- Linux-stable-mirror - lists.linaro.org

[patch 16/16] kasan: fix memory hotplug during boot

by akpm＠linux-foundation.org

From: David Hildenbrand <david(a)redhat.com> Subject: kasan: fix memory hotplug during boot Using module_init() is wrong. E.g. ACPI adds and onlines memory before our memory notifier gets registered. This makes sure that ACPI memory detected during boot up will not result in a kernel crash. Easily reproducible with QEMU, just specify a DIMM when starting up. Link: http://lkml.kernel.org/r/20180522100756.18478-3-david@redhat.com Fixes: 786a8959912e ("kasan: disable memory hotplug") Signed-off-by: David Hildenbrand <david(a)redhat.com> Acked-by: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Cc: Alexander Potapenko <glider(a)google.com> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/kasan/kasan.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff -puN mm/kasan/kasan.c~kasan-fix-memory-hotplug-during-boot mm/kasan/kasan.c --- a/mm/kasan/kasan.c~kasan-fix-memory-hotplug-during-boot +++ a/mm/kasan/kasan.c @@ -898,5 +898,5 @@ static int __init kasan_memhotplug_init( return 0; } -module_init(kasan_memhotplug_init); +core_initcall(kasan_memhotplug_init); #endif _

7 years, 5 months

1
0
0 0

[patch 15/16] kasan: free allocated shadow memory on MEM_CANCEL_ONLINE

by akpm＠linux-foundation.org

From: David Hildenbrand <david(a)redhat.com> Subject: kasan: free allocated shadow memory on MEM_CANCEL_ONLINE We have to free memory again when we cancel onlining, otherwise a later onlining attempt will fail. Link: http://lkml.kernel.org/r/20180522100756.18478-2-david@redhat.com Fixes: fa69b5989bb0 ("mm/kasan: add support for memory hotplug") Signed-off-by: David Hildenbrand <david(a)redhat.com> Acked-by: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Cc: Alexander Potapenko <glider(a)google.com> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/kasan/kasan.c | 1 + 1 file changed, 1 insertion(+) diff -puN mm/kasan/kasan.c~kasan-free-allocated-shadow-memory-on-mem_cancel_online mm/kasan/kasan.c --- a/mm/kasan/kasan.c~kasan-free-allocated-shadow-memory-on-mem_cancel_online +++ a/mm/kasan/kasan.c @@ -866,6 +866,7 @@ static int __meminit kasan_mem_notifier( kmemleak_ignore(ret); return NOTIFY_OK; } + case MEM_CANCEL_ONLINE: case MEM_OFFLINE: { struct vm_struct *vm; _

7 years, 5 months

1
0
0 0

[patch 12/16] kernel/sys.c: fix potential Spectre v1 issue

by akpm＠linux-foundation.org

From: "Gustavo A. R. Silva" <gustavo(a)embeddedor.com> Subject: kernel/sys.c: fix potential Spectre v1 issue `resource' can be controlled by user-space, hence leading to a potential exploitation of the Spectre variant 1 vulnerability. This issue was detected with the help of Smatch: kernel/sys.c:1474 __do_compat_sys_old_getrlimit() warn: potential spectre issue 'get_current()->signal->rlim' (local cap) kernel/sys.c:1455 __do_sys_old_getrlimit() warn: potential spectre issue 'get_current()->signal->rlim' (local cap) Fix this by sanitizing *resource* before using it to index current->signal->rlim Notice that given that speculation windows are large, the policy is to kill the speculation on the first load and not worry if it can be completed with a dependent load/store [1]. [1] https://marc.info/?l=linux-kernel&m=152449131114778&w=2 Link: http://lkml.kernel.org/r/20180515030038.GA11822@embeddedor.com Signed-off-by: Gustavo A. R. Silva <gustavo(a)embeddedor.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Cc: Alexei Starovoitov <ast(a)kernel.org> Cc: Dan Williams <dan.j.williams(a)intel.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- kernel/sys.c | 5 +++++ 1 file changed, 5 insertions(+) diff -puN kernel/sys.c~kernel-sys-fix-potential-spectre-v1 kernel/sys.c --- a/kernel/sys.c~kernel-sys-fix-potential-spectre-v1 +++ a/kernel/sys.c @@ -71,6 +71,9 @@ #include <asm/io.h> #include <asm/unistd.h> +/* Hardening for Spectre-v1 */ +#include <linux/nospec.h> + #include "uid16.h" #ifndef SET_UNALIGN_CTL @@ -1453,6 +1456,7 @@ SYSCALL_DEFINE2(old_getrlimit, unsigned if (resource >= RLIM_NLIMITS) return -EINVAL; + resource = array_index_nospec(resource, RLIM_NLIMITS); task_lock(current->group_leader); x = current->signal->rlim[resource]; task_unlock(current->group_leader); @@ -1472,6 +1476,7 @@ COMPAT_SYSCALL_DEFINE2(old_getrlimit, un if (resource >= RLIM_NLIMITS) return -EINVAL; + resource = array_index_nospec(resource, RLIM_NLIMITS); task_lock(current->group_leader); r = current->signal->rlim[resource]; task_unlock(current->group_leader); _

7 years, 5 months

1
0
0 0

[patch 07/16] mm/kasan: don't vfree() nonexistent vm_area

by akpm＠linux-foundation.org

From: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Subject: mm/kasan: don't vfree() nonexistent vm_area KASAN uses different routines to map shadow for hot added memory and memory obtained in boot process. Attempt to offline memory onlined by normal boot process leads to this: Trying to vfree() nonexistent vm area (000000005d3b34b9) WARNING: CPU: 2 PID: 13215 at mm/vmalloc.c:1525 __vunmap+0x147/0x190 Call Trace: kasan_mem_notifier+0xad/0xb9 notifier_call_chain+0x166/0x260 __blocking_notifier_call_chain+0xdb/0x140 __offline_pages+0x96a/0xb10 memory_subsys_offline+0x76/0xc0 device_offline+0xb8/0x120 store_mem_state+0xfa/0x120 kernfs_fop_write+0x1d5/0x320 __vfs_write+0xd4/0x530 vfs_write+0x105/0x340 SyS_write+0xb0/0x140 Obviously we can't call vfree() to free memory that wasn't allocated via vmalloc(). Use find_vm_area() to see if we can call vfree(). Unfortunately it's a bit tricky to properly unmap and free shadow allocated during boot, so we'll have to keep it. If memory will come online again that shadow will be reused. Matthew asked: how can you call vfree() on something that isn't a vmalloc address? vfree() is able to free any address returned by __vmalloc_node_range(). And __vmalloc_node_range() gives you any address you ask. It doesn't have to be an address in [VMALLOC_START, VMALLOC_END] range. That's also how the module_alloc()/module_memfree() works on architectures that have designated area for modules. [aryabinin(a)virtuozzo.com: improve comments] Link: http://lkml.kernel.org/r/dabee6ab-3a7a-51cd-3b86-5468718e0390@virtuozzo.com [akpm(a)linux-foundation.org: fix typos, reflow comment] Link: http://lkml.kernel.org/r/20180201163349.8700-1-aryabinin@virtuozzo.com Fixes: fa69b5989bb0 ("mm/kasan: add support for memory hotplug") Signed-off-by: Andrey Ryabinin <aryabinin(a)virtuozzo.com> Reported-by: Paul Menzel <pmenzel+linux-kasan-dev(a)molgen.mpg.de> Cc: Alexander Potapenko <glider(a)google.com> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Matthew Wilcox <willy(a)infradead.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/kasan/kasan.c | 63 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 61 insertions(+), 2 deletions(-) diff -puN mm/kasan/kasan.c~mm-kasan-dont-vfree-nonexistent-vm_area mm/kasan/kasan.c --- a/mm/kasan/kasan.c~mm-kasan-dont-vfree-nonexistent-vm_area +++ a/mm/kasan/kasan.c @@ -792,6 +792,40 @@ DEFINE_ASAN_SET_SHADOW(f5); DEFINE_ASAN_SET_SHADOW(f8); #ifdef CONFIG_MEMORY_HOTPLUG +static bool shadow_mapped(unsigned long addr) +{ + pgd_t *pgd = pgd_offset_k(addr); + p4d_t *p4d; + pud_t *pud; + pmd_t *pmd; + pte_t *pte; + + if (pgd_none(*pgd)) + return false; + p4d = p4d_offset(pgd, addr); + if (p4d_none(*p4d)) + return false; + pud = pud_offset(p4d, addr); + if (pud_none(*pud)) + return false; + + /* + * We can't use pud_large() or pud_huge(), the first one is + * arch-specific, the last one depends on HUGETLB_PAGE. So let's abuse + * pud_bad(), if pud is bad then it's bad because it's huge. + */ + if (pud_bad(*pud)) + return true; + pmd = pmd_offset(pud, addr); + if (pmd_none(*pmd)) + return false; + + if (pmd_bad(*pmd)) + return true; + pte = pte_offset_kernel(pmd, addr); + return !pte_none(*pte); +} + static int __meminit kasan_mem_notifier(struct notifier_block *nb, unsigned long action, void *data) { @@ -813,6 +847,14 @@ static int __meminit kasan_mem_notifier( case MEM_GOING_ONLINE: { void *ret; + /* + * If shadow is mapped already than it must have been mapped + * during the boot. This could happen if we onlining previously + * offlined memory. + */ + if (shadow_mapped(shadow_start)) + return NOTIFY_OK; + ret = __vmalloc_node_range(shadow_size, PAGE_SIZE, shadow_start, shadow_end, GFP_KERNEL, PAGE_KERNEL, VM_NO_GUARD, @@ -824,8 +866,25 @@ static int __meminit kasan_mem_notifier( kmemleak_ignore(ret); return NOTIFY_OK; } - case MEM_OFFLINE: - vfree((void *)shadow_start); + case MEM_OFFLINE: { + struct vm_struct *vm; + + /* + * shadow_start was either mapped during boot by kasan_init() + * or during memory online by __vmalloc_node_range(). + * In the latter case we can use vfree() to free shadow. + * Non-NULL result of the find_vm_area() will tell us if + * that was the second case. + * + * Currently it's not possible to free shadow mapped + * during boot by kasan_init(). It's because the code + * to do that hasn't been written yet. So we'll just + * leak the memory. + */ + vm = find_vm_area((void *)shadow_start); + if (vm) + vfree((void *)shadow_start); + } } return NOTIFY_OK; _

7 years, 5 months

1
0
0 0

[patch 05/16] ipc/shm: fix shmat() nil address after round-down when remapping

by akpm＠linux-foundation.org

From: Davidlohr Bueso <dave(a)stgolabs.net> Subject: ipc/shm: fix shmat() nil address after round-down when remapping shmat()'s SHM_REMAP option forbids passing a nil address for; this is in fact the very first thing we check for. Andrea reported that for SHM_RND|SHM_REMAP cases we can end up bypassing the initial addr check, but we need to check again if the address was rounded down to nil. As of this patch, such cases will return -EINVAL. Link: http://lkml.kernel.org/r/20180503204934.kk63josdu6u53fbd@linux-n805 Signed-off-by: Davidlohr Bueso <dbueso(a)suse.de> Reported-by: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Joe Lawrence <joe.lawrence(a)redhat.com> Cc: Manfred Spraul <manfred(a)colorfullife.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- ipc/shm.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff -puN ipc/shm.c~ipc-shm-fix-shmat-nil-address-after-round-down-when-remapping ipc/shm.c --- a/ipc/shm.c~ipc-shm-fix-shmat-nil-address-after-round-down-when-remapping +++ a/ipc/shm.c @@ -1363,9 +1363,17 @@ long do_shmat(int shmid, char __user *sh if (addr) { if (addr & (shmlba - 1)) { - if (shmflg & SHM_RND) + if (shmflg & SHM_RND) { addr &= ~(shmlba - 1); /* round down */ - else + + /* + * Ensure that the round-down is non-nil + * when remapping. This can happen for + * cases when addr < shmlba. + */ + if (!addr && (shmflg & SHM_REMAP)) + goto out; + } else #ifndef __ARCH_FORCE_SHMLBA if (addr & ~PAGE_MASK) #endif _

7 years, 5 months

1
0
0 0

[patch 04/16] Revert "ipc/shm: Fix shmat mmap nil-page protection"

by akpm＠linux-foundation.org

From: Davidlohr Bueso <dave(a)stgolabs.net> Subject: Revert "ipc/shm: Fix shmat mmap nil-page protection" Patch series "ipc/shm: shmat() fixes around nil-page". These patches fix two issues reported[1] a while back by Joe and Andrea around how shmat(2) behaves with nil-page. The first reverts a commit that it was incorrectly thought that mapping nil-page (address=0) was a no no with MAP_FIXED. This is not the case, with the exception of SHM_REMAP; which is address in the second patch. I chose two patches because it is easier to backport and it explicitly reverts bogus behaviour. Both patches ought to be in -stable and ltp testcases need updated (the added testcase around the cve can be modified to just test for SHM_RND|SHM_REMAP). [1] lkml.kernel.org/r/20180430172152.nfa564pvgpk3ut7p@linux-n805 This patch (of 2): 95e91b831f87 ("ipc/shm: Fix shmat mmap nil-page protection") worked on the idea that we should not be mapping as root addr=0 and MAP_FIXED. However, it was reported that this scenario is in fact valid, thus making the patch both bogus and breaks userspace as well. For example X11's libint10.so relies on shmat(1, SHM_RND) for lowmem initialization[1]. [1] https://cgit.freedesktop.org/xorg/xserver/tree/hw/xfree86/os-support/linux/… Link: http://lkml.kernel.org/r/20180503203243.15045-2-dave@stgolabs.net Fixes: 95e91b831f87 ("ipc/shm: Fix shmat mmap nil-page protection") Signed-off-by: Davidlohr Bueso <dbueso(a)suse.de> Reported-by: Joe Lawrence <joe.lawrence(a)redhat.com> Reported-by: Andrea Arcangeli <aarcange(a)redhat.com> Cc: Manfred Spraul <manfred(a)colorfullife.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- ipc/shm.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff -puN ipc/shm.c~revert-ipc-shm-fix-shmat-mmap-nil-page-protection ipc/shm.c --- a/ipc/shm.c~revert-ipc-shm-fix-shmat-mmap-nil-page-protection +++ a/ipc/shm.c @@ -1363,13 +1363,8 @@ long do_shmat(int shmid, char __user *sh if (addr) { if (addr & (shmlba - 1)) { - /* - * Round down to the nearest multiple of shmlba. - * For sane do_mmap_pgoff() parameters, avoid - * round downs that trigger nil-page and MAP_FIXED. - */ - if ((shmflg & SHM_RND) && addr >= shmlba) - addr &= ~(shmlba - 1); + if (shmflg & SHM_RND) + addr &= ~(shmlba - 1); /* round down */ else #ifndef __ARCH_FORCE_SHMLBA if (addr & ~PAGE_MASK) _

7 years, 5 months

1
0
0 0

[patch 03/16] idr: fix invalid ptr dereference on item delete

by akpm＠linux-foundation.org

From: Matthew Wilcox <mawilcox(a)microsoft.com> Subject: idr: fix invalid ptr dereference on item delete If the radix tree underlying the IDR happens to be full and we attempt to remove an id which is larger than any id in the IDR, we will call __radix_tree_delete() with an uninitialised 'slot' pointer, at which point anything could happen. This was easiest to hit with a single entry at id 0 and attempting to remove a non-0 id, but it could have happened with 64 entries and attempting to remove an id >= 64. Roman said: The syzcaller test boils down to opening /dev/kvm, creating an eventfd, and calling a couple of KVM ioctls. None of this requires superuser. And the result is dereferencing an uninitialized pointer which is likely a crash. The specific path caught by syzbot is via KVM_HYPERV_EVENTD ioctl which is new in 4.17. But I guess there are other user-triggerable paths, so cc:stable is probably justified. Matthew added: We have around 250 calls to idr_remove() in the kernel today. Many of them pass an ID which is embedded in the object they're removing, so they're safe. Picking a few likely candidates: drivers/firewire/core-cdev.c looks unsafe; the ID comes from an ioctl. drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c is similar drivers/atm/nicstar.c could be taken down by a handcrafted packet Link: http://lkml.kernel.org/r/20180518175025.GD6361@bombadil.infradead.org Fixes: 0a835c4f090a ("Reimplement IDR and IDA using the radix tree") Reported-by: <syzbot+35666cba7f0a337e2e79(a)syzkaller.appspotmail.com> Debugged-by: Roman Kagan <rkagan(a)virtuozzo.com> Signed-off-by: Matthew Wilcox <mawilcox(a)microsoft.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- lib/radix-tree.c | 4 +++- tools/testing/radix-tree/idr-test.c | 7 +++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff -puN lib/radix-tree.c~idr-fix-invalid-ptr-dereference-on-item-delete lib/radix-tree.c --- a/lib/radix-tree.c~idr-fix-invalid-ptr-dereference-on-item-delete +++ a/lib/radix-tree.c @@ -2034,10 +2034,12 @@ void *radix_tree_delete_item(struct radi unsigned long index, void *item) { struct radix_tree_node *node = NULL; - void __rcu **slot; + void __rcu **slot = NULL; void *entry; entry = __radix_tree_lookup(root, index, &node, &slot); + if (!slot) + return NULL; if (!entry && (!is_idr(root) || node_tag_get(root, node, IDR_FREE, get_slot_offset(node, slot)))) return NULL; diff -puN tools/testing/radix-tree/idr-test.c~idr-fix-invalid-ptr-dereference-on-item-delete tools/testing/radix-tree/idr-test.c --- a/tools/testing/radix-tree/idr-test.c~idr-fix-invalid-ptr-dereference-on-item-delete +++ a/tools/testing/radix-tree/idr-test.c @@ -252,6 +252,13 @@ void idr_checks(void) idr_remove(&idr, 3); idr_remove(&idr, 0); + assert(idr_alloc(&idr, DUMMY_PTR, 0, 0, GFP_KERNEL) == 0); + idr_remove(&idr, 1); + for (i = 1; i < RADIX_TREE_MAP_SIZE; i++) + assert(idr_alloc(&idr, DUMMY_PTR, 0, 0, GFP_KERNEL) == i); + idr_remove(&idr, 1 << 30); + idr_destroy(&idr); + for (i = INT_MAX - 3UL; i < INT_MAX + 1UL; i++) { struct item *item = item_create(i, 0); assert(idr_alloc(&idr, item, i, i + 10, GFP_KERNEL) == i); _

7 years, 5 months

1
0
0 0

+ mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm, page_alloc: do not break __GFP_THISNODE by zonelist reset has been added to the -mm tree. Its filename is mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-page_alloc-do-not-break-__gfp_t… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-page_alloc-do-not-break-__gfp_t… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Vlastimil Babka <vbabka(a)suse.cz> Subject: mm, page_alloc: do not break __GFP_THISNODE by zonelist reset In __alloc_pages_slowpath() we reset zonelist and preferred_zoneref for allocations that can ignore memory policies. The zonelist is obtained from current CPU's node. This is a problem for __GFP_THISNODE allocations that want to allocate on a different node, e.g. because the allocating thread has been migrated to a different CPU. This has been observed to break SLAB in our 4.4-based kernel, because there it relies on __GFP_THISNODE working as intended. If a slab page is put on wrong node's list, then further list manipulations may corrupt the list because page_to_nid() is used to determine which node's list_lock should be locked and thus we may take a wrong lock and race. Current SLAB implementation seems to be immune by luck thanks to commit 511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on arbitrary node") but there may be others assuming that __GFP_THISNODE works as promised. We can fix it by simply removing the zonelist reset completely. There is actually no reason to reset it, because memory policies and cpusets don't affect the zonelist choice in the first place. This was different when commit 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") introduced the code, as mempolicies provided their own restricted zonelists. We might consider this for 4.17 although I don't know if there's anything currently broken. Stable backports should be more important, but will have to be reviewed carefully, as the code went through many changes. BTW I think that also the ac->preferred_zoneref reset is currently useless if we don't also reset ac->nodemask from a mempolicy to NULL first (which we probably should for the OOM victims etc?), but I would leave that for a separate patch. Link: http://lkml.kernel.org/r/20180525130853.13915-1-vbabka@suse.cz Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Fixes: 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") Cc: Mel Gorman <mgorman(a)techsingularity.net> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: David Rientjes <rientjes(a)google.com> Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/page_alloc.c | 1 - 1 file changed, 1 deletion(-) diff -puN mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset mm/page_alloc.c --- a/mm/page_alloc.c~mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset +++ a/mm/page_alloc.c @@ -4169,7 +4169,6 @@ retry: * orientated. */ if (!(alloc_flags & ALLOC_CPUSET) || reserve_flags) { - ac->zonelist = node_zonelist(numa_node_id(), gfp_mask); ac->preferred_zoneref = first_zones_zonelist(ac->zonelist, ac->high_zoneidx, ac->nodemask); } _ Patches currently in -mm which might be from vbabka(a)suse.cz are mm-page_alloc-do-not-break-__gfp_thisnode-by-zonelist-reset.patch

7 years, 5 months

1
0
0 0

patch "phy: qcom-qusb2: Fix crash if nvmem cell not specified" added to usb-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled phy: qcom-qusb2: Fix crash if nvmem cell not specified to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 0b4555e776ba0712c6fafb98b226b21fd05d2427 Mon Sep 17 00:00:00 2001 From: Manu Gautam <mgautam(a)codeaurora.org> Date: Thu, 3 May 2018 02:36:10 +0530 Subject: phy: qcom-qusb2: Fix crash if nvmem cell not specified Driver currently crashes due to NULL pointer deference while updating PHY tune register if nvmem cell is NULL. Since, fused value for Tune1/2 register is optional, we'd rather bail out. Fixes: ca04d9d3e1b1 ("phy: qcom-qusb2: New driver for QUSB2 PHY on Qcom chips") Reviewed-by: Vivek Gautam <vivek.gautam(a)codeaurora.org> Reviewed-by: Evan Green <evgreen(a)chromium.org> Cc: stable <stable(a)vger.kernel.org> # 4.14+ Signed-off-by: Manu Gautam <mgautam(a)codeaurora.org> Signed-off-by: Kishon Vijay Abraham I <kishon(a)ti.com> --- drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/phy/qualcomm/phy-qcom-qusb2.c b/drivers/phy/qualcomm/phy-qcom-qusb2.c index 94afeac1a19e..40fdef8b5b75 100644 --- a/drivers/phy/qualcomm/phy-qcom-qusb2.c +++ b/drivers/phy/qualcomm/phy-qcom-qusb2.c @@ -315,6 +315,10 @@ static void qusb2_phy_set_tune2_param(struct qusb2_phy *qphy) const struct qusb2_phy_cfg *cfg = qphy->cfg; u8 *val; + /* efuse register is optional */ + if (!qphy->cell) + return; + /* * Read efuse register having TUNE2/1 parameter's high nibble. * If efuse register shows value as 0x0, or if we fail to find -- 2.17.0

7 years, 5 months

1
0
0 0

[PATCH] ext4: Forbid overflowing inode count when resizing

by Jan Kara

ext4_resize_fs() has an off-by-one bug when checking whether growing of a filesystem will not overflow inode count. As a result it allows a filesystem with 8192 inodes per group to grow to 64TB which overflows inode count to 0 and makes filesystem unusable. Fix it. CC: stable(a)vger.kernel.org Fixes: 3f8a6411fbada1fa482276591e037f3b1adcf55b Reported-by: Jaco Kroon <jaco(a)uls.co.za> Signed-off-by: Jan Kara <jack(a)suse.cz> --- fs/ext4/resize.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/ext4/resize.c b/fs/ext4/resize.c index b6bec270a8e4..d792b7689d92 100644 --- a/fs/ext4/resize.c +++ b/fs/ext4/resize.c @@ -1933,7 +1933,7 @@ int ext4_resize_fs(struct super_block *sb, ext4_fsblk_t n_blocks_count) return 0; n_group = ext4_get_group_number(sb, n_blocks_count - 1); - if (n_group > (0xFFFFFFFFUL / EXT4_INODES_PER_GROUP(sb))) { + if (n_group >= (0xFFFFFFFFUL / EXT4_INODES_PER_GROUP(sb))) { ext4_warning(sb, "resize would cause inodes_count overflow"); return -EINVAL; } -- 2.13.6

7 years, 5 months

4
4
0 0

[PATCH] usb: core: message: remove extra endianness conversion in usb_set_isoch_delay

by Ruslan Bilovol

No need to do extra endianness conversion in usb_set_isoch_delay because it is already done in usb_control_msg() Fixes: 886ee36e7205 ("usb: core: add support for USB_REQ_SET_ISOCH_DELAY") Cc: Dmytro Panchenko <dmytro.panchenko(a)globallogic.com> Cc: Felipe Balbi <felipe.balbi(a)linux.intel.com> Cc: stable <stable(a)vger.kernel.org> # v4.16+ Signed-off-by: Ruslan Bilovol <ruslan.bilovol(a)gmail.com> --- drivers/usb/core/message.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/core/message.c b/drivers/usb/core/message.c index 0c11d40..7b13700 100644 --- a/drivers/usb/core/message.c +++ b/drivers/usb/core/message.c @@ -940,7 +940,7 @@ int usb_set_isoch_delay(struct usb_device *dev) return usb_control_msg(dev, usb_sndctrlpipe(dev, 0), USB_REQ_SET_ISOCH_DELAY, USB_DIR_OUT | USB_TYPE_STANDARD | USB_RECIP_DEVICE, - cpu_to_le16(dev->hub_delay), 0, NULL, 0, + dev->hub_delay, 0, NULL, 0, USB_CTRL_SET_TIMEOUT); } -- 1.9.1

7 years, 5 months

1
0
0 0

patch "phy: qcom-qusb2: Fix crash if nvmem cell not specified" added to usb-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled phy: qcom-qusb2: Fix crash if nvmem cell not specified to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the usb-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 0b4555e776ba0712c6fafb98b226b21fd05d2427 Mon Sep 17 00:00:00 2001 From: Manu Gautam <mgautam(a)codeaurora.org> Date: Thu, 3 May 2018 02:36:10 +0530 Subject: phy: qcom-qusb2: Fix crash if nvmem cell not specified Driver currently crashes due to NULL pointer deference while updating PHY tune register if nvmem cell is NULL. Since, fused value for Tune1/2 register is optional, we'd rather bail out. Fixes: ca04d9d3e1b1 ("phy: qcom-qusb2: New driver for QUSB2 PHY on Qcom chips") Reviewed-by: Vivek Gautam <vivek.gautam(a)codeaurora.org> Reviewed-by: Evan Green <evgreen(a)chromium.org> Cc: stable <stable(a)vger.kernel.org> # 4.14+ Signed-off-by: Manu Gautam <mgautam(a)codeaurora.org> Signed-off-by: Kishon Vijay Abraham I <kishon(a)ti.com> --- drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/phy/qualcomm/phy-qcom-qusb2.c b/drivers/phy/qualcomm/phy-qcom-qusb2.c index 94afeac1a19e..40fdef8b5b75 100644 --- a/drivers/phy/qualcomm/phy-qcom-qusb2.c +++ b/drivers/phy/qualcomm/phy-qcom-qusb2.c @@ -315,6 +315,10 @@ static void qusb2_phy_set_tune2_param(struct qusb2_phy *qphy) const struct qusb2_phy_cfg *cfg = qphy->cfg; u8 *val; + /* efuse register is optional */ + if (!qphy->cell) + return; + /* * Read efuse register having TUNE2/1 parameter's high nibble. * If efuse register shows value as 0x0, or if we fail to find -- 2.17.0

7 years, 5 months

1
0
0 0

Linux 4.16.12

by Greg KH

I'm announcing the release of the 4.16.12 kernel. All users of the 4.16 kernel series must upgrade. The updated 4.16.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.16.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/powerpc/include/asm/exception-64s.h | 29 + arch/powerpc/include/asm/feature-fixups.h | 19 + arch/powerpc/include/asm/hvcall.h | 3 arch/powerpc/include/asm/security_features.h | 85 +++++ arch/powerpc/kernel/Makefile | 2 arch/powerpc/kernel/exceptions-64s.S | 19 + arch/powerpc/kernel/security.c | 237 +++++++++++++++ arch/powerpc/kernel/setup_64.c | 8 arch/powerpc/kernel/vmlinux.lds.S | 14 arch/powerpc/lib/feature-fixups.c | 115 +++++++ arch/powerpc/platforms/powernv/setup.c | 96 ++++-- arch/powerpc/platforms/pseries/setup.c | 71 +++- arch/s390/Kconfig | 3 arch/s390/Makefile | 2 arch/s390/crypto/crc32be-vx.S | 5 arch/s390/crypto/crc32le-vx.S | 4 arch/s390/include/asm/alternative-asm.h | 108 ++++++ arch/s390/include/asm/nospec-branch.h | 7 arch/s390/include/asm/nospec-insn.h | 196 ++++++++++++ arch/s390/kernel/Makefile | 5 arch/s390/kernel/alternative.c | 24 - arch/s390/kernel/asm-offsets.c | 1 arch/s390/kernel/base.S | 24 - arch/s390/kernel/entry.S | 105 +----- arch/s390/kernel/mcount.S | 14 arch/s390/kernel/module.c | 15 arch/s390/kernel/nospec-branch.c | 123 ++++++- arch/s390/kernel/nospec-sysfs.c | 21 + arch/s390/kernel/reipl.S | 7 arch/s390/kernel/setup.c | 3 arch/s390/kernel/swsusp.S | 10 arch/s390/lib/mem.S | 19 - arch/s390/net/bpf_jit.S | 16 - arch/s390/net/bpf_jit_comp.c | 63 +++- arch/sparc/kernel/vio.c | 2 arch/x86/kernel/machine_kexec_32.c | 6 arch/x86/kernel/machine_kexec_64.c | 5 drivers/block/loop.c | 71 ++-- drivers/bluetooth/btusb.c | 13 drivers/clk/clk.c | 3 drivers/clk/hisilicon/crg-hi3516cv300.c | 2 drivers/clk/meson/axg.c | 7 drivers/clk/rockchip/clk-mmc-phase.c | 23 + drivers/clk/rockchip/clk-rk3228.c | 2 drivers/clk/samsung/clk-exynos3250.c | 4 drivers/clk/samsung/clk-exynos5250.c | 8 drivers/clk/samsung/clk-exynos5260.c | 2 drivers/clk/samsung/clk-exynos5433.c | 12 drivers/clk/samsung/clk-exynos7.c | 2 drivers/clk/samsung/clk-s3c2410.c | 16 - drivers/clk/tegra/clk-pll.c | 2 drivers/crypto/atmel-aes.c | 2 drivers/crypto/ccp/ccp-debugfs.c | 7 drivers/crypto/inside-secure/safexcel.c | 12 drivers/crypto/inside-secure/safexcel_cipher.c | 2 drivers/crypto/inside-secure/safexcel_hash.c | 38 +- drivers/crypto/sunxi-ss/sun4i-ss-core.c | 1 drivers/media/common/videobuf2/videobuf2-vmalloc.c | 2 drivers/media/dvb-frontends/lgdt3306a.c | 10 drivers/media/i2c/adv748x/adv748x-hdmi.c | 3 drivers/media/i2c/ov5645.c | 5 drivers/media/pci/cx23885/cx23885-cards.c | 4 drivers/media/pci/cx23885/cx23885-core.c | 10 drivers/media/pci/cx25821/cx25821-core.c | 7 drivers/media/platform/s3c-camif/camif-capture.c | 7 drivers/media/platform/vivid/vivid-ctrls.c | 2 drivers/media/platform/vsp1/vsp1_drm.c | 9 drivers/media/usb/em28xx/em28xx-cards.c | 22 + drivers/media/usb/em28xx/em28xx.h | 2 drivers/net/dsa/bcm_sf2_cfp.c | 36 +- drivers/net/ethernet/3com/3c59x.c | 104 +++--- drivers/net/ethernet/chelsio/cxgb4/cudbg_entity.h | 28 - drivers/net/ethernet/chelsio/cxgb4/cxgb4_filter.c | 88 +---- drivers/net/ethernet/mellanox/mlx4/main.c | 4 drivers/net/ethernet/qlogic/qed/qed_ll2.c | 61 +++ drivers/net/tun.c | 27 - drivers/net/vmxnet3/vmxnet3_drv.c | 72 +++- drivers/net/vmxnet3/vmxnet3_int.h | 8 drivers/rtc/hctosys.c | 5 drivers/rtc/rtc-goldfish.c | 2 drivers/rtc/rtc-m41t80.c | 18 - drivers/rtc/rtc-rk808.c | 14 drivers/rtc/rtc-rp5c01.c | 12 drivers/rtc/rtc-snvs.c | 15 drivers/rtc/rtc-tx4939.c | 6 drivers/s390/scsi/zfcp_dbf.c | 23 + drivers/s390/scsi/zfcp_ext.h | 5 drivers/s390/scsi/zfcp_scsi.c | 14 drivers/scsi/aacraid/commsup.c | 4 drivers/scsi/aacraid/linit.c | 1 drivers/scsi/lpfc/lpfc_attr.c | 5 drivers/scsi/lpfc/lpfc_hbadisc.c | 5 drivers/scsi/lpfc/lpfc_nportdisc.c | 15 drivers/scsi/lpfc/lpfc_nvme.c | 28 - drivers/scsi/lpfc/lpfc_nvme.h | 2 drivers/scsi/lpfc/lpfc_sli.c | 2 drivers/scsi/mvsas/mv_94xx.c | 23 - drivers/scsi/scsi_devinfo.c | 1 drivers/scsi/scsi_lib.c | 11 drivers/scsi/sg.c | 2 drivers/staging/fsl-dpaa2/ethernet/dpaa2-eth.c | 16 - drivers/staging/ks7010/ks_hostif.c | 31 - drivers/staging/ks7010/ks_hostif.h | 1 drivers/staging/lustre/lustre/include/obd.h | 2 drivers/staging/lustre/lustre/lmv/lmv_obd.c | 2 drivers/staging/lustre/lustre/osc/osc_cache.c | 2 drivers/staging/rtl8192u/r8192U_core.c | 2 drivers/staging/vc04_services/bcm2835-audio/bcm2835.c | 54 +-- drivers/tty/serial/8250/8250_port.c | 3 drivers/tty/serial/altera_uart.c | 12 drivers/tty/serial/arc_uart.c | 5 drivers/tty/serial/fsl_lpuart.c | 4 drivers/tty/serial/imx.c | 6 drivers/tty/serial/mvebu-uart.c | 2 drivers/tty/serial/mxs-auart.c | 4 drivers/tty/serial/samsung.c | 4 drivers/tty/serial/sh-sci.c | 4 drivers/tty/serial/xilinx_uartps.c | 2 drivers/usb/dwc2/core.h | 2 drivers/usb/dwc2/hcd.c | 32 +- drivers/usb/dwc3/Makefile | 2 drivers/usb/dwc3/core.c | 13 drivers/usb/dwc3/core.h | 2 drivers/usb/gadget/composite.c | 40 +- drivers/usb/gadget/function/f_fs.c | 6 drivers/usb/gadget/udc/goku_udc.h | 2 drivers/usb/host/xhci-mem.c | 2 drivers/usb/host/xhci.c | 14 drivers/usb/usbip/Kconfig | 2 fs/ext2/inode.c | 10 fs/hfsplus/super.c | 1 include/linux/mlx5/driver.h | 12 include/linux/usb/composite.h | 3 include/scsi/scsi.h | 2 include/uapi/linux/nl80211.h | 2 net/core/dev.c | 2 net/core/sock.c | 2 net/dsa/dsa2.c | 9 net/ipv4/ip_output.c | 3 net/ipv4/tcp_output.c | 7 net/ipv6/ip6_gre.c | 281 ++++++++++++++---- net/ipv6/ip6_output.c | 3 net/packet/af_packet.c | 4 net/sched/act_vlan.c | 2 net/sched/sch_red.c | 5 net/sched/sch_tbf.c | 5 net/smc/smc_pnet.c | 71 ++-- net/wireless/core.c | 3 sound/soc/rockchip/Kconfig | 3 sound/soc/samsung/i2s.c | 13 sound/soc/samsung/odroid.c | 11 sound/soc/soc-topology.c | 3 sound/usb/quirks.c | 29 + 154 files changed, 2355 insertions(+), 845 deletions(-) Akinobu Mita (1): media: ov5645: add missing of_node_put() in error path Al Viro (1): ext2: fix a block leak Alexander Potapenko (1): scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() Alexandre Belloni (4): rtc: hctosys: Ensure system time doesn't overflow time_t rtc: rk808: fix possible race condition rtc: m41t80: fix race conditions rtc: rp5c01: fix possible race condition Amritha Nambiar (1): net: Fix a bug in removing queues from XPS map Andrzej Hajda (6): clk: samsung: s3c2410: Fix PLL rates clk: samsung: exynos7: Fix PLL rates clk: samsung: exynos5260: Fix PLL rates clk: samsung: exynos5433: Fix PLL rates clk: samsung: exynos5250: Fix PLL rates clk: samsung: exynos3250: Fix PLL rates Antoine Tenart (8): crypto: inside-secure - move the digest to the request context crypto: inside-secure - wait for the request to complete if in the backlog crypto: atmel-aes - fix the keys zeroing on errors crypto: inside-secure - do not process request if no command was issued crypto: inside-secure - fix the cache_len computation crypto: inside-secure - fix the extra cache computation crypto: inside-secure - do not overwrite the threshold value crypto: inside-secure - fix the invalidation step during cra_exit Arnd Bergmann (2): clk: hisilicon: mark wdt_mux_p[] as const media: s3c-camif: fix out-of-bounds array access Arvind Yadav (1): sparc: vio: use put_device() instead of kfree() Ben Hutchings (1): usbip: Correct maximum value of CONFIG_USBIP_VHCI_HC_PORTS Brad Love (6): media: lgdt3306a: Fix module count mismatch on usb unplug media: em28xx: USB bulk packet size fix media: cx23885: Override 888 ImpactVCBe crystal frequency media: cx23885: Set subdev host data to clk_freq pointer media: lgdt3306a: Fix a double kfree on i2c device remove media: em28xx: Add Hauppauge SoloHD/DualHD bulk models Bryan O'Donoghue (1): rtc: snvs: Fix usage of snvs_rtc_enable Chris Dickens (1): usb: gadget: composite: fix incorrect handling of OS desc requests Christoph Hellwig (1): 3c59x: convert to generic DMA API Colin Ian King (3): staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr media: cx25821: prevent out-of-bounds read on array card rtc: tx4939: avoid unintended sign extension on a 24 bit shift Dave Carroll (1): scsi: aacraid: Insure command thread is not recursively stopped Davide Caratti (1): net/sched: fix refcnt leak in the error path of tcf_vlan_init() Douglas Gilbert (1): scsi: core: Make SCSI Status CONDITION MET equivalent to GOOD Eric Biggers (1): net/smc: check for missing nlattrs in SMC_PNETID messages Eric Dumazet (2): sock_diag: fix use-after-free read in __sk_free tcp: purge write queue in tcp_connect_init() Ezequiel Garcia (1): ASoC: rockchip: rk3288-hdmi-analog: Select needed codecs Felipe Balbi (1): usb: dwc3: Makefile: fix link error on randconfig Florian Fainelli (4): net: dsa: bcm_sf2: Fix RX_CLS_LOC_ANY overwrite for last rule net: dsa: Do not register devlink for unused ports net: dsa: bcm_sf2: Fix IPv6 rules and chain ID net: dsa: bcm_sf2: Fix IPv6 rule half deletion Gabriel Matni (1): serial: mvebu-uart: fix tx lost characters Geert Uytterhoeven (7): serial: xuartps: Fix out-of-bounds access through DT alias serial: sh-sci: Fix out-of-bounds access through DT alias serial: samsung: Fix out-of-bounds access through serial port index serial: mxs-auart: Fix out-of-bounds access through serial port index serial: imx: Fix out-of-bounds access through serial port index serial: fsl_lpuart: Fix out-of-bounds access through DT alias serial: arc_uart: Fix out-of-bounds access through DT alias Greg Kroah-Hartman (1): Linux 4.16.12 Grigor Tovmasyan (1): usb: dwc2: Fix interval type issue Hans Verkuil (1): media: vivid: fix incorrect capabilities for radio Ioana Radulescu (2): staging: fsl-dpaa2/eth: Fix incorrect kfree staging: fsl-dpaa2/eth: Fix incorrect casts James Hogan (1): rtc: goldfish: Add missing MODULE_LICENSE James Smart (6): scsi: lpfc: Fix NVME Initiator FirstBurst scsi: lpfc: Fix issue_lip if link is disabled scsi: lpfc: Fix nonrecovery of NVME controller after cable swap. scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing scsi: lpfc: Fix IO failure during hba reset testing with nvme io. scsi: lpfc: Fix frequency of Release WQE CQEs Jason Wang (2): tun: fix use after free for ptr_ring tuntap: fix use after free during release Jens Remus (1): scsi: zfcp: fix infinite iteration on ERP ready list Jerome Brunet (1): clk: meson: axg: add the fractional part of the fixed_pll Johannes Berg (1): cfg80211: limit wiphy names to 128 bytes Kieran Bingham (1): media: i2c: adv748x: fix HDMI field heights Kirill Marinushkin (1): staging: bcm2835-audio: Release resources on module_exit() Kumar Sanghvi (1): cxgb4: Correct ntuple mask validation for hash filters Larry Finger (1): Bluetooth: btusb: Add device ID for RTL8822BE Lars-Peter Clausen (2): usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS usb: gadget: ffs: Execute copy_to_user() with USER_DS set Laurent Pinchart (1): media: v4l: vsp1: Fix display stalls when requesting too many inputs Marcel Ziswiler (1): clk: tegra: Fix pll_u rate configuration Martin Schwidefsky (15): s390: move nobp parameter functions to nospec-branch.c s390: add automatic detection of the spectre defense s390: report spectre mitigation via syslog s390: add sysfs attributes for spectre s390: add assembler macros for CPU alternatives s390: correct nospec auto detection init order s390: correct module section names for expoline code revert s390: move expoline assembler macros to a header s390/crc32-vx: use expoline for indirect branches s390/lib: use expoline for indirect branches s390/ftrace: use expoline for indirect branches s390/kernel: use expoline for indirect branches s390: move spectre sysfs attribute code s390: extend expoline to BC instructions s390: use expoline thunks in the BPF JIT Masami Hiramatsu (1): media: vb2: Fix videobuf2 to map correct area Mathias Nyman (2): xhci: zero usb device slot_id member when disabling and freeing a xhci slot xhci: Show what USB release number the xHC supports from protocol capablity Mauricio Faria de Oliveira (2): powerpc/pseries: Fix clearing of security feature flags powerpc: Move default security feature flags Michael Ellerman (11): powerpc/rfi-flush: Always enable fallback flush on pseries powerpc: Add security feature flags for Spectre/Meltdown powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags powerpc/pseries: Set or clear security feature flags powerpc/powernv: Set or clear security feature flags powerpc/64s: Move cpu_show_meltdown() powerpc/64s: Enhance the information in cpu_show_meltdown() powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() powerpc/64s: Wire up cpu_show_spectre_v1() powerpc/64s: Wire up cpu_show_spectre_v2() Michal Kalderon (3): qed: LL2 flush isles when connection is closed qed: Fix possibility of list corruption during rmmod flows qed: Fix LL2 race during connection terminate Minas Harutyunyan (2): usb: dwc2: hcd: Fix host channel halt flow usb: dwc2: host: Fix transaction errors in host mode NeilBrown (2): staging: lustre: fix bug in osc_enter_cache_try staging: lustre: lmv: correctly iput lmo_root Nicholas Piggin (1): powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit Nobutaka Okabe (1): ALSA: usb-audio: Add native DSD support for Luxman DA-06 Omar Sandoval (2): loop: don't call into filesystem while holding lo_ctl_mutex loop: fix LOOP_GET_STATUS lock imbalance Paolo Abeni (1): net: sched: red: avoid hashing NULL child Peter Robinson (1): crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss Petr Machata (7): net: ip6_gre: Request headroom in __gre6_xmit() net: ip6_gre: Fix headroom request in ip6erspan_tunnel_xmit() net: ip6_gre: Split up ip6gre_tnl_link_config() net: ip6_gre: Split up ip6gre_tnl_change() net: ip6_gre: Split up ip6gre_newlink() net: ip6_gre: Split up ip6gre_changelink() net: ip6_gre: Fix ip6erspan hlen calculation Quytelda Kahja (1): staging: ks7010: Use constants from ieee80211_eid instead of literal ints. Rahul Lakkireddy (1): cxgb4: fix offset in collecting TX rate limit info Ranjani Sridharan (1): ASoC: topology: create TLV data for dapm widgets Saeed Mahameed (1): net/mlx5: Fix build break when CONFIG_SMP=n Sebastian Andrzej Siewior (1): crypto: ccp - don't disable interrupts while setting up debugfs Shawn Lin (3): clk: rockchip: Fix wrong parent for SDMMC phase clock for rk3228 clk: Don't show the incorrect clock phase clk: rockchip: Prevent calculating mmc phase if clock rate is zero Sylwester Nawrocki (2): ASoC: samsung: odroid: Fix 32000 sample rate handling ASoC: samsung: i2s: Ensure the RCLK rate is properly determined Tarick Bedeir (1): net/mlx4_core: Fix error handling in mlx4_init_port_info. Tedd Ho-Jeong An (1): Bluetooth: btusb: Add support for Intel Bluetooth device 22560 [8087:0026] Tetsuo Handa (2): hfsplus: stop workqueue when fill_super() failed x86/kexec: Avoid double free_page() upon do_kexec_load() failure Thinh Nguyen (2): usb: dwc3: Add SoftReset PHY synchonization delay usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields Uwe Kleine-König (1): serial: altera: ensure port->regshift is honored consistently Vicente Bergas (1): Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB Vignesh R (1): serial: 8250: Don't service RX FIFO if interrupts are disabled Wilfried Weissmann (1): scsi: mvsas: fix wrong endianness of sgpio api Willem de Bruijn (2): net: test tailroom before appending to linear skb packet: in packet_snd start writing at link layer allocation William Tu (1): net: ip6_gre: fix tunnel metadata device sharing. Wolfram Sang (1): usb: gadget: udc: change comparison to bitshift when dealing with a mask Xose Vazquez Perez (1): scsi: devinfo: add HP DISK-SUBSYSTEM device, for HP XP arrays Yixun Lan (1): clk: meson: axg: fix the od shift of the sys_pll hpreg(a)vmware.com (2): vmxnet3: set the DMA mask before the first DMA map operation vmxnet3: use DMA memory barriers where required

7 years, 5 months

1
1
0 0

Linux 4.14.44

by Greg KH

I'm announcing the release of the 4.14.44 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/boot/dts/imx7d-sdb.dts | 2 arch/s390/crypto/crc32be-vx.S | 5 arch/s390/crypto/crc32le-vx.S | 4 arch/s390/include/asm/alternative-asm.h | 108 ++++++ arch/s390/include/asm/nospec-insn.h | 195 +++++++++++ arch/s390/kernel/Makefile | 1 arch/s390/kernel/asm-offsets.c | 1 arch/s390/kernel/base.S | 24 - arch/s390/kernel/entry.S | 105 +----- arch/s390/kernel/mcount.S | 14 arch/s390/kernel/nospec-branch.c | 43 +- arch/s390/kernel/nospec-sysfs.c | 21 + arch/s390/kernel/reipl.S | 7 arch/s390/kernel/swsusp.S | 10 arch/s390/lib/mem.S | 13 arch/s390/net/bpf_jit.S | 16 arch/s390/net/bpf_jit_comp.c | 63 +++ arch/sparc/kernel/vio.c | 2 arch/x86/kernel/machine_kexec_32.c | 6 arch/x86/kernel/machine_kexec_64.c | 5 drivers/block/loop.c | 71 ++-- drivers/bluetooth/btusb.c | 6 drivers/clk/clk.c | 3 drivers/clk/hisilicon/crg-hi3516cv300.c | 2 drivers/clk/rockchip/clk-mmc-phase.c | 23 + drivers/clk/rockchip/clk-rk3228.c | 2 drivers/clk/samsung/clk-exynos3250.c | 4 drivers/clk/samsung/clk-exynos5250.c | 8 drivers/clk/samsung/clk-exynos5260.c | 2 drivers/clk/samsung/clk-exynos5433.c | 12 drivers/clk/samsung/clk-exynos7.c | 2 drivers/clk/samsung/clk-s3c2410.c | 16 drivers/clk/tegra/clk-pll.c | 2 drivers/crypto/atmel-aes.c | 2 drivers/crypto/ccp/ccp-debugfs.c | 7 drivers/crypto/inside-secure/safexcel.c | 9 drivers/crypto/inside-secure/safexcel_cipher.c | 2 drivers/crypto/inside-secure/safexcel_hash.c | 8 drivers/crypto/sunxi-ss/sun4i-ss-core.c | 1 drivers/media/dvb-core/dmxdev.c | 2 drivers/media/dvb-frontends/lgdt3306a.c | 10 drivers/media/i2c/adv748x/adv748x-hdmi.c | 3 drivers/media/i2c/ov5645.c | 5 drivers/media/i2c/tvp5150.c | 88 ++--- drivers/media/pci/cx23885/cx23885-cards.c | 4 drivers/media/pci/cx23885/cx23885-core.c | 10 drivers/media/pci/cx25821/cx25821-core.c | 7 drivers/media/platform/s3c-camif/camif-capture.c | 7 drivers/media/platform/vivid/vivid-ctrls.c | 2 drivers/media/platform/vsp1/vsp1_drm.c | 9 drivers/media/usb/em28xx/em28xx-cards.c | 22 - drivers/media/usb/em28xx/em28xx.h | 2 drivers/media/v4l2-core/videobuf2-vmalloc.c | 2 drivers/message/fusion/mptctl.c | 2 drivers/net/ethernet/mellanox/mlx4/main.c | 4 drivers/net/hyperv/hyperv_net.h | 11 drivers/net/hyperv/netvsc.c | 203 ++++++----- drivers/net/hyperv/netvsc_drv.c | 310 ++++++++++-------- drivers/net/hyperv/rndis_filter.c | 210 ++++++------ drivers/net/usb/qmi_wwan.c | 4 drivers/net/usb/usbnet.c | 10 drivers/net/vmxnet3/vmxnet3_drv.c | 72 ++-- drivers/rtc/hctosys.c | 5 drivers/rtc/rtc-goldfish.c | 2 drivers/rtc/rtc-m41t80.c | 18 - drivers/rtc/rtc-rk808.c | 14 drivers/rtc/rtc-rp5c01.c | 12 drivers/rtc/rtc-snvs.c | 15 drivers/rtc/rtc-tx4939.c | 6 drivers/s390/scsi/zfcp_dbf.c | 23 + drivers/s390/scsi/zfcp_ext.h | 5 drivers/s390/scsi/zfcp_scsi.c | 14 drivers/scsi/aacraid/commsup.c | 4 drivers/scsi/aacraid/linit.c | 5 drivers/scsi/bnx2fc/bnx2fc_io.c | 1 drivers/scsi/iscsi_tcp.c | 8 drivers/scsi/libsas/sas_scsi_host.c | 33 - drivers/scsi/lpfc/lpfc_attr.c | 5 drivers/scsi/lpfc/lpfc_hbadisc.c | 5 drivers/scsi/lpfc/lpfc_sli.c | 2 drivers/scsi/mpt3sas/mpt3sas_base.c | 5 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 2 drivers/scsi/mvsas/mv_94xx.c | 23 - drivers/scsi/qedi/qedi_fw.c | 5 drivers/scsi/qedi/qedi_main.c | 24 - drivers/scsi/qla2xxx/qla_isr.c | 6 drivers/scsi/qla2xxx/qla_os.c | 2 drivers/scsi/qla4xxx/ql4_def.h | 2 drivers/scsi/qla4xxx/ql4_os.c | 46 ++ drivers/scsi/scsi_lib.c | 11 drivers/scsi/sd.c | 3 drivers/scsi/sg.c | 2 drivers/scsi/storvsc_drv.c | 2 drivers/scsi/sym53c8xx_2/sym_hipd.c | 2 drivers/scsi/ufs/ufshcd.c | 2 drivers/staging/fsl-dpaa2/ethernet/dpaa2-eth.c | 6 drivers/staging/ks7010/ks_hostif.c | 31 - drivers/staging/ks7010/ks_hostif.h | 1 drivers/staging/lustre/lustre/include/obd.h | 2 drivers/staging/lustre/lustre/lmv/lmv_obd.c | 2 drivers/staging/lustre/lustre/osc/osc_cache.c | 2 drivers/staging/rtl8192u/r8192U_core.c | 2 drivers/staging/vc04_services/bcm2835-audio/bcm2835.c | 54 +-- drivers/tty/serial/8250/8250_port.c | 3 drivers/tty/serial/altera_uart.c | 12 drivers/tty/serial/arc_uart.c | 5 drivers/tty/serial/fsl_lpuart.c | 4 drivers/tty/serial/imx.c | 6 drivers/tty/serial/mxs-auart.c | 4 drivers/tty/serial/samsung.c | 4 drivers/tty/serial/sh-sci.c | 4 drivers/tty/serial/xilinx_uartps.c | 2 drivers/usb/class/cdc-acm.c | 9 drivers/usb/dwc2/core.h | 2 drivers/usb/dwc2/gadget.c | 12 drivers/usb/dwc2/hcd.c | 32 + drivers/usb/dwc3/Makefile | 2 drivers/usb/dwc3/core.c | 16 drivers/usb/dwc3/core.h | 2 drivers/usb/dwc3/dwc3-omap.c | 16 drivers/usb/gadget/composite.c | 40 +- drivers/usb/gadget/function/f_fs.c | 6 drivers/usb/gadget/function/f_uac2.c | 2 drivers/usb/gadget/udc/core.c | 2 drivers/usb/gadget/udc/fsl_udc_core.c | 4 drivers/usb/gadget/udc/goku_udc.h | 2 drivers/usb/host/ohci-hcd.c | 3 drivers/usb/host/xhci-mem.c | 2 drivers/usb/host/xhci-plat.c | 11 drivers/usb/host/xhci.c | 14 drivers/usb/usbip/Kconfig | 2 fs/ext2/inode.c | 10 fs/hfsplus/super.c | 1 include/linux/u64_stats_sync.h | 22 + include/linux/usb/composite.h | 3 include/scsi/scsi.h | 2 include/uapi/linux/nl80211.h | 2 net/core/dev.c | 2 net/core/sock.c | 2 net/ipv4/ip_output.c | 3 net/ipv4/tcp_output.c | 7 net/ipv6/ip6_output.c | 3 net/packet/af_packet.c | 4 net/sched/act_vlan.c | 2 net/sched/sch_red.c | 5 net/sched/sch_tbf.c | 5 net/smc/smc_pnet.c | 71 ++-- net/wireless/core.c | 3 sound/soc/codecs/hdmi-codec.c | 7 sound/soc/rockchip/Kconfig | 3 sound/soc/samsung/i2s.c | 13 sound/soc/samsung/odroid.c | 11 sound/soc/soc-topology.c | 3 sound/usb/quirks.c | 29 - 155 files changed, 1784 insertions(+), 894 deletions(-) Akinobu Mita (1): media: ov5645: add missing of_node_put() in error path Al Viro (1): ext2: fix a block leak Alexander Potapenko (1): scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() Alexandre Belloni (4): rtc: hctosys: Ensure system time doesn't overflow time_t rtc: rk808: fix possible race condition rtc: m41t80: fix race conditions rtc: rp5c01: fix possible race condition Amritha Nambiar (1): net: Fix a bug in removing queues from XPS map Andrew Vasquez (1): scsi: qedi: Fix truncation of CHAP name and secret Andrzej Hajda (6): clk: samsung: s3c2410: Fix PLL rates clk: samsung: exynos7: Fix PLL rates clk: samsung: exynos5260: Fix PLL rates clk: samsung: exynos5433: Fix PLL rates clk: samsung: exynos5250: Fix PLL rates clk: samsung: exynos3250: Fix PLL rates Antoine Tenart (6): crypto: inside-secure - wait for the request to complete if in the backlog crypto: atmel-aes - fix the keys zeroing on errors crypto: inside-secure - do not process request if no command was issued crypto: inside-secure - fix the cache_len computation crypto: inside-secure - fix the extra cache computation crypto: inside-secure - fix the invalidation step during cra_exit Arnd Bergmann (2): clk: hisilicon: mark wdt_mux_p[] as const media: s3c-camif: fix out-of-bounds array access Arvind Yadav (1): sparc: vio: use put_device() instead of kfree() Bart Van Assche (1): scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() Ben Hutchings (1): usbip: Correct maximum value of CONFIG_USBIP_VHCI_HC_PORTS Brad Love (6): media: lgdt3306a: Fix module count mismatch on usb unplug media: em28xx: USB bulk packet size fix media: cx23885: Override 888 ImpactVCBe crystal frequency media: cx23885: Set subdev host data to clk_freq pointer media: lgdt3306a: Fix a double kfree on i2c device remove media: em28xx: Add Hauppauge SoloHD/DualHD bulk models Brian Norris (1): usb: dwc3: Undo PHY init if soft reset fails Bryan O'Donoghue (1): rtc: snvs: Fix usage of snvs_rtc_enable Chad Dupuis (1): scsi: bnx2fc: Fix check in SCSI completion handler for timed out request Chris Dickens (1): usb: gadget: composite: fix incorrect handling of OS desc requests Colin Ian King (3): staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr media: cx25821: prevent out-of-bounds read on array card rtc: tx4939: avoid unintended sign extension on a 24 bit shift Dan Carpenter (2): scsi: sym53c8xx_2: iterator underflow in sym_getsync() scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() Dave Carroll (1): scsi: aacraid: Insure command thread is not recursively stopped Davide Caratti (1): net/sched: fix refcnt leak in the error path of tcf_vlan_init() Dominik Bozek (1): usb: cdc_acm: prevent race at write to acm while system resumes Douglas Gilbert (1): scsi: core: Make SCSI Status CONDITION MET equivalent to GOOD Eric Biggers (1): net/smc: check for missing nlattrs in SMC_PNETID messages Eric Dumazet (3): sock_diag: fix use-after-free read in __sk_free tcp: purge write queue in tcp_connect_init() net: usbnet: fix potential deadlock on 32bit hosts Ezequiel Garcia (1): ASoC: rockchip: rk3288-hdmi-analog: Select needed codecs Felipe Balbi (1): usb: dwc3: Makefile: fix link error on randconfig Fredrik Noring (1): USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM Geert Uytterhoeven (7): serial: xuartps: Fix out-of-bounds access through DT alias serial: sh-sci: Fix out-of-bounds access through DT alias serial: samsung: Fix out-of-bounds access through serial port index serial: mxs-auart: Fix out-of-bounds access through serial port index serial: imx: Fix out-of-bounds access through serial port index serial: fsl_lpuart: Fix out-of-bounds access through DT alias serial: arc_uart: Fix out-of-bounds access through DT alias Giuseppe Lippolis (1): net-usb: add qmi_wwan if on lte modem wistron neweb d18q1 Greg Kroah-Hartman (1): Linux 4.14.44 Grigor Tovmasyan (1): usb: dwc2: Fix interval type issue Haiyang Zhang (6): hv_netvsc: Fix the real number of queues of non-vRSS cases hv_netvsc: Rename ind_table to rx_table hv_netvsc: Rename tx_send_table to tx_table hv_netvsc: Add initialization of tx_table in netvsc_device_add() hv_netvsc: Set tx_table to equal weight after subchannels open hv_netvsc: Use the num_online_cpus() for channel limit Hannes Reinecke (1): scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM Hans Verkuil (1): media: vivid: fix incorrect capabilities for radio Ioana Radulescu (1): staging: fsl-dpaa2/eth: Fix incorrect casts James Hogan (1): rtc: goldfish: Add missing MODULE_LICENSE James Smart (3): scsi: lpfc: Fix issue_lip if link is disabled scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing scsi: lpfc: Fix frequency of Release WQE CQEs Jason Yan (1): scsi: libsas: defer ata device eh commands to libata Jens Remus (1): scsi: zfcp: fix infinite iteration on ERP ready list Jeremy Cline (1): scsi: sd: Keep disk read-only when re-reading partition Jianchao Wang (1): scsi: iscsi_tcp: set BDI_CAP_STABLE_WRITES when data digest enabled Johannes Berg (1): cfg80211: limit wiphy names to 128 bytes John Keeping (1): usb: gadget: f_uac2: fix bFirstInterface in composite gadget Kieran Bingham (1): media: i2c: adv748x: fix HDMI field heights Kirill Marinushkin (1): staging: bcm2835-audio: Release resources on module_exit() Larry Finger (1): Bluetooth: btusb: Add device ID for RTL8822BE Lars-Peter Clausen (2): usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS usb: gadget: ffs: Execute copy_to_user() with USER_DS set Laurent Pinchart (1): media: v4l: vsp1: Fix display stalls when requesting too many inputs Leonard Crestez (1): ARM: dts: imx7d-sdb: Fix regulator-usb-otg2-vbus node name Manish Rangankar (2): scsi: qla4xxx: skip error recovery in case of register disconnect. scsi: qedi: Fix kernel crash during port toggle Manu Gautam (1): usb: gadget: core: Fix use-after-free of usb_request Marcel Ziswiler (1): clk: tegra: Fix pll_u rate configuration Martin Schwidefsky (9): s390: add assembler macros for CPU alternatives s390: move expoline assembler macros to a header s390/crc32-vx: use expoline for indirect branches s390/lib: use expoline for indirect branches s390/ftrace: use expoline for indirect branches s390/kernel: use expoline for indirect branches s390: move spectre sysfs attribute code s390: extend expoline to BC instructions s390: use expoline thunks in the BPF JIT Masami Hiramatsu (1): media: vb2: Fix videobuf2 to map correct area Mathias Nyman (2): xhci: zero usb device slot_id member when disabling and freeing a xhci slot xhci: Show what USB release number the xHC supports from protocol capablity Mauro Carvalho Chehab (2): media: dmxdev: fix error code for invalid ioctls media: Don't let tvp5150_get_vbi() go out of vbi_ram_default array Meelis Roos (1): scsi: aacraid: fix shutdown crash when init fails Michael Kelley (EOSG) (1): scsi: storvsc: Increase cmd_per_lun for higher speed devices Minas Harutyunyan (2): usb: dwc2: hcd: Fix host channel halt flow usb: dwc2: host: Fix transaction errors in host mode Mohammed Gamal (4): hv_netvsc: Use Windows version instead of NVSP version on GPAD teardown hv_netvsc: Split netvsc_revoke_buf() and netvsc_teardown_gpadl() hv_netvsc: Ensure correct teardown message sequence order hv_netvsc: Fix net device attach on older Windows hosts NeilBrown (2): staging: lustre: fix bug in osc_enter_cache_try staging: lustre: lmv: correctly iput lmo_root Nobutaka Okabe (1): ALSA: usb-audio: Add native DSD support for Luxman DA-06 Omar Sandoval (2): loop: don't call into filesystem while holding lo_ctl_mutex loop: fix LOOP_GET_STATUS lock imbalance Paolo Abeni (1): net: sched: red: avoid hashing NULL child Peter Robinson (1): crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss Peter Ujfalusi (1): ASoC: hdmi-codec: Fix module unloading caused kernel crash Quinn Tran (1): scsi: qla2xxx: Fix memory corruption during hba reset test Quytelda Kahja (1): staging: ks7010: Use constants from ieee80211_eid instead of literal ints. Ranjani Sridharan (1): ASoC: topology: create TLV data for dapm widgets Roger Quadros (1): usb: dwc3: omap: don't miss events during suspend/resume Sebastian Andrzej Siewior (1): crypto: ccp - don't disable interrupts while setting up debugfs Shawn Lin (3): clk: rockchip: Fix wrong parent for SDMMC phase clock for rk3228 clk: Don't show the incorrect clock phase clk: rockchip: Prevent calculating mmc phase if clock rate is zero Stefan Agner (1): usb: gadget: fsl_udc_core: fix ep valid checks Stephen Hemminger (11): hv_netvsc: empty current transmit aggregation if flow blocked hv_netvsc: avoid retry on send during shutdown hv_netvsc: only wake transmit queue if link is up hv_netvsc: fix error unwind handling if vmbus_open fails hv_netvsc: cancel subchannel setup before halting device hv_netvsc: fix race in napi poll when rescheduling hv_netvsc: defer queue selection to VF hv_netvsc: disable NAPI before channel close hv_netvsc: use RCU to fix concurrent rx and queue changes hv_netvsc: change GPAD teardown order on older versions hv_netvsc: common detach logic Sujit Reddy Thumma (1): scsi: ufs: Enable quirk to ignore sending WRITE_SAME command Sylwester Nawrocki (2): ASoC: samsung: odroid: Fix 32000 sample rate handling ASoC: samsung: i2s: Ensure the RCLK rate is properly determined Tarick Bedeir (1): net/mlx4_core: Fix error handling in mlx4_init_port_info. Tetsuo Handa (2): hfsplus: stop workqueue when fill_super() failed x86/kexec: Avoid double free_page() upon do_kexec_load() failure Thinh Nguyen (2): usb: dwc3: Add SoftReset PHY synchonization delay usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields Tomas Henzl (1): scsi: mpt3sas: fix an out of bound write Torsten Hilbrich (1): net/usb/qmi_wwan.c: Add USB id for lt4120 modem Uwe Kleine-König (1): serial: altera: ensure port->regshift is honored consistently Vardan Mikayelyan (1): usb: dwc2: Fix dwc2_hsotg_core_init_disconnected() Vicente Bergas (1): Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB Vignesh R (1): serial: 8250: Don't service RX FIFO if interrupts are disabled Vitaly Kuznetsov (2): hv_netvsc: netvsc_teardown_gpadl() split hv_netvsc: preserve hw_features on mtu/channels/ringparam changes Wilfried Weissmann (1): scsi: mvsas: fix wrong endianness of sgpio api Willem de Bruijn (2): net: test tailroom before appending to linear skb packet: in packet_snd start writing at link layer allocation Wolfram Sang (1): usb: gadget: udc: change comparison to bitshift when dealing with a mask Yoshihiro Shimoda (1): usb: host: xhci-plat: revert "usb: host: xhci-plat: enable clk in resume timing" hpreg(a)vmware.com (2): vmxnet3: set the DMA mask before the first DMA map operation vmxnet3: use DMA memory barriers where required

7 years, 5 months

1
1
0 0

[PATCH] Fix controller reset return

by Keith Busch

From: Charles Machalow <charles.machalow(a)intel.com> If the Controller Reset comes in when the device had no namespaces, we're incorrectly giving back ENETRESET. Fixes: 8000d1fdb0 ("nvme-rdma: fix sysfs invoked reset_ctrl error flow ") Cc: <stable(a)vger.kernel.org> Signed-off-by: Charles Machalow <charles.machalow(a)intel.com> Signed-off-by: Keith Busch <keith.busch(a)intel.com> --- drivers/nvme/host/core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c index cd03f2bdac7b..b4eb74f14c02 100644 --- a/drivers/nvme/host/core.c +++ b/drivers/nvme/host/core.c @@ -117,7 +117,8 @@ int nvme_reset_ctrl_sync(struct nvme_ctrl *ctrl) ret = nvme_reset_ctrl(ctrl); if (!ret) { flush_work(&ctrl->reset_work); - if (ctrl->state != NVME_CTRL_LIVE) + if (ctrl->state != NVME_CTRL_LIVE && + ctrl->state != NVME_CTRL_ADMIN_ONLY) ret = -ENETRESET; } -- 2.14.3

7 years, 5 months

4
4
0 0

Linux 4.9.103

by Greg KH

I'm announcing the release of the 4.9.103 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/s390/crypto/crc32be-vx.S | 5 arch/s390/crypto/crc32le-vx.S | 4 arch/s390/include/asm/alternative-asm.h | 108 ++++++++++++ arch/s390/include/asm/nospec-insn.h | 195 +++++++++++++++++++++++ arch/s390/kernel/Makefile | 1 arch/s390/kernel/asm-offsets.c | 1 arch/s390/kernel/base.S | 24 +- arch/s390/kernel/entry.S | 105 ++---------- arch/s390/kernel/mcount.S | 14 + arch/s390/kernel/nospec-branch.c | 43 ++--- arch/s390/kernel/nospec-sysfs.c | 21 ++ arch/s390/kernel/reipl.S | 7 arch/s390/kernel/swsusp.S | 9 - arch/s390/lib/mem.S | 9 - arch/s390/net/bpf_jit.S | 16 + arch/s390/net/bpf_jit_comp.c | 63 +++++++ arch/x86/kernel/machine_kexec_32.c | 6 arch/x86/kernel/machine_kexec_64.c | 4 drivers/bluetooth/btusb.c | 6 drivers/clk/clk.c | 3 drivers/clk/rockchip/clk-mmc-phase.c | 23 ++ drivers/clk/rockchip/clk-rk3228.c | 2 drivers/clk/samsung/clk-exynos3250.c | 4 drivers/clk/samsung/clk-exynos5250.c | 8 drivers/clk/samsung/clk-exynos5260.c | 2 drivers/clk/samsung/clk-exynos5433.c | 12 - drivers/clk/samsung/clk-exynos7.c | 2 drivers/clk/samsung/clk-s3c2410.c | 16 - drivers/clk/tegra/clk-pll.c | 2 drivers/crypto/sunxi-ss/sun4i-ss-core.c | 1 drivers/media/dvb-core/dmxdev.c | 2 drivers/media/pci/cx23885/cx23885-cards.c | 4 drivers/media/pci/cx23885/cx23885-core.c | 10 + drivers/media/pci/cx25821/cx25821-core.c | 7 drivers/media/platform/s3c-camif/camif-capture.c | 7 drivers/media/platform/vivid/vivid-ctrls.c | 2 drivers/media/usb/em28xx/em28xx.h | 2 drivers/media/v4l2-core/videobuf2-vmalloc.c | 2 drivers/message/fusion/mptctl.c | 2 drivers/net/ethernet/mellanox/mlx4/main.c | 4 drivers/net/usb/qmi_wwan.c | 4 drivers/net/vmxnet3/vmxnet3_drv.c | 72 +++++--- drivers/rtc/hctosys.c | 5 drivers/rtc/rtc-snvs.c | 15 + drivers/rtc/rtc-tx4939.c | 6 drivers/s390/scsi/zfcp_dbf.c | 23 ++ drivers/s390/scsi/zfcp_ext.h | 5 drivers/s390/scsi/zfcp_scsi.c | 14 - drivers/scsi/aacraid/commsup.c | 4 drivers/scsi/aacraid/linit.c | 5 drivers/scsi/arm/fas216.c | 2 drivers/scsi/bnx2fc/bnx2fc_io.c | 1 drivers/scsi/libsas/sas_scsi_host.c | 33 +-- drivers/scsi/lpfc/lpfc_attr.c | 5 drivers/scsi/lpfc/lpfc_hbadisc.c | 5 drivers/scsi/lpfc/lpfc_sli.c | 2 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 2 drivers/scsi/mvsas/mv_94xx.c | 23 +- drivers/scsi/qla2xxx/qla_isr.c | 6 drivers/scsi/qla4xxx/ql4_def.h | 2 drivers/scsi/qla4xxx/ql4_os.c | 46 +++++ drivers/scsi/sd.c | 3 drivers/scsi/sg.c | 2 drivers/scsi/storvsc_drv.c | 2 drivers/scsi/sym53c8xx_2/sym_hipd.c | 2 drivers/scsi/ufs/ufshcd.c | 2 drivers/staging/lustre/lustre/include/obd.h | 2 drivers/staging/lustre/lustre/lmv/lmv_obd.c | 2 drivers/staging/lustre/lustre/osc/osc_cache.c | 2 drivers/staging/rtl8192u/r8192U_core.c | 2 drivers/tty/serial/8250/8250_port.c | 3 drivers/tty/serial/arc_uart.c | 5 drivers/tty/serial/fsl_lpuart.c | 4 drivers/tty/serial/imx.c | 6 drivers/tty/serial/mxs-auart.c | 4 drivers/tty/serial/samsung.c | 4 drivers/tty/serial/xilinx_uartps.c | 2 drivers/usb/class/cdc-acm.c | 9 - drivers/usb/dwc2/core.h | 2 drivers/usb/dwc2/gadget.c | 12 - drivers/usb/dwc2/hcd.c | 14 + drivers/usb/dwc3/core.c | 16 + drivers/usb/dwc3/core.h | 2 drivers/usb/dwc3/dwc3-omap.c | 16 + drivers/usb/gadget/composite.c | 40 ++-- drivers/usb/gadget/function/f_fs.c | 6 drivers/usb/gadget/function/f_uac2.c | 2 drivers/usb/gadget/udc/core.c | 2 drivers/usb/gadget/udc/fsl_udc_core.c | 4 drivers/usb/gadget/udc/goku_udc.h | 2 drivers/usb/host/ohci-hcd.c | 3 drivers/usb/host/xhci-mem.c | 2 fs/ext2/inode.c | 10 - fs/hfsplus/super.c | 1 include/linux/usb/composite.h | 3 include/uapi/linux/nl80211.h | 2 net/core/sock.c | 2 net/ipv4/ip_output.c | 3 net/ipv4/tcp_output.c | 7 net/ipv6/ip6_output.c | 3 net/packet/af_packet.c | 4 net/wireless/core.c | 3 sound/soc/au1x/ac97c.c | 6 sound/soc/samsung/i2s.c | 13 + sound/soc/soc-topology.c | 3 sound/usb/quirks.c | 29 +-- 107 files changed, 974 insertions(+), 334 deletions(-) Al Viro (1): ext2: fix a block leak Alexander Potapenko (1): scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() Alexandre Belloni (1): rtc: hctosys: Ensure system time doesn't overflow time_t Andrzej Hajda (6): clk: samsung: s3c2410: Fix PLL rates clk: samsung: exynos7: Fix PLL rates clk: samsung: exynos5260: Fix PLL rates clk: samsung: exynos5433: Fix PLL rates clk: samsung: exynos5250: Fix PLL rates clk: samsung: exynos3250: Fix PLL rates Arnd Bergmann (2): scsi: fas216: fix sense buffer initialization media: s3c-camif: fix out-of-bounds array access Bart Van Assche (1): scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() Brad Love (3): media: em28xx: USB bulk packet size fix media: cx23885: Set subdev host data to clk_freq pointer media: cx23885: Override 888 ImpactVCBe crystal frequency Brian Norris (1): usb: dwc3: Undo PHY init if soft reset fails Bryan O'Donoghue (1): rtc: snvs: Fix usage of snvs_rtc_enable Chad Dupuis (1): scsi: bnx2fc: Fix check in SCSI completion handler for timed out request Chris Dickens (1): usb: gadget: composite: fix incorrect handling of OS desc requests Colin Ian King (3): staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr media: cx25821: prevent out-of-bounds read on array card rtc: tx4939: avoid unintended sign extension on a 24 bit shift Dan Carpenter (3): scsi: sym53c8xx_2: iterator underflow in sym_getsync() scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() Dave Carroll (1): scsi: aacraid: Insure command thread is not recursively stopped Dominik Bozek (1): usb: cdc_acm: prevent race at write to acm while system resumes Eric Dumazet (2): sock_diag: fix use-after-free read in __sk_free tcp: purge write queue in tcp_connect_init() Fredrik Noring (1): USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM Geert Uytterhoeven (6): serial: xuartps: Fix out-of-bounds access through DT alias serial: samsung: Fix out-of-bounds access through serial port index serial: mxs-auart: Fix out-of-bounds access through serial port index serial: imx: Fix out-of-bounds access through serial port index serial: fsl_lpuart: Fix out-of-bounds access through DT alias serial: arc_uart: Fix out-of-bounds access through DT alias Giuseppe Lippolis (1): net-usb: add qmi_wwan if on lte modem wistron neweb d18q1 Greg Kroah-Hartman (1): Linux 4.9.103 Grigor Tovmasyan (1): usb: dwc2: Fix interval type issue Hannes Reinecke (1): scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM Hans Verkuil (1): media: vivid: fix incorrect capabilities for radio James Smart (3): scsi: lpfc: Fix issue_lip if link is disabled scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing scsi: lpfc: Fix frequency of Release WQE CQEs Jason Yan (1): scsi: libsas: defer ata device eh commands to libata Jens Remus (1): scsi: zfcp: fix infinite iteration on ERP ready list Jeremy Cline (1): scsi: sd: Keep disk read-only when re-reading partition Johannes Berg (1): cfg80211: limit wiphy names to 128 bytes John Keeping (1): usb: gadget: f_uac2: fix bFirstInterface in composite gadget Larry Finger (1): Bluetooth: btusb: Add device ID for RTL8822BE Lars-Peter Clausen (2): usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS usb: gadget: ffs: Execute copy_to_user() with USER_DS set Manish Rangankar (1): scsi: qla4xxx: skip error recovery in case of register disconnect. Manu Gautam (1): usb: gadget: core: Fix use-after-free of usb_request Marcel Ziswiler (1): clk: tegra: Fix pll_u rate configuration Martin Schwidefsky (9): s390: add assembler macros for CPU alternatives s390: move expoline assembler macros to a header s390/crc32-vx: use expoline for indirect branches s390/lib: use expoline for indirect branches s390/ftrace: use expoline for indirect branches s390/kernel: use expoline for indirect branches s390: move spectre sysfs attribute code s390: extend expoline to BC instructions s390: use expoline thunks in the BPF JIT Masami Hiramatsu (1): media: vb2: Fix videobuf2 to map correct area Mathias Nyman (1): xhci: zero usb device slot_id member when disabling and freeing a xhci slot Mauro Carvalho Chehab (1): media: dmxdev: fix error code for invalid ioctls Meelis Roos (1): scsi: aacraid: fix shutdown crash when init fails Michael Kelley (EOSG) (1): scsi: storvsc: Increase cmd_per_lun for higher speed devices Minas Harutyunyan (1): usb: dwc2: host: Fix transaction errors in host mode NeilBrown (2): staging: lustre: fix bug in osc_enter_cache_try staging: lustre: lmv: correctly iput lmo_root Nobutaka Okabe (1): ALSA: usb-audio: Add native DSD support for Luxman DA-06 Peter Robinson (1): crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss Ranjani Sridharan (1): ASoC: topology: create TLV data for dapm widgets Roger Quadros (1): usb: dwc3: omap: don't miss events during suspend/resume Shawn Lin (3): clk: rockchip: Fix wrong parent for SDMMC phase clock for rk3228 clk: Don't show the incorrect clock phase clk: rockchip: Prevent calculating mmc phase if clock rate is zero Stefan Agner (1): usb: gadget: fsl_udc_core: fix ep valid checks Sujit Reddy Thumma (1): scsi: ufs: Enable quirk to ignore sending WRITE_SAME command Sylwester Nawrocki (1): ASoC: samsung: i2s: Ensure the RCLK rate is properly determined Tarick Bedeir (1): net/mlx4_core: Fix error handling in mlx4_init_port_info. Tetsuo Handa (2): hfsplus: stop workqueue when fill_super() failed x86/kexec: Avoid double free_page() upon do_kexec_load() failure Thinh Nguyen (2): usb: dwc3: Add SoftReset PHY synchonization delay usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields Torsten Hilbrich (1): net/usb/qmi_wwan.c: Add USB id for lt4120 modem Vardan Mikayelyan (1): usb: dwc2: Fix dwc2_hsotg_core_init_disconnected() Vicente Bergas (1): Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB Vignesh R (1): serial: 8250: Don't service RX FIFO if interrupts are disabled Wilfried Weissmann (1): scsi: mvsas: fix wrong endianness of sgpio api Willem de Bruijn (2): net: test tailroom before appending to linear skb packet: in packet_snd start writing at link layer allocation Wolfram Sang (1): usb: gadget: udc: change comparison to bitshift when dealing with a mask hpreg(a)vmware.com (2): vmxnet3: set the DMA mask before the first DMA map operation vmxnet3: use DMA memory barriers where required

7 years, 5 months

1
1
0 0

Linux 3.18.110

by Greg KH

I'm announcing the release of the 3.18.110 kernel. All users of the 3.18 kernel series must upgrade. The updated 3.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arm/boot/dts/imx6qdl-wandboard.dtsi | 1 arch/arm/include/asm/assembler.h | 10 ++ arch/arm/kernel/traps.c | 5 - arch/arm/lib/getuser.S | 10 ++ arch/powerpc/kernel/setup-common.c | 11 -- arch/powerpc/platforms/powernv/opal-nvram.c | 14 ++- arch/x86/boot/compressed/eboot.c | 6 - arch/x86/kernel/machine_kexec_32.c | 6 + arch/x86/kernel/machine_kexec_64.c | 4 arch/x86/xen/mmu.c | 4 drivers/net/bonding/bond_alb.c | 2 drivers/net/ethernet/broadcom/tg3.c | 9 +- drivers/net/ethernet/mellanox/mlx4/en_ethtool.c | 16 +++ drivers/net/ethernet/mellanox/mlx4/mlx4_en.h | 7 + drivers/net/ethernet/realtek/8139too.c | 2 drivers/net/ethernet/realtek/r8169.c | 3 drivers/net/ethernet/sun/niu.c | 5 - drivers/net/usb/qmi_wwan.c | 13 ++ drivers/scsi/libsas/sas_scsi_host.c | 33 ++----- drivers/scsi/sg.c | 2 drivers/usb/usbip/stub.h | 2 drivers/usb/usbip/stub_dev.c | 69 +++++++++------ drivers/usb/usbip/stub_main.c | 105 +++++++++++++++++++++--- fs/ext2/inode.c | 10 -- fs/hfsplus/super.c | 1 fs/lockd/svc.c | 2 fs/pipe.c | 3 include/linux/efi.h | 8 - include/trace/events/xen.h | 16 --- include/uapi/linux/nl80211.h | 2 kernel/exit.c | 4 kernel/time/tick-broadcast.c | 8 + net/bridge/br_if.c | 4 net/compat.c | 6 - net/dccp/ccids/ccid2.c | 14 ++- net/dccp/timer.c | 2 net/ipv4/ip_output.c | 3 net/ipv4/ping.c | 7 + net/ipv4/tcp.c | 2 net/ipv4/tcp_output.c | 7 + net/ipv4/udp.c | 7 + net/ipv6/ip6_output.c | 3 net/l2tp/l2tp_netlink.c | 2 net/llc/af_llc.c | 3 net/sched/sch_fq.c | 37 +++++--- net/sctp/associola.c | 30 ++++++ net/sctp/inqueue.c | 2 net/sctp/sm_statefuns.c | 89 +++++++++++--------- net/wireless/core.c | 3 sound/core/control_compat.c | 3 sound/usb/mixer.c | 8 + 52 files changed, 426 insertions(+), 201 deletions(-) Al Viro (1): ext2: fix a block leak Alexander Potapenko (1): scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() Alexey Khoroshilov (1): usbip: fix error handling in stub_probe() Andrey Ignatov (1): ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg Ard Biesheuvel (1): efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode Benjamin Herrenschmidt (1): powerpc: Don't preempt_disable() in show_cpuinfo() Bjørn Mork (1): qmi_wwan: do not steal interfaces from class drivers Debabrata Banerjee (1): bonding: do not allow rlb updates to invalid mac Dexuan Cui (1): tick/broadcast: Use for_each_cpu() specially on UP kernels Eric Dumazet (4): dccp: fix tasklet usage llc: better deal with too small mtu net_sched: fq: take care of throttled flows before reuse tcp: purge write queue in tcp_connect_init() Federico Cuello (1): ALSA: usb: mixer: volume quirk for CM102-A+/102S+ Greg Kroah-Hartman (2): Revert "ARM: dts: imx6qdl-wandboard: Fix audio channel swap" Linux 3.18.110 Hangbin Liu (1): bridge: check iface upper dev when setting master via ioctl Heiner Kallweit (1): r8169: fix powering up RTL8168h Ingo Molnar (1): 8139too: Use disable_irq_nosync() in rtl8139_poll_controller() James Chapman (1): l2tp: revert "l2tp: fix missing print session offset info" Jason Yan (1): scsi: libsas: defer ata device eh commands to libata Johannes Berg (1): cfg80211: limit wiphy names to 128 bytes Lance Richardson (1): net: support compat 64-bit time in {s,g}etsockopt Masami Hiramatsu (2): ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions Michael Chan (1): tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent(). Michael Kerrisk (man-pages) (1): pipe: cap initial pipe capacity according to pipe-max-size limit Moshe Shemesh (1): net/mlx4_en: Verify coalescing parameters are in range Nicholas Piggin (1): powerpc/powernv: Fix NVRAM sleep in invalid context when crashing Rob Taglang (1): net: ethernet: sun: niu set correct packet size in skb Shuah Khan (1): usbip: usbip_host: refine probe and disconnect debug msgs to be useful Shuah Khan (Samsung OSG) (4): usbip: usbip_host: delete device from busid_table after rebind usbip: usbip_host: run rebind from exit when module is removed usbip: usbip_host: fix NULL-ptr deref and use-after-free errors usbip: usbip_host: fix bad unlock balance during stub_probe() Steven Rostedt (VMware) (1): tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} Tetsuo Handa (2): hfsplus: stop workqueue when fill_super() failed x86/kexec: Avoid double free_page() upon do_kexec_load() failure Vasily Averin (1): lockd: lost rollback of set_grace_period() in lockd_down_net() Wenwen Wang (1): ALSA: control: fix a redundant-copy issue Willem de Bruijn (1): net: test tailroom before appending to linear skb Xin Long (3): sctp: use the old asoc when making the cookie-ack chunk in dupcook_d sctp: fix the issue that the cookie-ack with auth can't get processed sctp: delay the authentication for the duplicated cookie-echo chunk Yuchung Cheng (1): tcp: ignore Fast Open on repair mode zhongjiang (1): kernel/exit.c: avoid undefined behaviour when calling wait4()

7 years, 5 months

1
1
0 0

[PATCH v11 1/4] ioremap: Update pgtable free interfaces with addr

by Chintan Pandya

From: Chintan Pandya <cpandya(a)codeaurora.org> The following kernel panic was observed on ARM64 platform due to a stale TLB entry. 1. ioremap with 4K size, a valid pte page table is set. 2. iounmap it, its pte entry is set to 0. 3. ioremap the same address with 2M size, update its pmd entry with a new value. 4. CPU may hit an exception because the old pmd entry is still in TLB, which leads to a kernel panic. Commit b6bdb7517c3d ("mm/vmalloc: add interfaces to free unmapped page table") has addressed this panic by falling to pte mappings in the above case on ARM64. To support pmd mappings in all cases, TLB purge needs to be performed in this case on ARM64. Add a new arg, 'addr', to pud_free_pmd_page() and pmd_free_pte_page() so that TLB purge can be added later in seprate patches. [toshi(a)hpe.com: merge changes, rewrite patch description] Fixes: 28ee90fe6048 ("x86/mm: implement free pmd/pte page interfaces") Signed-off-by: Chintan Pandya <cpandya(a)codeaurora.org> Signed-off-by: Toshi Kani <toshi.kani(a)hpe.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: Joerg Roedel <joro(a)8bytes.org> Cc: <stable(a)vger.kernel.org> --- arch/arm64/mm/mmu.c | 4 ++-- arch/x86/mm/pgtable.c | 8 +++++--- include/asm-generic/pgtable.h | 8 ++++---- lib/ioremap.c | 4 ++-- 4 files changed, 13 insertions(+), 11 deletions(-) diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c index 2dbb2c9..da98828 100644 --- a/arch/arm64/mm/mmu.c +++ b/arch/arm64/mm/mmu.c @@ -973,12 +973,12 @@ int pmd_clear_huge(pmd_t *pmdp) return 1; } -int pud_free_pmd_page(pud_t *pud) +int pud_free_pmd_page(pud_t *pud, unsigned long addr) { return pud_none(*pud); } -int pmd_free_pte_page(pmd_t *pmd) +int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) { return pmd_none(*pmd); } diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index ffc8c13..37e3cba 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -718,11 +718,12 @@ int pmd_clear_huge(pmd_t *pmd) /** * pud_free_pmd_page - Clear pud entry and free pmd page. * @pud: Pointer to a PUD. + * @addr: Virtual address associated with pud. * * Context: The pud range has been unmaped and TLB purged. * Return: 1 if clearing the entry succeeded. 0 otherwise. */ -int pud_free_pmd_page(pud_t *pud) +int pud_free_pmd_page(pud_t *pud, unsigned long addr) { pmd_t *pmd; int i; @@ -733,7 +734,7 @@ int pud_free_pmd_page(pud_t *pud) pmd = (pmd_t *)pud_page_vaddr(*pud); for (i = 0; i < PTRS_PER_PMD; i++) - if (!pmd_free_pte_page(&pmd[i])) + if (!pmd_free_pte_page(&pmd[i], addr + (i * PMD_SIZE))) return 0; pud_clear(pud); @@ -745,11 +746,12 @@ int pud_free_pmd_page(pud_t *pud) /** * pmd_free_pte_page - Clear pmd entry and free pte page. * @pmd: Pointer to a PMD. + * @addr: Virtual address associated with pmd. * * Context: The pmd range has been unmaped and TLB purged. * Return: 1 if clearing the entry succeeded. 0 otherwise. */ -int pmd_free_pte_page(pmd_t *pmd) +int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) { pte_t *pte; diff --git a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h index f59639a..b081794 100644 --- a/include/asm-generic/pgtable.h +++ b/include/asm-generic/pgtable.h @@ -1019,8 +1019,8 @@ static inline int p4d_clear_huge(p4d_t *p4d) int pmd_set_huge(pmd_t *pmd, phys_addr_t addr, pgprot_t prot); int pud_clear_huge(pud_t *pud); int pmd_clear_huge(pmd_t *pmd); -int pud_free_pmd_page(pud_t *pud); -int pmd_free_pte_page(pmd_t *pmd); +int pud_free_pmd_page(pud_t *pud, unsigned long addr); +int pmd_free_pte_page(pmd_t *pmd, unsigned long addr); #else /* !CONFIG_HAVE_ARCH_HUGE_VMAP */ static inline int p4d_set_huge(p4d_t *p4d, phys_addr_t addr, pgprot_t prot) { @@ -1046,11 +1046,11 @@ static inline int pmd_clear_huge(pmd_t *pmd) { return 0; } -static inline int pud_free_pmd_page(pud_t *pud) +static inline int pud_free_pmd_page(pud_t *pud, unsigned long addr) { return 0; } -static inline int pmd_free_pte_page(pmd_t *pmd) +static inline int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) { return 0; } diff --git a/lib/ioremap.c b/lib/ioremap.c index 54e5bba..517f585 100644 --- a/lib/ioremap.c +++ b/lib/ioremap.c @@ -92,7 +92,7 @@ static inline int ioremap_pmd_range(pud_t *pud, unsigned long addr, if (ioremap_pmd_enabled() && ((next - addr) == PMD_SIZE) && IS_ALIGNED(phys_addr + addr, PMD_SIZE) && - pmd_free_pte_page(pmd)) { + pmd_free_pte_page(pmd, addr)) { if (pmd_set_huge(pmd, phys_addr + addr, prot)) continue; } @@ -119,7 +119,7 @@ static inline int ioremap_pud_range(p4d_t *p4d, unsigned long addr, if (ioremap_pud_enabled() && ((next - addr) == PUD_SIZE) && IS_ALIGNED(phys_addr + addr, PUD_SIZE) && - pud_free_pmd_page(pud)) { + pud_free_pmd_page(pud, addr)) { if (pud_set_huge(pud, phys_addr + addr, prot)) continue; } -- Qualcomm India Private Limited, on behalf of Qualcomm Innovation Center, Inc., is a member of Code Aurora Forum, a Linux Foundation Collaborative Project

7 years, 5 months

1
0
0 0

[PATCH v11 1/4] ioremap: Update pgtable free interfaces with addr

by Chintan Pandya

From: Chintan Pandya <cpandya(a)codeaurora.org> The following kernel panic was observed on ARM64 platform due to a stale TLB entry. 1. ioremap with 4K size, a valid pte page table is set. 2. iounmap it, its pte entry is set to 0. 3. ioremap the same address with 2M size, update its pmd entry with a new value. 4. CPU may hit an exception because the old pmd entry is still in TLB, which leads to a kernel panic. Commit b6bdb7517c3d ("mm/vmalloc: add interfaces to free unmapped page table") has addressed this panic by falling to pte mappings in the above case on ARM64. To support pmd mappings in all cases, TLB purge needs to be performed in this case on ARM64. Add a new arg, 'addr', to pud_free_pmd_page() and pmd_free_pte_page() so that TLB purge can be added later in seprate patches. [toshi(a)hpe.com: merge changes, rewrite patch description] Fixes: 28ee90fe6048 ("x86/mm: implement free pmd/pte page interfaces") Signed-off-by: Chintan Pandya <cpandya(a)codeaurora.org> Signed-off-by: Toshi Kani <toshi.kani(a)hpe.com> Cc: Andrew Morton <akpm(a)linux-foundation.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Ingo Molnar <mingo(a)redhat.com> Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Will Deacon <will.deacon(a)arm.com> Cc: Joerg Roedel <joro(a)8bytes.org> Cc: <stable(a)vger.kernel.org> --- arch/arm64/mm/mmu.c | 4 ++-- arch/x86/mm/pgtable.c | 8 +++++--- include/asm-generic/pgtable.h | 8 ++++---- lib/ioremap.c | 4 ++-- 4 files changed, 13 insertions(+), 11 deletions(-) diff --git a/arch/arm64/mm/mmu.c b/arch/arm64/mm/mmu.c index 2dbb2c9..da98828 100644 --- a/arch/arm64/mm/mmu.c +++ b/arch/arm64/mm/mmu.c @@ -973,12 +973,12 @@ int pmd_clear_huge(pmd_t *pmdp) return 1; } -int pud_free_pmd_page(pud_t *pud) +int pud_free_pmd_page(pud_t *pud, unsigned long addr) { return pud_none(*pud); } -int pmd_free_pte_page(pmd_t *pmd) +int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) { return pmd_none(*pmd); } diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c index ffc8c13..37e3cba 100644 --- a/arch/x86/mm/pgtable.c +++ b/arch/x86/mm/pgtable.c @@ -718,11 +718,12 @@ int pmd_clear_huge(pmd_t *pmd) /** * pud_free_pmd_page - Clear pud entry and free pmd page. * @pud: Pointer to a PUD. + * @addr: Virtual address associated with pud. * * Context: The pud range has been unmaped and TLB purged. * Return: 1 if clearing the entry succeeded. 0 otherwise. */ -int pud_free_pmd_page(pud_t *pud) +int pud_free_pmd_page(pud_t *pud, unsigned long addr) { pmd_t *pmd; int i; @@ -733,7 +734,7 @@ int pud_free_pmd_page(pud_t *pud) pmd = (pmd_t *)pud_page_vaddr(*pud); for (i = 0; i < PTRS_PER_PMD; i++) - if (!pmd_free_pte_page(&pmd[i])) + if (!pmd_free_pte_page(&pmd[i], addr + (i * PMD_SIZE))) return 0; pud_clear(pud); @@ -745,11 +746,12 @@ int pud_free_pmd_page(pud_t *pud) /** * pmd_free_pte_page - Clear pmd entry and free pte page. * @pmd: Pointer to a PMD. + * @addr: Virtual address associated with pmd. * * Context: The pmd range has been unmaped and TLB purged. * Return: 1 if clearing the entry succeeded. 0 otherwise. */ -int pmd_free_pte_page(pmd_t *pmd) +int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) { pte_t *pte; diff --git a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h index f59639a..b081794 100644 --- a/include/asm-generic/pgtable.h +++ b/include/asm-generic/pgtable.h @@ -1019,8 +1019,8 @@ static inline int p4d_clear_huge(p4d_t *p4d) int pmd_set_huge(pmd_t *pmd, phys_addr_t addr, pgprot_t prot); int pud_clear_huge(pud_t *pud); int pmd_clear_huge(pmd_t *pmd); -int pud_free_pmd_page(pud_t *pud); -int pmd_free_pte_page(pmd_t *pmd); +int pud_free_pmd_page(pud_t *pud, unsigned long addr); +int pmd_free_pte_page(pmd_t *pmd, unsigned long addr); #else /* !CONFIG_HAVE_ARCH_HUGE_VMAP */ static inline int p4d_set_huge(p4d_t *p4d, phys_addr_t addr, pgprot_t prot) { @@ -1046,11 +1046,11 @@ static inline int pmd_clear_huge(pmd_t *pmd) { return 0; } -static inline int pud_free_pmd_page(pud_t *pud) +static inline int pud_free_pmd_page(pud_t *pud, unsigned long addr) { return 0; } -static inline int pmd_free_pte_page(pmd_t *pmd) +static inline int pmd_free_pte_page(pmd_t *pmd, unsigned long addr) { return 0; } diff --git a/lib/ioremap.c b/lib/ioremap.c index 54e5bba..517f585 100644 --- a/lib/ioremap.c +++ b/lib/ioremap.c @@ -92,7 +92,7 @@ static inline int ioremap_pmd_range(pud_t *pud, unsigned long addr, if (ioremap_pmd_enabled() && ((next - addr) == PMD_SIZE) && IS_ALIGNED(phys_addr + addr, PMD_SIZE) && - pmd_free_pte_page(pmd)) { + pmd_free_pte_page(pmd, addr)) { if (pmd_set_huge(pmd, phys_addr + addr, prot)) continue; } @@ -119,7 +119,7 @@ static inline int ioremap_pud_range(p4d_t *p4d, unsigned long addr, if (ioremap_pud_enabled() && ((next - addr) == PUD_SIZE) && IS_ALIGNED(phys_addr + addr, PUD_SIZE) && - pud_free_pmd_page(pud)) { + pud_free_pmd_page(pud, addr)) { if (pud_set_huge(pud, phys_addr + addr, prot)) continue; } -- Qualcomm India Private Limited, on behalf of Qualcomm Innovation Center, Inc., is a member of Code Aurora Forum, a Linux Foundation Collaborative Project

7 years, 5 months

1
0
0 0

[PATCH] MIPS: lantiq: gphy: Drop reboot/remove reset asserts

by Mathias Kresin

While doing a global software reset, these bits are not cleared and let some bootloader fail to initialise the GPHYs. The bootloader don't expect the GPHYs in reset, as they aren't during power on. The asserts were a workaround for a wrong syscon-reboot mask. With a mask set which includes the GPHY resets, these resets aren't required any more. Fixes: 126534141b45 ("MIPS: lantiq: Add a GPHY driver which uses the RCU syscon-mfd") Cc: stable(a)vger.kernel.org # 4.14+ Signed-off-by: Mathias Kresin <dev(a)kresin.me> --- drivers/soc/lantiq/gphy.c | 34 ---------------------------------- 1 file changed, 34 deletions(-) diff --git a/drivers/soc/lantiq/gphy.c b/drivers/soc/lantiq/gphy.c index 8d86594..8c31ae7 100644 --- a/drivers/soc/lantiq/gphy.c +++ b/drivers/soc/lantiq/gphy.c @@ -30,7 +30,6 @@ struct xway_gphy_priv { struct clk *gphy_clk_gate; struct reset_control *gphy_reset; struct reset_control *gphy_reset2; - struct notifier_block gphy_reboot_nb; void __iomem *membase; char *fw_name; }; @@ -64,24 +63,6 @@ static const struct of_device_id xway_gphy_match[] = { }; MODULE_DEVICE_TABLE(of, xway_gphy_match); -static struct xway_gphy_priv *to_xway_gphy_priv(struct notifier_block *nb) -{ - return container_of(nb, struct xway_gphy_priv, gphy_reboot_nb); -} - -static int xway_gphy_reboot_notify(struct notifier_block *reboot_nb, - unsigned long code, void *unused) -{ - struct xway_gphy_priv *priv = to_xway_gphy_priv(reboot_nb); - - if (priv) { - reset_control_assert(priv->gphy_reset); - reset_control_assert(priv->gphy_reset2); - } - - return NOTIFY_DONE; -} - static int xway_gphy_load(struct device *dev, struct xway_gphy_priv *priv, dma_addr_t *dev_addr) { @@ -205,14 +186,6 @@ static int xway_gphy_probe(struct platform_device *pdev) reset_control_deassert(priv->gphy_reset); reset_control_deassert(priv->gphy_reset2); - /* assert the gphy reset because it can hang after a reboot: */ - priv->gphy_reboot_nb.notifier_call = xway_gphy_reboot_notify; - priv->gphy_reboot_nb.priority = -1; - - ret = register_reboot_notifier(&priv->gphy_reboot_nb); - if (ret) - dev_warn(dev, "Failed to register reboot notifier\n"); - platform_set_drvdata(pdev, priv); return ret; @@ -224,17 +197,10 @@ static int xway_gphy_remove(struct platform_device *pdev) struct xway_gphy_priv *priv = platform_get_drvdata(pdev); int ret; - reset_control_assert(priv->gphy_reset); - reset_control_assert(priv->gphy_reset2); - iowrite32be(0, priv->membase); clk_disable_unprepare(priv->gphy_clk_gate); - ret = unregister_reboot_notifier(&priv->gphy_reboot_nb); - if (ret) - dev_warn(dev, "Failed to unregister reboot notifier\n"); - return 0; } -- 2.7.4

7 years, 5 months

4
5
0 0

[PATCH 00/11] mm: Teach memory_failure() about ZONE_DEVICE pages

by Dan Williams

As it stands, memory_failure() gets thoroughly confused by dev_pagemap backed mappings. The recovery code has specific enabling for several possible page states and needs new enabling to handle poison in dax mappings. In order to support reliable reverse mapping of user space addresses add new locking in the fsdax implementation to prevent races between page-address_space disassociation events and the rmap performed in the memory_failure() path. Additionally, since dev_pagemap pages are hidden from the page allocator, add a mechanism to determine the size of the mapping that encompasses a given poisoned pfn. Lastly, since pmem errors can be repaired, change the speculatively accessed poison protection, mce_unmap_kpfn(), to be reversible and otherwise allow ongoing access from the kernel. --- Dan Williams (11): device-dax: convert to vmf_insert_mixed and vm_fault_t device-dax: cleanup vm_fault de-reference chains device-dax: enable page_mapping() device-dax: set page->index filesystem-dax: set page->index filesystem-dax: perform __dax_invalidate_mapping_entry() under the page lock mm, madvise_inject_error: fix page count leak x86, memory_failure: introduce {set,clear}_mce_nospec() mm, memory_failure: pass page size to kill_proc() mm, memory_failure: teach memory_failure() about dev_pagemap pages libnvdimm, pmem: restore page attributes when clearing errors arch/x86/include/asm/set_memory.h | 29 ++++++ arch/x86/kernel/cpu/mcheck/mce-internal.h | 15 --- arch/x86/kernel/cpu/mcheck/mce.c | 38 +------- drivers/dax/device.c | 91 ++++++++++++-------- drivers/nvdimm/pmem.c | 26 ++++++ drivers/nvdimm/pmem.h | 13 +++ fs/dax.c | 102 ++++++++++++++++++++-- include/linux/huge_mm.h | 5 + include/linux/set_memory.h | 14 +++ mm/huge_memory.c | 4 - mm/madvise.c | 11 ++ mm/memory-failure.c | 133 +++++++++++++++++++++++++++-- 12 files changed, 370 insertions(+), 111 deletions(-)

7 years, 5 months

2
3
0 0

[PATCH 3/3] x86/platform/UV: Add kernel parameter to set memory block size

by mike.travis＠hpe.com

Add a kernel parameter that allows setting UV memory block size. This is to provide an adjustment for new forms of PMEM and other DIMM memory that might require alignment restrictions other than scanning the global address table for the required minimum alignment. The value set will be further adjusted by both the GAM range table scan as well as restrictions imposed by set_memory_block_size_order(). Signed-off-by: Mike Travis <mike.travis(a)hpe.com> Reviewed-by: Andrew Banman <andrew.banman(a)hpe.com> Cc: stable(a)vger.kernel.org --- arch/x86/kernel/apic/x2apic_uv_x.c | 11 +++++++++++ 1 file changed, 11 insertions(+) --- linux.orig/arch/x86/kernel/apic/x2apic_uv_x.c +++ linux/arch/x86/kernel/apic/x2apic_uv_x.c @@ -396,6 +396,17 @@ EXPORT_SYMBOL(uv_hub_info_version); /* Default UV memory block size is 2GB */ static unsigned long mem_block_size = (2UL << 30); +/* Kernel parameter to specify UV mem block size */ +static int parse_mem_block_size(char *ptr) +{ + unsigned long size = memparse(ptr, NULL); + + /* Size will be rounded down by set_block_size() below */ + mem_block_size = size; + return 0; +} +early_param("uv_memblksize", parse_mem_block_size); + static __init int adj_blksize(u32 lgre) { unsigned long base = (unsigned long)lgre << UV_GAM_RANGE_SHFT; --

7 years, 5 months

1
0
0 0

[PATCH 2/3] x86/platform/UV: Use new set memory block size function

by mike.travis＠hpe.com

Add a call to the new function to "adjust" the current fixed UV memory block size of 2GB so it can be changed to a different physical boundary. This accommodates changes in the Intel BIOS, and therefore UV BIOS, which now can align boundaries different than the previous UV standard of 2GB. It also flags any UV Global Address boundaries from BIOS that cause a change in the mem block size (boundary). The current boundary of 2GB has been used on UV since the first system release in 2009 with Linux 2.6 and has worked fine. But the new NVDIMM persistent memory modules (PMEM), along with the Intel BIOS changes to support these modules caused the memory block size boundary to be set to a lower limit. Intel only guarantees that this minimum boundary at 64MB though the current Linux limit is 128MB. Note that the default remains 2GB if no changes occur. Signed-off-by: Mike Travis <mike.travis(a)hpe.com> Reviewed-by: Andrew Banman <andrew.banman(a)hpe.com> Cc: stable(a)vger.kernel.org --- v2: Update description --- arch/x86/kernel/apic/x2apic_uv_x.c | 49 ++++++++++++++++++++++++++++++++++--- 1 file changed, 46 insertions(+), 3 deletions(-) --- linux.orig/arch/x86/kernel/apic/x2apic_uv_x.c +++ linux/arch/x86/kernel/apic/x2apic_uv_x.c @@ -26,6 +26,7 @@ #include <linux/delay.h> #include <linux/crash_dump.h> #include <linux/reboot.h> +#include <linux/memory.h> #include <asm/uv/uv_mmrs.h> #include <asm/uv/uv_hub.h> @@ -392,6 +393,40 @@ extern int uv_hub_info_version(void) } EXPORT_SYMBOL(uv_hub_info_version); +/* Default UV memory block size is 2GB */ +static unsigned long mem_block_size = (2UL << 30); + +static __init int adj_blksize(u32 lgre) +{ + unsigned long base = (unsigned long)lgre << UV_GAM_RANGE_SHFT; + unsigned long size; + + for (size = mem_block_size; size > MIN_MEMORY_BLOCK_SIZE; size >>= 1) + if (IS_ALIGNED(base, size)) + break; + + if (size >= mem_block_size) + return 0; + + mem_block_size = size; + return 1; +} + +static __init void set_block_size(void) +{ + unsigned int order = ffs(mem_block_size); + + if (order) { + /* adjust for ffs return of 1..64 */ + set_memory_block_size_order(order - 1); + pr_info("UV: mem_block_size set to 0x%lx\n", mem_block_size); + } else { + /* bad or zero value, default to 1UL << 31 (2GB) */ + pr_err("UV: mem_block_size error with 0x%lx\n", mem_block_size); + set_memory_block_size_order(31); + } +} + /* Build GAM range lookup table: */ static __init void build_uv_gr_table(void) { @@ -1180,23 +1215,30 @@ static void __init decode_gam_rng_tbl(un << UV_GAM_RANGE_SHFT); int order = 0; char suffix[] = " KMGTPE"; + int flag = ' '; while (size > 9999 && order < sizeof(suffix)) { size /= 1024; order++; } + /* adjust max block size to current range start */ + if (gre->type == 1 || gre->type == 2) + if (adj_blksize(lgre)) + flag = '*'; + if (!index) { pr_info("UV: GAM Range Table...\n"); - pr_info("UV: # %20s %14s %5s %4s %5s %3s %2s\n", "Range", "", "Size", "Type", "NASID", "SID", "PN"); + pr_info("UV: # %20s %14s %6s %4s %5s %3s %2s\n", "Range", "", "Size", "Type", "NASID", "SID", "PN"); } - pr_info("UV: %2d: 0x%014lx-0x%014lx %5lu%c %3d %04x %02x %02x\n", + pr_info("UV: %2d: 0x%014lx-0x%014lx%c %5lu%c %3d %04x %02x %02x\n", index++, (unsigned long)lgre << UV_GAM_RANGE_SHFT, (unsigned long)gre->limit << UV_GAM_RANGE_SHFT, - size, suffix[order], + flag, size, suffix[order], gre->type, gre->nasid, gre->sockid, gre->pnode); + /* update to next range start */ lgre = gre->limit; if (sock_min > gre->sockid) sock_min = gre->sockid; @@ -1427,6 +1469,7 @@ static void __init uv_system_init_hub(vo build_socket_tables(); build_uv_gr_table(); + set_block_size(); uv_init_hub_info(&hub_info); uv_possible_blades = num_possible_nodes(); if (!_node_to_pnode) --

7 years, 5 months

1
0
0 0

[PATCH 1/3] x86/platform/UV: Add adjustable set memory block size function

by mike.travis＠hpe.com

Add a new function to "adjust" the current fixed UV memory block size of 2GB so it can be changed to a different physical boundary. This is out of necessity so arch dependent code can accommodate specific BIOS requirements which can align these new PMEM modules at less than the default boundaries. A "set order" type of function was used to insure that the memory block size will be a power of two value without requiring a validity check. 64GB was chosen as the upper limit for memory block size values to accommodate upcoming 4PB systems which have 6 more bits of physical address space (46 becoming 52). Signed-off-by: Mike Travis <mike.travis(a)hpe.com> Reviewed-by: Andrew Banman <andrew.banman(a)hpe.com> Cc: stable(a)vger.kernel.org --- v2: Update description --- arch/x86/mm/init_64.c | 20 ++++++++++++++++---- include/linux/memory.h | 1 + 2 files changed, 17 insertions(+), 4 deletions(-) --- linux.orig/arch/x86/mm/init_64.c +++ linux/arch/x86/mm/init_64.c @@ -1350,16 +1350,28 @@ int kern_addr_valid(unsigned long addr) /* Amount of ram needed to start using large blocks */ #define MEM_SIZE_FOR_LARGE_BLOCK (64UL << 30) +/* Adjustable memory block size */ +static unsigned long set_memory_block_size; +int __init set_memory_block_size_order(unsigned int order) +{ + unsigned long size = 1UL << order; + + if (size > MEM_SIZE_FOR_LARGE_BLOCK || size < MIN_MEMORY_BLOCK_SIZE) + return -EINVAL; + + set_memory_block_size = size; + return 0; +} + static unsigned long probe_memory_block_size(void) { unsigned long boot_mem_end = max_pfn << PAGE_SHIFT; unsigned long bz; - /* If this is UV system, always set 2G block size */ - if (is_uv_system()) { - bz = MAX_BLOCK_SIZE; + /* If memory block size has been set, then use it */ + bz = set_memory_block_size; + if (bz) goto done; - } /* Use regular block if RAM is smaller than MEM_SIZE_FOR_LARGE_BLOCK */ if (boot_mem_end < MEM_SIZE_FOR_LARGE_BLOCK) { --- linux.orig/include/linux/memory.h +++ linux/include/linux/memory.h @@ -38,6 +38,7 @@ struct memory_block { int arch_get_memory_phys_device(unsigned long start_pfn); unsigned long memory_block_size_bytes(void); +int set_memory_block_size_order(unsigned int order); /* These states are exposed to userspace as text strings in sysfs */ #define MEM_ONLINE (1<<0) /* exposed to userspace */ --

7 years, 5 months

1
0
0 0

[PATCH 01/17] IB/isert: fix T10-pi check mask setting

by Max Gurtovoy

A copy/paste bug (probably) caused setting of an app_tag check mask in case where a ref_tag check was needed. Fixes: 38a2d0d429f1 ("IB/isert: convert to the generic RDMA READ/WRITE API") Fixes: 9e961ae73c2c ("IB/isert: Support T10-PI protected transactions") Cc: stable(a)vger.kernel.org Signed-off-by: Max Gurtovoy <maxg(a)mellanox.com> --- drivers/infiniband/ulp/isert/ib_isert.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/infiniband/ulp/isert/ib_isert.c b/drivers/infiniband/ulp/isert/ib_isert.c index fff40b0..d8b6bde 100644 --- a/drivers/infiniband/ulp/isert/ib_isert.c +++ b/drivers/infiniband/ulp/isert/ib_isert.c @@ -2108,7 +2108,7 @@ sig_attrs->check_mask = (se_cmd->prot_checks & TARGET_DIF_CHECK_GUARD ? 0xc0 : 0) | - (se_cmd->prot_checks & TARGET_DIF_CHECK_REFTAG ? 0x30 : 0) | + (se_cmd->prot_checks & TARGET_DIF_CHECK_APPTAG ? 0x30 : 0) | (se_cmd->prot_checks & TARGET_DIF_CHECK_REFTAG ? 0x0f : 0); return 0; } -- 1.8.3.1

7 years, 5 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror