- Linux-stable-mirror - lists.linaro.org

FAILED: patch "[PATCH] ext4: do not update s_last_mounted of a frozen fs" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From db6516a5e7ddb6dc72d167b920f2f272596ea22d Mon Sep 17 00:00:00 2001 From: Amir Goldstein <amir73il(a)gmail.com> Date: Sun, 13 May 2018 22:54:44 -0400 Subject: [PATCH] ext4: do not update s_last_mounted of a frozen fs If fs is frozen after mount and before the first file open, the update of s_last_mounted bypasses freeze protection and prints out a WARNING splat: $ mount /vdf $ fsfreeze -f /vdf $ cat /vdf/foo [ 31.578555] WARNING: CPU: 1 PID: 1415 at fs/ext4/ext4_jbd2.c:53 ext4_journal_check_start+0x48/0x82 [ 31.614016] Call Trace: [ 31.614997] __ext4_journal_start_sb+0xe4/0x1a4 [ 31.616771] ? ext4_file_open+0xb6/0x189 [ 31.618094] ext4_file_open+0xb6/0x189 If fs is frozen, skip s_last_mounted update. [backport hint: to apply to stable tree, need to apply also patches vfs: add the sb_start_intwrite_trylock() helper ext4: factor out helper ext4_sample_last_mounted()] Cc: stable(a)vger.kernel.org Fixes: bc0b0d6d69ee ("ext4: update the s_last_mounted field in the superblock") Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Reviewed-by: Jan Kara <jack(a)suse.cz> diff --git a/fs/ext4/file.c b/fs/ext4/file.c index c48ea76b63e4..7f8023340eb8 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -393,7 +393,7 @@ static int ext4_sample_last_mounted(struct super_block *sb, if (likely(sbi->s_mount_flags & EXT4_MF_MNTDIR_SAMPLED)) return 0; - if (sb_rdonly(sb)) + if (sb_rdonly(sb) || !sb_start_intwrite_trylock(sb)) return 0; sbi->s_mount_flags |= EXT4_MF_MNTDIR_SAMPLED; @@ -407,21 +407,25 @@ static int ext4_sample_last_mounted(struct super_block *sb, path.mnt = mnt; path.dentry = mnt->mnt_root; cp = d_path(&path, buf, sizeof(buf)); + err = 0; if (IS_ERR(cp)) - return 0; + goto out; handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1); + err = PTR_ERR(handle); if (IS_ERR(handle)) - return PTR_ERR(handle); + goto out; BUFFER_TRACE(sbi->s_sbh, "get_write_access"); err = ext4_journal_get_write_access(handle, sbi->s_sbh); if (err) - goto out; + goto out_journal; strlcpy(sbi->s_es->s_last_mounted, cp, sizeof(sbi->s_es->s_last_mounted)); ext4_handle_dirty_super(handle, sb); -out: +out_journal: ext4_journal_stop(handle); +out: + sb_end_intwrite(sb); return err; }

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] ext4: do not update s_last_mounted of a frozen fs" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From db6516a5e7ddb6dc72d167b920f2f272596ea22d Mon Sep 17 00:00:00 2001 From: Amir Goldstein <amir73il(a)gmail.com> Date: Sun, 13 May 2018 22:54:44 -0400 Subject: [PATCH] ext4: do not update s_last_mounted of a frozen fs If fs is frozen after mount and before the first file open, the update of s_last_mounted bypasses freeze protection and prints out a WARNING splat: $ mount /vdf $ fsfreeze -f /vdf $ cat /vdf/foo [ 31.578555] WARNING: CPU: 1 PID: 1415 at fs/ext4/ext4_jbd2.c:53 ext4_journal_check_start+0x48/0x82 [ 31.614016] Call Trace: [ 31.614997] __ext4_journal_start_sb+0xe4/0x1a4 [ 31.616771] ? ext4_file_open+0xb6/0x189 [ 31.618094] ext4_file_open+0xb6/0x189 If fs is frozen, skip s_last_mounted update. [backport hint: to apply to stable tree, need to apply also patches vfs: add the sb_start_intwrite_trylock() helper ext4: factor out helper ext4_sample_last_mounted()] Cc: stable(a)vger.kernel.org Fixes: bc0b0d6d69ee ("ext4: update the s_last_mounted field in the superblock") Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Reviewed-by: Jan Kara <jack(a)suse.cz> diff --git a/fs/ext4/file.c b/fs/ext4/file.c index c48ea76b63e4..7f8023340eb8 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -393,7 +393,7 @@ static int ext4_sample_last_mounted(struct super_block *sb, if (likely(sbi->s_mount_flags & EXT4_MF_MNTDIR_SAMPLED)) return 0; - if (sb_rdonly(sb)) + if (sb_rdonly(sb) || !sb_start_intwrite_trylock(sb)) return 0; sbi->s_mount_flags |= EXT4_MF_MNTDIR_SAMPLED; @@ -407,21 +407,25 @@ static int ext4_sample_last_mounted(struct super_block *sb, path.mnt = mnt; path.dentry = mnt->mnt_root; cp = d_path(&path, buf, sizeof(buf)); + err = 0; if (IS_ERR(cp)) - return 0; + goto out; handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1); + err = PTR_ERR(handle); if (IS_ERR(handle)) - return PTR_ERR(handle); + goto out; BUFFER_TRACE(sbi->s_sbh, "get_write_access"); err = ext4_journal_get_write_access(handle, sbi->s_sbh); if (err) - goto out; + goto out_journal; strlcpy(sbi->s_es->s_last_mounted, cp, sizeof(sbi->s_es->s_last_mounted)); ext4_handle_dirty_super(handle, sb); -out: +out_journal: ext4_journal_stop(handle); +out: + sb_end_intwrite(sb); return err; }

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] ext4: do not update s_last_mounted of a frozen fs" failed to apply to 4.16-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.16-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From db6516a5e7ddb6dc72d167b920f2f272596ea22d Mon Sep 17 00:00:00 2001 From: Amir Goldstein <amir73il(a)gmail.com> Date: Sun, 13 May 2018 22:54:44 -0400 Subject: [PATCH] ext4: do not update s_last_mounted of a frozen fs If fs is frozen after mount and before the first file open, the update of s_last_mounted bypasses freeze protection and prints out a WARNING splat: $ mount /vdf $ fsfreeze -f /vdf $ cat /vdf/foo [ 31.578555] WARNING: CPU: 1 PID: 1415 at fs/ext4/ext4_jbd2.c:53 ext4_journal_check_start+0x48/0x82 [ 31.614016] Call Trace: [ 31.614997] __ext4_journal_start_sb+0xe4/0x1a4 [ 31.616771] ? ext4_file_open+0xb6/0x189 [ 31.618094] ext4_file_open+0xb6/0x189 If fs is frozen, skip s_last_mounted update. [backport hint: to apply to stable tree, need to apply also patches vfs: add the sb_start_intwrite_trylock() helper ext4: factor out helper ext4_sample_last_mounted()] Cc: stable(a)vger.kernel.org Fixes: bc0b0d6d69ee ("ext4: update the s_last_mounted field in the superblock") Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Reviewed-by: Jan Kara <jack(a)suse.cz> diff --git a/fs/ext4/file.c b/fs/ext4/file.c index c48ea76b63e4..7f8023340eb8 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -393,7 +393,7 @@ static int ext4_sample_last_mounted(struct super_block *sb, if (likely(sbi->s_mount_flags & EXT4_MF_MNTDIR_SAMPLED)) return 0; - if (sb_rdonly(sb)) + if (sb_rdonly(sb) || !sb_start_intwrite_trylock(sb)) return 0; sbi->s_mount_flags |= EXT4_MF_MNTDIR_SAMPLED; @@ -407,21 +407,25 @@ static int ext4_sample_last_mounted(struct super_block *sb, path.mnt = mnt; path.dentry = mnt->mnt_root; cp = d_path(&path, buf, sizeof(buf)); + err = 0; if (IS_ERR(cp)) - return 0; + goto out; handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1); + err = PTR_ERR(handle); if (IS_ERR(handle)) - return PTR_ERR(handle); + goto out; BUFFER_TRACE(sbi->s_sbh, "get_write_access"); err = ext4_journal_get_write_access(handle, sbi->s_sbh); if (err) - goto out; + goto out_journal; strlcpy(sbi->s_es->s_last_mounted, cp, sizeof(sbi->s_es->s_last_mounted)); ext4_handle_dirty_super(handle, sb); -out: +out_journal: ext4_journal_stop(handle); +out: + sb_end_intwrite(sb); return err; }

7 years, 4 months

1
0
0 0

Please consider 3be0f80b5f for stable (v4.11+)

by Anna Schumaker

Hi Stable folks, Please consider adding: commit 3be0f80b5fe9c16eca2d538f799b94ca8aa59433 Author: Trond Myklebust <trond.myklebust(a)primarydata.com> Date: Thu Oct 19 15:46:45 2017 -0400 NFSv4.1: Fix up replays of interrupted requests This patch fixes a data corruption issue that happens if the interrupted slot is reused by the same type of NFS operation (such as two different WRITE requests). I should apply cleanly to v4.11+ Thanks, Anna

7 years, 4 months

2
1
0 0

[PATCH] ALSA: hda/realtek - New codec support for ALC257

by Pali Rohár

From: Kailang Yang <kailang(a)realtek.com> commit f429e7e494afaded76e62c6f98211a635aa03098 Add new support for ALC257 codec. [ It's supposed to be almost equivalent with other ALC25x variants, just adding another type and id -- tiwai ] Signed-off-by: Kailang Yang <kailang(a)realtek.com> Signed-off-by: Takashi Iwai <tiwai(a)suse.de> Cc: <stable(a)vger.kernel.org> # 4.9.y Tested-by: Pali Rohár <pali.rohar(a)gmail.com> --- This patch is for 4.9 stable tree and needed small modification to be cleanly applied for linux-4.9.y git tree. I tested it on Debian's 4.9 Stretch kernel. After applying this patch mute and micmute leds on ThinkPad T480s started working. Leds are managed by snd-hda-codec-realtek. --- sound/pci/hda/patch_realtek.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c index 39cd35f6a6df..183436e4a8c1 100644 --- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -333,6 +333,7 @@ static void alc_fill_eapd_coef(struct hda_codec *codec) case 0x10ec0236: case 0x10ec0255: case 0x10ec0256: + case 0x10ec0257: case 0x10ec0282: case 0x10ec0283: case 0x10ec0286: @@ -2663,6 +2664,7 @@ enum { ALC269_TYPE_ALC298, ALC269_TYPE_ALC255, ALC269_TYPE_ALC256, + ALC269_TYPE_ALC257, ALC269_TYPE_ALC225, ALC269_TYPE_ALC294, ALC269_TYPE_ALC700, @@ -2695,6 +2697,7 @@ static int alc269_parse_auto_config(struct hda_codec *codec) case ALC269_TYPE_ALC298: case ALC269_TYPE_ALC255: case ALC269_TYPE_ALC256: + case ALC269_TYPE_ALC257: case ALC269_TYPE_ALC225: case ALC269_TYPE_ALC294: case ALC269_TYPE_ALC700: @@ -6375,6 +6378,10 @@ static int patch_alc269(struct hda_codec *codec) spec->gen.mixer_nid = 0; /* ALC256 does not have any loopback mixer path */ alc_update_coef_idx(codec, 0x36, 1 << 13, 1 << 5); /* Switch pcbeep path to Line in path*/ break; + case 0x10ec0257: + spec->codec_variant = ALC269_TYPE_ALC257; + spec->gen.mixer_nid = 0; + break; case 0x10ec0225: case 0x10ec0295: case 0x10ec0299: @@ -7361,6 +7368,7 @@ static const struct hda_device_id snd_hda_id_realtek[] = { HDA_CODEC_ENTRY(0x10ec0236, "ALC236", patch_alc269), HDA_CODEC_ENTRY(0x10ec0255, "ALC255", patch_alc269), HDA_CODEC_ENTRY(0x10ec0256, "ALC256", patch_alc269), + HDA_CODEC_ENTRY(0x10ec0257, "ALC257", patch_alc269), HDA_CODEC_ENTRY(0x10ec0260, "ALC260", patch_alc260), HDA_CODEC_ENTRY(0x10ec0262, "ALC262", patch_alc262), HDA_CODEC_ENTRY(0x10ec0267, "ALC267", patch_alc268), -- 2.11.0

7 years, 4 months

2
1
0 0

Please include mainline commit 5088814a6e93 into 4.17.y

by Rafael J. Wysocki

Hi Greg, As per the subject, please add the following mainline commit: 5088814a6e93 ACPICA: AML parser: attempt to continue loading table after error to the 4.17.y series as it is reported to fix a regression introduced in 4.17. Thanks, Rafael

7 years, 4 months

2
1
0 0

perf/x86/intel: Fix large period handling on Broadwell CPUs

by Jim Mattson

I'd like to nominate commit f605cfca8c39 ("perf/x86/intel: Fix large period handling on Broadwell CPUs") for backport to the affected stable Linux releases. (The bug was introduced in 4.1.) Because of this bug, the NMI watchdog timer may fire spuriously on Broadwell systems, resulting in a hard lockup panic when there is, in fact, no lockup.

7 years, 4 months

2
1
0 0

[PATCH 4.16 000/279] 4.16.17-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.16.17 release. There are 279 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Jun 20 08:05:28 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.16.17-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.16.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.16.17-rc1 Russell King <rmk+kernel(a)armlinux.org.uk> ARM: fix kill( ,SIGFPE) breakage Russell King <rmk+kernel(a)armlinux.org.uk> ARM: replace unnecessary perl with sed and the shell $(( )) operator Russell King <rmk+kernel(a)armlinux.org.uk> ARM: kexec: fix kdump register saving on panic() Łukasz Stelmach <l.stelmach(a)samsung.com> ARM: 8758/1: decompressor: restore r1 and r2 just before jumping to the kernel Łukasz Stelmach <l.stelmach(a)samsung.com> ARM: 8753/1: decompressor: add a missing parameter to the addruart macro Mark Rutland <mark.rutland(a)arm.com> efi/libstub/arm64: Handle randomized TEXT_OFFSET Darren Hart <dvhart(a)infradead.org> platform/x86: DELL_WMI use depends on instead of select for DELL_SMBIOS Helge Deller <deller(a)gmx.de> parisc: Move setup_profiling_timer() out of init section Mathieu Malaterre <malat(a)debian.org> sched/deadline: Make the grub_reclaim() function static Mathieu Malaterre <malat(a)debian.org> sched/debug: Move the print_rt_rq() and print_dl_rq() declarations to kernel/sched/sched.h Dan Carpenter <dan.carpenter(a)oracle.com> drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl() Waiman Long <longman(a)redhat.com> locking/percpu-rwsem: Annotate rwsem ownership transfer by setting RWSEM_OWNER_UNKNOWN Waiman Long <longman(a)redhat.com> locking/rwsem: Add a new RWSEM_ANONYMOUSLY_OWNED flag Stefan Agner <stefan(a)agner.ch> clk: imx6ull: use OSC clock during AXI rate change Geert Uytterhoeven <geert(a)linux-m68k.org> mtd: rawnand: Fix return type of __DIVIDE() when called with 32-bit Wanpeng Li <wanpengli(a)tencent.com> KVM: X86: Lower the default timer frequency limit to 200us Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-dm646x-evm: set VPIF capture card name Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-dm646x-evm: pass correct I2C adapter id for VPIF Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: dm646x: fix timer interrupt generation Peter Rosin <peda(a)axentia.se> i2c: viperboard: return message count on master_xfer success Peter Rosin <peda(a)axentia.se> i2c: pmcmsp: fix error return from master_xfer Peter Rosin <peda(a)axentia.se> i2c: pmcmsp: return message count on master_xfer success Russell King <rmk+kernel(a)armlinux.org.uk> ARM: keystone: fix platform_domain_notifier array overrun Daniel Glöckner <dg(a)emlix.com> usb: musb: fix remote wakeup racing with suspend David Howells <dhowells(a)redhat.com> afs: Fix the non-encryption of calls Marc Dionne <marc.dionne(a)auristor.com> afs: Fix afs_find_server search loop David Howells <dhowells(a)redhat.com> afs: Fix the handling of CB.InitCallBackState3 to find the server by UUID David Howells <dhowells(a)redhat.com> afs: Fix VNOVOL handling in address rotation Ben Hutchings <ben(a)decadent.org.uk> mtd: Fix comparison in map_word_andequal() David Howells <dhowells(a)redhat.com> afs: Fix server rotation's handling of fileserver probe failure David Howells <dhowells(a)redhat.com> afs: Fix refcounting in callback registration David Howells <dhowells(a)redhat.com> afs: Fix address list parsing Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Add a test for pkey 0 Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Save off 'prot' for allocations Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Fix pointer math Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Fix pkey exhaustion test off-by-one Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Add PROT_EXEC test Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Factor out "instruction page" Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Allow faults on unknown keys Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Avoid printf-in-signal deadlocks Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Remove dead debugging code, fix dprint_in_signal Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Stop using assert() Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Give better unexpected fault error messages Andy Lutomirski <luto(a)kernel.org> x86/selftests: Add mov_to_ss test Ingo Molnar <mingo(a)kernel.org> x86/mpx/selftests: Adjust the self-test to fresh distros that export the MPX ABI Ingo Molnar <mingo(a)kernel.org> x86/pkeys/selftests: Adjust the self-test to fresh distros that export the pkeys ABI Ingo Molnar <mingo(a)kernel.org> objtool, kprobes/x86: Sync the latest <asm/insn.h> header with tools/objtool/arch/x86/include/asm/insn.h Masami Hiramatsu <mhiramat(a)kernel.org> uprobes/x86: Prohibit probing on MOV SS instruction Masami Hiramatsu <mhiramat(a)kernel.org> kprobes/x86: Prohibit probing on exception masking instructions Ashish Samant <ashish.samant(a)oracle.com> ocfs2: take inode cluster lock before moving reflinked inode from orphan dir Laura Abbott <labbott(a)redhat.com> proc/kcore: don't bounds check against address 0 Jeffrey Hugo <jhugo(a)codeaurora.org> init: fix false positives in W+X checking Yury Norov <ynorov(a)caviumnetworks.com> lib/find_bit_benchmark.c: avoid soft lockup in test_find_first_bit() Roman Mashak <mrv(a)mojatatu.com> net sched actions: fix invalid pointer dereferencing if skbedit flags missing Colin Ian King <colin.king(a)canonical.com> ixgbe: fix memory leak on ipsec allocation Emil Tantilov <emil.s.tantilov(a)intel.com> ixgbe: return error on unsupported SFP module when resetting Rob Herring <robh(a)kernel.org> sh: switch to NO_BOOTMEM Leo Yan <leo.yan(a)linaro.org> perf cs-etm: Support unknown_thread in cs_etm_auxtrace Marian Rotariu <mrotariu(a)bitdefender.com> x86: Delay skip of emulated hypercall instruction Wanpeng Li <wanpengli(a)tencent.com> KVM: Extend MAX_IRQ_ROUTES to 4096 for all archs Nikita Yushchenko <nikita.yoush(a)cogentembedded.com> ARM: dts: imx51-zii-rdu1: fix touchscreen bindings David Howells <dhowells(a)redhat.com> rxrpc: Fix the min security level for kernel calls David Howells <dhowells(a)redhat.com> rxrpc: Fix error reception on AF_INET6 sockets David Howells <dhowells(a)redhat.com> rxrpc: Fix missing start of call timeout Ganesh Goudar <ganeshgr(a)chelsio.com> cxgb4: copy mbox log size to PF0-3 adap instances Michal Kalderon <Michal.Kalderon(a)cavium.com> qede: Fix gfp flags sent to rdma event node allocation Michal Kalderon <Michal.Kalderon(a)cavium.com> qed: Fix l2 initializations over iWARP personality Ying Xue <ying.xue(a)windriver.com> tipc: eliminate KMSAN uninit-value in strcmp complaint Mathieu Malaterre <malat(a)debian.org> agp: uninorth: make two functions static Andrey Grodzovsky <andrey.grodzovsky(a)amd.com> drm/amdgpu: Switch to interruptable wait to recover from ring hang. Paulo Alcantara <palcantara(a)suse.de> cifs: smb2ops: Fix listxattr() when there are no EAs Long Li <longli(a)microsoft.com> cifs: Allocate validate negotiation request through kmalloc David Gilhooley <dgilhooley(a)nvidia.com> arm64: Add MIDR encoding for NVIDIA CPUs Hans de Goede <hdegoede(a)redhat.com> HID: i2c-hid: Add RESEND_REPORT_DESCR quirk for Toshiba Click Mini L9W-B Jakob Unterwurzacher <jakob.unterwurzacher(a)theobroma-systems.com> can: dev: increase bus-off message severity Michael Ellerman <mpe(a)ellerman.id.au> powerpc/pseries: Fix CONFIG_NUMA=n build Igor Russkikh <igor.russkikh(a)aquantia.com> net: aquantia: Limit number of vectors to actually allocated irqs Igor Russkikh <igor.russkikh(a)aquantia.com> net: aquantia: driver should correctly declare vlan_features bits van der Linden, Frank <fllinden(a)amazon.com> x86/xen: Reset VCPU0 info pointer after shared_info remap Sara Sharon <sara.sharon(a)intel.com> mac80211: use timeout from the AddBA response instead of the request Clément Péron <peron.clem(a)gmail.com> ARM: dts: cygnus: fix irq type for arm global timer Mathieu Malaterre <malat(a)debian.org> driver core: add __printf verification to __ata_ehi_pushv_desc Jianchao Wang <jianchao.w.wang(a)oracle.com> nvme: fix use-after-free in nvme_free_ns_head Tomi Valkeinen <tomi.valkeinen(a)ti.com> drm/omap: handle alloc failures in omap_connector Tomi Valkeinen <tomi.valkeinen(a)ti.com> drm/omap: check return value from soc_device_match Tomi Valkeinen <tomi.valkeinen(a)ti.com> drm/omap: fix possible NULL ref issue in tiler_reserve_2d Tomi Valkeinen <tomi.valkeinen(a)ti.com> drm/omap: fix uninitialized ret variable Dan Carpenter <dan.carpenter(a)oracle.com> drm/omap: silence unititialized variable warning Eric Anholt <eric(a)anholt.net> drm/vc4: Fix oops dereferencing DPI's connector since panel_bridge. Ilan Peer <ilan.peer(a)intel.com> mac80211: Adjust SAE authentication timeout Naveen N. Rao <naveen.n.rao(a)linux.vnet.ibm.com> powerpc/trace/syscalls: Update syscall name matching logic to account for ppc_ prefix Naveen N. Rao <naveen.n.rao(a)linux.vnet.ibm.com> powerpc/trace/syscalls: Update syscall name matching logic Etienne Carriere <etienne.carriere(a)linaro.org> tee: check shm references are consistent in offset/size Rich Felker <dalias(a)libc.org> sh: fix build failure for J2 cpu with SMP disabled Masahiro Yamada <yamada.masahiro(a)socionext.com> gcc-plugins: fix build condition of SANCOV plugin Bhadram Varka <vbhadram(a)nvidia.com> net: phy: broadcom: add support for BCM89610 PHY Peter Zijlstra <peterz(a)infradead.org> sched/core: Introduce set_special_state() Daniel Borkmann <daniel(a)iogearbox.net> bpf: use array_index_nospec in find_prog_type Tobias Jakobi <tjakobi(a)math.uni-bielefeld.de> drm/exynos: mixer: avoid Oops in vp_video_buffer() Andrzej Hajda <a.hajda(a)samsung.com> drm/exynos/mixer: fix synchronization check in interlaced mode Mark Rutland <mark.rutland(a)arm.com> bpf: fix possible spectre-v1 in find_and_alloc_map() Rob Herring <robh(a)kernel.org> spi: bcm2835aux: ensure interrupts are enabled for shared handler Parav Pandit <parav(a)mellanox.com> RDMA/cma: Do not query GID during QP state transition to RTR Jack Morgenstein <jackm(a)dev.mellanox.co.il> IB/mlx4: Fix integer overflow when calculating optimal MTT size Sebastian Sanchez <sebastian.sanchez(a)intel.com> IB/hfi1: Fix memory leak in exception path in get_irq_affinity() Sebastian Sanchez <sebastian.sanchez(a)intel.com> IB/{hfi1, rdmavt}: Fix memory leak in hfi1_alloc_devdata() upon failure Michael J. Ruhl <michael.j.ruhl(a)intel.com> IB/hfi1 Use correct type for num_user_context Stefan Raspl <stefan.raspl(a)linux.ibm.com> smc: fix sendpage() call Heikki Krogerus <heikki.krogerus(a)linux.intel.com> usb: typec: tps6598x: handle block reads separately with plain-I2C adapters Graeme Smecher <gsmecher(a)threespeedlogic.com> ARM: dts: correct missing "compatible" entry for ti81xx SoCs Janusz Krzysztofik <jmkrzyszt(a)gmail.com> ARM: OMAP1: ams-delta: fix deferred_fiq handler Keith Busch <keith.busch(a)intel.com> nvme/multipath: Fix multipath disabled naming collisions Keith Busch <keith.busch(a)intel.com> nvme/multipath: Disable runtime writable enabling parameter Keith Busch <keith.busch(a)intel.com> nvme: Set integrity flag for user passthrough commands Chengguang Xu <cgxu519(a)gmx.com> nvme: fix potential memory leak in option parsing Changbin Du <changbin.du(a)intel.com> iommu/vt-d: fix shift-out-of-bounds in bug checking Jagannathan Raman <jag.raman(a)oracle.com> iommu/vt-d: Fix usage of force parameter in intel_ir_reconfigure_irte() Bhadram Varka <vbhadram(a)nvidia.com> arm64: tegra: Make BCM89610 PHY interrupt as active low Peter Zijlstra <peterz(a)infradead.org> kthread, sched/wait: Fix kthread_parkme() completion issue Peter Zijlstra <peterz(a)infradead.org> kthread, sched/wait: Fix kthread_parkme() wait-loop Peter Zijlstra <peterz(a)infradead.org> stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock Helge Deller <deller(a)gmx.de> parisc: drivers.c: Fix section mismatches Daniel Borkmann <daniel(a)iogearbox.net> bpf, x64: fix memleak when not converging on calls Daniel Borkmann <daniel(a)iogearbox.net> bpf, x64: fix memleak when not converging after image Ladislav Michl <ladis(a)linux-mips.org> mtd: onenand: omap2: Disable DMA for HIGHMEM buffers Mika Westerberg <mika.westerberg(a)linux.intel.com> pinctrl: cherryview: Associate IRQ descriptors to irqdomain Yixun Lan <yixun.lan(a)amlogic.com> pinctrl: meson-axg: fix the range of aobus bank Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: fix GPIO lookup for I2C Jim Gill <jgill(a)vmware.com> scsi: vmw-pvscsi: return DID_BUS_BUSY for adapter-initated aborts Arnd Bergmann <arnd(a)arndb.de> hexagon: export csum_partial_copy_nocheck Arnd Bergmann <arnd(a)arndb.de> hexagon: add memset_io() helper Nick Dyer <nick(a)shmanahar.org> Input: atmel_mxt_ts - fix the firmware update Chuck Lever <chuck.lever(a)oracle.com> xprtrdma: Fix list corruption / DMAR errors during MR recovery Adam Ford <aford173(a)gmail.com> ARM: dts: logicpd-som-lv: Fix Audio Mute Adam Ford <aford173(a)gmail.com> ARM: dts: logicpd-som-lv: Fix WL127x Startup Issues Tero Kristo <t-kristo(a)ti.com> ARM: OMAP2+: powerdomain: use raw_smp_processor_id() for trace Geert Uytterhoeven <geert+renesas(a)glider.be> dt-bindings: panel: lvds: Fix path to display timing bindings Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-dm355-evm: fix broken networking Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-omapl138-hawk: fix GPIO numbers for MMC/SD lookup Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-da850-evm: fix GPIO lookup for MMC/SD Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-da830-evm: fix GPIO lookup for MMC/SD Håkon Bugge <haakon.bugge(a)oracle.com> IB/core: Make ib_mad_client_id atomic Amir Goldstein <amir73il(a)gmail.com> <linux/stringhash.h>: fix end_name_hash() for 64bit long oulijun <oulijun(a)huawei.com> RDMA/hns: Submit bad wr oulijun <oulijun(a)huawei.com> RDMA/hns: Fix the qp context state diagram oulijun <oulijun(a)huawei.com> RDMA/hns: Intercept illegal RDMA operation when use inline data oulijun <oulijun(a)huawei.com> RDMA/hns: Bugfix for init hem table Zhu Yanjun <yanjun.zhu(a)oracle.com> IB/rxe: avoid double kfree_skb Jianchao Wang <jianchao.w.wang(a)oracle.com> IB/rxe: add RXE_START_MASK for rxe_opcode IB_OPCODE_RC_SEND_ONLY_INV Colin Ian King <colin.king(a)canonical.com> RDMA/iwpm: fix memory leak on map_info Parav Pandit <parav(a)mellanox.com> RDMA/cma: Fix use after destroy access to net namespace for IPoIB Matan Barak <matanb(a)mellanox.com> IB/uverbs: Fix validating mandatory attributes Junaid Shahid <junaids(a)google.com> kvm: apic: Flush TLB after APIC mode/address change if VPIDs are in use Maxime Chevallier <maxime.chevallier(a)bootlin.com> net: mvpp2: Fix clk error path in mvpp2_probe Greg Thelen <gthelen(a)google.com> IB: make INFINIBAND_ADDR_TRANS configurable Greg Thelen <gthelen(a)google.com> ib_srp: depend on INFINIBAND_ADDR_TRANS Greg Thelen <gthelen(a)google.com> cifs: smbd: depend on INFINIBAND_ADDR_TRANS Greg Thelen <gthelen(a)google.com> ib_srpt: depend on INFINIBAND_ADDR_TRANS Greg Thelen <gthelen(a)google.com> nvmet-rdma: depend on INFINIBAND_ADDR_TRANS Greg Thelen <gthelen(a)google.com> nvme: depend on INFINIBAND_ADDR_TRANS Jakub Kicinski <jakub.kicinski(a)netronome.com> nfp: don't depend on eth_tbl being available Jon Maloy <jon.maloy(a)ericsson.com> tipc: fix bug in function tipc_nl_node_dump_monitor Leon Romanovsky <leonro(a)mellanox.com> RDMA/mlx5: Properly check return value of mlx5_get_uars_page Baolin Wang <baolin.wang(a)linaro.org> i2c: sprd: Fix the i2c count issue Baolin Wang <baolin.wang(a)linaro.org> i2c: sprd: Prevent i2c accesses after suspend is called Masahiro Yamada <yamada.masahiro(a)socionext.com> reset: uniphier: fix USB clock line for LD20 Laurentiu Tudor <laurentiu.tudor(a)nxp.com> powerpc/kvm/booke: Fix altivec related build break Stefano Brivio <sbrivio(a)redhat.com> vti6: Change minimum MTU to IPV4_MIN_MTU, vti6 can carry IPv4 too John Fastabend <john.fastabend(a)gmail.com> bpf: fix uninitialized variable in bpf tools jacek.tomaka(a)poczta.fm <jacek.tomaka(a)poczta.fm> x86/cpu/intel: Add missing TLB cpuid values Evan Wang <xswang(a)marvell.com> ata: ahci: mvebu: override ahci_stop_engine for mvebu AHCI Evan Wang <xswang(a)marvell.com> libahci: Allow drivers to override stop_engine Mark Rutland <mark.rutland(a)arm.com> KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_mmio_read_apr() Mark Rutland <mark.rutland(a)arm.com> arm64: fix possible spectre-v1 in ptrace_hbp_get_event() Omar Sandoval <osandov(a)fb.com> blk-mq: fix sysfs inflight counter Arvind Yadav <arvind.yadav.cs(a)gmail.com> HID: intel-ish-hid: use put_device() instead of kfree() Ramon Fried <rfried(a)codeaurora.org> rpmsg: added MODULE_ALIAS for rpmsg_char Tobias Jordan <Tobias.Jordan(a)elektrobit.com> remoteproc: qcom: Fix potential device node leaks Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Don't enable freeze-on-smi for PerfMon V1 Dag Moxnes <dag.moxnes(a)oracle.com> rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp Gianluca Borello <g.borello(a)gmail.com> bpf, x64: fix JIT emission for dead code Masami Hiramatsu <mhiramat(a)kernel.org> selftests: ftrace: Add a testcase for multiple actions on trigger Arvind Yadav <arvind.yadav.cs(a)gmail.com> HID: wacom: Release device resource data obtained by devres_alloc() pgzh <peter.ganzhorn(a)gmail.com> HID: lenovo: Add support for IBM/Lenovo Scrollpoint mice Kan Liang <kan.liang(a)linux.intel.com> perf pmu: Fix core PMU alias list for X86 platform Mark Rutland <mark.rutland(a)arm.com> arm64: only advance singlestep for user instruction traps Mark Rutland <mark.rutland(a)arm.com> arm64: ptrace: remove addr_limit manipulation Aurelien Jarno <aurelien(a)aurel32.net> RISC-V: build vdso-dummy.o with -no-pie Christoph Hellwig <hch(a)lst.de> riscv: select DMA_DIRECT_OPS instead of redefining it Florian Fainelli <f.fainelli(a)gmail.com> net: ethtool: Add missing kernel doc for FEC parameters Vinicius Costa Gomes <vinicius.gomes(a)intel.com> igb: Fix the transmission mode of queue 0 for Qav mode Masahiro Yamada <yamada.masahiro(a)socionext.com> arm64: dts: uniphier: fix input delay value for legacy mode of eMMC Steve French <smfrench(a)gmail.com> CIFS: set *resp_buf_type to NO_BUFFER on error Hans de Goede <hdegoede(a)redhat.com> thermal: int3403_thermal: Fix NULL pointer deref on module load / probe Markus Mayer <mmayer(a)broadcom.com> cpufreq: brcmstb-avs-cpufreq: remove development debug support Andres Rodriguez <andres.rodriguez(a)amd.com> drm/amdkfd: fix clock counter retrieval for node without GPU Mika Westerberg <mika.westerberg(a)linux.intel.com> ACPI / watchdog: Prefer iTCO_wdt on Lenovo Z50-70 Sekhar Nori <nsekhar(a)ti.com> ARM: dts: da850: fix W=1 warnings with pinmux node Jingju Hou <Jingju.Hou(a)synaptics.com> net: phy: marvell: clear wol event before setting it Balbir Singh <bsingharora(a)gmail.com> powerpc/powernv/memtrace: Let the arch hotunplug code flush cache Geert Uytterhoeven <geert+renesas(a)glider.be> dt-bindings: mvebu-uart: DT fix s/interrupts-names/interrupt-names/ Geert Uytterhoeven <geert+renesas(a)glider.be> dt-bindings: meson-uart: DT fix s/clocks-names/clock-names/ Mika Westerberg <mika.westerberg(a)linux.intel.com> ACPI / scan: Initialize watchdog before PNP Chen Yu <yu.c.chen(a)intel.com> ACPI / PM: Blacklist Low Power S0 Idle _DSM for ThinkPad X1 Tablet(2016) Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: use Read device to query hypervisor for MAC Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: fix request-side race during cmd IO timeout Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: fix MAC address update sequence Tobias Regnery <tobias.regnery(a)gmail.com> usb: typec: ucsi: fix tracepoint related build error Minchan Kim <minchan(a)kernel.org> mm: memcg: add __GFP_NOWARN in __memcg_schedule_kmem_cache_create() Dave Young <dyoung(a)redhat.com> kexec_file: do not add extra alignment to efi memmap Alexey Dobriyan <adobriyan(a)gmail.com> proc: fix /proc/loadavg regression Alexey Dobriyan <adobriyan(a)gmail.com> proc: revalidate kernel thread inodes to root:root Huang Ying <ying.huang(a)intel.com> mm, pagemap: fix swap offset value for PMD migration entry Colin Ian King <colin.king(a)canonical.com> scsi: isci: Fix infinite loop in while loop Long Li <longli(a)microsoft.com> scsi: storvsc: Set up correct queue depth values for IDE devices Baolin Wang <baolin.wang(a)linaro.org> parisc: time: Convert read_persistent_clock() to read_persistent_clock64() David Howells <dhowells(a)redhat.com> vfs: Undo an overly zealous MS_RDONLY -> SB_RDONLY conversion David Howells <dhowells(a)redhat.com> afs: Fix server record deletion dann frazier <dann.frazier(a)canonical.com> net: hns: Avoid action name truncation Jiang Biao <jiang.biao2(a)zte.com.cn> blkcg: init root blkcg_gq under lock Emil Velikov <emil.velikov(a)collabora.com> drm/msm: don't deref error pointer in the msm_fbdev_create error path Stefan Agner <stefan(a)agner.ch> drm/msm/dsi: use correct enum in dsi_get_cmd_fmt Ben Hutchings <ben.hutchings(a)codethink.co.uk> drm/msm: Fix possible null dereference on failure of get_pages() Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> ASoC: msm8916-wcd-analog: use threaded context for mbhc events Taehee Yoo <ap420073(a)gmail.com> netfilter: nf_tables: fix out-of-bounds in nft_chain_commit_update Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: NAT chain and extensions require NF_TABLES Ming Lei <ming.lei(a)redhat.com> scsi: target: fix crash with iscsi target and dvd Vinson Lee <vlee(a)freedesktop.org> scsi: megaraid_sas: Do not log an error if FW successfully initializes. Chris Leech <cleech(a)redhat.com> scsi: iscsi: respond to netlink with unicast when appropriate Srinath Mannam <srinath.mannam(a)broadcom.com> arm64: dts: correct SATA addresses for Stingray Tung Nguyen <tung.q.nguyen(a)dektech.com.au> tipc: fix infinite loop when dumping link monitor summary Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> ARM64: dts: meson-gxm-khadas-vim2: enable the USB controller Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> ARM64: dts: meson-gxl-nexbox-a95x: enable the USB controller Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> ARM64: dts: meson-gxl-s905x-libretech-cc: enable the USB controller Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> ARM64: dts: meson-gx-p23x-q20x: enable the USB controller Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> ARM64: dts: meson-gxl-s905x-p212: enable the USB controller Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> ARM64: dts: meson-gxm: add GXM specific USB host configuration Martin Blumenstingl <martin.blumenstingl(a)googlemail.com> ARM64: dts: meson-gxl: add USB host support Jiang Biao <jiang.biao2(a)zte.com.cn> blkcg: don't hold blkcg lock when deactivating policy sxauwsk <sxauwsk(a)163.com> spi: cadence: Add usleep_range() for cdns_spi_fill_tx_fifo() Liam Girdwood <liam.r.girdwood(a)linux.intel.com> ASoC: topology: Check widget kcontrols before deref. Mark Rutland <mark.rutland(a)arm.com> arm64: kasan: avoid pfn_to_nid() before page array is initialized Simon Gaiser <simon(a)invisiblethingslab.com> xen: xenbus_dev_frontend: Really return response string Andre Przywara <andre.przywara(a)arm.com> KVM: arm/arm64: vgic: Kick new VCPU on interrupt migration Petr Mladek <pmladek(a)suse.com> livepatch: Allow to call a custom callback when freeing shadow variables Petr Mladek <pmladek(a)suse.com> livepatch: Initialize shadow variables safely by a custom callback Yan Wang <yan.wang(a)linux.intel.com> ASoC: topology: Fix bugs of freeing soc topology Loic Poulain <loic.poulain(a)linaro.org> PCI: kirin: Fix reset gpio name Madhavan Srinivasan <maddy(a)linux.vnet.ibm.com> powerpc/64s: Default l1d_size to 64K in RFI fallback flush Geert Uytterhoeven <geert(a)linux-m68k.org> soc: bcm2835: Make !RASPBERRYPI_FIRMWARE dummies return failure Florian Fainelli <f.fainelli(a)gmail.com> soc: bcm: raspberrypi-power: Fix use of __packed Tyler Hicks <tyhicks(a)canonical.com> eCryptfs: don't pass up plaintext names when using filename encryption Tony Lindgren <tony(a)atomide.com> ARM: dts: Fix cm2 and prm sizes for omap4 oder_chiou(a)realtek.com <oder_chiou(a)realtek.com> ASoC: rt5514: Add the missing register in the readable table Jerome Brunet <jbrunet(a)baylibre.com> clk: honor CLK_MUX_ROUND_CLOSEST in generic clk mux Paolo Bonzini <pbonzini(a)redhat.com> kvm: x86: move MSR_IA32_TSC handling to x86.c KarimAllah Ahmed <karahmed(a)amazon.de> X86/KVM: Properly update 'tsc_offset' to represent the running guest Jacopo Mondi <jacopo+renesas(a)jmondi.org> dt-bindings: dmaengine: rcar-dmac: document R8A77965 support Jacopo Mondi <jacopo+renesas(a)jmondi.org> dt-bindings: serial: sh-sci: Add support for r8a77965 (H)SCIF Jacopo Mondi <jacopo+renesas(a)jmondi.org> dt-bindings: net: ravb: Add support for r8a77965 SoC Matheus Castello <matheus(a)castello.eng.br> dt-bindings: pinctrl: sunxi: Fix reference to driver Lukasz Majewski <lukma(a)denx.de> doc: Add vendor prefix for Kieback & Peter GmbH Vladimir Zapolskiy <vladimir_zapolskiy(a)mentor.com> spi: sh-msiof: Fix bit field overflow writes to TSCR/RSCR Matt Redfearn <matt.redfearn(a)mips.com> MIPS: dts: Boston: Fix PCI bus dtc warnings: Chengguang Xu <cgxu519(a)gmx.com> isofs: fix potential memory leak in mount option parsing Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390/smsgiucv: disable SMSG on module unload Sinan Kaya <okaya(a)codeaurora.org> MIPS: io: Add barrier after register read in readX() Amir Goldstein <amir73il(a)gmail.com> fsnotify: fix ignore mask logic in send_to_group() Arnaldo Carvalho de Melo <acme(a)redhat.com> perf report: Fix switching to another perf.data file Pieter Jansen van Vuuren <pieter.jansenvanvuuren(a)netronome.com> nfp: flower: split and limit cmsg skb lists Jakub Kicinski <jakub.kicinski(a)netronome.com> nfp: ignore signals when communicating with management FW Nathan Fontenot <nfont(a)linux.vnet.ibm.com> ibmvnic: Do not notify peers on parameter change resets Raghuram Chary J <raghuramchary.jallipalli(a)microchip.com> lan78xx: PHY DSP registers initialization to address EEE link drop issues with long cables Sinan Kaya <okaya(a)codeaurora.org> MIPS: io: Prevent compiler reordering writeX() Krish Sadhukhan <krish.sadhukhan(a)oracle.com> x86: Add check for APIC access address for vmentry of L2 guests Pierre-Louis Bossart <pierre-louis.bossart(a)linux.intel.com> ASoC: Intel: atom: fix ACPI/PCI Kconfig hu huajun <huhuajun(a)linux.alibaba.com> KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> Input: synaptics-rmi4 - fix an unchecked out of memory error path Anson Huang <Anson.Huang(a)nxp.com> clocksource/drivers/imx-tpm: Correct some registers operation flow ------------- Diffstat: .../bindings/display/panel/panel-common.txt | 2 +- .../devicetree/bindings/dma/renesas,rcar-dmac.txt | 1 + .../devicetree/bindings/net/renesas,ravb.txt | 1 + .../bindings/pinctrl/allwinner,sunxi-pinctrl.txt | 6 +- .../bindings/serial/amlogic,meson-uart.txt | 2 +- .../devicetree/bindings/serial/mvebu-uart.txt | 2 +- .../bindings/serial/renesas,sci-serial.txt | 2 + .../devicetree/bindings/vendor-prefixes.txt | 1 + Documentation/livepatch/shadow-vars.txt | 41 ++- Makefile | 4 +- arch/arm/boot/compressed/Makefile | 8 +- arch/arm/boot/compressed/head.S | 20 +- arch/arm/boot/dts/bcm-cygnus.dtsi | 2 +- arch/arm/boot/dts/da850.dtsi | 2 - arch/arm/boot/dts/dm8148-evm.dts | 2 +- arch/arm/boot/dts/dm8148-t410.dts | 2 +- arch/arm/boot/dts/dm8168-evm.dts | 2 +- arch/arm/boot/dts/dra62x-j5eco-evm.dts | 2 +- arch/arm/boot/dts/imx51-zii-rdu1.dts | 6 +- arch/arm/boot/dts/logicpd-som-lv.dtsi | 11 +- arch/arm/boot/dts/omap4.dtsi | 8 +- arch/arm/include/uapi/asm/siginfo.h | 13 - arch/arm/kernel/machine_kexec.c | 34 ++- arch/arm/mach-davinci/board-da830-evm.c | 9 +- arch/arm/mach-davinci/board-da850-evm.c | 9 +- arch/arm/mach-davinci/board-dm355-evm.c | 15 +- arch/arm/mach-davinci/board-dm644x-evm.c | 10 +- arch/arm/mach-davinci/board-dm646x-evm.c | 5 +- arch/arm/mach-davinci/board-omapl138-hawk.c | 10 +- arch/arm/mach-davinci/dm646x.c | 3 +- arch/arm/mach-keystone/pm_domain.c | 1 + arch/arm/mach-omap1/ams-delta-fiq.c | 28 +- arch/arm/mach-omap2/powerdomain.c | 4 +- arch/arm/vfp/vfpmodule.c | 2 +- .../arm64/boot/dts/amlogic/meson-gx-p23x-q20x.dtsi | 4 + .../dts/amlogic/meson-gxl-s905x-libretech-cc.dts | 12 + .../dts/amlogic/meson-gxl-s905x-nexbox-a95x.dts | 4 + .../boot/dts/amlogic/meson-gxl-s905x-p212.dtsi | 4 + arch/arm64/boot/dts/amlogic/meson-gxl.dtsi | 61 ++++ .../boot/dts/amlogic/meson-gxm-khadas-vim2.dts | 4 + arch/arm64/boot/dts/amlogic/meson-gxm.dtsi | 17 ++ .../boot/dts/broadcom/stingray/stingray-sata.dtsi | 80 ++--- arch/arm64/boot/dts/nvidia/tegra186-p3310.dtsi | 2 +- arch/arm64/boot/dts/socionext/uniphier-ld11.dtsi | 2 +- arch/arm64/boot/dts/socionext/uniphier-ld20.dtsi | 2 +- arch/arm64/boot/dts/socionext/uniphier-pxs3.dtsi | 2 +- arch/arm64/include/asm/cputype.h | 6 + arch/arm64/kernel/ptrace.c | 20 +- arch/arm64/kernel/traps.c | 3 +- arch/arm64/mm/kasan_init.c | 4 +- arch/hexagon/include/asm/io.h | 6 + arch/hexagon/lib/checksum.c | 1 + arch/mips/boot/dts/img/boston.dts | 6 + arch/mips/include/asm/io.h | 4 +- arch/parisc/kernel/drivers.c | 7 +- arch/parisc/kernel/smp.c | 3 +- arch/parisc/kernel/time.c | 2 +- arch/powerpc/include/asm/ftrace.h | 29 +- arch/powerpc/include/asm/topology.h | 13 +- arch/powerpc/kernel/setup_64.c | 11 + arch/powerpc/kvm/booke.c | 7 + arch/powerpc/platforms/cell/spufs/sched.c | 2 +- arch/powerpc/platforms/powernv/memtrace.c | 17 -- arch/riscv/Kconfig | 4 +- arch/riscv/kernel/vdso/Makefile | 2 +- arch/sh/Kconfig | 1 + arch/sh/kernel/cpu/sh2/probe.c | 4 + arch/sh/kernel/setup.c | 1 - arch/sh/mm/init.c | 68 +---- arch/sh/mm/numa.c | 19 -- arch/x86/events/intel/core.c | 9 +- arch/x86/include/asm/insn.h | 18 ++ arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kernel/cpu/intel.c | 3 + arch/x86/kernel/kexec-bzimage64.c | 5 +- arch/x86/kernel/kprobes/core.c | 4 + arch/x86/kernel/uprobes.c | 4 + arch/x86/kvm/hyperv.c | 2 +- arch/x86/kvm/svm.c | 31 +- arch/x86/kvm/vmx.c | 95 +++--- arch/x86/kvm/x86.c | 33 ++- arch/x86/net/bpf_jit_comp.c | 18 +- arch/x86/xen/enlighten_hvm.c | 13 + block/blk-cgroup.c | 22 +- block/blk-mq.c | 19 ++ block/blk-mq.h | 4 +- block/genhd.c | 12 + block/partition-generic.c | 10 +- drivers/acpi/acpi_watchdog.c | 59 +++- drivers/acpi/scan.c | 2 +- drivers/acpi/sleep.c | 13 + drivers/ata/ahci.c | 6 +- drivers/ata/ahci.h | 7 + drivers/ata/ahci_mvebu.c | 56 ++++ drivers/ata/ahci_qoriq.c | 2 +- drivers/ata/ahci_xgene.c | 4 +- drivers/ata/libahci.c | 20 +- drivers/ata/libata-eh.c | 4 +- drivers/ata/sata_highbank.c | 2 +- drivers/char/agp/uninorth-agp.c | 4 +- drivers/clk/clk-mux.c | 10 +- drivers/clk/clk.c | 7 +- drivers/clk/imx/clk-imx6ul.c | 2 +- drivers/clocksource/timer-imx-tpm.c | 8 +- drivers/cpufreq/Kconfig.arm | 10 - drivers/cpufreq/brcmstb-avs-cpufreq.c | 323 +-------------------- drivers/firmware/efi/libstub/arm64-stub.c | 10 + drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c | 6 +- drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 13 +- drivers/gpu/drm/drm_dumb_buffers.c | 7 +- drivers/gpu/drm/exynos/exynos_mixer.c | 22 +- drivers/gpu/drm/exynos/regs-mixer.h | 1 + drivers/gpu/drm/msm/dsi/dsi_host.c | 2 +- drivers/gpu/drm/msm/msm_fbdev.c | 11 +- drivers/gpu/drm/msm/msm_gem.c | 20 +- drivers/gpu/drm/omapdrm/dss/hdmi4.c | 2 +- drivers/gpu/drm/omapdrm/dss/hdmi4_core.c | 7 +- drivers/gpu/drm/omapdrm/dss/hdmi5.c | 2 +- drivers/gpu/drm/omapdrm/omap_connector.c | 10 + drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 6 +- drivers/gpu/drm/omapdrm/tcm-sita.c | 2 +- drivers/gpu/drm/vc4/vc4_dpi.c | 25 +- drivers/hid/Kconfig | 7 +- drivers/hid/hid-ids.h | 9 + drivers/hid/hid-lenovo.c | 36 +++ drivers/hid/i2c-hid/i2c-hid.c | 2 + drivers/hid/intel-ish-hid/ishtp/bus.c | 2 +- drivers/hid/wacom_sys.c | 4 +- drivers/i2c/busses/i2c-pmcmsp.c | 4 +- drivers/i2c/busses/i2c-sprd.c | 22 +- drivers/i2c/busses/i2c-viperboard.c | 2 +- drivers/infiniband/Kconfig | 5 +- drivers/infiniband/core/cma.c | 60 ++-- drivers/infiniband/core/iwpm_util.c | 5 +- drivers/infiniband/core/mad.c | 4 +- drivers/infiniband/core/uverbs_ioctl.c | 9 + drivers/infiniband/hw/hfi1/affinity.c | 11 +- drivers/infiniband/hw/hfi1/init.c | 41 ++- drivers/infiniband/hw/hfi1/platform.c | 1 + drivers/infiniband/hw/hfi1/qsfp.c | 2 + drivers/infiniband/hw/hns/hns_roce_hem.c | 8 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 11 +- drivers/infiniband/hw/mlx4/mr.c | 2 +- drivers/infiniband/hw/mlx5/main.c | 4 +- drivers/infiniband/sw/rxe/rxe_opcode.c | 2 +- drivers/infiniband/sw/rxe/rxe_req.c | 1 - drivers/infiniband/sw/rxe/rxe_resp.c | 6 +- drivers/infiniband/ulp/srp/Kconfig | 2 +- drivers/infiniband/ulp/srpt/Kconfig | 2 +- drivers/input/rmi4/rmi_spi.c | 7 +- drivers/input/touchscreen/atmel_mxt_ts.c | 186 +++++++----- drivers/iommu/dmar.c | 2 +- drivers/iommu/intel_irq_remapping.c | 2 +- drivers/mtd/onenand/omap2.c | 105 +++---- drivers/net/can/dev.c | 2 +- drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 3 + drivers/net/ethernet/aquantia/atlantic/aq_nic.h | 1 + .../net/ethernet/aquantia/atlantic/aq_pci_func.c | 20 +- drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 3 +- drivers/net/ethernet/hisilicon/hns/hnae.h | 2 +- drivers/net/ethernet/ibm/ibmvnic.c | 3 +- drivers/net/ethernet/intel/igb/igb_main.c | 17 +- drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 3 + drivers/net/ethernet/marvell/mvpp2.c | 15 +- drivers/net/ethernet/netronome/nfp/flower/cmsg.c | 38 ++- drivers/net/ethernet/netronome/nfp/flower/cmsg.h | 2 + drivers/net/ethernet/netronome/nfp/flower/main.c | 8 +- drivers/net/ethernet/netronome/nfp/flower/main.h | 8 +- drivers/net/ethernet/netronome/nfp/nfp_app_nic.c | 2 +- drivers/net/ethernet/netronome/nfp/nfp_main.h | 4 +- drivers/net/ethernet/netronome/nfp/nfp_net_main.c | 31 +- .../net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c | 3 +- drivers/net/ethernet/qlogic/qed/qed_l2.c | 6 +- drivers/net/ethernet/qlogic/qede/qede_rdma.c | 2 +- drivers/net/phy/broadcom.c | 10 + drivers/net/phy/marvell.c | 9 + drivers/net/phy/microchip.c | 178 +++++++++++- drivers/nvme/host/Kconfig | 2 +- drivers/nvme/host/core.c | 32 +- drivers/nvme/host/fabrics.c | 6 + drivers/nvme/host/multipath.c | 24 +- drivers/nvme/host/nvme.h | 12 + drivers/nvme/target/Kconfig | 2 +- drivers/pci/dwc/pcie-kirin.c | 2 +- drivers/pinctrl/intel/pinctrl-cherryview.c | 16 +- drivers/pinctrl/meson/pinctrl-meson-axg.c | 2 +- drivers/platform/x86/Kconfig | 2 +- drivers/remoteproc/qcom_q6v5_pil.c | 2 + drivers/reset/reset-uniphier.c | 6 +- drivers/rpmsg/rpmsg_char.c | 2 + drivers/s390/net/qeth_core_main.c | 53 ++-- drivers/s390/net/qeth_core_mpc.h | 12 + drivers/s390/net/qeth_l2_main.c | 59 ++-- drivers/s390/net/smsgiucv.c | 2 +- drivers/scsi/isci/port_config.c | 3 +- drivers/scsi/megaraid/megaraid_sas_fusion.c | 6 +- drivers/scsi/scsi_transport_iscsi.c | 29 +- drivers/scsi/storvsc_drv.c | 7 +- drivers/scsi/vmw_pvscsi.c | 2 +- drivers/soc/bcm/raspberrypi-power.c | 2 +- drivers/spi/spi-bcm2835aux.c | 5 + drivers/spi/spi-cadence.c | 8 + drivers/spi/spi-sh-msiof.c | 1 + drivers/target/target_core_pscsi.c | 2 + drivers/tee/tee_core.c | 11 + drivers/thermal/int340x_thermal/int3403_thermal.c | 3 +- drivers/usb/musb/musb_host.c | 5 +- drivers/usb/musb/musb_host.h | 7 +- drivers/usb/musb/musb_virthub.c | 25 +- drivers/usb/typec/tps6598x.c | 47 ++- drivers/usb/typec/ucsi/Makefile | 2 +- drivers/xen/xenbus/xenbus_dev_frontend.c | 3 +- fs/afs/addr_list.c | 25 +- fs/afs/callback.c | 56 +++- fs/afs/cmservice.c | 6 +- fs/afs/internal.h | 7 +- fs/afs/rotate.c | 20 +- fs/afs/rxrpc.c | 7 + fs/afs/server.c | 22 +- fs/afs/server_list.c | 7 +- fs/cifs/Kconfig | 2 +- fs/cifs/smb2ops.c | 6 + fs/cifs/smb2pdu.c | 68 +++-- fs/cifs/transport.c | 5 +- fs/ecryptfs/crypto.c | 41 ++- fs/ecryptfs/file.c | 21 +- fs/isofs/inode.c | 3 + fs/namespace.c | 2 +- fs/notify/fsnotify.c | 25 +- fs/ocfs2/refcounttree.c | 14 +- fs/proc/base.c | 6 + fs/proc/kcore.c | 23 +- fs/proc/loadavg.c | 2 +- fs/proc/task_mmu.c | 6 +- include/linux/brcmphy.h | 1 + include/linux/clk-provider.h | 3 + include/linux/ethtool.h | 2 + include/linux/genhd.h | 4 +- include/linux/kthread.h | 1 + include/linux/kvm_host.h | 8 +- include/linux/livepatch.h | 19 +- include/linux/microchipphy.h | 8 + include/linux/mtd/map.h | 2 +- include/linux/mtd/rawnand.h | 16 +- include/linux/percpu-rwsem.h | 6 +- include/linux/rwsem.h | 6 + include/linux/sched.h | 50 +++- include/linux/sched/signal.h | 2 +- include/linux/stringhash.h | 4 +- include/soc/bcm2835/raspberrypi-firmware.h | 4 +- init/main.c | 7 + kernel/bpf/syscall.c | 19 +- kernel/kthread.c | 50 ++-- kernel/livepatch/shadow.c | 108 ++++--- kernel/locking/rwsem-xadd.c | 19 +- kernel/locking/rwsem.c | 2 - kernel/locking/rwsem.h | 30 +- kernel/module.c | 5 + kernel/sched/core.c | 49 ++-- kernel/sched/deadline.c | 4 +- kernel/sched/rt.c | 2 - kernel/sched/sched.h | 5 +- kernel/signal.c | 17 +- kernel/stop_machine.c | 19 +- lib/find_bit_benchmark.c | 7 +- mm/memcontrol.c | 2 +- net/ipv6/ip6_vti.c | 4 +- net/ipv6/netfilter/Kconfig | 55 ++-- net/mac80211/agg-tx.c | 4 + net/mac80211/mlme.c | 25 +- net/mac80211/tx.c | 3 +- net/netfilter/nf_tables_api.c | 2 +- net/rds/ib_cm.c | 3 +- net/rxrpc/af_rxrpc.c | 2 +- net/rxrpc/ar-internal.h | 1 + net/rxrpc/input.c | 2 +- net/rxrpc/local_object.c | 57 +++- net/rxrpc/output.c | 11 + net/rxrpc/sendmsg.c | 10 + net/sched/act_skbedit.c | 3 +- net/smc/af_smc.c | 6 +- net/sunrpc/xprtrdma/fmr_ops.c | 5 +- net/sunrpc/xprtrdma/frwr_ops.c | 9 +- net/sunrpc/xprtrdma/verbs.c | 5 + net/sunrpc/xprtrdma/xprt_rdma.h | 2 +- net/tipc/monitor.c | 2 +- net/tipc/node.c | 28 +- samples/livepatch/livepatch-shadow-fix1.c | 43 ++- samples/livepatch/livepatch-shadow-fix2.c | 33 ++- scripts/Makefile.gcc-plugins | 2 +- sound/soc/codecs/msm8916-wcd-analog.c | 9 +- sound/soc/codecs/rt5514.c | 3 + sound/soc/intel/Kconfig | 22 +- sound/soc/soc-topology.c | 6 +- tools/bpf/bpf_dbg.c | 7 +- tools/objtool/arch/x86/include/asm/insn.h | 18 ++ tools/perf/util/cs-etm.c | 24 +- tools/perf/util/pmu.c | 20 +- tools/perf/util/symbol.c | 8 +- .../inter-event/trigger-multi-actions-accept.tc | 44 +++ tools/testing/selftests/x86/Makefile | 2 +- tools/testing/selftests/x86/mov_ss_trap.c | 285 ++++++++++++++++++ tools/testing/selftests/x86/mpx-mini-test.c | 7 +- tools/testing/selftests/x86/pkey-helpers.h | 20 +- tools/testing/selftests/x86/protection_keys.c | 254 +++++++++++----- virt/kvm/arm/vgic/vgic-mmio-v2.c | 5 + virt/kvm/arm/vgic/vgic.c | 8 + 308 files changed, 3213 insertions(+), 1735 deletions(-)

7 years, 4 months

8
273
0 0

[PATCH 1/6] ext4: sysfs: print ext4_super_block fields as little-endian

by Arnd Bergmann

While working on extended rand for last_error/first_error timestamps, I noticed that the endianess is wrong, we access the little-endian fields in struct ext4_super_block as native-endian when we print them. This adds a special case in ext4_attr_show() and ext4_attr_store() to byteswap the superblock fields if needed. In older kernels, this code was part of super.c, it got moved to sysfs.c in linux-4.4. Cc: stable(a)vger.kernel.org Fixes: 52c198c6820f ("ext4: add sysfs entry showing whether the fs contains errors") Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> --- fs/ext4/sysfs.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/fs/ext4/sysfs.c b/fs/ext4/sysfs.c index f34da0bb8f17..b970a200f20c 100644 --- a/fs/ext4/sysfs.c +++ b/fs/ext4/sysfs.c @@ -274,8 +274,12 @@ static ssize_t ext4_attr_show(struct kobject *kobj, case attr_pointer_ui: if (!ptr) return 0; - return snprintf(buf, PAGE_SIZE, "%u\n", - *((unsigned int *) ptr)); + if (a->attr_ptr == ptr_ext4_super_block_offset) + return snprintf(buf, PAGE_SIZE, "%u\n", + le32_to_cpup(ptr)); + else + return snprintf(buf, PAGE_SIZE, "%u\n", + *((unsigned int *) ptr)); case attr_pointer_atomic: if (!ptr) return 0; @@ -308,7 +312,10 @@ static ssize_t ext4_attr_store(struct kobject *kobj, ret = kstrtoul(skip_spaces(buf), 0, &t); if (ret) return ret; - *((unsigned int *) ptr) = t; + if (a->attr_ptr == ptr_ext4_super_block_offset) + *((__le32 *) ptr) = cpu_to_le32(t); + else + *((unsigned int *) ptr) = t; return len; case attr_inode_readahead: return inode_readahead_blks_store(sbi, buf, len); -- 2.9.0

7 years, 4 months

2
2
0 0

[tip:x86/pti] x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec()

by tip-bot for Dan Williams

Commit-ID: eab6870fee877258122a042bfd99ee7908c40280 Gitweb: https://git.kernel.org/tip/eab6870fee877258122a042bfd99ee7908c40280 Author: Dan Williams <dan.j.williams(a)intel.com> AuthorDate: Thu, 7 Jun 2018 09:13:48 -0700 Committer: Ingo Molnar <mingo(a)kernel.org> CommitDate: Thu, 21 Jun 2018 16:00:21 +0200 x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec() Mark Rutland noticed that GCC optimization passes have the potential to elide necessary invocations of the array_index_mask_nospec() instruction sequence, so mark the asm() volatile. Mark explains: "The volatile will inhibit *some* cases where the compiler could lift the array_index_nospec() call out of a branch, e.g. where there are multiple invocations of array_index_nospec() with the same arguments: if (idx < foo) { idx1 = array_idx_nospec(idx, foo) do_something(idx1); } < some other code > if (idx < foo) { idx2 = array_idx_nospec(idx, foo); do_something_else(idx2); } ... since the compiler can determine that the two invocations yield the same result, and reuse the first result (likely the same register as idx was in originally) for the second branch, effectively re-writing the above as: if (idx < foo) { idx = array_idx_nospec(idx, foo); do_something(idx); } < some other code > if (idx < foo) { do_something_else(idx); } ... if we don't take the first branch, then speculatively take the second, we lose the nospec protection. There's more info on volatile asm in the GCC docs: https://gcc.gnu.org/onlinedocs/gcc/Extended-Asm.html#Volatile " Reported-by: Mark Rutland <mark.rutland(a)arm.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> Acked-by: Mark Rutland <mark.rutland(a)arm.com> Acked-by: Thomas Gleixner <tglx(a)linutronix.de> Acked-by: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: <stable(a)vger.kernel.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Fixes: babdde2698d4 ("x86: Implement array_index_mask_nospec") Link: https://lkml.kernel.org/lkml/152838798950.14521.4893346294059739135.stgit@d… Signed-off-by: Ingo Molnar <mingo(a)kernel.org> --- arch/x86/include/asm/barrier.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/include/asm/barrier.h b/arch/x86/include/asm/barrier.h index 042b5e892ed1..14de0432d288 100644 --- a/arch/x86/include/asm/barrier.h +++ b/arch/x86/include/asm/barrier.h @@ -38,7 +38,7 @@ static inline unsigned long array_index_mask_nospec(unsigned long index, { unsigned long mask; - asm ("cmp %1,%2; sbb %0,%0;" + asm volatile ("cmp %1,%2; sbb %0,%0;" :"=r" (mask) :"g"(size),"r" (index) :"cc");

7 years, 4 months

1
0
0 0

[PATCH 2/3] usb: typec: ucsi: acpi: Workaround for cache mode issue

by Heikki Krogerus

This fixes an issue where the driver fails with an error: ioremap error for 0x3f799000-0x3f79a000, requested 0x2, got 0x0 On some platforms the UCSI ACPI mailbox SystemMemory Operation Region may be setup before the driver has been loaded. That will lead into the driver failing to map the mailbox region, as it has been already marked as write-back memory. acpi_os_ioremap() for x86 uses ioremap_cache() unconditionally. When the issue happens, the embedded controller has a pending query event for the UCSI notification right after boot-up which causes the operation region to be setup before UCSI driver has been loaded. The fix is to notify acpi core that the driver is about to access memory region which potentially overlaps with an operation region right before mapping it. acpi_release_memory() will check if the memory has already been setup (mapped) by acpi core, and deactivate it (unmap) if it has. The driver is then able to map the memory with ioremap_nocache() and set the memtype to uncached for the region. Reported-by: Paul Menzel <pmenzel(a)molgen.mpg.de> Fixes: 8243edf44152 ("usb: typec: ucsi: Add ACPI driver") Cc: stable(a)vger.kernel.org Signed-off-by: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> --- drivers/usb/typec/ucsi/ucsi_acpi.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/usb/typec/ucsi/ucsi_acpi.c b/drivers/usb/typec/ucsi/ucsi_acpi.c index 44eb4e1ea817..a18112a83fae 100644 --- a/drivers/usb/typec/ucsi/ucsi_acpi.c +++ b/drivers/usb/typec/ucsi/ucsi_acpi.c @@ -79,6 +79,11 @@ static int ucsi_acpi_probe(struct platform_device *pdev) return -ENODEV; } + /* This will make sure we can use ioremap_nocache() */ + status = acpi_release_memory(ACPI_HANDLE(&pdev->dev), res, 1); + if (ACPI_FAILURE(status)) + return -ENOMEM; + /* * NOTE: The memory region for the data structures is used also in an * operation region, which means ACPI has already reserved it. Therefore -- 2.17.1

7 years, 4 months

1
0
0 0

[PATCH 1/3] acpi: Add helper for deactivating memory region

by Heikki Krogerus

Sometimes memory resource may be overlapping with SystemMemory Operation Region by design, for example if the memory region is used as a mailbox for communication with a firmware in the system. One occasion of such mailboxes is USB Type-C Connector System Software Interface (UCSI). With regions like that, it is important that the driver is able to map the memory with the requirements it has. For example, the driver should be allowed to map the memory as non-cached memory. However, if the operation region has been accessed before the driver has mapped the memory, the memory has been marked as write-back by the time the driver is loaded. That means the driver will fail to map the memory if it expects non-cached memory. To work around the problem, introducing helper that the drivers can use to temporarily deactivate (unmap) SystemMemory Operation Regions that overlap with their IO memory. Fixes: 8243edf44152 ("usb: typec: ucsi: Add ACPI driver") Cc: stable(a)vger.kernel.org Reviewed-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Signed-off-by: Heikki Krogerus <heikki.krogerus(a)linux.intel.com> --- drivers/acpi/osl.c | 72 ++++++++++++++++++++++++++++++++++++++++++++ include/linux/acpi.h | 3 ++ 2 files changed, 75 insertions(+) diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c index 7ca41bf023c9..8df9abfa947b 100644 --- a/drivers/acpi/osl.c +++ b/drivers/acpi/osl.c @@ -45,6 +45,8 @@ #include <linux/uaccess.h> #include <linux/io-64-nonatomic-lo-hi.h> +#include "acpica/accommon.h" +#include "acpica/acnamesp.h" #include "internal.h" #define _COMPONENT ACPI_OS_SERVICES @@ -1490,6 +1492,76 @@ int acpi_check_region(resource_size_t start, resource_size_t n, } EXPORT_SYMBOL(acpi_check_region); +static acpi_status acpi_deactivate_mem_region(acpi_handle handle, u32 level, + void *_res, void **return_value) +{ + struct acpi_mem_space_context **mem_ctx; + union acpi_operand_object *handler_obj; + union acpi_operand_object *region_obj2; + union acpi_operand_object *region_obj; + struct resource *res = _res; + acpi_status status; + + region_obj = acpi_ns_get_attached_object(handle); + if (!region_obj) + return AE_OK; + + handler_obj = region_obj->region.handler; + if (!handler_obj) + return AE_OK; + + if (region_obj->region.space_id != ACPI_ADR_SPACE_SYSTEM_MEMORY) + return AE_OK; + + if (!(region_obj->region.flags & AOPOBJ_SETUP_COMPLETE)) + return AE_OK; + + region_obj2 = acpi_ns_get_secondary_object(region_obj); + if (!region_obj2) + return AE_OK; + + mem_ctx = (void *)&region_obj2->extra.region_context; + + if (!(mem_ctx[0]->address >= res->start && + mem_ctx[0]->address < res->end)) + return AE_OK; + + status = handler_obj->address_space.setup(region_obj, + ACPI_REGION_DEACTIVATE, + NULL, (void **)mem_ctx); + if (ACPI_SUCCESS(status)) + region_obj->region.flags &= ~(AOPOBJ_SETUP_COMPLETE); + + return status; +} + +/** + * acpi_release_memory - Release any mappings done to a memory region + * @handle: Handle to namespace node + * @res: Memory resource + * @level: A level that terminates the search + * + * Walks through @handle and unmaps all SystemMemory Operation Regions that + * overlap with @res and that have already been activated (mapped). + * + * This is a helper that allows drivers to place special requirements on memory + * region that may overlap with operation regions, primarily allowing them to + * safely map the region as non-cached memory. + * + * The unmapped Operation Regions will be automatically remapped next time they + * are called, so the drivers do not need to do anything else. + */ +acpi_status acpi_release_memory(acpi_handle handle, struct resource *res, + u32 level) +{ + if (!(res->flags & IORESOURCE_MEM)) + return AE_TYPE; + + return acpi_walk_namespace(ACPI_TYPE_REGION, handle, level, + acpi_deactivate_mem_region, NULL, res, NULL); +} +EXPORT_SYMBOL_GPL(acpi_release_memory); + /* * Let drivers know whether the resource checks are effective */ diff --git a/include/linux/acpi.h b/include/linux/acpi.h index 4b35a66383f9..e54f40974eb0 100644 --- a/include/linux/acpi.h +++ b/include/linux/acpi.h @@ -443,6 +443,9 @@ int acpi_check_resource_conflict(const struct resource *res); int acpi_check_region(resource_size_t start, resource_size_t n, const char *name); +acpi_status acpi_release_memory(acpi_handle handle, struct resource *res, + u32 level); + int acpi_resources_are_enforced(void); #ifdef CONFIG_HIBERNATION -- 2.17.1

7 years, 4 months

1
0
0 0

[PATCH RESEND] softirq: reorder trace_softirqs_on to prevent lockdep splat

by Joel Fernandes

From: "Joel Fernandes (Google)" <joel(a)joelfernandes.org> I'm able to reproduce a lockdep splat with config options: CONFIG_PROVE_LOCKING=y, CONFIG_DEBUG_LOCK_ALLOC=y and CONFIG_PREEMPTIRQ_EVENTS=y $ echo 1 > /d/tracing/events/preemptirq/preempt_enable/enable [ 26.112609] DEBUG_LOCKS_WARN_ON(current->softirqs_enabled) [ 26.112636] WARNING: CPU: 0 PID: 118 at kernel/locking/lockdep.c:3854 [...] [ 26.144229] Call Trace: [ 26.144926] <IRQ> [ 26.145506] lock_acquire+0x55/0x1b0 [ 26.146499] ? __do_softirq+0x46f/0x4d9 [ 26.147571] ? __do_softirq+0x46f/0x4d9 [ 26.148646] trace_preempt_on+0x8f/0x240 [ 26.149744] ? trace_preempt_on+0x4d/0x240 [ 26.150862] ? __do_softirq+0x46f/0x4d9 [ 26.151930] preempt_count_sub+0x18a/0x1a0 [ 26.152985] __do_softirq+0x46f/0x4d9 [ 26.153937] irq_exit+0x68/0xe0 [ 26.154755] smp_apic_timer_interrupt+0x271/0x280 [ 26.156056] apic_timer_interrupt+0xf/0x20 [ 26.157105] </IRQ> The issue was this: preempt_count = 1 << SOFTIRQ_SHIFT __local_bh_enable(cnt = 1 << SOFTIRQ_SHIFT) { if (softirq_count() == (cnt && SOFTIRQ_MASK)) { trace_softirqs_on() { current->softirqs_enabled = 1; } } preempt_count_sub(cnt) { trace_preempt_on() { tracepoint() { rcu_read_lock_sched() { // jumps into lockdep Where preempt_count still has softirqs disabled, but current->softirqs_enabled is true, and we get a splat. Cc: Steven Rostedt <rostedt(a)goodmis.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Namhyung Kim <namhyung(a)kernel.org> Cc: Thomas Glexiner <tglx(a)linutronix.de> Cc: Boqun Feng <boqun.feng(a)gmail.com> Cc: Paul McKenney <paulmck(a)linux.vnet.ibm.com> Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Todd Kjos <tkjos(a)google.com> Cc: Erick Reyes <erickreyes(a)google.com> Cc: Julia Cartwright <julia(a)ni.com> Cc: Byungchul Park <byungchul.park(a)lge.com> Cc: stable(a)vger.kernel.org Reviewed-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> Fixes: d59158162e032 ("tracing: Add support for preempt and irq enable/disable events") Signed-off-by: Joel Fernandes (Google) <joel(a)joelfernandes.org> --- kernel/softirq.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/kernel/softirq.c b/kernel/softirq.c index 177de3640c78..8a040bcaa033 100644 --- a/kernel/softirq.c +++ b/kernel/softirq.c @@ -139,9 +139,13 @@ static void __local_bh_enable(unsigned int cnt) { lockdep_assert_irqs_disabled(); + if (preempt_count() == cnt) + trace_preempt_on(CALLER_ADDR0, get_lock_parent_ip()); + if (softirq_count() == (cnt & SOFTIRQ_MASK)) trace_softirqs_on(_RET_IP_); - preempt_count_sub(cnt); + + __preempt_count_sub(cnt); } /* -- 2.17.1.1185.g55be947832-goog

7 years, 4 months

3
2
0 0

[PATCH 2/5] xhci: Fix kernel oops in trace_xhci_free_virt_device

by Mathias Nyman

From: Zhengjun Xing <zhengjun.xing(a)linux.intel.com> commit 44a182b9d177 ("xhci: Fix use-after-free in xhci_free_virt_device") set dev->udev pointer to NULL in xhci_free_dev(), it will cause kernel panic in trace_xhci_free_virt_device. This patch reimplement the trace function trace_xhci_free_virt_device, remove dev->udev dereference and added more useful parameters to show in the trace function,it also makes sure dev->udev is not NULL before calling trace_xhci_free_virt_device. This issue happened when xhci-hcd trace is enabled and USB devices hot plug test. Original use-after-free patch went to stable so this needs so be applied there as well. [ 1092.022457] usb 2-4: USB disconnect, device number 6 [ 1092.092772] BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 [ 1092.101694] PGD 0 P4D 0 [ 1092.104601] Oops: 0000 [#1] SMP [ 1092.207734] Workqueue: usb_hub_wq hub_event [ 1092.212507] RIP: 0010:trace_event_raw_event_xhci_log_virt_dev+0x6c/0xf0 [ 1092.220050] RSP: 0018:ffff8c252e883d28 EFLAGS: 00010086 [ 1092.226024] RAX: ffff8c24af86fa84 RBX: 0000000000000003 RCX: ffff8c25255c2a01 [ 1092.234130] RDX: 0000000000000000 RSI: 00000000aef55009 RDI: ffff8c252e883d28 [ 1092.242242] RBP: ffff8c252550e2c0 R08: ffff8c24af86fa84 R09: 0000000000000a70 [ 1092.250364] R10: 0000000000000a70 R11: 0000000000000000 R12: ffff8c251f21a000 [ 1092.258468] R13: 000000000000000c R14: ffff8c251f21a000 R15: ffff8c251f432f60 [ 1092.266572] FS: 0000000000000000(0000) GS:ffff8c252e880000(0000) knlGS:0000000000000000 [ 1092.275757] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1092.282281] CR2: 0000000000000000 CR3: 0000000154209001 CR4: 00000000003606e0 [ 1092.290384] Call Trace: [ 1092.293156] <IRQ> [ 1092.295439] xhci_free_virt_device.part.34+0x182/0x1a0 [ 1092.301288] handle_cmd_completion+0x7ac/0xfa0 [ 1092.306336] ? trace_event_raw_event_xhci_log_trb+0x6e/0xa0 [ 1092.312661] xhci_irq+0x3e8/0x1f60 [ 1092.316524] __handle_irq_event_percpu+0x75/0x180 [ 1092.321876] handle_irq_event_percpu+0x20/0x50 [ 1092.326922] handle_irq_event+0x36/0x60 [ 1092.331273] handle_edge_irq+0x6d/0x180 [ 1092.335644] handle_irq+0x16/0x20 [ 1092.339417] do_IRQ+0x41/0xc0 [ 1092.342782] common_interrupt+0xf/0xf [ 1092.346955] </IRQ> Fixes: 44a182b9d177 ("xhci: Fix use-after-free in xhci_free_virt_device") Cc: <stable(a)vger.kernel.org> Signed-off-by: Zhengjun Xing <zhengjun.xing(a)linux.intel.com> Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> --- drivers/usb/host/xhci-mem.c | 4 ++-- drivers/usb/host/xhci-trace.h | 36 +++++++++++++++++++++++++++++++----- 2 files changed, 33 insertions(+), 7 deletions(-) diff --git a/drivers/usb/host/xhci-mem.c b/drivers/usb/host/xhci-mem.c index acbd3d7..8a62eee 100644 --- a/drivers/usb/host/xhci-mem.c +++ b/drivers/usb/host/xhci-mem.c @@ -886,12 +886,12 @@ void xhci_free_virt_device(struct xhci_hcd *xhci, int slot_id) dev = xhci->devs[slot_id]; - trace_xhci_free_virt_device(dev); - xhci->dcbaa->dev_context_ptrs[slot_id] = 0; if (!dev) return; + trace_xhci_free_virt_device(dev); + if (dev->tt_info) old_active_eps = dev->tt_info->active_eps; diff --git a/drivers/usb/host/xhci-trace.h b/drivers/usb/host/xhci-trace.h index 410544f..88b4274 100644 --- a/drivers/usb/host/xhci-trace.h +++ b/drivers/usb/host/xhci-trace.h @@ -171,6 +171,37 @@ DEFINE_EVENT(xhci_log_trb, xhci_dbc_gadget_ep_queue, TP_ARGS(ring, trb) ); +DECLARE_EVENT_CLASS(xhci_log_free_virt_dev, + TP_PROTO(struct xhci_virt_device *vdev), + TP_ARGS(vdev), + TP_STRUCT__entry( + __field(void *, vdev) + __field(unsigned long long, out_ctx) + __field(unsigned long long, in_ctx) + __field(u8, fake_port) + __field(u8, real_port) + __field(u16, current_mel) + + ), + TP_fast_assign( + __entry->vdev = vdev; + __entry->in_ctx = (unsigned long long) vdev->in_ctx->dma; + __entry->out_ctx = (unsigned long long) vdev->out_ctx->dma; + __entry->fake_port = (u8) vdev->fake_port; + __entry->real_port = (u8) vdev->real_port; + __entry->current_mel = (u16) vdev->current_mel; + ), + TP_printk("vdev %p ctx %llx | %llx fake_port %d real_port %d current_mel %d", + __entry->vdev, __entry->in_ctx, __entry->out_ctx, + __entry->fake_port, __entry->real_port, __entry->current_mel + ) +); + +DEFINE_EVENT(xhci_log_free_virt_dev, xhci_free_virt_device, + TP_PROTO(struct xhci_virt_device *vdev), + TP_ARGS(vdev) +); + DECLARE_EVENT_CLASS(xhci_log_virt_dev, TP_PROTO(struct xhci_virt_device *vdev), TP_ARGS(vdev), @@ -208,11 +239,6 @@ DEFINE_EVENT(xhci_log_virt_dev, xhci_alloc_virt_device, TP_ARGS(vdev) ); -DEFINE_EVENT(xhci_log_virt_dev, xhci_free_virt_device, - TP_PROTO(struct xhci_virt_device *vdev), - TP_ARGS(vdev) -); - DEFINE_EVENT(xhci_log_virt_dev, xhci_setup_device, TP_PROTO(struct xhci_virt_device *vdev), TP_ARGS(vdev) -- 2.7.4

7 years, 4 months

1
0
0 0

Re: BUG: jumbo frames broken after commit xen-netfront: Fix race between device setup and open

by Javier Martinez Canillas

Hi Andrew, On Wed, Jun 6, 2018 at 6:29 PM, Andrew Jeddeloh <andrew.jeddeloh(a)redhat.com> wrote: > Hi all, > > The patch "xen-netfront: Fix race between device setup and open" seems > to have introduced a regression preventing setting MTU's larger than > 1500. We experienced this downstream with Container Linux and > confirmed with Fedora 28 as well. > > It's commit f599c64fdf7d9c108e8717fb04bc41c680120da4 in the linux-stable tree. > https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/com… > > Downstream bugs: > https://github.com/coreos/bugs/issues/2443 > https://bugzilla.redhat.com/show_bug.cgi?id=1584216 > > We've confirmed that reverting that commit fixes the bug. It be > reliably can be reproduced on AWS with t2.micro instances (and > presumably other systems using the same driver). Both using > systemd-networkd to set the mtu and manual ip link commands cause the > link to repsond with "Invalid argument" when trying to set the MTU > > 1500. > > I'm not sure why that commit introduced the regression. > > Please let me know if there's any more information that would be helpful. > > - Andrew I'm adding some relevant people to the CC list to bring more attention on this regression. The get_maintainer.pl script is very useful to get some hints on who should be copied, i.e: $ ./scripts/get_maintainer.pl -f drivers/net/xen-netfront.c Best regards, Javier

7 years, 4 months

3
2
0 0

[PATCH] x86/xen: add call of speculative_store_bypass_ht_init() to pv paths

by Juergen Gross

Commit 1f50ddb4f4189243c05926b842dc1a0332195f31 ("x86/speculation: Handle HT correctly on AMD") added speculative_store_bypass_ht_init() to the per-cpu initialization sequence. speculative_store_bypass_ht_init() needs to be called on each cpu for pv guests, too. Reported-by: Brian Woods <brian.woods(a)amd.com> Fixes: 1f50ddb4f4189243c05926b842dc1a0332195f31 ("x86/speculation: Handle HT correctly on AMD") Cc: <stable(a)vger.kernel.org> Signed-off-by: Juergen Gross <jgross(a)suse.com> Tested-by: Brian Woods <brian.woods(a)amd.com> --- arch/x86/xen/smp_pv.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/x86/xen/smp_pv.c b/arch/x86/xen/smp_pv.c index 2e20ae2fa2d6..e3b18ad49889 100644 --- a/arch/x86/xen/smp_pv.c +++ b/arch/x86/xen/smp_pv.c @@ -32,6 +32,7 @@ #include <xen/interface/vcpu.h> #include <xen/interface/xenpmu.h> +#include <asm/spec-ctrl.h> #include <asm/xen/interface.h> #include <asm/xen/hypercall.h> @@ -70,6 +71,8 @@ static void cpu_bringup(void) cpu_data(cpu).x86_max_cores = 1; set_cpu_sibling_map(cpu); + speculative_store_bypass_ht_init(); + xen_setup_cpu_clockevents(); notify_cpu_starting(cpu); @@ -250,6 +253,8 @@ static void __init xen_pv_smp_prepare_cpus(unsigned int max_cpus) } set_cpu_sibling_map(0); + speculative_store_bypass_ht_init(); + xen_pmu_init(0); if (xen_smp_intr_init(0) || xen_smp_intr_init_pv(0)) -- 2.13.7

7 years, 4 months

2
1
0 0

Re: [PATCH v2 1/2] sched/fair: Fix bandwidth timer clock drift condition

by Xunlei Pang

On 6/21/18 1:01 AM, bsegall(a)google.com wrote: > Xunlei Pang <xlpang(a)linux.alibaba.com> writes: > >> I noticed the group constantly got throttled even it consumed >> low cpu usage, this caused some jitters on the response time >> to some of our business containers enabling cpu quota. >> >> It's very simple to reproduce: >> mkdir /sys/fs/cgroup/cpu/test >> cd /sys/fs/cgroup/cpu/test >> echo 100000 > cpu.cfs_quota_us >> echo $$ > tasks >> then repeat: >> cat cpu.stat |grep nr_throttled // nr_throttled will increase >> >> After some analysis, we found that cfs_rq::runtime_remaining will >> be cleared by expire_cfs_rq_runtime() due to two equal but stale >> "cfs_{b|q}->runtime_expires" after period timer is re-armed. >> >> The current condition to judge clock drift in expire_cfs_rq_runtime() >> is wrong, the two runtime_expires are actually the same when clock >> drift happens, so this condtion can never hit. The orginal design was >> correctly done by commit a9cf55b28610 ("sched: Expire invalid runtime"), >> but was changed to be the current one due to its locking issue. >> >> This patch introduces another way, it adds a new field in both structures >> cfs_rq and cfs_bandwidth to record the expiration update sequence, and >> use them to figure out if clock drift happens(true if they equal). >> >> Fixes: 51f2176d74ac ("sched/fair: Fix unlocked reads of some cfs_b->quota/period") >> Cc: Ben Segall <bsegall(a)google.com> > > Reviewed-By: Ben Segall <bsegall(a)google.com> Thanks Ben :-) Hi Peter, could you please have a look at them? Cc stable(a)vger.kernel.org > >> Signed-off-by: Xunlei Pang <xlpang(a)linux.alibaba.com> >> --- >> kernel/sched/fair.c | 14 ++++++++------ >> kernel/sched/sched.h | 6 ++++-- >> 2 files changed, 12 insertions(+), 8 deletions(-) >> >> diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c >> index e497c05aab7f..e6bb68d52962 100644 >> --- a/kernel/sched/fair.c >> +++ b/kernel/sched/fair.c >> @@ -4590,6 +4590,7 @@ void __refill_cfs_bandwidth_runtime(struct cfs_bandwidth *cfs_b) >> now = sched_clock_cpu(smp_processor_id()); >> cfs_b->runtime = cfs_b->quota; >> cfs_b->runtime_expires = now + ktime_to_ns(cfs_b->period); >> + cfs_b->expires_seq++; >> } >> >> static inline struct cfs_bandwidth *tg_cfs_bandwidth(struct task_group *tg) >> @@ -4612,6 +4613,7 @@ static int assign_cfs_rq_runtime(struct cfs_rq *cfs_rq) >> struct task_group *tg = cfs_rq->tg; >> struct cfs_bandwidth *cfs_b = tg_cfs_bandwidth(tg); >> u64 amount = 0, min_amount, expires; >> + int expires_seq; >> >> /* note: this is a positive sum as runtime_remaining <= 0 */ >> min_amount = sched_cfs_bandwidth_slice() - cfs_rq->runtime_remaining; >> @@ -4628,6 +4630,7 @@ static int assign_cfs_rq_runtime(struct cfs_rq *cfs_rq) >> cfs_b->idle = 0; >> } >> } >> + expires_seq = cfs_b->expires_seq; >> expires = cfs_b->runtime_expires; >> raw_spin_unlock(&cfs_b->lock); >> >> @@ -4637,8 +4640,10 @@ static int assign_cfs_rq_runtime(struct cfs_rq *cfs_rq) >> * spread between our sched_clock and the one on which runtime was >> * issued. >> */ >> - if ((s64)(expires - cfs_rq->runtime_expires) > 0) >> + if (cfs_rq->expires_seq != expires_seq) { >> + cfs_rq->expires_seq = expires_seq; >> cfs_rq->runtime_expires = expires; >> + } >> >> return cfs_rq->runtime_remaining > 0; >> } >> @@ -4664,12 +4669,9 @@ static void expire_cfs_rq_runtime(struct cfs_rq *cfs_rq) >> * has not truly expired. >> * >> * Fortunately we can check determine whether this the case by checking >> - * whether the global deadline has advanced. It is valid to compare >> - * cfs_b->runtime_expires without any locks since we only care about >> - * exact equality, so a partial write will still work. >> + * whether the global deadline(cfs_b->expires_seq) has advanced. >> */ >> - >> - if (cfs_rq->runtime_expires != cfs_b->runtime_expires) { >> + if (cfs_rq->expires_seq == cfs_b->expires_seq) { >> /* extend local deadline, drift is bounded above by 2 ticks */ >> cfs_rq->runtime_expires += TICK_NSEC; >> } else { >> diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h >> index 6601baf2361c..e977e04f8daf 100644 >> --- a/kernel/sched/sched.h >> +++ b/kernel/sched/sched.h >> @@ -334,9 +334,10 @@ struct cfs_bandwidth { >> u64 runtime; >> s64 hierarchical_quota; >> u64 runtime_expires; >> + int expires_seq; >> >> - int idle; >> - int period_active; >> + short idle; >> + short period_active; >> struct hrtimer period_timer; >> struct hrtimer slack_timer; >> struct list_head throttled_cfs_rq; >> @@ -551,6 +552,7 @@ struct cfs_rq { >> >> #ifdef CONFIG_CFS_BANDWIDTH >> int runtime_enabled; >> + int expires_seq; >> u64 runtime_expires; >> s64 runtime_remaining;

7 years, 4 months

2
2
0 0

[tip:x86/urgent] x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths

by tip-bot for Juergen Gross

Commit-ID: 74899d92e66663dc7671a8017b3146dcd4735f3b Gitweb: https://git.kernel.org/tip/74899d92e66663dc7671a8017b3146dcd4735f3b Author: Juergen Gross <jgross(a)suse.com> AuthorDate: Thu, 21 Jun 2018 10:43:31 +0200 Committer: Ingo Molnar <mingo(a)kernel.org> CommitDate: Thu, 21 Jun 2018 10:55:52 +0200 x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths Commit: 1f50ddb4f418 ("x86/speculation: Handle HT correctly on AMD") ... added speculative_store_bypass_ht_init() to the per-CPU initialization sequence. speculative_store_bypass_ht_init() needs to be called on each CPU for PV guests, too. Reported-by: Brian Woods <brian.woods(a)amd.com> Tested-by: Brian Woods <brian.woods(a)amd.com> Signed-off-by: Juergen Gross <jgross(a)suse.com> Cc: <stable(a)vger.kernel.org> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: boris.ostrovsky(a)oracle.com Cc: xen-devel(a)lists.xenproject.org Fixes: 1f50ddb4f4189243c05926b842dc1a0332195f31 ("x86/speculation: Handle HT correctly on AMD") Link: https://lore.kernel.org/lkml/20180621084331.21228-1-jgross@suse.com Signed-off-by: Ingo Molnar <mingo(a)kernel.org> --- arch/x86/xen/smp_pv.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/arch/x86/xen/smp_pv.c b/arch/x86/xen/smp_pv.c index 2e20ae2fa2d6..e3b18ad49889 100644 --- a/arch/x86/xen/smp_pv.c +++ b/arch/x86/xen/smp_pv.c @@ -32,6 +32,7 @@ #include <xen/interface/vcpu.h> #include <xen/interface/xenpmu.h> +#include <asm/spec-ctrl.h> #include <asm/xen/interface.h> #include <asm/xen/hypercall.h> @@ -70,6 +71,8 @@ static void cpu_bringup(void) cpu_data(cpu).x86_max_cores = 1; set_cpu_sibling_map(cpu); + speculative_store_bypass_ht_init(); + xen_setup_cpu_clockevents(); notify_cpu_starting(cpu); @@ -250,6 +253,8 @@ static void __init xen_pv_smp_prepare_cpus(unsigned int max_cpus) } set_cpu_sibling_map(0); + speculative_store_bypass_ht_init(); + xen_pmu_init(0); if (xen_smp_intr_init(0) || xen_smp_intr_init_pv(0))

7 years, 4 months

1
0
0 0

+ slub-track-number-of-slabs-irrespective-of-config_slub_debug.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: slub: track number of slabs irrespective of CONFIG_SLUB_DEBUG has been added to the -mm tree. Its filename is slub-track-number-of-slabs-irrespective-of-config_slub_debug.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/slub-track-number-of-slabs-irrespe… and later at http://ozlabs.org/~akpm/mmotm/broken-out/slub-track-number-of-slabs-irrespe… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Shakeel Butt <shakeelb(a)google.com> Subject: slub: track number of slabs irrespective of CONFIG_SLUB_DEBUG For !CONFIG_SLUB_DEBUG, SLUB does not maintain the number of slabs allocated per node for a kmem_cache. Thus, slabs_node() in __kmem_cache_empty(), __kmem_cache_shrink() and __kmem_cache_destroy() will always return 0 for such config. This is wrong and can cause issues for all users of these functions. In fact in [1] Jason has reported a system crash while using SLUB without CONFIG_SLUB_DEBUG. The reason was the usage of slabs_node() by __kmem_cache_empty(). The right solution is to make slabs_node() work even for !CONFIG_SLUB_DEBUG. The commit 0f389ec63077 ("slub: No need for per node slab counters if !SLUB_DEBUG") had put the per node slab counter under CONFIG_SLUB_DEBUG because it was only read through sysfs API and the sysfs API was disabled on !CONFIG_SLUB_DEBUG. However the users of the per node slab counter assumed that it will work in the absence of CONFIG_SLUB_DEBUG. So, make the counter work for !CONFIG_SLUB_DEBUG. Please note that f9e13c0a5a33 ("slab, slub: skip unnecessary kasan_cache_shutdown()") exposed this issue but it is present even before. [1] http://lkml.kernel.org/r/CAHmME9rtoPwxUSnktxzKso14iuVCWT7BE_-_8PAC=pGw1iJnQ… Link: http://lkml.kernel.org/r/20180620224147.23777-1-shakeelb@google.com Fixes: f9e13c0a5a33 ("slab, slub: skip unnecessary kasan_cache_shutdown()") Signed-off-by: Shakeel Butt <shakeelb(a)google.com> Suggested-by: David Rientjes <rientjes(a)google.com> Reported-by: Jason A . Donenfeld <Jason(a)zx2c4.com> Cc: Christoph Lameter <cl(a)linux.com> Cc: Pekka Enberg <penberg(a)kernel.org> Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com> Cc: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/slab.h | 2 - mm/slub.c | 80 ++++++++++++++++++++++++---------------------------- 2 files changed, 38 insertions(+), 44 deletions(-) diff -puN mm/slab.h~slub-track-number-of-slabs-irrespective-of-config_slub_debug mm/slab.h --- a/mm/slab.h~slub-track-number-of-slabs-irrespective-of-config_slub_debug +++ a/mm/slab.h @@ -473,8 +473,8 @@ struct kmem_cache_node { #ifdef CONFIG_SLUB unsigned long nr_partial; struct list_head partial; -#ifdef CONFIG_SLUB_DEBUG atomic_long_t nr_slabs; +#ifdef CONFIG_SLUB_DEBUG atomic_long_t total_objects; struct list_head full; #endif diff -puN mm/slub.c~slub-track-number-of-slabs-irrespective-of-config_slub_debug mm/slub.c --- a/mm/slub.c~slub-track-number-of-slabs-irrespective-of-config_slub_debug +++ a/mm/slub.c @@ -1030,42 +1030,6 @@ static void remove_full(struct kmem_cach list_del(&page->lru); } -/* Tracking of the number of slabs for debugging purposes */ -static inline unsigned long slabs_node(struct kmem_cache *s, int node) -{ - struct kmem_cache_node *n = get_node(s, node); - - return atomic_long_read(&n->nr_slabs); -} - -static inline unsigned long node_nr_slabs(struct kmem_cache_node *n) -{ - return atomic_long_read(&n->nr_slabs); -} - -static inline void inc_slabs_node(struct kmem_cache *s, int node, int objects) -{ - struct kmem_cache_node *n = get_node(s, node); - - /* - * May be called early in order to allocate a slab for the - * kmem_cache_node structure. Solve the chicken-egg - * dilemma by deferring the increment of the count during - * bootstrap (see early_kmem_cache_node_alloc). - */ - if (likely(n)) { - atomic_long_inc(&n->nr_slabs); - atomic_long_add(objects, &n->total_objects); - } -} -static inline void dec_slabs_node(struct kmem_cache *s, int node, int objects) -{ - struct kmem_cache_node *n = get_node(s, node); - - atomic_long_dec(&n->nr_slabs); - atomic_long_sub(objects, &n->total_objects); -} - /* Object debug checks for alloc/free paths */ static void setup_object_debug(struct kmem_cache *s, struct page *page, void *object) @@ -1321,16 +1285,46 @@ slab_flags_t kmem_cache_flags(unsigned i #define disable_higher_order_debug 0 +#endif /* CONFIG_SLUB_DEBUG */ + static inline unsigned long slabs_node(struct kmem_cache *s, int node) - { return 0; } +{ + struct kmem_cache_node *n = get_node(s, node); + + return atomic_long_read(&n->nr_slabs); +} + static inline unsigned long node_nr_slabs(struct kmem_cache_node *n) - { return 0; } -static inline void inc_slabs_node(struct kmem_cache *s, int node, - int objects) {} -static inline void dec_slabs_node(struct kmem_cache *s, int node, - int objects) {} +{ + return atomic_long_read(&n->nr_slabs); +} -#endif /* CONFIG_SLUB_DEBUG */ +static inline void inc_slabs_node(struct kmem_cache *s, int node, int objects) +{ + struct kmem_cache_node *n = get_node(s, node); + + /* + * May be called early in order to allocate a slab for the + * kmem_cache_node structure. Solve the chicken-egg + * dilemma by deferring the increment of the count during + * bootstrap (see early_kmem_cache_node_alloc). + */ + if (likely(n)) { + atomic_long_inc(&n->nr_slabs); +#ifdef CONFIG_SLUB_DEBUG + atomic_long_add(objects, &n->total_objects); +#endif + } +} +static inline void dec_slabs_node(struct kmem_cache *s, int node, int objects) +{ + struct kmem_cache_node *n = get_node(s, node); + + atomic_long_dec(&n->nr_slabs); +#ifdef CONFIG_SLUB_DEBUG + atomic_long_sub(objects, &n->total_objects); +#endif +} /* * Hooks for other subsystems that check memory allocations. In a typical _ Patches currently in -mm which might be from shakeelb(a)google.com are slub-track-number-of-slabs-irrespective-of-config_slub_debug.patch slub-fix-__kmem_cache_empty-for-config_slub_debug.patch

7 years, 4 months

3
2
0 0

v4.14.51 build: 0 failures 0 warnings (v4.14.51)

by Build bot for Mark Brown

Tree/Branch: v4.14.51 Git describe: v4.14.51 Commit: 33445c07cd Linux 4.14.51 Build Time: 98 min 40 sec Passed: 11 / 11 (100.00 %) Failed: 0 / 11 ( 0.00 %) Errors: 0 Warnings: 0 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): ------------------------------------------------------------------------------- =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm64-allmodconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm64-defconfig close failed in file object destructor: sys.excepthook is missing lost sys.stderr

7 years, 4 months

1
0
0 0

[to-be-updated] slub-fix-__kmem_cache_empty-for-config_slub_debug.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: slub: fix __kmem_cache_empty for !CONFIG_SLUB_DEBUG has been removed from the -mm tree. Its filename was slub-fix-__kmem_cache_empty-for-config_slub_debug.patch This patch was dropped because an updated version will be merged ------------------------------------------------------ From: Shakeel Butt <shakeelb(a)google.com> Subject: slub: fix __kmem_cache_empty for !CONFIG_SLUB_DEBUG f9e13c0a5a33 ("slab, slub: skip unnecessary kasan_cache_shutdown()") causes crashes when using slub, as described at http://lkml.kernel.org/r/CAHmME9rtoPwxUSnktxzKso14iuVCWT7BE_-_8PAC=pGw1iJnQ… For !CONFIG_SLUB_DEBUG, SLUB does not maintain the number of slabs allocated per node for a kmem_cache. Thus, slabs_node() in __kmem_cache_empty() will always return 0. So, in such situation, it is required to check per-cpu slabs to make sure if a kmem_cache is empty or not. Please note that __kmem_cache_shutdown() and __kmem_cache_shrink() are not affected by !CONFIG_SLUB_DEBUG as they call flush_all() to clear per-cpu slabs. Link: http://lkml.kernel.org/r/20180619213352.71740-1-shakeelb@google.com Link: http://lkml.kernel.org/r/CAHmME9rtoPwxUSnktxzKso14iuVCWT7BE_-_8PAC=pGw1iJnQ… Fixes: f9e13c0a5a33 ("slab, slub: skip unnecessary kasan_cache_shutdown()") Signed-off-by: Shakeel Butt <shakeelb(a)google.com> Reported-by: Jason A. Donenfeld <Jason(a)zx2c4.com> Tested-by: Jason A. Donenfeld <Jason(a)zx2c4.com> Cc: Christoph Lameter <cl(a)linux.com> Cc: Pekka Enberg <penberg(a)kernel.org> Cc: David Rientjes <rientjes(a)google.com> Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com> Cc: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/slub.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff -puN mm/slub.c~slub-fix-__kmem_cache_empty-for-config_slub_debug mm/slub.c --- a/mm/slub.c~slub-fix-__kmem_cache_empty-for-config_slub_debug +++ a/mm/slub.c @@ -3673,9 +3673,23 @@ static void free_partial(struct kmem_cac bool __kmem_cache_empty(struct kmem_cache *s) { - int node; + int cpu, node; struct kmem_cache_node *n; + /* + * slabs_node will always be 0 for !CONFIG_SLUB_DEBUG. So, manually + * check slabs for all cpus. + */ + if (!IS_ENABLED(CONFIG_SLUB_DEBUG)) { + for_each_online_cpu(cpu) { + struct kmem_cache_cpu *c; + + c = per_cpu_ptr(s->cpu_slab, cpu); + if (c->page || slub_percpu_partial(c)) + return false; + } + } + for_each_kmem_cache_node(s, node, n) if (n->nr_partial || slabs_node(s, node)) return false; _ Patches currently in -mm which might be from shakeelb(a)google.com are slub-track-number-of-slabs-irrespective-of-config_slub_debug.patch

7 years, 4 months

1
0
0 0

[PATCH] slub: fix __kmem_cache_empty for !CONFIG_SLUB_DEBUG

by Shakeel Butt

For !CONFIG_SLUB_DEBUG, SLUB does not maintain the number of slabs allocated per node for a kmem_cache. Thus, slabs_node() in __kmem_cache_empty() will always return 0. So, in such situation, it is required to check per-cpu slabs to make sure if a kmem_cache is empty or not. Please note that __kmem_cache_shutdown() and __kmem_cache_shrink() are not affected by !CONFIG_SLUB_DEBUG as they call flush_all() to clear per-cpu slabs. Fixes: f9e13c0a5a33 ("slab, slub: skip unnecessary kasan_cache_shutdown()") Signed-off-by: Shakeel Butt <shakeelb(a)google.com> Reported-by: Jason A . Donenfeld <Jason(a)zx2c4.com> Cc: Christoph Lameter <cl(a)linux.com> Cc: Pekka Enberg <penberg(a)kernel.org> Cc: David Rientjes <rientjes(a)google.com> Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: <stable(a)vger.kernel.org> --- mm/slub.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/mm/slub.c b/mm/slub.c index a3b8467c14af..731c02b371ae 100644 --- a/mm/slub.c +++ b/mm/slub.c @@ -3673,9 +3673,23 @@ static void free_partial(struct kmem_cache *s, struct kmem_cache_node *n) bool __kmem_cache_empty(struct kmem_cache *s) { - int node; + int cpu, node; struct kmem_cache_node *n; + /* + * slabs_node will always be 0 for !CONFIG_SLUB_DEBUG. So, manually + * check slabs for all cpus. + */ + if (!IS_ENABLED(CONFIG_SLUB_DEBUG)) { + for_each_online_cpu(cpu) { + struct kmem_cache_cpu *c; + + c = per_cpu_ptr(s->cpu_slab, cpu); + if (c->page || slub_percpu_partial(c)) + return false; + } + } + for_each_kmem_cache_node(s, node, n) if (n->nr_partial || slabs_node(s, node)) return false; -- 2.18.0.rc1.244.gcf134e6275-goog

7 years, 4 months

5
7
0 0

[PATCH] MIPS: Always use -march=<arch>, not -<arch> shortcuts

by Paul Burton

The VDSO Makefile filters CFLAGS to select a subset which it uses whilst building the VDSO ELF. One of the flags it allows through is the -march= flag that selects the architecture/ISA to target. Unfortunately in cases where CONFIG_CPU_MIPS32_R{1,2}=y and the toolchain defaults to building for MIPS64, the main MIPS Makefile ends up using the short-form -<arch> flags in cflags-y. This is because the calls to cc-option always fail to use the long-form -march=<arch> flag due to the lack of an -mabi=<abi> flag in KBUILD_CFLAGS at the point where the cc-option function is executed. The resulting GCC invocation is something like: $ mips64-linux-gcc -Werror -march=mips32r2 -c -x c /dev/null -o tmp cc1: error: '-march=mips32r2' is not compatible with the selected ABI These short-form -<arch> flags are dropped by the VDSO Makefile's filtering, and so we attempt to build the VDSO without specifying any architecture. This results in an attempt to build the VDSO using whatever the compiler's default architecture is, regardless of whether that is suitable for the kernel configuration. One encountered build failure resulting from this mismatch is a rejection of the sync instruction if the kernel is configured for a MIPS32 or MIPS64 r1 or r2 target but the toolchain defaults to an older architecture revision such as MIPS1 which did not include the sync instruction: CC arch/mips/vdso/gettimeofday.o /tmp/ccGQKoOj.s: Assembler messages: /tmp/ccGQKoOj.s:273: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:329: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:520: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:714: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:1009: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:1066: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:1114: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:1279: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:1334: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:1374: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:1459: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:1514: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:1814: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:2002: Error: opcode not supported on this processor: mips1 (mips1) `sync' /tmp/ccGQKoOj.s:2066: Error: opcode not supported on this processor: mips1 (mips1) `sync' make[2]: *** [scripts/Makefile.build:318: arch/mips/vdso/gettimeofday.o] Error 1 make[1]: *** [scripts/Makefile.build:558: arch/mips/vdso] Error 2 make[1]: *** Waiting for unfinished jobs.... This can be reproduced for example by attempting to build pistachio_defconfig using Arnd's GCC 8.1.0 mips64 toolchain from kernel.org: https://mirrors.edge.kernel.org/pub/tools/crosstool/files/bin/x86_64/8.1.0/… Resolve this problem by using the long-form -march=<arch> in all cases, which makes it through the arch/mips/vdso/Makefile's filtering & is thus consistently used to build both the kernel proper & the VDSO. The use of cc-option to prefer the long-form & fall back to the short-form flags makes no sense since the short-form is just an abbreviation for the also-supported long-form in all GCC versions that we support building with. This means there is no case in which we have to use the short-form -<arch> flags, so we can simply remove them. The manual redefinition of _MIPS_ISA is removed naturally along with the use of the short-form flags that it accompanied, and whilst here we remove the separate assembler ISA selection. I suspect that both of these were only required due to the mips32 vs mips2 mismatch that was introduced by commit 59b3e8e9aac6 ("[MIPS] Makefile crapectomy.") and fixed but not cleaned up by commit 9200c0b2a07c ("[MIPS] Fix Makefile bugs for MIPS32/MIPS64 R1 and R2."). I've marked this for backport as far as v4.4 where the MIPS VDSO was introduced. In earlier kernels there should be no ill effect to using the short-form flags. Signed-off-by: Paul Burton <paul.burton(a)mips.com> Cc: James Hogan <jhogan(a)kernel.org> Cc: Ralf Baechle <ralf(a)linux-mips.org> Cc: linux-mips(a)linux-mips.org Cc: stable(a)vger.kernel.org # v4.4+ --- arch/mips/Makefile | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/arch/mips/Makefile b/arch/mips/Makefile index e2122cca4ae2..1e98d22ec119 100644 --- a/arch/mips/Makefile +++ b/arch/mips/Makefile @@ -155,15 +155,11 @@ cflags-$(CONFIG_CPU_R4300) += -march=r4300 -Wa,--trap cflags-$(CONFIG_CPU_VR41XX) += -march=r4100 -Wa,--trap cflags-$(CONFIG_CPU_R4X00) += -march=r4600 -Wa,--trap cflags-$(CONFIG_CPU_TX49XX) += -march=r4600 -Wa,--trap -cflags-$(CONFIG_CPU_MIPS32_R1) += $(call cc-option,-march=mips32,-mips32 -U_MIPS_ISA -D_MIPS_ISA=_MIPS_ISA_MIPS32) \ - -Wa,-mips32 -Wa,--trap -cflags-$(CONFIG_CPU_MIPS32_R2) += $(call cc-option,-march=mips32r2,-mips32r2 -U_MIPS_ISA -D_MIPS_ISA=_MIPS_ISA_MIPS32) \ - -Wa,-mips32r2 -Wa,--trap +cflags-$(CONFIG_CPU_MIPS32_R1) += -march=mips32 -Wa,--trap +cflags-$(CONFIG_CPU_MIPS32_R2) += -march=mips32r2 -Wa,--trap cflags-$(CONFIG_CPU_MIPS32_R6) += -march=mips32r6 -Wa,--trap -modd-spreg -cflags-$(CONFIG_CPU_MIPS64_R1) += $(call cc-option,-march=mips64,-mips64 -U_MIPS_ISA -D_MIPS_ISA=_MIPS_ISA_MIPS64) \ - -Wa,-mips64 -Wa,--trap -cflags-$(CONFIG_CPU_MIPS64_R2) += $(call cc-option,-march=mips64r2,-mips64r2 -U_MIPS_ISA -D_MIPS_ISA=_MIPS_ISA_MIPS64) \ - -Wa,-mips64r2 -Wa,--trap +cflags-$(CONFIG_CPU_MIPS64_R1) += -march=mips64 -Wa,--trap +cflags-$(CONFIG_CPU_MIPS64_R2) += -march=mips64r2 -Wa,--trap cflags-$(CONFIG_CPU_MIPS64_R6) += -march=mips64r6 -Wa,--trap cflags-$(CONFIG_CPU_R5000) += -march=r5000 -Wa,--trap cflags-$(CONFIG_CPU_R5432) += $(call cc-option,-march=r5400,-march=r5000) \ -- 2.17.1

7 years, 4 months

2
1
0 0

Linux 4.14.51

by Greg KH

I'm announcing the release of the 4.14.51 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/display/panel/panel-common.txt | 2 Documentation/devicetree/bindings/dma/renesas,rcar-dmac.txt | 1 Documentation/devicetree/bindings/pinctrl/allwinner,sunxi-pinctrl.txt | 6 Documentation/devicetree/bindings/serial/amlogic,meson-uart.txt | 2 Documentation/devicetree/bindings/serial/renesas,sci-serial.txt | 2 Documentation/devicetree/bindings/vendor-prefixes.txt | 1 Makefile | 2 arch/arm/boot/compressed/head.S | 20 arch/arm/boot/dts/bcm-cygnus.dtsi | 2 arch/arm/boot/dts/da850.dtsi | 2 arch/arm/boot/dts/logicpd-som-lv.dtsi | 11 arch/arm/kernel/machine_kexec.c | 34 - arch/arm/mach-davinci/board-da830-evm.c | 9 arch/arm/mach-davinci/board-da850-evm.c | 9 arch/arm/mach-davinci/board-dm355-evm.c | 6 arch/arm/mach-davinci/board-dm646x-evm.c | 5 arch/arm/mach-davinci/board-omapl138-hawk.c | 10 arch/arm/mach-davinci/dm646x.c | 3 arch/arm/mach-keystone/pm_domain.c | 1 arch/arm/mach-omap1/ams-delta-fiq.c | 28 arch/arm/mach-omap2/powerdomain.c | 4 arch/arm64/boot/dts/nvidia/tegra186-p3310.dtsi | 2 arch/arm64/include/asm/cputype.h | 6 arch/arm64/kernel/ptrace.c | 20 arch/hexagon/include/asm/io.h | 6 arch/hexagon/lib/checksum.c | 1 arch/mips/boot/dts/img/boston.dts | 6 arch/mips/include/asm/io.h | 4 arch/parisc/kernel/drivers.c | 7 arch/parisc/kernel/smp.c | 3 arch/parisc/kernel/time.c | 2 arch/powerpc/platforms/powernv/memtrace.c | 17 arch/sh/kernel/cpu/sh2/probe.c | 4 arch/x86/events/intel/core.c | 9 arch/x86/include/asm/insn.h | 18 arch/x86/kernel/cpu/intel.c | 3 arch/x86/kernel/kexec-bzimage64.c | 5 arch/x86/kernel/kprobes/core.c | 4 arch/x86/kernel/uprobes.c | 4 arch/x86/kvm/hyperv.c | 2 arch/x86/kvm/svm.c | 5 arch/x86/kvm/vmx.c | 15 arch/x86/kvm/x86.c | 19 arch/x86/net/bpf_jit_comp.c | 4 arch/x86/xen/enlighten_hvm.c | 13 block/blk-cgroup.c | 22 block/blk-mq.c | 19 block/blk-mq.h | 4 block/genhd.c | 12 block/partition-generic.c | 10 drivers/acpi/acpi_watchdog.c | 59 +- drivers/acpi/sleep.c | 13 drivers/ata/ahci.c | 6 drivers/ata/ahci.h | 7 drivers/ata/ahci_mvebu.c | 56 + drivers/ata/ahci_qoriq.c | 2 drivers/ata/ahci_xgene.c | 4 drivers/ata/libahci.c | 20 drivers/ata/libata-eh.c | 4 drivers/ata/sata_highbank.c | 2 drivers/char/agp/uninorth-agp.c | 4 drivers/clk/clk-mux.c | 10 drivers/clk/clk.c | 7 drivers/clk/imx/clk-imx6ul.c | 2 drivers/clocksource/timer-imx-tpm.c | 8 drivers/firmware/efi/libstub/arm64-stub.c | 10 drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 13 drivers/gpu/drm/drm_dumb_buffers.c | 7 drivers/gpu/drm/msm/dsi/dsi_host.c | 2 drivers/gpu/drm/msm/msm_fbdev.c | 11 drivers/gpu/drm/msm/msm_gem.c | 20 drivers/gpu/drm/omapdrm/dss/hdmi4.c | 2 drivers/gpu/drm/omapdrm/dss/hdmi4_core.c | 7 drivers/gpu/drm/omapdrm/dss/hdmi5.c | 2 drivers/gpu/drm/omapdrm/omap_connector.c | 10 drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 6 drivers/gpu/drm/omapdrm/tcm-sita.c | 2 drivers/hid/Kconfig | 7 drivers/hid/hid-ids.h | 8 drivers/hid/hid-lenovo.c | 36 + drivers/hid/intel-ish-hid/ishtp/bus.c | 2 drivers/hid/wacom_sys.c | 4 drivers/i2c/busses/i2c-pmcmsp.c | 4 drivers/i2c/busses/i2c-sprd.c | 22 drivers/i2c/busses/i2c-viperboard.c | 2 drivers/infiniband/Kconfig | 5 drivers/infiniband/core/cma.c | 60 +- drivers/infiniband/core/iwpm_util.c | 5 drivers/infiniband/core/mad.c | 4 drivers/infiniband/core/uverbs_ioctl.c | 9 drivers/infiniband/hw/hfi1/affinity.c | 11 drivers/infiniband/hw/hfi1/init.c | 4 drivers/infiniband/sw/rxe/rxe_opcode.c | 2 drivers/infiniband/sw/rxe/rxe_req.c | 1 drivers/infiniband/sw/rxe/rxe_resp.c | 6 drivers/infiniband/ulp/srp/Kconfig | 2 drivers/infiniband/ulp/srpt/Kconfig | 2 drivers/input/rmi4/rmi_spi.c | 7 drivers/input/touchscreen/atmel_mxt_ts.c | 186 +++--- drivers/iommu/dmar.c | 2 drivers/net/can/dev.c | 2 drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 2 drivers/net/ethernet/hisilicon/hns/hnae.h | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 3 drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c | 3 drivers/net/ethernet/qlogic/qed/qed_l2.c | 6 drivers/net/ethernet/qlogic/qede/qede_rdma.c | 2 drivers/net/phy/marvell.c | 9 drivers/nvme/host/Kconfig | 2 drivers/nvme/host/core.c | 1 drivers/nvme/host/fabrics.c | 6 drivers/nvme/target/Kconfig | 2 drivers/pci/dwc/pcie-kirin.c | 2 drivers/remoteproc/qcom_q6v5_pil.c | 2 drivers/rpmsg/rpmsg_char.c | 2 drivers/s390/net/smsgiucv.c | 2 drivers/scsi/isci/port_config.c | 3 drivers/scsi/megaraid/megaraid_sas_fusion.c | 6 drivers/scsi/scsi_transport_iscsi.c | 29 - drivers/scsi/storvsc_drv.c | 7 drivers/scsi/vmw_pvscsi.c | 2 drivers/soc/bcm/raspberrypi-power.c | 2 drivers/spi/spi-bcm2835aux.c | 5 drivers/spi/spi-cadence.c | 8 drivers/spi/spi-sh-msiof.c | 1 drivers/target/target_core_pscsi.c | 2 drivers/tee/tee_core.c | 11 drivers/thermal/int340x_thermal/int3403_thermal.c | 3 drivers/usb/musb/musb_host.c | 5 drivers/usb/musb/musb_host.h | 7 drivers/usb/musb/musb_virthub.c | 25 drivers/usb/typec/ucsi/Makefile | 2 drivers/xen/xenbus/xenbus_dev_frontend.c | 3 fs/afs/rxrpc.c | 7 fs/btrfs/scrub.c | 44 + fs/cifs/smb2ops.c | 6 fs/ecryptfs/crypto.c | 41 - fs/ecryptfs/file.c | 21 fs/isofs/inode.c | 3 fs/namespace.c | 2 fs/notify/fsnotify.c | 25 fs/ocfs2/refcounttree.c | 14 fs/proc/base.c | 6 fs/proc/kcore.c | 23 fs/proc/task_mmu.c | 6 include/linux/clk-provider.h | 3 include/linux/ethtool.h | 2 include/linux/genhd.h | 4 include/linux/kvm_host.h | 8 include/linux/mtd/map.h | 2 include/linux/percpu-rwsem.h | 6 include/linux/rwsem.h | 6 include/linux/sched.h | 50 + include/linux/sched/signal.h | 2 include/linux/stringhash.h | 4 include/soc/bcm2835/raspberrypi-firmware.h | 4 init/main.c | 7 kernel/kthread.c | 7 kernel/locking/rwsem-xadd.c | 19 kernel/locking/rwsem.c | 2 kernel/locking/rwsem.h | 30 - kernel/module.c | 5 kernel/sched/core.c | 17 kernel/sched/deadline.c | 4 kernel/sched/rt.c | 2 kernel/sched/sched.h | 5 kernel/signal.c | 17 kernel/stop_machine.c | 19 mm/memcontrol.c | 2 net/ipv4/tcp_input.c | 2 net/ipv6/netfilter/Kconfig | 55 - net/mac80211/agg-tx.c | 4 net/mac80211/mlme.c | 25 net/mac80211/tx.c | 3 net/netfilter/nf_tables_api.c | 2 net/rds/ib_cm.c | 3 net/rxrpc/af_rxrpc.c | 2 net/rxrpc/local_object.c | 57 +- net/sched/act_skbedit.c | 3 net/smc/af_smc.c | 6 net/tipc/monitor.c | 2 net/tipc/node.c | 28 sound/soc/codecs/msm8916-wcd-analog.c | 9 sound/soc/codecs/rt5514.c | 3 sound/soc/soc-topology.c | 6 tools/net/bpf_dbg.c | 7 tools/objtool/arch/x86/include/asm/insn.h | 18 tools/perf/util/symbol.c | 8 tools/testing/selftests/ftrace/test.d/trigger/inter-event/trigger-multi-actions-accept.tc | 44 + tools/testing/selftests/x86/Makefile | 2 tools/testing/selftests/x86/mov_ss_trap.c | 285 ++++++++++ tools/testing/selftests/x86/mpx-mini-test.c | 7 tools/testing/selftests/x86/protection_keys.c | 254 ++++++-- virt/kvm/arm/vgic/vgic-mmio-v2.c | 5 194 files changed, 1863 insertions(+), 664 deletions(-) Adam Ford (2): ARM: dts: logicpd-som-lv: Fix WL127x Startup Issues ARM: dts: logicpd-som-lv: Fix Audio Mute Alexey Dobriyan (1): proc: revalidate kernel thread inodes to root:root Amir Goldstein (2): fsnotify: fix ignore mask logic in send_to_group() <linux/stringhash.h>: fix end_name_hash() for 64bit long Andres Rodriguez (1): drm/amdkfd: fix clock counter retrieval for node without GPU Andy Lutomirski (1): x86/selftests: Add mov_to_ss test Anson Huang (1): clocksource/drivers/imx-tpm: Correct some registers operation flow Arnaldo Carvalho de Melo (1): perf report: Fix switching to another perf.data file Arnd Bergmann (2): hexagon: add memset_io() helper hexagon: export csum_partial_copy_nocheck Arvind Yadav (2): HID: wacom: Release device resource data obtained by devres_alloc() HID: intel-ish-hid: use put_device() instead of kfree() Ashish Samant (1): ocfs2: take inode cluster lock before moving reflinked inode from orphan dir Balbir Singh (1): powerpc/powernv/memtrace: Let the arch hotunplug code flush cache Baolin Wang (3): parisc: time: Convert read_persistent_clock() to read_persistent_clock64() i2c: sprd: Prevent i2c accesses after suspend is called i2c: sprd: Fix the i2c count issue Ben Hutchings (2): drm/msm: Fix possible null dereference on failure of get_pages() mtd: Fix comparison in map_word_andequal() Bhadram Varka (1): arm64: tegra: Make BCM89610 PHY interrupt as active low Changbin Du (1): iommu/vt-d: fix shift-out-of-bounds in bug checking Chen Yu (1): ACPI / PM: Blacklist Low Power S0 Idle _DSM for ThinkPad X1 Tablet(2016) Chengguang Xu (2): isofs: fix potential memory leak in mount option parsing nvme: fix potential memory leak in option parsing Chris Leech (1): scsi: iscsi: respond to netlink with unicast when appropriate Christophe JAILLET (1): Input: synaptics-rmi4 - fix an unchecked out of memory error path Clément Péron (1): ARM: dts: cygnus: fix irq type for arm global timer Colin Ian King (2): scsi: isci: Fix infinite loop in while loop RDMA/iwpm: fix memory leak on map_info Dag Moxnes (1): rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp Dan Carpenter (2): drm/omap: silence unititialized variable warning drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl() Daniel Borkmann (1): bpf, x64: fix memleak when not converging after image Daniel Glöckner (1): usb: musb: fix remote wakeup racing with suspend Dave Hansen (10): x86/pkeys/selftests: Give better unexpected fault error messages x86/pkeys/selftests: Stop using assert() x86/pkeys/selftests: Remove dead debugging code, fix dprint_in_signal x86/pkeys/selftests: Allow faults on unknown keys x86/pkeys/selftests: Factor out "instruction page" x86/pkeys/selftests: Add PROT_EXEC test x86/pkeys/selftests: Fix pkey exhaustion test off-by-one x86/pkeys/selftests: Fix pointer math x86/pkeys/selftests: Save off 'prot' for allocations x86/pkeys/selftests: Add a test for pkey 0 Dave Young (1): kexec_file: do not add extra alignment to efi memmap David Gilhooley (1): arm64: Add MIDR encoding for NVIDIA CPUs David Howells (4): vfs: Undo an overly zealous MS_RDONLY -> SB_RDONLY conversion rxrpc: Fix error reception on AF_INET6 sockets rxrpc: Fix the min security level for kernel calls afs: Fix the non-encryption of calls Emil Tantilov (1): ixgbe: return error on unsupported SFP module when resetting Emil Velikov (1): drm/msm: don't deref error pointer in the msm_fbdev_create error path Eric Dumazet (1): tcp: do not overshoot window_clamp in tcp_rcv_space_adjust() Etienne Carriere (1): tee: check shm references are consistent in offset/size Evan Wang (2): libahci: Allow drivers to override stop_engine ata: ahci: mvebu: override ahci_stop_engine for mvebu AHCI Florian Fainelli (2): soc: bcm: raspberrypi-power: Fix use of __packed net: ethtool: Add missing kernel doc for FEC parameters Geert Uytterhoeven (3): soc: bcm2835: Make !RASPBERRYPI_FIRMWARE dummies return failure dt-bindings: meson-uart: DT fix s/clocks-names/clock-names/ dt-bindings: panel: lvds: Fix path to display timing bindings Greg Kroah-Hartman (1): Linux 4.14.51 Greg Thelen (5): nvme: depend on INFINIBAND_ADDR_TRANS nvmet-rdma: depend on INFINIBAND_ADDR_TRANS ib_srpt: depend on INFINIBAND_ADDR_TRANS ib_srp: depend on INFINIBAND_ADDR_TRANS IB: make INFINIBAND_ADDR_TRANS configurable Hans de Goede (1): thermal: int3403_thermal: Fix NULL pointer deref on module load / probe Helge Deller (2): parisc: drivers.c: Fix section mismatches parisc: Move setup_profiling_timer() out of init section Huang Ying (1): mm, pagemap: fix swap offset value for PMD migration entry Håkon Bugge (1): IB/core: Make ib_mad_client_id atomic Igor Russkikh (1): net: aquantia: driver should correctly declare vlan_features bits Ilan Peer (1): mac80211: Adjust SAE authentication timeout Ingo Molnar (3): objtool, kprobes/x86: Sync the latest <asm/insn.h> header with tools/objtool/arch/x86/include/asm/insn.h x86/pkeys/selftests: Adjust the self-test to fresh distros that export the pkeys ABI x86/mpx/selftests: Adjust the self-test to fresh distros that export the MPX ABI Jacopo Mondi (2): dt-bindings: serial: sh-sci: Add support for r8a77965 (H)SCIF dt-bindings: dmaengine: rcar-dmac: document R8A77965 support Jakob Unterwurzacher (1): can: dev: increase bus-off message severity Jakub Kicinski (1): nfp: ignore signals when communicating with management FW Janusz Krzysztofik (1): ARM: OMAP1: ams-delta: fix deferred_fiq handler Jeffrey Hugo (1): init: fix false positives in W+X checking Jerome Brunet (1): clk: honor CLK_MUX_ROUND_CLOSEST in generic clk mux Jianchao Wang (1): IB/rxe: add RXE_START_MASK for rxe_opcode IB_OPCODE_RC_SEND_ONLY_INV Jiang Biao (2): blkcg: don't hold blkcg lock when deactivating policy blkcg: init root blkcg_gq under lock Jim Gill (1): scsi: vmw-pvscsi: return DID_BUS_BUSY for adapter-initated aborts Jingju Hou (1): net: phy: marvell: clear wol event before setting it John Fastabend (1): bpf: fix uninitialized variable in bpf tools Jon Maloy (1): tipc: fix bug in function tipc_nl_node_dump_monitor Kan Liang (1): perf/x86/intel: Don't enable freeze-on-smi for PerfMon V1 Keith Busch (1): nvme: Set integrity flag for user passthrough commands Krish Sadhukhan (1): x86: Add check for APIC access address for vmentry of L2 guests Laura Abbott (1): proc/kcore: don't bounds check against address 0 Liam Girdwood (1): ASoC: topology: Check widget kcontrols before deref. Liu Bo (2): Btrfs: fix scrub to repair raid6 corruption Btrfs: make raid6 rebuild retry more Loic Poulain (1): PCI: kirin: Fix reset gpio name Long Li (1): scsi: storvsc: Set up correct queue depth values for IDE devices Lukasz Majewski (1): doc: Add vendor prefix for Kieback & Peter GmbH Marian Rotariu (1): x86: Delay skip of emulated hypercall instruction Mark Rutland (4): arm64: ptrace: remove addr_limit manipulation arm64: fix possible spectre-v1 in ptrace_hbp_get_event() KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_mmio_read_apr() efi/libstub/arm64: Handle randomized TEXT_OFFSET Martin Schwidefsky (1): s390/smsgiucv: disable SMSG on module unload Masami Hiramatsu (3): selftests: ftrace: Add a testcase for multiple actions on trigger kprobes/x86: Prohibit probing on exception masking instructions uprobes/x86: Prohibit probing on MOV SS instruction Matan Barak (1): IB/uverbs: Fix validating mandatory attributes Matheus Castello (1): dt-bindings: pinctrl: sunxi: Fix reference to driver Mathieu Malaterre (4): driver core: add __printf verification to __ata_ehi_pushv_desc agp: uninorth: make two functions static sched/debug: Move the print_rt_rq() and print_dl_rq() declarations to kernel/sched/sched.h sched/deadline: Make the grub_reclaim() function static Matt Redfearn (1): MIPS: dts: Boston: Fix PCI bus dtc warnings: Michael J. Ruhl (1): IB/hfi1 Use correct type for num_user_context Michal Kalderon (2): qed: Fix l2 initializations over iWARP personality qede: Fix gfp flags sent to rdma event node allocation Mika Westerberg (1): ACPI / watchdog: Prefer iTCO_wdt on Lenovo Z50-70 Minchan Kim (1): mm: memcg: add __GFP_NOWARN in __memcg_schedule_kmem_cache_create() Ming Lei (1): scsi: target: fix crash with iscsi target and dvd Nick Dyer (1): Input: atmel_mxt_ts - fix the firmware update Omar Sandoval (1): blk-mq: fix sysfs inflight counter Pablo Neira Ayuso (1): netfilter: nf_tables: NAT chain and extensions require NF_TABLES Parav Pandit (2): RDMA/cma: Fix use after destroy access to net namespace for IPoIB RDMA/cma: Do not query GID during QP state transition to RTR Paulo Alcantara (1): cifs: smb2ops: Fix listxattr() when there are no EAs Peter Rosin (3): i2c: pmcmsp: return message count on master_xfer success i2c: pmcmsp: fix error return from master_xfer i2c: viperboard: return message count on master_xfer success Peter Zijlstra (3): stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock kthread, sched/wait: Fix kthread_parkme() wait-loop sched/core: Introduce set_special_state() Ramon Fried (1): rpmsg: added MODULE_ALIAS for rpmsg_char Rich Felker (1): sh: fix build failure for J2 cpu with SMP disabled Rob Herring (1): spi: bcm2835aux: ensure interrupts are enabled for shared handler Roman Mashak (1): net sched actions: fix invalid pointer dereferencing if skbedit flags missing Russell King (2): ARM: keystone: fix platform_domain_notifier array overrun ARM: kexec: fix kdump register saving on panic() Sara Sharon (1): mac80211: use timeout from the AddBA response instead of the request Sasha Levin (1): Revert "Btrfs: fix scrub to repair raid6 corruption" Sebastian Sanchez (1): IB/hfi1: Fix memory leak in exception path in get_irq_affinity() Sekhar Nori (8): ARM: dts: da850: fix W=1 warnings with pinmux node ARM: davinci: board-da830-evm: fix GPIO lookup for MMC/SD ARM: davinci: board-da850-evm: fix GPIO lookup for MMC/SD ARM: davinci: board-omapl138-hawk: fix GPIO numbers for MMC/SD lookup ARM: davinci: board-dm355-evm: fix broken networking ARM: davinci: dm646x: fix timer interrupt generation ARM: davinci: board-dm646x-evm: pass correct I2C adapter id for VPIF ARM: davinci: board-dm646x-evm: set VPIF capture card name Simon Gaiser (1): xen: xenbus_dev_frontend: Really return response string Sinan Kaya (2): MIPS: io: Prevent compiler reordering writeX() MIPS: io: Add barrier after register read in readX() Srinivas Kandagatla (1): ASoC: msm8916-wcd-analog: use threaded context for mbhc events Stefan Agner (2): drm/msm/dsi: use correct enum in dsi_get_cmd_fmt clk: imx6ull: use OSC clock during AXI rate change Stefan Raspl (1): smc: fix sendpage() call Taehee Yoo (1): netfilter: nf_tables: fix out-of-bounds in nft_chain_commit_update Tero Kristo (1): ARM: OMAP2+: powerdomain: use raw_smp_processor_id() for trace Tobias Jordan (1): remoteproc: qcom: Fix potential device node leaks Tobias Regnery (1): usb: typec: ucsi: fix tracepoint related build error Tomi Valkeinen (4): drm/omap: fix uninitialized ret variable drm/omap: fix possible NULL ref issue in tiler_reserve_2d drm/omap: check return value from soc_device_match drm/omap: handle alloc failures in omap_connector Tung Nguyen (1): tipc: fix infinite loop when dumping link monitor summary Tyler Hicks (1): eCryptfs: don't pass up plaintext names when using filename encryption Vinson Lee (1): scsi: megaraid_sas: Do not log an error if FW successfully initializes. Vladimir Zapolskiy (1): spi: sh-msiof: Fix bit field overflow writes to TSCR/RSCR Waiman Long (2): locking/rwsem: Add a new RWSEM_ANONYMOUSLY_OWNED flag locking/percpu-rwsem: Annotate rwsem ownership transfer by setting RWSEM_OWNER_UNKNOWN Wanpeng Li (1): KVM: Extend MAX_IRQ_ROUTES to 4096 for all archs Yan Wang (1): ASoC: topology: Fix bugs of freeing soc topology Ying Xue (1): tipc: eliminate KMSAN uninit-value in strcmp complaint Zhu Yanjun (1): IB/rxe: avoid double kfree_skb dann frazier (1): net: hns: Avoid action name truncation hu huajun (1): KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update jacek.tomaka(a)poczta.fm (1): x86/cpu/intel: Add missing TLB cpuid values oder_chiou(a)realtek.com (1): ASoC: rt5514: Add the missing register in the readable table pgzh (1): HID: lenovo: Add support for IBM/Lenovo Scrollpoint mice sxauwsk (1): spi: cadence: Add usleep_range() for cdns_spi_fill_tx_fifo() van der Linden, Frank (1): x86/xen: Reset VCPU0 info pointer after shared_info remap Łukasz Stelmach (2): ARM: 8753/1: decompressor: add a missing parameter to the addruart macro ARM: 8758/1: decompressor: restore r1 and r2 just before jumping to the kernel

7 years, 4 months

1
1
0 0

Linux 4.16.17

by Greg KH

I'm announcing the release of the 4.16.17 kernel. All users of the 4.16 kernel series must upgrade. The updated 4.16.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.16.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/devicetree/bindings/display/panel/panel-common.txt | 2 Documentation/devicetree/bindings/dma/renesas,rcar-dmac.txt | 1 Documentation/devicetree/bindings/net/renesas,ravb.txt | 1 Documentation/devicetree/bindings/pinctrl/allwinner,sunxi-pinctrl.txt | 6 Documentation/devicetree/bindings/serial/amlogic,meson-uart.txt | 2 Documentation/devicetree/bindings/serial/mvebu-uart.txt | 2 Documentation/devicetree/bindings/serial/renesas,sci-serial.txt | 2 Documentation/devicetree/bindings/vendor-prefixes.txt | 1 Makefile | 2 arch/arm/boot/compressed/Makefile | 8 arch/arm/boot/compressed/head.S | 20 arch/arm/boot/dts/bcm-cygnus.dtsi | 2 arch/arm/boot/dts/da850.dtsi | 2 arch/arm/boot/dts/dm8148-evm.dts | 2 arch/arm/boot/dts/dm8148-t410.dts | 2 arch/arm/boot/dts/dm8168-evm.dts | 2 arch/arm/boot/dts/dra62x-j5eco-evm.dts | 2 arch/arm/boot/dts/imx51-zii-rdu1.dts | 6 arch/arm/boot/dts/logicpd-som-lv.dtsi | 11 arch/arm/boot/dts/omap4.dtsi | 8 arch/arm/include/uapi/asm/siginfo.h | 13 arch/arm/kernel/machine_kexec.c | 34 - arch/arm/mach-davinci/board-da830-evm.c | 9 arch/arm/mach-davinci/board-da850-evm.c | 9 arch/arm/mach-davinci/board-dm355-evm.c | 15 arch/arm/mach-davinci/board-dm644x-evm.c | 10 arch/arm/mach-davinci/board-dm646x-evm.c | 5 arch/arm/mach-davinci/board-omapl138-hawk.c | 10 arch/arm/mach-davinci/dm646x.c | 3 arch/arm/mach-keystone/pm_domain.c | 1 arch/arm/mach-omap1/ams-delta-fiq.c | 28 arch/arm/mach-omap2/powerdomain.c | 4 arch/arm/vfp/vfpmodule.c | 2 arch/arm64/boot/dts/amlogic/meson-gx-p23x-q20x.dtsi | 4 arch/arm64/boot/dts/amlogic/meson-gxl-s905x-libretech-cc.dts | 12 arch/arm64/boot/dts/amlogic/meson-gxl-s905x-nexbox-a95x.dts | 4 arch/arm64/boot/dts/amlogic/meson-gxl-s905x-p212.dtsi | 4 arch/arm64/boot/dts/amlogic/meson-gxl.dtsi | 61 + arch/arm64/boot/dts/amlogic/meson-gxm-khadas-vim2.dts | 4 arch/arm64/boot/dts/amlogic/meson-gxm.dtsi | 17 arch/arm64/boot/dts/broadcom/stingray/stingray-sata.dtsi | 80 +- arch/arm64/boot/dts/nvidia/tegra186-p3310.dtsi | 2 arch/arm64/boot/dts/socionext/uniphier-ld11.dtsi | 2 arch/arm64/boot/dts/socionext/uniphier-ld20.dtsi | 2 arch/arm64/boot/dts/socionext/uniphier-pxs3.dtsi | 2 arch/arm64/include/asm/cputype.h | 6 arch/arm64/kernel/ptrace.c | 20 arch/arm64/kernel/traps.c | 3 arch/arm64/mm/kasan_init.c | 4 arch/hexagon/include/asm/io.h | 6 arch/hexagon/lib/checksum.c | 1 arch/mips/boot/dts/img/boston.dts | 6 arch/mips/include/asm/io.h | 4 arch/parisc/kernel/drivers.c | 7 arch/parisc/kernel/smp.c | 3 arch/parisc/kernel/time.c | 2 arch/powerpc/include/asm/topology.h | 13 arch/powerpc/kernel/setup_64.c | 11 arch/powerpc/kvm/booke.c | 7 arch/powerpc/platforms/cell/spufs/sched.c | 2 arch/powerpc/platforms/powernv/memtrace.c | 17 arch/riscv/Kconfig | 4 arch/riscv/kernel/vdso/Makefile | 2 arch/sh/Kconfig | 1 arch/sh/kernel/cpu/sh2/probe.c | 4 arch/sh/kernel/setup.c | 1 arch/sh/mm/init.c | 68 -- arch/sh/mm/numa.c | 19 arch/x86/events/intel/core.c | 9 arch/x86/include/asm/insn.h | 18 arch/x86/include/asm/kvm_host.h | 1 arch/x86/kernel/cpu/intel.c | 3 arch/x86/kernel/kexec-bzimage64.c | 5 arch/x86/kernel/kprobes/core.c | 4 arch/x86/kernel/uprobes.c | 4 arch/x86/kvm/hyperv.c | 2 arch/x86/kvm/svm.c | 31 arch/x86/kvm/vmx.c | 95 +- arch/x86/kvm/x86.c | 33 - arch/x86/net/bpf_jit_comp.c | 18 arch/x86/xen/enlighten_hvm.c | 13 block/blk-cgroup.c | 22 block/blk-mq.c | 19 block/blk-mq.h | 4 block/genhd.c | 12 block/partition-generic.c | 10 drivers/acpi/acpi_watchdog.c | 59 + drivers/acpi/scan.c | 2 drivers/acpi/sleep.c | 13 drivers/ata/ahci.c | 6 drivers/ata/ahci.h | 7 drivers/ata/ahci_mvebu.c | 56 + drivers/ata/ahci_qoriq.c | 2 drivers/ata/ahci_xgene.c | 4 drivers/ata/libahci.c | 20 drivers/ata/libata-eh.c | 4 drivers/ata/sata_highbank.c | 2 drivers/char/agp/uninorth-agp.c | 4 drivers/clk/clk-mux.c | 10 drivers/clk/clk.c | 7 drivers/clk/imx/clk-imx6ul.c | 2 drivers/clocksource/timer-imx-tpm.c | 8 drivers/cpufreq/Kconfig.arm | 10 drivers/cpufreq/brcmstb-avs-cpufreq.c | 323 ---------- drivers/firmware/efi/libstub/arm64-stub.c | 10 drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c | 6 drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 13 drivers/gpu/drm/drm_dumb_buffers.c | 7 drivers/gpu/drm/exynos/exynos_mixer.c | 22 drivers/gpu/drm/exynos/regs-mixer.h | 1 drivers/gpu/drm/msm/dsi/dsi_host.c | 2 drivers/gpu/drm/msm/msm_fbdev.c | 11 drivers/gpu/drm/msm/msm_gem.c | 20 drivers/gpu/drm/omapdrm/dss/hdmi4.c | 2 drivers/gpu/drm/omapdrm/dss/hdmi4_core.c | 7 drivers/gpu/drm/omapdrm/dss/hdmi5.c | 2 drivers/gpu/drm/omapdrm/omap_connector.c | 10 drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 6 drivers/gpu/drm/omapdrm/tcm-sita.c | 2 drivers/gpu/drm/vc4/vc4_dpi.c | 25 drivers/hid/Kconfig | 7 drivers/hid/hid-ids.h | 9 drivers/hid/hid-lenovo.c | 36 + drivers/hid/i2c-hid/i2c-hid.c | 2 drivers/hid/intel-ish-hid/ishtp/bus.c | 2 drivers/hid/wacom_sys.c | 4 drivers/i2c/busses/i2c-pmcmsp.c | 4 drivers/i2c/busses/i2c-sprd.c | 22 drivers/i2c/busses/i2c-viperboard.c | 2 drivers/infiniband/Kconfig | 5 drivers/infiniband/core/cma.c | 60 + drivers/infiniband/core/iwpm_util.c | 5 drivers/infiniband/core/mad.c | 4 drivers/infiniband/core/uverbs_ioctl.c | 9 drivers/infiniband/hw/hfi1/affinity.c | 11 drivers/infiniband/hw/hfi1/init.c | 41 - drivers/infiniband/hw/hfi1/platform.c | 1 drivers/infiniband/hw/hfi1/qsfp.c | 2 drivers/infiniband/hw/hns/hns_roce_hem.c | 8 drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 11 drivers/infiniband/hw/mlx4/mr.c | 2 drivers/infiniband/hw/mlx5/main.c | 4 drivers/infiniband/sw/rxe/rxe_opcode.c | 2 drivers/infiniband/sw/rxe/rxe_req.c | 1 drivers/infiniband/sw/rxe/rxe_resp.c | 6 drivers/infiniband/ulp/srp/Kconfig | 2 drivers/infiniband/ulp/srpt/Kconfig | 2 drivers/input/rmi4/rmi_spi.c | 7 drivers/input/touchscreen/atmel_mxt_ts.c | 186 +++-- drivers/iommu/dmar.c | 2 drivers/iommu/intel_irq_remapping.c | 2 drivers/mtd/onenand/omap2.c | 105 +-- drivers/net/can/dev.c | 2 drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 3 drivers/net/ethernet/aquantia/atlantic/aq_nic.h | 1 drivers/net/ethernet/aquantia/atlantic/aq_pci_func.c | 21 drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 3 drivers/net/ethernet/hisilicon/hns/hnae.h | 2 drivers/net/ethernet/ibm/ibmvnic.c | 3 drivers/net/ethernet/intel/igb/igb_main.c | 17 drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c | 2 drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 3 drivers/net/ethernet/marvell/mvpp2.c | 15 drivers/net/ethernet/netronome/nfp/flower/cmsg.c | 38 + drivers/net/ethernet/netronome/nfp/flower/cmsg.h | 2 drivers/net/ethernet/netronome/nfp/flower/main.c | 8 drivers/net/ethernet/netronome/nfp/flower/main.h | 8 drivers/net/ethernet/netronome/nfp/nfp_app_nic.c | 2 drivers/net/ethernet/netronome/nfp/nfp_main.h | 4 drivers/net/ethernet/netronome/nfp/nfp_net_main.c | 31 drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c | 3 drivers/net/ethernet/qlogic/qed/qed_l2.c | 6 drivers/net/ethernet/qlogic/qede/qede_rdma.c | 2 drivers/net/phy/broadcom.c | 10 drivers/net/phy/marvell.c | 9 drivers/net/phy/microchip.c | 178 +++++ drivers/nvme/host/Kconfig | 2 drivers/nvme/host/core.c | 32 drivers/nvme/host/fabrics.c | 6 drivers/nvme/host/multipath.c | 24 drivers/nvme/host/nvme.h | 12 drivers/nvme/target/Kconfig | 2 drivers/pci/dwc/pcie-kirin.c | 2 drivers/pinctrl/intel/pinctrl-cherryview.c | 16 drivers/pinctrl/meson/pinctrl-meson-axg.c | 2 drivers/platform/x86/Kconfig | 2 drivers/remoteproc/qcom_q6v5_pil.c | 2 drivers/reset/reset-uniphier.c | 6 drivers/rpmsg/rpmsg_char.c | 2 drivers/s390/net/qeth_core_main.c | 51 - drivers/s390/net/qeth_core_mpc.h | 12 drivers/s390/net/qeth_l2_main.c | 4 drivers/s390/net/smsgiucv.c | 2 drivers/scsi/isci/port_config.c | 3 drivers/scsi/megaraid/megaraid_sas_fusion.c | 6 drivers/scsi/scsi_transport_iscsi.c | 29 drivers/scsi/storvsc_drv.c | 7 drivers/scsi/vmw_pvscsi.c | 2 drivers/soc/bcm/raspberrypi-power.c | 2 drivers/spi/spi-bcm2835aux.c | 5 drivers/spi/spi-cadence.c | 8 drivers/spi/spi-sh-msiof.c | 1 drivers/target/target_core_pscsi.c | 2 drivers/tee/tee_core.c | 11 drivers/thermal/int340x_thermal/int3403_thermal.c | 3 drivers/usb/musb/musb_host.c | 5 drivers/usb/musb/musb_host.h | 7 drivers/usb/musb/musb_virthub.c | 25 drivers/usb/typec/tps6598x.c | 47 + drivers/usb/typec/ucsi/Makefile | 2 drivers/xen/xenbus/xenbus_dev_frontend.c | 3 fs/afs/addr_list.c | 25 fs/afs/callback.c | 56 + fs/afs/cmservice.c | 6 fs/afs/internal.h | 7 fs/afs/rotate.c | 20 fs/afs/rxrpc.c | 7 fs/afs/server.c | 22 fs/afs/server_list.c | 7 fs/cifs/Kconfig | 2 fs/cifs/smb2ops.c | 6 fs/cifs/smb2pdu.c | 68 +- fs/cifs/transport.c | 5 fs/ecryptfs/crypto.c | 41 - fs/ecryptfs/file.c | 21 fs/isofs/inode.c | 3 fs/namespace.c | 2 fs/notify/fsnotify.c | 25 fs/ocfs2/refcounttree.c | 14 fs/proc/base.c | 6 fs/proc/kcore.c | 23 fs/proc/loadavg.c | 2 fs/proc/task_mmu.c | 6 include/linux/brcmphy.h | 1 include/linux/clk-provider.h | 3 include/linux/ethtool.h | 2 include/linux/genhd.h | 4 include/linux/kthread.h | 1 include/linux/kvm_host.h | 8 include/linux/microchipphy.h | 8 include/linux/mtd/map.h | 2 include/linux/mtd/rawnand.h | 16 include/linux/percpu-rwsem.h | 6 include/linux/rwsem.h | 6 include/linux/sched.h | 50 + include/linux/sched/signal.h | 2 include/linux/stringhash.h | 4 include/soc/bcm2835/raspberrypi-firmware.h | 4 init/main.c | 7 kernel/bpf/syscall.c | 19 kernel/kthread.c | 50 - kernel/locking/rwsem-xadd.c | 19 kernel/locking/rwsem.c | 2 kernel/locking/rwsem.h | 30 kernel/module.c | 5 kernel/sched/core.c | 49 - kernel/sched/deadline.c | 4 kernel/sched/rt.c | 2 kernel/sched/sched.h | 5 kernel/signal.c | 17 kernel/stop_machine.c | 19 lib/find_bit_benchmark.c | 7 mm/memcontrol.c | 2 net/ipv6/ip6_vti.c | 4 net/ipv6/netfilter/Kconfig | 55 - net/mac80211/agg-tx.c | 4 net/mac80211/mlme.c | 25 net/mac80211/tx.c | 3 net/netfilter/nf_tables_api.c | 2 net/rds/ib_cm.c | 3 net/rxrpc/af_rxrpc.c | 2 net/rxrpc/ar-internal.h | 1 net/rxrpc/input.c | 2 net/rxrpc/local_object.c | 57 + net/rxrpc/output.c | 11 net/rxrpc/sendmsg.c | 10 net/sched/act_skbedit.c | 3 net/smc/af_smc.c | 6 net/sunrpc/xprtrdma/fmr_ops.c | 5 net/sunrpc/xprtrdma/frwr_ops.c | 9 net/sunrpc/xprtrdma/verbs.c | 5 net/sunrpc/xprtrdma/xprt_rdma.h | 2 net/tipc/monitor.c | 2 net/tipc/node.c | 28 scripts/Makefile.gcc-plugins | 2 sound/soc/codecs/msm8916-wcd-analog.c | 9 sound/soc/codecs/rt5514.c | 3 sound/soc/intel/Kconfig | 22 sound/soc/soc-topology.c | 6 tools/bpf/bpf_dbg.c | 7 tools/objtool/arch/x86/include/asm/insn.h | 18 tools/perf/util/cs-etm.c | 24 tools/perf/util/pmu.c | 20 tools/perf/util/symbol.c | 8 tools/testing/selftests/ftrace/test.d/trigger/inter-event/trigger-multi-actions-accept.tc | 44 + tools/testing/selftests/x86/Makefile | 2 tools/testing/selftests/x86/mov_ss_trap.c | 285 ++++++++ tools/testing/selftests/x86/mpx-mini-test.c | 7 tools/testing/selftests/x86/pkey-helpers.h | 20 tools/testing/selftests/x86/protection_keys.c | 254 +++++-- virt/kvm/arm/vgic/vgic-mmio-v2.c | 5 virt/kvm/arm/vgic/vgic.c | 8 302 files changed, 2996 insertions(+), 1621 deletions(-) Adam Ford (2): ARM: dts: logicpd-som-lv: Fix WL127x Startup Issues ARM: dts: logicpd-som-lv: Fix Audio Mute Alexey Dobriyan (2): proc: revalidate kernel thread inodes to root:root proc: fix /proc/loadavg regression Amir Goldstein (2): fsnotify: fix ignore mask logic in send_to_group() <linux/stringhash.h>: fix end_name_hash() for 64bit long Andre Przywara (1): KVM: arm/arm64: vgic: Kick new VCPU on interrupt migration Andres Rodriguez (1): drm/amdkfd: fix clock counter retrieval for node without GPU Andrey Grodzovsky (1): drm/amdgpu: Switch to interruptable wait to recover from ring hang. Andrzej Hajda (1): drm/exynos/mixer: fix synchronization check in interlaced mode Andy Lutomirski (1): x86/selftests: Add mov_to_ss test Anson Huang (1): clocksource/drivers/imx-tpm: Correct some registers operation flow Arnaldo Carvalho de Melo (1): perf report: Fix switching to another perf.data file Arnd Bergmann (2): hexagon: add memset_io() helper hexagon: export csum_partial_copy_nocheck Arvind Yadav (2): HID: wacom: Release device resource data obtained by devres_alloc() HID: intel-ish-hid: use put_device() instead of kfree() Ashish Samant (1): ocfs2: take inode cluster lock before moving reflinked inode from orphan dir Aurelien Jarno (1): RISC-V: build vdso-dummy.o with -no-pie Balbir Singh (1): powerpc/powernv/memtrace: Let the arch hotunplug code flush cache Baolin Wang (3): parisc: time: Convert read_persistent_clock() to read_persistent_clock64() i2c: sprd: Prevent i2c accesses after suspend is called i2c: sprd: Fix the i2c count issue Ben Hutchings (2): drm/msm: Fix possible null dereference on failure of get_pages() mtd: Fix comparison in map_word_andequal() Bhadram Varka (2): arm64: tegra: Make BCM89610 PHY interrupt as active low net: phy: broadcom: add support for BCM89610 PHY Changbin Du (1): iommu/vt-d: fix shift-out-of-bounds in bug checking Chen Yu (1): ACPI / PM: Blacklist Low Power S0 Idle _DSM for ThinkPad X1 Tablet(2016) Chengguang Xu (2): isofs: fix potential memory leak in mount option parsing nvme: fix potential memory leak in option parsing Chris Leech (1): scsi: iscsi: respond to netlink with unicast when appropriate Christoph Hellwig (1): riscv: select DMA_DIRECT_OPS instead of redefining it Christophe JAILLET (1): Input: synaptics-rmi4 - fix an unchecked out of memory error path Chuck Lever (1): xprtrdma: Fix list corruption / DMAR errors during MR recovery Clément Péron (1): ARM: dts: cygnus: fix irq type for arm global timer Colin Ian King (4): scsi: isci: Fix infinite loop in while loop RDMA/iwpm: fix memory leak on map_info net: aquantia: fix unsigned numvecs comparison with less than zero ixgbe: fix memory leak on ipsec allocation Dag Moxnes (1): rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp Dan Carpenter (2): drm/omap: silence unititialized variable warning drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl() Daniel Borkmann (3): bpf, x64: fix memleak when not converging after image bpf, x64: fix memleak when not converging on calls bpf: use array_index_nospec in find_prog_type Daniel Glöckner (1): usb: musb: fix remote wakeup racing with suspend Darren Hart (1): platform/x86: DELL_WMI use depends on instead of select for DELL_SMBIOS Dave Hansen (11): x86/pkeys/selftests: Give better unexpected fault error messages x86/pkeys/selftests: Stop using assert() x86/pkeys/selftests: Remove dead debugging code, fix dprint_in_signal x86/pkeys/selftests: Avoid printf-in-signal deadlocks x86/pkeys/selftests: Allow faults on unknown keys x86/pkeys/selftests: Factor out "instruction page" x86/pkeys/selftests: Add PROT_EXEC test x86/pkeys/selftests: Fix pkey exhaustion test off-by-one x86/pkeys/selftests: Fix pointer math x86/pkeys/selftests: Save off 'prot' for allocations x86/pkeys/selftests: Add a test for pkey 0 Dave Young (1): kexec_file: do not add extra alignment to efi memmap David Gilhooley (1): arm64: Add MIDR encoding for NVIDIA CPUs David Howells (11): afs: Fix server record deletion vfs: Undo an overly zealous MS_RDONLY -> SB_RDONLY conversion rxrpc: Fix missing start of call timeout rxrpc: Fix error reception on AF_INET6 sockets rxrpc: Fix the min security level for kernel calls afs: Fix address list parsing afs: Fix refcounting in callback registration afs: Fix server rotation's handling of fileserver probe failure afs: Fix VNOVOL handling in address rotation afs: Fix the handling of CB.InitCallBackState3 to find the server by UUID afs: Fix the non-encryption of calls Emil Tantilov (1): ixgbe: return error on unsupported SFP module when resetting Emil Velikov (1): drm/msm: don't deref error pointer in the msm_fbdev_create error path Eric Anholt (1): drm/vc4: Fix oops dereferencing DPI's connector since panel_bridge. Etienne Carriere (1): tee: check shm references are consistent in offset/size Evan Wang (2): libahci: Allow drivers to override stop_engine ata: ahci: mvebu: override ahci_stop_engine for mvebu AHCI Florian Fainelli (2): soc: bcm: raspberrypi-power: Fix use of __packed net: ethtool: Add missing kernel doc for FEC parameters Ganesh Goudar (1): cxgb4: copy mbox log size to PF0-3 adap instances Geert Uytterhoeven (5): soc: bcm2835: Make !RASPBERRYPI_FIRMWARE dummies return failure dt-bindings: meson-uart: DT fix s/clocks-names/clock-names/ dt-bindings: mvebu-uart: DT fix s/interrupts-names/interrupt-names/ dt-bindings: panel: lvds: Fix path to display timing bindings mtd: rawnand: Fix return type of __DIVIDE() when called with 32-bit Gianluca Borello (1): bpf, x64: fix JIT emission for dead code Graeme Smecher (1): ARM: dts: correct missing "compatible" entry for ti81xx SoCs Greg Kroah-Hartman (1): Linux 4.16.17 Greg Thelen (6): nvme: depend on INFINIBAND_ADDR_TRANS nvmet-rdma: depend on INFINIBAND_ADDR_TRANS ib_srpt: depend on INFINIBAND_ADDR_TRANS cifs: smbd: depend on INFINIBAND_ADDR_TRANS ib_srp: depend on INFINIBAND_ADDR_TRANS IB: make INFINIBAND_ADDR_TRANS configurable Hans de Goede (2): thermal: int3403_thermal: Fix NULL pointer deref on module load / probe HID: i2c-hid: Add RESEND_REPORT_DESCR quirk for Toshiba Click Mini L9W-B Heikki Krogerus (1): usb: typec: tps6598x: handle block reads separately with plain-I2C adapters Helge Deller (2): parisc: drivers.c: Fix section mismatches parisc: Move setup_profiling_timer() out of init section Huang Ying (1): mm, pagemap: fix swap offset value for PMD migration entry Håkon Bugge (1): IB/core: Make ib_mad_client_id atomic Igor Russkikh (2): net: aquantia: driver should correctly declare vlan_features bits net: aquantia: Limit number of vectors to actually allocated irqs Ilan Peer (1): mac80211: Adjust SAE authentication timeout Ingo Molnar (3): objtool, kprobes/x86: Sync the latest <asm/insn.h> header with tools/objtool/arch/x86/include/asm/insn.h x86/pkeys/selftests: Adjust the self-test to fresh distros that export the pkeys ABI x86/mpx/selftests: Adjust the self-test to fresh distros that export the MPX ABI Jack Morgenstein (1): IB/mlx4: Fix integer overflow when calculating optimal MTT size Jacopo Mondi (3): dt-bindings: net: ravb: Add support for r8a77965 SoC dt-bindings: serial: sh-sci: Add support for r8a77965 (H)SCIF dt-bindings: dmaengine: rcar-dmac: document R8A77965 support Jagannathan Raman (1): iommu/vt-d: Fix usage of force parameter in intel_ir_reconfigure_irte() Jakob Unterwurzacher (1): can: dev: increase bus-off message severity Jakub Kicinski (2): nfp: ignore signals when communicating with management FW nfp: don't depend on eth_tbl being available Janusz Krzysztofik (1): ARM: OMAP1: ams-delta: fix deferred_fiq handler Jeffrey Hugo (1): init: fix false positives in W+X checking Jerome Brunet (1): clk: honor CLK_MUX_ROUND_CLOSEST in generic clk mux Jianchao Wang (2): IB/rxe: add RXE_START_MASK for rxe_opcode IB_OPCODE_RC_SEND_ONLY_INV nvme: fix use-after-free in nvme_free_ns_head Jiang Biao (2): blkcg: don't hold blkcg lock when deactivating policy blkcg: init root blkcg_gq under lock Jim Gill (1): scsi: vmw-pvscsi: return DID_BUS_BUSY for adapter-initated aborts Jingju Hou (1): net: phy: marvell: clear wol event before setting it John Fastabend (1): bpf: fix uninitialized variable in bpf tools Jon Maloy (1): tipc: fix bug in function tipc_nl_node_dump_monitor Julian Wiedmann (1): s390/qeth: fix request-side race during cmd IO timeout Junaid Shahid (1): kvm: apic: Flush TLB after APIC mode/address change if VPIDs are in use Kan Liang (2): perf pmu: Fix core PMU alias list for X86 platform perf/x86/intel: Don't enable freeze-on-smi for PerfMon V1 KarimAllah Ahmed (1): X86/KVM: Properly update 'tsc_offset' to represent the running guest Keith Busch (3): nvme: Set integrity flag for user passthrough commands nvme/multipath: Disable runtime writable enabling parameter nvme/multipath: Fix multipath disabled naming collisions Krish Sadhukhan (1): x86: Add check for APIC access address for vmentry of L2 guests Ladislav Michl (1): mtd: onenand: omap2: Disable DMA for HIGHMEM buffers Laura Abbott (1): proc/kcore: don't bounds check against address 0 Laurentiu Tudor (1): powerpc/kvm/booke: Fix altivec related build break Leo Yan (1): perf cs-etm: Support unknown_thread in cs_etm_auxtrace Leon Romanovsky (1): RDMA/mlx5: Properly check return value of mlx5_get_uars_page Liam Girdwood (1): ASoC: topology: Check widget kcontrols before deref. Loic Poulain (1): PCI: kirin: Fix reset gpio name Long Li (2): scsi: storvsc: Set up correct queue depth values for IDE devices cifs: Allocate validate negotiation request through kmalloc Lukasz Majewski (1): doc: Add vendor prefix for Kieback & Peter GmbH Madhavan Srinivasan (1): powerpc/64s: Default l1d_size to 64K in RFI fallback flush Marc Dionne (1): afs: Fix afs_find_server search loop Marian Rotariu (1): x86: Delay skip of emulated hypercall instruction Mark Rutland (7): arm64: kasan: avoid pfn_to_nid() before page array is initialized arm64: ptrace: remove addr_limit manipulation arm64: only advance singlestep for user instruction traps arm64: fix possible spectre-v1 in ptrace_hbp_get_event() KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_mmio_read_apr() bpf: fix possible spectre-v1 in find_and_alloc_map() efi/libstub/arm64: Handle randomized TEXT_OFFSET Markus Mayer (1): cpufreq: brcmstb-avs-cpufreq: remove development debug support Martin Blumenstingl (7): ARM64: dts: meson-gxl: add USB host support ARM64: dts: meson-gxm: add GXM specific USB host configuration ARM64: dts: meson-gxl-s905x-p212: enable the USB controller ARM64: dts: meson-gx-p23x-q20x: enable the USB controller ARM64: dts: meson-gxl-s905x-libretech-cc: enable the USB controller ARM64: dts: meson-gxl-nexbox-a95x: enable the USB controller ARM64: dts: meson-gxm-khadas-vim2: enable the USB controller Martin Schwidefsky (1): s390/smsgiucv: disable SMSG on module unload Masahiro Yamada (3): arm64: dts: uniphier: fix input delay value for legacy mode of eMMC reset: uniphier: fix USB clock line for LD20 gcc-plugins: fix build condition of SANCOV plugin Masami Hiramatsu (3): selftests: ftrace: Add a testcase for multiple actions on trigger kprobes/x86: Prohibit probing on exception masking instructions uprobes/x86: Prohibit probing on MOV SS instruction Matan Barak (1): IB/uverbs: Fix validating mandatory attributes Matheus Castello (1): dt-bindings: pinctrl: sunxi: Fix reference to driver Mathieu Malaterre (4): driver core: add __printf verification to __ata_ehi_pushv_desc agp: uninorth: make two functions static sched/debug: Move the print_rt_rq() and print_dl_rq() declarations to kernel/sched/sched.h sched/deadline: Make the grub_reclaim() function static Matt Redfearn (1): MIPS: dts: Boston: Fix PCI bus dtc warnings: Maxime Chevallier (1): net: mvpp2: Fix clk error path in mvpp2_probe Michael Ellerman (1): powerpc/pseries: Fix CONFIG_NUMA=n build Michael J. Ruhl (1): IB/hfi1 Use correct type for num_user_context Michal Kalderon (2): qed: Fix l2 initializations over iWARP personality qede: Fix gfp flags sent to rdma event node allocation Mika Westerberg (3): ACPI / scan: Initialize watchdog before PNP ACPI / watchdog: Prefer iTCO_wdt on Lenovo Z50-70 pinctrl: cherryview: Associate IRQ descriptors to irqdomain Minchan Kim (1): mm: memcg: add __GFP_NOWARN in __memcg_schedule_kmem_cache_create() Ming Lei (1): scsi: target: fix crash with iscsi target and dvd Nathan Fontenot (1): ibmvnic: Do not notify peers on parameter change resets Nick Dyer (1): Input: atmel_mxt_ts - fix the firmware update Nikita Yushchenko (1): ARM: dts: imx51-zii-rdu1: fix touchscreen bindings Omar Sandoval (1): blk-mq: fix sysfs inflight counter Pablo Neira Ayuso (1): netfilter: nf_tables: NAT chain and extensions require NF_TABLES Paolo Bonzini (1): kvm: x86: move MSR_IA32_TSC handling to x86.c Parav Pandit (2): RDMA/cma: Fix use after destroy access to net namespace for IPoIB RDMA/cma: Do not query GID during QP state transition to RTR Paulo Alcantara (1): cifs: smb2ops: Fix listxattr() when there are no EAs Peter Rosin (3): i2c: pmcmsp: return message count on master_xfer success i2c: pmcmsp: fix error return from master_xfer i2c: viperboard: return message count on master_xfer success Peter Zijlstra (4): stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock kthread, sched/wait: Fix kthread_parkme() wait-loop kthread, sched/wait: Fix kthread_parkme() completion issue sched/core: Introduce set_special_state() Pierre-Louis Bossart (1): ASoC: Intel: atom: fix ACPI/PCI Kconfig Pieter Jansen van Vuuren (1): nfp: flower: split and limit cmsg skb lists Raghuram Chary J (1): lan78xx: PHY DSP registers initialization to address EEE link drop issues with long cables Ramon Fried (1): rpmsg: added MODULE_ALIAS for rpmsg_char Rich Felker (1): sh: fix build failure for J2 cpu with SMP disabled Rob Herring (2): spi: bcm2835aux: ensure interrupts are enabled for shared handler sh: switch to NO_BOOTMEM Roman Mashak (1): net sched actions: fix invalid pointer dereferencing if skbedit flags missing Russell King (4): ARM: keystone: fix platform_domain_notifier array overrun ARM: kexec: fix kdump register saving on panic() ARM: replace unnecessary perl with sed and the shell $(( )) operator ARM: fix kill( ,SIGFPE) breakage Sara Sharon (1): mac80211: use timeout from the AddBA response instead of the request Sebastian Sanchez (2): IB/{hfi1, rdmavt}: Fix memory leak in hfi1_alloc_devdata() upon failure IB/hfi1: Fix memory leak in exception path in get_irq_affinity() Sekhar Nori (9): ARM: dts: da850: fix W=1 warnings with pinmux node ARM: davinci: board-da830-evm: fix GPIO lookup for MMC/SD ARM: davinci: board-da850-evm: fix GPIO lookup for MMC/SD ARM: davinci: board-omapl138-hawk: fix GPIO numbers for MMC/SD lookup ARM: davinci: board-dm355-evm: fix broken networking ARM: davinci: fix GPIO lookup for I2C ARM: davinci: dm646x: fix timer interrupt generation ARM: davinci: board-dm646x-evm: pass correct I2C adapter id for VPIF ARM: davinci: board-dm646x-evm: set VPIF capture card name Simon Gaiser (1): xen: xenbus_dev_frontend: Really return response string Sinan Kaya (2): MIPS: io: Prevent compiler reordering writeX() MIPS: io: Add barrier after register read in readX() Srinath Mannam (1): arm64: dts: correct SATA addresses for Stingray Srinivas Kandagatla (1): ASoC: msm8916-wcd-analog: use threaded context for mbhc events Stefan Agner (2): drm/msm/dsi: use correct enum in dsi_get_cmd_fmt clk: imx6ull: use OSC clock during AXI rate change Stefan Raspl (1): smc: fix sendpage() call Stefano Brivio (1): vti6: Change minimum MTU to IPV4_MIN_MTU, vti6 can carry IPv4 too Steve French (1): CIFS: set *resp_buf_type to NO_BUFFER on error Taehee Yoo (1): netfilter: nf_tables: fix out-of-bounds in nft_chain_commit_update Tero Kristo (1): ARM: OMAP2+: powerdomain: use raw_smp_processor_id() for trace Tobias Jakobi (1): drm/exynos: mixer: avoid Oops in vp_video_buffer() Tobias Jordan (1): remoteproc: qcom: Fix potential device node leaks Tobias Regnery (1): usb: typec: ucsi: fix tracepoint related build error Tomi Valkeinen (4): drm/omap: fix uninitialized ret variable drm/omap: fix possible NULL ref issue in tiler_reserve_2d drm/omap: check return value from soc_device_match drm/omap: handle alloc failures in omap_connector Tony Lindgren (1): ARM: dts: Fix cm2 and prm sizes for omap4 Tung Nguyen (1): tipc: fix infinite loop when dumping link monitor summary Tyler Hicks (1): eCryptfs: don't pass up plaintext names when using filename encryption Vinicius Costa Gomes (1): igb: Fix the transmission mode of queue 0 for Qav mode Vinson Lee (1): scsi: megaraid_sas: Do not log an error if FW successfully initializes. Vladimir Zapolskiy (1): spi: sh-msiof: Fix bit field overflow writes to TSCR/RSCR Waiman Long (2): locking/rwsem: Add a new RWSEM_ANONYMOUSLY_OWNED flag locking/percpu-rwsem: Annotate rwsem ownership transfer by setting RWSEM_OWNER_UNKNOWN Wanpeng Li (2): KVM: Extend MAX_IRQ_ROUTES to 4096 for all archs KVM: X86: Lower the default timer frequency limit to 200us Yan Wang (1): ASoC: topology: Fix bugs of freeing soc topology Ying Xue (1): tipc: eliminate KMSAN uninit-value in strcmp complaint Yixun Lan (1): pinctrl: meson-axg: fix the range of aobus bank Yury Norov (1): lib/find_bit_benchmark.c: avoid soft lockup in test_find_first_bit() Zhu Yanjun (1): IB/rxe: avoid double kfree_skb dann frazier (1): net: hns: Avoid action name truncation hu huajun (1): KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update jacek.tomaka(a)poczta.fm (1): x86/cpu/intel: Add missing TLB cpuid values oder_chiou(a)realtek.com (1): ASoC: rt5514: Add the missing register in the readable table oulijun (4): RDMA/hns: Bugfix for init hem table RDMA/hns: Intercept illegal RDMA operation when use inline data RDMA/hns: Fix the qp context state diagram RDMA/hns: Submit bad wr pgzh (1): HID: lenovo: Add support for IBM/Lenovo Scrollpoint mice sxauwsk (1): spi: cadence: Add usleep_range() for cdns_spi_fill_tx_fifo() van der Linden, Frank (1): x86/xen: Reset VCPU0 info pointer after shared_info remap Łukasz Stelmach (2): ARM: 8753/1: decompressor: add a missing parameter to the addruart macro ARM: 8758/1: decompressor: restore r1 and r2 just before jumping to the kernel

7 years, 4 months

1
1
0 0

[PATCH v2 1/2] iommu/vt-d: add definitions for PFSID

by Jacob Pan

When SRIOV VF device IOTLB is invalidated, we need to provide the PF source ID such that IOMMU hardware can gauge the depth of invalidation queue which is shared among VFs. This is needed when device invalidation throttle (DIT) capability is supported. This patch adds bit definitions for checking and tracking PFSID. Signed-off-by: Jacob Pan <jacob.jun.pan(a)linux.intel.com> Cc: stable(a)vger.kernel.org Cc: "Ashok Raj" <ashok.raj(a)intel.com> Cc: "Lu Baolu" <baolu.lu(a)linux.intel.com> --- drivers/iommu/intel-iommu.c | 1 + include/linux/intel-iommu.h | 3 +++ 2 files changed, 4 insertions(+) diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c index 749d8f2..3d77d61 100644 --- a/drivers/iommu/intel-iommu.c +++ b/drivers/iommu/intel-iommu.c @@ -422,6 +422,7 @@ struct device_domain_info { struct list_head global; /* link to global list */ u8 bus; /* PCI bus number */ u8 devfn; /* PCI devfn number */ + u16 pfsid; /* SRIOV physical function source ID */ u8 pasid_supported:3; u8 pasid_enabled:1; u8 pri_supported:1; diff --git a/include/linux/intel-iommu.h b/include/linux/intel-iommu.h index ef169d6..af1c05f 100644 --- a/include/linux/intel-iommu.h +++ b/include/linux/intel-iommu.h @@ -114,6 +114,7 @@ * Extended Capability Register */ +#define ecap_dit(e) ((e >> 41) & 0x1) #define ecap_pasid(e) ((e >> 40) & 0x1) #define ecap_pss(e) ((e >> 35) & 0x1f) #define ecap_eafs(e) ((e >> 34) & 0x1) @@ -284,6 +285,7 @@ enum { #define QI_DEV_IOTLB_SID(sid) ((u64)((sid) & 0xffff) << 32) #define QI_DEV_IOTLB_QDEP(qdep) (((qdep) & 0x1f) << 16) #define QI_DEV_IOTLB_ADDR(addr) ((u64)(addr) & VTD_PAGE_MASK) +#define QI_DEV_IOTLB_PFSID(pfsid) (((u64)(pfsid & 0xf) << 12) | ((u64)(pfsid & 0xfff) << 52)) #define QI_DEV_IOTLB_SIZE 1 #define QI_DEV_IOTLB_MAX_INVS 32 @@ -308,6 +310,7 @@ enum { #define QI_DEV_EIOTLB_PASID(p) (((u64)p) << 32) #define QI_DEV_EIOTLB_SID(sid) ((u64)((sid) & 0xffff) << 16) #define QI_DEV_EIOTLB_QDEP(qd) ((u64)((qd) & 0x1f) << 4) +#define QI_DEV_EIOTLB_PFSID(pfsid) (((u64)(pfsid & 0xf) << 12) | ((u64)(pfsid & 0xfff) << 52)) #define QI_DEV_EIOTLB_MAX_INVS 32 #define QI_PGRP_IDX(idx) (((u64)(idx)) << 55) -- 2.7.4

7 years, 4 months

1
1
0 0

Re: Patch "livepatch: Initialize shadow variables safely by a custom callback" has been added to the 4.16-stable tree

by Miroslav Benes

On Sun, 17 Jun 2018, gregkh(a)linuxfoundation.org wrote: > > This is a note to let you know that I've just added the patch titled > > livepatch: Initialize shadow variables safely by a custom callback > > to the 4.16-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > livepatch-initialize-shadow-variables-safely-by-a-custom-callback.patch > and it can be found in the queue-4.16 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. Hi, I think the patch really should not be added to the stable tree. It is not a bug fix. It is a new feature. The original API was more limited and this patch extends it. The same applies to patch "livepatch: Allow to call a custom callback when freeing shadow variables". Regards, Miroslav

7 years, 4 months

2
1
0 0

[PATCH 4.14 000/189] 4.14.51-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.51 release. There are 189 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Jun 20 08:11:38 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.51-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.51-rc1 Eric Dumazet <edumazet(a)google.com> tcp: do not overshoot window_clamp in tcp_rcv_space_adjust() Liu Bo <bo.li.liu(a)oracle.com> Btrfs: make raid6 rebuild retry more Liu Bo <bo.li.liu(a)oracle.com> Btrfs: fix scrub to repair raid6 corruption Sasha Levin <Alexander.Levin(a)microsoft.com> Revert "Btrfs: fix scrub to repair raid6 corruption" Russell King <rmk+kernel(a)armlinux.org.uk> ARM: kexec: fix kdump register saving on panic() Łukasz Stelmach <l.stelmach(a)samsung.com> ARM: 8758/1: decompressor: restore r1 and r2 just before jumping to the kernel Łukasz Stelmach <l.stelmach(a)samsung.com> ARM: 8753/1: decompressor: add a missing parameter to the addruart macro Mark Rutland <mark.rutland(a)arm.com> efi/libstub/arm64: Handle randomized TEXT_OFFSET Helge Deller <deller(a)gmx.de> parisc: Move setup_profiling_timer() out of init section Mathieu Malaterre <malat(a)debian.org> sched/deadline: Make the grub_reclaim() function static Mathieu Malaterre <malat(a)debian.org> sched/debug: Move the print_rt_rq() and print_dl_rq() declarations to kernel/sched/sched.h Dan Carpenter <dan.carpenter(a)oracle.com> drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl() Waiman Long <longman(a)redhat.com> locking/percpu-rwsem: Annotate rwsem ownership transfer by setting RWSEM_OWNER_UNKNOWN Waiman Long <longman(a)redhat.com> locking/rwsem: Add a new RWSEM_ANONYMOUSLY_OWNED flag Stefan Agner <stefan(a)agner.ch> clk: imx6ull: use OSC clock during AXI rate change Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-dm646x-evm: set VPIF capture card name Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-dm646x-evm: pass correct I2C adapter id for VPIF Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: dm646x: fix timer interrupt generation Peter Rosin <peda(a)axentia.se> i2c: viperboard: return message count on master_xfer success Peter Rosin <peda(a)axentia.se> i2c: pmcmsp: fix error return from master_xfer Peter Rosin <peda(a)axentia.se> i2c: pmcmsp: return message count on master_xfer success Russell King <rmk+kernel(a)armlinux.org.uk> ARM: keystone: fix platform_domain_notifier array overrun Daniel Glöckner <dg(a)emlix.com> usb: musb: fix remote wakeup racing with suspend David Howells <dhowells(a)redhat.com> afs: Fix the non-encryption of calls Ben Hutchings <ben(a)decadent.org.uk> mtd: Fix comparison in map_word_andequal() Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Add a test for pkey 0 Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Save off 'prot' for allocations Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Fix pointer math Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Fix pkey exhaustion test off-by-one Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Add PROT_EXEC test Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Factor out "instruction page" Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Allow faults on unknown keys Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Remove dead debugging code, fix dprint_in_signal Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Stop using assert() Dave Hansen <dave.hansen(a)linux.intel.com> x86/pkeys/selftests: Give better unexpected fault error messages Andy Lutomirski <luto(a)kernel.org> x86/selftests: Add mov_to_ss test Ingo Molnar <mingo(a)kernel.org> x86/mpx/selftests: Adjust the self-test to fresh distros that export the MPX ABI Ingo Molnar <mingo(a)kernel.org> x86/pkeys/selftests: Adjust the self-test to fresh distros that export the pkeys ABI Ingo Molnar <mingo(a)kernel.org> objtool, kprobes/x86: Sync the latest <asm/insn.h> header with tools/objtool/arch/x86/include/asm/insn.h Masami Hiramatsu <mhiramat(a)kernel.org> uprobes/x86: Prohibit probing on MOV SS instruction Masami Hiramatsu <mhiramat(a)kernel.org> kprobes/x86: Prohibit probing on exception masking instructions Ashish Samant <ashish.samant(a)oracle.com> ocfs2: take inode cluster lock before moving reflinked inode from orphan dir Laura Abbott <labbott(a)redhat.com> proc/kcore: don't bounds check against address 0 Jeffrey Hugo <jhugo(a)codeaurora.org> init: fix false positives in W+X checking Roman Mashak <mrv(a)mojatatu.com> net sched actions: fix invalid pointer dereferencing if skbedit flags missing Emil Tantilov <emil.s.tantilov(a)intel.com> ixgbe: return error on unsupported SFP module when resetting Marian Rotariu <mrotariu(a)bitdefender.com> x86: Delay skip of emulated hypercall instruction Wanpeng Li <wanpengli(a)tencent.com> KVM: Extend MAX_IRQ_ROUTES to 4096 for all archs David Howells <dhowells(a)redhat.com> rxrpc: Fix the min security level for kernel calls David Howells <dhowells(a)redhat.com> rxrpc: Fix error reception on AF_INET6 sockets Michal Kalderon <Michal.Kalderon(a)cavium.com> qede: Fix gfp flags sent to rdma event node allocation Michal Kalderon <Michal.Kalderon(a)cavium.com> qed: Fix l2 initializations over iWARP personality Ying Xue <ying.xue(a)windriver.com> tipc: eliminate KMSAN uninit-value in strcmp complaint Mathieu Malaterre <malat(a)debian.org> agp: uninorth: make two functions static Paulo Alcantara <palcantara(a)suse.de> cifs: smb2ops: Fix listxattr() when there are no EAs David Gilhooley <dgilhooley(a)nvidia.com> arm64: Add MIDR encoding for NVIDIA CPUs Jakob Unterwurzacher <jakob.unterwurzacher(a)theobroma-systems.com> can: dev: increase bus-off message severity Igor Russkikh <igor.russkikh(a)aquantia.com> net: aquantia: driver should correctly declare vlan_features bits van der Linden, Frank <fllinden(a)amazon.com> x86/xen: Reset VCPU0 info pointer after shared_info remap Sara Sharon <sara.sharon(a)intel.com> mac80211: use timeout from the AddBA response instead of the request Clément Péron <peron.clem(a)gmail.com> ARM: dts: cygnus: fix irq type for arm global timer Mathieu Malaterre <malat(a)debian.org> driver core: add __printf verification to __ata_ehi_pushv_desc Tomi Valkeinen <tomi.valkeinen(a)ti.com> drm/omap: handle alloc failures in omap_connector Tomi Valkeinen <tomi.valkeinen(a)ti.com> drm/omap: check return value from soc_device_match Tomi Valkeinen <tomi.valkeinen(a)ti.com> drm/omap: fix possible NULL ref issue in tiler_reserve_2d Tomi Valkeinen <tomi.valkeinen(a)ti.com> drm/omap: fix uninitialized ret variable Dan Carpenter <dan.carpenter(a)oracle.com> drm/omap: silence unititialized variable warning Ilan Peer <ilan.peer(a)intel.com> mac80211: Adjust SAE authentication timeout Naveen N. Rao <naveen.n.rao(a)linux.vnet.ibm.com> powerpc/trace/syscalls: Update syscall name matching logic to account for ppc_ prefix Naveen N. Rao <naveen.n.rao(a)linux.vnet.ibm.com> powerpc/trace/syscalls: Update syscall name matching logic Etienne Carriere <etienne.carriere(a)linaro.org> tee: check shm references are consistent in offset/size Rich Felker <dalias(a)libc.org> sh: fix build failure for J2 cpu with SMP disabled Peter Zijlstra <peterz(a)infradead.org> sched/core: Introduce set_special_state() Rob Herring <robh(a)kernel.org> spi: bcm2835aux: ensure interrupts are enabled for shared handler Parav Pandit <parav(a)mellanox.com> RDMA/cma: Do not query GID during QP state transition to RTR Sebastian Sanchez <sebastian.sanchez(a)intel.com> IB/hfi1: Fix memory leak in exception path in get_irq_affinity() Michael J. Ruhl <michael.j.ruhl(a)intel.com> IB/hfi1 Use correct type for num_user_context Stefan Raspl <stefan.raspl(a)linux.ibm.com> smc: fix sendpage() call Janusz Krzysztofik <jmkrzyszt(a)gmail.com> ARM: OMAP1: ams-delta: fix deferred_fiq handler Keith Busch <keith.busch(a)intel.com> nvme: Set integrity flag for user passthrough commands Chengguang Xu <cgxu519(a)gmx.com> nvme: fix potential memory leak in option parsing Changbin Du <changbin.du(a)intel.com> iommu/vt-d: fix shift-out-of-bounds in bug checking Bhadram Varka <vbhadram(a)nvidia.com> arm64: tegra: Make BCM89610 PHY interrupt as active low Peter Zijlstra <peterz(a)infradead.org> kthread, sched/wait: Fix kthread_parkme() wait-loop Peter Zijlstra <peterz(a)infradead.org> stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock Helge Deller <deller(a)gmx.de> parisc: drivers.c: Fix section mismatches Daniel Borkmann <daniel(a)iogearbox.net> bpf, x64: fix memleak when not converging after image Jim Gill <jgill(a)vmware.com> scsi: vmw-pvscsi: return DID_BUS_BUSY for adapter-initated aborts Arnd Bergmann <arnd(a)arndb.de> hexagon: export csum_partial_copy_nocheck Arnd Bergmann <arnd(a)arndb.de> hexagon: add memset_io() helper Nick Dyer <nick(a)shmanahar.org> Input: atmel_mxt_ts - fix the firmware update Adam Ford <aford173(a)gmail.com> ARM: dts: logicpd-som-lv: Fix Audio Mute Adam Ford <aford173(a)gmail.com> ARM: dts: logicpd-som-lv: Fix WL127x Startup Issues Tero Kristo <t-kristo(a)ti.com> ARM: OMAP2+: powerdomain: use raw_smp_processor_id() for trace Geert Uytterhoeven <geert+renesas(a)glider.be> dt-bindings: panel: lvds: Fix path to display timing bindings Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-dm355-evm: fix broken networking Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-omapl138-hawk: fix GPIO numbers for MMC/SD lookup Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-da850-evm: fix GPIO lookup for MMC/SD Sekhar Nori <nsekhar(a)ti.com> ARM: davinci: board-da830-evm: fix GPIO lookup for MMC/SD Håkon Bugge <haakon.bugge(a)oracle.com> IB/core: Make ib_mad_client_id atomic Amir Goldstein <amir73il(a)gmail.com> <linux/stringhash.h>: fix end_name_hash() for 64bit long Zhu Yanjun <yanjun.zhu(a)oracle.com> IB/rxe: avoid double kfree_skb Jianchao Wang <jianchao.w.wang(a)oracle.com> IB/rxe: add RXE_START_MASK for rxe_opcode IB_OPCODE_RC_SEND_ONLY_INV Colin Ian King <colin.king(a)canonical.com> RDMA/iwpm: fix memory leak on map_info Parav Pandit <parav(a)mellanox.com> RDMA/cma: Fix use after destroy access to net namespace for IPoIB Matan Barak <matanb(a)mellanox.com> IB/uverbs: Fix validating mandatory attributes Greg Thelen <gthelen(a)google.com> IB: make INFINIBAND_ADDR_TRANS configurable Greg Thelen <gthelen(a)google.com> ib_srp: depend on INFINIBAND_ADDR_TRANS Greg Thelen <gthelen(a)google.com> ib_srpt: depend on INFINIBAND_ADDR_TRANS Greg Thelen <gthelen(a)google.com> nvmet-rdma: depend on INFINIBAND_ADDR_TRANS Greg Thelen <gthelen(a)google.com> nvme: depend on INFINIBAND_ADDR_TRANS Jon Maloy <jon.maloy(a)ericsson.com> tipc: fix bug in function tipc_nl_node_dump_monitor Baolin Wang <baolin.wang(a)linaro.org> i2c: sprd: Fix the i2c count issue Baolin Wang <baolin.wang(a)linaro.org> i2c: sprd: Prevent i2c accesses after suspend is called John Fastabend <john.fastabend(a)gmail.com> bpf: fix uninitialized variable in bpf tools jacek.tomaka(a)poczta.fm <jacek.tomaka(a)poczta.fm> x86/cpu/intel: Add missing TLB cpuid values Evan Wang <xswang(a)marvell.com> ata: ahci: mvebu: override ahci_stop_engine for mvebu AHCI Evan Wang <xswang(a)marvell.com> libahci: Allow drivers to override stop_engine Mark Rutland <mark.rutland(a)arm.com> KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_mmio_read_apr() Mark Rutland <mark.rutland(a)arm.com> arm64: fix possible spectre-v1 in ptrace_hbp_get_event() Omar Sandoval <osandov(a)fb.com> blk-mq: fix sysfs inflight counter Arvind Yadav <arvind.yadav.cs(a)gmail.com> HID: intel-ish-hid: use put_device() instead of kfree() Ramon Fried <rfried(a)codeaurora.org> rpmsg: added MODULE_ALIAS for rpmsg_char Tobias Jordan <Tobias.Jordan(a)elektrobit.com> remoteproc: qcom: Fix potential device node leaks Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel: Don't enable freeze-on-smi for PerfMon V1 Dag Moxnes <dag.moxnes(a)oracle.com> rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp Masami Hiramatsu <mhiramat(a)kernel.org> selftests: ftrace: Add a testcase for multiple actions on trigger Arvind Yadav <arvind.yadav.cs(a)gmail.com> HID: wacom: Release device resource data obtained by devres_alloc() pgzh <peter.ganzhorn(a)gmail.com> HID: lenovo: Add support for IBM/Lenovo Scrollpoint mice Mark Rutland <mark.rutland(a)arm.com> arm64: ptrace: remove addr_limit manipulation Florian Fainelli <f.fainelli(a)gmail.com> net: ethtool: Add missing kernel doc for FEC parameters Hans de Goede <hdegoede(a)redhat.com> thermal: int3403_thermal: Fix NULL pointer deref on module load / probe Andres Rodriguez <andres.rodriguez(a)amd.com> drm/amdkfd: fix clock counter retrieval for node without GPU Mika Westerberg <mika.westerberg(a)linux.intel.com> ACPI / watchdog: Prefer iTCO_wdt on Lenovo Z50-70 Sekhar Nori <nsekhar(a)ti.com> ARM: dts: da850: fix W=1 warnings with pinmux node Jingju Hou <Jingju.Hou(a)synaptics.com> net: phy: marvell: clear wol event before setting it Balbir Singh <bsingharora(a)gmail.com> powerpc/powernv/memtrace: Let the arch hotunplug code flush cache Geert Uytterhoeven <geert+renesas(a)glider.be> dt-bindings: meson-uart: DT fix s/clocks-names/clock-names/ Chen Yu <yu.c.chen(a)intel.com> ACPI / PM: Blacklist Low Power S0 Idle _DSM for ThinkPad X1 Tablet(2016) Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: use Read device to query hypervisor for MAC Tobias Regnery <tobias.regnery(a)gmail.com> usb: typec: ucsi: fix tracepoint related build error Minchan Kim <minchan(a)kernel.org> mm: memcg: add __GFP_NOWARN in __memcg_schedule_kmem_cache_create() Dave Young <dyoung(a)redhat.com> kexec_file: do not add extra alignment to efi memmap Alexey Dobriyan <adobriyan(a)gmail.com> proc: revalidate kernel thread inodes to root:root Huang Ying <ying.huang(a)intel.com> mm, pagemap: fix swap offset value for PMD migration entry Colin Ian King <colin.king(a)canonical.com> scsi: isci: Fix infinite loop in while loop Long Li <longli(a)microsoft.com> scsi: storvsc: Set up correct queue depth values for IDE devices Baolin Wang <baolin.wang(a)linaro.org> parisc: time: Convert read_persistent_clock() to read_persistent_clock64() David Howells <dhowells(a)redhat.com> vfs: Undo an overly zealous MS_RDONLY -> SB_RDONLY conversion dann frazier <dann.frazier(a)canonical.com> net: hns: Avoid action name truncation Jiang Biao <jiang.biao2(a)zte.com.cn> blkcg: init root blkcg_gq under lock Emil Velikov <emil.velikov(a)collabora.com> drm/msm: don't deref error pointer in the msm_fbdev_create error path Stefan Agner <stefan(a)agner.ch> drm/msm/dsi: use correct enum in dsi_get_cmd_fmt Ben Hutchings <ben.hutchings(a)codethink.co.uk> drm/msm: Fix possible null dereference on failure of get_pages() Srinivas Kandagatla <srinivas.kandagatla(a)linaro.org> ASoC: msm8916-wcd-analog: use threaded context for mbhc events Taehee Yoo <ap420073(a)gmail.com> netfilter: nf_tables: fix out-of-bounds in nft_chain_commit_update Pablo Neira Ayuso <pablo(a)netfilter.org> netfilter: nf_tables: NAT chain and extensions require NF_TABLES Ming Lei <ming.lei(a)redhat.com> scsi: target: fix crash with iscsi target and dvd Vinson Lee <vlee(a)freedesktop.org> scsi: megaraid_sas: Do not log an error if FW successfully initializes. Chris Leech <cleech(a)redhat.com> scsi: iscsi: respond to netlink with unicast when appropriate Tung Nguyen <tung.q.nguyen(a)dektech.com.au> tipc: fix infinite loop when dumping link monitor summary Jiang Biao <jiang.biao2(a)zte.com.cn> blkcg: don't hold blkcg lock when deactivating policy sxauwsk <sxauwsk(a)163.com> spi: cadence: Add usleep_range() for cdns_spi_fill_tx_fifo() Liam Girdwood <liam.r.girdwood(a)linux.intel.com> ASoC: topology: Check widget kcontrols before deref. Simon Gaiser <simon(a)invisiblethingslab.com> xen: xenbus_dev_frontend: Really return response string Yan Wang <yan.wang(a)linux.intel.com> ASoC: topology: Fix bugs of freeing soc topology Loic Poulain <loic.poulain(a)linaro.org> PCI: kirin: Fix reset gpio name Geert Uytterhoeven <geert(a)linux-m68k.org> soc: bcm2835: Make !RASPBERRYPI_FIRMWARE dummies return failure Florian Fainelli <f.fainelli(a)gmail.com> soc: bcm: raspberrypi-power: Fix use of __packed Tyler Hicks <tyhicks(a)canonical.com> eCryptfs: don't pass up plaintext names when using filename encryption oder_chiou(a)realtek.com <oder_chiou(a)realtek.com> ASoC: rt5514: Add the missing register in the readable table Jerome Brunet <jbrunet(a)baylibre.com> clk: honor CLK_MUX_ROUND_CLOSEST in generic clk mux Jacopo Mondi <jacopo+renesas(a)jmondi.org> dt-bindings: dmaengine: rcar-dmac: document R8A77965 support Jacopo Mondi <jacopo+renesas(a)jmondi.org> dt-bindings: serial: sh-sci: Add support for r8a77965 (H)SCIF Matheus Castello <matheus(a)castello.eng.br> dt-bindings: pinctrl: sunxi: Fix reference to driver Lukasz Majewski <lukma(a)denx.de> doc: Add vendor prefix for Kieback & Peter GmbH Vladimir Zapolskiy <vladimir_zapolskiy(a)mentor.com> spi: sh-msiof: Fix bit field overflow writes to TSCR/RSCR Matt Redfearn <matt.redfearn(a)mips.com> MIPS: dts: Boston: Fix PCI bus dtc warnings: Chengguang Xu <cgxu519(a)gmx.com> isofs: fix potential memory leak in mount option parsing Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390/smsgiucv: disable SMSG on module unload Sinan Kaya <okaya(a)codeaurora.org> MIPS: io: Add barrier after register read in readX() Amir Goldstein <amir73il(a)gmail.com> fsnotify: fix ignore mask logic in send_to_group() Arnaldo Carvalho de Melo <acme(a)redhat.com> perf report: Fix switching to another perf.data file Jakub Kicinski <jakub.kicinski(a)netronome.com> nfp: ignore signals when communicating with management FW Sinan Kaya <okaya(a)codeaurora.org> MIPS: io: Prevent compiler reordering writeX() Krish Sadhukhan <krish.sadhukhan(a)oracle.com> x86: Add check for APIC access address for vmentry of L2 guests hu huajun <huhuajun(a)linux.alibaba.com> KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> Input: synaptics-rmi4 - fix an unchecked out of memory error path Anson Huang <Anson.Huang(a)nxp.com> clocksource/drivers/imx-tpm: Correct some registers operation flow ------------- Diffstat: .../bindings/display/panel/panel-common.txt | 2 +- .../devicetree/bindings/dma/renesas,rcar-dmac.txt | 1 + .../bindings/pinctrl/allwinner,sunxi-pinctrl.txt | 6 +- .../bindings/serial/amlogic,meson-uart.txt | 2 +- .../bindings/serial/renesas,sci-serial.txt | 2 + .../devicetree/bindings/vendor-prefixes.txt | 1 + Makefile | 4 +- arch/arm/boot/compressed/head.S | 20 +- arch/arm/boot/dts/bcm-cygnus.dtsi | 2 +- arch/arm/boot/dts/da850.dtsi | 2 - arch/arm/boot/dts/logicpd-som-lv.dtsi | 11 +- arch/arm/kernel/machine_kexec.c | 34 ++- arch/arm/mach-davinci/board-da830-evm.c | 9 +- arch/arm/mach-davinci/board-da850-evm.c | 9 +- arch/arm/mach-davinci/board-dm355-evm.c | 6 + arch/arm/mach-davinci/board-dm646x-evm.c | 5 +- arch/arm/mach-davinci/board-omapl138-hawk.c | 10 +- arch/arm/mach-davinci/dm646x.c | 3 +- arch/arm/mach-keystone/pm_domain.c | 1 + arch/arm/mach-omap1/ams-delta-fiq.c | 28 +- arch/arm/mach-omap2/powerdomain.c | 4 +- arch/arm64/boot/dts/nvidia/tegra186-p3310.dtsi | 2 +- arch/arm64/include/asm/cputype.h | 6 + arch/arm64/kernel/ptrace.c | 20 +- arch/hexagon/include/asm/io.h | 6 + arch/hexagon/lib/checksum.c | 1 + arch/mips/boot/dts/img/boston.dts | 6 + arch/mips/include/asm/io.h | 4 +- arch/parisc/kernel/drivers.c | 7 +- arch/parisc/kernel/smp.c | 3 +- arch/parisc/kernel/time.c | 2 +- arch/powerpc/include/asm/ftrace.h | 29 ++- arch/powerpc/platforms/powernv/memtrace.c | 17 -- arch/sh/kernel/cpu/sh2/probe.c | 4 + arch/x86/events/intel/core.c | 9 +- arch/x86/include/asm/insn.h | 18 ++ arch/x86/kernel/cpu/intel.c | 3 + arch/x86/kernel/kexec-bzimage64.c | 5 +- arch/x86/kernel/kprobes/core.c | 4 + arch/x86/kernel/uprobes.c | 4 + arch/x86/kvm/hyperv.c | 2 +- arch/x86/kvm/svm.c | 5 +- arch/x86/kvm/vmx.c | 15 +- arch/x86/kvm/x86.c | 19 +- arch/x86/net/bpf_jit_comp.c | 4 +- arch/x86/xen/enlighten_hvm.c | 13 + block/blk-cgroup.c | 22 +- block/blk-mq.c | 19 ++ block/blk-mq.h | 4 +- block/genhd.c | 12 + block/partition-generic.c | 10 +- drivers/acpi/acpi_watchdog.c | 59 ++++- drivers/acpi/sleep.c | 13 + drivers/ata/ahci.c | 6 +- drivers/ata/ahci.h | 7 + drivers/ata/ahci_mvebu.c | 56 ++++ drivers/ata/ahci_qoriq.c | 2 +- drivers/ata/ahci_xgene.c | 4 +- drivers/ata/libahci.c | 20 +- drivers/ata/libata-eh.c | 4 +- drivers/ata/sata_highbank.c | 2 +- drivers/char/agp/uninorth-agp.c | 4 +- drivers/clk/clk-mux.c | 10 +- drivers/clk/clk.c | 7 +- drivers/clk/imx/clk-imx6ul.c | 2 +- drivers/clocksource/timer-imx-tpm.c | 8 +- drivers/firmware/efi/libstub/arm64-stub.c | 10 + drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 13 +- drivers/gpu/drm/drm_dumb_buffers.c | 7 +- drivers/gpu/drm/msm/dsi/dsi_host.c | 2 +- drivers/gpu/drm/msm/msm_fbdev.c | 11 +- drivers/gpu/drm/msm/msm_gem.c | 20 +- drivers/gpu/drm/omapdrm/dss/hdmi4.c | 2 +- drivers/gpu/drm/omapdrm/dss/hdmi4_core.c | 7 +- drivers/gpu/drm/omapdrm/dss/hdmi5.c | 2 +- drivers/gpu/drm/omapdrm/omap_connector.c | 10 + drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 6 +- drivers/gpu/drm/omapdrm/tcm-sita.c | 2 +- drivers/hid/Kconfig | 7 +- drivers/hid/hid-ids.h | 8 + drivers/hid/hid-lenovo.c | 36 +++ drivers/hid/intel-ish-hid/ishtp/bus.c | 2 +- drivers/hid/wacom_sys.c | 4 +- drivers/i2c/busses/i2c-pmcmsp.c | 4 +- drivers/i2c/busses/i2c-sprd.c | 22 +- drivers/i2c/busses/i2c-viperboard.c | 2 +- drivers/infiniband/Kconfig | 5 +- drivers/infiniband/core/cma.c | 60 +++-- drivers/infiniband/core/iwpm_util.c | 5 +- drivers/infiniband/core/mad.c | 4 +- drivers/infiniband/core/uverbs_ioctl.c | 9 + drivers/infiniband/hw/hfi1/affinity.c | 11 +- drivers/infiniband/hw/hfi1/init.c | 4 +- drivers/infiniband/sw/rxe/rxe_opcode.c | 2 +- drivers/infiniband/sw/rxe/rxe_req.c | 1 - drivers/infiniband/sw/rxe/rxe_resp.c | 6 +- drivers/infiniband/ulp/srp/Kconfig | 2 +- drivers/infiniband/ulp/srpt/Kconfig | 2 +- drivers/input/rmi4/rmi_spi.c | 7 +- drivers/input/touchscreen/atmel_mxt_ts.c | 186 ++++++++------ drivers/iommu/dmar.c | 2 +- drivers/net/can/dev.c | 2 +- drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 2 + drivers/net/ethernet/hisilicon/hns/hnae.h | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 3 + .../net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c | 3 +- drivers/net/ethernet/qlogic/qed/qed_l2.c | 6 +- drivers/net/ethernet/qlogic/qede/qede_rdma.c | 2 +- drivers/net/phy/marvell.c | 9 + drivers/nvme/host/Kconfig | 2 +- drivers/nvme/host/core.c | 1 + drivers/nvme/host/fabrics.c | 6 + drivers/nvme/target/Kconfig | 2 +- drivers/pci/dwc/pcie-kirin.c | 2 +- drivers/remoteproc/qcom_q6v5_pil.c | 2 + drivers/rpmsg/rpmsg_char.c | 2 + drivers/s390/net/qeth_core_main.c | 2 +- drivers/s390/net/smsgiucv.c | 2 +- drivers/scsi/isci/port_config.c | 3 +- drivers/scsi/megaraid/megaraid_sas_fusion.c | 6 +- drivers/scsi/scsi_transport_iscsi.c | 29 ++- drivers/scsi/storvsc_drv.c | 7 +- drivers/scsi/vmw_pvscsi.c | 2 +- drivers/soc/bcm/raspberrypi-power.c | 2 +- drivers/spi/spi-bcm2835aux.c | 5 + drivers/spi/spi-cadence.c | 8 + drivers/spi/spi-sh-msiof.c | 1 + drivers/target/target_core_pscsi.c | 2 + drivers/tee/tee_core.c | 11 + drivers/thermal/int340x_thermal/int3403_thermal.c | 3 +- drivers/usb/musb/musb_host.c | 5 +- drivers/usb/musb/musb_host.h | 7 +- drivers/usb/musb/musb_virthub.c | 25 +- drivers/usb/typec/ucsi/Makefile | 2 +- drivers/xen/xenbus/xenbus_dev_frontend.c | 3 +- fs/afs/rxrpc.c | 7 + fs/btrfs/scrub.c | 44 +++- fs/cifs/smb2ops.c | 6 + fs/ecryptfs/crypto.c | 41 ++- fs/ecryptfs/file.c | 21 +- fs/isofs/inode.c | 3 + fs/namespace.c | 2 +- fs/notify/fsnotify.c | 25 +- fs/ocfs2/refcounttree.c | 14 +- fs/proc/base.c | 6 + fs/proc/kcore.c | 23 +- fs/proc/task_mmu.c | 6 +- include/linux/clk-provider.h | 3 + include/linux/ethtool.h | 2 + include/linux/genhd.h | 4 +- include/linux/kvm_host.h | 8 +- include/linux/mtd/map.h | 2 +- include/linux/percpu-rwsem.h | 6 +- include/linux/rwsem.h | 6 + include/linux/sched.h | 50 +++- include/linux/sched/signal.h | 2 +- include/linux/stringhash.h | 4 +- include/soc/bcm2835/raspberrypi-firmware.h | 4 +- init/main.c | 7 + kernel/kthread.c | 7 +- kernel/locking/rwsem-xadd.c | 19 +- kernel/locking/rwsem.c | 2 - kernel/locking/rwsem.h | 30 ++- kernel/module.c | 5 + kernel/sched/core.c | 17 +- kernel/sched/deadline.c | 4 +- kernel/sched/rt.c | 2 - kernel/sched/sched.h | 5 +- kernel/signal.c | 17 +- kernel/stop_machine.c | 19 +- mm/memcontrol.c | 2 +- net/ipv4/tcp_input.c | 2 +- net/ipv6/netfilter/Kconfig | 55 ++-- net/mac80211/agg-tx.c | 4 + net/mac80211/mlme.c | 25 +- net/mac80211/tx.c | 3 +- net/netfilter/nf_tables_api.c | 2 +- net/rds/ib_cm.c | 3 +- net/rxrpc/af_rxrpc.c | 2 +- net/rxrpc/local_object.c | 57 +++-- net/sched/act_skbedit.c | 3 +- net/smc/af_smc.c | 6 +- net/tipc/monitor.c | 2 +- net/tipc/node.c | 28 +- sound/soc/codecs/msm8916-wcd-analog.c | 9 +- sound/soc/codecs/rt5514.c | 3 + sound/soc/soc-topology.c | 6 +- tools/net/bpf_dbg.c | 7 +- tools/objtool/arch/x86/include/asm/insn.h | 18 ++ tools/perf/util/symbol.c | 8 +- .../inter-event/trigger-multi-actions-accept.tc | 44 ++++ tools/testing/selftests/x86/Makefile | 2 +- tools/testing/selftests/x86/mov_ss_trap.c | 285 +++++++++++++++++++++ tools/testing/selftests/x86/mpx-mini-test.c | 7 +- tools/testing/selftests/x86/protection_keys.c | 254 ++++++++++++------ virt/kvm/arm/vgic/vgic-mmio-v2.c | 5 + 196 files changed, 1886 insertions(+), 674 deletions(-)

7 years, 4 months

5
179
0 0

[PATCH] mtd: rawnand: mxc: set spare area size register explicitly

by Martin Kaiser

The v21 version of the NAND flash controller contains a Spare Area Size Register (SPAS) at offset 0x10. Its setting defaults to the maximum spare area size of 218 bytes. The size that is set in this register is used by the controller when it calculates the ECC bytes internally in hardware. Usually, this register is updated from settings in the IIM fuses when the system is booting from nand flash. For other boot media, however, the SPAS register remains at the default setting, which may not work for the particular flash chip on the board. The same goes for flash chips whose configuration cannot be set in the IIM fuses (e.g. chips with 2k sector size and 128 bytes spare area size can't be configured in the IIM fuses on imx25 systems). Set the SPAS register explicitly during the preset operation. Derive the register value from mtd->oobsize that was detected during probe by decoding the flash chip's ID bytes. While at it, rename the define for the spare area register's offset to NFC_V21_RSLTSPARE_AREA. The register at offset 0x10 on v1 controllers is different from the register on v21 controllers. Signed-off-by: Martin Kaiser <martin(a)kaiser.cx> Cc: stable(a)vger.kernel.org --- drivers/mtd/nand/raw/mxc_nand.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/drivers/mtd/nand/raw/mxc_nand.c b/drivers/mtd/nand/raw/mxc_nand.c index 45786e7..c2f8572 100644 --- a/drivers/mtd/nand/raw/mxc_nand.c +++ b/drivers/mtd/nand/raw/mxc_nand.c @@ -48,7 +48,7 @@ #define NFC_V1_V2_CONFIG (host->regs + 0x0a) #define NFC_V1_V2_ECC_STATUS_RESULT (host->regs + 0x0c) #define NFC_V1_V2_RSLTMAIN_AREA (host->regs + 0x0e) -#define NFC_V1_V2_RSLTSPARE_AREA (host->regs + 0x10) +#define NFC_V21_RSLTSPARE_AREA (host->regs + 0x10) #define NFC_V1_V2_WRPROT (host->regs + 0x12) #define NFC_V1_UNLOCKSTART_BLKADDR (host->regs + 0x14) #define NFC_V1_UNLOCKEND_BLKADDR (host->regs + 0x16) @@ -1274,6 +1274,9 @@ static void preset_v2(struct mtd_info *mtd) writew(config1, NFC_V1_V2_CONFIG1); /* preset operation */ + /* spare area size in 16bit words */ + writew(mtd->oobsize >> 1, NFC_V21_RSLTSPARE_AREA); + /* Unlock the internal RAM Buffer */ writew(0x2, NFC_V1_V2_CONFIG); -- 2.1.4

7 years, 4 months

4
11
0 0

[PATCH] MIPS: implement smp_cond_load_acquire() for Loongson-3

by Huacai Chen

After commit 7f56b58a92aaf2c ("locking/mcs: Use smp_cond_load_acquire() in MCS spin loop") Loongson-3 fails to boot. This is because Loongson-3 has SFB (Store Fill Buffer) and READ_ONCE() may get an old value in a tight loop. So in smp_cond_load_acquire() we need a __smp_mb() after every READ_ONCE(). This patch introduce a Loongson-specific smp_cond_load_acquire(). And it should be backported to as early as linux-4.5, in which release the smp_cond_acquire() is introduced. Cc: stable(a)vger.kernel.org Signed-off-by: Huacai Chen <chenhc(a)lemote.com> --- arch/mips/include/asm/barrier.h | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/arch/mips/include/asm/barrier.h b/arch/mips/include/asm/barrier.h index a5eb1bb..4ea384d 100644 --- a/arch/mips/include/asm/barrier.h +++ b/arch/mips/include/asm/barrier.h @@ -222,6 +222,23 @@ #define __smp_mb__before_atomic() __smp_mb__before_llsc() #define __smp_mb__after_atomic() smp_llsc_mb() +#ifdef CONFIG_CPU_LOONGSON3 +/* Loongson-3 need a __smp_mb() after READ_ONCE() here */ +#define smp_cond_load_acquire(ptr, cond_expr) \ +({ \ + typeof(ptr) __PTR = (ptr); \ + typeof(*ptr) VAL; \ + for (;;) { \ + VAL = READ_ONCE(*__PTR); \ + __smp_mb(); \ + if (cond_expr) \ + break; \ + cpu_relax(); \ + } \ + VAL; \ +}) +#endif /* CONFIG_CPU_LOONGSON3 */ + #include <asm-generic/barrier.h> #endif /* __ASM_BARRIER_H */ -- 2.7.0

7 years, 4 months

5
8
0 0

[PATCH v2 1/2] net: ethernet: fix suspend/resume in davinci_emac

by Bartosz Golaszewski

From: Bartosz Golaszewski <bgolaszewski(a)baylibre.com> This patch reverts commit 3243ff2a05ec ("net: ethernet: davinci_emac: Deduplicate bus_find_device() by name matching") and adds a comment which should stop anyone from reintroducing the same "fix" in the future. We can't use bus_find_device_by_name() here because the device name is not guaranteed to be 'davinci_mdio'. On some systems it can be 'davinci_mdio.0' so we need to use strncmp() against the first part of the string to correctly match it. Fixes: 3243ff2a05ec ("net: ethernet: davinci_emac: Deduplicate bus_find_device() by name matching") Cc: stable(a)vger.kernel.org Signed-off-by: Bartosz Golaszewski <bgolaszewski(a)baylibre.com> Acked-by: Lukas Wunner <lukas(a)wunner.de> --- drivers/net/ethernet/ti/davinci_emac.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/ti/davinci_emac.c b/drivers/net/ethernet/ti/davinci_emac.c index 06d7c9e4dcda..a1a6445b5a7e 100644 --- a/drivers/net/ethernet/ti/davinci_emac.c +++ b/drivers/net/ethernet/ti/davinci_emac.c @@ -1385,6 +1385,11 @@ static int emac_devioctl(struct net_device *ndev, struct ifreq *ifrq, int cmd) return -EOPNOTSUPP; } +static int match_first_device(struct device *dev, void *data) +{ + return !strncmp(dev_name(dev), "davinci_mdio", 12); +} + /** * emac_dev_open - EMAC device open * @ndev: The DaVinci EMAC network adapter @@ -1484,8 +1489,14 @@ static int emac_dev_open(struct net_device *ndev) /* use the first phy on the bus if pdata did not give us a phy id */ if (!phydev && !priv->phy_id) { - phy = bus_find_device_by_name(&mdio_bus_type, NULL, - "davinci_mdio"); + /* NOTE: we can't use bus_find_device_by_name() here because + * the device name is not guaranteed to be 'davinci_mdio'. On + * some systems it can be 'davinci_mdio.0' so we need to use + * strncmp() against the first part of the string to correctly + * match it. + */ + phy = bus_find_device(&mdio_bus_type, NULL, NULL, + match_first_device); if (phy) { priv->phy_id = dev_name(phy); if (!priv->phy_id || !*priv->phy_id) -- 2.17.1

7 years, 4 months

1
0
0 0

[PATCH 1/3] net: ethernet: fix suspend/resume in davinci_emac

by Bartosz Golaszewski

From: Bartosz Golaszewski <bgolaszewski(a)baylibre.com> This patch reverts commit 3243ff2a05ec ("net: ethernet: davinci_emac: Deduplicate bus_find_device() by name matching") and adds a comment which should stop anyone from reintroducing the same "fix" in the future. We can't use bus_find_device_by_name() here because the device name is not guaranteed to be 'davinci_mdio'. On some systems it can be 'davinci_mdio.0' so we need to use strncmp() against the first part of the string to correctly match it. Fixes: 3243ff2a05ec ("net: ethernet: davinci_emac: Deduplicate bus_find_device() by name matching") Cc: stable(a)vger.kernel.org Signed-off-by: Bartosz Golaszewski <bgolaszewski(a)baylibre.com> --- drivers/net/ethernet/ti/davinci_emac.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/ti/davinci_emac.c b/drivers/net/ethernet/ti/davinci_emac.c index 06d7c9e4dcda..a1a6445b5a7e 100644 --- a/drivers/net/ethernet/ti/davinci_emac.c +++ b/drivers/net/ethernet/ti/davinci_emac.c @@ -1385,6 +1385,11 @@ static int emac_devioctl(struct net_device *ndev, struct ifreq *ifrq, int cmd) return -EOPNOTSUPP; } +static int match_first_device(struct device *dev, void *data) +{ + return !strncmp(dev_name(dev), "davinci_mdio", 12); +} + /** * emac_dev_open - EMAC device open * @ndev: The DaVinci EMAC network adapter @@ -1484,8 +1489,14 @@ static int emac_dev_open(struct net_device *ndev) /* use the first phy on the bus if pdata did not give us a phy id */ if (!phydev && !priv->phy_id) { - phy = bus_find_device_by_name(&mdio_bus_type, NULL, - "davinci_mdio"); + /* NOTE: we can't use bus_find_device_by_name() here because + * the device name is not guaranteed to be 'davinci_mdio'. On + * some systems it can be 'davinci_mdio.0' so we need to use + * strncmp() against the first part of the string to correctly + * match it. + */ + phy = bus_find_device(&mdio_bus_type, NULL, NULL, + match_first_device); if (phy) { priv->phy_id = dev_name(phy); if (!priv->phy_id || !*priv->phy_id) -- 2.17.1

7 years, 4 months

3
3
0 0

[PATCH v4 06/15] mtd: rawnand: qcom: wait for desc completion in all BAM channels

by Abhishek Sahu

The BAM has 3 channels - tx, rx and command. command channel is used for register read/writes, tx channel for data writes and rx channel for data reads. Currently, the driver assumes the transfer completion once it gets all the command descriptors completed. Sometimes, there is race condition between data channel (tx/rx) and command channel completion. In these cases, the data present in buffer is not valid during small window between command descriptor completion and data descriptor completion. This patch generates NAND transfer completion when both (Data and Command) DMA channels have completed all its DMA descriptors. It assigns completion callback in last DMA descriptors of that channel and wait for completion. Fixes: 8d6b6d7e135e ("mtd: nand: qcom: support for command descriptor formation") Cc: stable(a)vger.kernel.org Acked-by: Miquel Raynal <miquel.raynal(a)bootlin.com> Signed-off-by: Abhishek Sahu <absahu(a)codeaurora.org> --- * Changes from v3: 1. NONE * Changes from v2: 1. Changed commit message and comments slightly 2. Renamed wait_second_completion from first_chan_done and set it before submit desc 3. Mark for stable tree * Changes from v1: NONE drivers/mtd/nand/raw/qcom_nandc.c | 53 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 52 insertions(+), 1 deletion(-) diff --git a/drivers/mtd/nand/raw/qcom_nandc.c b/drivers/mtd/nand/raw/qcom_nandc.c index 2375780..fc20149 100644 --- a/drivers/mtd/nand/raw/qcom_nandc.c +++ b/drivers/mtd/nand/raw/qcom_nandc.c @@ -213,6 +213,8 @@ #define QPIC_PER_CW_CMD_SGL 32 #define QPIC_PER_CW_DATA_SGL 8 +#define QPIC_NAND_COMPLETION_TIMEOUT msecs_to_jiffies(2000) + /* * Flags used in DMA descriptor preparation helper functions * (i.e. read_reg_dma/write_reg_dma/read_data_dma/write_data_dma) @@ -245,6 +247,11 @@ * @tx_sgl_start - start index in data sgl for tx. * @rx_sgl_pos - current index in data sgl for rx. * @rx_sgl_start - start index in data sgl for rx. + * @wait_second_completion - wait for second DMA desc completion before making + * the NAND transfer completion. + * @txn_done - completion for NAND transfer. + * @last_data_desc - last DMA desc in data channel (tx/rx). + * @last_cmd_desc - last DMA desc in command channel. */ struct bam_transaction { struct bam_cmd_element *bam_ce; @@ -258,6 +265,10 @@ struct bam_transaction { u32 tx_sgl_start; u32 rx_sgl_pos; u32 rx_sgl_start; + bool wait_second_completion; + struct completion txn_done; + struct dma_async_tx_descriptor *last_data_desc; + struct dma_async_tx_descriptor *last_cmd_desc; }; /* @@ -504,6 +515,8 @@ static void free_bam_transaction(struct qcom_nand_controller *nandc) bam_txn->data_sgl = bam_txn_buf; + init_completion(&bam_txn->txn_done); + return bam_txn; } @@ -523,11 +536,33 @@ static void clear_bam_transaction(struct qcom_nand_controller *nandc) bam_txn->tx_sgl_start = 0; bam_txn->rx_sgl_pos = 0; bam_txn->rx_sgl_start = 0; + bam_txn->last_data_desc = NULL; + bam_txn->wait_second_completion = false; sg_init_table(bam_txn->cmd_sgl, nandc->max_cwperpage * QPIC_PER_CW_CMD_SGL); sg_init_table(bam_txn->data_sgl, nandc->max_cwperpage * QPIC_PER_CW_DATA_SGL); + + reinit_completion(&bam_txn->txn_done); +} + +/* Callback for DMA descriptor completion */ +static void qpic_bam_dma_done(void *data) +{ + struct bam_transaction *bam_txn = data; + + /* + * In case of data transfer with NAND, 2 callbacks will be generated. + * One for command channel and another one for data channel. + * If current transaction has data descriptors + * (i.e. wait_second_completion is true), then set this to false + * and wait for second DMA descriptor completion. + */ + if (bam_txn->wait_second_completion) + bam_txn->wait_second_completion = false; + else + complete(&bam_txn->txn_done); } static inline struct qcom_nand_host *to_qcom_nand_host(struct nand_chip *chip) @@ -756,6 +791,12 @@ static int prepare_bam_async_desc(struct qcom_nand_controller *nandc, desc->dma_desc = dma_desc; + /* update last data/command descriptor */ + if (chan == nandc->cmd_chan) + bam_txn->last_cmd_desc = dma_desc; + else + bam_txn->last_data_desc = dma_desc; + list_add_tail(&desc->node, &nandc->desc_list); return 0; @@ -1273,10 +1314,20 @@ static int submit_descs(struct qcom_nand_controller *nandc) cookie = dmaengine_submit(desc->dma_desc); if (nandc->props->is_bam) { + bam_txn->last_cmd_desc->callback = qpic_bam_dma_done; + bam_txn->last_cmd_desc->callback_param = bam_txn; + if (bam_txn->last_data_desc) { + bam_txn->last_data_desc->callback = qpic_bam_dma_done; + bam_txn->last_data_desc->callback_param = bam_txn; + bam_txn->wait_second_completion = true; + } + dma_async_issue_pending(nandc->tx_chan); dma_async_issue_pending(nandc->rx_chan); + dma_async_issue_pending(nandc->cmd_chan); - if (dma_sync_wait(nandc->cmd_chan, cookie) != DMA_COMPLETE) + if (!wait_for_completion_timeout(&bam_txn->txn_done, + QPIC_NAND_COMPLETION_TIMEOUT)) return -ETIMEDOUT; } else { if (dma_sync_wait(nandc->chan, cookie) != DMA_COMPLETE) -- QUALCOMM INDIA, on behalf of Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, hosted by The Linux Foundation

7 years, 4 months

1
0
0 0

[PATCH] printk/nmi: Prevent deadlock when serializing NMI backtraces

by Petr Mladek

The commit 719f6a7040f1bdaf96fcc ("printk: Use the main logbuf in NMI when logbuf_lock is available") tried to detect when logbuf_lock was taken on another CPU. Then it looked safe to wait for the lock even in NMI. It would be safe if other locks were not involved. Ironically the same commit introduced an ABBA deadlock scenario. It added a spin lock into nmi_cpu_backtrace() to serialize logs from different CPUs. The effect is that also the NMI handlers are serialized. As a result, logbuf_lock might be blocked by NMI on another CPU: CPU0 CPU1 CPU2 printk() vprintk_emit() spin_lock(&logbuf_lock) trigger_all_cpu_backtrace() raise() nmi_enter() printk_nmi_enter() if (this_cpu_read(printk_context) & PRINTK_SAFE_CONTEXT_MASK) // false else // looks safe to use printk_deferred() this_cpu_or(printk_context, PRINTK_NMI_DEFERRED_CONTEXT_MASK); nmi_cpu_backtrace() arch_spin_lock(&lock); show_regs() nmi_enter() nmi_cpu_backtrace() arch_spin_lock(&lock); printk() vprintk_func() vprintk_deferred() vprintk_emit() spin_lock(&logbuf_lock) DEADLOCK: between &logbuf_lock from vprintk_emit() and &lock from nmi_cpu_backtrace(). CPU0 CPU1 lock(logbuf_lock) lock(lock) lock(lock) lock(logbuf_lock) I have found this problem when stress testing trigger_all_cpu_backtrace() and the system frozen. Note that lockdep is not able to detect these dependencies because there is no support for NMI context. Let's stay on the safe side and always use printk_safe buffers when logbuf_lock is taken when entering NMI. Fixes: 719f6a7040f1bdaf96fcc ("printk: Use the main logbuf in NMI when logbuf_lock is available") Cc: 4.13+ <stable(a)vger.kernel.org> # v4.13+ Signed-off-by: Petr Mladek <pmladek(a)suse.com> --- kernel/printk/printk_safe.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/kernel/printk/printk_safe.c b/kernel/printk/printk_safe.c index 449d67edfa4b..a2ebd749c053 100644 --- a/kernel/printk/printk_safe.c +++ b/kernel/printk/printk_safe.c @@ -310,15 +310,12 @@ void printk_nmi_enter(void) { /* * The size of the extra per-CPU buffer is limited. Use it only when - * the main one is locked. If this CPU is not in the safe context, - * the lock must be taken on another CPU and we could wait for it. + * the main one is locked. */ - if ((this_cpu_read(printk_context) & PRINTK_SAFE_CONTEXT_MASK) && - raw_spin_is_locked(&logbuf_lock)) { + if (raw_spin_is_locked(&logbuf_lock)) this_cpu_or(printk_context, PRINTK_NMI_CONTEXT_MASK); - } else { + else this_cpu_or(printk_context, PRINTK_NMI_DEFERRED_CONTEXT_MASK); - } } void printk_nmi_exit(void) -- 2.13.6

7 years, 4 months

4
21
0 0

Re: [PATCH 3.18 00/21] 3.18.113-stable review

by Greg Kroah-Hartman

On Tue, Jun 12, 2018 at 03:08:12PM -0700, kernelci.org bot wrote: > stable-rc/linux-3.18.y boot: 52 boots: 28 failed, 18 passed with 1 offline, 5 conflicts (v3.18.112-22-gb0582263e3c9) > > Full Boot Summary: https://kernelci.org/boot/all/job/stable-rc/branch/linux-3.18.y/kernel/v3.1… > Full Build Summary: https://kernelci.org/build/stable-rc/branch/linux-3.18.y/kernel/v3.18.112-2… > > Tree: stable-rc > Branch: linux-3.18.y > Git Describe: v3.18.112-22-gb0582263e3c9 > Git Commit: b0582263e3c9810fd887ca92d19cb9ff30a4d9f6 > Git URL: http://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git > Tested: 24 unique boards, 12 SoC families, 13 builds out of 183 > > Boot Regressions Detected: > > arm: > > bcm2835_defconfig: > bcm2835-rpi-b: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > > davinci_all_defconfig: > dm365evm,legacy: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > > exynos_defconfig: > exynos5800-peach-pi: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > > imx_v6_v7_defconfig: > imx6dl-wandboard_dual: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > imx6dl-wandboard_solo: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > imx6q-wandboard: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > > multi_v7_defconfig: > am335x-boneblack: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > armada-xp-openblocks-ax3-4: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > exynos5800-peach-pi: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > imx6dl-wandboard_dual: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > imx6dl-wandboard_solo: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > imx6q-wandboard: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > omap3-beagle: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > omap3-beagle-xm: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > omap4-panda: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > sun4i-a10-cubieboard: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > sun7i-a20-cubietruck: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > tegra124-jetson-tk1: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > tegra20-iris-512: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > tegra30-beaver: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > zynq-zc702: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > > mvebu_v7_defconfig: > armada-xp-openblocks-ax3-4: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > > omap2plus_defconfig: > am335x-boneblack: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > omap3-beagle: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > omap3-beagle-xm: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > omap3-beagle-xm,legacy: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > omap4-panda: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > > sama5_defconfig: > at91-sama5d4ek: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > > sunxi_defconfig: > sun4i-a10-cubieboard: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > sun7i-a20-cubietruck: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > > tegra_defconfig: > tegra124-jetson-tk1: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > tegra20-iris-512: > lab-baylibre-seattle: new failure (last pass: v3.18.112) > tegra30-beaver: > lab-baylibre-seattle: new failure (last pass: v3.18.112) That is a lot of new failures, did the whole lab fail, or is this really a problem in v3.18.112 here? thanks, greg k-h

7 years, 4 months

3
4
0 0

[PATCH v3] target: fix truncated PR-in ReadKeys response

by David Disseldorp

SPC5r17 states that the contents of the ADDITIONAL LENGTH field are not altered based on the allocation length, so always calculate and pack the full key list length even if the list itself is truncated. According to Maged: Yes it fixes the "Storage Spaces Persistent Reservation" test in the Windows 2016 Server Failover Cluster validation suites when having many connections that result in more than 8 registrations. I tested your patch on 4.17 with iblock. This behaviour can be tested using the libiscsi PrinReadKeys.Truncate test. Cc: stable(a)vger.kernel.org Signed-off-by: David Disseldorp <ddiss(a)suse.de> Reviewed-by: Mike Christie <mchristi(a)redhat.com> Tested-by: Maged Mokhtar <mmokhtar(a)petasan.org> Reviewed-by: Christoph Hellwig <hch(a)lst.de> --- Changes since v2: * drop unnecessary braces * add Christoph's Reviewed-by Changes since v1: * CC stable * mention Maged's Windows PR test fix comment in commit message * add Reviewed-by and Tested-by tags drivers/target/target_core_pr.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/drivers/target/target_core_pr.c b/drivers/target/target_core_pr.c index 01ac306131c1..10db5656fd5d 100644 --- a/drivers/target/target_core_pr.c +++ b/drivers/target/target_core_pr.c @@ -3727,11 +3727,16 @@ core_scsi3_pri_read_keys(struct se_cmd *cmd) * Check for overflow of 8byte PRI READ_KEYS payload and * next reservation key list descriptor. */ - if ((add_len + 8) > (cmd->data_length - 8)) - break; - - put_unaligned_be64(pr_reg->pr_res_key, &buf[off]); - off += 8; + if (off + 8 <= cmd->data_length) { + put_unaligned_be64(pr_reg->pr_res_key, &buf[off]); + off += 8; + } + /* + * SPC5r17: 6.16.2 READ KEYS service action + * The ADDITIONAL LENGTH field indicates the number of bytes in + * the Reservation key list. The contents of the ADDITIONAL + * LENGTH field are not altered based on the allocation length + */ add_len += 8; } spin_unlock(&dev->t10_pr.registration_lock); -- 2.13.7

7 years, 4 months

2
1
0 0

[PATCH] scsi: sd: Optimal I/O size should be a multiple of physical block size

by Martin K. Petersen

It was reported that some devices report an OPTIMAL TRANSFER LENGTH of 0xFFFF blocks. That looks bogus, especially for a device with a 4096-byte physical block size. Ignore OPTIMAL TRANSFER LENGTH if it is not a multiple of the device's reported physical block size. Cc: <stable(a)vger.kernel.org> Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199759 Reported-by: Christoph Anton Mitterer <calestyo(a)scientia.net> Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com> --- Before: NAME ALIGNMENT MIN-IO OPT-IO PHY-SEC LOG-SEC ROTA SCHED RQ-SIZE RA WSAME sda 0 4096 33553920 4096 512 0 mq-deadline 256 128 32M After: NAME ALIGNMENT MIN-IO OPT-IO PHY-SEC LOG-SEC ROTA SCHED RQ-SIZE RA WSAME sda 0 4096 0 4096 512 0 mq-deadline 256 4096 32M --- drivers/scsi/sd.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c index 9421d9877730..2d19eed3dfbc 100644 --- a/drivers/scsi/sd.c +++ b/drivers/scsi/sd.c @@ -3067,7 +3067,7 @@ static int sd_revalidate_disk(struct gendisk *disk) struct request_queue *q = sdkp->disk->queue; sector_t old_capacity = sdkp->capacity; unsigned char *buffer; - unsigned int dev_max, rw_max; + unsigned int dev_max, rw_max, opt_xfer_bytes; SCSI_LOG_HLQUEUE(3, sd_printk(KERN_INFO, sdkp, "sd_revalidate_disk\n")); @@ -3126,13 +3126,16 @@ static int sd_revalidate_disk(struct gendisk *disk) /* * Determine the device's preferred I/O size for reads and writes - * unless the reported value is unreasonably small, large, or - * garbage. + * unless the reported value is unreasonably small, large, not a + * multiple of the physical block size, or simply garbage. */ + opt_xfer_bytes = logical_to_bytes(sdp, sdkp->opt_xfer_blocks); + if (sdkp->opt_xfer_blocks && sdkp->opt_xfer_blocks <= dev_max && sdkp->opt_xfer_blocks <= SD_DEF_XFER_BLOCKS && - logical_to_bytes(sdp, sdkp->opt_xfer_blocks) >= PAGE_SIZE) { + opt_xfer_bytes >= PAGE_SIZE && + (opt_xfer_bytes & (sdkp->physical_block_size - 1)) != 0) { q->limits.io_opt = logical_to_bytes(sdp, sdkp->opt_xfer_blocks); rw_max = logical_to_sectors(sdp, sdkp->opt_xfer_blocks); } else -- 2.17.1

7 years, 4 months

1
1
0 0

[PATCH v3 4/7] vmw_balloon: fix VMCI use when balloon built into kernel

by Nadav Amit

Currently, when all modules, including VMCI and VMware balloon are built into the kernel, the initialization of the balloon happens before the VMCI is probed. As a result, the balloon fails to initialize the VMCI doorbell, which it uses to get asynchronous requests for balloon size changes. The problem can be seen in the logs, in the form of the following message: "vmw_balloon: failed to initialize vmci doorbell" The driver would work correctly but slightly less efficiently, probing for requests periodically. This patch changes the balloon to be initialized using late_initcall() instead of module_init() to address this issue. It does not address a situation in which VMCI is built as a module and the balloon is built into the kernel. Fixes: 48e3d668b790 ("VMware balloon: Enable notification via VMCI") Cc: stable(a)vger.kernel.org Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com> Signed-off-by: Nadav Amit <namit(a)vmware.com> --- drivers/misc/vmw_balloon.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c index a7df4c24a28d..e7cfc85f6961 100644 --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -1297,7 +1297,14 @@ static int __init vmballoon_init(void) return 0; } -module_init(vmballoon_init); + +/* + * Using late_initcall() instead of module_init() allows the balloon to use the + * VMCI doorbell even when the balloon is built into the kernel. Otherwise the + * VMCI is probed only after the balloon is initialized. If the balloon is used + * as a module, late_initcall() is equivalent to module_init(). + */ +late_initcall(vmballoon_init); static void __exit vmballoon_exit(void) { -- 2.17.0

7 years, 4 months

1
0
0 0

[PATCH v3 3/7] vmw_balloon: VMCI_DOORBELL_SET does not check status

by Nadav Amit

When vmballoon_vmci_init() sets a doorbell using VMCI_DOORBELL_SET, for some reason it does not consider the status and looks at the result. However, the hypervisor does not update the result - it updates the status. This might cause VMCI doorbell not to be enabled, resulting in degraded performance. Fixes: 48e3d668b790 ("VMware balloon: Enable notification via VMCI") Cc: stable(a)vger.kernel.org Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com> Signed-off-by: Nadav Amit <namit(a)vmware.com> --- drivers/misc/vmw_balloon.c | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c index 60ab83d3d0ef..a7df4c24a28d 100644 --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -1036,29 +1036,30 @@ static void vmballoon_vmci_cleanup(struct vmballoon *b) */ static int vmballoon_vmci_init(struct vmballoon *b) { - int error = 0; + unsigned long error, dummy; - if ((b->capabilities & VMW_BALLOON_SIGNALLED_WAKEUP_CMD) != 0) { - error = vmci_doorbell_create(&b->vmci_doorbell, - VMCI_FLAG_DELAYED_CB, - VMCI_PRIVILEGE_FLAG_RESTRICTED, - vmballoon_doorbell, b); - - if (error == VMCI_SUCCESS) { - VMWARE_BALLOON_CMD(VMCI_DOORBELL_SET, - b->vmci_doorbell.context, - b->vmci_doorbell.resource, error); - STATS_INC(b->stats.doorbell_set); - } - } + if ((b->capabilities & VMW_BALLOON_SIGNALLED_WAKEUP_CMD) == 0) + return 0; - if (error != 0) { - vmballoon_vmci_cleanup(b); + error = vmci_doorbell_create(&b->vmci_doorbell, VMCI_FLAG_DELAYED_CB, + VMCI_PRIVILEGE_FLAG_RESTRICTED, + vmballoon_doorbell, b); - return -EIO; - } + if (error != VMCI_SUCCESS) + goto fail; + + error = VMWARE_BALLOON_CMD(VMCI_DOORBELL_SET, b->vmci_doorbell.context, + b->vmci_doorbell.resource, dummy); + + STATS_INC(b->stats.doorbell_set); + + if (error != VMW_BALLOON_SUCCESS) + goto fail; return 0; +fail: + vmballoon_vmci_cleanup(b); + return -EIO; } /* -- 2.17.0

7 years, 4 months

1
0
0 0

[PATCH v3 2/7] vmw_balloon: do not use 2MB without batching

by Nadav Amit

If the hypervisor sets 2MB batching is on, while batching is cleared, the balloon code breaks. In this case the legacy mechanism is used with 2MB page. The VM would report a 2MB page is ballooned, and the hypervisor would only take the first 4KB. While the hypervisor should not report such settings, make the code more robust by not enabling 2MB support without batching. Fixes: 365bd7ef7ec8e ("VMware balloon: Support 2m page ballooning.") Cc: stable(a)vger.kernel.org Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com> Signed-off-by: Nadav Amit <nadav.amit(a)gmail.com> --- drivers/misc/vmw_balloon.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c index 28e77ab1e136..60ab83d3d0ef 100644 --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -341,7 +341,13 @@ static bool vmballoon_send_start(struct vmballoon *b, unsigned long req_caps) success = false; } - if (b->capabilities & VMW_BALLOON_BATCHED_2M_CMDS) + /* + * 2MB pages are only supported with batching. If batching is for some + * reason disabled, do not use 2MB pages, since otherwise the legacy + * mechanism is used with 2MB pages, causing a failure. + */ + if ((b->capabilities & VMW_BALLOON_BATCHED_2M_CMDS) && + (b->capabilities & VMW_BALLOON_BATCHED_CMDS)) b->supported_page_sizes = 2; else b->supported_page_sizes = 1; -- 2.17.0

7 years, 4 months

1
0
0 0

[PATCH v3 1/7] vmw_balloon: fix inflation of 64-bit GFNs

by Nadav Amit

When balloon batching is not supported by the hypervisor, the guest frame number (GFN) must fit in 32-bit. However, due to a bug, this check was mistakenly ignored. In practice, when total RAM is greater than 16TB, the balloon does not work currently, making this bug unlikely to happen. Fixes: ef0f8f112984 ("VMware balloon: partially inline vmballoon_reserve_page.") Cc: stable(a)vger.kernel.org Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com> Signed-off-by: Nadav Amit <namit(a)vmware.com> --- drivers/misc/vmw_balloon.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c index efd733472a35..28e77ab1e136 100644 --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -450,7 +450,7 @@ static int vmballoon_send_lock_page(struct vmballoon *b, unsigned long pfn, pfn32 = (u32)pfn; if (pfn32 != pfn) - return -1; + return -EINVAL; STATS_INC(b->stats.lock[false]); @@ -460,7 +460,7 @@ static int vmballoon_send_lock_page(struct vmballoon *b, unsigned long pfn, pr_debug("%s - ppn %lx, hv returns %ld\n", __func__, pfn, status); STATS_INC(b->stats.lock_fail[false]); - return 1; + return -EIO; } static int vmballoon_send_batched_lock(struct vmballoon *b, @@ -597,11 +597,12 @@ static int vmballoon_lock_page(struct vmballoon *b, unsigned int num_pages, locked = vmballoon_send_lock_page(b, page_to_pfn(page), &hv_status, target); - if (locked > 0) { + if (locked) { STATS_INC(b->stats.refused_alloc[false]); - if (hv_status == VMW_BALLOON_ERROR_RESET || - hv_status == VMW_BALLOON_ERROR_PPN_NOTNEEDED) { + if (locked == -EIO && + (hv_status == VMW_BALLOON_ERROR_RESET || + hv_status == VMW_BALLOON_ERROR_PPN_NOTNEEDED)) { vmballoon_free_page(page, false); return -EIO; } @@ -617,7 +618,7 @@ static int vmballoon_lock_page(struct vmballoon *b, unsigned int num_pages, } else { vmballoon_free_page(page, false); } - return -EIO; + return locked; } /* track allocated page */ -- 2.17.0

7 years, 4 months

1
0
0 0

+ slub-fix-__kmem_cache_empty-for-config_slub_debug.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: slub: fix __kmem_cache_empty for !CONFIG_SLUB_DEBUG has been added to the -mm tree. Its filename is slub-fix-__kmem_cache_empty-for-config_slub_debug.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/slub-fix-__kmem_cache_empty-for-co… and later at http://ozlabs.org/~akpm/mmotm/broken-out/slub-fix-__kmem_cache_empty-for-co… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Shakeel Butt <shakeelb(a)google.com> Subject: slub: fix __kmem_cache_empty for !CONFIG_SLUB_DEBUG f9e13c0a5a33 ("slab, slub: skip unnecessary kasan_cache_shutdown()") causes crashes when using slub, as described at http://lkml.kernel.org/r/CAHmME9rtoPwxUSnktxzKso14iuVCWT7BE_-_8PAC=pGw1iJnQ… For !CONFIG_SLUB_DEBUG, SLUB does not maintain the number of slabs allocated per node for a kmem_cache. Thus, slabs_node() in __kmem_cache_empty() will always return 0. So, in such situation, it is required to check per-cpu slabs to make sure if a kmem_cache is empty or not. Please note that __kmem_cache_shutdown() and __kmem_cache_shrink() are not affected by !CONFIG_SLUB_DEBUG as they call flush_all() to clear per-cpu slabs. Link: http://lkml.kernel.org/r/20180619213352.71740-1-shakeelb@google.com Link: http://lkml.kernel.org/r/CAHmME9rtoPwxUSnktxzKso14iuVCWT7BE_-_8PAC=pGw1iJnQ… Fixes: f9e13c0a5a33 ("slab, slub: skip unnecessary kasan_cache_shutdown()") Signed-off-by: Shakeel Butt <shakeelb(a)google.com> Reported-by: Jason A. Donenfeld <Jason(a)zx2c4.com> Tested-by: Jason A. Donenfeld <Jason(a)zx2c4.com> Cc: Christoph Lameter <cl(a)linux.com> Cc: Pekka Enberg <penberg(a)kernel.org> Cc: David Rientjes <rientjes(a)google.com> Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/slub.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff -puN mm/slub.c~slub-fix-__kmem_cache_empty-for-config_slub_debug mm/slub.c --- a/mm/slub.c~slub-fix-__kmem_cache_empty-for-config_slub_debug +++ a/mm/slub.c @@ -3673,9 +3673,23 @@ static void free_partial(struct kmem_cac bool __kmem_cache_empty(struct kmem_cache *s) { - int node; + int cpu, node; struct kmem_cache_node *n; + /* + * slabs_node will always be 0 for !CONFIG_SLUB_DEBUG. So, manually + * check slabs for all cpus. + */ + if (!IS_ENABLED(CONFIG_SLUB_DEBUG)) { + for_each_online_cpu(cpu) { + struct kmem_cache_cpu *c; + + c = per_cpu_ptr(s->cpu_slab, cpu); + if (c->page || slub_percpu_partial(c)) + return false; + } + } + for_each_kmem_cache_node(s, node, n) if (n->nr_partial || slabs_node(s, node)) return false; _ Patches currently in -mm which might be from shakeelb(a)google.com are slub-fix-__kmem_cache_empty-for-config_slub_debug.patch

7 years, 4 months

1
0
0 0

[to-be-updated] mm-devm_memremap_pages-handle-errors-allocating-final-devres-action.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm, devm_memremap_pages: handle errors allocating final devres action has been removed from the -mm tree. Its filename was mm-devm_memremap_pages-handle-errors-allocating-final-devres-action.patch This patch was dropped because an updated version will be merged ------------------------------------------------------ From: Dan Williams <dan.j.williams(a)intel.com> Subject: mm, devm_memremap_pages: handle errors allocating final devres action The last step before devm_memremap_pages() returns success is to allocate a release action to tear the entire setup down. However, the result from devm_add_action() is not checked. Checking the error also means that we need to handle the fact that the percpu_ref may not be killed by the time devm_memremap_pages_release() runs. Add a new state flag for this case. Without this change we could fail to register the teardown of devm_memremap_pages(). The likelihood of hitting this failure is tiny as small memory allocations almost always succeed. However, the impact of the failure is large given any future reconfiguration, or disable/enable, of an nvdimm namespace will fail forever as subsequent calls to devm_memremap_pages() will fail to setup the pgmap_radix since there will be stale entries for the physical address range. Link: http://lkml.kernel.org/r/152694212460.5484.13180030631810166467.stgit@dwill… Fixes: e8d513483300 ("memremap: change devm_memremap_pages interface...") Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> Reviewed-by: Christoph Hellwig <hch(a)lst.de> Cc: "Jérôme Glisse" <jglisse(a)redhat.com> Cc: Logan Gunthorpe <logang(a)deltatee.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/memremap.h | 1 + kernel/memremap.c | 8 ++++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff -puN include/linux/memremap.h~mm-devm_memremap_pages-handle-errors-allocating-final-devres-action include/linux/memremap.h --- a/include/linux/memremap.h~mm-devm_memremap_pages-handle-errors-allocating-final-devres-action +++ a/include/linux/memremap.h @@ -115,6 +115,7 @@ struct dev_pagemap { dev_page_free_t page_free; struct vmem_altmap altmap; bool altmap_valid; + bool registered; struct resource res; struct percpu_ref *ref; struct device *dev; diff -puN kernel/memremap.c~mm-devm_memremap_pages-handle-errors-allocating-final-devres-action kernel/memremap.c --- a/kernel/memremap.c~mm-devm_memremap_pages-handle-errors-allocating-final-devres-action +++ a/kernel/memremap.c @@ -124,7 +124,7 @@ static void devm_memremap_pages_release( for_each_device_pfn(pfn, pgmap) put_page(pfn_to_page(pfn)); - if (percpu_ref_tryget_live(pgmap->ref)) { + if (pgmap->registered && percpu_ref_tryget_live(pgmap->ref)) { dev_WARN(dev, "%s: page mapping is still live!\n", __func__); percpu_ref_put(pgmap->ref); } @@ -246,7 +246,11 @@ void *devm_memremap_pages(struct device percpu_ref_get(pgmap->ref); } - devm_add_action(dev, devm_memremap_pages_release, pgmap); + error = devm_add_action_or_reset(dev, devm_memremap_pages_release, + pgmap); + if (error) + return ERR_PTR(error); + pgmap->registered = true; return __va(res->start); _ Patches currently in -mm which might be from dan.j.williams(a)intel.com are mm-hmm-use-devm-semantics-for-hmm_devmem_add-remove.patch mm-hmm-replace-hmm_devmem_pages_create-with-devm_memremap_pages.patch mm-hmm-mark-hmm_devmem_add-add_resource-export_symbol_gpl.patch

7 years, 4 months

1
0
0 0

[PATCH 4.4 1/2] Revert "Btrfs: fix scrub to repair raid6 corruption"

by Sasha Levin

This reverts commit 95b286daf7ba784191023ad110122703eb2ebabc. This commit used an incorrect log message. Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- fs/btrfs/raid56.c | 18 ++++-------------- fs/btrfs/volumes.c | 9 +-------- 2 files changed, 5 insertions(+), 22 deletions(-) diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c index b9fa99577bf7..1a33d3eb36de 100644 --- a/fs/btrfs/raid56.c +++ b/fs/btrfs/raid56.c @@ -2160,21 +2160,11 @@ int raid56_parity_recover(struct btrfs_root *root, struct bio *bio, } /* - * Loop retry: - * for 'mirror == 2', reconstruct from all other stripes. - * for 'mirror_num > 2', select a stripe to fail on every retry. + * reconstruct from the q stripe if they are + * asking for mirror 3 */ - if (mirror_num > 2) { - /* - * 'mirror == 3' is to fail the p stripe and - * reconstruct from the q stripe. 'mirror > 3' is to - * fail a data stripe and reconstruct from p+q stripe. - */ - rbio->failb = rbio->real_stripes - (mirror_num - 1); - ASSERT(rbio->failb > 0); - if (rbio->failb <= rbio->faila) - rbio->failb--; - } + if (mirror_num == 3) + rbio->failb = rbio->real_stripes - 2; ret = lock_stripe_add(rbio); diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c index b4d63a9842fa..ed75d70b4bc2 100644 --- a/fs/btrfs/volumes.c +++ b/fs/btrfs/volumes.c @@ -5056,14 +5056,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len) else if (map->type & BTRFS_BLOCK_GROUP_RAID5) ret = 2; else if (map->type & BTRFS_BLOCK_GROUP_RAID6) - /* - * There could be two corrupted data stripes, we need - * to loop retry in order to rebuild the correct data. - * - * Fail a stripe at a time on every retry except the - * stripe under reconstruction. - */ - ret = map->num_stripes; + ret = 3; else ret = 1; free_extent_map(em); -- 2.17.1

7 years, 4 months

2
5
0 0

[PATCH 4.4 1/2] Revert "Btrfs: fix scrub to repair raid6 corruption"

by Sasha Levin

This reverts commit 95b286daf7ba784191023ad110122703eb2ebabc. This commit used an incorrect log message. Reported-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- fs/btrfs/raid56.c | 18 ++++-------------- fs/btrfs/volumes.c | 9 +-------- 2 files changed, 5 insertions(+), 22 deletions(-) diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c index b9fa99577bf7..1a33d3eb36de 100644 --- a/fs/btrfs/raid56.c +++ b/fs/btrfs/raid56.c @@ -2160,21 +2160,11 @@ int raid56_parity_recover(struct btrfs_root *root, struct bio *bio, } /* - * Loop retry: - * for 'mirror == 2', reconstruct from all other stripes. - * for 'mirror_num > 2', select a stripe to fail on every retry. + * reconstruct from the q stripe if they are + * asking for mirror 3 */ - if (mirror_num > 2) { - /* - * 'mirror == 3' is to fail the p stripe and - * reconstruct from the q stripe. 'mirror > 3' is to - * fail a data stripe and reconstruct from p+q stripe. - */ - rbio->failb = rbio->real_stripes - (mirror_num - 1); - ASSERT(rbio->failb > 0); - if (rbio->failb <= rbio->faila) - rbio->failb--; - } + if (mirror_num == 3) + rbio->failb = rbio->real_stripes - 2; ret = lock_stripe_add(rbio); diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c index b4d63a9842fa..ed75d70b4bc2 100644 --- a/fs/btrfs/volumes.c +++ b/fs/btrfs/volumes.c @@ -5056,14 +5056,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len) else if (map->type & BTRFS_BLOCK_GROUP_RAID5) ret = 2; else if (map->type & BTRFS_BLOCK_GROUP_RAID6) - /* - * There could be two corrupted data stripes, we need - * to loop retry in order to rebuild the correct data. - * - * Fail a stripe at a time on every retry except the - * stripe under reconstruction. - */ - ret = map->num_stripes; + ret = 3; else ret = 1; free_extent_map(em); -- 2.17.1

7 years, 4 months

1
1
0 0

[PATCH 4.9 1/2] Revert "Btrfs: fix scrub to repair raid6 corruption"

by Sasha Levin

This reverts commit 186a6519dc94964a4c5c68fca482f20f71551f26. This commit used an incorrect log message. Reported-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- fs/btrfs/raid56.c | 18 ++++-------------- fs/btrfs/volumes.c | 9 +-------- 2 files changed, 5 insertions(+), 22 deletions(-) diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c index af6a776fa18c..d016d4a79864 100644 --- a/fs/btrfs/raid56.c +++ b/fs/btrfs/raid56.c @@ -2161,21 +2161,11 @@ int raid56_parity_recover(struct btrfs_root *root, struct bio *bio, } /* - * Loop retry: - * for 'mirror == 2', reconstruct from all other stripes. - * for 'mirror_num > 2', select a stripe to fail on every retry. + * reconstruct from the q stripe if they are + * asking for mirror 3 */ - if (mirror_num > 2) { - /* - * 'mirror == 3' is to fail the p stripe and - * reconstruct from the q stripe. 'mirror > 3' is to - * fail a data stripe and reconstruct from p+q stripe. - */ - rbio->failb = rbio->real_stripes - (mirror_num - 1); - ASSERT(rbio->failb > 0); - if (rbio->failb <= rbio->faila) - rbio->failb--; - } + if (mirror_num == 3) + rbio->failb = rbio->real_stripes - 2; ret = lock_stripe_add(rbio); diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c index 76017e1b3c0f..c2495cde26f6 100644 --- a/fs/btrfs/volumes.c +++ b/fs/btrfs/volumes.c @@ -5186,14 +5186,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len) else if (map->type & BTRFS_BLOCK_GROUP_RAID5) ret = 2; else if (map->type & BTRFS_BLOCK_GROUP_RAID6) - /* - * There could be two corrupted data stripes, we need - * to loop retry in order to rebuild the correct data. - * - * Fail a stripe at a time on every retry except the - * stripe under reconstruction. - */ - ret = map->num_stripes; + ret = 3; else ret = 1; free_extent_map(em); -- 2.17.1

7 years, 4 months

1
1
0 0

[PATCH 4.14 1/3] Revert "Btrfs: fix scrub to repair raid6 corruption"

by Sasha Levin

This reverts commit d91bb7c6988bd6450284c762b33f2e1ea3fe7c97. This commit used an incorrect log message. Reported-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- fs/btrfs/raid56.c | 18 ++++-------------- fs/btrfs/volumes.c | 9 +-------- 2 files changed, 5 insertions(+), 22 deletions(-) diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c index 2e995e565633..d1bda68a3386 100644 --- a/fs/btrfs/raid56.c +++ b/fs/btrfs/raid56.c @@ -2172,21 +2172,11 @@ int raid56_parity_recover(struct btrfs_fs_info *fs_info, struct bio *bio, } /* - * Loop retry: - * for 'mirror == 2', reconstruct from all other stripes. - * for 'mirror_num > 2', select a stripe to fail on every retry. + * reconstruct from the q stripe if they are + * asking for mirror 3 */ - if (mirror_num > 2) { - /* - * 'mirror == 3' is to fail the p stripe and - * reconstruct from the q stripe. 'mirror > 3' is to - * fail a data stripe and reconstruct from p+q stripe. - */ - rbio->failb = rbio->real_stripes - (mirror_num - 1); - ASSERT(rbio->failb > 0); - if (rbio->failb <= rbio->faila) - rbio->failb--; - } + if (mirror_num == 3) + rbio->failb = rbio->real_stripes - 2; ret = lock_stripe_add(rbio); diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c index 08afafb6ecf7..69bc37a87c5a 100644 --- a/fs/btrfs/volumes.c +++ b/fs/btrfs/volumes.c @@ -5110,14 +5110,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len) else if (map->type & BTRFS_BLOCK_GROUP_RAID5) ret = 2; else if (map->type & BTRFS_BLOCK_GROUP_RAID6) - /* - * There could be two corrupted data stripes, we need - * to loop retry in order to rebuild the correct data. - * - * Fail a stripe at a time on every retry except the - * stripe under reconstruction. - */ - ret = map->num_stripes; + ret = 3; else ret = 1; free_extent_map(em); -- 2.17.1

7 years, 4 months

1
2
0 0

[PATCH] Input elan_i2c_smbus - Fix more potential stack buffer overflows

by Ben Hutchings

Commit 40f7090bb1b4 ("Input: elan_i2c_smbus - fix corrupted stack") fixed most of the functions using i2c_smbus_read_block_data() to allocate a buffer with the maximum block size. However three functions were left unchanged: * In elan_smbus_initialize(), increase the buffer size in the same way. * In elan_smbus_calibrate_result(), the buffer is provided by the caller (calibrate_store()), so introduce a bounce buffer. Also name the result buffer size. * In elan_smbus_get_report(), the buffer is provided by the caller but happens to be the right length. Add a compile-time assertion to ensure this remains the case. Cc: <stable(a)vger.kernel.org> # 3.19+ Signed-off-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk> --- This is compile-tested only. Ben. drivers/input/mouse/elan_i2c.h | 2 ++ drivers/input/mouse/elan_i2c_core.c | 2 +- drivers/input/mouse/elan_i2c_smbus.c | 10 ++++++++-- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/drivers/input/mouse/elan_i2c.h b/drivers/input/mouse/elan_i2c.h index 599544c1a91c..243e0fa6e3e3 100644 --- a/drivers/input/mouse/elan_i2c.h +++ b/drivers/input/mouse/elan_i2c.h @@ -27,6 +27,8 @@ #define ETP_DISABLE_POWER 0x0001 #define ETP_PRESSURE_OFFSET 25 +#define ETP_CALIBRATE_MAX_LEN 3 + /* IAP Firmware handling */ #define ETP_PRODUCT_ID_FORMAT_STRING "%d.0" #define ETP_FW_NAME "elan_i2c_" ETP_PRODUCT_ID_FORMAT_STRING ".bin" diff --git a/drivers/input/mouse/elan_i2c_core.c b/drivers/input/mouse/elan_i2c_core.c index 75e757520ef0..d5f74dd7e23b 100644 --- a/drivers/input/mouse/elan_i2c_core.c +++ b/drivers/input/mouse/elan_i2c_core.c @@ -610,7 +610,7 @@ static ssize_t calibrate_store(struct device *dev, int tries = 20; int retval; int error; - u8 val[3]; + u8 val[ETP_CALIBRATE_MAX_LEN]; retval = mutex_lock_interruptible(&data->sysfs_mutex); if (retval) diff --git a/drivers/input/mouse/elan_i2c_smbus.c b/drivers/input/mouse/elan_i2c_smbus.c index cfcb32559925..c060d270bc4d 100644 --- a/drivers/input/mouse/elan_i2c_smbus.c +++ b/drivers/input/mouse/elan_i2c_smbus.c @@ -56,7 +56,7 @@ static int elan_smbus_initialize(struct i2c_client *client) { u8 check[ETP_SMBUS_HELLOPACKET_LEN] = { 0x55, 0x55, 0x55, 0x55, 0x55 }; - u8 values[ETP_SMBUS_HELLOPACKET_LEN] = { 0, 0, 0, 0, 0 }; + u8 values[I2C_SMBUS_BLOCK_MAX] = {0}; int len, error; /* Get hello packet */ @@ -117,12 +117,16 @@ static int elan_smbus_calibrate(struct i2c_client *client) static int elan_smbus_calibrate_result(struct i2c_client *client, u8 *val) { int error; + u8 buf[I2C_SMBUS_BLOCK_MAX] = {0}; + + BUILD_BUG_ON(ETP_CALIBRATE_MAX_LEN > sizeof(buf)); error = i2c_smbus_read_block_data(client, - ETP_SMBUS_CALIBRATE_QUERY, val); + ETP_SMBUS_CALIBRATE_QUERY, buf); if (error < 0) return error; + memcpy(val, buf, ETP_CALIBRATE_MAX_LEN); return 0; } @@ -472,6 +476,8 @@ static int elan_smbus_get_report(struct i2c_client *client, u8 *report) { int len; + BUILD_BUG_ON(I2C_SMBUS_BLOCK_MAX > ETP_SMBUS_REPORT_LEN); + len = i2c_smbus_read_block_data(client, ETP_SMBUS_PACKET_QUERY, &report[ETP_SMBUS_REPORT_OFFSET]); -- Ben Hutchings, Software Developer Codethink Ltd https://www.codethink.co.uk/ Dale House, 35 Dale Street Manchester, M1 2HF, United Kingdom

7 years, 4 months

3
2
0 0

[PATCH 4.4, 4.9] ipv4: Fix error return value in fib_convert_metrics()

by Ben Hutchings

The validation code modified by commit 5b5e7a0de2bb ("net: metrics: add proper netlink validation") is organised differently in older kernel versions. The fib_convert_metrics() function that is modified in the backports to 4.4 and 4.9 needs to returns an error code, not a success flag. Signed-off-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk> --- net/ipv4/fib_semantics.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv4/fib_semantics.c b/net/ipv4/fib_semantics.c index 9d144cbd4e62..03ebff3950d8 100644 --- a/net/ipv4/fib_semantics.c +++ b/net/ipv4/fib_semantics.c @@ -980,7 +980,7 @@ fib_convert_metrics(struct fib_info *fi, const struct fib_config *cfg) return -EINVAL; } else { if (nla_len(nla) != sizeof(u32)) - return false; + return -EINVAL; val = nla_get_u32(nla); } if (type == RTAX_ADVMSS && val > 65535 - 40) -- Ben Hutchings, Software Developer Codethink Ltd https://www.codethink.co.uk/ Dale House, 35 Dale Street Manchester, M1 2HF, United Kingdom

7 years, 4 months

1
0
0 0

[PATCH] net: ethernet: fix suspend/resume in davinci_emac

by Bartosz Golaszewski

From: Bartosz Golaszewski <bgolaszewski(a)baylibre.com> This patch reverts commit 3243ff2a05ec ("net: ethernet: davinci_emac: Deduplicate bus_find_device() by name matching") and adds a comment which should stop anyone from reintroducing the same "fix" in the future. We can't use bus_find_device_by_name() here because the device name is not guaranteed to be 'davinci_mdio'. On some systems it can be 'davinci_mdio.0' so we need to use strncmp() against the first part of the string to correctly match it. Fixes: 3243ff2a05ec ("net: ethernet: davinci_emac: Deduplicate bus_find_device() by name matching") Cc: stable(a)vger.kernel.org Signed-off-by: Bartosz Golaszewski <bgolaszewski(a)baylibre.com> --- drivers/net/ethernet/ti/davinci_emac.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/ti/davinci_emac.c b/drivers/net/ethernet/ti/davinci_emac.c index 06d7c9e4dcda..a1a6445b5a7e 100644 --- a/drivers/net/ethernet/ti/davinci_emac.c +++ b/drivers/net/ethernet/ti/davinci_emac.c @@ -1385,6 +1385,11 @@ static int emac_devioctl(struct net_device *ndev, struct ifreq *ifrq, int cmd) return -EOPNOTSUPP; } +static int match_first_device(struct device *dev, void *data) +{ + return !strncmp(dev_name(dev), "davinci_mdio", 12); +} + /** * emac_dev_open - EMAC device open * @ndev: The DaVinci EMAC network adapter @@ -1484,8 +1489,14 @@ static int emac_dev_open(struct net_device *ndev) /* use the first phy on the bus if pdata did not give us a phy id */ if (!phydev && !priv->phy_id) { - phy = bus_find_device_by_name(&mdio_bus_type, NULL, - "davinci_mdio"); + /* NOTE: we can't use bus_find_device_by_name() here because + * the device name is not guaranteed to be 'davinci_mdio'. On + * some systems it can be 'davinci_mdio.0' so we need to use + * strncmp() against the first part of the string to correctly + * match it. + */ + phy = bus_find_device(&mdio_bus_type, NULL, NULL, + match_first_device); if (phy) { priv->phy_id = dev_name(phy); if (!priv->phy_id || !*priv->phy_id) -- 2.17.1

7 years, 4 months

2
2
0 0

[PATCH v3 0/8] mm: Rework hmm to use devm_memremap_pages and other fixes

by Dan Williams

Changes since v2 [1]: * Rebased on v4.18-rc1 * Collect Logan's reviewed-by for "mm, devm_memremap_pages: Add MEMORY_DEVICE_PRIVATE support" * Convert __put_devmap_managed_page and devmap_managed_key to EXPORT_SYMBOL otherwise put_page() becomes limited to GPL-only modules. * Clarify some of the changelogs. [1]: https://lkml.org/lkml/2018/5/23/24 --- Hi Andrew, here's v3 to replace these 5 currently in mm: mm-devm_memremap_pages-mark-devm_memremap_pages-export_symbol_gpl.patch mm-devm_memremap_pages-handle-errors-allocating-final-devres-action.patch mm-hmm-use-devm-semantics-for-hmm_devmem_add-remove.patch mm-hmm-replace-hmm_devmem_pages_create-with-devm_memremap_pages.patch mm-hmm-mark-hmm_devmem_add-add_resource-export_symbol_gpl.patch For maintainability, as ZONE_DEVICE continues to attract new users, it is useful to keep all users consolidated on devm_memremap_pages() as the interface for create "device pages". The devm_memremap_pages() implementation was recently reworked to make it more generic for arbitrary users, like the proposed peer-to-peer PCI-E enabling. HMM pre-dated this rework and opted to duplicate devm_memremap_pages() as hmm_devmem_pages_create(). Rework HMM to be a consumer of devm_memremap_pages() directly and fix up the licensing on the exports given the deep dependencies on the mm. Patches based on v4.18-rc1 where there are no upstream consumers of the HMM functionality. --- Dan Williams (8): mm, devm_memremap_pages: Mark devm_memremap_pages() EXPORT_SYMBOL_GPL mm, devm_memremap_pages: Kill mapping "System RAM" support mm, devm_memremap_pages: Fix shutdown handling mm, devm_memremap_pages: Add MEMORY_DEVICE_PRIVATE support mm, hmm: Use devm semantics for hmm_devmem_{add,remove} mm, hmm: Replace hmm_devmem_pages_create() with devm_memremap_pages() mm, hmm: Mark hmm_devmem_{add,add_resource} EXPORT_SYMBOL_GPL mm: Fix exports that inadvertently make put_page() EXPORT_SYMBOL_GPL drivers/dax/pmem.c | 10 - drivers/nvdimm/pmem.c | 18 +- include/linux/hmm.h | 4 include/linux/memremap.h | 7 + kernel/memremap.c | 89 +++++++---- mm/hmm.c | 307 +++++-------------------------------- tools/testing/nvdimm/test/iomap.c | 21 ++- 7 files changed, 132 insertions(+), 324 deletions(-)

7 years, 4 months

2
2
0 0

[PATCH v2] target: fix truncated PR-in ReadKeys response

by David Disseldorp

SPC5r17 states that the contents of the ADDITIONAL LENGTH field are not altered based on the allocation length, so always calculate and pack the full key list length even if the list itself is truncated. According to Maged: Yes it fixes the "Storage Spaces Persistent Reservation" test in the Windows 2016 Server Failover Cluster validation suites when having many connections that result in more than 8 registrations. I tested your patch on 4.17 with iblock. This behaviour can be tested using the libiscsi PrinReadKeys.Truncate test. Cc: stable(a)vger.kernel.org Signed-off-by: David Disseldorp <ddiss(a)suse.de> Reviewed-by: Mike Christie <mchristi(a)redhat.com> Tested-by: Maged Mokhtar <mmokhtar(a)petasan.org> --- drivers/target/target_core_pr.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) Changes since v1: * CC stable * mention Maged's Windows PR test fix comment in commit message * add Reviewed-by and Tested-by tags diff --git a/drivers/target/target_core_pr.c b/drivers/target/target_core_pr.c index 01ac306131c1..2e865fdaa362 100644 --- a/drivers/target/target_core_pr.c +++ b/drivers/target/target_core_pr.c @@ -3727,11 +3727,16 @@ core_scsi3_pri_read_keys(struct se_cmd *cmd) * Check for overflow of 8byte PRI READ_KEYS payload and * next reservation key list descriptor. */ - if ((add_len + 8) > (cmd->data_length - 8)) - break; - - put_unaligned_be64(pr_reg->pr_res_key, &buf[off]); - off += 8; + if ((off + 8) <= cmd->data_length) { + put_unaligned_be64(pr_reg->pr_res_key, &buf[off]); + off += 8; + } + /* + * SPC5r17: 6.16.2 READ KEYS service action + * The ADDITIONAL LENGTH field indicates the number of bytes in + * the Reservation key list. The contents of the ADDITIONAL + * LENGTH field are not altered based on the allocation length + */ add_len += 8; } spin_unlock(&dev->t10_pr.registration_lock); -- 2.13.6

7 years, 4 months

2
1
0 0

[PATCH 4.4 00/24] 4.4.137-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.137 release. There are 24 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Jun 14 16:48:07 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.137-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.137-rc1 Eric Dumazet <edumazet(a)google.com> net: metrics: add proper netlink validation Florian Fainelli <f.fainelli(a)gmail.com> net: phy: broadcom: Fix bcm_write_exp() Eric Dumazet <edumazet(a)google.com> rtnetlink: validate attributes in do_setlink() Dan Carpenter <dan.carpenter(a)oracle.com> team: use netdev_features_t instead of u32 Jack Morgenstein <jackm(a)dev.mellanox.co.il> net/mlx4: Fix irq-unsafe spinlock usage Shahed Shaikh <shahed.shaikh(a)cavium.com> qed: Fix mask for physical address in ILT entry Willem de Bruijn <willemb(a)google.com> packet: fix reserve calculation Daniele Palmas <dnlplm(a)gmail.com> net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Eric Dumazet <edumazet(a)google.com> net/packet: refine check for priv area size Cong Wang <xiyou.wangcong(a)gmail.com> netdev-FAQ: clarify DaveM's position for stable backports Wenwen Wang <wang6495(a)umn.edu> isdn: eicon: fix a missing-check bug Willem de Bruijn <willemb(a)google.com> ipv4: remove warning in ip_recv_error Sabrina Dubroca <sd(a)queasysnail.net> ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Govindarajulu Varadarajan <gvaradar(a)cisco.com> enic: set DMA mask to 47 bit Alexey Kodanev <alexey.kodanev(a)oracle.com> dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() Julia Lawall <Julia.Lawall(a)lip6.fr> bnx2x: use the right constant Stefan Wahren <stefan.wahren(a)i2se.com> brcmfmac: Fix check for ISO3166 code Dave Airlie <airlied(a)redhat.com> drm: set FMODE_UNSIGNED_OFFSET for drm files Amir Goldstein <amir73il(a)gmail.com> xfs: fix incorrect log_flushed on fsync Nathan Chancellor <natechancellor(a)gmail.com> kconfig: Avoid format overflow warning from GCC 8.1 Linus Torvalds <torvalds(a)linux-foundation.org> mmap: relax file size limit for regular files Linus Torvalds <torvalds(a)linux-foundation.org> mmap: introduce sane default mmap limits Chris Chiu <chiu(a)endlessm.com> tpm: self test failure should not cause suspend to fail Enric Balletbo i Serra <enric.balletbo(a)collabora.com> tpm: do not suspend/resume if power stays on ------------- Diffstat: Documentation/networking/netdev-FAQ.txt | 9 ++++++ Makefile | 4 +-- drivers/char/tpm/tpm-chip.c | 13 +++++++++ drivers/char/tpm/tpm-interface.c | 7 +++++ drivers/char/tpm/tpm.h | 1 + drivers/gpu/drm/drm_fops.c | 1 + drivers/isdn/hardware/eicon/diva.c | 22 ++++++++++----- drivers/isdn/hardware/eicon/diva.h | 5 ++-- drivers/isdn/hardware/eicon/divasmain.c | 18 +++++++----- drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +- drivers/net/ethernet/cisco/enic/enic_main.c | 8 +++--- drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +-- drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 +- drivers/net/phy/bcm-cygnus.c | 6 ++-- drivers/net/phy/bcm-phy-lib.h | 7 +++++ drivers/net/phy/bcm7xxx.c | 4 +-- drivers/net/team/team.c | 3 +- drivers/net/usb/cdc_mbim.c | 2 +- drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c | 2 +- fs/xfs/xfs_log.c | 7 ----- mm/mmap.c | 32 ++++++++++++++++++++++ net/core/rtnetlink.c | 8 +++--- net/dccp/proto.c | 2 -- net/ipv4/fib_semantics.c | 2 ++ net/ipv4/ip_sockglue.c | 2 -- net/ipv6/ip6mr.c | 3 +- net/packet/af_packet.c | 4 +-- scripts/kconfig/confdata.c | 2 +- 28 files changed, 129 insertions(+), 53 deletions(-)

7 years, 4 months

9
39
0 0

[PATCH v4 2/2] drm/rockchip: vop: fix irq disabled after vop driver probed

by Heiko Stuebner

From: Sandy Huang <hjc(a)rock-chips.com> The vop irq is shared between vop and iommu and irq probing in the iommu driver moved to the probe function recently. This can in some cases lead to a stall if the irq is triggered while the vop driver still has it disabled, but the vop irq handler gets called. But there is no real need to disable the irq, as the vop can simply also track its enabled state and ignore irqs in that case. For this we can simply check the power-domain state of the vop, similar to how the iommu driver does it. So remove the enable/disable handling and add appropriate condition to the irq handler. changes in v2: - move to just check the power-domain state - add clock handling changes in v3: - clarify comment to speak of runtime-pm not power-domain changes in v4: - address Marc's comments (clk-enable WARN_ON and style improvement) Fixes: d0b912bd4c23 ("iommu/rockchip: Request irqs in rk_iommu_probe()") Cc: stable(a)vger.kernel.org Signed-off-by: Sandy Huang <hjc(a)rock-chips.com> Signed-off-by: Heiko Stuebner <heiko(a)sntech.de> Tested-by: Ezequiel Garcia <ezequiel(a)collabora.com> --- drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 25 ++++++++++++++------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c index 9a1f272e41c7..d105e984cf09 100644 --- a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c +++ b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c @@ -573,8 +573,6 @@ static int vop_enable(struct drm_crtc *crtc) spin_unlock(&vop->reg_lock); - enable_irq(vop->irq); - drm_crtc_vblank_on(crtc); return 0; @@ -618,8 +616,6 @@ static void vop_crtc_atomic_disable(struct drm_crtc *crtc, vop_dsp_hold_valid_irq_disable(vop); - disable_irq(vop->irq); - vop->is_enabled = false; /* @@ -1195,6 +1191,18 @@ static irqreturn_t vop_isr(int irq, void *data) uint32_t active_irqs; int ret = IRQ_NONE; + /* + * The irq is shared with the iommu. If the runtime-pm state of the + * vop-device is disabled the irq has to be targetted at the iommu. + */ + if (!pm_runtime_get_if_in_use(vop->dev)) + return IRQ_NONE; + + if (vop_core_clks_enable(vop)) { + DRM_DEV_ERROR_RATELIMITED(vop->dev, "couldn't enable clocks\n"); + goto out; + } + /* * interrupt register has interrupt status, enable and clear bits, we * must hold irq_lock to avoid a race with enable/disable_vblank(). @@ -1210,7 +1218,7 @@ static irqreturn_t vop_isr(int irq, void *data) /* This is expected for vop iommu irqs, since the irq is shared */ if (!active_irqs) - return IRQ_NONE; + goto out_disable; if (active_irqs & DSP_HOLD_VALID_INTR) { complete(&vop->dsp_hold_completion); @@ -1236,6 +1244,10 @@ static irqreturn_t vop_isr(int irq, void *data) DRM_DEV_ERROR(vop->dev, "Unknown VOP IRQs: %#02x\n", active_irqs); +out_disable: + vop_core_clks_disable(vop); +out: + pm_runtime_put(vop->dev); return ret; } @@ -1614,9 +1626,6 @@ static int vop_bind(struct device *dev, struct device *master, void *data) if (ret) goto err_disable_pm_runtime; - /* IRQ is initially disabled; it gets enabled in power_on */ - disable_irq(vop->irq); - return 0; err_disable_pm_runtime: -- 2.17.0

7 years, 4 months

3
3
0 0

[PATCH v2 5/8] mpt3sas: Fix _transport_smp_handler() error path

by Bart Van Assche

This patch avoids that smatch complains about a double unlock on ioc->transport_cmds.mutex. Fixes: 651a01364994 ("scsi: scsi_transport_sas: switch to bsg-lib for SMP passthrough") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Sathya Prakash <sathya.prakash(a)broadcom.com> Cc: Chaitra P B <chaitra.basappa(a)broadcom.com> Cc: Suganath Prabu Subramani <suganath-prabu.subramani(a)broadcom.com> Cc: stable(a)vger.kernel.org --- drivers/scsi/mpt3sas/mpt3sas_transport.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/scsi/mpt3sas/mpt3sas_transport.c b/drivers/scsi/mpt3sas/mpt3sas_transport.c index 05d506d78c66..f4b02dd7f6cf 100644 --- a/drivers/scsi/mpt3sas/mpt3sas_transport.c +++ b/drivers/scsi/mpt3sas/mpt3sas_transport.c @@ -1936,12 +1936,12 @@ _transport_smp_handler(struct bsg_job *job, struct Scsi_Host *shost, pr_info(MPT3SAS_FMT "%s: host reset in progress!\n", __func__, ioc->name); rc = -EFAULT; - goto out; + goto job_done; } rc = mutex_lock_interruptible(&ioc->transport_cmds.mutex); if (rc) - goto out; + goto job_done; if (ioc->transport_cmds.status != MPT3_CMD_NOT_USED) { pr_err(MPT3SAS_FMT "%s: transport_cmds in use\n", ioc->name, @@ -2066,6 +2066,7 @@ _transport_smp_handler(struct bsg_job *job, struct Scsi_Host *shost, out: ioc->transport_cmds.status = MPT3_CMD_NOT_USED; mutex_unlock(&ioc->transport_cmds.mutex); +job_done: bsg_job_done(job, rc, reslen); } -- 2.17.0

7 years, 4 months

2
1
0 0

[PATCH 1/6] dm: use bio_split() when splitting out the already processed bio

by Christoph Hellwig

From: Mike Snitzer <snitzer(a)redhat.com> Use of bio_clone_bioset() is inefficient if there is no need to clone the original bio's bio_vec array. Best to use the bio_clone_fast() variant. Also, just using bio_advance() is only part of what is needed to properly setup the clone -- it doesn't account for the various bio_integrity() related work that also needs to be performed (see bio_split). Address both of these issues by switching from bio_clone_bioset() to bio_split(). Fixes: 18a25da8 ("dm: ensure bio submission follows a depth-first tree walk") Cc: stable(a)vger.kernel.org # 4.15+, requires removal of '&' before md->queue->bio_split Reported-by: Christoph Hellwig <hch(a)lst.de> Reviewed-by: NeilBrown <neilb(a)suse.com> Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> --- drivers/md/dm.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/drivers/md/dm.c b/drivers/md/dm.c index e65429a29c06..a3b103e8e3ce 100644 --- a/drivers/md/dm.c +++ b/drivers/md/dm.c @@ -1606,10 +1606,9 @@ static blk_qc_t __split_and_process_bio(struct mapped_device *md, * the usage of io->orig_bio in dm_remap_zone_report() * won't be affected by this reassignment. */ - struct bio *b = bio_clone_bioset(bio, GFP_NOIO, - &md->queue->bio_split); + struct bio *b = bio_split(bio, bio_sectors(bio) - ci.sector_count, + GFP_NOIO, &md->queue->bio_split); ci.io->orig_bio = b; - bio_advance(bio, (bio_sectors(bio) - ci.sector_count) << 9); bio_chain(b, bio); ret = generic_make_request(bio); break; -- 2.17.1

7 years, 4 months

1
0
0 0

Re: Patch "powerpc/trace/syscalls: Update syscall name matching logic" has been added to the 3.18-stable tree

by Naveen N. Rao

gregkh(a)linuxfoundation.org wrote: > > This is a note to let you know that I've just added the patch titled > > powerpc/trace/syscalls: Update syscall name matching logic > > to the 3.18-stable tree which can be found at: > http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… > > The filename of the patch is: > powerpc-trace-syscalls-update-syscall-name-matching-logic.patch > and it can be found in the queue-3.18 subdirectory. > > If you, or anyone else, feels it should not be added to the stable tree, > please let <stable(a)vger.kernel.org> know about it. Please drop this patch from v3.18 as this depends on commit e145242ea0df6, which I don't see backported to v3.18. Thanks, Naveen > > > From foo@baz Sun Jun 17 13:19:44 CEST 2018 > From: "Naveen N. Rao" <naveen.n.rao(a)linux.vnet.ibm.com> > Date: Fri, 4 May 2018 18:44:24 +0530 > Subject: powerpc/trace/syscalls: Update syscall name matching logic > > From: "Naveen N. Rao" <naveen.n.rao(a)linux.vnet.ibm.com> > > [ Upstream commit 0b7758aaf6543b9a10c8671db559e9d374a3fd95 ] > > On powerpc64 ABIv1, we are enabling syscall tracing for only ~20 > syscalls. This is due to commit e145242ea0df6 ("syscalls/core, > syscalls/x86: Clean up syscall stub naming convention") which has > changed the syscall entry wrapper prefix from "SyS" to "__se_sys". > > Update the logic for ABIv1 to not just skip the initial dot, but also > the "__se_sys" prefix. > > Fixes: commit e145242ea0df6 ("syscalls/core, syscalls/x86: Clean up > syscall stub naming convention") > Reported-by: Michael Ellerman <mpe(a)ellerman.id.au> > Signed-off-by: Naveen N. Rao <naveen.n.rao(a)linux.vnet.ibm.com> > Signed-off-by: Michael Ellerman <mpe(a)ellerman.id.au> > Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> > Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> > --- > arch/powerpc/include/asm/ftrace.h | 10 +++------- > 1 file changed, 3 insertions(+), 7 deletions(-) > > --- a/arch/powerpc/include/asm/ftrace.h > +++ b/arch/powerpc/include/asm/ftrace.h > @@ -65,13 +65,9 @@ struct dyn_arch_ftrace { > #define ARCH_HAS_SYSCALL_MATCH_SYM_NAME > static inline bool arch_syscall_match_sym_name(const char *sym, const char *name) > { > - /* > - * Compare the symbol name with the system call name. Skip the .sys or .SyS > - * prefix from the symbol name and the sys prefix from the system call name and > - * just match the rest. This is only needed on ppc64 since symbol names on > - * 32bit do not start with a period so the generic function will work. > - */ > - return !strcmp(sym + 4, name + 3); > + /* We need to skip past the initial dot, and the __se_sys alias */ > + return !strcmp(sym + 1, name) || > + (!strncmp(sym, ".__se_sys", 9) && !strcmp(sym + 6, name)); > } > #endif > #endif /* CONFIG_FTRACE_SYSCALLS && CONFIG_PPC64 && !__ASSEMBLY__ */ > > > Patches currently in stable-queue which might be from naveen.n.rao(a)linux.vnet.ibm.com are > > queue-3.18/powerpc-trace-syscalls-update-syscall-name-matching-logic.patch > >

7 years, 4 months

1
0
0 0

[PATCH] scsi: scsi_debug: Fix memory leak on module unload

by Luis Henriques

Since commit 80c49563e250 ("scsi: scsi_debug: implement IMMED bit") there are long delays in F_SYNC_DELAY and F_SSU_DELAY. This can cause a memory leak in schedule_resp(), which can be invoked while unloading the scsi_debug module: free_all_queued() had already freed all sd_dp and schedule_resp will alloc a new one, which will never get freed. Here's the kmemleak report while running xfstests generic/350: unreferenced object 0xffff88007d752b00 (size 128): comm "rmmod", pid 26940, jiffies 4295816945 (age 7.588s) hex dump (first 32 bytes): 00 2b 75 7d 00 88 ff ff 00 00 00 00 00 00 00 00 .+u}............ 00 00 00 00 00 00 00 00 8e 31 a2 34 5f 03 00 00 .........1.4_... backtrace: [<000000002abd83d0>] 0xffffffffa000705e [<000000004c063fda>] scsi_dispatch_cmd+0xc7/0x1a0 [<000000000c119a00>] scsi_request_fn+0x251/0x550 [<000000009de0c736>] __blk_run_queue+0x3f/0x60 [<000000001c4453c8>] blk_execute_rq_nowait+0x98/0xd0 [<00000000d17ec79f>] blk_execute_rq+0x3a/0x50 [<00000000a7654b6e>] scsi_execute+0x113/0x250 [<00000000fd78f7cd>] sd_sync_cache+0x95/0x160 [<0000000024dacb14>] sd_shutdown+0x9b/0xd0 [<00000000e9101710>] sd_remove+0x5f/0xb0 [<00000000c43f0d63>] device_release_driver_internal+0x13c/0x1f0 [<00000000e8ad57b6>] bus_remove_device+0xe9/0x160 [<00000000713a7b8a>] device_del+0x120/0x320 [<00000000e5db670c>] __scsi_remove_device+0x115/0x150 [<00000000eccbef30>] scsi_forget_host+0x20/0x60 [<00000000cd5a0738>] scsi_remove_host+0x6d/0x120 Cc: stable(a)vger.kernel.org Signed-off-by: Luis Henriques <lhenriques(a)suse.com> --- drivers/scsi/scsi_debug.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/scsi/scsi_debug.c b/drivers/scsi/scsi_debug.c index 24d7496cd9e2..364e71861bfd 100644 --- a/drivers/scsi/scsi_debug.c +++ b/drivers/scsi/scsi_debug.c @@ -5507,9 +5507,9 @@ static void __exit scsi_debug_exit(void) int k = sdebug_add_host; stop_all_queued(); - free_all_queued(); for (; k; k--) sdebug_remove_adapter(); + free_all_queued(); driver_unregister(&sdebug_driverfs_driver); bus_unregister(&pseudo_lld_bus); root_device_unregister(pseudo_primary);

7 years, 4 months

3
2
0 0

+ x86-e820-put-e820_type_ram-regions-into-memblockreserved.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: x86/e820: put !E820_TYPE_RAM regions into memblock.reserved has been added to the -mm tree. Its filename is x86-e820-put-e820_type_ram-regions-into-memblockreserved.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/x86-e820-put-e820_type_ram-regions… and later at http://ozlabs.org/~akpm/mmotm/broken-out/x86-e820-put-e820_type_ram-regions… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Subject: x86/e820: put !E820_TYPE_RAM regions into memblock.reserved There is a kernel panic that is triggered when reading /proc/kpageflags on the kernel booted with kernel parameter 'memmap=nn[KMG]!ss[KMG]': BUG: unable to handle kernel paging request at fffffffffffffffe PGD 9b20e067 P4D 9b20e067 PUD 9b210067 PMD 0 Oops: 0000 [#1] SMP PTI CPU: 2 PID: 1728 Comm: page-types Not tainted 4.17.0-rc6-mm1-v4.17-rc6-180605-0816-00236-g2dfb086ef02c+ #160 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.fc28 04/01/2014 RIP: 0010:stable_page_flags+0x27/0x3c0 Code: 00 00 00 0f 1f 44 00 00 48 85 ff 0f 84 a0 03 00 00 41 54 55 49 89 fc 53 48 8b 57 08 48 8b 2f 48 8d 42 ff 83 e2 01 48 0f 44 c7 <48> 8b 00 f6 c4 01 0f 84 10 03 00 00 31 db 49 8b 54 24 08 4c 89 e7 RSP: 0018:ffffbbd44111fde0 EFLAGS: 00010202 RAX: fffffffffffffffe RBX: 00007fffffffeff9 RCX: 0000000000000000 RDX: 0000000000000001 RSI: 0000000000000202 RDI: ffffed1182fff5c0 RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000000000000001 R10: ffffbbd44111fed8 R11: 0000000000000000 R12: ffffed1182fff5c0 R13: 00000000000bffd7 R14: 0000000002fff5c0 R15: ffffbbd44111ff10 FS: 00007efc4335a500(0000) GS:ffff93a5bfc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: fffffffffffffffe CR3: 00000000b2a58000 CR4: 00000000001406e0 Call Trace: kpageflags_read+0xc7/0x120 proc_reg_read+0x3c/0x60 __vfs_read+0x36/0x170 vfs_read+0x89/0x130 ksys_pread64+0x71/0x90 do_syscall_64+0x5b/0x160 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7efc42e75e23 Code: 09 00 ba 9f 01 00 00 e8 ab 81 f4 ff 66 2e 0f 1f 84 00 00 00 00 00 90 83 3d 29 0a 2d 00 00 75 13 49 89 ca b8 11 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 db d3 01 00 48 89 04 24 According to kernel bisection, this problem became visible due to commit f7f99100d8d9 ("mm: stop zeroing memory during allocation in vmemmap") which changes how struct pages are initialized. Memblock layout affects the pfn ranges covered by node/zone. Consider that we have a VM with 2 NUMA nodes and each node has 4GB memory, and the default (no memmap= given) memblock layout is like below: MEMBLOCK configuration: memory size = 0x00000001fff75c00 reserved size = 0x000000000300c000 memory.cnt = 0x4 memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0 memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0 memory[0x2] [0x0000000100000000-0x000000013fffffff], 0x0000000040000000 bytes on node 0 flags: 0x0 memory[0x3] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0 ... If you give memmap=1G!4G (so it just covers memory[0x2]), the range [0x100000000-0x13fffffff] is gone: MEMBLOCK configuration: memory size = 0x00000001bff75c00 reserved size = 0x000000000300c000 memory.cnt = 0x3 memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0 memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0 memory[0x2] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0 ... This causes shrinking node 0's pfn range because it is calculated by the address range of memblock.memory. So some of struct pages in the gap range are left uninitialized. We have a function zero_resv_unavail() which does zeroing the struct pages within the reserved unavailable range (i.e. memblock.memory && !memblock.reserved). This patch utilizes it to cover all unavailable ranges by putting them into memblock.reserved. Link: http://lkml.kernel.org/r/20180615072947.GB23273@hori1.linux.bs1.fc.nec.co.jp Fixes: f7f99100d8d9 ("mm: stop zeroing memory during allocation in vmemmap") Signed-off-by: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Tested-by: Oscar Salvador <osalvador(a)suse.de> Acked-by: Michal Hocko <mhocko(a)suse.com> Reviewed-by: Pavel Tatashin <pasha.tatashin(a)oracle.com> Cc: Steven Sistare <steven.sistare(a)oracle.com> Cc: Daniel Jordan <daniel.m.jordan(a)oracle.com> Cc: Matthew Wilcox <willy(a)infradead.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- arch/x86/kernel/e820.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff -puN arch/x86/kernel/e820.c~x86-e820-put-e820_type_ram-regions-into-memblockreserved arch/x86/kernel/e820.c --- a/arch/x86/kernel/e820.c~x86-e820-put-e820_type_ram-regions-into-memblockreserved +++ a/arch/x86/kernel/e820.c @@ -1248,6 +1248,7 @@ void __init e820__memblock_setup(void) { int i; u64 end; + u64 addr = 0; /* * The bootstrap memblock region count maximum is 128 entries @@ -1264,13 +1265,21 @@ void __init e820__memblock_setup(void) struct e820_entry *entry = &e820_table->entries[i]; end = entry->addr + entry->size; + if (addr < entry->addr) + memblock_reserve(addr, entry->addr - addr); + addr = end; if (end != (resource_size_t)end) continue; + /* + * all !E820_TYPE_RAM ranges (including gap ranges) are put + * into memblock.reserved to make sure that struct pages in + * such regions are not left uninitialized after bootup. + */ if (entry->type != E820_TYPE_RAM && entry->type != E820_TYPE_RESERVED_KERN) - continue; - - memblock_add(entry->addr, entry->size); + memblock_reserve(entry->addr, entry->size); + else + memblock_add(entry->addr, entry->size); } /* Throw away partial pages: */ _ Patches currently in -mm which might be from n-horiguchi(a)ah.jp.nec.com are x86-e820-put-e820_type_ram-regions-into-memblockreserved.patch

7 years, 4 months

1
0
0 0

[to-be-updated] mm-zero-remaining-unavailable-struct-pages.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: zero remaining unavailable struct pages has been removed from the -mm tree. Its filename was mm-zero-remaining-unavailable-struct-pages.patch This patch was dropped because an updated version will be merged ------------------------------------------------------ From: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Subject: mm: zero remaining unavailable struct pages There is a kernel panic that is triggered when reading /proc/kpageflags on the kernel booted with kernel parameter 'memmap=nn[KMG]!ss[KMG]': BUG: unable to handle kernel paging request at fffffffffffffffe PGD 9b20e067 P4D 9b20e067 PUD 9b210067 PMD 0 Oops: 0000 [#1] SMP PTI CPU: 2 PID: 1728 Comm: page-types Not tainted 4.17.0-rc6-mm1-v4.17-rc6-180605-0816-00236-g2dfb086ef02c+ #160 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.fc28 04/01/2014 RIP: 0010:stable_page_flags+0x27/0x3c0 Code: 00 00 00 0f 1f 44 00 00 48 85 ff 0f 84 a0 03 00 00 41 54 55 49 89 fc 53 48 8b 57 08 48 8b 2f 48 8d 42 ff 83 e2 01 48 0f 44 c7 <48> 8b 00 f6 c4 01 0f 84 10 03 00 00 31 db 49 8b 54 24 08 4c 89 e7 RSP: 0018:ffffbbd44111fde0 EFLAGS: 00010202 RAX: fffffffffffffffe RBX: 00007fffffffeff9 RCX: 0000000000000000 RDX: 0000000000000001 RSI: 0000000000000202 RDI: ffffed1182fff5c0 RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000000000000001 R10: ffffbbd44111fed8 R11: 0000000000000000 R12: ffffed1182fff5c0 R13: 00000000000bffd7 R14: 0000000002fff5c0 R15: ffffbbd44111ff10 FS: 00007efc4335a500(0000) GS:ffff93a5bfc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: fffffffffffffffe CR3: 00000000b2a58000 CR4: 00000000001406e0 Call Trace: kpageflags_read+0xc7/0x120 proc_reg_read+0x3c/0x60 __vfs_read+0x36/0x170 vfs_read+0x89/0x130 ksys_pread64+0x71/0x90 do_syscall_64+0x5b/0x160 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7efc42e75e23 Code: 09 00 ba 9f 01 00 00 e8 ab 81 f4 ff 66 2e 0f 1f 84 00 00 00 00 00 90 83 3d 29 0a 2d 00 00 75 13 49 89 ca b8 11 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 db d3 01 00 48 89 04 24 According to kernel bisection, this problem became visible due to commit f7f99100d8d9 which changes how struct pages are initialized. Memblock layout affects the pfn ranges covered by node/zone. Consider that we have a VM with 2 NUMA nodes and each node has 4GB memory, and the default (no memmap= given) memblock layout is like below: MEMBLOCK configuration: memory size = 0x00000001fff75c00 reserved size = 0x000000000300c000 memory.cnt = 0x4 memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0 memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0 memory[0x2] [0x0000000100000000-0x000000013fffffff], 0x0000000040000000 bytes on node 0 flags: 0x0 memory[0x3] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0 ... If you give memmap=1G!4G (so it just covers memory[0x2]), the range [0x100000000-0x13fffffff] is gone: MEMBLOCK configuration: memory size = 0x00000001bff75c00 reserved size = 0x000000000300c000 memory.cnt = 0x3 memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0 memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0 memory[0x2] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0 ... This causes shrinking node 0's pfn range because it is calculated by the address range of memblock.memory. So some of struct pages in the gap range are left uninitialized. We have a function zero_resv_unavail() which does zeroing the struct pages outside memblock.memory, but currently it covers only the reserved unavailable range (i.e. memblock.memory && !memblock.reserved). This patch extends it to cover all unavailable range, which fixes the reported issue. Link: http://lkml.kernel.org/r/20180613054107.GA5329@hori1.linux.bs1.fc.nec.co.jp Fixes: f7f99100d8d9 ("mm: stop zeroing memory during allocation in vmemmap") Signed-off-by: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Tested-by: Oscar Salvador <osalvador(a)suse.de> Cc: Pavel Tatashin <pasha.tatashin(a)oracle.com> Cc: Steven Sistare <steven.sistare(a)oracle.com> Cc: Daniel Jordan <daniel.m.jordan(a)oracle.com> Cc: Matthew Wilcox <willy(a)infradead.org> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: Huang Ying <ying.huang(a)intel.com> Cc: Ingo Molnar <mingo(a)kernel.org> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/memblock.h | 16 ---------------- mm/page_alloc.c | 33 ++++++++++++++++++++++++--------- 2 files changed, 24 insertions(+), 25 deletions(-) diff -puN include/linux/memblock.h~mm-zero-remaining-unavailable-struct-pages include/linux/memblock.h --- a/include/linux/memblock.h~mm-zero-remaining-unavailable-struct-pages +++ a/include/linux/memblock.h @@ -236,22 +236,6 @@ void __next_mem_pfn_range(int *idx, int for_each_mem_range_rev(i, &memblock.memory, &memblock.reserved, \ nid, flags, p_start, p_end, p_nid) -/** - * for_each_resv_unavail_range - iterate through reserved and unavailable memory - * @i: u64 used as loop variable - * @flags: pick from blocks based on memory attributes - * @p_start: ptr to phys_addr_t for start address of the range, can be %NULL - * @p_end: ptr to phys_addr_t for end address of the range, can be %NULL - * - * Walks over unavailable but reserved (reserved && !memory) areas of memblock. - * Available as soon as memblock is initialized. - * Note: because this memory does not belong to any physical node, flags and - * nid arguments do not make sense and thus not exported as arguments. - */ -#define for_each_resv_unavail_range(i, p_start, p_end) \ - for_each_mem_range(i, &memblock.reserved, &memblock.memory, \ - NUMA_NO_NODE, MEMBLOCK_NONE, p_start, p_end, NULL) - static inline void memblock_set_region_flags(struct memblock_region *r, unsigned long flags) { diff -puN mm/page_alloc.c~mm-zero-remaining-unavailable-struct-pages mm/page_alloc.c --- a/mm/page_alloc.c~mm-zero-remaining-unavailable-struct-pages +++ a/mm/page_alloc.c @@ -6390,25 +6390,40 @@ void __paginginit free_area_init_node(in * struct pages which are reserved in memblock allocator and their fields * may be accessed (for example page_to_pfn() on some configuration accesses * flags). We must explicitly zero those struct pages. + * + * This function also addresses a similar issue where struct pages are left + * uninitialized because the physical address range is not covered by + * memblock.memory or memblock.reserved. That could happen when memblock + * layout is manually configured via memmap=. */ void __paginginit zero_resv_unavail(void) { phys_addr_t start, end; unsigned long pfn; u64 i, pgcnt; + phys_addr_t next = 0; /* - * Loop through ranges that are reserved, but do not have reported - * physical memory backing. + * Loop through unavailable ranges not covered by memblock.memory. */ pgcnt = 0; - for_each_resv_unavail_range(i, &start, &end) { - for (pfn = PFN_DOWN(start); pfn < PFN_UP(end); pfn++) { - if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages))) - continue; - mm_zero_struct_page(pfn_to_page(pfn)); - pgcnt++; + for_each_mem_range(i, &memblock.memory, NULL, + NUMA_NO_NODE, MEMBLOCK_NONE, &start, &end, NULL) { + if (next < start) { + for (pfn = PFN_DOWN(next); pfn < PFN_UP(start); pfn++) { + if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages))) + continue; + mm_zero_struct_page(pfn_to_page(pfn)); + pgcnt++; + } } + next = end; + } + for (pfn = PFN_DOWN(next); pfn < max_pfn; pfn++) { + if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages))) + continue; + mm_zero_struct_page(pfn_to_page(pfn)); + pgcnt++; } /* @@ -6419,7 +6434,7 @@ void __paginginit zero_resv_unavail(void * this code can be removed. */ if (pgcnt) - pr_info("Reserved but unavailable: %lld pages", pgcnt); + pr_info("Zeroed struct page in unavailable ranges: %lld pages", pgcnt); } #endif /* CONFIG_HAVE_MEMBLOCK */ _ Patches currently in -mm which might be from n-horiguchi(a)ah.jp.nec.com are

7 years, 4 months

1
0
0 0

Please apply this commit to v4.14.y, 4.16.y and 4.17.y: 52acf73b6e9a ("hv_netvsc: Fix a network regression after ifdown/ifup")

by Dexuan Cui

Hi, The patch has been in the mainline, and I have verified the commit can be cherry-picked cleanly to these 3 stable branches mentioned in the subject. When the patch was originally submitted, I did add a " Cc: stable(a)vger.kernel.org" tag: https://lkml.org/lkml/2018/6/6/766 . It looks somehow the tag was left out. Thanks, -- Dexuan

7 years, 4 months

1
0
0 0

[PATCH 4.4] iio:buffer: make length types match kfifo types

by Ben Hutchings

From: Martin Kelly <mkelly(a)xevo.com> commit c043ec1ca5baae63726aae32abbe003192bc6eec upstream. Currently, we use int for buffer length and bytes_per_datum. However, kfifo uses unsigned int for length and size_t for element size. We need to make sure these matches or we will have bugs related to overflow (in the range between INT_MAX and UINT_MAX for length, for example). In addition, set_bytes_per_datum uses size_t while bytes_per_datum is an int, which would cause bugs for large values of bytes_per_datum. Change buffer length to use unsigned int and bytes_per_datum to use size_t. Signed-off-by: Martin Kelly <mkelly(a)xevo.com> Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> [bwh: Backported to 4.4: - Drop change to iio_dma_buffer_set_length() - Adjust filename, context] Signed-off-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk> --- drivers/iio/buffer/kfifo_buf.c | 4 ++-- include/linux/iio/buffer.h | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/iio/buffer/kfifo_buf.c b/drivers/iio/buffer/kfifo_buf.c index 7ef9b13262a8..e44181f9eb36 100644 --- a/drivers/iio/buffer/kfifo_buf.c +++ b/drivers/iio/buffer/kfifo_buf.c @@ -19,7 +19,7 @@ struct iio_kfifo { #define iio_to_kfifo(r) container_of(r, struct iio_kfifo, buffer) static inline int __iio_allocate_kfifo(struct iio_kfifo *buf, - int bytes_per_datum, int length) + size_t bytes_per_datum, unsigned int length) { if ((length == 0) || (bytes_per_datum == 0)) return -EINVAL; @@ -71,7 +71,7 @@ static int iio_set_bytes_per_datum_kfifo(struct iio_buffer *r, size_t bpd) return 0; } -static int iio_set_length_kfifo(struct iio_buffer *r, int length) +static int iio_set_length_kfifo(struct iio_buffer *r, unsigned int length) { /* Avoid an invalid state */ if (length < 2) diff --git a/include/linux/iio/buffer.h b/include/linux/iio/buffer.h index 1600c55828e0..93a774ce4922 100644 --- a/include/linux/iio/buffer.h +++ b/include/linux/iio/buffer.h @@ -49,7 +49,7 @@ struct iio_buffer_access_funcs { int (*request_update)(struct iio_buffer *buffer); int (*set_bytes_per_datum)(struct iio_buffer *buffer, size_t bpd); - int (*set_length)(struct iio_buffer *buffer, int length); + int (*set_length)(struct iio_buffer *buffer, unsigned int length); void (*release)(struct iio_buffer *buffer); @@ -78,8 +78,8 @@ struct iio_buffer_access_funcs { * @watermark: [INTERN] number of datums to wait for poll/read. */ struct iio_buffer { - int length; - int bytes_per_datum; + unsigned int length; + size_t bytes_per_datum; struct attribute_group *scan_el_attrs; long *scan_mask; bool scan_timestamp; -- Ben Hutchings, Software Developer Codethink Ltd https://www.codethink.co.uk/ Dale House, 35 Dale Street Manchester, M1 2HF, United Kingdom

7 years, 4 months

1
0
0 0

Applied "spi: cadence: Change usleep_range() to udelay(), for atomic context" to the spi tree

by Mark Brown

The patch spi: cadence: Change usleep_range() to udelay(), for atomic context has been applied to the spi tree at https://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi.git All being well this means that it will be integrated into the linux-next tree (usually sometime in the next 24 hours) and sent to Linus during the next merge window (or sooner if it is a bug fix), however if problems are discovered then the patch may be dropped or reverted. You may get further e-mails resulting from automated or manual testing and review of the tree, please engage with people reporting problems and send followup patches addressing any issues that are reported if needed. If any updates are required or you are submitting further changes they should be sent as incremental updates against current git, existing patches will not be replaced. Please add any relevant lists and maintainers to the CCs when replying to this mail. Thanks, Mark >From 931c4e9a72ae91d59c5332ffb6812911a749da8e Mon Sep 17 00:00:00 2001 From: Janek Kotas <jank(a)cadence.com> Date: Mon, 4 Jun 2018 11:24:44 +0000 Subject: [PATCH] spi: cadence: Change usleep_range() to udelay(), for atomic context The path "spi: cadence: Add usleep_range() for cdns_spi_fill_tx_fifo()" added a usleep_range() function call, which cannot be used in atomic context. However the cdns_spi_fill_tx_fifo() function can be called during an interrupt which may result in a kernel panic: BUG: scheduling while atomic: grep/561/0x00010002 Modules linked in: Preemption disabled at: [<ffffff800858ea28>] wait_for_common+0x48/0x178 CPU: 0 PID: 561 Comm: grep Not tainted 4.17.0 #1 Hardware name: Cadence CSP (DT) Call trace: dump_backtrace+0x0/0x198 show_stack+0x14/0x20 dump_stack+0x8c/0xac __schedule_bug+0x6c/0xb8 __schedule+0x570/0x5d8 schedule+0x34/0x98 schedule_hrtimeout_range_clock+0x98/0x110 schedule_hrtimeout_range+0x10/0x18 usleep_range+0x64/0x98 cdns_spi_fill_tx_fifo+0x70/0xb0 cdns_spi_irq+0xd0/0xe0 __handle_irq_event_percpu+0x9c/0x128 handle_irq_event_percpu+0x34/0x88 handle_irq_event+0x48/0x78 handle_fasteoi_irq+0xbc/0x1b0 generic_handle_irq+0x24/0x38 __handle_domain_irq+0x84/0xf8 gic_handle_irq+0xc4/0x180 This patch replaces the function call with udelay() which can be used in an atomic context, like an interrupt. Signed-off-by: Jan Kotas <jank(a)cadence.com> Signed-off-by: Mark Brown <broonie(a)kernel.org> Cc: stable(a)vger.kernel.org --- drivers/spi/spi-cadence.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/spi/spi-cadence.c b/drivers/spi/spi-cadence.c index f3dad6fcdc35..a568f35522f9 100644 --- a/drivers/spi/spi-cadence.c +++ b/drivers/spi/spi-cadence.c @@ -319,7 +319,7 @@ static void cdns_spi_fill_tx_fifo(struct cdns_spi *xspi) */ if (cdns_spi_read(xspi, CDNS_SPI_ISR) & CDNS_SPI_IXR_TXFULL) - usleep_range(10, 20); + udelay(10); if (xspi->txbuf) cdns_spi_write(xspi, CDNS_SPI_TXD, *xspi->txbuf++); -- 2.17.1

7 years, 4 months

1
0
0 0

[PATCH 1/2] EDAC: fix memleak in module init error path

by Johan Hovold

Make sure to use put_device() to free the initialised struct device so that resources managed by driver core also gets released in the event of a registration failure. Fixes: de3910eb79ac ("edac: change the mem allocation scheme to make Documentation/kobject.txt happy") Fixes: 2d56b109e3a5 ("EDAC: Handle error path in edac_mc_sysfs_init() properly") Cc: stable <stable(a)vger.kernel.org> # 3.6 Cc: Denis Kirjanov <kirjanov(a)gmail.com> Cc: Mauro Carvalho Chehab <mchehab(a)redhat.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/edac/edac_mc_sysfs.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/edac/edac_mc_sysfs.c b/drivers/edac/edac_mc_sysfs.c index 7481955160a4..20374b8248f0 100644 --- a/drivers/edac/edac_mc_sysfs.c +++ b/drivers/edac/edac_mc_sysfs.c @@ -1075,14 +1075,14 @@ int __init edac_mc_sysfs_init(void) err = device_add(mci_pdev); if (err < 0) - goto out_dev_free; + goto out_put_device; edac_dbg(0, "device %s created\n", dev_name(mci_pdev)); return 0; - out_dev_free: - kfree(mci_pdev); + out_put_device: + put_device(mci_pdev); out: return err; } -- 2.17.1

7 years, 4 months

2
2
0 0

[PATCH v4 1/2] drm/rockchip: vop: split out core clock enablement into separate functions

by Heiko Stuebner

Judging from the iommu code, both the hclk and aclk are necessary for register access. Split them off into separate functions from the regular vop enablement, so that we can use them elsewhere as well. Fixes: d0b912bd4c23 ("iommu/rockchip: Request irqs in rk_iommu_probe()") Cc: stable(a)vger.kernel.org Signed-off-by: Heiko Stuebner <heiko(a)sntech.de> Tested-by: Ezequiel Garcia <ezequiel(a)collabora.com> --- drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 44 +++++++++++++++------ 1 file changed, 31 insertions(+), 13 deletions(-) diff --git a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c index 2121345a61af..9a1f272e41c7 100644 --- a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c +++ b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c @@ -486,6 +486,31 @@ static void vop_line_flag_irq_disable(struct vop *vop) spin_unlock_irqrestore(&vop->irq_lock, flags); } +static int vop_core_clks_enable(struct vop *vop) +{ + int ret; + + ret = clk_enable(vop->hclk); + if (ret < 0) + return ret; + + ret = clk_enable(vop->aclk); + if (ret < 0) + goto err_disable_hclk; + + return 0; + +err_disable_hclk: + clk_disable(vop->hclk); + return ret; +} + +static void vop_core_clks_disable(struct vop *vop) +{ + clk_disable(vop->aclk); + clk_disable(vop->hclk); +} + static int vop_enable(struct drm_crtc *crtc) { struct vop *vop = to_vop(crtc); @@ -497,17 +522,13 @@ static int vop_enable(struct drm_crtc *crtc) return ret; } - ret = clk_enable(vop->hclk); + ret = vop_core_clks_enable(vop); if (WARN_ON(ret < 0)) goto err_put_pm_runtime; ret = clk_enable(vop->dclk); if (WARN_ON(ret < 0)) - goto err_disable_hclk; - - ret = clk_enable(vop->aclk); - if (WARN_ON(ret < 0)) - goto err_disable_dclk; + goto err_disable_core; /* * Slave iommu shares power, irq and clock with vop. It was associated @@ -519,7 +540,7 @@ static int vop_enable(struct drm_crtc *crtc) if (ret) { DRM_DEV_ERROR(vop->dev, "failed to attach dma mapping, %d\n", ret); - goto err_disable_aclk; + goto err_disable_dclk; } spin_lock(&vop->reg_lock); @@ -558,12 +579,10 @@ static int vop_enable(struct drm_crtc *crtc) return 0; -err_disable_aclk: - clk_disable(vop->aclk); err_disable_dclk: clk_disable(vop->dclk); -err_disable_hclk: - clk_disable(vop->hclk); +err_disable_core: + vop_core_clks_disable(vop); err_put_pm_runtime: pm_runtime_put_sync(vop->dev); return ret; @@ -609,8 +628,7 @@ static void vop_crtc_atomic_disable(struct drm_crtc *crtc, rockchip_drm_dma_detach_device(vop->drm_dev, vop->dev); clk_disable(vop->dclk); - clk_disable(vop->aclk); - clk_disable(vop->hclk); + vop_core_clks_disable(vop); pm_runtime_put(vop->dev); mutex_unlock(&vop->vop_lock); -- 2.17.0

7 years, 4 months

2
1
0 0

[PATCH v3 2/2] drm/rockchip: vop: fix irq disabled after vop driver probed

by Heiko Stuebner

From: Sandy Huang <hjc(a)rock-chips.com> The vop irq is shared between vop and iommu and irq probing in the iommu driver moved to the probe function recently. This can in some cases lead to a stall if the irq is triggered while the vop driver still has it disabled, but the vop irq handler gets called. But there is no real need to disable the irq, as the vop can simply also track its enabled state and ignore irqs in that case. For this we can simply check the power-domain state of the vop, similar to how the iommu driver does it. So remove the enable/disable handling and add appropriate condition to the irq handler. changes in v2: - move to just check the power-domain state - add clock handling changes in v3: - clarify comment to speak of runtime-pm not power-domain Fixes: d0b912bd4c23 ("iommu/rockchip: Request irqs in rk_iommu_probe()") Cc: stable(a)vger.kernel.org Signed-off-by: Sandy Huang <hjc(a)rock-chips.com> Signed-off-by: Heiko Stuebner <heiko(a)sntech.de> Tested-by: Ezequiel Garcia <ezequiel(a)collabora.com> --- drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 28 ++++++++++++++------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c index 9a1f272e41c7..ae8a69793aed 100644 --- a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c +++ b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c @@ -573,8 +573,6 @@ static int vop_enable(struct drm_crtc *crtc) spin_unlock(&vop->reg_lock); - enable_irq(vop->irq); - drm_crtc_vblank_on(crtc); return 0; @@ -618,8 +616,6 @@ static void vop_crtc_atomic_disable(struct drm_crtc *crtc, vop_dsp_hold_valid_irq_disable(vop); - disable_irq(vop->irq); - vop->is_enabled = false; /* @@ -1195,6 +1191,16 @@ static irqreturn_t vop_isr(int irq, void *data) uint32_t active_irqs; int ret = IRQ_NONE; + /* + * The irq is shared with the iommu. If the runtime-pm state of the + * vop-device is disabled the irq has to be targetted at the iommu. + */ + if (!pm_runtime_get_if_in_use(vop->dev)) + return IRQ_NONE; + + if (WARN_ON(vop_core_clks_enable(vop))) + goto out; + /* * interrupt register has interrupt status, enable and clear bits, we * must hold irq_lock to avoid a race with enable/disable_vblank(). @@ -1209,8 +1215,11 @@ static irqreturn_t vop_isr(int irq, void *data) spin_unlock(&vop->irq_lock); /* This is expected for vop iommu irqs, since the irq is shared */ - if (!active_irqs) - return IRQ_NONE; + if (!active_irqs) { + ret = IRQ_NONE; + vop_core_clks_disable(vop); + goto out; + } if (active_irqs & DSP_HOLD_VALID_INTR) { complete(&vop->dsp_hold_completion); @@ -1236,6 +1245,10 @@ static irqreturn_t vop_isr(int irq, void *data) DRM_DEV_ERROR(vop->dev, "Unknown VOP IRQs: %#02x\n", active_irqs); + vop_core_clks_disable(vop); + +out: + pm_runtime_put(vop->dev); return ret; } @@ -1614,9 +1627,6 @@ static int vop_bind(struct device *dev, struct device *master, void *data) if (ret) goto err_disable_pm_runtime; - /* IRQ is initially disabled; it gets enabled in power_on */ - disable_irq(vop->irq); - return 0; err_disable_pm_runtime: -- 2.17.0

7 years, 4 months

4
5
0 0

[PATCH] Revert "drm/sun4i: Handle DRM_BUS_FLAG_PIXDATA_*EDGE"

by Paul Kocialkowski

This reverts commit 2c17a4368aad2b88b68e4390c819e226cf320f70. The offending commit triggers a run-time fault when accessing the panel element of the sun4i_tcon structure when no such panel is attached. It was apparently assumed in said commit that a panel is always used with the TCON. Although it is often the case, this is not always true. For instance a bridge might be used instead of a panel. This issue was discovered using an A13-OLinuXino, that uses the TCON in RGB mode for a simple DAC-based VGA bridge. Cc: stable(a)vger.kernel.org Signed-off-by: Paul Kocialkowski <paul.kocialkowski(a)bootlin.com> --- drivers/gpu/drm/sun4i/sun4i_tcon.c | 25 ------------------------- 1 file changed, 25 deletions(-) diff --git a/drivers/gpu/drm/sun4i/sun4i_tcon.c b/drivers/gpu/drm/sun4i/sun4i_tcon.c index c3d92d537240..8045871335b5 100644 --- a/drivers/gpu/drm/sun4i/sun4i_tcon.c +++ b/drivers/gpu/drm/sun4i/sun4i_tcon.c @@ -17,7 +17,6 @@ #include <drm/drm_encoder.h> #include <drm/drm_modes.h> #include <drm/drm_of.h> -#include <drm/drm_panel.h> #include <uapi/drm/drm_mode.h> @@ -350,9 +349,6 @@ static void sun4i_tcon0_mode_set_lvds(struct sun4i_tcon *tcon, static void sun4i_tcon0_mode_set_rgb(struct sun4i_tcon *tcon, const struct drm_display_mode *mode) { - struct drm_panel *panel = tcon->panel; - struct drm_connector *connector = panel->connector; - struct drm_display_info display_info = connector->display_info; unsigned int bp, hsync, vsync; u8 clk_delay; u32 val = 0; @@ -410,27 +406,6 @@ static void sun4i_tcon0_mode_set_rgb(struct sun4i_tcon *tcon, if (mode->flags & DRM_MODE_FLAG_PVSYNC) val |= SUN4I_TCON0_IO_POL_VSYNC_POSITIVE; - /* - * On A20 and similar SoCs, the only way to achieve Positive Edge - * (Rising Edge), is setting dclk clock phase to 2/3(240°). - * By default TCON works in Negative Edge(Falling Edge), - * this is why phase is set to 0 in that case. - * Unfortunately there's no way to logically invert dclk through - * IO_POL register. - * The only acceptable way to work, triple checked with scope, - * is using clock phase set to 0° for Negative Edge and set to 240° - * for Positive Edge. - * On A33 and similar SoCs there would be a 90° phase option, - * but it divides also dclk by 2. - * Following code is a way to avoid quirks all around TCON - * and DOTCLOCK drivers. - */ - if (display_info.bus_flags & DRM_BUS_FLAG_PIXDATA_POSEDGE) - clk_set_phase(tcon->dclk, 240); - - if (display_info.bus_flags & DRM_BUS_FLAG_PIXDATA_NEGEDGE) - clk_set_phase(tcon->dclk, 0); - regmap_update_bits(tcon->regs, SUN4I_TCON0_IO_POL_REG, SUN4I_TCON0_IO_POL_HSYNC_POSITIVE | SUN4I_TCON0_IO_POL_VSYNC_POSITIVE, val); -- 2.17.0

7 years, 4 months

3
4
0 0

[PATCH] tcp: do not overshoot window_clamp in tcp_rcv_space_adjust()

by Guenter Roeck

From: Eric Dumazet <edumazet(a)google.com> commit 02db55718d53f9d426cee504c27fb768e9ed4ffe upstream. While rcvbuf is properly clamped by tcp_rmem[2], rcvwin is left to a potentially too big value. It has no serious effect, since : 1) tcp_grow_window() has very strict checks. 2) window_clamp can be mangled by user space to any value anyway. tcp_init_buffer_space() and companions use tcp_full_space(), we use tcp_win_from_space() to avoid reloading sk->sk_rcvbuf Signed-off-by: Eric Dumazet <edumazet(a)google.com> Acked-by: Soheil Hassas Yeganeh <soheil(a)google.com> Acked-by: Wei Wang <weiwan(a)google.com> Acked-by: Neal Cardwell <ncardwell(a)google.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Guenter Roeck <linux(a)roeck-us.net> --- net/ipv4/tcp_input.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 125b49c166a4..f0caff3139ed 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -647,7 +647,7 @@ void tcp_rcv_space_adjust(struct sock *sk) sk->sk_rcvbuf = rcvbuf; /* Make the window clamp follow along. */ - tp->window_clamp = rcvwin; + tp->window_clamp = tcp_win_from_space(rcvbuf); } } tp->rcvq_space.space = copied; -- 2.7.4

7 years, 4 months

2
2
0 0

TCP receive windows broken in 4.14.48

by Benjamin Gilbert

Hi, 4.14.48 can cause abnormally small TCP receive windows when the sender is faster than the receiver; see https://github.com/coreos/bugs/issues/2457 for details. Reverting "tcp: avoid integer overflows in tcp_rcv_space_adjust()" fixes it. Backporting 02db55718d53 ("tcp: do not overshoot window_clamp in tcp_rcv_space_adjust()"), which is its parent commit upstream, also fixes it. --Benjamin Gilbert

7 years, 4 months

3
4
0 0

v4.14.21+: ATOMIC_SLEEP splat bisected to 9428088c90b6 ("drm/qxl: reapply cursor after resetting primary")

by Mike Galbraith

Greetings, Running a kernel with ATOMIC_SLEEP enabled in one of my VMs, I met the splat below. I tracked it back to 4.14-stable, and bisected it there. [ 35.748479] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 37.302172] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 43.719223] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 45.284748] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 47.544198] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 49.024251] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 50.222626] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 67.521590] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 864.956846] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 866.478807] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 2245.113210] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 2308.323698] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 2325.967740] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 3355.291413] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 3367.545378] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 3395.581055] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 3405.144002] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 35.748479] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:239 [ 35.750518] in_atomic(): 1, irqs_disabled(): 0, pid: 2482, name: X [ 35.752119] CPU: 0 PID: 2482 Comm: X Kdump: loaded Tainted: G E 4.17.0.g4c5e8fc-default #846 [ 35.754276] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.0.0-prebuilt.qemu-project.org 04/01/2014 [ 35.756381] Call Trace: [ 35.756921] dump_stack+0x85/0xcb [ 35.757415] ___might_sleep+0xd8/0x130 [ 35.757818] mutex_lock+0x1c/0x40 [ 35.758202] qxl_surface_evict+0x23/0x60 [qxl] [ 35.758756] qxl_gem_object_free+0x27/0x40 [qxl] [ 35.759247] qxl_bo_unref+0x1d/0x30 [qxl] [ 35.759721] qxl_cursor_atomic_update+0x251/0x2a0 [qxl] [ 35.760314] drm_atomic_helper_commit_planes+0xdf/0x220 [drm_kms_helper] [ 35.761065] drm_atomic_helper_commit_tail+0x26/0x60 [drm_kms_helper] [ 35.761722] commit_tail+0x5f/0x70 [drm_kms_helper] [ 35.762160] drm_atomic_helper_commit+0xfc/0x110 [drm_kms_helper] [ 35.762712] drm_atomic_helper_update_plane+0xf0/0x110 [drm_kms_helper] [ 35.763277] __setplane_internal+0x196/0x240 [drm] [ 35.763698] drm_mode_cursor_universal+0xec/0x1d0 [drm] [ 35.764143] drm_mode_cursor_common+0x16a/0x1d0 [drm] [ 35.764570] ? drm_mode_cursor_ioctl+0x50/0x50 [drm] [ 35.765011] drm_ioctl_kernel+0x81/0xd0 [drm] [ 35.765425] drm_ioctl+0x2a8/0x350 [drm] [ 35.765795] ? drm_mode_cursor_ioctl+0x50/0x50 [drm] [ 35.766256] do_vfs_ioctl+0x91/0x6a0 [ 35.766770] ? __do_page_fault+0x27e/0x4f0 [ 35.767116] ksys_ioctl+0x70/0x80 [ 35.767397] __x64_sys_ioctl+0x16/0x20 [ 35.767732] do_syscall_64+0x60/0x180 [ 35.768042] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 35.768470] RIP: 0033:0x7fe99fc0a477 [ 35.768783] Code: b3 66 90 48 8b 05 21 4a 2c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d f1 49 2c 00 f7 d8 64 89 01 48 [ 35.770453] RSP: 002b:00007fff8dcc3ca8 EFLAGS: 00003246 ORIG_RAX: 0000000000000010 [ 35.771092] RAX: ffffffffffffffda RBX: 00005594217685e0 RCX: 00007fe99fc0a477 [ 35.771690] RDX: 00007fff8dcc3ce0 RSI: 00000000c02464bb RDI: 0000000000000018 [ 35.772298] RBP: 00007fff8dcc3ce0 R08: 0000000000000040 R09: 0000000000000004 [ 35.773105] R10: 0000000000000040 R11: 0000000000003246 R12: 00000000c02464bb [ 35.773758] R13: 0000000000000018 R14: 0000000000000040 R15: 00007fff8dcc3db4 git bisect start # good: [569dbb88e80deb68974ef6fdd6a13edb9d686261] Linux 4.13 git bisect good 569dbb88e80deb68974ef6fdd6a13edb9d686261 # bad: [cda6fd4d9382205bb792255cd56a91062d404bc0] Linux 4.14.50 git bisect bad cda6fd4d9382205bb792255cd56a91062d404bc0 # good: [fbd01410e89a66f346ba1b3c0161e1198449b746] Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net git bisect good fbd01410e89a66f346ba1b3c0161e1198449b746 # good: [e4b57c4bc11bfaa2588557b52ad5abd65fb9390e] sparc64: mmu_context: Add missing include files git bisect good e4b57c4bc11bfaa2588557b52ad5abd65fb9390e # bad: [703fca31ac31ed81455a8642a6988cbca47f0f07] tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the bus git bisect bad 703fca31ac31ed81455a8642a6988cbca47f0f07 # good: [b043ea189d0fbd2f7a0b8d177109f60f5cd767f2] can: vxcan: improve handling of missing peer name attribute git bisect good b043ea189d0fbd2f7a0b8d177109f60f5cd767f2 # good: [e47273d086236d06c3c2851fa8599971086b2a73] arm64: KVM: Report SMCCC_ARCH_WORKAROUND_1 BP hardening support git bisect good e47273d086236d06c3c2851fa8599971086b2a73 # bad: [392e03283a3ddddf7c48dcc002b8668e1612a578] crypto: x86/twofish-3way - Fix %rbp usage git bisect bad 392e03283a3ddddf7c48dcc002b8668e1612a578 # good: [b3d33c5f296b36a05e24828f96c8ea5e02a15b06] crypto: sun4i_ss_prng - fix return value of sun4i_ss_prng_generate git bisect good b3d33c5f296b36a05e24828f96c8ea5e02a15b06 # good: [0f0fd00739118302568ff8b57ddfc5898c1a3796] xenbus: track caller request id git bisect good 0f0fd00739118302568ff8b57ddfc5898c1a3796 # bad: [7367af9cf0e4e1502151d42535cae779046d77e4] ARM: dts: s5pv210: add interrupt-parent for ohci git bisect bad 7367af9cf0e4e1502151d42535cae779046d77e4 # bad: [61c07810bf2e53f348dbdba751ddf7ba31aba4aa] Btrfs: fix unexpected -EEXIST when creating new inode git bisect bad 61c07810bf2e53f348dbdba751ddf7ba31aba4aa # bad: [67154fb8012152aed14dbd70e5b7fc79dcfd53f4] xprtrdma: Fix BUG after a device removal git bisect bad 67154fb8012152aed14dbd70e5b7fc79dcfd53f4 # good: [ff59e379234bb4b479deca97e29f685eabe22954] rtlwifi: rtl8821ae: Fix connection lost problem correctly git bisect good ff59e379234bb4b479deca97e29f685eabe22954 # good: [dc0b764a7c1a3a03b56c5582bf9a9c4554bf5e96] qxl: alloc & use shadow for dumb buffers git bisect good dc0b764a7c1a3a03b56c5582bf9a9c4554bf5e96 # bad: [84b41e3708ac9869190dd09d47b548392b7a656a] xprtrdma: Fix calculation of ri_max_send_sges git bisect bad 84b41e3708ac9869190dd09d47b548392b7a656a # bad: [848dd9bf51544c8e5436960124f3d1f9c51cdb99] drm/qxl: reapply cursor after resetting primary git bisect bad 848dd9bf51544c8e5436960124f3d1f9c51cdb99 # first bad commit: [848dd9bf51544c8e5436960124f3d1f9c51cdb99] drm/qxl: reapply cursor after resetting primary

7 years, 4 months

3
5
0 0

Linux 3.16.57

by Ben Hutchings

I'm announcing the release of the 3.16.57 kernel. All users of the 3.16 kernel series should upgrade. The updated 3.16.y git tree can be found at: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.16.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git The diff from 3.16.56 is attached to this message. Ben. ------------ Documentation/device-mapper/thin-provisioning.txt | 8 +- Documentation/devicetree/bindings/dma/snps-dma.txt | 2 +- Documentation/filesystems/ext4.txt | 2 +- Makefile | 2 +- arch/alpha/kernel/pci_impl.h | 3 +- arch/alpha/kernel/process.c | 3 +- arch/arm/boot/dts/exynos4412-trats2.dts | 2 +- arch/arm/boot/dts/spear1310-evb.dts | 2 +- arch/arm/boot/dts/spear1340.dtsi | 4 +- arch/arm/boot/dts/spear13xx.dtsi | 6 +- arch/arm/boot/dts/spear600.dtsi | 1 + arch/arm/kvm/handle_exit.c | 13 +- arch/arm/mach-mvebu/Kconfig | 4 +- arch/arm/xen/enlighten.c | 1 + arch/arm64/kernel/process.c | 16 +- arch/arm64/kernel/traps.c | 58 +- arch/arm64/kvm/handle_exit.c | 9 + arch/ia64/scripts/unwcheck.py | 16 +- arch/mips/boot/compressed/Makefile | 6 +- arch/mips/kernel/smp-bmips.c | 8 +- arch/mips/kernel/traps.c | 15 +- arch/mips/ralink/reset.c | 8 - arch/mips/txx9/rbtx4939/setup.c | 4 +- arch/mn10300/mm/misalignment.c | 2 +- arch/openrisc/kernel/traps.c | 10 +- arch/powerpc/include/asm/kvm_book3s.h | 6 +- arch/powerpc/include/asm/topology.h | 8 + arch/powerpc/kernel/entry_64.S | 10 +- arch/powerpc/kvm/book3s_interrupts.S | 4 +- arch/powerpc/kvm/book3s_pr.c | 20 +- arch/powerpc/mm/numa.c | 5 - arch/powerpc/platforms/pseries/hotplug-cpu.c | 2 + arch/s390/kernel/compat_linux.c | 8 +- arch/s390/kvm/kvm-s390.c | 1 + arch/sh/kernel/traps_32.c | 3 +- arch/sparc/crypto/crc32c_glue.c | 1 + arch/x86/crypto/crc32-pclmul_glue.c | 1 + arch/x86/crypto/crc32c-intel_glue.c | 1 + arch/x86/include/asm/apm.h | 6 + arch/x86/include/asm/cpufeature.h | 15 +- arch/x86/include/asm/efi.h | 8 + arch/x86/include/asm/intel-family.h | 11 +- arch/x86/include/asm/kvm_host.h | 8 +- arch/x86/include/asm/nospec-branch.h | 37 ++ arch/x86/include/asm/pgtable.h | 4 +- arch/x86/include/asm/pgtable_types.h | 5 + arch/x86/include/asm/vmx.h | 1 + arch/x86/include/uapi/asm/mce.h | 4 + arch/x86/include/uapi/asm/msr-index.h | 12 + arch/x86/kernel/aperture_64.c | 46 +- arch/x86/kernel/cpu/bugs.c | 19 +- arch/x86/kernel/cpu/common.c | 75 ++- arch/x86/kernel/cpu/intel.c | 71 +++ arch/x86/kernel/cpu/mcheck/mce.c | 26 +- arch/x86/kernel/cpu/microcode/core.c | 2 +- arch/x86/kernel/cpu/microcode/core_early.c | 29 +- arch/x86/kernel/entry_64.S | 2 +- arch/x86/kernel/traps.c | 27 +- arch/x86/kvm/cpuid.c | 24 +- arch/x86/kvm/cpuid.h | 31 ++ arch/x86/kvm/svm.c | 171 +++++- arch/x86/kvm/vmx.c | 619 +++++++++++---------- arch/x86/kvm/x86.c | 111 ++-- arch/x86/mm/tlb.c | 19 + arch/x86/oprofile/nmi_int.c | 2 +- arch/x86/xen/mmu.c | 2 +- arch/x86/xen/suspend.c | 24 + arch/x86/xen/xen-head.S | 15 + arch/xtensa/include/asm/futex.h | 23 +- crypto/af_alg.c | 5 + crypto/ahash.c | 33 +- crypto/algif_hash.c | 54 +- crypto/crc32.c | 1 + crypto/crc32c_generic.c | 1 + crypto/cryptd.c | 6 +- crypto/shash.c | 25 +- drivers/ata/ahci.c | 24 +- drivers/ata/libata-core.c | 21 +- drivers/ata/libata-eh.c | 3 +- drivers/ata/libata-scsi.c | 4 +- drivers/block/pktcdvd.c | 4 +- drivers/block/rbd.c | 7 +- drivers/cdrom/cdrom.c | 2 +- drivers/char/tpm/tpm-interface.c | 4 + drivers/char/tpm/tpm_i2c_infineon.c | 5 +- drivers/char/tpm/tpm_i2c_nuvoton.c | 8 +- drivers/char/tpm/tpm_tis.c | 5 +- drivers/clocksource/fsl_ftm_timer.c | 2 +- drivers/cpufreq/s3c24xx-cpufreq.c | 8 +- drivers/crypto/bfin_crc.c | 3 +- drivers/crypto/caam/ctrl.c | 8 +- drivers/crypto/s5p-sss.c | 12 +- drivers/devfreq/devfreq.c | 2 +- drivers/edac/octeon_edac-lmc.c | 1 + drivers/firmware/dmi_scan.c | 22 +- drivers/gpu/drm/drm_edid.c | 3 + drivers/gpu/drm/drm_probe_helper.c | 20 + drivers/gpu/drm/nouveau/nouveau_connector.c | 18 +- drivers/gpu/drm/radeon/cik.c | 31 +- drivers/gpu/drm/radeon/radeon_connectors.c | 105 ++-- drivers/gpu/drm/radeon/radeon_device.c | 4 + drivers/gpu/drm/radeon/radeon_gem.c | 2 - drivers/gpu/drm/radeon/radeon_object.c | 2 + drivers/gpu/drm/radeon/radeon_uvd.c | 2 +- drivers/gpu/drm/radeon/si_dpm.c | 5 + drivers/gpu/drm/ttm/ttm_bo.c | 3 +- drivers/gpu/drm/udl/udl_fb.c | 9 +- drivers/hid/hid-core.c | 3 + drivers/hid/hid-ids.h | 4 + drivers/hid/hid-roccat-kovaplus.c | 2 + drivers/hid/usbhid/hid-quirks.c | 1 + drivers/iio/imu/adis_trigger.c | 7 +- drivers/iio/industrialio-buffer.c | 2 +- drivers/infiniband/core/cma.c | 5 +- drivers/infiniband/core/iwpm_util.c | 1 + drivers/infiniband/core/ucma.c | 51 +- drivers/infiniband/hw/mlx4/main.c | 13 +- drivers/infiniband/hw/mlx5/cq.c | 7 +- drivers/infiniband/hw/mlx5/qp.c | 5 +- drivers/infiniband/hw/mlx5/srq.c | 15 +- drivers/infiniband/ulp/ipoib/ipoib_fs.c | 2 - drivers/input/keyboard/matrix_keypad.c | 4 +- drivers/input/touchscreen/edt-ft5x06.c | 14 +- drivers/input/touchscreen/mms114.c | 2 +- drivers/md/bcache/super.c | 27 +- drivers/md/raid10.c | 6 +- drivers/media/pci/bt8xx/bt878.c | 3 +- drivers/media/platform/exynos4-is/fimc-isp.c | 14 +- drivers/media/usb/cpia2/cpia2_v4l.c | 4 +- drivers/media/usb/dvb-usb-v2/lmedm04.c | 39 +- drivers/media/usb/dvb-usb/cxusb.c | 2 + drivers/media/usb/dvb-usb/dib0700_devices.c | 1 + drivers/misc/lkdtm.c | 2 +- drivers/mmc/card/block.c | 21 + drivers/mmc/host/dw_mmc-exynos.c | 1 + drivers/mmc/host/dw_mmc.c | 68 ++- drivers/mmc/host/dw_mmc.h | 2 + drivers/mmc/host/sdhci-pci.c | 27 + drivers/mmc/host/sdhci.c | 7 +- drivers/mmc/host/sdhci.h | 1 + drivers/mtd/chips/jedec_probe.c | 2 + drivers/mtd/nand/nand_base.c | 5 +- drivers/mtd/ubi/vmt.c | 15 +- drivers/mtd/ubi/wl.c | 8 +- drivers/net/bonding/bond_main.c | 73 +-- drivers/net/can/cc770/cc770.c | 100 ++-- drivers/net/can/cc770/cc770.h | 2 + drivers/net/ethernet/broadcom/bcmsysport.c | 33 +- drivers/net/ethernet/broadcom/bcmsysport.h | 2 +- drivers/net/ethernet/intel/e1000e/ich8lan.c | 2 +- drivers/net/ethernet/intel/e1000e/mac.c | 2 +- drivers/net/ethernet/mellanox/mlx4/en_dcb_nl.c | 23 +- drivers/net/ethernet/mellanox/mlx4/en_ethtool.c | 27 +- drivers/net/ethernet/mellanox/mlx4/en_main.c | 4 +- drivers/net/ethernet/mellanox/mlx4/mr.c | 40 +- drivers/net/ethernet/mellanox/mlx4/qp.c | 3 + drivers/net/slip/slip.c | 4 +- drivers/net/team/team.c | 4 +- drivers/net/tun.c | 2 +- drivers/net/wireless/ath/ath9k/htc_drv_main.c | 4 + drivers/net/wireless/brcm80211/brcmfmac/p2p.c | 24 +- drivers/net/wireless/ti/wl1251/main.c | 3 +- drivers/pci/quirks.c | 2 + drivers/pinctrl/core.c | 24 +- drivers/platform/x86/apple-gmux.c | 48 +- drivers/power/ab8500_charger.c | 6 +- drivers/s390/net/qeth_core.h | 5 + drivers/s390/net/qeth_core_main.c | 16 +- drivers/s390/net/qeth_l2_main.c | 2 +- drivers/s390/net/qeth_l3_main.c | 2 +- drivers/scsi/aacraid/aachba.c | 22 +- drivers/scsi/arm/fas216.c | 2 +- drivers/scsi/ibmvscsi/ibmvfc.h | 2 +- drivers/scsi/ipr.c | 3 +- drivers/scsi/libsas/sas_ata.c | 3 +- drivers/scsi/libsas/sas_expander.c | 3 +- drivers/spi/spi-imx.c | 15 +- drivers/spi/spi-sun6i.c | 2 +- drivers/staging/android/ashmem.c | 32 +- drivers/staging/android/binder.c | 14 +- drivers/staging/iio/adc/ad7192.c | 29 +- drivers/staging/iio/adc/ad7192.h | 2 +- drivers/staging/iio/adc/ad7280a.c | 4 +- .../lustre/libcfs/linux/linux-crypto-adler.c | 1 + drivers/staging/lustre/lustre/libcfs/tracefile.c | 2 +- drivers/staging/rts5208/ms.c | 3 +- drivers/staging/usbip/stub_dev.c | 3 + drivers/staging/usbip/userspace/src/usbip_bind.c | 9 + drivers/staging/usbip/userspace/src/usbip_list.c | 9 + drivers/staging/usbip/vhci_hcd.c | 2 + drivers/tty/n_tty.c | 6 + drivers/tty/serial/8250/8250_pci.c | 11 + drivers/tty/serial/atmel_serial.c | 1 + drivers/tty/serial/sh-sci.c | 2 + drivers/tty/vt/vt.c | 8 +- drivers/usb/class/cdc-acm.c | 5 +- drivers/usb/core/message.c | 4 + drivers/usb/core/quirks.c | 6 +- drivers/usb/dwc3/gadget.c | 2 + drivers/usb/gadget/f_fs.c | 9 +- drivers/usb/host/ohci-q.c | 17 +- drivers/usb/host/xhci-pci.c | 3 + drivers/usb/host/xhci.c | 3 + drivers/usb/host/xhci.h | 1 + drivers/usb/misc/ldusb.c | 6 + drivers/usb/mon/mon_text.c | 124 +++-- drivers/usb/serial/Kconfig | 3 + drivers/usb/serial/io_edgeport.c | 1 - drivers/usb/serial/option.c | 5 + drivers/usb/serial/pl2303.c | 1 + drivers/usb/serial/pl2303.h | 1 + drivers/usb/serial/usb-serial-simple.c | 26 +- drivers/usb/storage/uas.c | 22 +- drivers/usb/storage/unusual_devs.h | 7 + drivers/vhost/net.c | 1 + drivers/video/console/dummycon.c | 1 - drivers/video/fbdev/atmel_lcdfb.c | 10 +- drivers/video/fbdev/sbuslib.c | 4 +- drivers/xen/events/events_base.c | 4 +- drivers/xen/manage.c | 9 +- fs/aio.c | 134 +++-- fs/btrfs/backref.c | 11 +- fs/btrfs/inode.c | 44 +- fs/btrfs/tree-log.c | 14 +- fs/btrfs/volumes.c | 11 +- fs/cifs/cifsencrypt.c | 3 +- fs/cifs/cifssmb.c | 4 +- fs/cifs/connect.c | 4 +- fs/cifs/file.c | 26 +- fs/cifs/misc.c | 14 +- fs/cifs/smb2pdu.c | 6 +- fs/dcache.c | 11 +- fs/ext4/balloc.c | 17 +- fs/ext4/ialloc.c | 6 + fs/ext4/inode.c | 6 + fs/ext4/super.c | 1 + fs/f2fs/segment.c | 5 +- fs/hugetlbfs/inode.c | 26 +- fs/jffs2/fs.c | 1 - fs/kernfs/file.c | 2 +- fs/namei.c | 5 +- fs/ncpfs/ncplib_kernel.c | 4 + fs/nfs/direct.c | 4 +- fs/nfs/idmap.c | 6 +- fs/nfs/internal.h | 1 - fs/nfs/nfs4sysctl.c | 2 +- fs/nfs/pagelist.c | 26 +- fs/nfs/pnfs.c | 6 +- fs/nfs/super.c | 2 + fs/nfs/write.c | 2 + fs/ocfs2/cluster/nodemanager.c | 63 ++- fs/pipe.c | 198 ++++--- include/crypto/hash.h | 34 +- include/crypto/internal/hash.h | 2 + include/drm/drm_crtc_helper.h | 1 + include/linux/crypto.h | 8 + include/linux/fs.h | 4 + include/linux/libata.h | 1 + include/linux/mlx5/driver.h | 4 +- include/linux/mmc/sdhci.h | 1 + include/linux/nospec.h | 3 +- include/linux/pipe_fs_i.h | 4 +- include/linux/skbuff.h | 17 + include/linux/usb/quirks.h | 3 + include/linux/workqueue.h | 1 + include/net/ip.h | 11 +- include/net/ip_fib.h | 1 + include/net/regulatory.h | 2 +- include/net/route.h | 3 +- include/net/sch_generic.h | 8 + include/net/sctp/sctp.h | 7 +- include/net/udplite.h | 1 + include/scsi/libsas.h | 34 +- include/uapi/linux/if_ether.h | 3 + include/uapi/linux/usb/audio.h | 4 +- include/xen/xen-ops.h | 1 + kernel/async.c | 20 +- kernel/events/hw_breakpoint.c | 30 +- kernel/hrtimer.c | 7 +- kernel/posix-timers.c | 15 +- kernel/relay.c | 2 +- kernel/sysctl.c | 33 +- kernel/trace/trace_kprobe.c | 4 +- kernel/trace/trace_probe.c | 8 +- kernel/trace/trace_probe.h | 2 +- kernel/workqueue.c | 16 + mm/hugetlb.c | 9 + mm/madvise.c | 3 +- mm/memory.c | 2 +- mm/mempolicy.c | 3 + mm/vmscan.c | 14 +- net/9p/trans_virtio.c | 3 +- net/batman-adv/bat_iv_ogm.c | 16 +- net/batman-adv/distributed-arp-table.c | 2 +- net/batman-adv/fragmentation.c | 3 +- net/batman-adv/gateway_client.c | 3 + net/batman-adv/hard-interface.c | 9 +- net/batman-adv/multicast.c | 4 +- net/batman-adv/originator.c | 4 +- net/batman-adv/originator.h | 4 +- net/batman-adv/routing.c | 21 +- net/batman-adv/soft-interface.c | 8 +- net/batman-adv/types.h | 9 +- net/bluetooth/hidp/core.c | 3 +- net/bridge/br_sysfs_if.c | 3 + net/bridge/netfilter/ebt_among.c | 55 +- net/bridge/netfilter/ebtables.c | 17 +- net/core/dev.c | 13 +- net/core/skbuff.c | 11 +- net/dccp/proto.c | 5 + net/decnet/af_decnet.c | 62 ++- net/ipv4/igmp.c | 4 + net/ipv4/ip_sockglue.c | 21 +- net/ipv4/ip_tunnel.c | 30 +- net/ipv4/ip_vti.c | 2 - net/ipv4/netfilter/ipt_CLUSTERIP.c | 24 +- net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 6 +- net/ipv4/route.c | 114 ++-- net/ipv4/udp.c | 5 + net/ipv4/xfrm4_policy.c | 1 + net/ipv6/ip6_checksum.c | 5 + net/ipv6/ip6_output.c | 13 +- net/ipv6/ipv6_sockglue.c | 27 +- net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 18 +- net/ipv6/netfilter/nf_nat_l3proto_ipv6.c | 4 + net/l2tp/l2tp_core.c | 202 +++---- net/l2tp/l2tp_core.h | 26 +- net/l2tp/l2tp_ip.c | 10 +- net/l2tp/l2tp_ip6.c | 8 +- net/l2tp/l2tp_ppp.c | 126 ++--- net/mac80211/cfg.c | 2 +- net/netfilter/nf_nat_proto_common.c | 7 +- net/netfilter/xt_IDLETIMER.c | 9 +- net/netfilter/xt_LED.c | 12 +- net/netfilter/xt_RATEEST.c | 22 +- net/netlink/af_netlink.c | 3 + net/netlink/genetlink.c | 12 +- net/nfc/llcp_commands.c | 4 + net/nfc/netlink.c | 3 +- net/sched/sch_netem.c | 6 +- net/sctp/sm_make_chunk.c | 8 +- net/xfrm/xfrm_user.c | 21 +- security/integrity/ima/ima_appraise.c | 3 +- sound/core/oss/pcm_oss.c | 4 +- sound/core/pcm_native.c | 2 +- sound/core/seq/seq_clientmgr.c | 29 +- sound/core/seq/seq_fifo.c | 2 +- sound/core/seq/seq_memory.c | 14 +- sound/core/seq/seq_memory.h | 3 +- sound/core/seq/seq_prioq.c | 28 +- sound/core/seq/seq_prioq.h | 6 +- sound/core/seq/seq_queue.c | 28 +- sound/drivers/aloop.c | 17 +- sound/pci/hda/patch_realtek.c | 25 +- sound/soc/au1x/ac97c.c | 6 +- sound/soc/codecs/rt5651.c | 1 + sound/soc/nuc900/nuc900-ac97.c | 4 +- sound/usb/pcm.c | 9 + sound/usb/quirks-table.h | 47 ++ tools/perf/builtin-record.c | 13 + tools/perf/util/annotate.c | 8 +- tools/perf/util/evlist.c | 28 + tools/perf/util/evlist.h | 3 + tools/perf/util/session.c | 3 +- .../testing/selftests/rcutorture/bin/configinit.sh | 2 +- tools/testing/selftests/rcutorture/bin/kvm.sh | 4 +- virt/kvm/kvm_main.c | 3 +- 367 files changed, 3696 insertions(+), 2110 deletions(-) AMAN DEEP (1): usb: ohci: Proper handling of ed_rm_list to handle race condition between usb_kill_urb() and finish_unlinks() Adrian Hunter (2): mmc: sdhci: Allow override of mmc host operations mmc: sdhci-pci: Fix S0i3 for Intel BYT-based controllers Al Viro (2): Bluetooth: hidp_connection_add() unsafe use of l2cap_pi() lock_parent() needs to recheck if dentry got __dentry_kill'ed under it Alaa Hleihel (1): IB/ipoib: Do not warn if IPoIB debugfs doesn't exist Alex Deucher (2): drm/radeon: Add dpm quirk for Jet PRO (v2) drm/radeon: fix KV harvesting Alexander Graf (1): KVM: PPC: Book3S PR: Fix svcpu copying with preemption enabled Alexander Potapenko (1): netlink: make sure nladdr has correct size in netlink_connect() Alexandra Yates (3): ahci: add new Intel device IDs ahci: Order SATA device IDs for codename Lewisburg Adding Intel Lewisburg device IDs for SATA Alexandru Ardelean (1): staging: iio: adc: ad7192: fix external frequency setting Alexey Kodanev (4): dccp: check sk for closed state in dccp_sendmsg() sctp: verify size of a new chunk in _sctp_make_chunk() udplite: fix partial checksum initialization sch_netem: fix skb leak in netem_enqueue() Andi Shyti (1): Input: mms114 - fix license module information Andri Yngvason (3): can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack can: cc770: Fix queue stall & dropped RTR reply can: cc770: Fix use after free in cc770_tx_interrupt() Andy Lutomirski (1): x86/entry/64: Don't use IST entry for #BP stack Andy Shevchenko (1): x86/cpu: Rename Merrifield2 to Moorefield Anna-Maria Gleixner (1): hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers) Arend Van Spriel (1): brcmfmac: fix P2P_DEVICE ethernet address generation Arkadi Sharshevsky (1): team: Fix double free in error path Arnaldo Carvalho de Melo (3): perf evlist: Introduce perf_evlist__new_dummy constructor perf record: Generate PERF_RECORD_{MMAP,COMM,EXEC} with --delay perf report: Fix -D output for user metadata events Arnd Bergmann (7): x86/pti: Mark constant arrays as __initconst media: exynos4-is: properly initialize frame format scsi: fas216: fix sense buffer initialization cifs: silence compiler warnings showing up with gcc-8.0.0 mm: hide a #warning for COMPILE_TEST cfg80211: fix cfg80211_beacon_dup x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() Ashok Raj (1): KVM/x86: Add IBPB support Aurelien Aptel (1): CIFS: zero sensitive data when freeing Baolin Wang (1): usb: gadget: f_fs: Fix possibe deadlock Bart Van Assche (1): pktcdvd: Fix pkt_setup_dev() error path Bastian Stender (1): mmc: block: fix updating ext_csd caches on ioctl call Ben Crocker (1): drm/radeon: insist on 32-bit DMA for Cedar on PPC64/PPC64LE Ben Hutchings (4): staging: android: ashmem: Fix a race condition in pin ioctls xen: Add xen_arch_suspend() skb: Add skb_postpush_rcsum() Linux 3.16.57 Benjamin Poirier (1): e1000e: Fix check_for_link return value with autoneg off Bjorn Andersson (1): PM / devfreq: Propagate error from devfreq_add_device() Boris Ostrovsky (1): xen/arm: Define xen_arch_suspend() Boris Pismenny (1): IB/mlx5: Fix integer overflows in mlx5_ib_create_srq Borislav Petkov (2): x86, microcode: Fix accessing dis_ucode_ldr on 32-bit x86/microcode/AMD: Do not load when running on a hypervisor Charles_Rose(a)Dell.com (1): ahci: Add Device ID for Intel Sunrise Point PCH Chien Tin Tung (1): RDMA/ucma: Correct option size check using optlen Christian Borntraeger (1): KVM: s390: provide io interrupt kvm_stat Christian König (2): drm/ttm: fix adding foreign BOs to the swap LRU drm/radeon: fix prime teardown order Christophe JAILLET (3): power: supply: ab8500_charger: Fix an error handling path power: supply: ab8500_charger: Bail out in case of error in 'ab8500_charger_init_hw_registers()' media: bt8xx: Fix err 'bt878_probe()' Clay McClure (1): ubi: Fix race condition between ubi volume creation and udev Colin Ian King (3): wl1251: check return from call to wl1251_acx_arp_ip_filter scsi: aacraid: remove redundant setting of variable c clocksource/drivers/fsl_ftm_timer: Fix error return checking Cong Wang (2): netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert netfilter: ipt_CLUSTERIP: fix a refcount bug in clusterip_config_find_get() Corentin Labbe (2): powerpc/pseries: Add empty update_numa_cpu_lookup_table() for NUMA=n ia64: convert unwcheck.py to python3 Dan Aloni (1): cifs: empty TargetInfo leads to crash on recovery Dan Carpenter (10): staging: ncpfs: memory corruption in ncp_read_kernel() cdrom: information leak in cdrom_ioctl_media_changed() media: cpia2: Fix a couple off by one bugs ASoC: nuc900: Fix a loop timeout test ath9k_htc: Add a sanity check in ath9k_htc_ampdu_action() ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() staging: lustre: libcfs: Prevent harmless read underflow staging: rts5208: Fix "seg_no" calculation in reset_ms_card() HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() ALSA: pcm: potential uninitialized return values Daniel N Pettersson (1): cifs: Fix autonegotiate security settings mismatch Danilo Krummrich (1): usb: quirks: add control message delay for 1b1c:1b20 Dave Hansen (1): x86/cpu: Rename "WESTMERE2" family to "NEHALEM_G" Dave Young (1): HID: add quirk for another PIXART OEM mouse used by HP David Ahern (1): net: Refactor rtable initialization David Matlack (1): KVM: nVMX: mark vmcs12 pages dirty on L2 exit David Rientjes (1): kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE David Woodhouse (11): x86/cpufeatures: Add Intel feature bits for Speculation Control x86/cpufeatures: Add AMD feature bits for Speculation Control x86/msr: Add definitions for new speculation control MSRs x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support x86/cpufeatures: Clean up Spectre v2 related CPUID flags x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel x86/speculation: Use IBRS if available before calling into firmware x86/speculation: Update Speculation Control microcode blacklist x86/speculation: Correct Speculation Control microcode blacklist again Dmitry Torokhov (1): Input: edt-ft5x06 - fix error handling for factory mode on non-M06 Dmitry Vyukov (1): netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check() Eran Ben Elisha (1): net/mlx4_en: Fix mixed PFC and Global pause user control requests Eric Biggers (15): crypto: hash - introduce crypto_hash_alg_has_setkey() crypto: cryptd - pass through absence of ->setkey() crypto: hash - annotate algorithms taking optional key crypto: hash - prevent using keyed hashes without setting key NFS: reject request for id_legacy key without auxdata pipe, sysctl: drop 'min' parameter from pipe-max-size converter pipe, sysctl: remove pipe_proc_fn() pipe: actually allow root to exceed the pipe buffer limits pipe: fix off-by-one error when checking buffer limits pipe: reject F_SETPIPE_SZ with size over UINT_MAX pipe: simplify round_pipe_size() pipe: read buffer limits atomically libata: fix length validation of ATAPI-relayed SCSI commands libata: remove WARN() for DMA or PIO command without data binder: check for binder_thread allocation failure in binder_poll() Eric Dumazet (4): net: igmp: add a missing rcu locking section netfilter: IDLETIMER: be syzkaller friendly l2tp: do not accept arbitrary sockets net: fix possible out-of-bound read in skb_network_protocol() Eric W. Biederman (4): signal/sh: Ensure si_signo is initialized in do_divide_error signal/openrisc: Fix do_unaligned_access to send the proper signal mn10300/misalignment: Use SIGSEGV SEGV_MAPERR to report a failed user copy fs: Teach path_connected to handle nfs filesystems with multiple roots. Erik Veijola (1): ALSA: usb-audio: Add a quirck for B&W PX headphones Ernesto A. Fernández (1): ext4: correct documentation for grpid mount option Eugene Syromiatnikov (1): s390: fix handling of -1 in set{,fs}[gu]id16 syscalls Felix Kuehling (1): drm/ttm: Don't add swapped BOs to swap-LRU list Florian Fainelli (2): pinctrl: Really force states during suspend/resume net: systemport: Rewrite __bcm_sysport_tx_reclaim() Florian Westphal (6): netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets netfilter: ebtables: fix erroneous reject of last rule xfrm_user: uncoditionally validate esn replay attribute struct netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt netfilter: bridge: ebt_among: add missing match size checks netfilter: bridge: ebt_among: add more missing match size checks Ganesh Mahendran (1): android: binder: use VM_ALLOC to get vm area Geert Uytterhoeven (1): RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo() Greg Kroah-Hartman (2): drm: udl: Properly check framebuffer mmap offsets USB: serial: pl2303: new device id for Chilitag Greg Kurz (1): 9p/trans_virtio: discard zero-length reply Guillaume Nault (3): l2tp: remove l2tp_tunnel_count and l2tp_session_count l2tp: don't close sessions in l2tp_tunnel_destruct() l2tp: avoid using ->tunnel_sock for getting session's parent tunnel Hans de Goede (10): ahci: Add PCI ids for Intel Bay Trail, Cherry Trail and Apollo Lake AHCI USB: cdc-acm: Do not log urb submission errors on disconnect uas: Log error codes when logging errors libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs ASoC: rt5651: Fix regcache sync errors on resume ahci: Add PCI-id for the Highpoint Rocketraid 644L card PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version Hans van Kranenburg (1): btrfs: alloc_chunk: fix DUP stripe size handling Hemant Kumar (1): usb: f_fs: Prevent gadget unbind if it is already unbound Horia Geantă (1): crypto: caam - fix endless loop when DECO acquire fails Hugh Dickins (1): mm: fix the NULL mapping case in __isolate_lru_page() Ilya Dryomov (1): rbd: whitelist RBD_FEATURE_OPERATIONS feature bit Ingo Molnar (1): x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP Ioana Ciornei (1): staging: iio: adc: remove the use of CamelCase Ivan Delalande (1): lkdtm: fix handle_irq_event symbol for INT_HW_IRQ_EN Ivan Vecera (2): kernfs: fix regression in kernfs_fop_write caused by wrong type net/mlx4_en: do not ignore autoneg in mlx4_en_set_pauseparam() J. Bruce Fields (1): NFS: commit direct writes even if they fail partially Jack Morgenstein (1): IB/mlx4: Fix incorrectly releasing steerable UD QPs when have only ETH ports Jack Stocker (1): Add delay-init quirk for Corsair K70 RGB keyboards Jake Daryll Obina (1): jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path Jakub Kicinski (1): net: fix race on decreasing number of TX queues James Chapman (5): l2tp: don't use inet_shutdown on tunnel destroy l2tp: don't use inet_shutdown on ppp session destroy l2tp: fix races with tunnel socket close l2tp: fix race in pppol2tp_release with session object destroy l2tp: fix tunnel lookup use-after-free race James Hogan (2): EDAC, octeon: Fix an uninitialized variable warning MIPS: Fix clean of vmlinuz.{32,ecoff,bin,srec} James Ralston (1): ahci: Remove Device ID for Intel Sunrise Point PCH Jan Beulich (1): x86/mm: Fix {pmd,pud}_{set,clear}_flags() Jan Chochol (1): nfs: Do not convert nfs_idmap_cache_timeout to jiffies Jan-Marek Glogowski (1): ALSA: hda/realtek: PCI quirk for Fujitsu U7x7 Jason Gunthorpe (1): sctp: Fix mangled IPv4 addresses on a IPv6 listening socket Jason Wang (1): vhost_net: stop device during reset owner Jason Yan (4): scsi: libsas: remove the numbering for each event enum scsi: libsas: fix memory leak in sas_smp_get_phy_events() scsi: libsas: fix error when getting phy events ata: do not schedule hot plug if it is a sas host Jean Delvare (1): firmware: dmi_scan: Fix handling of empty DMI strings Jens Axboe (1): aio: fix serial draining in exit_aio() Jeremy Boone (4): tpm_tis: fix potential buffer overruns caused by bit glitches on the bus tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the bus tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on the bus tpm: fix potential buffer overruns caused by bit glitches on the bus Jia-Ju Bai (1): USB: serial: io_edgeport: fix possible sleep-in-atomic Jim Mattson (1): KVM: nVMX: Eliminate vmcs02 pool Jiri Bohac (1): x86/gart: Exclude GART aperture from vmcore Joe Lawrence (3): pipe: avoid round_pipe_size() nr_pages overflow on 32-bit pipe: add proc_dopipe_max_size() to safely assign pipe_max_size sysctl: check for UINT_MAX before unsigned int min/max Joel Fernandes (1): staging: android: ashmem: Fix lockdep issue during llseek Johan Hovold (5): video: fbdev: atmel_lcdfb: fix display-timings lookup USB: serial: add support for multi-port simple drivers USB: serial: add Novatel Wireless GPS driver USB: serial: add Medtronic CareLink USB driver USB: serial: simple: add Motorola Tetra driver Johannes Berg (1): regulatory: add NUL to request alpha2 John Crispin (1): MIPS: ralink: Don't set pm_power_off Jonas Danielsson (1): tty/serial: atmel: add new version check for usart Ju Hyung Park (1): libata: Enable queued TRIM for Samsung SSD 860 Juergen Gross (2): x86/xen: init %gs very early to avoid page faults with stack protector x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend Julia Lawall (3): drivers: video: fbdev: atmel_lcdfb.c: fix error return code drm/radeon: adjust tested variable USB: usbmon: remove assignment from IS_ERR argument Julian Wiedmann (2): s390/qeth: fix SETIP command handling s390/qeth: free netdevice when removing a card Julien Gomes (1): tun: allow positive return values on dev_get_valid_name() call Justin Chen (1): MIPS: BMIPS: Do not mask IPIs during suspend Kai-Heng Feng (3): drm/edid: Add 6 bpc quirk for CPT panel in Asus UX303LA libata: disable LPM for Crucial BX100 SSD 500GB drive xhci: Fix front USB ports on ASUS PRIME B350M-A Kamil Konieczny (1): crypto: s5p-sss - Fix kernel Oops in AES-ECB mode KarimAllah Ahmed (3): KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL Karsten Koop (1): usb: ldusb: add PIDs for new CASSY devices supported by this driver Kees Cook (1): NFC: llcp: Limit size of SDP URI Kirill Marinushkin (1): ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit Konrad Rzeszutek Wilk (1): x86/spectre_v2: Don't check microcode versions when running under hypervisors Lars-Peter Clausen (1): iio: adis_lib: Initialize trigger before requesting interrupt Lassi Ylikojola (1): ALSA: usb-audio: add implicit fb quirk for Behringer UFX1204 Leon Romanovsky (11): RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure RDMA/ucma: Limit possible option size RDMA/ucma: Check that user doesn't overflow QP state RDMA/mlx5: Fix integer overflow while resizing CQ RDMA/ucma: Fix access to non-initialized CM_ID object RDMA/ucma: Don't allow join attempts for unsupported AF family RDMA/ucma: Check AF family prior resolving address RDMA/ucma: Fix use-after-free access in ucma_close RDMA/ucma: Ensure that CM_ID exists prior to access it RDMA/ucma: Check that device is connected prior to access it RDMA/ucma: Check that device exists prior to accessing it Linus Lüssing (2): batman-adv: fix multicast-via-unicast transmission with AP isolation batman-adv: fix packet loss for broadcasted DHCP packets to a server Linus Torvalds (3): kvm/x86: fix icebp instruction handling perf/hwbp: Simplify the perf-hwbp code, fix documentation tty: vt: fix up tabstops properly Linus Walleij (1): mtd: jedec_probe: Fix crash in jedec_read_mfr() Liu Bo (4): Btrfs: fix deadlock in run_delalloc_nocow Btrfs: fix crash due to not cleaning up tree log block's dirty bits Btrfs: fix extent state leak from tree log Btrfs: fix use-after-free on root->orphan_block_rsv Lukas Czerner (1): ext4: fix bitmap position validation Lukas Wunner (5): Revert "apple-gmux: lock iGP IO to protect from vgaarb changes" workqueue: Allow retrieval of current task's work struct drm: Allow determining if current task is output poll worker drm/nouveau: Fix deadlock on runtime suspend drm/radeon: Fix deadlock on runtime suspend Maciej W. Rozycki (1): MIPS: Normalise code flow in the CpU exception handler Malcolm Priestley (2): media: dvb-usb-v2: lmedm04: Improve logic checking of warm start media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner Marc Kleine-Budde (1): slip: sl_alloc(): remove unused parameter "dev_t line" Marc Zyngier (2): arm: KVM: Fix SMCCC handling of unimplemented SMC/HVC calls arm64: KVM: Increment PC after handling an SMC trap Mark Rutland (1): arm64: remove __die()'s stack dump Masahiro Yamada (1): mmc: sdhci: export sdhci_execute_tuning() Masami Hiramatsu (1): tracing: probeevent: Fix to support minus offset from symbol Masatake YAMATO (1): route: remove unsed variable in __mkroute_input Matt Redfearn (1): MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS Matthew Wilcox (1): cifs: Fix missing put_xid in cifs_file_strict_mmap Matthias Schiffer (4): batman-adv: fix packet checksum in receive path batman-adv: invalidate checksum on fragment reassembly batman-adv: update data pointers after skb_cow() batman-adv: fix header size check in batadv_dbg_arp() Mauro Carvalho Chehab (1): media: cxusb, dib0700: ignore XC2028_I2C_FLUSH Max Filippov (1): xtensa: fix futex_atomic_cmpxchg_inatomic Mel Gorman (1): mm: pin address_space before dereferencing it while isolating an LRU page Michael Kerrisk (man-pages) (8): pipe: relocate round_pipe_size() above pipe_set_size() pipe: move limit checking logic into pipe_set_size() pipe: refactor argument for account_pipe_buffers() pipe: fix limit checking in pipe_set_size() pipe: simplify logic in alloc_pipe_info() pipe: fix limit checking in alloc_pipe_info() pipe: make account_pipe_buffers() return a value, and use it pipe: cap initial pipe capacity according to pipe-max-size limit Michael Lyle (1): bcache: don't attach backing with duplicate UUID Michael Weiser (2): arm64: Disable unhandled signal log messages by default arm64: Remove unimplemented syscall log message Michel Dänzer (1): drm/radeon: Don't turn off DP sink when disconnected Mika Westerberg (1): ahci: Add Intel Cannon Lake PCH-H PCI ID Mike Kravetz (2): hugetlbfs: fix offset overflow in hugetlbfs mmap hugetlbfs: check for pgoff value overflow Mikulas Patocka (2): alpha: fix reboot on Avanti platform alpha: fix crash if pthread_create races with signal delivery Mimi Zohar (1): ima: relax requiring a file signature for new files with zero length Miquel Raynal (1): mtd: nand: Fix nand_do_read_oob() return value Namjae Jeon (1): cifs: fix memory leak when password is supplied multiple times Nathan Fontenot (1): powerpc/numa: Invalidate numa_cpu_lookup_table on cpu remove NeilBrown (1): MIPS: ralink: Remove ralink_halt() Nicholas Piggin (1): powerpc/64: Don't trace irqs-off at interrupt return to soft-disabled context Nicolas Dichtel (2): netlink: ensure to loop over all netns in genlmsg_multicast_allns() netlink: avoid a double skb free in genlmsg_mcast() Nicolas Pitre (1): console/dummy: leave .con_font_get set to NULL Nikola Ciprich (1): serial: 8250_pci: Add Brainboxes UC-260 4 port serial device Nikolay Borisov (1): btrfs: Handle btrfs_set_extent_delalloc failure in fixup worker OKAMOTO Yoshiaki (1): usb: option: Add support for FS040U modem Oleg Nesterov (2): aio: change exit_aio() to load mm->ioctx_table once and avoid rcu_read_lock() aio: kill the misleading rcu read locks in ioctx_add_table() and kill_ioctx() Oliver Neukum (3): usb: uas: unconditionally bring back host after reset CDC-ACM: apply quirk for card reader uas: fix comparison for error code Paolo Abeni (7): netfilter: on sockopt() acquire sock lock only in the required scope netfilter: drop outermost socket lock in getsockopt() netfilter: x_tables: fix missing timer initialization in xt_LED netfilter: nat: cope with negative port range dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock l2tp: fix races with ipv4-mapped ipv6 addresses ipv6: the entire IPv6 header chain must fit the first fragment Paolo Bonzini (6): KVM: x86: rename update_db_bp_intercept to update_bp_intercept KVM: x86: pass host_initiated to functions that read MSRs KVM: VMX: introduce alloc_loaded_vmcs KVM: VMX: make MSR bitmaps per-VCPU KVM/x86: Remove indirect MSR op calls from SPEC_CTRL KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() Parav Pandit (1): RDMA/cma: Use correct size when writing netlink stats Pete Zaitcev (1): usb: usbmon: Read text within supplied buffer size Peter Malone (1): fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper(). Peter Zijlstra (1): x86/speculation: Add <asm/msr-index.h> dependency Petr Machata (1): ip_tunnel: Emit events for post-register MTU changes Raghava Aditya Renukunta (1): scsi: aacraid: Fix udev inquiry race condition Rasmus Villemoes (2): kernel/async.c: revert "async: simplify lowest_in_progress()" nospec: Allow index argument to have const-qualified type Roger Pau Monne (1): xen/pirq: fix error path cleanup when binding MSIs Sabrina Dubroca (1): ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu Scott Lawson (1): AHCI: Remove obsolete Intel Lewisburg SATA RAID device IDs Scott Mayhew (1): nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds SeongJae Park (2): rcutorture/configinit: Fix build directory error message rcutorture/kvm.sh: Use consistent help text for --qemu-args Sergey Senozhatsky (1): arm64: do not use print_symbol() Seunghun Han (1): x86/MCE: Serialize sysfs changes Shaohua Li (1): ata: Add a new flag to destinguish sas controller Shawn Lin (2): mmc: dw_mmc: Factor out dw_mci_init_slot_caps mmc: dw_mmc: Fix out-of-bounds access for slot's caps Shuah Khan (3): usbip: prevent bind loops on devices attached to vhci_hcd usbip: list: don't list devices attached to vhci_hcd usbip: keep usbip_device sockfd state in sync with tcp_socket Simon Shields (1): ARM: dts: exynos: Correct Trats2 panel reset line Stefan Agner (1): spi: imx: do not access registers while clocks disabled Stefan Roese (1): ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() Stefan Windfeldt-Prytz (1): iio: buffer: check if a buffer has been set up when poll is called Stefano Brivio (3): vti4: Don't count header length twice on tunnel setup ip_tunnel: Clamp MTU to bounds on new link vti4: Don't override MTU passed on link creation via IFLA_MTU Stephan Mueller (1): crypto: af_alg - whitelist mask and type Sven Eckelmann (2): batman-adv: Fix internal interface indices types batman-adv: Fix skbuff rcsum on packet reroute Takashi Iwai (8): ALSA: seq: Fix racy pool initializations ALSA: seq: Don't allow resizing pool in use ALSA: seq: More protection for concurrent write and ioctl races ALSA: seq: Fix possible UAF in snd_seq_check_queue() ALSA: seq: Clear client entry before deleting else at closing ALSA: hda/realtek - Always immediately update mute LED with pin VREF ALSA: aloop: Sync stale timer before release ALSA: aloop: Fix access to not-yet-ready substream via cable Tang Junhui (1): bcache: fix crashes in duplicate cache device register Tariq Toukan (1): net/mlx4_core: Cleanup FMR unmapping flow Teijo Kinnunen (1): USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h Tejun Heo (3): tty: make n_tty_read() always abort if hangup is in progress fs/aio: Add explicit RCU grace period when freeing kioctx fs/aio: Use RCU accessors for kioctx_table->table[] Theodore Ts'o (2): ext4: fail ext4_iget for root directory if unallocated ext4: add validity checks for bitmap block numbers Thinh Nguyen (1): usb: dwc3: gadget: Set maxpacket size for ep0 IN Thomas Gleixner (1): posix-timers: Protect posix clock array access against speculation Thomas Richter (1): perf annotate: Fix objdump comment parsing for Intel mov dissassembly Tim Chen (1): x86/speculation: Use Indirect Branch Prediction Barrier in context switch Tobias Jordan (1): spi: sun6i: disable/unprepare clocks on remove Todd Kjos (1): binder: replace "%p" with "%pK" Tony Luck (1): x86/MCE: Save microcode revision in machine check records Toshiaki Makita (2): net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off net: Fix untag for vlan packets without ethernet header Trond Myklebust (2): NFS: Add a cond_resched() to nfs_commit_release_pages() NFS: Fix 2 use after free issues in the I/O code Tyrel Datwyler (1): scsi: ibmvfc: fix misdefined reserved field in ibmvfc_fcp_rsp_info Ulf Magnusson (1): ARM: mvebu: Fix broken PL310_ERRATA_753970 selects Ulrich Hecht (1): serial: sh-sci: prevent lockup on full TTY buffers Vinicius Costa Gomes (1): skbuff: Fix not waking applications when errors are enqueued Viresh Kumar (4): arm: spear600: Add missing interrupt-parent of rtc arm: spear13xx: Fix dmas cells arm: spear13xx: Fix spics gpio controller's warning cpufreq: s3c24xx: Fix broken s3c_cpufreq_init() Wang Nan (1): x86/traps: Enable DEBUG_STACK after cpu_init() for TRAP_DB/BP Wanpeng Li (1): KVM: mmu: Fix overlap between public and private memslots Wei Yongjun (1): mtd: ubi: wl: Fix error return code in ubi_wl_init() Will Deacon (2): arm64: traps: Don't print stack or raw PC/LR values in backtraces arm64: __show_regs: Only resolve kernel symbols when running at EL1 Xin Long (4): bridge: check brport attr show in brport_show bonding: fix the err path for dev hwaddr sync in bond_enslave bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave bonding: process the err returned by dev_set_allmulti properly in bond_enslave Yisheng Xie (2): staging: android: ashmem: Fix possible deadlock in ashmem_ioctl mm/mempolicy.c: avoid use uninitialized preferred_node Yufen Yu (1): md raid10: fix NULL deference in handle_write_completed() Yunlei He (1): f2fs: fix a panic caused by NULL flush_cmd_control Zhang Bo (1): Input: matrix_keypad - fix race when disabling interrupts Zhouyi Zhou (1): ext4: save error to disk in __ext4_grp_locked_error() Zygo Blaxell (1): btrfs: remove spurious WARN_ON(ref->count < 0) in find_parent_nodes alex chen (1): ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent chenjie (1): mm/madvise.c: fix madvise() infinite loop under special circumstances mulhern (1): dm thin: fix documentation relative to low water mark threshold

7 years, 4 months

1
0
0 0

[GIT PULL] commits for Linux 4.16

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.16 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit d19433b3d3b9b4f7b0d913403769c6b039389f0a: Linux 4.16.13 (2018-05-30 08:17:45 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.16-05062018 for you to fetch changes up to e65c8bddc0a16501a1ecc0da8345199b92581a2e: ARM: fix kill( ,SIGFPE) breakage (2018-05-30 11:24:37 -0400) - ---------------------------------------------------------------- for-greg-4.16-05062018 - ---------------------------------------------------------------- Adam Ford (2): ARM: dts: logicpd-som-lv: Fix WL127x Startup Issues ARM: dts: logicpd-som-lv: Fix Audio Mute Alexey Dobriyan (2): proc: revalidate kernel thread inodes to root:root proc: fix /proc/loadavg regression Amir Goldstein (2): fsnotify: fix ignore mask logic in send_to_group() <linux/stringhash.h>: fix end_name_hash() for 64bit long Andre Przywara (1): KVM: arm/arm64: vgic: Kick new VCPU on interrupt migration Andres Rodriguez (1): drm/amdkfd: fix clock counter retrieval for node without GPU Andrey Grodzovsky (1): drm/amdgpu: Switch to interruptable wait to recover from ring hang. Andrzej Hajda (1): drm/exynos/mixer: fix synchronization check in interlaced mode Andy Lutomirski (1): x86/selftests: Add mov_to_ss test Anson Huang (1): clocksource/drivers/imx-tpm: Correct some registers operation flow Arnaldo Carvalho de Melo (1): perf report: Fix switching to another perf.data file Arnd Bergmann (2): hexagon: add memset_io() helper hexagon: export csum_partial_copy_nocheck Arvind Yadav (2): HID: wacom: Release device resource data obtained by devres_alloc() HID: intel-ish-hid: use put_device() instead of kfree() Ashish Samant (1): ocfs2: take inode cluster lock before moving reflinked inode from orphan dir Aurelien Jarno (1): RISC-V: build vdso-dummy.o with -no-pie Balbir Singh (1): powerpc/powernv/memtrace: Let the arch hotunplug code flush cache Baolin Wang (3): parisc: time: Convert read_persistent_clock() to read_persistent_clock64() i2c: sprd: Prevent i2c accesses after suspend is called i2c: sprd: Fix the i2c count issue Ben Hutchings (2): drm/msm: Fix possible null dereference on failure of get_pages() mtd: Fix comparison in map_word_andequal() Bhadram Varka (2): arm64: tegra: Make BCM89610 PHY interrupt as active low net: phy: broadcom: add support for BCM89610 PHY Changbin Du (1): iommu/vt-d: fix shift-out-of-bounds in bug checking Chen Yu (1): ACPI / PM: Blacklist Low Power S0 Idle _DSM for ThinkPad X1 Tablet(2016) Chengguang Xu (2): isofs: fix potential memory leak in mount option parsing nvme: fix potential memory leak in option parsing Chris Leech (1): scsi: iscsi: respond to netlink with unicast when appropriate Christoph Hellwig (1): riscv: select DMA_DIRECT_OPS instead of redefining it Christophe JAILLET (1): Input: synaptics-rmi4 - fix an unchecked out of memory error path Chuck Lever (1): xprtrdma: Fix list corruption / DMAR errors during MR recovery ClÃ©ment PÃ©ron (1): ARM: dts: cygnus: fix irq type for arm global timer Colin Ian King (3): scsi: isci: Fix infinite loop in while loop RDMA/iwpm: fix memory leak on map_info ixgbe: fix memory leak on ipsec allocation Dag Moxnes (1): rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp Dan Carpenter (2): drm/omap: silence unititialized variable warning drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl() Daniel Borkmann (3): bpf, x64: fix memleak when not converging after image bpf, x64: fix memleak when not converging on calls bpf: use array_index_nospec in find_prog_type Daniel GlÃ¶ckner (1): usb: musb: fix remote wakeup racing with suspend Darren Hart (1): platform/x86: DELL_WMI use depends on instead of select for DELL_SMBIOS Dave Airlie (1): drm: set FMODE_UNSIGNED_OFFSET for drm files Dave Hansen (11): x86/pkeys/selftests: Give better unexpected fault error messages x86/pkeys/selftests: Stop using assert() x86/pkeys/selftests: Remove dead debugging code, fix dprint_in_signal x86/pkeys/selftests: Avoid printf-in-signal deadlocks x86/pkeys/selftests: Allow faults on unknown keys x86/pkeys/selftests: Factor out "instruction page" x86/pkeys/selftests: Add PROT_EXEC test x86/pkeys/selftests: Fix pkey exhaustion test off-by-one x86/pkeys/selftests: Fix pointer math x86/pkeys/selftests: Save off 'prot' for allocations x86/pkeys/selftests: Add a test for pkey 0 Dave Young (1): kexec_file: do not add extra alignment to efi memmap David Gilhooley (1): arm64: Add MIDR encoding for NVIDIA CPUs David Howells (11): afs: Fix server record deletion vfs: Undo an overly zealous MS_RDONLY -> SB_RDONLY conversion rxrpc: Fix missing start of call timeout rxrpc: Fix error reception on AF_INET6 sockets rxrpc: Fix the min security level for kernel calls afs: Fix address list parsing afs: Fix refcounting in callback registration afs: Fix server rotation's handling of fileserver probe failure afs: Fix VNOVOL handling in address rotation afs: Fix the handling of CB.InitCallBackState3 to find the server by UUID afs: Fix the non-encryption of calls Emil Tantilov (1): ixgbe: return error on unsupported SFP module when resetting Emil Velikov (1): drm/msm: don't deref error pointer in the msm_fbdev_create error path Eric Anholt (1): drm/vc4: Fix oops dereferencing DPI's connector since panel_bridge. Etienne Carriere (1): tee: check shm references are consistent in offset/size Evan Wang (2): libahci: Allow drivers to override stop_engine ata: ahci: mvebu: override ahci_stop_engine for mvebu AHCI Florian Fainelli (2): soc: bcm: raspberrypi-power: Fix use of __packed net: ethtool: Add missing kernel doc for FEC parameters Ganesh Goudar (1): cxgb4: copy mbox log size to PF0-3 adap instances Geert Uytterhoeven (5): soc: bcm2835: Make !RASPBERRYPI_FIRMWARE dummies return failure dt-bindings: meson-uart: DT fix s/clocks-names/clock-names/ dt-bindings: mvebu-uart: DT fix s/interrupts-names/interrupt-names/ dt-bindings: panel: lvds: Fix path to display timing bindings mtd: rawnand: Fix return type of __DIVIDE() when called with 32-bit Gianluca Borello (1): bpf, x64: fix JIT emission for dead code Graeme Smecher (1): ARM: dts: correct missing "compatible" entry for ti81xx SoCs Greg Thelen (6): nvme: depend on INFINIBAND_ADDR_TRANS nvmet-rdma: depend on INFINIBAND_ADDR_TRANS ib_srpt: depend on INFINIBAND_ADDR_TRANS cifs: smbd: depend on INFINIBAND_ADDR_TRANS ib_srp: depend on INFINIBAND_ADDR_TRANS IB: make INFINIBAND_ADDR_TRANS configurable Hans de Goede (2): thermal: int3403_thermal: Fix NULL pointer deref on module load / probe HID: i2c-hid: Add RESEND_REPORT_DESCR quirk for Toshiba Click Mini L9W-B Heikki Krogerus (1): usb: typec: tps6598x: handle block reads separately with plain-I2C adapters Helge Deller (2): parisc: drivers.c: Fix section mismatches parisc: Move setup_profiling_timer() out of init section Huang Ying (1): mm, pagemap: fix swap offset value for PMD migration entry HÃ¥kon Bugge (1): IB/core: Make ib_mad_client_id atomic Igor Russkikh (2): net: aquantia: driver should correctly declare vlan_features bits net: aquantia: Limit number of vectors to actually allocated irqs Ilan Peer (1): mac80211: Adjust SAE authentication timeout Ingo Molnar (3): objtool, kprobes/x86: Sync the latest <asm/insn.h> header with tools/objtool/arch/x86/include/asm/insn.h x86/pkeys/selftests: Adjust the self-test to fresh distros that export the pkeys ABI x86/mpx/selftests: Adjust the self-test to fresh distros that export the MPX ABI Jack Morgenstein (1): IB/mlx4: Fix integer overflow when calculating optimal MTT size Jacopo Mondi (3): dt-bindings: net: ravb: Add support for r8a77965 SoC dt-bindings: serial: sh-sci: Add support for r8a77965 (H)SCIF dt-bindings: dmaengine: rcar-dmac: document R8A77965 support Jagannathan Raman (1): iommu/vt-d: Fix usage of force parameter in intel_ir_reconfigure_irte() Jakob Unterwurzacher (1): can: dev: increase bus-off message severity Jakub Kicinski (2): nfp: ignore signals when communicating with management FW nfp: don't depend on eth_tbl being available Janusz Krzysztofik (1): ARM: OMAP1: ams-delta: fix deferred_fiq handler Jeffrey Hugo (1): init: fix false positives in W+X checking Jerome Brunet (1): clk: honor CLK_MUX_ROUND_CLOSEST in generic clk mux Jianchao Wang (2): IB/rxe: add RXE_START_MASK for rxe_opcode IB_OPCODE_RC_SEND_ONLY_INV nvme: fix use-after-free in nvme_free_ns_head Jiang Biao (2): blkcg: don't hold blkcg lock when deactivating policy blkcg: init root blkcg_gq under lock Jim Gill (1): scsi: vmw-pvscsi: return DID_BUS_BUSY for adapter-initated aborts Jingju Hou (1): net: phy: marvell: clear wol event before setting it John Fastabend (1): bpf: fix uninitialized variable in bpf tools Jon Maloy (1): tipc: fix bug in function tipc_nl_node_dump_monitor Josh Poimboeuf (5): objtool: Fix "noreturn" detection for recursive sibling calls objtool: Support GCC 8's cold subfunctions objtool: Support GCC 8 switch tables objtool: Detect RIP-relative switch table references objtool: Detect RIP-relative switch table references, part 2 Julian Wiedmann (3): s390/qeth: fix MAC address update sequence s390/qeth: fix request-side race during cmd IO timeout s390/qeth: use Read device to query hypervisor for MAC Junaid Shahid (1): kvm: apic: Flush TLB after APIC mode/address change if VPIDs are in use Kan Liang (2): perf pmu: Fix core PMU alias list for X86 platform perf/x86/intel: Don't enable freeze-on-smi for PerfMon V1 KarimAllah Ahmed (1): X86/KVM: Properly update 'tsc_offset' to represent the running guest Keith Busch (3): nvme: Set integrity flag for user passthrough commands nvme/multipath: Disable runtime writable enabling parameter nvme/multipath: Fix multipath disabled naming collisions Kevin Easton (1): af_key: Always verify length of provided sadb_key Krish Sadhukhan (1): x86: Add check for APIC access address for vmentry of L2 guests Ladislav Michl (1): mtd: onenand: omap2: Disable DMA for HIGHMEM buffers Laura Abbott (1): proc/kcore: don't bounds check against address 0 Laurentiu Tudor (1): powerpc/kvm/booke: Fix altivec related build break Leo Yan (1): perf cs-etm: Support unknown_thread in cs_etm_auxtrace Leon Romanovsky (1): RDMA/mlx5: Properly check return value of mlx5_get_uars_page Liam Girdwood (1): ASoC: topology: Check widget kcontrols before deref. Linus Torvalds (2): mmap: introduce sane default mmap limits mmap: relax file size limit for regular files Loic Poulain (1): PCI: kirin: Fix reset gpio name Long Li (2): scsi: storvsc: Set up correct queue depth values for IDE devices cifs: Allocate validate negotiation request through kmalloc Lukasz Majewski (1): doc: Add vendor prefix for Kieback & Peter GmbH Madhavan Srinivasan (1): powerpc/64s: Default l1d_size to 64K in RFI fallback flush Marc Dionne (1): afs: Fix afs_find_server search loop Marian Rotariu (1): x86: Delay skip of emulated hypercall instruction Mark Rutland (7): arm64: kasan: avoid pfn_to_nid() before page array is initialized arm64: ptrace: remove addr_limit manipulation arm64: only advance singlestep for user instruction traps arm64: fix possible spectre-v1 in ptrace_hbp_get_event() KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_mmio_read_apr() bpf: fix possible spectre-v1 in find_and_alloc_map() efi/libstub/arm64: Handle randomized TEXT_OFFSET Markus Mayer (1): cpufreq: brcmstb-avs-cpufreq: remove development debug support Martin Blumenstingl (7): ARM64: dts: meson-gxl: add USB host support ARM64: dts: meson-gxm: add GXM specific USB host configuration ARM64: dts: meson-gxl-s905x-p212: enable the USB controller ARM64: dts: meson-gx-p23x-q20x: enable the USB controller ARM64: dts: meson-gxl-s905x-libretech-cc: enable the USB controller ARM64: dts: meson-gxl-nexbox-a95x: enable the USB controller ARM64: dts: meson-gxm-khadas-vim2: enable the USB controller Martin Schwidefsky (1): s390/smsgiucv: disable SMSG on module unload Masahiro Yamada (3): arm64: dts: uniphier: fix input delay value for legacy mode of eMMC reset: uniphier: fix USB clock line for LD20 gcc-plugins: fix build condition of SANCOV plugin Masami Hiramatsu (3): selftests: ftrace: Add a testcase for multiple actions on trigger kprobes/x86: Prohibit probing on exception masking instructions uprobes/x86: Prohibit probing on MOV SS instruction Matan Barak (1): IB/uverbs: Fix validating mandatory attributes Matheus Castello (1): dt-bindings: pinctrl: sunxi: Fix reference to driver Mathieu Malaterre (4): driver core: add __printf verification to __ata_ehi_pushv_desc agp: uninorth: make two functions static sched/debug: Move the print_rt_rq() and print_dl_rq() declarations to kernel/sched/sched.h sched/deadline: Make the grub_reclaim() function static Matt Redfearn (1): MIPS: dts: Boston: Fix PCI bus dtc warnings: Maxime Chevallier (1): net: mvpp2: Fix clk error path in mvpp2_probe Michael Ellerman (1): powerpc/pseries: Fix CONFIG_NUMA=n build Michael J. Ruhl (1): IB/hfi1 Use correct type for num_user_context Michal Kalderon (2): qed: Fix l2 initializations over iWARP personality qede: Fix gfp flags sent to rdma event node allocation Mika Westerberg (3): ACPI / scan: Initialize watchdog before PNP ACPI / watchdog: Prefer iTCO_wdt on Lenovo Z50-70 pinctrl: cherryview: Associate IRQ descriptors to irqdomain Minchan Kim (1): mm: memcg: add __GFP_NOWARN in __memcg_schedule_kmem_cache_create() Ming Lei (1): scsi: target: fix crash with iscsi target and dvd Nathan Fontenot (1): ibmvnic: Do not notify peers on parameter change resets Naveen N. Rao (2): powerpc/trace/syscalls: Update syscall name matching logic powerpc/trace/syscalls: Update syscall name matching logic to account for ppc_ prefix Nick Dyer (1): Input: atmel_mxt_ts - fix the firmware update Nikita Yushchenko (1): ARM: dts: imx51-zii-rdu1: fix touchscreen bindings Omar Sandoval (1): blk-mq: fix sysfs inflight counter Pablo Neira Ayuso (1): netfilter: nf_tables: NAT chain and extensions require NF_TABLES Paolo Bonzini (1): kvm: x86: move MSR_IA32_TSC handling to x86.c Parav Pandit (2): RDMA/cma: Fix use after destroy access to net namespace for IPoIB RDMA/cma: Do not query GID during QP state transition to RTR Paulo Alcantara (1): cifs: smb2ops: Fix listxattr() when there are no EAs Peter Rosin (3): i2c: pmcmsp: return message count on master_xfer success i2c: pmcmsp: fix error return from master_xfer i2c: viperboard: return message count on master_xfer success Peter Zijlstra (4): stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock kthread, sched/wait: Fix kthread_parkme() wait-loop kthread, sched/wait: Fix kthread_parkme() completion issue sched/core: Introduce set_special_state() Petr Mladek (2): livepatch: Initialize shadow variables safely by a custom callback livepatch: Allow to call a custom callback when freeing shadow variables Pierre-Louis Bossart (1): ASoC: Intel: atom: fix ACPI/PCI Kconfig Pieter Jansen van Vuuren (1): nfp: flower: split and limit cmsg skb lists Raghuram Chary J (1): lan78xx: PHY DSP registers initialization to address EEE link drop issues with long cables Ramon Fried (1): rpmsg: added MODULE_ALIAS for rpmsg_char Rich Felker (1): sh: fix build failure for J2 cpu with SMP disabled Rob Herring (2): spi: bcm2835aux: ensure interrupts are enabled for shared handler sh: switch to NO_BOOTMEM Roman Mashak (1): net sched actions: fix invalid pointer dereferencing if skbedit flags missing Russell King (4): ARM: keystone: fix platform_domain_notifier array overrun ARM: kexec: fix kdump register saving on panic() ARM: replace unnecessary perl with sed and the shell $(( )) operator ARM: fix kill( ,SIGFPE) breakage Sara Sharon (1): mac80211: use timeout from the AddBA response instead of the request Sebastian Sanchez (2): IB/{hfi1, rdmavt}: Fix memory leak in hfi1_alloc_devdata() upon failure IB/hfi1: Fix memory leak in exception path in get_irq_affinity() Sekhar Nori (9): ARM: dts: da850: fix W=1 warnings with pinmux node ARM: davinci: board-da830-evm: fix GPIO lookup for MMC/SD ARM: davinci: board-da850-evm: fix GPIO lookup for MMC/SD ARM: davinci: board-omapl138-hawk: fix GPIO numbers for MMC/SD lookup ARM: davinci: board-dm355-evm: fix broken networking ARM: davinci: fix GPIO lookup for I2C ARM: davinci: dm646x: fix timer interrupt generation ARM: davinci: board-dm646x-evm: pass correct I2C adapter id for VPIF ARM: davinci: board-dm646x-evm: set VPIF capture card name Simon Gaiser (1): xen: xenbus_dev_frontend: Really return response string Sinan Kaya (2): MIPS: io: Prevent compiler reordering writeX() MIPS: io: Add barrier after register read in readX() Srinath Mannam (1): arm64: dts: correct SATA addresses for Stingray Srinivas Kandagatla (1): ASoC: msm8916-wcd-analog: use threaded context for mbhc events Stefan Agner (2): drm/msm/dsi: use correct enum in dsi_get_cmd_fmt clk: imx6ull: use OSC clock during AXI rate change Stefan Raspl (1): smc: fix sendpage() call Stefano Brivio (1): vti6: Change minimum MTU to IPV4_MIN_MTU, vti6 can carry IPv4 too Steve French (1): CIFS: set *resp_buf_type to NO_BUFFER on error Taehee Yoo (1): netfilter: nf_tables: fix out-of-bounds in nft_chain_commit_update Tero Kristo (1): ARM: OMAP2+: powerdomain: use raw_smp_processor_id() for trace Tobias Jakobi (1): drm/exynos: mixer: avoid Oops in vp_video_buffer() Tobias Jordan (1): remoteproc: qcom: Fix potential device node leaks Tobias Regnery (1): usb: typec: ucsi: fix tracepoint related build error Tomi Valkeinen (4): drm/omap: fix uninitialized ret variable drm/omap: fix possible NULL ref issue in tiler_reserve_2d drm/omap: check return value from soc_device_match drm/omap: handle alloc failures in omap_connector Tony Lindgren (1): ARM: dts: Fix cm2 and prm sizes for omap4 Tung Nguyen (1): tipc: fix infinite loop when dumping link monitor summary Tyler Hicks (1): eCryptfs: don't pass up plaintext names when using filename encryption Vinicius Costa Gomes (1): igb: Fix the transmission mode of queue 0 for Qav mode Vinson Lee (1): scsi: megaraid_sas: Do not log an error if FW successfully initializes. Vladimir Zapolskiy (1): spi: sh-msiof: Fix bit field overflow writes to TSCR/RSCR Waiman Long (2): locking/rwsem: Add a new RWSEM_ANONYMOUSLY_OWNED flag locking/percpu-rwsem: Annotate rwsem ownership transfer by setting RWSEM_OWNER_UNKNOWN Wanpeng Li (2): KVM: Extend MAX_IRQ_ROUTES to 4096 for all archs KVM: X86: Lower the default timer frequency limit to 200us Yan Wang (1): ASoC: topology: Fix bugs of freeing soc topology Ying Xue (1): tipc: eliminate KMSAN uninit-value in strcmp complaint Yixun Lan (1): pinctrl: meson-axg: fix the range of aobus bank Yury Norov (1): lib/find_bit_benchmark.c: avoid soft lockup in test_find_first_bit() Zhu Yanjun (1): IB/rxe: avoid double kfree_skb dann frazier (1): net: hns: Avoid action name truncation hu huajun (1): KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update jacek.tomaka(a)poczta.fm (1): x86/cpu/intel: Add missing TLB cpuid values oder_chiou(a)realtek.com (1): ASoC: rt5514: Add the missing register in the readable table oulijun (4): RDMA/hns: Bugfix for init hem table RDMA/hns: Intercept illegal RDMA operation when use inline data RDMA/hns: Fix the qp context state diagram RDMA/hns: Submit bad wr pgzh (1): HID: lenovo: Add support for IBM/Lenovo Scrollpoint mice sxauwsk (1): spi: cadence: Add usleep_range() for cdns_spi_fill_tx_fifo() van der Linden, Frank (1): x86/xen: Reset VCPU0 info pointer after shared_info remap Åukasz Stelmach (2): ARM: 8753/1: decompressor: add a missing parameter to the addruart macro ARM: 8758/1: decompressor: restore r1 and r2 just before jumping to the kernel .../bindings/display/panel/panel-common.txt | 2 +- .../devicetree/bindings/dma/renesas,rcar-dmac.txt | 1 + .../devicetree/bindings/net/renesas,ravb.txt | 1 + .../bindings/pinctrl/allwinner,sunxi-pinctrl.txt | 6 +- .../bindings/serial/amlogic,meson-uart.txt | 2 +- .../devicetree/bindings/serial/mvebu-uart.txt | 2 +- .../bindings/serial/renesas,sci-serial.txt | 2 + .../devicetree/bindings/vendor-prefixes.txt | 1 + Documentation/livepatch/shadow-vars.txt | 41 ++- arch/arm/boot/compressed/Makefile | 8 +- arch/arm/boot/compressed/head.S | 20 +- arch/arm/boot/dts/bcm-cygnus.dtsi | 2 +- arch/arm/boot/dts/da850.dtsi | 2 - arch/arm/boot/dts/dm8148-evm.dts | 2 +- arch/arm/boot/dts/dm8148-t410.dts | 2 +- arch/arm/boot/dts/dm8168-evm.dts | 2 +- arch/arm/boot/dts/dra62x-j5eco-evm.dts | 2 +- arch/arm/boot/dts/imx51-zii-rdu1.dts | 6 +- arch/arm/boot/dts/logicpd-som-lv.dtsi | 11 +- arch/arm/boot/dts/omap4.dtsi | 8 +- arch/arm/include/uapi/asm/siginfo.h | 13 - arch/arm/kernel/machine_kexec.c | 34 ++- arch/arm/mach-davinci/board-da830-evm.c | 9 +- arch/arm/mach-davinci/board-da850-evm.c | 9 +- arch/arm/mach-davinci/board-dm355-evm.c | 15 +- arch/arm/mach-davinci/board-dm644x-evm.c | 10 +- arch/arm/mach-davinci/board-dm646x-evm.c | 5 +- arch/arm/mach-davinci/board-omapl138-hawk.c | 10 +- arch/arm/mach-davinci/dm646x.c | 3 +- arch/arm/mach-keystone/pm_domain.c | 1 + arch/arm/mach-omap1/ams-delta-fiq.c | 28 +- arch/arm/mach-omap2/powerdomain.c | 4 +- arch/arm/vfp/vfpmodule.c | 2 +- .../arm64/boot/dts/amlogic/meson-gx-p23x-q20x.dtsi | 4 + .../dts/amlogic/meson-gxl-s905x-libretech-cc.dts | 12 + .../dts/amlogic/meson-gxl-s905x-nexbox-a95x.dts | 4 + .../boot/dts/amlogic/meson-gxl-s905x-p212.dtsi | 4 + arch/arm64/boot/dts/amlogic/meson-gxl.dtsi | 61 ++++ .../boot/dts/amlogic/meson-gxm-khadas-vim2.dts | 4 + arch/arm64/boot/dts/amlogic/meson-gxm.dtsi | 17 ++ .../boot/dts/broadcom/stingray/stingray-sata.dtsi | 80 ++--- arch/arm64/boot/dts/nvidia/tegra186-p3310.dtsi | 2 +- arch/arm64/boot/dts/socionext/uniphier-ld11.dtsi | 2 +- arch/arm64/boot/dts/socionext/uniphier-ld20.dtsi | 2 +- arch/arm64/boot/dts/socionext/uniphier-pxs3.dtsi | 2 +- arch/arm64/include/asm/cputype.h | 6 + arch/arm64/kernel/ptrace.c | 20 +- arch/arm64/kernel/traps.c | 3 +- arch/arm64/mm/kasan_init.c | 4 +- arch/hexagon/include/asm/io.h | 6 + arch/hexagon/lib/checksum.c | 1 + arch/mips/boot/dts/img/boston.dts | 6 + arch/mips/include/asm/io.h | 4 +- arch/parisc/kernel/drivers.c | 7 +- arch/parisc/kernel/smp.c | 3 +- arch/parisc/kernel/time.c | 2 +- arch/powerpc/include/asm/ftrace.h | 29 +- arch/powerpc/include/asm/topology.h | 13 +- arch/powerpc/kernel/setup_64.c | 11 + arch/powerpc/kvm/booke.c | 7 + arch/powerpc/platforms/cell/spufs/sched.c | 2 +- arch/powerpc/platforms/powernv/memtrace.c | 17 -- arch/riscv/Kconfig | 4 +- arch/riscv/kernel/vdso/Makefile | 2 +- arch/sh/Kconfig | 1 + arch/sh/kernel/cpu/sh2/probe.c | 4 + arch/sh/kernel/setup.c | 1 - arch/sh/mm/init.c | 68 +---- arch/sh/mm/numa.c | 19 -- arch/x86/events/intel/core.c | 9 +- arch/x86/include/asm/insn.h | 18 ++ arch/x86/include/asm/kvm_host.h | 1 + arch/x86/kernel/cpu/intel.c | 3 + arch/x86/kernel/kexec-bzimage64.c | 5 +- arch/x86/kernel/kprobes/core.c | 4 + arch/x86/kernel/uprobes.c | 4 + arch/x86/kvm/hyperv.c | 2 +- arch/x86/kvm/svm.c | 31 +- arch/x86/kvm/vmx.c | 95 +++--- arch/x86/kvm/x86.c | 33 ++- arch/x86/net/bpf_jit_comp.c | 18 +- arch/x86/xen/enlighten_hvm.c | 13 + block/blk-cgroup.c | 22 +- block/blk-mq.c | 19 ++ block/blk-mq.h | 4 +- block/genhd.c | 12 + block/partition-generic.c | 10 +- drivers/acpi/acpi_watchdog.c | 59 +++- drivers/acpi/scan.c | 2 +- drivers/acpi/sleep.c | 13 + drivers/ata/ahci.c | 6 +- drivers/ata/ahci.h | 7 + drivers/ata/ahci_mvebu.c | 56 ++++ drivers/ata/ahci_qoriq.c | 2 +- drivers/ata/ahci_xgene.c | 4 +- drivers/ata/libahci.c | 20 +- drivers/ata/libata-eh.c | 4 +- drivers/ata/sata_highbank.c | 2 +- drivers/char/agp/uninorth-agp.c | 4 +- drivers/clk/clk-mux.c | 10 +- drivers/clk/clk.c | 7 +- drivers/clk/imx/clk-imx6ul.c | 2 +- drivers/clocksource/timer-imx-tpm.c | 8 +- drivers/cpufreq/Kconfig.arm | 10 - drivers/cpufreq/brcmstb-avs-cpufreq.c | 323 +-------------------- drivers/firmware/efi/libstub/arm64-stub.c | 10 + drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c | 6 +- drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 13 +- drivers/gpu/drm/drm_dumb_buffers.c | 7 +- drivers/gpu/drm/drm_file.c | 1 + drivers/gpu/drm/exynos/exynos_mixer.c | 22 +- drivers/gpu/drm/exynos/regs-mixer.h | 1 + drivers/gpu/drm/msm/dsi/dsi_host.c | 2 +- drivers/gpu/drm/msm/msm_fbdev.c | 11 +- drivers/gpu/drm/msm/msm_gem.c | 20 +- drivers/gpu/drm/omapdrm/dss/hdmi4.c | 2 +- drivers/gpu/drm/omapdrm/dss/hdmi4_core.c | 7 +- drivers/gpu/drm/omapdrm/dss/hdmi5.c | 2 +- drivers/gpu/drm/omapdrm/omap_connector.c | 10 + drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 6 +- drivers/gpu/drm/omapdrm/tcm-sita.c | 2 +- drivers/gpu/drm/vc4/vc4_dpi.c | 25 +- drivers/hid/Kconfig | 7 +- drivers/hid/hid-ids.h | 9 + drivers/hid/hid-lenovo.c | 36 +++ drivers/hid/i2c-hid/i2c-hid.c | 2 + drivers/hid/intel-ish-hid/ishtp/bus.c | 2 +- drivers/hid/wacom_sys.c | 4 +- drivers/i2c/busses/i2c-pmcmsp.c | 4 +- drivers/i2c/busses/i2c-sprd.c | 22 +- drivers/i2c/busses/i2c-viperboard.c | 2 +- drivers/infiniband/Kconfig | 5 +- drivers/infiniband/core/cma.c | 60 ++-- drivers/infiniband/core/iwpm_util.c | 5 +- drivers/infiniband/core/mad.c | 4 +- drivers/infiniband/core/uverbs_ioctl.c | 9 + drivers/infiniband/hw/hfi1/affinity.c | 11 +- drivers/infiniband/hw/hfi1/init.c | 41 ++- drivers/infiniband/hw/hfi1/platform.c | 1 + drivers/infiniband/hw/hfi1/qsfp.c | 2 + drivers/infiniband/hw/hns/hns_roce_hem.c | 8 +- drivers/infiniband/hw/hns/hns_roce_hw_v2.c | 11 +- drivers/infiniband/hw/mlx4/mr.c | 2 +- drivers/infiniband/hw/mlx5/main.c | 4 +- drivers/infiniband/sw/rxe/rxe_opcode.c | 2 +- drivers/infiniband/sw/rxe/rxe_req.c | 1 - drivers/infiniband/sw/rxe/rxe_resp.c | 6 +- drivers/infiniband/ulp/srp/Kconfig | 2 +- drivers/infiniband/ulp/srpt/Kconfig | 2 +- drivers/input/rmi4/rmi_spi.c | 7 +- drivers/input/touchscreen/atmel_mxt_ts.c | 186 +++++++----- drivers/iommu/dmar.c | 2 +- drivers/iommu/intel_irq_remapping.c | 2 +- drivers/mtd/onenand/omap2.c | 105 +++---- drivers/net/can/dev.c | 2 +- drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 3 + drivers/net/ethernet/aquantia/atlantic/aq_nic.h | 1 + .../net/ethernet/aquantia/atlantic/aq_pci_func.c | 20 +- drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 3 +- drivers/net/ethernet/hisilicon/hns/hnae.h | 2 +- drivers/net/ethernet/ibm/ibmvnic.c | 3 +- drivers/net/ethernet/intel/igb/igb_main.c | 17 +- drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 3 + drivers/net/ethernet/marvell/mvpp2.c | 15 +- drivers/net/ethernet/netronome/nfp/flower/cmsg.c | 38 ++- drivers/net/ethernet/netronome/nfp/flower/cmsg.h | 2 + drivers/net/ethernet/netronome/nfp/flower/main.c | 8 +- drivers/net/ethernet/netronome/nfp/flower/main.h | 8 +- drivers/net/ethernet/netronome/nfp/nfp_app_nic.c | 2 +- drivers/net/ethernet/netronome/nfp/nfp_main.h | 4 +- drivers/net/ethernet/netronome/nfp/nfp_net_main.c | 31 +- .../net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c | 3 +- drivers/net/ethernet/qlogic/qed/qed_l2.c | 6 +- drivers/net/ethernet/qlogic/qede/qede_rdma.c | 2 +- drivers/net/phy/broadcom.c | 10 + drivers/net/phy/marvell.c | 9 + drivers/net/phy/microchip.c | 178 +++++++++++- drivers/nvme/host/Kconfig | 2 +- drivers/nvme/host/core.c | 32 +- drivers/nvme/host/fabrics.c | 6 + drivers/nvme/host/multipath.c | 24 +- drivers/nvme/host/nvme.h | 12 + drivers/nvme/target/Kconfig | 2 +- drivers/pci/dwc/pcie-kirin.c | 2 +- drivers/pinctrl/intel/pinctrl-cherryview.c | 16 +- drivers/pinctrl/meson/pinctrl-meson-axg.c | 2 +- drivers/platform/x86/Kconfig | 2 +- drivers/remoteproc/qcom_q6v5_pil.c | 2 + drivers/reset/reset-uniphier.c | 6 +- drivers/rpmsg/rpmsg_char.c | 2 + drivers/s390/net/qeth_core_main.c | 53 ++-- drivers/s390/net/qeth_core_mpc.h | 12 + drivers/s390/net/qeth_l2_main.c | 59 ++-- drivers/s390/net/smsgiucv.c | 2 +- drivers/scsi/isci/port_config.c | 3 +- drivers/scsi/megaraid/megaraid_sas_fusion.c | 6 +- drivers/scsi/scsi_transport_iscsi.c | 29 +- drivers/scsi/storvsc_drv.c | 7 +- drivers/scsi/vmw_pvscsi.c | 2 +- drivers/soc/bcm/raspberrypi-power.c | 2 +- drivers/spi/spi-bcm2835aux.c | 5 + drivers/spi/spi-cadence.c | 8 + drivers/spi/spi-sh-msiof.c | 1 + drivers/target/target_core_pscsi.c | 2 + drivers/tee/tee_core.c | 11 + drivers/thermal/int340x_thermal/int3403_thermal.c | 3 +- drivers/usb/musb/musb_host.c | 5 +- drivers/usb/musb/musb_host.h | 7 +- drivers/usb/musb/musb_virthub.c | 25 +- drivers/usb/typec/tps6598x.c | 47 ++- drivers/usb/typec/ucsi/Makefile | 2 +- drivers/xen/xenbus/xenbus_dev_frontend.c | 3 +- fs/afs/addr_list.c | 25 +- fs/afs/callback.c | 56 +++- fs/afs/cmservice.c | 6 +- fs/afs/internal.h | 7 +- fs/afs/rotate.c | 20 +- fs/afs/rxrpc.c | 7 + fs/afs/server.c | 22 +- fs/afs/server_list.c | 7 +- fs/cifs/Kconfig | 2 +- fs/cifs/smb2ops.c | 6 + fs/cifs/smb2pdu.c | 68 +++-- fs/cifs/transport.c | 5 +- fs/ecryptfs/crypto.c | 41 ++- fs/ecryptfs/file.c | 21 +- fs/isofs/inode.c | 3 + fs/namespace.c | 2 +- fs/notify/fsnotify.c | 25 +- fs/ocfs2/refcounttree.c | 14 +- fs/proc/base.c | 6 + fs/proc/kcore.c | 23 +- fs/proc/loadavg.c | 2 +- fs/proc/task_mmu.c | 6 +- include/linux/brcmphy.h | 1 + include/linux/clk-provider.h | 3 + include/linux/ethtool.h | 2 + include/linux/genhd.h | 4 +- include/linux/kthread.h | 1 + include/linux/kvm_host.h | 8 +- include/linux/livepatch.h | 19 +- include/linux/microchipphy.h | 8 + include/linux/mtd/map.h | 2 +- include/linux/mtd/rawnand.h | 16 +- include/linux/percpu-rwsem.h | 6 +- include/linux/rwsem.h | 6 + include/linux/sched.h | 50 +++- include/linux/sched/signal.h | 2 +- include/linux/stringhash.h | 4 +- include/soc/bcm2835/raspberrypi-firmware.h | 4 +- init/main.c | 7 + kernel/bpf/syscall.c | 19 +- kernel/kthread.c | 50 ++-- kernel/livepatch/shadow.c | 108 ++++--- kernel/locking/rwsem-xadd.c | 19 +- kernel/locking/rwsem.c | 2 - kernel/locking/rwsem.h | 30 +- kernel/module.c | 5 + kernel/sched/core.c | 49 ++-- kernel/sched/deadline.c | 4 +- kernel/sched/rt.c | 2 - kernel/sched/sched.h | 5 +- kernel/signal.c | 17 +- kernel/stop_machine.c | 19 +- lib/find_bit_benchmark.c | 7 +- mm/memcontrol.c | 2 +- mm/mmap.c | 32 ++ net/ipv6/ip6_vti.c | 4 +- net/ipv6/netfilter/Kconfig | 55 ++-- net/key/af_key.c | 45 ++- net/mac80211/agg-tx.c | 4 + net/mac80211/mlme.c | 25 +- net/mac80211/tx.c | 3 +- net/netfilter/nf_tables_api.c | 2 +- net/rds/ib_cm.c | 3 +- net/rxrpc/af_rxrpc.c | 2 +- net/rxrpc/ar-internal.h | 1 + net/rxrpc/input.c | 2 +- net/rxrpc/local_object.c | 57 +++- net/rxrpc/output.c | 11 + net/rxrpc/sendmsg.c | 10 + net/sched/act_skbedit.c | 3 +- net/smc/af_smc.c | 6 +- net/sunrpc/xprtrdma/fmr_ops.c | 5 +- net/sunrpc/xprtrdma/frwr_ops.c | 9 +- net/sunrpc/xprtrdma/verbs.c | 5 + net/sunrpc/xprtrdma/xprt_rdma.h | 2 +- net/tipc/monitor.c | 2 +- net/tipc/node.c | 28 +- samples/livepatch/livepatch-shadow-fix1.c | 43 ++- samples/livepatch/livepatch-shadow-fix2.c | 33 ++- scripts/Makefile.gcc-plugins | 2 +- sound/soc/codecs/msm8916-wcd-analog.c | 9 +- sound/soc/codecs/rt5514.c | 3 + sound/soc/intel/Kconfig | 22 +- sound/soc/soc-topology.c | 6 +- tools/bpf/bpf_dbg.c | 7 +- tools/objtool/arch/x86/include/asm/insn.h | 18 ++ tools/objtool/check.c | 167 ++++++----- tools/objtool/elf.c | 42 ++- tools/objtool/elf.h | 2 + tools/perf/util/cs-etm.c | 24 +- tools/perf/util/pmu.c | 20 +- tools/perf/util/symbol.c | 8 +- .../inter-event/trigger-multi-actions-accept.tc | 44 +++ tools/testing/selftests/x86/Makefile | 2 +- tools/testing/selftests/x86/mov_ss_trap.c | 285 ++++++++++++++++++ tools/testing/selftests/x86/mpx-mini-test.c | 7 +- tools/testing/selftests/x86/pkey-helpers.h | 20 +- tools/testing/selftests/x86/protection_keys.c | 254 +++++++++++----- virt/kvm/arm/vgic/vgic-mmio-v2.c | 5 + virt/kvm/arm/vgic/vgic.c | 8 + 313 files changed, 3416 insertions(+), 1817 deletions(-) delete mode 100644 arch/arm/include/uapi/asm/siginfo.h create mode 100644 tools/testing/selftests/ftrace/test.d/trigger/inter-event/trigger-multi-actions-accept.tc create mode 100644 tools/testing/selftests/x86/mov_ss_trap.c -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlsYhUIACgkQ3qZv95d3 LNxCSQ/9Fpqryp7tnWxbEKb8CQ0dVKPQSkMpf1pFWSBdVQ5PBTA4Xeo8pdQHrkx/ 6eM9SQj8KplS9cP2jt9CxUzTfuJWPjFUk9BapjA/icGDmSOni9xQJxasyAAzAApA nyP7pmCnaQWLqjr27G3BbmT3RAlUor7yOMosxfDfRnRTFgzJdv23wG/DSUYpPw8M 03K4oSeBcwywx8NrGQiOqm0lWecLs5PpKKRSndAaVu1rA5aNC6X0NiVSYCTeTWl1 CzvYk9MHB0G2EeKfA7Ao7Ckk+qd9SVKd+xe6rH23Ilfz30jsd0NTxNKKbuEYsI3q 4W3LRe7v41wO1poCibL3C4CjF8LnXpTk8CmePq/+yek6MqoDoOyZ7LSSvAQd3qnA vt67C3Ex3DEYy0FeZwbIceQuxbv5k3HsV2mZMcXrVeN76E92vekqcypbqEarZwZt M28JlhRTe2WyDNkcMupjMTYTZCK54N1YP1gjS5PFkuNu4j88ezYQmb1udlal3TGJ y20VOIQUlrm+lLlI/TP2eVWYMeJyr8yFez0YVsn4RP26Q4+THIc/byA2Dplvm4yC hB+RYvYmbUUY2hQ8ZpG8pAN8LkeNCckSjdZUlghogRDSFRG7E4ULcdqHflSrcWWm EajJPnarMaCy04gwYqnBfffdx10qwTANDa2HaZTc8k/ftXKl5Ro= =ygz1 -----END PGP SIGNATURE-----

7 years, 4 months

2
1
0 0

v3.16.57 build: 0 failures 16 warnings (v3.16.57)

by Build bot for Mark Brown

Tree/Branch: v3.16.57 Git describe: v3.16.57 Commit: e472f29ebd Linux 3.16.57 Build Time: 31 min 15 sec Passed: 10 / 10 (100.00 %) Failed: 0 / 10 ( 0.00 %) Errors: 0 Warnings: 16 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 1 warnings 0 mismatches : arm64-allmodconfig 1 warnings 0 mismatches : x86_64-defconfig 4 warnings 0 mismatches : arm-allmodconfig 1 warnings 0 mismatches : x86_64-allnoconfig 9 warnings 0 mismatches : x86_64-allmodconfig 2 warnings 0 mismatches : arm64-defconfig ------------------------------------------------------------------------------- Warnings Summary: 16 2 ../ipc/sem.c:377:6: warning: '___p1' may be used uninitialized in this function [-Wmaybe-uninitialized] 2 ../drivers/net/ethernet/broadcom/genet/bcmgenet.c:1346:17: warning: unused variable 'kdev' [-Wunused-variable] 1 ../drivers/staging/vt6656/main_usb.c:1101:7: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/staging/vt6656/dpc.c:712:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/staging/rtl8192ee/rtl8192ee/hw.c:529:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/staging/rtl8192ee/rtl8192ee/hw.c:524:4: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/staging/rtl8192ee/btcoexist/halbtc8821a2ant.c:2338:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/scsi/fnic/fnic_fcs.c:104:6: warning: this 'else' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/platform/x86/eeepc-laptop.c:279:10: warning: 'value' may be used uninitialized in this function [-Wmaybe-uninitialized] 1 ../drivers/net/wireless/rtlwifi/rtl8723be/hw.c:1132:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/mtd/nand/omap2.c:1318:12: warning: 'omap_calculate_ecc_bch_multi' defined but not used [-Wunused-function] 1 ../drivers/media/platform/davinci/vpfe_capture.c:291:12: warning: 'vpfe_get_ccdc_image_format' defined but not used [-Wunused-function] 1 ../drivers/media/platform/davinci/vpfe_capture.c:1718:1: warning: label 'unlock_out' defined but not used [-Wunused-label] 1 ../drivers/media/dvb-frontends/drxk_hard.c:2223:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/media/dvb-frontends/drxd_hard.c:2631:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../arch/x86/kernel/cpu/common.c:1095:13: warning: 'syscall32_cpu_init' defined but not used [-Wunused-function] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm64-allmodconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../drivers/net/ethernet/broadcom/genet/bcmgenet.c:1346:17: warning: unused variable 'kdev' [-Wunused-variable] ------------------------------------------------------------------------------- x86_64-defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../drivers/platform/x86/eeepc-laptop.c:279:10: warning: 'value' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- arm-allmodconfig : PASS, 0 errors, 4 warnings, 0 section mismatches Warnings: ../drivers/mtd/nand/omap2.c:1318:12: warning: 'omap_calculate_ecc_bch_multi' defined but not used [-Wunused-function] ../drivers/media/platform/davinci/vpfe_capture.c:1718:1: warning: label 'unlock_out' defined but not used [-Wunused-label] ../drivers/media/platform/davinci/vpfe_capture.c:291:12: warning: 'vpfe_get_ccdc_image_format' defined but not used [-Wunused-function] ../drivers/net/ethernet/broadcom/genet/bcmgenet.c:1346:17: warning: unused variable 'kdev' [-Wunused-variable] ------------------------------------------------------------------------------- x86_64-allnoconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../arch/x86/kernel/cpu/common.c:1095:13: warning: 'syscall32_cpu_init' defined but not used [-Wunused-function] ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 9 warnings, 0 section mismatches Warnings: ../drivers/media/dvb-frontends/drxd_hard.c:2631:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/media/dvb-frontends/drxk_hard.c:2223:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/scsi/fnic/fnic_fcs.c:104:6: warning: this 'else' clause does not guard... [-Wmisleading-indentation] ../drivers/net/wireless/rtlwifi/rtl8723be/hw.c:1132:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/rtl8192ee/rtl8192ee/hw.c:524:4: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/rtl8192ee/rtl8192ee/hw.c:529:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/rtl8192ee/btcoexist/halbtc8821a2ant.c:2338:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/vt6656/main_usb.c:1101:7: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/vt6656/dpc.c:712:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ------------------------------------------------------------------------------- arm64-defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ../ipc/sem.c:377:6: warning: '___p1' may be used uninitialized in this function [-Wmaybe-uninitialized] ../ipc/sem.c:377:6: warning: '___p1' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm-multi_v7_defconfig arm-allnoconfig arm-multi_v5_defconfig

7 years, 4 months

1
0
0 0

[PATCH] extcon: Release locking when sending the notification of connector state

by Chanwoo Choi

Previously, extcon used the spinlock before calling the notifier_call_chain to prevent the scheduled out of task and to prevent the notification delay. When spinlock is locked for sending the notification, deadlock issue occured on the side of extcon consumer device. To fix this issue, extcon consumer device should always use the work. it is always not reasonable to use work. To fix this issue on extcon consumer device, release locking when sending the notification of connector state. Fixes: ab11af049f88 ("extcon: Add the synchronization extcon APIs to support the notification") Cc: stable(a)vger.kernel.org Cc: Roger Quadros <rogerq(a)ti.com> Cc: Kishon Vijay Abraham I <kishon(a)ti.com> Signed-off-by: Chanwoo Choi <cw00.choi(a)samsung.com> --- drivers/extcon/extcon.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/extcon/extcon.c b/drivers/extcon/extcon.c index 8bff5fd18185..f75b08a45d4e 100644 --- a/drivers/extcon/extcon.c +++ b/drivers/extcon/extcon.c @@ -433,8 +433,8 @@ int extcon_sync(struct extcon_dev *edev, unsigned int id) return index; spin_lock_irqsave(&edev->lock, flags); - state = !!(edev->state & BIT(index)); + spin_unlock_irqrestore(&edev->lock, flags); /* * Call functions in a raw notifier chain for the specific one @@ -448,6 +448,7 @@ int extcon_sync(struct extcon_dev *edev, unsigned int id) */ raw_notifier_call_chain(&edev->nh_all, state, edev); + spin_lock_irqsave(&edev->lock, flags); /* This could be in interrupt handler */ prop_buf = (char *)get_zeroed_page(GFP_ATOMIC); if (!prop_buf) { -- 1.9.1

7 years, 4 months

4
6
0 0

v4.9.109 build: 0 failures 0 warnings (v4.9.109)

by Build bot for Mark Brown

Tree/Branch: v4.9.109 Git describe: v4.9.109 Commit: 8e52b94e19 Linux 4.9.109 Build Time: 83 min 44 sec Passed: 11 / 11 (100.00 %) Failed: 0 / 11 ( 0.00 %) Errors: 0 Warnings: 0 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): ------------------------------------------------------------------------------- =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm64-allmodconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm64-defconfig close failed in file object destructor: sys.excepthook is missing lost sys.stderr

7 years, 4 months

1
0
0 0

Re: [PATCH 3.16 012/410] scsi: libsas: direct call probe and destruct

by Jason Yan

On 2018/6/8 2:18, Ben Hutchings wrote: > On Thu, 2018-06-07 at 17:32 +0100, John Garry wrote: >> On 07/06/2018 15:05, Ben Hutchings wrote: >>> 3.16.57-rc1 review patch. If anyone has any objections, please let me know. >>> >>> ------------------ >>> >> >> Hi Ben, >> >> I noticed that you are looking to backport this patch to 3.16 >> >> I am wondering why you are taking this libsas patch (and a couple other >> libsas patches) in isolation, when these patches were part of a series >> to fix libsas hotplug issues? I'm not sure if cherry-picking certain >> patches is ok. >> >> Maybe Jason (cc'ed) can comment further. > > This one apparently fixed a security issue (CVE-2017-18232), though I'm > certainly not convinced it's a particularly serious one. > > But please send objections to the list, not just privately. > Hi Ben, This patch is in the series below. I recommend to backport them together. If you really want to do this, I'm happy to help you to backport them. 1689c9367bfa scsi: libsas: notify event PORTE_BROADCAST_RCVD in sas_enable_revalidation() 0558f33c06bb scsi: libsas: direct call probe and destruct 517e5153d242 scsi: libsas: use flush_workqueue to process disco events synchronously 93bdbd06b164 scsi: libsas: Use new workqueue to run sas event and disco event 8eea9dd84e45 scsi: libsas: make the event threshold configurable f12486e06ae8 scsi: libsas: shut down the PHY if events reached the threshold 1c393b970e0f scsi: libsas: Use dynamic alloced work to avoid sas event lost > Ben. > >> Thanks, >> John >> >>> From: Jason Yan <yanaijie(a)huawei.com> >>> >>> commit 0558f33c06bb910e2879e355192227a8e8f0219d upstream. >>> >>> In commit 87c8331fcf72 ("[SCSI] libsas: prevent domain rediscovery >>> competing with ata error handling") introduced disco mutex to prevent >>> rediscovery competing with ata error handling and put the whole >>> revalidation in the mutex. But the rphy add/remove needs to wait for the >>> error handling which also grabs the disco mutex. This may leads to dead >>> lock.So the probe and destruct event were introduce to do the rphy >>> add/remove asynchronously and out of the lock. >>> >>> The asynchronously processed workers makes the whole discovery process >>> not atomic, the other events may interrupt the process. For example, >>> if a loss of signal event inserted before the probe event, the >>> sas_deform_port() is called and the port will be deleted. >>> >>> And sas_port_delete() may run before the destruct event, but the >>> port-x:x is the top parent of end device or expander. This leads to >>> a kernel WARNING such as: >>> >>> [ 82.042979] sysfs group 'power' not found for kobject 'phy-1:0:22' >>> [ 82.042983] ------------[ cut here ]------------ >>> [ 82.042986] WARNING: CPU: 54 PID: 1714 at fs/sysfs/group.c:237 >>> sysfs_remove_group+0x94/0xa0 >>> [ 82.043059] Call trace: >>> [ 82.043082] [<ffff0000082e7624>] sysfs_remove_group+0x94/0xa0 >>> [ 82.043085] [<ffff00000864e320>] dpm_sysfs_remove+0x60/0x70 >>> [ 82.043086] [<ffff00000863ee10>] device_del+0x138/0x308 >>> [ 82.043089] [<ffff00000869a2d0>] sas_phy_delete+0x38/0x60 >>> [ 82.043091] [<ffff00000869a86c>] do_sas_phy_delete+0x6c/0x80 >>> [ 82.043093] [<ffff00000863dc20>] device_for_each_child+0x58/0xa0 >>> [ 82.043095] [<ffff000008696f80>] sas_remove_children+0x40/0x50 >>> [ 82.043100] [<ffff00000869d1bc>] sas_destruct_devices+0x64/0xa0 >>> [ 82.043102] [<ffff0000080e93bc>] process_one_work+0x1fc/0x4b0 >>> [ 82.043104] [<ffff0000080e96c0>] worker_thread+0x50/0x490 >>> [ 82.043105] [<ffff0000080f0364>] kthread+0xfc/0x128 >>> [ 82.043107] [<ffff0000080836c0>] ret_from_fork+0x10/0x50 >>> >>> Make probe and destruct a direct call in the disco and revalidate function, >>> but put them outside the lock. The whole discovery or revalidate won't >>> be interrupted by other events. And the DISCE_PROBE and DISCE_DESTRUCT >>> event are deleted as a result of the direct call. >>> >>> Introduce a new list to destruct the sas_port and put the port delete after >>> the destruct. This makes sure the right order of destroying the sysfs >>> kobject and fix the warning above. >>> >>> In sas_ex_revalidate_domain() have a loop to find all broadcasted >>> device, and sometimes we have a chance to find the same expander twice. >>> Because the sas_port will be deleted at the end of the whole revalidate >>> process, sas_port with the same name cannot be added before this. >>> Otherwise the sysfs will complain of creating duplicate filename. Since >>> the LLDD will send broadcast for every device change, we can only >>> process one expander's revalidation. >>> >>> [mkp: kbuild test robot warning] >>> >>> Signed-off-by: Jason Yan <yanaijie(a)huawei.com> >>> CC: John Garry <john.garry(a)huawei.com> >>> CC: Johannes Thumshirn <jthumshirn(a)suse.de> >>> CC: Ewan Milne <emilne(a)redhat.com> >>> CC: Christoph Hellwig <hch(a)lst.de> >>> CC: Tomas Henzl <thenzl(a)redhat.com> >>> CC: Dan Williams <dan.j.williams(a)intel.com> >>> Reviewed-by: Hannes Reinecke <hare(a)suse.com> >>> Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com> >>> [bwh: Backported to 4.9: adjust context] >>> Signed-off-by: Ben Hutchings <ben(a)decadent.org.uk> >>> --- >>> drivers/scsi/libsas/sas_ata.c | 1 - >>> drivers/scsi/libsas/sas_discover.c | 32 +++++++++++++++++------------- >>> drivers/scsi/libsas/sas_expander.c | 8 +++----- >>> drivers/scsi/libsas/sas_internal.h | 1 + >>> drivers/scsi/libsas/sas_port.c | 3 +++ >>> include/scsi/libsas.h | 3 +-- >>> include/scsi/scsi_transport_sas.h | 1 + >>> 7 files changed, 27 insertions(+), 22 deletions(-) >>> >>> --- a/drivers/scsi/libsas/sas_ata.c >>> +++ b/drivers/scsi/libsas/sas_ata.c >>> @@ -782,7 +782,6 @@ int sas_discover_sata(struct domain_devi >>> if (res) >>> return res; >>> >>> - sas_discover_event(dev->port, DISCE_PROBE); >>> return 0; >>> } >>> >>> --- a/drivers/scsi/libsas/sas_discover.c >>> +++ b/drivers/scsi/libsas/sas_discover.c >>> @@ -212,13 +212,9 @@ void sas_notify_lldd_dev_gone(struct dom >>> } >>> } >>> >>> -static void sas_probe_devices(struct work_struct *work) >>> +static void sas_probe_devices(struct asd_sas_port *port) >>> { >>> struct domain_device *dev, *n; >>> - struct sas_discovery_event *ev = to_sas_discovery_event(work); >>> - struct asd_sas_port *port = ev->port; >>> - >>> - clear_bit(DISCE_PROBE, &port->disc.pending); >>> >>> /* devices must be domain members before link recovery and probe */ >>> list_for_each_entry(dev, &port->disco_list, disco_list_node) { >>> @@ -294,7 +290,6 @@ int sas_discover_end_dev(struct domain_d >>> res = sas_notify_lldd_dev_found(dev); >>> if (res) >>> return res; >>> - sas_discover_event(dev->port, DISCE_PROBE); >>> >>> return 0; >>> } >>> @@ -353,13 +348,9 @@ static void sas_unregister_common_dev(st >>> sas_put_device(dev); >>> } >>> >>> -static void sas_destruct_devices(struct work_struct *work) >>> +void sas_destruct_devices(struct asd_sas_port *port) >>> { >>> struct domain_device *dev, *n; >>> - struct sas_discovery_event *ev = to_sas_discovery_event(work); >>> - struct asd_sas_port *port = ev->port; >>> - >>> - clear_bit(DISCE_DESTRUCT, &port->disc.pending); >>> >>> list_for_each_entry_safe(dev, n, &port->destroy_list, disco_list_node) { >>> list_del_init(&dev->disco_list_node); >>> @@ -370,6 +361,16 @@ static void sas_destruct_devices(struct >>> } >>> } >>> >>> +static void sas_destruct_ports(struct asd_sas_port *port) >>> +{ >>> + struct sas_port *sas_port, *p; >>> + >>> + list_for_each_entry_safe(sas_port, p, &port->sas_port_del_list, del_list) { >>> + list_del_init(&sas_port->del_list); >>> + sas_port_delete(sas_port); >>> + } >>> +} >>> + >>> void sas_unregister_dev(struct asd_sas_port *port, struct domain_device *dev) >>> { >>> if (!test_bit(SAS_DEV_DESTROY, &dev->state) && >>> @@ -384,7 +385,6 @@ void sas_unregister_dev(struct asd_sas_p >>> if (!test_and_set_bit(SAS_DEV_DESTROY, &dev->state)) { >>> sas_rphy_unlink(dev->rphy); >>> list_move_tail(&dev->disco_list_node, &port->destroy_list); >>> - sas_discover_event(dev->port, DISCE_DESTRUCT); >>> } >>> } >>> >>> @@ -490,6 +490,8 @@ static void sas_discover_domain(struct w >>> port->port_dev = NULL; >>> } >>> >>> + sas_probe_devices(port); >>> + >>> SAS_DPRINTK("DONE DISCOVERY on port %d, pid:%d, result:%d\n", port->id, >>> task_pid_nr(current), error); >>> } >>> @@ -523,6 +525,10 @@ static void sas_revalidate_domain(struct >>> port->id, task_pid_nr(current), res); >>> out: >>> mutex_unlock(&ha->disco_mutex); >>> + >>> + sas_destruct_devices(port); >>> + sas_destruct_ports(port); >>> + sas_probe_devices(port); >>> } >>> >>> /* ---------- Events ---------- */ >>> @@ -578,10 +584,8 @@ void sas_init_disc(struct sas_discovery >>> static const work_func_t sas_event_fns[DISC_NUM_EVENTS] = { >>> [DISCE_DISCOVER_DOMAIN] = sas_discover_domain, >>> [DISCE_REVALIDATE_DOMAIN] = sas_revalidate_domain, >>> - [DISCE_PROBE] = sas_probe_devices, >>> [DISCE_SUSPEND] = sas_suspend_devices, >>> [DISCE_RESUME] = sas_resume_devices, >>> - [DISCE_DESTRUCT] = sas_destruct_devices, >>> }; >>> >>> disc->pending = 0; >>> --- a/drivers/scsi/libsas/sas_expander.c >>> +++ b/drivers/scsi/libsas/sas_expander.c >>> @@ -1903,7 +1903,8 @@ static void sas_unregister_devs_sas_addr >>> sas_port_delete_phy(phy->port, phy->phy); >>> sas_device_set_phy(found, phy->port); >>> if (phy->port->num_phys == 0) >>> - sas_port_delete(phy->port); >>> + list_add_tail(&phy->port->del_list, >>> + &parent->port->sas_port_del_list); >>> phy->port = NULL; >>> } >>> } >>> @@ -2111,7 +2112,7 @@ int sas_ex_revalidate_domain(struct doma >>> struct domain_device *dev = NULL; >>> >>> res = sas_find_bcast_dev(port_dev, &dev); >>> - while (res == 0 && dev) { >>> + if (res == 0 && dev) { >>> struct expander_device *ex = &dev->ex_dev; >>> int i = 0, phy_id; >>> >>> @@ -2123,9 +2124,6 @@ int sas_ex_revalidate_domain(struct doma >>> res = sas_rediscover(dev, phy_id); >>> i = phy_id + 1; >>> } while (i < ex->num_phys); >>> - >>> - dev = NULL; >>> - res = sas_find_bcast_dev(port_dev, &dev); >>> } >>> return res; >>> } >>> --- a/drivers/scsi/libsas/sas_internal.h >>> +++ b/drivers/scsi/libsas/sas_internal.h >>> @@ -100,6 +100,7 @@ int sas_try_ata_reset(struct asd_sas_phy >>> void sas_hae_reset(struct work_struct *work); >>> >>> void sas_free_device(struct kref *kref); >>> +void sas_destruct_devices(struct asd_sas_port *port); >>> >>> #ifdef CONFIG_SCSI_SAS_HOST_SMP >>> extern int sas_smp_host_handler(struct Scsi_Host *shost, struct request *req, >>> --- a/drivers/scsi/libsas/sas_port.c >>> +++ b/drivers/scsi/libsas/sas_port.c >>> @@ -66,6 +66,7 @@ static void sas_resume_port(struct asd_s >>> rc = sas_notify_lldd_dev_found(dev); >>> if (rc) { >>> sas_unregister_dev(port, dev); >>> + sas_destruct_devices(port); >>> continue; >>> } >>> >>> @@ -219,6 +220,7 @@ void sas_deform_port(struct asd_sas_phy >>> >>> if (port->num_phys == 1) { >>> sas_unregister_domain_devices(port, gone); >>> + sas_destruct_devices(port); >>> sas_port_delete(port->port); >>> port->port = NULL; >>> } else { >>> @@ -323,6 +325,7 @@ static void sas_init_port(struct asd_sas >>> INIT_LIST_HEAD(&port->dev_list); >>> INIT_LIST_HEAD(&port->disco_list); >>> INIT_LIST_HEAD(&port->destroy_list); >>> + INIT_LIST_HEAD(&port->sas_port_del_list); >>> spin_lock_init(&port->phy_list_lock); >>> INIT_LIST_HEAD(&port->phy_list); >>> port->ha = sas_ha; >>> --- a/include/scsi/libsas.h >>> +++ b/include/scsi/libsas.h >>> @@ -87,10 +87,8 @@ enum discover_event { >>> DISCE_DISCOVER_DOMAIN = 0U, >>> DISCE_REVALIDATE_DOMAIN, >>> DISCE_PORT_GONE, >>> - DISCE_PROBE, >>> DISCE_SUSPEND, >>> DISCE_RESUME, >>> - DISCE_DESTRUCT, >>> DISC_NUM_EVENTS, >>> }; >>> >>> @@ -274,6 +272,7 @@ struct asd_sas_port { >>> struct list_head dev_list; >>> struct list_head disco_list; >>> struct list_head destroy_list; >>> + struct list_head sas_port_del_list; >>> enum sas_linkrate linkrate; >>> >>> struct sas_work work; >>> --- a/include/scsi/scsi_transport_sas.h >>> +++ b/include/scsi/scsi_transport_sas.h >>> @@ -145,6 +145,7 @@ struct sas_port { >>> >>> struct mutex phy_list_mutex; >>> struct list_head phy_list; >>> + struct list_head del_list; /* libsas only */ >>> }; >>> >>> #define dev_to_sas_port(d) \ >>> >>> >>> . >>> >> >>

7 years, 4 months

2
1
0 0

v4.4.138 build: 0 failures 31 warnings (v4.4.138)

by Build bot for Mark Brown

Tree/Branch: v4.4.138 Git describe: v4.4.138 Commit: 0bd2bedb35 Linux 4.4.138 Build Time: 63 min 6 sec Passed: 10 / 10 (100.00 %) Failed: 0 / 10 ( 0.00 %) Errors: 0 Warnings: 31 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 19 warnings 0 mismatches : arm64-allmodconfig 17 warnings 0 mismatches : x86_64-allmodconfig ------------------------------------------------------------------------------- Warnings Summary: 31 3 warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) 2 ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] 2 ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 2 ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm64-allmodconfig : PASS, 0 errors, 19 warnings, 0 section mismatches Warnings: warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=] ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 17 warnings, 0 section mismatches Warnings: ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm64-defconfig

7 years, 4 months

1
0
0 0

v4.14.50 build: 0 failures 0 warnings (v4.14.50)

by Build bot for Mark Brown

Tree/Branch: v4.14.50 Git describe: v4.14.50 Commit: cda6fd4d93 Linux 4.14.50 Build Time: 98 min 36 sec Passed: 11 / 11 (100.00 %) Failed: 0 / 11 ( 0.00 %) Errors: 0 Warnings: 0 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): ------------------------------------------------------------------------------- =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm64-allmodconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm64-defconfig close failed in file object destructor: sys.excepthook is missing lost sys.stderr

7 years, 4 months

1
0
0 0

Linux 4.4.138

by Greg KH

I'm announcing the release of the 4.4.138 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/x86/crypto/chacha20_glue.c | 2 arch/x86/crypto/crc32c-intel_glue.c | 7 - arch/x86/include/asm/cmpxchg_32.h | 2 arch/x86/include/asm/cmpxchg_64.h | 2 arch/x86/include/asm/cpufeature.h | 39 ------ arch/x86/include/asm/fpu/internal.h | 6 arch/x86/include/asm/fpu/xstate.h | 2 arch/x86/include/asm/kvm_emulate.h | 6 arch/x86/include/asm/smp.h | 9 - arch/x86/include/asm/xor_32.h | 2 arch/x86/kernel/cpu/amd.c | 4 arch/x86/kernel/cpu/common.c | 4 arch/x86/kernel/cpu/intel.c | 3 arch/x86/kernel/cpu/intel_cacheinfo.c | 6 arch/x86/kernel/cpu/mtrr/generic.c | 2 arch/x86/kernel/cpu/mtrr/main.c | 2 arch/x86/kernel/cpu/perf_event_amd.c | 4 arch/x86/kernel/cpu/perf_event_amd_uncore.c | 11 - arch/x86/kernel/fpu/core.c | 24 +++ arch/x86/kernel/fpu/init.c | 169 ++++++---------------------- arch/x86/kernel/fpu/xstate.c | 3 arch/x86/kernel/hw_breakpoint.c | 6 arch/x86/kernel/smpboot.c | 2 arch/x86/kernel/traps.c | 1 arch/x86/kernel/vm86_32.c | 4 arch/x86/kvm/emulate.c | 72 +++++------ arch/x86/kvm/vmx.c | 23 +-- arch/x86/kvm/x86.c | 51 ++++++-- arch/x86/kvm/x86.h | 4 arch/x86/mm/setup_nx.c | 4 drivers/char/hw_random/via-rng.c | 5 drivers/crypto/padlock-aes.c | 2 drivers/crypto/padlock-sha.c | 2 drivers/crypto/vmx/aes.c | 2 drivers/crypto/vmx/aes_cbc.c | 2 drivers/crypto/vmx/aes_ctr.c | 2 drivers/crypto/vmx/ghash.c | 2 drivers/gpio/gpiolib.c | 9 + drivers/input/mouse/elan_i2c_core.c | 1 drivers/input/touchscreen/goodix.c | 1 drivers/iommu/intel_irq_remapping.c | 2 drivers/misc/vmw_balloon.c | 23 +-- drivers/tty/serial/samsung.c | 7 - fs/btrfs/disk-io.c | 2 include/linux/fs.h | 4 net/key/af_key.c | 45 +++++-- 47 files changed, 258 insertions(+), 331 deletions(-) Andy Lutomirski (6): x86/fpu: Default eagerfpu=on on all CPUs x86/fpu: Fix 'no387' regression x86/fpu: Hard-disable lazy FPU mode x86/fpu: Fix FNSAVE usage in eagerfpu mode x86/fpu: Fix math emulation in eager fpu mode x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code Borislav Petkov (2): x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros x86/fpu: Fix eager-FPU handling on legacy FPU machines Ethan Lee (1): Input: goodix - add new ACPI id for GPD Win 2 touch screen Gil Kupfer (1): vmw_balloon: fixing double free when batching mode is off Greg Kroah-Hartman (1): Linux 4.4.138 Johannes Wienke (1): Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID Juergen Gross (1): x86: Remove unused function cpu_has_ht_siblings() Kevin Easton (1): af_key: Always verify length of provided sadb_key Linus Torvalds (1): Clarify (and fix) MAX_LFS_FILESIZE macros Linus Walleij (1): gpio: No NULL owner Marek Szyprowski (1): serial: samsung: fix maxburst parameter for DMA transactions Michael Ellerman (1): crypto: vmx - Remove overly verbose printk from AES init routines Paolo Bonzini (3): KVM: x86: introduce linear_{read,write}_system KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access Yu-cheng Yu (1): x86/fpu: Revert ("x86/fpu: Disable AVX when eagerfpu is off") yu-cheng yu (3): x86/fpu: Fix early FPU command-line parsing x86/fpu: Disable MPX when eagerfpu is off x86/fpu: Disable AVX when eagerfpu is off

7 years, 4 months

1
1
0 0

Linux 4.9.109

by Greg KH

I'm announcing the release of the 4.9.109 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/x86/crypto/crc32c-intel_glue.c | 5 - arch/x86/include/asm/cpufeatures.h | 2 arch/x86/include/asm/fpu/internal.h | 2 arch/x86/include/asm/kvm_emulate.h | 6 +- arch/x86/kernel/fpu/init.c | 91 +------------------------------ arch/x86/kvm/emulate.c | 72 ++++++++++++------------ arch/x86/kvm/vmx.c | 23 +++---- arch/x86/kvm/x86.c | 51 ++++++++++++----- arch/x86/kvm/x86.h | 4 - drivers/crypto/omap-sham.c | 2 drivers/crypto/vmx/aes.c | 2 drivers/crypto/vmx/aes_cbc.c | 2 drivers/crypto/vmx/aes_ctr.c | 2 drivers/crypto/vmx/ghash.c | 2 drivers/gpio/gpiolib.c | 9 ++- drivers/input/mouse/elan_i2c_core.c | 1 drivers/input/touchscreen/goodix.c | 1 drivers/misc/vmw_balloon.c | 23 ++----- drivers/net/bonding/bond_main.c | 22 ++++--- drivers/nvme/host/pci.c | 4 - drivers/nvme/target/admin-cmd.c | 22 ++++--- drivers/nvme/target/core.c | 5 - drivers/nvme/target/nvmet.h | 2 drivers/staging/android/ion/ion.c | 5 + drivers/tty/serial/8250/8250_omap.c | 16 +++++ drivers/tty/serial/amba-pl011.c | 16 +++++ drivers/tty/serial/atmel_serial.c | 5 - drivers/tty/serial/samsung.c | 7 -- drivers/tty/serial/sh-sci.c | 4 - drivers/usb/gadget/udc/renesas_usb3.c | 7 ++ drivers/usb/storage/uas.c | 6 ++ drivers/usb/storage/unusual_devs.h | 9 +++ drivers/usb/storage/unusual_uas.h | 9 +++ drivers/usb/usbip/vhci_sysfs.c | 24 +++++--- include/net/bonding.h | 5 + net/key/af_key.c | 45 +++++++++++---- tools/arch/x86/include/asm/cpufeatures.h | 2 38 files changed, 273 insertions(+), 244 deletions(-) Alexander Kappner (2): usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver usb-storage: Add compatibility quirk flags for G-Technologies G-Drive Andreas Born (1): bonding: require speed/duplex only for 802.3ad, alb and tlb Andy Lutomirski (2): x86/fpu: Hard-disable lazy FPU mode x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code Bin Liu (1): crypto: omap-sham - fix memleak Dave Martin (1): tty: pl011: Avoid spuriously stuck-off interrupts Ethan Lee (1): Input: goodix - add new ACPI id for GPD Win 2 touch screen Geert Uytterhoeven (1): serial: sh-sci: Stop using printk format %pCr Gil Kupfer (1): vmw_balloon: fixing double free when batching mode is off Greg Kroah-Hartman (2): perf: sync up x86/.../cpufeatures.h Linux 4.9.109 Gustavo A. R. Silva (1): usbip: vhci_sysfs: fix potential Spectre v1 Johannes Thumshirn (1): nvmet: Move serial number from controller to subsystem Johannes Wienke (1): Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID Keith Busch (1): nvme-pci: initialize queue memory before interrupts Kevin Easton (1): af_key: Always verify length of provided sadb_key Laura Abbott (1): staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy Linus Walleij (1): gpio: No NULL owner Mahesh Bandewar (2): bonding: correctly update link status during mii-commit phase bonding: fix active-backup transition Marek Szyprowski (1): serial: samsung: fix maxburst parameter for DMA transactions Martin Wilck (2): nvmet: don't report 0-bytes in serial number nvmet: don't overwrite identify sn/fr with 0-bytes Michael Ellerman (1): crypto: vmx - Remove overly verbose printk from AES init routines Paolo Bonzini (3): KVM: x86: introduce linear_{read,write}_system KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access Sebastian Andrzej Siewior (1): tty/serial: atmel: use port->name as name in request_irq() Tony Lindgren (1): serial: 8250: omap: Fix idling of clocks for unused uarts Yoshihiro Shimoda (1): usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting

7 years, 4 months

1
1
0 0

Linux 4.14.50

by Greg KH

I'm announcing the release of the 4.14.50 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/x86/include/asm/kvm_emulate.h | 6 arch/x86/kvm/emulate.c | 76 +++++----- arch/x86/kvm/vmx.c | 38 +++-- arch/x86/kvm/x86.c | 53 +++++-- arch/x86/kvm/x86.h | 4 block/blk-zoned.c | 8 - drivers/crypto/caam/caamalg.c | 231 ++++++++++++++------------------ drivers/crypto/caam/caamalg_qi.c | 227 ++++++++++++++++--------------- drivers/crypto/caam/caampkc.c | 62 ++++++++ drivers/crypto/caam/caampkc.h | 8 + drivers/crypto/cavium/zip/common.h | 21 ++ drivers/crypto/cavium/zip/zip_crypto.c | 22 +-- drivers/crypto/cavium/zip/zip_deflate.c | 4 drivers/crypto/cavium/zip/zip_inflate.c | 4 drivers/crypto/omap-sham.c | 2 drivers/crypto/vmx/aes.c | 2 drivers/crypto/vmx/aes_cbc.c | 3 drivers/crypto/vmx/aes_ctr.c | 2 drivers/crypto/vmx/aes_xts.c | 2 drivers/crypto/vmx/ghash.c | 2 drivers/gpio/gpiolib.c | 9 - drivers/input/joystick/xpad.c | 2 drivers/input/mouse/elan_i2c_core.c | 1 drivers/input/touchscreen/goodix.c | 1 drivers/misc/vmw_balloon.c | 23 --- drivers/nfc/pn533/usb.c | 42 ++++- drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 drivers/staging/android/ion/ion.c | 5 drivers/tty/serial/8250/8250_omap.c | 16 ++ drivers/tty/serial/amba-pl011.c | 16 ++ drivers/tty/serial/atmel_serial.c | 5 drivers/tty/serial/samsung.c | 7 drivers/tty/serial/sh-sci.c | 4 drivers/usb/gadget/function/f_printer.c | 6 drivers/usb/gadget/udc/renesas_usb3.c | 7 drivers/usb/storage/uas.c | 6 drivers/usb/storage/unusual_devs.h | 9 + drivers/usb/storage/unusual_uas.h | 9 + drivers/usb/usbip/vhci_sysfs.c | 24 ++- net/key/af_key.c | 45 ++++-- net/netfilter/nft_ct.c | 20 +- 42 files changed, 628 insertions(+), 412 deletions(-) Alexander Kappner (2): usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver usb-storage: Add compatibility quirk flags for G-Technologies G-Drive Bart Van Assche (1): blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers Bin Liu (1): crypto: omap-sham - fix memleak Dave Martin (1): tty: pl011: Avoid spuriously stuck-off interrupts Ethan Lee (2): Input: xpad - add GPD Win 2 Controller USB IDs Input: goodix - add new ACPI id for GPD Win 2 touch screen Felix Wilhelm (1): kvm: nVMX: Enforce cpl=0 for VMX instructions Geert Uytterhoeven (1): serial: sh-sci: Stop using printk format %pCr Gil Kupfer (1): vmw_balloon: fixing double free when batching mode is off Greg Kroah-Hartman (2): NFC: pn533: don't send USB data off of the stack Linux 4.14.50 Gustavo A. R. Silva (1): usbip: vhci_sysfs: fix potential Spectre v1 Horia Geantă (5): crypto: caam - strip input zeros from RSA input buffer crypto: caam - fix DMA mapping dir for generated IV crypto: caam - fix IV DMA mapping and updating crypto: caam/qi - fix IV DMA mapping and updating crypto: caam - fix size of RSA prime factor q Jan Glauber (2): crypto: cavium - Fix fallout from CONFIG_VMAP_STACK crypto: cavium - Limit result reading attempts Johannes Wienke (1): Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID Kevin Easton (1): af_key: Always verify length of provided sadb_key Laura Abbott (1): staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy Linus Walleij (1): gpio: No NULL owner Manu Gautam (1): phy: qcom-qusb2: Fix crash if nvmem cell not specified Marek Szyprowski (1): serial: samsung: fix maxburst parameter for DMA transactions Michael Ellerman (2): crypto: vmx - Remove overly verbose printk from AES init routines crypto: vmx - Remove overly verbose printk from AES XTS init Paolo Bonzini (3): KVM: x86: introduce linear_{read,write}_system KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access Sebastian Andrzej Siewior (1): tty/serial: atmel: use port->name as name in request_irq() Taehee Yoo (1): netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() Tony Lindgren (1): serial: 8250: omap: Fix idling of clocks for unused uarts Wanpeng Li (1): KVM: X86: Fix reserved bits check for MOV to CR3 Yoshihiro Shimoda (2): usb: gadget: function: printer: avoid wrong list handling in printer_write() usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting

7 years, 4 months

1
1
0 0

Linux 4.16.16

by Greg KH

I'm announcing the release of the 4.16.16 kernel. All users of the 4.16 kernel series must upgrade. The updated 4.16.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.16.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/x86/include/asm/kvm_emulate.h | 6 arch/x86/kvm/emulate.c | 76 +++++----- arch/x86/kvm/vmx.c | 38 +++-- arch/x86/kvm/x86.c | 53 +++++-- arch/x86/kvm/x86.h | 4 block/blk-zoned.c | 8 - drivers/crypto/caam/caamalg.c | 231 ++++++++++++++------------------ drivers/crypto/caam/caamalg_qi.c | 227 ++++++++++++++++--------------- drivers/crypto/caam/caampkc.c | 62 ++++++++ drivers/crypto/caam/caampkc.h | 8 + drivers/crypto/cavium/zip/common.h | 21 ++ drivers/crypto/cavium/zip/zip_crypto.c | 22 +-- drivers/crypto/cavium/zip/zip_deflate.c | 4 drivers/crypto/cavium/zip/zip_inflate.c | 4 drivers/crypto/chelsio/chcr_ipsec.c | 35 ++-- drivers/crypto/omap-sham.c | 2 drivers/crypto/vmx/aes.c | 2 drivers/crypto/vmx/aes_cbc.c | 3 drivers/crypto/vmx/aes_ctr.c | 2 drivers/crypto/vmx/aes_xts.c | 2 drivers/crypto/vmx/ghash.c | 2 drivers/input/joystick/xpad.c | 2 drivers/input/mouse/elan_i2c_core.c | 1 drivers/input/touchscreen/goodix.c | 1 drivers/misc/vmw_balloon.c | 23 --- drivers/nfc/pn533/usb.c | 42 ++++- drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 drivers/staging/android/ion/ion.c | 5 drivers/tty/serial/8250/8250_omap.c | 16 ++ drivers/tty/serial/amba-pl011.c | 16 ++ drivers/tty/serial/atmel_serial.c | 5 drivers/tty/serial/samsung.c | 7 drivers/tty/serial/sh-sci.c | 4 drivers/usb/core/message.c | 2 drivers/usb/gadget/function/f_printer.c | 6 drivers/usb/gadget/udc/renesas_usb3.c | 37 +++-- drivers/usb/storage/uas.c | 6 drivers/usb/storage/unusual_devs.h | 9 + drivers/usb/storage/unusual_uas.h | 9 + drivers/usb/typec/typec_wcove.c | 30 +++- drivers/usb/usbip/vhci_sysfs.c | 24 ++- net/key/af_key.c | 45 ++++-- net/netfilter/nft_ct.c | 20 +- 44 files changed, 685 insertions(+), 443 deletions(-) Alexander Kappner (2): usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver usb-storage: Add compatibility quirk flags for G-Technologies G-Drive Atul Gupta (1): crypto: chelsio - request to HW should wrap Bart Van Assche (1): blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers Bin Liu (1): crypto: omap-sham - fix memleak Dave Martin (1): tty: pl011: Avoid spuriously stuck-off interrupts Ethan Lee (2): Input: xpad - add GPD Win 2 Controller USB IDs Input: goodix - add new ACPI id for GPD Win 2 touch screen Felix Wilhelm (1): kvm: nVMX: Enforce cpl=0 for VMX instructions Geert Uytterhoeven (1): serial: sh-sci: Stop using printk format %pCr Gil Kupfer (1): vmw_balloon: fixing double free when batching mode is off Greg Kroah-Hartman (2): NFC: pn533: don't send USB data off of the stack Linux 4.16.16 Gustavo A. R. Silva (1): usbip: vhci_sysfs: fix potential Spectre v1 Heikki Krogerus (1): usb: typec: wcove: Remove dependency on HW FSM Horia Geantă (5): crypto: caam - strip input zeros from RSA input buffer crypto: caam - fix DMA mapping dir for generated IV crypto: caam - fix IV DMA mapping and updating crypto: caam/qi - fix IV DMA mapping and updating crypto: caam - fix size of RSA prime factor q Jan Glauber (2): crypto: cavium - Fix fallout from CONFIG_VMAP_STACK crypto: cavium - Limit result reading attempts Johannes Wienke (1): Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID Kevin Easton (1): af_key: Always verify length of provided sadb_key Laura Abbott (1): staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy Manu Gautam (1): phy: qcom-qusb2: Fix crash if nvmem cell not specified Marek Szyprowski (1): serial: samsung: fix maxburst parameter for DMA transactions Michael Ellerman (2): crypto: vmx - Remove overly verbose printk from AES init routines crypto: vmx - Remove overly verbose printk from AES XTS init Paolo Bonzini (3): KVM: x86: introduce linear_{read,write}_system KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access Ruslan Bilovol (1): usb: core: message: remove extra endianness conversion in usb_set_isoch_delay Sebastian Andrzej Siewior (1): tty/serial: atmel: use port->name as name in request_irq() Taehee Yoo (1): netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() Tony Lindgren (1): serial: 8250: omap: Fix idling of clocks for unused uarts Wanpeng Li (1): KVM: X86: Fix reserved bits check for MOV to CR3 Yoshihiro Shimoda (7): usb: gadget: function: printer: avoid wrong list handling in printer_write() usb: gadget: udc: renesas_usb3: fix double phy_put() usb: gadget: udc: renesas_usb3: should remove debugfs usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add udc usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting

7 years, 4 months

1
1
0 0

Linux 4.17.2

by Greg KH

I'm announcing the release of the 4.17.2 kernel. All users of the 4.17 kernel series must upgrade. The updated 4.17.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.17.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/stable/sysfs-bus-vmbus | 40 ++--- Makefile | 2 arch/arm64/configs/defconfig | 1 arch/x86/include/asm/kvm_emulate.h | 6 arch/x86/kvm/emulate.c | 76 +++++----- arch/x86/kvm/vmx.c | 38 +++-- arch/x86/kvm/x86.c | 61 +++++--- arch/x86/kvm/x86.h | 4 block/blk-zoned.c | 8 - drivers/crypto/caam/caamalg.c | 231 +++++++++++++------------------ drivers/crypto/caam/caamalg_qi.c | 227 +++++++++++++++--------------- drivers/crypto/caam/caampkc.c | 62 +++++++- drivers/crypto/caam/caampkc.h | 8 + drivers/crypto/cavium/zip/common.h | 21 ++ drivers/crypto/cavium/zip/zip_crypto.c | 22 +- drivers/crypto/cavium/zip/zip_deflate.c | 4 drivers/crypto/cavium/zip/zip_inflate.c | 4 drivers/crypto/ccree/cc_debugfs.c | 7 drivers/crypto/ccree/cc_driver.c | 8 - drivers/crypto/ccree/cc_driver.h | 2 drivers/crypto/ccree/cc_host_regs.h | 6 drivers/crypto/chelsio/chcr_ipsec.c | 35 ++-- drivers/crypto/omap-sham.c | 2 drivers/crypto/vmx/aes.c | 2 drivers/crypto/vmx/aes_cbc.c | 3 drivers/crypto/vmx/aes_ctr.c | 2 drivers/crypto/vmx/aes_xts.c | 2 drivers/crypto/vmx/ghash.c | 2 drivers/input/joystick/xpad.c | 2 drivers/input/mouse/elan_i2c_core.c | 1 drivers/input/touchscreen/goodix.c | 1 drivers/misc/vmw_balloon.c | 23 --- drivers/nfc/pn533/usb.c | 42 ++++- drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 drivers/staging/android/ion/ion.c | 5 drivers/tty/serial/8250/8250_omap.c | 16 ++ drivers/tty/serial/amba-pl011.c | 16 ++ drivers/tty/serial/atmel_serial.c | 5 drivers/tty/serial/samsung.c | 7 drivers/tty/serial/sh-sci.c | 4 drivers/usb/core/message.c | 2 drivers/usb/gadget/function/f_printer.c | 6 drivers/usb/gadget/udc/renesas_usb3.c | 37 +++- drivers/usb/storage/uas.c | 6 drivers/usb/storage/unusual_devs.h | 9 + drivers/usb/storage/unusual_uas.h | 9 + drivers/usb/typec/typec_wcove.c | 30 +++- drivers/usb/usbip/vhci_sysfs.c | 24 ++- include/uapi/linux/kvm.h | 4 tools/include/uapi/linux/kvm.h | 4 50 files changed, 684 insertions(+), 459 deletions(-) Alexander Kappner (2): usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver usb-storage: Add compatibility quirk flags for G-Technologies G-Drive Atul Gupta (1): crypto: chelsio - request to HW should wrap Bart Van Assche (1): blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers Bin Liu (1): crypto: omap-sham - fix memleak Dave Martin (1): tty: pl011: Avoid spuriously stuck-off interrupts Ethan Lee (2): Input: xpad - add GPD Win 2 Controller USB IDs Input: goodix - add new ACPI id for GPD Win 2 touch screen Felix Wilhelm (1): kvm: nVMX: Enforce cpl=0 for VMX instructions Geert Uytterhoeven (1): serial: sh-sci: Stop using printk format %pCr Gil Kupfer (1): vmw_balloon: fixing double free when batching mode is off Gilad Ben-Yossef (1): crypto: ccree - correct host regs offset Greg Kroah-Hartman (2): NFC: pn533: don't send USB data off of the stack Linux 4.17.2 Gustavo A. R. Silva (1): usbip: vhci_sysfs: fix potential Spectre v1 Heikki Krogerus (1): usb: typec: wcove: Remove dependency on HW FSM Horia Geantă (5): crypto: caam - strip input zeros from RSA input buffer crypto: caam - fix DMA mapping dir for generated IV crypto: caam - fix IV DMA mapping and updating crypto: caam/qi - fix IV DMA mapping and updating crypto: caam - fix size of RSA prime factor q Jan Glauber (2): crypto: cavium - Fix fallout from CONFIG_VMAP_STACK crypto: cavium - Limit result reading attempts Johannes Wienke (1): Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID Laura Abbott (1): staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy Manu Gautam (1): phy: qcom-qusb2: Fix crash if nvmem cell not specified Marek Szyprowski (1): serial: samsung: fix maxburst parameter for DMA transactions Michael Ellerman (2): crypto: vmx - Remove overly verbose printk from AES init routines crypto: vmx - Remove overly verbose printk from AES XTS init Michael S. Tsirkin (1): kvm: fix typo in flag name Paolo Bonzini (3): KVM: x86: introduce linear_{read,write}_system KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access Ruslan Bilovol (1): usb: core: message: remove extra endianness conversion in usb_set_isoch_delay Sean Wang (1): arm64: defconfig: Enable CONFIG_PINCTRL_MT7622 by default Sebastian Andrzej Siewior (1): tty/serial: atmel: use port->name as name in request_irq() Stephen Hemminger (1): doc: fix sysfs ABI documentation Tony Lindgren (1): serial: 8250: omap: Fix idling of clocks for unused uarts Wanpeng Li (1): KVM: X86: Fix reserved bits check for MOV to CR3 Yoshihiro Shimoda (7): usb: gadget: function: printer: avoid wrong list handling in printer_write() usb: gadget: udc: renesas_usb3: fix double phy_put() usb: gadget: udc: renesas_usb3: should remove debugfs usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add udc usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting

7 years, 4 months

1
1
0 0

[PATCH 1/3] udf: Detect incorrect directory size

by Jan Kara

Detect when a directory entry is (possibly partially) beyond directory size and return EIO in that case since it means the filesystem is corrupted. Otherwise directory operations can further corrupt the directory and possibly also oops the kernel. CC: Anatoly Trosinenko <anatoly.trosinenko(a)gmail.com> CC: stable(a)vger.kernel.org Reported-by: Anatoly Trosinenko <anatoly.trosinenko(a)gmail.com> Signed-off-by: Jan Kara <jack(a)suse.cz> --- fs/udf/directory.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/udf/directory.c b/fs/udf/directory.c index 0a98a2369738..3835f983cc99 100644 --- a/fs/udf/directory.c +++ b/fs/udf/directory.c @@ -152,6 +152,9 @@ struct fileIdentDesc *udf_fileident_read(struct inode *dir, loff_t *nf_pos, sizeof(struct fileIdentDesc)); } } + /* Got last entry outside of dir size - fs is corrupted! */ + if (*nf_pos > dir->i_size) + return NULL; return fi; } -- 2.16.4

7 years, 4 months

2
1
0 0

[Linux-stable-mirror] [PATCH] MIPS: Fix arch_trigger_cpumask_backtrace()

by Huacai Chen

SysRq-L and RCU stall detector call arch_trigger_cpumask_backtrace() to trigger other CPU's backtrace, but its behavior is totally broken. The root cause is arch_trigger_cpumask_backtrace() use call-function IPI in irq context, which trigger deadlocks in smp_call_function_single() and smp_call_function_many(). This patch fix arch_trigger_cpumask_backtrace() by: 1, Use a dedecated IPI (SMP_CPU_BACKTRACE) to trigger backtraces; 2, If myself is in target cpumask, do backtrace and clear myself; 3, Use a spinlock to avoid parallel backtrace output; 4, Handle SMP_CPU_BACKTRACE IPI for Loongson-3. I have attempted to implement SMP_CPU_BACKTRACE for all MIPS CPUs, but I failed because some of their IPIs are not extensible. :( Cc: stable(a)vger.kernel.org Signed-off-by: Huacai Chen <chenhc(a)lemote.com> --- arch/mips/include/asm/smp.h | 3 +++ arch/mips/kernel/process.c | 23 ++++++++++++++++++----- arch/mips/loongson64/loongson-3/smp.c | 6 ++++++ 3 files changed, 27 insertions(+), 5 deletions(-) diff --git a/arch/mips/include/asm/smp.h b/arch/mips/include/asm/smp.h index 88ebd83..b0521f4 100644 --- a/arch/mips/include/asm/smp.h +++ b/arch/mips/include/asm/smp.h @@ -43,6 +43,7 @@ extern int __cpu_logical_map[NR_CPUS]; /* Octeon - Tell another core to flush its icache */ #define SMP_ICACHE_FLUSH 0x4 #define SMP_ASK_C0COUNT 0x8 +#define SMP_CPU_BACKTRACE 0x10 /* Mask of CPUs which are currently definitely operating coherently */ extern cpumask_t cpu_coherent_mask; @@ -81,6 +82,8 @@ static inline void __cpu_die(unsigned int cpu) extern void play_dead(void); #endif +void arch_dump_stack(void); + /* * This function will set up the necessary IPIs for Linux to communicate * with the CPUs in mask. diff --git a/arch/mips/kernel/process.c b/arch/mips/kernel/process.c index 57028d4..647e15d 100644 --- a/arch/mips/kernel/process.c +++ b/arch/mips/kernel/process.c @@ -655,26 +655,39 @@ unsigned long arch_align_stack(unsigned long sp) return sp & ALMASK; } -static void arch_dump_stack(void *info) +void arch_dump_stack(void) { struct pt_regs *regs; + static arch_spinlock_t lock = __ARCH_SPIN_LOCK_UNLOCKED; + arch_spin_lock(&lock); regs = get_irq_regs(); if (regs) show_regs(regs); dump_stack(); + arch_spin_unlock(&lock); } void arch_trigger_cpumask_backtrace(const cpumask_t *mask, bool exclude_self) { long this_cpu = get_cpu(); + struct cpumask backtrace_mask; + extern const struct plat_smp_ops *mp_ops; + + cpumask_copy(&backtrace_mask, mask); + if (cpumask_test_cpu(this_cpu, mask)) { + if (!exclude_self) { + struct pt_regs *regs = get_irq_regs(); + if (regs) + show_regs(regs); + dump_stack(); + } + cpumask_clear_cpu(this_cpu, &backtrace_mask); + } - if (cpumask_test_cpu(this_cpu, mask) && !exclude_self) - dump_stack(); - - smp_call_function_many(mask, arch_dump_stack, NULL, 1); + mp_ops->send_ipi_mask(&backtrace_mask, SMP_CPU_BACKTRACE); put_cpu(); } diff --git a/arch/mips/loongson64/loongson-3/smp.c b/arch/mips/loongson64/loongson-3/smp.c index 8501109..0655114 100644 --- a/arch/mips/loongson64/loongson-3/smp.c +++ b/arch/mips/loongson64/loongson-3/smp.c @@ -291,6 +291,12 @@ void loongson3_ipi_interrupt(struct pt_regs *regs) __wbflush(); /* Let others see the result ASAP */ } + if (action & SMP_CPU_BACKTRACE) { + irq_enter(); + arch_dump_stack(); + irq_exit(); + } + if (irqs) { int irq; while ((irq = ffs(irqs))) { -- 2.7.0

7 years, 4 months

3
4
0 0

+ slub-fix-failure-when-we-delete-and-create-a-slab-cache.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: slub: fix failure when we delete and create a slab cache has been added to the -mm tree. Its filename is slub-fix-failure-when-we-delete-and-create-a-slab-cache.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/slub-fix-failure-when-we-delete-an… and later at http://ozlabs.org/~akpm/mmotm/broken-out/slub-fix-failure-when-we-delete-an… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Mikulas Patocka <mpatocka(a)redhat.com> Subject: slub: fix failure when we delete and create a slab cache In kernel 4.17 I removed some code from dm-bufio that did slab cache merging (21bb13276768) - both slab and slub support merging caches with identical attributes, so dm-bufio now just calls kmem_cache_create and relies on implicit merging. This uncovered a bug in the slub subsystem - if we delete a cache and immediatelly create another cache with the same attributes, it fails because of duplicate filename in /sys/kernel/slab/. The slub subsystem offloads freeing the cache to a workqueue - and if we create the new cache before the workqueue runs, it complains because of duplicate filename in sysfs. This patch fixes the bug by moving the call of kobject_del from sysfs_slab_remove_workfn to shutdown_cache. kobject_del must be called while we hold slab_mutex - so that the sysfs entry is deleted before a cache with the same attributes could be created. Running device-mapper-test-suite with: dmtest run --suite thin-provisioning -n /commit_failure_causes_fallback/ triggers: [ 119.618958] Buffer I/O error on dev dm-0, logical block 1572848, async page read [ 119.686224] device-mapper: thin: 253:1: metadata operation 'dm_pool_alloc_data_block' failed: error = -5 [ 119.695821] device-mapper: thin: 253:1: aborting current metadata transaction [ 119.703255] sysfs: cannot create duplicate filename '/kernel/slab/:a-0000144' [ 119.710394] CPU: 2 PID: 1037 Comm: kworker/u48:1 Not tainted 4.17.0.snitm+ #25 [ 119.717608] Hardware name: Supermicro SYS-1029P-WTR/X11DDW-L, BIOS 2.0a 12/06/2017 [ 119.725177] Workqueue: dm-thin do_worker [dm_thin_pool] [ 119.730401] Call Trace: [ 119.732856] dump_stack+0x5a/0x73 [ 119.736173] sysfs_warn_dup+0x58/0x70 [ 119.739839] sysfs_create_dir_ns+0x77/0x80 [ 119.743939] kobject_add_internal+0xba/0x2e0 [ 119.748210] kobject_init_and_add+0x70/0xb0 [ 119.752399] ? sysfs_slab_add+0x101/0x250 [ 119.756409] sysfs_slab_add+0xb1/0x250 [ 119.760161] __kmem_cache_create+0x116/0x150 [ 119.764436] ? number+0x2fb/0x340 [ 119.767755] ? _cond_resched+0x15/0x30 [ 119.771508] create_cache+0xd9/0x1f0 [ 119.775085] kmem_cache_create_usercopy+0x1c1/0x250 [ 119.779965] kmem_cache_create+0x18/0x20 [ 119.783894] dm_bufio_client_create+0x1ae/0x410 [dm_bufio] [ 119.789380] ? dm_block_manager_alloc_callback+0x20/0x20 [dm_persistent_data] [ 119.796509] ? kmem_cache_alloc_trace+0xae/0x1d0 [ 119.801131] dm_block_manager_create+0x5e/0x90 [dm_persistent_data] [ 119.807397] __create_persistent_data_objects+0x38/0x940 [dm_thin_pool] [ 119.814008] dm_pool_abort_metadata+0x64/0x90 [dm_thin_pool] [ 119.819669] metadata_operation_failed+0x59/0x100 [dm_thin_pool] [ 119.825673] alloc_data_block.isra.53+0x86/0x180 [dm_thin_pool] [ 119.831592] process_cell+0x2a3/0x550 [dm_thin_pool] [ 119.836558] ? mempool_alloc+0x6f/0x180 [ 119.840400] ? u32_swap+0x10/0x10 [ 119.843717] ? sort+0x17b/0x270 [ 119.846863] ? u32_swap+0x10/0x10 [ 119.850181] do_worker+0x28d/0x8f0 [dm_thin_pool] [ 119.854890] ? move_linked_works+0x6f/0xa0 [ 119.858989] process_one_work+0x171/0x370 [ 119.862999] worker_thread+0x49/0x3f0 [ 119.866669] kthread+0xf8/0x130 [ 119.869813] ? max_active_store+0x80/0x80 [ 119.873827] ? kthread_bind+0x10/0x10 [ 119.877493] ret_from_fork+0x35/0x40 [ 119.881076] kobject_add_internal failed for :a-0000144 with -EEXIST, don't try to register things with the same name in the same directory. [ 119.893580] kmem_cache_create(dm_bufio_buffer-16) failed with error -17 Link: http://lkml.kernel.org/r/alpine.LRH.2.02.1806151817130.6333@file01.intranet… Signed-off-by: Mikulas Patocka <mpatocka(a)redhat.com> Reported-by: Mike Snitzer <snitzer(a)redhat.com> Tested-by: Mike Snitzer <snitzer(a)redhat.com> Cc: Christoph Lameter <cl(a)linux.com> Cc: Pekka Enberg <penberg(a)kernel.org> Cc: David Rientjes <rientjes(a)google.com> Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/linux/slub_def.h | 4 ++++ mm/slab_common.c | 4 ++++ mm/slub.c | 7 ++++++- 3 files changed, 14 insertions(+), 1 deletion(-) diff -puN include/linux/slub_def.h~slub-fix-failure-when-we-delete-and-create-a-slab-cache include/linux/slub_def.h --- a/include/linux/slub_def.h~slub-fix-failure-when-we-delete-and-create-a-slab-cache +++ a/include/linux/slub_def.h @@ -155,8 +155,12 @@ struct kmem_cache { #ifdef CONFIG_SYSFS #define SLAB_SUPPORTS_SYSFS +void sysfs_slab_unlink(struct kmem_cache *); void sysfs_slab_release(struct kmem_cache *); #else +static inline void sysfs_slab_unlink(struct kmem_cache *s) +{ +} static inline void sysfs_slab_release(struct kmem_cache *s) { } diff -puN mm/slab_common.c~slub-fix-failure-when-we-delete-and-create-a-slab-cache mm/slab_common.c --- a/mm/slab_common.c~slub-fix-failure-when-we-delete-and-create-a-slab-cache +++ a/mm/slab_common.c @@ -567,10 +567,14 @@ static int shutdown_cache(struct kmem_ca list_del(&s->list); if (s->flags & SLAB_TYPESAFE_BY_RCU) { +#ifdef SLAB_SUPPORTS_SYSFS + sysfs_slab_unlink(s); +#endif list_add_tail(&s->list, &slab_caches_to_rcu_destroy); schedule_work(&slab_caches_to_rcu_destroy_work); } else { #ifdef SLAB_SUPPORTS_SYSFS + sysfs_slab_unlink(s); sysfs_slab_release(s); #else slab_kmem_cache_release(s); diff -puN mm/slub.c~slub-fix-failure-when-we-delete-and-create-a-slab-cache mm/slub.c --- a/mm/slub.c~slub-fix-failure-when-we-delete-and-create-a-slab-cache +++ a/mm/slub.c @@ -5667,7 +5667,6 @@ static void sysfs_slab_remove_workfn(str kset_unregister(s->memcg_kset); #endif kobject_uevent(&s->kobj, KOBJ_REMOVE); - kobject_del(&s->kobj); out: kobject_put(&s->kobj); } @@ -5752,6 +5751,12 @@ static void sysfs_slab_remove(struct kme schedule_work(&s->kobj_remove_work); } +void sysfs_slab_unlink(struct kmem_cache *s) +{ + if (slab_state >= FULL) + kobject_del(&s->kobj); +} + void sysfs_slab_release(struct kmem_cache *s) { if (slab_state >= FULL) _ Patches currently in -mm which might be from mpatocka(a)redhat.com are slub-fix-failure-when-we-delete-and-create-a-slab-cache.patch

7 years, 4 months

1
0
0 0

v4.9.108 build: 0 failures 0 warnings (v4.9.108)

by Build bot for Mark Brown

Tree/Branch: v4.9.108 Git describe: v4.9.108 Commit: 4f42dc62be Linux 4.9.108 Build Time: 83 min 43 sec Passed: 11 / 11 (100.00 %) Failed: 0 / 11 ( 0.00 %) Errors: 0 Warnings: 0 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): ------------------------------------------------------------------------------- =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm64-allmodconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm64-defconfig close failed in file object destructor: sys.excepthook is missing lost sys.stderr

7 years, 4 months

1
0
0 0

[merged] mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: fix devmem_is_allowed() for sub-page System RAM intersections has been removed from the -mm tree. Its filename was mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Dan Williams <dan.j.williams(a)intel.com> Subject: mm: fix devmem_is_allowed() for sub-page System RAM intersections Hussam reports: I was poking around and for no real reason, I did cat /dev/mem and strings /dev/mem. Then I saw the following warning in dmesg. I saved it and rebooted immediately. memremap attempted on mixed range 0x000000000009c000 size: 0x1000 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 11810 at kernel/memremap.c:98 memremap+0x104/0x170 [..] Call Trace: xlate_dev_mem_ptr+0x25/0x40 read_mem+0x89/0x1a0 __vfs_read+0x36/0x170 The memremap() implementation checks for attempts to remap System RAM with MEMREMAP_WB and instead redirects those mapping attempts to the linear map. However, that only works if the physical address range being remapped is page aligned. In low memory we have situations like the following: 00000000-00000fff : Reserved 00001000-0009fbff : System RAM 0009fc00-0009ffff : Reserved ...where System RAM intersects Reserved ranges on a sub-page page granularity. Given that devmem_is_allowed() special cases any attempt to map System RAM in the first 1MB of memory, replace page_is_ram() with the more precise region_intersects() to trap attempts to map disallowed ranges. Link: https://bugzilla.kernel.org/show_bug.cgi?id=199999 Link: http://lkml.kernel.org/r/152856436164.18127.2847888121707136898.stgit@dwill… Fixes: 92281dee825f ("arch: introduce memremap()") Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> Reported-by: Hussam Al-Tayeb <me(a)hussam.eu.org> Tested-by: Hussam Al-Tayeb <me(a)hussam.eu.org> Cc: Christoph Hellwig <hch(a)lst.de> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- arch/x86/mm/init.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff -puN arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections arch/x86/mm/init.c --- a/arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections +++ a/arch/x86/mm/init.c @@ -706,7 +706,9 @@ void __init init_mem_mapping(void) */ int devmem_is_allowed(unsigned long pagenr) { - if (page_is_ram(pagenr)) { + if (region_intersects(PFN_PHYS(pagenr), PAGE_SIZE, + IORESOURCE_SYSTEM_RAM, IORES_DESC_NONE) + != REGION_DISJOINT) { /* * For disallowed memory regions in the low 1MB range, * request that the page be shown as all zeros. _ Patches currently in -mm which might be from dan.j.williams(a)intel.com are mm-devm_memremap_pages-mark-devm_memremap_pages-export_symbol_gpl.patch mm-devm_memremap_pages-handle-errors-allocating-final-devres-action.patch mm-hmm-use-devm-semantics-for-hmm_devmem_add-remove.patch mm-hmm-replace-hmm_devmem_pages_create-with-devm_memremap_pages.patch mm-hmm-mark-hmm_devmem_add-add_resource-export_symbol_gpl.patch

7 years, 4 months

1
0
0 0

[merged] mm-ksm-ignore-stable_flag-of-rmap_item-address-in-rmap_walk_ksm.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm() has been removed from the -mm tree. Its filename was mm-ksm-ignore-stable_flag-of-rmap_item-address-in-rmap_walk_ksm.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Jia He <jia.he(a)hxt-semitech.com> Subject: mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm() In our armv8a server(QDF2400), I noticed lots of WARN_ON caused by PAGE_SIZE unaligned for rmap_item->address under memory pressure tests(start 20 guests and run memhog in the host). --------------------------begin-------------------------------------- [ 410.853828] WARNING: CPU: 4 PID: 4641 at arch/arm64/kvm/../../../virt/kvm/arm/mmu.c:1826 kvm_age_hva_handler+0xc0/0xc8 [ 410.864518] Modules linked in: vhost_net vhost tap xt_CHECKSUM ipt_MASQUERADE nf_nat_masquerade_ipv4 ip6t_rpfilter ipt_REJECT nf_reject_ipv4 ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bridge stp llc ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_security ip6table_raw iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack iptable_mangle iptable_security iptable_raw ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter rpcrdma ib_isert iscsi_target_mod ib_iser libiscsi scsi_transport_iscsi ib_srpt target_core_mod ib_srp scsi_transport_srp ib_ipoib rdma_ucm ib_ucm ib_umad rdma_cm ib_cm iw_cm mlx5_ib vfat fat ib_uverbs dm_mirror dm_region_hash ib_core dm_log dm_mod crc32_ce ipmi_ssif sg nfsd [ 410.935101] auth_rpcgss nfs_acl lockd grace sunrpc ip_tables xfs libcrc32c mlx5_core ixgbe mlxfw devlink mdio ahci_platform libahci_platform qcom_emac libahci hdma hdma_mgmt i2c_qup [ 410.951369] CPU: 4 PID: 4641 Comm: memhog Tainted: G W 4.17.0-rc3+ #8 [ 410.959104] Hardware name: <snip for confidential issues> [ 410.969791] pstate: 80400005 (Nzcv daif +PAN -UAO) [ 410.974575] pc : kvm_age_hva_handler+0xc0/0xc8 [ 410.979012] lr : handle_hva_to_gpa+0xa8/0xe0 [ 410.983274] sp : ffff801761553290 [ 410.986581] x29: ffff801761553290 x28: 0000000000000000 [ 410.991888] x27: 0000000000000002 x26: 0000000000000000 [ 410.997195] x25: ffff801765430058 x24: ffff0000080b5608 [ 411.002501] x23: 0000000000000000 x22: ffff8017ccb84000 [ 411.007807] x21: 0000000003ff0000 x20: ffff8017ccb84000 [ 411.013113] x19: 000000000000fe00 x18: ffff000008fb3c08 [ 411.018419] x17: 0000000000000000 x16: 0060001645820bd3 [ 411.023725] x15: ffff80176aacbc08 x14: 0000000000000000 [ 411.029031] x13: 0000000000000040 x12: 0000000000000228 [ 411.034337] x11: 0000000000000000 x10: 0000000000000000 [ 411.039643] x9 : 0000000000000010 x8 : 0000000000000004 [ 411.044949] x7 : 0000000000000000 x6 : 00008017f0770000 [ 411.050255] x5 : 0000fffda59f0200 x4 : 0000000000000000 [ 411.055561] x3 : 0000000000000000 x2 : 000000000000fe00 [ 411.060867] x1 : 0000000003ff0000 x0 : 0000000020000000 [ 411.066173] Call trace: [ 411.068614] kvm_age_hva_handler+0xc0/0xc8 [ 411.072703] handle_hva_to_gpa+0xa8/0xe0 [ 411.076619] kvm_age_hva+0x4c/0xe8 [ 411.080014] kvm_mmu_notifier_clear_flush_young+0x54/0x98 [ 411.085408] __mmu_notifier_clear_flush_young+0x6c/0xa0 [ 411.090627] page_referenced_one+0x154/0x1d8 [ 411.094890] rmap_walk_ksm+0x12c/0x1d0 [ 411.098632] rmap_walk+0x94/0xa0 [ 411.101854] page_referenced+0x194/0x1b0 [ 411.105770] shrink_page_list+0x674/0xc28 [ 411.109772] shrink_inactive_list+0x26c/0x5b8 [ 411.114122] shrink_node_memcg+0x35c/0x620 [ 411.118211] shrink_node+0x100/0x430 [ 411.121778] do_try_to_free_pages+0xe0/0x3a8 [ 411.126041] try_to_free_pages+0xe4/0x230 [ 411.130045] __alloc_pages_nodemask+0x564/0xdc0 [ 411.134569] alloc_pages_vma+0x90/0x228 [ 411.138398] do_anonymous_page+0xc8/0x4d0 [ 411.142400] __handle_mm_fault+0x4a0/0x508 [ 411.146489] handle_mm_fault+0xf8/0x1b0 [ 411.150321] do_page_fault+0x218/0x4b8 [ 411.154064] do_translation_fault+0x90/0xa0 [ 411.158239] do_mem_abort+0x68/0xf0 [ 411.161721] el0_da+0x24/0x28 ---------------------------end--------------------------------------- In rmap_walk_ksm, the rmap_item->address might still have the STABLE_FLAG, then the start and end in handle_hva_to_gpa might not be PAGE_SIZE aligned. Thus it will cause exceptions in handle_hva_to_gpa on arm64. This patch fixes it by ignoring (not removing) the low bits of address when doing rmap_walk_ksm. IMO, it should be backported to stable tree. the stom of WARN_ONs is very easy for me to reproduce. More than that, I watched a panic (not reproducible) as follows: [35380.805825] page:ffff7fe003742d80 count:-4871 mapcount:-2126053375 mapping: (null) index:0x0 [35380.815024] flags: 0x1fffc00000000000() [35380.818845] raw: 1fffc00000000000 0000000000000000 0000000000000000 ffffecf981470000 [35380.826569] raw: dead000000000100 dead000000000200 ffff8017c001c000 0000000000000000 [35380.834294] page dumped because: nonzero _refcount [35380.839069] Modules linked in: vhost_net vhost tap ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter fcoe libfcoe libfc 8021q garp mrp stp llc scsi_transport_fc openvswitch nf_conntrack_ipv6 nf_nat_ipv6 nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_defrag_ipv6 nf_nat nf_conntrack vfat fat rpcrdma ib_isert iscsi_target_mod ib_iser libiscsi scsi_transport_iscsi ib_srpt target_core_mod ib_srp scsi_transport_srp ib_ipoib rdma_ucm ib_ucm ib_uverbs ib_umad rdma_cm ib_cm iw_cm mlx5_ib ib_core crc32_ce ipmi_ssif tpm_tis tpm_tis_core sg nfsd auth_rpcgss nfs_acl lockd grace sunrpc dm_multipath ip_tables xfs libcrc32c mlx5_core mlxfw devlink ahci_platform libahci_platform libahci qcom_emac sdhci_acpi sdhci hdma mmc_core hdma_mgmt i2c_qup dm_mirror dm_region_hash dm_log dm_mod [35380.908341] CPU: 29 PID: 18323 Comm: qemu-kvm Tainted: G W 4.14.15-5.hxt.aarch64 #1 [35380.917107] Hardware name: <snip for confidential issues> [35380.930909] Call trace: [35380.933345] [<ffff000008088f00>] dump_backtrace+0x0/0x22c [35380.938723] [<ffff000008089150>] show_stack+0x24/0x2c [35380.943759] [<ffff00000893c078>] dump_stack+0x8c/0xb0 [35380.948794] [<ffff00000820ab50>] bad_page+0xf4/0x154 [35380.953740] [<ffff000008211ce8>] free_pages_check_bad+0x90/0x9c [35380.959642] [<ffff00000820c430>] free_pcppages_bulk+0x464/0x518 [35380.965545] [<ffff00000820db98>] free_hot_cold_page+0x22c/0x300 [35380.971448] [<ffff0000082176fc>] __put_page+0x54/0x60 [35380.976484] [<ffff0000080b1164>] unmap_stage2_range+0x170/0x2b4 [35380.982385] [<ffff0000080b12d8>] kvm_unmap_hva_handler+0x30/0x40 [35380.988375] [<ffff0000080b0104>] handle_hva_to_gpa+0xb0/0xec [35380.994016] [<ffff0000080b2644>] kvm_unmap_hva_range+0x5c/0xd0 [35380.999833] [<ffff0000080a8054>] I even injected a fault on purpose in kvm_unmap_hva_range by seting size=size-0x200, the call trace is similar as above. So I thought the panic is similarly caused by the root cause of WARN_ON. Andrea said: : It looks a straightforward safe fix, on x86 hva_to_gfn_memslot would : zap those bits and hide the misalignment caused by the low metadata : bits being erroneously left set in the address, but the arm code : notices when that's the last page in the memslot and the hva_end is : getting aligned and the size is below one page. : : I think the problem triggers in the addr += PAGE_SIZE of : unmap_stage2_ptes that never matches end because end is aligned but : addr is not. : : } while (pte++, addr += PAGE_SIZE, addr != end); : : x86 again only works on hva_start/hva_end after converting it to : gfn_start/end and that being in pfn units the bits are zapped before : they risk to cause trouble. Jia He said: : I've tested by myself in arm64 server (QDF2400,46 cpus,96G mem) Without : this patch, the WARN_ON is very easy for reproducing. After this patch, I : have run the same benchmarch for a whole day without any WARN_ONs Link: http://lkml.kernel.org/r/1525403506-6750-1-git-send-email-hejianet@gmail.com Signed-off-by: Jia He <jia.he(a)hxt-semitech.com> Reviewed-by: Andrea Arcangeli <aarcange(a)redhat.com> Tested-by: Jia He <hejianet(a)gmail.com> Cc: Suzuki K Poulose <Suzuki.Poulose(a)arm.com> Cc: Minchan Kim <minchan(a)kernel.org> Cc: Claudio Imbrenda <imbrenda(a)linux.vnet.ibm.com> Cc: Arvind Yadav <arvind.yadav.cs(a)gmail.com> Cc: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/ksm.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff -puN mm/ksm.c~mm-ksm-ignore-stable_flag-of-rmap_item-address-in-rmap_walk_ksm mm/ksm.c --- a/mm/ksm.c~mm-ksm-ignore-stable_flag-of-rmap_item-address-in-rmap_walk_ksm +++ a/mm/ksm.c @@ -216,6 +216,8 @@ struct rmap_item { #define SEQNR_MASK 0x0ff /* low bits of unstable tree seqnr */ #define UNSTABLE_FLAG 0x100 /* is a node of the unstable tree */ #define STABLE_FLAG 0x200 /* is listed from the stable tree */ +#define KSM_FLAG_MASK (SEQNR_MASK|UNSTABLE_FLAG|STABLE_FLAG) + /* to mask all the flags */ /* The stable and unstable tree heads */ static struct rb_root one_stable_tree[1] = { RB_ROOT }; @@ -2598,10 +2600,15 @@ again: anon_vma_lock_read(anon_vma); anon_vma_interval_tree_foreach(vmac, &anon_vma->rb_root, 0, ULONG_MAX) { + unsigned long addr; + cond_resched(); vma = vmac->vma; - if (rmap_item->address < vma->vm_start || - rmap_item->address >= vma->vm_end) + + /* Ignore the stable/unstable/sqnr flags */ + addr = rmap_item->address & ~KSM_FLAG_MASK; + + if (addr < vma->vm_start || addr >= vma->vm_end) continue; /* * Initially we examine only the vma which covers this @@ -2615,8 +2622,7 @@ again: if (rwc->invalid_vma && rwc->invalid_vma(vma, rwc->arg)) continue; - if (!rwc->rmap_one(page, vma, - rmap_item->address, rwc->arg)) { + if (!rwc->rmap_one(page, vma, addr, rwc->arg)) { anon_vma_unlock_read(anon_vma); return; } _ Patches currently in -mm which might be from jia.he(a)hxt-semitech.com are

7 years, 4 months

1
0
0 0

v4.4.137 build: 0 failures 31 warnings (v4.4.137)

by Build bot for Mark Brown

Tree/Branch: v4.4.137 Git describe: v4.4.137 Commit: ed90fd0cfe Linux 4.4.137 Build Time: 63 min 2 sec Passed: 10 / 10 (100.00 %) Failed: 0 / 10 ( 0.00 %) Errors: 0 Warnings: 31 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 19 warnings 0 mismatches : arm64-allmodconfig 17 warnings 0 mismatches : x86_64-allmodconfig ------------------------------------------------------------------------------- Warnings Summary: 31 3 warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) 2 ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] 2 ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 2 ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm64-allmodconfig : PASS, 0 errors, 19 warnings, 0 section mismatches Warnings: warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) warning: (IMA) selects TCG_CRB which has unmet direct dependencies (TCG_TPM && X86 && ACPI) ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 2992 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2288 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3248 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2544 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5840 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 6784 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv0367.c:2490:1: warning: the frame size of 3424 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2976 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4336 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2720 bytes is larger than 2048 bytes [-Wframe-larger-than=] ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 17 warnings, 0 section mismatches Warnings: ../drivers/media/dvb-frontends/stv090x.c:1858:1: warning: the frame size of 3008 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2141:1: warning: the frame size of 2104 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2513:1: warning: the frame size of 2304 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4565:1: warning: the frame size of 2096 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1956:1: warning: the frame size of 3264 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1599:1: warning: the frame size of 5296 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1211:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4250:1: warning: the frame size of 4832 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:4759:1: warning: the frame size of 2056 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:1168:1: warning: the frame size of 2080 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:2073:1: warning: the frame size of 2552 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3095:1: warning: the frame size of 5864 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv090x.c:3436:1: warning: the frame size of 5280 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/stv0367.c:3147:1: warning: the frame size of 4144 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2401:1: warning: the frame size of 2984 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/media/dvb-frontends/cxd2841er.c:2282:1: warning: the frame size of 4328 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/net/ethernet/rocker/rocker.c:2172:1: warning: the frame size of 2752 bytes is larger than 2048 bytes [-Wframe-larger-than=] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm64-defconfig

7 years, 4 months

1
0
0 0

[PATCH 4.17 00/45] 4.17.2-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.17.2 release. There are 45 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Jun 16 13:21:05 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.17.2-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.17.2-rc1 Bin Liu <b-liu(a)ti.com> crypto: omap-sham - fix memleak Michael Ellerman <mpe(a)ellerman.id.au> crypto: vmx - Remove overly verbose printk from AES XTS init Michael Ellerman <mpe(a)ellerman.id.au> crypto: vmx - Remove overly verbose printk from AES init routines Jan Glauber <jglauber(a)cavium.com> crypto: cavium - Limit result reading attempts Jan Glauber <jglauber(a)cavium.com> crypto: cavium - Fix fallout from CONFIG_VMAP_STACK Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix size of RSA prime factor q Horia Geantă <horia.geanta(a)nxp.com> crypto: caam/qi - fix IV DMA mapping and updating Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix IV DMA mapping and updating Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix DMA mapping dir for generated IV Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - strip input zeros from RSA input buffer Johannes Wienke <languitar(a)semipol.de> Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID Ethan Lee <flibitijibibo(a)gmail.com> Input: goodix - add new ACPI id for GPD Win 2 touch screen Gilad Ben-Yossef <gilad(a)benyossef.com> crypto: ccree - correct host regs offset Dave Martin <Dave.Martin(a)arm.com> tty: pl011: Avoid spuriously stuck-off interrupts Sean Wang <sean.wang(a)mediatek.com> arm64: defconfig: Enable CONFIG_PINCTRL_MT7622 by default Stephen Hemminger <stephen(a)networkplumber.org> doc: fix sysfs ABI documentation Gil Kupfer <gilkup(a)gmail.com> vmw_balloon: fixing double free when batching mode is off Tony Lindgren <tony(a)atomide.com> serial: 8250: omap: Fix idling of clocks for unused uarts Marek Szyprowski <m.szyprowski(a)samsung.com> serial: samsung: fix maxburst parameter for DMA transactions Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> tty/serial: atmel: use port->name as name in request_irq() Geert Uytterhoeven <geert+renesas(a)glider.be> serial: sh-sci: Stop using printk format %pCr Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add udc Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: should remove debugfs Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: fix double phy_put() Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: function: printer: avoid wrong list handling in printer_write() Heikki Krogerus <heikki.krogerus(a)linux.intel.com> usb: typec: wcove: Remove dependency on HW FSM Ruslan Bilovol <ruslan.bilovol(a)gmail.com> usb: core: message: remove extra endianness conversion in usb_set_isoch_delay Manu Gautam <mgautam(a)codeaurora.org> phy: qcom-qusb2: Fix crash if nvmem cell not specified Ethan Lee <flibitijibibo(a)gmail.com> Input: xpad - add GPD Win 2 Controller USB IDs Alexander Kappner <agk(a)godking.net> usb-storage: Add compatibility quirk flags for G-Technologies G-Drive Alexander Kappner <agk(a)godking.net> usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver Gustavo A. R. Silva <gustavo(a)embeddedor.com> usbip: vhci_sysfs: fix potential Spectre v1 Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> NFC: pn533: don't send USB data off of the stack Laura Abbott <labbott(a)redhat.com> staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy Paolo Bonzini <pbonzini(a)redhat.com> kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system Felix Wilhelm <fwilhelm(a)google.com> kvm: nVMX: Enforce cpl=0 for VMX instructions Michael S. Tsirkin <mst(a)redhat.com> kvm: fix typo in flag name Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: introduce linear_{read,write}_system Wanpeng Li <wanpengli(a)tencent.com> KVM: X86: Fix reserved bits check for MOV to CR3 Bart Van Assche <bart.vanassche(a)wdc.com> blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers Atul Gupta <atul.gupta(a)chelsio.com> crypto: chelsio - request to HW should wrap ------------- Diffstat: Documentation/ABI/stable/sysfs-bus-vmbus | 40 +++--- Makefile | 4 +- arch/arm64/configs/defconfig | 1 + arch/x86/include/asm/kvm_emulate.h | 6 +- arch/x86/kvm/emulate.c | 76 +++++----- arch/x86/kvm/vmx.c | 38 +++-- arch/x86/kvm/x86.c | 61 +++++--- arch/x86/kvm/x86.h | 4 +- block/blk-zoned.c | 8 +- drivers/crypto/caam/caamalg.c | 231 ++++++++++++++----------------- drivers/crypto/caam/caamalg_qi.c | 227 +++++++++++++++--------------- drivers/crypto/caam/caampkc.c | 62 ++++++++- drivers/crypto/caam/caampkc.h | 8 ++ drivers/crypto/cavium/zip/common.h | 21 +++ drivers/crypto/cavium/zip/zip_crypto.c | 22 +-- drivers/crypto/cavium/zip/zip_deflate.c | 4 +- drivers/crypto/cavium/zip/zip_inflate.c | 4 +- drivers/crypto/ccree/cc_debugfs.c | 7 +- drivers/crypto/ccree/cc_driver.c | 8 +- drivers/crypto/ccree/cc_driver.h | 2 + drivers/crypto/ccree/cc_host_regs.h | 6 +- drivers/crypto/chelsio/chcr_ipsec.c | 35 +++-- drivers/crypto/omap-sham.c | 2 +- drivers/crypto/vmx/aes.c | 2 - drivers/crypto/vmx/aes_cbc.c | 3 - drivers/crypto/vmx/aes_ctr.c | 2 - drivers/crypto/vmx/aes_xts.c | 2 - drivers/crypto/vmx/ghash.c | 2 - drivers/input/joystick/xpad.c | 2 + drivers/input/mouse/elan_i2c_core.c | 1 + drivers/input/touchscreen/goodix.c | 1 + drivers/misc/vmw_balloon.c | 23 +-- drivers/nfc/pn533/usb.c | 42 ++++-- drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 + drivers/staging/android/ion/ion.c | 5 +- drivers/tty/serial/8250/8250_omap.c | 16 ++- drivers/tty/serial/amba-pl011.c | 16 +++ drivers/tty/serial/atmel_serial.c | 5 +- drivers/tty/serial/samsung.c | 7 +- drivers/tty/serial/sh-sci.c | 4 +- drivers/usb/core/message.c | 2 +- drivers/usb/gadget/function/f_printer.c | 6 +- drivers/usb/gadget/udc/renesas_usb3.c | 37 +++-- drivers/usb/storage/uas.c | 6 + drivers/usb/storage/unusual_devs.h | 9 ++ drivers/usb/storage/unusual_uas.h | 9 ++ drivers/usb/typec/typec_wcove.c | 30 +++- drivers/usb/usbip/vhci_sysfs.c | 24 ++-- include/uapi/linux/kvm.h | 4 +- tools/include/uapi/linux/kvm.h | 4 +- 50 files changed, 685 insertions(+), 460 deletions(-)

7 years, 4 months

4
45
0 0

[PATCH 4.16 00/43] 4.16.16-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.16.16 release. There are 43 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Jun 16 13:21:17 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.16.16-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.16.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.16.16-rc1 Bin Liu <b-liu(a)ti.com> crypto: omap-sham - fix memleak Michael Ellerman <mpe(a)ellerman.id.au> crypto: vmx - Remove overly verbose printk from AES XTS init Michael Ellerman <mpe(a)ellerman.id.au> crypto: vmx - Remove overly verbose printk from AES init routines Jan Glauber <jglauber(a)cavium.com> crypto: cavium - Limit result reading attempts Jan Glauber <jglauber(a)cavium.com> crypto: cavium - Fix fallout from CONFIG_VMAP_STACK Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix size of RSA prime factor q Horia Geantă <horia.geanta(a)nxp.com> crypto: caam/qi - fix IV DMA mapping and updating Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix IV DMA mapping and updating Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix DMA mapping dir for generated IV Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - strip input zeros from RSA input buffer Johannes Wienke <languitar(a)semipol.de> Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID Ethan Lee <flibitijibibo(a)gmail.com> Input: goodix - add new ACPI id for GPD Win 2 touch screen Paolo Bonzini <pbonzini(a)redhat.com> kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access Dave Martin <Dave.Martin(a)arm.com> tty: pl011: Avoid spuriously stuck-off interrupts Gil Kupfer <gilkup(a)gmail.com> vmw_balloon: fixing double free when batching mode is off Tony Lindgren <tony(a)atomide.com> serial: 8250: omap: Fix idling of clocks for unused uarts Marek Szyprowski <m.szyprowski(a)samsung.com> serial: samsung: fix maxburst parameter for DMA transactions Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> tty/serial: atmel: use port->name as name in request_irq() Geert Uytterhoeven <geert+renesas(a)glider.be> serial: sh-sci: Stop using printk format %pCr Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: should fail if devm_phy_get() returns error Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: should call devm_phy_get() before add udc Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: should call pm_runtime_enable() before add udc Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: should remove debugfs Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: fix double phy_put() Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: function: printer: avoid wrong list handling in printer_write() Heikki Krogerus <heikki.krogerus(a)linux.intel.com> usb: typec: wcove: Remove dependency on HW FSM Ruslan Bilovol <ruslan.bilovol(a)gmail.com> usb: core: message: remove extra endianness conversion in usb_set_isoch_delay Manu Gautam <mgautam(a)codeaurora.org> phy: qcom-qusb2: Fix crash if nvmem cell not specified Ethan Lee <flibitijibibo(a)gmail.com> Input: xpad - add GPD Win 2 Controller USB IDs Alexander Kappner <agk(a)godking.net> usb-storage: Add compatibility quirk flags for G-Technologies G-Drive Alexander Kappner <agk(a)godking.net> usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver Gustavo A. R. Silva <gustavo(a)embeddedor.com> usbip: vhci_sysfs: fix potential Spectre v1 Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> NFC: pn533: don't send USB data off of the stack Laura Abbott <labbott(a)redhat.com> staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system Felix Wilhelm <fwilhelm(a)google.com> kvm: nVMX: Enforce cpl=0 for VMX instructions Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: introduce linear_{read,write}_system Wanpeng Li <wanpengli(a)tencent.com> KVM: X86: Fix reserved bits check for MOV to CR3 Kevin Easton <kevin(a)guarana.org> af_key: Always verify length of provided sadb_key Bart Van Assche <bart.vanassche(a)wdc.com> blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers Atul Gupta <atul.gupta(a)chelsio.com> crypto: chelsio - request to HW should wrap Taehee Yoo <ap420073(a)gmail.com> netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() ------------- Diffstat: Makefile | 4 +- arch/x86/include/asm/kvm_emulate.h | 6 +- arch/x86/kvm/emulate.c | 76 ++++++----- arch/x86/kvm/vmx.c | 38 +++--- arch/x86/kvm/x86.c | 53 +++++--- arch/x86/kvm/x86.h | 4 +- block/blk-zoned.c | 8 +- drivers/crypto/caam/caamalg.c | 231 ++++++++++++++------------------ drivers/crypto/caam/caamalg_qi.c | 227 ++++++++++++++++--------------- drivers/crypto/caam/caampkc.c | 62 ++++++++- drivers/crypto/caam/caampkc.h | 8 ++ drivers/crypto/cavium/zip/common.h | 21 +++ drivers/crypto/cavium/zip/zip_crypto.c | 22 +-- drivers/crypto/cavium/zip/zip_deflate.c | 4 +- drivers/crypto/cavium/zip/zip_inflate.c | 4 +- drivers/crypto/chelsio/chcr_ipsec.c | 35 +++-- drivers/crypto/omap-sham.c | 2 +- drivers/crypto/vmx/aes.c | 2 - drivers/crypto/vmx/aes_cbc.c | 3 - drivers/crypto/vmx/aes_ctr.c | 2 - drivers/crypto/vmx/aes_xts.c | 2 - drivers/crypto/vmx/ghash.c | 2 - drivers/input/joystick/xpad.c | 2 + drivers/input/mouse/elan_i2c_core.c | 1 + drivers/input/touchscreen/goodix.c | 1 + drivers/misc/vmw_balloon.c | 23 +--- drivers/nfc/pn533/usb.c | 42 ++++-- drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 + drivers/staging/android/ion/ion.c | 5 +- drivers/tty/serial/8250/8250_omap.c | 16 ++- drivers/tty/serial/amba-pl011.c | 16 +++ drivers/tty/serial/atmel_serial.c | 5 +- drivers/tty/serial/samsung.c | 7 +- drivers/tty/serial/sh-sci.c | 4 +- drivers/usb/core/message.c | 2 +- drivers/usb/gadget/function/f_printer.c | 6 +- drivers/usb/gadget/udc/renesas_usb3.c | 37 +++-- drivers/usb/storage/uas.c | 6 + drivers/usb/storage/unusual_devs.h | 9 ++ drivers/usb/storage/unusual_uas.h | 9 ++ drivers/usb/typec/typec_wcove.c | 30 ++++- drivers/usb/usbip/vhci_sysfs.c | 24 ++-- net/key/af_key.c | 45 +++++-- net/netfilter/nft_ct.c | 20 +-- 44 files changed, 686 insertions(+), 444 deletions(-)

7 years, 4 months

4
40
0 0

[PATCH 4.14 00/36] 4.14.50-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.50 release. There are 36 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Jun 16 13:21:44 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.50-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.50-rc1 Bin Liu <b-liu(a)ti.com> crypto: omap-sham - fix memleak Michael Ellerman <mpe(a)ellerman.id.au> crypto: vmx - Remove overly verbose printk from AES XTS init Michael Ellerman <mpe(a)ellerman.id.au> crypto: vmx - Remove overly verbose printk from AES init routines Jan Glauber <jglauber(a)cavium.com> crypto: cavium - Limit result reading attempts Jan Glauber <jglauber(a)cavium.com> crypto: cavium - Fix fallout from CONFIG_VMAP_STACK Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix size of RSA prime factor q Horia Geantă <horia.geanta(a)nxp.com> crypto: caam/qi - fix IV DMA mapping and updating Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix IV DMA mapping and updating Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix DMA mapping dir for generated IV Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - strip input zeros from RSA input buffer Johannes Wienke <languitar(a)semipol.de> Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID Ethan Lee <flibitijibibo(a)gmail.com> Input: goodix - add new ACPI id for GPD Win 2 touch screen Paolo Bonzini <pbonzini(a)redhat.com> kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access Dave Martin <Dave.Martin(a)arm.com> tty: pl011: Avoid spuriously stuck-off interrupts Gil Kupfer <gilkup(a)gmail.com> vmw_balloon: fixing double free when batching mode is off Tony Lindgren <tony(a)atomide.com> serial: 8250: omap: Fix idling of clocks for unused uarts Marek Szyprowski <m.szyprowski(a)samsung.com> serial: samsung: fix maxburst parameter for DMA transactions Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> tty/serial: atmel: use port->name as name in request_irq() Geert Uytterhoeven <geert+renesas(a)glider.be> serial: sh-sci: Stop using printk format %pCr Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: function: printer: avoid wrong list handling in printer_write() Manu Gautam <mgautam(a)codeaurora.org> phy: qcom-qusb2: Fix crash if nvmem cell not specified Ethan Lee <flibitijibibo(a)gmail.com> Input: xpad - add GPD Win 2 Controller USB IDs Alexander Kappner <agk(a)godking.net> usb-storage: Add compatibility quirk flags for G-Technologies G-Drive Alexander Kappner <agk(a)godking.net> usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver Gustavo A. R. Silva <gustavo(a)embeddedor.com> usbip: vhci_sysfs: fix potential Spectre v1 Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> NFC: pn533: don't send USB data off of the stack Laura Abbott <labbott(a)redhat.com> staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system Felix Wilhelm <fwilhelm(a)google.com> kvm: nVMX: Enforce cpl=0 for VMX instructions Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: introduce linear_{read,write}_system Wanpeng Li <wanpengli(a)tencent.com> KVM: X86: Fix reserved bits check for MOV to CR3 Linus Walleij <linus.walleij(a)linaro.org> gpio: No NULL owner Kevin Easton <kevin(a)guarana.org> af_key: Always verify length of provided sadb_key Bart Van Assche <bart.vanassche(a)wdc.com> blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers Taehee Yoo <ap420073(a)gmail.com> netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() ------------- Diffstat: Makefile | 4 +- arch/x86/include/asm/kvm_emulate.h | 6 +- arch/x86/kvm/emulate.c | 76 ++++++----- arch/x86/kvm/vmx.c | 38 +++--- arch/x86/kvm/x86.c | 53 +++++--- arch/x86/kvm/x86.h | 4 +- block/blk-zoned.c | 8 +- drivers/crypto/caam/caamalg.c | 231 ++++++++++++++------------------ drivers/crypto/caam/caamalg_qi.c | 227 ++++++++++++++++--------------- drivers/crypto/caam/caampkc.c | 62 ++++++++- drivers/crypto/caam/caampkc.h | 8 ++ drivers/crypto/cavium/zip/common.h | 21 +++ drivers/crypto/cavium/zip/zip_crypto.c | 22 +-- drivers/crypto/cavium/zip/zip_deflate.c | 4 +- drivers/crypto/cavium/zip/zip_inflate.c | 4 +- drivers/crypto/omap-sham.c | 2 +- drivers/crypto/vmx/aes.c | 2 - drivers/crypto/vmx/aes_cbc.c | 3 - drivers/crypto/vmx/aes_ctr.c | 2 - drivers/crypto/vmx/aes_xts.c | 2 - drivers/crypto/vmx/ghash.c | 2 - drivers/gpio/gpiolib.c | 9 +- drivers/input/joystick/xpad.c | 2 + drivers/input/mouse/elan_i2c_core.c | 1 + drivers/input/touchscreen/goodix.c | 1 + drivers/misc/vmw_balloon.c | 23 +--- drivers/nfc/pn533/usb.c | 42 ++++-- drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 + drivers/staging/android/ion/ion.c | 5 +- drivers/tty/serial/8250/8250_omap.c | 16 ++- drivers/tty/serial/amba-pl011.c | 16 +++ drivers/tty/serial/atmel_serial.c | 5 +- drivers/tty/serial/samsung.c | 7 +- drivers/tty/serial/sh-sci.c | 4 +- drivers/usb/gadget/function/f_printer.c | 6 +- drivers/usb/gadget/udc/renesas_usb3.c | 7 + drivers/usb/storage/uas.c | 6 + drivers/usb/storage/unusual_devs.h | 9 ++ drivers/usb/storage/unusual_uas.h | 9 ++ drivers/usb/usbip/vhci_sysfs.c | 24 ++-- net/key/af_key.c | 45 +++++-- net/netfilter/nft_ct.c | 20 +-- 42 files changed, 629 insertions(+), 413 deletions(-)

7 years, 4 months

4
33
0 0

[PATCH 4.9 00/30] 4.9.109-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.109 release. There are 30 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Jun 16 13:25:48 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.109-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.109-rc1 Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> perf: sync up x86/.../cpufeatures.h Bin Liu <b-liu(a)ti.com> crypto: omap-sham - fix memleak Michael Ellerman <mpe(a)ellerman.id.au> crypto: vmx - Remove overly verbose printk from AES init routines Johannes Wienke <languitar(a)semipol.de> Input: elan_i2c - add ELAN0612 (Lenovo v330 14IKB) ACPI ID Ethan Lee <flibitijibibo(a)gmail.com> Input: goodix - add new ACPI id for GPD Win 2 touch screen Paolo Bonzini <pbonzini(a)redhat.com> kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access Dave Martin <Dave.Martin(a)arm.com> tty: pl011: Avoid spuriously stuck-off interrupts Gil Kupfer <gilkup(a)gmail.com> vmw_balloon: fixing double free when batching mode is off Tony Lindgren <tony(a)atomide.com> serial: 8250: omap: Fix idling of clocks for unused uarts Marek Szyprowski <m.szyprowski(a)samsung.com> serial: samsung: fix maxburst parameter for DMA transactions Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> tty/serial: atmel: use port->name as name in request_irq() Geert Uytterhoeven <geert+renesas(a)glider.be> serial: sh-sci: Stop using printk format %pCr Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: disable the controller's irqs for reconnecting Alexander Kappner <agk(a)godking.net> usb-storage: Add compatibility quirk flags for G-Technologies G-Drive Alexander Kappner <agk(a)godking.net> usb-storage: Add support for FL_ALWAYS_SYNC flag in the UAS driver Gustavo A. R. Silva <gustavo(a)embeddedor.com> usbip: vhci_sysfs: fix potential Spectre v1 Laura Abbott <labbott(a)redhat.com> staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system Paolo Bonzini <pbonzini(a)redhat.com> KVM: x86: introduce linear_{read,write}_system Linus Walleij <linus.walleij(a)linaro.org> gpio: No NULL owner Martin Wilck <mwilck(a)suse.com> nvmet: don't overwrite identify sn/fr with 0-bytes Martin Wilck <mwilck(a)suse.com> nvmet: don't report 0-bytes in serial number Johannes Thumshirn <jthumshirn(a)suse.de> nvmet: Move serial number from controller to subsystem Andy Lutomirski <luto(a)kernel.org> x86/crypto, x86/fpu: Remove X86_FEATURE_EAGER_FPU #ifdef from the crc32c code Kevin Easton <kevin(a)guarana.org> af_key: Always verify length of provided sadb_key Keith Busch <keith.busch(a)intel.com> nvme-pci: initialize queue memory before interrupts Andreas Born <futur.andy(a)googlemail.com> bonding: require speed/duplex only for 802.3ad, alb and tlb Mahesh Bandewar <maheshb(a)google.com> bonding: fix active-backup transition Mahesh Bandewar <maheshb(a)google.com> bonding: correctly update link status during mii-commit phase Andy Lutomirski <luto(a)kernel.org> x86/fpu: Hard-disable lazy FPU mode ------------- Diffstat: Makefile | 4 +- arch/x86/crypto/crc32c-intel_glue.c | 5 -- arch/x86/include/asm/cpufeatures.h | 2 +- arch/x86/include/asm/fpu/internal.h | 2 +- arch/x86/include/asm/kvm_emulate.h | 6 ++- arch/x86/kernel/fpu/init.c | 91 ++------------------------------ arch/x86/kvm/emulate.c | 72 ++++++++++++------------- arch/x86/kvm/vmx.c | 23 ++++---- arch/x86/kvm/x86.c | 51 +++++++++++++----- arch/x86/kvm/x86.h | 4 +- drivers/crypto/omap-sham.c | 2 +- drivers/crypto/vmx/aes.c | 2 - drivers/crypto/vmx/aes_cbc.c | 2 - drivers/crypto/vmx/aes_ctr.c | 2 - drivers/crypto/vmx/ghash.c | 2 - drivers/gpio/gpiolib.c | 9 +++- drivers/input/mouse/elan_i2c_core.c | 1 + drivers/input/touchscreen/goodix.c | 1 + drivers/misc/vmw_balloon.c | 23 +++----- drivers/net/bonding/bond_main.c | 22 ++++---- drivers/nvme/host/pci.c | 4 +- drivers/nvme/target/admin-cmd.c | 22 +++++--- drivers/nvme/target/core.c | 5 +- drivers/nvme/target/nvmet.h | 2 +- drivers/staging/android/ion/ion.c | 5 +- drivers/tty/serial/8250/8250_omap.c | 16 +++++- drivers/tty/serial/amba-pl011.c | 16 ++++++ drivers/tty/serial/atmel_serial.c | 5 +- drivers/tty/serial/samsung.c | 7 +-- drivers/tty/serial/sh-sci.c | 4 +- drivers/usb/gadget/udc/renesas_usb3.c | 7 +++ drivers/usb/storage/uas.c | 6 +++ drivers/usb/storage/unusual_devs.h | 9 ++++ drivers/usb/storage/unusual_uas.h | 9 ++++ drivers/usb/usbip/vhci_sysfs.c | 24 ++++++--- include/net/bonding.h | 5 ++ net/key/af_key.c | 45 ++++++++++++---- tools/arch/x86/include/asm/cpufeatures.h | 2 +- 38 files changed, 274 insertions(+), 245 deletions(-)

7 years, 4 months

5
35
0 0

[PATCH v2] crypto: arm64/aes-blk - fix and move skcipher_walk_done out of kernel_neon_begin, _end

by Jia He

In a arm64 server(QDF2400),I met a similar might-sleep warning as [1]: [ 7.019116] BUG: sleeping function called from invalid context at ./include/crypto/algapi.h:416 [ 7.027863] in_atomic(): 1, irqs_disabled(): 0, pid: 410, name: cryptomgr_test [ 7.035106] 1 lock held by cryptomgr_test/410: [ 7.039549] #0: (ptrval) (&drbg->drbg_mutex){+.+.}, at: drbg_instantiate+0x34/0x398 [ 7.048038] CPU: 9 PID: 410 Comm: cryptomgr_test Not tainted 4.17.0-rc6+ #27 [ 7.068228] dump_backtrace+0x0/0x1c0 [ 7.071890] show_stack+0x24/0x30 [ 7.075208] dump_stack+0xb0/0xec [ 7.078523] ___might_sleep+0x160/0x238 [ 7.082360] skcipher_walk_done+0x118/0x2c8 [ 7.086545] ctr_encrypt+0x98/0x130 [ 7.090035] simd_skcipher_encrypt+0x68/0xc0 [ 7.094304] drbg_kcapi_sym_ctr+0xd4/0x1f8 [ 7.098400] drbg_ctr_update+0x98/0x330 [ 7.102236] drbg_seed+0x1b8/0x2f0 [ 7.105637] drbg_instantiate+0x2ac/0x398 [ 7.109646] drbg_kcapi_seed+0xbc/0x188 [ 7.113482] crypto_rng_reset+0x4c/0xb0 [ 7.117319] alg_test_drbg+0xec/0x330 [ 7.120981] alg_test.part.6+0x1c8/0x3c8 [ 7.124903] alg_test+0x58/0xa0 [ 7.128044] cryptomgr_test+0x50/0x58 [ 7.131708] kthread+0x134/0x138 [ 7.134936] ret_from_fork+0x10/0x1c Seems there is a bug in Ard Biesheuvel's commit. Fixes: 683381747270 ("crypto: arm64/aes-blk - move kernel mode neon en/disable into loop") [1] https://www.spinics.net/lists/linux-crypto/msg33103.html Signed-off-by: jia.he(a)hxt-semitech.com Acked-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Cc: <stable(a)vger.kernel.org> # 4.17 --- v2: cc stable --- arch/arm64/crypto/aes-glue.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/crypto/aes-glue.c b/arch/arm64/crypto/aes-glue.c index 253188f..e3e5095 100644 --- a/arch/arm64/crypto/aes-glue.c +++ b/arch/arm64/crypto/aes-glue.c @@ -223,8 +223,8 @@ static int ctr_encrypt(struct skcipher_request *req) kernel_neon_begin(); aes_ctr_encrypt(walk.dst.virt.addr, walk.src.virt.addr, (u8 *)ctx->key_enc, rounds, blocks, walk.iv); - err = skcipher_walk_done(&walk, walk.nbytes % AES_BLOCK_SIZE); kernel_neon_end(); + err = skcipher_walk_done(&walk, walk.nbytes % AES_BLOCK_SIZE); } if (walk.nbytes) { u8 __aligned(8) tail[AES_BLOCK_SIZE]; -- 1.8.3.1

7 years, 4 months

3
2
0 0

[PATCH 1/3] um: Drop own definition of PTRACE_SYSEMU/_SINGLESTEP

by Richard Weinberger

32bit UML used to define PTRACE_SYSEMU and PTRACE_SYSEMU_SINGLESTEP own its own because many years ago not all libcs had these request codes in their UAPI. These days PTRACE_SYSEMU/_SINGLESTEP is well known and part of glibc and our own define becomes problematic. With change c48831d0eebf ("linux/x86: sync sys/ptrace.h with Linux 4.14 [BZ #22433]") glibc turned PTRACE_SYSEMU/_SINGLESTEP into a enum and UML failed to build. Let's drop our define and rely on the fact that every libc has PTRACE_SYSEMU/_SINGLESTEP. Cc: <stable(a)vger.kernel.org> Cc: Ritesh Raj Sarraf <rrs(a)researchut.com> Reported-and-tested-by: Ritesh Raj Sarraf <rrs(a)researchut.com> Signed-off-by: Richard Weinberger <richard(a)nod.at> --- arch/x86/um/shared/sysdep/ptrace_32.h | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/arch/x86/um/shared/sysdep/ptrace_32.h b/arch/x86/um/shared/sysdep/ptrace_32.h index b94a108de1dc..ae00d22bce02 100644 --- a/arch/x86/um/shared/sysdep/ptrace_32.h +++ b/arch/x86/um/shared/sysdep/ptrace_32.h @@ -10,20 +10,10 @@ static inline void update_debugregs(int seq) {} -/* syscall emulation path in ptrace */ - -#ifndef PTRACE_SYSEMU -#define PTRACE_SYSEMU 31 -#endif - void set_using_sysemu(int value); int get_using_sysemu(void); extern int sysemu_supported; -#ifndef PTRACE_SYSEMU_SINGLESTEP -#define PTRACE_SYSEMU_SINGLESTEP 32 -#endif - #define UPT_SYSCALL_ARG1(r) UPT_BX(r) #define UPT_SYSCALL_ARG2(r) UPT_CX(r) #define UPT_SYSCALL_ARG3(r) UPT_DX(r) -- 2.13.6

7 years, 4 months

1
0
0 0

Re: x86/fpu: Disable AVX when eagerfpu is off

by Julian Stecklina

Yu, Regarding your patch to disable AVX with eager fpu disabled in the 4.4 stable queue: https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/tre… Why would this be necessary? In the Intel SDM Vol 2, Chapter 2.4, FPU/SIMD instructions are grouped into different classes and for all of them CR0.TS triggers a #NM exception in all modes but real mode and virtual 8086 mode. It seems to me lazy context switching of AVX is perfectly functional (disregarding the recently disclosed security issue). Am I missing something? Julian

7 years, 4 months

2
2
0 0

v4.14.49 build: 0 failures 0 warnings (v4.14.49)

by Build bot for Mark Brown

Tree/Branch: v4.14.49 Git describe: v4.14.49 Commit: 70d7bbd9b5 Linux 4.14.49 Build Time: 98 min 42 sec Passed: 11 / 11 (100.00 %) Failed: 0 / 11 ( 0.00 %) Errors: 0 Warnings: 0 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): ------------------------------------------------------------------------------- =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm64-allmodconfig arm-multi_v5_defconfig arm-multi_v7_defconfig x86_64-defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm-multi_v4t_defconfig x86_64-allmodconfig arm64-defconfig

7 years, 4 months

1
0
0 0

v4.1.52 build: 0 failures 61 warnings (v4.1.52)

by Build bot for Mark Brown

Tree/Branch: v4.1.52 Git describe: v4.1.52 Commit: c4ff7514e7 Linux 4.1.52 Build Time: 50 min 6 sec Passed: 10 / 10 (100.00 %) Failed: 0 / 10 ( 0.00 %) Errors: 0 Warnings: 61 Section Mismatches: 1 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 30 warnings 3 mismatches : arm64-allmodconfig 2 warnings 0 mismatches : arm-multi_v5_defconfig 6 warnings 0 mismatches : arm-multi_v7_defconfig 8 warnings 0 mismatches : x86_64-defconfig 32 warnings 0 mismatches : arm-allmodconfig 46 warnings 0 mismatches : x86_64-allmodconfig 1 warnings 0 mismatches : arm64-defconfig ------------------------------------------------------------------------------- Warnings Summary: 61 8 ../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast 5 ../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] 5 ../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] 5 ../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] 5 ../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] 5 ../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool] 4 ../drivers/net/virtio_net.c:553:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] 3 ../sound/pci/oxygen/oxygen_mixer.c:91:43: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] 3 ../net/ipv4/esp4.c:432:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] 3 ../net/ipv4/esp4.c:242:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] 3 ../net/ipv4/ah4.c:394:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] 3 ../net/ipv4/ah4.c:223:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] 3 ../drivers/scsi/qla2xxx/qla_target.c:3086:6: warning: format '%llu' expects argument of type 'long long unsigned int', but argument 8 has type 'uint32_t {aka unsigned int}' [-Wformat=] 3 ../drivers/scsi/qla2xxx/qla_target.c:3083:17: warning: unused variable 'se_cmd' [-Wunused-variable] 3 ../drivers/scsi/be2iscsi/be_main.c:3168:18: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] 3 ../drivers/media/platform/s3c-camif/camif-capture.c:134:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] 3 ../drivers/media/platform/s3c-camif/camif-capture.c:118:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] 3 ../drivers/ata/pata_hpt366.c:382:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] 3 ../drivers/ata/pata_hpt366.c:379:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] 3 ../drivers/ata/pata_hpt366.c:376:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] 2 ../drivers/usb/renesas_usbhs/common.c:492:25: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] 2 ../drivers/scsi/ips.c:210:2: warning: #warning "This driver has only been tested on the x86/ia64/x86_64 platforms" [-Wcpp] 2 ../drivers/mmc/host/sh_mmcif.c:402:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] 2 ../drivers/mmc/host/sh_mmcif.c:401:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] 2 ../drivers/iommu/intel-iommu.c:3800:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] 2 ../drivers/iommu/dmar.c:1849:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] 2 ../drivers/hid/hid-input.c:1171:67: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] 2 ../arch/x86/include/asm/msr.h:209:23: warning: right shift count >= width of type [-Wshift-count-overflow] 1 ../net/caif/cfpkt_skbuff.c:282:3: warning: this 'else' clause does not guard... [-Wmisleading-indentation] 1 ../include/trace/ftrace.h:28:0: warning: "TRACE_SYSTEM_STRING" redefined 1 ../drivers/xen/swiotlb-xen.c:704:27: warning: passing argument 6 of '__generic_dma_ops(dev)->mmap' makes pointer from integer without a cast [-Wint-conversion] 1 ../drivers/staging/unisys/visorutil/periodic_work.c:91:31: warning: comparison of constant '0' with boolean expression is always false [-Wbool-compare] 1 ../drivers/staging/unisys/visorutil/periodic_work.c:122:31: warning: comparison of constant '0' with boolean expression is always false [-Wbool-compare] 1 ../drivers/staging/rtl8723au/core/rtw_wlan_util.c:525:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/staging/iio/adc/ad7192.c:236:3: warning: this 'else' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/staging/i2o/i2o_config.c:952:10: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] 1 ../drivers/staging/i2o/i2o_config.c:892:19: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] 1 ../drivers/scsi/storvsc_drv.c:1676:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/scsi/megaraid/megaraid_sas_fusion.c:1723:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/scsi/bfa/bfa_ioc.c:3673:4: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/scsi/bfa/bfa_ioc.c:3665:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/scsi/advansys.c:71:2: warning: #warning this driver is still not properly converted to the DMA API [-Wcpp] 1 ../drivers/rtc/rtc-pcf8563.c:444:5: warning: 'alm_pending' may be used uninitialized in this function [-Wmaybe-uninitialized] 1 ../drivers/rtc/rtc-armada38x.c:91:22: warning: unused variable 'flags' [-Wunused-variable] 1 ../drivers/net/wireless/iwlegacy/3945.c:1022:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] 1 ../drivers/net/wireless/brcm80211/brcmfmac/fwsignal.c:1478:8: warning: 'skb' may be used uninitialized in this function [-Wmaybe-uninitialized] 1 ../drivers/net/ethernet/dec/tulip/uli526x.c:1086:4: warning: this 'else' clause does not guard... [-Wmisleading-indentation] 1 ../drivers/mtd/mtd_blkdevs.c:100:2: warning: switch condition has boolean value [-Wswitch-bool] 1 ../drivers/media/usb/cx231xx/cx231xx-cards.c:1110:1: warning: the frame size of 2064 bytes is larger than 2048 bytes [-Wframe-larger-than=] 1 ../drivers/media/platform/coda/./trace.h:12:0: warning: "TRACE_SYSTEM_STRING" redefined 1 ../drivers/media/platform/am437x/am437x-vpfe.c:1723:27: warning: self-comparison always evaluates to true [-Wtautological-compare] 1 ../drivers/infiniband/hw/qib/qib_qp.c:44:0: warning: "BITS_PER_PAGE" redefined 1 ../drivers/infiniband/hw/cxgb4/mem.c:147:20: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] 1 ../drivers/gpu/drm/nouveau/nvkm/engine/gr/ctxgm204.c:975:1: warning: the frame size of 1192 bytes is larger than 1024 bytes [-Wframe-larger-than=] 1 ../drivers/gpu/drm/gma500/cdv_intel_dp.c:869:2: warning: 'i2c_dp_aux_add_bus' is deprecated [-Wdeprecated-declarations] 1 ../drivers/block/hd.c:630:3: warning: switch condition has boolean value [-Wswitch-bool] 1 ../drivers/atm/iphase.c:1176:12: warning: this 'if' clause does not guard... [-Wmisleading-indentation] 1 ../arch/x86/xen/mmu.c:1105:57: warning: array subscript is above array bounds [-Warray-bounds] 1 ../arch/arm64/xen/../../arm/xen/mm.c:183:10: warning: initialization from incompatible pointer type [-Wincompatible-pointer-types] 1 ../arch/arm/mach-cns3xxx/pcie.c:266:1: warning: the frame size of 1080 bytes is larger than 1024 bytes [-Wframe-larger-than=] 1 ../arch/arm/include/asm/cmpxchg.h:205:3: warning: value computed is not used [-Wunused-value] Section Mismatch Summary: 1 3 WARNING: drivers/staging/fsl-mc/bus/mc-bus-driver.o(.init.text+0xb0): Section mismatch in reference from the function init_module() to the function .exit.text:dprc_driver_exit() =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- arm64-allmodconfig : PASS, 0 errors, 30 warnings, 3 section mismatches Warnings: ../arch/arm64/xen/../../arm/xen/mm.c:183:10: warning: initialization from incompatible pointer type [-Wincompatible-pointer-types] ../drivers/ata/pata_hpt366.c:376:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] ../drivers/ata/pata_hpt366.c:379:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] ../drivers/ata/pata_hpt366.c:382:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] ../sound/pci/oxygen/oxygen_mixer.c:91:43: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv4/ah4.c:223:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv4/ah4.c:394:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv4/esp4.c:242:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv4/esp4.c:432:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../drivers/infiniband/hw/qib/qib_qp.c:44:0: warning: "BITS_PER_PAGE" redefined ../drivers/mmc/host/sh_mmcif.c:401:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] ../drivers/mmc/host/sh_mmcif.c:402:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] ../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool] ../drivers/media/platform/s3c-camif/camif-capture.c:118:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../drivers/media/platform/s3c-camif/camif-capture.c:134:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../drivers/net/virtio_net.c:553:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../drivers/scsi/be2iscsi/be_main.c:3168:18: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../drivers/scsi/qla2xxx/qla_target.c:3086:6: warning: format '%llu' expects argument of type 'long long unsigned int', but argument 8 has type 'uint32_t {aka unsigned int}' [-Wformat=] ../drivers/scsi/qla2xxx/qla_target.c:3083:17: warning: unused variable 'se_cmd' [-Wunused-variable] ../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast ../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast ../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast ../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast ../drivers/usb/renesas_usbhs/common.c:492:25: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] ../drivers/scsi/ips.c:210:2: warning: #warning "This driver has only been tested on the x86/ia64/x86_64 platforms" [-Wcpp] ../drivers/xen/swiotlb-xen.c:704:27: warning: passing argument 6 of '__generic_dma_ops(dev)->mmap' makes pointer from integer without a cast [-Wint-conversion] Section Mismatches: WARNING: drivers/staging/fsl-mc/bus/mc-bus-driver.o(.init.text+0xb0): Section mismatch in reference from the function init_module() to the function .exit.text:dprc_driver_exit() WARNING: drivers/staging/fsl-mc/bus/mc-bus-driver.o(.init.text+0xb0): Section mismatch in reference from the function init_module() to the function .exit.text:dprc_driver_exit() WARNING: drivers/staging/fsl-mc/bus/mc-bus-driver.o(.init.text+0xb0): Section mismatch in reference from the function init_module() to the function .exit.text:dprc_driver_exit() ------------------------------------------------------------------------------- arm-multi_v5_defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool] ../drivers/rtc/rtc-pcf8563.c:444:5: warning: 'alm_pending' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- arm-multi_v7_defconfig : PASS, 0 errors, 6 warnings, 0 section mismatches Warnings: ../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool] ../drivers/net/wireless/brcm80211/brcmfmac/fwsignal.c:1478:8: warning: 'skb' may be used uninitialized in this function [-Wmaybe-uninitialized] ------------------------------------------------------------------------------- x86_64-defconfig : PASS, 0 errors, 8 warnings, 0 section mismatches Warnings: ../arch/x86/include/asm/msr.h:209:23: warning: right shift count >= width of type [-Wshift-count-overflow] ../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../drivers/hid/hid-input.c:1171:67: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../drivers/iommu/dmar.c:1849:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] ../drivers/iommu/intel-iommu.c:3800:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] ------------------------------------------------------------------------------- arm-allmodconfig : PASS, 0 errors, 32 warnings, 0 section mismatches Warnings: ../arch/arm/mach-cns3xxx/pcie.c:266:1: warning: the frame size of 1080 bytes is larger than 1024 bytes [-Wframe-larger-than=] ../drivers/ata/pata_hpt366.c:376:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] ../drivers/ata/pata_hpt366.c:379:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] ../drivers/ata/pata_hpt366.c:382:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] ../arch/arm/include/asm/cmpxchg.h:205:3: warning: value computed is not used [-Wunused-value] ../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool] ../sound/pci/oxygen/oxygen_mixer.c:91:43: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../net/ipv4/ah4.c:223:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv4/ah4.c:394:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv4/esp4.c:242:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv4/esp4.c:432:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../drivers/gpu/drm/nouveau/nvkm/engine/gr/ctxgm204.c:975:1: warning: the frame size of 1192 bytes is larger than 1024 bytes [-Wframe-larger-than=] ../drivers/infiniband/hw/cxgb4/mem.c:147:20: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] ../include/linux/blkdev.h:624:26: warning: switch condition has boolean value [-Wswitch-bool] ../include/trace/ftrace.h:28:0: warning: "TRACE_SYSTEM_STRING" redefined ../drivers/media/platform/coda/./trace.h:12:0: warning: "TRACE_SYSTEM_STRING" redefined ../drivers/media/platform/s3c-camif/camif-capture.c:118:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../drivers/media/platform/s3c-camif/camif-capture.c:134:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../drivers/rtc/rtc-armada38x.c:91:22: warning: unused variable 'flags' [-Wunused-variable] ../drivers/scsi/be2iscsi/be_main.c:3168:18: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../drivers/scsi/qla2xxx/qla_target.c:3086:6: warning: format '%llu' expects argument of type 'long long unsigned int', but argument 8 has type 'uint32_t {aka unsigned int}' [-Wformat=] ../drivers/scsi/qla2xxx/qla_target.c:3083:17: warning: unused variable 'se_cmd' [-Wunused-variable] ../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast ../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast ../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast ../include/linux/kernel.h:723:17: warning: comparison of distinct pointer types lacks a cast ../drivers/scsi/ips.c:210:2: warning: #warning "This driver has only been tested on the x86/ia64/x86_64 platforms" [-Wcpp] ../drivers/net/virtio_net.c:553:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 46 warnings, 0 section mismatches Warnings: ../arch/x86/include/asm/msr.h:209:23: warning: right shift count >= width of type [-Wshift-count-overflow] ../arch/x86/xen/mmu.c:1105:57: warning: array subscript is above array bounds [-Warray-bounds] ../drivers/atm/iphase.c:1176:12: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../net/caif/cfpkt_skbuff.c:282:3: warning: this 'else' clause does not guard... [-Wmisleading-indentation] ../drivers/ata/pata_hpt366.c:376:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] ../drivers/ata/pata_hpt366.c:379:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] ../drivers/ata/pata_hpt366.c:382:9: warning: assignment discards 'const' qualifier from pointer target type [-Wdiscarded-array-qualifiers] ../drivers/block/hd.c:630:3: warning: switch condition has boolean value [-Wswitch-bool] ../sound/pci/oxygen/oxygen_mixer.c:91:43: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../net/ipv6/ah6.c:426:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/ah6.c:604:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/esp6.c:234:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv6/esp6.c:386:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv4/ah4.c:223:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv4/ah4.c:394:2: warning: ignoring return value of 'skb_to_sgvec_nomark', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv4/esp4.c:242:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../net/ipv4/esp4.c:432:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ../drivers/gpu/drm/gma500/cdv_intel_dp.c:869:2: warning: 'i2c_dp_aux_add_bus' is deprecated [-Wdeprecated-declarations] ../drivers/hid/hid-input.c:1171:67: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../drivers/iommu/dmar.c:1849:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] ../drivers/iommu/intel-iommu.c:3800:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] ../drivers/mmc/host/sh_mmcif.c:401:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] ../drivers/mmc/host/sh_mmcif.c:402:4: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] ../drivers/mtd/mtd_blkdevs.c:100:2: warning: switch condition has boolean value [-Wswitch-bool] ../drivers/media/platform/am437x/am437x-vpfe.c:1723:27: warning: self-comparison always evaluates to true [-Wtautological-compare] ../drivers/media/platform/s3c-camif/camif-capture.c:118:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../drivers/media/platform/s3c-camif/camif-capture.c:134:10: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../drivers/net/ethernet/dec/tulip/uli526x.c:1086:4: warning: this 'else' clause does not guard... [-Wmisleading-indentation] ../drivers/media/usb/cx231xx/cx231xx-cards.c:1110:1: warning: the frame size of 2064 bytes is larger than 2048 bytes [-Wframe-larger-than=] ../drivers/scsi/be2iscsi/be_main.c:3168:18: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] ../drivers/scsi/bfa/bfa_ioc.c:3665:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/scsi/bfa/bfa_ioc.c:3673:4: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/i2o/i2o_config.c:892:19: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] ../drivers/staging/i2o/i2o_config.c:952:10: warning: cast to pointer from integer of different size [-Wint-to-pointer-cast] ../drivers/scsi/megaraid/megaraid_sas_fusion.c:1723:3: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/iio/adc/ad7192.c:236:3: warning: this 'else' clause does not guard... [-Wmisleading-indentation] ../drivers/scsi/qla2xxx/qla_target.c:3086:6: warning: format '%llu' expects argument of type 'long long unsigned int', but argument 8 has type 'uint32_t {aka unsigned int}' [-Wformat=] ../drivers/scsi/qla2xxx/qla_target.c:3083:17: warning: unused variable 'se_cmd' [-Wunused-variable] ../drivers/scsi/advansys.c:71:2: warning: #warning this driver is still not properly converted to the DMA API [-Wcpp] ../drivers/scsi/storvsc_drv.c:1676:5: warning: this 'if' clause does not guard... [-Wmisleading-indentation] ../drivers/net/wireless/iwlegacy/3945.c:1022:5: warning: suggest explicit braces to avoid ambiguous 'else' [-Wparentheses] ../drivers/usb/renesas_usbhs/common.c:492:25: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] ../drivers/staging/rtl8723au/core/rtw_wlan_util.c:525:2: warning: this 'else' clause does not guard... [-Wmisleading-indentation] ../drivers/staging/unisys/visorutil/periodic_work.c:91:31: warning: comparison of constant '0' with boolean expression is always false [-Wbool-compare] ../drivers/staging/unisys/visorutil/periodic_work.c:122:31: warning: comparison of constant '0' with boolean expression is always false [-Wbool-compare] ../drivers/net/virtio_net.c:553:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ------------------------------------------------------------------------------- arm64-defconfig : PASS, 0 errors, 1 warnings, 0 section mismatches Warnings: ../drivers/net/virtio_net.c:553:2: warning: ignoring return value of 'skb_to_sgvec', declared with attribute warn_unused_result [-Wunused-result] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: x86_64-allnoconfig arm64-allnoconfig arm-allnoconfig

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] crypto: caam - strip input zeros from RSA input buffer" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8a2a0dd35f2e54c023d9041a5428b6c5639af86c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Horia=20Geant=C4=83?= <horia.geanta(a)nxp.com> Date: Mon, 16 Apr 2018 08:07:05 -0500 Subject: [PATCH] crypto: caam - strip input zeros from RSA input buffer MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sometimes the provided RSA input buffer provided is not stripped of leading zeros. This could cause its size to be bigger than that of the modulus, making the HW complain: caam_jr 2142000.jr1: 40000789: DECO: desc idx 7: Protocol Size Error - A protocol has seen an error in size. When running RSA, pdb size N < (size of F) when no formatting is used; or pdb size N < (F + 11) when formatting is used. Fix the problem by stripping off the leading zero from input data before feeding it to the CAAM accelerator. Fixes: 8c419778ab57e ("crypto: caam - add support for RSA algorithm") Cc: <stable(a)vger.kernel.org> # 4.8+ Reported-by: Martin Townsend <mtownsend1973(a)gmail.com> Link: https://lkml.kernel.org/r/CABatt_ytYORYKtApcB4izhNanEKkGFi9XAQMjHi_n-8YWoCR… Signed-off-by: Horia Geantă <horia.geanta(a)nxp.com> Tested-by: Fabio Estevam <fabio.estevam(a)nxp.com> Reviewed-by: Tudor Ambarus <tudor.ambarus(a)microchip.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> diff --git a/drivers/crypto/caam/caampkc.c b/drivers/crypto/caam/caampkc.c index 7a897209f181..979072b25eaa 100644 --- a/drivers/crypto/caam/caampkc.c +++ b/drivers/crypto/caam/caampkc.c @@ -166,18 +166,71 @@ static void rsa_priv_f3_done(struct device *dev, u32 *desc, u32 err, akcipher_request_complete(req, err); } +static int caam_rsa_count_leading_zeros(struct scatterlist *sgl, + unsigned int nbytes, + unsigned int flags) +{ + struct sg_mapping_iter miter; + int lzeros, ents; + unsigned int len; + unsigned int tbytes = nbytes; + const u8 *buff; + + ents = sg_nents_for_len(sgl, nbytes); + if (ents < 0) + return ents; + + sg_miter_start(&miter, sgl, ents, SG_MITER_FROM_SG | flags); + + lzeros = 0; + len = 0; + while (nbytes > 0) { + while (len && !*buff) { + lzeros++; + len--; + buff++; + } + + if (len && *buff) + break; + + sg_miter_next(&miter); + buff = miter.addr; + len = miter.length; + + nbytes -= lzeros; + lzeros = 0; + } + + miter.consumed = lzeros; + sg_miter_stop(&miter); + nbytes -= lzeros; + + return tbytes - nbytes; +} + static struct rsa_edesc *rsa_edesc_alloc(struct akcipher_request *req, size_t desclen) { struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); struct caam_rsa_ctx *ctx = akcipher_tfm_ctx(tfm); struct device *dev = ctx->dev; + struct caam_rsa_req_ctx *req_ctx = akcipher_request_ctx(req); struct rsa_edesc *edesc; gfp_t flags = (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ? GFP_KERNEL : GFP_ATOMIC; + int sg_flags = (flags == GFP_ATOMIC) ? SG_MITER_ATOMIC : 0; int sgc; int sec4_sg_index, sec4_sg_len = 0, sec4_sg_bytes; int src_nents, dst_nents; + int lzeros; + + lzeros = caam_rsa_count_leading_zeros(req->src, req->src_len, sg_flags); + if (lzeros < 0) + return ERR_PTR(lzeros); + + req->src_len -= lzeros; + req->src = scatterwalk_ffwd(req_ctx->src, req->src, lzeros); src_nents = sg_nents_for_len(req->src, req->src_len); dst_nents = sg_nents_for_len(req->dst, req->dst_len); @@ -953,6 +1006,7 @@ static struct akcipher_alg caam_rsa = { .max_size = caam_rsa_max_size, .init = caam_rsa_init_tfm, .exit = caam_rsa_exit_tfm, + .reqsize = sizeof(struct caam_rsa_req_ctx), .base = { .cra_name = "rsa", .cra_driver_name = "rsa-caam", diff --git a/drivers/crypto/caam/caampkc.h b/drivers/crypto/caam/caampkc.h index fd145c46eae1..82645bcf8b27 100644 --- a/drivers/crypto/caam/caampkc.h +++ b/drivers/crypto/caam/caampkc.h @@ -95,6 +95,14 @@ struct caam_rsa_ctx { struct device *dev; }; +/** + * caam_rsa_req_ctx - per request context. + * @src: input scatterlist (stripped of leading zeros) + */ +struct caam_rsa_req_ctx { + struct scatterlist src[2]; +}; + /** * rsa_edesc - s/w-extended rsa descriptor * @src_nents : number of segments in input scatterlist

7 years, 4 months

3
2
0 0

[PATCH] block: do not use interruptible wait anywhere

by Khalid Elmously

From: Alan Jenkins <alan.christopher.jenkins(a)gmail.com> BugLink: http://bugs.launchpad.net/bugs/1776887 When blk_queue_enter() waits for a queue to unfreeze, or unset the PREEMPT_ONLY flag, do not allow it to be interrupted by a signal. The PREEMPT_ONLY flag was introduced later in commit 3a0a529971ec ("block, scsi: Make SCSI quiesce and resume work reliably"). Note the SCSI device is resumed asynchronously, i.e. after un-freezing userspace tasks. So that commit exposed the bug as a regression in v4.15. A mysterious SIGBUS (or -EIO) sometimes happened during the time the device was being resumed. Most frequently, there was no kernel log message, and we saw Xorg or Xwayland killed by SIGBUS.[1] [1] E.g. https://bugzilla.redhat.com/show_bug.cgi?id=1553979 Without this fix, I get an IO error in this test: # dd if=/dev/sda of=/dev/null iflag=direct & \ while killall -SIGUSR1 dd; do sleep 0.1; done & \ echo mem > /sys/power/state ; \ sleep 5; killall dd # stop after 5 seconds The interruptible wait was added to blk_queue_enter in commit 3ef28e83ab15 ("block: generic request_queue reference counting"). Before then, the interruptible wait was only in blk-mq, but I don't think it could ever have been correct. Reviewed-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: stable(a)vger.kernel.org Signed-off-by: Alan Jenkins <alan.christopher.jenkins(a)gmail.com> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> (cherry-picked from 1dc3039bc87ae7d19a990c3ee71cfd8a9068f428) Signed-off-by: Khalid Elmously <khalid.elmously(a)canonical.com> --- block/blk-core.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/block/blk-core.c b/block/blk-core.c index fc0666354af3..59c91e345eea 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -821,7 +821,6 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags) while (true) { bool success = false; - int ret; rcu_read_lock(); if (percpu_ref_tryget_live(&q->q_usage_counter)) { @@ -853,14 +852,12 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags) */ smp_rmb(); - ret = wait_event_interruptible(q->mq_freeze_wq, - (atomic_read(&q->mq_freeze_depth) == 0 && - (preempt || !blk_queue_preempt_only(q))) || - blk_queue_dying(q)); + wait_event(q->mq_freeze_wq, + (atomic_read(&q->mq_freeze_depth) == 0 && + (preempt || !blk_queue_preempt_only(q))) || + blk_queue_dying(q)); if (blk_queue_dying(q)) return -ENODEV; - if (ret) - return ret; } } -- 2.17.1

7 years, 4 months

3
4
0 0

v3.2.102 build: 5 failures 20 warnings (v3.2.102)

by Build bot for Mark Brown

Tree/Branch: v3.2.102 Git describe: v3.2.102 Commit: f63b2b3204 Linux 3.2.102 Build Time: 0 min 3 sec Passed: 0 / 5 ( 0.00 %) Failed: 5 / 5 (100.00 %) Errors: 6 Warnings: 20 Section Mismatches: 0 Failed defconfigs: x86_64-allnoconfig arm-allmodconfig arm-allnoconfig x86_64-allmodconfig x86_64-defconfig Errors: x86_64-allnoconfig /home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode /home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode arm-allnoconfig /home/broonie/build/linux-stable/arch/arm/include/asm/div64.h:77:7: error: '__LINUX_ARM_ARCH__' undeclared (first use in this function) /home/broonie/build/linux-stable/arch/arm/include/asm/glue-cache.h:129:2: error: #error Unknown cache maintenance model /home/broonie/build/linux-stable/arch/arm/include/asm/glue-df.h:107:2: error: #error Unknown data abort handler type /home/broonie/build/linux-stable/arch/arm/include/asm/glue-pf.h:54:2: error: #error Unknown prefetch abort handler type x86_64-allmodconfig /home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode /home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode x86_64-defconfig /home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode /home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 2 warnings 0 mismatches : arm-allmodconfig 19 warnings 0 mismatches : arm-allnoconfig ------------------------------------------------------------------------------- Errors summary: 6 3 /home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode 3 /home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode 1 /home/broonie/build/linux-stable/arch/arm/include/asm/glue-pf.h:54:2: error: #error Unknown prefetch abort handler type 1 /home/broonie/build/linux-stable/arch/arm/include/asm/glue-df.h:107:2: error: #error Unknown data abort handler type 1 /home/broonie/build/linux-stable/arch/arm/include/asm/glue-cache.h:129:2: error: #error Unknown cache maintenance model 1 /home/broonie/build/linux-stable/arch/arm/include/asm/div64.h:77:7: error: '__LINUX_ARM_ARCH__' undeclared (first use in this function) Warnings Summary: 20 2 .config:27:warning: symbol value '' invalid for PHYS_OFFSET 1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:342:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:272:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:265:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:131:35: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:127:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:121:3: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:120:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:114:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/swab.h:25:28: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/processor.h:82:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/processor.h:102:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/irqflags.h:11:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/fpstate.h:32:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/cachetype.h:33:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/cachetype.h:28:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/cacheflush.h:196:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/cacheflush.h:194:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/bitops.h:217:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] 1 /home/broonie/build/linux-stable/arch/arm/include/asm/atomic.h:30:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- x86_64-allnoconfig : FAIL, 2 errors, 0 warnings, 0 section mismatches Errors: /home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode /home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode ------------------------------------------------------------------------------- arm-allmodconfig : FAIL, 0 errors, 2 warnings, 0 section mismatches Warnings: .config:27:warning: symbol value '' invalid for PHYS_OFFSET .config:27:warning: symbol value '' invalid for PHYS_OFFSET ------------------------------------------------------------------------------- arm-allnoconfig : FAIL, 4 errors, 19 warnings, 0 section mismatches Errors: /home/broonie/build/linux-stable/arch/arm/include/asm/div64.h:77:7: error: '__LINUX_ARM_ARCH__' undeclared (first use in this function) /home/broonie/build/linux-stable/arch/arm/include/asm/glue-cache.h:129:2: error: #error Unknown cache maintenance model /home/broonie/build/linux-stable/arch/arm/include/asm/glue-df.h:107:2: error: #error Unknown data abort handler type /home/broonie/build/linux-stable/arch/arm/include/asm/glue-pf.h:54:2: error: #error Unknown prefetch abort handler type Warnings: /home/broonie/build/linux-stable/arch/arm/include/asm/irqflags.h:11:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:114:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:120:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:121:3: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:127:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:131:35: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:265:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:272:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/system.h:342:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/bitops.h:217:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/swab.h:25:28: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/fpstate.h:32:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/processor.h:82:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/processor.h:102:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/atomic.h:30:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/cachetype.h:28:5: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/cachetype.h:33:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/cacheflush.h:194:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] /home/broonie/build/linux-stable/arch/arm/include/asm/cacheflush.h:196:7: warning: "__LINUX_ARM_ARCH__" is not defined [-Wundef] ------------------------------------------------------------------------------- x86_64-allmodconfig : FAIL, 2 errors, 0 warnings, 0 section mismatches Errors: /home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode /home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode ------------------------------------------------------------------------------- x86_64-defconfig : FAIL, 2 errors, 0 warnings, 0 section mismatches Errors: /home/broonie/build/linux-stable/scripts/mod/empty.c:1:0: error: code model kernel does not support PIC mode /home/broonie/build/linux-stable/kernel/bounds.c:1:0: error: code model kernel does not support PIC mode ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches:

7 years, 4 months

1
0
0 0

v3.18.113 build: 0 failures 1 warnings (v3.18.113)

by Build bot for Mark Brown

Tree/Branch: v3.18.113 Git describe: v3.18.113 Commit: 31767764c0 Linux 3.18.113 Build Time: 45 min 57 sec Passed: 10 / 10 (100.00 %) Failed: 0 / 10 ( 0.00 %) Errors: 0 Warnings: 1 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 7 warnings 0 mismatches : x86_64-allmodconfig 2 warnings 0 mismatches : x86_64-defconfig ------------------------------------------------------------------------------- Warnings Summary: 1 9 ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 7 warnings, 0 section mismatches Warnings: ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ------------------------------------------------------------------------------- x86_64-defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: arm64-allnoconfig arm64-allmodconfig arm-multi_v5_defconfig arm-multi_v7_defconfig arm-allmodconfig arm-allnoconfig x86_64-allnoconfig arm64-defconfig

7 years, 4 months

1
0
0 0

[PATCH 4.9 1/2] Revert "Btrfs: fix scrub to repair raid6 corruption"

by Sasha Levin

This reverts commit 186a6519dc94964a4c5c68fca482f20f71551f26. This commit used an incorrect log message. Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- fs/btrfs/raid56.c | 18 ++++-------------- fs/btrfs/volumes.c | 9 +-------- 2 files changed, 5 insertions(+), 22 deletions(-) diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c index af6a776fa18c..d016d4a79864 100644 --- a/fs/btrfs/raid56.c +++ b/fs/btrfs/raid56.c @@ -2161,21 +2161,11 @@ int raid56_parity_recover(struct btrfs_root *root, struct bio *bio, } /* - * Loop retry: - * for 'mirror == 2', reconstruct from all other stripes. - * for 'mirror_num > 2', select a stripe to fail on every retry. + * reconstruct from the q stripe if they are + * asking for mirror 3 */ - if (mirror_num > 2) { - /* - * 'mirror == 3' is to fail the p stripe and - * reconstruct from the q stripe. 'mirror > 3' is to - * fail a data stripe and reconstruct from p+q stripe. - */ - rbio->failb = rbio->real_stripes - (mirror_num - 1); - ASSERT(rbio->failb > 0); - if (rbio->failb <= rbio->faila) - rbio->failb--; - } + if (mirror_num == 3) + rbio->failb = rbio->real_stripes - 2; ret = lock_stripe_add(rbio); diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c index 76017e1b3c0f..c2495cde26f6 100644 --- a/fs/btrfs/volumes.c +++ b/fs/btrfs/volumes.c @@ -5186,14 +5186,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len) else if (map->type & BTRFS_BLOCK_GROUP_RAID5) ret = 2; else if (map->type & BTRFS_BLOCK_GROUP_RAID6) - /* - * There could be two corrupted data stripes, we need - * to loop retry in order to rebuild the correct data. - * - * Fail a stripe at a time on every retry except the - * stripe under reconstruction. - */ - ret = map->num_stripes; + ret = 3; else ret = 1; free_extent_map(em); -- 2.17.1

7 years, 4 months

1
1
0 0

[PATCH 4.14 1/3] Revert "Btrfs: fix scrub to repair raid6 corruption"

by Sasha Levin

This reverts commit d91bb7c6988bd6450284c762b33f2e1ea3fe7c97. This commit used an incorrect log message. Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- fs/btrfs/raid56.c | 18 ++++-------------- fs/btrfs/volumes.c | 9 +-------- 2 files changed, 5 insertions(+), 22 deletions(-) diff --git a/fs/btrfs/raid56.c b/fs/btrfs/raid56.c index 2e995e565633..d1bda68a3386 100644 --- a/fs/btrfs/raid56.c +++ b/fs/btrfs/raid56.c @@ -2172,21 +2172,11 @@ int raid56_parity_recover(struct btrfs_fs_info *fs_info, struct bio *bio, } /* - * Loop retry: - * for 'mirror == 2', reconstruct from all other stripes. - * for 'mirror_num > 2', select a stripe to fail on every retry. + * reconstruct from the q stripe if they are + * asking for mirror 3 */ - if (mirror_num > 2) { - /* - * 'mirror == 3' is to fail the p stripe and - * reconstruct from the q stripe. 'mirror > 3' is to - * fail a data stripe and reconstruct from p+q stripe. - */ - rbio->failb = rbio->real_stripes - (mirror_num - 1); - ASSERT(rbio->failb > 0); - if (rbio->failb <= rbio->faila) - rbio->failb--; - } + if (mirror_num == 3) + rbio->failb = rbio->real_stripes - 2; ret = lock_stripe_add(rbio); diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c index 08afafb6ecf7..69bc37a87c5a 100644 --- a/fs/btrfs/volumes.c +++ b/fs/btrfs/volumes.c @@ -5110,14 +5110,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len) else if (map->type & BTRFS_BLOCK_GROUP_RAID5) ret = 2; else if (map->type & BTRFS_BLOCK_GROUP_RAID6) - /* - * There could be two corrupted data stripes, we need - * to loop retry in order to rebuild the correct data. - * - * Fail a stripe at a time on every retry except the - * stripe under reconstruction. - */ - ret = map->num_stripes; + ret = 3; else ret = 1; free_extent_map(em); -- 2.17.1

7 years, 4 months

1
2
0 0

[patch 04/27] mm: fix devmem_is_allowed() for sub-page System RAM intersections

by akpm＠linux-foundation.org

From: Dan Williams <dan.j.williams(a)intel.com> Subject: mm: fix devmem_is_allowed() for sub-page System RAM intersections Hussam reports: I was poking around and for no real reason, I did cat /dev/mem and strings /dev/mem. Then I saw the following warning in dmesg. I saved it and rebooted immediately. memremap attempted on mixed range 0x000000000009c000 size: 0x1000 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 11810 at kernel/memremap.c:98 memremap+0x104/0x170 [..] Call Trace: xlate_dev_mem_ptr+0x25/0x40 read_mem+0x89/0x1a0 __vfs_read+0x36/0x170 The memremap() implementation checks for attempts to remap System RAM with MEMREMAP_WB and instead redirects those mapping attempts to the linear map. However, that only works if the physical address range being remapped is page aligned. In low memory we have situations like the following: 00000000-00000fff : Reserved 00001000-0009fbff : System RAM 0009fc00-0009ffff : Reserved ...where System RAM intersects Reserved ranges on a sub-page page granularity. Given that devmem_is_allowed() special cases any attempt to map System RAM in the first 1MB of memory, replace page_is_ram() with the more precise region_intersects() to trap attempts to map disallowed ranges. Link: https://bugzilla.kernel.org/show_bug.cgi?id=199999 Link: http://lkml.kernel.org/r/152856436164.18127.2847888121707136898.stgit@dwill… Fixes: 92281dee825f ("arch: introduce memremap()") Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> Reported-by: Hussam Al-Tayeb <me(a)hussam.eu.org> Tested-by: Hussam Al-Tayeb <me(a)hussam.eu.org> Cc: Christoph Hellwig <hch(a)lst.de> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- arch/x86/mm/init.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff -puN arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections arch/x86/mm/init.c --- a/arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections +++ a/arch/x86/mm/init.c @@ -706,7 +706,9 @@ void __init init_mem_mapping(void) */ int devmem_is_allowed(unsigned long pagenr) { - if (page_is_ram(pagenr)) { + if (region_intersects(PFN_PHYS(pagenr), PAGE_SIZE, + IORESOURCE_SYSTEM_RAM, IORES_DESC_NONE) + != REGION_DISJOINT) { /* * For disallowed memory regions in the low 1MB range, * request that the page be shown as all zeros. _

7 years, 4 months

1
0
0 0

[patch 01/27] mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm()

by akpm＠linux-foundation.org

From: Jia He <jia.he(a)hxt-semitech.com> Subject: mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm() In our armv8a server(QDF2400), I noticed lots of WARN_ON caused by PAGE_SIZE unaligned for rmap_item->address under memory pressure tests(start 20 guests and run memhog in the host). --------------------------begin-------------------------------------- [ 410.853828] WARNING: CPU: 4 PID: 4641 at arch/arm64/kvm/../../../virt/kvm/arm/mmu.c:1826 kvm_age_hva_handler+0xc0/0xc8 [ 410.864518] Modules linked in: vhost_net vhost tap xt_CHECKSUM ipt_MASQUERADE nf_nat_masquerade_ipv4 ip6t_rpfilter ipt_REJECT nf_reject_ipv4 ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bridge stp llc ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_security ip6table_raw iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack iptable_mangle iptable_security iptable_raw ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter rpcrdma ib_isert iscsi_target_mod ib_iser libiscsi scsi_transport_iscsi ib_srpt target_core_mod ib_srp scsi_transport_srp ib_ipoib rdma_ucm ib_ucm ib_umad rdma_cm ib_cm iw_cm mlx5_ib vfat fat ib_uverbs dm_mirror dm_region_hash ib_core dm_log dm_mod crc32_ce ipmi_ssif sg nfsd [ 410.935101] auth_rpcgss nfs_acl lockd grace sunrpc ip_tables xfs libcrc32c mlx5_core ixgbe mlxfw devlink mdio ahci_platform libahci_platform qcom_emac libahci hdma hdma_mgmt i2c_qup [ 410.951369] CPU: 4 PID: 4641 Comm: memhog Tainted: G W 4.17.0-rc3+ #8 [ 410.959104] Hardware name: <snip for confidential issues> [ 410.969791] pstate: 80400005 (Nzcv daif +PAN -UAO) [ 410.974575] pc : kvm_age_hva_handler+0xc0/0xc8 [ 410.979012] lr : handle_hva_to_gpa+0xa8/0xe0 [ 410.983274] sp : ffff801761553290 [ 410.986581] x29: ffff801761553290 x28: 0000000000000000 [ 410.991888] x27: 0000000000000002 x26: 0000000000000000 [ 410.997195] x25: ffff801765430058 x24: ffff0000080b5608 [ 411.002501] x23: 0000000000000000 x22: ffff8017ccb84000 [ 411.007807] x21: 0000000003ff0000 x20: ffff8017ccb84000 [ 411.013113] x19: 000000000000fe00 x18: ffff000008fb3c08 [ 411.018419] x17: 0000000000000000 x16: 0060001645820bd3 [ 411.023725] x15: ffff80176aacbc08 x14: 0000000000000000 [ 411.029031] x13: 0000000000000040 x12: 0000000000000228 [ 411.034337] x11: 0000000000000000 x10: 0000000000000000 [ 411.039643] x9 : 0000000000000010 x8 : 0000000000000004 [ 411.044949] x7 : 0000000000000000 x6 : 00008017f0770000 [ 411.050255] x5 : 0000fffda59f0200 x4 : 0000000000000000 [ 411.055561] x3 : 0000000000000000 x2 : 000000000000fe00 [ 411.060867] x1 : 0000000003ff0000 x0 : 0000000020000000 [ 411.066173] Call trace: [ 411.068614] kvm_age_hva_handler+0xc0/0xc8 [ 411.072703] handle_hva_to_gpa+0xa8/0xe0 [ 411.076619] kvm_age_hva+0x4c/0xe8 [ 411.080014] kvm_mmu_notifier_clear_flush_young+0x54/0x98 [ 411.085408] __mmu_notifier_clear_flush_young+0x6c/0xa0 [ 411.090627] page_referenced_one+0x154/0x1d8 [ 411.094890] rmap_walk_ksm+0x12c/0x1d0 [ 411.098632] rmap_walk+0x94/0xa0 [ 411.101854] page_referenced+0x194/0x1b0 [ 411.105770] shrink_page_list+0x674/0xc28 [ 411.109772] shrink_inactive_list+0x26c/0x5b8 [ 411.114122] shrink_node_memcg+0x35c/0x620 [ 411.118211] shrink_node+0x100/0x430 [ 411.121778] do_try_to_free_pages+0xe0/0x3a8 [ 411.126041] try_to_free_pages+0xe4/0x230 [ 411.130045] __alloc_pages_nodemask+0x564/0xdc0 [ 411.134569] alloc_pages_vma+0x90/0x228 [ 411.138398] do_anonymous_page+0xc8/0x4d0 [ 411.142400] __handle_mm_fault+0x4a0/0x508 [ 411.146489] handle_mm_fault+0xf8/0x1b0 [ 411.150321] do_page_fault+0x218/0x4b8 [ 411.154064] do_translation_fault+0x90/0xa0 [ 411.158239] do_mem_abort+0x68/0xf0 [ 411.161721] el0_da+0x24/0x28 ---------------------------end--------------------------------------- In rmap_walk_ksm, the rmap_item->address might still have the STABLE_FLAG, then the start and end in handle_hva_to_gpa might not be PAGE_SIZE aligned. Thus it will cause exceptions in handle_hva_to_gpa on arm64. This patch fixes it by ignoring (not removing) the low bits of address when doing rmap_walk_ksm. IMO, it should be backported to stable tree. the stom of WARN_ONs is very easy for me to reproduce. More than that, I watched a panic (not reproducible) as follows: [35380.805825] page:ffff7fe003742d80 count:-4871 mapcount:-2126053375 mapping: (null) index:0x0 [35380.815024] flags: 0x1fffc00000000000() [35380.818845] raw: 1fffc00000000000 0000000000000000 0000000000000000 ffffecf981470000 [35380.826569] raw: dead000000000100 dead000000000200 ffff8017c001c000 0000000000000000 [35380.834294] page dumped because: nonzero _refcount [35380.839069] Modules linked in: vhost_net vhost tap ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter fcoe libfcoe libfc 8021q garp mrp stp llc scsi_transport_fc openvswitch nf_conntrack_ipv6 nf_nat_ipv6 nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_defrag_ipv6 nf_nat nf_conntrack vfat fat rpcrdma ib_isert iscsi_target_mod ib_iser libiscsi scsi_transport_iscsi ib_srpt target_core_mod ib_srp scsi_transport_srp ib_ipoib rdma_ucm ib_ucm ib_uverbs ib_umad rdma_cm ib_cm iw_cm mlx5_ib ib_core crc32_ce ipmi_ssif tpm_tis tpm_tis_core sg nfsd auth_rpcgss nfs_acl lockd grace sunrpc dm_multipath ip_tables xfs libcrc32c mlx5_core mlxfw devlink ahci_platform libahci_platform libahci qcom_emac sdhci_acpi sdhci hdma mmc_core hdma_mgmt i2c_qup dm_mirror dm_region_hash dm_log dm_mod [35380.908341] CPU: 29 PID: 18323 Comm: qemu-kvm Tainted: G W 4.14.15-5.hxt.aarch64 #1 [35380.917107] Hardware name: <snip for confidential issues> [35380.930909] Call trace: [35380.933345] [<ffff000008088f00>] dump_backtrace+0x0/0x22c [35380.938723] [<ffff000008089150>] show_stack+0x24/0x2c [35380.943759] [<ffff00000893c078>] dump_stack+0x8c/0xb0 [35380.948794] [<ffff00000820ab50>] bad_page+0xf4/0x154 [35380.953740] [<ffff000008211ce8>] free_pages_check_bad+0x90/0x9c [35380.959642] [<ffff00000820c430>] free_pcppages_bulk+0x464/0x518 [35380.965545] [<ffff00000820db98>] free_hot_cold_page+0x22c/0x300 [35380.971448] [<ffff0000082176fc>] __put_page+0x54/0x60 [35380.976484] [<ffff0000080b1164>] unmap_stage2_range+0x170/0x2b4 [35380.982385] [<ffff0000080b12d8>] kvm_unmap_hva_handler+0x30/0x40 [35380.988375] [<ffff0000080b0104>] handle_hva_to_gpa+0xb0/0xec [35380.994016] [<ffff0000080b2644>] kvm_unmap_hva_range+0x5c/0xd0 [35380.999833] [<ffff0000080a8054>] I even injected a fault on purpose in kvm_unmap_hva_range by seting size=size-0x200, the call trace is similar as above. So I thought the panic is similarly caused by the root cause of WARN_ON. Andrea said: : It looks a straightforward safe fix, on x86 hva_to_gfn_memslot would : zap those bits and hide the misalignment caused by the low metadata : bits being erroneously left set in the address, but the arm code : notices when that's the last page in the memslot and the hva_end is : getting aligned and the size is below one page. : : I think the problem triggers in the addr += PAGE_SIZE of : unmap_stage2_ptes that never matches end because end is aligned but : addr is not. : : } while (pte++, addr += PAGE_SIZE, addr != end); : : x86 again only works on hva_start/hva_end after converting it to : gfn_start/end and that being in pfn units the bits are zapped before : they risk to cause trouble. Jia He said: : I've tested by myself in arm64 server (QDF2400,46 cpus,96G mem) Without : this patch, the WARN_ON is very easy for reproducing. After this patch, I : have run the same benchmarch for a whole day without any WARN_ONs Link: http://lkml.kernel.org/r/1525403506-6750-1-git-send-email-hejianet@gmail.com Signed-off-by: Jia He <jia.he(a)hxt-semitech.com> Reviewed-by: Andrea Arcangeli <aarcange(a)redhat.com> Tested-by: Jia He <hejianet(a)gmail.com> Cc: Suzuki K Poulose <Suzuki.Poulose(a)arm.com> Cc: Minchan Kim <minchan(a)kernel.org> Cc: Claudio Imbrenda <imbrenda(a)linux.vnet.ibm.com> Cc: Arvind Yadav <arvind.yadav.cs(a)gmail.com> Cc: Mike Rapoport <rppt(a)linux.vnet.ibm.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/ksm.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff -puN mm/ksm.c~mm-ksm-ignore-stable_flag-of-rmap_item-address-in-rmap_walk_ksm mm/ksm.c --- a/mm/ksm.c~mm-ksm-ignore-stable_flag-of-rmap_item-address-in-rmap_walk_ksm +++ a/mm/ksm.c @@ -216,6 +216,8 @@ struct rmap_item { #define SEQNR_MASK 0x0ff /* low bits of unstable tree seqnr */ #define UNSTABLE_FLAG 0x100 /* is a node of the unstable tree */ #define STABLE_FLAG 0x200 /* is listed from the stable tree */ +#define KSM_FLAG_MASK (SEQNR_MASK|UNSTABLE_FLAG|STABLE_FLAG) + /* to mask all the flags */ /* The stable and unstable tree heads */ static struct rb_root one_stable_tree[1] = { RB_ROOT }; @@ -2598,10 +2600,15 @@ again: anon_vma_lock_read(anon_vma); anon_vma_interval_tree_foreach(vmac, &anon_vma->rb_root, 0, ULONG_MAX) { + unsigned long addr; + cond_resched(); vma = vmac->vma; - if (rmap_item->address < vma->vm_start || - rmap_item->address >= vma->vm_end) + + /* Ignore the stable/unstable/sqnr flags */ + addr = rmap_item->address & ~KSM_FLAG_MASK; + + if (addr < vma->vm_start || addr >= vma->vm_end) continue; /* * Initially we examine only the vma which covers this @@ -2615,8 +2622,7 @@ again: if (rwc->invalid_vma && rwc->invalid_vma(vma, rwc->arg)) continue; - if (!rwc->rmap_one(page, vma, - rmap_item->address, rwc->arg)) { + if (!rwc->rmap_one(page, vma, addr, rwc->arg)) { anon_vma_unlock_read(anon_vma); return; } _

7 years, 4 months

1
0
0 0

[PATCH 1/2] drm/i915: Disallow interlaced modes on g4x DP outputs

by Ville Syrjala

From: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Looks like interlaced DP output doesn't work on g4x either. Not all that surprising considering we already established that interlaced DP output is busted on VLV/CHV. Cc: stable(a)vger.kernel.org Signed-off-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> --- drivers/gpu/drm/i915/intel_dp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c index 40ffd9163175..6068986fd985 100644 --- a/drivers/gpu/drm/i915/intel_dp.c +++ b/drivers/gpu/drm/i915/intel_dp.c @@ -1869,7 +1869,7 @@ intel_dp_compute_config(struct intel_encoder *encoder, conn_state->scaling_mode); } - if ((IS_VALLEYVIEW(dev_priv) || IS_CHERRYVIEW(dev_priv)) && + if (HAS_GMCH_DISPLAY(dev_priv) && adjusted_mode->flags & DRM_MODE_FLAG_INTERLACE) return false; @@ -6351,7 +6351,7 @@ intel_dp_init_connector(struct intel_digital_port *intel_dig_port, drm_connector_init(dev, connector, &intel_dp_connector_funcs, type); drm_connector_helper_add(connector, &intel_dp_connector_helper_funcs); - if (!IS_VALLEYVIEW(dev_priv) && !IS_CHERRYVIEW(dev_priv)) + if (!HAS_GMCH_DISPLAY(dev_priv)) connector->interlace_allowed = true; connector->doublescan_allowed = 0; -- 2.16.4

7 years, 4 months

3
6
0 0

[PATCH] powerpc/e500mc: Set assembler machine type to e500mc

by Michael Jeanson

In binutils 2.26 a new opcode for the "wait" instruction was added for the POWER9 and has precedence over the one specific to the e500mc. Commit ebf714ff3756 ("powerpc/e500mc: Add support for the wait instruction in e500_idle") uses this instruction specifically on the e500mc to work around an erratum. This results in an invalid instruction in idle_e500 when we build for the e500mc on bintutils >= 2.26 with the default assembler machine type. Since multiplatform between e500 and non-e500 is not supported, set the assembler machine type globaly when CONFIG_PPC_E500MC=y. Signed-off-by: Michael Jeanson <mjeanson(a)efficios.com> Reviewed-by: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> CC: Benjamin Herrenschmidt <benh(a)kernel.crashing.org> CC: Paul Mackerras <paulus(a)samba.org> CC: Michael Ellerman <mpe(a)ellerman.id.au> CC: Kumar Gala <galak(a)kernel.crashing.org> CC: Vakul Garg <vakul.garg(a)nxp.com> CC: Scott Wood <swood(a)redhat.com> CC: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> CC: linuxppc-dev(a)lists.ozlabs.org CC: linux-kernel(a)vger.kernel.org CC: stable(a)vger.kernel.org --- arch/powerpc/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/powerpc/Makefile b/arch/powerpc/Makefile index 95813df90801..bb2523b4bd8f 100644 --- a/arch/powerpc/Makefile +++ b/arch/powerpc/Makefile @@ -251,6 +251,7 @@ cpu-as-$(CONFIG_4xx) += -Wa,-m405 cpu-as-$(CONFIG_ALTIVEC) += $(call as-option,-Wa$(comma)-maltivec) cpu-as-$(CONFIG_E200) += -Wa,-me200 cpu-as-$(CONFIG_PPC_BOOK3S_64) += -Wa,-mpower4 +cpu-as-$(CONFIG_PPC_E500MC) += $(call as-option,-Wa$(comma)-me500mc) KBUILD_AFLAGS += $(cpu-as-y) KBUILD_CFLAGS += $(cpu-as-y) -- 2.17.1

7 years, 4 months

1
0
0 0

[B][PATCH v2 1/1] block: do not use interruptible wait anywhere

by Khalid Elmously

From: Alan Jenkins <alan.christopher.jenkins(a)gmail.com> BugLink: http://bugs.launchpad.net/bugs/1776887 When blk_queue_enter() waits for a queue to unfreeze, or unset the PREEMPT_ONLY flag, do not allow it to be interrupted by a signal. The PREEMPT_ONLY flag was introduced later in commit 3a0a529971ec ("block, scsi: Make SCSI quiesce and resume work reliably"). Note the SCSI device is resumed asynchronously, i.e. after un-freezing userspace tasks. So that commit exposed the bug as a regression in v4.15. A mysterious SIGBUS (or -EIO) sometimes happened during the time the device was being resumed. Most frequently, there was no kernel log message, and we saw Xorg or Xwayland killed by SIGBUS.[1] [1] E.g. https://bugzilla.redhat.com/show_bug.cgi?id=1553979 Without this fix, I get an IO error in this test: # dd if=/dev/sda of=/dev/null iflag=direct & \ while killall -SIGUSR1 dd; do sleep 0.1; done & \ echo mem > /sys/power/state ; \ sleep 5; killall dd # stop after 5 seconds The interruptible wait was added to blk_queue_enter in commit 3ef28e83ab15 ("block: generic request_queue reference counting"). Before then, the interruptible wait was only in blk-mq, but I don't think it could ever have been correct. Reviewed-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: stable(a)vger.kernel.org Signed-off-by: Alan Jenkins <alan.christopher.jenkins(a)gmail.com> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> (cherry-picked from 1dc3039bc87ae7d19a990c3ee71cfd8a9068f428) Signed-off-by: Khalid Elmously <khalid.elmously(a)canonical.com> --- block/blk-core.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/block/blk-core.c b/block/blk-core.c index fc0666354af3..59c91e345eea 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -821,7 +821,6 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags) while (true) { bool success = false; - int ret; rcu_read_lock(); if (percpu_ref_tryget_live(&q->q_usage_counter)) { @@ -853,14 +852,12 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags) */ smp_rmb(); - ret = wait_event_interruptible(q->mq_freeze_wq, - (atomic_read(&q->mq_freeze_depth) == 0 && - (preempt || !blk_queue_preempt_only(q))) || - blk_queue_dying(q)); + wait_event(q->mq_freeze_wq, + (atomic_read(&q->mq_freeze_depth) == 0 && + (preempt || !blk_queue_preempt_only(q))) || + blk_queue_dying(q)); if (blk_queue_dying(q)) return -ENODEV; - if (ret) - return ret; } } -- 2.17.1

7 years, 4 months

1
0
0 0

[PATCH] block: do not use interruptible wait anywhere

by Khalid Elmously

From: Alan Jenkins <alan.christopher.jenkins(a)gmail.com> BugLink: http://bugs.launchpad.net/bugs/1776887 When blk_queue_enter() waits for a queue to unfreeze, or unset the PREEMPT_ONLY flag, do not allow it to be interrupted by a signal. The PREEMPT_ONLY flag was introduced later in commit 3a0a529971ec ("block, scsi: Make SCSI quiesce and resume work reliably"). Note the SCSI device is resumed asynchronously, i.e. after un-freezing userspace tasks. So that commit exposed the bug as a regression in v4.15. A mysterious SIGBUS (or -EIO) sometimes happened during the time the device was being resumed. Most frequently, there was no kernel log message, and we saw Xorg or Xwayland killed by SIGBUS.[1] [1] E.g. https://bugzilla.redhat.com/show_bug.cgi?id=1553979 Without this fix, I get an IO error in this test: # dd if=/dev/sda of=/dev/null iflag=direct & \ while killall -SIGUSR1 dd; do sleep 0.1; done & \ echo mem > /sys/power/state ; \ sleep 5; killall dd # stop after 5 seconds The interruptible wait was added to blk_queue_enter in commit 3ef28e83ab15 ("block: generic request_queue reference counting"). Before then, the interruptible wait was only in blk-mq, but I don't think it could ever have been correct. Reviewed-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: stable(a)vger.kernel.org Signed-off-by: Alan Jenkins <alan.christopher.jenkins(a)gmail.com> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> (cherry-picked from 1dc3039bc87ae7d19a990c3ee71cfd8a9068f428) Signed-off-by: Khalid Elmously <khalid.elmously(a)canonical.com> --- block/blk-core.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/block/blk-core.c b/block/blk-core.c index fc0666354af3..59c91e345eea 100644 --- a/block/blk-core.c +++ b/block/blk-core.c @@ -821,7 +821,6 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags) while (true) { bool success = false; - int ret; rcu_read_lock(); if (percpu_ref_tryget_live(&q->q_usage_counter)) { @@ -853,14 +852,12 @@ int blk_queue_enter(struct request_queue *q, blk_mq_req_flags_t flags) */ smp_rmb(); - ret = wait_event_interruptible(q->mq_freeze_wq, - (atomic_read(&q->mq_freeze_depth) == 0 && - (preempt || !blk_queue_preempt_only(q))) || - blk_queue_dying(q)); + wait_event(q->mq_freeze_wq, + (atomic_read(&q->mq_freeze_depth) == 0 && + (preempt || !blk_queue_preempt_only(q))) || + blk_queue_dying(q)); if (blk_queue_dying(q)) return -ENODEV; - if (ret) - return ret; } } -- 2.17.1

7 years, 4 months

1
0
0 0

[PATCH] pinctrl: mt7622: fix a kernel panic when pio don't work as EINT controller

by sean.wang＠mediatek.com

From: Sean Wang <sean.wang(a)mediatek.com> The function, external interrupt controller, is made as an optional to mt7622 pinctrl. But if we don't want pio behaves as an external interrupt controller, it would lead to hw->eint not be created properly and then will cause 'kernel NULL pointer' issue when gpiochip try to call .to_irq or .set_config. To fix it, check hw->eint before accessing the member. [ 1.339494] Unable to handle kernel NULL pointer dereference at virtual address 00000010 [ 1.347857] Mem abort info: [ 1.350742] ESR = 0x96000005 [ 1.353905] Exception class = DABT (current EL), IL = 32 bits [ 1.360024] SET = 0, FnV = 0 [ 1.363185] EA = 0, S1PTW = 0 [ 1.366431] Data abort info: [ 1.369405] ISV = 0, ISS = 0x00000005 [ 1.373363] CM = 0, WnR = 0 [ 1.376437] [0000000000000010] user address but active_mm is swapper [ 1.383005] Internal error: Oops: 96000005 [#1] PREEMPT SMP [ 1.388748] Modules linked in: [ 1.391897] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.16.0-rc1+ #344 [ 1.398625] Hardware name: MediaTek MT7622 RFB1 board (DT) [ 1.404279] pstate: 80000005 (Nzcv daif -PAN -UAO) [ 1.409221] pc : mtk_eint_find_irq+0x8/0x24 [ 1.413532] lr : mtk_gpio_to_irq+0x20/0x28 [ 1.417749] sp : ffffff800801baf0 [ 1.421161] x29: ffffff800801baf0 x28: ffffff8008792f40 [ 1.426637] x27: ffffff800886b000 x26: ffffff8008615620 [ 1.432113] x25: ffffffc00e4dbdc8 x24: ffffff80087b8000 [ 1.437589] x23: ffffffc00325a000 x22: ffffffc00325a010 [ 1.443066] x21: ffffffc0033dec18 x20: 00000000ffffffea [ 1.448542] x19: ffffffc00e4db800 x18: 0000000000000130 [ 1.454018] x17: 000000000000000e x16: 0000000000000007 [ 1.459494] x15: ffffff80085ee000 x14: 0000000000000001 [ 1.464970] x13: 0000000000000001 x12: 0000000000000010 [ 1.470446] x11: 0101010101010101 x10: 0000000000000880 [ 1.475922] x9 : ffffff800801b990 x8 : ffffffc0030688e0 [ 1.481399] x7 : ffffff80080c0660 x6 : ffffffc00e4dbbb0 [ 1.486875] x5 : 0000000000000000 x4 : 0000000000000000 [ 1.492351] x3 : ffffff80082a92f4 x2 : 00000000fffffffa [ 1.497826] x1 : 0000000000000051 x0 : 0000000000000000 [ 1.503305] Process swapper/0 (pid: 1, stack limit = 0x0000000054e053bd) [ 1.510210] Call trace: [ 1.512727] mtk_eint_find_irq+0x8/0x24 [ 1.516677] mtk_gpio_to_irq+0x20/0x28 [ 1.520539] gpiod_to_irq+0x48/0x60 [ 1.524135] mmc_gpiod_request_cd_irq+0x3c/0xc4 [ 1.528804] mmc_start_host+0x6c/0x8c [ 1.532575] mmc_add_host+0x58/0x7c [ 1.536168] msdc_drv_probe+0x4fc/0x67c [ 1.540121] platform_drv_probe+0x58/0xa4 [ 1.544251] driver_probe_device+0x204/0x44c [ 1.548649] __driver_attach+0x84/0xf8 [ 1.552512] bus_for_each_dev+0x68/0xa0 [ 1.556461] driver_attach+0x20/0x28 [ 1.560142] bus_add_driver+0xec/0x240 [ 1.564002] driver_register+0x98/0xe4 [ 1.567863] __platform_driver_register+0x48/0x50 [ 1.572711] mt_msdc_driver_init+0x18/0x20 [ 1.576932] do_one_initcall+0x98/0x130 [ 1.580886] kernel_init_freeable+0x13c/0x1d4 [ 1.585375] kernel_init+0x10/0xf8 [ 1.588879] ret_from_fork+0x10/0x18 [ 1.592564] Code: a8c67bfd d65f03c0 a9bf7bfd 910003fd (f9400800) [ 1.598849] ---[ end trace 4bbcb7bc30e98492 ]--- [ 1.603677] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b [ 1.603677] cc: Kevin Hilman <khilman(a)baylibre.com> Cc: stable(a)vger.kernel.org Fixes: e6dabd38d8e7 ("pinctrl: mediatek: add EINT support to MT7622 SoC") Signed-off-by: Sean Wang <sean.wang(a)mediatek.com> --- drivers/pinctrl/mediatek/pinctrl-mt7622.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/drivers/pinctrl/mediatek/pinctrl-mt7622.c b/drivers/pinctrl/mediatek/pinctrl-mt7622.c index ad6da11..e3f1ab2 100644 --- a/drivers/pinctrl/mediatek/pinctrl-mt7622.c +++ b/drivers/pinctrl/mediatek/pinctrl-mt7622.c @@ -1459,6 +1459,9 @@ static int mtk_gpio_to_irq(struct gpio_chip *chip, unsigned int offset) struct mtk_pinctrl *hw = gpiochip_get_data(chip); unsigned long eint_n; + if (!hw->eint) + return -ENOTSUPP; + eint_n = offset; return mtk_eint_find_irq(hw->eint, eint_n); @@ -1471,7 +1474,8 @@ static int mtk_gpio_set_config(struct gpio_chip *chip, unsigned int offset, unsigned long eint_n; u32 debounce; - if (pinconf_to_config_param(config) != PIN_CONFIG_INPUT_DEBOUNCE) + if (!hw->eint || + pinconf_to_config_param(config) != PIN_CONFIG_INPUT_DEBOUNCE) return -ENOTSUPP; debounce = pinconf_to_config_argument(config); -- 2.7.4

7 years, 4 months

2
1
0 0

FAILED: patch "[PATCH] crypto: caam - fix IV DMA mapping and updating" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 115957bb3e59fcb226ce76b97af14533f239e0ac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Horia=20Geant=C4=83?= <horia.geanta(a)nxp.com> Date: Wed, 28 Mar 2018 15:39:18 +0300 Subject: [PATCH] crypto: caam - fix IV DMA mapping and updating MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit There are two IV-related issues: (1) crypto API does not guarantee to provide an IV buffer that is DMAable, thus it's incorrect to DMA map it (2) for in-place decryption, since ciphertext is overwritten with plaintext, updated req->info will contain the last block of plaintext (instead of the last block of ciphertext) While these two issues could be fixed separately, it's straightforward to fix both in the same time - by allocating extra space in the ablkcipher_edesc for the IV that will be fed to the crypto engine; this allows for fixing (2) by saving req->src[last_block] in req->info directly, i.e. without allocating another temporary buffer. A side effect of the fix is that it's no longer possible to have the IV and req->src contiguous. Code checking for this case is removed. Cc: <stable(a)vger.kernel.org> # 4.13+ Fixes: 854b06f76879 ("crypto: caam - properly set IV after {en,de}crypt") Link: http://lkml.kernel.org/r/20170113084620.GF22022@gondor.apana.org.au Reported-by: Gilad Ben-Yossef <gilad(a)benyossef.com> Signed-off-by: Horia Geantă <horia.geanta(a)nxp.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 3e18b9266027..d67667970f7e 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -774,6 +774,7 @@ struct aead_edesc { * @sec4_sg_dma: bus physical mapped address of h/w link table * @sec4_sg: pointer to h/w link table * @hw_desc: the h/w job descriptor followed by any referenced link tables + * and IV */ struct ablkcipher_edesc { int src_nents; @@ -915,6 +916,18 @@ static void ablkcipher_encrypt_done(struct device *jrdev, u32 *desc, u32 err, scatterwalk_map_and_copy(req->info, req->dst, req->nbytes - ivsize, ivsize, 0); + /* In case initial IV was generated, copy it in GIVCIPHER request */ + if (edesc->iv_dir == DMA_FROM_DEVICE) { + u8 *iv; + struct skcipher_givcrypt_request *greq; + + greq = container_of(req, struct skcipher_givcrypt_request, + creq); + iv = (u8 *)edesc->hw_desc + desc_bytes(edesc->hw_desc) + + edesc->sec4_sg_bytes; + memcpy(greq->giv, iv, ivsize); + } + kfree(edesc); ablkcipher_request_complete(req, err); @@ -925,10 +938,10 @@ static void ablkcipher_decrypt_done(struct device *jrdev, u32 *desc, u32 err, { struct ablkcipher_request *req = context; struct ablkcipher_edesc *edesc; +#ifdef DEBUG struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req); int ivsize = crypto_ablkcipher_ivsize(ablkcipher); -#ifdef DEBUG dev_err(jrdev, "%s %d: err 0x%x\n", __func__, __LINE__, err); #endif @@ -946,14 +959,6 @@ static void ablkcipher_decrypt_done(struct device *jrdev, u32 *desc, u32 err, edesc->dst_nents > 1 ? 100 : req->nbytes, 1); ablkcipher_unmap(jrdev, edesc, req); - - /* - * The crypto API expects us to set the IV (req->info) to the last - * ciphertext block. - */ - scatterwalk_map_and_copy(req->info, req->src, req->nbytes - ivsize, - ivsize, 0); - kfree(edesc); ablkcipher_request_complete(req, err); @@ -1102,15 +1107,14 @@ static void init_authenc_job(struct aead_request *req, */ static void init_ablkcipher_job(u32 *sh_desc, dma_addr_t ptr, struct ablkcipher_edesc *edesc, - struct ablkcipher_request *req, - bool iv_contig) + struct ablkcipher_request *req) { struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req); int ivsize = crypto_ablkcipher_ivsize(ablkcipher); u32 *desc = edesc->hw_desc; - u32 out_options = 0, in_options; - dma_addr_t dst_dma, src_dma; - int len, sec4_sg_index = 0; + u32 out_options = 0; + dma_addr_t dst_dma; + int len; #ifdef DEBUG print_hex_dump(KERN_ERR, "presciv@"__stringify(__LINE__)": ", @@ -1126,30 +1130,18 @@ static void init_ablkcipher_job(u32 *sh_desc, dma_addr_t ptr, len = desc_len(sh_desc); init_job_desc_shared(desc, ptr, len, HDR_SHARE_DEFER | HDR_REVERSE); - if (iv_contig) { - src_dma = edesc->iv_dma; - in_options = 0; - } else { - src_dma = edesc->sec4_sg_dma; - sec4_sg_index += edesc->src_nents + 1; - in_options = LDST_SGF; - } - append_seq_in_ptr(desc, src_dma, req->nbytes + ivsize, in_options); + append_seq_in_ptr(desc, edesc->sec4_sg_dma, req->nbytes + ivsize, + LDST_SGF); if (likely(req->src == req->dst)) { - if (edesc->src_nents == 1 && iv_contig) { - dst_dma = sg_dma_address(req->src); - } else { - dst_dma = edesc->sec4_sg_dma + - sizeof(struct sec4_sg_entry); - out_options = LDST_SGF; - } + dst_dma = edesc->sec4_sg_dma + sizeof(struct sec4_sg_entry); + out_options = LDST_SGF; } else { if (edesc->dst_nents == 1) { dst_dma = sg_dma_address(req->dst); } else { - dst_dma = edesc->sec4_sg_dma + - sec4_sg_index * sizeof(struct sec4_sg_entry); + dst_dma = edesc->sec4_sg_dma + (edesc->src_nents + 1) * + sizeof(struct sec4_sg_entry); out_options = LDST_SGF; } } @@ -1161,13 +1153,12 @@ static void init_ablkcipher_job(u32 *sh_desc, dma_addr_t ptr, */ static void init_ablkcipher_giv_job(u32 *sh_desc, dma_addr_t ptr, struct ablkcipher_edesc *edesc, - struct ablkcipher_request *req, - bool iv_contig) + struct ablkcipher_request *req) { struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req); int ivsize = crypto_ablkcipher_ivsize(ablkcipher); u32 *desc = edesc->hw_desc; - u32 out_options, in_options; + u32 in_options; dma_addr_t dst_dma, src_dma; int len, sec4_sg_index = 0; @@ -1193,15 +1184,9 @@ static void init_ablkcipher_giv_job(u32 *sh_desc, dma_addr_t ptr, } append_seq_in_ptr(desc, src_dma, req->nbytes, in_options); - if (iv_contig) { - dst_dma = edesc->iv_dma; - out_options = 0; - } else { - dst_dma = edesc->sec4_sg_dma + - sec4_sg_index * sizeof(struct sec4_sg_entry); - out_options = LDST_SGF; - } - append_seq_out_ptr(desc, dst_dma, req->nbytes + ivsize, out_options); + dst_dma = edesc->sec4_sg_dma + sec4_sg_index * + sizeof(struct sec4_sg_entry); + append_seq_out_ptr(desc, dst_dma, req->nbytes + ivsize, LDST_SGF); } /* @@ -1494,8 +1479,7 @@ static int aead_decrypt(struct aead_request *req) * allocate and map the ablkcipher extended descriptor for ablkcipher */ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request - *req, int desc_bytes, - bool *iv_contig_out) + *req, int desc_bytes) { struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req); struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher); @@ -1504,8 +1488,8 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request GFP_KERNEL : GFP_ATOMIC; int src_nents, mapped_src_nents, dst_nents = 0, mapped_dst_nents = 0; struct ablkcipher_edesc *edesc; - dma_addr_t iv_dma = 0; - bool in_contig; + dma_addr_t iv_dma; + u8 *iv; int ivsize = crypto_ablkcipher_ivsize(ablkcipher); int dst_sg_idx, sec4_sg_ents, sec4_sg_bytes; @@ -1549,33 +1533,20 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request } } - iv_dma = dma_map_single(jrdev, req->info, ivsize, DMA_TO_DEVICE); - if (dma_mapping_error(jrdev, iv_dma)) { - dev_err(jrdev, "unable to map IV\n"); - caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, - 0, DMA_NONE, 0, 0); - return ERR_PTR(-ENOMEM); - } - - if (mapped_src_nents == 1 && - iv_dma + ivsize == sg_dma_address(req->src)) { - in_contig = true; - sec4_sg_ents = 0; - } else { - in_contig = false; - sec4_sg_ents = 1 + mapped_src_nents; - } + sec4_sg_ents = 1 + mapped_src_nents; dst_sg_idx = sec4_sg_ents; sec4_sg_ents += mapped_dst_nents > 1 ? mapped_dst_nents : 0; sec4_sg_bytes = sec4_sg_ents * sizeof(struct sec4_sg_entry); - /* allocate space for base edesc and hw desc commands, link tables */ - edesc = kzalloc(sizeof(*edesc) + desc_bytes + sec4_sg_bytes, + /* + * allocate space for base edesc and hw desc commands, link tables, IV + */ + edesc = kzalloc(sizeof(*edesc) + desc_bytes + sec4_sg_bytes + ivsize, GFP_DMA | flags); if (!edesc) { dev_err(jrdev, "could not allocate extended descriptor\n"); - caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, - iv_dma, ivsize, DMA_TO_DEVICE, 0, 0); + caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, + 0, DMA_NONE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1586,12 +1557,22 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request desc_bytes; edesc->iv_dir = DMA_TO_DEVICE; - if (!in_contig) { - dma_to_sec4_sg_one(edesc->sec4_sg, iv_dma, ivsize, 0); - sg_to_sec4_sg_last(req->src, mapped_src_nents, - edesc->sec4_sg + 1, 0); + /* Make sure IV is located in a DMAable area */ + iv = (u8 *)edesc->hw_desc + desc_bytes + sec4_sg_bytes; + memcpy(iv, req->info, ivsize); + + iv_dma = dma_map_single(jrdev, iv, ivsize, DMA_TO_DEVICE); + if (dma_mapping_error(jrdev, iv_dma)) { + dev_err(jrdev, "unable to map IV\n"); + caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, + 0, DMA_NONE, 0, 0); + kfree(edesc); + return ERR_PTR(-ENOMEM); } + dma_to_sec4_sg_one(edesc->sec4_sg, iv_dma, ivsize, 0); + sg_to_sec4_sg_last(req->src, mapped_src_nents, edesc->sec4_sg + 1, 0); + if (mapped_dst_nents > 1) { sg_to_sec4_sg_last(req->dst, mapped_dst_nents, edesc->sec4_sg + dst_sg_idx, 0); @@ -1615,7 +1596,6 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request sec4_sg_bytes, 1); #endif - *iv_contig_out = in_contig; return edesc; } @@ -1625,19 +1605,16 @@ static int ablkcipher_encrypt(struct ablkcipher_request *req) struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req); struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher); struct device *jrdev = ctx->jrdev; - bool iv_contig; u32 *desc; int ret = 0; /* allocate extended descriptor */ - edesc = ablkcipher_edesc_alloc(req, DESC_JOB_IO_LEN * - CAAM_CMD_SZ, &iv_contig); + edesc = ablkcipher_edesc_alloc(req, DESC_JOB_IO_LEN * CAAM_CMD_SZ); if (IS_ERR(edesc)) return PTR_ERR(edesc); /* Create and submit job descriptor*/ - init_ablkcipher_job(ctx->sh_desc_enc, - ctx->sh_desc_enc_dma, edesc, req, iv_contig); + init_ablkcipher_job(ctx->sh_desc_enc, ctx->sh_desc_enc_dma, edesc, req); #ifdef DEBUG print_hex_dump(KERN_ERR, "ablkcipher jobdesc@"__stringify(__LINE__)": ", DUMP_PREFIX_ADDRESS, 16, 4, edesc->hw_desc, @@ -1661,20 +1638,25 @@ static int ablkcipher_decrypt(struct ablkcipher_request *req) struct ablkcipher_edesc *edesc; struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req); struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher); + int ivsize = crypto_ablkcipher_ivsize(ablkcipher); struct device *jrdev = ctx->jrdev; - bool iv_contig; u32 *desc; int ret = 0; /* allocate extended descriptor */ - edesc = ablkcipher_edesc_alloc(req, DESC_JOB_IO_LEN * - CAAM_CMD_SZ, &iv_contig); + edesc = ablkcipher_edesc_alloc(req, DESC_JOB_IO_LEN * CAAM_CMD_SZ); if (IS_ERR(edesc)) return PTR_ERR(edesc); + /* + * The crypto API expects us to set the IV (req->info) to the last + * ciphertext block. + */ + scatterwalk_map_and_copy(req->info, req->src, req->nbytes - ivsize, + ivsize, 0); + /* Create and submit job descriptor*/ - init_ablkcipher_job(ctx->sh_desc_dec, - ctx->sh_desc_dec_dma, edesc, req, iv_contig); + init_ablkcipher_job(ctx->sh_desc_dec, ctx->sh_desc_dec_dma, edesc, req); desc = edesc->hw_desc; #ifdef DEBUG print_hex_dump(KERN_ERR, "ablkcipher jobdesc@"__stringify(__LINE__)": ", @@ -1699,8 +1681,7 @@ static int ablkcipher_decrypt(struct ablkcipher_request *req) */ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( struct skcipher_givcrypt_request *greq, - int desc_bytes, - bool *iv_contig_out) + int desc_bytes) { struct ablkcipher_request *req = &greq->creq; struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req); @@ -1710,8 +1691,8 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( GFP_KERNEL : GFP_ATOMIC; int src_nents, mapped_src_nents, dst_nents, mapped_dst_nents; struct ablkcipher_edesc *edesc; - dma_addr_t iv_dma = 0; - bool out_contig; + dma_addr_t iv_dma; + u8 *iv; int ivsize = crypto_ablkcipher_ivsize(ablkcipher); int dst_sg_idx, sec4_sg_ents, sec4_sg_bytes; @@ -1756,36 +1737,20 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( } } - /* - * Check if iv can be contiguous with source and destination. - * If so, include it. If not, create scatterlist. - */ - iv_dma = dma_map_single(jrdev, greq->giv, ivsize, DMA_FROM_DEVICE); - if (dma_mapping_error(jrdev, iv_dma)) { - dev_err(jrdev, "unable to map IV\n"); - caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, - 0, DMA_NONE, 0, 0); - return ERR_PTR(-ENOMEM); - } - sec4_sg_ents = mapped_src_nents > 1 ? mapped_src_nents : 0; dst_sg_idx = sec4_sg_ents; - if (mapped_dst_nents == 1 && - iv_dma + ivsize == sg_dma_address(req->dst)) { - out_contig = true; - } else { - out_contig = false; - sec4_sg_ents += 1 + mapped_dst_nents; - } + sec4_sg_ents += 1 + mapped_dst_nents; - /* allocate space for base edesc and hw desc commands, link tables */ + /* + * allocate space for base edesc and hw desc commands, link tables, IV + */ sec4_sg_bytes = sec4_sg_ents * sizeof(struct sec4_sg_entry); - edesc = kzalloc(sizeof(*edesc) + desc_bytes + sec4_sg_bytes, + edesc = kzalloc(sizeof(*edesc) + desc_bytes + sec4_sg_bytes + ivsize, GFP_DMA | flags); if (!edesc) { dev_err(jrdev, "could not allocate extended descriptor\n"); - caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, - iv_dma, ivsize, DMA_FROM_DEVICE, 0, 0); + caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, + 0, DMA_NONE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1796,16 +1761,24 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( desc_bytes; edesc->iv_dir = DMA_FROM_DEVICE; + /* Make sure IV is located in a DMAable area */ + iv = (u8 *)edesc->hw_desc + desc_bytes + sec4_sg_bytes; + iv_dma = dma_map_single(jrdev, iv, ivsize, DMA_FROM_DEVICE); + if (dma_mapping_error(jrdev, iv_dma)) { + dev_err(jrdev, "unable to map IV\n"); + caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, + 0, DMA_NONE, 0, 0); + kfree(edesc); + return ERR_PTR(-ENOMEM); + } + if (mapped_src_nents > 1) sg_to_sec4_sg_last(req->src, mapped_src_nents, edesc->sec4_sg, 0); - if (!out_contig) { - dma_to_sec4_sg_one(edesc->sec4_sg + dst_sg_idx, - iv_dma, ivsize, 0); - sg_to_sec4_sg_last(req->dst, mapped_dst_nents, - edesc->sec4_sg + dst_sg_idx + 1, 0); - } + dma_to_sec4_sg_one(edesc->sec4_sg + dst_sg_idx, iv_dma, ivsize, 0); + sg_to_sec4_sg_last(req->dst, mapped_dst_nents, edesc->sec4_sg + + dst_sg_idx + 1, 0); edesc->sec4_sg_dma = dma_map_single(jrdev, edesc->sec4_sg, sec4_sg_bytes, DMA_TO_DEVICE); @@ -1825,7 +1798,6 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( sec4_sg_bytes, 1); #endif - *iv_contig_out = out_contig; return edesc; } @@ -1836,19 +1808,17 @@ static int ablkcipher_givencrypt(struct skcipher_givcrypt_request *creq) struct crypto_ablkcipher *ablkcipher = crypto_ablkcipher_reqtfm(req); struct caam_ctx *ctx = crypto_ablkcipher_ctx(ablkcipher); struct device *jrdev = ctx->jrdev; - bool iv_contig = false; u32 *desc; int ret = 0; /* allocate extended descriptor */ - edesc = ablkcipher_giv_edesc_alloc(creq, DESC_JOB_IO_LEN * - CAAM_CMD_SZ, &iv_contig); + edesc = ablkcipher_giv_edesc_alloc(creq, DESC_JOB_IO_LEN * CAAM_CMD_SZ); if (IS_ERR(edesc)) return PTR_ERR(edesc); /* Create and submit job descriptor*/ init_ablkcipher_giv_job(ctx->sh_desc_givenc, ctx->sh_desc_givenc_dma, - edesc, req, iv_contig); + edesc, req); #ifdef DEBUG print_hex_dump(KERN_ERR, "ablkcipher jobdesc@" __stringify(__LINE__) ": ",

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] crypto: caam - fix DMA mapping dir for generated IV" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From a38acd236cac914aafffd80af79b9556fc2c3934 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Horia=20Geant=C4=83?= <horia.geanta(a)nxp.com> Date: Wed, 28 Mar 2018 15:39:17 +0300 Subject: [PATCH] crypto: caam - fix DMA mapping dir for generated IV MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In case of GIVCIPHER, IV is generated by the device. Fix the DMA mapping direction. Cc: <stable(a)vger.kernel.org> # 3.19+ Fixes: 7222d1a34103 ("crypto: caam - add support for givencrypt cbc(aes) and rfc3686(ctr(aes))") Signed-off-by: Horia Geantă <horia.geanta(a)nxp.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 7207a535942d..3e18b9266027 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -769,6 +769,7 @@ struct aead_edesc { * @src_nents: number of segments in input s/w scatterlist * @dst_nents: number of segments in output s/w scatterlist * @iv_dma: dma address of iv for checking continuity and link table + * @iv_dir: DMA mapping direction for IV * @sec4_sg_bytes: length of dma mapped sec4_sg space * @sec4_sg_dma: bus physical mapped address of h/w link table * @sec4_sg: pointer to h/w link table @@ -778,6 +779,7 @@ struct ablkcipher_edesc { int src_nents; int dst_nents; dma_addr_t iv_dma; + enum dma_data_direction iv_dir; int sec4_sg_bytes; dma_addr_t sec4_sg_dma; struct sec4_sg_entry *sec4_sg; @@ -787,7 +789,8 @@ struct ablkcipher_edesc { static void caam_unmap(struct device *dev, struct scatterlist *src, struct scatterlist *dst, int src_nents, int dst_nents, - dma_addr_t iv_dma, int ivsize, dma_addr_t sec4_sg_dma, + dma_addr_t iv_dma, int ivsize, + enum dma_data_direction iv_dir, dma_addr_t sec4_sg_dma, int sec4_sg_bytes) { if (dst != src) { @@ -799,7 +802,7 @@ static void caam_unmap(struct device *dev, struct scatterlist *src, } if (iv_dma) - dma_unmap_single(dev, iv_dma, ivsize, DMA_TO_DEVICE); + dma_unmap_single(dev, iv_dma, ivsize, iv_dir); if (sec4_sg_bytes) dma_unmap_single(dev, sec4_sg_dma, sec4_sg_bytes, DMA_TO_DEVICE); @@ -810,7 +813,7 @@ static void aead_unmap(struct device *dev, struct aead_request *req) { caam_unmap(dev, req->src, req->dst, - edesc->src_nents, edesc->dst_nents, 0, 0, + edesc->src_nents, edesc->dst_nents, 0, 0, DMA_NONE, edesc->sec4_sg_dma, edesc->sec4_sg_bytes); } @@ -823,7 +826,7 @@ static void ablkcipher_unmap(struct device *dev, caam_unmap(dev, req->src, req->dst, edesc->src_nents, edesc->dst_nents, - edesc->iv_dma, ivsize, + edesc->iv_dma, ivsize, edesc->iv_dir, edesc->sec4_sg_dma, edesc->sec4_sg_bytes); } @@ -1287,7 +1290,7 @@ static struct aead_edesc *aead_edesc_alloc(struct aead_request *req, GFP_DMA | flags); if (!edesc) { caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, - 0, 0, 0); + 0, DMA_NONE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1550,7 +1553,7 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request if (dma_mapping_error(jrdev, iv_dma)) { dev_err(jrdev, "unable to map IV\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, - 0, 0, 0); + 0, DMA_NONE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1572,7 +1575,7 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request if (!edesc) { dev_err(jrdev, "could not allocate extended descriptor\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, - iv_dma, ivsize, 0, 0); + iv_dma, ivsize, DMA_TO_DEVICE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1581,6 +1584,7 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request edesc->sec4_sg_bytes = sec4_sg_bytes; edesc->sec4_sg = (void *)edesc + sizeof(struct ablkcipher_edesc) + desc_bytes; + edesc->iv_dir = DMA_TO_DEVICE; if (!in_contig) { dma_to_sec4_sg_one(edesc->sec4_sg, iv_dma, ivsize, 0); @@ -1598,7 +1602,7 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request if (dma_mapping_error(jrdev, edesc->sec4_sg_dma)) { dev_err(jrdev, "unable to map S/G table\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, - iv_dma, ivsize, 0, 0); + iv_dma, ivsize, DMA_TO_DEVICE, 0, 0); kfree(edesc); return ERR_PTR(-ENOMEM); } @@ -1756,11 +1760,11 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( * Check if iv can be contiguous with source and destination. * If so, include it. If not, create scatterlist. */ - iv_dma = dma_map_single(jrdev, greq->giv, ivsize, DMA_TO_DEVICE); + iv_dma = dma_map_single(jrdev, greq->giv, ivsize, DMA_FROM_DEVICE); if (dma_mapping_error(jrdev, iv_dma)) { dev_err(jrdev, "unable to map IV\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, - 0, 0, 0); + 0, DMA_NONE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1781,7 +1785,7 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( if (!edesc) { dev_err(jrdev, "could not allocate extended descriptor\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, - iv_dma, ivsize, 0, 0); + iv_dma, ivsize, DMA_FROM_DEVICE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1790,6 +1794,7 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( edesc->sec4_sg_bytes = sec4_sg_bytes; edesc->sec4_sg = (void *)edesc + sizeof(struct ablkcipher_edesc) + desc_bytes; + edesc->iv_dir = DMA_FROM_DEVICE; if (mapped_src_nents > 1) sg_to_sec4_sg_last(req->src, mapped_src_nents, edesc->sec4_sg, @@ -1807,7 +1812,7 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( if (dma_mapping_error(jrdev, edesc->sec4_sg_dma)) { dev_err(jrdev, "unable to map S/G table\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, - iv_dma, ivsize, 0, 0); + iv_dma, ivsize, DMA_FROM_DEVICE, 0, 0); kfree(edesc); return ERR_PTR(-ENOMEM); }

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] crypto: caam - fix DMA mapping dir for generated IV" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From a38acd236cac914aafffd80af79b9556fc2c3934 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Horia=20Geant=C4=83?= <horia.geanta(a)nxp.com> Date: Wed, 28 Mar 2018 15:39:17 +0300 Subject: [PATCH] crypto: caam - fix DMA mapping dir for generated IV MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In case of GIVCIPHER, IV is generated by the device. Fix the DMA mapping direction. Cc: <stable(a)vger.kernel.org> # 3.19+ Fixes: 7222d1a34103 ("crypto: caam - add support for givencrypt cbc(aes) and rfc3686(ctr(aes))") Signed-off-by: Horia Geantă <horia.geanta(a)nxp.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> diff --git a/drivers/crypto/caam/caamalg.c b/drivers/crypto/caam/caamalg.c index 7207a535942d..3e18b9266027 100644 --- a/drivers/crypto/caam/caamalg.c +++ b/drivers/crypto/caam/caamalg.c @@ -769,6 +769,7 @@ struct aead_edesc { * @src_nents: number of segments in input s/w scatterlist * @dst_nents: number of segments in output s/w scatterlist * @iv_dma: dma address of iv for checking continuity and link table + * @iv_dir: DMA mapping direction for IV * @sec4_sg_bytes: length of dma mapped sec4_sg space * @sec4_sg_dma: bus physical mapped address of h/w link table * @sec4_sg: pointer to h/w link table @@ -778,6 +779,7 @@ struct ablkcipher_edesc { int src_nents; int dst_nents; dma_addr_t iv_dma; + enum dma_data_direction iv_dir; int sec4_sg_bytes; dma_addr_t sec4_sg_dma; struct sec4_sg_entry *sec4_sg; @@ -787,7 +789,8 @@ struct ablkcipher_edesc { static void caam_unmap(struct device *dev, struct scatterlist *src, struct scatterlist *dst, int src_nents, int dst_nents, - dma_addr_t iv_dma, int ivsize, dma_addr_t sec4_sg_dma, + dma_addr_t iv_dma, int ivsize, + enum dma_data_direction iv_dir, dma_addr_t sec4_sg_dma, int sec4_sg_bytes) { if (dst != src) { @@ -799,7 +802,7 @@ static void caam_unmap(struct device *dev, struct scatterlist *src, } if (iv_dma) - dma_unmap_single(dev, iv_dma, ivsize, DMA_TO_DEVICE); + dma_unmap_single(dev, iv_dma, ivsize, iv_dir); if (sec4_sg_bytes) dma_unmap_single(dev, sec4_sg_dma, sec4_sg_bytes, DMA_TO_DEVICE); @@ -810,7 +813,7 @@ static void aead_unmap(struct device *dev, struct aead_request *req) { caam_unmap(dev, req->src, req->dst, - edesc->src_nents, edesc->dst_nents, 0, 0, + edesc->src_nents, edesc->dst_nents, 0, 0, DMA_NONE, edesc->sec4_sg_dma, edesc->sec4_sg_bytes); } @@ -823,7 +826,7 @@ static void ablkcipher_unmap(struct device *dev, caam_unmap(dev, req->src, req->dst, edesc->src_nents, edesc->dst_nents, - edesc->iv_dma, ivsize, + edesc->iv_dma, ivsize, edesc->iv_dir, edesc->sec4_sg_dma, edesc->sec4_sg_bytes); } @@ -1287,7 +1290,7 @@ static struct aead_edesc *aead_edesc_alloc(struct aead_request *req, GFP_DMA | flags); if (!edesc) { caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, - 0, 0, 0); + 0, DMA_NONE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1550,7 +1553,7 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request if (dma_mapping_error(jrdev, iv_dma)) { dev_err(jrdev, "unable to map IV\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, - 0, 0, 0); + 0, DMA_NONE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1572,7 +1575,7 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request if (!edesc) { dev_err(jrdev, "could not allocate extended descriptor\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, - iv_dma, ivsize, 0, 0); + iv_dma, ivsize, DMA_TO_DEVICE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1581,6 +1584,7 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request edesc->sec4_sg_bytes = sec4_sg_bytes; edesc->sec4_sg = (void *)edesc + sizeof(struct ablkcipher_edesc) + desc_bytes; + edesc->iv_dir = DMA_TO_DEVICE; if (!in_contig) { dma_to_sec4_sg_one(edesc->sec4_sg, iv_dma, ivsize, 0); @@ -1598,7 +1602,7 @@ static struct ablkcipher_edesc *ablkcipher_edesc_alloc(struct ablkcipher_request if (dma_mapping_error(jrdev, edesc->sec4_sg_dma)) { dev_err(jrdev, "unable to map S/G table\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, - iv_dma, ivsize, 0, 0); + iv_dma, ivsize, DMA_TO_DEVICE, 0, 0); kfree(edesc); return ERR_PTR(-ENOMEM); } @@ -1756,11 +1760,11 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( * Check if iv can be contiguous with source and destination. * If so, include it. If not, create scatterlist. */ - iv_dma = dma_map_single(jrdev, greq->giv, ivsize, DMA_TO_DEVICE); + iv_dma = dma_map_single(jrdev, greq->giv, ivsize, DMA_FROM_DEVICE); if (dma_mapping_error(jrdev, iv_dma)) { dev_err(jrdev, "unable to map IV\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, 0, - 0, 0, 0); + 0, DMA_NONE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1781,7 +1785,7 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( if (!edesc) { dev_err(jrdev, "could not allocate extended descriptor\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, - iv_dma, ivsize, 0, 0); + iv_dma, ivsize, DMA_FROM_DEVICE, 0, 0); return ERR_PTR(-ENOMEM); } @@ -1790,6 +1794,7 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( edesc->sec4_sg_bytes = sec4_sg_bytes; edesc->sec4_sg = (void *)edesc + sizeof(struct ablkcipher_edesc) + desc_bytes; + edesc->iv_dir = DMA_FROM_DEVICE; if (mapped_src_nents > 1) sg_to_sec4_sg_last(req->src, mapped_src_nents, edesc->sec4_sg, @@ -1807,7 +1812,7 @@ static struct ablkcipher_edesc *ablkcipher_giv_edesc_alloc( if (dma_mapping_error(jrdev, edesc->sec4_sg_dma)) { dev_err(jrdev, "unable to map S/G table\n"); caam_unmap(jrdev, req->src, req->dst, src_nents, dst_nents, - iv_dma, ivsize, 0, 0); + iv_dma, ivsize, DMA_FROM_DEVICE, 0, 0); kfree(edesc); return ERR_PTR(-ENOMEM); }

7 years, 4 months

1
0
0 0

Re: [PATCH 4.4 119/268] xen/pirq: fix error path cleanup when binding MSIs

by Ben Hutchings

On Wed, 2018-02-28 at 09:19 +0000, Roger Pau Monne wrote: > From: Roger Pau Monne <roger.pau(a)citrix.com> > > [ Upstream commit 910f8befdf5bccf25287d9f1743e3e546bcb7ce0 ] > > Current cleanup in the error path of xen_bind_pirq_msi_to_irq is > wrong. First of all there's an off-by-one in the cleanup loop, which > can lead to unbinding wrong IRQs. > > Secondly IRQs not bound won't be freed, thus leaking IRQ numbers. > > Note that there's no need to differentiate between bound and unbound > IRQs when freeing them, __unbind_from_irq will deal with both of them > correctly. It appears to me that it is safe to call __unbind_from_irq() after xen_irq_info_common_setup() fails, but *not* if the latter hasn't been called at all. In that case the IRQ type will still be set to IRQT_UNBOUND and this will trigger the BUG_ON() in __unbind_from_irq(). [...] > --- a/drivers/xen/events/events_base.c > +++ b/drivers/xen/events/events_base.c > @@ -764,8 +764,8 @@ out: > mutex_unlock(&irq_mapping_update_lock); > return irq; > error_irq: > - for (; i >= 0; i--) > - __unbind_from_irq(irq + i); > + while (nvec--) > + __unbind_from_irq(irq + nvec); If nvec > 1, and xen_irq_info_pirq_setup() fails for i != nvec - 1, then we reach here without having called xen_irq_info_common_setup() for all these IRQs. In that case, I think we will still want to call xen_free_irq() for all IRQs. So maybe the fix would be to remove the BUG_ON() in __unbind_from_irq()? Ben. > mutex_unlock(&irq_mapping_update_lock); > return ret; > } -- Ben Hutchings, Software Developer Codethink Ltd https://www.codethink.co.uk/ Dale House, 35 Dale Street Manchester, M1 2HF, United Kingdom

7 years, 4 months

3
2
0 0

FAILED: patch "[PATCH] tty: pl011: Avoid spuriously stuck-off interrupts" failed to apply to 3.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 3.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 4a7e625ce50412a7711efa0f2ef0b96ce3826759 Mon Sep 17 00:00:00 2001 From: Dave Martin <Dave.Martin(a)arm.com> Date: Thu, 10 May 2018 18:08:23 +0100 Subject: [PATCH] tty: pl011: Avoid spuriously stuck-off interrupts Commit 9b96fbacda34 ("serial: PL011: clear pending interrupts") clears the RX and receive timeout interrupts on pl011 startup, to avoid a screaming-interrupt scenario that can occur when the firmware or bootloader leaves these interrupts asserted. This has been noted as an issue when running Linux on qemu [1]. Unfortunately, the above fix seems to lead to potential misbehaviour if the RX FIFO interrupt is asserted _non_ spuriously on driver startup, if the RX FIFO is also already full to the trigger level. Clearing the RX FIFO interrupt does not change the FIFO fill level. In this scenario, because the interrupt is now clear and because the FIFO is already full to the trigger level, no new assertion of the RX FIFO interrupt can occur unless the FIFO is drained back below the trigger level. This never occurs because the pl011 driver is waiting for an RX FIFO interrupt to tell it that there is something to read, and does not read the FIFO at all until that interrupt occurs. Thus, simply clearing "spurious" interrupts on startup may be misguided, since there is no way to be sure that the interrupts are truly spurious, and things can go wrong if they are not. This patch instead clears the interrupt condition by draining the RX FIFO during UART startup, after clearing any potentially spurious interrupt. This should ensure that an interrupt will definitely be asserted if the RX FIFO subsequently becomes sufficiently full. The drain is done at the point of enabling interrupts only. This means that it will occur any time the UART is newly opened through the tty layer. It will not apply to polled-mode use of the UART by kgdboc: since that scenario cannot use interrupts by design, this should not matter. kgdboc will interact badly with "normal" use of the UART in any case: this patch makes no attempt to paper over such issues. This patch does not attempt to address the case where the RX FIFO fills faster than it can be drained: that is a pathological hardware design problem that is beyond the scope of the driver to work around. As a failsafe, the number of poll iterations for draining the FIFO is limited to twice the FIFO size. This will ensure that the kernel at least boots even if it is impossible to drain the FIFO for some reason. [1] [Qemu-devel] [Qemu-arm] [PATCH] pl011: do not put into fifo before enabled the interruption https://lists.gnu.org/archive/html/qemu-devel/2018-01/msg06446.html Reported-by: Wei Xu <xuwei5(a)hisilicon.com> Cc: Russell King <linux(a)armlinux.org.uk> Cc: Linus Walleij <linus.walleij(a)linaro.org> Cc: Peter Maydell <peter.maydell(a)linaro.org> Fixes: 9b96fbacda34 ("serial: PL011: clear pending interrupts") Signed-off-by: Dave Martin <Dave.Martin(a)arm.com> Cc: stable <stable(a)vger.kernel.org> Tested-by: Wei Xu <xuwei5(a)hisilicon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/serial/amba-pl011.c b/drivers/tty/serial/amba-pl011.c index 4b40a5b449ee..ebd33c0232e6 100644 --- a/drivers/tty/serial/amba-pl011.c +++ b/drivers/tty/serial/amba-pl011.c @@ -1727,10 +1727,26 @@ static int pl011_allocate_irq(struct uart_amba_port *uap) */ static void pl011_enable_interrupts(struct uart_amba_port *uap) { + unsigned int i; + spin_lock_irq(&uap->port.lock); /* Clear out any spuriously appearing RX interrupts */ pl011_write(UART011_RTIS | UART011_RXIS, uap, REG_ICR); + + /* + * RXIS is asserted only when the RX FIFO transitions from below + * to above the trigger threshold. If the RX FIFO is already + * full to the threshold this can't happen and RXIS will now be + * stuck off. Drain the RX FIFO explicitly to fix this: + */ + for (i = 0; i < uap->fifosize * 2; ++i) { + if (pl011_read(uap, REG_FR) & UART01x_FR_RXFE) + break; + + pl011_read(uap, REG_DR); + } + uap->im = UART011_RTIM; if (!pl011_dma_rx_running(uap)) uap->im |= UART011_RXIM;

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] tty: pl011: Avoid spuriously stuck-off interrupts" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 4a7e625ce50412a7711efa0f2ef0b96ce3826759 Mon Sep 17 00:00:00 2001 From: Dave Martin <Dave.Martin(a)arm.com> Date: Thu, 10 May 2018 18:08:23 +0100 Subject: [PATCH] tty: pl011: Avoid spuriously stuck-off interrupts Commit 9b96fbacda34 ("serial: PL011: clear pending interrupts") clears the RX and receive timeout interrupts on pl011 startup, to avoid a screaming-interrupt scenario that can occur when the firmware or bootloader leaves these interrupts asserted. This has been noted as an issue when running Linux on qemu [1]. Unfortunately, the above fix seems to lead to potential misbehaviour if the RX FIFO interrupt is asserted _non_ spuriously on driver startup, if the RX FIFO is also already full to the trigger level. Clearing the RX FIFO interrupt does not change the FIFO fill level. In this scenario, because the interrupt is now clear and because the FIFO is already full to the trigger level, no new assertion of the RX FIFO interrupt can occur unless the FIFO is drained back below the trigger level. This never occurs because the pl011 driver is waiting for an RX FIFO interrupt to tell it that there is something to read, and does not read the FIFO at all until that interrupt occurs. Thus, simply clearing "spurious" interrupts on startup may be misguided, since there is no way to be sure that the interrupts are truly spurious, and things can go wrong if they are not. This patch instead clears the interrupt condition by draining the RX FIFO during UART startup, after clearing any potentially spurious interrupt. This should ensure that an interrupt will definitely be asserted if the RX FIFO subsequently becomes sufficiently full. The drain is done at the point of enabling interrupts only. This means that it will occur any time the UART is newly opened through the tty layer. It will not apply to polled-mode use of the UART by kgdboc: since that scenario cannot use interrupts by design, this should not matter. kgdboc will interact badly with "normal" use of the UART in any case: this patch makes no attempt to paper over such issues. This patch does not attempt to address the case where the RX FIFO fills faster than it can be drained: that is a pathological hardware design problem that is beyond the scope of the driver to work around. As a failsafe, the number of poll iterations for draining the FIFO is limited to twice the FIFO size. This will ensure that the kernel at least boots even if it is impossible to drain the FIFO for some reason. [1] [Qemu-devel] [Qemu-arm] [PATCH] pl011: do not put into fifo before enabled the interruption https://lists.gnu.org/archive/html/qemu-devel/2018-01/msg06446.html Reported-by: Wei Xu <xuwei5(a)hisilicon.com> Cc: Russell King <linux(a)armlinux.org.uk> Cc: Linus Walleij <linus.walleij(a)linaro.org> Cc: Peter Maydell <peter.maydell(a)linaro.org> Fixes: 9b96fbacda34 ("serial: PL011: clear pending interrupts") Signed-off-by: Dave Martin <Dave.Martin(a)arm.com> Cc: stable <stable(a)vger.kernel.org> Tested-by: Wei Xu <xuwei5(a)hisilicon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/serial/amba-pl011.c b/drivers/tty/serial/amba-pl011.c index 4b40a5b449ee..ebd33c0232e6 100644 --- a/drivers/tty/serial/amba-pl011.c +++ b/drivers/tty/serial/amba-pl011.c @@ -1727,10 +1727,26 @@ static int pl011_allocate_irq(struct uart_amba_port *uap) */ static void pl011_enable_interrupts(struct uart_amba_port *uap) { + unsigned int i; + spin_lock_irq(&uap->port.lock); /* Clear out any spuriously appearing RX interrupts */ pl011_write(UART011_RTIS | UART011_RXIS, uap, REG_ICR); + + /* + * RXIS is asserted only when the RX FIFO transitions from below + * to above the trigger threshold. If the RX FIFO is already + * full to the threshold this can't happen and RXIS will now be + * stuck off. Drain the RX FIFO explicitly to fix this: + */ + for (i = 0; i < uap->fifosize * 2; ++i) { + if (pl011_read(uap, REG_FR) & UART01x_FR_RXFE) + break; + + pl011_read(uap, REG_DR); + } + uap->im = UART011_RTIM; if (!pl011_dma_rx_running(uap)) uap->im |= UART011_RXIM;

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] serial: 8250: omap: Fix idling of clocks for unused uarts" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 13dc04d0e5fdc25c8f713ad23fdce51cf2bf96ba Mon Sep 17 00:00:00 2001 From: Tony Lindgren <tony(a)atomide.com> Date: Fri, 4 May 2018 10:44:09 -0700 Subject: [PATCH] serial: 8250: omap: Fix idling of clocks for unused uarts I noticed that unused UARTs won't necessarily idle properly always unless at least one byte tx transfer is done first. After some debugging I narrowed down the problem to the scr register dma configuration bits that need to be set before softreset for the clocks to idle. Unless we do this, the module clkctrl idlest bits may be set to 1 instead of 3 meaning the clock will never idle and is blocking deeper idle states for the whole domain. This might be related to the configuration done by the bootloader or kexec booting where certain configurations cause the 8250 or the clkctrl clock to jam in a way where setting of the scr bits and reset is needed to clear it. I've tried diffing the 8250 registers for the various modes, but did not see anything specific. So far I've only seen this on omap4 but I'm suspecting this might also happen on the other clkctrl using SoCs considering they already have a quirk enabled for UART_ERRATA_CLOCK_DISABLE. Let's fix the issue by configuring scr before reset for basic dma even if we don't use it. The scr register will be reset when we do softreset few lines after, and we restore scr on resume. We should do this for all the SoCs with UART_ERRATA_CLOCK_DISABLE quirk flag set since the ones with UART_ERRATA_CLOCK_DISABLE are all based using clkctrl similar to omap4. Looks like both OMAP_UART_SCR_DMAMODE_1 | OMAP_UART_SCR_DMAMODE_CTL bits are needed for the clkctrl to idle after a softreset. And we need to add omap4 to also use the UART_ERRATA_CLOCK_DISABLE for the related workaround to be enabled. This same compatible value will also be used for omap5. Fixes: cdb929e4452a ("serial: 8250_omap: workaround errata around idling UART after using DMA") Cc: Keerthy <j-keerthy(a)ti.com> Cc: Matthijs van Duin <matthijsvanduin(a)gmail.com> Cc: Sekhar Nori <nsekhar(a)ti.com> Cc: Tero Kristo <t-kristo(a)ti.com> Signed-off-by: Tony Lindgren <tony(a)atomide.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/tty/serial/8250/8250_omap.c b/drivers/tty/serial/8250/8250_omap.c index 6aaa84355fd1..1b337fee07ed 100644 --- a/drivers/tty/serial/8250/8250_omap.c +++ b/drivers/tty/serial/8250/8250_omap.c @@ -1110,13 +1110,14 @@ static int omap8250_no_handle_irq(struct uart_port *port) return 0; } +static const u8 omap4_habit = UART_ERRATA_CLOCK_DISABLE; static const u8 am3352_habit = OMAP_DMA_TX_KICK | UART_ERRATA_CLOCK_DISABLE; static const u8 dra742_habit = UART_ERRATA_CLOCK_DISABLE; static const struct of_device_id omap8250_dt_ids[] = { { .compatible = "ti,omap2-uart" }, { .compatible = "ti,omap3-uart" }, - { .compatible = "ti,omap4-uart" }, + { .compatible = "ti,omap4-uart", .data = &omap4_habit, }, { .compatible = "ti,am3352-uart", .data = &am3352_habit, }, { .compatible = "ti,am4372-uart", .data = &am3352_habit, }, { .compatible = "ti,dra742-uart", .data = &dra742_habit, }, @@ -1362,6 +1363,19 @@ static int omap8250_soft_reset(struct device *dev) int sysc; int syss; + /* + * At least on omap4, unused uarts may not idle after reset without + * a basic scr dma configuration even with no dma in use. The + * module clkctrl status bits will be 1 instead of 3 blocking idle + * for the whole clockdomain. The softreset below will clear scr, + * and we restore it on resume so this is safe to do on all SoCs + * needing omap8250_soft_reset() quirk. Do it in two writes as + * recommended in the comment for omap8250_update_scr(). + */ + serial_out(up, UART_OMAP_SCR, OMAP_UART_SCR_DMAMODE_1); + serial_out(up, UART_OMAP_SCR, + OMAP_UART_SCR_DMAMODE_1 | OMAP_UART_SCR_DMAMODE_CTL); + sysc = serial_in(up, UART_OMAP_SYSC); /* softreset the UART */

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 05645366f3893c160bd39ca49f3fe2f2f026f58b Mon Sep 17 00:00:00 2001 From: Mayank Rana <mrana(a)codeaurora.org> Date: Fri, 23 Mar 2018 10:05:33 -0700 Subject: [PATCH] usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue dwc3_ep_dequeue() waits for completion of End Transfer command using wait_event_lock_irq(), which will release the dwc3->lock while waiting and reacquire after completion. This allows a potential race condition with ep_disable() which also removes all requests from started_list and pending_list. The check for NULL r->trb should catch this but currently it exits to the wrong 'out1' label which calls dwc3_gadget_giveback(). Since its list entry was already removed, if CONFIG_DEBUG_LIST is enabled a 'list_del corruption' bug is thrown since its next/prev pointers are already LIST_POISON1/2. If r->trb is NULL it should simply exit to 'out0'. Fixes: cf3113d893d4 ("usb: dwc3: gadget: properly increment dequeue pointer on ep_dequeue") Cc: stable(a)vger.kernel.org # v4.12+ Signed-off-by: Mayank Rana <mrana(a)codeaurora.org> Signed-off-by: Jack Pham <jackp(a)codeaurora.org> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c index eeb30133878e..69bf137aab37 100644 --- a/drivers/usb/dwc3/gadget.c +++ b/drivers/usb/dwc3/gadget.c @@ -1395,7 +1395,7 @@ static int dwc3_gadget_ep_dequeue(struct usb_ep *ep, dwc->lock); if (!r->trb) - goto out1; + goto out0; if (r->num_pending_sgs) { struct dwc3_trb *trb;

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue" failed to apply to 4.16-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.16-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 05645366f3893c160bd39ca49f3fe2f2f026f58b Mon Sep 17 00:00:00 2001 From: Mayank Rana <mrana(a)codeaurora.org> Date: Fri, 23 Mar 2018 10:05:33 -0700 Subject: [PATCH] usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue dwc3_ep_dequeue() waits for completion of End Transfer command using wait_event_lock_irq(), which will release the dwc3->lock while waiting and reacquire after completion. This allows a potential race condition with ep_disable() which also removes all requests from started_list and pending_list. The check for NULL r->trb should catch this but currently it exits to the wrong 'out1' label which calls dwc3_gadget_giveback(). Since its list entry was already removed, if CONFIG_DEBUG_LIST is enabled a 'list_del corruption' bug is thrown since its next/prev pointers are already LIST_POISON1/2. If r->trb is NULL it should simply exit to 'out0'. Fixes: cf3113d893d4 ("usb: dwc3: gadget: properly increment dequeue pointer on ep_dequeue") Cc: stable(a)vger.kernel.org # v4.12+ Signed-off-by: Mayank Rana <mrana(a)codeaurora.org> Signed-off-by: Jack Pham <jackp(a)codeaurora.org> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c index eeb30133878e..69bf137aab37 100644 --- a/drivers/usb/dwc3/gadget.c +++ b/drivers/usb/dwc3/gadget.c @@ -1395,7 +1395,7 @@ static int dwc3_gadget_ep_dequeue(struct usb_ep *ep, dwc->lock); if (!r->trb) - goto out1; + goto out0; if (r->num_pending_sgs) { struct dwc3_trb *trb;

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 05645366f3893c160bd39ca49f3fe2f2f026f58b Mon Sep 17 00:00:00 2001 From: Mayank Rana <mrana(a)codeaurora.org> Date: Fri, 23 Mar 2018 10:05:33 -0700 Subject: [PATCH] usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue dwc3_ep_dequeue() waits for completion of End Transfer command using wait_event_lock_irq(), which will release the dwc3->lock while waiting and reacquire after completion. This allows a potential race condition with ep_disable() which also removes all requests from started_list and pending_list. The check for NULL r->trb should catch this but currently it exits to the wrong 'out1' label which calls dwc3_gadget_giveback(). Since its list entry was already removed, if CONFIG_DEBUG_LIST is enabled a 'list_del corruption' bug is thrown since its next/prev pointers are already LIST_POISON1/2. If r->trb is NULL it should simply exit to 'out0'. Fixes: cf3113d893d4 ("usb: dwc3: gadget: properly increment dequeue pointer on ep_dequeue") Cc: stable(a)vger.kernel.org # v4.12+ Signed-off-by: Mayank Rana <mrana(a)codeaurora.org> Signed-off-by: Jack Pham <jackp(a)codeaurora.org> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c index eeb30133878e..69bf137aab37 100644 --- a/drivers/usb/dwc3/gadget.c +++ b/drivers/usb/dwc3/gadget.c @@ -1395,7 +1395,7 @@ static int dwc3_gadget_ep_dequeue(struct usb_ep *ep, dwc->lock); if (!r->trb) - goto out1; + goto out0; if (r->num_pending_sgs) { struct dwc3_trb *trb;

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] usb: gadget: udc: renesas_usb3: should remove debugfs" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 1990cf7c21ea185cec98c6d45a82c04481261e35 Mon Sep 17 00:00:00 2001 From: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> Date: Tue, 10 Apr 2018 14:38:50 +0900 Subject: [PATCH] usb: gadget: udc: renesas_usb3: should remove debugfs This patch fixes an issue that this driver doesn't remove its debugfs. Fixes: 43ba968b00ea ("usb: gadget: udc: renesas_usb3: add debugfs to set the b-device mode") Cc: <stable(a)vger.kernel.org> # v4.14+ Signed-off-by: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> Reviewed-by: Simon Horman <horms+renesas(a)verge.net.au> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> diff --git a/drivers/usb/gadget/udc/renesas_usb3.c b/drivers/usb/gadget/udc/renesas_usb3.c index 409cde4e6a51..4ef2386c3ac4 100644 --- a/drivers/usb/gadget/udc/renesas_usb3.c +++ b/drivers/usb/gadget/udc/renesas_usb3.c @@ -333,6 +333,7 @@ struct renesas_usb3 { struct extcon_dev *extcon; struct work_struct extcon_work; struct phy *phy; + struct dentry *dentry; struct renesas_usb3_ep *usb3_ep; int num_usb3_eps; @@ -2393,8 +2394,12 @@ static void renesas_usb3_debugfs_init(struct renesas_usb3 *usb3, file = debugfs_create_file("b_device", 0644, root, usb3, &renesas_usb3_b_device_fops); - if (!file) + if (!file) { dev_info(dev, "%s: Can't create debugfs mode\n", __func__); + debugfs_remove_recursive(root); + } else { + usb3->dentry = root; + } } /*------- platform_driver ------------------------------------------------*/ @@ -2402,6 +2407,7 @@ static int renesas_usb3_remove(struct platform_device *pdev) { struct renesas_usb3 *usb3 = platform_get_drvdata(pdev); + debugfs_remove_recursive(usb3->dentry); device_remove_file(&pdev->dev, &dev_attr_role); usb_del_gadget_udc(&usb3->gadget);

7 years, 4 months

1
0
0 0

Please apply 7d18f0a14aa6a ("gpio: No Null owner") to 4.4.y, 4.9.y, 4.14.y

by Daniel Rosenberg

7d18f0a14aa6a0d6bad39111c1fb655f07f71d59 ("gpio: No NULL owner") fixes an issue from 24e78079bf2250874e33da2e7cfbb6db72d3caf4 ("gpio: label descriptors using the device name") which has been included in stable branches. It handles the case where GPIOs are fetched with a NULL parent device. The patch originally went in in 4.15, so more recent branches shouldn't have that issue. -Daniel Rosenberg

7 years, 4 months

2
1
0 0

[PATCH v2 1/7] vmw_balloon: fix inflation of 64-bit GFNs

by Nadav Amit

When balloon batching is not supported by the hypervisor, the guest frame number (GFN) must fit in 32-bit. However, due to a bug, this check was mistakenly ignored. In practice, when total RAM is greater than 16TB, the balloon does not work currently, making this bug unlikely to happen. Fixes: ef0f8f112984 ("VMware balloon: partially inline vmballoon_reserve_page.") Cc: stable(a)vger.kernel.org Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com> Signed-off-by: Nadav Amit <namit(a)vmware.com> --- drivers/misc/vmw_balloon.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c index efd733472a35..28e77ab1e136 100644 --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -450,7 +450,7 @@ static int vmballoon_send_lock_page(struct vmballoon *b, unsigned long pfn, pfn32 = (u32)pfn; if (pfn32 != pfn) - return -1; + return -EINVAL; STATS_INC(b->stats.lock[false]); @@ -460,7 +460,7 @@ static int vmballoon_send_lock_page(struct vmballoon *b, unsigned long pfn, pr_debug("%s - ppn %lx, hv returns %ld\n", __func__, pfn, status); STATS_INC(b->stats.lock_fail[false]); - return 1; + return -EIO; } static int vmballoon_send_batched_lock(struct vmballoon *b, @@ -597,11 +597,12 @@ static int vmballoon_lock_page(struct vmballoon *b, unsigned int num_pages, locked = vmballoon_send_lock_page(b, page_to_pfn(page), &hv_status, target); - if (locked > 0) { + if (locked) { STATS_INC(b->stats.refused_alloc[false]); - if (hv_status == VMW_BALLOON_ERROR_RESET || - hv_status == VMW_BALLOON_ERROR_PPN_NOTNEEDED) { + if (locked == -EIO && + (hv_status == VMW_BALLOON_ERROR_RESET || + hv_status == VMW_BALLOON_ERROR_PPN_NOTNEEDED)) { vmballoon_free_page(page, false); return -EIO; } @@ -617,7 +618,7 @@ static int vmballoon_lock_page(struct vmballoon *b, unsigned int num_pages, } else { vmballoon_free_page(page, false); } - return -EIO; + return locked; } /* track allocated page */ -- 2.17.0

7 years, 4 months

2
4
0 0

[PULL v2] vhost, virtio

by Michael S. Tsirkin

Page hints are reworked - I dropped them for now. The following changes since commit 29dcea88779c856c7dc92040a0c01233263101d4: Linux 4.17 (2018-06-03 14:15:21 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git tags/for_linus for you to fetch changes up to 2eb98105f8c7f4b867f7f714a998f5b8c1bb009b: virtio: update the comments for transport features (2018-06-12 04:59:29 +0300) ---------------------------------------------------------------- virtio, vhost: features, fixes VF support for virtio. DMA barriers for virtio strong barriers. Bugfixes. Signed-off-by: Michael S. Tsirkin <mst(a)redhat.com> ---------------------------------------------------------------- Michael S. Tsirkin (2): virtio_ring: switch to dma_XX barriers for rpmsg vhost: fix info leak due to uninitialized memory Tiwei Bie (2): virtio_pci: support enabling VFs virtio: update the comments for transport features drivers/vhost/vhost.c | 3 +++ drivers/virtio/virtio_pci_common.c | 30 ++++++++++++++++++++++++++++++ drivers/virtio/virtio_pci_modern.c | 14 ++++++++++++++ include/linux/virtio_ring.h | 4 ++-- include/uapi/linux/virtio_config.h | 16 ++++++++++++---- 5 files changed, 61 insertions(+), 6 deletions(-)

7 years, 4 months

1
0
0 0

+ mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: zero remaining unavailable struct pages has been added to the -mm tree. Its filename is mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-zero-remaining-unavailable-stru… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-zero-remaining-unavailable-stru… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Subject: mm: zero remaining unavailable struct pages There is a kernel panic that is triggered when reading /proc/kpageflags on the kernel booted with kernel parameter 'memmap=nn[KMG]!ss[KMG]': BUG: unable to handle kernel paging request at fffffffffffffffe PGD 9b20e067 P4D 9b20e067 PUD 9b210067 PMD 0 Oops: 0000 [#1] SMP PTI CPU: 2 PID: 1728 Comm: page-types Not tainted 4.17.0-rc6-mm1-v4.17-rc6-180605-0816-00236-g2dfb086ef02c+ #160 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.fc28 04/01/2014 RIP: 0010:stable_page_flags+0x27/0x3c0 Code: 00 00 00 0f 1f 44 00 00 48 85 ff 0f 84 a0 03 00 00 41 54 55 49 89 fc 53 48 8b 57 08 48 8b 2f 48 8d 42 ff 83 e2 01 48 0f 44 c7 <48> 8b 00 f6 c4 01 0f 84 10 03 00 00 31 db 49 8b 54 24 08 4c 89 e7 RSP: 0018:ffffbbd44111fde0 EFLAGS: 00010202 RAX: fffffffffffffffe RBX: 00007fffffffeff9 RCX: 0000000000000000 RDX: 0000000000000001 RSI: 0000000000000202 RDI: ffffed1182fff5c0 RBP: ffffffffffffffff R08: 0000000000000001 R09: 0000000000000001 R10: ffffbbd44111fed8 R11: 0000000000000000 R12: ffffed1182fff5c0 R13: 00000000000bffd7 R14: 0000000002fff5c0 R15: ffffbbd44111ff10 FS: 00007efc4335a500(0000) GS:ffff93a5bfc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: fffffffffffffffe CR3: 00000000b2a58000 CR4: 00000000001406e0 Call Trace: kpageflags_read+0xc7/0x120 proc_reg_read+0x3c/0x60 __vfs_read+0x36/0x170 vfs_read+0x89/0x130 ksys_pread64+0x71/0x90 do_syscall_64+0x5b/0x160 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7efc42e75e23 Code: 09 00 ba 9f 01 00 00 e8 ab 81 f4 ff 66 2e 0f 1f 84 00 00 00 00 00 90 83 3d 29 0a 2d 00 00 75 13 49 89 ca b8 11 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 34 c3 48 83 ec 08 e8 db d3 01 00 48 89 04 24 According to kernel bisection, this problem became visible due to commit f7f99100d8d9 which changes how struct pages are initialized. Memblock layout affects the pfn ranges covered by node/zone. Consider that we have a VM with 2 NUMA nodes and each node has 4GB memory, and the default (no memmap= given) memblock layout is like below: MEMBLOCK configuration: memory size = 0x00000001fff75c00 reserved size = 0x000000000300c000 memory.cnt = 0x4 memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0 memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0 memory[0x2] [0x0000000100000000-0x000000013fffffff], 0x0000000040000000 bytes on node 0 flags: 0x0 memory[0x3] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0 ... If you give memmap=1G!4G (so it just covers memory[0x2]), the range [0x100000000-0x13fffffff] is gone: MEMBLOCK configuration: memory size = 0x00000001bff75c00 reserved size = 0x000000000300c000 memory.cnt = 0x3 memory[0x0] [0x0000000000001000-0x000000000009efff], 0x000000000009e000 bytes on node 0 flags: 0x0 memory[0x1] [0x0000000000100000-0x00000000bffd6fff], 0x00000000bfed7000 bytes on node 0 flags: 0x0 memory[0x2] [0x0000000140000000-0x000000023fffffff], 0x0000000100000000 bytes on node 1 flags: 0x0 ... This causes shrinking node 0's pfn range because it is calculated by the address range of memblock.memory. So some of struct pages in the gap range are left uninitialized. We have a function zero_resv_unavail() which does zeroing the struct pages outside memblock.memory, but currently it covers only the reserved unavailable range (i.e. memblock.memory && !memblock.reserved). This patch extends it to cover all unavailable range, which fixes the reported issue. Link: http://lkml.kernel.org/r/20180613054107.GA5329@hori1.linux.bs1.fc.nec.co.jp Fixes: f7f99100d8d9 ("mm: stop zeroing memory during allocation in vmemmap") Signed-off-by: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Tested-by: Oscar Salvador <osalvador(a)suse.de> Cc: Pavel Tatashin <pasha.tatashin(a)oracle.com> Cc: Steven Sistare <steven.sistare(a)oracle.com> Cc: Daniel Jordan <daniel.m.jordan(a)oracle.com> Cc: "Bob Picco" <bob.picco(a)oracle.com> Cc: Matthew Wilcox <willy(a)infradead.org> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: Huang Ying <ying.huang(a)intel.com> Cc: Ingo Molnar <mingo(a)kernel.org> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- diff -puN include/linux/memblock.h~mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem include/linux/memblock.h --- a/include/linux/memblock.h~mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem +++ a/include/linux/memblock.h @@ -236,22 +236,6 @@ void __next_mem_pfn_range(int *idx, int for_each_mem_range_rev(i, &memblock.memory, &memblock.reserved, \ nid, flags, p_start, p_end, p_nid) -/** - * for_each_resv_unavail_range - iterate through reserved and unavailable memory - * @i: u64 used as loop variable - * @flags: pick from blocks based on memory attributes - * @p_start: ptr to phys_addr_t for start address of the range, can be %NULL - * @p_end: ptr to phys_addr_t for end address of the range, can be %NULL - * - * Walks over unavailable but reserved (reserved && !memory) areas of memblock. - * Available as soon as memblock is initialized. - * Note: because this memory does not belong to any physical node, flags and - * nid arguments do not make sense and thus not exported as arguments. - */ -#define for_each_resv_unavail_range(i, p_start, p_end) \ - for_each_mem_range(i, &memblock.reserved, &memblock.memory, \ - NUMA_NO_NODE, MEMBLOCK_NONE, p_start, p_end, NULL) - static inline void memblock_set_region_flags(struct memblock_region *r, unsigned long flags) { diff -puN mm/page_alloc.c~mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem mm/page_alloc.c --- a/mm/page_alloc.c~mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem +++ a/mm/page_alloc.c @@ -6390,25 +6390,40 @@ void __paginginit free_area_init_node(in * struct pages which are reserved in memblock allocator and their fields * may be accessed (for example page_to_pfn() on some configuration accesses * flags). We must explicitly zero those struct pages. + * + * This function also addresses a similar issue where struct pages are left + * uninitialized because the physical address range is not covered by + * memblock.memory or memblock.reserved. That could happen when memblock + * layout is manually configured via memmap=. */ void __paginginit zero_resv_unavail(void) { phys_addr_t start, end; unsigned long pfn; u64 i, pgcnt; + phys_addr_t next = 0; /* - * Loop through ranges that are reserved, but do not have reported - * physical memory backing. + * Loop through unavailable ranges not covered by memblock.memory. */ pgcnt = 0; - for_each_resv_unavail_range(i, &start, &end) { - for (pfn = PFN_DOWN(start); pfn < PFN_UP(end); pfn++) { - if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages))) - continue; - mm_zero_struct_page(pfn_to_page(pfn)); - pgcnt++; + for_each_mem_range(i, &memblock.memory, NULL, + NUMA_NO_NODE, MEMBLOCK_NONE, &start, &end, NULL) { + if (next < start) { + for (pfn = PFN_DOWN(next); pfn < PFN_UP(start); pfn++) { + if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages))) + continue; + mm_zero_struct_page(pfn_to_page(pfn)); + pgcnt++; + } } + next = end; + } + for (pfn = PFN_DOWN(next); pfn < max_pfn; pfn++) { + if (!pfn_valid(ALIGN_DOWN(pfn, pageblock_nr_pages))) + continue; + mm_zero_struct_page(pfn_to_page(pfn)); + pgcnt++; } /* @@ -6419,7 +6434,7 @@ void __paginginit zero_resv_unavail(void * this code can be removed. */ if (pgcnt) - pr_info("Reserved but unavailable: %lld pages", pgcnt); + pr_info("Zeroed struct page in unavailable ranges: %lld pages", pgcnt); } #endif /* CONFIG_HAVE_MEMBLOCK */ _ Patches currently in -mm which might be from n-horiguchi(a)ah.jp.nec.com are mm-zero-remaining-unavailable-struct-pages-re-kernel-panic-in-reading-proc-kpageflags-when-enabling-ram-simulated-pmem.patch

7 years, 4 months

1
0
0 0

4b66af2d("af_key: Always verify length of provided sadb_key")

by Zubin Mithra

Hello, Syzkaller has reported a crash here[1] for a slab OOB read in pfkey_add. Could the following patch be applied to stable kernels for 4.14, 4.4, 3.18, 3.14, 3.10 and 3.8? 4b66af2d("af_key: Always verify length of provided sadb_key") [1] https://syzkaller.appspot.com/bug?id=26cb120b31cd24d984fc16da67f50fb375c432… Thanks, - Zubin

7 years, 4 months

2
1
0 0

[PATCH 3.18 00/21] 3.18.113-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 3.18.113 release. There are 21 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Jun 14 16:48:15 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v3.x/stable-review/patch-3.18.113-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-3.18.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 3.18.113-rc1 Eric Dumazet <edumazet(a)google.com> rtnetlink: validate attributes in do_setlink() Dan Carpenter <dan.carpenter(a)oracle.com> team: use netdev_features_t instead of u32 Jack Morgenstein <jackm(a)dev.mellanox.co.il> net/mlx4: Fix irq-unsafe spinlock usage Daniele Palmas <dnlplm(a)gmail.com> net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Eric Dumazet <edumazet(a)google.com> net/packet: refine check for priv area size Wenwen Wang <wang6495(a)umn.edu> isdn: eicon: fix a missing-check bug Sabrina Dubroca <sd(a)queasysnail.net> ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Govindarajulu Varadarajan <gvaradar(a)cisco.com> enic: set DMA mask to 47 bit Alexey Kodanev <alexey.kodanev(a)oracle.com> dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() Julia Lawall <Julia.Lawall(a)lip6.fr> bnx2x: use the right constant Dave Airlie <airlied(a)redhat.com> drm: set FMODE_UNSIGNED_OFFSET for drm files Linus Torvalds <torvalds(a)linux-foundation.org> mmap: relax file size limit for regular files Linus Torvalds <torvalds(a)linux-foundation.org> mmap: introduce sane default mmap limits Hugh Dickins <hughd(a)google.com> mm: fix the NULL mapping case in __isolate_lru_page() Al Viro <viro(a)zeniv.linux.org.uk> fix io_destroy()/aio_complete() race Ondrej Zary <linux(a)rainbow-software.org> drm/i915: Disable LVDS on Radiant P845 Maciej W. Rozycki <macro(a)mips.com> MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs Eric Dumazet <edumazet(a)google.com> tcp: avoid integer overflows in tcp_rcv_space_adjust() Eric Biggers <ebiggers(a)google.com> cfg80211: further limit wiphy names to 64 bytes Sachin Grover <sgrover(a)codeaurora.org> selinux: KASAN: slab-out-of-bounds in xattr_getsecurity Steven Rostedt (VMware) <rostedt(a)goodmis.org> tracing: Fix crash when freeing instances with event triggers ------------- Diffstat: Makefile | 4 +-- arch/mips/kernel/ptrace.c | 2 +- arch/mips/kernel/ptrace32.c | 2 +- drivers/gpu/drm/drm_fops.c | 1 + drivers/gpu/drm/i915/intel_lvds.c | 8 ++++++ drivers/isdn/hardware/eicon/diva.c | 22 ++++++++++------ drivers/isdn/hardware/eicon/diva.h | 5 ++-- drivers/isdn/hardware/eicon/divasmain.c | 18 +++++++------ drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +- drivers/net/ethernet/cisco/enic/enic_main.c | 8 +++--- drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +-- drivers/net/team/team.c | 3 ++- drivers/net/usb/cdc_mbim.c | 2 +- fs/aio.c | 3 +-- include/linux/tcp.h | 2 +- include/uapi/linux/nl80211.h | 2 +- kernel/trace/trace_events_trigger.c | 5 ++-- mm/mmap.c | 32 ++++++++++++++++++++++++ mm/vmscan.c | 2 +- net/core/rtnetlink.c | 8 +++--- net/dccp/proto.c | 2 -- net/ipv4/tcp_input.c | 10 +++++--- net/ipv6/ip6mr.c | 3 ++- net/packet/af_packet.c | 2 +- security/selinux/ss/services.c | 2 +- 25 files changed, 105 insertions(+), 49 deletions(-)

7 years, 4 months

5
27
0 0

[Backport request] blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers

by Bart Van Assche

Hello stable kernel maintainers, Please backport patch 327ea4adcfa3 ("blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers") to at least the v4.17.x and v4.14.y stable kernel series. That patch fixes a bug introduced in kernel v4.10. The entire patch is shown below. Thanks, Bart. commit cf0110698846fc5a93df89eb20ac7cc70a860c17 Author: Bart Van Assche <bart.vanassche(a)wdc.com> Date: Tue May 22 08:27:22 2018 -0700 blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers Avoid that complaints similar to the following appear in the kernel log if the number of zones is sufficiently large: fio: page allocation failure: order:9, mode:0x140c0c0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), nodemask=(null) Call Trace: dump_stack+0x63/0x88 warn_alloc+0xf5/0x190 __alloc_pages_slowpath+0x8f0/0xb0d __alloc_pages_nodemask+0x242/0x260 alloc_pages_current+0x6a/0xb0 kmalloc_order+0x18/0x50 kmalloc_order_trace+0x26/0xb0 __kmalloc+0x20e/0x220 blkdev_report_zones_ioctl+0xa5/0x1a0 blkdev_ioctl+0x1ba/0x930 block_ioctl+0x41/0x50 do_vfs_ioctl+0xaa/0x610 SyS_ioctl+0x79/0x90 do_syscall_64+0x79/0x1b0 entry_SYSCALL_64_after_hwframe+0x3d/0xa2 Fixes: 3ed05a987e0f ("blk-zoned: implement ioctls") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Shaun Tancheff <shaun.tancheff(a)seagate.com> Cc: Damien Le Moal <damien.lemoal(a)hgst.com> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Martin K. Petersen <martin.petersen(a)oracle.com> Cc: Hannes Reinecke <hare(a)suse.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Jens Axboe <axboe(a)kernel.dk> diff --git a/block/blk-zoned.c b/block/blk-zoned.c index 08e84ef2bc05..3d08dc84db16 100644 --- a/block/blk-zoned.c +++ b/block/blk-zoned.c @@ -328,7 +328,11 @@ int blkdev_report_zones_ioctl(struct block_device *bdev, fmode_t mode, if (!rep.nr_zones) return -EINVAL; - zones = kcalloc(rep.nr_zones, sizeof(struct blk_zone), GFP_KERNEL); + if (rep.nr_zones > INT_MAX / sizeof(struct blk_zone)) + return -ERANGE; + + zones = kvmalloc(rep.nr_zones * sizeof(struct blk_zone), + GFP_KERNEL | __GFP_ZERO); if (!zones) return -ENOMEM; @@ -350,7 +354,7 @@ int blkdev_report_zones_ioctl(struct block_device *bdev, fmode_t mode, } out: - kfree(zones); + kvfree(zones); return ret; }

7 years, 4 months

2
1
0 0

Backport bonding patches to fix active-passive in 4.9

by Nate Clark

Hi, On the latest 4.9 stable active-passive bonding does not always failover to the passive slave when carrier is lost on the active slave. It seems that the issue stems from the backport of c4adfc822bf5d8e97660b6114b5a8892530ce8cb, bonding: make speed, duplex setting consistent with link state. There were subsequent patches which resolved issues with the change to bond_update_speed_duplex which were not backported. The three commits which seem to resolve the issue are b5bf0f5b16b9c316c34df9f31d4be8729eb86845, 3f3c278c94dd994fe0d9f21679ae19b9c0a55292 and ad729bc9acfb7c47112964b4877ef5404578ed13. There are other commits in mainline which also revolve around c4adfc822bf5d8e97660b6114b5a8892530ce8cb but are not necessary to resolving the active-passive failover problems. Would it be possible to queue up the three commits for backporting to 4.9 stable: b5bf0f5b16b9c316c34df9f31d4be8729eb86845 bonding: correctly update link status during mii-commit 3f3c278c94dd994fe0d9f21679ae19b9c0a55292 bonding: fix active-backup transition ad729bc9acfb7c47112964b4877ef5404578ed13 bonding: require speed/duplex only for 802.3ad, alb and tlb All of those commits apply cleanly to 4.9.107. Thanks, -nate

7 years, 4 months

2
1
0 0

[PATCH] blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers

by Bart Van Assche

Avoid that complaints similar to the following appear in the kernel log if the number of zones is sufficiently large: fio: page allocation failure: order:9, mode:0x140c0c0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), nodemask=(null) Call Trace: dump_stack+0x63/0x88 warn_alloc+0xf5/0x190 __alloc_pages_slowpath+0x8f0/0xb0d __alloc_pages_nodemask+0x242/0x260 alloc_pages_current+0x6a/0xb0 kmalloc_order+0x18/0x50 kmalloc_order_trace+0x26/0xb0 __kmalloc+0x20e/0x220 blkdev_report_zones_ioctl+0xa5/0x1a0 blkdev_ioctl+0x1ba/0x930 block_ioctl+0x41/0x50 do_vfs_ioctl+0xaa/0x610 SyS_ioctl+0x79/0x90 do_syscall_64+0x79/0x1b0 entry_SYSCALL_64_after_hwframe+0x3d/0xa2 Fixes: 3ed05a987e0f ("blk-zoned: implement ioctls") Signed-off-by: Bart Van Assche <bart.vanassche(a)wdc.com> Cc: Shaun Tancheff <shaun.tancheff(a)seagate.com> Cc: Damien Le Moal <damien.lemoal(a)hgst.com> Cc: Christoph Hellwig <hch(a)lst.de> Cc: Martin K. Petersen <martin.petersen(a)oracle.com> Cc: Hannes Reinecke <hare(a)suse.com> Cc: <stable(a)vger.kernel.org> --- block/blk-zoned.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/block/blk-zoned.c b/block/blk-zoned.c index 20bfc37e1852..92e6108487c4 100644 --- a/block/blk-zoned.c +++ b/block/blk-zoned.c @@ -328,7 +328,11 @@ int blkdev_report_zones_ioctl(struct block_device *bdev, fmode_t mode, if (!rep.nr_zones) return -EINVAL; - zones = kcalloc(rep.nr_zones, sizeof(struct blk_zone), GFP_KERNEL); + if (rep.nr_zones > INT_MAX / sizeof(struct blk_zone)) + return -ERANGE; + + zones = kvmalloc(rep.nr_zones * sizeof(struct blk_zone), + GFP_KERNEL | __GFP_ZERO); if (!zones) return -ENOMEM; @@ -350,7 +354,7 @@ int blkdev_report_zones_ioctl(struct block_device *bdev, fmode_t mode, } out: - kfree(zones); + kvfree(zones); return ret; } -- 2.16.3

7 years, 4 months

3
4
0 0

[PATCH] serdev: fix memleak on module unload

by Johan Hovold

Make sure to free all resources associated with the ida on module exit. Fixes: cd6484e1830b ("serdev: Introduce new bus for serial attached devices") Cc: stable <stable(a)vger.kernel.org> # 4.11 Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/tty/serdev/core.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/tty/serdev/core.c b/drivers/tty/serdev/core.c index df93b727e984..9e59f4788589 100644 --- a/drivers/tty/serdev/core.c +++ b/drivers/tty/serdev/core.c @@ -617,6 +617,7 @@ EXPORT_SYMBOL_GPL(__serdev_device_driver_register); static void __exit serdev_exit(void) { bus_unregister(&serdev_bus_type); + ida_destroy(&ctrl_ida); } module_exit(serdev_exit); -- 2.17.1

7 years, 4 months

1
0
0 0

Linux 4.9.108

by Greg KH

I'm announcing the release of the 4.9.108 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/networking/netdev-FAQ.txt | 9 ++++++ Makefile | 2 - arch/x86/kernel/vmlinux.lds.S | 2 - arch/x86/kvm/cpuid.h | 2 - drivers/char/tpm/tpm-chip.c | 13 +++++++++ drivers/char/tpm/tpm-interface.c | 7 +++++ drivers/char/tpm/tpm.h | 1 drivers/gpu/drm/drm_fops.c | 1 drivers/isdn/hardware/eicon/diva.c | 22 ++++++++++----- drivers/isdn/hardware/eicon/diva.h | 5 ++- drivers/isdn/hardware/eicon/divasmain.c | 18 +++++++----- drivers/md/dm-bufio.c | 17 +++++------- drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 - drivers/net/ethernet/cisco/enic/enic_main.c | 8 ++--- drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +- drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 - drivers/net/phy/bcm-cygnus.c | 6 ++-- drivers/net/phy/bcm-phy-lib.h | 7 +++++ drivers/net/phy/bcm7xxx.c | 4 +- drivers/net/team/team.c | 3 +- drivers/net/usb/cdc_mbim.c | 2 - drivers/vhost/vhost.c | 3 ++ fs/btrfs/disk-io.c | 3 +- include/linux/compiler-gcc.h | 2 - include/uapi/linux/btrfs_tree.h | 1 mm/mmap.c | 32 +++++++++++++++++++++++ net/core/rtnetlink.c | 8 ++--- net/dccp/proto.c | 2 - net/ipv4/fib_semantics.c | 2 + net/ipv4/ip_sockglue.c | 2 - net/ipv6/ip6_output.c | 3 +- net/ipv6/ip6mr.c | 3 +- net/ipv6/ndisc.c | 6 ++++ net/kcm/kcmsock.c | 2 - net/packet/af_packet.c | 4 +- net/sctp/transport.c | 2 - scripts/Makefile.build | 3 ++ scripts/kconfig/confdata.c | 2 - 38 files changed, 155 insertions(+), 62 deletions(-) Alexey Kodanev (1): dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() Anand Jain (1): btrfs: define SUPER_FLAG_METADUMP_V2 Arnd Bergmann (1): dm bufio: avoid false-positive Wmaybe-uninitialized warning Ben Hutchings (1): KVM: VMX: Expose SSBD properly to guests, 4.9 supplement Chris Chiu (1): tpm: self test failure should not cause suspend to fail Cong Wang (1): netdev-FAQ: clarify DaveM's position for stable backports Dan Carpenter (1): team: use netdev_features_t instead of u32 Daniele Palmas (1): net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Dave Airlie (1): drm: set FMODE_UNSIGNED_OFFSET for drm files Enric Balletbo i Serra (1): tpm: do not suspend/resume if power stays on Eric Dumazet (3): net/packet: refine check for priv area size rtnetlink: validate attributes in do_setlink() net: metrics: add proper netlink validation Florian Fainelli (1): net: phy: broadcom: Fix bcm_write_exp() Govindarajulu Varadarajan (1): enic: set DMA mask to 47 bit Greg Kroah-Hartman (1): Linux 4.9.108 Jack Morgenstein (1): net/mlx4: Fix irq-unsafe spinlock usage Jason Wang (1): vhost: synchronize IOTLB message with dev cleanup Josh Poimboeuf (1): objtool: Fix gcov check for older versions of GCC Julia Lawall (1): bnx2x: use the right constant Kirill Tkhai (1): kcm: Fix use-after-free caused by clonned sockets Linus Torvalds (2): mmap: introduce sane default mmap limits mmap: relax file size limit for regular files Nathan Chancellor (1): kconfig: Avoid format overflow warning from GCC 8.1 Philip Müller (1): complete e390f9a port for v4.9.106 Sabrina Dubroca (1): ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Shahed Shaikh (1): qed: Fix mask for physical address in ILT entry Stephen Suryaputra (1): vrf: check the original netdevice for generating redirect Wenwen Wang (1): isdn: eicon: fix a missing-check bug Willem de Bruijn (2): ipv4: remove warning in ip_recv_error packet: fix reserve calculation Xin Long (1): sctp: not allow transport timeout value less than HZ/5 for hb_timer

7 years, 4 months

1
1
0 0

Linux 4.4.137

by Greg KH

I'm announcing the release of the 4.4.137 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/networking/netdev-FAQ.txt | 9 +++++ Makefile | 2 - drivers/char/tpm/tpm-chip.c | 13 ++++++++ drivers/char/tpm/tpm-interface.c | 7 ++++ drivers/char/tpm/tpm.h | 1 drivers/gpu/drm/drm_fops.c | 1 drivers/isdn/hardware/eicon/diva.c | 22 +++++++++----- drivers/isdn/hardware/eicon/diva.h | 5 +-- drivers/isdn/hardware/eicon/divasmain.c | 18 +++++++---- drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 - drivers/net/ethernet/cisco/enic/enic_main.c | 8 ++--- drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +- drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 - drivers/net/phy/bcm-cygnus.c | 6 +-- drivers/net/phy/bcm-phy-lib.h | 7 ++++ drivers/net/phy/bcm7xxx.c | 4 +- drivers/net/team/team.c | 3 + drivers/net/usb/cdc_mbim.c | 2 - drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c | 2 - fs/xfs/xfs_log.c | 7 ---- mm/mmap.c | 32 +++++++++++++++++++++ net/core/rtnetlink.c | 8 ++--- net/dccp/proto.c | 2 - net/ipv4/fib_semantics.c | 2 + net/ipv4/ip_sockglue.c | 2 - net/ipv6/ip6mr.c | 3 + net/packet/af_packet.c | 4 +- scripts/kconfig/confdata.c | 2 - 28 files changed, 128 insertions(+), 52 deletions(-) Alexey Kodanev (1): dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() Amir Goldstein (1): xfs: fix incorrect log_flushed on fsync Chris Chiu (1): tpm: self test failure should not cause suspend to fail Cong Wang (1): netdev-FAQ: clarify DaveM's position for stable backports Dan Carpenter (1): team: use netdev_features_t instead of u32 Daniele Palmas (1): net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Dave Airlie (1): drm: set FMODE_UNSIGNED_OFFSET for drm files Enric Balletbo i Serra (1): tpm: do not suspend/resume if power stays on Eric Dumazet (3): net/packet: refine check for priv area size rtnetlink: validate attributes in do_setlink() net: metrics: add proper netlink validation Florian Fainelli (1): net: phy: broadcom: Fix bcm_write_exp() Govindarajulu Varadarajan (1): enic: set DMA mask to 47 bit Greg Kroah-Hartman (1): Linux 4.4.137 Jack Morgenstein (1): net/mlx4: Fix irq-unsafe spinlock usage Julia Lawall (1): bnx2x: use the right constant Linus Torvalds (2): mmap: introduce sane default mmap limits mmap: relax file size limit for regular files Nathan Chancellor (1): kconfig: Avoid format overflow warning from GCC 8.1 Sabrina Dubroca (1): ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Shahed Shaikh (1): qed: Fix mask for physical address in ILT entry Stefan Wahren (1): brcmfmac: Fix check for ISO3166 code Wenwen Wang (1): isdn: eicon: fix a missing-check bug Willem de Bruijn (2): ipv4: remove warning in ip_recv_error packet: fix reserve calculation

7 years, 4 months

1
1
0 0

Linux 3.18.113

by Greg KH

I'm announcing the release of the 3.18.113 kernel. All users of the 3.18 kernel series must upgrade. The updated 3.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 - arch/mips/kernel/ptrace.c | 2 - arch/mips/kernel/ptrace32.c | 2 - drivers/gpu/drm/drm_fops.c | 1 drivers/gpu/drm/i915/intel_lvds.c | 8 +++++ drivers/isdn/hardware/eicon/diva.c | 22 ++++++++++----- drivers/isdn/hardware/eicon/diva.h | 5 ++- drivers/isdn/hardware/eicon/divasmain.c | 18 +++++++----- drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 - drivers/net/ethernet/cisco/enic/enic_main.c | 8 ++--- drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +- drivers/net/team/team.c | 3 +- drivers/net/usb/cdc_mbim.c | 2 - fs/aio.c | 3 -- include/linux/tcp.h | 2 - include/uapi/linux/nl80211.h | 2 - kernel/trace/trace_events_trigger.c | 5 ++- mm/mmap.c | 32 +++++++++++++++++++++++ mm/vmscan.c | 2 - net/core/rtnetlink.c | 8 ++--- net/dccp/proto.c | 2 - net/ipv4/tcp_input.c | 10 ++++--- net/ipv6/ip6mr.c | 3 +- net/packet/af_packet.c | 2 - security/selinux/ss/services.c | 2 - 25 files changed, 104 insertions(+), 48 deletions(-) Al Viro (1): fix io_destroy()/aio_complete() race Alexey Kodanev (1): dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() Dan Carpenter (1): team: use netdev_features_t instead of u32 Daniele Palmas (1): net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Dave Airlie (1): drm: set FMODE_UNSIGNED_OFFSET for drm files Eric Biggers (1): cfg80211: further limit wiphy names to 64 bytes Eric Dumazet (3): tcp: avoid integer overflows in tcp_rcv_space_adjust() net/packet: refine check for priv area size rtnetlink: validate attributes in do_setlink() Govindarajulu Varadarajan (1): enic: set DMA mask to 47 bit Greg Kroah-Hartman (1): Linux 3.18.113 Hugh Dickins (1): mm: fix the NULL mapping case in __isolate_lru_page() Jack Morgenstein (1): net/mlx4: Fix irq-unsafe spinlock usage Julia Lawall (1): bnx2x: use the right constant Linus Torvalds (2): mmap: introduce sane default mmap limits mmap: relax file size limit for regular files Maciej W. Rozycki (1): MIPS: ptrace: Fix PTRACE_PEEKUSR requests for 64-bit FGRs Ondrej Zary (1): drm/i915: Disable LVDS on Radiant P845 Sabrina Dubroca (1): ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Sachin Grover (1): selinux: KASAN: slab-out-of-bounds in xattr_getsecurity Steven Rostedt (VMware) (1): tracing: Fix crash when freeing instances with event triggers Wenwen Wang (1): isdn: eicon: fix a missing-check bug

7 years, 4 months

1
1
0 0

crypto: chelsio - request to HW should wrap

by Herbert Xu

commit 4c826fed675dfffd8485c5477b616d61d1ec9e9a crypto: chelsio - request to HW should wrap -Tx request and data is copied to HW Q in 64B desc, check for end of queue and adjust the current position to start from beginning before passing the additional request info. -key context copy should check key length only -Few reverse christmas tree correction Fixes: 6dad4e8ab3ec ("chcr: Add support for Inline IPSec") Signed-off-by: Atul Gupta <atul.gupta(a)chelsio.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> diff --git a/drivers/crypto/chelsio/chcr_ipsec.c b/drivers/crypto/chelsio/chcr_ipsec.c index 8e0aa3f..461b97e 100644 --- a/drivers/crypto/chelsio/chcr_ipsec.c +++ b/drivers/crypto/chelsio/chcr_ipsec.c @@ -346,18 +346,23 @@ inline void *copy_cpltx_pktxt(struct sk_buff *skb, struct net_device *dev, void *pos) { + struct cpl_tx_pkt_core *cpl; + struct sge_eth_txq *q; struct adapter *adap; struct port_info *pi; - struct sge_eth_txq *q; - struct cpl_tx_pkt_core *cpl; - u64 cntrl = 0; u32 ctrl0, qidx; + u64 cntrl = 0; + int left; pi = netdev_priv(dev); adap = pi->adapter; qidx = skb->queue_mapping; q = &adap->sge.ethtxq[qidx + pi->first_qset]; + left = (void *)q->q.stat - pos; + if (!left) + pos = q->q.desc; + cpl = (struct cpl_tx_pkt_core *)pos; cntrl = TXPKT_L4CSUM_DIS_F | TXPKT_IPCSUM_DIS_F; @@ -382,18 +387,17 @@ inline void *copy_key_cpltx_pktxt(struct sk_buff *skb, void *pos, struct ipsec_sa_entry *sa_entry) { - struct adapter *adap; - struct port_info *pi; - struct sge_eth_txq *q; - unsigned int len, qidx; struct _key_ctx *key_ctx; int left, eoq, key_len; + struct sge_eth_txq *q; + struct adapter *adap; + struct port_info *pi; + unsigned int qidx; pi = netdev_priv(dev); adap = pi->adapter; qidx = skb->queue_mapping; q = &adap->sge.ethtxq[qidx + pi->first_qset]; - len = sa_entry->enckey_len + sizeof(struct cpl_tx_pkt_core); key_len = sa_entry->kctx_len; /* end of queue, reset pos to start of queue */ @@ -411,19 +415,14 @@ inline void *copy_key_cpltx_pktxt(struct sk_buff *skb, pos += sizeof(struct _key_ctx); left -= sizeof(struct _key_ctx); - if (likely(len <= left)) { + if (likely(key_len <= left)) { memcpy(key_ctx->key, sa_entry->key, key_len); pos += key_len; } else { - if (key_len <= left) { - memcpy(pos, sa_entry->key, key_len); - pos += key_len; - } else { - memcpy(pos, sa_entry->key, left); - memcpy(q->q.desc, sa_entry->key + left, - key_len - left); - pos = (u8 *)q->q.desc + (key_len - left); - } + memcpy(pos, sa_entry->key, left); + memcpy(q->q.desc, sa_entry->key + left, + key_len - left); + pos = (u8 *)q->q.desc + (key_len - left); } /* Copy CPL TX PKT XT */ pos = copy_cpltx_pktxt(skb, dev, pos); -- Email: Herbert Xu <herbert(a)gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

7 years, 4 months

2
1
0 0

[PATCH 4.9 00/31] 4.9.108-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.108 release. There are 31 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Thu Jun 14 16:46:09 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.108-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.108-rc1 Philip Müller <philm(a)manjaro.org> complete e390f9a port for v4.9.106 Josh Poimboeuf <jpoimboe(a)redhat.com> objtool: Fix gcov check for older versions of GCC Arnd Bergmann <arnd(a)arndb.de> dm bufio: avoid false-positive Wmaybe-uninitialized warning Ben Hutchings <ben(a)decadent.org.uk> KVM: VMX: Expose SSBD properly to guests, 4.9 supplement Eric Dumazet <edumazet(a)google.com> net: metrics: add proper netlink validation Florian Fainelli <f.fainelli(a)gmail.com> net: phy: broadcom: Fix bcm_write_exp() Eric Dumazet <edumazet(a)google.com> rtnetlink: validate attributes in do_setlink() Jack Morgenstein <jackm(a)dev.mellanox.co.il> net/mlx4: Fix irq-unsafe spinlock usage Stephen Suryaputra <ssuryaextr(a)gmail.com> vrf: check the original netdevice for generating redirect Jason Wang <jasowang(a)redhat.com> vhost: synchronize IOTLB message with dev cleanup Dan Carpenter <dan.carpenter(a)oracle.com> team: use netdev_features_t instead of u32 Xin Long <lucien.xin(a)gmail.com> sctp: not allow transport timeout value less than HZ/5 for hb_timer Shahed Shaikh <shahed.shaikh(a)cavium.com> qed: Fix mask for physical address in ILT entry Willem de Bruijn <willemb(a)google.com> packet: fix reserve calculation Daniele Palmas <dnlplm(a)gmail.com> net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Eric Dumazet <edumazet(a)google.com> net/packet: refine check for priv area size Cong Wang <xiyou.wangcong(a)gmail.com> netdev-FAQ: clarify DaveM's position for stable backports Kirill Tkhai <ktkhai(a)virtuozzo.com> kcm: Fix use-after-free caused by clonned sockets Wenwen Wang <wang6495(a)umn.edu> isdn: eicon: fix a missing-check bug Willem de Bruijn <willemb(a)google.com> ipv4: remove warning in ip_recv_error Sabrina Dubroca <sd(a)queasysnail.net> ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Govindarajulu Varadarajan <gvaradar(a)cisco.com> enic: set DMA mask to 47 bit Alexey Kodanev <alexey.kodanev(a)oracle.com> dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() Julia Lawall <Julia.Lawall(a)lip6.fr> bnx2x: use the right constant Dave Airlie <airlied(a)redhat.com> drm: set FMODE_UNSIGNED_OFFSET for drm files Nathan Chancellor <natechancellor(a)gmail.com> kconfig: Avoid format overflow warning from GCC 8.1 Anand Jain <Anand.Jain(a)oracle.com> btrfs: define SUPER_FLAG_METADUMP_V2 Linus Torvalds <torvalds(a)linux-foundation.org> mmap: relax file size limit for regular files Linus Torvalds <torvalds(a)linux-foundation.org> mmap: introduce sane default mmap limits Chris Chiu <chiu(a)endlessm.com> tpm: self test failure should not cause suspend to fail Enric Balletbo i Serra <enric.balletbo(a)collabora.com> tpm: do not suspend/resume if power stays on ------------- Diffstat: Documentation/networking/netdev-FAQ.txt | 9 +++++++ Makefile | 4 +-- arch/x86/kernel/vmlinux.lds.S | 2 -- arch/x86/kvm/cpuid.h | 2 +- drivers/char/tpm/tpm-chip.c | 13 ++++++++++ drivers/char/tpm/tpm-interface.c | 7 ++++++ drivers/char/tpm/tpm.h | 1 + drivers/gpu/drm/drm_fops.c | 1 + drivers/isdn/hardware/eicon/diva.c | 22 ++++++++++------ drivers/isdn/hardware/eicon/diva.h | 5 ++-- drivers/isdn/hardware/eicon/divasmain.c | 18 +++++++------ drivers/md/dm-bufio.c | 17 ++++++------- drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +- drivers/net/ethernet/cisco/enic/enic_main.c | 8 +++--- drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +-- drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 +- drivers/net/phy/bcm-cygnus.c | 6 ++--- drivers/net/phy/bcm-phy-lib.h | 7 ++++++ drivers/net/phy/bcm7xxx.c | 4 +-- drivers/net/team/team.c | 3 ++- drivers/net/usb/cdc_mbim.c | 2 +- drivers/vhost/vhost.c | 3 +++ fs/btrfs/disk-io.c | 3 ++- include/linux/compiler-gcc.h | 2 +- include/uapi/linux/btrfs_tree.h | 1 + mm/mmap.c | 32 ++++++++++++++++++++++++ net/core/rtnetlink.c | 8 +++--- net/dccp/proto.c | 2 -- net/ipv4/fib_semantics.c | 2 ++ net/ipv4/ip_sockglue.c | 2 -- net/ipv6/ip6_output.c | 3 ++- net/ipv6/ip6mr.c | 3 ++- net/ipv6/ndisc.c | 6 +++++ net/kcm/kcmsock.c | 2 +- net/packet/af_packet.c | 4 +-- net/sctp/transport.c | 2 +- scripts/Makefile.build | 3 +++ scripts/kconfig/confdata.c | 2 +- 38 files changed, 156 insertions(+), 63 deletions(-)

7 years, 4 months

5
35
0 0

[PATCH v2 4/7] vmw_balloon: fix VMCI use when balloon built into kernel

by Nadav Amit

Currently, when all modules, including VMCI and VMware balloon are built into the kernel, the initialization of the balloon happens before the VMCI is probed. As a result, the balloon fails to initialize the VMCI doorbell, which it uses to get asynchronous requests for balloon size changes. The problem can be seen in the logs, in the form of the following message: "vmw_balloon: failed to initialize vmci doorbell" The driver would work correctly but slightly less efficiently, probing for requests periodically. This patch changes the balloon to be initialized using late_initcall() instead of module_init() to address this issue. It does not address a situation in which VMCI is built as a module and the balloon is built into the kernel. Fixes: 48e3d668b790 ("VMware balloon: Enable notification via VMCI") Cc: stable(a)vger.kernel.org Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com> Signed-off-by: Nadav Amit <namit(a)vmware.com> --- drivers/misc/vmw_balloon.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c index a7df4c24a28d..e7cfc85f6961 100644 --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -1297,7 +1297,14 @@ static int __init vmballoon_init(void) return 0; } -module_init(vmballoon_init); + +/* + * Using late_initcall() instead of module_init() allows the balloon to use the + * VMCI doorbell even when the balloon is built into the kernel. Otherwise the + * VMCI is probed only after the balloon is initialized. If the balloon is used + * as a module, late_initcall() is equivalent to module_init(). + */ +late_initcall(vmballoon_init); static void __exit vmballoon_exit(void) { -- 2.17.0

7 years, 4 months

1
0
0 0

[PATCH v2 3/7] vmw_balloon: VMCI_DOORBELL_SET does not check status

by Nadav Amit

When vmballoon_vmci_init() sets a doorbell using VMCI_DOORBELL_SET, for some reason it does not consider the status and looks at the result. However, the hypervisor does not update the result - it updates the status. This might cause VMCI doorbell not to be enabled, resulting in degraded performance. Fixes: 48e3d668b790 ("VMware balloon: Enable notification via VMCI") Cc: stable(a)vger.kernel.org Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com> Signed-off-by: Nadav Amit <namit(a)vmware.com> --- drivers/misc/vmw_balloon.c | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c index 60ab83d3d0ef..a7df4c24a28d 100644 --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -1036,29 +1036,30 @@ static void vmballoon_vmci_cleanup(struct vmballoon *b) */ static int vmballoon_vmci_init(struct vmballoon *b) { - int error = 0; + unsigned long error, dummy; - if ((b->capabilities & VMW_BALLOON_SIGNALLED_WAKEUP_CMD) != 0) { - error = vmci_doorbell_create(&b->vmci_doorbell, - VMCI_FLAG_DELAYED_CB, - VMCI_PRIVILEGE_FLAG_RESTRICTED, - vmballoon_doorbell, b); - - if (error == VMCI_SUCCESS) { - VMWARE_BALLOON_CMD(VMCI_DOORBELL_SET, - b->vmci_doorbell.context, - b->vmci_doorbell.resource, error); - STATS_INC(b->stats.doorbell_set); - } - } + if ((b->capabilities & VMW_BALLOON_SIGNALLED_WAKEUP_CMD) == 0) + return 0; - if (error != 0) { - vmballoon_vmci_cleanup(b); + error = vmci_doorbell_create(&b->vmci_doorbell, VMCI_FLAG_DELAYED_CB, + VMCI_PRIVILEGE_FLAG_RESTRICTED, + vmballoon_doorbell, b); - return -EIO; - } + if (error != VMCI_SUCCESS) + goto fail; + + error = VMWARE_BALLOON_CMD(VMCI_DOORBELL_SET, b->vmci_doorbell.context, + b->vmci_doorbell.resource, dummy); + + STATS_INC(b->stats.doorbell_set); + + if (error != VMW_BALLOON_SUCCESS) + goto fail; return 0; +fail: + vmballoon_vmci_cleanup(b); + return -EIO; } /* -- 2.17.0

7 years, 4 months

1
0
0 0

[PATCH v2 2/7] vmw_balloon: do not use 2MB without batching

by Nadav Amit

If the hypervisor sets 2MB batching is on, while batching is cleared, the balloon code breaks. In this case the legacy mechanism is used with 2MB page. The VM would report a 2MB page is ballooned, and the hypervisor would only take the first 4KB. While the hypervisor should not report such settings, make the code more robust by not enabling 2MB support without batching. Fixes: 365bd7ef7ec8e ("VMware balloon: Support 2m page ballooning.") Cc: stable(a)vger.kernel.org Reviewed-by: Xavier Deguillard <xdeguillard(a)vmware.com> Signed-off-by: Nadav Amit <nadav.amit(a)gmail.com> --- drivers/misc/vmw_balloon.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/misc/vmw_balloon.c b/drivers/misc/vmw_balloon.c index 28e77ab1e136..60ab83d3d0ef 100644 --- a/drivers/misc/vmw_balloon.c +++ b/drivers/misc/vmw_balloon.c @@ -341,7 +341,13 @@ static bool vmballoon_send_start(struct vmballoon *b, unsigned long req_caps) success = false; } - if (b->capabilities & VMW_BALLOON_BATCHED_2M_CMDS) + /* + * 2MB pages are only supported with batching. If batching is for some + * reason disabled, do not use 2MB pages, since otherwise the legacy + * mechanism is used with 2MB pages, causing a failure. + */ + if ((b->capabilities & VMW_BALLOON_BATCHED_2M_CMDS) && + (b->capabilities & VMW_BALLOON_BATCHED_CMDS)) b->supported_page_sizes = 2; else b->supported_page_sizes = 1; -- 2.17.0

7 years, 4 months

1
0
0 0

[PATCH] HID: wacom: Correct logical maximum Y for 2nd-gen Intuos Pro large

by Jason Gerecke

The HID descriptor for the 2nd-gen Intuos Pro large (PTH-860) contains a typo which defines an incorrect logical maximum Y value. This causes a small portion of the bottom of the tablet to become unusable (both because the area is below the "bottom" of the tablet and because 'wacom_wac_event' ignores out-of-range values). It also results in a skewed aspect ratio. To fix this, we add a quirk to 'wacom_usage_mapping' which overwrites the data with the correct value. Signed-off-by: Jason Gerecke <jason.gerecke(a)wacom.com> CC: stable(a)vger.kernel.org # v4.10+ --- drivers/hid/wacom_sys.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/drivers/hid/wacom_sys.c b/drivers/hid/wacom_sys.c index ee7a37eb159a..545986cfb978 100644 --- a/drivers/hid/wacom_sys.c +++ b/drivers/hid/wacom_sys.c @@ -395,6 +395,14 @@ static void wacom_usage_mapping(struct hid_device *hdev, } } + /* 2nd-generation Intuos Pro Large has incorrect Y maximum */ + if (hdev->vendor == USB_VENDOR_ID_WACOM && + hdev->product == 0x0358 && + WACOM_PEN_FIELD(field) && + wacom_equivalent_usage(usage->hid) == HID_GD_Y) { + field->logical_maximum = 43200; + } + switch (usage->hid) { case HID_GD_X: features->x_max = field->logical_maximum; -- 2.17.1

7 years, 4 months

2
1
0 0

[PATCH] hid: intel_ish-hid: ipc: register more pm callbacks to support hibernation

by Even Xu

Current ISH driver only registers suspend/resume PM callbacks which don't support hibernation (suspend to disk). Basically after hiberation, the ISH can't resume properly and user may not see sensor events (for example: screen rotation may not work). User will not see a crash or panic or anything except the following message in log: hid-sensor-hub 001F:8086:22D8.0001: timeout waiting for response from ISHTP device So this patch adds support for S4/hiberbation to ISH by using the SIMPLE_DEV_PM_OPS() MACRO instead of struct dev_pm_ops directly. The suspend and resume functions will now be used for both suspend to RAM and hibernation. If power management is disabled, SIMPLE_DEV_PM_OPS will do nothing, the suspend and resume related functions won't be used, so mark them as __maybe_unused to clarify that this is the intended behavior, and remove #ifdefs for power management. Cc: stable(a)vger.kernel.org Signed-off-by: Even Xu <even.xu(a)intel.com> Acked-by: Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> --- drivers/hid/intel-ish-hid/ipc/pci-ish.c | 22 +++++++--------------- 1 file changed, 7 insertions(+), 15 deletions(-) diff --git a/drivers/hid/intel-ish-hid/ipc/pci-ish.c b/drivers/hid/intel-ish-hid/ipc/pci-ish.c index 582e449..a2c53ea 100644 --- a/drivers/hid/intel-ish-hid/ipc/pci-ish.c +++ b/drivers/hid/intel-ish-hid/ipc/pci-ish.c @@ -205,8 +205,7 @@ static void ish_remove(struct pci_dev *pdev) kfree(ishtp_dev); } -#ifdef CONFIG_PM -static struct device *ish_resume_device; +static struct device __maybe_unused *ish_resume_device; /* 50ms to get resume response */ #define WAIT_FOR_RESUME_ACK_MS 50 @@ -220,7 +219,7 @@ static struct device *ish_resume_device; * in that case a simple resume message is enough, others we need * a reset sequence. */ -static void ish_resume_handler(struct work_struct *work) +static void __maybe_unused ish_resume_handler(struct work_struct *work) { struct pci_dev *pdev = to_pci_dev(ish_resume_device); struct ishtp_device *dev = pci_get_drvdata(pdev); @@ -262,7 +261,7 @@ static void ish_resume_handler(struct work_struct *work) * * Return: 0 to the pm core */ -static int ish_suspend(struct device *device) +static int __maybe_unused ish_suspend(struct device *device) { struct pci_dev *pdev = to_pci_dev(device); struct ishtp_device *dev = pci_get_drvdata(pdev); @@ -288,7 +287,7 @@ static int ish_suspend(struct device *device) return 0; } -static DECLARE_WORK(resume_work, ish_resume_handler); +static __maybe_unused DECLARE_WORK(resume_work, ish_resume_handler); /** * ish_resume() - ISH resume callback * @device: device pointer @@ -297,7 +296,7 @@ static DECLARE_WORK(resume_work, ish_resume_handler); * * Return: 0 to the pm core */ -static int ish_resume(struct device *device) +static int __maybe_unused ish_resume(struct device *device) { struct pci_dev *pdev = to_pci_dev(device); struct ishtp_device *dev = pci_get_drvdata(pdev); @@ -311,21 +310,14 @@ static int ish_resume(struct device *device) return 0; } -static const struct dev_pm_ops ish_pm_ops = { - .suspend = ish_suspend, - .resume = ish_resume, -}; -#define ISHTP_ISH_PM_OPS (&ish_pm_ops) -#else -#define ISHTP_ISH_PM_OPS NULL -#endif /* CONFIG_PM */ +static SIMPLE_DEV_PM_OPS(ish_pm_ops, ish_suspend, ish_resume); static struct pci_driver ish_driver = { .name = KBUILD_MODNAME, .id_table = ish_pci_tbl, .probe = ish_probe, .remove = ish_remove, - .driver.pm = ISHTP_ISH_PM_OPS, + .driver.pm = &ish_pm_ops, }; module_pci_driver(ish_driver); -- 2.7.4

7 years, 4 months

2
1
0 0

[PATCH] pinctrl: devicetree: Fix pctldev pointer overwrite

by Fabio Estevam

From: Fabio Estevam <fabio.estevam(a)nxp.com> Commit b89405b6102f ("pinctrl: devicetree: Fix dt_to_map_one_config handling of hogs") causes the pinctrl hog pins to not get initialized on i.MX platforms leaving them with the IOMUX settings untouched. This causes several regressions on i.MX such as: - OV5640 camera driver can not be probed anymore on imx6qdl-sabresd because the camera clock pin is in a pinctrl_hog group and since its pinctrl initialization is skipped, the camera clock is kept in GPIO functionality instead of CLK_CKO function. - Audio stopped working on imx6qdl-wandboard and imx53-qsb for the same reason. Richard Fitzgerald explains the problem: "I see the bug. If the hog node isn't a 1st level child of the pinctrl parent node it will go around the for(;;) loop again but on the first pass I overwrite pctldev with the result of get_pinctrl_dev_from_of_node() so it doesn't point to the pinctrl driver any more." Fix the issue by stashing the original pctldev so it doesn't get overwritten. Fixes: b89405b6102f ("pinctrl: devicetree: Fix dt_to_map_one_config handling of hogs") Cc: <stable(a)vger.kernel.org> Reported-by: Mika Penttilä <mika.penttila(a)nextfour.com> Reported-by: Steve Longerbeam <slongerbeam(a)gmail.com> Suggested-by: Richard Fitzgerald <rf(a)opensource.cirrus.com> Signed-off-by: Fabio Estevam <fabio.estevam(a)nxp.com> --- drivers/pinctrl/devicetree.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/pinctrl/devicetree.c b/drivers/pinctrl/devicetree.c index b601039..c4aa411 100644 --- a/drivers/pinctrl/devicetree.c +++ b/drivers/pinctrl/devicetree.c @@ -101,10 +101,11 @@ struct pinctrl_dev *of_pinctrl_get(struct device_node *np) } static int dt_to_map_one_config(struct pinctrl *p, - struct pinctrl_dev *pctldev, + struct pinctrl_dev *hog_pctldev, const char *statename, struct device_node *np_config) { + struct pinctrl_dev *pctldev = NULL; struct device_node *np_pctldev; const struct pinctrl_ops *ops; int ret; @@ -123,8 +124,10 @@ static int dt_to_map_one_config(struct pinctrl *p, return -EPROBE_DEFER; } /* If we're creating a hog we can use the passed pctldev */ - if (pctldev && (np_pctldev == p->dev->of_node)) + if (hog_pctldev && (np_pctldev == p->dev->of_node)) { + pctldev = hog_pctldev; break; + } pctldev = get_pinctrl_dev_from_of_node(np_pctldev); if (pctldev) break; -- 2.7.4

7 years, 4 months

4
3
0 0

[PATCH] crypto: ccree: fix iv copying for small buffers

by Gilad Ben-Yossef

We are copying our last cipher block into the request for use as IV as required by the Crypto API but we failed to handle correctly the case the buffer we are working on is smaller than a block. Fix it by calculating how much we need to copy based on buffer size. CC: stable(a)vger.kernel.org Fixes: 63ee04c8b491 ("crypto: ccree - add skcipher support") Reported by: Hadar Gat <hadar.gat(a)arm.com> Signed-off-by: Gilad Ben-Yossef <gilad(a)benyossef.com> --- drivers/crypto/ccree/cc_cipher.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/drivers/crypto/ccree/cc_cipher.c b/drivers/crypto/ccree/cc_cipher.c index d2810c1..a07547f 100644 --- a/drivers/crypto/ccree/cc_cipher.c +++ b/drivers/crypto/ccree/cc_cipher.c @@ -616,9 +616,18 @@ static void cc_cipher_complete(struct device *dev, void *cc_req, int err) memcpy(req->iv, req_ctx->backup_info, ivsize); kzfree(req_ctx->backup_info); } else if (!err) { - scatterwalk_map_and_copy(req->iv, req->dst, - (req->cryptlen - ivsize), - ivsize, 0); + unsigned int len; + + if (req->cryptlen > ivsize) { + len = req->cryptlen - ivsize; + } else { + memset(req->iv, 0, ivsize); + len = 0; + ivsize = req->cryptlen; + + } + + scatterwalk_map_and_copy(req->iv, req->dst, len, ivsize, 0); } skcipher_request_complete(req, err); @@ -755,17 +764,26 @@ static int cc_cipher_decrypt(struct skcipher_request *req) struct cipher_req_ctx *req_ctx = skcipher_request_ctx(req); unsigned int ivsize = crypto_skcipher_ivsize(sk_tfm); gfp_t flags = cc_gfp_flags(&req->base); + unsigned int len; /* * Allocate and save the last IV sized bytes of the source, which will * be lost in case of in-place decryption and might be needed for CTS. */ - req_ctx->backup_info = kmalloc(ivsize, flags); + req_ctx->backup_info = kzalloc(ivsize, flags); if (!req_ctx->backup_info) return -ENOMEM; - scatterwalk_map_and_copy(req_ctx->backup_info, req->src, - (req->cryptlen - ivsize), ivsize, 0); + + if (req->cryptlen > ivsize) { + len = req->cryptlen - ivsize; + } else { + len = 0; + ivsize = req->cryptlen; + } + + scatterwalk_map_and_copy(req_ctx->backup_info, req->src, len, ivsize, + 0); req_ctx->is_giv = false; return cc_cipher_process(req, DRV_CRYPTO_DIRECTION_DECRYPT); -- 2.7.4

7 years, 4 months

3
3
0 0

[PATCH] ubifs: Fix memory leak in lprobs self-check

by Richard Weinberger

Allocate the buffer after we return early. Otherwise memory is being leaked. Cc: <stable(a)vger.kernel.org> Fixes: 1e51764a3c2a ("UBIFS: add new flash file system") Signed-off-by: Richard Weinberger <richard(a)nod.at> --- fs/ubifs/lprops.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/fs/ubifs/lprops.c b/fs/ubifs/lprops.c index f5a46844340c..8ade493a423a 100644 --- a/fs/ubifs/lprops.c +++ b/fs/ubifs/lprops.c @@ -1089,10 +1089,6 @@ static int scan_check_cb(struct ubifs_info *c, } } - buf = __vmalloc(c->leb_size, GFP_NOFS, PAGE_KERNEL); - if (!buf) - return -ENOMEM; - /* * After an unclean unmount, empty and freeable LEBs * may contain garbage - do not scan them. @@ -1111,6 +1107,10 @@ static int scan_check_cb(struct ubifs_info *c, return LPT_SCAN_CONTINUE; } + buf = __vmalloc(c->leb_size, GFP_NOFS, PAGE_KERNEL); + if (!buf) + return -ENOMEM; + sleb = ubifs_scan(c, lnum, 0, buf, 0); if (IS_ERR(sleb)) { ret = PTR_ERR(sleb); -- 2.13.6

7 years, 4 months

1
0
0 0

[PATCH 4.9] dm bufio: avoid false-positive Wmaybe-uninitialized warning

by Nathan Chancellor

From: Arnd Bergmann <arnd(a)arndb.de> commit 590347e4000356f55eb10b03ced2686bd74dab40 upstream. gcc-6.3 and earlier show a new warning after a seemingly unrelated change to the arm64 PAGE_KERNEL definition: In file included from drivers/md/dm-bufio.c:14:0: drivers/md/dm-bufio.c: In function 'alloc_buffer': include/linux/sched/mm.h:182:56: warning: 'noio_flag' may be used uninitialized in this function [-Wmaybe-uninitialized] current->flags = (current->flags & ~PF_MEMALLOC_NOIO) | flags; ^ The same warning happened earlier on linux-3.18 for MIPS and I did a workaround for that, but now it's come back. gcc-7 and newer are apparently smart enough to figure this out, and other architectures don't show it, so the best I could come up with is to rework the caller slightly in a way that makes it obvious enough to all arm64 compilers what is happening here. Fixes: 41acec624087 ("arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0()") Link: https://patchwork.kernel.org/patch/9692829/ Cc: stable(a)vger.kernel.org Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> [snitzer: moved declarations inside conditional, altered vmalloc return] Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> [nc: Backport to 4.9, adjust context for lack of 19809c2da28a] Signed-off-by: Nathan Chancellor <natechancellor(a)gmail.com> --- Hi Greg, Resending this with a proper prefix and message, in case the other one fell through the cracks. I came across this warning when building with Google's stock GCC 4.9 toolchain on the OnePlus 6. Context was adjusted around lack of commit 19809c2da28a ("mm, vmalloc: use __GFP_HIGHMEM implicitly") in 4.9. Please apply when you get a chance. Thanks! Nathan drivers/md/dm-bufio.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/drivers/md/dm-bufio.c b/drivers/md/dm-bufio.c index 3ec647e8b9c6..35fd57fdeba9 100644 --- a/drivers/md/dm-bufio.c +++ b/drivers/md/dm-bufio.c @@ -373,9 +373,6 @@ static void __cache_size_refresh(void) static void *alloc_buffer_data(struct dm_bufio_client *c, gfp_t gfp_mask, enum data_mode *data_mode) { - unsigned noio_flag; - void *ptr; - if (c->block_size <= DM_BUFIO_BLOCK_SIZE_SLAB_LIMIT) { *data_mode = DATA_MODE_SLAB; return kmem_cache_alloc(DM_BUFIO_CACHE(c), gfp_mask); @@ -399,16 +396,16 @@ static void *alloc_buffer_data(struct dm_bufio_client *c, gfp_t gfp_mask, * all allocations done by this process (including pagetables) are done * as if GFP_NOIO was specified. */ + if (gfp_mask & __GFP_NORETRY) { + unsigned noio_flag = memalloc_noio_save(); + void *ptr = __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM, + PAGE_KERNEL); - if (gfp_mask & __GFP_NORETRY) - noio_flag = memalloc_noio_save(); - - ptr = __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM, PAGE_KERNEL); - - if (gfp_mask & __GFP_NORETRY) memalloc_noio_restore(noio_flag); + return ptr; + } - return ptr; + return __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM, PAGE_KERNEL); } /* -- 2.17.1

7 years, 4 months

2
2
0 0

[PATCH] complete e390f9a port for v4.9.106

by Philip Müller

objtool ports introduced in v4.9.106 were not totally complete. Therefore they resulted in issues like: module: overflow in relocation type 10 val XXXXXXXXXXX ‘usbcore’ likely not compiled with -mcmodel=kernel module: overflow in relocation type 10 val XXXXXXXXXXX ‘scsi_mod’ likely not compiled with -mcmodel=kernel Missing part was the complete backport of commit e390f9a. Original notes by Josh Poimboeuf: The '__unreachable' and '__func_stack_frame_non_standard' sections are only used at compile time. They're discarded for vmlinux but they should also be discarded for modules. Since this is a recurring pattern, prefix the section names with ".discard.". It's a nice convention and vmlinux.lds.h already discards such sections. Also remove the 'a' (allocatable) flag from the __unreachable section since it doesn't make sense for a discarded section. Signed-off-by: Philip Müller <philm(a)manjaro.org> Fixes: d1091c7fa3d5 ("objtool: Improve detection of BUG() and other dead ends") Link: https://gitlab.manjaro.org/packages/core/linux49/issues/2

7 years, 4 months

2
3
0 0

[PATCH v3 1/2] drm/rockchip: vop: split out core clock enablement into separate functions

by Heiko Stuebner

Judging from the iommu code, both the hclk and aclk are necessary for register access. Split them off into separate functions from the regular vop enablement, so that we can use them elsewhere as well. Fixes: d0b912bd4c23 ("iommu/rockchip: Request irqs in rk_iommu_probe()") Cc: stable(a)vger.kernel.org Signed-off-by: Heiko Stuebner <heiko(a)sntech.de> Tested-by: Ezequiel Garcia <ezequiel(a)collabora.com> --- drivers/gpu/drm/rockchip/rockchip_drm_vop.c | 44 +++++++++++++++------ 1 file changed, 31 insertions(+), 13 deletions(-) diff --git a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c index 2121345a61af..9a1f272e41c7 100644 --- a/drivers/gpu/drm/rockchip/rockchip_drm_vop.c +++ b/drivers/gpu/drm/rockchip/rockchip_drm_vop.c @@ -486,6 +486,31 @@ static void vop_line_flag_irq_disable(struct vop *vop) spin_unlock_irqrestore(&vop->irq_lock, flags); } +static int vop_core_clks_enable(struct vop *vop) +{ + int ret; + + ret = clk_enable(vop->hclk); + if (ret < 0) + return ret; + + ret = clk_enable(vop->aclk); + if (ret < 0) + goto err_disable_hclk; + + return 0; + +err_disable_hclk: + clk_disable(vop->hclk); + return ret; +} + +static void vop_core_clks_disable(struct vop *vop) +{ + clk_disable(vop->aclk); + clk_disable(vop->hclk); +} + static int vop_enable(struct drm_crtc *crtc) { struct vop *vop = to_vop(crtc); @@ -497,17 +522,13 @@ static int vop_enable(struct drm_crtc *crtc) return ret; } - ret = clk_enable(vop->hclk); + ret = vop_core_clks_enable(vop); if (WARN_ON(ret < 0)) goto err_put_pm_runtime; ret = clk_enable(vop->dclk); if (WARN_ON(ret < 0)) - goto err_disable_hclk; - - ret = clk_enable(vop->aclk); - if (WARN_ON(ret < 0)) - goto err_disable_dclk; + goto err_disable_core; /* * Slave iommu shares power, irq and clock with vop. It was associated @@ -519,7 +540,7 @@ static int vop_enable(struct drm_crtc *crtc) if (ret) { DRM_DEV_ERROR(vop->dev, "failed to attach dma mapping, %d\n", ret); - goto err_disable_aclk; + goto err_disable_dclk; } spin_lock(&vop->reg_lock); @@ -558,12 +579,10 @@ static int vop_enable(struct drm_crtc *crtc) return 0; -err_disable_aclk: - clk_disable(vop->aclk); err_disable_dclk: clk_disable(vop->dclk); -err_disable_hclk: - clk_disable(vop->hclk); +err_disable_core: + vop_core_clks_disable(vop); err_put_pm_runtime: pm_runtime_put_sync(vop->dev); return ret; @@ -609,8 +628,7 @@ static void vop_crtc_atomic_disable(struct drm_crtc *crtc, rockchip_drm_dma_detach_device(vop->drm_dev, vop->dev); clk_disable(vop->dclk); - clk_disable(vop->aclk); - clk_disable(vop->hclk); + vop_core_clks_disable(vop); pm_runtime_put(vop->dev); mutex_unlock(&vop->vop_lock); -- 2.17.0

7 years, 4 months

1
0
0 0

[PATCH Resend 1/2] MIPS: io: Add barrier after register read in inX()

by Huacai Chen

While a barrier is present in the outX() functions before the register write, a similar barrier is missing in the inX() functions after the register read. This could allow memory accesses following inX() to observe stale data. This patch is very similar to commit a1cc7034e33d12dc1 ("MIPS: io: Add barrier after register read in readX()"). Because war_io_reorder_wmb() is both used by writeX() and outX(), if readX() need a barrier then so does inX(). Cc: stable(a)vger.kernel.org Signed-off-by: Huacai Chen <chenhc(a)lemote.com> --- arch/mips/include/asm/io.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/arch/mips/include/asm/io.h b/arch/mips/include/asm/io.h index a7d0b83..cea8ad8 100644 --- a/arch/mips/include/asm/io.h +++ b/arch/mips/include/asm/io.h @@ -414,6 +414,8 @@ static inline type pfx##in##bwlq##p(unsigned long port) \ __val = *__addr; \ slow; \ \ + /* prevent prefetching of coherent DMA data prematurely */ \ + rmb(); \ return pfx##ioswab##bwlq(__addr, __val); \ } -- 2.7.0

7 years, 4 months

1
0
0 0

Re: ct helper ipv6

by Florian Westphal

Ale <mystic(a)tin.it> wrote: [ cc stable, could you please queue below fix? ] > When I try to use CT HELPER for the ipv6, nft it dies and I have to > restart the pc. But it works well for ip and inet. > > nft add ct helper ip6 filter ftp-std { type \"ftp\" protocol tcp\; } > nft add rule ip6 filter WAN-IN iifname $IF_WAN_1 tcp sport $UP_PORTS > tcp dport $UP_PORTS ct helper set \"ftp-std\" counter accept > > Kernel: RIP: strlen+0x0/0x20 RSP: ffffae1b4c67f980 > kernel: Code: f8 48 89 f9 74 09 48 83 c1 01 80 39 00 75 f7 31 d2 44 0f > b6 04 16 44 88 04 11 48 83 c2 01 45 84 c0 75 ee c3 0f 1f 80 00 00 00 00 > <80> 3f 00 74 10 48 89 f8 48 > This is most likely fixed in 4.17 by commit b71534583f22d08c3e3563bf5100aeb5f5c9fbe5 netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump The bug was added in Linux 4.12.

7 years, 4 months

2
1
0 0

Linux 4.17.1

by Greg KH

I'm announcing the release of the 4.17.1 kernel. All users of the 4.17 kernel series must upgrade. The updated 4.17.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.17.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/networking/netdev-FAQ.txt | 9 ++++ Makefile | 2 - drivers/net/dsa/b53/b53_common.c | 15 +++++++ drivers/net/dsa/b53/b53_priv.h | 2 + drivers/net/dsa/b53/b53_srab.c | 4 +- drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 - drivers/net/team/team.c | 3 + drivers/pci/host/pci-hyperv.c | 46 +++++++++++++++++------ include/linux/mroute_base.h | 10 ----- include/net/ipv6.h | 5 ++ net/core/flow_dissector.c | 2 - net/core/rtnetlink.c | 8 ++-- net/ipv4/fib_semantics.c | 4 ++ net/ipv4/ipmr_base.c | 8 ++-- net/ipv4/netfilter/nf_flow_table_ipv4.c | 5 +- net/ipv6/ip6_output.c | 3 + net/ipv6/ip6mr.c | 21 +++++++--- net/ipv6/ndisc.c | 6 +++ net/ipv6/netfilter/nf_flow_table_ipv6.c | 1 net/ipv6/route.c | 4 +- net/l2tp/l2tp_ppp.c | 35 ++++++++--------- net/packet/af_packet.c | 2 - net/sctp/transport.c | 2 - 23 files changed, 131 insertions(+), 68 deletions(-) Arun Parameswaran (1): net: dsa: b53: Fix for brcm tag issue in Cygnus SoC Cong Wang (1): netdev-FAQ: clarify DaveM's position for stable backports Dan Carpenter (1): team: use netdev_features_t instead of u32 Dexuan Cui (1): PCI: hv: Do not wait forever on a device that has disappeared Eric Dumazet (3): net: metrics: add proper netlink validation net/packet: refine check for priv area size rtnetlink: validate attributes in do_setlink() Greg Kroah-Hartman (1): Linux 4.17.1 Guillaume Nault (1): l2tp: fix refcount leakage on PPPoL2TP sockets Jason A. Donenfeld (1): netfilter: nf_flow_table: attach dst to skbs Julia Lawall (1): bnx2x: use the right constant Michal Kubecek (1): ipv6: omit traffic class when calculating flow hash Sabrina Dubroca (2): ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds ipmr: fix error path when ipmr_new_table fails Stephen Suryaputra (1): vrf: check the original netdevice for generating redirect Xin Long (1): sctp: not allow transport timeout value less than HZ/5 for hb_timer

7 years, 4 months

1
1
0 0

Linux 4.16.15

by Greg KH

I'm announcing the release of the 4.16.15 kernel. All users of the 4.16 kernel series must upgrade. The updated 4.16.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.16.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/networking/netdev-FAQ.txt | 9 ++++ Makefile | 2 - drivers/gpu/drm/drm_file.c | 1 drivers/isdn/hardware/eicon/diva.c | 22 +++++++---- drivers/isdn/hardware/eicon/diva.h | 5 +- drivers/isdn/hardware/eicon/divasmain.c | 18 +++++---- drivers/net/dsa/b53/b53_common.c | 15 +++++++ drivers/net/dsa/b53/b53_priv.h | 2 + drivers/net/dsa/b53/b53_srab.c | 4 +- drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 - drivers/net/ethernet/cisco/enic/enic_main.c | 8 ++-- drivers/net/ethernet/emulex/benet/be_main.c | 4 +- drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +- drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 42 +++++++++++++++++++++ drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 5 ++ drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 - drivers/net/ethernet/socionext/netsec.c | 4 +- drivers/net/ethernet/ti/davinci_emac.c | 22 ++++++----- drivers/net/phy/bcm-cygnus.c | 6 +-- drivers/net/phy/bcm-phy-lib.c | 2 - drivers/net/phy/bcm-phy-lib.h | 7 +++ drivers/net/phy/bcm7xxx.c | 4 +- drivers/net/team/team.c | 3 + drivers/net/tun.c | 15 ++++--- drivers/net/usb/cdc_mbim.c | 2 - drivers/net/virtio_net.c | 21 +++++----- drivers/pci/host/pci-hyperv.c | 46 +++++++++++++++++------ drivers/vhost/net.c | 37 ++++++++++++------ drivers/vhost/vhost.c | 3 + include/net/ipv6.h | 5 ++ mm/mmap.c | 32 ++++++++++++++++ net/core/flow_dissector.c | 2 - net/core/net-sysfs.c | 6 +-- net/core/rtnetlink.c | 8 ++-- net/dccp/proto.c | 2 - net/ipv4/fib_frontend.c | 1 net/ipv4/fib_semantics.c | 4 ++ net/ipv4/ip_sockglue.c | 2 - net/ipv4/ip_tunnel.c | 8 ++-- net/ipv4/ipmr.c | 7 +++ net/ipv4/netfilter/nf_flow_table_ipv4.c | 5 +- net/ipv6/ip6_output.c | 3 + net/ipv6/ip6_tunnel.c | 11 ++++- net/ipv6/ip6mr.c | 3 + net/ipv6/ndisc.c | 6 +++ net/ipv6/netfilter/nf_flow_table_ipv6.c | 1 net/ipv6/route.c | 2 - net/ipv6/seg6_iptunnel.c | 4 +- net/ipv6/sit.c | 5 +- net/kcm/kcmsock.c | 2 - net/l2tp/l2tp_ppp.c | 35 ++++++++--------- net/packet/af_packet.c | 4 +- net/sched/cls_api.c | 2 - net/sched/cls_flower.c | 2 - net/sctp/transport.c | 2 - scripts/kconfig/confdata.c | 2 - 56 files changed, 338 insertions(+), 145 deletions(-) Alexander Duyck (1): net-sysfs: Fix memory leak in XPS configuration Alexey Kodanev (1): dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() Ard Biesheuvel (1): net: netsec: reduce DMA mask to 40 bits Arun Parameswaran (1): net: dsa: b53: Fix for brcm tag issue in Cygnus SoC Cong Wang (1): netdev-FAQ: clarify DaveM's position for stable backports Dan Carpenter (2): net: ethernet: davinci_emac: fix error handling in probe() team: use netdev_features_t instead of u32 Daniele Palmas (1): net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Dave Airlie (1): drm: set FMODE_UNSIGNED_OFFSET for drm files Dexuan Cui (1): PCI: hv: Do not wait forever on a device that has disappeared Eran Ben Elisha (1): net/mlx5e: When RXFCS is set, add FCS data into checksum calculation Eric Dumazet (4): ipmr: properly check rhltable_init() return value net: metrics: add proper netlink validation net/packet: refine check for priv area size rtnetlink: validate attributes in do_setlink() Florian Fainelli (2): net: phy: broadcom: Fix bcm_write_exp() net: phy: broadcom: Fix auxiliary control register reads Govindarajulu Varadarajan (1): enic: set DMA mask to 47 bit Greg Kroah-Hartman (1): Linux 4.16.15 Guillaume Nault (1): l2tp: fix refcount leakage on PPPoL2TP sockets Jack Morgenstein (1): net/mlx4: Fix irq-unsafe spinlock usage Jason A. Donenfeld (1): netfilter: nf_flow_table: attach dst to skbs Jason Wang (6): vhost: synchronize IOTLB message with dev cleanup virtio-net: correctly transmit XDP buff after linearizing virtio-net: fix leaking page for gso packet during mergeable XDP virtio-net: correctly check num_buf during err path virtio-net: correctly redirect linearized packet vhost_net: flush batched heads before trying to busy polling Julia Lawall (1): bnx2x: use the right constant Kirill Tkhai (1): kcm: Fix use-after-free caused by clonned sockets Linus Torvalds (2): mmap: introduce sane default mmap limits mmap: relax file size limit for regular files Mathieu Xhonneux (1): ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline Michal Kubecek (1): ipv6: omit traffic class when calculating flow hash Nathan Chancellor (1): kconfig: Avoid format overflow warning from GCC 8.1 Nicolas Dichtel (2): ip6_tunnel: remove magic mtu value 0xFFF8 ip_tunnel: restore binding to ifaces with a large mtu Or Gerlitz (1): net : sched: cls_api: deal with egdev path only if needed Paul Blakey (1): cls_flower: Fix incorrect idr release when failing to modify rule Petr Machata (1): mlxsw: spectrum: Forbid creation of VLAN 1 over port/LAG Roopa Prabhu (1): net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy Sabrina Dubroca (1): ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Shahed Shaikh (1): qed: Fix mask for physical address in ILT entry Stephen Suryaputra (1): vrf: check the original netdevice for generating redirect Suresh Reddy (1): be2net: Fix error detection logic for BE3 Toshiaki Makita (1): tun: Fix NULL pointer dereference in XDP redirect Wenwen Wang (1): isdn: eicon: fix a missing-check bug Willem de Bruijn (2): ipv4: remove warning in ip_recv_error packet: fix reserve calculation Xin Long (1): sctp: not allow transport timeout value less than HZ/5 for hb_timer

7 years, 4 months

1
1
0 0

Linux 4.14.49

by Greg KH

I'm announcing the release of the 4.14.49 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/networking/netdev-FAQ.txt | 9 + Makefile | 2 drivers/gpu/drm/drm_file.c | 1 drivers/isdn/hardware/eicon/diva.c | 22 ++- drivers/isdn/hardware/eicon/diva.h | 5 drivers/isdn/hardware/eicon/divasmain.c | 18 +-- drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 drivers/net/ethernet/cisco/enic/enic_main.c | 8 - drivers/net/ethernet/emulex/benet/be_main.c | 4 drivers/net/ethernet/mellanox/mlx4/qp.c | 4 drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 42 +++++++ drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 drivers/net/phy/bcm-cygnus.c | 6 - drivers/net/phy/bcm-phy-lib.c | 2 drivers/net/phy/bcm-phy-lib.h | 7 + drivers/net/phy/bcm7xxx.c | 4 drivers/net/team/team.c | 3 drivers/net/tun.c | 15 +- drivers/net/usb/cdc_mbim.c | 2 drivers/net/virtio_net.c | 19 +-- drivers/pci/host/pci-hyperv.c | 46 ++++++-- drivers/scsi/sd_zbc.c | 128 +++++++++++++---------- drivers/vhost/vhost.c | 3 fs/btrfs/disk-io.c | 3 include/net/ipv6.h | 5 include/uapi/linux/btrfs_tree.h | 1 mm/mmap.c | 32 +++++ net/core/flow_dissector.c | 2 net/core/net-sysfs.c | 6 - net/core/rtnetlink.c | 8 - net/dccp/proto.c | 2 net/ipv4/fib_frontend.c | 1 net/ipv4/fib_semantics.c | 4 net/ipv4/ip_sockglue.c | 2 net/ipv4/ipmr.c | 7 + net/ipv6/ip6_output.c | 3 net/ipv6/ip6_tunnel.c | 11 + net/ipv6/ip6mr.c | 3 net/ipv6/ndisc.c | 6 + net/ipv6/route.c | 2 net/ipv6/seg6_iptunnel.c | 4 net/ipv6/sit.c | 5 net/kcm/kcmsock.c | 2 net/packet/af_packet.c | 4 net/sched/cls_flower.c | 2 net/sctp/transport.c | 2 scripts/kconfig/confdata.c | 2 47 files changed, 329 insertions(+), 144 deletions(-) Alexander Duyck (1): net-sysfs: Fix memory leak in XPS configuration Alexey Kodanev (1): dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() Anand Jain (1): btrfs: define SUPER_FLAG_METADUMP_V2 Bart Van Assche (1): scsi: sd_zbc: Avoid that resetting a zone fails sporadically Cong Wang (1): netdev-FAQ: clarify DaveM's position for stable backports Damien Le Moal (1): scsi: sd_zbc: Fix potential memory leak Dan Carpenter (1): team: use netdev_features_t instead of u32 Daniele Palmas (1): net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Dave Airlie (1): drm: set FMODE_UNSIGNED_OFFSET for drm files Dexuan Cui (1): PCI: hv: Do not wait forever on a device that has disappeared Eran Ben Elisha (1): net/mlx5e: When RXFCS is set, add FCS data into checksum calculation Eric Dumazet (4): ipmr: properly check rhltable_init() return value net: metrics: add proper netlink validation net/packet: refine check for priv area size rtnetlink: validate attributes in do_setlink() Florian Fainelli (2): net: phy: broadcom: Fix bcm_write_exp() net: phy: broadcom: Fix auxiliary control register reads Govindarajulu Varadarajan (1): enic: set DMA mask to 47 bit Greg Kroah-Hartman (1): Linux 4.14.49 Jack Morgenstein (1): net/mlx4: Fix irq-unsafe spinlock usage Jason Wang (4): vhost: synchronize IOTLB message with dev cleanup virtio-net: correctly transmit XDP buff after linearizing virtio-net: correctly check num_buf during err path virtio-net: fix leaking page for gso packet during mergeable XDP Julia Lawall (1): bnx2x: use the right constant Kirill Tkhai (1): kcm: Fix use-after-free caused by clonned sockets Linus Torvalds (2): mmap: introduce sane default mmap limits mmap: relax file size limit for regular files Mathieu Xhonneux (1): ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline Michal Kubecek (1): ipv6: omit traffic class when calculating flow hash Nathan Chancellor (1): kconfig: Avoid format overflow warning from GCC 8.1 Nicolas Dichtel (1): ip6_tunnel: remove magic mtu value 0xFFF8 Paul Blakey (1): cls_flower: Fix incorrect idr release when failing to modify rule Roopa Prabhu (1): net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy Sabrina Dubroca (1): ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Shahed Shaikh (1): qed: Fix mask for physical address in ILT entry Stephen Suryaputra (1): vrf: check the original netdevice for generating redirect Suresh Reddy (1): be2net: Fix error detection logic for BE3 Toshiaki Makita (1): tun: Fix NULL pointer dereference in XDP redirect Wenwen Wang (1): isdn: eicon: fix a missing-check bug Willem de Bruijn (2): ipv4: remove warning in ip_recv_error packet: fix reserve calculation Xin Long (1): sctp: not allow transport timeout value less than HZ/5 for hb_timer

7 years, 4 months

1
1
0 0

[GIT PULL] Spectre-v2 (IBPB/IBRS) and SSBD fixes for 4.4.y

by Srivatsa S. Bhat

Hi Greg, I have backported Spectre-v2 fixes and patches for the Speculative Store Bypass vulnerability to 4.4.y (they apply cleanly on top of 4.4.136). I would appreciate if you could kindly consider them for review and inclusion in a future 4.4.y release. Thank you very much! Regards, Srivatsa VMware Photon OS The following changes since commit dc45cafe612ec6960fe728f3260a0b751c73f4aa: Linux 4.4.136 (2018-06-06 16:46:24 +0200) are available in the git repository at: https://github.com/srivatsabhat/linux-stable spectre-v2-fixes-4.4.136 for you to fetch changes up to 9b8faf91ba22460785968e013763d9a5be869228: x86/bugs: Rename SSBD_NO to SSB_NO (2018-06-11 13:58:43 -0700) ---------------------------------------------------------------- Alexander Kuleshov (1): x86/boot: Simplify kernel load address alignment check Alexander Sergeyev (1): x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist Andi Kleen (1): x86/headers: Don't include asm/processor.h in asm/atomic.h Andrey Smetanin (1): kvm/x86: per-vcpu apicv deactivation support Andy Lutomirski (2): x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 x86/mm: Give each mm TLB flush generation a unique ID Andy Shevchenko (1): x86/cpu: Rename Merrifield2 to Moorefield Arnd Bergmann (1): x86/pti: Mark constant arrays as __initconst Ashok Raj (1): KVM/x86: Add IBPB support Borislav Petkov (16): x86/cpufeature: Move some of the scattered feature bits to x86_capability x86/cpufeature: Cleanup get_cpu_cap() x86/cpufeature: Remove unused and seldomly used cpu_has_xx macros x86/cpu: Provide a config option to disable static_cpu_has x86/fpu: Add an XSTATE_OP() macro x86/fpu: Get rid of xstate_fault() x86/cpufeature: Carve out X86_FEATURE_* x86/cpufeature: Replace the old static_cpu_has() with safe variant x86/cpufeature: Get rid of the non-asm goto variant x86/alternatives: Add an auxilary section x86/vdso: Use static_cpu_has() x86/cpufeature: Speed up cpu_feature_enabled() Documentation/spec_ctrl: Do some minor cleanups x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP x86/cpu/AMD: Fix erratum 1076 (CPB bit) x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host} Brian Gerst (1): x86/alternatives: Discard dynamic check after init Dan Williams (2): x86/entry/64/compat: Clear registers for compat syscalls, to reduce speculation attack surface x86/speculation: Fix up array_index_nospec_mask() asm constraint Dave Hansen (7): x86/cpufeature, x86/mm/pkeys: Add protection keys related CPUID definitions x86/mm/pkeys: Fix mismerge of protection keys CPUID bits x86/cpufeature, x86/mm/pkeys: Fix broken compile-time disabling of pkeys x86/cpufeature: Update cpufeaure macros x86/cpufeature: Make sure DISABLED/REQUIRED macros are updated x86/cpufeature: Add helper macro for mask check macros x86/mm: Factor out LDT init from context init David Matlack (2): kvm: x86: nVMX: maintain internal copy of current VMCS KVM: nVMX: mark vmcs12 pages dirty on L2 exit David Woodhouse (14): x86/cpufeatures: Add CPUID_7_EDX CPUID leaf x86/cpufeatures: Add Intel feature bits for Speculation Control x86/cpufeatures: Add AMD feature bits for Speculation Control x86/msr: Add definitions for new speculation control MSRs x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support x86/cpufeatures: Clean up Spectre v2 related CPUID flags x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel x86/speculation: Update Speculation Control microcode blacklist x86/speculation: Correct Speculation Control microcode blacklist again x86/speculation: Use IBRS if available before calling into firmware x86/amd: don't set X86_BUG_SYSRET_SS_ATTRS when running under Xen x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested Denys Vlasenko (1): x86/asm/entry/32: Simplify pushes of zeroed pt_regs->REGs Huaitong Han (1): KVM: x86: remove magic number with enum cpuid_leafs Ingo Molnar (2): x86/speculation: Clean up various Spectre related details x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP Jim Mattson (4): KVM: VMX: Add VMCS to CPU's loaded VMCSs before VMPTRLD kvm: nVMX: VMCLEAR an active shadow VMCS after last use KVM: nVMX: Eliminate vmcs02 pool x86/cpu: Make alternative_msr_write work for 32-bit code Jiri Kosina (2): x86/bugs: Fix __ssb_select_mitigation() return type x86/bugs: Make cpu_show_common() static Juergen Gross (3): x86: Remove unused function cpu_has_ht_siblings() x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend xen: set cpu capabilities from xen_start_kernel() KarimAllah Ahmed (4): KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL X86/nVMX: Properly set spec_ctrl and pred_cmd before merging MSRs Kees Cook (5): nospec: Allow getting/setting on non-current task proc: Provide details on speculation flaw mitigations seccomp: Enable speculation flaw mitigations seccomp: Add filter flag to opt-out of SSB mitigation x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass Konrad Rzeszutek Wilk (15): x86/spectre_v2: Don't check microcode versions when running under hypervisors x86/bugs: Concentrate bug detection into a separate function x86/bugs: Concentrate bug reporting into a separate function x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits x86/bugs, KVM: Support the combination of guest and host IBRS x86/bugs: Expose /sys/../spec_store_bypass x86/cpufeatures: Add X86_FEATURE_RDS x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation x86/bugs/intel: Set proper CPU features and setup RDS x86/bugs: Whitelist allowed SPEC_CTRL MSR values x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest x86/bugs: Rename _RDS to _SSBD proc: Use underscores for SSBD in 'status' x86/bugs: Fix the parameters alignment and missing void x86/bugs: Rename SSBD_NO to SSB_NO Kyle Huey (2): x86/process: Optimize TIF checks in __switch_to_xtra() x86/process: Correct and optimize TIF_BLOCKSTEP switch Linus Torvalds (1): x86/nospec: Simplify alternative_msr_write() Mickaël Salaün (2): selftest/seccomp: Fix the flag name SECCOMP_FILTER_FLAG_TSYNC selftest/seccomp: Fix the seccomp(2) signature Paolo Bonzini (4): KVM: VMX: introduce alloc_loaded_vmcs KVM: VMX: make MSR bitmaps per-VCPU KVM/x86: Remove indirect MSR op calls from SPEC_CTRL KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() Peter Zijlstra (1): x86/speculation: Add <asm/msr-index.h> dependency Piotr Luc (1): x86/cpu/intel: Add Knights Mill to Intel family Radim Krčmář (1): KVM: nVMX: fix msr bitmaps to prevent L2 from accessing L0 x2APIC Thomas Gleixner (19): x86/speculation: Create spec-ctrl.h to avoid include hell prctl: Add speculation control prctls x86/process: Optimize TIF_NOTSC switch x86/process: Allow runtime control of Speculative Store Bypass x86/speculation: Add prctl for Speculative Store Bypass mitigation prctl: Add force disable speculation seccomp: Use PR_SPEC_FORCE_DISABLE seccomp: Move speculation migitation control to arch code KVM: SVM: Move spec control call after restore of GS x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS x86/cpufeatures: Disentangle SSBD enumeration x86/cpufeatures: Add FEATURE_ZEN x86/speculation: Handle HT correctly on AMD x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL x86/speculation: Rework speculative_store_bypass_update() x86/bugs: Expose x86_spec_ctrl_base directly x86/bugs: Remove x86_spec_ctrl_set() x86/bugs: Rework spec_ctrl base and mask logic x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG Tim Chen (1): x86/speculation: Use Indirect Branch Prediction Barrier in context switch Tom Lendacky (2): x86/speculation: Add virtualized speculative store bypass disable support KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD Wanpeng Li (1): KVM: VMX: Enable MSR-BASED TPR shadow even if APICv is inactive Yang Zhang (1): kvm: vmx: check apicv is active before using VT-d posted interrupt Yazen Ghannam (1): x86/cpu: Add detection of AMD RAS Capabilities Documentation/ABI/testing/sysfs-devices-system-cpu | 1 + Documentation/kernel-parameters.txt | 47 +- Documentation/spec_ctrl.txt | 94 +++ arch/x86/Kconfig | 11 + arch/x86/Kconfig.debug | 10 - arch/x86/boot/cpuflags.h | 2 +- arch/x86/boot/mkcpustr.c | 2 +- arch/x86/crypto/chacha20_glue.c | 2 +- arch/x86/crypto/crc32-pclmul_glue.c | 2 +- arch/x86/crypto/crc32c-intel_glue.c | 4 +- arch/x86/crypto/crct10dif-pclmul_glue.c | 2 +- arch/x86/entry/common.c | 1 + arch/x86/entry/entry_32.S | 2 +- arch/x86/entry/entry_64_compat.S | 75 +- arch/x86/entry/vdso/vdso32-setup.c | 1 - arch/x86/entry/vdso/vdso32/system_call.S | 2 +- arch/x86/entry/vdso/vma.c | 3 +- arch/x86/include/asm/alternative.h | 6 - arch/x86/include/asm/apic.h | 1 - arch/x86/include/asm/apm.h | 6 + arch/x86/include/asm/arch_hweight.h | 2 + arch/x86/include/asm/atomic.h | 1 - arch/x86/include/asm/atomic64_32.h | 1 - arch/x86/include/asm/barrier.h | 2 +- arch/x86/include/asm/cmpxchg.h | 1 + arch/x86/include/asm/cmpxchg_32.h | 2 +- arch/x86/include/asm/cmpxchg_64.h | 2 +- arch/x86/include/asm/cpufeature.h | 584 +++----------- arch/x86/include/asm/cpufeatures.h | 335 ++++++++ arch/x86/include/asm/disabled-features.h | 18 + arch/x86/include/asm/fpu/internal.h | 184 +++-- arch/x86/include/asm/intel-family.h | 10 +- arch/x86/include/asm/irq_work.h | 2 +- arch/x86/include/asm/kvm_host.h | 8 +- arch/x86/include/asm/mmu.h | 15 +- arch/x86/include/asm/mmu_context.h | 25 +- arch/x86/include/asm/msr-index.h | 22 + arch/x86/include/asm/mwait.h | 2 + arch/x86/include/asm/nospec-branch.h | 56 +- arch/x86/include/asm/processor.h | 3 +- arch/x86/include/asm/required-features.h | 10 + arch/x86/include/asm/smap.h | 2 +- arch/x86/include/asm/smp.h | 10 - arch/x86/include/asm/spec-ctrl.h | 80 ++ arch/x86/include/asm/thread_info.h | 8 +- arch/x86/include/asm/tlbflush.h | 13 + arch/x86/include/asm/uaccess_64.h | 2 +- arch/x86/include/asm/xor_32.h | 2 +- arch/x86/kernel/apic/apic_numachip.c | 4 +- arch/x86/kernel/cpu/Makefile | 2 +- arch/x86/kernel/cpu/amd.c | 42 +- arch/x86/kernel/cpu/bugs.c | 427 +++++++++- arch/x86/kernel/cpu/centaur.c | 4 +- arch/x86/kernel/cpu/common.c | 193 +++-- arch/x86/kernel/cpu/cpu.h | 3 + arch/x86/kernel/cpu/cyrix.c | 1 + arch/x86/kernel/cpu/intel.c | 78 +- arch/x86/kernel/cpu/intel_cacheinfo.c | 8 +- arch/x86/kernel/cpu/match.c | 2 +- arch/x86/kernel/cpu/mkcapflags.sh | 6 +- arch/x86/kernel/cpu/mtrr/generic.c | 2 +- arch/x86/kernel/cpu/mtrr/main.c | 4 +- arch/x86/kernel/cpu/perf_event_amd.c | 4 +- arch/x86/kernel/cpu/perf_event_amd_uncore.c | 11 +- arch/x86/kernel/cpu/scattered.c | 20 - arch/x86/kernel/cpu/transmeta.c | 6 +- arch/x86/kernel/e820.c | 1 + arch/x86/kernel/fpu/init.c | 4 +- arch/x86/kernel/head_32.S | 2 +- arch/x86/kernel/head_64.S | 4 +- arch/x86/kernel/hpet.c | 1 + arch/x86/kernel/hw_breakpoint.c | 6 +- arch/x86/kernel/ldt.c | 4 +- arch/x86/kernel/msr.c | 2 +- arch/x86/kernel/process.c | 224 +++++- arch/x86/kernel/smpboot.c | 7 +- arch/x86/kernel/verify_cpu.S | 2 +- arch/x86/kernel/vm86_32.c | 4 +- arch/x86/kernel/vmlinux.lds.S | 11 + arch/x86/kvm/cpuid.c | 73 +- arch/x86/kvm/cpuid.h | 40 + arch/x86/kvm/irq.c | 2 +- arch/x86/kvm/lapic.c | 23 +- arch/x86/kvm/lapic.h | 4 +- arch/x86/kvm/svm.c | 157 +++- arch/x86/kvm/vmx.c | 884 ++++++++++++--------- arch/x86/kvm/x86.c | 33 +- arch/x86/lib/clear_page_64.S | 2 +- arch/x86/lib/copy_page_64.S | 2 +- arch/x86/lib/copy_user_64.S | 2 +- arch/x86/lib/memcpy_64.S | 2 +- arch/x86/lib/memmove_64.S | 2 +- arch/x86/lib/memset_64.S | 2 +- arch/x86/lib/retpoline.S | 2 +- arch/x86/mm/setup_nx.c | 5 +- arch/x86/mm/tlb.c | 33 + arch/x86/oprofile/op_model_amd.c | 1 - arch/x86/platform/efi/efi_64.c | 5 + arch/x86/um/asm/barrier.h | 2 +- arch/x86/xen/enlighten.c | 16 +- arch/x86/xen/suspend.c | 16 + drivers/base/cpu.c | 8 + drivers/char/hw_random/via-rng.c | 5 +- drivers/crypto/padlock-aes.c | 2 +- drivers/crypto/padlock-sha.c | 2 +- drivers/iommu/intel_irq_remapping.c | 2 +- fs/btrfs/disk-io.c | 2 +- fs/proc/array.c | 26 + include/linux/compiler.h | 4 + include/linux/cpu.h | 2 + include/linux/nospec.h | 10 + include/linux/sched.h | 9 + include/linux/seccomp.h | 3 +- include/uapi/linux/prctl.h | 12 + include/uapi/linux/seccomp.h | 4 +- kernel/seccomp.c | 21 +- kernel/sys.c | 21 + lib/atomic64_test.c | 4 + tools/testing/selftests/seccomp/seccomp_bpf.c | 98 ++- 119 files changed, 2983 insertions(+), 1325 deletions(-) create mode 100644 Documentation/spec_ctrl.txt create mode 100644 arch/x86/include/asm/cpufeatures.h create mode 100644 arch/x86/include/asm/spec-ctrl.h

7 years, 4 months

2
1
0 0

[PATCH 4.9] KVM: VMX: Expose SSBD properly to guests, 4.9 supplement

by Ben Hutchings

Fix an additional misuse of X86_FEATURE_SSBD in guest_cpuid_has_spec_ctrl(). This function was introduced in the backport of SSBD support to 4.9 and is not present upstream, so it was not fixed by commit 43462d908821 "KVM: VMX: Expose SSBD properly to guests." Fixes: 52817587e706 ("x86/cpufeatures: Disentangle SSBD enumeration") Signed-off-by: Ben Hutchings <ben(a)decadent.org.uk> Cc: Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: David Woodhouse <dwmw(a)amazon.co.uk> Cc: kvm(a)vger.kernel.org --- arch/x86/kvm/cpuid.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/kvm/cpuid.h b/arch/x86/kvm/cpuid.h index c38369781239..8a841b9d8f84 100644 --- a/arch/x86/kvm/cpuid.h +++ b/arch/x86/kvm/cpuid.h @@ -179,7 +179,7 @@ static inline bool guest_cpuid_has_spec_ctrl(struct kvm_vcpu *vcpu) if (best && (best->ebx & bit(X86_FEATURE_AMD_IBRS))) return true; best = kvm_find_cpuid_entry(vcpu, 7, 0); - return best && (best->edx & (bit(X86_FEATURE_SPEC_CTRL) | bit(X86_FEATURE_SSBD))); + return best && (best->edx & (bit(X86_FEATURE_SPEC_CTRL) | bit(X86_FEATURE_SPEC_CTRL_SSBD))); } static inline bool guest_cpuid_has_arch_capabilities(struct kvm_vcpu *vcpu)

7 years, 5 months

1
0
0 0

[PATCH 4.4] brcmfmac: Fix check for ISO3166 code

by Ben Hutchings

From: Stefan Wahren <stefan.wahren(a)i2se.com> commit 9b9322db5c5a1917a66c71fe47c3848a9a31227e upstream. The commit "regulatory: add NUL to request alpha2" increases the length of alpha2 to 3. This causes a regression on brcmfmac, because brcmf_cfg80211_reg_notifier() expect valid ISO3166 codes in the complete array. So fix this accordingly. Fixes: 657308f73e67 ("regulatory: add NUL to request alpha2") Signed-off-by: Stefan Wahren <stefan.wahren(a)i2se.com> Acked-by: Franky Lin <franky.lin(a)broadcom.com> Signed-off-by: Kalle Valo <kvalo(a)codeaurora.org> [bwh: Backported to 4.4: adjust filename] Signed-off-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk> --- drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c b/drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c index 83e5aa6a9f28..ad35e760ed3f 100644 --- a/drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c +++ b/drivers/net/wireless/brcm80211/brcmfmac/cfg80211.c @@ -6167,7 +6167,7 @@ static void brcmf_cfg80211_reg_notifier(struct wiphy *wiphy, req->alpha2[0], req->alpha2[1]); /* ignore non-ISO3166 country codes */ - for (i = 0; i < sizeof(req->alpha2); i++) + for (i = 0; i < 2; i++) if (req->alpha2[i] < 'A' || req->alpha2[i] > 'Z') { brcmf_err("not a ISO3166 code\n"); return; -- Ben Hutchings, Software Developer Codethink Ltd https://www.codethink.co.uk/ Dale House, 35 Dale Street Manchester, M1 2HF, United Kingdom

7 years, 5 months

1
0
0 0

[PATCH v11 0/7] dax: fix dma vs truncate/hole-punch

by Dan Williams

Changes since v9 [1] and v10 [2] * Resend the full series with the reworked "mm: introduce MEMORY_DEVICE_FS_DAX and CONFIG_DEV_PAGEMAP_OPS" (Christoph) * Move generic_dax_pagefree() into the pmem driver (Christoph) * Cleanup __bdev_dax_supported() (Christoph) * Cleanup some stale SRCU bits leftover from other iterations (Jan) * Cleanup xfs_break_layouts() (Jan) [1]: https://lists.01.org/pipermail/linux-nvdimm/2018-April/015457.html [2]: https://lists.01.org/pipermail/linux-nvdimm/2018-May/015885.html --- Background: get_user_pages() in the filesystem pins file backed memory pages for access by devices performing dma. However, it only pins the memory pages not the page-to-file offset association. If a file is truncated the pages are mapped out of the file and dma may continue indefinitely into a page that is owned by a device driver. This breaks coherency of the file vs dma, but the assumption is that if userspace wants the file-space truncated it does not matter what data is inbound from the device, it is not relevant anymore. The only expectation is that dma can safely continue while the filesystem reallocates the block(s). Problem: This expectation that dma can safely continue while the filesystem changes the block map is broken by dax. With dax the target dma page *is* the filesystem block. The model of leaving the page pinned for dma, but truncating the file block out of the file, means that the filesytem is free to reallocate a block under active dma to another file and now the expected data-incoherency situation has turned into active data-corruption. Solution: Defer all filesystem operations (fallocate(), truncate()) on a dax mode file while any page/block in the file is under active dma. This solution assumes that dma is transient. Cases where dma operations are known to not be transient, like RDMA, have been explicitly disabled via commits like 5f1d43de5416 "IB/core: disable memory registration of filesystem-dax vmas". The dax_layout_busy_page() routine is called by filesystems with a lock held against mm faults (i_mmap_lock) to find pinned / busy dax pages. The process of looking up a busy page invalidates all mappings to trigger any subsequent get_user_pages() to block on i_mmap_lock. The filesystem continues to call dax_layout_busy_page() until it finally returns no more active pages. This approach assumes that the page pinning is transient, if that assumption is violated the system would have likely hung from the uncompleted I/O. --- Dan Williams (7): memremap: split devm_memremap_pages() and memremap() infrastructure mm: introduce MEMORY_DEVICE_FS_DAX and CONFIG_DEV_PAGEMAP_OPS mm: fix __gup_device_huge vs unmap mm, fs, dax: handle layout changes to pinned dax mappings xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL xfs: prepare xfs_break_layouts() for another layout type xfs, dax: introduce xfs_break_dax_layouts() drivers/dax/super.c | 14 ++- drivers/nvdimm/pfn_devs.c | 2 drivers/nvdimm/pmem.c | 25 +++++ fs/Kconfig | 1 fs/dax.c | 97 +++++++++++++++++++++ fs/xfs/xfs_file.c | 72 ++++++++++++++-- fs/xfs/xfs_inode.h | 16 +++ fs/xfs/xfs_ioctl.c | 8 -- fs/xfs/xfs_iops.c | 16 ++- fs/xfs/xfs_pnfs.c | 15 ++- fs/xfs/xfs_pnfs.h | 5 + include/linux/dax.h | 7 ++ include/linux/memremap.h | 36 ++------ include/linux/mm.h | 71 +++++++++++---- kernel/Makefile | 3 - kernel/iomem.c | 167 ++++++++++++++++++++++++++++++++++++ kernel/memremap.c | 209 ++++++--------------------------------------- mm/Kconfig | 5 + mm/gup.c | 36 ++++++-- mm/hmm.c | 13 --- mm/swap.c | 3 - 21 files changed, 542 insertions(+), 279 deletions(-) create mode 100644 kernel/iomem.c

7 years, 5 months

2
3
0 0

+ mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm: fix devmem_is_allowed() for sub-page System RAM intersections has been added to the -mm tree. Its filename is mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-fix-devmem_is_allowed-for-sub-p… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-fix-devmem_is_allowed-for-sub-p… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Dan Williams <dan.j.williams(a)intel.com> Subject: mm: fix devmem_is_allowed() for sub-page System RAM intersections Hussam reports: I was poking around and for no real reason, I did cat /dev/mem and strings /dev/mem. Then I saw the following warning in dmesg. I saved it and rebooted immediately. memremap attempted on mixed range 0x000000000009c000 size: 0x1000 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 11810 at kernel/memremap.c:98 memremap+0x104/0x170 [..] Call Trace: xlate_dev_mem_ptr+0x25/0x40 read_mem+0x89/0x1a0 __vfs_read+0x36/0x170 The memremap() implementation checks for attempts to remap System RAM with MEMREMAP_WB and instead redirects those mapping attempts to the linear map. However, that only works if the physical address range being remapped is page aligned. In low memory we have situations like the following: 00000000-00000fff : Reserved 00001000-0009fbff : System RAM 0009fc00-0009ffff : Reserved ...where System RAM intersects Reserved ranges on a sub-page page granularity. Given that devmem_is_allowed() special cases any attempt to map System RAM in the first 1MB of memory, replace page_is_ram() with the more precise region_intersects() to trap attempts to map disallowed ranges. Link: https://bugzilla.kernel.org/show_bug.cgi?id=199999 Link: http://lkml.kernel.org/r/152856436164.18127.2847888121707136898.stgit@dwill… Fixes: 92281dee825f ("arch: introduce memremap()") Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> Reported-by: Hussam Al-Tayeb <me(a)hussam.eu.org> Tested-by: Hussam Al-Tayeb <me(a)hussam.eu.org> Cc: <stable(a)vger.kernel.org> Cc: Christoph Hellwig <hch(a)lst.de> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- arch/x86/mm/init.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff -puN arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections arch/x86/mm/init.c --- a/arch/x86/mm/init.c~mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections +++ a/arch/x86/mm/init.c @@ -706,7 +706,9 @@ void __init init_mem_mapping(void) */ int devmem_is_allowed(unsigned long pagenr) { - if (page_is_ram(pagenr)) { + if (region_intersects(PFN_PHYS(pagenr), PAGE_SIZE, + IORESOURCE_SYSTEM_RAM, IORES_DESC_NONE) + != REGION_DISJOINT) { /* * For disallowed memory regions in the low 1MB range, * request that the page be shown as all zeros. _ Patches currently in -mm which might be from dan.j.williams(a)intel.com are mm-fix-devmem_is_allowed-for-sub-page-system-ram-intersections.patch mm-devm_memremap_pages-mark-devm_memremap_pages-export_symbol_gpl.patch mm-devm_memremap_pages-handle-errors-allocating-final-devres-action.patch mm-hmm-use-devm-semantics-for-hmm_devmem_add-remove.patch mm-hmm-replace-hmm_devmem_pages_create-with-devm_memremap_pages.patch mm-hmm-mark-hmm_devmem_add-add_resource-export_symbol_gpl.patch

7 years, 5 months

1
0
0 0

[PATCH] ubifs: Fix synced_i_size calculation for xattr inodes

by Richard Weinberger

In ubifs_jnl_update() we sync parent and child inodes to the flash, in case of xattrs, the parent inode (AKA host inode) has a non-zero data_len. Therefore we need to adjust synced_i_size too. This issue was reported by ubifs self tests unter a xattr related work load. UBIFS error (ubi0:0 pid 1896): dbg_check_synced_i_size: ui_size is 4, synced_i_size is 0, but inode is clean UBIFS error (ubi0:0 pid 1896): dbg_check_synced_i_size: i_ino 65, i_mode 0x81a4, i_size 4 Cc: <stable(a)vger.kernel.org> Fixes: 1e51764a3c2a ("UBIFS: add new flash file system") Signed-off-by: Richard Weinberger <richard(a)nod.at> --- fs/ubifs/journal.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/fs/ubifs/journal.c b/fs/ubifs/journal.c index 04c4ec6483e5..1fb123279bb5 100644 --- a/fs/ubifs/journal.c +++ b/fs/ubifs/journal.c @@ -665,6 +665,11 @@ int ubifs_jnl_update(struct ubifs_info *c, const struct inode *dir, spin_lock(&ui->ui_lock); ui->synced_i_size = ui->ui_size; spin_unlock(&ui->ui_lock); + if (xent) { + spin_lock(&host_ui->ui_lock); + host_ui->synced_i_size = host_ui->ui_size; + spin_unlock(&host_ui->ui_lock); + } mark_inode_clean(c, ui); mark_inode_clean(c, host_ui); return 0; -- 2.13.6

7 years, 5 months

1
0
0 0

[PATCH] ubifs: Fix directory size calculation for symlinks

by Richard Weinberger

We have to account the name of the symlink and not the target length. Fixes: ca7f85be8d6c ("ubifs: Add support for encrypted symlinks") Cc: <stable(a)vger.kernel.org> Signed-off-by: Richard Weinberger <richard(a)nod.at> --- fs/ubifs/dir.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c index 4e267cc21c77..5c0d9a89663d 100644 --- a/fs/ubifs/dir.c +++ b/fs/ubifs/dir.c @@ -1123,8 +1123,7 @@ static int ubifs_symlink(struct inode *dir, struct dentry *dentry, struct ubifs_inode *ui; struct ubifs_inode *dir_ui = ubifs_inode(dir); struct ubifs_info *c = dir->i_sb->s_fs_info; - int err, len = strlen(symname); - int sz_change = CALC_DENT_SIZE(len); + int err, sz_change, len = strlen(symname); struct fscrypt_str disk_link; struct ubifs_budget_req req = { .new_ino = 1, .new_dent = 1, .new_ino_d = ALIGN(len, 8), @@ -1151,6 +1150,8 @@ static int ubifs_symlink(struct inode *dir, struct dentry *dentry, if (err) goto out_budg; + sz_change = CALC_DENT_SIZE(fname_len(&nm)); + inode = ubifs_new_inode(c, dir, S_IFLNK | S_IRWXUGO); if (IS_ERR(inode)) { err = PTR_ERR(inode); -- 2.13.6

7 years, 5 months

1
0
0 0

Regression: x86/tsc: Fix mark_tsc_unstable()

by Jeremy Cline

Hi folks, A few Fedora users have reported[0] a regression starting in v4.16.8 where the boot will hang ~1/3 of the time with the following RCU stall warning: INFO: rcu_sched detected stalls on CPUs/tasks: o1-...!: (0 ticks this GP) idle=688/0/0 softirq=171/171 fqs=0 o(detected by 0, t=60002 jiffies, g=-142, c=-143, q=9) Sending NMI from CPU 0 to CPU 1: NMI backtrace for cpu 1 skipped: idling at acpi_processor_ffh_cstate_enter+0x65/0xb0 rcu_sched kthread starved for 60002 jiffies! g18446744073709551474 c1844674407370955143 f0x0 RCU_GP_WAIT_FQS(3) ->state=0x402 -> cpu=1 RCU grace-period kthread stack dump: rcu_sched I 0 9 2 0x80000000 Call Trace: ? __schedule+0x234/0x850 schedule+0x28/0x80 schedule_timeout+0x166/0x380 ? __next_timer_interrupt+0xc0/0xc0 rcu_gp_kthread+0x368/0x830 ? rcu_process_callbacks+0x4f0/0x4f0 kthread+0x112/0x130 ? kthread_create_worker_on_cpu+0x70/0x70 ret_from_fork+0x35/0x40 A user has bisected the problem to the v4.16 commit 1ab4ca7c59d4 ("x86/tsc: Fix mark_tsc_unstable()"). According to the reporter, explicitly setting "tsc=" on the kernel command line causes the boot to always succeed. All the users have Thinkpad T500s or T400s (Core 2 Duos) [0] https://bugzilla.redhat.com/show_bug.cgi?id=1579925 Thanks, Jeremy

7 years, 5 months

3
8
0 0

[PATCH 4.17 00/15] 4.17.1-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.17.1 release. There are 15 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon Jun 11 14:59:48 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.17.1-rc1… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.17.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.17.1-rc1 Dexuan Cui <decui(a)microsoft.com> PCI: hv: Do not wait forever on a device that has disappeared Sabrina Dubroca <sd(a)queasysnail.net> ipmr: fix error path when ipmr_new_table fails Arun Parameswaran <arun.parameswaran(a)broadcom.com> net: dsa: b53: Fix for brcm tag issue in Cygnus SoC Stephen Suryaputra <ssuryaextr(a)gmail.com> vrf: check the original netdevice for generating redirect Dan Carpenter <dan.carpenter(a)oracle.com> team: use netdev_features_t instead of u32 Xin Long <lucien.xin(a)gmail.com> sctp: not allow transport timeout value less than HZ/5 for hb_timer Eric Dumazet <edumazet(a)google.com> rtnetlink: validate attributes in do_setlink() Eric Dumazet <edumazet(a)google.com> net/packet: refine check for priv area size Eric Dumazet <edumazet(a)google.com> net: metrics: add proper netlink validation Cong Wang <xiyou.wangcong(a)gmail.com> netdev-FAQ: clarify DaveM's position for stable backports Guillaume Nault <g.nault(a)alphalink.fr> l2tp: fix refcount leakage on PPPoL2TP sockets Michal Kubecek <mkubecek(a)suse.cz> ipv6: omit traffic class when calculating flow hash Sabrina Dubroca <sd(a)queasysnail.net> ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Julia Lawall <Julia.Lawall(a)lip6.fr> bnx2x: use the right constant Jason A. Donenfeld <Jason(a)zx2c4.com> netfilter: nf_flow_table: attach dst to skbs ------------- Diffstat: Documentation/networking/netdev-FAQ.txt | 9 +++++ Makefile | 4 +-- drivers/net/dsa/b53/b53_common.c | 15 +++++++- drivers/net/dsa/b53/b53_priv.h | 2 ++ drivers/net/dsa/b53/b53_srab.c | 4 +-- drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +- drivers/net/team/team.c | 3 +- drivers/pci/host/pci-hyperv.c | 46 +++++++++++++++++------- include/linux/mroute_base.h | 10 ------ include/net/ipv6.h | 5 +++ net/core/flow_dissector.c | 2 +- net/core/rtnetlink.c | 8 ++--- net/ipv4/fib_semantics.c | 4 +++ net/ipv4/ipmr_base.c | 8 +++-- net/ipv4/netfilter/nf_flow_table_ipv4.c | 5 +-- net/ipv6/ip6_output.c | 3 +- net/ipv6/ip6mr.c | 21 +++++++---- net/ipv6/ndisc.c | 6 ++++ net/ipv6/netfilter/nf_flow_table_ipv6.c | 1 + net/ipv6/route.c | 4 +-- net/l2tp/l2tp_ppp.c | 35 +++++++++--------- net/packet/af_packet.c | 2 +- net/sctp/transport.c | 2 +- 23 files changed, 132 insertions(+), 69 deletions(-)

7 years, 5 months

4
20
0 0

[PATCH 4.14 00/41] 4.14.49-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.49 release. There are 41 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon Jun 11 15:29:07 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.49-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.49-rc1 Dexuan Cui <decui(a)microsoft.com> PCI: hv: Do not wait forever on a device that has disappeared Paul Blakey <paulb(a)mellanox.com> cls_flower: Fix incorrect idr release when failing to modify rule Eric Dumazet <edumazet(a)google.com> rtnetlink: validate attributes in do_setlink() Jason Wang <jasowang(a)redhat.com> virtio-net: fix leaking page for gso packet during mergeable XDP Eran Ben Elisha <eranbe(a)mellanox.com> net/mlx5e: When RXFCS is set, add FCS data into checksum calculation Jason Wang <jasowang(a)redhat.com> virtio-net: correctly check num_buf during err path Toshiaki Makita <makita.toshiaki(a)lab.ntt.co.jp> tun: Fix NULL pointer dereference in XDP redirect Jack Morgenstein <jackm(a)dev.mellanox.co.il> net/mlx4: Fix irq-unsafe spinlock usage Jason Wang <jasowang(a)redhat.com> virtio-net: correctly transmit XDP buff after linearizing Alexander Duyck <alexander.h.duyck(a)intel.com> net-sysfs: Fix memory leak in XPS configuration Florian Fainelli <f.fainelli(a)gmail.com> net: phy: broadcom: Fix auxiliary control register reads Mathieu Xhonneux <m.xhonneux(a)gmail.com> ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline Stephen Suryaputra <ssuryaextr(a)gmail.com> vrf: check the original netdevice for generating redirect Jason Wang <jasowang(a)redhat.com> vhost: synchronize IOTLB message with dev cleanup Dan Carpenter <dan.carpenter(a)oracle.com> team: use netdev_features_t instead of u32 Xin Long <lucien.xin(a)gmail.com> sctp: not allow transport timeout value less than HZ/5 for hb_timer Shahed Shaikh <shahed.shaikh(a)cavium.com> qed: Fix mask for physical address in ILT entry Willem de Bruijn <willemb(a)google.com> packet: fix reserve calculation Daniele Palmas <dnlplm(a)gmail.com> net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Florian Fainelli <f.fainelli(a)gmail.com> net: phy: broadcom: Fix bcm_write_exp() Eric Dumazet <edumazet(a)google.com> net/packet: refine check for priv area size Eric Dumazet <edumazet(a)google.com> net: metrics: add proper netlink validation Roopa Prabhu <roopa(a)cumulusnetworks.com> net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy Cong Wang <xiyou.wangcong(a)gmail.com> netdev-FAQ: clarify DaveM's position for stable backports Kirill Tkhai <ktkhai(a)virtuozzo.com> kcm: Fix use-after-free caused by clonned sockets Wenwen Wang <wang6495(a)umn.edu> isdn: eicon: fix a missing-check bug Michal Kubecek <mkubecek(a)suse.cz> ipv6: omit traffic class when calculating flow hash Willem de Bruijn <willemb(a)google.com> ipv4: remove warning in ip_recv_error Eric Dumazet <edumazet(a)google.com> ipmr: properly check rhltable_init() return value Nicolas Dichtel <nicolas.dichtel(a)6wind.com> ip6_tunnel: remove magic mtu value 0xFFF8 Sabrina Dubroca <sd(a)queasysnail.net> ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Govindarajulu Varadarajan <gvaradar(a)cisco.com> enic: set DMA mask to 47 bit Alexey Kodanev <alexey.kodanev(a)oracle.com> dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() Julia Lawall <Julia.Lawall(a)lip6.fr> bnx2x: use the right constant Suresh Reddy <suresh.reddy(a)broadcom.com> be2net: Fix error detection logic for BE3 Nathan Chancellor <natechancellor(a)gmail.com> kconfig: Avoid format overflow warning from GCC 8.1 Anand Jain <Anand.Jain(a)oracle.com> btrfs: define SUPER_FLAG_METADUMP_V2 Linus Torvalds <torvalds(a)linux-foundation.org> mmap: relax file size limit for regular files Linus Torvalds <torvalds(a)linux-foundation.org> mmap: introduce sane default mmap limits Bart Van Assche <bart.vanassche(a)wdc.com> scsi: sd_zbc: Avoid that resetting a zone fails sporadically Damien Le Moal <damien.lemoal(a)wdc.com> scsi: sd_zbc: Fix potential memory leak ------------- Diffstat: Documentation/networking/netdev-FAQ.txt | 9 ++ Makefile | 4 +- drivers/isdn/hardware/eicon/diva.c | 22 ++-- drivers/isdn/hardware/eicon/diva.h | 5 +- drivers/isdn/hardware/eicon/divasmain.c | 18 ++-- drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +- drivers/net/ethernet/cisco/enic/enic_main.c | 8 +- drivers/net/ethernet/emulex/benet/be_main.c | 4 +- drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +- drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 42 ++++++++ drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 +- drivers/net/phy/bcm-cygnus.c | 6 +- drivers/net/phy/bcm-phy-lib.c | 2 +- drivers/net/phy/bcm-phy-lib.h | 7 ++ drivers/net/phy/bcm7xxx.c | 4 +- drivers/net/team/team.c | 3 +- drivers/net/tun.c | 15 +-- drivers/net/usb/cdc_mbim.c | 2 +- drivers/net/virtio_net.c | 19 ++-- drivers/pci/host/pci-hyperv.c | 46 +++++--- drivers/scsi/sd_zbc.c | 128 ++++++++++++++--------- drivers/vhost/vhost.c | 3 + fs/btrfs/disk-io.c | 3 +- include/net/ipv6.h | 5 + include/uapi/linux/btrfs_tree.h | 1 + mm/mmap.c | 32 ++++++ net/core/flow_dissector.c | 2 +- net/core/net-sysfs.c | 6 +- net/core/rtnetlink.c | 8 +- net/dccp/proto.c | 2 - net/ipv4/fib_frontend.c | 1 + net/ipv4/fib_semantics.c | 4 + net/ipv4/ip_sockglue.c | 2 - net/ipv4/ipmr.c | 7 +- net/ipv6/ip6_output.c | 3 +- net/ipv6/ip6_tunnel.c | 11 +- net/ipv6/ip6mr.c | 3 +- net/ipv6/ndisc.c | 6 ++ net/ipv6/route.c | 2 +- net/ipv6/seg6_iptunnel.c | 4 +- net/ipv6/sit.c | 5 +- net/kcm/kcmsock.c | 2 +- net/packet/af_packet.c | 4 +- net/sched/cls_flower.c | 2 +- net/sctp/transport.c | 2 +- scripts/kconfig/confdata.c | 2 +- 46 files changed, 329 insertions(+), 145 deletions(-)

7 years, 5 months

4
42
0 0

[PATCH 4.16 00/48] 4.16.15-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.16.15 release. There are 48 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon Jun 11 14:59:28 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.16.15-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.16.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.16.15-rc1 Dexuan Cui <decui(a)microsoft.com> PCI: hv: Do not wait forever on a device that has disappeared Jason Wang <jasowang(a)redhat.com> vhost_net: flush batched heads before trying to busy polling Ard Biesheuvel <ard.biesheuvel(a)linaro.org> net: netsec: reduce DMA mask to 40 bits Nicolas Dichtel <nicolas.dichtel(a)6wind.com> ip_tunnel: restore binding to ifaces with a large mtu Jason Wang <jasowang(a)redhat.com> virtio-net: correctly redirect linearized packet Or Gerlitz <ogerlitz(a)mellanox.com> net : sched: cls_api: deal with egdev path only if needed Arun Parameswaran <arun.parameswaran(a)broadcom.com> net: dsa: b53: Fix for brcm tag issue in Cygnus SoC Jason Wang <jasowang(a)redhat.com> virtio-net: correctly check num_buf during err path Toshiaki Makita <makita.toshiaki(a)lab.ntt.co.jp> tun: Fix NULL pointer dereference in XDP redirect Eran Ben Elisha <eranbe(a)mellanox.com> net/mlx5e: When RXFCS is set, add FCS data into checksum calculation Jack Morgenstein <jackm(a)dev.mellanox.co.il> net/mlx4: Fix irq-unsafe spinlock usage Jason Wang <jasowang(a)redhat.com> virtio-net: fix leaking page for gso packet during mergeable XDP Jason Wang <jasowang(a)redhat.com> virtio-net: correctly transmit XDP buff after linearizing Alexander Duyck <alexander.h.duyck(a)intel.com> net-sysfs: Fix memory leak in XPS configuration Florian Fainelli <f.fainelli(a)gmail.com> net: phy: broadcom: Fix auxiliary control register reads Mathieu Xhonneux <m.xhonneux(a)gmail.com> ipv6: sr: fix memory OOB access in seg6_do_srh_encap/inline Stephen Suryaputra <ssuryaextr(a)gmail.com> vrf: check the original netdevice for generating redirect Jason Wang <jasowang(a)redhat.com> vhost: synchronize IOTLB message with dev cleanup Dan Carpenter <dan.carpenter(a)oracle.com> team: use netdev_features_t instead of u32 Xin Long <lucien.xin(a)gmail.com> sctp: not allow transport timeout value less than HZ/5 for hb_timer Eric Dumazet <edumazet(a)google.com> rtnetlink: validate attributes in do_setlink() Shahed Shaikh <shahed.shaikh(a)cavium.com> qed: Fix mask for physical address in ILT entry Willem de Bruijn <willemb(a)google.com> packet: fix reserve calculation Daniele Palmas <dnlplm(a)gmail.com> net: usb: cdc_mbim: add flag FLAG_SEND_ZLP Florian Fainelli <f.fainelli(a)gmail.com> net: phy: broadcom: Fix bcm_write_exp() Eric Dumazet <edumazet(a)google.com> net/packet: refine check for priv area size Eric Dumazet <edumazet(a)google.com> net: metrics: add proper netlink validation Roopa Prabhu <roopa(a)cumulusnetworks.com> net: ipv4: add missing RTA_TABLE to rtm_ipv4_policy Dan Carpenter <dan.carpenter(a)oracle.com> net: ethernet: davinci_emac: fix error handling in probe() Cong Wang <xiyou.wangcong(a)gmail.com> netdev-FAQ: clarify DaveM's position for stable backports Petr Machata <petrm(a)mellanox.com> mlxsw: spectrum: Forbid creation of VLAN 1 over port/LAG Guillaume Nault <g.nault(a)alphalink.fr> l2tp: fix refcount leakage on PPPoL2TP sockets Kirill Tkhai <ktkhai(a)virtuozzo.com> kcm: Fix use-after-free caused by clonned sockets Wenwen Wang <wang6495(a)umn.edu> isdn: eicon: fix a missing-check bug Michal Kubecek <mkubecek(a)suse.cz> ipv6: omit traffic class when calculating flow hash Willem de Bruijn <willemb(a)google.com> ipv4: remove warning in ip_recv_error Eric Dumazet <edumazet(a)google.com> ipmr: properly check rhltable_init() return value Nicolas Dichtel <nicolas.dichtel(a)6wind.com> ip6_tunnel: remove magic mtu value 0xFFF8 Sabrina Dubroca <sd(a)queasysnail.net> ip6mr: only set ip6mr_table from setsockopt when ip6mr_new_table succeeds Govindarajulu Varadarajan <gvaradar(a)cisco.com> enic: set DMA mask to 47 bit Alexey Kodanev <alexey.kodanev(a)oracle.com> dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect() Paul Blakey <paulb(a)mellanox.com> cls_flower: Fix incorrect idr release when failing to modify rule Julia Lawall <Julia.Lawall(a)lip6.fr> bnx2x: use the right constant Suresh Reddy <suresh.reddy(a)broadcom.com> be2net: Fix error detection logic for BE3 Nathan Chancellor <natechancellor(a)gmail.com> kconfig: Avoid format overflow warning from GCC 8.1 Jason A. Donenfeld <Jason(a)zx2c4.com> netfilter: nf_flow_table: attach dst to skbs Linus Torvalds <torvalds(a)linux-foundation.org> mmap: relax file size limit for regular files Linus Torvalds <torvalds(a)linux-foundation.org> mmap: introduce sane default mmap limits ------------- Diffstat: Documentation/networking/netdev-FAQ.txt | 9 +++++ Makefile | 4 +-- drivers/isdn/hardware/eicon/diva.c | 22 ++++++++---- drivers/isdn/hardware/eicon/diva.h | 5 +-- drivers/isdn/hardware/eicon/divasmain.c | 18 ++++++---- drivers/net/dsa/b53/b53_common.c | 15 +++++++- drivers/net/dsa/b53/b53_priv.h | 2 ++ drivers/net/dsa/b53/b53_srab.c | 4 +-- drivers/net/ethernet/broadcom/bnx2x/bnx2x_link.c | 2 +- drivers/net/ethernet/cisco/enic/enic_main.c | 8 ++--- drivers/net/ethernet/emulex/benet/be_main.c | 4 ++- drivers/net/ethernet/mellanox/mlx4/qp.c | 4 +-- drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 42 ++++++++++++++++++++++ drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 5 +++ drivers/net/ethernet/qlogic/qed/qed_cxt.c | 2 +- drivers/net/ethernet/socionext/netsec.c | 4 +-- drivers/net/ethernet/ti/davinci_emac.c | 22 ++++++------ drivers/net/phy/bcm-cygnus.c | 6 ++-- drivers/net/phy/bcm-phy-lib.c | 2 +- drivers/net/phy/bcm-phy-lib.h | 7 ++++ drivers/net/phy/bcm7xxx.c | 4 +-- drivers/net/team/team.c | 3 +- drivers/net/tun.c | 15 ++++---- drivers/net/usb/cdc_mbim.c | 2 +- drivers/net/virtio_net.c | 21 ++++++----- drivers/pci/host/pci-hyperv.c | 46 +++++++++++++++++------- drivers/vhost/net.c | 37 ++++++++++++------- drivers/vhost/vhost.c | 3 ++ include/net/ipv6.h | 5 +++ mm/mmap.c | 32 +++++++++++++++++ net/core/flow_dissector.c | 2 +- net/core/net-sysfs.c | 6 ++-- net/core/rtnetlink.c | 8 ++--- net/dccp/proto.c | 2 -- net/ipv4/fib_frontend.c | 1 + net/ipv4/fib_semantics.c | 4 +++ net/ipv4/ip_sockglue.c | 2 -- net/ipv4/ip_tunnel.c | 8 ++--- net/ipv4/ipmr.c | 7 +++- net/ipv4/netfilter/nf_flow_table_ipv4.c | 5 +-- net/ipv6/ip6_output.c | 3 +- net/ipv6/ip6_tunnel.c | 11 ++++-- net/ipv6/ip6mr.c | 3 +- net/ipv6/ndisc.c | 6 ++++ net/ipv6/netfilter/nf_flow_table_ipv6.c | 1 + net/ipv6/route.c | 2 +- net/ipv6/seg6_iptunnel.c | 4 +-- net/ipv6/sit.c | 5 +-- net/kcm/kcmsock.c | 2 +- net/l2tp/l2tp_ppp.c | 35 +++++++++--------- net/packet/af_packet.c | 4 +-- net/sched/cls_api.c | 2 +- net/sched/cls_flower.c | 2 +- net/sctp/transport.c | 2 +- scripts/kconfig/confdata.c | 2 +- 55 files changed, 338 insertions(+), 146 deletions(-)

7 years, 5 months

4
50
0 0

[net 5/5] ixgbe: Fix bit definitions and add support for testing for ipsec support

by Jeff Kirsher

From: Alexander Duyck <alexander.h.duyck(a)intel.com> This patch addresses two issues. First it adds the correct bit definitions for the SECTXSTAT and SECRXSTAT registers. Then it makes use of those definitions to test for if IPsec has been disabled on the part and if so we do not enable it. CC: stable <stable(a)vger.kernel.org> Signed-off-by: Alexander Duyck <alexander.h.duyck(a)intel.com> Reported-by: Andre Tomt <andre(a)tomt.net> Acked-by: Shannon Nelson <shannon.nelson(a)oracle.com> Tested-by: Andrew Bowers <andrewx.bowers(a)intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher(a)intel.com> --- drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c | 14 +++++++++++++- drivers/net/ethernet/intel/ixgbe/ixgbe_type.h | 6 ++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c index 7b23fb0c2d07..c116f459945d 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c @@ -975,10 +975,22 @@ void ixgbe_ipsec_rx(struct ixgbe_ring *rx_ring, **/ void ixgbe_init_ipsec_offload(struct ixgbe_adapter *adapter) { + struct ixgbe_hw *hw = &adapter->hw; struct ixgbe_ipsec *ipsec; + u32 t_dis, r_dis; size_t size; - if (adapter->hw.mac.type == ixgbe_mac_82598EB) + if (hw->mac.type == ixgbe_mac_82598EB) + return; + + /* If there is no support for either Tx or Rx offload + * we should not be advertising support for IPsec. + */ + t_dis = IXGBE_READ_REG(hw, IXGBE_SECTXSTAT) & + IXGBE_SECTXSTAT_SECTX_OFF_DIS; + r_dis = IXGBE_READ_REG(hw, IXGBE_SECRXSTAT) & + IXGBE_SECRXSTAT_SECRX_OFF_DIS; + if (t_dis || r_dis) return; ipsec = kzalloc(sizeof(*ipsec), GFP_KERNEL); diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_type.h b/drivers/net/ethernet/intel/ixgbe/ixgbe_type.h index e8ed37749ab1..44cfb2021145 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_type.h +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_type.h @@ -599,13 +599,15 @@ struct ixgbe_nvm_version { #define IXGBE_SECTXCTRL_STORE_FORWARD 0x00000004 #define IXGBE_SECTXSTAT_SECTX_RDY 0x00000001 -#define IXGBE_SECTXSTAT_ECC_TXERR 0x00000002 +#define IXGBE_SECTXSTAT_SECTX_OFF_DIS 0x00000002 +#define IXGBE_SECTXSTAT_ECC_TXERR 0x00000004 #define IXGBE_SECRXCTRL_SECRX_DIS 0x00000001 #define IXGBE_SECRXCTRL_RX_DIS 0x00000002 #define IXGBE_SECRXSTAT_SECRX_RDY 0x00000001 -#define IXGBE_SECRXSTAT_ECC_RXERR 0x00000002 +#define IXGBE_SECRXSTAT_SECRX_OFF_DIS 0x00000002 +#define IXGBE_SECRXSTAT_ECC_RXERR 0x00000004 /* LinkSec (MacSec) Registers */ #define IXGBE_LSECTXCAP 0x08A00 -- 2.17.1

7 years, 5 months

1
0
0 0

[net 4/5] ixgbe: Avoid loopback and fix boolean logic in ipsec_stop_data

by Jeff Kirsher

From: Alexander Duyck <alexander.h.duyck(a)intel.com> This patch fixes two issues. First we add an early test for the Tx and Rx security block ready bits. By doing this we can avoid the need for waits or loopback in the event that the security block is already flushed out. Secondly we fix the boolean logic that was testing for the Tx OR Rx ready bits being set and change it so that we only exit if the Tx AND Rx ready bits are both set. CC: stable <stable(a)vger.kernel.org> Signed-off-by: Alexander Duyck <alexander.h.duyck(a)intel.com> Acked-by: Shannon Nelson <shannon.nelson(a)oracle.com> Tested-by: Andrew Bowers <andrewx.bowers(a)intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher(a)intel.com> --- drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c index 38d8cf75e9ad..7b23fb0c2d07 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c @@ -158,7 +158,16 @@ static void ixgbe_ipsec_stop_data(struct ixgbe_adapter *adapter) reg |= IXGBE_SECRXCTRL_RX_DIS; IXGBE_WRITE_REG(hw, IXGBE_SECRXCTRL, reg); - IXGBE_WRITE_FLUSH(hw); + /* If both Tx and Rx are ready there are no packets + * that we need to flush so the loopback configuration + * below is not necessary. + */ + t_rdy = IXGBE_READ_REG(hw, IXGBE_SECTXSTAT) & + IXGBE_SECTXSTAT_SECTX_RDY; + r_rdy = IXGBE_READ_REG(hw, IXGBE_SECRXSTAT) & + IXGBE_SECRXSTAT_SECRX_RDY; + if (t_rdy && r_rdy) + return; /* If the tx fifo doesn't have link, but still has data, * we can't clear the tx sec block. Set the MAC loopback @@ -185,7 +194,7 @@ static void ixgbe_ipsec_stop_data(struct ixgbe_adapter *adapter) IXGBE_SECTXSTAT_SECTX_RDY; r_rdy = IXGBE_READ_REG(hw, IXGBE_SECRXSTAT) & IXGBE_SECRXSTAT_SECRX_RDY; - } while (!t_rdy && !r_rdy && limit--); + } while (!(t_rdy && r_rdy) && limit--); /* undo loopback if we played with it earlier */ if (!link) { -- 2.17.1

7 years, 5 months

1
0
0 0

[net 3/5] ixgbe: Move ipsec init function to before reset call

by Jeff Kirsher

From: Alexander Duyck <alexander.h.duyck(a)intel.com> This patch moves the IPsec init function in ixgbe_sw_init. This way it is a bit more consistent with the placement of similar initialization functions and is placed before the reset_hw call which should allow us to clean up any link issues that may be introduced by the fact that we force the link up if somehow the device had IPsec still enabled before the driver was loaded. In addition to the function move it is necessary to change the assignment of netdev->features. The easiest way to do this is to just test for the existence of adapter->ipsec and if it is present we set the feature bits. CC: stable <stable(a)vger.kernel.org> Fixes: 49a94d74d948 ("ixgbe: add ipsec engine start and stop routines") Reported-by: Andre Tomt <andre(a)tomt.net> Signed-off-by: Alexander Duyck <alexander.h.duyck(a)intel.com> Acked-by: Shannon Nelson <shannon.nelson(a)oracle.com> Tested-by: Andrew Bowers <andrewx.bowers(a)intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher(a)intel.com> --- drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c | 7 ------- drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 11 +++++++++-- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c index 344a1f213a5f..38d8cf75e9ad 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c @@ -1001,13 +1001,6 @@ void ixgbe_init_ipsec_offload(struct ixgbe_adapter *adapter) adapter->netdev->xfrmdev_ops = &ixgbe_xfrmdev_ops; -#define IXGBE_ESP_FEATURES (NETIF_F_HW_ESP | \ - NETIF_F_HW_ESP_TX_CSUM | \ - NETIF_F_GSO_ESP) - - adapter->netdev->features |= IXGBE_ESP_FEATURES; - adapter->netdev->hw_enc_features |= IXGBE_ESP_FEATURES; - return; err2: diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c index a925f05ec342..8d061af276d3 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c @@ -6117,6 +6117,7 @@ static int ixgbe_sw_init(struct ixgbe_adapter *adapter, #ifdef CONFIG_IXGBE_DCB ixgbe_init_dcb(adapter); #endif + ixgbe_init_ipsec_offload(adapter); /* default flow control settings */ hw->fc.requested_mode = ixgbe_fc_full; @@ -10429,6 +10430,14 @@ static int ixgbe_probe(struct pci_dev *pdev, const struct pci_device_id *ent) if (hw->mac.type >= ixgbe_mac_82599EB) netdev->features |= NETIF_F_SCTP_CRC; +#ifdef CONFIG_XFRM_OFFLOAD +#define IXGBE_ESP_FEATURES (NETIF_F_HW_ESP | \ + NETIF_F_HW_ESP_TX_CSUM | \ + NETIF_F_GSO_ESP) + + if (adapter->ipsec) + netdev->features |= IXGBE_ESP_FEATURES; +#endif /* copy netdev features into list of user selectable features */ netdev->hw_features |= netdev->features | NETIF_F_HW_VLAN_CTAG_FILTER | @@ -10491,8 +10500,6 @@ static int ixgbe_probe(struct pci_dev *pdev, const struct pci_device_id *ent) NETIF_F_FCOE_MTU; } #endif /* IXGBE_FCOE */ - ixgbe_init_ipsec_offload(adapter); - if (adapter->flags2 & IXGBE_FLAG2_RSC_CAPABLE) netdev->hw_features |= NETIF_F_LRO; if (adapter->flags2 & IXGBE_FLAG2_RSC_ENABLED) -- 2.17.1

7 years, 5 months

1
0
0 0

[net 2/5] ixgbe: Use CONFIG_XFRM_OFFLOAD instead of CONFIG_XFRM

by Jeff Kirsher

From: Alexander Duyck <alexander.h.duyck(a)intel.com> There is no point in adding code if CONFIG_XFRM is defined that we won't use unless CONFIG_XFRM_OFFLOAD is defined. So instead of leaving this code floating around I am replacing the ifdef with what I believe is the correct one so that we only include the code and variables if they will actually be used. CC: stable <stable(a)vger.kernel.org> Signed-off-by: Alexander Duyck <alexander.h.duyck(a)intel.com> Acked-by: Shannon Nelson <shannon.nelson(a)oracle.com> Tested-by: Andrew Bowers <andrewx.bowers(a)intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher(a)intel.com> --- drivers/net/ethernet/intel/ixgbe/ixgbe.h | 4 ++-- drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe.h b/drivers/net/ethernet/intel/ixgbe/ixgbe.h index fc534e91c6b2..144d5fe6b944 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe.h +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe.h @@ -760,9 +760,9 @@ struct ixgbe_adapter { #define IXGBE_RSS_KEY_SIZE 40 /* size of RSS Hash Key in bytes */ u32 *rss_key; -#ifdef CONFIG_XFRM +#ifdef CONFIG_XFRM_OFFLOAD struct ixgbe_ipsec *ipsec; -#endif /* CONFIG_XFRM */ +#endif /* CONFIG_XFRM_OFFLOAD */ }; static inline u8 ixgbe_max_rss_indices(struct ixgbe_adapter *adapter) diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c index f9e0dc041cfb..a925f05ec342 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c @@ -9896,7 +9896,7 @@ ixgbe_features_check(struct sk_buff *skb, struct net_device *dev, * the TSO, so it's the exception. */ if (skb->encapsulation && !(features & NETIF_F_TSO_MANGLEID)) { -#ifdef CONFIG_XFRM +#ifdef CONFIG_XFRM_OFFLOAD if (!skb->sp) #endif features &= ~NETIF_F_TSO; -- 2.17.1

7 years, 5 months

1
0
0 0

[net 1/5] ixgbe: Fix setting of TC configuration for macvlan case

by Jeff Kirsher

From: Alexander Duyck <alexander.h.duyck(a)intel.com> When we were enabling macvlan interfaces we weren't correctly configuring things until ixgbe_setup_tc was called a second time either by tweaking the number of queues or increasing the macvlan count past 15. The issue came down to the fact that num_rx_pools is not populated until after the queues and interrupts are reinitialized. Instead of trying to set it sooner we can just move the call to setup at least 1 traffic class to the SR-IOV/VMDq setup function so that we just set it for this one case. We already had a spot that was configuring the queues for TC 0 in the code here anyway so it makes sense to also set the number of TCs here as well. CC: stable <stable(a)vger.kernel.org> Fixes: 49cfbeb7a95c ("ixgbe: Fix handling of macvlan Tx offload") Signed-off-by: Alexander Duyck <alexander.h.duyck(a)intel.com> Tested-by: Andrew Bowers <andrewx.bowers(a)intel.com> Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher(a)intel.com> --- drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c | 8 ++++++++ drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 8 -------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c index 893a9206e718..d361f570ca37 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c @@ -593,6 +593,14 @@ static bool ixgbe_set_sriov_queues(struct ixgbe_adapter *adapter) } #endif + /* To support macvlan offload we have to use num_tc to + * restrict the queues that can be used by the device. + * By doing this we can avoid reporting a false number of + * queues. + */ + if (vmdq_i > 1) + netdev_set_num_tc(adapter->netdev, 1); + /* populate TC0 for use by pool 0 */ netdev_set_tc_queue(adapter->netdev, 0, adapter->num_rx_queues_per_pool, 0); diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c index 4929f7265598..f9e0dc041cfb 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c @@ -8822,14 +8822,6 @@ int ixgbe_setup_tc(struct net_device *dev, u8 tc) } else { netdev_reset_tc(dev); - /* To support macvlan offload we have to use num_tc to - * restrict the queues that can be used by the device. - * By doing this we can avoid reporting a false number of - * queues. - */ - if (!tc && adapter->num_rx_pools > 1) - netdev_set_num_tc(dev, 1); - if (adapter->hw.mac.type == ixgbe_mac_82598EB) adapter->hw.fc.requested_mode = adapter->last_lfc_mode; -- 2.17.1

7 years, 5 months

1
0
0 0

Re: [PATCH 4.16 01/48] mmap: introduce sane default mmap limits

by Greg Kroah-Hartman

On Mon, Jun 11, 2018 at 08:12:45AM +1000, David Airlie wrote: > Can you make sure you pull in > > 76ef6b28ea4f81c3d511866a9b31392caa833126 (tag: > drm-fixes-for-v4.17-rc6-urgent) > Author: Dave Airlie <airlied(a)redhat.com> > Date: Tue May 15 13:38:15 2018 +1000 > > drm: set FMODE_UNSIGNED_OFFSET for drm files > > Into anywhere this first patch goes? Thanks for pointing this out, now queued up. greg k-h

7 years, 5 months

1
0
0 0

[PATCH] mm: Fix devmem_is_allowed() for sub-page System RAM intersections

by Dan Williams

Hussam reports: I was poking around and for no real reason, I did cat /dev/mem and strings /dev/mem. Then I saw the following warning in dmesg. I saved it and rebooted immediately. memremap attempted on mixed range 0x000000000009c000 size: 0x1000 ------------[ cut here ]------------ WARNING: CPU: 0 PID: 11810 at kernel/memremap.c:98 memremap+0x104/0x170 [..] Call Trace: xlate_dev_mem_ptr+0x25/0x40 read_mem+0x89/0x1a0 __vfs_read+0x36/0x170 The memremap() implementation checks for attempts to remap System RAM with MEMREMAP_WB and instead redirects those mapping attempts to the linear map. However, that only works if the physical address range being remapped is page aligned. In low memory we have situations like the following: 00000000-00000fff : Reserved 00001000-0009fbff : System RAM 0009fc00-0009ffff : Reserved ...where System RAM intersects Reserved ranges on a sub-page page granularity. Given that devmem_is_allowed() special cases any attempt to map System RAM in the first 1MB of memory, replace page_is_ram() with the more precise region_intersects() to trap attempts to map disallowed ranges. Link: https://bugzilla.kernel.org/show_bug.cgi?id=199999 Fixes: 92281dee825f ("arch: introduce memremap()") Cc: <stable(a)vger.kernel.org> Cc: Christoph Hellwig <hch(a)lst.de> Reported-by: Hussam Al-Tayeb <me(a)hussam.eu.org> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- arch/x86/mm/init.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c index fec82b577c18..cee58a972cb2 100644 --- a/arch/x86/mm/init.c +++ b/arch/x86/mm/init.c @@ -706,7 +706,9 @@ void __init init_mem_mapping(void) */ int devmem_is_allowed(unsigned long pagenr) { - if (page_is_ram(pagenr)) { + if (region_intersects(PFN_PHYS(pagenr), PAGE_SIZE, + IORESOURCE_SYSTEM_RAM, IORES_DESC_NONE) + != REGION_DISJOINT) { /* * For disallowed memory regions in the low 1MB range, * request that the page be shown as all zeros.

7 years, 5 months

1
0
0 0

Please apply this commit to v4.14.y, 4.16.y and 4.17.y: c3635da2a336 ("PCI: hv: Do not wait forever on a device that has disappeared")

by Dexuan Cui

Hi, The patch has been in the mainline, and I have verified the commit can be cherry-picked cleanly to these 3 stable branches. The issue fixed by the patch also exists in 4.14, 4.16 and 4.17. It looks I forgot to add a "Cc: stable(a)vger.kernel.org" tag. Sorry. Thanks, -- Dexuan

7 years, 5 months

2
1
0 0

[PATCH v3 1/4] NFC: st21nfca: Fix out of bounds kernel access when handling ATR_REQ

by Amit Pundir

From: Suren Baghdasaryan <surenb(a)google.com> Out of bounds kernel accesses in st21nfca's NFC HCI layer might happen when handling ATR_REQ events if user-specified atr_req->length is bigger than the buffer size. In that case memcpy() inside st21nfca_tm_send_atr_res() will read extra bytes resulting in OOB read from the kernel heap. cc: Stable <stable(a)vger.kernel.org> Signed-off-by: Suren Baghdasaryan <surenb(a)google.com> Signed-off-by: Amit Pundir <amit.pundir(a)linaro.org> Reviewed-by: Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> --- v3..v1: Resend. No changes. drivers/nfc/st21nfca/dep.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/nfc/st21nfca/dep.c b/drivers/nfc/st21nfca/dep.c index fd08be2917e6..3420c5104c94 100644 --- a/drivers/nfc/st21nfca/dep.c +++ b/drivers/nfc/st21nfca/dep.c @@ -217,7 +217,8 @@ static int st21nfca_tm_recv_atr_req(struct nfc_hci_dev *hdev, atr_req = (struct st21nfca_atr_req *)skb->data; - if (atr_req->length < sizeof(struct st21nfca_atr_req)) { + if (atr_req->length < sizeof(struct st21nfca_atr_req) || + atr_req->length > skb->len) { r = -EPROTO; goto exit; } -- 2.7.4

7 years, 5 months

2
3
0 0

Re: [PATCH] xfs: fix incorrect log_flushed on fsync

by Amir Goldstein

On Tue, Sep 19, 2017 at 9:32 AM, Greg KH <greg(a)kroah.com> wrote: > On Mon, Sep 18, 2017 at 10:29:25PM +0300, Amir Goldstein wrote: >> On Mon, Sep 18, 2017 at 9:35 PM, Greg KH <greg(a)kroah.com> wrote: >> > On Mon, Sep 18, 2017 at 09:00:30PM +0300, Amir Goldstein wrote: >> >> On Mon, Sep 18, 2017 at 8:11 PM, Darrick J. Wong >> >> <darrick.wong(a)oracle.com> wrote: >> >> > On Fri, Sep 15, 2017 at 03:40:24PM +0300, Amir Goldstein wrote: >> >> >> On Wed, Aug 30, 2017 at 4:38 PM, Amir Goldstein <amir73il(a)gmail.com> wrote: >> >> >> > When calling into _xfs_log_force{,_lsn}() with a pointer >> >> >> > to log_flushed variable, log_flushed will be set to 1 if: >> >> >> > 1. xlog_sync() is called to flush the active log buffer >> >> >> > AND/OR >> >> >> > 2. xlog_wait() is called to wait on a syncing log buffers >> >> >> > >> >> >> > xfs_file_fsync() checks the value of log_flushed after >> >> >> > _xfs_log_force_lsn() call to optimize away an explicit >> >> >> > PREFLUSH request to the data block device after writing >> >> >> > out all the file's pages to disk. >> >> >> > >> >> >> > This optimization is incorrect in the following sequence of events: >> >> >> > >> >> >> > Task A Task B >> >> >> > ------------------------------------------------------- >> >> >> > xfs_file_fsync() >> >> >> > _xfs_log_force_lsn() >> >> >> > xlog_sync() >> >> >> > [submit PREFLUSH] >> >> >> > xfs_file_fsync() >> >> >> > file_write_and_wait_range() >> >> >> > [submit WRITE X] >> >> >> > [endio WRITE X] >> >> >> > _xfs_log_force_lsn() >> >> >> > xlog_wait() >> >> >> > [endio PREFLUSH] >> >> >> > >> >> >> > The write X is not guarantied to be on persistent storage >> >> >> > when PREFLUSH request in completed, because write A was submitted >> >> >> > after the PREFLUSH request, but xfs_file_fsync() of task A will >> >> >> > be notified of log_flushed=1 and will skip explicit flush. >> >> >> > >> >> >> > If the system crashes after fsync of task A, write X may not be >> >> >> > present on disk after reboot. >> >> >> > >> >> >> > This bug was discovered and demonstrated using Josef Bacik's >> >> >> > dm-log-writes target, which can be used to record block io operations >> >> >> > and then replay a subset of these operations onto the target device. >> >> >> > The test goes something like this: >> >> >> > - Use fsx to execute ops of a file and record ops on log device >> >> >> > - Every now and then fsync the file, store md5 of file and mark >> >> >> > the location in the log >> >> >> > - Then replay log onto device for each mark, mount fs and compare >> >> >> > md5 of file to stored value >> >> >> > >> >> >> > Cc: Christoph Hellwig <hch(a)lst.de> >> >> >> > Cc: Josef Bacik <jbacik(a)fb.com> >> >> >> > Cc: <stable(a)vger.kernel.org> >> >> >> > Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> >> >> >> > --- >> >> >> > >> >> >> > Christoph, Dave, >> >> >> > >> >> >> > It's hard to believe, but I think the reported bug has been around >> >> >> > since 2005 f538d4da8d52 ("[XFS] write barrier support"), but I did >> >> >> > not try to test old kernels. >> >> >> >> >> >> Forgot to tag commit message with: >> >> >> Fixes: f538d4da8d52 ("[XFS] write barrier support") >> >> >> >> >> >> Maybe the tag could be added when applying to recent stables, >> >> >> so distros and older downstream stables can see the tag. >> >> >> >> >> >> The disclosure of the security bug fix (commit b31ff3cdf5) made me wonder >> >> >> if possible data loss bug should also be disclosed in some distros forum? >> >> >> I bet some users would care more about the latter than the former. >> >> >> Coincidentally, both data loss and security bugs fix the same commit.. >> >> > >> >> > Yes the the patch ought to get sent on to stable w/ fixes tag. One >> >> > would hope that the distros will pick up the stable fixes from there. >> >> >> >> >> >> Greg, for your consideration, please add >> >> Fixes: f538d4da8d52 ("[XFS] write barrier support") >> >> If not pushed yet. >> > >> > Add it to what? >> >> Sorry, add that tag when applying commit 47c7d0b1950258312 >> to stable trees, since I missed adding the tag before it was merged >> to master. > > Nah, as the tag is just needed to let me know where to backport stuff > to, I don't think it matters when I add it to the stable tree itself, so > I'll leave it as-is. > Greg, Related or not to above Fixes discussion, I now noticed that you never picked the patch for kernel 4.4. Ben did take it to 3.2 and 3.16 BTW. This is a very critical bug fix IMO. Were you waiting for an ACK from xfs maintainers or just an oversight? Or was it me who had to check up on that? Thanks, Amir.

7 years, 5 months

2
1
0 0

Linux 4.9.107 is not available on www.kernel.org

by Pavlos Parissis

Hi, Linux 4.9.107 was released on Jun 7th and www.kernel.org still points to 4.9.106 as latest version for 4.9 tree. I have seen delays before, but not for more than an hour. Is something broken? Cheers, Pavlos

7 years, 5 months

2
2
0 0

[merged] fs-binfmt_miscc-do-not-allow-offset-overflow.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: fs/binfmt_misc.c: do not allow offset overflow has been removed from the -mm tree. Its filename was fs-binfmt_miscc-do-not-allow-offset-overflow.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> Subject: fs/binfmt_misc.c: do not allow offset overflow WHen registering a new binfmt_misc handler, it is possible to overflow the offset to get a negative value, which might crash the system, or possibly leak kernel data. Here is a crash log when 2500000000 was used as an offset: [ 6050.251552] BUG: unable to handle kernel paging request at ffff989cfd6edca0 [ 6050.252053] IP: load_misc_binary+0x22b/0x470 [binfmt_misc] [ 6050.252053] PGD 1ef3e067 P4D 1ef3e067 PUD 0 [ 6050.252053] Oops: 0000 [#1] SMP NOPTI [ 6050.252053] Modules linked in: binfmt_misc kvm_intel ppdev kvm irqbypass joydev input_leds serio_raw mac_hid parport_pc qemu_fw_cfg parpy [ 6050.252053] CPU: 0 PID: 2499 Comm: bash Not tainted 4.15.0-22-generic #24-Ubuntu [ 6050.252053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.1-1 04/01/2014 [ 6050.252053] RIP: 0010:load_misc_binary+0x22b/0x470 [binfmt_misc] [ 6050.252053] RSP: 0018:ffffb6e383017e18 EFLAGS: 00010202 [ 6050.252053] RAX: 0000000000000003 RBX: ffff989d74a47100 RCX: ffff989cfd6edca0 [ 6050.252053] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff989d7d2e95e5 [ 6050.252053] RBP: ffffb6e383017e48 R08: 0000000000000001 R09: 0000000000000000 [ 6050.252053] R10: 0000000000000000 R11: fefefefefefefeff R12: 0000000000000001 [ 6050.252053] R13: ffff989d7d2e9580 R14: 0000000000000000 R15: ffffffffc0592160 [ 6050.252053] FS: 00007fa424c89740(0000) GS:ffff989d7fc00000(0000) knlGS:0000000000000000 [ 6050.252053] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 6050.252053] CR2: ffff989cfd6edca0 CR3: 000000003db08000 CR4: 00000000000006f0 [ 6050.252053] Call Trace: [ 6050.252053] search_binary_handler+0x97/0x1d0 [ 6050.252053] do_execveat_common.isra.34+0x667/0x810 [ 6050.252053] SyS_execve+0x31/0x40 [ 6050.252053] do_syscall_64+0x73/0x130 [ 6050.252053] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 Use kstrtoint instead of simple_strtoul. It will work as the code already set the delimiter byte to '\0' and we only do it when the field is not empty. Tested with offsets -1, 2500000000, UINT_MAX and INT_MAX. Also tested with examples documented at Documentation/admin-guide/binfmt-misc.rst and other registrations from packages on Ubuntu. Link: http://lkml.kernel.org/r/20180529135648.14254-1-cascardo@canonical.com Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Cc: Alexander Viro <viro(a)zeniv.linux.org.uk> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/binfmt_misc.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff -puN fs/binfmt_misc.c~fs-binfmt_miscc-do-not-allow-offset-overflow fs/binfmt_misc.c --- a/fs/binfmt_misc.c~fs-binfmt_miscc-do-not-allow-offset-overflow +++ a/fs/binfmt_misc.c @@ -387,8 +387,13 @@ static Node *create_entry(const char __u s = strchr(p, del); if (!s) goto einval; - *s++ = '\0'; - e->offset = simple_strtoul(p, &p, 10); + *s = '\0'; + if (p != s) { + int r = kstrtoint(p, 10, &e->offset); + if (r != 0 || e->offset < 0) + goto einval; + } + p = s; if (*p++) goto einval; pr_debug("register: offset: %#x\n", e->offset); @@ -428,7 +433,8 @@ static Node *create_entry(const char __u if (e->mask && string_unescape_inplace(e->mask, UNESCAPE_HEX) != e->size) goto einval; - if (e->size + e->offset > BINPRM_BUF_SIZE) + if (e->size > BINPRM_BUF_SIZE || + BINPRM_BUF_SIZE - e->size < e->offset) goto einval; pr_debug("register: magic/mask length: %i\n", e->size); if (USE_DEBUG) { _ Patches currently in -mm which might be from cascardo(a)canonical.com are

7 years, 5 months

1
0
0 0

[merged] mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset.patch removed from -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm, page_alloc: do not break __GFP_THISNODE by zonelist reset has been removed from the -mm tree. Its filename was mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset.patch This patch was dropped because it was merged into mainline or a subsystem tree ------------------------------------------------------ From: Vlastimil Babka <vbabka(a)suse.cz> Subject: mm, page_alloc: do not break __GFP_THISNODE by zonelist reset In __alloc_pages_slowpath() we reset zonelist and preferred_zoneref for allocations that can ignore memory policies. The zonelist is obtained from current CPU's node. This is a problem for __GFP_THISNODE allocations that want to allocate on a different node, e.g. because the allocating thread has been migrated to a different CPU. This has been observed to break SLAB in our 4.4-based kernel, because there it relies on __GFP_THISNODE working as intended. If a slab page is put on wrong node's list, then further list manipulations may corrupt the list because page_to_nid() is used to determine which node's list_lock should be locked and thus we may take a wrong lock and race. Current SLAB implementation seems to be immune by luck thanks to commit 511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on arbitrary node") but there may be others assuming that __GFP_THISNODE works as promised. We can fix it by simply removing the zonelist reset completely. There is actually no reason to reset it, because memory policies and cpusets don't affect the zonelist choice in the first place. This was different when commit 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") introduced the code, as mempolicies provided their own restricted zonelists. We might consider this for 4.17 although I don't know if there's anything currently broken. SLAB is currently not affected, but in kernels older than 4.7 that don't yet have 511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on arbitrary node") it is. That's at least 4.4 LTS. Older ones I'll have to check. So stable backports should be more important, but will have to be reviewed carefully, as the code went through many changes. BTW I think that also the ac->preferred_zoneref reset is currently useless if we don't also reset ac->nodemask from a mempolicy to NULL first (which we probably should for the OOM victims etc?), but I would leave that for a separate patch. Link: http://lkml.kernel.org/r/20180525130853.13915-1-vbabka@suse.cz Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Fixes: 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") Acked-by: Mel Gorman <mgorman(a)techsingularity.net> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: David Rientjes <rientjes(a)google.com> Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/page_alloc.c | 1 - 1 file changed, 1 deletion(-) diff -puN mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset mm/page_alloc.c --- a/mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset +++ a/mm/page_alloc.c @@ -4169,7 +4169,6 @@ retry: * orientated. */ if (!(alloc_flags & ALLOC_CPUSET) || reserve_flags) { - ac->zonelist = node_zonelist(numa_node_id(), gfp_mask); ac->preferred_zoneref = first_zones_zonelist(ac->zonelist, ac->high_zoneidx, ac->nodemask); } _ Patches currently in -mm which might be from vbabka(a)suse.cz are

7 years, 5 months

1
0
0 0

[PATCH] arm64: Fix syscall restarting around signal suppressed by tracer

by Dave Martin

Commit 17c2895 ("arm64: Abstract syscallno manipulation") abstracts out the pt_regs.syscallno value for a syscall cancelled by a tracer as NO_SYSCALL, and provides helpers to set and check for this condition. However, the way this was implemented has the unintended side-effect of disabling part of the syscall restart logic. This comes about because the second in_syscall() check in do_signal() re-evaluates the "in a syscall" condition based on the updated pt_regs instead of the original pt_regs. forget_syscall() is explicitly called prior to the second check in order to prevent restart logic in the ret_to_user path being spuriously triggered, which means that the second in_syscall() check always yields false. This triggers a failure in tools/testing/selftests/seccomp/seccomp_bpf.c, when using ptrace to suppress a signal that interrups a nanosleep() syscall. Misbehaviour of this type is only expected in the case where a tracer suppresses a signal and the target process is either being single-stepped or the interrupted syscall attempts to restart via -ERESTARTBLOCK. This patch restores the old behaviour by performing the in_syscall() check only once at the start of the function. Fixes: 17c289586009 ("arm64: Abstract syscallno manipulation") Signed-off-by: Dave Martin <Dave.Martin(a)arm.com> Reported-by: Sumit Semwal <sumit.semwal(a)linaro.org> Cc: Will Deacon <will.deacon(a)arm.com> Cc: Catalin Marinas <catalin.marinas(a)arm.com> Cc: <stable(a)vger.kernel.org> # 4.14.x- --- arch/arm64/kernel/signal.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/arm64/kernel/signal.c b/arch/arm64/kernel/signal.c index 154b7d3..f212090 100644 --- a/arch/arm64/kernel/signal.c +++ b/arch/arm64/kernel/signal.c @@ -830,11 +830,12 @@ static void do_signal(struct pt_regs *regs) unsigned long continue_addr = 0, restart_addr = 0; int retval = 0; struct ksignal ksig; + bool syscall = in_syscall(regs); /* * If we were from a system call, check for system call restarting... */ - if (in_syscall(regs)) { + if (syscall) { continue_addr = regs->pc; restart_addr = continue_addr - (compat_thumb_mode(regs) ? 2 : 4); retval = regs->regs[0]; @@ -886,7 +887,7 @@ static void do_signal(struct pt_regs *regs) * Handle restarting a different system call. As above, if a debugger * has chosen to restart at a different PC, ignore the restart. */ - if (in_syscall(regs) && regs->pc == restart_addr) { + if (syscall && regs->pc == restart_addr) { if (retval == -ERESTART_RESTARTBLOCK) setup_restart_syscall(regs); user_rewind_single_step(current); -- 2.1.4

7 years, 5 months

2
1
0 0

[v3 PATCH 0/5] powerpc/pseries: Machien check handler improvements.

by Mahesh J Salgaonkar

This patch series includes some improvement to Machine check handler for pseries. Patch 1 fixes an issue where machine check handler crashes kernel while accessing vmalloc-ed buffer while in nmi context. Patch 2 fixes endain bug while restoring of r3 in MCE handler. Patch 4 dumps the SLB contents on SLB MCE errors to improve the debugability. Patch 5 display's the MCE error details on console. CHange in V3: - Moved patch 5 to patch 2 Change in V2: - patch 3: Display additional info (NIP and task info) in MCE error details. - patch 5: Fix endain bug while restoring of r3 in MCE handler. --- Mahesh Salgaonkar (5): powerpc/pseries: convert rtas_log_buf to linear allocation. powerpc/pseries: Fix endainness while restoring of r3 in MCE handler. powerpc/pseries: Define MCE error event section. powerpc/pseries: Dump and flush SLB contents on SLB MCE errors. powerpc/pseries: Display machine check error details. arch/powerpc/include/asm/book3s/64/mmu-hash.h | 1 arch/powerpc/include/asm/rtas.h | 109 ++++++++++++++++++ arch/powerpc/kernel/rtasd.c | 2 arch/powerpc/mm/slb.c | 35 ++++++ arch/powerpc/platforms/pseries/ras.c | 155 +++++++++++++++++++++++++ 5 files changed, 299 insertions(+), 3 deletions(-) -- Signature

7 years, 5 months

4
7
0 0

[PATCH] dm bufio: avoid false-positive Wmaybe-uninitialized warning

by Nathan Chancellor

From: Arnd Bergmann <arnd(a)arndb.de> commit 590347e4000356f55eb10b03ced2686bd74dab40 upstream. gcc-6.3 and earlier show a new warning after a seemingly unrelated change to the arm64 PAGE_KERNEL definition: In file included from drivers/md/dm-bufio.c:14:0: drivers/md/dm-bufio.c: In function 'alloc_buffer': include/linux/sched/mm.h:182:56: warning: 'noio_flag' may be used uninitialized in this function [-Wmaybe-uninitialized] current->flags = (current->flags & ~PF_MEMALLOC_NOIO) | flags; ^ The same warning happened earlier on linux-3.18 for MIPS and I did a workaround for that, but now it's come back. gcc-7 and newer are apparently smart enough to figure this out, and other architectures don't show it, so the best I could come up with is to rework the caller slightly in a way that makes it obvious enough to all arm64 compilers what is happening here. Fixes: 41acec624087 ("arm64: kpti: Make use of nG dependent on arm64_kernel_unmapped_at_el0()") Link: https://patchwork.kernel.org/patch/9692829/ Cc: stable(a)vger.kernel.org Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> [snitzer: moved declarations inside conditional, altered vmalloc return] Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> [nc: Backport to 4.9, adjust context for lack of 19809c2da28a] Signed-off-by: Nathan Chancellor <natechancellor(a)gmail.com> --- drivers/md/dm-bufio.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/drivers/md/dm-bufio.c b/drivers/md/dm-bufio.c index 3ec647e8b9c6..35fd57fdeba9 100644 --- a/drivers/md/dm-bufio.c +++ b/drivers/md/dm-bufio.c @@ -373,9 +373,6 @@ static void __cache_size_refresh(void) static void *alloc_buffer_data(struct dm_bufio_client *c, gfp_t gfp_mask, enum data_mode *data_mode) { - unsigned noio_flag; - void *ptr; - if (c->block_size <= DM_BUFIO_BLOCK_SIZE_SLAB_LIMIT) { *data_mode = DATA_MODE_SLAB; return kmem_cache_alloc(DM_BUFIO_CACHE(c), gfp_mask); @@ -399,16 +396,16 @@ static void *alloc_buffer_data(struct dm_bufio_client *c, gfp_t gfp_mask, * all allocations done by this process (including pagetables) are done * as if GFP_NOIO was specified. */ + if (gfp_mask & __GFP_NORETRY) { + unsigned noio_flag = memalloc_noio_save(); + void *ptr = __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM, + PAGE_KERNEL); - if (gfp_mask & __GFP_NORETRY) - noio_flag = memalloc_noio_save(); - - ptr = __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM, PAGE_KERNEL); - - if (gfp_mask & __GFP_NORETRY) memalloc_noio_restore(noio_flag); + return ptr; + } - return ptr; + return __vmalloc(c->block_size, gfp_mask | __GFP_HIGHMEM, PAGE_KERNEL); } /* -- 2.17.1

7 years, 5 months

1
1
0 0

[PATCHES] Networking

by David Miller

Please queue up the following netwokring bug fixes for v4.16 and v4.17 -stable, respectively. Thank you.

7 years, 5 months

2
1
0 0

[GIT PULL] commits for Linux 4.14

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.14 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 3e496be2038a100fc53627238fe120dc4c948719: Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU" (2018-05-30 22:32:31 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.14-05062018 for you to fetch changes up to a128744e79b872a66bdd0d1183d871c01b84eb9c: ARM: kexec: fix kdump register saving on panic() (2018-06-04 22:11:36 -0400) - ---------------------------------------------------------------- for-greg-4.14-05062018 - ---------------------------------------------------------------- Adam Ford (2): ARM: dts: logicpd-som-lv: Fix WL127x Startup Issues ARM: dts: logicpd-som-lv: Fix Audio Mute Alexey Dobriyan (1): proc: revalidate kernel thread inodes to root:root Amir Goldstein (2): fsnotify: fix ignore mask logic in send_to_group() <linux/stringhash.h>: fix end_name_hash() for 64bit long Andres Rodriguez (1): drm/amdkfd: fix clock counter retrieval for node without GPU Andy Lutomirski (1): x86/selftests: Add mov_to_ss test Anson Huang (1): clocksource/drivers/imx-tpm: Correct some registers operation flow Arnaldo Carvalho de Melo (1): perf report: Fix switching to another perf.data file Arnd Bergmann (2): hexagon: add memset_io() helper hexagon: export csum_partial_copy_nocheck Arvind Yadav (2): HID: wacom: Release device resource data obtained by devres_alloc() HID: intel-ish-hid: use put_device() instead of kfree() Ashish Samant (1): ocfs2: take inode cluster lock before moving reflinked inode from orphan dir Balbir Singh (1): powerpc/powernv/memtrace: Let the arch hotunplug code flush cache Baolin Wang (3): parisc: time: Convert read_persistent_clock() to read_persistent_clock64() i2c: sprd: Prevent i2c accesses after suspend is called i2c: sprd: Fix the i2c count issue Ben Hutchings (2): drm/msm: Fix possible null dereference on failure of get_pages() mtd: Fix comparison in map_word_andequal() Bhadram Varka (1): arm64: tegra: Make BCM89610 PHY interrupt as active low Changbin Du (1): iommu/vt-d: fix shift-out-of-bounds in bug checking Chen Yu (1): ACPI / PM: Blacklist Low Power S0 Idle _DSM for ThinkPad X1 Tablet(2016) Chengguang Xu (2): isofs: fix potential memory leak in mount option parsing nvme: fix potential memory leak in option parsing Chris Leech (1): scsi: iscsi: respond to netlink with unicast when appropriate Christophe JAILLET (1): Input: synaptics-rmi4 - fix an unchecked out of memory error path Clément Péron (1): ARM: dts: cygnus: fix irq type for arm global timer Colin Ian King (2): scsi: isci: Fix infinite loop in while loop RDMA/iwpm: fix memory leak on map_info Dag Moxnes (1): rds: ib: Fix missing call to rds_ib_dev_put in rds_ib_setup_qp Dan Carpenter (2): drm/omap: silence unititialized variable warning drm/dumb-buffers: Integer overflow in drm_mode_create_ioctl() Daniel Borkmann (1): bpf, x64: fix memleak when not converging after image Daniel Glöckner (1): usb: musb: fix remote wakeup racing with suspend Dave Hansen (10): x86/pkeys/selftests: Give better unexpected fault error messages x86/pkeys/selftests: Stop using assert() x86/pkeys/selftests: Remove dead debugging code, fix dprint_in_signal x86/pkeys/selftests: Allow faults on unknown keys x86/pkeys/selftests: Factor out "instruction page" x86/pkeys/selftests: Add PROT_EXEC test x86/pkeys/selftests: Fix pkey exhaustion test off-by-one x86/pkeys/selftests: Fix pointer math x86/pkeys/selftests: Save off 'prot' for allocations x86/pkeys/selftests: Add a test for pkey 0 Dave Young (1): kexec_file: do not add extra alignment to efi memmap David Gilhooley (1): arm64: Add MIDR encoding for NVIDIA CPUs David Howells (4): vfs: Undo an overly zealous MS_RDONLY -> SB_RDONLY conversion rxrpc: Fix error reception on AF_INET6 sockets rxrpc: Fix the min security level for kernel calls afs: Fix the non-encryption of calls Emil Tantilov (1): ixgbe: return error on unsupported SFP module when resetting Emil Velikov (1): drm/msm: don't deref error pointer in the msm_fbdev_create error path Etienne Carriere (1): tee: check shm references are consistent in offset/size Evan Wang (2): libahci: Allow drivers to override stop_engine ata: ahci: mvebu: override ahci_stop_engine for mvebu AHCI Florian Fainelli (2): soc: bcm: raspberrypi-power: Fix use of __packed net: ethtool: Add missing kernel doc for FEC parameters Geert Uytterhoeven (3): soc: bcm2835: Make !RASPBERRYPI_FIRMWARE dummies return failure dt-bindings: meson-uart: DT fix s/clocks-names/clock-names/ dt-bindings: panel: lvds: Fix path to display timing bindings Greg Thelen (5): nvme: depend on INFINIBAND_ADDR_TRANS nvmet-rdma: depend on INFINIBAND_ADDR_TRANS ib_srpt: depend on INFINIBAND_ADDR_TRANS ib_srp: depend on INFINIBAND_ADDR_TRANS IB: make INFINIBAND_ADDR_TRANS configurable Hans de Goede (1): thermal: int3403_thermal: Fix NULL pointer deref on module load / probe Helge Deller (2): parisc: drivers.c: Fix section mismatches parisc: Move setup_profiling_timer() out of init section Huang Ying (1): mm, pagemap: fix swap offset value for PMD migration entry Håkon Bugge (1): IB/core: Make ib_mad_client_id atomic Igor Russkikh (1): net: aquantia: driver should correctly declare vlan_features bits Ilan Peer (1): mac80211: Adjust SAE authentication timeout Ingo Molnar (3): objtool, kprobes/x86: Sync the latest <asm/insn.h> header with tools/objtool/arch/x86/include/asm/insn.h x86/pkeys/selftests: Adjust the self-test to fresh distros that export the pkeys ABI x86/mpx/selftests: Adjust the self-test to fresh distros that export the MPX ABI Jacopo Mondi (2): dt-bindings: serial: sh-sci: Add support for r8a77965 (H)SCIF dt-bindings: dmaengine: rcar-dmac: document R8A77965 support Jakob Unterwurzacher (1): can: dev: increase bus-off message severity Jakub Kicinski (1): nfp: ignore signals when communicating with management FW Janusz Krzysztofik (1): ARM: OMAP1: ams-delta: fix deferred_fiq handler Jeffrey Hugo (1): init: fix false positives in W+X checking Jerome Brunet (1): clk: honor CLK_MUX_ROUND_CLOSEST in generic clk mux Jianchao Wang (1): IB/rxe: add RXE_START_MASK for rxe_opcode IB_OPCODE_RC_SEND_ONLY_INV Jiang Biao (2): blkcg: don't hold blkcg lock when deactivating policy blkcg: init root blkcg_gq under lock Jim Gill (1): scsi: vmw-pvscsi: return DID_BUS_BUSY for adapter-initated aborts Jingju Hou (1): net: phy: marvell: clear wol event before setting it John Fastabend (1): bpf: fix uninitialized variable in bpf tools Jon Maloy (1): tipc: fix bug in function tipc_nl_node_dump_monitor Josh Poimboeuf (5): objtool: Fix "noreturn" detection for recursive sibling calls objtool: Support GCC 8's cold subfunctions objtool: Support GCC 8 switch tables objtool: Detect RIP-relative switch table references objtool: Detect RIP-relative switch table references, part 2 Julian Wiedmann (1): s390/qeth: use Read device to query hypervisor for MAC Kan Liang (1): perf/x86/intel: Don't enable freeze-on-smi for PerfMon V1 Keith Busch (1): nvme: Set integrity flag for user passthrough commands Kevin Easton (1): af_key: Always verify length of provided sadb_key Krish Sadhukhan (1): x86: Add check for APIC access address for vmentry of L2 guests Laura Abbott (1): proc/kcore: don't bounds check against address 0 Liam Girdwood (1): ASoC: topology: Check widget kcontrols before deref. Loic Poulain (1): PCI: kirin: Fix reset gpio name Long Li (1): scsi: storvsc: Set up correct queue depth values for IDE devices Lukasz Majewski (1): doc: Add vendor prefix for Kieback & Peter GmbH Marian Rotariu (1): x86: Delay skip of emulated hypercall instruction Mark Rutland (4): arm64: ptrace: remove addr_limit manipulation arm64: fix possible spectre-v1 in ptrace_hbp_get_event() KVM: arm/arm64: vgic: fix possible spectre-v1 in vgic_mmio_read_apr() efi/libstub/arm64: Handle randomized TEXT_OFFSET Martin Schwidefsky (1): s390/smsgiucv: disable SMSG on module unload Masami Hiramatsu (3): selftests: ftrace: Add a testcase for multiple actions on trigger kprobes/x86: Prohibit probing on exception masking instructions uprobes/x86: Prohibit probing on MOV SS instruction Matan Barak (1): IB/uverbs: Fix validating mandatory attributes Matheus Castello (1): dt-bindings: pinctrl: sunxi: Fix reference to driver Mathieu Malaterre (4): driver core: add __printf verification to __ata_ehi_pushv_desc agp: uninorth: make two functions static sched/debug: Move the print_rt_rq() and print_dl_rq() declarations to kernel/sched/sched.h sched/deadline: Make the grub_reclaim() function static Matt Redfearn (1): MIPS: dts: Boston: Fix PCI bus dtc warnings: Michael J. Ruhl (1): IB/hfi1 Use correct type for num_user_context Michal Kalderon (2): qed: Fix l2 initializations over iWARP personality qede: Fix gfp flags sent to rdma event node allocation Mika Westerberg (1): ACPI / watchdog: Prefer iTCO_wdt on Lenovo Z50-70 Minchan Kim (1): mm: memcg: add __GFP_NOWARN in __memcg_schedule_kmem_cache_create() Ming Lei (1): scsi: target: fix crash with iscsi target and dvd Naveen N. Rao (2): powerpc/trace/syscalls: Update syscall name matching logic powerpc/trace/syscalls: Update syscall name matching logic to account for ppc_ prefix Nick Dyer (1): Input: atmel_mxt_ts - fix the firmware update Omar Sandoval (1): blk-mq: fix sysfs inflight counter Pablo Neira Ayuso (1): netfilter: nf_tables: NAT chain and extensions require NF_TABLES Parav Pandit (2): RDMA/cma: Fix use after destroy access to net namespace for IPoIB RDMA/cma: Do not query GID during QP state transition to RTR Paulo Alcantara (1): cifs: smb2ops: Fix listxattr() when there are no EAs Peter Rosin (3): i2c: pmcmsp: return message count on master_xfer success i2c: pmcmsp: fix error return from master_xfer i2c: viperboard: return message count on master_xfer success Peter Zijlstra (3): stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock kthread, sched/wait: Fix kthread_parkme() wait-loop sched/core: Introduce set_special_state() Ramon Fried (1): rpmsg: added MODULE_ALIAS for rpmsg_char Rich Felker (1): sh: fix build failure for J2 cpu with SMP disabled Rob Herring (1): spi: bcm2835aux: ensure interrupts are enabled for shared handler Roman Mashak (1): net sched actions: fix invalid pointer dereferencing if skbedit flags missing Russell King (2): ARM: keystone: fix platform_domain_notifier array overrun ARM: kexec: fix kdump register saving on panic() Sara Sharon (1): mac80211: use timeout from the AddBA response instead of the request Sebastian Sanchez (1): IB/hfi1: Fix memory leak in exception path in get_irq_affinity() Sekhar Nori (8): ARM: dts: da850: fix W=1 warnings with pinmux node ARM: davinci: board-da830-evm: fix GPIO lookup for MMC/SD ARM: davinci: board-da850-evm: fix GPIO lookup for MMC/SD ARM: davinci: board-omapl138-hawk: fix GPIO numbers for MMC/SD lookup ARM: davinci: board-dm355-evm: fix broken networking ARM: davinci: dm646x: fix timer interrupt generation ARM: davinci: board-dm646x-evm: pass correct I2C adapter id for VPIF ARM: davinci: board-dm646x-evm: set VPIF capture card name Simon Gaiser (1): xen: xenbus_dev_frontend: Really return response string Sinan Kaya (2): MIPS: io: Prevent compiler reordering writeX() MIPS: io: Add barrier after register read in readX() Srinivas Kandagatla (1): ASoC: msm8916-wcd-analog: use threaded context for mbhc events Stefan Agner (2): drm/msm/dsi: use correct enum in dsi_get_cmd_fmt clk: imx6ull: use OSC clock during AXI rate change Stefan Raspl (1): smc: fix sendpage() call Taehee Yoo (1): netfilter: nf_tables: fix out-of-bounds in nft_chain_commit_update Tero Kristo (1): ARM: OMAP2+: powerdomain: use raw_smp_processor_id() for trace Tobias Jordan (1): remoteproc: qcom: Fix potential device node leaks Tobias Regnery (1): usb: typec: ucsi: fix tracepoint related build error Tomi Valkeinen (4): drm/omap: fix uninitialized ret variable drm/omap: fix possible NULL ref issue in tiler_reserve_2d drm/omap: check return value from soc_device_match drm/omap: handle alloc failures in omap_connector Tung Nguyen (1): tipc: fix infinite loop when dumping link monitor summary Tyler Hicks (1): eCryptfs: don't pass up plaintext names when using filename encryption Vinson Lee (1): scsi: megaraid_sas: Do not log an error if FW successfully initializes. Vladimir Zapolskiy (1): spi: sh-msiof: Fix bit field overflow writes to TSCR/RSCR Waiman Long (2): locking/rwsem: Add a new RWSEM_ANONYMOUSLY_OWNED flag locking/percpu-rwsem: Annotate rwsem ownership transfer by setting RWSEM_OWNER_UNKNOWN Wanpeng Li (1): KVM: Extend MAX_IRQ_ROUTES to 4096 for all archs Yan Wang (1): ASoC: topology: Fix bugs of freeing soc topology Ying Xue (1): tipc: eliminate KMSAN uninit-value in strcmp complaint Zhu Yanjun (1): IB/rxe: avoid double kfree_skb dann frazier (1): net: hns: Avoid action name truncation hu huajun (1): KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update jacek.tomaka(a)poczta.fm (1): x86/cpu/intel: Add missing TLB cpuid values oder_chiou(a)realtek.com (1): ASoC: rt5514: Add the missing register in the readable table pgzh (1): HID: lenovo: Add support for IBM/Lenovo Scrollpoint mice sxauwsk (1): spi: cadence: Add usleep_range() for cdns_spi_fill_tx_fifo() van der Linden, Frank (1): x86/xen: Reset VCPU0 info pointer after shared_info remap Łukasz Stelmach (2): ARM: 8753/1: decompressor: add a missing parameter to the addruart macro ARM: 8758/1: decompressor: restore r1 and r2 just before jumping to the kernel .../bindings/display/panel/panel-common.txt | 2 +- .../devicetree/bindings/dma/renesas,rcar-dmac.txt | 1 + .../bindings/pinctrl/allwinner,sunxi-pinctrl.txt | 6 +- .../bindings/serial/amlogic,meson-uart.txt | 2 +- .../bindings/serial/renesas,sci-serial.txt | 2 + .../devicetree/bindings/vendor-prefixes.txt | 1 + arch/arm/boot/compressed/head.S | 20 +- arch/arm/boot/dts/bcm-cygnus.dtsi | 2 +- arch/arm/boot/dts/da850.dtsi | 2 - arch/arm/boot/dts/logicpd-som-lv.dtsi | 11 +- arch/arm/kernel/machine_kexec.c | 34 ++- arch/arm/mach-davinci/board-da830-evm.c | 9 +- arch/arm/mach-davinci/board-da850-evm.c | 9 +- arch/arm/mach-davinci/board-dm355-evm.c | 6 + arch/arm/mach-davinci/board-dm646x-evm.c | 5 +- arch/arm/mach-davinci/board-omapl138-hawk.c | 10 +- arch/arm/mach-davinci/dm646x.c | 3 +- arch/arm/mach-keystone/pm_domain.c | 1 + arch/arm/mach-omap1/ams-delta-fiq.c | 28 +- arch/arm/mach-omap2/powerdomain.c | 4 +- arch/arm64/boot/dts/nvidia/tegra186-p3310.dtsi | 2 +- arch/arm64/include/asm/cputype.h | 6 + arch/arm64/kernel/ptrace.c | 20 +- arch/hexagon/include/asm/io.h | 6 + arch/hexagon/lib/checksum.c | 1 + arch/mips/boot/dts/img/boston.dts | 6 + arch/mips/include/asm/io.h | 4 +- arch/parisc/kernel/drivers.c | 7 +- arch/parisc/kernel/smp.c | 3 +- arch/parisc/kernel/time.c | 2 +- arch/powerpc/include/asm/ftrace.h | 29 ++- arch/powerpc/platforms/powernv/memtrace.c | 17 -- arch/sh/kernel/cpu/sh2/probe.c | 4 + arch/x86/events/intel/core.c | 9 +- arch/x86/include/asm/insn.h | 18 ++ arch/x86/kernel/cpu/intel.c | 3 + arch/x86/kernel/kexec-bzimage64.c | 5 +- arch/x86/kernel/kprobes/core.c | 4 + arch/x86/kernel/uprobes.c | 4 + arch/x86/kvm/hyperv.c | 2 +- arch/x86/kvm/svm.c | 5 +- arch/x86/kvm/vmx.c | 15 +- arch/x86/kvm/x86.c | 19 +- arch/x86/net/bpf_jit_comp.c | 4 +- arch/x86/xen/enlighten_hvm.c | 13 + block/blk-cgroup.c | 22 +- block/blk-mq.c | 19 ++ block/blk-mq.h | 4 +- block/genhd.c | 12 + block/partition-generic.c | 10 +- drivers/acpi/acpi_watchdog.c | 59 ++++- drivers/acpi/sleep.c | 13 + drivers/ata/ahci.c | 6 +- drivers/ata/ahci.h | 7 + drivers/ata/ahci_mvebu.c | 56 ++++ drivers/ata/ahci_qoriq.c | 2 +- drivers/ata/ahci_xgene.c | 4 +- drivers/ata/libahci.c | 20 +- drivers/ata/libata-eh.c | 4 +- drivers/ata/sata_highbank.c | 2 +- drivers/char/agp/uninorth-agp.c | 4 +- drivers/clk/clk-mux.c | 10 +- drivers/clk/clk.c | 7 +- drivers/clk/imx/clk-imx6ul.c | 2 +- drivers/clocksource/timer-imx-tpm.c | 8 +- drivers/firmware/efi/libstub/arm64-stub.c | 10 + drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 13 +- drivers/gpu/drm/drm_dumb_buffers.c | 7 +- drivers/gpu/drm/msm/dsi/dsi_host.c | 2 +- drivers/gpu/drm/msm/msm_fbdev.c | 11 +- drivers/gpu/drm/msm/msm_gem.c | 20 +- drivers/gpu/drm/omapdrm/dss/hdmi4.c | 2 +- drivers/gpu/drm/omapdrm/dss/hdmi4_core.c | 7 +- drivers/gpu/drm/omapdrm/dss/hdmi5.c | 2 +- drivers/gpu/drm/omapdrm/omap_connector.c | 10 + drivers/gpu/drm/omapdrm/omap_dmm_tiler.c | 6 +- drivers/gpu/drm/omapdrm/tcm-sita.c | 2 +- drivers/hid/Kconfig | 7 +- drivers/hid/hid-ids.h | 8 + drivers/hid/hid-lenovo.c | 36 +++ drivers/hid/intel-ish-hid/ishtp/bus.c | 2 +- drivers/hid/wacom_sys.c | 4 +- drivers/i2c/busses/i2c-pmcmsp.c | 4 +- drivers/i2c/busses/i2c-sprd.c | 22 +- drivers/i2c/busses/i2c-viperboard.c | 2 +- drivers/infiniband/Kconfig | 5 +- drivers/infiniband/core/cma.c | 60 +++-- drivers/infiniband/core/iwpm_util.c | 5 +- drivers/infiniband/core/mad.c | 4 +- drivers/infiniband/core/uverbs_ioctl.c | 9 + drivers/infiniband/hw/hfi1/affinity.c | 11 +- drivers/infiniband/hw/hfi1/init.c | 4 +- drivers/infiniband/sw/rxe/rxe_opcode.c | 2 +- drivers/infiniband/sw/rxe/rxe_req.c | 1 - drivers/infiniband/sw/rxe/rxe_resp.c | 6 +- drivers/infiniband/ulp/srp/Kconfig | 2 +- drivers/infiniband/ulp/srpt/Kconfig | 2 +- drivers/input/rmi4/rmi_spi.c | 7 +- drivers/input/touchscreen/atmel_mxt_ts.c | 186 ++++++++------ drivers/iommu/dmar.c | 2 +- drivers/net/can/dev.c | 2 +- drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 2 + drivers/net/ethernet/hisilicon/hns/hnae.h | 2 +- drivers/net/ethernet/intel/ixgbe/ixgbe_x550.c | 3 + .../net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c | 3 +- drivers/net/ethernet/qlogic/qed/qed_l2.c | 6 +- drivers/net/ethernet/qlogic/qede/qede_rdma.c | 2 +- drivers/net/phy/marvell.c | 9 + drivers/nvme/host/Kconfig | 2 +- drivers/nvme/host/core.c | 1 + drivers/nvme/host/fabrics.c | 6 + drivers/nvme/target/Kconfig | 2 +- drivers/pci/dwc/pcie-kirin.c | 2 +- drivers/remoteproc/qcom_q6v5_pil.c | 2 + drivers/rpmsg/rpmsg_char.c | 2 + drivers/s390/net/qeth_core_main.c | 2 +- drivers/s390/net/smsgiucv.c | 2 +- drivers/scsi/isci/port_config.c | 3 +- drivers/scsi/megaraid/megaraid_sas_fusion.c | 6 +- drivers/scsi/scsi_transport_iscsi.c | 29 ++- drivers/scsi/storvsc_drv.c | 7 +- drivers/scsi/vmw_pvscsi.c | 2 +- drivers/soc/bcm/raspberrypi-power.c | 2 +- drivers/spi/spi-bcm2835aux.c | 5 + drivers/spi/spi-cadence.c | 8 + drivers/spi/spi-sh-msiof.c | 1 + drivers/target/target_core_pscsi.c | 2 + drivers/tee/tee_core.c | 11 + drivers/thermal/int340x_thermal/int3403_thermal.c | 3 +- drivers/usb/musb/musb_host.c | 5 +- drivers/usb/musb/musb_host.h | 7 +- drivers/usb/musb/musb_virthub.c | 25 +- drivers/usb/typec/ucsi/Makefile | 2 +- drivers/xen/xenbus/xenbus_dev_frontend.c | 3 +- fs/afs/rxrpc.c | 7 + fs/cifs/smb2ops.c | 6 + fs/ecryptfs/crypto.c | 41 ++- fs/ecryptfs/file.c | 21 +- fs/isofs/inode.c | 3 + fs/namespace.c | 2 +- fs/notify/fsnotify.c | 25 +- fs/ocfs2/refcounttree.c | 14 +- fs/proc/base.c | 6 + fs/proc/kcore.c | 23 +- fs/proc/task_mmu.c | 6 +- include/linux/clk-provider.h | 3 + include/linux/ethtool.h | 2 + include/linux/genhd.h | 4 +- include/linux/kvm_host.h | 8 +- include/linux/mtd/map.h | 2 +- include/linux/percpu-rwsem.h | 6 +- include/linux/rwsem.h | 6 + include/linux/sched.h | 50 +++- include/linux/sched/signal.h | 2 +- include/linux/stringhash.h | 4 +- include/soc/bcm2835/raspberrypi-firmware.h | 4 +- init/main.c | 7 + kernel/kthread.c | 7 +- kernel/locking/rwsem-xadd.c | 19 +- kernel/locking/rwsem.c | 2 - kernel/locking/rwsem.h | 30 ++- kernel/module.c | 5 + kernel/sched/core.c | 17 +- kernel/sched/deadline.c | 4 +- kernel/sched/rt.c | 2 - kernel/sched/sched.h | 5 +- kernel/signal.c | 17 +- kernel/stop_machine.c | 19 +- mm/memcontrol.c | 2 +- net/ipv6/netfilter/Kconfig | 55 ++-- net/key/af_key.c | 45 +++- net/mac80211/agg-tx.c | 4 + net/mac80211/mlme.c | 25 +- net/mac80211/tx.c | 3 +- net/netfilter/nf_tables_api.c | 2 +- net/rds/ib_cm.c | 3 +- net/rxrpc/af_rxrpc.c | 2 +- net/rxrpc/local_object.c | 57 +++-- net/sched/act_skbedit.c | 3 +- net/smc/af_smc.c | 6 +- net/tipc/monitor.c | 2 +- net/tipc/node.c | 28 +- sound/soc/codecs/msm8916-wcd-analog.c | 9 +- sound/soc/codecs/rt5514.c | 3 + sound/soc/soc-topology.c | 6 +- tools/net/bpf_dbg.c | 7 +- tools/objtool/arch/x86/include/asm/insn.h | 18 ++ tools/objtool/check.c | 167 ++++++------ tools/objtool/elf.c | 42 ++- tools/objtool/elf.h | 2 + tools/perf/util/symbol.c | 8 +- .../inter-event/trigger-multi-actions-accept.tc | 44 ++++ tools/testing/selftests/x86/Makefile | 2 +- tools/testing/selftests/x86/mov_ss_trap.c | 285 +++++++++++++++++++++ tools/testing/selftests/x86/mpx-mini-test.c | 7 +- tools/testing/selftests/x86/protection_keys.c | 254 ++++++++++++------ virt/kvm/arm/vgic/vgic-mmio-v2.c | 5 + 197 files changed, 2023 insertions(+), 743 deletions(-) create mode 100644 tools/testing/selftests/ftrace/test.d/trigger/inter-event/trigger-multi-actions-accept.tc create mode 100644 tools/testing/selftests/x86/mov_ss_trap.c -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlsYhUwACgkQ3qZv95d3 LNwvAA/7B6rEh6KBvJ5c3uklyLNuYAPfyDqqKErxQufYU6oZ+fVnxrSXSPEPiKjZ XZ13wR4v/+4LE8/a3bKTlfplyrs9CD5Ty+o9GTTwQ9lbtymu/aEOYqkYd4QW0VgV /jIEY+o/stGW5nPdKYxZVe7g3KYSmSYqWumoHIqzhrxa1eWd6s84+zo72h+QuWXI ahM2b14bDqc4Ku6JoCj7qLq6HJvfQyKLGZwn1QcGKbHjfmX+j1/ccBEVlxlSjGHu YuMlqbzD9YSB+J7js2H6ZMcFcGRMqh0QM9QZOvod0sOdP3o3HtZjmDRn2nyrxWd1 DLyQz1acj6bsnJhsEKRGJ2NGKRgcwPVGhJCUjhjOCb/wbfPOxNsJF4NOVAISJm3Z e6GHN3HWQq4F1JPqGArqa7kphFqLoOTZ/V4pE/iRw9PUq6wu+6vbB05CXBUiMc7t WvPtT37EnYMZwVK4Sto3wAjV9h8On4tY1KRZxv94rSDQpyupLP3KhxQF+XnBs6np XMY6A3Avq3M+giOT1BpZbZsHb5l7WhoTcpD75jUW9gT1pTxuArXdI2VYl2AsULqj 5KmV7JB6d7xHxH+/hoAbORREIFnyEXV6ib8NDDaUrZo5KN09jzwXKMgJU99wTJ8u U9v9kjv7P9fJeTdR8yfxTx0PpXHYKsOPU1Fqj54/6WWYd/gGjZA= =UirW -----END PGP SIGNATURE-----

7 years, 5 months

3
2
0 0

[patch 105/118] fs/binfmt_misc.c: do not allow offset overflow

by akpm＠linux-foundation.org

From: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> Subject: fs/binfmt_misc.c: do not allow offset overflow WHen registering a new binfmt_misc handler, it is possible to overflow the offset to get a negative value, which might crash the system, or possibly leak kernel data. Here is a crash log when 2500000000 was used as an offset: [ 6050.251552] BUG: unable to handle kernel paging request at ffff989cfd6edca0 [ 6050.252053] IP: load_misc_binary+0x22b/0x470 [binfmt_misc] [ 6050.252053] PGD 1ef3e067 P4D 1ef3e067 PUD 0 [ 6050.252053] Oops: 0000 [#1] SMP NOPTI [ 6050.252053] Modules linked in: binfmt_misc kvm_intel ppdev kvm irqbypass joydev input_leds serio_raw mac_hid parport_pc qemu_fw_cfg parpy [ 6050.252053] CPU: 0 PID: 2499 Comm: bash Not tainted 4.15.0-22-generic #24-Ubuntu [ 6050.252053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.1-1 04/01/2014 [ 6050.252053] RIP: 0010:load_misc_binary+0x22b/0x470 [binfmt_misc] [ 6050.252053] RSP: 0018:ffffb6e383017e18 EFLAGS: 00010202 [ 6050.252053] RAX: 0000000000000003 RBX: ffff989d74a47100 RCX: ffff989cfd6edca0 [ 6050.252053] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff989d7d2e95e5 [ 6050.252053] RBP: ffffb6e383017e48 R08: 0000000000000001 R09: 0000000000000000 [ 6050.252053] R10: 0000000000000000 R11: fefefefefefefeff R12: 0000000000000001 [ 6050.252053] R13: ffff989d7d2e9580 R14: 0000000000000000 R15: ffffffffc0592160 [ 6050.252053] FS: 00007fa424c89740(0000) GS:ffff989d7fc00000(0000) knlGS:0000000000000000 [ 6050.252053] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 6050.252053] CR2: ffff989cfd6edca0 CR3: 000000003db08000 CR4: 00000000000006f0 [ 6050.252053] Call Trace: [ 6050.252053] search_binary_handler+0x97/0x1d0 [ 6050.252053] do_execveat_common.isra.34+0x667/0x810 [ 6050.252053] SyS_execve+0x31/0x40 [ 6050.252053] do_syscall_64+0x73/0x130 [ 6050.252053] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 Use kstrtoint instead of simple_strtoul. It will work as the code already set the delimiter byte to '\0' and we only do it when the field is not empty. Tested with offsets -1, 2500000000, UINT_MAX and INT_MAX. Also tested with examples documented at Documentation/admin-guide/binfmt-misc.rst and other registrations from packages on Ubuntu. Link: http://lkml.kernel.org/r/20180529135648.14254-1-cascardo@canonical.com Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Cc: Alexander Viro <viro(a)zeniv.linux.org.uk> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/binfmt_misc.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff -puN fs/binfmt_misc.c~fs-binfmt_miscc-do-not-allow-offset-overflow fs/binfmt_misc.c --- a/fs/binfmt_misc.c~fs-binfmt_miscc-do-not-allow-offset-overflow +++ a/fs/binfmt_misc.c @@ -387,8 +387,13 @@ static Node *create_entry(const char __u s = strchr(p, del); if (!s) goto einval; - *s++ = '\0'; - e->offset = simple_strtoul(p, &p, 10); + *s = '\0'; + if (p != s) { + int r = kstrtoint(p, 10, &e->offset); + if (r != 0 || e->offset < 0) + goto einval; + } + p = s; if (*p++) goto einval; pr_debug("register: offset: %#x\n", e->offset); @@ -428,7 +433,8 @@ static Node *create_entry(const char __u if (e->mask && string_unescape_inplace(e->mask, UNESCAPE_HEX) != e->size) goto einval; - if (e->size + e->offset > BINPRM_BUF_SIZE) + if (e->size > BINPRM_BUF_SIZE || + BINPRM_BUF_SIZE - e->size < e->offset) goto einval; pr_debug("register: magic/mask length: %i\n", e->size); if (USE_DEBUG) { _

7 years, 5 months

1
0
0 0

[patch 079/118] mm, page_alloc: do not break __GFP_THISNODE by zonelist reset

by akpm＠linux-foundation.org

From: Vlastimil Babka <vbabka(a)suse.cz> Subject: mm, page_alloc: do not break __GFP_THISNODE by zonelist reset In __alloc_pages_slowpath() we reset zonelist and preferred_zoneref for allocations that can ignore memory policies. The zonelist is obtained from current CPU's node. This is a problem for __GFP_THISNODE allocations that want to allocate on a different node, e.g. because the allocating thread has been migrated to a different CPU. This has been observed to break SLAB in our 4.4-based kernel, because there it relies on __GFP_THISNODE working as intended. If a slab page is put on wrong node's list, then further list manipulations may corrupt the list because page_to_nid() is used to determine which node's list_lock should be locked and thus we may take a wrong lock and race. Current SLAB implementation seems to be immune by luck thanks to commit 511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on arbitrary node") but there may be others assuming that __GFP_THISNODE works as promised. We can fix it by simply removing the zonelist reset completely. There is actually no reason to reset it, because memory policies and cpusets don't affect the zonelist choice in the first place. This was different when commit 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") introduced the code, as mempolicies provided their own restricted zonelists. We might consider this for 4.17 although I don't know if there's anything currently broken. SLAB is currently not affected, but in kernels older than 4.7 that don't yet have 511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on arbitrary node") it is. That's at least 4.4 LTS. Older ones I'll have to check. So stable backports should be more important, but will have to be reviewed carefully, as the code went through many changes. BTW I think that also the ac->preferred_zoneref reset is currently useless if we don't also reset ac->nodemask from a mempolicy to NULL first (which we probably should for the OOM victims etc?), but I would leave that for a separate patch. Link: http://lkml.kernel.org/r/20180525130853.13915-1-vbabka@suse.cz Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Fixes: 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") Acked-by: Mel Gorman <mgorman(a)techsingularity.net> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: David Rientjes <rientjes(a)google.com> Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/page_alloc.c | 1 - 1 file changed, 1 deletion(-) diff -puN mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset mm/page_alloc.c --- a/mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset +++ a/mm/page_alloc.c @@ -4169,7 +4169,6 @@ retry: * orientated. */ if (!(alloc_flags & ALLOC_CPUSET) || reserve_flags) { - ac->zonelist = node_zonelist(numa_node_id(), gfp_mask); ac->preferred_zoneref = first_zones_zonelist(ac->zonelist, ac->high_zoneidx, ac->nodemask); } _

7 years, 5 months

1
0
0 0

[patch 105/118] fs/binfmt_misc.c: do not allow offset overflow

by akpm＠linux-foundation.org

From: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> Subject: fs/binfmt_misc.c: do not allow offset overflow WHen registering a new binfmt_misc handler, it is possible to overflow the offset to get a negative value, which might crash the system, or possibly leak kernel data. Here is a crash log when 2500000000 was used as an offset: [ 6050.251552] BUG: unable to handle kernel paging request at ffff989cfd6edca0 [ 6050.252053] IP: load_misc_binary+0x22b/0x470 [binfmt_misc] [ 6050.252053] PGD 1ef3e067 P4D 1ef3e067 PUD 0 [ 6050.252053] Oops: 0000 [#1] SMP NOPTI [ 6050.252053] Modules linked in: binfmt_misc kvm_intel ppdev kvm irqbypass joydev input_leds serio_raw mac_hid parport_pc qemu_fw_cfg parpy [ 6050.252053] CPU: 0 PID: 2499 Comm: bash Not tainted 4.15.0-22-generic #24-Ubuntu [ 6050.252053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.1-1 04/01/2014 [ 6050.252053] RIP: 0010:load_misc_binary+0x22b/0x470 [binfmt_misc] [ 6050.252053] RSP: 0018:ffffb6e383017e18 EFLAGS: 00010202 [ 6050.252053] RAX: 0000000000000003 RBX: ffff989d74a47100 RCX: ffff989cfd6edca0 [ 6050.252053] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff989d7d2e95e5 [ 6050.252053] RBP: ffffb6e383017e48 R08: 0000000000000001 R09: 0000000000000000 [ 6050.252053] R10: 0000000000000000 R11: fefefefefefefeff R12: 0000000000000001 [ 6050.252053] R13: ffff989d7d2e9580 R14: 0000000000000000 R15: ffffffffc0592160 [ 6050.252053] FS: 00007fa424c89740(0000) GS:ffff989d7fc00000(0000) knlGS:0000000000000000 [ 6050.252053] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 6050.252053] CR2: ffff989cfd6edca0 CR3: 000000003db08000 CR4: 00000000000006f0 [ 6050.252053] Call Trace: [ 6050.252053] search_binary_handler+0x97/0x1d0 [ 6050.252053] do_execveat_common.isra.34+0x667/0x810 [ 6050.252053] SyS_execve+0x31/0x40 [ 6050.252053] do_syscall_64+0x73/0x130 [ 6050.252053] entry_SYSCALL_64_after_hwframe+0x3d/0xa2 Use kstrtoint instead of simple_strtoul. It will work as the code already set the delimiter byte to '\0' and we only do it when the field is not empty. Tested with offsets -1, 2500000000, UINT_MAX and INT_MAX. Also tested with examples documented at Documentation/admin-guide/binfmt-misc.rst and other registrations from packages on Ubuntu. Link: http://lkml.kernel.org/r/20180529135648.14254-1-cascardo@canonical.com Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo(a)canonical.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Cc: Alexander Viro <viro(a)zeniv.linux.org.uk> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/binfmt_misc.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff -puN fs/binfmt_misc.c~fs-binfmt_miscc-do-not-allow-offset-overflow fs/binfmt_misc.c --- a/fs/binfmt_misc.c~fs-binfmt_miscc-do-not-allow-offset-overflow +++ a/fs/binfmt_misc.c @@ -387,8 +387,13 @@ static Node *create_entry(const char __u s = strchr(p, del); if (!s) goto einval; - *s++ = '\0'; - e->offset = simple_strtoul(p, &p, 10); + *s = '\0'; + if (p != s) { + int r = kstrtoint(p, 10, &e->offset); + if (r != 0 || e->offset < 0) + goto einval; + } + p = s; if (*p++) goto einval; pr_debug("register: offset: %#x\n", e->offset); @@ -428,7 +433,8 @@ static Node *create_entry(const char __u if (e->mask && string_unescape_inplace(e->mask, UNESCAPE_HEX) != e->size) goto einval; - if (e->size + e->offset > BINPRM_BUF_SIZE) + if (e->size > BINPRM_BUF_SIZE || + BINPRM_BUF_SIZE - e->size < e->offset) goto einval; pr_debug("register: magic/mask length: %i\n", e->size); if (USE_DEBUG) { _

7 years, 5 months

1
0
0 0

[patch 079/118] mm, page_alloc: do not break __GFP_THISNODE by zonelist reset

by akpm＠linux-foundation.org

From: Vlastimil Babka <vbabka(a)suse.cz> Subject: mm, page_alloc: do not break __GFP_THISNODE by zonelist reset In __alloc_pages_slowpath() we reset zonelist and preferred_zoneref for allocations that can ignore memory policies. The zonelist is obtained from current CPU's node. This is a problem for __GFP_THISNODE allocations that want to allocate on a different node, e.g. because the allocating thread has been migrated to a different CPU. This has been observed to break SLAB in our 4.4-based kernel, because there it relies on __GFP_THISNODE working as intended. If a slab page is put on wrong node's list, then further list manipulations may corrupt the list because page_to_nid() is used to determine which node's list_lock should be locked and thus we may take a wrong lock and race. Current SLAB implementation seems to be immune by luck thanks to commit 511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on arbitrary node") but there may be others assuming that __GFP_THISNODE works as promised. We can fix it by simply removing the zonelist reset completely. There is actually no reason to reset it, because memory policies and cpusets don't affect the zonelist choice in the first place. This was different when commit 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") introduced the code, as mempolicies provided their own restricted zonelists. We might consider this for 4.17 although I don't know if there's anything currently broken. SLAB is currently not affected, but in kernels older than 4.7 that don't yet have 511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on arbitrary node") it is. That's at least 4.4 LTS. Older ones I'll have to check. So stable backports should be more important, but will have to be reviewed carefully, as the code went through many changes. BTW I think that also the ac->preferred_zoneref reset is currently useless if we don't also reset ac->nodemask from a mempolicy to NULL first (which we probably should for the OOM victims etc?), but I would leave that for a separate patch. Link: http://lkml.kernel.org/r/20180525130853.13915-1-vbabka@suse.cz Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Fixes: 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") Acked-by: Mel Gorman <mgorman(a)techsingularity.net> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: David Rientjes <rientjes(a)google.com> Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/page_alloc.c | 1 - 1 file changed, 1 deletion(-) diff -puN mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset mm/page_alloc.c --- a/mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset +++ a/mm/page_alloc.c @@ -4169,7 +4169,6 @@ retry: * orientated. */ if (!(alloc_flags & ALLOC_CPUSET) || reserve_flags) { - ac->zonelist = node_zonelist(numa_node_id(), gfp_mask); ac->preferred_zoneref = first_zones_zonelist(ac->zonelist, ac->high_zoneidx, ac->nodemask); } _

7 years, 5 months

1
0
0 0

[PATCH] kvm: fix typo in flag name

by Michael S. Tsirkin

KVM_X86_DISABLE_EXITS_HTL really refers to exit on halt. Obviously a typo: should be named KVM_X86_DISABLE_EXITS_HLT. Fixes: caa057a2cad ("KVM: X86: Provide a capability to disable HLT intercepts") Cc: stable(a)vger.kernel.org Signed-off-by: Michael S. Tsirkin <mst(a)redhat.com> --- arch/x86/kvm/x86.c | 4 ++-- include/uapi/linux/kvm.h | 4 ++-- tools/include/uapi/linux/kvm.h | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c index 71e7cda6d014..dcc64e7d946d 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -2894,7 +2894,7 @@ int kvm_vm_ioctl_check_extension(struct kvm *kvm, long ext) r = KVM_CLOCK_TSC_STABLE; break; case KVM_CAP_X86_DISABLE_EXITS: - r |= KVM_X86_DISABLE_EXITS_HTL | KVM_X86_DISABLE_EXITS_PAUSE; + r |= KVM_X86_DISABLE_EXITS_HLT | KVM_X86_DISABLE_EXITS_PAUSE; if(kvm_can_mwait_in_guest()) r |= KVM_X86_DISABLE_EXITS_MWAIT; break; @@ -4248,7 +4248,7 @@ static int kvm_vm_ioctl_enable_cap(struct kvm *kvm, if ((cap->args[0] & KVM_X86_DISABLE_EXITS_MWAIT) && kvm_can_mwait_in_guest()) kvm->arch.mwait_in_guest = true; - if (cap->args[0] & KVM_X86_DISABLE_EXITS_HTL) + if (cap->args[0] & KVM_X86_DISABLE_EXITS_HLT) kvm->arch.hlt_in_guest = true; if (cap->args[0] & KVM_X86_DISABLE_EXITS_PAUSE) kvm->arch.pause_in_guest = true; diff --git a/include/uapi/linux/kvm.h b/include/uapi/linux/kvm.h index b02c41e53d56..39e364c70caf 100644 --- a/include/uapi/linux/kvm.h +++ b/include/uapi/linux/kvm.h @@ -677,10 +677,10 @@ struct kvm_ioeventfd { }; #define KVM_X86_DISABLE_EXITS_MWAIT (1 << 0) -#define KVM_X86_DISABLE_EXITS_HTL (1 << 1) +#define KVM_X86_DISABLE_EXITS_HLT (1 << 1) #define KVM_X86_DISABLE_EXITS_PAUSE (1 << 2) #define KVM_X86_DISABLE_VALID_EXITS (KVM_X86_DISABLE_EXITS_MWAIT | \ - KVM_X86_DISABLE_EXITS_HTL | \ + KVM_X86_DISABLE_EXITS_HLT | \ KVM_X86_DISABLE_EXITS_PAUSE) /* for KVM_ENABLE_CAP */ diff --git a/tools/include/uapi/linux/kvm.h b/tools/include/uapi/linux/kvm.h index b02c41e53d56..39e364c70caf 100644 --- a/tools/include/uapi/linux/kvm.h +++ b/tools/include/uapi/linux/kvm.h @@ -677,10 +677,10 @@ struct kvm_ioeventfd { }; #define KVM_X86_DISABLE_EXITS_MWAIT (1 << 0) -#define KVM_X86_DISABLE_EXITS_HTL (1 << 1) +#define KVM_X86_DISABLE_EXITS_HLT (1 << 1) #define KVM_X86_DISABLE_EXITS_PAUSE (1 << 2) #define KVM_X86_DISABLE_VALID_EXITS (KVM_X86_DISABLE_EXITS_MWAIT | \ - KVM_X86_DISABLE_EXITS_HTL | \ + KVM_X86_DISABLE_EXITS_HLT | \ KVM_X86_DISABLE_EXITS_PAUSE) /* for KVM_ENABLE_CAP */ -- MST

7 years, 5 months

1
0
0 0

Apply 2ae89c7a82ea to all active branches

by Nathan Chancellor

Hi Greg, Please apply 2ae89c7a82ea ("kconfig: Avoid format overflow warning from GCC 8.1") to all active branches. I am rather tired of seeing these warnings every time I need to compile. It will apply cleanly. Thanks! Nathan

7 years, 5 months

2
1
0 0

panic at boot time with kernel >= 4.9.98 - uninitialized system_wq in early interrupt

by Max Asbock

We have been seeing kernel panics on certain systems with the 4.9.x stable kernel, where x >= 98. We captured the following panic message: [ 6.252000] BUG: unable to handle kernel NULL pointer dereference at 0000000000000102 [ 6.261222] IP: [<ffffffff810a8ea2>] __queue_work+0x32/0x430 [ 6.267826] PGD 0 [ 6.269951] [ 6.271887] Oops: 0000 [#1] SMP [ 6.275576] Modules linked in: [ 6.279264] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.9.100 #1 [ 6.296760] task: ffffffff81c114c0 task.stack: ffffffff81c00000 [ 6.303564] RIP: 0010:[<ffffffff810a8ea2>] [<ffffffff810a8ea2>] __queue_work+0x32/0x430 [ 6.312997] RSP: 0000:ffff897a40403d98 EFLAGS: 00010046 [ 6.319120] RAX: 0000000000000082 RBX: 0000000000000046 RCX: 0000000000000000 [ 6.327282] RDX: ffffffff81d02300 RSI: 0000000000000000 RDI: 0000000000002000 [ 6.335443] RBP: ffff897a40403dd0 R08: 00000000d431dd4b R09: 0000000000000000 [ 6.343606] R10: ffff897a40403e08 R11: ffffffff8227615c R12: ffffffff81d02300 [ 6.351766] R13: 0000000000002000 R14: 0000000000000000 R15: ffffffff81a88ffd [ 6.359930] FS: 0000000000000000(0000) GS:ffff897a40400000(0000) knlGS:0000000000000000 [ 6.369274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 6.375883] CR2: 0000000000000102 CR3: 0000000001c08000 CR4: 0000000000040630 [ 6.384045] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 6.392206] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 6.400366] Stack: [ 6.402801] 0000001000000000 0000200040403e08 0000000000000046 0000000000000002 [ 6.411723] ffffffff82275f40 ffff897a40403e08 ffffffff81a88ffd ffff897a40403de8 [ 6.420638] ffffffff810a9677 ffffffff82275f88 ffff897a40403e78 ffffffff8148dff4 [ 6.429554] Call Trace: [ 6.432473] <IRQ> [ 6.434698] [<ffffffff810a9677>] queue_work_on+0x27/0x40 [ 6.441121] [<ffffffff8148dff4>] crng_reseed+0x154/0x260 [ 6.447343] [<ffffffff8148e334>] credit_entropy_bits+0x234/0x2a0 [ 6.454343] [<ffffffff8148e77b>] ? add_interrupt_randomness+0x1bb/0x220 [ 6.462020] [<ffffffff8148e77b>] add_interrupt_randomness+0x1bb/0x220 [ 6.469506] [<ffffffff810ef8f0>] handle_irq_event_percpu+0x40/0x80 [ 6.476698] [<ffffffff810ef96b>] handle_irq_event+0x3b/0x60 [ 6.483211] [<ffffffff810f2e7f>] handle_level_irq+0x8f/0x110 [ 6.489823] [<ffffffff81030fd5>] handle_irq+0xb5/0x140 [ 6.495854] [<ffffffff81096651>] ? _local_bh_enable+0x21/0x50 [ 6.502562] [<ffffffff81038ab5>] ? __exit_idle+0x5/0x30 [ 6.508689] [<ffffffff817250cd>] do_IRQ+0x4d/0xe0 [ 6.514232] [<ffffffff81722ba0>] common_interrupt+0xa0/0xa0 [ 6.520744] <EOI> [ 6.522968] [<ffffffff81ddeb08>] ? vfs_caches_init+0xe1/0xe3 [ 6.529779] [<ffffffff81da212e>] start_kernel+0x451/0x4c8 [ 6.536096] [<ffffffff81da1acb>] ? set_init_arg+0x55/0x55 [ 6.542415] [<ffffffff81da1120>] ? early_idt_handler_array+0x120/0x120 [ 6.549995] [<ffffffff81da15d6>] x86_64_start_reservations+0x2a/0x2c [ 6.557381] [<ffffffff81da1714>] x86_64_start_kernel+0x13c/0x15f [ 6.564378] Code: 89 e5 41 57 41 56 49 89 f6 41 55 41 89 fd 41 54 49 89 d4 53 48 83 ec 10 89 7d d4 ff 14 25 80 86 c3 81 f6 c4 02 0f 85 1f 03 00 00 <41> f6 86 02 01 00 00 01 0f 85 b2 02 00 00 49 c7 c7 78 69 01 00 [ 6.591500] RIP [<ffffffff810a8ea2>] __queue_work+0x32/0x430 [ 6.598197] RSP <ffff897a40403d98> [ 6.602281] CR2: 0000000000000102 The NULL pointer dereference happens because the second argument to __queue_work is 0. The second argument is a struct workqueue_struct, specifically system_wq. This shows that an interrupt happened before the system_wq was initialized. We believe the problem was introduced with this commit: $ git show c3ff2da5cef05676d490fa9057b2dceb5e48cdb9 commit c3ff2da5cef05676d490fa9057b2dceb5e48cdb9 Author: Theodore Ts'o <tytso(a)mit.edu> Date: Mon Apr 23 18:51:28 2018 -0400 random: fix possible sleeping allocation from irq context commit 6c1e851c4edc13a43adb3ea4044e3fc8f43ccf7d upstream. We can do a sleeping allocation from an irq context when CONFIG_NUMA is enabled. Fix this by initializing the NUMA crng instances in a workqueue. Reported-by: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> Reported-by: syzbot+9de458f6a5e713ee8c1a(a)syzkaller.appspotmail.com Fixes: 8ef35c866f8862df ("random: set up the NUMA crng instances...") Cc: stable(a)vger.kernel.org Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> diff --git a/drivers/char/random.c b/drivers/char/random.c index b979173..dbfb3e69 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -820,7 +820,7 @@ static int crng_fast_load(const char *cp, size_t len) } #ifdef CONFIG_NUMA -static void numa_crng_init(void) +static void do_numa_crng_init(struct work_struct *work) { int i; struct crng_state *crng; @@ -841,6 +841,13 @@ static void numa_crng_init(void) kfree(pool); } } + +static DECLARE_WORK(numa_crng_init_work, do_numa_crng_init); + +static void numa_crng_init(void) +{ + schedule_work(&numa_crng_init_work); +} #else static void numa_crng_init(void) {} #endif Apparently we can't count on system_wq being initialized when schedule_work is called in numa_crng_init from an early interrupt. I don't understand the underlying code enough to propose a fix right away. thanks, Max

7 years, 5 months

2
3
0 0

[PATCH] x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec()

by Dan Williams

Mark notes that gcc optimization passes have the potential to elide necessary invocations of this instruction sequence, so include an optimization barrier. > I think that either way, we have a potential problem if the compiler > generates a branch dependent on the result of validate_index_nospec(). > > In that case, we could end up with codegen approximating: > > bool safe = false; > > if (idx < bound) { > idx = array_index_nospec(idx, bound); > safe = true; > } > > // this branch can be mispredicted > if (safe) { > foo = array[idx]; > } > > ... and thus we lose the nospec protection. I see GCC do this at -O0, but so far I haven't tricked it into doing this at -O1 or above. Regardless, I worry this is fragile -- GCC *can* generate code as per the above, even if it's unlikely to. Cc: <stable(a)vger.kernel.org> Fixes: babdde2698d4 ("x86: Implement array_index_mask_nospec") Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Ingo Molnar <mingo(a)kernel.org> Reported-by: Mark Rutland <mark.rutland(a)arm.com> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- arch/x86/include/asm/barrier.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/arch/x86/include/asm/barrier.h b/arch/x86/include/asm/barrier.h index 042b5e892ed1..41f7435c84a7 100644 --- a/arch/x86/include/asm/barrier.h +++ b/arch/x86/include/asm/barrier.h @@ -38,10 +38,11 @@ static inline unsigned long array_index_mask_nospec(unsigned long index, { unsigned long mask; - asm ("cmp %1,%2; sbb %0,%0;" + asm volatile ("cmp %1,%2; sbb %0,%0;" :"=r" (mask) :"g"(size),"r" (index) :"cc"); + barrier(); return mask; }

7 years, 5 months

4
4
0 0

[PATCH v2 2/2] iommu/vt-d: fix dev iotlb pfsid use

by Jacob Pan

PFSID should be used in the invalidation descriptor for flushing device IOTLBs on SRIOV VFs. Signed-off-by: Jacob Pan <jacob.jun.pan(a)linux.intel.com> Cc: stable(a)vger.kernel.org Cc: "Ashok Raj" <ashok.raj(a)intel.com> Cc: "Lu Baolu" <baolu.lu(a)linux.intel.com> --- drivers/iommu/dmar.c | 6 +++--- drivers/iommu/intel-iommu.c | 17 ++++++++++++++++- include/linux/intel-iommu.h | 5 ++--- 3 files changed, 21 insertions(+), 7 deletions(-) diff --git a/drivers/iommu/dmar.c b/drivers/iommu/dmar.c index 460bed4..7852678 100644 --- a/drivers/iommu/dmar.c +++ b/drivers/iommu/dmar.c @@ -1339,8 +1339,8 @@ void qi_flush_iotlb(struct intel_iommu *iommu, u16 did, u64 addr, qi_submit_sync(&desc, iommu); } -void qi_flush_dev_iotlb(struct intel_iommu *iommu, u16 sid, u16 qdep, - u64 addr, unsigned mask) +void qi_flush_dev_iotlb(struct intel_iommu *iommu, u16 sid, u16 pfsid, + u16 qdep, u64 addr, unsigned mask) { struct qi_desc desc; @@ -1355,7 +1355,7 @@ void qi_flush_dev_iotlb(struct intel_iommu *iommu, u16 sid, u16 qdep, qdep = 0; desc.low = QI_DEV_IOTLB_SID(sid) | QI_DEV_IOTLB_QDEP(qdep) | - QI_DIOTLB_TYPE; + QI_DIOTLB_TYPE | QI_DEV_IOTLB_PFSID(pfsid); qi_submit_sync(&desc, iommu); } diff --git a/drivers/iommu/intel-iommu.c b/drivers/iommu/intel-iommu.c index 3d77d61..8b533cc 100644 --- a/drivers/iommu/intel-iommu.c +++ b/drivers/iommu/intel-iommu.c @@ -1503,6 +1503,20 @@ static void iommu_enable_dev_iotlb(struct device_domain_info *info) return; pdev = to_pci_dev(info->dev); + /* For IOMMU that supports device IOTLB throttling (DIT), we assign + * PFSID to the invalidation desc of a VF such that IOMMU HW can gauge + * queue depth at PF level. If DIT is not set, PFSID will be treated as + * reserved, which should be set to 0. + */ + if (!ecap_dit(info->iommu->ecap)) + info->pfsid = 0; + else { + struct pci_dev *pf_pdev; + + /* pdev will be returned if device is not a vf */ + pf_pdev = pci_physfn(pdev); + info->pfsid = PCI_DEVID(pf_pdev->bus->number, pf_pdev->devfn); + } #ifdef CONFIG_INTEL_IOMMU_SVM /* The PCIe spec, in its wisdom, declares that the behaviour of @@ -1568,7 +1582,8 @@ static void iommu_flush_dev_iotlb(struct dmar_domain *domain, sid = info->bus << 8 | info->devfn; qdep = info->ats_qdep; - qi_flush_dev_iotlb(info->iommu, sid, qdep, addr, mask); + qi_flush_dev_iotlb(info->iommu, sid, info->pfsid, + qdep, addr, mask); } spin_unlock_irqrestore(&device_domain_lock, flags); } diff --git a/include/linux/intel-iommu.h b/include/linux/intel-iommu.h index af1c05f..7fd9fbae 100644 --- a/include/linux/intel-iommu.h +++ b/include/linux/intel-iommu.h @@ -456,9 +456,8 @@ extern void qi_flush_context(struct intel_iommu *iommu, u16 did, u16 sid, u8 fm, u64 type); extern void qi_flush_iotlb(struct intel_iommu *iommu, u16 did, u64 addr, unsigned int size_order, u64 type); -extern void qi_flush_dev_iotlb(struct intel_iommu *iommu, u16 sid, u16 qdep, - u64 addr, unsigned mask); - +extern void qi_flush_dev_iotlb(struct intel_iommu *iommu, u16 sid, u16 pfsid, + u16 qdep, u64 addr, unsigned mask); extern int qi_submit_sync(struct qi_desc *desc, struct intel_iommu *iommu); extern int dmar_ir_support(void); -- 2.7.4

7 years, 5 months

1
0
0 0

[PATCH 4.16.y] netfilter: nf_flow_table: attach dst to skbs

by Jason A. Donenfeld

commit 2a79fd3908acd88e6cb0e620c314d7b1fee56a02 upstream. Some drivers, such as vxlan and wireguard, use the skb's dst in order to determine things like PMTU. They therefore loose functionality when flow offloading is enabled. So, we ensure the skb has it before xmit'ing it in the offloading path. Signed-off-by: Jason A. Donenfeld <Jason(a)zx2c4.com> --- net/ipv4/netfilter/nf_flow_table_ipv4.c | 5 +++-- net/ipv6/netfilter/nf_flow_table_ipv6.c | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/net/ipv4/netfilter/nf_flow_table_ipv4.c b/net/ipv4/netfilter/nf_flow_table_ipv4.c index 0cd46bffa469..fc3923932eda 100644 --- a/net/ipv4/netfilter/nf_flow_table_ipv4.c +++ b/net/ipv4/netfilter/nf_flow_table_ipv4.c @@ -213,7 +213,7 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, enum flow_offload_tuple_dir dir; struct flow_offload *flow; struct net_device *outdev; - const struct rtable *rt; + struct rtable *rt; struct iphdr *iph; __be32 nexthop; @@ -234,7 +234,7 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, dir = tuplehash->tuple.dir; flow = container_of(tuplehash, struct flow_offload, tuplehash[dir]); - rt = (const struct rtable *)flow->tuplehash[dir].tuple.dst_cache; + rt = (struct rtable *)flow->tuplehash[dir].tuple.dst_cache; if (unlikely(nf_flow_exceeds_mtu(skb, rt))) return NF_ACCEPT; @@ -251,6 +251,7 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, skb->dev = outdev; nexthop = rt_nexthop(rt, flow->tuplehash[!dir].tuple.src_v4.s_addr); + skb_dst_set_noref(skb, &rt->dst); neigh_xmit(NEIGH_ARP_TABLE, outdev, &nexthop, skb); return NF_STOLEN; diff --git a/net/ipv6/netfilter/nf_flow_table_ipv6.c b/net/ipv6/netfilter/nf_flow_table_ipv6.c index 207cb35569b1..2d6652146bba 100644 --- a/net/ipv6/netfilter/nf_flow_table_ipv6.c +++ b/net/ipv6/netfilter/nf_flow_table_ipv6.c @@ -243,6 +243,7 @@ nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb, skb->dev = outdev; nexthop = rt6_nexthop(rt, &flow->tuplehash[!dir].tuple.src_v6); + skb_dst_set_noref(skb, &rt->dst); neigh_xmit(NEIGH_ND_TABLE, outdev, nexthop, skb); return NF_STOLEN; -- 2.17.1

7 years, 5 months

2
1
0 0

[PATCH v4.17.y] netfilter: nf_flow_table: attach dst to skbs

by Jason A. Donenfeld

commit 2a79fd3908acd88e6cb0e620c314d7b1fee56a02 upstream. Some drivers, such as vxlan and wireguard, use the skb's dst in order to determine things like PMTU. They therefore loose functionality when flow offloading is enabled. So, we ensure the skb has it before xmit'ing it in the offloading path. Signed-off-by: Jason A. Donenfeld <Jason(a)zx2c4.com> --- net/ipv4/netfilter/nf_flow_table_ipv4.c | 5 +++-- net/ipv6/netfilter/nf_flow_table_ipv6.c | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/net/ipv4/netfilter/nf_flow_table_ipv4.c b/net/ipv4/netfilter/nf_flow_table_ipv4.c index 0cd46bffa469..fc3923932eda 100644 --- a/net/ipv4/netfilter/nf_flow_table_ipv4.c +++ b/net/ipv4/netfilter/nf_flow_table_ipv4.c @@ -213,7 +213,7 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, enum flow_offload_tuple_dir dir; struct flow_offload *flow; struct net_device *outdev; - const struct rtable *rt; + struct rtable *rt; struct iphdr *iph; __be32 nexthop; @@ -234,7 +234,7 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, dir = tuplehash->tuple.dir; flow = container_of(tuplehash, struct flow_offload, tuplehash[dir]); - rt = (const struct rtable *)flow->tuplehash[dir].tuple.dst_cache; + rt = (struct rtable *)flow->tuplehash[dir].tuple.dst_cache; if (unlikely(nf_flow_exceeds_mtu(skb, rt))) return NF_ACCEPT; @@ -251,6 +251,7 @@ nf_flow_offload_ip_hook(void *priv, struct sk_buff *skb, skb->dev = outdev; nexthop = rt_nexthop(rt, flow->tuplehash[!dir].tuple.src_v4.s_addr); + skb_dst_set_noref(skb, &rt->dst); neigh_xmit(NEIGH_ARP_TABLE, outdev, &nexthop, skb); return NF_STOLEN; diff --git a/net/ipv6/netfilter/nf_flow_table_ipv6.c b/net/ipv6/netfilter/nf_flow_table_ipv6.c index 207cb35569b1..2d6652146bba 100644 --- a/net/ipv6/netfilter/nf_flow_table_ipv6.c +++ b/net/ipv6/netfilter/nf_flow_table_ipv6.c @@ -243,6 +243,7 @@ nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb, skb->dev = outdev; nexthop = rt6_nexthop(rt, &flow->tuplehash[!dir].tuple.src_v6); + skb_dst_set_noref(skb, &rt->dst); neigh_xmit(NEIGH_ND_TABLE, outdev, nexthop, skb); return NF_STOLEN; -- 2.17.1

7 years, 5 months

1
0
0 0

[PATCH v3 0/2] Fixes for v4.4

by Jarkko Sakkinen

Chris Chiu (1): tpm: self test failure should not cause suspend to fail Enric Balletbo i Serra (1): tpm: do not suspend/resume if power stays on drivers/char/tpm/tpm-chip.c | 12 ++++++++++++ drivers/char/tpm/tpm-interface.c | 7 +++++++ drivers/char/tpm/tpm.h | 1 + 3 files changed, 20 insertions(+) -- v3: use CONFIG_OF flag v2: moved the check from tpm_of.c to tpm-chip.c as in v4.4 chip is unreachable otherwise. I did compilation test now with BuildRoot for power arch. 2.17.0

7 years, 5 months

2
5
0 0

Please add e2731e55884f2138a252b0a to 4.14 and 4.9

by David Sterba

Hi, please add the commit e2731e55884f2138a252b0a3d7b24d57e49c3c59 ("btrfs: define SUPER_FLAG_METADUMP_V2") to the 4.14.x and 4.9.x stable trees. The patch allows to mount an image dump of v2 format on < 4.15 kernels that are still in use for the btrfs-progs testsuite. The image mount is part of some tests that fail but otherwise are ok. The patch can be cleanly applied on top of current 4.14 and 4.9 branches, fails on 4.4 and older but I'm interested namely in 4.14. Thanks.

7 years, 5 months

2
1
0 0

[PATCH] KVM: VMX: Expose SSBD properly to guests.

by Konrad Rzeszutek Wilk

The X86_FEATURE_SSBD is an synthetic CPU feature - that is it bit location has no relevance to the real CPUID 0x7.EBX[31] bit position. For that we need the new CPU feature name. Fixes: 52817587e706 ("x86/cpufeatures: Disentangle SSBD enumeration") CC: Paolo Bonzini <pbonzini(a)redhat.com> Cc: "Radim Krčmář" <rkrcmar(a)redhat.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: stable(a)vger.kernel.org Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk(a)oracle.com> --- arch/x86/kvm/cpuid.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kvm/cpuid.c b/arch/x86/kvm/cpuid.c index ced851169730..598461e24be3 100644 --- a/arch/x86/kvm/cpuid.c +++ b/arch/x86/kvm/cpuid.c @@ -407,8 +407,8 @@ static inline int __do_cpuid_ent(struct kvm_cpuid_entry2 *entry, u32 function, /* cpuid 7.0.edx*/ const u32 kvm_cpuid_7_0_edx_x86_features = - F(AVX512_4VNNIW) | F(AVX512_4FMAPS) | F(SPEC_CTRL) | F(SSBD) | - F(ARCH_CAPABILITIES); + F(AVX512_4VNNIW) | F(AVX512_4FMAPS) | F(SPEC_CTRL) | + F(SPEC_CTRL_SSBD) | F(ARCH_CAPABILITIES); /* all calls to cpuid_count() should be made on the same cpu */ get_cpu(); -- 2.13.4

7 years, 5 months

3
2
0 0

[PATCH] Input: xpad - Add usb-ids for the XBOX360 controller built into the GPD win 2

by Hans de Goede

The GPD win 2 x86 portable game computer comes with a builtin XBOX360 controller with a vid:pid of 0079:18d4. Add support for this controller. BugLink: https://www.reddit.com/r/gpdwin/comments/8l5vn8/gpd_win_2_gamepad_in_linux/ Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> --- drivers/input/joystick/xpad.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/input/joystick/xpad.c b/drivers/input/joystick/xpad.c index 06e9650b3b30..c4f119a6e9d7 100644 --- a/drivers/input/joystick/xpad.c +++ b/drivers/input/joystick/xpad.c @@ -123,6 +123,7 @@ static const struct xpad_device { u8 mapping; u8 xtype; } xpad_device[] = { + { 0x0079, 0x18d4, "GPD WIN 2", 0, XTYPE_XBOX360 }, { 0x044f, 0x0f00, "Thrustmaster Wheel", 0, XTYPE_XBOX }, { 0x044f, 0x0f03, "Thrustmaster Wheel", 0, XTYPE_XBOX }, { 0x044f, 0x0f07, "Thrustmaster, Inc. Controller", 0, XTYPE_XBOX }, -- 2.17.1

7 years, 5 months

2
1
0 0

[PATCH] Input: goodix - Add "GDIX1002" ACPI HID

by Hans de Goede

Some newer devices with a goodix touchscreen use GDIX1002 as ACPI HID rather then GDIX1001. These devices work fine with the goodix driver as is. This commit adds the new "GDIX1002" ACPI HID to make the touchscreen work on these devices. Buglink: https://www.reddit.com/r/gpdwin/comments/8lwy8n/gpd_win_2_linux_touchscreen… Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> --- drivers/input/touchscreen/goodix.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/input/touchscreen/goodix.c b/drivers/input/touchscreen/goodix.c index 9736c83dd418..f2d9c2c41885 100644 --- a/drivers/input/touchscreen/goodix.c +++ b/drivers/input/touchscreen/goodix.c @@ -933,6 +933,7 @@ MODULE_DEVICE_TABLE(i2c, goodix_ts_id); #ifdef CONFIG_ACPI static const struct acpi_device_id goodix_acpi_match[] = { { "GDIX1001", 0 }, + { "GDIX1002", 0 }, { } }; MODULE_DEVICE_TABLE(acpi, goodix_acpi_match); -- 2.17.1

7 years, 5 months

2
1
0 0

[PATCH v3 0/2] Fixes for v4.9

by Jarkko Sakkinen

Chris Chiu (1): tpm: self test failure should not cause suspend to fail Enric Balletbo i Serra (1): tpm: do not suspend/resume if power stays on drivers/char/tpm/tpm-chip.c | 12 ++++++++++++ drivers/char/tpm/tpm-interface.c | 7 +++++++ drivers/char/tpm/tpm.h | 1 + 3 files changed, 20 insertions(+) -- v3: use CONFIG_OF flag v2: moved the check from tpm_of.c to tpm-chip.c as in v4.4 chip is unreachable otherwise. I did compilation test now with BuildRoot for power arch. 2.17.0

7 years, 5 months

2
3
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror