send email to: hansrekan(a)outlook.com We have 12 in house image editors and we can help you for cutting out your photos, or path the photos. Includes retouching if needed. Used for products photos or portrait photos, catalog photos. You may drop us one photo, we can send you the testing work. Thanks, Aaron Williams Email: hansrekan(a)outlook.com

7 years, 1 month

1
0
0 0

[PATCH 0/4] tty: Hold write ldisc sem in tty_reopen()

by Dmitry Safonov

Two fixes for potential and real issues. Looks worth to have in stables as we've hit it on v4.9 stable. And for linux-next - adding lockdep asserts for line discipline changing code, verifying that write ldisc sem will be held forthwith. I couldn't verify that holding write lock fixes the issue as we've hit it only once and I've failed in reproducing it. But searching in lkml, Cc'ing here people who probably had the same crash (and in hope someone of them could give tested-by): Cc: Daniel Axtens <dja(a)axtens.net> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Michael Neuling <mikey(a)neuling.org> Cc: Mikulas Patocka <mpatocka(a)redhat.com> Cc: Pasi Kärkkäinen <pasik(a)iki.fi> Cc: Peter Hurley <peter(a)hurleysoftware.com> Cc: Sergey Senozhatsky <sergey.senozhatsky.work(a)gmail.com> Cc: Tan Xiaojun <tanxiaojun(a)huawei.com> (please, ignore if I Cc'ed you mistakenly) Dmitry Safonov (4): tty: Drop tty->count on tty_reopen() failure tty: Hold tty_ldisc_lock() during tty_reopen() tty: Lock tty pair in tty_init_dev() tty/lockdep: Add ldisc_sem asserts drivers/tty/tty_io.c | 21 +++++++++++++++------ drivers/tty/tty_ldisc.c | 12 ++++++++---- include/linux/tty.h | 4 ++++ 3 files changed, 27 insertions(+), 10 deletions(-) -- 2.13.6

7 years, 1 month

9
23
0 0

patch "Revert "cdc-acm: implement put_char() and flush_chars()"" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled Revert "cdc-acm: implement put_char() and flush_chars()" to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From df3aa13c7bbb307e172c37f193f9a7aa058d4739 Mon Sep 17 00:00:00 2001 From: Oliver Neukum <oneukum(a)suse.com> Date: Wed, 5 Sep 2018 17:56:46 +0200 Subject: Revert "cdc-acm: implement put_char() and flush_chars()" This reverts commit a81cf9799ad7299b03a4dff020d9685f9ac5f3e0. The patch causes a regression, which I cannot find the reason for. So let's revert for now, as a revert hurts only performance. Original report: I was trying to resolve the problem with Oliver but we don't get any conclusion for 5 months, so I am now sending this to mail list and cdc_acm authors. I am using simple request-response protocol to obtain the boiller parameters in constant intervals. A simple one transaction is: 1. opening the /dev/ttyACM0 2. sending the following 10-bytes request to the device: unsigned char req[] = {0x02, 0xfe, 0x01, 0x05, 0x08, 0x02, 0x01, 0x69, 0xab, 0x03}; 3. reading response (frame of 74 bytes length). 4. closing the descriptor I am doing this transaction with 5 seconds intervals. Before the bad commit everything was working correctly: I've got a requests and a responses in a timely manner. After the bad commit more time I am using the kernel module, more problems I have. The graph [2] is showing the problem. As you can see after module load all seems fine but after about 30 minutes I've got a plenty of EAGAINs when doing read()'s and trying to read back the data. When I rmmod and insmod the cdc_acm module again, then the situation is starting over again: running ok shortly after load, and more time it is running, more EAGAINs I have when calling read(). As a bonus I can see the problem on the device itself: The device is configured as you can see here on this screen [3]. It has two transmision LEDs: TX and RX. Blink duration is set for 100ms. This is a recording before the bad commit when all is working fine: [4] And this is with the bad commit: [5] As you can see the TX led is blinking wrongly long (indicating transmission?) and I have problems doing read() calls (EAGAIN). Reported-by: Mariusz Bialonczyk <manio(a)skyboo.net> Signed-off-by: Oliver Neukum <oneukum(a)suse.com> Fixes: a81cf9799ad7 ("cdc-acm: implement put_char() and flush_chars()") Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/class/cdc-acm.c | 73 ------------------------------------- drivers/usb/class/cdc-acm.h | 1 - 2 files changed, 74 deletions(-) diff --git a/drivers/usb/class/cdc-acm.c b/drivers/usb/class/cdc-acm.c index 27346d69f393..f9b40a9dc4d3 100644 --- a/drivers/usb/class/cdc-acm.c +++ b/drivers/usb/class/cdc-acm.c @@ -780,20 +780,9 @@ static int acm_tty_write(struct tty_struct *tty, } if (acm->susp_count) { - if (acm->putbuffer) { - /* now to preserve order */ - usb_anchor_urb(acm->putbuffer->urb, &acm->delayed); - acm->putbuffer = NULL; - } usb_anchor_urb(wb->urb, &acm->delayed); spin_unlock_irqrestore(&acm->write_lock, flags); return count; - } else { - if (acm->putbuffer) { - /* at this point there is no good way to handle errors */ - acm_start_wb(acm, acm->putbuffer); - acm->putbuffer = NULL; - } } stat = acm_start_wb(acm, wb); @@ -804,66 +793,6 @@ static int acm_tty_write(struct tty_struct *tty, return count; } -static void acm_tty_flush_chars(struct tty_struct *tty) -{ - struct acm *acm = tty->driver_data; - struct acm_wb *cur; - int err; - unsigned long flags; - - spin_lock_irqsave(&acm->write_lock, flags); - - cur = acm->putbuffer; - if (!cur) /* nothing to do */ - goto out; - - acm->putbuffer = NULL; - err = usb_autopm_get_interface_async(acm->control); - if (err < 0) { - cur->use = 0; - acm->putbuffer = cur; - goto out; - } - - if (acm->susp_count) - usb_anchor_urb(cur->urb, &acm->delayed); - else - acm_start_wb(acm, cur); -out: - spin_unlock_irqrestore(&acm->write_lock, flags); - return; -} - -static int acm_tty_put_char(struct tty_struct *tty, unsigned char ch) -{ - struct acm *acm = tty->driver_data; - struct acm_wb *cur; - int wbn; - unsigned long flags; - -overflow: - cur = acm->putbuffer; - if (!cur) { - spin_lock_irqsave(&acm->write_lock, flags); - wbn = acm_wb_alloc(acm); - if (wbn >= 0) { - cur = &acm->wb[wbn]; - acm->putbuffer = cur; - } - spin_unlock_irqrestore(&acm->write_lock, flags); - if (!cur) - return 0; - } - - if (cur->len == acm->writesize) { - acm_tty_flush_chars(tty); - goto overflow; - } - - cur->buf[cur->len++] = ch; - return 1; -} - static int acm_tty_write_room(struct tty_struct *tty) { struct acm *acm = tty->driver_data; @@ -1987,8 +1916,6 @@ static const struct tty_operations acm_ops = { .cleanup = acm_tty_cleanup, .hangup = acm_tty_hangup, .write = acm_tty_write, - .put_char = acm_tty_put_char, - .flush_chars = acm_tty_flush_chars, .write_room = acm_tty_write_room, .ioctl = acm_tty_ioctl, .throttle = acm_tty_throttle, diff --git a/drivers/usb/class/cdc-acm.h b/drivers/usb/class/cdc-acm.h index eacc116e83da..ca06b20d7af9 100644 --- a/drivers/usb/class/cdc-acm.h +++ b/drivers/usb/class/cdc-acm.h @@ -96,7 +96,6 @@ struct acm { unsigned long read_urbs_free; struct urb *read_urbs[ACM_NR]; struct acm_rb read_buffers[ACM_NR]; - struct acm_wb *putbuffer; /* for acm_tty_put_char() */ int rx_buflimit; spinlock_t read_lock; u8 *notification_buffer; /* to reassemble fragmented notifications */ -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH v5] spi: spi-mem: Adjust op len based on message/transfer size limitations

by Chuanhua Han

We need that to adjust the len of the 2nd transfer (called data in spi-mem) if it's too long to fit in a SPI message or SPI transfer. Fixes: c36ff266dc82 ("spi: Extend the core to ease integration of SPI memory controllers") Cc: <stable(a)vger.kernel.org> Signed-off-by: Chuanhua Han <chuanhua.han(a)nxp.com> Reviewed-by: Boris Brezillon <boris.brezillon(a)bootlin.com> --- Changes in v5: -Add the validation check after the op->data.nbytes assignment -Assign the "len" variable after defining it -Remove the brackets on both sides of "opt-> data.nbytes" Changes in v4: -Rename variable name "opcode_addr_dummy_sum" to "len" -The comparison of "spi_max_message_size(mem->spi)" and "len" was removed -Adjust their order when comparing the sizes of "spi_max_message_size(mem->spi)" and "len" -Changing the "unsigned long" type in the code to "size_t" Changes in v3: -Rename variable name "val" to "opcode_addr_dummy_sum" -Place the legitimacy of the transfer size(i.e., "spi_max_message_size(mem->spi)" and "opcode_addr_dummy_sum") into "if (! ctlr - > mem_ops | |! ctlr-> mem_ops->exec_op) {" structure and add "spi_max_transfer_size(mem->spi) and opcode_addr_dummy_sum" -Adjust the formatting alignment of the code -"(unsigned long)op->data.nbytes" was modified to "(unsigned long)(op->data.nbytes)" Changes in v2: -Place the adjusted transfer bytes code in spi_mem_adjust_op_size() and check spi_max_message_size(mem->spi) value before subtracting opcode, addr and dummy bytes -Change the code from fsl-espi controller to generic code(The adjustment of spi transmission length was originally modified in the "drivers/spi/spi-fsl-espi.c" file, and now the adjustment of transfer length is made in the "drivers/spi/spi-mem.c" file) drivers/spi/spi-mem.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/drivers/spi/spi-mem.c b/drivers/spi/spi-mem.c index e43842c..eb72dba 100644 --- a/drivers/spi/spi-mem.c +++ b/drivers/spi/spi-mem.c @@ -346,10 +346,25 @@ EXPORT_SYMBOL_GPL(spi_mem_get_name); int spi_mem_adjust_op_size(struct spi_mem *mem, struct spi_mem_op *op) { struct spi_controller *ctlr = mem->spi->controller; + size_t len; + + len = sizeof(op->cmd.opcode) + op->addr.nbytes + op->dummy.nbytes; if (ctlr->mem_ops && ctlr->mem_ops->adjust_op_size) return ctlr->mem_ops->adjust_op_size(mem, op); + if (!ctlr->mem_ops || !ctlr->mem_ops->exec_op) { + if (len > spi_max_transfer_size(mem->spi)) + return -EINVAL; + + op->data.nbytes = min3((size_t)op->data.nbytes, + spi_max_transfer_size(mem->spi), + spi_max_message_size(mem->spi) - + len); + if (!op->data.nbytes) + return -EINVAL; + } + return 0; } EXPORT_SYMBOL_GPL(spi_mem_adjust_op_size); -- 2.7.4

7 years, 1 month

3
5
0 0

[PATCH 4.18 000/145] 4.18.7-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.18.7 release. There are 145 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Sep 9 21:08:26 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.18.7-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.18.7-rc1 James Morse <james.morse(a)arm.com> arm64: mm: always enable CONFIG_HOLES_IN_ZONE Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpuidle: menu: Retain tick when shallow state is selected Jan Kara <jack(a)suse.cz> udf: Fix mounting of Win7 created UDF filesystems Jeremy Cline <jcline(a)redhat.com> fs/quota: Fix spectre gadget in do_quotactl Horia Geantă <horia.geanta(a)nxp.com> crypto: caam/qi - fix error path in xts setkey Horia Geantă <horia.geanta(a)nxp.com> crypto: caam/jr - fix descriptor DMA unmapping Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix DMA mapping direction for RSA forms 2 & 3 Ard Biesheuvel <ard.biesheuvel(a)linaro.org> crypto: arm64/sm4-ce - check for the right CPU feature bit Dave Watson <davejwatson(a)fb.com> crypto: aesni - Use unaligned loads from gcm_context_data Ondrej Mosnacek <omosnace(a)redhat.com> crypto: vmx - Fix sleep-in-atomic bugs Adrian Hunter <adrian.hunter(a)intel.com> perf auxtrace: Fix queue resize Dan Williams <dan.j.williams(a)intel.com> mm, dev_pagemap: Do not clear ->mapping on final put Eddie.Horng <eddie.horng(a)mediatek.com> cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() Masahiro Yamada <yamada.masahiro(a)socionext.com> kconfig: fix "Can't open ..." in parallel build Shan Hai <shan.hai(a)oracle.com> bcache: release dc->writeback_lock properly in bch_writeback_thread() Vishal Verma <vishal.l.verma(a)intel.com> libnvdimm: fix ars_status output length calculation Keith Busch <keith.busch(a)intel.com> libnvdimm: Use max contiguous area for namespace size Christian Brauner <christian(a)brauner.io> getxattr: use correct xattr length Mikulas Patocka <mpatocka(a)redhat.com> udlfb: set line_length in dlfb_ops_set_par Mikulas Patocka <mpatocka(a)redhat.com> udlfb: handle allocation failure Mikulas Patocka <mpatocka(a)redhat.com> udlfb: make a local copy of fb_ops Mikulas Patocka <mpatocka(a)redhat.com> udlfb: set optimal write delay Mikulas Patocka <mpatocka(a)redhat.com> udlfb: don't switch if we are switching to the same videomode Mikulas Patocka <mpatocka(a)redhat.com> udlfb: fix display corruption of the last line Mikulas Patocka <mpatocka(a)redhat.com> udlfb: fix semaphore value leak Mikulas Patocka <mpatocka(a)redhat.com> fb: fix lost console when the user unplugs a USB adapter Vignesh R <vigneshr(a)ti.com> pwm: tiehrpwm: Fix disabling of output of PWMs Vignesh R <vigneshr(a)ti.com> pwm: tiehrpwm: Don't use emulation mode bits to control PWM output Richard Weinberger <richard(a)nod.at> ubifs: Fix synced_i_size calculation for xattr inodes Richard Weinberger <richard(a)nod.at> ubifs: Fix directory size calculation for symlinks Richard Weinberger <richard(a)nod.at> ubifs: xattr: Don't operate on deleted inodes Richard Weinberger <richard(a)nod.at> ubifs: Check data node size before truncate Richard Weinberger <richard(a)nod.at> Revert "UBIFS: Fix potential integer overflow in allocation" Richard Weinberger <richard(a)nod.at> ubifs: Fix memory leak in lprobs self-check Jann Horn <jannh(a)google.com> userns: move user access out of the mutex Jann Horn <jannh(a)google.com> sys: don't hold uts_sem while accessing userspace memory Jacob Pan <jacob.jun.pan(a)linux.intel.com> iommu/vt-d: Fix dev iotlb pfsid use Jacob Pan <jacob.jun.pan(a)linux.intel.com> iommu/vt-d: Add definitions for PFSID Dmitry Osipenko <digetx(a)gmail.com> iommu/ipmmu-vmsa: Don't register as BUS IOMMU if machine doesn't have IPMMU-VMSA Peter Zijlstra <peterz(a)infradead.org> mm/tlb: Remove tlb_remove_table() non-concurrent condition David Rivshin <DRivshin(a)allworx.com> pwm: omap-dmtimer: Return -EPROBE_DEFER if no dmtimer platform data Roger Quadros <rogerq(a)ti.com> ARM: dts: am57xx-idk: Enable dual role for USB2 port Jon Hunter <jonathanh(a)nvidia.com> ARM: tegra: Fix Tegra30 Cardhu PCA954x reset Trond Myklebust <trondmy(a)gmail.com> NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() Trond Myklebust <trondmy(a)gmail.com> NFSv4: Fix locking in pnfs_generic_recover_commit_reqs Bill Baker <Bill.Baker(a)Oracle.com> NFSv4 client live hangs after live data migration recovery Amir Goldstein <amir73il(a)gmail.com> nfsd: fix leaked file lock with nfs exported overlayfs Dan Carpenter <dan.carpenter(a)oracle.com> pnfs/blocklayout: off by one in bl_map_stripe() Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> block, bfq: return nbytes and not zero from struct cftype .write() method Max Filippov <jcmvbkbc(a)gmail.com> xtensa: increase ranges in ___invalidate_{i,d}cache_all Max Filippov <jcmvbkbc(a)gmail.com> xtensa: limit offsets in __loop_cache_{all,page} Paul Mackerras <paulus(a)ozlabs.org> KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages Paolo Bonzini <pbonzini(a)redhat.com> KVM: VMX: fixes for vmentry_l1d_flush module parameter Hans de Goede <hdegoede(a)redhat.com> i2c: designware: Re-init controllers with pm_disabled set on resume Lihua Yao <ylhuajnu(a)163.com> ALSA: ac97: fix unbalanced pm_runtime_enable Lihua Yao <ylhuajnu(a)163.com> ALSA: ac97: fix check of pm_runtime_get_sync failure Lihua Yao <ylhuajnu(a)163.com> ALSA: ac97: fix device initialization in the compat layer zhangyi (F) <yi.zhang(a)huawei.com> PM / sleep: wakeup: Fix build error caused by missing SRCU support Henry Willard <henry.willard(a)oracle.com> cpufreq: governor: Avoid accessing invalid governor_data Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpuidle: menu: Handle stopped tick more aggressively Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> sched: idle: Avoid retaining the tick when it has been stopped Peter Kalauskas <peskal(a)google.com> drivers/block/zram/zram_drv.c: fix bug storing backing_dev Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> ACPICA: Clear status of all events when entering sleep states Erik Schmauss <erik.schmauss(a)intel.com> ACPICA: AML Parser: skip opcodes that open a scope upon parse failure Amir Goldstein <amir73il(a)gmail.com> ovl: fix wrong use of impure dir cache in ovl_iterate() Rafael David Tinoco <rafael.tinoco(a)linaro.org> mfd: hi655x: Fix regmap area declared size for hi655x Steven Rostedt (VMware) <rostedt(a)goodmis.org> uprobes: Use synchronize_rcu() not synchronize_sched() Kamalesh Babulal <kamalesh(a)linux.vnet.ibm.com> livepatch: Validate module/old func name length Steven Rostedt (VMware) <rostedt(a)goodmis.org> printk/tracing: Do not trace printk_nmi_enter() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing/blktrace: Fix to allow setting same value Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Do not call start/stop() functions when tracing_on does not change Johan Hovold <johan(a)kernel.org> rtc: omap: fix potential crash on power off Johan Hovold <johan(a)kernel.org> rtc: omap: fix resource leak in registration error path Nadav Amit <namit(a)vmware.com> vmw_balloon: fix VMCI use when balloon built into kernel Nadav Amit <namit(a)vmware.com> vmw_balloon: VMCI_DOORBELL_SET does not check status Nadav Amit <namit(a)vmware.com> vmw_balloon: do not use 2MB without batching Nadav Amit <namit(a)vmware.com> vmw_balloon: fix inflation of 64-bit GFNs Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> eventpoll.h: wrap casts in () properly Chanwoo Choi <cw00.choi(a)samsung.com> extcon: Release locking when sending the notification of connector state Lars-Peter Clausen <lars(a)metafoo.de> iio: ad9523: Fix return value for ad952x_store() Lars-Peter Clausen <lars(a)metafoo.de> iio: ad9523: Fix displayed phase Gustavo A. R. Silva <gustavo(a)embeddedor.com> iio: sca3000: Fix missing return in switch Dexuan Cui <decui(a)microsoft.com> Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() Dexuan Cui <decui(a)microsoft.com> Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer() Tycho Andersen <tycho(a)tycho.ws> uart: fix race between uart_put_char() and uart_shutdown() Mikulas Patocka <mpatocka(a)redhat.com> dm writecache: fix a crash due to reading past end of dirty_bitmap Mikulas Patocka <mpatocka(a)redhat.com> dm crypt: don't decrease device limits Ilya Dryomov <idryomov(a)gmail.com> dm cache metadata: set dirty on all cache blocks after a crash Mike Snitzer <snitzer(a)redhat.com> dm cache metadata: save in-core policy_hint_size to on-disk superblock Hou Tao <houtao1(a)huawei.com> dm thin: stop no_space_timeout worker when switching to write-mode Mikulas Patocka <mpatocka(a)redhat.com> dm integrity: change 'suspending' variable from bool to int Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/client.c: version pointer uninitialized jiangyiwen <jiangyiwen(a)huawei.com> 9p/virtio: fix off-by-one error in sg list bounds check piaojun <piaojun(a)huawei.com> fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed Tomas Bortoli <tomasbortoli(a)gmail.com> 9p: fix multiple NULL-pointer-dereferences Bart Van Assche <bart.vanassche(a)wdc.com> RDMA/rxe: Set wqe->status correctly if an unexpected response is received Bart Van Assche <bart.vanassche(a)wdc.com> ib_srpt: Fix a use-after-free in __srpt_close_all_ch() Bart Van Assche <bart.vanassche(a)wdc.com> ib_srpt: Fix a use-after-free in srpt_close_ch() Leon Romanovsky <leon(a)kernel.org> RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq Jason Gunthorpe <jgg(a)ziepe.ca> overflow.h: Add arithmetic shift helper Bart Van Assche <bart.vanassche(a)wdc.com> IB/srpt: Support HCAs with more than two ports Bart Van Assche <bart.vanassche(a)wdc.com> IB/srpt: Fix srpt_cm_req_recv() error path (2/2) Bart Van Assche <bart.vanassche(a)wdc.com> IB/srpt: Fix srpt_cm_req_recv() error path (1/2) Jason Gunthorpe <jgg(a)ziepe.ca> IB/mlx5: Fix leaking stack memory to userspace Parav Pandit <parav(a)mellanox.com> IB/mlx5: Honor cnt_set_id_valid flag instead of set_id Frederic Barrat <fbarrat(a)linux.ibm.com> ocxl: Fix page fault handler in case of fault on dying process Vaibhav Jain <vaibhav(a)linux.ibm.com> cxl: Fix wrong comparison in cxl_adapter_context_get() Benjamin Herrenschmidt <benh(a)kernel.crashing.org> powerpc/powernv/pci: Work around races in PCI bridge enabling Luke Dashjr <luke(a)dashjr.org> powerpc64/ftrace: Include ftrace.h needed for enable/disable calls Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/nohash: fix pte_access_permitted() Ram Pai <linuxram(a)us.ibm.com> powerpc/pkeys: Preallocate execute-only key Ram Pai <linuxram(a)us.ibm.com> powerpc/pkeys: Fix calculation of total pkeys. Ram Pai <linuxram(a)us.ibm.com> powerpc/pkeys: Save the pkey registers before fork Ram Pai <linuxram(a)us.ibm.com> powerpc/pkeys: key allocation/deallocation must not change pkey registers Ram Pai <linuxram(a)us.ibm.com> powerpc/pkeys: Deny read/write/execute by default Ram Pai <linuxram(a)us.ibm.com> powerpc/pkeys: Give all threads control of their key permissions Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. Nicholas Piggin <npiggin(a)gmail.com> powerpc/64s: Fix page table fragment refcount race vs speculative references Hari Bathini <hbathini(a)linux.ibm.com> powerpc/fadump: handle crash memory ranges array index overflow Yannik Sembritzki <yannik(a)sembritzki.me> Fix kexec forbidding kernels signed with keys in the secondary keyring to boot Yannik Sembritzki <yannik(a)sembritzki.me> Replace magic for trusting the secondary keyring with #define Gustavo A. R. Silva <gustavo(a)embeddedor.com> mailbox: xgene-slimpro: Fix potential NULL pointer dereference Javier Martinez Canillas <javierm(a)redhat.com> media: Revert "[media] tvp5150: fix pad format frame height" Daniel Mack <daniel(a)zonque.org> libertas: fix suspend and resume for SDIO connected cards Michel Dänzer <michel.daenzer(a)amd.com> dma-buf: Move BUG_ON from _add_shared_fence to _add_shared_inplace John Johansen <john.johansen(a)canonical.com> apparmor: fix bad debug check in apparmor_secid_to_secctx() Bart Van Assche <bart.vanassche(a)wdc.com> block: Ensure that a request queue is dissociated from the cgroup controller Bart Van Assche <bart.vanassche(a)wdc.com> block: Introduce blk_exit_queue() Bart Van Assche <bart.vanassche(a)wdc.com> blkcg: Introduce blkg_root_lookup() Ming Lei <ming.lei(a)redhat.com> block: really disable runtime-pm for blk-mq xiao jin <jin.xiao(a)intel.com> block: blk_init_allocated_queue() set q->fq as NULL in the fail case Mikulas Patocka <mpatocka(a)redhat.com> block: fix infinite loop if the device loses discard capability Markus Stockhausen <stockhausen(a)collogia.de> readahead: stricter check for bdi io_pages Sergei Shtylyov <sergei.shtylyov(a)cogentembedded.com> mmc: renesas_sdhi_internal_dmac: fix #define RST_RESERVED_BITS Sergei Shtylyov <sergei.shtylyov(a)cogentembedded.com> mmc: renesas_sdhi_internal_dmac: mask DMAC interrupts Adrian Hunter <adrian.hunter(a)intel.com> mmc: block: Fix unsupported parallel dispatch of requests Janek Kotas <jank(a)cadence.com> spi: cadence: Change usleep_range() to udelay(), for atomic context Krzysztof Kozlowski <krzk(a)kernel.org> spi: spi-fsl-dspi: Fix imprecise abort on VF500 during probe Mika Westerberg <mika.westerberg(a)linux.intel.com> spi: pxa2xx: Add support for Intel Ice Lake Bartosz Golaszewski <bgolaszewski(a)baylibre.com> spi: davinci: fix a NULL pointer dereference Chirantan Ekbote <chirantan(a)chromium.org> 9p/net: Fix zero-copy path in the 9p virtio transport Alexander Aring <aring(a)mojatatu.com> net: mac802154: tx: expand tailroom if necessary Alexander Aring <aring(a)mojatatu.com> net: 6lowpan: fix reserved space for single frames Boqun Feng <boqun.feng(a)gmail.com> rcu: Make expedited GPs handle CPU 0 being offline ------------- Diffstat: Makefile | 4 +- arch/alpha/kernel/osf_sys.c | 51 +++++---- arch/arm/boot/dts/am571x-idk.dts | 4 - arch/arm/boot/dts/am572x-idk-common.dtsi | 4 - arch/arm/boot/dts/am57xx-idk-common.dtsi | 7 +- arch/arm/boot/dts/tegra30-cardhu.dtsi | 1 + arch/arm64/Kconfig | 1 - arch/arm64/crypto/sm4-ce-glue.c | 2 +- arch/powerpc/include/asm/fadump.h | 3 - arch/powerpc/include/asm/nohash/pgtable.h | 9 +- arch/powerpc/include/asm/pkeys.h | 11 -- arch/powerpc/kernel/fadump.c | 91 +++++++++++++--- arch/powerpc/kernel/process.c | 1 + arch/powerpc/kvm/book3s_hv.c | 1 + arch/powerpc/mm/mmu_context_book3s64.c | 8 +- arch/powerpc/mm/mmu_context_iommu.c | 17 +-- arch/powerpc/mm/pgtable-book3s64.c | 17 +-- arch/powerpc/mm/pkeys.c | 134 ++++++++---------------- arch/powerpc/platforms/powernv/pci-ioda.c | 37 +++++++ arch/powerpc/platforms/pseries/ras.c | 2 +- arch/sparc/kernel/sys_sparc_32.c | 22 ++-- arch/sparc/kernel/sys_sparc_64.c | 20 ++-- arch/x86/crypto/aesni-intel_asm.S | 66 ++++++------ arch/x86/kernel/kexec-bzimage64.c | 2 +- arch/x86/kvm/vmx.c | 26 +++-- arch/xtensa/include/asm/cacheasm.h | 69 +++++++----- block/bfq-cgroup.c | 3 +- block/blk-core.c | 61 ++++++----- block/blk-lib.c | 10 ++ block/blk-sysfs.c | 15 +++ block/blk.h | 1 + certs/system_keyring.c | 3 +- crypto/asymmetric_keys/pkcs7_key_type.c | 2 +- drivers/acpi/acpica/hwsleep.c | 11 +- drivers/acpi/acpica/psloop.c | 17 +-- drivers/block/zram/zram_drv.c | 7 +- drivers/cpufreq/cpufreq_governor.c | 12 ++- drivers/cpuidle/governors/menu.c | 47 ++++++--- drivers/crypto/caam/caamalg_qi.c | 6 +- drivers/crypto/caam/caampkc.c | 20 ++-- drivers/crypto/caam/jr.c | 3 +- drivers/crypto/vmx/aes_cbc.c | 30 +++--- drivers/crypto/vmx/aes_xts.c | 21 ++-- drivers/dma-buf/reservation.c | 6 +- drivers/extcon/extcon.c | 3 +- drivers/hv/channel.c | 40 ++++--- drivers/hv/channel_mgmt.c | 10 +- drivers/i2c/busses/i2c-designware-master.c | 1 - drivers/i2c/busses/i2c-designware-platdrv.c | 7 +- drivers/iio/accel/sca3000.c | 1 + drivers/iio/frequency/ad9523.c | 4 +- drivers/infiniband/hw/mlx5/main.c | 2 +- drivers/infiniband/hw/mlx5/qp.c | 6 +- drivers/infiniband/sw/rxe/rxe_comp.c | 1 + drivers/infiniband/ulp/srpt/ib_srpt.c | 34 ++++-- drivers/infiniband/ulp/srpt/ib_srpt.h | 4 +- drivers/iommu/dmar.c | 6 +- drivers/iommu/intel-iommu.c | 18 +++- drivers/iommu/ipmmu-vmsa.c | 7 ++ drivers/mailbox/mailbox-xgene-slimpro.c | 6 +- drivers/md/bcache/writeback.c | 4 +- drivers/md/dm-cache-metadata.c | 13 ++- drivers/md/dm-crypt.c | 10 +- drivers/md/dm-integrity.c | 6 +- drivers/md/dm-thin.c | 2 + drivers/md/dm-writecache.c | 2 +- drivers/media/i2c/tvp5150.c | 2 +- drivers/mfd/hi655x-pmic.c | 2 +- drivers/misc/cxl/main.c | 2 +- drivers/misc/ocxl/link.c | 24 +++-- drivers/misc/vmw_balloon.c | 67 +++++++----- drivers/mmc/core/queue.c | 12 ++- drivers/mmc/core/queue.h | 1 + drivers/mmc/host/renesas_sdhi_internal_dmac.c | 10 +- drivers/net/wireless/marvell/libertas/dev.h | 1 + drivers/net/wireless/marvell/libertas/if_sdio.c | 30 ++++-- drivers/nvdimm/bus.c | 4 +- drivers/nvdimm/dimm_devs.c | 31 ++++++ drivers/nvdimm/namespace_devs.c | 6 +- drivers/nvdimm/nd-core.h | 8 ++ drivers/nvdimm/region_devs.c | 24 +++++ drivers/pwm/pwm-omap-dmtimer.c | 5 +- drivers/pwm/pwm-tiehrpwm.c | 14 +-- drivers/rtc/rtc-omap.c | 18 ++-- drivers/spi/spi-cadence.c | 2 +- drivers/spi/spi-davinci.c | 2 +- drivers/spi/spi-fsl-dspi.c | 24 ++--- drivers/spi/spi-pxa2xx.c | 4 + drivers/tty/serial/serial_core.c | 17 ++- drivers/video/fbdev/core/fbmem.c | 38 +++++-- drivers/video/fbdev/udlfb.c | 105 ++++++++++--------- fs/9p/xattr.c | 6 +- fs/lockd/clntlock.c | 2 +- fs/lockd/clntproc.c | 2 +- fs/lockd/svclock.c | 16 +-- fs/lockd/svcsubs.c | 4 +- fs/nfs/blocklayout/dev.c | 2 +- fs/nfs/callback_proc.c | 14 ++- fs/nfs/nfs4proc.c | 9 +- fs/nfs/pnfs_nfs.c | 16 ++- fs/nfsd/nfs4state.c | 2 +- fs/overlayfs/readdir.c | 19 +++- fs/quota/quota.c | 2 + fs/ubifs/dir.c | 5 +- fs/ubifs/journal.c | 21 +++- fs/ubifs/lprops.c | 8 +- fs/ubifs/xattr.c | 24 +++++ fs/udf/super.c | 31 +++--- fs/xattr.c | 2 +- include/linux/blk-cgroup.h | 18 ++++ include/linux/hyperv.h | 2 + include/linux/intel-iommu.h | 8 +- include/linux/lockd/lockd.h | 4 +- include/linux/mm_types.h | 5 +- include/linux/overflow.h | 31 ++++++ include/linux/sunrpc/clnt.h | 1 + include/linux/verification.h | 6 ++ include/uapi/linux/eventpoll.h | 8 +- include/video/udlfb.h | 5 +- kernel/livepatch/core.c | 6 ++ kernel/memremap.c | 1 - kernel/power/Kconfig | 1 + kernel/printk/printk_safe.c | 4 +- kernel/rcu/tree_exp.h | 9 +- kernel/sched/idle.c | 2 +- kernel/sys.c | 95 ++++++++--------- kernel/trace/blktrace.c | 4 + kernel/trace/trace.c | 4 +- kernel/trace/trace_uprobe.c | 2 +- kernel/user_namespace.c | 24 ++--- kernel/utsname_sysctl.c | 41 +++++--- mm/hmm.c | 2 + mm/memory.c | 9 -- mm/readahead.c | 12 ++- net/9p/client.c | 2 +- net/9p/trans_fd.c | 7 +- net/9p/trans_rdma.c | 3 + net/9p/trans_virtio.c | 13 ++- net/9p/trans_xen.c | 3 + net/ieee802154/6lowpan/tx.c | 21 +++- net/mac802154/tx.c | 15 ++- net/sunrpc/clnt.c | 28 +++-- scripts/kconfig/Makefile | 5 +- security/apparmor/secid.c | 1 - security/commoncap.c | 2 +- sound/ac97/bus.c | 4 +- sound/ac97/snd_ac97_compat.c | 19 +++- tools/perf/util/auxtrace.c | 3 + 148 files changed, 1374 insertions(+), 766 deletions(-)

7 years, 1 month

4
144
0 0

[PATCH 4.14 00/89] 4.14.69-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.69 release. There are 89 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Sep 9 21:08:28 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.69-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.69-rc1 James Morse <james.morse(a)arm.com> arm64: mm: always enable CONFIG_HOLES_IN_ZONE Jeremy Cline <jcline(a)redhat.com> fs/quota: Fix spectre gadget in do_quotactl Horia Geantă <horia.geanta(a)nxp.com> crypto: caam/qi - fix error path in xts setkey Horia Geantă <horia.geanta(a)nxp.com> crypto: caam/jr - fix descriptor DMA unmapping Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix DMA mapping direction for RSA forms 2 & 3 Ondrej Mosnacek <omosnace(a)redhat.com> crypto: vmx - Fix sleep-in-atomic bugs Adrian Hunter <adrian.hunter(a)intel.com> perf auxtrace: Fix queue resize Eddie.Horng <eddie.horng(a)mediatek.com> cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() Shan Hai <shan.hai(a)oracle.com> bcache: release dc->writeback_lock properly in bch_writeback_thread() Vishal Verma <vishal.l.verma(a)intel.com> libnvdimm: fix ars_status output length calculation Christian Brauner <christian(a)brauner.io> getxattr: use correct xattr length Mikulas Patocka <mpatocka(a)redhat.com> udlfb: set optimal write delay Mikulas Patocka <mpatocka(a)redhat.com> fb: fix lost console when the user unplugs a USB adapter Vignesh R <vigneshr(a)ti.com> pwm: tiehrpwm: Fix disabling of output of PWMs Vignesh R <vigneshr(a)ti.com> pwm: tiehrpwm: Don't use emulation mode bits to control PWM output Richard Weinberger <richard(a)nod.at> ubifs: Fix synced_i_size calculation for xattr inodes Richard Weinberger <richard(a)nod.at> ubifs: xattr: Don't operate on deleted inodes Richard Weinberger <richard(a)nod.at> ubifs: Check data node size before truncate Richard Weinberger <richard(a)nod.at> Revert "UBIFS: Fix potential integer overflow in allocation" Richard Weinberger <richard(a)nod.at> ubifs: Fix memory leak in lprobs self-check Jann Horn <jannh(a)google.com> userns: move user access out of the mutex Jann Horn <jannh(a)google.com> sys: don't hold uts_sem while accessing userspace memory Jacob Pan <jacob.jun.pan(a)linux.intel.com> iommu/vt-d: Fix dev iotlb pfsid use Jacob Pan <jacob.jun.pan(a)linux.intel.com> iommu/vt-d: Add definitions for PFSID Peter Zijlstra <peterz(a)infradead.org> mm/tlb: Remove tlb_remove_table() non-concurrent condition Jon Hunter <jonathanh(a)nvidia.com> ARM: tegra: Fix Tegra30 Cardhu PCA954x reset Trond Myklebust <trondmy(a)gmail.com> NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() Trond Myklebust <trondmy(a)gmail.com> NFSv4: Fix locking in pnfs_generic_recover_commit_reqs Bill Baker <Bill.Baker(a)Oracle.com> NFSv4 client live hangs after live data migration recovery Dan Carpenter <dan.carpenter(a)oracle.com> pnfs/blocklayout: off by one in bl_map_stripe() Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> block, bfq: return nbytes and not zero from struct cftype .write() method Max Filippov <jcmvbkbc(a)gmail.com> xtensa: increase ranges in ___invalidate_{i,d}cache_all Max Filippov <jcmvbkbc(a)gmail.com> xtensa: limit offsets in __loop_cache_{all,page} Paul Mackerras <paulus(a)ozlabs.org> KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages Paolo Bonzini <pbonzini(a)redhat.com> KVM: VMX: fixes for vmentry_l1d_flush module parameter zhangyi (F) <yi.zhang(a)huawei.com> PM / sleep: wakeup: Fix build error caused by missing SRCU support Henry Willard <henry.willard(a)oracle.com> cpufreq: governor: Avoid accessing invalid governor_data Peter Kalauskas <peskal(a)google.com> drivers/block/zram/zram_drv.c: fix bug storing backing_dev Amir Goldstein <amir73il(a)gmail.com> ovl: fix wrong use of impure dir cache in ovl_iterate() Rafael David Tinoco <rafael.tinoco(a)linaro.org> mfd: hi655x: Fix regmap area declared size for hi655x Steven Rostedt (VMware) <rostedt(a)goodmis.org> uprobes: Use synchronize_rcu() not synchronize_sched() Kamalesh Babulal <kamalesh(a)linux.vnet.ibm.com> livepatch: Validate module/old func name length Steven Rostedt (VMware) <rostedt(a)goodmis.org> printk/tracing: Do not trace printk_nmi_enter() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing/blktrace: Fix to allow setting same value Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Do not call start/stop() functions when tracing_on does not change Johan Hovold <johan(a)kernel.org> rtc: omap: fix potential crash on power off Nadav Amit <namit(a)vmware.com> vmw_balloon: fix VMCI use when balloon built into kernel Nadav Amit <namit(a)vmware.com> vmw_balloon: VMCI_DOORBELL_SET does not check status Nadav Amit <namit(a)vmware.com> vmw_balloon: do not use 2MB without batching Nadav Amit <namit(a)vmware.com> vmw_balloon: fix inflation of 64-bit GFNs Chanwoo Choi <cw00.choi(a)samsung.com> extcon: Release locking when sending the notification of connector state Lars-Peter Clausen <lars(a)metafoo.de> iio: ad9523: Fix return value for ad952x_store() Lars-Peter Clausen <lars(a)metafoo.de> iio: ad9523: Fix displayed phase Gustavo A. R. Silva <gustavo(a)embeddedor.com> iio: sca3000: Fix missing return in switch Dexuan Cui <decui(a)microsoft.com> Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() Tycho Andersen <tycho(a)tycho.ws> uart: fix race between uart_put_char() and uart_shutdown() Mikulas Patocka <mpatocka(a)redhat.com> dm crypt: don't decrease device limits Ilya Dryomov <idryomov(a)gmail.com> dm cache metadata: set dirty on all cache blocks after a crash Mike Snitzer <snitzer(a)redhat.com> dm cache metadata: save in-core policy_hint_size to on-disk superblock Hou Tao <houtao1(a)huawei.com> dm thin: stop no_space_timeout worker when switching to write-mode Mikulas Patocka <mpatocka(a)redhat.com> dm integrity: change 'suspending' variable from bool to int Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/client.c: version pointer uninitialized jiangyiwen <jiangyiwen(a)huawei.com> 9p/virtio: fix off-by-one error in sg list bounds check piaojun <piaojun(a)huawei.com> fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed Tomas Bortoli <tomasbortoli(a)gmail.com> 9p: fix multiple NULL-pointer-dereferences Bart Van Assche <bart.vanassche(a)wdc.com> RDMA/rxe: Set wqe->status correctly if an unexpected response is received Bart Van Assche <bart.vanassche(a)wdc.com> ib_srpt: Fix a use-after-free in srpt_close_ch() Vaibhav Jain <vaibhav(a)linux.ibm.com> cxl: Fix wrong comparison in cxl_adapter_context_get() Benjamin Herrenschmidt <benh(a)kernel.crashing.org> powerpc/powernv/pci: Work around races in PCI bridge enabling Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. Hari Bathini <hbathini(a)linux.ibm.com> powerpc/fadump: handle crash memory ranges array index overflow Yannik Sembritzki <yannik(a)sembritzki.me> Fix kexec forbidding kernels signed with keys in the secondary keyring to boot Yannik Sembritzki <yannik(a)sembritzki.me> Replace magic for trusting the secondary keyring with #define Gustavo A. R. Silva <gustavo(a)embeddedor.com> mailbox: xgene-slimpro: Fix potential NULL pointer dereference Javier Martinez Canillas <javierm(a)redhat.com> media: Revert "[media] tvp5150: fix pad format frame height" Daniel Mack <daniel(a)zonque.org> libertas: fix suspend and resume for SDIO connected cards Matthew Auld <matthew.auld(a)intel.com> drm/i915/userptr: reject zero user_size Ming Lei <ming.lei(a)redhat.com> block: really disable runtime-pm for blk-mq xiao jin <jin.xiao(a)intel.com> block: blk_init_allocated_queue() set q->fq as NULL in the fail case Markus Stockhausen <stockhausen(a)collogia.de> readahead: stricter check for bdi io_pages Sergei Shtylyov <sergei.shtylyov(a)cogentembedded.com> mmc: renesas_sdhi_internal_dmac: fix #define RST_RESERVED_BITS Janek Kotas <jank(a)cadence.com> spi: cadence: Change usleep_range() to udelay(), for atomic context Krzysztof Kozlowski <krzk(a)kernel.org> spi: spi-fsl-dspi: Fix imprecise abort on VF500 during probe Mika Westerberg <mika.westerberg(a)linux.intel.com> spi: pxa2xx: Add support for Intel Ice Lake Bartosz Golaszewski <bgolaszewski(a)baylibre.com> spi: davinci: fix a NULL pointer dereference Chirantan Ekbote <chirantan(a)chromium.org> 9p/net: Fix zero-copy path in the 9p virtio transport Alexander Aring <aring(a)mojatatu.com> net: mac802154: tx: expand tailroom if necessary Alexander Aring <aring(a)mojatatu.com> net: 6lowpan: fix reserved space for single frames ------------- Diffstat: Makefile | 4 +- arch/alpha/kernel/osf_sys.c | 51 +++++++------ arch/arm/boot/dts/tegra30-cardhu.dtsi | 1 + arch/arm64/Kconfig | 1 - arch/powerpc/include/asm/fadump.h | 3 - arch/powerpc/kernel/fadump.c | 91 +++++++++++++++++++---- arch/powerpc/mm/mmu_context_iommu.c | 17 +++-- arch/powerpc/platforms/powernv/pci-ioda.c | 37 ++++++++++ arch/powerpc/platforms/pseries/ras.c | 2 +- arch/sparc/kernel/sys_sparc_32.c | 22 +++--- arch/sparc/kernel/sys_sparc_64.c | 20 +++--- arch/x86/kernel/kexec-bzimage64.c | 2 +- arch/x86/kvm/vmx.c | 26 ++++--- arch/xtensa/include/asm/cacheasm.h | 69 +++++++++++------- block/bfq-cgroup.c | 3 +- block/blk-core.c | 7 +- certs/system_keyring.c | 3 +- crypto/asymmetric_keys/pkcs7_key_type.c | 2 +- drivers/block/zram/zram_drv.c | 7 +- drivers/cpufreq/cpufreq_governor.c | 12 +++- drivers/crypto/caam/caamalg_qi.c | 6 +- drivers/crypto/caam/caampkc.c | 20 +++--- drivers/crypto/caam/jr.c | 3 +- drivers/crypto/vmx/aes_cbc.c | 30 ++++---- drivers/crypto/vmx/aes_xts.c | 21 ++++-- drivers/extcon/extcon.c | 3 +- drivers/gpu/drm/i915/i915_gem_userptr.c | 3 + drivers/hv/channel.c | 40 ++++++----- drivers/hv/channel_mgmt.c | 6 ++ drivers/iio/accel/sca3000.c | 1 + drivers/iio/frequency/ad9523.c | 4 +- drivers/infiniband/sw/rxe/rxe_comp.c | 1 + drivers/infiniband/ulp/srpt/ib_srpt.c | 3 +- drivers/iommu/dmar.c | 6 +- drivers/iommu/intel-iommu.c | 18 ++++- drivers/mailbox/mailbox-xgene-slimpro.c | 6 +- drivers/md/bcache/writeback.c | 4 +- drivers/md/dm-cache-metadata.c | 13 ++-- drivers/md/dm-crypt.c | 10 +-- drivers/md/dm-integrity.c | 6 +- drivers/md/dm-thin.c | 2 + drivers/media/i2c/tvp5150.c | 2 +- drivers/mfd/hi655x-pmic.c | 2 +- drivers/misc/cxl/main.c | 2 +- drivers/misc/vmw_balloon.c | 67 ++++++++++------- drivers/mmc/host/renesas_sdhi_internal_dmac.c | 2 +- drivers/net/wireless/marvell/libertas/dev.h | 1 + drivers/net/wireless/marvell/libertas/if_sdio.c | 30 ++++++-- drivers/nvdimm/bus.c | 4 +- drivers/pwm/pwm-tiehrpwm.c | 14 +--- drivers/rtc/rtc-omap.c | 14 ++-- drivers/spi/spi-cadence.c | 2 +- drivers/spi/spi-davinci.c | 2 +- drivers/spi/spi-fsl-dspi.c | 24 +++---- drivers/spi/spi-pxa2xx.c | 4 ++ drivers/tty/serial/serial_core.c | 17 +++-- drivers/video/fbdev/core/fbmem.c | 38 ++++++++-- fs/9p/xattr.c | 6 +- fs/nfs/blocklayout/dev.c | 2 +- fs/nfs/callback_proc.c | 14 ++-- fs/nfs/nfs4proc.c | 9 ++- fs/nfs/pnfs_nfs.c | 16 ++--- fs/overlayfs/readdir.c | 19 ++++- fs/quota/quota.c | 2 + fs/ubifs/journal.c | 21 ++++-- fs/ubifs/lprops.c | 8 +-- fs/ubifs/xattr.c | 24 +++++++ fs/xattr.c | 2 +- include/linux/hyperv.h | 2 + include/linux/intel-iommu.h | 8 ++- include/linux/sunrpc/clnt.h | 1 + include/linux/verification.h | 6 ++ include/video/udlfb.h | 2 +- kernel/livepatch/core.c | 6 ++ kernel/power/Kconfig | 1 + kernel/printk/printk_safe.c | 4 +- kernel/sys.c | 95 ++++++++++++------------- kernel/trace/blktrace.c | 4 ++ kernel/trace/trace.c | 4 +- kernel/trace/trace_uprobe.c | 2 +- kernel/user_namespace.c | 24 +++---- kernel/utsname_sysctl.c | 41 ++++++----- mm/memory.c | 9 --- mm/readahead.c | 12 +++- net/9p/client.c | 2 +- net/9p/trans_fd.c | 7 +- net/9p/trans_rdma.c | 3 + net/9p/trans_virtio.c | 13 +++- net/9p/trans_xen.c | 3 + net/ieee802154/6lowpan/tx.c | 21 +++++- net/mac802154/tx.c | 15 +++- net/sunrpc/clnt.c | 28 +++++--- security/commoncap.c | 2 +- tools/perf/util/auxtrace.c | 3 + 94 files changed, 831 insertions(+), 421 deletions(-)

7 years, 1 month

5
92
0 0

WTF: patch "[PATCH] x86/kvm/vmx: Fix coding style in vmx_setup_l1d_flush()" was seriously submitted to be applied to the 4.18-stable tree?

by gregkh＠linuxfoundation.org

The patch below was submitted to be applied to the 4.18-stable tree. I fail to see how this patch meets the stable kernel rules as found at Documentation/process/stable-kernel-rules.rst. I could be totally wrong, and if so, please respond to <stable(a)vger.kernel.org> and let me know why this patch should be applied. Otherwise, it is now dropped from my patch queues, never to be seen again. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From d806afa495e2e2a1a726e26c5e44f27818e804c1 Mon Sep 17 00:00:00 2001 From: Yi Wang <wang.yi59(a)zte.com.cn> Date: Thu, 16 Aug 2018 13:42:39 +0800 Subject: [PATCH] x86/kvm/vmx: Fix coding style in vmx_setup_l1d_flush() Substitute spaces with tab. No functional changes. Signed-off-by: Yi Wang <wang.yi59(a)zte.com.cn> Reviewed-by: Jiang Biao <jiang.biao2(a)zte.com.cn> Message-Id: <1534398159-48509-1-git-send-email-wang.yi59(a)zte.com.cn> Cc: stable(a)vger.kernel.org # L1TF Signed-off-by: Paolo Bonzini <pbonzini(a)redhat.com> diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c index 1519f030fd73..31e90e83fdd6 100644 --- a/arch/x86/kvm/vmx.c +++ b/arch/x86/kvm/vmx.c @@ -219,15 +219,15 @@ static int vmx_setup_l1d_flush(enum vmx_l1d_flush_state l1tf) return 0; } - if (boot_cpu_has(X86_FEATURE_ARCH_CAPABILITIES)) { - u64 msr; - - rdmsrl(MSR_IA32_ARCH_CAPABILITIES, msr); - if (msr & ARCH_CAP_SKIP_VMENTRY_L1DFLUSH) { - l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_NOT_REQUIRED; - return 0; - } - } + if (boot_cpu_has(X86_FEATURE_ARCH_CAPABILITIES)) { + u64 msr; + + rdmsrl(MSR_IA32_ARCH_CAPABILITIES, msr); + if (msr & ARCH_CAP_SKIP_VMENTRY_L1DFLUSH) { + l1tf_vmx_mitigation = VMENTER_L1D_FLUSH_NOT_REQUIRED; + return 0; + } + } /* If set to auto use the default l1tf mitigation method */ if (l1tf == VMENTER_L1D_FLUSH_AUTO) {

7 years, 1 month

3
3
0 0

[PATCH 4.9 00/63] 4.9.126-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.126 release. There are 63 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Sep 9 21:09:58 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.126-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.126-rc1 Jeremy Cline <jcline(a)redhat.com> fs/quota: Fix spectre gadget in do_quotactl Horia Geantă <horia.geanta(a)nxp.com> crypto: caam/jr - fix descriptor DMA unmapping Ondrej Mosnacek <omosnace(a)redhat.com> crypto: vmx - Fix sleep-in-atomic bugs Adrian Hunter <adrian.hunter(a)intel.com> perf auxtrace: Fix queue resize Shan Hai <shan.hai(a)oracle.com> bcache: release dc->writeback_lock properly in bch_writeback_thread() Steven Rostedt (VMware) <rostedt(a)goodmis.org> printk/tracing: Do not trace printk_nmi_enter() Vishal Verma <vishal.l.verma(a)intel.com> libnvdimm: fix ars_status output length calculation Christian Brauner <christian(a)brauner.io> getxattr: use correct xattr length Mikulas Patocka <mpatocka(a)redhat.com> udlfb: set optimal write delay Mikulas Patocka <mpatocka(a)redhat.com> fb: fix lost console when the user unplugs a USB adapter Vignesh R <vigneshr(a)ti.com> pwm: tiehrpwm: Fix disabling of output of PWMs Richard Weinberger <richard(a)nod.at> ubifs: Fix synced_i_size calculation for xattr inodes Richard Weinberger <richard(a)nod.at> ubifs: Check data node size before truncate Richard Weinberger <richard(a)nod.at> Revert "UBIFS: Fix potential integer overflow in allocation" Richard Weinberger <richard(a)nod.at> ubifs: Fix memory leak in lprobs self-check Jann Horn <jannh(a)google.com> userns: move user access out of the mutex Jann Horn <jannh(a)google.com> sys: don't hold uts_sem while accessing userspace memory Al Viro <viro(a)zeniv.linux.org.uk> osf_getdomainname(): use copy_to_user() Jacob Pan <jacob.jun.pan(a)linux.intel.com> iommu/vt-d: Fix dev iotlb pfsid use Jacob Pan <jacob.jun.pan(a)linux.intel.com> iommu/vt-d: Add definitions for PFSID Peter Zijlstra <peterz(a)infradead.org> mm/tlb: Remove tlb_remove_table() non-concurrent condition Yannik Sembritzki <yannik(a)sembritzki.me> Fix kexec forbidding kernels signed with keys in the secondary keyring to boot Yannik Sembritzki <yannik(a)sembritzki.me> Replace magic for trusting the secondary keyring with #define Jon Hunter <jonathanh(a)nvidia.com> ARM: tegra: Fix Tegra30 Cardhu PCA954x reset Bill Baker <Bill.Baker(a)Oracle.com> NFSv4 client live hangs after live data migration recovery Dan Carpenter <dan.carpenter(a)oracle.com> pnfs/blocklayout: off by one in bl_map_stripe() Max Filippov <jcmvbkbc(a)gmail.com> xtensa: increase ranges in ___invalidate_{i,d}cache_all Max Filippov <jcmvbkbc(a)gmail.com> xtensa: limit offsets in __loop_cache_{all,page} Paolo Bonzini <pbonzini(a)redhat.com> KVM: VMX: fixes for vmentry_l1d_flush module parameter zhangyi (F) <yi.zhang(a)huawei.com> PM / sleep: wakeup: Fix build error caused by missing SRCU support Tomas Bortoli <tomasbortoli(a)gmail.com> 9p: fix multiple NULL-pointer-dereferences Rafael David Tinoco <rafael.tinoco(a)linaro.org> mfd: hi655x: Fix regmap area declared size for hi655x Steven Rostedt (VMware) <rostedt(a)goodmis.org> uprobes: Use synchronize_rcu() not synchronize_sched() Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing/blktrace: Fix to allow setting same value Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Do not call start/stop() functions when tracing_on does not change Johan Hovold <johan(a)kernel.org> rtc: omap: fix potential crash on power off Nadav Amit <namit(a)vmware.com> vmw_balloon: fix VMCI use when balloon built into kernel Nadav Amit <namit(a)vmware.com> vmw_balloon: VMCI_DOORBELL_SET does not check status Nadav Amit <namit(a)vmware.com> vmw_balloon: do not use 2MB without batching Nadav Amit <namit(a)vmware.com> vmw_balloon: fix inflation of 64-bit GFNs Lars-Peter Clausen <lars(a)metafoo.de> iio: ad9523: Fix return value for ad952x_store() Lars-Peter Clausen <lars(a)metafoo.de> iio: ad9523: Fix displayed phase Tycho Andersen <tycho(a)tycho.ws> uart: fix race between uart_put_char() and uart_shutdown() Mike Snitzer <snitzer(a)redhat.com> dm cache metadata: save in-core policy_hint_size to on-disk superblock Hou Tao <houtao1(a)huawei.com> dm thin: stop no_space_timeout worker when switching to write-mode Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/client.c: version pointer uninitialized jiangyiwen <jiangyiwen(a)huawei.com> 9p/virtio: fix off-by-one error in sg list bounds check piaojun <piaojun(a)huawei.com> fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed Bart Van Assche <bart.vanassche(a)wdc.com> RDMA/rxe: Set wqe->status correctly if an unexpected response is received Bart Van Assche <bart.vanassche(a)wdc.com> ib_srpt: Fix a use-after-free in srpt_close_ch() Vaibhav Jain <vaibhav(a)linux.ibm.com> cxl: Fix wrong comparison in cxl_adapter_context_get() Benjamin Herrenschmidt <benh(a)kernel.crashing.org> powerpc/powernv/pci: Work around races in PCI bridge enabling Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. Hari Bathini <hbathini(a)linux.ibm.com> powerpc/fadump: handle crash memory ranges array index overflow Gustavo A. R. Silva <gustavo(a)embeddedor.com> mailbox: xgene-slimpro: Fix potential NULL pointer dereference Daniel Mack <daniel(a)zonque.org> libertas: fix suspend and resume for SDIO connected cards Matthew Auld <matthew.auld(a)intel.com> drm/i915/userptr: reject zero user_size Krzysztof Kozlowski <krzk(a)kernel.org> spi: spi-fsl-dspi: Fix imprecise abort on VF500 during probe Bartosz Golaszewski <bgolaszewski(a)baylibre.com> spi: davinci: fix a NULL pointer dereference Chirantan Ekbote <chirantan(a)chromium.org> 9p/net: Fix zero-copy path in the 9p virtio transport Alexander Aring <aring(a)mojatatu.com> net: mac802154: tx: expand tailroom if necessary Alexander Aring <aring(a)mojatatu.com> net: 6lowpan: fix reserved space for single frames ------------- Diffstat: Makefile | 4 +- arch/alpha/kernel/osf_sys.c | 64 ++++++++--------- arch/arm/boot/dts/tegra30-cardhu.dtsi | 1 + arch/powerpc/include/asm/fadump.h | 3 - arch/powerpc/kernel/fadump.c | 91 +++++++++++++++++++---- arch/powerpc/platforms/powernv/pci-ioda.c | 37 ++++++++++ arch/powerpc/platforms/pseries/ras.c | 2 +- arch/sparc/kernel/sys_sparc_32.c | 22 +++--- arch/sparc/kernel/sys_sparc_64.c | 20 +++--- arch/x86/kernel/kexec-bzimage64.c | 2 +- arch/x86/kvm/vmx.c | 26 ++++--- arch/xtensa/include/asm/cacheasm.h | 69 +++++++++++------- certs/system_keyring.c | 3 +- crypto/asymmetric_keys/pkcs7_key_type.c | 2 +- drivers/crypto/caam/jr.c | 3 +- drivers/crypto/vmx/aes_cbc.c | 30 ++++---- drivers/crypto/vmx/aes_xts.c | 21 ++++-- drivers/gpu/drm/i915/i915_gem_userptr.c | 3 + drivers/iio/frequency/ad9523.c | 4 +- drivers/infiniband/sw/rxe/rxe_comp.c | 1 + drivers/infiniband/ulp/srpt/ib_srpt.c | 3 +- drivers/iommu/dmar.c | 6 +- drivers/iommu/intel-iommu.c | 18 ++++- drivers/mailbox/mailbox-xgene-slimpro.c | 6 +- drivers/md/bcache/writeback.c | 4 +- drivers/md/dm-cache-metadata.c | 3 +- drivers/md/dm-thin.c | 2 + drivers/mfd/hi655x-pmic.c | 2 +- drivers/misc/cxl/main.c | 2 +- drivers/misc/vmw_balloon.c | 67 ++++++++++------- drivers/net/wireless/marvell/libertas/dev.h | 1 + drivers/net/wireless/marvell/libertas/if_sdio.c | 30 ++++++-- drivers/nvdimm/bus.c | 4 +- drivers/pwm/pwm-tiehrpwm.c | 2 + drivers/rtc/rtc-omap.c | 14 ++-- drivers/spi/spi-davinci.c | 2 +- drivers/spi/spi-fsl-dspi.c | 24 +++---- drivers/tty/serial/serial_core.c | 17 +++-- drivers/video/fbdev/core/fbmem.c | 38 ++++++++-- fs/9p/xattr.c | 6 +- fs/nfs/blocklayout/dev.c | 2 +- fs/nfs/nfs4proc.c | 9 ++- fs/quota/quota.c | 2 + fs/ubifs/journal.c | 18 ++++- fs/ubifs/lprops.c | 8 +-- fs/xattr.c | 2 +- include/linux/intel-iommu.h | 8 ++- include/linux/sunrpc/clnt.h | 1 + include/linux/verification.h | 6 ++ include/video/udlfb.h | 2 +- kernel/power/Kconfig | 1 + kernel/printk/nmi.c | 4 +- kernel/sys.c | 95 ++++++++++++------------- kernel/trace/blktrace.c | 4 ++ kernel/trace/trace.c | 4 +- kernel/trace/trace_uprobe.c | 2 +- kernel/user_namespace.c | 24 +++---- kernel/utsname_sysctl.c | 41 ++++++----- mm/memory.c | 9 --- net/9p/client.c | 2 +- net/9p/trans_fd.c | 7 +- net/9p/trans_rdma.c | 3 + net/9p/trans_virtio.c | 13 +++- net/ieee802154/6lowpan/tx.c | 21 +++++- net/mac802154/tx.c | 15 +++- net/sunrpc/clnt.c | 28 +++++--- tools/perf/util/auxtrace.c | 3 + 67 files changed, 653 insertions(+), 340 deletions(-)

7 years, 1 month

5
75
0 0

[PATCH 4.4 00/47] 4.4.155-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.155 release. There are 47 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Sep 9 21:08:44 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.155-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.155-rc1 Dave Airlie <airlied(a)redhat.com> drm/drivers: add support for using the arch wc mapping API. Dave Airlie <airlied(a)redhat.com> x86/io: add interface to reserve io memtype for a resource range. (v1.1) Jeremy Cline <jcline(a)redhat.com> fs/quota: Fix spectre gadget in do_quotactl Adrian Hunter <adrian.hunter(a)intel.com> perf auxtrace: Fix queue resize Shan Hai <shan.hai(a)oracle.com> bcache: release dc->writeback_lock properly in bch_writeback_thread() Christian Brauner <christian(a)brauner.io> getxattr: use correct xattr length Mikulas Patocka <mpatocka(a)redhat.com> udlfb: set optimal write delay Mikulas Patocka <mpatocka(a)redhat.com> fb: fix lost console when the user unplugs a USB adapter Vignesh R <vigneshr(a)ti.com> pwm: tiehrpwm: Fix disabling of output of PWMs Richard Weinberger <richard(a)nod.at> ubifs: Fix synced_i_size calculation for xattr inodes Richard Weinberger <richard(a)nod.at> ubifs: Check data node size before truncate Richard Weinberger <richard(a)nod.at> Revert "UBIFS: Fix potential integer overflow in allocation" Richard Weinberger <richard(a)nod.at> ubifs: Fix memory leak in lprobs self-check Jann Horn <jannh(a)google.com> userns: move user access out of the mutex Jann Horn <jannh(a)google.com> sys: don't hold uts_sem while accessing userspace memory Al Viro <viro(a)zeniv.linux.org.uk> osf_getdomainname(): use copy_to_user() Jacob Pan <jacob.jun.pan(a)linux.intel.com> iommu/vt-d: Fix dev iotlb pfsid use Jacob Pan <jacob.jun.pan(a)linux.intel.com> iommu/vt-d: Add definitions for PFSID Peter Zijlstra <peterz(a)infradead.org> mm/tlb: Remove tlb_remove_table() non-concurrent condition Jon Hunter <jonathanh(a)nvidia.com> ARM: tegra: Fix Tegra30 Cardhu PCA954x reset Dan Carpenter <dan.carpenter(a)oracle.com> pnfs/blocklayout: off by one in bl_map_stripe() zhangyi (F) <yi.zhang(a)huawei.com> PM / sleep: wakeup: Fix build error caused by missing SRCU support Tomas Bortoli <tomasbortoli(a)gmail.com> 9p: fix multiple NULL-pointer-dereferences Steven Rostedt (VMware) <rostedt(a)goodmis.org> uprobes: Use synchronize_rcu() not synchronize_sched() Snild Dolkow <snild(a)sony.com> kthread, tracing: Don't expose half-written comm when creating kthreads Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing/blktrace: Fix to allow setting same value Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Do not call start/stop() functions when tracing_on does not change Nadav Amit <namit(a)vmware.com> vmw_balloon: fix VMCI use when balloon built into kernel Nadav Amit <namit(a)vmware.com> vmw_balloon: VMCI_DOORBELL_SET does not check status Nadav Amit <namit(a)vmware.com> vmw_balloon: do not use 2MB without batching Nadav Amit <namit(a)vmware.com> vmw_balloon: fix inflation of 64-bit GFNs Lars-Peter Clausen <lars(a)metafoo.de> iio: ad9523: Fix return value for ad952x_store() Lars-Peter Clausen <lars(a)metafoo.de> iio: ad9523: Fix displayed phase Mike Snitzer <snitzer(a)redhat.com> dm cache metadata: save in-core policy_hint_size to on-disk superblock Jiri Slaby <jslaby(a)suse.cz> x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/client.c: version pointer uninitialized jiangyiwen <jiangyiwen(a)huawei.com> 9p/virtio: fix off-by-one error in sg list bounds check piaojun <piaojun(a)huawei.com> fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. Hari Bathini <hbathini(a)linux.ibm.com> powerpc/fadump: handle crash memory ranges array index overflow Matthew Auld <matthew.auld(a)intel.com> drm/i915/userptr: reject zero user_size Bartosz Golaszewski <bgolaszewski(a)baylibre.com> spi: davinci: fix a NULL pointer dereference Ben Hutchings <ben.hutchings(a)codethink.co.uk> net: lan78xx: Fix misplaced tasklet_schedule() call Chirantan Ekbote <chirantan(a)chromium.org> 9p/net: Fix zero-copy path in the 9p virtio transport Alexander Aring <aring(a)mojatatu.com> net: mac802154: tx: expand tailroom if necessary Alexander Aring <aring(a)mojatatu.com> net: 6lowpan: fix reserved space for single frames ------------- Diffstat: Makefile | 4 +- arch/alpha/kernel/osf_sys.c | 64 +++++++++----------- arch/arm/boot/dts/tegra30-cardhu.dtsi | 1 + arch/powerpc/include/asm/fadump.h | 3 - arch/powerpc/kernel/fadump.c | 91 +++++++++++++++++++++++----- arch/powerpc/platforms/pseries/ras.c | 2 +- arch/sparc/kernel/sys_sparc_32.c | 22 ++++--- arch/sparc/kernel/sys_sparc_64.c | 20 ++++--- arch/x86/include/asm/io.h | 6 ++ arch/x86/mm/pageattr.c | 2 +- arch/x86/mm/pat.c | 14 +++++ drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 5 ++ drivers/gpu/drm/ast/ast_ttm.c | 6 ++ drivers/gpu/drm/cirrus/cirrus_ttm.c | 7 +++ drivers/gpu/drm/i915/i915_gem_userptr.c | 3 + drivers/gpu/drm/mgag200/mgag200_ttm.c | 7 +++ drivers/gpu/drm/nouveau/nouveau_ttm.c | 8 +++ drivers/gpu/drm/radeon/radeon_object.c | 5 ++ drivers/iio/frequency/ad9523.c | 4 +- drivers/iommu/dmar.c | 6 +- drivers/iommu/intel-iommu.c | 18 +++++- drivers/md/bcache/writeback.c | 4 +- drivers/md/dm-cache-metadata.c | 3 +- drivers/misc/vmw_balloon.c | 67 +++++++++++++-------- drivers/net/usb/lan78xx.c | 4 +- drivers/pwm/pwm-tiehrpwm.c | 2 + drivers/spi/spi-davinci.c | 2 +- drivers/video/fbdev/core/fbmem.c | 38 ++++++++++-- fs/9p/xattr.c | 6 +- fs/nfs/blocklayout/dev.c | 2 +- fs/quota/quota.c | 2 + fs/ubifs/journal.c | 18 +++++- fs/ubifs/lprops.c | 8 +-- fs/xattr.c | 2 +- include/linux/intel-iommu.h | 8 ++- include/linux/io.h | 22 +++++++ include/video/udlfb.h | 2 +- kernel/kthread.c | 8 ++- kernel/power/Kconfig | 1 + kernel/sys.c | 95 ++++++++++++++---------------- kernel/trace/blktrace.c | 4 ++ kernel/trace/trace.c | 4 +- kernel/trace/trace_uprobe.c | 2 +- kernel/user_namespace.c | 22 ++++--- kernel/utsname_sysctl.c | 41 ++++++++----- mm/memory.c | 9 --- net/9p/client.c | 2 +- net/9p/trans_fd.c | 7 ++- net/9p/trans_rdma.c | 3 + net/9p/trans_virtio.c | 13 +++- net/ieee802154/6lowpan/tx.c | 21 ++++++- net/mac802154/tx.c | 15 ++++- tools/perf/util/auxtrace.c | 3 + 53 files changed, 510 insertions(+), 228 deletions(-)

7 years, 1 month

8
58
0 0

[PATCH 3.18 00/29] 3.18.122-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 3.18.122 release. There are 29 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Sep 9 21:08:52 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v3.x/stable-review/patch-3.18.122-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-3.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 3.18.122-rc1 Shan Hai <shan.hai(a)oracle.com> bcache: release dc->writeback_lock properly in bch_writeback_thread() Christian Brauner <christian(a)brauner.io> getxattr: use correct xattr length Mikulas Patocka <mpatocka(a)redhat.com> udlfb: set optimal write delay Mikulas Patocka <mpatocka(a)redhat.com> fb: fix lost console when the user unplugs a USB adapter Vignesh R <vigneshr(a)ti.com> pwm: tiehrpwm: Fix disabling of output of PWMs Richard Weinberger <richard(a)nod.at> ubifs: Fix synced_i_size calculation for xattr inodes Richard Weinberger <richard(a)nod.at> Revert "UBIFS: Fix potential integer overflow in allocation" Richard Weinberger <richard(a)nod.at> ubifs: Fix memory leak in lprobs self-check Jann Horn <jannh(a)google.com> userns: move user access out of the mutex Eric W. Biederman <ebiederm(a)xmission.com> userns; Correct the comment in map_write Jann Horn <jannh(a)google.com> sys: don't hold uts_sem while accessing userspace memory Al Viro <viro(a)zeniv.linux.org.uk> osf_getdomainname(): use copy_to_user() Peter Zijlstra <peterz(a)infradead.org> mm/tlb: Remove tlb_remove_table() non-concurrent condition Jon Hunter <jonathanh(a)nvidia.com> ARM: tegra: Fix Tegra30 Cardhu PCA954x reset Dan Carpenter <dan.carpenter(a)oracle.com> pnfs/blocklayout: off by one in bl_map_stripe() Tomas Bortoli <tomasbortoli(a)gmail.com> 9p: fix multiple NULL-pointer-dereferences Steven Rostedt (VMware) <rostedt(a)goodmis.org> uprobes: Use synchronize_rcu() not synchronize_sched() Snild Dolkow <snild(a)sony.com> kthread, tracing: Don't expose half-written comm when creating kthreads Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing/blktrace: Fix to allow setting same value Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Do not call start/stop() functions when tracing_on does not change Lars-Peter Clausen <lars(a)metafoo.de> iio: ad9523: Fix return value for ad952x_store() Lars-Peter Clausen <lars(a)metafoo.de> iio: ad9523: Fix displayed phase Mike Snitzer <snitzer(a)redhat.com> dm cache metadata: save in-core policy_hint_size to on-disk superblock Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() Tomas Bortoli <tomasbortoli(a)gmail.com> net/9p/client.c: version pointer uninitialized jiangyiwen <jiangyiwen(a)huawei.com> 9p/virtio: fix off-by-one error in sg list bounds check Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. Hari Bathini <hbathini(a)linux.ibm.com> powerpc/fadump: handle crash memory ranges array index overflow Bartosz Golaszewski <bgolaszewski(a)baylibre.com> spi: davinci: fix a NULL pointer dereference ------------- Diffstat: Makefile | 4 +- arch/alpha/kernel/osf_sys.c | 64 +++++++++++------------ arch/arm/boot/dts/tegra30-cardhu.dtsi | 1 + arch/powerpc/include/asm/fadump.h | 3 -- arch/powerpc/kernel/fadump.c | 91 +++++++++++++++++++++++++++------ arch/powerpc/platforms/pseries/ras.c | 2 +- arch/sparc/kernel/sys_sparc_32.c | 22 ++++---- arch/sparc/kernel/sys_sparc_64.c | 20 +++++--- drivers/iio/frequency/ad9523.c | 4 +- drivers/md/bcache/writeback.c | 4 +- drivers/md/dm-cache-metadata.c | 3 +- drivers/pwm/pwm-tiehrpwm.c | 2 + drivers/spi/spi-davinci.c | 2 +- drivers/video/fbdev/core/fbmem.c | 38 +++++++++++--- fs/nfs/blocklayout/dev.c | 2 +- fs/ubifs/journal.c | 7 ++- fs/ubifs/lprops.c | 8 +-- fs/xattr.c | 2 +- include/video/udlfb.h | 2 +- kernel/kthread.c | 8 ++- kernel/sys.c | 95 +++++++++++++++++------------------ kernel/trace/blktrace.c | 4 ++ kernel/trace/trace.c | 4 +- kernel/trace/trace_uprobe.c | 2 +- kernel/user_namespace.c | 22 ++++---- kernel/utsname_sysctl.c | 41 +++++++++------ mm/memory.c | 9 ---- net/9p/client.c | 2 +- net/9p/trans_fd.c | 7 ++- net/9p/trans_rdma.c | 3 ++ net/9p/trans_virtio.c | 6 ++- 31 files changed, 299 insertions(+), 185 deletions(-)

7 years, 1 month

5
37
0 0

[GIT PULL] commits for Linux 3.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 3.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit a5f9be3576c3f9dd871f68eaf482278c0b3a6df2: Linux 3.18.120 (2018-08-28 07:21:37 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-3.18-10092018 for you to fetch changes up to 0941bb2358f61b4d3c1eb989bffadbb4aae2dc5c: btrfs: Don't remove block group that still has pinned down bytes (2018-08-30 10:40:46 -0400) - ---------------------------------------------------------------- for-greg-3.18-10092018 - ---------------------------------------------------------------- Aleh Filipovich (1): platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Andrey Ryabinin (1): mm/fadvise.c: fix signed overflow UBSAN complaint Arnd Bergmann (1): reiserfs: change j_timestamp type to time64_t Breno Leitao (1): selftests/powerpc: Kill child processes on SIGINT Dan Carpenter (2): powerpc: Fix size calculation using resource_size() scsi: aic94xx: fix an error code in aic94xx_init() Ernesto A. FernÃ¡ndez (1): hfs: prevent crash on exit from failed search Guenter Roeck (1): mfd: sm501: Set coherent_dma_mask when creating subdevices Ian Abbott (1): staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice Jann Horn (1): fork: don't copy inconsistent signal handler state to child Jean-Philippe Brucker (1): net/9p: fix error path of p9_virtio_probe John Pittman (1): dm kcopyd: avoid softlockup in run_complete_job Mahesh Salgaonkar (1): powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Misono Tomohiro (1): btrfs: replace: Reset on-disk dev stats value after replace OGAWA Hirofumi (1): fat: validate ->i_start before using Qu Wenruo (2): btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized btrfs: Don't remove block group that still has pinned down bytes Randy Dunlap (1): scripts: modpost: check memory allocation results Ronnie Sahlberg (1): cifs: check if SMB2 PDU size has been padded and suppress the warning Stefan Haberland (1): s390/dasd: fix hanging offline processing due to canceled worker Steve French (2): smb3: fix reset of bytes read and written stats SMB3: Number of requests sent should be displayed for SMB3 not just CIFS Tan Hu (1): ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Tetsuo Handa (1): hfsplus: don't return 0 when fill_super() failed Thomas Petazzoni (1): PCI: mvebu: Fix I/O space end address calculation arch/powerpc/platforms/pseries/ras.c | 2 +- arch/powerpc/sysdev/mpic_msgr.c | 2 +- drivers/md/dm-kcopyd.c | 2 ++ drivers/mfd/sm501.c | 1 + drivers/pci/host/pci-mvebu.c | 2 +- drivers/platform/x86/asus-nb-wmi.c | 1 + drivers/s390/block/dasd_eckd.c | 7 +++++-- drivers/scsi/aic94xx/aic94xx_init.c | 4 +++- drivers/staging/comedi/drivers/ni_mio_common.c | 3 ++- fs/btrfs/dev-replace.c | 6 ++++++ fs/btrfs/extent-tree.c | 2 +- fs/btrfs/relocation.c | 23 ++++++++++++----------- fs/cifs/cifs_debug.c | 8 ++++++++ fs/cifs/smb2misc.c | 7 +++++++ fs/cifs/smb2pdu.c | 2 +- fs/fat/cache.c | 19 ++++++++++++------- fs/fat/fat.h | 5 +++++ fs/fat/fatent.c | 6 +++--- fs/hfs/brec.c | 7 ++++--- fs/hfsplus/super.c | 4 +++- fs/reiserfs/reiserfs.h | 2 +- kernel/fork.c | 2 ++ mm/fadvise.c | 8 ++++++-- net/9p/trans_virtio.c | 3 ++- net/netfilter/ipvs/ip_vs_core.c | 15 +++++++++++---- scripts/mod/modpost.c | 8 ++++---- tools/testing/selftests/powerpc/harness.c | 18 ++++++++++++------ 27 files changed, 117 insertions(+), 52 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAluWf4wACgkQ3qZv95d3 LNw2mw//czETmy7MjuRhH3z4KEh29RvoKJ0kTJ/hIGDleoy6MhHx603vBiT7mtcI v35sXHjCT77mUE3PkoRoWwrLtFiGxCZ6txZ1Zutwz8lCUem9gaw40KehjCxdGH/U jejRP+sgYYKuVNgXn7pPk97GINNIqytc3B5lDwAz0VgWGX6fpITtAr9xSrbc+fuP Zc+DBs0YUxtfj2KTCgYN+73fUZOPauubowxPX+UVfIwtxUcgejJO1JyNi0uIhqbj ebpkUiozS37+loouRKR46vfKcSohU9ZWW9I+hO6nx47i6LqtARjyDV99glgX8zaE 9bt8kWKPVx6AAcY1jQwMvx2VeRaTouPfG9u9kUlMHvzNbnRQ2xnRpmXLMqcHFyQG Wgf6EIXT1o9HG08B4pAAELTY1UacnVeHH0+GxhU9hhcU969Mu5H0e3sVymgyWZBm TOF650ITUjTAT+BtfMf/A7/jGmRoVV6Vl0372ePXkgIG6Kwq3AgwMJRzR8FCX8M0 ualLK0A1BS+eaC70+paAkhakrzYH224Yrbb+nXm3p3Mho1UCU26VMTz59Z7Rgvr6 dsLIvyOCHFiXHeKtyjbZ9mW6O64yiTHqO3SdctgkrYfm9BSAtRZZivGYd9IwflWB 6oz4fUFH7jmVyjbEg9cgEWttLNVROcSrGLYEIFDXv9SlhOWxTfA= =NY7H -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[GIT PULL] commits for Linux 4.4

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.4 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 577189c37a844243359afce1c3c94418259fe696: Linux 4.4.153 (2018-08-28 07:23:44 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.4-10092018 for you to fetch changes up to 230b9c234e619e3c62b68c12a57c4fa35983c7bc: btrfs: Don't remove block group that still has pinned down bytes (2018-08-31 15:34:12 -0400) - ---------------------------------------------------------------- for-greg-4.4-10092018 - ---------------------------------------------------------------- Aleh Filipovich (1): platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Andrey Ryabinin (1): mm/fadvise.c: fix signed overflow UBSAN complaint Arnd Bergmann (1): reiserfs: change j_timestamp type to time64_t Breno Leitao (1): selftests/powerpc: Kill child processes on SIGINT Dan Carpenter (2): powerpc: Fix size calculation using resource_size() scsi: aic94xx: fix an error code in aic94xx_init() Ernesto A. FernÃ¡ndez (2): hfs: prevent crash on exit from failed search hfsplus: fix NULL dereference in hfsplus_lookup() Guenter Roeck (1): mfd: sm501: Set coherent_dma_mask when creating subdevices Ian Abbott (1): staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice Jann Horn (1): fork: don't copy inconsistent signal handler state to child Jean-Philippe Brucker (1): net/9p: fix error path of p9_virtio_probe John Pittman (1): dm kcopyd: avoid softlockup in run_complete_job Jonas Gorski (1): irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Mahesh Salgaonkar (1): powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Misono Tomohiro (1): btrfs: replace: Reset on-disk dev stats value after replace OGAWA Hirofumi (1): fat: validate ->i_start before using Qu Wenruo (2): btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized btrfs: Don't remove block group that still has pinned down bytes Randy Dunlap (1): scripts: modpost: check memory allocation results Ronnie Sahlberg (1): cifs: check if SMB2 PDU size has been padded and suppress the warning Stefan Haberland (1): s390/dasd: fix hanging offline processing due to canceled worker Steve French (2): smb3: fix reset of bytes read and written stats SMB3: Number of requests sent should be displayed for SMB3 not just CIFS Tan Hu (1): ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Tetsuo Handa (2): hfsplus: don't return 0 when fill_super() failed fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Thomas Petazzoni (1): PCI: mvebu: Fix I/O space end address calculation Vasily Gorbik (1): tracing: Handle CC_FLAGS_FTRACE more accurately Makefile | 11 +++++++---- arch/powerpc/platforms/pseries/ras.c | 2 +- arch/powerpc/sysdev/mpic_msgr.c | 2 +- drivers/irqchip/irq-bcm7038-l1.c | 4 ++++ drivers/md/dm-kcopyd.c | 2 ++ drivers/mfd/sm501.c | 1 + drivers/pci/host/pci-mvebu.c | 2 +- drivers/platform/x86/asus-nb-wmi.c | 1 + drivers/s390/block/dasd_eckd.c | 7 +++++-- drivers/scsi/aic94xx/aic94xx_init.c | 4 +++- drivers/staging/comedi/drivers/ni_mio_common.c | 3 ++- fs/btrfs/dev-replace.c | 6 ++++++ fs/btrfs/extent-tree.c | 2 +- fs/btrfs/relocation.c | 23 ++++++++++++----------- fs/cifs/cifs_debug.c | 8 ++++++++ fs/cifs/smb2misc.c | 7 +++++++ fs/cifs/smb2pdu.c | 2 +- fs/dcache.c | 3 ++- fs/fat/cache.c | 19 ++++++++++++------- fs/fat/fat.h | 5 +++++ fs/fat/fatent.c | 6 +++--- fs/hfs/brec.c | 7 ++++--- fs/hfsplus/dir.c | 4 ++-- fs/hfsplus/super.c | 4 +++- fs/reiserfs/reiserfs.h | 2 +- kernel/fork.c | 2 ++ mm/fadvise.c | 8 ++++++-- net/9p/trans_virtio.c | 3 ++- net/netfilter/ipvs/ip_vs_core.c | 15 +++++++++++---- scripts/mod/modpost.c | 8 ++++---- tools/testing/selftests/powerpc/harness.c | 18 ++++++++++++------ 31 files changed, 132 insertions(+), 59 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAluWf4QACgkQ3qZv95d3 LNxoaBAAkTmVEYo2cxE6cWtH48DHvSmVW/8aS6lpyxaQK9c9Dr3xPMRqVO7FYne4 CquCmbsJzmMouimtn2hn+QAXwLdaAjgZDMIoiBs1vFho6komQ52i83wWTAJEMhKL uvWyZosKpGgNztgaU2ZZI1lax85sTscTGq/H46bV8S2RJWKGxiMaIPOSbKS3+GN1 FCTHGy05Hy3gQnmNCpV03n10zeEGSHQ2vDRz9g9OgFWlXcHmL0oyp+G+StnGiKMc wmHXJBSq5aFsf+nOflBNl7ngZUU5KkbQfdZOh/1aPgfoR08JRVV7DNivj7C9DCpV RoxxmDKizPvV4bOgn39MVNs/yQUW8Q9HT1QnKoCvDZeaVHKwW9KMX4ax2lvHlYjS woYwJ5Rz0qKxcZBxQAg+QHN1Y61WLDp3QukxALtXDdCswDD2oByVtfwn5S7+pwZj R3kACK7DZihBcIrNR6wPA0LgOzauwSRYc2wP8DwxQ5zpEgbQXZyMvFU2uQsA10Ac z0Y03alRobEnAbQB0ogkGhXUWG2935cSxBbsd0j0vzC1KQoPkL+pSytDpC8p1tuy 6PR/u6i/DHGcKemSpMASbN1LB88mKAQPSdnkTw6w3DygVHF6KMz+nXAcNhkleENy aAy1k4GaQcopFkAycesQ9KX9jGnP2XHhmZZxcL1f5qoiMsf6DY4= =X/I+ -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[PATCH] fs/cifs: require sha512

by Stefan Metzmacher

This got lost in commit 0fdfef9aa7ee68ddd508aef7c98630cfc054f8d6, which removed CONFIG_CIFS_SMB311. Signed-off-by: Stefan Metzmacher <metze(a)samba.org> Fixes: 0fdfef9aa7ee68ddd ("smb3: simplify code by removing CONFIG_CIFS_SMB311") CC: Stable <stable(a)vger.kernel.org> CC: linux-cifs(a)vger.kernel.org --- fs/cifs/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/cifs/Kconfig b/fs/cifs/Kconfig index 35c83fe7dba01..abcd78e332feb 100644 --- a/fs/cifs/Kconfig +++ b/fs/cifs/Kconfig @@ -6,6 +6,7 @@ config CIFS select CRYPTO_MD4 select CRYPTO_MD5 select CRYPTO_SHA256 + select CRYPTO_SHA512 select CRYPTO_CMAC select CRYPTO_HMAC select CRYPTO_ARC4 -- 2.17.1

7 years, 1 month

2
3
0 0

[GIT PULL] commits for Linux 4.9

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.9 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit e8d49e4292d9156a081752dee3f5a0cd12857da9: Linux 4.9.124 (2018-08-24 13:12:43 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.9-10092018 for you to fetch changes up to 05cd17579215f05a2119635570885f90374cb1af: ARM: rockchip: Force CONFIG_PM on Rockchip systems (2018-09-02 02:34:43 -0400) - ---------------------------------------------------------------- for-greg-4.9-10092018 - ---------------------------------------------------------------- Aleh Filipovich (1): platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Andrey Ryabinin (1): mm/fadvise.c: fix signed overflow UBSAN complaint Arnd Bergmann (1): reiserfs: change j_timestamp type to time64_t Breno Leitao (1): selftests/powerpc: Kill child processes on SIGINT Dan Carpenter (2): powerpc: Fix size calculation using resource_size() scsi: aic94xx: fix an error code in aic94xx_init() Ernesto A. FernÃ¡ndez (2): hfs: prevent crash on exit from failed search hfsplus: fix NULL dereference in hfsplus_lookup() Gal Pressman (1): RDMA/hns: Fix usage of bitmap allocation functions return values Greg Edwards (1): block: bvec_nr_vecs() returns value for wrong slab Guenter Roeck (1): mfd: sm501: Set coherent_dma_mask when creating subdevices Hans de Goede (1): ACPI / scan: Initialize status to ACPI_STA_DEFAULT Ian Abbott (1): staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice Jann Horn (1): fork: don't copy inconsistent signal handler state to child Jean-Philippe Brucker (1): net/9p: fix error path of p9_virtio_probe John Pittman (1): dm kcopyd: avoid softlockup in run_complete_job Jonas Gorski (1): irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Laura Abbott (1): sunrpc: Don't use stack buffer with scatterlist Levin Du (1): clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 Mahesh Salgaonkar (1): powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Marc Zyngier (2): arm64: rockchip: Force CONFIG_PM on Rockchip systems ARM: rockchip: Force CONFIG_PM on Rockchip systems Misono Tomohiro (1): btrfs: replace: Reset on-disk dev stats value after replace OGAWA Hirofumi (1): fat: validate ->i_start before using Philipp Rudo (1): s390/kdump: Fix memleak in nt_vmcoreinfo Qu Wenruo (2): btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized btrfs: Don't remove block group that still has pinned down bytes Randy Dunlap (2): scripts: modpost: check memory allocation results platform/x86: intel_punit_ipc: fix build errors Ronnie Sahlberg (1): cifs: check if SMB2 PDU size has been padded and suppress the warning Sandipan Das (1): perf probe powerpc: Fix trace event post-processing Stefan Haberland (2): s390/dasd: fix hanging offline processing due to canceled worker s390/dasd: fix panic for failed online processing Steve French (2): smb3: fix reset of bytes read and written stats SMB3: Number of requests sent should be displayed for SMB3 not just CIFS Suzuki K Poulose (1): virtio: pci-legacy: Validate queue pfn Tan Hu (1): ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Tetsuo Handa (2): hfsplus: don't return 0 when fill_super() failed fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Thomas Petazzoni (1): PCI: mvebu: Fix I/O space end address calculation Tomas Bortoli (1): net/9p/trans_fd.c: fix race by holding the lock Vasily Gorbik (1): tracing: Handle CC_FLAGS_FTRACE more accurately YueHaibing (1): RDS: IB: fix 'passing zero to ERR_PTR()' warning Makefile | 11 +++++++---- arch/arm/mach-rockchip/Kconfig | 1 + arch/arm64/Kconfig.platforms | 1 + arch/powerpc/platforms/pseries/ras.c | 2 +- arch/powerpc/sysdev/mpic_msgr.c | 2 +- arch/s390/kernel/crash_dump.c | 17 ++++++++++++----- block/bio.c | 2 +- drivers/acpi/scan.c | 5 +++-- drivers/clk/rockchip/clk-rk3399.c | 1 + drivers/infiniband/hw/hns/hns_roce_pd.c | 2 +- drivers/infiniband/hw/hns/hns_roce_qp.c | 5 ++++- drivers/irqchip/irq-bcm7038-l1.c | 4 ++++ drivers/md/dm-kcopyd.c | 2 ++ drivers/mfd/sm501.c | 1 + drivers/pci/host/pci-mvebu.c | 2 +- drivers/platform/x86/asus-nb-wmi.c | 1 + drivers/platform/x86/intel_punit_ipc.c | 1 + drivers/s390/block/dasd_eckd.c | 10 ++++++++-- drivers/scsi/aic94xx/aic94xx_init.c | 4 +++- drivers/staging/comedi/drivers/ni_mio_common.c | 3 ++- drivers/virtio/virtio_pci_legacy.c | 14 ++++++++++++-- fs/btrfs/dev-replace.c | 6 ++++++ fs/btrfs/extent-tree.c | 2 +- fs/btrfs/relocation.c | 23 ++++++++++++----------- fs/cifs/cifs_debug.c | 8 ++++++++ fs/cifs/smb2misc.c | 7 +++++++ fs/cifs/smb2pdu.c | 2 +- fs/dcache.c | 3 ++- fs/fat/cache.c | 19 ++++++++++++------- fs/fat/fat.h | 5 +++++ fs/fat/fatent.c | 6 +++--- fs/hfs/brec.c | 7 ++++--- fs/hfsplus/dir.c | 4 ++-- fs/hfsplus/super.c | 4 +++- fs/reiserfs/reiserfs.h | 2 +- kernel/fork.c | 2 ++ mm/fadvise.c | 8 ++++++-- net/9p/trans_fd.c | 10 +++++----- net/9p/trans_virtio.c | 3 ++- net/netfilter/ipvs/ip_vs_core.c | 15 +++++++++++---- net/rds/ib_frmr.c | 1 + net/sunrpc/auth_gss/gss_krb5_crypto.c | 12 +++++++++--- scripts/mod/modpost.c | 8 ++++---- tools/perf/arch/powerpc/util/sym-handling.c | 4 +++- tools/testing/selftests/powerpc/harness.c | 18 ++++++++++++------ 45 files changed, 190 insertions(+), 80 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAluWf30ACgkQ3qZv95d3 LNyowg/9Gduye0DrrBpZxb1JcLGq7q2MDnQKlkhFDNuXkjMet+/fAtSxgaS0GH1T APPT6pSywAjWj9GoV0pRBXaCkImREJIJrtE3QteGnM4Ge79Y39UUysxzLJ9gSGUp XFfTo/2/fXDIX+gcCh//uKCALuPEHNL1hVDCPtq4SssXr29oBykEsKlihM02ox/P qTYh+RICT0tiZUuwYT0Sn+mWnwdpkps4wgAtBbsHGc0vnqvO5OHRP+qYQrx4YNA5 IURX/AMuuJGAqUjV4yVEZ8a9DEbPoTuJfuSdZKYPHN67bW5DlhB/pKU4bFhYJFcn e++cTvw/2mqcFeREZrDZQ/0jcaWffhOzsDqD1cT8wvRmwvzI5FlpiL061Pxs6yQG uUjkOqBwWP4/4pCiCuihPehH6NLvxaybNwEobIZBdooWFFurL1HjVp5XT2cqkW/g zoak6Wu/4nuNkjOkF9Wje0I4W7AYUbdTU1XYfH/EsmgKUe/qf96RUF8FwYFjuZbR bKZrSFw++8r4QoRJqxCKPErupcMpGOKWJlDwMFeLCpEFI4Z6ldf/w7PMd3k4P3VX o4dOQffAwWKLsVEqJHc+xBRoYUH2Iy10ZLQTGaHytsUgQq0rruNeCnY+St+UsMsI HoRgzpnPQfT+WkHiozXN3zyOP2AEJ2cXKnAfCm+o7ChpmmtUKWs= =3N9s -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[GIT PULL] commits for Linux 4.14

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.14 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit f4c88459f7c9320f587b839c3d24a2a9dc18a8a0: Linux 4.14.67 (2018-08-24 13:09:23 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.14-10092018 for you to fetch changes up to 8d44a0537965283dbb7da45b21f484fa801af60b: ARM: rockchip: Force CONFIG_PM on Rockchip systems (2018-09-06 20:16:01 -0400) - ---------------------------------------------------------------- for-greg-4.14-10092018 - ---------------------------------------------------------------- Aleh Filipovich (1): platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 Andrey Ryabinin (1): mm/fadvise.c: fix signed overflow UBSAN complaint Arnd Bergmann (2): reiserfs: change j_timestamp type to time64_t x86/mce: Add notifier_block forward declaration Bart Van Assche (1): cfq: Suppress compiler warnings about comparisons Benno Evers (1): perf tools: Check for null when copying nsinfo. Breno Leitao (1): selftests/powerpc: Kill child processes on SIGINT Chao Yu (1): f2fs: fix to clear PG_checked flag in set_page_dirty() Dan Carpenter (2): powerpc: Fix size calculation using resource_size() scsi: aic94xx: fix an error code in aic94xx_init() Daniel Borkmann (1): tcp, ulp: add alias for all ulp modules Dmitry Torokhov (1): Input: do not use WARN() in input_alloc_absinfo() Ernesto A. FernÃ¡ndez (2): hfs: prevent crash on exit from failed search hfsplus: fix NULL dereference in hfsplus_lookup() Florian Westphal (2): netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses netfilter: fix memory leaks on netlink_dump_start error Gal Pressman (1): RDMA/hns: Fix usage of bitmap allocation functions return values Greg Edwards (1): block: bvec_nr_vecs() returns value for wrong slab Guenter Roeck (1): mfd: sm501: Set coherent_dma_mask when creating subdevices Hans de Goede (1): ACPI / scan: Initialize status to ACPI_STA_DEFAULT Ian Abbott (1): staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice James Morse (1): fs/proc/kcore.c: use __pa_symbol() for KCORE_TEXT list entries Jann Horn (1): fork: don't copy inconsistent signal handler state to child Jean-Philippe Brucker (1): net/9p: fix error path of p9_virtio_probe Jerome Brunet (1): pwm: meson: Fix mux clock names Jian Shen (1): net: hns3: Fix for phy link issue when using marvell phy driver Jim Mattson (1): kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 John Pittman (1): dm kcopyd: avoid softlockup in run_complete_job Jonas Gorski (1): irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP Laura Abbott (1): sunrpc: Don't use stack buffer with scatterlist Levin Du (1): clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 Mahesh Salgaonkar (1): powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. Marc Zyngier (2): arm64: rockchip: Force CONFIG_PM on Rockchip systems ARM: rockchip: Force CONFIG_PM on Rockchip systems Matthias Kaehlcke (1): ASoC: rt5677: Fix initialization of rt5677_of_match.data Michael Ellerman (2): powerpc/uaccess: Enable get_user(u64, *p) on 32-bit powerpc/64s: Make rfi_flush_fallback a little more robust Michael J. Ruhl (1): IB/hfi1: Invalid NUMA node information can cause a divide by zero Misono Tomohiro (1): btrfs: replace: Reset on-disk dev stats value after replace OGAWA Hirofumi (1): fat: validate ->i_start before using Peter Zijlstra (1): mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE Philipp Rudo (1): s390/kdump: Fix memleak in nt_vmcoreinfo Qu Wenruo (3): btrfs: Exit gracefully when chunk map cannot be inserted to the tree btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized btrfs: Don't remove block group that still has pinned down bytes Ralf Goebel (1): iommu/omap: Fix cache flushes on L2 table entries Randy Dunlap (3): scripts: modpost: check memory allocation results platform/x86: intel_punit_ipc: fix build errors powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning Roger Pau Monne (1): xen/balloon: fix balloon initialization for PVH Dom0 Ronnie Sahlberg (1): cifs: check if SMB2 PDU size has been padded and suppress the warning Sandipan Das (1): perf probe powerpc: Fix trace event post-processing Sean Christopherson (1): KVM: vmx: track host_state.loaded using a loaded_vmcs pointer Stefan Haberland (2): s390/dasd: fix hanging offline processing due to canceled worker s390/dasd: fix panic for failed online processing Steve French (2): smb3: fix reset of bytes read and written stats SMB3: Number of requests sent should be displayed for SMB3 not just CIFS Suzuki K Poulose (1): virtio: pci-legacy: Validate queue pfn Tan Hu (1): ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() Tetsuo Handa (2): hfsplus: don't return 0 when fill_super() failed fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() Thomas Petazzoni (1): PCI: mvebu: Fix I/O space end address calculation Tomas Bortoli (1): net/9p/trans_fd.c: fix race by holding the lock Vasily Gorbik (1): tracing: Handle CC_FLAGS_FTRACE more accurately Wei Yongjun (1): NFSv4: Fix error handling in nfs4_sp4_select_mode() Xi Wang (1): net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero YueHaibing (1): RDS: IB: fix 'passing zero to ERR_PTR()' warning Makefile | 11 +++++--- arch/Kconfig | 3 +++ arch/arm/mach-rockchip/Kconfig | 1 + arch/arm64/Kconfig.platforms | 1 + arch/powerpc/include/asm/uaccess.h | 13 +++++++--- arch/powerpc/kernel/exceptions-64s.S | 6 +++++ arch/powerpc/platforms/85xx/t1042rdb_diu.c | 4 +++ arch/powerpc/platforms/pseries/ras.c | 2 +- arch/powerpc/sysdev/mpic_msgr.c | 2 +- arch/s390/kernel/crash_dump.c | 17 +++++++++---- arch/x86/Kconfig | 1 + arch/x86/include/asm/mce.h | 1 + arch/x86/kvm/vmx.c | 26 ++++++++++++------- block/bio.c | 2 +- block/cfq-iosched.c | 22 ++++++++-------- drivers/acpi/scan.c | 5 ++-- drivers/clk/rockchip/clk-rk3399.c | 1 + drivers/infiniband/hw/hfi1/affinity.c | 24 +++++++++++++++--- drivers/infiniband/hw/hns/hns_roce_pd.c | 2 +- drivers/infiniband/hw/hns/hns_roce_qp.c | 5 +++- drivers/input/input.c | 16 +++++++++--- drivers/iommu/omap-iommu.c | 4 +-- drivers/irqchip/irq-bcm7038-l1.c | 4 +++ drivers/md/dm-kcopyd.c | 2 ++ drivers/mfd/sm501.c | 1 + .../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 2 +- .../ethernet/hisilicon/hns3/hns3pf/hclge_mdio.c | 2 ++ drivers/pci/host/pci-mvebu.c | 2 +- drivers/platform/x86/asus-nb-wmi.c | 1 + drivers/platform/x86/intel_punit_ipc.c | 1 + drivers/pwm/pwm-meson.c | 3 +-- drivers/s390/block/dasd_eckd.c | 10 ++++++-- drivers/scsi/aic94xx/aic94xx_init.c | 4 ++- drivers/staging/comedi/drivers/ni_mio_common.c | 3 ++- drivers/virtio/virtio_pci_legacy.c | 14 +++++++++-- drivers/xen/xen-balloon.c | 2 +- fs/btrfs/dev-replace.c | 6 +++++ fs/btrfs/extent-tree.c | 2 +- fs/btrfs/relocation.c | 23 +++++++++-------- fs/btrfs/volumes.c | 8 ++++-- fs/cifs/cifs_debug.c | 8 ++++++ fs/cifs/smb2misc.c | 7 ++++++ fs/cifs/smb2pdu.c | 2 +- fs/dcache.c | 3 ++- fs/f2fs/data.c | 4 +++ fs/fat/cache.c | 19 ++++++++------ fs/fat/fat.h | 5 ++++ fs/fat/fatent.c | 6 ++--- fs/hfs/brec.c | 7 +++--- fs/hfsplus/dir.c | 4 +-- fs/hfsplus/super.c | 4 ++- fs/nfs/nfs4proc.c | 2 +- fs/proc/kcore.c | 4 ++- fs/reiserfs/reiserfs.h | 2 +- include/net/tcp.h | 4 +++ kernel/fork.c | 2 ++ mm/fadvise.c | 8 ++++-- mm/memory.c | 18 ++++++++++++++ net/9p/trans_fd.c | 10 ++++---- net/9p/trans_virtio.c | 3 ++- net/ipv4/tcp_ulp.c | 2 +- net/ipv6/netfilter/ip6t_rpfilter.c | 12 ++++++++- net/netfilter/ipvs/ip_vs_core.c | 15 ++++++++--- net/netfilter/nf_conntrack_netlink.c | 26 ++++++++++++------- net/netfilter/nfnetlink_acct.c | 29 ++++++++++------------ net/rds/ib_frmr.c | 1 + net/sunrpc/auth_gss/gss_krb5_crypto.c | 12 ++++++--- net/tls/tls_main.c | 1 + scripts/mod/modpost.c | 8 +++--- sound/soc/codecs/rt5677.c | 2 +- tools/perf/arch/powerpc/util/sym-handling.c | 4 ++- tools/perf/util/namespaces.c | 3 +++ tools/testing/selftests/powerpc/harness.c | 18 +++++++++----- 73 files changed, 367 insertions(+), 147 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAluWf3YACgkQ3qZv95d3 LNwRag/+IPoVUjYgaBwTUqPBsuBzXbIcTLBo9q5h7UZJh4/av5kRQ2RqQInH/hBh FTc5thw+xBGlMUvYmiWH6XdAY3Q/3aq4s4BZ/QIQsBx1xRD6Up9TxePcyrq16PGs P/KZwZjvG6NdZZ0ppdbC566jV7T5EjklQ6ZebmFgph3bcBAUYQKSuvNAbTnYYrjH f/FO2PIoIJfVVVz57GRB4P4CP5xxYilLfipeF2PFfe+0vzhW0hTvszUVxM5/8uOg DtUd9kvv1Bgv2GplFd6tkJ80kqBly/DcmLRsxZwO29cHwjM12dGtHLJYrGrOJHw1 p5NPivbygrzFkN/22dgFOLJZEOUuVDRzgepNU2vMJq+m6ZCjqYM5B3vH7TPzNZ7D iwouqjjqxfA9M7b3vYcq3l8zfRYILw4OfX+WYNdzA7roIVBI5eH2COdsNKXAS/4b mAcZ+osb5laGpU3ZOq9ZXuzTQf24c9zqIgRQMW1Rwmu1piwyqSJZIKnmhwwytqOq jxW57UgwavuhcFa2xzxOtDxaFHwbrVMaavjvvSYllft47y9fNWhvrQHsJk2wfryk loMngmNwtRfqgk2KySFYT/mqM/H/SQ7Yb2o7vL3hw7vV6o9qy348sr+KxvG+9rt1 IaYV7wm0xIQh9wq+DTzyAW0aZ5p7E1HVilv/jokOFtH2URbZyIc= =vKyy -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[tip:perf/urgent] perf/core: Force USER_DS when recording user stack data

by tip-bot for Yabin Cui

Commit-ID: 02e184476eff848273826c1d6617bb37e5bcc7ad Gitweb: https://git.kernel.org/tip/02e184476eff848273826c1d6617bb37e5bcc7ad Author: Yabin Cui <yabinc(a)google.com> AuthorDate: Thu, 23 Aug 2018 15:59:35 -0700 Committer: Ingo Molnar <mingo(a)kernel.org> CommitDate: Mon, 10 Sep 2018 14:01:46 +0200 perf/core: Force USER_DS when recording user stack data Perf can record user stack data in response to a synchronous request, such as a tracepoint firing. If this happens under set_fs(KERNEL_DS), then we end up reading user stack data using __copy_from_user_inatomic() under set_fs(KERNEL_DS). I think this conflicts with the intention of using set_fs(KERNEL_DS). And it is explicitly forbidden by hardware on ARM64 when both CONFIG_ARM64_UAO and CONFIG_ARM64_PAN are used. So fix this by forcing USER_DS when recording user stack data. Signed-off-by: Yabin Cui <yabinc(a)google.com> Acked-by: Peter Zijlstra (Intel) <peterz(a)infradead.org> Cc: <stable(a)vger.kernel.org> Cc: Alexander Shishkin <alexander.shishkin(a)linux.intel.com> Cc: Arnaldo Carvalho de Melo <acme(a)kernel.org> Cc: Jiri Olsa <jolsa(a)redhat.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Namhyung Kim <namhyung(a)kernel.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Fixes: 88b0193d9418 ("perf/callchain: Force USER_DS when invoking perf_callchain_user()") Link: http://lkml.kernel.org/r/20180823225935.27035-1-yabinc@google.com Signed-off-by: Ingo Molnar <mingo(a)kernel.org> --- kernel/events/core.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/kernel/events/core.c b/kernel/events/core.c index abaed4f8bb7f..c80549bf82c6 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -5943,6 +5943,7 @@ perf_output_sample_ustack(struct perf_output_handle *handle, u64 dump_size, unsigned long sp; unsigned int rem; u64 dyn_size; + mm_segment_t fs; /* * We dump: @@ -5960,7 +5961,10 @@ perf_output_sample_ustack(struct perf_output_handle *handle, u64 dump_size, /* Data. */ sp = perf_user_stack_pointer(regs); + fs = get_fs(); + set_fs(USER_DS); rem = __output_copy_user(handle, (void *) sp, dump_size); + set_fs(fs); dyn_size = dump_size - rem; perf_output_skip(handle, rem);

7 years, 1 month

1
0
0 0

[PATCH AUTOSEL 4.18 001/131] tc-testing: flush gact actions on test teardown

by Sasha Levin

From: Vlad Buslov <vladbu(a)mellanox.com> [ Upstream commit 0c62f8a820b7fdeacf5ad9f9e24b53043d372c97 ] Test 6fb4 creates one mirred and one pipe action, but only flushes mirred on teardown. Leaking pipe action causes failures in other tests. Add additional teardown command to also flush gact actions. Signed-off-by: Vlad Buslov <vladbu(a)mellanox.com> Acked-by: Jamal Hadi Salim <jhs(a)mojatatu.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- .../testing/selftests/tc-testing/tc-tests/actions/mirred.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/tc-testing/tc-tests/actions/mirred.json b/tools/testing/selftests/tc-testing/tc-tests/actions/mirred.json index 6e4edfae1799..db49fd0f8445 100644 --- a/tools/testing/selftests/tc-testing/tc-tests/actions/mirred.json +++ b/tools/testing/selftests/tc-testing/tc-tests/actions/mirred.json @@ -44,7 +44,8 @@ "matchPattern": "action order [0-9]*: mirred \$Egress Redirect to device lo\$.*index 2 ref", "matchCount": "1", "teardown": [ - "$TC actions flush action mirred" + "$TC actions flush action mirred", + "$TC actions flush action gact" ] }, { -- 2.17.1

7 years, 1 month

8
143
0 0

[PATCH 4.4 00/43] 4.4.148-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.148 release. There are 43 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Aug 16 17:14:59 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.148-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.148-rc1 Guenter Roeck <linux(a)roeck-us.net> x86/speculation/l1tf: Fix up CPU feature flags Andi Kleen <ak(a)linux.intel.com> x86/mm/kmmio: Make the tracer robust against L1TF Andi Kleen <ak(a)linux.intel.com> x86/mm/pat: Make set_memory_np() L1TF safe Andi Kleen <ak(a)linux.intel.com> x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert Andi Kleen <ak(a)linux.intel.com> x86/speculation/l1tf: Invert all not present mappings Michal Hocko <mhocko(a)suse.cz> x86/speculation/l1tf: Fix up pte->pfn conversion for PAE Vlastimil Babka <vbabka(a)suse.cz> x86/speculation/l1tf: Protect PAE swap entries against L1TF Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/cpufeatures: Add detection of L1D cache flush support. Vlastimil Babka <vbabka(a)suse.cz> x86/speculation/l1tf: Extend 64bit swap file size limit Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> x86/bugs: Move the l1tf function and define pr_fmt properly Andi Kleen <ak(a)linux.intel.com> x86/speculation/l1tf: Limit swap file size to MAX_PA/2 Andi Kleen <ak(a)linux.intel.com> x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings Dan Williams <dan.j.williams(a)intel.com> mm: fix cache mode tracking in vm_insert_mixed() Andy Lutomirski <luto(a)kernel.org> mm: Add vm_insert_pfn_prot() Andi Kleen <ak(a)linux.intel.com> x86/speculation/l1tf: Add sysfs reporting for l1tf Andi Kleen <ak(a)linux.intel.com> x86/speculation/l1tf: Make sure the first page is always reserved Andi Kleen <ak(a)linux.intel.com> x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation Linus Torvalds <torvalds(a)linux-foundation.org> x86/speculation/l1tf: Protect swap entries against L1TF Linus Torvalds <torvalds(a)linux-foundation.org> x86/speculation/l1tf: Change order of offset/type in swap entry Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 Dave Hansen <dave.hansen(a)linux.intel.com> x86/mm: Fix swap entry comment and macro Dave Hansen <dave.hansen(a)linux.intel.com> x86/mm: Move swap offset/type up in PTE to work around erratum Andi Kleen <ak(a)linux.intel.com> x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT Nick Desaulniers <ndesaulniers(a)google.com> x86/irqflags: Provide a declaration for native_save_fl Masami Hiramatsu <mhiramat(a)kernel.org> kprobes/x86: Fix %p uses in error messages Jiri Kosina <jkosina(a)suse.cz> x86/speculation: Protect against userspace-userspace spectreRSB Peter Zijlstra <peterz(a)infradead.org> x86/paravirt: Fix spectre-v2 mitigations for paravirt guests Oleksij Rempel <o.rempel(a)pengutronix.de> ARM: dts: imx6sx: fix irq for pcie bridge Michael Mera <dev(a)michaelmera.com> IB/ocrdma: fix out of bounds access to local buffer Jack Morgenstein <jackm(a)dev.mellanox.co.il> IB/mlx4: Mark user MR as writable if actual virtual memory is writable Jack Morgenstein <jackm(a)dev.mellanox.co.il> IB/core: Make testing MR flags for writability a static inline function Al Viro <viro(a)zeniv.linux.org.uk> fix __legitimize_mnt()/mntput() race Al Viro <viro(a)zeniv.linux.org.uk> fix mntput/mntput race Al Viro <viro(a)zeniv.linux.org.uk> root dentries need RCU-delayed freeing Bart Van Assche <bart.vanassche(a)wdc.com> scsi: sr: Avoid that opening a CD-ROM hangs with runtime power management enabled Hans de Goede <hdegoede(a)redhat.com> ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices Juergen Gross <jgross(a)suse.com> xen/netfront: don't cache skb_shinfo() John David Anglin <dave.anglin(a)bell.net> parisc: Define mb() and add memory barriers to assembler unlock sequences Helge Deller <deller(a)gmx.de> parisc: Enable CONFIG_MLONGCALLS by default Kees Cook <keescook(a)chromium.org> fork: unconditionally clear stack on fork Thomas Egerer <hakke_007(a)gmx.de> ipv4+ipv6: Make INET*_ESP select CRYPTO_ECHAINIV Tadeusz Struk <tadeusz.struk(a)intel.com> tpm: fix race condition in tpm_common_write() Theodore Ts'o <tytso(a)mit.edu> ext4: fix check to prevent initializing reserved inodes ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/imx6sx.dtsi | 2 +- arch/parisc/Kconfig | 2 +- arch/parisc/include/asm/barrier.h | 32 +++++++++++ arch/parisc/kernel/entry.S | 2 + arch/parisc/kernel/pacache.S | 1 + arch/parisc/kernel/syscall.S | 4 ++ arch/x86/include/asm/cpufeatures.h | 10 ++-- arch/x86/include/asm/irqflags.h | 2 + arch/x86/include/asm/page_32_types.h | 9 +++- arch/x86/include/asm/pgtable-2level.h | 17 ++++++ arch/x86/include/asm/pgtable-3level.h | 37 ++++++++++++- arch/x86/include/asm/pgtable-invert.h | 32 +++++++++++ arch/x86/include/asm/pgtable.h | 84 +++++++++++++++++++++++------ arch/x86/include/asm/pgtable_64.h | 54 +++++++++++++++---- arch/x86/include/asm/pgtable_types.h | 10 ++-- arch/x86/include/asm/processor.h | 5 ++ arch/x86/kernel/cpu/bugs.c | 81 +++++++++++++++++----------- arch/x86/kernel/cpu/common.c | 20 +++++++ arch/x86/kernel/kprobes/core.c | 4 +- arch/x86/kernel/paravirt.c | 14 +++-- arch/x86/kernel/setup.c | 6 +++ arch/x86/mm/init.c | 23 ++++++++ arch/x86/mm/kmmio.c | 25 +++++---- arch/x86/mm/mmap.c | 21 ++++++++ arch/x86/mm/pageattr.c | 8 +-- drivers/acpi/acpi_lpss.c | 2 + drivers/base/cpu.c | 8 +++ drivers/char/tpm/tpm-dev.c | 43 +++++++-------- drivers/infiniband/core/umem.c | 11 +--- drivers/infiniband/hw/mlx4/mr.c | 50 ++++++++++++++--- drivers/infiniband/hw/ocrdma/ocrdma_stats.c | 2 +- drivers/net/xen-netfront.c | 8 +-- drivers/scsi/sr.c | 29 +++++++--- fs/dcache.c | 6 ++- fs/ext4/ialloc.c | 5 +- fs/ext4/super.c | 8 +-- fs/namespace.c | 28 +++++++++- include/asm-generic/pgtable.h | 12 +++++ include/linux/cpu.h | 2 + include/linux/mm.h | 2 + include/linux/swapfile.h | 2 + include/linux/thread_info.h | 6 +-- include/rdma/ib_verbs.h | 14 +++++ mm/memory.c | 62 +++++++++++++++++---- mm/mprotect.c | 49 +++++++++++++++++ mm/swapfile.c | 46 ++++++++++------ net/ipv4/Kconfig | 1 + net/ipv6/Kconfig | 1 + 49 files changed, 714 insertions(+), 192 deletions(-)

7 years, 1 month

4
50
0 0

Linux 4.14.69

by Greg KH

I'm announcing the release of the 4.14.69 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/alpha/kernel/osf_sys.c | 51 ++++++------ arch/arm/boot/dts/tegra30-cardhu.dtsi | 1 arch/arm64/Kconfig | 1 arch/powerpc/include/asm/fadump.h | 3 arch/powerpc/kernel/fadump.c | 91 +++++++++++++++++++--- arch/powerpc/mm/mmu_context_iommu.c | 17 ++-- arch/powerpc/platforms/powernv/pci-ioda.c | 37 +++++++++ arch/powerpc/platforms/pseries/ras.c | 2 arch/sparc/kernel/sys_sparc_32.c | 22 +++-- arch/sparc/kernel/sys_sparc_64.c | 20 +++-- arch/x86/kernel/kexec-bzimage64.c | 2 arch/x86/kvm/vmx.c | 26 ++++-- arch/xtensa/include/asm/cacheasm.h | 69 ++++++++++------- block/bfq-cgroup.c | 3 block/blk-core.c | 7 + certs/system_keyring.c | 3 crypto/asymmetric_keys/pkcs7_key_type.c | 2 drivers/block/zram/zram_drv.c | 7 + drivers/cpufreq/cpufreq_governor.c | 12 ++- drivers/crypto/caam/caamalg_qi.c | 6 - drivers/crypto/caam/caampkc.c | 20 ++--- drivers/crypto/caam/jr.c | 3 drivers/crypto/vmx/aes_cbc.c | 30 +++---- drivers/crypto/vmx/aes_xts.c | 21 +++-- drivers/extcon/extcon.c | 3 drivers/gpu/drm/i915/i915_gem_userptr.c | 3 drivers/hv/channel.c | 40 ++++++---- drivers/hv/channel_mgmt.c | 6 + drivers/iio/accel/sca3000.c | 1 drivers/iio/frequency/ad9523.c | 4 - drivers/infiniband/sw/rxe/rxe_comp.c | 1 drivers/infiniband/ulp/srpt/ib_srpt.c | 3 drivers/iommu/dmar.c | 6 - drivers/iommu/intel-iommu.c | 18 ++++ drivers/mailbox/mailbox-xgene-slimpro.c | 6 - drivers/md/bcache/writeback.c | 4 - drivers/md/dm-cache-metadata.c | 13 ++- drivers/md/dm-crypt.c | 10 +- drivers/md/dm-integrity.c | 6 - drivers/md/dm-thin.c | 2 drivers/media/i2c/tvp5150.c | 2 drivers/mfd/hi655x-pmic.c | 2 drivers/misc/cxl/main.c | 2 drivers/misc/vmw_balloon.c | 67 ++++++++++------ drivers/mmc/host/renesas_sdhi_internal_dmac.c | 2 drivers/net/wireless/marvell/libertas/dev.h | 1 drivers/net/wireless/marvell/libertas/if_sdio.c | 30 ++++++- drivers/nvdimm/bus.c | 4 - drivers/pwm/pwm-tiehrpwm.c | 14 --- drivers/rtc/rtc-omap.c | 14 +-- drivers/spi/spi-cadence.c | 2 drivers/spi/spi-davinci.c | 2 drivers/spi/spi-fsl-dspi.c | 24 +++--- drivers/spi/spi-pxa2xx.c | 4 + drivers/tty/serial/serial_core.c | 17 +++- drivers/video/fbdev/core/fbmem.c | 38 ++++++++- fs/9p/xattr.c | 6 + fs/nfs/blocklayout/dev.c | 2 fs/nfs/callback_proc.c | 14 ++- fs/nfs/nfs4proc.c | 9 ++ fs/nfs/pnfs_nfs.c | 16 +--- fs/overlayfs/readdir.c | 19 ++++ fs/quota/quota.c | 2 fs/ubifs/journal.c | 21 ++++- fs/ubifs/lprops.c | 8 +- fs/ubifs/xattr.c | 24 ++++++ fs/xattr.c | 2 include/linux/hyperv.h | 2 include/linux/intel-iommu.h | 8 +- include/linux/pci.h | 12 +++ include/linux/sunrpc/clnt.h | 1 include/linux/verification.h | 6 + include/video/udlfb.h | 2 kernel/livepatch/core.c | 6 + kernel/power/Kconfig | 1 kernel/printk/printk_safe.c | 4 - kernel/sys.c | 95 +++++++++++------------- kernel/trace/blktrace.c | 4 + kernel/trace/trace.c | 4 - kernel/trace/trace_uprobe.c | 2 kernel/user_namespace.c | 24 ++---- kernel/utsname_sysctl.c | 41 ++++++---- mm/memory.c | 9 -- mm/readahead.c | 12 ++- net/9p/client.c | 2 net/9p/trans_fd.c | 7 + net/9p/trans_rdma.c | 3 net/9p/trans_virtio.c | 13 +++ net/9p/trans_xen.c | 3 net/ieee802154/6lowpan/tx.c | 21 ++++- net/mac802154/tx.c | 15 +++ net/sunrpc/clnt.c | 28 +++++-- security/commoncap.c | 2 tools/perf/util/auxtrace.c | 3 95 files changed, 842 insertions(+), 420 deletions(-) Adrian Hunter (1): perf auxtrace: Fix queue resize Alexander Aring (2): net: 6lowpan: fix reserved space for single frames net: mac802154: tx: expand tailroom if necessary Amir Goldstein (1): ovl: fix wrong use of impure dir cache in ovl_iterate() Bart Van Assche (2): ib_srpt: Fix a use-after-free in srpt_close_ch() RDMA/rxe: Set wqe->status correctly if an unexpected response is received Bartosz Golaszewski (1): spi: davinci: fix a NULL pointer dereference Benjamin Herrenschmidt (1): powerpc/powernv/pci: Work around races in PCI bridge enabling Bill Baker (1): NFSv4 client live hangs after live data migration recovery Chanwoo Choi (1): extcon: Release locking when sending the notification of connector state Chirantan Ekbote (1): 9p/net: Fix zero-copy path in the 9p virtio transport Christian Brauner (1): getxattr: use correct xattr length Dan Carpenter (1): pnfs/blocklayout: off by one in bl_map_stripe() Daniel Mack (1): libertas: fix suspend and resume for SDIO connected cards Dexuan Cui (1): Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() Eddie.Horng (1): cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() Frederick Lawler (1): PCI: Add wrappers for dev_printk() Greg Kroah-Hartman (1): Linux 4.14.69 Gustavo A. R. Silva (2): mailbox: xgene-slimpro: Fix potential NULL pointer dereference iio: sca3000: Fix missing return in switch Hari Bathini (1): powerpc/fadump: handle crash memory ranges array index overflow Henry Willard (1): cpufreq: governor: Avoid accessing invalid governor_data Horia Geantă (3): crypto: caam - fix DMA mapping direction for RSA forms 2 & 3 crypto: caam/jr - fix descriptor DMA unmapping crypto: caam/qi - fix error path in xts setkey Hou Tao (1): dm thin: stop no_space_timeout worker when switching to write-mode Ilya Dryomov (1): dm cache metadata: set dirty on all cache blocks after a crash Jacob Pan (2): iommu/vt-d: Add definitions for PFSID iommu/vt-d: Fix dev iotlb pfsid use James Morse (1): arm64: mm: always enable CONFIG_HOLES_IN_ZONE Janek Kotas (1): spi: cadence: Change usleep_range() to udelay(), for atomic context Jann Horn (2): sys: don't hold uts_sem while accessing userspace memory userns: move user access out of the mutex Javier Martinez Canillas (1): media: Revert "[media] tvp5150: fix pad format frame height" Jeremy Cline (1): fs/quota: Fix spectre gadget in do_quotactl Johan Hovold (1): rtc: omap: fix potential crash on power off Jon Hunter (1): ARM: tegra: Fix Tegra30 Cardhu PCA954x reset Kamalesh Babulal (1): livepatch: Validate module/old func name length Krzysztof Kozlowski (1): spi: spi-fsl-dspi: Fix imprecise abort on VF500 during probe Lars-Peter Clausen (2): iio: ad9523: Fix displayed phase iio: ad9523: Fix return value for ad952x_store() Maciej S. Szmigiero (1): block, bfq: return nbytes and not zero from struct cftype .write() method Mahesh Salgaonkar (1): powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. Markus Stockhausen (1): readahead: stricter check for bdi io_pages Matthew Auld (1): drm/i915/userptr: reject zero user_size Max Filippov (2): xtensa: limit offsets in __loop_cache_{all,page} xtensa: increase ranges in ___invalidate_{i,d}cache_all Mika Westerberg (1): spi: pxa2xx: Add support for Intel Ice Lake Mike Snitzer (1): dm cache metadata: save in-core policy_hint_size to on-disk superblock Mikulas Patocka (4): dm integrity: change 'suspending' variable from bool to int dm crypt: don't decrease device limits fb: fix lost console when the user unplugs a USB adapter udlfb: set optimal write delay Ming Lei (1): block: really disable runtime-pm for blk-mq Nadav Amit (4): vmw_balloon: fix inflation of 64-bit GFNs vmw_balloon: do not use 2MB without batching vmw_balloon: VMCI_DOORBELL_SET does not check status vmw_balloon: fix VMCI use when balloon built into kernel Ondrej Mosnacek (1): crypto: vmx - Fix sleep-in-atomic bugs Paolo Bonzini (1): KVM: VMX: fixes for vmentry_l1d_flush module parameter Paul Mackerras (1): KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages Peter Kalauskas (1): drivers/block/zram/zram_drv.c: fix bug storing backing_dev Peter Zijlstra (1): mm/tlb: Remove tlb_remove_table() non-concurrent condition Rafael David Tinoco (1): mfd: hi655x: Fix regmap area declared size for hi655x Richard Weinberger (5): ubifs: Fix memory leak in lprobs self-check Revert "UBIFS: Fix potential integer overflow in allocation" ubifs: Check data node size before truncate ubifs: xattr: Don't operate on deleted inodes ubifs: Fix synced_i_size calculation for xattr inodes Sergei Shtylyov (1): mmc: renesas_sdhi_internal_dmac: fix #define RST_RESERVED_BITS Shan Hai (1): bcache: release dc->writeback_lock properly in bch_writeback_thread() Steven Rostedt (VMware) (4): tracing: Do not call start/stop() functions when tracing_on does not change tracing/blktrace: Fix to allow setting same value printk/tracing: Do not trace printk_nmi_enter() uprobes: Use synchronize_rcu() not synchronize_sched() Tomas Bortoli (3): 9p: fix multiple NULL-pointer-dereferences net/9p/client.c: version pointer uninitialized net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() Trond Myklebust (2): NFSv4: Fix locking in pnfs_generic_recover_commit_reqs NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() Tycho Andersen (1): uart: fix race between uart_put_char() and uart_shutdown() Vaibhav Jain (1): cxl: Fix wrong comparison in cxl_adapter_context_get() Vignesh R (2): pwm: tiehrpwm: Don't use emulation mode bits to control PWM output pwm: tiehrpwm: Fix disabling of output of PWMs Vishal Verma (1): libnvdimm: fix ars_status output length calculation Yannik Sembritzki (2): Replace magic for trusting the secondary keyring with #define Fix kexec forbidding kernels signed with keys in the secondary keyring to boot jiangyiwen (1): 9p/virtio: fix off-by-one error in sg list bounds check piaojun (1): fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed xiao jin (1): block: blk_init_allocated_queue() set q->fq as NULL in the fail case zhangyi (F) (1): PM / sleep: wakeup: Fix build error caused by missing SRCU support

7 years, 1 month

1
1
0 0

Linux 4.9.126

by Greg KH

I'm announcing the release of the 4.9.126 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/alpha/kernel/osf_sys.c | 64 +++++++--------- arch/arm/boot/dts/tegra30-cardhu.dtsi | 1 arch/powerpc/include/asm/fadump.h | 3 arch/powerpc/kernel/fadump.c | 92 +++++++++++++++++++---- arch/powerpc/platforms/powernv/pci-ioda.c | 37 +++++++++ arch/powerpc/platforms/pseries/ras.c | 2 arch/sparc/kernel/sys_sparc_32.c | 22 +++-- arch/sparc/kernel/sys_sparc_64.c | 20 +++-- arch/x86/kernel/kexec-bzimage64.c | 2 arch/x86/kvm/vmx.c | 26 ++++-- arch/xtensa/include/asm/cacheasm.h | 69 ++++++++++------- certs/system_keyring.c | 3 crypto/asymmetric_keys/pkcs7_key_type.c | 2 drivers/crypto/caam/jr.c | 3 drivers/crypto/vmx/aes_cbc.c | 30 +++---- drivers/crypto/vmx/aes_xts.c | 21 +++-- drivers/gpu/drm/i915/i915_gem_userptr.c | 3 drivers/iio/frequency/ad9523.c | 4 - drivers/infiniband/sw/rxe/rxe_comp.c | 1 drivers/infiniband/ulp/srpt/ib_srpt.c | 3 drivers/iommu/dmar.c | 6 - drivers/iommu/intel-iommu.c | 18 ++++ drivers/mailbox/mailbox-xgene-slimpro.c | 6 - drivers/md/bcache/writeback.c | 4 - drivers/md/dm-cache-metadata.c | 3 drivers/md/dm-thin.c | 2 drivers/mfd/hi655x-pmic.c | 2 drivers/misc/cxl/main.c | 2 drivers/misc/vmw_balloon.c | 67 ++++++++++------ drivers/net/wireless/marvell/libertas/dev.h | 1 drivers/net/wireless/marvell/libertas/if_sdio.c | 30 ++++++- drivers/nvdimm/bus.c | 4 - drivers/pwm/pwm-tiehrpwm.c | 2 drivers/rtc/rtc-omap.c | 14 +-- drivers/spi/spi-davinci.c | 2 drivers/spi/spi-fsl-dspi.c | 24 +++--- drivers/tty/serial/serial_core.c | 17 +++- drivers/video/fbdev/core/fbmem.c | 38 ++++++++- fs/9p/xattr.c | 6 + fs/nfs/blocklayout/dev.c | 2 fs/nfs/nfs4proc.c | 9 ++ fs/quota/quota.c | 2 fs/ubifs/journal.c | 18 ++++ fs/ubifs/lprops.c | 8 +- fs/xattr.c | 2 include/linux/intel-iommu.h | 8 +- include/linux/pci.h | 12 +++ include/linux/sunrpc/clnt.h | 1 include/linux/verification.h | 6 + include/video/udlfb.h | 2 kernel/power/Kconfig | 1 kernel/printk/nmi.c | 4 - kernel/sys.c | 95 +++++++++++------------- kernel/trace/blktrace.c | 4 + kernel/trace/trace.c | 4 - kernel/trace/trace_uprobe.c | 2 kernel/user_namespace.c | 24 ++---- kernel/utsname_sysctl.c | 41 ++++++---- mm/memory.c | 9 -- net/9p/client.c | 2 net/9p/trans_fd.c | 7 + net/9p/trans_rdma.c | 3 net/9p/trans_virtio.c | 13 +++ net/ieee802154/6lowpan/tx.c | 21 ++++- net/mac802154/tx.c | 15 +++ net/sunrpc/clnt.c | 28 +++++-- tools/perf/util/auxtrace.c | 3 68 files changed, 665 insertions(+), 339 deletions(-) Adrian Hunter (1): perf auxtrace: Fix queue resize Al Viro (1): osf_getdomainname(): use copy_to_user() Alexander Aring (2): net: 6lowpan: fix reserved space for single frames net: mac802154: tx: expand tailroom if necessary Bart Van Assche (2): ib_srpt: Fix a use-after-free in srpt_close_ch() RDMA/rxe: Set wqe->status correctly if an unexpected response is received Bartosz Golaszewski (1): spi: davinci: fix a NULL pointer dereference Benjamin Herrenschmidt (1): powerpc/powernv/pci: Work around races in PCI bridge enabling Bill Baker (1): NFSv4 client live hangs after live data migration recovery Chirantan Ekbote (1): 9p/net: Fix zero-copy path in the 9p virtio transport Christian Brauner (1): getxattr: use correct xattr length Dan Carpenter (1): pnfs/blocklayout: off by one in bl_map_stripe() Daniel Mack (1): libertas: fix suspend and resume for SDIO connected cards Frederick Lawler (1): PCI: Add wrappers for dev_printk() Greg Kroah-Hartman (1): Linux 4.9.126 Gustavo A. R. Silva (1): mailbox: xgene-slimpro: Fix potential NULL pointer dereference Hari Bathini (1): powerpc/fadump: handle crash memory ranges array index overflow Horia Geantă (1): crypto: caam/jr - fix descriptor DMA unmapping Hou Tao (1): dm thin: stop no_space_timeout worker when switching to write-mode Jacob Pan (2): iommu/vt-d: Add definitions for PFSID iommu/vt-d: Fix dev iotlb pfsid use Jann Horn (2): sys: don't hold uts_sem while accessing userspace memory userns: move user access out of the mutex Jeremy Cline (1): fs/quota: Fix spectre gadget in do_quotactl Johan Hovold (1): rtc: omap: fix potential crash on power off Jon Hunter (1): ARM: tegra: Fix Tegra30 Cardhu PCA954x reset Krzysztof Kozlowski (1): spi: spi-fsl-dspi: Fix imprecise abort on VF500 during probe Lars-Peter Clausen (2): iio: ad9523: Fix displayed phase iio: ad9523: Fix return value for ad952x_store() Mahesh Salgaonkar (1): powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. Matthew Auld (1): drm/i915/userptr: reject zero user_size Max Filippov (2): xtensa: limit offsets in __loop_cache_{all,page} xtensa: increase ranges in ___invalidate_{i,d}cache_all Mike Snitzer (1): dm cache metadata: save in-core policy_hint_size to on-disk superblock Mikulas Patocka (2): fb: fix lost console when the user unplugs a USB adapter udlfb: set optimal write delay Nadav Amit (4): vmw_balloon: fix inflation of 64-bit GFNs vmw_balloon: do not use 2MB without batching vmw_balloon: VMCI_DOORBELL_SET does not check status vmw_balloon: fix VMCI use when balloon built into kernel Ondrej Mosnacek (1): crypto: vmx - Fix sleep-in-atomic bugs Paolo Bonzini (1): KVM: VMX: fixes for vmentry_l1d_flush module parameter Peter Zijlstra (1): mm/tlb: Remove tlb_remove_table() non-concurrent condition Rafael David Tinoco (1): mfd: hi655x: Fix regmap area declared size for hi655x Richard Weinberger (4): ubifs: Fix memory leak in lprobs self-check Revert "UBIFS: Fix potential integer overflow in allocation" ubifs: Check data node size before truncate ubifs: Fix synced_i_size calculation for xattr inodes Shan Hai (1): bcache: release dc->writeback_lock properly in bch_writeback_thread() Steven Rostedt (VMware) (4): tracing: Do not call start/stop() functions when tracing_on does not change tracing/blktrace: Fix to allow setting same value uprobes: Use synchronize_rcu() not synchronize_sched() printk/tracing: Do not trace printk_nmi_enter() Tomas Bortoli (3): net/9p/client.c: version pointer uninitialized net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() 9p: fix multiple NULL-pointer-dereferences Tycho Andersen (1): uart: fix race between uart_put_char() and uart_shutdown() Vaibhav Jain (1): cxl: Fix wrong comparison in cxl_adapter_context_get() Vignesh R (1): pwm: tiehrpwm: Fix disabling of output of PWMs Vishal Verma (1): libnvdimm: fix ars_status output length calculation Yannik Sembritzki (2): Replace magic for trusting the secondary keyring with #define Fix kexec forbidding kernels signed with keys in the secondary keyring to boot jiangyiwen (1): 9p/virtio: fix off-by-one error in sg list bounds check piaojun (1): fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed zhangyi (F) (1): PM / sleep: wakeup: Fix build error caused by missing SRCU support

7 years, 1 month

1
1
0 0

Linux 4.4.155

by Greg KH

I'm announcing the release of the 4.4.155 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/alpha/kernel/osf_sys.c | 64 ++++++++----------- arch/arm/boot/dts/tegra30-cardhu.dtsi | 1 arch/powerpc/include/asm/fadump.h | 3 arch/powerpc/kernel/fadump.c | 92 +++++++++++++++++++++++----- arch/powerpc/platforms/pseries/ras.c | 2 arch/sparc/kernel/sys_sparc_32.c | 22 +++--- arch/sparc/kernel/sys_sparc_64.c | 20 +++--- arch/x86/include/asm/io.h | 6 + arch/x86/mm/pageattr.c | 2 arch/x86/mm/pat.c | 14 ++++ drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 5 + drivers/gpu/drm/ast/ast_ttm.c | 6 + drivers/gpu/drm/cirrus/cirrus_ttm.c | 7 ++ drivers/gpu/drm/i915/i915_gem_userptr.c | 3 drivers/gpu/drm/mgag200/mgag200_ttm.c | 7 ++ drivers/gpu/drm/nouveau/nouveau_ttm.c | 8 ++ drivers/gpu/drm/radeon/radeon_object.c | 5 + drivers/iio/frequency/ad9523.c | 4 - drivers/iommu/dmar.c | 6 - drivers/iommu/intel-iommu.c | 18 +++++ drivers/md/bcache/writeback.c | 4 - drivers/md/dm-cache-metadata.c | 3 drivers/misc/vmw_balloon.c | 67 ++++++++++++-------- drivers/net/usb/lan78xx.c | 4 - drivers/pwm/pwm-tiehrpwm.c | 2 drivers/spi/spi-davinci.c | 2 drivers/video/fbdev/core/fbmem.c | 38 +++++++++-- fs/9p/xattr.c | 6 + fs/nfs/blocklayout/dev.c | 2 fs/quota/quota.c | 2 fs/ubifs/journal.c | 18 ++++- fs/ubifs/lprops.c | 8 +- fs/xattr.c | 2 include/linux/intel-iommu.h | 8 +- include/linux/io.h | 22 ++++++ include/video/udlfb.h | 2 kernel/kthread.c | 8 ++ kernel/power/Kconfig | 1 kernel/sys.c | 95 +++++++++++++---------------- kernel/trace/blktrace.c | 4 + kernel/trace/trace.c | 4 - kernel/trace/trace_uprobe.c | 2 kernel/user_namespace.c | 39 +++++------ kernel/utsname_sysctl.c | 41 +++++++----- mm/memory.c | 9 -- net/9p/client.c | 2 net/9p/trans_fd.c | 7 +- net/9p/trans_rdma.c | 3 net/9p/trans_virtio.c | 13 +++ net/ieee802154/6lowpan/tx.c | 21 +++++- net/mac802154/tx.c | 15 ++++ tools/perf/util/auxtrace.c | 3 53 files changed, 519 insertions(+), 235 deletions(-) Adrian Hunter (1): perf auxtrace: Fix queue resize Al Viro (1): osf_getdomainname(): use copy_to_user() Alexander Aring (2): net: 6lowpan: fix reserved space for single frames net: mac802154: tx: expand tailroom if necessary Bartosz Golaszewski (1): spi: davinci: fix a NULL pointer dereference Ben Hutchings (1): net: lan78xx: Fix misplaced tasklet_schedule() call Chirantan Ekbote (1): 9p/net: Fix zero-copy path in the 9p virtio transport Christian Brauner (1): getxattr: use correct xattr length Dan Carpenter (1): pnfs/blocklayout: off by one in bl_map_stripe() Dave Airlie (2): x86/io: add interface to reserve io memtype for a resource range. (v1.1) drm/drivers: add support for using the arch wc mapping API. Greg Kroah-Hartman (1): Linux 4.4.155 Hari Bathini (1): powerpc/fadump: handle crash memory ranges array index overflow Jacob Pan (2): iommu/vt-d: Add definitions for PFSID iommu/vt-d: Fix dev iotlb pfsid use Jann Horn (2): sys: don't hold uts_sem while accessing userspace memory userns: move user access out of the mutex Jeremy Cline (1): fs/quota: Fix spectre gadget in do_quotactl Jiri Slaby (1): x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call Jon Hunter (1): ARM: tegra: Fix Tegra30 Cardhu PCA954x reset Lars-Peter Clausen (2): iio: ad9523: Fix displayed phase iio: ad9523: Fix return value for ad952x_store() Mahesh Salgaonkar (1): powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. Matthew Auld (1): drm/i915/userptr: reject zero user_size Mike Snitzer (1): dm cache metadata: save in-core policy_hint_size to on-disk superblock Mikulas Patocka (2): fb: fix lost console when the user unplugs a USB adapter udlfb: set optimal write delay Nadav Amit (4): vmw_balloon: fix inflation of 64-bit GFNs vmw_balloon: do not use 2MB without batching vmw_balloon: VMCI_DOORBELL_SET does not check status vmw_balloon: fix VMCI use when balloon built into kernel Peter Zijlstra (1): mm/tlb: Remove tlb_remove_table() non-concurrent condition Richard Weinberger (4): ubifs: Fix memory leak in lprobs self-check Revert "UBIFS: Fix potential integer overflow in allocation" ubifs: Check data node size before truncate ubifs: Fix synced_i_size calculation for xattr inodes Shan Hai (1): bcache: release dc->writeback_lock properly in bch_writeback_thread() Snild Dolkow (1): kthread, tracing: Don't expose half-written comm when creating kthreads Steven Rostedt (VMware) (3): tracing: Do not call start/stop() functions when tracing_on does not change tracing/blktrace: Fix to allow setting same value uprobes: Use synchronize_rcu() not synchronize_sched() Tomas Bortoli (3): net/9p/client.c: version pointer uninitialized net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() 9p: fix multiple NULL-pointer-dereferences Vignesh R (1): pwm: tiehrpwm: Fix disabling of output of PWMs jiangyiwen (1): 9p/virtio: fix off-by-one error in sg list bounds check piaojun (1): fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed zhangyi (F) (1): PM / sleep: wakeup: Fix build error caused by missing SRCU support

7 years, 1 month

1
1
0 0

[PATCH] ALSA: fireface: fix memory leak in ff400_switch_fetching_mode()

by Takashi Sakamoto

An allocated memory forgets to be released. Fixes: 76fdb3a9e13 ('ALSA: fireface: add support for Fireface 400') Cc: <stable(a)vger.kernel.org> # 4.12+ Signed-off-by: Takashi Sakamoto <o-takashi(a)sakamocchi.jp> --- sound/firewire/fireface/ff-protocol-ff400.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/sound/firewire/fireface/ff-protocol-ff400.c b/sound/firewire/fireface/ff-protocol-ff400.c index ad7a0a32557d..64c3cb0fb926 100644 --- a/sound/firewire/fireface/ff-protocol-ff400.c +++ b/sound/firewire/fireface/ff-protocol-ff400.c @@ -146,6 +146,7 @@ static int ff400_switch_fetching_mode(struct snd_ff *ff, bool enable) { __le32 *reg; int i; + int err; reg = kcalloc(18, sizeof(__le32), GFP_KERNEL); if (reg == NULL) @@ -163,9 +164,11 @@ static int ff400_switch_fetching_mode(struct snd_ff *ff, bool enable) reg[i] = cpu_to_le32(0x00000001); } - return snd_fw_transaction(ff->unit, TCODE_WRITE_BLOCK_REQUEST, - FF400_FETCH_PCM_FRAMES, reg, - sizeof(__le32) * 18, 0); + err = snd_fw_transaction(ff->unit, TCODE_WRITE_BLOCK_REQUEST, + FF400_FETCH_PCM_FRAMES, reg, + sizeof(__le32) * 18, 0); + kfree(reg); + return err; } static void ff400_dump_sync_status(struct snd_ff *ff, -- 2.17.1

7 years, 1 month

2
1
0 0

[PATCH] ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping

by Takashi Sakamoto

When executing 'fw_run_transaction()' with 'TCODE_WRITE_BLOCK_REQUEST', an address of 'payload' argument is used for streaming DMA mapping by 'firewire_ohci' module if 'size' argument is larger than 8 byte. Although in this case the address should not be on kernel stack, current implementation of ALSA bebob driver uses data in kernel stack for a cue to boot M-Audio devices. This often brings unexpected result, especially for a case of CONFIG_VMAP_STACK=y. This commit fixes the bug. Reference: https://bugzilla.kernel.org/show_bug.cgi?id=201021 Reference: https://forum.manjaro.org/t/firewire-m-audio-410-driver-wont-load-firmware/… Fixes: a2b2a7798fb6('ALSA: bebob: Send a cue to load firmware for M-Audio Firewire series') Cc: <stable(a)vger.kernel.org> # v3.16+ Signed-off-by: Takashi Sakamoto <o-takashi(a)sakamocchi.jp> --- sound/firewire/bebob/bebob_maudio.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/sound/firewire/bebob/bebob_maudio.c b/sound/firewire/bebob/bebob_maudio.c index bd55620c6a47..0c5a4cbb99ba 100644 --- a/sound/firewire/bebob/bebob_maudio.c +++ b/sound/firewire/bebob/bebob_maudio.c @@ -96,17 +96,13 @@ int snd_bebob_maudio_load_firmware(struct fw_unit *unit) struct fw_device *device = fw_parent_device(unit); int err, rcode; u64 date; - __le32 cues[3] = { - cpu_to_le32(MAUDIO_BOOTLOADER_CUE1), - cpu_to_le32(MAUDIO_BOOTLOADER_CUE2), - cpu_to_le32(MAUDIO_BOOTLOADER_CUE3) - }; + __le32 *cues; /* check date of software used to build */ err = snd_bebob_read_block(unit, INFO_OFFSET_SW_DATE, &date, sizeof(u64)); if (err < 0) - goto end; + return err; /* * firmware version 5058 or later has date later than "20070401", but * 'date' is not null-terminated. @@ -114,20 +110,28 @@ int snd_bebob_maudio_load_firmware(struct fw_unit *unit) if (date < 0x3230303730343031LL) { dev_err(&unit->device, "Use firmware version 5058 or later\n"); - err = -ENOSYS; - goto end; + return -ENXIO; } + cues = kmalloc_array(3, sizeof(*cues), GFP_KERNEL); + if (!cues) + return -ENOMEM; + + cues[0] = cpu_to_le32(MAUDIO_BOOTLOADER_CUE1); + cues[1] = cpu_to_le32(MAUDIO_BOOTLOADER_CUE2); + cues[2] = cpu_to_le32(MAUDIO_BOOTLOADER_CUE3); + rcode = fw_run_transaction(device->card, TCODE_WRITE_BLOCK_REQUEST, device->node_id, device->generation, device->max_speed, BEBOB_ADDR_REG_REQ, - cues, sizeof(cues)); + cues, 3 * sizeof(*cues)); + kfree(cues); if (rcode != RCODE_COMPLETE) { dev_err(&unit->device, "Failed to send a cue to load firmware\n"); err = -EIO; } -end: + return err; } -- 2.17.1

7 years, 1 month

2
1
0 0

Linux 3.18.122

by Greg KH

I'm announcing the release of the 3.18.122 kernel. All users of the 3.18 kernel series must upgrade. The updated 3.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/alpha/kernel/osf_sys.c | 64 ++++++++++------------ arch/arm/boot/dts/tegra30-cardhu.dtsi | 1 arch/powerpc/include/asm/fadump.h | 3 - arch/powerpc/kernel/fadump.c | 92 +++++++++++++++++++++++++++----- arch/powerpc/platforms/pseries/ras.c | 2 arch/sparc/kernel/sys_sparc_32.c | 22 ++++--- arch/sparc/kernel/sys_sparc_64.c | 20 ++++--- drivers/iio/frequency/ad9523.c | 4 - drivers/md/bcache/writeback.c | 4 + drivers/md/dm-cache-metadata.c | 3 - drivers/pwm/pwm-tiehrpwm.c | 2 drivers/spi/spi-davinci.c | 2 drivers/video/fbdev/core/fbmem.c | 38 +++++++++++-- fs/nfs/blocklayout/dev.c | 2 fs/ubifs/journal.c | 7 ++ fs/ubifs/lprops.c | 8 +- fs/xattr.c | 2 include/video/udlfb.h | 2 kernel/kthread.c | 8 ++ kernel/sys.c | 95 ++++++++++++++++------------------ kernel/trace/blktrace.c | 4 + kernel/trace/trace.c | 4 + kernel/trace/trace_uprobe.c | 2 kernel/user_namespace.c | 39 ++++++------- kernel/utsname_sysctl.c | 41 ++++++++------ mm/memory.c | 9 --- net/9p/client.c | 2 net/9p/trans_fd.c | 7 ++ net/9p/trans_rdma.c | 3 + net/9p/trans_virtio.c | 6 +- 31 files changed, 308 insertions(+), 192 deletions(-) Al Viro (1): osf_getdomainname(): use copy_to_user() Bartosz Golaszewski (1): spi: davinci: fix a NULL pointer dereference Christian Brauner (1): getxattr: use correct xattr length Dan Carpenter (1): pnfs/blocklayout: off by one in bl_map_stripe() Eric W. Biederman (1): userns; Correct the comment in map_write Greg Kroah-Hartman (1): Linux 3.18.122 Hari Bathini (1): powerpc/fadump: handle crash memory ranges array index overflow Jann Horn (2): sys: don't hold uts_sem while accessing userspace memory userns: move user access out of the mutex Jon Hunter (1): ARM: tegra: Fix Tegra30 Cardhu PCA954x reset Lars-Peter Clausen (2): iio: ad9523: Fix displayed phase iio: ad9523: Fix return value for ad952x_store() Mahesh Salgaonkar (1): powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. Mike Snitzer (1): dm cache metadata: save in-core policy_hint_size to on-disk superblock Mikulas Patocka (2): fb: fix lost console when the user unplugs a USB adapter udlfb: set optimal write delay Peter Zijlstra (1): mm/tlb: Remove tlb_remove_table() non-concurrent condition Richard Weinberger (3): ubifs: Fix memory leak in lprobs self-check Revert "UBIFS: Fix potential integer overflow in allocation" ubifs: Fix synced_i_size calculation for xattr inodes Shan Hai (1): bcache: release dc->writeback_lock properly in bch_writeback_thread() Snild Dolkow (1): kthread, tracing: Don't expose half-written comm when creating kthreads Steven Rostedt (VMware) (3): tracing: Do not call start/stop() functions when tracing_on does not change tracing/blktrace: Fix to allow setting same value uprobes: Use synchronize_rcu() not synchronize_sched() Tomas Bortoli (3): net/9p/client.c: version pointer uninitialized net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() 9p: fix multiple NULL-pointer-dereferences Vignesh R (1): pwm: tiehrpwm: Fix disabling of output of PWMs jiangyiwen (1): 9p/virtio: fix off-by-one error in sg list bounds check

7 years, 1 month

1
1
0 0

v3.18.122 build: 0 failures 1 warnings (v3.18.122)

by Build bot for Mark Brown

Tree/Branch: v3.18.122 Git describe: v3.18.122 Commit: c0305995d3 Linux 3.18.122 Build Time: 0 min 1 sec Passed: 7 / 7 (100.00 %) Failed: 0 / 7 ( 0.00 %) Errors: 0 Warnings: 1 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 7 warnings 0 mismatches : x86_64-allmodconfig 2 warnings 0 mismatches : x86_64-defconfig ------------------------------------------------------------------------------- Warnings Summary: 1 9 ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 7 warnings, 0 section mismatches Warnings: ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ------------------------------------------------------------------------------- x86_64-defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: x86_64-allnoconfig arm-multi_v7_defconfig arm-allmodconfig arm-allnoconfig arm-multi_v5_defconfig

7 years, 1 month

1
0
0 0

[PATCH net 01/13] net: sched: cls_u32: fix hnode refcounting

by Al Viro

From: Al Viro <viro(a)zeniv.linux.org.uk> cls_u32.c misuses refcounts for struct tc_u_hnode - it counts references via ->hlist and via ->tp_root together. u32_destroy() drops the former and, in case when there had been links, leaves the sucker on the list. As the result, there's nothing to protect it from getting freed once links are dropped. That also makes the "is it busy" check incapable of catching the root hnode - it *is* busy (there's a reference from tp), but we don't see it as something separate. "Is it our root?" check partially covers that, but the problem exists for others' roots as well. AFAICS, the minimal fix preserving the existing behaviour (where it doesn't include oopsen, that is) would be this: * count tp->root and tp_c->hlist as separate references. I.e. have u32_init() set refcount to 2, not 1. * in u32_destroy() we always drop the former; in u32_destroy_hnode() - the latter. That way we have *all* references contributing to refcount. List removal happens in u32_destroy_hnode() (called only when ->refcnt is 1) an in u32_destroy() in case of tc_u_common going away, along with everything reachable from it. IOW, that way we know that u32_destroy_key() won't free something still on the list (or pointed to by someone's ->root). Cc: stable(a)vger.kernel.org Signed-off-by: Al Viro <viro(a)zeniv.linux.org.uk> --- net/sched/cls_u32.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/net/sched/cls_u32.c b/net/sched/cls_u32.c index f218ccf1e2d9..b2c3406a2cf2 100644 --- a/net/sched/cls_u32.c +++ b/net/sched/cls_u32.c @@ -398,6 +398,7 @@ static int u32_init(struct tcf_proto *tp) rcu_assign_pointer(tp_c->hlist, root_ht); root_ht->tp_c = tp_c; + root_ht->refcnt++; rcu_assign_pointer(tp->root, root_ht); tp->data = tp_c; return 0; @@ -610,7 +611,7 @@ static int u32_destroy_hnode(struct tcf_proto *tp, struct tc_u_hnode *ht, struct tc_u_hnode __rcu **hn; struct tc_u_hnode *phn; - WARN_ON(ht->refcnt); + WARN_ON(--ht->refcnt); u32_clear_hnode(tp, ht, extack); @@ -649,7 +650,7 @@ static void u32_destroy(struct tcf_proto *tp, struct netlink_ext_ack *extack) WARN_ON(root_ht == NULL); - if (root_ht && --root_ht->refcnt == 0) + if (root_ht && --root_ht->refcnt == 1) u32_destroy_hnode(tp, root_ht, extack); if (--tp_c->refcnt == 0) { @@ -698,7 +699,6 @@ static int u32_delete(struct tcf_proto *tp, void *arg, bool *last, } if (ht->refcnt == 1) { - ht->refcnt--; u32_destroy_hnode(tp, ht, extack); } else { NL_SET_ERR_MSG_MOD(extack, "Can not delete in-use filter"); @@ -708,11 +708,11 @@ static int u32_delete(struct tcf_proto *tp, void *arg, bool *last, out: *last = true; if (root_ht) { - if (root_ht->refcnt > 1) { + if (root_ht->refcnt > 2) { *last = false; goto ret; } - if (root_ht->refcnt == 1) { + if (root_ht->refcnt == 2) { if (!ht_empty(root_ht)) { *last = false; goto ret; -- 2.11.0

7 years, 1 month

2
1
0 0

Linux 4.18.7

by Greg KH

I'm announcing the release of the 4.18.7 kernel. All users of the 4.18 kernel series must upgrade. The updated 4.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/alpha/kernel/osf_sys.c | 51 ++++----- arch/arm/boot/dts/am571x-idk.dts | 4 arch/arm/boot/dts/am572x-idk-common.dtsi | 4 arch/arm/boot/dts/am57xx-idk-common.dtsi | 7 + arch/arm/boot/dts/tegra30-cardhu.dtsi | 1 arch/arm64/Kconfig | 1 arch/arm64/crypto/sm4-ce-glue.c | 2 arch/powerpc/include/asm/fadump.h | 3 arch/powerpc/include/asm/nohash/pgtable.h | 9 - arch/powerpc/include/asm/pkeys.h | 11 - arch/powerpc/kernel/fadump.c | 91 +++++++++++++--- arch/powerpc/kernel/process.c | 1 arch/powerpc/kvm/book3s_hv.c | 1 arch/powerpc/mm/mmu_context_book3s64.c | 8 - arch/powerpc/mm/mmu_context_iommu.c | 17 +-- arch/powerpc/mm/pgtable-book3s64.c | 17 +-- arch/powerpc/mm/pkeys.c | 134 +++++++----------------- arch/powerpc/platforms/powernv/pci-ioda.c | 37 ++++++ arch/powerpc/platforms/pseries/ras.c | 2 arch/sparc/kernel/sys_sparc_32.c | 22 ++- arch/sparc/kernel/sys_sparc_64.c | 20 ++- arch/x86/crypto/aesni-intel_asm.S | 66 +++++------ arch/x86/kernel/kexec-bzimage64.c | 2 arch/x86/kvm/vmx.c | 26 ++-- arch/xtensa/include/asm/cacheasm.h | 69 +++++++----- block/bfq-cgroup.c | 3 block/blk-core.c | 61 ++++++---- block/blk-lib.c | 10 + block/blk-sysfs.c | 15 ++ block/blk.h | 1 certs/system_keyring.c | 3 crypto/asymmetric_keys/pkcs7_key_type.c | 2 drivers/acpi/acpica/hwsleep.c | 11 - drivers/acpi/acpica/psloop.c | 17 +-- drivers/block/zram/zram_drv.c | 7 + drivers/cpufreq/cpufreq_governor.c | 12 +- drivers/cpuidle/governors/menu.c | 47 ++++++-- drivers/crypto/caam/caamalg_qi.c | 6 - drivers/crypto/caam/caampkc.c | 20 +-- drivers/crypto/caam/jr.c | 3 drivers/crypto/vmx/aes_cbc.c | 30 ++--- drivers/crypto/vmx/aes_xts.c | 21 ++- drivers/dma-buf/reservation.c | 6 - drivers/extcon/extcon.c | 3 drivers/hv/channel.c | 40 ++++--- drivers/hv/channel_mgmt.c | 10 + drivers/i2c/busses/i2c-designware-master.c | 1 drivers/i2c/busses/i2c-designware-platdrv.c | 7 + drivers/iio/accel/sca3000.c | 1 drivers/iio/frequency/ad9523.c | 4 drivers/infiniband/hw/mlx5/main.c | 2 drivers/infiniband/hw/mlx5/qp.c | 6 - drivers/infiniband/sw/rxe/rxe_comp.c | 1 drivers/infiniband/ulp/srpt/ib_srpt.c | 34 ++++-- drivers/infiniband/ulp/srpt/ib_srpt.h | 4 drivers/iommu/dmar.c | 6 - drivers/iommu/intel-iommu.c | 18 +++ drivers/iommu/ipmmu-vmsa.c | 7 + drivers/mailbox/mailbox-xgene-slimpro.c | 6 - drivers/md/bcache/writeback.c | 4 drivers/md/dm-cache-metadata.c | 13 +- drivers/md/dm-crypt.c | 10 - drivers/md/dm-integrity.c | 6 - drivers/md/dm-thin.c | 2 drivers/md/dm-writecache.c | 2 drivers/media/i2c/tvp5150.c | 2 drivers/mfd/hi655x-pmic.c | 2 drivers/misc/cxl/main.c | 2 drivers/misc/ocxl/link.c | 24 ++-- drivers/misc/vmw_balloon.c | 67 +++++++----- drivers/mmc/core/queue.c | 12 +- drivers/mmc/core/queue.h | 1 drivers/mmc/host/renesas_sdhi_internal_dmac.c | 10 + drivers/net/wireless/marvell/libertas/dev.h | 1 drivers/net/wireless/marvell/libertas/if_sdio.c | 30 ++++- drivers/nvdimm/bus.c | 4 drivers/nvdimm/dimm_devs.c | 31 +++++ drivers/nvdimm/namespace_devs.c | 6 - drivers/nvdimm/nd-core.h | 8 + drivers/nvdimm/region_devs.c | 24 ++++ drivers/pwm/pwm-omap-dmtimer.c | 5 drivers/pwm/pwm-tiehrpwm.c | 14 -- drivers/rtc/rtc-omap.c | 18 +-- drivers/spi/spi-cadence.c | 2 drivers/spi/spi-davinci.c | 2 drivers/spi/spi-fsl-dspi.c | 24 ++-- drivers/spi/spi-pxa2xx.c | 4 drivers/tty/serial/serial_core.c | 17 ++- drivers/video/fbdev/core/fbmem.c | 38 +++++- drivers/video/fbdev/udlfb.c | 105 ++++++++++-------- fs/9p/xattr.c | 6 - fs/lockd/clntlock.c | 2 fs/lockd/clntproc.c | 2 fs/lockd/svclock.c | 16 +- fs/lockd/svcsubs.c | 4 fs/nfs/blocklayout/dev.c | 2 fs/nfs/callback_proc.c | 14 +- fs/nfs/nfs4proc.c | 9 + fs/nfs/pnfs_nfs.c | 16 +- fs/nfsd/nfs4state.c | 2 fs/overlayfs/readdir.c | 19 +++ fs/quota/quota.c | 2 fs/ubifs/dir.c | 5 fs/ubifs/journal.c | 21 +++ fs/ubifs/lprops.c | 8 - fs/ubifs/xattr.c | 24 ++++ fs/udf/super.c | 31 +++-- fs/xattr.c | 2 include/linux/blk-cgroup.h | 18 +++ include/linux/hyperv.h | 2 include/linux/intel-iommu.h | 8 - include/linux/lockd/lockd.h | 4 include/linux/mm_types.h | 5 include/linux/overflow.h | 31 +++++ include/linux/sunrpc/clnt.h | 1 include/linux/verification.h | 6 + include/uapi/linux/eventpoll.h | 8 - include/video/udlfb.h | 5 kernel/livepatch/core.c | 6 + kernel/memremap.c | 1 kernel/power/Kconfig | 1 kernel/printk/printk_safe.c | 4 kernel/rcu/tree_exp.h | 9 + kernel/sched/idle.c | 2 kernel/sys.c | 95 ++++++++--------- kernel/trace/blktrace.c | 4 kernel/trace/trace.c | 4 kernel/trace/trace_uprobe.c | 2 kernel/user_namespace.c | 24 +--- kernel/utsname_sysctl.c | 41 ++++--- mm/hmm.c | 2 mm/memory.c | 9 - mm/readahead.c | 12 +- net/9p/client.c | 2 net/9p/trans_fd.c | 7 + net/9p/trans_rdma.c | 3 net/9p/trans_virtio.c | 13 ++ net/9p/trans_xen.c | 3 net/ieee802154/6lowpan/tx.c | 21 +++ net/mac802154/tx.c | 15 ++ net/sunrpc/clnt.c | 28 +++-- scripts/kconfig/Makefile | 5 security/apparmor/secid.c | 1 security/commoncap.c | 2 sound/ac97/bus.c | 4 sound/ac97/snd_ac97_compat.c | 19 +++ tools/perf/util/auxtrace.c | 3 148 files changed, 1373 insertions(+), 765 deletions(-) Adrian Hunter (2): mmc: block: Fix unsupported parallel dispatch of requests perf auxtrace: Fix queue resize Alexander Aring (2): net: 6lowpan: fix reserved space for single frames net: mac802154: tx: expand tailroom if necessary Amir Goldstein (2): ovl: fix wrong use of impure dir cache in ovl_iterate() nfsd: fix leaked file lock with nfs exported overlayfs Ard Biesheuvel (1): crypto: arm64/sm4-ce - check for the right CPU feature bit Bart Van Assche (9): blkcg: Introduce blkg_root_lookup() block: Introduce blk_exit_queue() block: Ensure that a request queue is dissociated from the cgroup controller IB/srpt: Fix srpt_cm_req_recv() error path (1/2) IB/srpt: Fix srpt_cm_req_recv() error path (2/2) IB/srpt: Support HCAs with more than two ports ib_srpt: Fix a use-after-free in srpt_close_ch() ib_srpt: Fix a use-after-free in __srpt_close_all_ch() RDMA/rxe: Set wqe->status correctly if an unexpected response is received Bartosz Golaszewski (1): spi: davinci: fix a NULL pointer dereference Benjamin Herrenschmidt (1): powerpc/powernv/pci: Work around races in PCI bridge enabling Bill Baker (1): NFSv4 client live hangs after live data migration recovery Boqun Feng (1): rcu: Make expedited GPs handle CPU 0 being offline Chanwoo Choi (1): extcon: Release locking when sending the notification of connector state Chirantan Ekbote (1): 9p/net: Fix zero-copy path in the 9p virtio transport Christian Brauner (1): getxattr: use correct xattr length Christophe Leroy (1): powerpc/nohash: fix pte_access_permitted() Dan Carpenter (1): pnfs/blocklayout: off by one in bl_map_stripe() Dan Williams (1): mm, dev_pagemap: Do not clear ->mapping on final put Daniel Mack (1): libertas: fix suspend and resume for SDIO connected cards Dave Watson (1): crypto: aesni - Use unaligned loads from gcm_context_data David Rivshin (1): pwm: omap-dmtimer: Return -EPROBE_DEFER if no dmtimer platform data Dexuan Cui (2): Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer() Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() Dmitry Osipenko (1): iommu/ipmmu-vmsa: Don't register as BUS IOMMU if machine doesn't have IPMMU-VMSA Eddie.Horng (1): cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() Erik Schmauss (1): ACPICA: AML Parser: skip opcodes that open a scope upon parse failure Frederic Barrat (1): ocxl: Fix page fault handler in case of fault on dying process Greg Kroah-Hartman (2): eventpoll.h: wrap casts in () properly Linux 4.18.7 Gustavo A. R. Silva (2): mailbox: xgene-slimpro: Fix potential NULL pointer dereference iio: sca3000: Fix missing return in switch Hans de Goede (1): i2c: designware: Re-init controllers with pm_disabled set on resume Hari Bathini (1): powerpc/fadump: handle crash memory ranges array index overflow Henry Willard (1): cpufreq: governor: Avoid accessing invalid governor_data Horia Geantă (3): crypto: caam - fix DMA mapping direction for RSA forms 2 & 3 crypto: caam/jr - fix descriptor DMA unmapping crypto: caam/qi - fix error path in xts setkey Hou Tao (1): dm thin: stop no_space_timeout worker when switching to write-mode Ilya Dryomov (1): dm cache metadata: set dirty on all cache blocks after a crash Jacob Pan (2): iommu/vt-d: Add definitions for PFSID iommu/vt-d: Fix dev iotlb pfsid use James Morse (1): arm64: mm: always enable CONFIG_HOLES_IN_ZONE Jan Kara (1): udf: Fix mounting of Win7 created UDF filesystems Janek Kotas (1): spi: cadence: Change usleep_range() to udelay(), for atomic context Jann Horn (2): sys: don't hold uts_sem while accessing userspace memory userns: move user access out of the mutex Jason Gunthorpe (2): IB/mlx5: Fix leaking stack memory to userspace overflow.h: Add arithmetic shift helper Javier Martinez Canillas (1): media: Revert "[media] tvp5150: fix pad format frame height" Jeremy Cline (1): fs/quota: Fix spectre gadget in do_quotactl Johan Hovold (2): rtc: omap: fix resource leak in registration error path rtc: omap: fix potential crash on power off John Johansen (1): apparmor: fix bad debug check in apparmor_secid_to_secctx() Jon Hunter (1): ARM: tegra: Fix Tegra30 Cardhu PCA954x reset Kamalesh Babulal (1): livepatch: Validate module/old func name length Keith Busch (1): libnvdimm: Use max contiguous area for namespace size Krzysztof Kozlowski (1): spi: spi-fsl-dspi: Fix imprecise abort on VF500 during probe Lars-Peter Clausen (2): iio: ad9523: Fix displayed phase iio: ad9523: Fix return value for ad952x_store() Leon Romanovsky (1): RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq Lihua Yao (3): ALSA: ac97: fix device initialization in the compat layer ALSA: ac97: fix check of pm_runtime_get_sync failure ALSA: ac97: fix unbalanced pm_runtime_enable Luke Dashjr (1): powerpc64/ftrace: Include ftrace.h needed for enable/disable calls Maciej S. Szmigiero (1): block, bfq: return nbytes and not zero from struct cftype .write() method Mahesh Salgaonkar (1): powerpc/pseries: Fix endianness while restoring of r3 in MCE handler. Markus Stockhausen (1): readahead: stricter check for bdi io_pages Masahiro Yamada (1): kconfig: fix "Can't open ..." in parallel build Max Filippov (2): xtensa: limit offsets in __loop_cache_{all,page} xtensa: increase ranges in ___invalidate_{i,d}cache_all Michel Dänzer (1): dma-buf: Move BUG_ON from _add_shared_fence to _add_shared_inplace Mika Westerberg (1): spi: pxa2xx: Add support for Intel Ice Lake Mike Snitzer (1): dm cache metadata: save in-core policy_hint_size to on-disk superblock Mikulas Patocka (12): block: fix infinite loop if the device loses discard capability dm integrity: change 'suspending' variable from bool to int dm crypt: don't decrease device limits dm writecache: fix a crash due to reading past end of dirty_bitmap fb: fix lost console when the user unplugs a USB adapter udlfb: fix semaphore value leak udlfb: fix display corruption of the last line udlfb: don't switch if we are switching to the same videomode udlfb: set optimal write delay udlfb: make a local copy of fb_ops udlfb: handle allocation failure udlfb: set line_length in dlfb_ops_set_par Ming Lei (1): block: really disable runtime-pm for blk-mq Nadav Amit (4): vmw_balloon: fix inflation of 64-bit GFNs vmw_balloon: do not use 2MB without batching vmw_balloon: VMCI_DOORBELL_SET does not check status vmw_balloon: fix VMCI use when balloon built into kernel Nicholas Piggin (1): powerpc/64s: Fix page table fragment refcount race vs speculative references Ondrej Mosnacek (1): crypto: vmx - Fix sleep-in-atomic bugs Paolo Bonzini (1): KVM: VMX: fixes for vmentry_l1d_flush module parameter Parav Pandit (1): IB/mlx5: Honor cnt_set_id_valid flag instead of set_id Paul Mackerras (1): KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages Peter Kalauskas (1): drivers/block/zram/zram_drv.c: fix bug storing backing_dev Peter Zijlstra (1): mm/tlb: Remove tlb_remove_table() non-concurrent condition Rafael David Tinoco (1): mfd: hi655x: Fix regmap area declared size for hi655x Rafael J. Wysocki (4): ACPICA: Clear status of all events when entering sleep states sched: idle: Avoid retaining the tick when it has been stopped cpuidle: menu: Handle stopped tick more aggressively cpuidle: menu: Retain tick when shallow state is selected Ram Pai (6): powerpc/pkeys: Give all threads control of their key permissions powerpc/pkeys: Deny read/write/execute by default powerpc/pkeys: key allocation/deallocation must not change pkey registers powerpc/pkeys: Save the pkey registers before fork powerpc/pkeys: Fix calculation of total pkeys. powerpc/pkeys: Preallocate execute-only key Richard Weinberger (6): ubifs: Fix memory leak in lprobs self-check Revert "UBIFS: Fix potential integer overflow in allocation" ubifs: Check data node size before truncate ubifs: xattr: Don't operate on deleted inodes ubifs: Fix directory size calculation for symlinks ubifs: Fix synced_i_size calculation for xattr inodes Roger Quadros (1): ARM: dts: am57xx-idk: Enable dual role for USB2 port Sergei Shtylyov (2): mmc: renesas_sdhi_internal_dmac: mask DMAC interrupts mmc: renesas_sdhi_internal_dmac: fix #define RST_RESERVED_BITS Shan Hai (1): bcache: release dc->writeback_lock properly in bch_writeback_thread() Steven Rostedt (VMware) (4): tracing: Do not call start/stop() functions when tracing_on does not change tracing/blktrace: Fix to allow setting same value printk/tracing: Do not trace printk_nmi_enter() uprobes: Use synchronize_rcu() not synchronize_sched() Tomas Bortoli (3): 9p: fix multiple NULL-pointer-dereferences net/9p/client.c: version pointer uninitialized net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() Trond Myklebust (2): NFSv4: Fix locking in pnfs_generic_recover_commit_reqs NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() Tycho Andersen (1): uart: fix race between uart_put_char() and uart_shutdown() Vaibhav Jain (1): cxl: Fix wrong comparison in cxl_adapter_context_get() Vignesh R (2): pwm: tiehrpwm: Don't use emulation mode bits to control PWM output pwm: tiehrpwm: Fix disabling of output of PWMs Vishal Verma (1): libnvdimm: fix ars_status output length calculation Yannik Sembritzki (2): Replace magic for trusting the secondary keyring with #define Fix kexec forbidding kernels signed with keys in the secondary keyring to boot jiangyiwen (1): 9p/virtio: fix off-by-one error in sg list bounds check piaojun (1): fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed xiao jin (1): block: blk_init_allocated_queue() set q->fq as NULL in the fail case zhangyi (F) (1): PM / sleep: wakeup: Fix build error caused by missing SRCU support

7 years, 1 month

1
1
0 0

[PATCH 4.18 000/123] 4.18.6-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.18.6 release. There are 123 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Sep 5 16:56:53 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.18.6-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.18.6-rc1 Arnd Bergmann <arnd(a)arndb.de> x86: kvm: avoid unused variable warning Jann Horn <jannh(a)google.com> x86/dumpstack: Don't dump kernel memory based on usermode RIP Scott Bauer <scott.bauer(a)intel.com> cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Vincent Whitchurch <vincent.whitchurch(a)axis.com> watchdog: Mark watchdog touch functions as notrace H. Nikolaus Schaller <hns(a)goldelico.com> power: generic-adc-battery: check for duplicate properties copied from iio channels H. Nikolaus Schaller <hns(a)goldelico.com> power: generic-adc-battery: fix out-of-bounds write when copying channel properties Dan Carpenter <dan.carpenter(a)oracle.com> PM / clk: signedness bug in of_pm_clk_add_clks() Gustavo A. R. Silva <gustavo(a)embeddedor.com> clk: npcm7xx: fix memory allocation Alberto Panizzo <alberto(a)amarulasolutions.com> clk: rockchip: fix clk_i2sout parent selection bits on rk3399 Abhishek Sahu <absahu(a)codeaurora.org> mtd: rawnand: qcom: wait for desc completion in all BAM channels Daniel Mack <daniel(a)zonque.org> mtd: rawnand: marvell: add suspend and resume hooks Boris Brezillon <boris.brezillon(a)bootlin.com> mtd: rawnand: fsmc: Stop using chip->read_buf() Boris Brezillon <boris.brezillon(a)bootlin.com> mtd: rawnand: hynix: Use ->exec_op() in hynix_nand_reg_write_op() Mike Christie <mchristi(a)redhat.com> iscsi target: fix session creation failure handling Bart Van Assche <bart.vanassche(a)wdc.com> scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Bart Van Assche <bart.vanassche(a)wdc.com> scsi: sysfs: Introduce sysfs_{un,}break_active_protection() Bart Van Assche <bart.vanassche(a)wdc.com> scsi: mpt3sas: Fix _transport_smp_handler() error path Sreekanth Reddy <sreekanth.reddy(a)broadcom.com> scsi: mpt3sas: Fix calltrace observed while running IO & reset Tomas Winkler <tomas.winkler(a)intel.com> tpm: separate cmd_ready/go_idle from runtime_pm Ricardo Schwarzmeier <Ricardo.Schwarzmeier(a)infineon.com> tpm: Return the actual size when receiving an unsupported command Paul Burton <paul.burton(a)mips.com> MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 Huacai Chen <chenhc(a)lemote.com> MIPS: Change definition of cpu_relax() for Loongson-3 Paul Burton <paul.burton(a)mips.com> MIPS: Always use -march=<arch>, not -<arch> shortcuts Matt Redfearn <matt.redfearn(a)mips.com> MIPS: memset.S: Fix byte_fixup for MIPSr6 Maciej W. Rozycki <macro(a)mips.com> MIPS: Correct the 64-bit DSP accumulator register size Masami Hiramatsu <mhiramat(a)kernel.org> kprobes: Make list and blacklist root user read only Masami Hiramatsu <mhiramat(a)kernel.org> kprobes/arm: Fix %p uses in error messages Masami Hiramatsu <mhiramat(a)kernel.org> kprobes: Replace %p with other pointer types Masami Hiramatsu <mhiramat(a)kernel.org> kprobes: Show blacklist addresses as same as kallsyms does Philipp Rudo <prudo(a)linux.ibm.com> s390/purgatory: Add missing FORCE to Makefile targets Philipp Rudo <prudo(a)linux.ibm.com> s390/purgatory: Fix crash with expoline enabled Sebastian Ott <sebott(a)linux.ibm.com> s390/pci: fix out of bounds access during irq setup Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390/numa: move initial setup of node_to_cpumask_map Julian Wiedmann <jwi(a)linux.ibm.com> s390/qdio: reset old sbal_state flags Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390: fix br_r1_trampoline for machines without exrl Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390/lib: use expoline for all bcr instructions Gerald Schaefer <gerald.schaefer(a)de.ibm.com> s390/mm: fix addressing exception after suspend/resume Ben Hutchings <ben(a)decadent.org.uk> x86: Allow generating user-space headers without a compiler Jann Horn <jannh(a)google.com> x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() Gustavo A. R. Silva <gustavo(a)embeddedor.com> hwmon: (nct6775) Fix potential Spectre v1 Andi Kleen <ak(a)linux.intel.com> x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ Andi Kleen <ak(a)linux.intel.com> x86/spectre: Add missing family 6 check to microcode check Nick Desaulniers <ndesaulniers(a)google.com> x86/irqflags: Mark native_restore_fl extern inline Andy Lutomirski <luto(a)kernel.org> x86/nmi: Fix NMI uaccess race against CR3 switching Samuel Neves <sneves(a)dei.uc.pt> x86/vdso: Fix lsl operand order Himanshu Madhani <himanshu.madhani(a)cavium.com> scsi: qla2xxx: Fix stalled relogin Dan Carpenter <dan.carpenter(a)oracle.com> pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() Johan Hovold <johan(a)kernel.org> soc: qcom: rmtfs-mem: fix memleak in probe error paths Ajit Pandey <ajit.pandey(a)cirrus.com> ASoC: wm_adsp: Correct DSP pointer for preloader control Gustavo A. R. Silva <gustavo(a)embeddedor.com> ASoC: sirf: Fix potential NULL pointer dereference Takashi Iwai <tiwai(a)suse.de> ASoC: zte: Fix incorrect PCM format bit usages Jerome Brunet <jbrunet(a)baylibre.com> ASoC: dpcm: don't merge format from invalid codec dai Michael Buesch <m(a)bues.ch> b43/leds: Ensure NUL-termination of LED name string Michael Buesch <m(a)bues.ch> b43legacy/leds: Ensure NUL-termination of LED name string Mikulas Patocka <mpatocka(a)redhat.com> udl-kms: avoid division Mikulas Patocka <mpatocka(a)redhat.com> udl-kms: fix crash due to uninitialized memory Mikulas Patocka <mpatocka(a)redhat.com> udl-kms: handle allocation failure Mikulas Patocka <mpatocka(a)redhat.com> udl-kms: change down_interruptible to down Bart Van Assche <bart.vanassche(a)wdc.com> lib/vsprintf: Do not handle %pO[^F] as %px Kirill Tkhai <ktkhai(a)virtuozzo.com> fuse: Add missed unlock_page() to fuse_readpages_fill() Miklos Szeredi <mszeredi(a)redhat.com> fuse: Fix oops at process_init_reply() Miklos Szeredi <mszeredi(a)redhat.com> fuse: umount should wait for all requests Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix unlocked access to processing queue Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix double request_end() Miklos Szeredi <mszeredi(a)redhat.com> fuse: fix initial parallel dirops Andrey Ryabinin <aryabinin(a)virtuozzo.com> fuse: Don't access pipe->buffers without pipe_lock() Thomas Gleixner <tglx@xxxxxxxxxxxxx> KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd Rian Hunter <rian(a)alum.mit.edu> x86/process: Re-export start_thread() Andy Lutomirski <luto(a)kernel.org> x86/vdso: Fix vDSO build if a retpoline is emitted Vlastimil Babka <vbabka(a)suse.cz> x86/speculation/l1tf: Suggest what to do on systems with too much RAM Vlastimil Babka <vbabka(a)suse.cz> x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM Vlastimil Babka <vbabka(a)suse.cz> x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit Peter Zijlstra <peterz(a)infradead.org> mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE Takashi Iwai <tiwai(a)suse.de> platform/x86: ideapad-laptop: Apply no_hw_rfkill to Y20-15IKBM, too Kees Cook <keescook(a)chromium.org> platform/x86: wmi: Do not mix pages and kmalloc Paulo Zanoni <paulo.r.zanoni(a)intel.com> x86/gpu: reserve ICL's graphics stolen memory Michal Wnukowski <wnukowski(a)google.com> nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event Wang Shilong <wshilong(a)ddn.com> ext4: fix race when setting the bitmap corrupted flag Eric Sandeen <sandeen(a)redhat.com> ext4: reset error code in ext4_find_entry in fallback Arnd Bergmann <arnd(a)arndb.de> ext4: sysfs: print ext4_super_block fields as little-endian Wang Shilong <wshilong(a)ddn.com> ext4: use ext4_warning() for sb_getblk failure Theodore Ts'o <tytso(a)mit.edu> ext4: check for NUL characters in extended attribute's name Prasad Sodagudi <psodagud(a)codeaurora.org> stop_machine: Atomically queue and wake stopper threads Peter Zijlstra <peterz(a)infradead.org> stop_machine: Reflow cpu_stop_queue_two_works() Thomas Richter <tmricht(a)linux.ibm.com> perf kvm: Fix subcommands on s390 Claudio Imbrenda <imbrenda(a)linux.vnet.ibm.com> s390/kvm: fix deadlock when killed by oom Punit Agrawal <punit.agrawal(a)arm.com> KVM: arm/arm64: Skip updating PTE entry if no change Punit Agrawal <punit.agrawal(a)arm.com> KVM: arm/arm64: Skip updating PMD entry if no change Christoffer Dall <christoffer.dall(a)arm.com> KVM: arm/arm64: Fix lost IRQs from emulated physcial timer when blocked Christoffer Dall <christoffer.dall(a)arm.com> KVM: arm/arm64: Fix potential loss of ptimer interrupts Huibin Hong <huibin.hong(a)rock-chips.com> arm64: dts: rockchip: corrected uart1 clock-names for rk3328 Greg Hackmann <ghackmann(a)android.com> arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() Suzuki K Poulose <suzuki.poulose(a)arm.com> arm64: Handle mismatched cache type Suzuki K Poulose <suzuki.poulose(a)arm.com> arm64: Fix mismatched cache line size detection Masami Hiramatsu <mhiramat(a)kernel.org> kprobes/arm64: Fix %p uses in error messages Petr Mladek <pmladek(a)suse.com> printk/nmi: Prevent deadlock when accessing the main log buffer in NMI Petr Mladek <pmladek(a)suse.com> printk: Create helper function to queue deferred console handling Petr Mladek <pmladek(a)suse.com> printk: Split the code for storing a message into the log buffer Vivek Gautam <vivek.gautam(a)codeaurora.org> iommu/arm-smmu: Error out only if not enough context interrupts Charles Keepax <ckeepax(a)opensource.cirrus.com> regulator: arizona-ldo1: Use correct device to get enable GPIO Daniel Borkmann <daniel(a)iogearbox.net> bpf, arm32: fix stack var offset in jit Michael Larabel <michael(a)phoronix.com> hwmon: (k10temp) 27C Offset needed for Threadripper2 Filipe Manana <fdmanana(a)suse.com> Btrfs: send, fix incorrect file layout after hole punching beyond eof Filipe Manana <fdmanana(a)suse.com> Btrfs: fix send failure when root has deleted files still open Josef Bacik <jbacik(a)fb.com> Btrfs: fix btrfs_write_inode vs delayed iput deadlock Filipe Manana <fdmanana(a)suse.com> Btrfs: fix mount failure after fsync due to hard link recreation Josef Bacik <josef(a)toxicpanda.com> btrfs: don't leak ret from do_chunk_alloc Ethan Lien <ethanlien(a)synology.com> btrfs: use correct compare function of dirty_metadata_bytes Steve French <stfrench(a)microsoft.com> smb3: fill in statfs fsid and correct namelen Steve French <stfrench(a)microsoft.com> smb3: don't request leases in symlink creation and query Steve French <stfrench(a)microsoft.com> smb3: Do not send SMB3 SET_INFO if nothing changed Steve French <stfrench(a)microsoft.com> smb3: enumerating snapshots was leaving part of the data off end Nicholas Mc Guire <hofrat(a)osadl.org> cifs: check kmalloc before use Ronnie Sahlberg <lsahlber(a)redhat.com> cifs: use a refcount to protect open/closing the cached file handle Steve French <stfrench(a)microsoft.com> cifs: add missing debug entries for kconfig options Aurelien Aptel <aaptel(a)suse.com> CIFS: fix uninitialized ptr deref in smb2 signing Ronnie Sahlberg <lsahlber(a)redhat.com> cifs: add missing support for ACLs in SMB 3.11 Alexander Usyskin <alexander.usyskin(a)intel.com> mei: don't update offset in write Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Fix disconnect regression Jason Yan <yanaijie(a)huawei.com> scsi: libsas: dynamically allocate and free ata host Ben Hutchings <ben(a)decadent.org.uk> scripts/kernel-doc: Escape all literal braces in regexes Valdis Kletnieks <valdis.kletnieks(a)vt.edu> PATCH scripts/kernel-doc ------------- Diffstat: Makefile | 8 +- arch/Kconfig | 3 + arch/arm/net/bpf_jit_32.c | 2 +- arch/arm/probes/kprobes/core.c | 4 +- arch/arm/probes/kprobes/test-core.c | 1 - arch/arm64/boot/dts/rockchip/rk3328.dtsi | 2 +- arch/arm64/include/asm/cache.h | 4 + arch/arm64/include/asm/cpucaps.h | 3 +- arch/arm64/kernel/cpu_errata.c | 23 +++- arch/arm64/kernel/cpufeature.c | 2 +- arch/arm64/kernel/probes/kprobes.c | 2 +- arch/arm64/mm/init.c | 6 +- arch/mips/Makefile | 12 +- arch/mips/include/asm/processor.h | 15 ++- arch/mips/kernel/ptrace.c | 2 +- arch/mips/kernel/ptrace32.c | 2 +- arch/mips/lib/memset.S | 3 +- arch/mips/lib/multi3.c | 6 +- arch/s390/include/asm/qdio.h | 1 - arch/s390/lib/mem.S | 16 ++- arch/s390/mm/fault.c | 2 + arch/s390/mm/page-states.c | 2 +- arch/s390/net/bpf_jit_comp.c | 2 - arch/s390/numa/numa.c | 16 +-- arch/s390/pci/pci.c | 2 + arch/s390/purgatory/Makefile | 7 +- arch/x86/Kconfig | 1 + arch/x86/Makefile | 11 +- arch/x86/entry/vdso/Makefile | 6 +- arch/x86/events/core.c | 2 +- arch/x86/include/asm/irqflags.h | 3 +- arch/x86/include/asm/processor.h | 6 +- arch/x86/include/asm/stacktrace.h | 2 +- arch/x86/include/asm/tlbflush.h | 40 +++++++ arch/x86/include/asm/vgtod.h | 2 +- arch/x86/kernel/cpu/bugs.c | 50 ++++++++- arch/x86/kernel/cpu/common.c | 1 + arch/x86/kernel/cpu/intel.c | 3 + arch/x86/kernel/dumpstack.c | 25 ++++- arch/x86/kernel/early-quirks.c | 18 +++ arch/x86/kernel/process_64.c | 1 + arch/x86/kvm/hyperv.c | 27 +++-- arch/x86/kvm/hyperv.h | 2 +- arch/x86/kvm/svm.c | 8 +- arch/x86/kvm/x86.c | 19 ++-- arch/x86/lib/usercopy.c | 5 + arch/x86/mm/fault.c | 2 +- arch/x86/mm/init.c | 4 +- arch/x86/mm/mmap.c | 2 +- arch/x86/mm/tlb.c | 7 ++ drivers/ata/libata-core.c | 3 + drivers/ata/libata.h | 2 - drivers/base/power/clock_ops.c | 2 +- drivers/cdrom/cdrom.c | 2 +- drivers/char/tpm/tpm-interface.c | 53 +++++++-- drivers/char/tpm/tpm.h | 12 +- drivers/char/tpm/tpm2-space.c | 16 ++- drivers/char/tpm/tpm_crb.c | 101 +++++------------ drivers/clk/clk-npcm7xx.c | 4 +- drivers/clk/rockchip/clk-rk3399.c | 2 +- drivers/gpu/drm/udl/udl_drv.h | 2 +- drivers/gpu/drm/udl/udl_fb.c | 17 +-- drivers/gpu/drm/udl/udl_main.c | 35 +++--- drivers/gpu/drm/udl/udl_transfer.c | 39 +++---- drivers/hwmon/k10temp.c | 2 + drivers/hwmon/nct6775.c | 2 + drivers/iommu/arm-smmu.c | 16 ++- drivers/misc/mei/main.c | 1 - drivers/mtd/nand/raw/fsmc_nand.c | 2 +- drivers/mtd/nand/raw/marvell_nand.c | 73 +++++++++++-- drivers/mtd/nand/raw/nand_hynix.c | 10 ++ drivers/mtd/nand/raw/qcom_nandc.c | 53 ++++++++- drivers/net/wireless/broadcom/b43/leds.c | 2 +- drivers/net/wireless/broadcom/b43legacy/leds.c | 2 +- drivers/nvme/host/pci.c | 8 ++ drivers/pinctrl/freescale/pinctrl-imx1-core.c | 2 +- drivers/platform/x86/ideapad-laptop.c | 4 +- drivers/platform/x86/wmi.c | 9 +- drivers/power/supply/generic-adc-battery.c | 25 +++-- drivers/regulator/arizona-ldo1.c | 27 ++++- drivers/s390/cio/qdio_main.c | 5 +- drivers/scsi/libsas/sas_ata.c | 40 ++++--- drivers/scsi/libsas/sas_discover.c | 2 + drivers/scsi/mpt3sas/mpt3sas_base.c | 1 + drivers/scsi/mpt3sas/mpt3sas_scsih.c | 2 +- drivers/scsi/mpt3sas/mpt3sas_transport.c | 5 +- drivers/scsi/qla2xxx/qla_init.c | 2 +- drivers/scsi/qla2xxx/qla_iocb.c | 1 + drivers/scsi/scsi_sysfs.c | 20 +++- drivers/soc/qcom/rmtfs_mem.c | 3 +- drivers/target/iscsi/iscsi_target_login.c | 35 +++--- fs/btrfs/disk-io.c | 10 +- fs/btrfs/extent-tree.c | 2 +- fs/btrfs/inode.c | 26 ----- fs/btrfs/send.c | 146 +++++++++++++++++++++++-- fs/btrfs/super.c | 1 - fs/btrfs/tree-log.c | 66 +++++++++++ fs/cifs/cifs_debug.c | 30 +++-- fs/cifs/cifsfs.c | 18 +-- fs/cifs/cifsglob.h | 1 + fs/cifs/inode.c | 2 + fs/cifs/link.c | 4 +- fs/cifs/sess.c | 6 + fs/cifs/smb2inode.c | 6 +- fs/cifs/smb2ops.c | 72 ++++++++++-- fs/cifs/smb2pdu.c | 8 ++ fs/cifs/smb2pdu.h | 11 ++ fs/cifs/smb2proto.h | 1 + fs/cifs/smb2transport.c | 5 +- fs/ext4/balloc.c | 6 +- fs/ext4/ialloc.c | 6 +- fs/ext4/namei.c | 1 + fs/ext4/super.c | 22 ++-- fs/ext4/sysfs.c | 13 ++- fs/ext4/xattr.c | 2 + fs/fuse/dev.c | 39 +++++-- fs/fuse/dir.c | 10 +- fs/fuse/file.c | 1 + fs/fuse/fuse_i.h | 5 +- fs/fuse/inode.c | 37 ++++--- fs/sysfs/file.c | 44 ++++++++ include/drm/i915_drm.h | 4 +- include/linux/libata.h | 2 + include/linux/printk.h | 4 + include/linux/sysfs.h | 14 +++ include/linux/tpm.h | 2 + include/scsi/libsas.h | 2 +- kernel/kprobes.c | 38 ++++--- kernel/printk/internal.h | 9 +- kernel/printk/printk.c | 57 ++++++---- kernel/printk/printk_safe.c | 58 ++++++---- kernel/stop_machine.c | 43 +++++--- kernel/trace/trace.c | 4 +- kernel/watchdog.c | 4 +- kernel/watchdog_hld.c | 2 +- kernel/workqueue.c | 2 +- lib/nmi_backtrace.c | 3 - lib/vsprintf.c | 1 + mm/memory.c | 18 +++ net/sunrpc/xprtrdma/verbs.c | 5 +- scripts/kernel-doc | 20 ++-- sound/soc/codecs/wm_adsp.c | 8 +- sound/soc/sirf/sirf-usp.c | 7 +- sound/soc/soc-pcm.c | 8 ++ sound/soc/zte/zx-tdm.c | 4 +- tools/perf/arch/s390/util/kvm-stat.c | 2 +- virt/kvm/arm/arch_timer.c | 15 ++- virt/kvm/arm/mmu.c | 42 +++++-- 148 files changed, 1438 insertions(+), 580 deletions(-)

7 years, 1 month

9
144
0 0

[PATCH 1/7] fix hnode refcounting

by Al Viro

From: Al Viro <viro(a)zeniv.linux.org.uk> cls_u32.c misuses refcounts for struct tc_u_hnode - it counts references via ->hlist and via ->tp_root together. u32_destroy() drops the former and, in case when there had been links, leaves the sucker on the list. As the result, there's nothing to protect it from getting freed once links are dropped. That also makes the "is it busy" check incapable of catching the root hnode - it *is* busy (there's a reference from tp), but we don't see it as something separate. "Is it our root?" check partially covers that, but the problem exists for others' roots as well. AFAICS, the minimal fix preserving the existing behaviour (where it doesn't include oopsen, that is) would be this: * count tp->root and tp_c->hlist as separate references. I.e. have u32_init() set refcount to 2, not 1. * in u32_destroy() we always drop the former; in u32_destroy_hnode() - the latter. That way we have *all* references contributing to refcount. List removal happens in u32_destroy_hnode() (called only when ->refcnt is 1) an in u32_destroy() in case of tc_u_common going away, along with everything reachable from it. IOW, that way we know that u32_destroy_key() won't free something still on the list (or pointed to by someone's ->root). Cc: stable(a)vger.kernel.org Signed-off-by: Al Viro <viro(a)zeniv.linux.org.uk> --- net/sched/cls_u32.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/sched/cls_u32.c b/net/sched/cls_u32.c index f218ccf1e2d9..3f985f29ef30 100644 --- a/net/sched/cls_u32.c +++ b/net/sched/cls_u32.c @@ -398,6 +398,7 @@ static int u32_init(struct tcf_proto *tp) rcu_assign_pointer(tp_c->hlist, root_ht); root_ht->tp_c = tp_c; + root_ht->refcnt++; rcu_assign_pointer(tp->root, root_ht); tp->data = tp_c; return 0; @@ -610,7 +611,7 @@ static int u32_destroy_hnode(struct tcf_proto *tp, struct tc_u_hnode *ht, struct tc_u_hnode __rcu **hn; struct tc_u_hnode *phn; - WARN_ON(ht->refcnt); + WARN_ON(--ht->refcnt); u32_clear_hnode(tp, ht, extack); @@ -649,7 +650,7 @@ static void u32_destroy(struct tcf_proto *tp, struct netlink_ext_ack *extack) WARN_ON(root_ht == NULL); - if (root_ht && --root_ht->refcnt == 0) + if (root_ht && --root_ht->refcnt == 1) u32_destroy_hnode(tp, root_ht, extack); if (--tp_c->refcnt == 0) { @@ -698,7 +699,6 @@ static int u32_delete(struct tcf_proto *tp, void *arg, bool *last, } if (ht->refcnt == 1) { - ht->refcnt--; u32_destroy_hnode(tp, ht, extack); } else { NL_SET_ERR_MSG_MOD(extack, "Can not delete in-use filter"); -- 2.11.0

7 years, 1 month

2
5
0 0

Studio 6

by Denis Jones

Hi, I would like to check if you have received my email from last week? We are a team of 11 image editors who can help you for cutting out, your photos, also add retouching. Editing is for your products photos or portrait photos, catalog photos. Let me know if you have interests, we can send you testing work. Thanks, Denis Jones

7 years, 1 month

1
0
0 0

[PATCH] xen/netfront: fix waiting for xenbus state change

by Juergen Gross

Commit 822fb18a82aba ("xen-netfront: wait xenbus state change when load module manually") added a new wait queue to wait on for a state change when the module is loaded manually. Unfortunately there is no wakeup anywhere to stop that waiting. Instead of introducing a new wait queue rename the existing module_unload_q to module_wq and use it for both purposes (loading and unloading). As any state change of the backend might be intended to stop waiting do the wake_up_all() in any case when netback_changed() is called. Fixes: 822fb18a82aba ("xen-netfront: wait xenbus state change when load module manually") Cc: <stable(a)vger.kernel.org> #4.18 Signed-off-by: Juergen Gross <jgross(a)suse.com> --- drivers/net/xen-netfront.c | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/drivers/net/xen-netfront.c b/drivers/net/xen-netfront.c index 73f596a90c69..9407acbd19a9 100644 --- a/drivers/net/xen-netfront.c +++ b/drivers/net/xen-netfront.c @@ -87,8 +87,7 @@ struct netfront_cb { /* IRQ name is queue name with "-tx" or "-rx" appended */ #define IRQ_NAME_SIZE (QUEUE_NAME_SIZE + 3) -static DECLARE_WAIT_QUEUE_HEAD(module_load_q); -static DECLARE_WAIT_QUEUE_HEAD(module_unload_q); +static DECLARE_WAIT_QUEUE_HEAD(module_wq); struct netfront_stats { u64 packets; @@ -1332,11 +1331,11 @@ static struct net_device *xennet_create_dev(struct xenbus_device *dev) netif_carrier_off(netdev); xenbus_switch_state(dev, XenbusStateInitialising); - wait_event(module_load_q, - xenbus_read_driver_state(dev->otherend) != - XenbusStateClosed && - xenbus_read_driver_state(dev->otherend) != - XenbusStateUnknown); + wait_event(module_wq, + xenbus_read_driver_state(dev->otherend) != + XenbusStateClosed && + xenbus_read_driver_state(dev->otherend) != + XenbusStateUnknown); return netdev; exit: @@ -2010,15 +2009,14 @@ static void netback_changed(struct xenbus_device *dev, dev_dbg(&dev->dev, "%s\n", xenbus_strstate(backend_state)); + wake_up_all(&module_wq); + switch (backend_state) { case XenbusStateInitialising: case XenbusStateInitialised: case XenbusStateReconfiguring: case XenbusStateReconfigured: - break; - case XenbusStateUnknown: - wake_up_all(&module_unload_q); break; case XenbusStateInitWait: @@ -2034,12 +2032,10 @@ static void netback_changed(struct xenbus_device *dev, break; case XenbusStateClosed: - wake_up_all(&module_unload_q); if (dev->state == XenbusStateClosed) break; /* Missed the backend's CLOSING state -- fallthrough */ case XenbusStateClosing: - wake_up_all(&module_unload_q); xenbus_frontend_closed(dev); break; } @@ -2147,14 +2143,14 @@ static int xennet_remove(struct xenbus_device *dev) if (xenbus_read_driver_state(dev->otherend) != XenbusStateClosed) { xenbus_switch_state(dev, XenbusStateClosing); - wait_event(module_unload_q, + wait_event(module_wq, xenbus_read_driver_state(dev->otherend) == XenbusStateClosing || xenbus_read_driver_state(dev->otherend) == XenbusStateUnknown); xenbus_switch_state(dev, XenbusStateClosed); - wait_event(module_unload_q, + wait_event(module_wq, xenbus_read_driver_state(dev->otherend) == XenbusStateClosed || xenbus_read_driver_state(dev->otherend) == -- 2.16.4

7 years, 1 month

3
2
0 0

FAILED: patch "[PATCH] Drivers: hv: vmbus: Fix the offer_in_progress in" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 50229128727f7e11840ca1b2b501f880818d56b6 Mon Sep 17 00:00:00 2001 From: Dexuan Cui <decui(a)microsoft.com> Date: Tue, 5 Jun 2018 13:37:52 -0700 Subject: [PATCH] Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer() I didn't really hit a real bug, but just happened to spot the bug: we have decreased the counter at the beginning of vmbus_process_offer(), so we mustn't decrease it again. Fixes: 6f3d791f3006 ("Drivers: hv: vmbus: Fix rescind handling issues") Signed-off-by: Dexuan Cui <decui(a)microsoft.com> Cc: stable(a)vger.kernel.org Cc: Stephen Hemminger <sthemmin(a)microsoft.com> Cc: K. Y. Srinivasan <kys(a)microsoft.com> Cc: Stable <stable(a)vger.kernel.org> # 4.14 and above Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/hv/channel_mgmt.c b/drivers/hv/channel_mgmt.c index ecc2bd275a73..f3b551a50653 100644 --- a/drivers/hv/channel_mgmt.c +++ b/drivers/hv/channel_mgmt.c @@ -527,10 +527,8 @@ static void vmbus_process_offer(struct vmbus_channel *newchannel) struct hv_device *dev = newchannel->primary_channel->device_obj; - if (vmbus_add_channel_kobj(dev, newchannel)) { - atomic_dec(&vmbus_connection.offer_in_progress); + if (vmbus_add_channel_kobj(dev, newchannel)) goto err_free_chan; - } if (channel->sc_creation_callback != NULL) channel->sc_creation_callback(newchannel);

7 years, 1 month

2
1
0 0

FAILED: patch "[PATCH] printk/tracing: Do not trace printk_nmi_enter()" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From d1c392c9e2a301f38998a353f467f76414e38725 Mon Sep 17 00:00:00 2001 From: "Steven Rostedt (VMware)" <rostedt(a)goodmis.org> Date: Wed, 5 Sep 2018 16:29:49 -0400 Subject: [PATCH] printk/tracing: Do not trace printk_nmi_enter() I hit the following splat in my tests: ------------[ cut here ]------------ IRQs not enabled as expected WARNING: CPU: 3 PID: 0 at kernel/time/tick-sched.c:982 tick_nohz_idle_enter+0x44/0x8c Modules linked in: ip6t_REJECT nf_reject_ipv6 ip6table_filter ip6_tables ipv6 CPU: 3 PID: 0 Comm: swapper/3 Not tainted 4.19.0-rc2-test+ #2 Hardware name: MSI MS-7823/CSM-H87M-G43 (MS-7823), BIOS V1.6 02/22/2014 EIP: tick_nohz_idle_enter+0x44/0x8c Code: ec 05 00 00 00 75 26 83 b8 c0 05 00 00 00 75 1d 80 3d d0 36 3e c1 00 75 14 68 94 63 12 c1 c6 05 d0 36 3e c1 01 e8 04 ee f8 ff <0f> 0b 58 fa bb a0 e5 66 c1 e8 25 0f 04 00 64 03 1d 28 31 52 c1 8b EAX: 0000001c EBX: f26e7f8c ECX: 00000006 EDX: 00000007 ESI: f26dd1c0 EDI: 00000000 EBP: f26e7f40 ESP: f26e7f38 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010296 CR0: 80050033 CR2: 0813c6b0 CR3: 2f342000 CR4: 001406f0 Call Trace: do_idle+0x33/0x202 cpu_startup_entry+0x61/0x63 start_secondary+0x18e/0x1ed startup_32_smp+0x164/0x168 irq event stamp: 18773830 hardirqs last enabled at (18773829): [<c040150c>] trace_hardirqs_on_thunk+0xc/0x10 hardirqs last disabled at (18773830): [<c040151c>] trace_hardirqs_off_thunk+0xc/0x10 softirqs last enabled at (18773824): [<c0ddaa6f>] __do_softirq+0x25f/0x2bf softirqs last disabled at (18773767): [<c0416bbe>] call_on_stack+0x45/0x4b ---[ end trace b7c64aa79e17954a ]--- After a bit of debugging, I found what was happening. This would trigger when performing "perf" with a high NMI interrupt rate, while enabling and disabling function tracer. Ftrace uses breakpoints to convert the nops at the start of functions to calls to the function trampolines. The breakpoint traps disable interrupts and this makes calls into lockdep via the trace_hardirqs_off_thunk in the entry.S code. What happens is the following: do_idle { [interrupts enabled] <interrupt> [interrupts disabled] TRACE_IRQS_OFF [lockdep says irqs off] [...] TRACE_IRQS_IRET test if pt_regs say return to interrupts enabled [yes] TRACE_IRQS_ON [lockdep says irqs are on] <nmi> nmi_enter() { printk_nmi_enter() [traced by ftrace] [ hit ftrace breakpoint ] <breakpoint exception> TRACE_IRQS_OFF [lockdep says irqs off] [...] TRACE_IRQS_IRET [return from breakpoint] test if pt_regs say interrupts enabled [no] [iret back to interrupt] [iret back to code] tick_nohz_idle_enter() { lockdep_assert_irqs_enabled() [lockdep say no!] Although interrupts are indeed enabled, lockdep thinks it is not, and since we now do asserts via lockdep, it gives a false warning. The issue here is that printk_nmi_enter() is called before lockdep_off(), which disables lockdep (for this reason) in NMIs. By simply not allowing ftrace to see printk_nmi_enter() (via notrace annotation) we keep lockdep from getting confused. Cc: stable(a)vger.kernel.org Fixes: 42a0bb3f71383 ("printk/nmi: generic solution for safe printk in NMI") Acked-by: Sergey Senozhatsky <sergey.senozhatsky(a)gmail.com> Acked-by: Petr Mladek <pmladek(a)suse.com> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/kernel/printk/printk_safe.c b/kernel/printk/printk_safe.c index a0a74c533e4b..0913b4d385de 100644 --- a/kernel/printk/printk_safe.c +++ b/kernel/printk/printk_safe.c @@ -306,12 +306,12 @@ static __printf(1, 0) int vprintk_nmi(const char *fmt, va_list args) return printk_safe_log_store(s, fmt, args); } -void printk_nmi_enter(void) +void notrace printk_nmi_enter(void) { this_cpu_or(printk_context, PRINTK_NMI_CONTEXT_MASK); } -void printk_nmi_exit(void) +void notrace printk_nmi_exit(void) { this_cpu_and(printk_context, ~PRINTK_NMI_CONTEXT_MASK); }

7 years, 1 month

3
2
0 0

[PATCH] Revert "ARM: imx_v6_v7_defconfig: Select ULPI support"

by Fabio Estevam

From: Fabio Estevam <fabio.estevam(a)nxp.com> This reverts commit df06ca1f565077596512fa2ab91df502e48e4f00. This commit causes reboot to fail on imx6 wandboard, so let's revert it. Cc: <stable(a)vger.kernel.org> #4.17 Reported-by: Rasmus Villemoes <rasmus.villemoes(a)prevas.dk> Signed-off-by: Fabio Estevam <fabio.estevam(a)nxp.com> --- arch/arm/configs/imx_v6_v7_defconfig | 2 -- 1 file changed, 2 deletions(-) diff --git a/arch/arm/configs/imx_v6_v7_defconfig b/arch/arm/configs/imx_v6_v7_defconfig index 19c924d..3a30843 100644 --- a/arch/arm/configs/imx_v6_v7_defconfig +++ b/arch/arm/configs/imx_v6_v7_defconfig @@ -294,7 +294,6 @@ CONFIG_USB_STORAGE=y CONFIG_USB_CHIPIDEA=y CONFIG_USB_CHIPIDEA_UDC=y CONFIG_USB_CHIPIDEA_HOST=y -CONFIG_USB_CHIPIDEA_ULPI=y CONFIG_USB_SERIAL=m CONFIG_USB_SERIAL_GENERIC=y CONFIG_USB_SERIAL_FTDI_SIO=m @@ -331,7 +330,6 @@ CONFIG_USB_GADGETFS=m CONFIG_USB_FUNCTIONFS=m CONFIG_USB_MASS_STORAGE=m CONFIG_USB_G_SERIAL=m -CONFIG_USB_ULPI_BUS=y CONFIG_MMC=y CONFIG_MMC_SDHCI=y CONFIG_MMC_SDHCI_PLTFM=y -- 2.7.4

7 years, 1 month

3
3
0 0

FAILED: patch "[PATCH] ubifs: Check data node size before truncate" failed to apply to 3.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 3.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 95a22d2084d72ea067d8323cc85677dba5d97cae Mon Sep 17 00:00:00 2001 From: Richard Weinberger <richard(a)nod.at> Date: Sun, 1 Jul 2018 23:20:51 +0200 Subject: [PATCH] ubifs: Check data node size before truncate Check whether the size is within bounds before using it. If the size is not correct, abort and dump the bad data node. Cc: Kees Cook <keescook(a)chromium.org> Cc: Silvio Cesare <silvio.cesare(a)gmail.com> Cc: stable(a)vger.kernel.org Fixes: 1e51764a3c2ac ("UBIFS: add new flash file system") Reported-by: Silvio Cesare <silvio.cesare(a)gmail.com> Signed-off-by: Richard Weinberger <richard(a)nod.at> Reviewed-by: Kees Cook <keescook(a)chromium.org> Signed-off-by: Richard Weinberger <richard(a)nod.at> diff --git a/fs/ubifs/journal.c b/fs/ubifs/journal.c index 1406765c3ef9..cef0d76d490a 100644 --- a/fs/ubifs/journal.c +++ b/fs/ubifs/journal.c @@ -1393,7 +1393,16 @@ int ubifs_jnl_truncate(struct ubifs_info *c, const struct inode *inode, else if (err) goto out_free; else { - if (le32_to_cpu(dn->size) <= dlen) + int dn_len = le32_to_cpu(dn->size); + + if (dn_len <= 0 || dn_len > UBIFS_BLOCK_SIZE) { + ubifs_err(c, "bad data node (block %u, inode %lu)", + blk, inode->i_ino); + ubifs_dump_node(c, dn); + goto out_free; + } + + if (dn_len <= dlen) dlen = 0; /* Nothing to do */ else { err = truncate_data_node(c, inode, blk, dn, &dlen);

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] libnvdimm: Use max contiguous area for namespace size" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 12e3129e29b406c41bc89231092a20d79dbf802c Mon Sep 17 00:00:00 2001 From: Keith Busch <keith.busch(a)intel.com> Date: Tue, 24 Jul 2018 15:07:57 -0600 Subject: [PATCH] libnvdimm: Use max contiguous area for namespace size This patch will find the max contiguous area to determine the largest pmem namespace size that can be created. If the requested size exceeds the largest available, ENOSPC error will be returned. This fixes the allocation underrun error and wrong error return code that have otherwise been observed as the following kernel warning: WARNING: CPU: <CPU> PID: <PID> at drivers/nvdimm/namespace_devs.c:913 size_store Fixes: a1f3e4d6a0c3 ("libnvdimm, region: update nd_region_available_dpa() for multi-pmem support") Cc: <stable(a)vger.kernel.org> Signed-off-by: Keith Busch <keith.busch(a)intel.com> Reviewed-by: Vishal Verma <vishal.l.verma(a)intel.com> Signed-off-by: Dave Jiang <dave.jiang(a)intel.com> diff --git a/drivers/nvdimm/dimm_devs.c b/drivers/nvdimm/dimm_devs.c index 8d348b22ba45..863cabc35215 100644 --- a/drivers/nvdimm/dimm_devs.c +++ b/drivers/nvdimm/dimm_devs.c @@ -536,6 +536,37 @@ resource_size_t nd_blk_available_dpa(struct nd_region *nd_region) return info.available; } +/** + * nd_pmem_max_contiguous_dpa - For the given dimm+region, return the max + * contiguous unallocated dpa range. + * @nd_region: constrain available space check to this reference region + * @nd_mapping: container of dpa-resource-root + labels + */ +resource_size_t nd_pmem_max_contiguous_dpa(struct nd_region *nd_region, + struct nd_mapping *nd_mapping) +{ + struct nvdimm_drvdata *ndd = to_ndd(nd_mapping); + struct nvdimm_bus *nvdimm_bus; + resource_size_t max = 0; + struct resource *res; + + /* if a dimm is disabled the available capacity is zero */ + if (!ndd) + return 0; + + nvdimm_bus = walk_to_nvdimm_bus(ndd->dev); + if (__reserve_free_pmem(&nd_region->dev, nd_mapping->nvdimm)) + return 0; + for_each_dpa_resource(ndd, res) { + if (strcmp(res->name, "pmem-reserve") != 0) + continue; + if (resource_size(res) > max) + max = resource_size(res); + } + release_free_pmem(nvdimm_bus, nd_mapping); + return max; +} + /** * nd_pmem_available_dpa - for the given dimm+region account unallocated dpa * @nd_mapping: container of dpa-resource-root + labels diff --git a/drivers/nvdimm/namespace_devs.c b/drivers/nvdimm/namespace_devs.c index cb322f2bc605..4a4266250c28 100644 --- a/drivers/nvdimm/namespace_devs.c +++ b/drivers/nvdimm/namespace_devs.c @@ -799,7 +799,7 @@ static int merge_dpa(struct nd_region *nd_region, return 0; } -static int __reserve_free_pmem(struct device *dev, void *data) +int __reserve_free_pmem(struct device *dev, void *data) { struct nvdimm *nvdimm = data; struct nd_region *nd_region; @@ -836,7 +836,7 @@ static int __reserve_free_pmem(struct device *dev, void *data) return 0; } -static void release_free_pmem(struct nvdimm_bus *nvdimm_bus, +void release_free_pmem(struct nvdimm_bus *nvdimm_bus, struct nd_mapping *nd_mapping) { struct nvdimm_drvdata *ndd = to_ndd(nd_mapping); @@ -1032,7 +1032,7 @@ static ssize_t __size_store(struct device *dev, unsigned long long val) allocated += nvdimm_allocated_dpa(ndd, &label_id); } - available = nd_region_available_dpa(nd_region); + available = nd_region_allocatable_dpa(nd_region); if (val > available + allocated) return -ENOSPC; diff --git a/drivers/nvdimm/nd-core.h b/drivers/nvdimm/nd-core.h index 79274ead54fb..ac68072fb8cd 100644 --- a/drivers/nvdimm/nd-core.h +++ b/drivers/nvdimm/nd-core.h @@ -100,6 +100,14 @@ struct nd_region; struct nvdimm_drvdata; struct nd_mapping; void nd_mapping_free_labels(struct nd_mapping *nd_mapping); + +int __reserve_free_pmem(struct device *dev, void *data); +void release_free_pmem(struct nvdimm_bus *nvdimm_bus, + struct nd_mapping *nd_mapping); + +resource_size_t nd_pmem_max_contiguous_dpa(struct nd_region *nd_region, + struct nd_mapping *nd_mapping); +resource_size_t nd_region_allocatable_dpa(struct nd_region *nd_region); resource_size_t nd_pmem_available_dpa(struct nd_region *nd_region, struct nd_mapping *nd_mapping, resource_size_t *overlap); resource_size_t nd_blk_available_dpa(struct nd_region *nd_region); diff --git a/drivers/nvdimm/region_devs.c b/drivers/nvdimm/region_devs.c index ec3543b83330..c30d5af02cc2 100644 --- a/drivers/nvdimm/region_devs.c +++ b/drivers/nvdimm/region_devs.c @@ -389,6 +389,30 @@ resource_size_t nd_region_available_dpa(struct nd_region *nd_region) return available; } +resource_size_t nd_region_allocatable_dpa(struct nd_region *nd_region) +{ + resource_size_t available = 0; + int i; + + if (is_memory(&nd_region->dev)) + available = PHYS_ADDR_MAX; + + WARN_ON(!is_nvdimm_bus_locked(&nd_region->dev)); + for (i = 0; i < nd_region->ndr_mappings; i++) { + struct nd_mapping *nd_mapping = &nd_region->mapping[i]; + + if (is_memory(&nd_region->dev)) + available = min(available, + nd_pmem_max_contiguous_dpa(nd_region, + nd_mapping)); + else if (is_nd_blk(&nd_region->dev)) + available += nd_blk_available_dpa(nd_region); + } + if (is_memory(&nd_region->dev)) + return available * nd_region->ndr_mappings; + return available; +} + static ssize_t available_size_show(struct device *dev, struct device_attribute *attr, char *buf) {

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] libnvdimm: Use max contiguous area for namespace size" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 12e3129e29b406c41bc89231092a20d79dbf802c Mon Sep 17 00:00:00 2001 From: Keith Busch <keith.busch(a)intel.com> Date: Tue, 24 Jul 2018 15:07:57 -0600 Subject: [PATCH] libnvdimm: Use max contiguous area for namespace size This patch will find the max contiguous area to determine the largest pmem namespace size that can be created. If the requested size exceeds the largest available, ENOSPC error will be returned. This fixes the allocation underrun error and wrong error return code that have otherwise been observed as the following kernel warning: WARNING: CPU: <CPU> PID: <PID> at drivers/nvdimm/namespace_devs.c:913 size_store Fixes: a1f3e4d6a0c3 ("libnvdimm, region: update nd_region_available_dpa() for multi-pmem support") Cc: <stable(a)vger.kernel.org> Signed-off-by: Keith Busch <keith.busch(a)intel.com> Reviewed-by: Vishal Verma <vishal.l.verma(a)intel.com> Signed-off-by: Dave Jiang <dave.jiang(a)intel.com> diff --git a/drivers/nvdimm/dimm_devs.c b/drivers/nvdimm/dimm_devs.c index 8d348b22ba45..863cabc35215 100644 --- a/drivers/nvdimm/dimm_devs.c +++ b/drivers/nvdimm/dimm_devs.c @@ -536,6 +536,37 @@ resource_size_t nd_blk_available_dpa(struct nd_region *nd_region) return info.available; } +/** + * nd_pmem_max_contiguous_dpa - For the given dimm+region, return the max + * contiguous unallocated dpa range. + * @nd_region: constrain available space check to this reference region + * @nd_mapping: container of dpa-resource-root + labels + */ +resource_size_t nd_pmem_max_contiguous_dpa(struct nd_region *nd_region, + struct nd_mapping *nd_mapping) +{ + struct nvdimm_drvdata *ndd = to_ndd(nd_mapping); + struct nvdimm_bus *nvdimm_bus; + resource_size_t max = 0; + struct resource *res; + + /* if a dimm is disabled the available capacity is zero */ + if (!ndd) + return 0; + + nvdimm_bus = walk_to_nvdimm_bus(ndd->dev); + if (__reserve_free_pmem(&nd_region->dev, nd_mapping->nvdimm)) + return 0; + for_each_dpa_resource(ndd, res) { + if (strcmp(res->name, "pmem-reserve") != 0) + continue; + if (resource_size(res) > max) + max = resource_size(res); + } + release_free_pmem(nvdimm_bus, nd_mapping); + return max; +} + /** * nd_pmem_available_dpa - for the given dimm+region account unallocated dpa * @nd_mapping: container of dpa-resource-root + labels diff --git a/drivers/nvdimm/namespace_devs.c b/drivers/nvdimm/namespace_devs.c index cb322f2bc605..4a4266250c28 100644 --- a/drivers/nvdimm/namespace_devs.c +++ b/drivers/nvdimm/namespace_devs.c @@ -799,7 +799,7 @@ static int merge_dpa(struct nd_region *nd_region, return 0; } -static int __reserve_free_pmem(struct device *dev, void *data) +int __reserve_free_pmem(struct device *dev, void *data) { struct nvdimm *nvdimm = data; struct nd_region *nd_region; @@ -836,7 +836,7 @@ static int __reserve_free_pmem(struct device *dev, void *data) return 0; } -static void release_free_pmem(struct nvdimm_bus *nvdimm_bus, +void release_free_pmem(struct nvdimm_bus *nvdimm_bus, struct nd_mapping *nd_mapping) { struct nvdimm_drvdata *ndd = to_ndd(nd_mapping); @@ -1032,7 +1032,7 @@ static ssize_t __size_store(struct device *dev, unsigned long long val) allocated += nvdimm_allocated_dpa(ndd, &label_id); } - available = nd_region_available_dpa(nd_region); + available = nd_region_allocatable_dpa(nd_region); if (val > available + allocated) return -ENOSPC; diff --git a/drivers/nvdimm/nd-core.h b/drivers/nvdimm/nd-core.h index 79274ead54fb..ac68072fb8cd 100644 --- a/drivers/nvdimm/nd-core.h +++ b/drivers/nvdimm/nd-core.h @@ -100,6 +100,14 @@ struct nd_region; struct nvdimm_drvdata; struct nd_mapping; void nd_mapping_free_labels(struct nd_mapping *nd_mapping); + +int __reserve_free_pmem(struct device *dev, void *data); +void release_free_pmem(struct nvdimm_bus *nvdimm_bus, + struct nd_mapping *nd_mapping); + +resource_size_t nd_pmem_max_contiguous_dpa(struct nd_region *nd_region, + struct nd_mapping *nd_mapping); +resource_size_t nd_region_allocatable_dpa(struct nd_region *nd_region); resource_size_t nd_pmem_available_dpa(struct nd_region *nd_region, struct nd_mapping *nd_mapping, resource_size_t *overlap); resource_size_t nd_blk_available_dpa(struct nd_region *nd_region); diff --git a/drivers/nvdimm/region_devs.c b/drivers/nvdimm/region_devs.c index ec3543b83330..c30d5af02cc2 100644 --- a/drivers/nvdimm/region_devs.c +++ b/drivers/nvdimm/region_devs.c @@ -389,6 +389,30 @@ resource_size_t nd_region_available_dpa(struct nd_region *nd_region) return available; } +resource_size_t nd_region_allocatable_dpa(struct nd_region *nd_region) +{ + resource_size_t available = 0; + int i; + + if (is_memory(&nd_region->dev)) + available = PHYS_ADDR_MAX; + + WARN_ON(!is_nvdimm_bus_locked(&nd_region->dev)); + for (i = 0; i < nd_region->ndr_mappings; i++) { + struct nd_mapping *nd_mapping = &nd_region->mapping[i]; + + if (is_memory(&nd_region->dev)) + available = min(available, + nd_pmem_max_contiguous_dpa(nd_region, + nd_mapping)); + else if (is_nd_blk(&nd_region->dev)) + available += nd_blk_available_dpa(nd_region); + } + if (is_memory(&nd_region->dev)) + return available * nd_region->ndr_mappings; + return available; +} + static ssize_t available_size_show(struct device *dev, struct device_attribute *attr, char *buf) {

7 years, 1 month

1
0
0 0

[PULL RESEND v2 2/4] arm64: KVM: Only force FPEXC32_EL2.EN if trapping FPSIMD

by Christoffer Dall

From: Marc Zyngier <marc.zyngier(a)arm.com> If trapping FPSIMD in the context of an AArch32 guest, it is critical to set FPEXC32_EL2.EN to 1 so that the trapping is taken to EL2 and not EL1. Conversely, it is just as critical *not* to set FPEXC32_EL2.EN to 1 if we're not going to trap FPSIMD, as we then corrupt the existing VFP state. Moving the call to __activate_traps_fpsimd32 to the point where we know for sure that we are going to trap ensures that we don't set that bit spuriously. Fixes: e6b673b741ea ("KVM: arm64: Optimise FPSIMD handling to reduce guest/host thrashing") Cc: stable(a)vger.kernel.org # v4.18 Cc: Dave Martin <dave.martin(a)arm.com> Reported-by: Alexander Graf <agraf(a)suse.de> Tested-by: Alexander Graf <agraf(a)suse.de> Signed-off-by: Marc Zyngier <marc.zyngier(a)arm.com> Signed-off-by: Christoffer Dall <christoffer.dall(a)arm.com> --- arch/arm64/kvm/hyp/switch.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/arch/arm64/kvm/hyp/switch.c b/arch/arm64/kvm/hyp/switch.c index d496ef579859..ca46153d7915 100644 --- a/arch/arm64/kvm/hyp/switch.c +++ b/arch/arm64/kvm/hyp/switch.c @@ -98,8 +98,10 @@ static void activate_traps_vhe(struct kvm_vcpu *vcpu) val = read_sysreg(cpacr_el1); val |= CPACR_EL1_TTA; val &= ~CPACR_EL1_ZEN; - if (!update_fp_enabled(vcpu)) + if (!update_fp_enabled(vcpu)) { val &= ~CPACR_EL1_FPEN; + __activate_traps_fpsimd32(vcpu); + } write_sysreg(val, cpacr_el1); @@ -114,8 +116,10 @@ static void __hyp_text __activate_traps_nvhe(struct kvm_vcpu *vcpu) val = CPTR_EL2_DEFAULT; val |= CPTR_EL2_TTA | CPTR_EL2_TZ; - if (!update_fp_enabled(vcpu)) + if (!update_fp_enabled(vcpu)) { val |= CPTR_EL2_TFP; + __activate_traps_fpsimd32(vcpu); + } write_sysreg(val, cptr_el2); } @@ -129,7 +133,6 @@ static void __hyp_text __activate_traps(struct kvm_vcpu *vcpu) if (cpus_have_const_cap(ARM64_HAS_RAS_EXTN) && (hcr & HCR_VSE)) write_sysreg_s(vcpu->arch.vsesr_el2, SYS_VSESR_EL2); - __activate_traps_fpsimd32(vcpu); if (has_vhe()) activate_traps_vhe(vcpu); else -- 2.18.0

7 years, 1 month

1
0
0 0

[PULL RESEND v2 1/4] KVM: arm/arm64: Clean dcache to PoC when changing PTE due to CoW

by Christoffer Dall

From: Marc Zyngier <marc.zyngier(a)arm.com> When triggering a CoW, we unmap the RO page via an MMU notifier (invalidate_range_start), and then populate the new PTE using another one (change_pte). In the meantime, we'll have copied the old page into the new one. The problem is that the data for the new page is sitting in the cache, and should the guest have an uncached mapping to that page (or its MMU off), following accesses will bypass the cache. In a way, this is similar to what happens on a translation fault: We need to clean the page to the PoC before mapping it. So let's just do that. This fixes a KVM unit test regression observed on a HiSilicon platform, and subsequently reproduced on Seattle. Fixes: a9c0e12ebee5 ("KVM: arm/arm64: Only clean the dcache on translation fault") Cc: stable(a)vger.kernel.org # v4.16+ Reported-by: Mike Galbraith <efault(a)gmx.de> Signed-off-by: Marc Zyngier <marc.zyngier(a)arm.com> Signed-off-by: Christoffer Dall <christoffer.dall(a)arm.com> --- virt/kvm/arm/mmu.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c index 91aaf73b00df..111a660be3be 100644 --- a/virt/kvm/arm/mmu.c +++ b/virt/kvm/arm/mmu.c @@ -1860,13 +1860,20 @@ static int kvm_set_spte_handler(struct kvm *kvm, gpa_t gpa, u64 size, void *data void kvm_set_spte_hva(struct kvm *kvm, unsigned long hva, pte_t pte) { unsigned long end = hva + PAGE_SIZE; + kvm_pfn_t pfn = pte_pfn(pte); pte_t stage2_pte; if (!kvm->arch.pgd) return; trace_kvm_set_spte_hva(hva); - stage2_pte = pfn_pte(pte_pfn(pte), PAGE_S2); + + /* + * We've moved a page around, probably through CoW, so let's treat it + * just like a translation fault and clean the cache to the PoC. + */ + clean_dcache_guest_page(pfn, PAGE_SIZE); + stage2_pte = pfn_pte(pfn, PAGE_S2); handle_hva_to_gpa(kvm, hva, end, &kvm_set_spte_handler, &stage2_pte); } -- 2.18.0

7 years, 1 month

1
0
0 0

[PATCH RESEND] btrfs: fix error handling in free_log_tree

by jeffm＠suse.com

From: Jeff Mahoney <jeffm(a)suse.com> When we hit an I/O error in free_log_tree->walk_log_tree during file system shutdown we can crash due to there not being a valid transaction handle. Use btrfs_handle_fs_error when there's no transaction handle to use. BUG: unable to handle kernel NULL pointer dereference at 0000000000000060 IP: free_log_tree+0xd2/0x140 [btrfs] PGD 0 P4D 0 Oops: 0000 [#1] SMP DEBUG_PAGEALLOC PTI Modules linked in: <modules> CPU: 2 PID: 23544 Comm: umount Tainted: G W 4.12.14-kvmsmall #9 SLE15 (unreleased) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 task: ffff96bfd3478880 task.stack: ffffa7cf40d78000 RIP: 0010:free_log_tree+0xd2/0x140 [btrfs] RSP: 0018:ffffa7cf40d7bd10 EFLAGS: 00010282 RAX: 00000000fffffffb RBX: 00000000fffffffb RCX: 0000000000000002 RDX: 0000000000000000 RSI: ffff96c02f07d4c8 RDI: 0000000000000282 RBP: ffff96c013cf1000 R08: ffff96c02f07d4c8 R09: ffff96c02f07d4d0 R10: 0000000000000000 R11: 0000000000000002 R12: 0000000000000000 R13: ffff96c005e800c0 R14: ffffa7cf40d7bdb8 R15: 0000000000000000 FS: 00007f17856bcfc0(0000) GS:ffff96c03f600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000060 CR3: 0000000045ed6002 CR4: 00000000003606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ? wait_for_writer+0xb0/0xb0 [btrfs] btrfs_free_log+0x17/0x30 [btrfs] btrfs_drop_and_free_fs_root+0x9a/0xe0 [btrfs] btrfs_free_fs_roots+0xc0/0x130 [btrfs] ? wait_for_completion+0xf2/0x100 close_ctree+0xea/0x2e0 [btrfs] ? kthread_stop+0x161/0x260 generic_shutdown_super+0x6c/0x120 kill_anon_super+0xe/0x20 btrfs_kill_super+0x13/0x100 [btrfs] deactivate_locked_super+0x3f/0x70 cleanup_mnt+0x3b/0x70 task_work_run+0x78/0x90 exit_to_usermode_loop+0x77/0xa6 do_syscall_64+0x1c5/0x1e0 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x7f1784f90827 RSP: 002b:00007ffdeeb03118 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 RAX: 0000000000000000 RBX: 0000556a60c62970 RCX: 00007f1784f90827 RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000556a60c62b50 RBP: 0000000000000000 R08: 0000000000000005 R09: 00000000ffffffff R10: 0000556a60c63900 R11: 0000000000000246 R12: 0000556a60c62b50 R13: 00007f17854a81c4 R14: 0000000000000000 R15: 0000000000000000 Code: 65 a1 fd ff be 01 00 00 00 48 89 ef e8 58 a1 fd ff 48 8b 7d 00 e8 9f 33 fe ff 48 89 ef e8 17 6c d3 ed 48 83 c4 50 5b 5d 41 5c c3 <49> 8b 44 24 60 f0 0f ba a8 80 65 01 00 02 72 23 83 fb fb 75 39 RIP: free_log_tree+0xd2/0x140 [btrfs] RSP: ffffa7cf40d7bd10 CR2: 0000000000000060 ---[ end trace 3bc199fbf8fb4977 ]--- Cc: <stable(a)vger.kernel.org> # v3.13 Fixes: 681ae50917df9 (Btrfs: cleanup reserved space when freeing tree log on error) Signed-off-by: Jeff Mahoney <jeffm(a)suse.com> --- fs/btrfs/tree-log.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/fs/btrfs/tree-log.c b/fs/btrfs/tree-log.c index f8220ec02036..a5f6971a125f 100644 --- a/fs/btrfs/tree-log.c +++ b/fs/btrfs/tree-log.c @@ -3143,9 +3143,12 @@ static void free_log_tree(struct btrfs_trans_handle *trans, }; ret = walk_log_tree(trans, log, &wc); - /* I don't think this can happen but just in case */ - if (ret) - btrfs_abort_transaction(trans, ret); + if (ret) { + if (trans) + btrfs_abort_transaction(trans, ret); + else + btrfs_handle_fs_error(log->fs_info, ret, NULL); + } while (1) { ret = find_first_extent_bit(&log->dirty_log_pages, -- 2.12.3

7 years, 1 month

3
2
0 0

FAILED: patch "[PATCH] pwm: tiehrpwm: Don't use emulation mode bits to control PWM" failed to apply to 3.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 3.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From aa49d628f6e016bcec8c6f8e704b9b18ee697329 Mon Sep 17 00:00:00 2001 From: Vignesh R <vigneshr(a)ti.com> Date: Mon, 11 Jun 2018 11:39:55 +0530 Subject: [PATCH] pwm: tiehrpwm: Don't use emulation mode bits to control PWM output As per AM335x TRM SPRUH73P "15.2.2.11 ePWM Behavior During Emulation", TBCTL[15:14] only have effect during emulation suspend events (IOW, to stop PWM when debugging using a debugger). These bits have no effect on PWM output during normal running of system. Hence, remove code accessing these bits as they have no role in enabling/disabling PWMs. Fixes: 19891b20e7c2 ("pwm: pwm-tiehrpwm: PWM driver support for EHRPWM") Cc: stable(a)vger.kernel.org Signed-off-by: Vignesh R <vigneshr(a)ti.com> Signed-off-by: Thierry Reding <thierry.reding(a)gmail.com> diff --git a/drivers/pwm/pwm-tiehrpwm.c b/drivers/pwm/pwm-tiehrpwm.c index 4c22cb395040..768176f54d5e 100644 --- a/drivers/pwm/pwm-tiehrpwm.c +++ b/drivers/pwm/pwm-tiehrpwm.c @@ -33,10 +33,6 @@ #define TBCTL 0x00 #define TBPRD 0x0A -#define TBCTL_RUN_MASK (BIT(15) | BIT(14)) -#define TBCTL_STOP_NEXT 0 -#define TBCTL_STOP_ON_CYCLE BIT(14) -#define TBCTL_FREE_RUN (BIT(15) | BIT(14)) #define TBCTL_PRDLD_MASK BIT(3) #define TBCTL_PRDLD_SHDW 0 #define TBCTL_PRDLD_IMDT BIT(3) @@ -360,7 +356,7 @@ static int ehrpwm_pwm_enable(struct pwm_chip *chip, struct pwm_device *pwm) /* Channels polarity can be configured from action qualifier module */ configure_polarity(pc, pwm->hwpwm); - /* Enable TBCLK before enabling PWM device */ + /* Enable TBCLK */ ret = clk_enable(pc->tbclk); if (ret) { dev_err(chip->dev, "Failed to enable TBCLK for %s: %d\n", @@ -368,9 +364,6 @@ static int ehrpwm_pwm_enable(struct pwm_chip *chip, struct pwm_device *pwm) return ret; } - /* Enable time counter for free_run */ - ehrpwm_modify(pc->mmio_base, TBCTL, TBCTL_RUN_MASK, TBCTL_FREE_RUN); - return 0; } @@ -400,9 +393,6 @@ static void ehrpwm_pwm_disable(struct pwm_chip *chip, struct pwm_device *pwm) /* Disabling TBCLK on PWM disable */ clk_disable(pc->tbclk); - /* Stop Time base counter */ - ehrpwm_modify(pc->mmio_base, TBCTL, TBCTL_RUN_MASK, TBCTL_STOP_NEXT); - /* Disable clock on PWM disable */ pm_runtime_put_sync(chip->dev); }

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] pwm: tiehrpwm: Don't use emulation mode bits to control PWM" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From aa49d628f6e016bcec8c6f8e704b9b18ee697329 Mon Sep 17 00:00:00 2001 From: Vignesh R <vigneshr(a)ti.com> Date: Mon, 11 Jun 2018 11:39:55 +0530 Subject: [PATCH] pwm: tiehrpwm: Don't use emulation mode bits to control PWM output As per AM335x TRM SPRUH73P "15.2.2.11 ePWM Behavior During Emulation", TBCTL[15:14] only have effect during emulation suspend events (IOW, to stop PWM when debugging using a debugger). These bits have no effect on PWM output during normal running of system. Hence, remove code accessing these bits as they have no role in enabling/disabling PWMs. Fixes: 19891b20e7c2 ("pwm: pwm-tiehrpwm: PWM driver support for EHRPWM") Cc: stable(a)vger.kernel.org Signed-off-by: Vignesh R <vigneshr(a)ti.com> Signed-off-by: Thierry Reding <thierry.reding(a)gmail.com> diff --git a/drivers/pwm/pwm-tiehrpwm.c b/drivers/pwm/pwm-tiehrpwm.c index 4c22cb395040..768176f54d5e 100644 --- a/drivers/pwm/pwm-tiehrpwm.c +++ b/drivers/pwm/pwm-tiehrpwm.c @@ -33,10 +33,6 @@ #define TBCTL 0x00 #define TBPRD 0x0A -#define TBCTL_RUN_MASK (BIT(15) | BIT(14)) -#define TBCTL_STOP_NEXT 0 -#define TBCTL_STOP_ON_CYCLE BIT(14) -#define TBCTL_FREE_RUN (BIT(15) | BIT(14)) #define TBCTL_PRDLD_MASK BIT(3) #define TBCTL_PRDLD_SHDW 0 #define TBCTL_PRDLD_IMDT BIT(3) @@ -360,7 +356,7 @@ static int ehrpwm_pwm_enable(struct pwm_chip *chip, struct pwm_device *pwm) /* Channels polarity can be configured from action qualifier module */ configure_polarity(pc, pwm->hwpwm); - /* Enable TBCLK before enabling PWM device */ + /* Enable TBCLK */ ret = clk_enable(pc->tbclk); if (ret) { dev_err(chip->dev, "Failed to enable TBCLK for %s: %d\n", @@ -368,9 +364,6 @@ static int ehrpwm_pwm_enable(struct pwm_chip *chip, struct pwm_device *pwm) return ret; } - /* Enable time counter for free_run */ - ehrpwm_modify(pc->mmio_base, TBCTL, TBCTL_RUN_MASK, TBCTL_FREE_RUN); - return 0; } @@ -400,9 +393,6 @@ static void ehrpwm_pwm_disable(struct pwm_chip *chip, struct pwm_device *pwm) /* Disabling TBCLK on PWM disable */ clk_disable(pc->tbclk); - /* Stop Time base counter */ - ehrpwm_modify(pc->mmio_base, TBCTL, TBCTL_RUN_MASK, TBCTL_STOP_NEXT); - /* Disable clock on PWM disable */ pm_runtime_put_sync(chip->dev); }

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] pwm: tiehrpwm: Don't use emulation mode bits to control PWM" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From aa49d628f6e016bcec8c6f8e704b9b18ee697329 Mon Sep 17 00:00:00 2001 From: Vignesh R <vigneshr(a)ti.com> Date: Mon, 11 Jun 2018 11:39:55 +0530 Subject: [PATCH] pwm: tiehrpwm: Don't use emulation mode bits to control PWM output As per AM335x TRM SPRUH73P "15.2.2.11 ePWM Behavior During Emulation", TBCTL[15:14] only have effect during emulation suspend events (IOW, to stop PWM when debugging using a debugger). These bits have no effect on PWM output during normal running of system. Hence, remove code accessing these bits as they have no role in enabling/disabling PWMs. Fixes: 19891b20e7c2 ("pwm: pwm-tiehrpwm: PWM driver support for EHRPWM") Cc: stable(a)vger.kernel.org Signed-off-by: Vignesh R <vigneshr(a)ti.com> Signed-off-by: Thierry Reding <thierry.reding(a)gmail.com> diff --git a/drivers/pwm/pwm-tiehrpwm.c b/drivers/pwm/pwm-tiehrpwm.c index 4c22cb395040..768176f54d5e 100644 --- a/drivers/pwm/pwm-tiehrpwm.c +++ b/drivers/pwm/pwm-tiehrpwm.c @@ -33,10 +33,6 @@ #define TBCTL 0x00 #define TBPRD 0x0A -#define TBCTL_RUN_MASK (BIT(15) | BIT(14)) -#define TBCTL_STOP_NEXT 0 -#define TBCTL_STOP_ON_CYCLE BIT(14) -#define TBCTL_FREE_RUN (BIT(15) | BIT(14)) #define TBCTL_PRDLD_MASK BIT(3) #define TBCTL_PRDLD_SHDW 0 #define TBCTL_PRDLD_IMDT BIT(3) @@ -360,7 +356,7 @@ static int ehrpwm_pwm_enable(struct pwm_chip *chip, struct pwm_device *pwm) /* Channels polarity can be configured from action qualifier module */ configure_polarity(pc, pwm->hwpwm); - /* Enable TBCLK before enabling PWM device */ + /* Enable TBCLK */ ret = clk_enable(pc->tbclk); if (ret) { dev_err(chip->dev, "Failed to enable TBCLK for %s: %d\n", @@ -368,9 +364,6 @@ static int ehrpwm_pwm_enable(struct pwm_chip *chip, struct pwm_device *pwm) return ret; } - /* Enable time counter for free_run */ - ehrpwm_modify(pc->mmio_base, TBCTL, TBCTL_RUN_MASK, TBCTL_FREE_RUN); - return 0; } @@ -400,9 +393,6 @@ static void ehrpwm_pwm_disable(struct pwm_chip *chip, struct pwm_device *pwm) /* Disabling TBCLK on PWM disable */ clk_disable(pc->tbclk); - /* Stop Time base counter */ - ehrpwm_modify(pc->mmio_base, TBCTL, TBCTL_RUN_MASK, TBCTL_STOP_NEXT); - /* Disable clock on PWM disable */ pm_runtime_put_sync(chip->dev); }

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] ubifs: xattr: Don't operate on deleted inodes" failed to apply to 3.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 3.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 11a6fc3dc743e22fb50f2196ec55bee5140d3c52 Mon Sep 17 00:00:00 2001 From: Richard Weinberger <richard(a)nod.at> Date: Sun, 8 Jul 2018 23:33:25 +0200 Subject: [PATCH] ubifs: xattr: Don't operate on deleted inodes xattr operations can race with unlink and the following assert triggers: UBIFS assert failed in ubifs_jnl_change_xattr at 1606 (pid 6256) Fix this by checking i_nlink before working on the host inode. Cc: <stable(a)vger.kernel.org> Fixes: 1e51764a3c2a ("UBIFS: add new flash file system") Signed-off-by: Richard Weinberger <richard(a)nod.at> diff --git a/fs/ubifs/xattr.c b/fs/ubifs/xattr.c index 6f720fdf5020..09e37e63bddd 100644 --- a/fs/ubifs/xattr.c +++ b/fs/ubifs/xattr.c @@ -152,6 +152,12 @@ static int create_xattr(struct ubifs_info *c, struct inode *host, ui->data_len = size; mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_cnt += 1; host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); @@ -184,6 +190,7 @@ static int create_xattr(struct ubifs_info *c, struct inode *host, host_ui->xattr_size -= CALC_XATTR_BYTES(size); host_ui->xattr_names -= fname_len(nm); host_ui->flags &= ~UBIFS_CRYPT_FL; +out_noent: mutex_unlock(&host_ui->ui_mutex); out_free: make_bad_inode(inode); @@ -235,6 +242,12 @@ static int change_xattr(struct ubifs_info *c, struct inode *host, mutex_unlock(&ui->ui_mutex); mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_size -= CALC_XATTR_BYTES(old_size); host_ui->xattr_size += CALC_XATTR_BYTES(size); @@ -256,6 +269,7 @@ static int change_xattr(struct ubifs_info *c, struct inode *host, out_cancel: host_ui->xattr_size -= CALC_XATTR_BYTES(size); host_ui->xattr_size += CALC_XATTR_BYTES(old_size); +out_noent: mutex_unlock(&host_ui->ui_mutex); make_bad_inode(inode); out_free: @@ -482,6 +496,12 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host, return err; mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_cnt -= 1; host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm)); @@ -501,6 +521,7 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host, host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len); host_ui->xattr_names += fname_len(nm); +out_noent: mutex_unlock(&host_ui->ui_mutex); ubifs_release_budget(c, &req); make_bad_inode(inode); @@ -540,6 +561,9 @@ static int ubifs_xattr_remove(struct inode *host, const char *name) ubifs_assert(inode_is_locked(host)); + if (!host->i_nlink) + return -ENOENT; + if (fname_len(&nm) > UBIFS_MAX_NLEN) return -ENAMETOOLONG;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] ubifs: xattr: Don't operate on deleted inodes" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 11a6fc3dc743e22fb50f2196ec55bee5140d3c52 Mon Sep 17 00:00:00 2001 From: Richard Weinberger <richard(a)nod.at> Date: Sun, 8 Jul 2018 23:33:25 +0200 Subject: [PATCH] ubifs: xattr: Don't operate on deleted inodes xattr operations can race with unlink and the following assert triggers: UBIFS assert failed in ubifs_jnl_change_xattr at 1606 (pid 6256) Fix this by checking i_nlink before working on the host inode. Cc: <stable(a)vger.kernel.org> Fixes: 1e51764a3c2a ("UBIFS: add new flash file system") Signed-off-by: Richard Weinberger <richard(a)nod.at> diff --git a/fs/ubifs/xattr.c b/fs/ubifs/xattr.c index 6f720fdf5020..09e37e63bddd 100644 --- a/fs/ubifs/xattr.c +++ b/fs/ubifs/xattr.c @@ -152,6 +152,12 @@ static int create_xattr(struct ubifs_info *c, struct inode *host, ui->data_len = size; mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_cnt += 1; host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); @@ -184,6 +190,7 @@ static int create_xattr(struct ubifs_info *c, struct inode *host, host_ui->xattr_size -= CALC_XATTR_BYTES(size); host_ui->xattr_names -= fname_len(nm); host_ui->flags &= ~UBIFS_CRYPT_FL; +out_noent: mutex_unlock(&host_ui->ui_mutex); out_free: make_bad_inode(inode); @@ -235,6 +242,12 @@ static int change_xattr(struct ubifs_info *c, struct inode *host, mutex_unlock(&ui->ui_mutex); mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_size -= CALC_XATTR_BYTES(old_size); host_ui->xattr_size += CALC_XATTR_BYTES(size); @@ -256,6 +269,7 @@ static int change_xattr(struct ubifs_info *c, struct inode *host, out_cancel: host_ui->xattr_size -= CALC_XATTR_BYTES(size); host_ui->xattr_size += CALC_XATTR_BYTES(old_size); +out_noent: mutex_unlock(&host_ui->ui_mutex); make_bad_inode(inode); out_free: @@ -482,6 +496,12 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host, return err; mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_cnt -= 1; host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm)); @@ -501,6 +521,7 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host, host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len); host_ui->xattr_names += fname_len(nm); +out_noent: mutex_unlock(&host_ui->ui_mutex); ubifs_release_budget(c, &req); make_bad_inode(inode); @@ -540,6 +561,9 @@ static int ubifs_xattr_remove(struct inode *host, const char *name) ubifs_assert(inode_is_locked(host)); + if (!host->i_nlink) + return -ENOENT; + if (fname_len(&nm) > UBIFS_MAX_NLEN) return -ENAMETOOLONG;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] ubifs: xattr: Don't operate on deleted inodes" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 11a6fc3dc743e22fb50f2196ec55bee5140d3c52 Mon Sep 17 00:00:00 2001 From: Richard Weinberger <richard(a)nod.at> Date: Sun, 8 Jul 2018 23:33:25 +0200 Subject: [PATCH] ubifs: xattr: Don't operate on deleted inodes xattr operations can race with unlink and the following assert triggers: UBIFS assert failed in ubifs_jnl_change_xattr at 1606 (pid 6256) Fix this by checking i_nlink before working on the host inode. Cc: <stable(a)vger.kernel.org> Fixes: 1e51764a3c2a ("UBIFS: add new flash file system") Signed-off-by: Richard Weinberger <richard(a)nod.at> diff --git a/fs/ubifs/xattr.c b/fs/ubifs/xattr.c index 6f720fdf5020..09e37e63bddd 100644 --- a/fs/ubifs/xattr.c +++ b/fs/ubifs/xattr.c @@ -152,6 +152,12 @@ static int create_xattr(struct ubifs_info *c, struct inode *host, ui->data_len = size; mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_cnt += 1; host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); @@ -184,6 +190,7 @@ static int create_xattr(struct ubifs_info *c, struct inode *host, host_ui->xattr_size -= CALC_XATTR_BYTES(size); host_ui->xattr_names -= fname_len(nm); host_ui->flags &= ~UBIFS_CRYPT_FL; +out_noent: mutex_unlock(&host_ui->ui_mutex); out_free: make_bad_inode(inode); @@ -235,6 +242,12 @@ static int change_xattr(struct ubifs_info *c, struct inode *host, mutex_unlock(&ui->ui_mutex); mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_size -= CALC_XATTR_BYTES(old_size); host_ui->xattr_size += CALC_XATTR_BYTES(size); @@ -256,6 +269,7 @@ static int change_xattr(struct ubifs_info *c, struct inode *host, out_cancel: host_ui->xattr_size -= CALC_XATTR_BYTES(size); host_ui->xattr_size += CALC_XATTR_BYTES(old_size); +out_noent: mutex_unlock(&host_ui->ui_mutex); make_bad_inode(inode); out_free: @@ -482,6 +496,12 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host, return err; mutex_lock(&host_ui->ui_mutex); + + if (!host->i_nlink) { + err = -ENOENT; + goto out_noent; + } + host->i_ctime = current_time(host); host_ui->xattr_cnt -= 1; host_ui->xattr_size -= CALC_DENT_SIZE(fname_len(nm)); @@ -501,6 +521,7 @@ static int remove_xattr(struct ubifs_info *c, struct inode *host, host_ui->xattr_size += CALC_DENT_SIZE(fname_len(nm)); host_ui->xattr_size += CALC_XATTR_BYTES(ui->data_len); host_ui->xattr_names += fname_len(nm); +out_noent: mutex_unlock(&host_ui->ui_mutex); ubifs_release_budget(c, &req); make_bad_inode(inode); @@ -540,6 +561,9 @@ static int ubifs_xattr_remove(struct inode *host, const char *name) ubifs_assert(inode_is_locked(host)); + if (!host->i_nlink) + return -ENOENT; + if (fname_len(&nm) > UBIFS_MAX_NLEN) return -ENAMETOOLONG;

7 years, 1 month

1
0
0 0

[PATCH 4/6] drm/i915: Handle incomplete Z_FINISH for compressed error states

by Chris Wilson

The final call to zlib_deflate(Z_FINISH) may require more output space to be allocated and so needs to re-invoked. Failure to do so in the current code leads to incomplete zlib streams (albeit intact due to the use of Z_SYNC_FLUSH) resulting in the occasional short object capture. Testcase: igt/i915-error-capture.js Fixes: 0a97015d45ee ("drm/i915: Compress GPU objects in error state") Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Cc: Joonas Lahtinen <joonas.lahtinen(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> # v4.10+ --- drivers/gpu/drm/i915/i915_gpu_error.c | 60 +++++++++++++++++++++------ 1 file changed, 47 insertions(+), 13 deletions(-) diff --git a/drivers/gpu/drm/i915/i915_gpu_error.c b/drivers/gpu/drm/i915/i915_gpu_error.c index 2835cacd0d08..9789f4ff8c32 100644 --- a/drivers/gpu/drm/i915/i915_gpu_error.c +++ b/drivers/gpu/drm/i915/i915_gpu_error.c @@ -237,6 +237,7 @@ static int compress_page(struct compress *c, struct drm_i915_error_object *dst) { struct z_stream_s *zstream = &c->zstream; + int flush = Z_NO_FLUSH; zstream->next_in = src; if (c->tmp && i915_memcpy_from_wc(c->tmp, src, PAGE_SIZE)) @@ -257,8 +258,11 @@ static int compress_page(struct compress *c, zstream->avail_out = PAGE_SIZE; } - if (zlib_deflate(zstream, Z_SYNC_FLUSH) != Z_OK) + if (zlib_deflate(zstream, flush) != Z_OK) return -EIO; + + if (zstream->avail_out) + flush = Z_SYNC_FLUSH; } while (zstream->avail_in); /* Fallback to uncompressed if we increase size? */ @@ -268,19 +272,43 @@ static int compress_page(struct compress *c, return 0; } -static void compress_fini(struct compress *c, +static int compress_flush(struct compress *c, struct drm_i915_error_object *dst) { struct z_stream_s *zstream = &c->zstream; + unsigned long page; - if (dst) { - zlib_deflate(zstream, Z_FINISH); - dst->unused = zstream->avail_out; - } + do { + switch (zlib_deflate(zstream, Z_FINISH)) { + case Z_OK: /* more space requested */ + page = __get_free_page(GFP_ATOMIC | __GFP_NOWARN); + if (!page) + return -ENOMEM; + + dst->pages[dst->page_count++] = (void *)page; + zstream->next_out = (void *)page; + zstream->avail_out = PAGE_SIZE; + break; + case Z_STREAM_END: + goto end; + default: /* any error */ + return -EIO; + } + } while (1); + +end: + memset(zstream->next_out, 0, zstream->avail_out); + dst->unused = zstream->avail_out; + return 0; +} + +static void compress_fini(struct compress *c, + struct drm_i915_error_object *dst) +{ + struct z_stream_s *zstream = &c->zstream; zlib_deflateEnd(zstream); kfree(zstream->workspace); - if (c->tmp) free_page((unsigned long)c->tmp); } @@ -319,6 +347,12 @@ static int compress_page(struct compress *c, return 0; } +static int compress_flush(struct compress *c, + struct drm_i915_error_object *dst) +{ + return 0; +} + static void compress_fini(struct compress *c, struct drm_i915_error_object *dst) { @@ -951,15 +985,15 @@ i915_error_object_create(struct drm_i915_private *i915, if (ret) goto unwind; } - goto out; + if (compress_flush(&compress, dst)) { unwind: - while (dst->page_count--) - free_page((unsigned long)dst->pages[dst->page_count]); - kfree(dst); - dst = NULL; + while (dst->page_count--) + free_page((unsigned long)dst->pages[dst->page_count]); + kfree(dst); + dst = NULL; + } -out: compress_fini(&compress, dst); ggtt->vm.clear_range(&ggtt->vm, slot, PAGE_SIZE); return dst; -- 2.19.0.rc2

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] Fix kexec forbidding kernels signed with keys in the" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From ea93102f32244e3f45c8b26260be77ed0cc1d16c Mon Sep 17 00:00:00 2001 From: Yannik Sembritzki <yannik(a)sembritzki.me> Date: Thu, 16 Aug 2018 14:05:23 +0100 Subject: [PATCH] Fix kexec forbidding kernels signed with keys in the secondary keyring to boot The split of .system_keyring into .builtin_trusted_keys and .secondary_trusted_keys broke kexec, thereby preventing kernels signed by keys which are now in the secondary keyring from being kexec'd. Fix this by passing VERIFY_USE_SECONDARY_KEYRING to verify_pefile_signature(). Fixes: d3bfe84129f6 ("certs: Add a secondary system keyring that can be added to dynamically") Signed-off-by: Yannik Sembritzki <yannik(a)sembritzki.me> Signed-off-by: David Howells <dhowells(a)redhat.com> Cc: kexec(a)lists.infradead.org Cc: keyrings(a)vger.kernel.org Cc: linux-security-module(a)vger.kernel.org Cc: stable(a)kernel.org Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/arch/x86/kernel/kexec-bzimage64.c b/arch/x86/kernel/kexec-bzimage64.c index 7326078eaa7a..278cd07228dd 100644 --- a/arch/x86/kernel/kexec-bzimage64.c +++ b/arch/x86/kernel/kexec-bzimage64.c @@ -532,7 +532,7 @@ static int bzImage64_cleanup(void *loader_data) static int bzImage64_verify_sig(const char *kernel, unsigned long kernel_len) { return verify_pefile_signature(kernel, kernel_len, - NULL, + VERIFY_USE_SECONDARY_KEYRING, VERIFYING_KEXEC_PE_SIGNATURE); } #endif

7 years, 1 month

3
6
0 0

Re: [PATCH] xen-blkback: Switch to closed state after releasing the backing device

by Valentin Vidic

On Wed, Sep 05, 2018 at 01:35:15PM +0200, Valentin Vidic wrote: > > AFAICT, this will cause the backend to never switch to 'Closed' state > > until the toolstack sets online to 0, which is not good IMO. > > > > If for example a frontend decides to close a device, the backend will > > stay in state 'Closing' until the toolstack actually removes the disk > > by setting online to 0. > > > > This will prevent resetting blk connections, as blkback will refuse to > > switch to state XenbusStateInitWait unless it's at XenbusStateClosed > > (see the XenbusStateInitialising case in frontend_changed), which will > > never be reached with your patch. Would it be possible to call xen_vbd_free before the state change? case XenbusStateClosed: xen_blkif_disconnect(be->blkif); xen_vbd_free(&be->blkif->vbd); xenbus_switch_state(dev, XenbusStateClosed); -- Valentin

7 years, 1 month

2
8
0 0

FAILED: patch "[PATCH] cpufreq: governor: Avoid accessing invalid governor_data" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 2a3eb51e30b9ac66fe1b75877627a7e4aaeca24a Mon Sep 17 00:00:00 2001 From: Henry Willard <henry.willard(a)oracle.com> Date: Tue, 14 Aug 2018 17:01:02 -0700 Subject: [PATCH] cpufreq: governor: Avoid accessing invalid governor_data If cppc_cpufreq.ko is deleted at the same time that tuned-adm is changing profiles, there is a small chance that a race can occur between cpufreq_dbs_governor_exit() and cpufreq_dbs_governor_limits() resulting in a system failure when the latter tries to use policy->governor_data that has been freed by the former. This patch uses gov_dbs_data_mutex to synchronize access. Fixes: e788892ba3cc (cpufreq: governor: Get rid of governor events) Signed-off-by: Henry Willard <henry.willard(a)oracle.com> [ rjw: Subject, minor white space adjustment ] Cc: 4.8+ <stable(a)vger.kernel.org> # 4.8+ Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> diff --git a/drivers/cpufreq/cpufreq_governor.c b/drivers/cpufreq/cpufreq_governor.c index 1d50e97d49f1..6d53f7d9fc7a 100644 --- a/drivers/cpufreq/cpufreq_governor.c +++ b/drivers/cpufreq/cpufreq_governor.c @@ -555,12 +555,20 @@ EXPORT_SYMBOL_GPL(cpufreq_dbs_governor_stop); void cpufreq_dbs_governor_limits(struct cpufreq_policy *policy) { - struct policy_dbs_info *policy_dbs = policy->governor_data; + struct policy_dbs_info *policy_dbs; + + /* Protect gov->gdbs_data against cpufreq_dbs_governor_exit() */ + mutex_lock(&gov_dbs_data_mutex); + policy_dbs = policy->governor_data; + if (!policy_dbs) + goto out; mutex_lock(&policy_dbs->update_mutex); cpufreq_policy_apply_limits(policy); gov_update_sample_delay(policy_dbs, 0); - mutex_unlock(&policy_dbs->update_mutex); + +out: + mutex_unlock(&gov_dbs_data_mutex); } EXPORT_SYMBOL_GPL(cpufreq_dbs_governor_limits);

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] Replace magic for trusting the secondary keyring with #define" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 817aef260037f33ee0f44c17fe341323d3aebd6d Mon Sep 17 00:00:00 2001 From: Yannik Sembritzki <yannik(a)sembritzki.me> Date: Thu, 16 Aug 2018 14:05:10 +0100 Subject: [PATCH] Replace magic for trusting the secondary keyring with #define Replace the use of a magic number that indicates that verify_*_signature() should use the secondary keyring with a symbol. Signed-off-by: Yannik Sembritzki <yannik(a)sembritzki.me> Signed-off-by: David Howells <dhowells(a)redhat.com> Cc: keyrings(a)vger.kernel.org Cc: linux-security-module(a)vger.kernel.org Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/certs/system_keyring.c b/certs/system_keyring.c index 6251d1b27f0c..81728717523d 100644 --- a/certs/system_keyring.c +++ b/certs/system_keyring.c @@ -15,6 +15,7 @@ #include <linux/cred.h> #include <linux/err.h> #include <linux/slab.h> +#include <linux/verification.h> #include <keys/asymmetric-type.h> #include <keys/system_keyring.h> #include <crypto/pkcs7.h> @@ -230,7 +231,7 @@ int verify_pkcs7_signature(const void *data, size_t len, if (!trusted_keys) { trusted_keys = builtin_trusted_keys; - } else if (trusted_keys == (void *)1UL) { + } else if (trusted_keys == VERIFY_USE_SECONDARY_KEYRING) { #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING trusted_keys = secondary_trusted_keys; #else diff --git a/crypto/asymmetric_keys/pkcs7_key_type.c b/crypto/asymmetric_keys/pkcs7_key_type.c index e284d9cb9237..5b2f6a2b5585 100644 --- a/crypto/asymmetric_keys/pkcs7_key_type.c +++ b/crypto/asymmetric_keys/pkcs7_key_type.c @@ -63,7 +63,7 @@ static int pkcs7_preparse(struct key_preparsed_payload *prep) return verify_pkcs7_signature(NULL, 0, prep->data, prep->datalen, - (void *)1UL, usage, + VERIFY_USE_SECONDARY_KEYRING, usage, pkcs7_view_content, prep); } diff --git a/include/linux/verification.h b/include/linux/verification.h index a10549a6c7cd..cfa4730d607a 100644 --- a/include/linux/verification.h +++ b/include/linux/verification.h @@ -12,6 +12,12 @@ #ifndef _LINUX_VERIFICATION_H #define _LINUX_VERIFICATION_H +/* + * Indicate that both builtin trusted keys and secondary trusted keys + * should be used. + */ +#define VERIFY_USE_SECONDARY_KEYRING ((struct key *)1UL) + /* * The use to which an asymmetric key is being put. */

7 years, 1 month

3
2
0 0

FAILED: patch "[PATCH] RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 0dfe452241f4904de497aef01ad2f609ccb9be90 Mon Sep 17 00:00:00 2001 From: Leon Romanovsky <leonro(a)mellanox.com> Date: Wed, 1 Aug 2018 14:25:41 -0700 Subject: [PATCH] RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq [ 61.182439] UBSAN: Undefined behaviour in drivers/infiniband/hw/mlx5/qp.c:5366:34 [ 61.183673] shift exponent 4294967288 is too large for 32-bit type 'unsigned int' [ 61.185530] CPU: 0 PID: 639 Comm: qp Not tainted 4.18.0-rc1-00037-g4aa1d69a9c60-dirty #96 [ 61.186981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-2.fc27 04/01/2014 [ 61.188315] Call Trace: [ 61.188661] dump_stack+0xc7/0x13b [ 61.190427] ubsan_epilogue+0x9/0x49 [ 61.190899] __ubsan_handle_shift_out_of_bounds+0x1ea/0x22f [ 61.197040] mlx5_ib_create_wq+0x1c99/0x1d50 [ 61.206632] ib_uverbs_ex_create_wq+0x499/0x820 [ 61.213892] ib_uverbs_write+0x77e/0xae0 [ 61.248018] vfs_write+0x121/0x3b0 [ 61.249831] ksys_write+0xa1/0x120 [ 61.254024] do_syscall_64+0x7c/0x2a0 [ 61.256178] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 61.259211] RIP: 0033:0x7f54bab70e99 [ 61.262125] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 [ 61.268678] RSP: 002b:00007ffe1541c318 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 61.271076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f54bab70e99 [ 61.273795] RDX: 0000000000000070 RSI: 0000000020000240 RDI: 0000000000000003 [ 61.276982] RBP: 00007ffe1541c330 R08: 00000000200078e0 R09: 0000000000000002 [ 61.280035] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004005c0 [ 61.283279] R13: 00007ffe1541c420 R14: 0000000000000000 R15: 0000000000000000 Cc: <stable(a)vger.kernel.org> # 4.7 Fixes: 79b20a6c3014 ("IB/mlx5: Add receive Work Queue verbs") Cc: syzkaller <syzkaller(a)googlegroups.com> Reported-by: Noa Osherovich <noaos(a)mellanox.com> Signed-off-by: Leon Romanovsky <leonro(a)mellanox.com> Signed-off-by: Kees Cook <keescook(a)chromium.org> Signed-off-by: Jason Gunthorpe <jgg(a)mellanox.com> diff --git a/drivers/infiniband/hw/mlx5/qp.c b/drivers/infiniband/hw/mlx5/qp.c index 6efd770797d1..351c2efceb35 100644 --- a/drivers/infiniband/hw/mlx5/qp.c +++ b/drivers/infiniband/hw/mlx5/qp.c @@ -5362,7 +5362,9 @@ static int set_user_rq_size(struct mlx5_ib_dev *dev, rwq->wqe_count = ucmd->rq_wqe_count; rwq->wqe_shift = ucmd->rq_wqe_shift; - rwq->buf_size = (rwq->wqe_count << rwq->wqe_shift); + if (check_shl_overflow(rwq->wqe_count, rwq->wqe_shift, &rwq->buf_size)) + return -EINVAL; + rwq->log_rq_stride = rwq->wqe_shift; rwq->log_rq_size = ilog2(rwq->wqe_count); return 0;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 0dfe452241f4904de497aef01ad2f609ccb9be90 Mon Sep 17 00:00:00 2001 From: Leon Romanovsky <leonro(a)mellanox.com> Date: Wed, 1 Aug 2018 14:25:41 -0700 Subject: [PATCH] RDMA/mlx5: Fix shift overflow in mlx5_ib_create_wq [ 61.182439] UBSAN: Undefined behaviour in drivers/infiniband/hw/mlx5/qp.c:5366:34 [ 61.183673] shift exponent 4294967288 is too large for 32-bit type 'unsigned int' [ 61.185530] CPU: 0 PID: 639 Comm: qp Not tainted 4.18.0-rc1-00037-g4aa1d69a9c60-dirty #96 [ 61.186981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-2.fc27 04/01/2014 [ 61.188315] Call Trace: [ 61.188661] dump_stack+0xc7/0x13b [ 61.190427] ubsan_epilogue+0x9/0x49 [ 61.190899] __ubsan_handle_shift_out_of_bounds+0x1ea/0x22f [ 61.197040] mlx5_ib_create_wq+0x1c99/0x1d50 [ 61.206632] ib_uverbs_ex_create_wq+0x499/0x820 [ 61.213892] ib_uverbs_write+0x77e/0xae0 [ 61.248018] vfs_write+0x121/0x3b0 [ 61.249831] ksys_write+0xa1/0x120 [ 61.254024] do_syscall_64+0x7c/0x2a0 [ 61.256178] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 61.259211] RIP: 0033:0x7f54bab70e99 [ 61.262125] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 [ 61.268678] RSP: 002b:00007ffe1541c318 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 61.271076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f54bab70e99 [ 61.273795] RDX: 0000000000000070 RSI: 0000000020000240 RDI: 0000000000000003 [ 61.276982] RBP: 00007ffe1541c330 R08: 00000000200078e0 R09: 0000000000000002 [ 61.280035] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004005c0 [ 61.283279] R13: 00007ffe1541c420 R14: 0000000000000000 R15: 0000000000000000 Cc: <stable(a)vger.kernel.org> # 4.7 Fixes: 79b20a6c3014 ("IB/mlx5: Add receive Work Queue verbs") Cc: syzkaller <syzkaller(a)googlegroups.com> Reported-by: Noa Osherovich <noaos(a)mellanox.com> Signed-off-by: Leon Romanovsky <leonro(a)mellanox.com> Signed-off-by: Kees Cook <keescook(a)chromium.org> Signed-off-by: Jason Gunthorpe <jgg(a)mellanox.com> diff --git a/drivers/infiniband/hw/mlx5/qp.c b/drivers/infiniband/hw/mlx5/qp.c index 6efd770797d1..351c2efceb35 100644 --- a/drivers/infiniband/hw/mlx5/qp.c +++ b/drivers/infiniband/hw/mlx5/qp.c @@ -5362,7 +5362,9 @@ static int set_user_rq_size(struct mlx5_ib_dev *dev, rwq->wqe_count = ucmd->rq_wqe_count; rwq->wqe_shift = ucmd->rq_wqe_shift; - rwq->buf_size = (rwq->wqe_count << rwq->wqe_shift); + if (check_shl_overflow(rwq->wqe_count, rwq->wqe_shift, &rwq->buf_size)) + return -EINVAL; + rwq->log_rq_stride = rwq->wqe_shift; rwq->log_rq_size = ilog2(rwq->wqe_count); return 0;

7 years, 1 month

1
0
0 0

[PATCH RESEND] kthread, tracing: Don't expose half-written comm when creating kthreads

by Snild Dolkow

I didn't receive any replies on this, and it doesn't seem to have made it into the latest 3.18 or 4.4 releases. Previously sent on Aug 23rd: https://lists.linaro.org/pipermail/linux-stable-mirror/2018-August/056347.h… I assume I sent it wrong; maybe missing keywords or recipients? If anyone can tell me what I missed, I'd appreciate it. Trivial backport of commit 3e536e222f293053; newer kernels have simply moved the vararg macros. Testing: 3.18 and 4.4 booted OK in qemu. >8------------------------------------------------------8< [backport of commit 3e536e222f293053 from mainline] There is a window for racing when printing directly to task->comm, allowing other threads to see a non-terminated string. The vsnprintf function fills the buffer, counts the truncated chars, then finally writes the \0 at the end. creator other vsnprintf: fill (not terminated) count the rest trace_sched_waking(p): ... memcpy(comm, p->comm, TASK_COMM_LEN) write \0 The consequences depend on how 'other' uses the string. In our case, it was copied into the tracing system's saved cmdlines, a buffer of adjacent TASK_COMM_LEN-byte buffers (note the 'n' where 0 should be): crash-arm64> x/1024s savedcmd->saved_cmdlines | grep 'evenk' 0xffffffd5b3818640: "irq/497-pwr_evenkworker/u16:12" ...and a strcpy out of there would cause stack corruption: [224761.522292] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ffffff9bf9783c78 crash-arm64> kbt | grep 'comm\|trace_print_context' #6 0xffffff9bf9783c78 in trace_print_context+0x18c(+396) comm (char [16]) = "irq/497-pwr_even" crash-arm64> rd 0xffffffd4d0e17d14 8 ffffffd4d0e17d14: 2f71726900000000 5f7277702d373934 ....irq/497-pwr_ ffffffd4d0e17d24: 726f776b6e657665 3a3631752f72656b evenkworker/u16: ffffffd4d0e17d34: f9780248ff003231 cede60e0ffffff9b 12..H.x......`.. ffffffd4d0e17d44: cede60c8ffffffd4 00000fffffffffd4 .....`.......... The workaround in e09e28671 (use strlcpy in __trace_find_cmdline) was likely needed because of this same bug. Solved by vsnprintf:ing to a local buffer, then using set_task_comm(). This way, there won't be a window where comm is not terminated. Cc: stable(a)vger.kernel.org Fixes: bc0c38d139ec7 ("ftrace: latency tracer infrastructure") Reviewed-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> [backported to 3.18 / 4.4 by Snild] Signed-off-by: Snild Dolkow <snild(a)sony.com> --- kernel/kthread.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/kernel/kthread.c b/kernel/kthread.c index 850b255..ac6849e 100644 --- a/kernel/kthread.c +++ b/kernel/kthread.c @@ -313,10 +313,16 @@ struct task_struct *kthread_create_on_node(int (*threadfn)(void *data), task = create->result; if (!IS_ERR(task)) { static const struct sched_param param = { .sched_priority = 0 }; + char name[TASK_COMM_LEN]; va_list args; va_start(args, namefmt); - vsnprintf(task->comm, sizeof(task->comm), namefmt, args); + /* + * task is already visible to other tasks, so updating + * COMM must be protected. + */ + vsnprintf(name, sizeof(name), namefmt, args); + set_task_comm(task, name); va_end(args); /* * root may have changed our (kthreadd's) priority or CPU mask. -- 2.7.4

7 years, 1 month

2
3
0 0

[PATCH v3 02/10] usb: roles: Handle driver reference counting

by Heikki Krogerus

This fixes potential "BUG: unable to handle kernel paging request at ..." from happening. Fixes: fde0aa6c175a ("usb: common: Small class for USB role switches") Cc: <stable(a)vger.kernel.org> Signed-off-by: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> --- drivers/usb/common/roles.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/drivers/usb/common/roles.c b/drivers/usb/common/roles.c index 15cc76e22123..3d8a776e55ee 100644 --- a/drivers/usb/common/roles.c +++ b/drivers/usb/common/roles.c @@ -109,8 +109,15 @@ static void *usb_role_switch_match(struct device_connection *con, int ep, */ struct usb_role_switch *usb_role_switch_get(struct device *dev) { - return device_connection_find_match(dev, "usb-role-switch", NULL, - usb_role_switch_match); + struct usb_role_switch *sw; + + sw = device_connection_find_match(dev, "usb-role-switch", NULL, + usb_role_switch_match); + + if (!IS_ERR(sw)) + WARN_ON(!try_module_get(sw->dev.parent->driver->owner)); + + return sw; } EXPORT_SYMBOL_GPL(usb_role_switch_get); @@ -122,8 +129,10 @@ EXPORT_SYMBOL_GPL(usb_role_switch_get); */ void usb_role_switch_put(struct usb_role_switch *sw) { - if (!IS_ERR_OR_NULL(sw)) + if (!IS_ERR_OR_NULL(sw)) { put_device(&sw->dev); + module_put(sw->dev.parent->driver->owner); + } } EXPORT_SYMBOL_GPL(usb_role_switch_put); -- 2.18.0

7 years, 1 month

2
2
0 0

[PATCH] kthread, tracing: Don't expose half-written comm when creating kthreads

by Snild Dolkow

Trivial backport of commit 3e536e222f293053; newer kernels have simply moved the vararg macros. Testing: 3.18 and 4.4 booted OK in qemu. >8------------------------------------------------------8< [backport of commit 3e536e222f293053 from mainline] There is a window for racing when printing directly to task->comm, allowing other threads to see a non-terminated string. The vsnprintf function fills the buffer, counts the truncated chars, then finally writes the \0 at the end. creator other vsnprintf: fill (not terminated) count the rest trace_sched_waking(p): ... memcpy(comm, p->comm, TASK_COMM_LEN) write \0 The consequences depend on how 'other' uses the string. In our case, it was copied into the tracing system's saved cmdlines, a buffer of adjacent TASK_COMM_LEN-byte buffers (note the 'n' where 0 should be): crash-arm64> x/1024s savedcmd->saved_cmdlines | grep 'evenk' 0xffffffd5b3818640: "irq/497-pwr_evenkworker/u16:12" ...and a strcpy out of there would cause stack corruption: [224761.522292] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ffffff9bf9783c78 crash-arm64> kbt | grep 'comm\|trace_print_context' #6 0xffffff9bf9783c78 in trace_print_context+0x18c(+396) comm (char [16]) = "irq/497-pwr_even" crash-arm64> rd 0xffffffd4d0e17d14 8 ffffffd4d0e17d14: 2f71726900000000 5f7277702d373934 ....irq/497-pwr_ ffffffd4d0e17d24: 726f776b6e657665 3a3631752f72656b evenkworker/u16: ffffffd4d0e17d34: f9780248ff003231 cede60e0ffffff9b 12..H.x......`.. ffffffd4d0e17d44: cede60c8ffffffd4 00000fffffffffd4 .....`.......... The workaround in e09e28671 (use strlcpy in __trace_find_cmdline) was likely needed because of this same bug. Solved by vsnprintf:ing to a local buffer, then using set_task_comm(). This way, there won't be a window where comm is not terminated. Cc: stable(a)vger.kernel.org Fixes: bc0c38d139ec7 ("ftrace: latency tracer infrastructure") Reviewed-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> [backported to 3.18 / 4.4 by Snild] Signed-off-by: Snild Dolkow <snild(a)sony.com> --- kernel/kthread.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/kernel/kthread.c b/kernel/kthread.c index 850b255..ac6849e 100644 --- a/kernel/kthread.c +++ b/kernel/kthread.c @@ -313,10 +313,16 @@ struct task_struct *kthread_create_on_node(int (*threadfn)(void *data), task = create->result; if (!IS_ERR(task)) { static const struct sched_param param = { .sched_priority = 0 }; + char name[TASK_COMM_LEN]; va_list args; va_start(args, namefmt); - vsnprintf(task->comm, sizeof(task->comm), namefmt, args); + /* + * task is already visible to other tasks, so updating + * COMM must be protected. + */ + vsnprintf(name, sizeof(name), namefmt, args); + set_task_comm(task, name); va_end(args); /* * root may have changed our (kthreadd's) priority or CPU mask. -- 2.7.4

7 years, 1 month

2
1
0 0

FAILED: patch "[PATCH] extcon: Release locking when sending the notification of" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8a9dbb779fe882325b9a0238494a7afaff2eb444 Mon Sep 17 00:00:00 2001 From: Chanwoo Choi <cw00.choi(a)samsung.com> Date: Thu, 14 Jun 2018 11:16:29 +0900 Subject: [PATCH] extcon: Release locking when sending the notification of connector state Previously, extcon used the spinlock before calling the notifier_call_chain to prevent the scheduled out of task and to prevent the notification delay. When spinlock is locked for sending the notification, deadlock issue occured on the side of extcon consumer device. To fix this issue, extcon consumer device should always use the work. it is always not reasonable to use work. To fix this issue on extcon consumer device, release locking when sending the notification of connector state. Fixes: ab11af049f88 ("extcon: Add the synchronization extcon APIs to support the notification") Cc: stable(a)vger.kernel.org Cc: Roger Quadros <rogerq(a)ti.com> Cc: Kishon Vijay Abraham I <kishon(a)ti.com> Signed-off-by: Chanwoo Choi <cw00.choi(a)samsung.com> diff --git a/drivers/extcon/extcon.c b/drivers/extcon/extcon.c index af83ad58819c..b9d27c8fe57e 100644 --- a/drivers/extcon/extcon.c +++ b/drivers/extcon/extcon.c @@ -433,8 +433,8 @@ int extcon_sync(struct extcon_dev *edev, unsigned int id) return index; spin_lock_irqsave(&edev->lock, flags); - state = !!(edev->state & BIT(index)); + spin_unlock_irqrestore(&edev->lock, flags); /* * Call functions in a raw notifier chain for the specific one @@ -448,6 +448,7 @@ int extcon_sync(struct extcon_dev *edev, unsigned int id) */ raw_notifier_call_chain(&edev->nh_all, state, edev); + spin_lock_irqsave(&edev->lock, flags); /* This could be in interrupt handler */ prop_buf = (char *)get_zeroed_page(GFP_ATOMIC); if (!prop_buf) {

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] dm cache metadata: set dirty on all cache blocks after a" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 5b1fe7bec8a8d0cc547a22e7ddc2bd59acd67de4 Mon Sep 17 00:00:00 2001 From: Ilya Dryomov <idryomov(a)gmail.com> Date: Thu, 9 Aug 2018 12:38:28 +0200 Subject: [PATCH] dm cache metadata: set dirty on all cache blocks after a crash Quoting Documentation/device-mapper/cache.txt: The 'dirty' state for a cache block changes far too frequently for us to keep updating it on the fly. So we treat it as a hint. In normal operation it will be written when the dm device is suspended. If the system crashes all cache blocks will be assumed dirty when restarted. This got broken in commit f177940a8091 ("dm cache metadata: switch to using the new cursor api for loading metadata") in 4.9, which removed the code that consulted cmd->clean_when_opened (CLEAN_SHUTDOWN on-disk flag) when loading cache blocks. This results in data corruption on an unclean shutdown with dirty cache blocks on the fast device. After the crash those blocks are considered clean and may get evicted from the cache at any time. This can be demonstrated by doing a lot of reads to trigger individual evictions, but uncache is more predictable: ### Disable auto-activation in lvm.conf to be able to do uncache in ### time (i.e. see uncache doing flushing) when the fix is applied. # xfs_io -d -c 'pwrite -b 4M -S 0xaa 0 1G' /dev/vdb # vgcreate vg_cache /dev/vdb /dev/vdc # lvcreate -L 1G -n lv_slowdev vg_cache /dev/vdb # lvcreate -L 512M -n lv_cachedev vg_cache /dev/vdc # lvcreate -L 256M -n lv_metadev vg_cache /dev/vdc # lvconvert --type cache-pool --cachemode writeback vg_cache/lv_cachedev --poolmetadata vg_cache/lv_metadev # lvconvert --type cache vg_cache/lv_slowdev --cachepool vg_cache/lv_cachedev # xfs_io -d -c 'pwrite -b 4M -S 0xbb 0 512M' /dev/mapper/vg_cache-lv_slowdev # xfs_io -d -c 'pread -v 254M 512' /dev/mapper/vg_cache-lv_slowdev | head -n 2 0fe00000: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ 0fe00010: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ # dmsetup status vg_cache-lv_slowdev 0 2097152 cache 8 27/65536 128 8192/8192 1 100 0 0 0 8192 7065 2 metadata2 writeback 2 migration_threshold 2048 smq 0 rw - ^^^^ 7065 * 64k = 441M yet to be written to the slow device # echo b >/proc/sysrq-trigger # vgchange -ay vg_cache # xfs_io -d -c 'pread -v 254M 512' /dev/mapper/vg_cache-lv_slowdev | head -n 2 0fe00000: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ 0fe00010: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ # lvconvert --uncache vg_cache/lv_slowdev Flushing 0 blocks for cache vg_cache/lv_slowdev. Logical volume "lv_cachedev" successfully removed Logical volume vg_cache/lv_slowdev is not cached. # xfs_io -d -c 'pread -v 254M 512' /dev/mapper/vg_cache-lv_slowdev | head -n 2 0fe00000: aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa ................ 0fe00010: aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa aa ................ This is the case with both v1 and v2 cache pool metatata formats. After applying this patch: # vgchange -ay vg_cache # xfs_io -d -c 'pread -v 254M 512' /dev/mapper/vg_cache-lv_slowdev | head -n 2 0fe00000: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ 0fe00010: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ # lvconvert --uncache vg_cache/lv_slowdev Flushing 3724 blocks for cache vg_cache/lv_slowdev. ... Flushing 71 blocks for cache vg_cache/lv_slowdev. Logical volume "lv_cachedev" successfully removed Logical volume vg_cache/lv_slowdev is not cached. # xfs_io -d -c 'pread -v 254M 512' /dev/mapper/vg_cache-lv_slowdev | head -n 2 0fe00000: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ 0fe00010: bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb bb ................ Cc: stable(a)vger.kernel.org Fixes: f177940a8091 ("dm cache metadata: switch to using the new cursor api for loading metadata") Signed-off-by: Ilya Dryomov <idryomov(a)gmail.com> Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> diff --git a/drivers/md/dm-cache-metadata.c b/drivers/md/dm-cache-metadata.c index 1a449105b007..69dddeab124c 100644 --- a/drivers/md/dm-cache-metadata.c +++ b/drivers/md/dm-cache-metadata.c @@ -1323,6 +1323,7 @@ static int __load_mapping_v1(struct dm_cache_metadata *cmd, dm_oblock_t oblock; unsigned flags; + bool dirty = true; dm_array_cursor_get_value(mapping_cursor, (void **) &mapping_value_le); memcpy(&mapping, mapping_value_le, sizeof(mapping)); @@ -1333,8 +1334,10 @@ static int __load_mapping_v1(struct dm_cache_metadata *cmd, dm_array_cursor_get_value(hint_cursor, (void **) &hint_value_le); memcpy(&hint, hint_value_le, sizeof(hint)); } + if (cmd->clean_when_opened) + dirty = flags & M_DIRTY; - r = fn(context, oblock, to_cblock(cb), flags & M_DIRTY, + r = fn(context, oblock, to_cblock(cb), dirty, le32_to_cpu(hint), hints_valid); if (r) { DMERR("policy couldn't load cache block %llu", @@ -1362,7 +1365,7 @@ static int __load_mapping_v2(struct dm_cache_metadata *cmd, dm_oblock_t oblock; unsigned flags; - bool dirty; + bool dirty = true; dm_array_cursor_get_value(mapping_cursor, (void **) &mapping_value_le); memcpy(&mapping, mapping_value_le, sizeof(mapping)); @@ -1373,8 +1376,9 @@ static int __load_mapping_v2(struct dm_cache_metadata *cmd, dm_array_cursor_get_value(hint_cursor, (void **) &hint_value_le); memcpy(&hint, hint_value_le, sizeof(hint)); } + if (cmd->clean_when_opened) + dirty = dm_bitset_cursor_get_value(dirty_cursor); - dirty = dm_bitset_cursor_get_value(dirty_cursor); r = fn(context, oblock, to_cblock(cb), dirty, le32_to_cpu(hint), hints_valid); if (r) {

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] dm thin: stop no_space_timeout worker when switching to" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 75294442d896f2767be34f75aca7cc2b0d01301f Mon Sep 17 00:00:00 2001 From: Hou Tao <houtao1(a)huawei.com> Date: Thu, 2 Aug 2018 16:18:24 +0800 Subject: [PATCH] dm thin: stop no_space_timeout worker when switching to write-mode Now both check_for_space() and do_no_space_timeout() will read & write pool->pf.error_if_no_space. If these functions run concurrently, as shown in the following case, the default setting of "queue_if_no_space" can get lost. precondition: * error_if_no_space = false (aka "queue_if_no_space") * pool is in Out-of-Data-Space (OODS) mode * no_space_timeout worker has been queued CPU 0: CPU 1: // delete a thin device process_delete_mesg() // check_for_space() invoked by commit() set_pool_mode(pool, PM_WRITE) pool->pf.error_if_no_space = \ pt->requested_pf.error_if_no_space // timeout, pool is still in OODS mode do_no_space_timeout // "queue_if_no_space" config is lost pool->pf.error_if_no_space = true pool->pf.mode = new_mode Fix it by stopping no_space_timeout worker when switching to write mode. Fixes: bcc696fac11f ("dm thin: stay in out-of-data-space mode once no_space_timeout expires") Cc: stable(a)vger.kernel.org Signed-off-by: Hou Tao <houtao1(a)huawei.com> Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> diff --git a/drivers/md/dm-thin.c b/drivers/md/dm-thin.c index 5997d6808b57..7bd60a150f8f 100644 --- a/drivers/md/dm-thin.c +++ b/drivers/md/dm-thin.c @@ -2503,6 +2503,8 @@ static void set_pool_mode(struct pool *pool, enum pool_mode new_mode) case PM_WRITE: if (old_mode != new_mode) notify_of_pool_mode_change(pool, "write"); + if (old_mode == PM_OUT_OF_DATA_SPACE) + cancel_delayed_work_sync(&pool->no_space_timeout); pool->out_of_data_space = false; pool->pf.error_if_no_space = pt->requested_pf.error_if_no_space; dm_pool_metadata_read_write(pool->pmd);

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] RDMA/mlx5: Check that supplied blue flame index doesn't" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 05f58ceba123bdb420cf44c6ea04b6db467edd1c Mon Sep 17 00:00:00 2001 From: Leon Romanovsky <leonro(a)mellanox.com> Date: Sun, 8 Jul 2018 13:50:21 +0300 Subject: [PATCH] RDMA/mlx5: Check that supplied blue flame index doesn't overflow User's supplied index is checked again total number of system pages, but this number already includes num_static_sys_pages, so addition of that value to supplied index causes to below error while trying to access sys_pages[]. BUG: KASAN: slab-out-of-bounds in bfregn_to_uar_index+0x34f/0x400 Read of size 4 at addr ffff880065561904 by task syz-executor446/314 CPU: 0 PID: 314 Comm: syz-executor446 Not tainted 4.18.0-rc1+ #256 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.11.0-0-g63451fca13-prebuilt.qemu-project.org 04/01/2014 Call Trace: dump_stack+0xef/0x17e print_address_description+0x83/0x3b0 kasan_report+0x18d/0x4d0 bfregn_to_uar_index+0x34f/0x400 create_user_qp+0x272/0x227d create_qp_common+0x32eb/0x43e0 mlx5_ib_create_qp+0x379/0x1ca0 create_qp.isra.5+0xc94/0x22d0 ib_uverbs_create_qp+0x21b/0x2a0 ib_uverbs_write+0xc2c/0x1010 vfs_write+0x1b0/0x550 ksys_write+0xc6/0x1a0 do_syscall_64+0xa7/0x590 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x433679 Code: fd ff 48 81 c4 80 00 00 00 e9 f1 fe ff ff 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 91 fd ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007fff2b3d8e48 EFLAGS: 00000217 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00000000004002f8 RCX: 0000000000433679 RDX: 0000000000000040 RSI: 0000000020000240 RDI: 0000000000000003 RBP: 00000000006d4018 R08: 00000000004002f8 R09: 00000000004002f8 R10: 00000000004002f8 R11: 0000000000000217 R12: 0000000000000000 R13: 000000000040cb00 R14: 000000000040cb90 R15: 0000000000000006 Allocated by task 314: kasan_kmalloc+0xa0/0xd0 __kmalloc+0x1a9/0x510 mlx5_ib_alloc_ucontext+0x966/0x2620 ib_uverbs_get_context+0x23f/0xa60 ib_uverbs_write+0xc2c/0x1010 __vfs_write+0x10d/0x720 vfs_write+0x1b0/0x550 ksys_write+0xc6/0x1a0 do_syscall_64+0xa7/0x590 entry_SYSCALL_64_after_hwframe+0x49/0xbe Freed by task 1: __kasan_slab_free+0x12e/0x180 kfree+0x159/0x630 kvfree+0x37/0x50 single_release+0x8e/0xf0 __fput+0x2d8/0x900 task_work_run+0x102/0x1f0 exit_to_usermode_loop+0x159/0x1c0 do_syscall_64+0x408/0x590 entry_SYSCALL_64_after_hwframe+0x49/0xbe The buggy address belongs to the object at ffff880065561100 which belongs to the cache kmalloc-4096 of size 4096 The buggy address is located 2052 bytes inside of 4096-byte region [ffff880065561100, ffff880065562100) The buggy address belongs to the page: page:ffffea0001955800 count:1 mapcount:0 mapping:ffff88006c402480 index:0x0 compound_mapcount: 0 flags: 0x4000000000008100(slab|head) raw: 4000000000008100 ffffea0001a7c000 0000000200000002 ffff88006c402480 raw: 0000000000000000 0000000080070007 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff880065561800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff880065561880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff880065561900: 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff880065561980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff880065561a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc Cc: <stable(a)vger.kernel.org> # 4.15 Fixes: 1ee47ab3e8d8 ("IB/mlx5: Enable QP creation with a given blue flame index") Reported-by: Noa Osherovich <noaos(a)mellanox.com> Signed-off-by: Leon Romanovsky <leonro(a)mellanox.com> Signed-off-by: Jason Gunthorpe <jgg(a)mellanox.com> diff --git a/drivers/infiniband/hw/mlx5/mlx5_ib.h b/drivers/infiniband/hw/mlx5/mlx5_ib.h index 93087409f4b8..04a5d82c9cf3 100644 --- a/drivers/infiniband/hw/mlx5/mlx5_ib.h +++ b/drivers/infiniband/hw/mlx5/mlx5_ib.h @@ -1330,6 +1330,6 @@ unsigned long mlx5_ib_get_xlt_emergency_page(void); void mlx5_ib_put_xlt_emergency_page(void); int bfregn_to_uar_index(struct mlx5_ib_dev *dev, - struct mlx5_bfreg_info *bfregi, int bfregn, + struct mlx5_bfreg_info *bfregi, u32 bfregn, bool dyn_bfreg); #endif /* MLX5_IB_H */ diff --git a/drivers/infiniband/hw/mlx5/qp.c b/drivers/infiniband/hw/mlx5/qp.c index 51e68ca20215..d4414015b64f 100644 --- a/drivers/infiniband/hw/mlx5/qp.c +++ b/drivers/infiniband/hw/mlx5/qp.c @@ -631,22 +631,23 @@ static void mlx5_ib_unlock_cqs(struct mlx5_ib_cq *send_cq, struct mlx5_ib_cq *recv_cq); int bfregn_to_uar_index(struct mlx5_ib_dev *dev, - struct mlx5_bfreg_info *bfregi, int bfregn, + struct mlx5_bfreg_info *bfregi, u32 bfregn, bool dyn_bfreg) { - int bfregs_per_sys_page; - int index_of_sys_page; - int offset; + unsigned int bfregs_per_sys_page; + u32 index_of_sys_page; + u32 offset; bfregs_per_sys_page = get_uars_per_sys_page(dev, bfregi->lib_uar_4k) * MLX5_NON_FP_BFREGS_PER_UAR; index_of_sys_page = bfregn / bfregs_per_sys_page; - if (index_of_sys_page >= bfregi->num_sys_pages) - return -EINVAL; - if (dyn_bfreg) { index_of_sys_page += bfregi->num_static_sys_pages; + + if (index_of_sys_page >= bfregi->num_sys_pages) + return -EINVAL; + if (bfregn > bfregi->num_dyn_bfregs || bfregi->sys_pages[index_of_sys_page] == MLX5_IB_INVALID_UAR_INDEX) { mlx5_ib_dbg(dev, "Invalid dynamic uar index\n");

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] ib_srpt: Fix a use-after-free in __srpt_close_all_ch()" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 14d15c2b278011056482eb015dff89f9cbf2b841 Mon Sep 17 00:00:00 2001 From: Bart Van Assche <bart.vanassche(a)wdc.com> Date: Mon, 2 Jul 2018 14:08:45 -0700 Subject: [PATCH] ib_srpt: Fix a use-after-free in __srpt_close_all_ch() BUG: KASAN: use-after-free in srpt_set_enabled+0x1a9/0x1e0 [ib_srpt] Read of size 4 at addr ffff8801269d23f8 by task check/29726 CPU: 4 PID: 29726 Comm: check Not tainted 4.18.0-rc2-dbg+ #4 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 Call Trace: dump_stack+0xa4/0xf5 print_address_description+0x6f/0x270 kasan_report+0x241/0x360 __asan_load4+0x78/0x80 srpt_set_enabled+0x1a9/0x1e0 [ib_srpt] srpt_tpg_enable_store+0xb8/0x120 [ib_srpt] configfs_write_file+0x14e/0x1d0 [configfs] __vfs_write+0xd2/0x3b0 vfs_write+0x101/0x270 ksys_write+0xab/0x120 __x64_sys_write+0x43/0x50 do_syscall_64+0x77/0x230 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f235cfe6154 Fixes: aaf45bd83eba ("IB/srpt: Detect session shutdown reliably") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Jason Gunthorpe <jgg(a)mellanox.com> diff --git a/drivers/infiniband/ulp/srpt/ib_srpt.c b/drivers/infiniband/ulp/srpt/ib_srpt.c index 754da8d30952..e42eec20c631 100644 --- a/drivers/infiniband/ulp/srpt/ib_srpt.c +++ b/drivers/infiniband/ulp/srpt/ib_srpt.c @@ -1940,8 +1940,8 @@ static void __srpt_close_all_ch(struct srpt_port *sport) list_for_each_entry(nexus, &sport->nexus_list, entry) { list_for_each_entry(ch, &nexus->ch_list, list) { if (srpt_disconnect_ch(ch) >= 0) - pr_info("Closing channel %s-%d because target %s_%d has been disabled\n", - ch->sess_name, ch->qp->qp_num, + pr_info("Closing channel %s because target %s_%d has been disabled\n", + ch->sess_name, sport->sdev->device->name, sport->port); srpt_close_ch(ch); }

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] powerpc/pseries: Defer the logging of rtas error to irq work" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 94675cceacaec27a30eefb142c4c59a9d3131742 Mon Sep 17 00:00:00 2001 From: Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> Date: Wed, 4 Jul 2018 23:27:21 +0530 Subject: [PATCH] powerpc/pseries: Defer the logging of rtas error to irq work queue. rtas_log_buf is a buffer to hold RTAS event data that are communicated to kernel by hypervisor. This buffer is then used to pass RTAS event data to user through proc fs. This buffer is allocated from vmalloc (non-linear mapping) area. On Machine check interrupt, register r3 points to RTAS extended event log passed by hypervisor that contains the MCE event. The pseries machine check handler then logs this error into rtas_log_buf. The rtas_log_buf is a vmalloc-ed (non-linear) buffer we end up taking up a page fault (vector 0x300) while accessing it. Since machine check interrupt handler runs in NMI context we can not afford to take any page fault. Page faults are not honored in NMI context and causes kernel panic. Apart from that, as Nick pointed out, pSeries_log_error() also takes a spin_lock while logging error which is not safe in NMI context. It may endup in deadlock if we get another MCE before releasing the lock. Fix this by deferring the logging of rtas error to irq work queue. Current implementation uses two different buffers to hold rtas error log depending on whether extended log is provided or not. This makes bit difficult to identify which buffer has valid data that needs to logged later in irq work. Simplify this using single buffer, one per paca, and copy rtas log to it irrespective of whether extended log is provided or not. Allocate this buffer below RMA region so that it can be accessed in real mode mce handler. Fixes: b96672dd840f ("powerpc: Machine check interrupt is a non-maskable interrupt") Cc: stable(a)vger.kernel.org # v4.14+ Reviewed-by: Nicholas Piggin <npiggin(a)gmail.com> Signed-off-by: Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au> diff --git a/arch/powerpc/include/asm/paca.h b/arch/powerpc/include/asm/paca.h index 4e9cede5a7e7..ad4f16164619 100644 --- a/arch/powerpc/include/asm/paca.h +++ b/arch/powerpc/include/asm/paca.h @@ -247,6 +247,9 @@ struct paca_struct { void *rfi_flush_fallback_area; u64 l1d_flush_size; #endif +#ifdef CONFIG_PPC_PSERIES + u8 *mce_data_buf; /* buffer to hold per cpu rtas errlog */ +#endif /* CONFIG_PPC_PSERIES */ } ____cacheline_aligned; extern void copy_mm_to_paca(struct mm_struct *mm); diff --git a/arch/powerpc/platforms/pseries/ras.c b/arch/powerpc/platforms/pseries/ras.c index ef104144d4bc..14a46b07ab2f 100644 --- a/arch/powerpc/platforms/pseries/ras.c +++ b/arch/powerpc/platforms/pseries/ras.c @@ -22,6 +22,7 @@ #include <linux/of.h> #include <linux/fs.h> #include <linux/reboot.h> +#include <linux/irq_work.h> #include <asm/machdep.h> #include <asm/rtas.h> @@ -32,11 +33,13 @@ static unsigned char ras_log_buf[RTAS_ERROR_LOG_MAX]; static DEFINE_SPINLOCK(ras_log_buf_lock); -static char global_mce_data_buf[RTAS_ERROR_LOG_MAX]; -static DEFINE_PER_CPU(__u64, mce_data_buf); - static int ras_check_exception_token; +static void mce_process_errlog_event(struct irq_work *work); +static struct irq_work mce_errlog_process_work = { + .func = mce_process_errlog_event, +}; + #define EPOW_SENSOR_TOKEN 9 #define EPOW_SENSOR_INDEX 0 @@ -330,16 +333,20 @@ static irqreturn_t ras_error_interrupt(int irq, void *dev_id) ((((A) >= 0x7000) && ((A) < 0x7ff0)) || \ (((A) >= rtas.base) && ((A) < (rtas.base + rtas.size - 16)))) +static inline struct rtas_error_log *fwnmi_get_errlog(void) +{ + return (struct rtas_error_log *)local_paca->mce_data_buf; +} + /* * Get the error information for errors coming through the * FWNMI vectors. The pt_regs' r3 will be updated to reflect * the actual r3 if possible, and a ptr to the error log entry * will be returned if found. * - * If the RTAS error is not of the extended type, then we put it in a per - * cpu 64bit buffer. If it is the extended type we use global_mce_data_buf. + * Use one buffer mce_data_buf per cpu to store RTAS error. * - * The global_mce_data_buf does not have any locks or protection around it, + * The mce_data_buf does not have any locks or protection around it, * if a second machine check comes in, or a system reset is done * before we have logged the error, then we will get corruption in the * error log. This is preferable over holding off on calling @@ -349,7 +356,7 @@ static irqreturn_t ras_error_interrupt(int irq, void *dev_id) static struct rtas_error_log *fwnmi_get_errinfo(struct pt_regs *regs) { unsigned long *savep; - struct rtas_error_log *h, *errhdr = NULL; + struct rtas_error_log *h; /* Mask top two bits */ regs->gpr[3] &= ~(0x3UL << 62); @@ -362,22 +369,20 @@ static struct rtas_error_log *fwnmi_get_errinfo(struct pt_regs *regs) savep = __va(regs->gpr[3]); regs->gpr[3] = savep[0]; /* restore original r3 */ - /* If it isn't an extended log we can use the per cpu 64bit buffer */ h = (struct rtas_error_log *)&savep[1]; + /* Use the per cpu buffer from paca to store rtas error log */ + memset(local_paca->mce_data_buf, 0, RTAS_ERROR_LOG_MAX); if (!rtas_error_extended(h)) { - memcpy(this_cpu_ptr(&mce_data_buf), h, sizeof(__u64)); - errhdr = (struct rtas_error_log *)this_cpu_ptr(&mce_data_buf); + memcpy(local_paca->mce_data_buf, h, sizeof(__u64)); } else { int len, error_log_length; error_log_length = 8 + rtas_error_extended_log_length(h); len = min_t(int, error_log_length, RTAS_ERROR_LOG_MAX); - memset(global_mce_data_buf, 0, RTAS_ERROR_LOG_MAX); - memcpy(global_mce_data_buf, h, len); - errhdr = (struct rtas_error_log *)global_mce_data_buf; + memcpy(local_paca->mce_data_buf, h, len); } - return errhdr; + return (struct rtas_error_log *)local_paca->mce_data_buf; } /* Call this when done with the data returned by FWNMI_get_errinfo. @@ -422,6 +427,17 @@ int pSeries_system_reset_exception(struct pt_regs *regs) return 0; /* need to perform reset */ } +/* + * Process MCE rtas errlog event. + */ +static void mce_process_errlog_event(struct irq_work *work) +{ + struct rtas_error_log *err; + + err = fwnmi_get_errlog(); + log_error((char *)err, ERR_TYPE_RTAS_LOG, 0); +} + /* * See if we can recover from a machine check exception. * This is only called on power4 (or above) and only via @@ -466,7 +482,8 @@ static int recover_mce(struct pt_regs *regs, struct rtas_error_log *err) recovered = 1; } - log_error((char *)err, ERR_TYPE_RTAS_LOG, 0); + /* Queue irq work to log this rtas event later. */ + irq_work_queue(&mce_errlog_process_work); return recovered; } diff --git a/arch/powerpc/platforms/pseries/setup.c b/arch/powerpc/platforms/pseries/setup.c index 9948ad16f788..b411a74b861d 100644 --- a/arch/powerpc/platforms/pseries/setup.c +++ b/arch/powerpc/platforms/pseries/setup.c @@ -41,6 +41,7 @@ #include <linux/root_dev.h> #include <linux/of.h> #include <linux/of_pci.h> +#include <linux/memblock.h> #include <asm/mmu.h> #include <asm/processor.h> @@ -102,6 +103,9 @@ static void pSeries_show_cpuinfo(struct seq_file *m) static void __init fwnmi_init(void) { unsigned long system_reset_addr, machine_check_addr; + u8 *mce_data_buf; + unsigned int i; + int nr_cpus = num_possible_cpus(); int ibm_nmi_register = rtas_token("ibm,nmi-register"); if (ibm_nmi_register == RTAS_UNKNOWN_SERVICE) @@ -115,6 +119,18 @@ static void __init fwnmi_init(void) if (0 == rtas_call(ibm_nmi_register, 2, 1, NULL, system_reset_addr, machine_check_addr)) fwnmi_active = 1; + + /* + * Allocate a chunk for per cpu buffer to hold rtas errorlog. + * It will be used in real mode mce handler, hence it needs to be + * below RMA. + */ + mce_data_buf = __va(memblock_alloc_base(RTAS_ERROR_LOG_MAX * nr_cpus, + RTAS_ERROR_LOG_MAX, ppc64_rma_size)); + for_each_possible_cpu(i) { + paca_ptrs[i]->mce_data_buf = mce_data_buf + + (RTAS_ERROR_LOG_MAX * i); + } } static void pseries_8259_cascade(struct irq_desc *desc)

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] powerpc/pseries: Defer the logging of rtas error to irq work" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 94675cceacaec27a30eefb142c4c59a9d3131742 Mon Sep 17 00:00:00 2001 From: Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> Date: Wed, 4 Jul 2018 23:27:21 +0530 Subject: [PATCH] powerpc/pseries: Defer the logging of rtas error to irq work queue. rtas_log_buf is a buffer to hold RTAS event data that are communicated to kernel by hypervisor. This buffer is then used to pass RTAS event data to user through proc fs. This buffer is allocated from vmalloc (non-linear mapping) area. On Machine check interrupt, register r3 points to RTAS extended event log passed by hypervisor that contains the MCE event. The pseries machine check handler then logs this error into rtas_log_buf. The rtas_log_buf is a vmalloc-ed (non-linear) buffer we end up taking up a page fault (vector 0x300) while accessing it. Since machine check interrupt handler runs in NMI context we can not afford to take any page fault. Page faults are not honored in NMI context and causes kernel panic. Apart from that, as Nick pointed out, pSeries_log_error() also takes a spin_lock while logging error which is not safe in NMI context. It may endup in deadlock if we get another MCE before releasing the lock. Fix this by deferring the logging of rtas error to irq work queue. Current implementation uses two different buffers to hold rtas error log depending on whether extended log is provided or not. This makes bit difficult to identify which buffer has valid data that needs to logged later in irq work. Simplify this using single buffer, one per paca, and copy rtas log to it irrespective of whether extended log is provided or not. Allocate this buffer below RMA region so that it can be accessed in real mode mce handler. Fixes: b96672dd840f ("powerpc: Machine check interrupt is a non-maskable interrupt") Cc: stable(a)vger.kernel.org # v4.14+ Reviewed-by: Nicholas Piggin <npiggin(a)gmail.com> Signed-off-by: Mahesh Salgaonkar <mahesh(a)linux.vnet.ibm.com> Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au> diff --git a/arch/powerpc/include/asm/paca.h b/arch/powerpc/include/asm/paca.h index 4e9cede5a7e7..ad4f16164619 100644 --- a/arch/powerpc/include/asm/paca.h +++ b/arch/powerpc/include/asm/paca.h @@ -247,6 +247,9 @@ struct paca_struct { void *rfi_flush_fallback_area; u64 l1d_flush_size; #endif +#ifdef CONFIG_PPC_PSERIES + u8 *mce_data_buf; /* buffer to hold per cpu rtas errlog */ +#endif /* CONFIG_PPC_PSERIES */ } ____cacheline_aligned; extern void copy_mm_to_paca(struct mm_struct *mm); diff --git a/arch/powerpc/platforms/pseries/ras.c b/arch/powerpc/platforms/pseries/ras.c index ef104144d4bc..14a46b07ab2f 100644 --- a/arch/powerpc/platforms/pseries/ras.c +++ b/arch/powerpc/platforms/pseries/ras.c @@ -22,6 +22,7 @@ #include <linux/of.h> #include <linux/fs.h> #include <linux/reboot.h> +#include <linux/irq_work.h> #include <asm/machdep.h> #include <asm/rtas.h> @@ -32,11 +33,13 @@ static unsigned char ras_log_buf[RTAS_ERROR_LOG_MAX]; static DEFINE_SPINLOCK(ras_log_buf_lock); -static char global_mce_data_buf[RTAS_ERROR_LOG_MAX]; -static DEFINE_PER_CPU(__u64, mce_data_buf); - static int ras_check_exception_token; +static void mce_process_errlog_event(struct irq_work *work); +static struct irq_work mce_errlog_process_work = { + .func = mce_process_errlog_event, +}; + #define EPOW_SENSOR_TOKEN 9 #define EPOW_SENSOR_INDEX 0 @@ -330,16 +333,20 @@ static irqreturn_t ras_error_interrupt(int irq, void *dev_id) ((((A) >= 0x7000) && ((A) < 0x7ff0)) || \ (((A) >= rtas.base) && ((A) < (rtas.base + rtas.size - 16)))) +static inline struct rtas_error_log *fwnmi_get_errlog(void) +{ + return (struct rtas_error_log *)local_paca->mce_data_buf; +} + /* * Get the error information for errors coming through the * FWNMI vectors. The pt_regs' r3 will be updated to reflect * the actual r3 if possible, and a ptr to the error log entry * will be returned if found. * - * If the RTAS error is not of the extended type, then we put it in a per - * cpu 64bit buffer. If it is the extended type we use global_mce_data_buf. + * Use one buffer mce_data_buf per cpu to store RTAS error. * - * The global_mce_data_buf does not have any locks or protection around it, + * The mce_data_buf does not have any locks or protection around it, * if a second machine check comes in, or a system reset is done * before we have logged the error, then we will get corruption in the * error log. This is preferable over holding off on calling @@ -349,7 +356,7 @@ static irqreturn_t ras_error_interrupt(int irq, void *dev_id) static struct rtas_error_log *fwnmi_get_errinfo(struct pt_regs *regs) { unsigned long *savep; - struct rtas_error_log *h, *errhdr = NULL; + struct rtas_error_log *h; /* Mask top two bits */ regs->gpr[3] &= ~(0x3UL << 62); @@ -362,22 +369,20 @@ static struct rtas_error_log *fwnmi_get_errinfo(struct pt_regs *regs) savep = __va(regs->gpr[3]); regs->gpr[3] = savep[0]; /* restore original r3 */ - /* If it isn't an extended log we can use the per cpu 64bit buffer */ h = (struct rtas_error_log *)&savep[1]; + /* Use the per cpu buffer from paca to store rtas error log */ + memset(local_paca->mce_data_buf, 0, RTAS_ERROR_LOG_MAX); if (!rtas_error_extended(h)) { - memcpy(this_cpu_ptr(&mce_data_buf), h, sizeof(__u64)); - errhdr = (struct rtas_error_log *)this_cpu_ptr(&mce_data_buf); + memcpy(local_paca->mce_data_buf, h, sizeof(__u64)); } else { int len, error_log_length; error_log_length = 8 + rtas_error_extended_log_length(h); len = min_t(int, error_log_length, RTAS_ERROR_LOG_MAX); - memset(global_mce_data_buf, 0, RTAS_ERROR_LOG_MAX); - memcpy(global_mce_data_buf, h, len); - errhdr = (struct rtas_error_log *)global_mce_data_buf; + memcpy(local_paca->mce_data_buf, h, len); } - return errhdr; + return (struct rtas_error_log *)local_paca->mce_data_buf; } /* Call this when done with the data returned by FWNMI_get_errinfo. @@ -422,6 +427,17 @@ int pSeries_system_reset_exception(struct pt_regs *regs) return 0; /* need to perform reset */ } +/* + * Process MCE rtas errlog event. + */ +static void mce_process_errlog_event(struct irq_work *work) +{ + struct rtas_error_log *err; + + err = fwnmi_get_errlog(); + log_error((char *)err, ERR_TYPE_RTAS_LOG, 0); +} + /* * See if we can recover from a machine check exception. * This is only called on power4 (or above) and only via @@ -466,7 +482,8 @@ static int recover_mce(struct pt_regs *regs, struct rtas_error_log *err) recovered = 1; } - log_error((char *)err, ERR_TYPE_RTAS_LOG, 0); + /* Queue irq work to log this rtas event later. */ + irq_work_queue(&mce_errlog_process_work); return recovered; } diff --git a/arch/powerpc/platforms/pseries/setup.c b/arch/powerpc/platforms/pseries/setup.c index 9948ad16f788..b411a74b861d 100644 --- a/arch/powerpc/platforms/pseries/setup.c +++ b/arch/powerpc/platforms/pseries/setup.c @@ -41,6 +41,7 @@ #include <linux/root_dev.h> #include <linux/of.h> #include <linux/of_pci.h> +#include <linux/memblock.h> #include <asm/mmu.h> #include <asm/processor.h> @@ -102,6 +103,9 @@ static void pSeries_show_cpuinfo(struct seq_file *m) static void __init fwnmi_init(void) { unsigned long system_reset_addr, machine_check_addr; + u8 *mce_data_buf; + unsigned int i; + int nr_cpus = num_possible_cpus(); int ibm_nmi_register = rtas_token("ibm,nmi-register"); if (ibm_nmi_register == RTAS_UNKNOWN_SERVICE) @@ -115,6 +119,18 @@ static void __init fwnmi_init(void) if (0 == rtas_call(ibm_nmi_register, 2, 1, NULL, system_reset_addr, machine_check_addr)) fwnmi_active = 1; + + /* + * Allocate a chunk for per cpu buffer to hold rtas errorlog. + * It will be used in real mode mce handler, hence it needs to be + * below RMA. + */ + mce_data_buf = __va(memblock_alloc_base(RTAS_ERROR_LOG_MAX * nr_cpus, + RTAS_ERROR_LOG_MAX, ppc64_rma_size)); + for_each_possible_cpu(i) { + paca_ptrs[i]->mce_data_buf = mce_data_buf + + (RTAS_ERROR_LOG_MAX * i); + } } static void pseries_8259_cascade(struct irq_desc *desc)

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] powerpc/64s: Fix page table fragment refcount race vs" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 4231aba000f5a4583dd9f67057aadb68c3eca99d Mon Sep 17 00:00:00 2001 From: Nicholas Piggin <npiggin(a)gmail.com> Date: Fri, 27 Jul 2018 21:48:17 +1000 Subject: [PATCH] powerpc/64s: Fix page table fragment refcount race vs speculative references The page table fragment allocator uses the main page refcount racily with respect to speculative references. A customer observed a BUG due to page table page refcount underflow in the fragment allocator. This can be caused by the fragment allocator set_page_count stomping on a speculative reference, and then the speculative failure handler decrements the new reference, and the underflow eventually pops when the page tables are freed. Fix this by using a dedicated field in the struct page for the page table fragment allocator. Fixes: 5c1f6ee9a31c ("powerpc: Reduce PTE table memory wastage") Cc: stable(a)vger.kernel.org # v3.10+ Reviewed-by: Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> Signed-off-by: Nicholas Piggin <npiggin(a)gmail.com> Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au> diff --git a/arch/powerpc/mm/mmu_context_book3s64.c b/arch/powerpc/mm/mmu_context_book3s64.c index 8b24168ea8c4..4a892d894a0f 100644 --- a/arch/powerpc/mm/mmu_context_book3s64.c +++ b/arch/powerpc/mm/mmu_context_book3s64.c @@ -200,9 +200,9 @@ static void pte_frag_destroy(void *pte_frag) /* drop all the pending references */ count = ((unsigned long)pte_frag & ~PAGE_MASK) >> PTE_FRAG_SIZE_SHIFT; /* We allow PTE_FRAG_NR fragments from a PTE page */ - if (page_ref_sub_and_test(page, PTE_FRAG_NR - count)) { + if (atomic_sub_and_test(PTE_FRAG_NR - count, &page->pt_frag_refcount)) { pgtable_page_dtor(page); - free_unref_page(page); + __free_page(page); } } @@ -215,9 +215,9 @@ static void pmd_frag_destroy(void *pmd_frag) /* drop all the pending references */ count = ((unsigned long)pmd_frag & ~PAGE_MASK) >> PMD_FRAG_SIZE_SHIFT; /* We allow PTE_FRAG_NR fragments from a PTE page */ - if (page_ref_sub_and_test(page, PMD_FRAG_NR - count)) { + if (atomic_sub_and_test(PMD_FRAG_NR - count, &page->pt_frag_refcount)) { pgtable_pmd_page_dtor(page); - free_unref_page(page); + __free_page(page); } } diff --git a/arch/powerpc/mm/pgtable-book3s64.c b/arch/powerpc/mm/pgtable-book3s64.c index 4afbfbb64bfd..78d0b3d5ebad 100644 --- a/arch/powerpc/mm/pgtable-book3s64.c +++ b/arch/powerpc/mm/pgtable-book3s64.c @@ -270,6 +270,8 @@ static pmd_t *__alloc_for_pmdcache(struct mm_struct *mm) return NULL; } + atomic_set(&page->pt_frag_refcount, 1); + ret = page_address(page); /* * if we support only one fragment just return the @@ -285,7 +287,7 @@ static pmd_t *__alloc_for_pmdcache(struct mm_struct *mm) * count. */ if (likely(!mm->context.pmd_frag)) { - set_page_count(page, PMD_FRAG_NR); + atomic_set(&page->pt_frag_refcount, PMD_FRAG_NR); mm->context.pmd_frag = ret + PMD_FRAG_SIZE; } spin_unlock(&mm->page_table_lock); @@ -308,9 +310,10 @@ void pmd_fragment_free(unsigned long *pmd) { struct page *page = virt_to_page(pmd); - if (put_page_testzero(page)) { + BUG_ON(atomic_read(&page->pt_frag_refcount) <= 0); + if (atomic_dec_and_test(&page->pt_frag_refcount)) { pgtable_pmd_page_dtor(page); - free_unref_page(page); + __free_page(page); } } @@ -352,6 +355,7 @@ static pte_t *__alloc_for_ptecache(struct mm_struct *mm, int kernel) return NULL; } + atomic_set(&page->pt_frag_refcount, 1); ret = page_address(page); /* @@ -367,7 +371,7 @@ static pte_t *__alloc_for_ptecache(struct mm_struct *mm, int kernel) * count. */ if (likely(!mm->context.pte_frag)) { - set_page_count(page, PTE_FRAG_NR); + atomic_set(&page->pt_frag_refcount, PTE_FRAG_NR); mm->context.pte_frag = ret + PTE_FRAG_SIZE; } spin_unlock(&mm->page_table_lock); @@ -390,10 +394,11 @@ void pte_fragment_free(unsigned long *table, int kernel) { struct page *page = virt_to_page(table); - if (put_page_testzero(page)) { + BUG_ON(atomic_read(&page->pt_frag_refcount) <= 0); + if (atomic_dec_and_test(&page->pt_frag_refcount)) { if (!kernel) pgtable_page_dtor(page); - free_unref_page(page); + __free_page(page); } } diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h index 99ce070e7dcb..22651e124071 100644 --- a/include/linux/mm_types.h +++ b/include/linux/mm_types.h @@ -139,7 +139,10 @@ struct page { unsigned long _pt_pad_1; /* compound_head */ pgtable_t pmd_huge_pte; /* protected by page->ptl */ unsigned long _pt_pad_2; /* mapping */ - struct mm_struct *pt_mm; /* x86 pgds only */ + union { + struct mm_struct *pt_mm; /* x86 pgds only */ + atomic_t pt_frag_refcount; /* powerpc */ + }; #if ALLOC_SPLIT_PTLOCKS spinlock_t *ptl; #else

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] powerpc/64s: Fix page table fragment refcount race vs" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 4231aba000f5a4583dd9f67057aadb68c3eca99d Mon Sep 17 00:00:00 2001 From: Nicholas Piggin <npiggin(a)gmail.com> Date: Fri, 27 Jul 2018 21:48:17 +1000 Subject: [PATCH] powerpc/64s: Fix page table fragment refcount race vs speculative references The page table fragment allocator uses the main page refcount racily with respect to speculative references. A customer observed a BUG due to page table page refcount underflow in the fragment allocator. This can be caused by the fragment allocator set_page_count stomping on a speculative reference, and then the speculative failure handler decrements the new reference, and the underflow eventually pops when the page tables are freed. Fix this by using a dedicated field in the struct page for the page table fragment allocator. Fixes: 5c1f6ee9a31c ("powerpc: Reduce PTE table memory wastage") Cc: stable(a)vger.kernel.org # v3.10+ Reviewed-by: Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> Signed-off-by: Nicholas Piggin <npiggin(a)gmail.com> Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au> diff --git a/arch/powerpc/mm/mmu_context_book3s64.c b/arch/powerpc/mm/mmu_context_book3s64.c index 8b24168ea8c4..4a892d894a0f 100644 --- a/arch/powerpc/mm/mmu_context_book3s64.c +++ b/arch/powerpc/mm/mmu_context_book3s64.c @@ -200,9 +200,9 @@ static void pte_frag_destroy(void *pte_frag) /* drop all the pending references */ count = ((unsigned long)pte_frag & ~PAGE_MASK) >> PTE_FRAG_SIZE_SHIFT; /* We allow PTE_FRAG_NR fragments from a PTE page */ - if (page_ref_sub_and_test(page, PTE_FRAG_NR - count)) { + if (atomic_sub_and_test(PTE_FRAG_NR - count, &page->pt_frag_refcount)) { pgtable_page_dtor(page); - free_unref_page(page); + __free_page(page); } } @@ -215,9 +215,9 @@ static void pmd_frag_destroy(void *pmd_frag) /* drop all the pending references */ count = ((unsigned long)pmd_frag & ~PAGE_MASK) >> PMD_FRAG_SIZE_SHIFT; /* We allow PTE_FRAG_NR fragments from a PTE page */ - if (page_ref_sub_and_test(page, PMD_FRAG_NR - count)) { + if (atomic_sub_and_test(PMD_FRAG_NR - count, &page->pt_frag_refcount)) { pgtable_pmd_page_dtor(page); - free_unref_page(page); + __free_page(page); } } diff --git a/arch/powerpc/mm/pgtable-book3s64.c b/arch/powerpc/mm/pgtable-book3s64.c index 4afbfbb64bfd..78d0b3d5ebad 100644 --- a/arch/powerpc/mm/pgtable-book3s64.c +++ b/arch/powerpc/mm/pgtable-book3s64.c @@ -270,6 +270,8 @@ static pmd_t *__alloc_for_pmdcache(struct mm_struct *mm) return NULL; } + atomic_set(&page->pt_frag_refcount, 1); + ret = page_address(page); /* * if we support only one fragment just return the @@ -285,7 +287,7 @@ static pmd_t *__alloc_for_pmdcache(struct mm_struct *mm) * count. */ if (likely(!mm->context.pmd_frag)) { - set_page_count(page, PMD_FRAG_NR); + atomic_set(&page->pt_frag_refcount, PMD_FRAG_NR); mm->context.pmd_frag = ret + PMD_FRAG_SIZE; } spin_unlock(&mm->page_table_lock); @@ -308,9 +310,10 @@ void pmd_fragment_free(unsigned long *pmd) { struct page *page = virt_to_page(pmd); - if (put_page_testzero(page)) { + BUG_ON(atomic_read(&page->pt_frag_refcount) <= 0); + if (atomic_dec_and_test(&page->pt_frag_refcount)) { pgtable_pmd_page_dtor(page); - free_unref_page(page); + __free_page(page); } } @@ -352,6 +355,7 @@ static pte_t *__alloc_for_ptecache(struct mm_struct *mm, int kernel) return NULL; } + atomic_set(&page->pt_frag_refcount, 1); ret = page_address(page); /* @@ -367,7 +371,7 @@ static pte_t *__alloc_for_ptecache(struct mm_struct *mm, int kernel) * count. */ if (likely(!mm->context.pte_frag)) { - set_page_count(page, PTE_FRAG_NR); + atomic_set(&page->pt_frag_refcount, PTE_FRAG_NR); mm->context.pte_frag = ret + PTE_FRAG_SIZE; } spin_unlock(&mm->page_table_lock); @@ -390,10 +394,11 @@ void pte_fragment_free(unsigned long *table, int kernel) { struct page *page = virt_to_page(table); - if (put_page_testzero(page)) { + BUG_ON(atomic_read(&page->pt_frag_refcount) <= 0); + if (atomic_dec_and_test(&page->pt_frag_refcount)) { if (!kernel) pgtable_page_dtor(page); - free_unref_page(page); + __free_page(page); } } diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h index 99ce070e7dcb..22651e124071 100644 --- a/include/linux/mm_types.h +++ b/include/linux/mm_types.h @@ -139,7 +139,10 @@ struct page { unsigned long _pt_pad_1; /* compound_head */ pgtable_t pmd_huge_pte; /* protected by page->ptl */ unsigned long _pt_pad_2; /* mapping */ - struct mm_struct *pt_mm; /* x86 pgds only */ + union { + struct mm_struct *pt_mm; /* x86 pgds only */ + atomic_t pt_frag_refcount; /* powerpc */ + }; #if ALLOC_SPLIT_PTLOCKS spinlock_t *ptl; #else

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] powerpc/64s: Fix page table fragment refcount race vs" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 4231aba000f5a4583dd9f67057aadb68c3eca99d Mon Sep 17 00:00:00 2001 From: Nicholas Piggin <npiggin(a)gmail.com> Date: Fri, 27 Jul 2018 21:48:17 +1000 Subject: [PATCH] powerpc/64s: Fix page table fragment refcount race vs speculative references The page table fragment allocator uses the main page refcount racily with respect to speculative references. A customer observed a BUG due to page table page refcount underflow in the fragment allocator. This can be caused by the fragment allocator set_page_count stomping on a speculative reference, and then the speculative failure handler decrements the new reference, and the underflow eventually pops when the page tables are freed. Fix this by using a dedicated field in the struct page for the page table fragment allocator. Fixes: 5c1f6ee9a31c ("powerpc: Reduce PTE table memory wastage") Cc: stable(a)vger.kernel.org # v3.10+ Reviewed-by: Aneesh Kumar K.V <aneesh.kumar(a)linux.ibm.com> Signed-off-by: Nicholas Piggin <npiggin(a)gmail.com> Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au> diff --git a/arch/powerpc/mm/mmu_context_book3s64.c b/arch/powerpc/mm/mmu_context_book3s64.c index 8b24168ea8c4..4a892d894a0f 100644 --- a/arch/powerpc/mm/mmu_context_book3s64.c +++ b/arch/powerpc/mm/mmu_context_book3s64.c @@ -200,9 +200,9 @@ static void pte_frag_destroy(void *pte_frag) /* drop all the pending references */ count = ((unsigned long)pte_frag & ~PAGE_MASK) >> PTE_FRAG_SIZE_SHIFT; /* We allow PTE_FRAG_NR fragments from a PTE page */ - if (page_ref_sub_and_test(page, PTE_FRAG_NR - count)) { + if (atomic_sub_and_test(PTE_FRAG_NR - count, &page->pt_frag_refcount)) { pgtable_page_dtor(page); - free_unref_page(page); + __free_page(page); } } @@ -215,9 +215,9 @@ static void pmd_frag_destroy(void *pmd_frag) /* drop all the pending references */ count = ((unsigned long)pmd_frag & ~PAGE_MASK) >> PMD_FRAG_SIZE_SHIFT; /* We allow PTE_FRAG_NR fragments from a PTE page */ - if (page_ref_sub_and_test(page, PMD_FRAG_NR - count)) { + if (atomic_sub_and_test(PMD_FRAG_NR - count, &page->pt_frag_refcount)) { pgtable_pmd_page_dtor(page); - free_unref_page(page); + __free_page(page); } } diff --git a/arch/powerpc/mm/pgtable-book3s64.c b/arch/powerpc/mm/pgtable-book3s64.c index 4afbfbb64bfd..78d0b3d5ebad 100644 --- a/arch/powerpc/mm/pgtable-book3s64.c +++ b/arch/powerpc/mm/pgtable-book3s64.c @@ -270,6 +270,8 @@ static pmd_t *__alloc_for_pmdcache(struct mm_struct *mm) return NULL; } + atomic_set(&page->pt_frag_refcount, 1); + ret = page_address(page); /* * if we support only one fragment just return the @@ -285,7 +287,7 @@ static pmd_t *__alloc_for_pmdcache(struct mm_struct *mm) * count. */ if (likely(!mm->context.pmd_frag)) { - set_page_count(page, PMD_FRAG_NR); + atomic_set(&page->pt_frag_refcount, PMD_FRAG_NR); mm->context.pmd_frag = ret + PMD_FRAG_SIZE; } spin_unlock(&mm->page_table_lock); @@ -308,9 +310,10 @@ void pmd_fragment_free(unsigned long *pmd) { struct page *page = virt_to_page(pmd); - if (put_page_testzero(page)) { + BUG_ON(atomic_read(&page->pt_frag_refcount) <= 0); + if (atomic_dec_and_test(&page->pt_frag_refcount)) { pgtable_pmd_page_dtor(page); - free_unref_page(page); + __free_page(page); } } @@ -352,6 +355,7 @@ static pte_t *__alloc_for_ptecache(struct mm_struct *mm, int kernel) return NULL; } + atomic_set(&page->pt_frag_refcount, 1); ret = page_address(page); /* @@ -367,7 +371,7 @@ static pte_t *__alloc_for_ptecache(struct mm_struct *mm, int kernel) * count. */ if (likely(!mm->context.pte_frag)) { - set_page_count(page, PTE_FRAG_NR); + atomic_set(&page->pt_frag_refcount, PTE_FRAG_NR); mm->context.pte_frag = ret + PTE_FRAG_SIZE; } spin_unlock(&mm->page_table_lock); @@ -390,10 +394,11 @@ void pte_fragment_free(unsigned long *table, int kernel) { struct page *page = virt_to_page(table); - if (put_page_testzero(page)) { + BUG_ON(atomic_read(&page->pt_frag_refcount) <= 0); + if (atomic_dec_and_test(&page->pt_frag_refcount)) { if (!kernel) pgtable_page_dtor(page); - free_unref_page(page); + __free_page(page); } } diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h index 99ce070e7dcb..22651e124071 100644 --- a/include/linux/mm_types.h +++ b/include/linux/mm_types.h @@ -139,7 +139,10 @@ struct page { unsigned long _pt_pad_1; /* compound_head */ pgtable_t pmd_huge_pte; /* protected by page->ptl */ unsigned long _pt_pad_2; /* mapping */ - struct mm_struct *pt_mm; /* x86 pgds only */ + union { + struct mm_struct *pt_mm; /* x86 pgds only */ + atomic_t pt_frag_refcount; /* powerpc */ + }; #if ALLOC_SPLIT_PTLOCKS spinlock_t *ptl; #else

7 years, 1 month

1
0
0 0

[PATCH for 4.4 1/1] x86/mm/pat: Fix L1TF stable backport for CPA, 2nd call

by Jiri Slaby

From: Andi Kleen <ak(a)linux.intel.com> Mostly recycling the commit log from adaba23ccd7d which fixed populate_pmd, but did not fix populate_pud. The same problem exists there. Stable trees reverted the following patch: Revert "x86/mm/pat: Ensure cpa->pfn only contains page frame numbers" This reverts commit 87e2bd898d3a79a8c609f183180adac47879a2a4 which is commit edc3b9129cecd0f0857112136f5b8b1bc1d45918 upstream. but the L1TF patch 02ff2769edbc backported here x86/mm/pat: Make set_memory_np() L1TF safe commit 958f79b9ee55dfaf00c8106ed1c22a2919e0028b upstream set_memory_np() is used to mark kernel mappings not present, but it has it's own open coded mechanism which does not have the L1TF protection of inverting the address bits. assumed that cpa->pfn contains a PFN. With the above patch reverted it does not, which causes the PUD to be set to an incorrect address shifted by 12 bits, which can cause various failures. Convert the address to a PFN before passing it to pud_pfn(). This is a 4.4 stable only patch to fix the L1TF patches backport there. Cc: stable(a)vger.kernel.org # 4.4-only Cc: Andi Kleen <ak(a)linux.intel.com> Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> --- arch/x86/mm/pageattr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c index 1007fa80f5a6..0e1dd7d47f05 100644 --- a/arch/x86/mm/pageattr.c +++ b/arch/x86/mm/pageattr.c @@ -1079,7 +1079,7 @@ static int populate_pud(struct cpa_data *cpa, unsigned long start, pgd_t *pgd, * Map everything starting from the Gb boundary, possibly with 1G pages */ while (end - start >= PUD_SIZE) { - set_pud(pud, pud_mkhuge(pfn_pud(cpa->pfn, + set_pud(pud, pud_mkhuge(pfn_pud(cpa->pfn >> PAGE_SHIFT, canon_pgprot(pud_pgprot)))); start += PUD_SIZE; -- 2.18.0

7 years, 1 month

1
1
0 0

FAILED: patch "[PATCH] libertas: fix suspend and resume for SDIO connected cards" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 7444a8092906ed44c09459780c56ba57043e39b1 Mon Sep 17 00:00:00 2001 From: Daniel Mack <daniel(a)zonque.org> Date: Wed, 27 Jun 2018 20:58:45 +0200 Subject: [PATCH] libertas: fix suspend and resume for SDIO connected cards Prior to commit 573185cc7e64 ("mmc: core: Invoke sdio func driver's PM callbacks from the sdio bus"), the MMC core used to call into the power management functions of SDIO clients itself and removed the card if the return code was non-zero. IOW, the mmc handled errors gracefully and didn't upchain them to the pm core. Since this change, the mmc core relies on generic power management functions which treat all errors as a reason to cancel the suspend immediately. This causes suspend attempts to fail when the libertas driver is loaded. To fix this, power down the card explicitly in if_sdio_suspend() when we know we're about to lose power and return success. Also set a flag in these cases, and power up the card again in if_sdio_resume(). Fixes: 573185cc7e64 ("mmc: core: Invoke sdio func driver's PM callbacks from the sdio bus") Cc: <stable(a)vger.kernel.org> Signed-off-by: Daniel Mack <daniel(a)zonque.org> Reviewed-by: Chris Ball <chris(a)printf.net> Reviewed-by: Ulf Hansson <ulf.hansson(a)linaro.org> Signed-off-by: Kalle Valo <kvalo(a)codeaurora.org> diff --git a/drivers/net/wireless/marvell/libertas/dev.h b/drivers/net/wireless/marvell/libertas/dev.h index dd1ee1f0af48..469134930026 100644 --- a/drivers/net/wireless/marvell/libertas/dev.h +++ b/drivers/net/wireless/marvell/libertas/dev.h @@ -104,6 +104,7 @@ struct lbs_private { u8 fw_ready; u8 surpriseremoved; u8 setup_fw_on_resume; + u8 power_up_on_resume; int (*hw_host_to_card) (struct lbs_private *priv, u8 type, u8 *payload, u16 nb); void (*reset_card) (struct lbs_private *priv); int (*power_save) (struct lbs_private *priv); diff --git a/drivers/net/wireless/marvell/libertas/if_sdio.c b/drivers/net/wireless/marvell/libertas/if_sdio.c index 2300e796c6ab..43743c26c071 100644 --- a/drivers/net/wireless/marvell/libertas/if_sdio.c +++ b/drivers/net/wireless/marvell/libertas/if_sdio.c @@ -1290,15 +1290,23 @@ static void if_sdio_remove(struct sdio_func *func) static int if_sdio_suspend(struct device *dev) { struct sdio_func *func = dev_to_sdio_func(dev); - int ret; struct if_sdio_card *card = sdio_get_drvdata(func); + struct lbs_private *priv = card->priv; + int ret; mmc_pm_flag_t flags = sdio_get_host_pm_caps(func); + priv->power_up_on_resume = false; /* If we're powered off anyway, just let the mmc layer remove the * card. */ - if (!lbs_iface_active(card->priv)) - return -ENOSYS; + if (!lbs_iface_active(priv)) { + if (priv->fw_ready) { + priv->power_up_on_resume = true; + if_sdio_power_off(card); + } + + return 0; + } dev_info(dev, "%s: suspend: PM flags = 0x%x\n", sdio_func_id(func), flags); @@ -1306,9 +1314,14 @@ static int if_sdio_suspend(struct device *dev) /* If we aren't being asked to wake on anything, we should bail out * and let the SD stack power down the card. */ - if (card->priv->wol_criteria == EHS_REMOVE_WAKEUP) { + if (priv->wol_criteria == EHS_REMOVE_WAKEUP) { dev_info(dev, "Suspend without wake params -- powering down card\n"); - return -ENOSYS; + if (priv->fw_ready) { + priv->power_up_on_resume = true; + if_sdio_power_off(card); + } + + return 0; } if (!(flags & MMC_PM_KEEP_POWER)) { @@ -1321,7 +1334,7 @@ static int if_sdio_suspend(struct device *dev) if (ret) return ret; - ret = lbs_suspend(card->priv); + ret = lbs_suspend(priv); if (ret) return ret; @@ -1336,6 +1349,11 @@ static int if_sdio_resume(struct device *dev) dev_info(dev, "%s: resume: we're back\n", sdio_func_id(func)); + if (card->priv->power_up_on_resume) { + if_sdio_power_on(card); + wait_event(card->pwron_waitq, card->priv->fw_ready); + } + ret = lbs_resume(card->priv); return ret;

7 years, 1 month

1
0
0 0

[PATCH] drm/i915/userptr: reject zero user_size

by Loic

Hello, Tested without any problem so please picked up this. From: Matthew Auld [ Upstream commit c11c7bfd213495784b22ef82a69b6489f8d0092f ] Operating on a zero sized GEM userptr object will lead to explosions. Fixes: 5cc9ed4b9a7a ("drm/i915: Introduce mapping of user pages into video memory (userptr) ioctl") Testcase: igt/gem_userptr_blits/input-checking Signed-off-by: Matthew Auld <matthew.auld(a)intel.com> Cc: Chris Wilson <chris(a)chris-wilson.co.uk> Reviewed-by: Chris Wilson <chris(a)chris-wilson.co.uk> Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Link: https://patchwork.freedesktop.org/patch/msgid/20180502195021.30900-1-matthe… --- drivers/gpu/drm/i915/i915_gem_userptr.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/gpu/drm/i915/i915_gem_userptr.c b/drivers/gpu/drm/i915/i915_gem_userptr.c index d596a8302ca3c..854bd51b9478a 100644 --- a/drivers/gpu/drm/i915/i915_gem_userptr.c +++ b/drivers/gpu/drm/i915/i915_gem_userptr.c @@ -778,6 +778,9 @@ i915_gem_userptr_ioctl(struct drm_device *dev, I915_USERPTR_UNSYNCHRONIZED)) return -EINVAL; + if (!args->user_size) + return -EINVAL; + if (offset_in_page(args->user_ptr | args->user_size)) return -EINVAL; -- 2.17.1

7 years, 1 month

2
3
0 0

[PATCH v2] usb: xhci: fix interrupt transfer error happened on MTK platforms

by Chunfeng Yun

The MTK xHCI controller use some reserved bytes in endpoint context for bandwidth scheduling, so need keep them in xhci_endpoint_copy(); The issue is introduced by: commit f5249461b504 ("xhci: Clear the host side toggle manually when endpoint is soft reset") It resets endpoints and will drop bandwidth scheduling parameters used by interrupt or isochronous endpoints on MTK xHCI controller. Fixes: f5249461b504 ("xhci: Clear the host side toggle manually when endpoint is soft reset") Cc: stable(a)vger.kernel.org Signed-off-by: Chunfeng Yun <chunfeng.yun(a)mediatek.com> Tested-by: Sean Wang <sean.wang(a)mediatek.com> --- v2: add fix tag, Cc and Tested-by --- drivers/usb/host/xhci-mem.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/usb/host/xhci-mem.c b/drivers/usb/host/xhci-mem.c index ef350c3..b1f27aa 100644 --- a/drivers/usb/host/xhci-mem.c +++ b/drivers/usb/host/xhci-mem.c @@ -1613,6 +1613,10 @@ void xhci_endpoint_copy(struct xhci_hcd *xhci, in_ep_ctx->ep_info2 = out_ep_ctx->ep_info2; in_ep_ctx->deq = out_ep_ctx->deq; in_ep_ctx->tx_info = out_ep_ctx->tx_info; + if (xhci->quirks & XHCI_MTK_HOST) { + in_ep_ctx->reserved[0] = out_ep_ctx->reserved[0]; + in_ep_ctx->reserved[1] = out_ep_ctx->reserved[1]; + } } /* Copy output xhci_slot_ctx to the input xhci_slot_ctx. -- 1.9.1

7 years, 1 month

2
3
0 0

FAILED: patch "[PATCH] bcache: set max writeback rate when I/O request is idle" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From ea8c5356d39048bc94bae068228f51ddbecc6b89 Mon Sep 17 00:00:00 2001 From: Coly Li <colyli(a)suse.de> Date: Thu, 9 Aug 2018 15:48:49 +0800 Subject: [PATCH] bcache: set max writeback rate when I/O request is idle Commit b1092c9af9ed ("bcache: allow quick writeback when backing idle") allows the writeback rate to be faster if there is no I/O request on a bcache device. It works well if there is only one bcache device attached to the cache set. If there are many bcache devices attached to a cache set, it may introduce performance regression because multiple faster writeback threads of the idle bcache devices will compete the btree level locks with the bcache device who have I/O requests coming. This patch fixes the above issue by only permitting fast writebac when all bcache devices attached on the cache set are idle. And if one of the bcache devices has new I/O request coming, minimized all writeback throughput immediately and let PI controller __update_writeback_rate() to decide the upcoming writeback rate for each bcache device. Also when all bcache devices are idle, limited wrieback rate to a small number is wast of thoughput, especially when backing devices are slower non-rotation devices (e.g. SATA SSD). This patch sets a max writeback rate for each backing device if the whole cache set is idle. A faster writeback rate in idle time means new I/Os may have more available space for dirty data, and people may observe a better write performance then. Please note bcache may change its cache mode in run time, and this patch still works if the cache mode is switched from writeback mode and there is still dirty data on cache. Fixes: Commit b1092c9af9ed ("bcache: allow quick writeback when backing idle") Cc: stable(a)vger.kernel.org #4.16+ Signed-off-by: Coly Li <colyli(a)suse.de> Tested-by: Kai Krakow <kai(a)kaishome.de> Tested-by: Stefan Priebe <s.priebe(a)profihost.ag> Cc: Michael Lyle <mlyle(a)lyle.org> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/drivers/md/bcache/bcache.h b/drivers/md/bcache/bcache.h index b393b3fd06b6..05f82ff6f016 100644 --- a/drivers/md/bcache/bcache.h +++ b/drivers/md/bcache/bcache.h @@ -328,13 +328,6 @@ struct cached_dev { */ atomic_t has_dirty; - /* - * Set to zero by things that touch the backing volume-- except - * writeback. Incremented by writeback. Used to determine when to - * accelerate idle writeback. - */ - atomic_t backing_idle; - struct bch_ratelimit writeback_rate; struct delayed_work writeback_rate_update; @@ -515,6 +508,8 @@ struct cache_set { struct cache_accounting accounting; unsigned long flags; + atomic_t idle_counter; + atomic_t at_max_writeback_rate; struct cache_sb sb; @@ -524,6 +519,7 @@ struct cache_set { struct bcache_device **devices; unsigned devices_max_used; + atomic_t attached_dev_nr; struct list_head cached_devs; uint64_t cached_dev_sectors; atomic_long_t flash_dev_dirty_sectors; diff --git a/drivers/md/bcache/request.c b/drivers/md/bcache/request.c index 914d501ad1e0..7dbe8b6316a0 100644 --- a/drivers/md/bcache/request.c +++ b/drivers/md/bcache/request.c @@ -1103,6 +1103,44 @@ static void detached_dev_do_request(struct bcache_device *d, struct bio *bio) generic_make_request(bio); } +static void quit_max_writeback_rate(struct cache_set *c, + struct cached_dev *this_dc) +{ + int i; + struct bcache_device *d; + struct cached_dev *dc; + + /* + * mutex bch_register_lock may compete with other parallel requesters, + * or attach/detach operations on other backing device. Waiting to + * the mutex lock may increase I/O request latency for seconds or more. + * To avoid such situation, if mutext_trylock() failed, only writeback + * rate of current cached device is set to 1, and __update_write_back() + * will decide writeback rate of other cached devices (remember now + * c->idle_counter is 0 already). + */ + if (mutex_trylock(&bch_register_lock)) { + for (i = 0; i < c->devices_max_used; i++) { + if (!c->devices[i]) + continue; + + if (UUID_FLASH_ONLY(&c->uuids[i])) + continue; + + d = c->devices[i]; + dc = container_of(d, struct cached_dev, disk); + /* + * set writeback rate to default minimum value, + * then let update_writeback_rate() to decide the + * upcoming rate. + */ + atomic_long_set(&dc->writeback_rate.rate, 1); + } + mutex_unlock(&bch_register_lock); + } else + atomic_long_set(&this_dc->writeback_rate.rate, 1); +} + /* Cached devices - read & write stuff */ static blk_qc_t cached_dev_make_request(struct request_queue *q, @@ -1120,8 +1158,25 @@ static blk_qc_t cached_dev_make_request(struct request_queue *q, return BLK_QC_T_NONE; } - atomic_set(&dc->backing_idle, 0); - generic_start_io_acct(q, bio_op(bio), bio_sectors(bio), &d->disk->part0); + if (likely(d->c)) { + if (atomic_read(&d->c->idle_counter)) + atomic_set(&d->c->idle_counter, 0); + /* + * If at_max_writeback_rate of cache set is true and new I/O + * comes, quit max writeback rate of all cached devices + * attached to this cache set, and set at_max_writeback_rate + * to false. + */ + if (unlikely(atomic_read(&d->c->at_max_writeback_rate) == 1)) { + atomic_set(&d->c->at_max_writeback_rate, 0); + quit_max_writeback_rate(d->c, dc); + } + } + + generic_start_io_acct(q, + bio_op(bio), + bio_sectors(bio), + &d->disk->part0); bio_set_dev(bio, dc->bdev); bio->bi_iter.bi_sector += dc->sb.data_offset; diff --git a/drivers/md/bcache/super.c b/drivers/md/bcache/super.c index 1e85cbb4c159..55a37641aa95 100644 --- a/drivers/md/bcache/super.c +++ b/drivers/md/bcache/super.c @@ -696,6 +696,8 @@ static void bcache_device_detach(struct bcache_device *d) { lockdep_assert_held(&bch_register_lock); + atomic_dec(&d->c->attached_dev_nr); + if (test_bit(BCACHE_DEV_DETACHING, &d->flags)) { struct uuid_entry *u = d->c->uuids + d->id; @@ -1144,6 +1146,7 @@ int bch_cached_dev_attach(struct cached_dev *dc, struct cache_set *c, bch_cached_dev_run(dc); bcache_device_link(&dc->disk, c, "bdev"); + atomic_inc(&c->attached_dev_nr); /* Allow the writeback thread to proceed */ up_write(&dc->writeback_lock); @@ -1696,6 +1699,7 @@ struct cache_set *bch_cache_set_alloc(struct cache_sb *sb) c->block_bits = ilog2(sb->block_size); c->nr_uuids = bucket_bytes(c) / sizeof(struct uuid_entry); c->devices_max_used = 0; + atomic_set(&c->attached_dev_nr, 0); c->btree_pages = bucket_pages(c); if (c->btree_pages > BTREE_MAX_PAGES) c->btree_pages = max_t(int, c->btree_pages / 4, diff --git a/drivers/md/bcache/sysfs.c b/drivers/md/bcache/sysfs.c index 3e9d3459a224..6e88142514fb 100644 --- a/drivers/md/bcache/sysfs.c +++ b/drivers/md/bcache/sysfs.c @@ -171,7 +171,8 @@ SHOW(__bch_cached_dev) var_printf(writeback_running, "%i"); var_print(writeback_delay); var_print(writeback_percent); - sysfs_hprint(writeback_rate, wb ? dc->writeback_rate.rate << 9 : 0); + sysfs_hprint(writeback_rate, + wb ? atomic_long_read(&dc->writeback_rate.rate) << 9 : 0); sysfs_hprint(io_errors, atomic_read(&dc->io_errors)); sysfs_printf(io_error_limit, "%i", dc->error_limit); sysfs_printf(io_disable, "%i", dc->io_disable); @@ -193,7 +194,9 @@ SHOW(__bch_cached_dev) * Except for dirty and target, other values should * be 0 if writeback is not running. */ - bch_hprint(rate, wb ? dc->writeback_rate.rate << 9 : 0); + bch_hprint(rate, + wb ? atomic_long_read(&dc->writeback_rate.rate) << 9 + : 0); bch_hprint(dirty, bcache_dev_sectors_dirty(&dc->disk) << 9); bch_hprint(target, dc->writeback_rate_target << 9); bch_hprint(proportional, @@ -261,8 +264,12 @@ STORE(__cached_dev) sysfs_strtoul_clamp(writeback_percent, dc->writeback_percent, 0, 40); - sysfs_strtoul_clamp(writeback_rate, - dc->writeback_rate.rate, 1, INT_MAX); + if (attr == &sysfs_writeback_rate) { + int v; + + sysfs_strtoul_clamp(writeback_rate, v, 1, INT_MAX); + atomic_long_set(&dc->writeback_rate.rate, v); + } sysfs_strtoul_clamp(writeback_rate_update_seconds, dc->writeback_rate_update_seconds, diff --git a/drivers/md/bcache/util.c b/drivers/md/bcache/util.c index fc479b026d6d..b15256bcf0e7 100644 --- a/drivers/md/bcache/util.c +++ b/drivers/md/bcache/util.c @@ -200,7 +200,7 @@ uint64_t bch_next_delay(struct bch_ratelimit *d, uint64_t done) { uint64_t now = local_clock(); - d->next += div_u64(done * NSEC_PER_SEC, d->rate); + d->next += div_u64(done * NSEC_PER_SEC, atomic_long_read(&d->rate)); /* Bound the time. Don't let us fall further than 2 seconds behind * (this prevents unnecessary backlog that would make it impossible diff --git a/drivers/md/bcache/util.h b/drivers/md/bcache/util.h index cced87f8eb27..f7b0133c9d2f 100644 --- a/drivers/md/bcache/util.h +++ b/drivers/md/bcache/util.h @@ -442,7 +442,7 @@ struct bch_ratelimit { * Rate at which we want to do work, in units per second * The units here correspond to the units passed to bch_next_delay() */ - uint32_t rate; + atomic_long_t rate; }; static inline void bch_ratelimit_reset(struct bch_ratelimit *d) diff --git a/drivers/md/bcache/writeback.c b/drivers/md/bcache/writeback.c index 912e969fedba..481d4cf38ac0 100644 --- a/drivers/md/bcache/writeback.c +++ b/drivers/md/bcache/writeback.c @@ -104,11 +104,56 @@ static void __update_writeback_rate(struct cached_dev *dc) dc->writeback_rate_proportional = proportional_scaled; dc->writeback_rate_integral_scaled = integral_scaled; - dc->writeback_rate_change = new_rate - dc->writeback_rate.rate; - dc->writeback_rate.rate = new_rate; + dc->writeback_rate_change = new_rate - + atomic_long_read(&dc->writeback_rate.rate); + atomic_long_set(&dc->writeback_rate.rate, new_rate); dc->writeback_rate_target = target; } +static bool set_at_max_writeback_rate(struct cache_set *c, + struct cached_dev *dc) +{ + /* + * Idle_counter is increased everytime when update_writeback_rate() is + * called. If all backing devices attached to the same cache set have + * identical dc->writeback_rate_update_seconds values, it is about 6 + * rounds of update_writeback_rate() on each backing device before + * c->at_max_writeback_rate is set to 1, and then max wrteback rate set + * to each dc->writeback_rate.rate. + * In order to avoid extra locking cost for counting exact dirty cached + * devices number, c->attached_dev_nr is used to calculate the idle + * throushold. It might be bigger if not all cached device are in write- + * back mode, but it still works well with limited extra rounds of + * update_writeback_rate(). + */ + if (atomic_inc_return(&c->idle_counter) < + atomic_read(&c->attached_dev_nr) * 6) + return false; + + if (atomic_read(&c->at_max_writeback_rate) != 1) + atomic_set(&c->at_max_writeback_rate, 1); + + atomic_long_set(&dc->writeback_rate.rate, INT_MAX); + + /* keep writeback_rate_target as existing value */ + dc->writeback_rate_proportional = 0; + dc->writeback_rate_integral_scaled = 0; + dc->writeback_rate_change = 0; + + /* + * Check c->idle_counter and c->at_max_writeback_rate agagain in case + * new I/O arrives during before set_at_max_writeback_rate() returns. + * Then the writeback rate is set to 1, and its new value should be + * decided via __update_writeback_rate(). + */ + if ((atomic_read(&c->idle_counter) < + atomic_read(&c->attached_dev_nr) * 6) || + !atomic_read(&c->at_max_writeback_rate)) + return false; + + return true; +} + static void update_writeback_rate(struct work_struct *work) { struct cached_dev *dc = container_of(to_delayed_work(work), @@ -136,13 +181,20 @@ static void update_writeback_rate(struct work_struct *work) return; } - down_read(&dc->writeback_lock); - - if (atomic_read(&dc->has_dirty) && - dc->writeback_percent) - __update_writeback_rate(dc); + if (atomic_read(&dc->has_dirty) && dc->writeback_percent) { + /* + * If the whole cache set is idle, set_at_max_writeback_rate() + * will set writeback rate to a max number. Then it is + * unncessary to update writeback rate for an idle cache set + * in maximum writeback rate number(s). + */ + if (!set_at_max_writeback_rate(c, dc)) { + down_read(&dc->writeback_lock); + __update_writeback_rate(dc); + up_read(&dc->writeback_lock); + } + } - up_read(&dc->writeback_lock); /* * CACHE_SET_IO_DISABLE might be set via sysfs interface, @@ -422,27 +474,6 @@ static void read_dirty(struct cached_dev *dc) delay = writeback_delay(dc, size); - /* If the control system would wait for at least half a - * second, and there's been no reqs hitting the backing disk - * for awhile: use an alternate mode where we have at most - * one contiguous set of writebacks in flight at a time. If - * someone wants to do IO it will be quick, as it will only - * have to contend with one operation in flight, and we'll - * be round-tripping data to the backing disk as quickly as - * it can accept it. - */ - if (delay >= HZ / 2) { - /* 3 means at least 1.5 seconds, up to 7.5 if we - * have slowed way down. - */ - if (atomic_inc_return(&dc->backing_idle) >= 3) { - /* Wait for current I/Os to finish */ - closure_sync(&cl); - /* And immediately launch a new set. */ - delay = 0; - } - } - while (!kthread_should_stop() && !test_bit(CACHE_SET_IO_DISABLE, &dc->disk.c->flags) && delay) { @@ -741,7 +772,7 @@ void bch_cached_dev_writeback_init(struct cached_dev *dc) dc->writeback_running = true; dc->writeback_percent = 10; dc->writeback_delay = 30; - dc->writeback_rate.rate = 1024; + atomic_long_set(&dc->writeback_rate.rate, 1024); dc->writeback_rate_minimum = 8; dc->writeback_rate_update_seconds = WRITEBACK_RATE_UPDATE_SECS_DEFAULT;

7 years, 1 month

1
0
0 0

WTF: patch "[PATCH] bcache: do not check return value of debugfs_create_dir()" was seriously submitted to be applied to the 4.18-stable tree?

by gregkh＠linuxfoundation.org

The patch below was submitted to be applied to the 4.18-stable tree. I fail to see how this patch meets the stable kernel rules as found at Documentation/process/stable-kernel-rules.rst. I could be totally wrong, and if so, please respond to <stable(a)vger.kernel.org> and let me know why this patch should be applied. Otherwise, it is now dropped from my patch queues, never to be seen again. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 78ac2107176baa0daf65b0fb8e561d2ed14c83ca Mon Sep 17 00:00:00 2001 From: Coly Li <colyli(a)suse.de> Date: Thu, 9 Aug 2018 15:48:42 +0800 Subject: [PATCH] bcache: do not check return value of debugfs_create_dir() Greg KH suggests that normal code should not care about debugfs. Therefore no matter successful or failed of debugfs_create_dir() execution, it is unncessary to check its return value. There are two functions called debugfs_create_dir() and check the return value, which are bch_debug_init() and closure_debug_init(). This patch changes these two functions from int to void type, and ignore return values of debugfs_create_dir(). This patch does not fix exact bug, just makes things work as they should. Signed-off-by: Coly Li <colyli(a)suse.de> Suggested-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Cc: stable(a)vger.kernel.org Cc: Kai Krakow <kai(a)kaishome.de> Cc: Kent Overstreet <kent.overstreet(a)gmail.com> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/drivers/md/bcache/bcache.h b/drivers/md/bcache/bcache.h index 872ef4d67711..0a3e82b0876d 100644 --- a/drivers/md/bcache/bcache.h +++ b/drivers/md/bcache/bcache.h @@ -1001,7 +1001,7 @@ void bch_open_buckets_free(struct cache_set *); int bch_cache_allocator_start(struct cache *ca); void bch_debug_exit(void); -int bch_debug_init(struct kobject *); +void bch_debug_init(struct kobject *kobj); void bch_request_exit(void); int bch_request_init(void); diff --git a/drivers/md/bcache/closure.c b/drivers/md/bcache/closure.c index 0e14969182c6..618253683d40 100644 --- a/drivers/md/bcache/closure.c +++ b/drivers/md/bcache/closure.c @@ -199,11 +199,16 @@ static const struct file_operations debug_ops = { .release = single_release }; -int __init closure_debug_init(void) +void __init closure_debug_init(void) { - closure_debug = debugfs_create_file("closures", - 0400, bcache_debug, NULL, &debug_ops); - return IS_ERR_OR_NULL(closure_debug); + if (!IS_ERR_OR_NULL(bcache_debug)) + /* + * it is unnecessary to check return value of + * debugfs_create_file(), we should not care + * about this. + */ + closure_debug = debugfs_create_file( + "closures", 0400, bcache_debug, NULL, &debug_ops); } #endif diff --git a/drivers/md/bcache/closure.h b/drivers/md/bcache/closure.h index 71427eb5fdae..7c2c5bc7c88b 100644 --- a/drivers/md/bcache/closure.h +++ b/drivers/md/bcache/closure.h @@ -186,13 +186,13 @@ static inline void closure_sync(struct closure *cl) #ifdef CONFIG_BCACHE_CLOSURES_DEBUG -int closure_debug_init(void); +void closure_debug_init(void); void closure_debug_create(struct closure *cl); void closure_debug_destroy(struct closure *cl); #else -static inline int closure_debug_init(void) { return 0; } +static inline void closure_debug_init(void) {} static inline void closure_debug_create(struct closure *cl) {} static inline void closure_debug_destroy(struct closure *cl) {} diff --git a/drivers/md/bcache/debug.c b/drivers/md/bcache/debug.c index 04d146711950..12034c07257b 100644 --- a/drivers/md/bcache/debug.c +++ b/drivers/md/bcache/debug.c @@ -252,11 +252,12 @@ void bch_debug_exit(void) debugfs_remove_recursive(bcache_debug); } -int __init bch_debug_init(struct kobject *kobj) +void __init bch_debug_init(struct kobject *kobj) { - if (!IS_ENABLED(CONFIG_DEBUG_FS)) - return 0; - + /* + * it is unnecessary to check return value of + * debugfs_create_file(), we should not care + * about this. + */ bcache_debug = debugfs_create_dir("bcache", NULL); - return IS_ERR_OR_NULL(bcache_debug); } diff --git a/drivers/md/bcache/super.c b/drivers/md/bcache/super.c index e0a92104ca23..c7ffa6ef3f82 100644 --- a/drivers/md/bcache/super.c +++ b/drivers/md/bcache/super.c @@ -2345,10 +2345,12 @@ static int __init bcache_init(void) goto err; if (bch_request_init() || - bch_debug_init(bcache_kobj) || closure_debug_init() || sysfs_create_files(bcache_kobj, files)) goto err; + bch_debug_init(bcache_kobj); + closure_debug_init(); + return 0; err: bcache_exit();

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] block: blk_init_allocated_queue() set q->fq as NULL in the" failed to apply to 3.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 3.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 54648cf1ec2d7f4b6a71767799c45676a138ca24 Mon Sep 17 00:00:00 2001 From: xiao jin <jin.xiao(a)intel.com> Date: Mon, 30 Jul 2018 14:11:12 +0800 Subject: [PATCH] block: blk_init_allocated_queue() set q->fq as NULL in the fail case We find the memory use-after-free issue in __blk_drain_queue() on the kernel 4.14. After read the latest kernel 4.18-rc6 we think it has the same problem. Memory is allocated for q->fq in the blk_init_allocated_queue(). If the elevator init function called with error return, it will run into the fail case to free the q->fq. Then the __blk_drain_queue() uses the same memory after the free of the q->fq, it will lead to the unpredictable event. The patch is to set q->fq as NULL in the fail case of blk_init_allocated_queue(). Fixes: commit 7c94e1c157a2 ("block: introduce blk_flush_queue to drive flush machinery") Cc: <stable(a)vger.kernel.org> Reviewed-by: Ming Lei <ming.lei(a)redhat.com> Reviewed-by: Bart Van Assche <bart.vanassche(a)wdc.com> Signed-off-by: xiao jin <jin.xiao(a)intel.com> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/block/blk-core.c b/block/blk-core.c index 03a4ea93a5f3..23cd1b7770e7 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -1184,6 +1184,7 @@ int blk_init_allocated_queue(struct request_queue *q) q->exit_rq_fn(q, q->fq->flush_rq); out_free_flush_queue: blk_free_flush_queue(q->fq); + q->fq = NULL; return -ENOMEM; } EXPORT_SYMBOL(blk_init_allocated_queue);

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] block: blk_init_allocated_queue() set q->fq as NULL in the" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 54648cf1ec2d7f4b6a71767799c45676a138ca24 Mon Sep 17 00:00:00 2001 From: xiao jin <jin.xiao(a)intel.com> Date: Mon, 30 Jul 2018 14:11:12 +0800 Subject: [PATCH] block: blk_init_allocated_queue() set q->fq as NULL in the fail case We find the memory use-after-free issue in __blk_drain_queue() on the kernel 4.14. After read the latest kernel 4.18-rc6 we think it has the same problem. Memory is allocated for q->fq in the blk_init_allocated_queue(). If the elevator init function called with error return, it will run into the fail case to free the q->fq. Then the __blk_drain_queue() uses the same memory after the free of the q->fq, it will lead to the unpredictable event. The patch is to set q->fq as NULL in the fail case of blk_init_allocated_queue(). Fixes: commit 7c94e1c157a2 ("block: introduce blk_flush_queue to drive flush machinery") Cc: <stable(a)vger.kernel.org> Reviewed-by: Ming Lei <ming.lei(a)redhat.com> Reviewed-by: Bart Van Assche <bart.vanassche(a)wdc.com> Signed-off-by: xiao jin <jin.xiao(a)intel.com> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/block/blk-core.c b/block/blk-core.c index 03a4ea93a5f3..23cd1b7770e7 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -1184,6 +1184,7 @@ int blk_init_allocated_queue(struct request_queue *q) q->exit_rq_fn(q, q->fq->flush_rq); out_free_flush_queue: blk_free_flush_queue(q->fq); + q->fq = NULL; return -ENOMEM; } EXPORT_SYMBOL(blk_init_allocated_queue);

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] block: blk_init_allocated_queue() set q->fq as NULL in the" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 54648cf1ec2d7f4b6a71767799c45676a138ca24 Mon Sep 17 00:00:00 2001 From: xiao jin <jin.xiao(a)intel.com> Date: Mon, 30 Jul 2018 14:11:12 +0800 Subject: [PATCH] block: blk_init_allocated_queue() set q->fq as NULL in the fail case We find the memory use-after-free issue in __blk_drain_queue() on the kernel 4.14. After read the latest kernel 4.18-rc6 we think it has the same problem. Memory is allocated for q->fq in the blk_init_allocated_queue(). If the elevator init function called with error return, it will run into the fail case to free the q->fq. Then the __blk_drain_queue() uses the same memory after the free of the q->fq, it will lead to the unpredictable event. The patch is to set q->fq as NULL in the fail case of blk_init_allocated_queue(). Fixes: commit 7c94e1c157a2 ("block: introduce blk_flush_queue to drive flush machinery") Cc: <stable(a)vger.kernel.org> Reviewed-by: Ming Lei <ming.lei(a)redhat.com> Reviewed-by: Bart Van Assche <bart.vanassche(a)wdc.com> Signed-off-by: xiao jin <jin.xiao(a)intel.com> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/block/blk-core.c b/block/blk-core.c index 03a4ea93a5f3..23cd1b7770e7 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -1184,6 +1184,7 @@ int blk_init_allocated_queue(struct request_queue *q) q->exit_rq_fn(q, q->fq->flush_rq); out_free_flush_queue: blk_free_flush_queue(q->fq); + q->fq = NULL; return -ENOMEM; } EXPORT_SYMBOL(blk_init_allocated_queue);

7 years, 1 month

1
0
0 0

[PATCH] clk: sunxi-ng: sun4i: Set VCO and PLL bias current to lowest setting

by Chen-Yu Tsai

The default mid-level PLL bias current setting interferes with sigma delta modulation. This manifests as decreased audio quality at lower sampling rates, which sounds like radio broadcast quality, and distortion noises at sampling rates at 48 kHz or above. Changing the bias current settings to the lowest gets rid of the noise. Fixes: de3448519194 ("clk: sunxi-ng: sun4i: Use sigma-delta modulation for audio PLL") Cc: <stable(a)vger.kernel.org> # 4.15.x Signed-off-by: Chen-Yu Tsai <wens(a)csie.org> --- drivers/clk/sunxi-ng/ccu-sun4i-a10.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/drivers/clk/sunxi-ng/ccu-sun4i-a10.c b/drivers/clk/sunxi-ng/ccu-sun4i-a10.c index ffa5dac221e4..129ebd2588fd 100644 --- a/drivers/clk/sunxi-ng/ccu-sun4i-a10.c +++ b/drivers/clk/sunxi-ng/ccu-sun4i-a10.c @@ -1434,8 +1434,16 @@ static void __init sun4i_ccu_init(struct device_node *node, return; } - /* Force the PLL-Audio-1x divider to 1 */ val = readl(reg + SUN4I_PLL_AUDIO_REG); + + /* + * Force VCO and PLL bias current to lowest setting. Higher + * settings interfere with sigma-delta modulation and result + * in audible noise and distortions when using SPDIF or I2S. + */ + val &= ~GENMASK(25, 16); + + /* Force the PLL-Audio-1x divider to 1 */ val &= ~GENMASK(29, 26); writel(val | (1 << 26), reg + SUN4I_PLL_AUDIO_REG); -- 2.19.0.rc1

7 years, 1 month

2
1
0 0

rcu: Make expedited GPs handle CPU 0 being offline

by Paul E. McKenney

Hello! Please apply the following commit to the v4.18 -stable tree: rcu: Make expedited GPs handle CPU 0 being offline fcc63543650150629c8a873cbef3578770acecd9 This patch fixes a v4.18 regression that is causing the RISC-V people (CCed) some trouble. It is a small patch and has been tested in the failing situation running v4.18 by Atish Patra and Andreas Schwab (both CCed). Please let me know if more information is required. Thanx, Paul

7 years, 1 month

2
1
0 0

[PATCH AUTOSEL 4.4 01/30] usb: usbtest: use irqsave() in USB's complete callback

by Sasha Levin

From: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> [ Upstream commit 6f3fde684d0232e66ada3410f016a58e09a87689 ] The USB completion callback does not disable interrupts while acquiring the lock. We want to remove the local_irq_disable() invocation from __usb_hcd_giveback_urb() and therefore it is required for the callback handler to disable the interrupts while acquiring the lock. The callback may be invoked either in IRQ or BH context depending on the USB host controller. Use the _irqsave() variant of the locking primitives. Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Acked-by: Alan Stern <stern(a)rowland.harvard.edu> Signed-off-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/usb/misc/usbtest.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/drivers/usb/misc/usbtest.c b/drivers/usb/misc/usbtest.c index bc92a498ec03..4632a29d5403 100644 --- a/drivers/usb/misc/usbtest.c +++ b/drivers/usb/misc/usbtest.c @@ -1053,11 +1053,12 @@ static void ctrl_complete(struct urb *urb) struct usb_ctrlrequest *reqp; struct subcase *subcase; int status = urb->status; + unsigned long flags; reqp = (struct usb_ctrlrequest *)urb->setup_packet; subcase = container_of(reqp, struct subcase, setup); - spin_lock(&ctx->lock); + spin_lock_irqsave(&ctx->lock, flags); ctx->count--; ctx->pending--; @@ -1156,7 +1157,7 @@ static void ctrl_complete(struct urb *urb) /* signal completion when nothing's queued */ if (ctx->pending == 0) complete(&ctx->complete); - spin_unlock(&ctx->lock); + spin_unlock_irqrestore(&ctx->lock, flags); } static int @@ -1832,8 +1833,9 @@ struct transfer_context { static void complicated_callback(struct urb *urb) { struct transfer_context *ctx = urb->context; + unsigned long flags; - spin_lock(&ctx->lock); + spin_lock_irqsave(&ctx->lock, flags); ctx->count--; ctx->packet_count += urb->number_of_packets; @@ -1873,7 +1875,7 @@ static void complicated_callback(struct urb *urb) complete(&ctx->done); } done: - spin_unlock(&ctx->lock); + spin_unlock_irqrestore(&ctx->lock, flags); } static struct urb *iso_alloc_urb( -- 2.17.1

7 years, 1 month

2
30
0 0

[PATCH AUTOSEL 4.9 01/43] usb: usbtest: use irqsave() in USB's complete callback

by Sasha Levin

From: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> [ Upstream commit 6f3fde684d0232e66ada3410f016a58e09a87689 ] The USB completion callback does not disable interrupts while acquiring the lock. We want to remove the local_irq_disable() invocation from __usb_hcd_giveback_urb() and therefore it is required for the callback handler to disable the interrupts while acquiring the lock. The callback may be invoked either in IRQ or BH context depending on the USB host controller. Use the _irqsave() variant of the locking primitives. Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Acked-by: Alan Stern <stern(a)rowland.harvard.edu> Signed-off-by: Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/usb/misc/usbtest.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/drivers/usb/misc/usbtest.c b/drivers/usb/misc/usbtest.c index e31f72b3a22c..cc1dad83ec1d 100644 --- a/drivers/usb/misc/usbtest.c +++ b/drivers/usb/misc/usbtest.c @@ -1080,11 +1080,12 @@ static void ctrl_complete(struct urb *urb) struct usb_ctrlrequest *reqp; struct subcase *subcase; int status = urb->status; + unsigned long flags; reqp = (struct usb_ctrlrequest *)urb->setup_packet; subcase = container_of(reqp, struct subcase, setup); - spin_lock(&ctx->lock); + spin_lock_irqsave(&ctx->lock, flags); ctx->count--; ctx->pending--; @@ -1183,7 +1184,7 @@ static void ctrl_complete(struct urb *urb) /* signal completion when nothing's queued */ if (ctx->pending == 0) complete(&ctx->complete); - spin_unlock(&ctx->lock); + spin_unlock_irqrestore(&ctx->lock, flags); } static int @@ -1859,8 +1860,9 @@ struct transfer_context { static void complicated_callback(struct urb *urb) { struct transfer_context *ctx = urb->context; + unsigned long flags; - spin_lock(&ctx->lock); + spin_lock_irqsave(&ctx->lock, flags); ctx->count--; ctx->packet_count += urb->number_of_packets; @@ -1900,7 +1902,7 @@ static void complicated_callback(struct urb *urb) complete(&ctx->done); } done: - spin_unlock(&ctx->lock); + spin_unlock_irqrestore(&ctx->lock, flags); } static struct urb *iso_alloc_urb( -- 2.17.1

7 years, 1 month

2
43
0 0

[PATCH AUTOSEL 3.18 01/19] ALSA: msnd: Fix the default sample sizes

by Sasha Levin

From: Takashi Iwai <tiwai(a)suse.de> [ Upstream commit 7c500f9ea139d0c9b80fdea5a9c911db3166ea54 ] The default sample sizes set by msnd driver are bogus; it sets ALSA PCM format, not the actual bit width. Signed-off-by: Takashi Iwai <tiwai(a)suse.de> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- sound/isa/msnd/msnd_pinnacle.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sound/isa/msnd/msnd_pinnacle.c b/sound/isa/msnd/msnd_pinnacle.c index cf70dba80124..741714332365 100644 --- a/sound/isa/msnd/msnd_pinnacle.c +++ b/sound/isa/msnd/msnd_pinnacle.c @@ -82,10 +82,10 @@ static void set_default_audio_parameters(struct snd_msnd *chip) { - chip->play_sample_size = DEFSAMPLESIZE; + chip->play_sample_size = snd_pcm_format_width(DEFSAMPLESIZE); chip->play_sample_rate = DEFSAMPLERATE; chip->play_channels = DEFCHANNELS; - chip->capture_sample_size = DEFSAMPLESIZE; + chip->capture_sample_size = snd_pcm_format_width(DEFSAMPLESIZE); chip->capture_sample_rate = DEFSAMPLERATE; chip->capture_channels = DEFCHANNELS; } -- 2.17.1

7 years, 1 month

1
18
0 0

[PATCH AUTOSEL 4.18 067/113] powerpc: Fix size calculation using resource_size()

by Sasha Levin

From: Dan Carpenter <dan.carpenter(a)oracle.com> [ Upstream commit c42d3be0c06f0c1c416054022aa535c08a1f9b39 ] The problem is the the calculation should be "end - start + 1" but the plus one is missing in this calculation. Fixes: 8626816e905e ("powerpc: add support for MPIC message register API") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> Reviewed-by: Tyrel Datwyler <tyreld(a)linux.vnet.ibm.com> Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- arch/powerpc/sysdev/mpic_msgr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/powerpc/sysdev/mpic_msgr.c b/arch/powerpc/sysdev/mpic_msgr.c index eb69a5186243..280e964e1aa8 100644 --- a/arch/powerpc/sysdev/mpic_msgr.c +++ b/arch/powerpc/sysdev/mpic_msgr.c @@ -196,7 +196,7 @@ static int mpic_msgr_probe(struct platform_device *dev) /* IO map the message register block. */ of_address_to_resource(np, 0, &rsrc); - msgr_block_addr = ioremap(rsrc.start, rsrc.end - rsrc.start); + msgr_block_addr = ioremap(rsrc.start, resource_size(&rsrc)); if (!msgr_block_addr) { dev_err(&dev->dev, "Failed to iomap MPIC message registers"); return -EFAULT; -- 2.17.1

7 years, 1 month

4
56
0 0

[PATCH 4.4] net: lan78xx: Fix misplaced tasklet_schedule() call

by Ben Hutchings

Commit 136f55f66019 ("net: lan78xx: fix rx handling before first packet is send") was not correctly backported to 4.4. The call to tasklet_schedule() belongs in lan78xx_link_reset(). Fixes: d1fc12d8475c ("net: lan78xx: fix rx handling before first packet is send") Signed-off-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk> --- This is for 4.4 only; the backports to other stable branches look OK. I didn't test the driver on any branch though. Ben. drivers/net/usb/lan78xx.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/net/usb/lan78xx.c b/drivers/net/usb/lan78xx.c index acec4b565511..1aede726052c 100644 --- a/drivers/net/usb/lan78xx.c +++ b/drivers/net/usb/lan78xx.c @@ -902,6 +902,8 @@ static int lan78xx_link_reset(struct lan78xx_net *dev) ret = lan78xx_update_flowcontrol(dev, ecmd.duplex, ladv, radv); netif_carrier_on(dev->net); + + tasklet_schedule(&dev->bh); } return ret; @@ -1361,8 +1363,6 @@ static void lan78xx_init_mac_address(struct lan78xx_net *dev) netif_dbg(dev, ifup, dev->net, "MAC address set to random addr"); } - - tasklet_schedule(&dev->bh); } ret = lan78xx_write_reg(dev, MAF_LO(0), addr_lo); -- Ben Hutchings, Software Developer Codethink Ltd https://www.codethink.co.uk/ Dale House, 35 Dale Street Manchester, M1 2HF, United Kingdom

7 years, 1 month

1
0
0 0

[PATCH v4 1/6] drm/nouveau: Check backlight IDs are >= 0, not > 0

by Lyude Paul

Remember, ida IDs start at 0, not 1! Signed-off-by: Lyude Paul <lyude(a)redhat.com> Reviewed-by: Karol Herbst <kherbst(a)redhat.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/nouveau/nouveau_backlight.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/nouveau/nouveau_backlight.c b/drivers/gpu/drm/nouveau/nouveau_backlight.c index 408b955e5c39..6dd72bc32897 100644 --- a/drivers/gpu/drm/nouveau/nouveau_backlight.c +++ b/drivers/gpu/drm/nouveau/nouveau_backlight.c @@ -116,7 +116,7 @@ nv40_backlight_init(struct drm_connector *connector) &nv40_bl_ops, &props); if (IS_ERR(bd)) { - if (bl_connector.id > 0) + if (bl_connector.id >= 0) ida_simple_remove(&bl_ida, bl_connector.id); return PTR_ERR(bd); } @@ -249,7 +249,7 @@ nv50_backlight_init(struct drm_connector *connector) nv_encoder, ops, &props); if (IS_ERR(bd)) { - if (bl_connector.id > 0) + if (bl_connector.id >= 0) ida_simple_remove(&bl_ida, bl_connector.id); return PTR_ERR(bd); } -- 2.17.1

7 years, 1 month

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror