- Linux-stable-mirror - lists.linaro.org

[PATCH stable 4.4] staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()

by Ian Abbott

From: Dan Carpenter <dan.carpenter(a)oracle.com> [ Upstream commit 1376b0a2160319125c3a2822e8c09bd283cd8141 ] There is a '>' vs '<' typo so this loop is a no-op. Fixes: d35dcc89fc93 ("staging: comedi: quatech_daqp_cs: fix daqp_ao_insn_write()") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> Reviewed-by: Ian Abbott <abbotti(a)mev.co.uk> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/staging/comedi/drivers/quatech_daqp_cs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/comedi/drivers/quatech_daqp_cs.c b/drivers/staging/comedi/drivers/quatech_daqp_cs.c index e9e43139157d..769a94015117 100644 --- a/drivers/staging/comedi/drivers/quatech_daqp_cs.c +++ b/drivers/staging/comedi/drivers/quatech_daqp_cs.c @@ -642,7 +642,7 @@ static int daqp_ao_insn_write(struct comedi_device *dev, /* Make sure D/A update mode is direct update */ outb(0, dev->iobase + DAQP_AUX_REG); - for (i = 0; i > insn->n; i++) { + for (i = 0; i < insn->n; i++) { unsigned val = data[i]; int ret; -- 2.18.0

7 years, 5 months

2
1
0 0

[PATCH stable 4.8 to 4.17] staging: comedi: quatech_daqp_cs: fix no-op loop daqp_ao_insn_write()

by Ian Abbott

From: Dan Carpenter <dan.carpenter(a)oracle.com> [ Upstream commit 1376b0a2160319125c3a2822e8c09bd283cd8141 ] There is a '>' vs '<' typo so this loop is a no-op. Fixes: d35dcc89fc93 ("staging: comedi: quatech_daqp_cs: fix daqp_ao_insn_write()") Signed-off-by: Dan Carpenter <dan.carpenter(a)oracle.com> Reviewed-by: Ian Abbott <abbotti(a)mev.co.uk> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/staging/comedi/drivers/quatech_daqp_cs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/comedi/drivers/quatech_daqp_cs.c b/drivers/staging/comedi/drivers/quatech_daqp_cs.c index ea194aa01a64..257b0daff01f 100644 --- a/drivers/staging/comedi/drivers/quatech_daqp_cs.c +++ b/drivers/staging/comedi/drivers/quatech_daqp_cs.c @@ -642,7 +642,7 @@ static int daqp_ao_insn_write(struct comedi_device *dev, /* Make sure D/A update mode is direct update */ outb(0, dev->iobase + DAQP_AUX_REG); - for (i = 0; i > insn->n; i++) { + for (i = 0; i < insn->n; i++) { unsigned int val = data[i]; int ret; -- 2.18.0

7 years, 5 months

2
1
0 0

patch "driver core: Partially revert "driver core: correct device's shutdown" added to driver-core-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled driver core: Partially revert "driver core: correct device's shutdown to my driver-core git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core.git in the driver-core-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 722e5f2b1eec7de61117b7c0a7914761e3da2eda Mon Sep 17 00:00:00 2001 From: "Rafael J. Wysocki" <rafael.j.wysocki(a)intel.com> Date: Tue, 10 Jul 2018 14:51:33 +0200 Subject: driver core: Partially revert "driver core: correct device's shutdown order" Commit 52cdbdd49853 (driver core: correct device's shutdown order) introduced a regression by breaking device shutdown on some systems. Namely, the devices_kset_move_last() call in really_probe() added by that commit is a mistake as it may cause parents to follow children in the devices_kset list which then causes shutdown to fail. For example, if a device has children before really_probe() is called for it (which is not uncommon), that call will cause it to be reordered after the children in the devices_kset list and the ordering of that list will not reflect the correct device shutdown order any more. Also it causes the devices_kset list to be constantly reordered until all drivers have been probed which is totally pointless overhead in the majority of cases and it only covered an issue with system shutdown, while system-wide suspend/resume potentially had the same issue on the affected platforms (which was not covered). Moreover, the shutdown issue originally addressed by the change in really_probe() made by commit 52cdbdd49853 is not present in 4.18-rc any more, since dra7 started to use the sdhci-omap driver which doesn't disable any regulators during shutdown, so the really_probe() part of commit 52cdbdd49853 can be safely reverted. [The original issue was related to the omap_hsmmc driver used by dra7 previously.] For the above reasons, revert the really_probe() modifications made by commit 52cdbdd49853. The other code changes made by commit 52cdbdd49853 are useful and they need not be reverted. Fixes: 52cdbdd49853 (driver core: correct device's shutdown order) Link: https://lore.kernel.org/lkml/CAFgQCTt7VfqM=UyCnvNFxrSw8Z6cUtAi3HUwR4_xPAc03… Reported-by: Pingfan Liu <kernelfans(a)gmail.com> Tested-by: Pingfan Liu <kernelfans(a)gmail.com> Reviewed-by: Kishon Vijay Abraham I <kishon(a)ti.com> Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/base/dd.c | 8 -------- 1 file changed, 8 deletions(-) diff --git a/drivers/base/dd.c b/drivers/base/dd.c index 1435d7281c66..6ebcd65d64b6 100644 --- a/drivers/base/dd.c +++ b/drivers/base/dd.c @@ -434,14 +434,6 @@ static int really_probe(struct device *dev, struct device_driver *drv) goto probe_failed; } - /* - * Ensure devices are listed in devices_kset in correct order - * It's important to move Dev to the end of devices_kset before - * calling .probe, because it could be recursive and parent Dev - * should always go first - */ - devices_kset_move_last(dev); - if (dev->bus->probe) { ret = dev->bus->probe(dev); if (ret) -- 2.18.0

7 years, 5 months

1
0
0 0

[PATCH] hfs/hfsplus: use documented official timestamp range

by Arnd Bergmann

According to the official documentation for HFS+ [1], inode timestamps are supposed to cover the time range from 1904 to 2040 as originally used in classic MacOS. The traditional Linux usage is to convert the timestamps into an unsigned 32-bit number based on the Unix epoch and from there to a time_t. On 32-bit systems, that wraps the time from 2038 to 1902, so the last two years of the valid time range become garbled. On 64-bit systems, all times before 1970 get turned into timestamps between 2038 and 2106, which is more convenient but also different from the documented behavior. The same behavior is used in Darwin and presumaby all versions of MacOS X, as seen in the to_hfs_time() function in [2]. It is unclear whether this is a bug in the file system code, or intentional but undocumented behavior. This changes Linux over to the traditional MacOS (pre MacOS X) behavior. This means all files that are created on MacOS X or Linux with future timestamps between 2040 and 2106 will now show up as past dates. Timestamps between 2038 and 2040 will still be represented incorrectly on 32-bit architectures as times between 1902 and 1904, but that will be fixed once we have user space with 64-bit time_t. Cc: stable(a)vger.kernel.org Link: [1] https://developer.apple.com/library/archive/technotes/tn/tn1150.html Link: [2] https://opensource.apple.com/source/xnu/xnu-344/bsd/hfs/MacOSStubs.c Suggested-by: Viacheslav Dubeyko <slava(a)dubeyko.com> Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> --- Note: This is the patch that Viacheslav asked for, but given how MacOS X behaves, I'm increasingly thinking this is a bad idea. --- fs/hfs/hfs_fs.h | 2 +- fs/hfsplus/hfsplus_fs.h | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/fs/hfs/hfs_fs.h b/fs/hfs/hfs_fs.h index 6d0783e2e276..39c1f3a43ed8 100644 --- a/fs/hfs/hfs_fs.h +++ b/fs/hfs/hfs_fs.h @@ -247,7 +247,7 @@ extern void hfs_mark_mdb_dirty(struct super_block *sb); * */ #define __hfs_u_to_mtime(sec) cpu_to_be32(sec + 2082844800U - sys_tz.tz_minuteswest * 60) -#define __hfs_m_to_utime(sec) (be32_to_cpu(sec) - 2082844800U + sys_tz.tz_minuteswest * 60) +#define __hfs_m_to_utime(sec) ((time64_t)be32_to_cpu(sec) - 2082844800U + sys_tz.tz_minuteswest * 60) #define HFS_I(inode) (container_of(inode, struct hfs_inode_info, vfs_inode)) #define HFS_SB(sb) ((struct hfs_sb_info *)(sb)->s_fs_info) diff --git a/fs/hfsplus/hfsplus_fs.h b/fs/hfsplus/hfsplus_fs.h index d9255abafb81..57838ef4dcdc 100644 --- a/fs/hfsplus/hfsplus_fs.h +++ b/fs/hfsplus/hfsplus_fs.h @@ -530,8 +530,9 @@ int hfsplus_submit_bio(struct super_block *sb, sector_t sector, void *buf, void **data, int op, int op_flags); int hfsplus_read_wrapper(struct super_block *sb); -/* time macros */ -#define __hfsp_mt2ut(t) (be32_to_cpu(t) - 2082844800U) +/* time macros: convert between 1904-2040 and 1970-2106 range, + * pre-1970 timestamps are interpreted as post-2038 times after wrap-around */ +#define __hfsp_mt2ut(t) ((time64_t)be32_to_cpu(t) - 2082844800U) #define __hfsp_ut2mt(t) (cpu_to_be32(t + 2082844800U)) /* compatibility */ -- 2.9.0

7 years, 5 months

2
2
0 0

[v4.14-stable 0/5] Fix DM DAX handling

by Ross Zwisler

This is a v4.14-stable backport of my "Fix DM DAX handling" series which had backport collisions. This series also includes a few patches that were backport dependencies. Changes from the v4.17-stable version: * DAX on raw mode namespace is allowed in this baseline, so we allow it for DM devices as well. This meant dropping the patch "pmem: only set QUEUE_FLAG_DAX for fsdax mode". * Pulled in one additional patch from Mike as a backport dependency. Darrick J. Wong (1): fs: allow per-device dax status checking for filesystems Dave Jiang (1): dax: change bdev_dax_supported() to support boolean returns Mike Snitzer (1): dm: set QUEUE_FLAG_DAX accordingly in dm_table_set_restrictions() Ross Zwisler (2): dax: check for QUEUE_FLAG_DAX in bdev_dax_supported() dm: prevent DAX mounts if not supported drivers/dax/super.c | 42 +++++++++++++++++++++++++----------------- drivers/md/dm-table.c | 9 ++++++--- drivers/md/dm.c | 6 +----- fs/ext2/super.c | 3 +-- fs/ext4/super.c | 3 +-- fs/xfs/xfs_ioctl.c | 3 ++- fs/xfs/xfs_iops.c | 30 +++++++++++++++++++++++++----- fs/xfs/xfs_super.c | 10 ++++++++-- include/linux/dax.h | 11 ++++++----- 9 files changed, 75 insertions(+), 42 deletions(-) -- 2.14.4

7 years, 5 months

2
6
0 0

[v4.17-stable v2 0/5] Fix DM DAX handling

by Ross Zwisler

This is a v4.17-stable backport of my "Fix DM DAX handling" series which had backport collisions. Greg, please let me know if I need to adjust anything in my backport formatting. --- Changes since v1: * Fixed formatting of my "commit X upstream." lines to include the full hash to match other existing backports in stable. * Fixed a few of the commit IDs which were from a dev branch and not the actual upstream commit ID. * Pulled in updated tags and changlog wording differences from upstream commits vs commits in my dev branch. Darrick J. Wong (1): fs: allow per-device dax status checking for filesystems Dave Jiang (1): dax: change bdev_dax_supported() to support boolean returns Ross Zwisler (3): pmem: only set QUEUE_FLAG_DAX for fsdax mode dax: check for QUEUE_FLAG_DAX in bdev_dax_supported() dm: prevent DAX mounts if not supported drivers/dax/super.c | 48 ++++++++++++++++++++++++++++-------------------- drivers/md/dm-table.c | 7 ++++--- drivers/md/dm.c | 3 +-- drivers/nvdimm/pmem.c | 3 ++- fs/ext2/super.c | 3 +-- fs/ext4/super.c | 3 +-- fs/xfs/xfs_ioctl.c | 3 ++- fs/xfs/xfs_iops.c | 30 +++++++++++++++++++++++++----- fs/xfs/xfs_super.c | 10 ++++++++-- include/linux/dax.h | 11 ++++++----- 10 files changed, 78 insertions(+), 43 deletions(-) -- 2.14.4

7 years, 5 months

2
7
0 0

[PATCH] Kbuild: fix # escaping in .cmd files for future Make

by Paul Menzel

From: Rasmus Villemoes <linux(a)rasmusvillemoes.dk> Date: Sun, 8 Apr 2018 23:35:28 +0200 commit 9564a8cf422d7b58f6e857e3546d346fa970191e upstream. I tried building using a freshly built Make (4.2.1-69-g8a731d1), but already the objtool build broke with orc_dump.c: In function ‘orc_dump’: orc_dump.c:106:2: error: ‘elf_getshnum’ is deprecated [-Werror=deprecated-declarations] if (elf_getshdrnum(elf, &nr_sections)) { Turns out that with that new Make, the backslash was not removed, so cpp didn't see a #include directive, grep found nothing, and -DLIBELF_USE_DEPRECATED was wrongly put in CFLAGS. Now, that new Make behaviour is documented in their NEWS file: * WARNING: Backward-incompatibility! Number signs (#) appearing inside a macro reference or function invocation no longer introduce comments and should not be escaped with backslashes: thus a call such as: foo := $(shell echo '#') is legal. Previously the number sign needed to be escaped, for example: foo := $(shell echo '\#') Now this latter will resolve to "\#". If you want to write makefiles portable to both versions, assign the number sign to a variable: C := \# foo := $(shell echo '$C') This was claimed to be fixed in 3.81, but wasn't, for some reason. To detect this change search for 'nocomment' in the .FEATURES variable. This also fixes up the two make-cmd instances to replace # with $(pound) rather than with \#. There might very well be other places that need similar fixup in preparation for whatever future Make release contains the above change, but at least this builds an x86_64 defconfig with the new make. Link: https://bugzilla.kernel.org/show_bug.cgi?id=197847 Cc: Randy Dunlap <rdunlap(a)infradead.org> Signed-off-by: Rasmus Villemoes <linux(a)rasmusvillemoes.dk> Signed-off-by: Masahiro Yamada <yamada.masahiro(a)socionext.com> Signed-off-by: Paul Menzel <pmenzel(a)molgen.mpg.de> --- Fix one conflict in `scripts/Kbuild.include`. scripts/Kbuild.include | 5 +++-- tools/build/Build.include | 5 +++-- tools/objtool/Makefile | 2 +- tools/scripts/Makefile.include | 2 ++ 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/scripts/Kbuild.include b/scripts/Kbuild.include index 97769465de13..fcbbecf92395 100644 --- a/scripts/Kbuild.include +++ b/scripts/Kbuild.include @@ -8,6 +8,7 @@ squote := ' empty := space := $(empty) $(empty) space_escape := _-_SPACE_-_ +pound := \# ### # Name of target with a '.' as filename prefix. foo/bar.o => foo/.bar.o @@ -251,11 +252,11 @@ endif # Replace >$< with >$$< to preserve $ when reloading the .cmd file # (needed for make) -# Replace >#< with >\#< to avoid starting a comment in the .cmd file +# Replace >#< with >$(pound)< to avoid starting a comment in the .cmd file # (needed for make) # Replace >'< with >'\''< to be able to enclose the whole string in '...' # (needed for the shell) -make-cmd = $(call escsq,$(subst \#,\\\#,$(subst $$,$$$$,$(cmd_$(1))))) +make-cmd = $(call escsq,$(subst $(pound),$$(pound),$(subst $$,$$$$,$(cmd_$(1))))) # Find any prerequisites that is newer than target or that does not exist. # PHONY targets skipped in both cases. diff --git a/tools/build/Build.include b/tools/build/Build.include index 418871d02ebf..a4bbb984941d 100644 --- a/tools/build/Build.include +++ b/tools/build/Build.include @@ -12,6 +12,7 @@ # Convenient variables comma := , squote := ' +pound := \# ### # Name of target with a '.' as filename prefix. foo/bar.o => foo/.bar.o @@ -43,11 +44,11 @@ echo-cmd = $(if $($(quiet)cmd_$(1)),\ ### # Replace >$< with >$$< to preserve $ when reloading the .cmd file # (needed for make) -# Replace >#< with >\#< to avoid starting a comment in the .cmd file +# Replace >#< with >$(pound)< to avoid starting a comment in the .cmd file # (needed for make) # Replace >'< with >'\''< to be able to enclose the whole string in '...' # (needed for the shell) -make-cmd = $(call escsq,$(subst \#,\\\#,$(subst $$,$$$$,$(cmd_$(1))))) +make-cmd = $(call escsq,$(subst $(pound),$$(pound),$(subst $$,$$$$,$(cmd_$(1))))) ### # Find any prerequisites that is newer than target or that does not exist. diff --git a/tools/objtool/Makefile b/tools/objtool/Makefile index e6acc281dd37..8ae824dbfca3 100644 --- a/tools/objtool/Makefile +++ b/tools/objtool/Makefile @@ -35,7 +35,7 @@ CFLAGS += -Wall -Werror $(WARNINGS) -fomit-frame-pointer -O2 -g $(INCLUDES) LDFLAGS += -lelf $(LIBSUBCMD) # Allow old libelf to be used: -elfshdr := $(shell echo '\#include <libelf.h>' | $(CC) $(CFLAGS) -x c -E - | grep elf_getshdr) +elfshdr := $(shell echo '$(pound)include <libelf.h>' | $(CC) $(CFLAGS) -x c -E - | grep elf_getshdr) CFLAGS += $(if $(elfshdr),,-DLIBELF_USE_DEPRECATED) AWK = awk diff --git a/tools/scripts/Makefile.include b/tools/scripts/Makefile.include index 654efd9768fd..5f3f1f44ed0a 100644 --- a/tools/scripts/Makefile.include +++ b/tools/scripts/Makefile.include @@ -101,3 +101,5 @@ ifneq ($(silent),1) QUIET_INSTALL = @printf ' INSTALL %s\n' $1; endif endif + +pound := \# -- 2.17.1

7 years, 5 months

2
5
0 0

[PATCH 4.4, 4.9] dm bufio: don't take the lock in dm_bufio_shrink_count

by Mikulas Patocka

This is backport of the upstream patch d12067f428c037b4575aaeb2be00847fc214c24a. It should be backported to stable kernels because this performance problem was seen on the android 4.4 kernel. commit d12067f428c037b4575aaeb2be00847fc214c24a Author: Mikulas Patocka <mpatocka(a)redhat.com> Date: Wed Nov 23 16:52:01 2016 -0500 dm bufio: don't take the lock in dm_bufio_shrink_count dm_bufio_shrink_count() is called from do_shrink_slab to find out how many freeable objects are there. The reported value doesn't have to be precise, so we don't need to take the dm-bufio lock. Suggested-by: David Rientjes <rientjes(a)google.com> Signed-off-by: Mikulas Patocka <mpatocka(a)redhat.com> Signed-off-by: Mike Snitzer <snitzer(a)redhat.com> --- drivers/md/dm-bufio.c | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) Index: linux-stable/drivers/md/dm-bufio.c =================================================================== --- linux-stable.orig/drivers/md/dm-bufio.c 2018-07-04 15:25:41.000000000 +0200 +++ linux-stable/drivers/md/dm-bufio.c 2018-07-04 15:33:59.000000000 +0200 @@ -1574,19 +1574,11 @@ dm_bufio_shrink_scan(struct shrinker *sh static unsigned long dm_bufio_shrink_count(struct shrinker *shrink, struct shrink_control *sc) { - struct dm_bufio_client *c; - unsigned long count; - unsigned long retain_target; + struct dm_bufio_client *c = container_of(shrink, struct dm_bufio_client, shrinker); + unsigned long count = READ_ONCE(c->n_buffers[LIST_CLEAN]) + + READ_ONCE(c->n_buffers[LIST_DIRTY]); + unsigned long retain_target = get_retain_buffers(c); - c = container_of(shrink, struct dm_bufio_client, shrinker); - if (sc->gfp_mask & __GFP_FS) - dm_bufio_lock(c); - else if (!dm_bufio_trylock(c)) - return 0; - - count = c->n_buffers[LIST_CLEAN] + c->n_buffers[LIST_DIRTY]; - retain_target = get_retain_buffers(c); - dm_bufio_unlock(c); return (count < retain_target) ? 0 : (count - retain_target); }

7 years, 5 months

2
1
0 0

FAILED: patch "[PATCH] mtd: rawnand: mxc: set spare area size register explicitly" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 3f77f244d8ec28e3a0a81240ffac7d626390060c Mon Sep 17 00:00:00 2001 From: Martin Kaiser <martin(a)kaiser.cx> Date: Mon, 18 Jun 2018 22:41:03 +0200 Subject: [PATCH] mtd: rawnand: mxc: set spare area size register explicitly The v21 version of the NAND flash controller contains a Spare Area Size Register (SPAS) at offset 0x10. Its setting defaults to the maximum spare area size of 218 bytes. The size that is set in this register is used by the controller when it calculates the ECC bytes internally in hardware. Usually, this register is updated from settings in the IIM fuses when the system is booting from NAND flash. For other boot media, however, the SPAS register remains at the default setting, which may not work for the particular flash chip on the board. The same goes for flash chips whose configuration cannot be set in the IIM fuses (e.g. chips with 2k sector size and 128 bytes spare area size can't be configured in the IIM fuses on imx25 systems). Set the SPAS register explicitly during the preset operation. Derive the register value from mtd->oobsize that was detected during probe by decoding the flash chip's ID bytes. While at it, rename the define for the spare area register's offset to NFC_V21_RSLTSPARE_AREA. The register at offset 0x10 on v1 controllers is different from the register on v21 controllers. Fixes: d484018 ("mtd: mxc_nand: set NFC registers after reset") Cc: stable(a)vger.kernel.org Signed-off-by: Martin Kaiser <martin(a)kaiser.cx> Reviewed-by: Sascha Hauer <s.hauer(a)pengutronix.de> Reviewed-by: Miquel Raynal <miquel.raynal(a)bootlin.com> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> diff --git a/drivers/mtd/nand/raw/mxc_nand.c b/drivers/mtd/nand/raw/mxc_nand.c index 45786e707b7b..26cef218bb43 100644 --- a/drivers/mtd/nand/raw/mxc_nand.c +++ b/drivers/mtd/nand/raw/mxc_nand.c @@ -48,7 +48,7 @@ #define NFC_V1_V2_CONFIG (host->regs + 0x0a) #define NFC_V1_V2_ECC_STATUS_RESULT (host->regs + 0x0c) #define NFC_V1_V2_RSLTMAIN_AREA (host->regs + 0x0e) -#define NFC_V1_V2_RSLTSPARE_AREA (host->regs + 0x10) +#define NFC_V21_RSLTSPARE_AREA (host->regs + 0x10) #define NFC_V1_V2_WRPROT (host->regs + 0x12) #define NFC_V1_UNLOCKSTART_BLKADDR (host->regs + 0x14) #define NFC_V1_UNLOCKEND_BLKADDR (host->regs + 0x16) @@ -1274,6 +1274,9 @@ static void preset_v2(struct mtd_info *mtd) writew(config1, NFC_V1_V2_CONFIG1); /* preset operation */ + /* spare area size in 16-bit half-words */ + writew(mtd->oobsize / 2, NFC_V21_RSLTSPARE_AREA); + /* Unlock the internal RAM Buffer */ writew(0x2, NFC_V1_V2_CONFIG);

7 years, 5 months

3
2
0 0

FAILED: patch "[PATCH] i2c: smbus: kill memory leak on emulated and failed DMA SMBus" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 9aa613674f89d01248ae2e4afe691b515ff8fbb6 Mon Sep 17 00:00:00 2001 From: Peter Rosin <peda(a)axentia.se> Date: Wed, 20 Jun 2018 11:43:23 +0200 Subject: [PATCH] i2c: smbus: kill memory leak on emulated and failed DMA SMBus xfers If DMA safe memory was allocated, but the subsequent I2C transfer fails the memory is leaked. Plug this leak. Fixes: 8a77821e74d6 ("i2c: smbus: use DMA safe buffers for emulated SMBus transactions") Signed-off-by: Peter Rosin <peda(a)axentia.se> Signed-off-by: Wolfram Sang <wsa(a)the-dreams.de> Cc: stable(a)kernel.org diff --git a/drivers/i2c/i2c-core-smbus.c b/drivers/i2c/i2c-core-smbus.c index f3f683041e7f..51970bae3c4a 100644 --- a/drivers/i2c/i2c-core-smbus.c +++ b/drivers/i2c/i2c-core-smbus.c @@ -465,15 +465,18 @@ static s32 i2c_smbus_xfer_emulated(struct i2c_adapter *adapter, u16 addr, status = i2c_transfer(adapter, msg, num); if (status < 0) - return status; - if (status != num) - return -EIO; + goto cleanup; + if (status != num) { + status = -EIO; + goto cleanup; + } + status = 0; /* Check PEC if last message is a read */ if (i && (msg[num-1].flags & I2C_M_RD)) { status = i2c_smbus_check_pec(partial_pec, &msg[num-1]); if (status < 0) - return status; + goto cleanup; } if (read_write == I2C_SMBUS_READ) @@ -499,12 +502,13 @@ static s32 i2c_smbus_xfer_emulated(struct i2c_adapter *adapter, u16 addr, break; } +cleanup: if (msg[0].flags & I2C_M_DMA_SAFE) kfree(msg[0].buf); if (msg[1].flags & I2C_M_DMA_SAFE) kfree(msg[1].buf); - return 0; + return status; } /**

7 years, 5 months

3
2
0 0

FAILED: patch "[PATCH] mm, page_alloc: do not break __GFP_THISNODE by zonelist reset" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 7810e6781e0fcbca78b91cf65053f895bf59e85f Mon Sep 17 00:00:00 2001 From: Vlastimil Babka <vbabka(a)suse.cz> Date: Thu, 7 Jun 2018 17:09:29 -0700 Subject: [PATCH] mm, page_alloc: do not break __GFP_THISNODE by zonelist reset In __alloc_pages_slowpath() we reset zonelist and preferred_zoneref for allocations that can ignore memory policies. The zonelist is obtained from current CPU's node. This is a problem for __GFP_THISNODE allocations that want to allocate on a different node, e.g. because the allocating thread has been migrated to a different CPU. This has been observed to break SLAB in our 4.4-based kernel, because there it relies on __GFP_THISNODE working as intended. If a slab page is put on wrong node's list, then further list manipulations may corrupt the list because page_to_nid() is used to determine which node's list_lock should be locked and thus we may take a wrong lock and race. Current SLAB implementation seems to be immune by luck thanks to commit 511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on arbitrary node") but there may be others assuming that __GFP_THISNODE works as promised. We can fix it by simply removing the zonelist reset completely. There is actually no reason to reset it, because memory policies and cpusets don't affect the zonelist choice in the first place. This was different when commit 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") introduced the code, as mempolicies provided their own restricted zonelists. We might consider this for 4.17 although I don't know if there's anything currently broken. SLAB is currently not affected, but in kernels older than 4.7 that don't yet have 511e3a058812 ("mm/slab: make cache_grow() handle the page allocated on arbitrary node") it is. That's at least 4.4 LTS. Older ones I'll have to check. So stable backports should be more important, but will have to be reviewed carefully, as the code went through many changes. BTW I think that also the ac->preferred_zoneref reset is currently useless if we don't also reset ac->nodemask from a mempolicy to NULL first (which we probably should for the OOM victims etc?), but I would leave that for a separate patch. Link: http://lkml.kernel.org/r/20180525130853.13915-1-vbabka@suse.cz Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz> Fixes: 183f6371aac2 ("mm: ignore mempolicies when using ALLOC_NO_WATERMARK") Acked-by: Mel Gorman <mgorman(a)techsingularity.net> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: David Rientjes <rientjes(a)google.com> Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com> Cc: Vlastimil Babka <vbabka(a)suse.cz> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/mm/page_alloc.c b/mm/page_alloc.c index ef1811531999..07b3c23762ad 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -4169,7 +4169,6 @@ __alloc_pages_slowpath(gfp_t gfp_mask, unsigned int order, * orientated. */ if (!(alloc_flags & ALLOC_CPUSET) || reserve_flags) { - ac->zonelist = node_zonelist(numa_node_id(), gfp_mask); ac->preferred_zoneref = first_zones_zonelist(ac->zonelist, ac->high_zoneidx, ac->nodemask); }

7 years, 5 months

3
2
0 0

[PATCH 4.4 000/268] 4.4.134-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.134 release. There are 268 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed May 30 10:00:40 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.134-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.134-rc1 Martin Schwidefsky <schwidefsky(a)de.ibm.com> s390/ftrace: use expoline for indirect branches Randy Dunlap <rdunlap(a)infradead.org> kdb: make "mdr" command repeat Larry Finger <Larry.Finger(a)lwfinger.net> Bluetooth: btusb: Add device ID for RTL8822BE Sylwester Nawrocki <s.nawrocki(a)samsung.com> ASoC: samsung: i2s: Ensure the RCLK rate is properly determined Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> regulator: of: Add a missing 'of_node_put()' in an error handling path of 'of_regulator_match()' James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix frequency of Release WQE CQEs James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix soft lockup in lpfc worker thread during LIP testing James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Fix issue_lip if link is disabled Richard Haines <richard_c_haines(a)btinternet.com> netlabel: If PF_INET6, check sk_buff ip header version Prashant Bhole <bhole_prashant_q7(a)lab.ntt.co.jp> selftests/net: fixes psock_fanout eBPF test case Jiri Olsa <jolsa(a)redhat.com> perf report: Fix memory corruption in --branch-history mode --branch-history Jiri Olsa <jolsa(a)kernel.org> perf tests: Use arch__compare_symbol_names to compare symbols Baoquan He <bhe(a)redhat.com> x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified Ørjan Eide <orjan.eide(a)arm.com> drm/rockchip: Respect page offset for PRIME mmap calls Joe Perches <joe(a)perches.com> MIPS: Octeon: Fix logging messages with spurious periods after newlines Richard Guy Briggs <rgb(a)redhat.com> audit: return on memory error to avoid null pointer dereference Peter Robinson <pbrobinson(a)gmail.com> crypto: sunxi-ss - Add MODULE_ALIAS to sun4i-ss Andrzej Hajda <a.hajda(a)samsung.com> clk: samsung: exynos3250: Fix PLL rates Andrzej Hajda <a.hajda(a)samsung.com> clk: samsung: exynos5250: Fix PLL rates Andrzej Hajda <a.hajda(a)samsung.com> clk: samsung: exynos5433: Fix PLL rates Andrzej Hajda <a.hajda(a)samsung.com> clk: samsung: exynos5260: Fix PLL rates Andrzej Hajda <a.hajda(a)samsung.com> clk: samsung: s3c2410: Fix PLL rates Colin Ian King <colin.king(a)canonical.com> media: cx25821: prevent out-of-bounds read on array card Jan Kara <jack(a)suse.cz> udf: Provide saner default for invalid uid / gid Thomas Vincent-Cross <me(a)tvc.id.au> PCI: Add function 1 DMA alias quirk for Marvell 88SE9220 Geert Uytterhoeven <geert+renesas(a)glider.be> serial: arc_uart: Fix out-of-bounds access through DT alias Geert Uytterhoeven <geert+renesas(a)glider.be> serial: fsl_lpuart: Fix out-of-bounds access through DT alias Geert Uytterhoeven <geert+renesas(a)glider.be> serial: imx: Fix out-of-bounds access through serial port index Geert Uytterhoeven <geert+renesas(a)glider.be> serial: mxs-auart: Fix out-of-bounds access through serial port index Geert Uytterhoeven <geert+renesas(a)glider.be> serial: samsung: Fix out-of-bounds access through serial port index Geert Uytterhoeven <geert+renesas(a)glider.be> serial: xuartps: Fix out-of-bounds access through DT alias Colin Ian King <colin.king(a)canonical.com> rtc: tx4939: avoid unintended sign extension on a 24 bit shift Colin Ian King <colin.king(a)canonical.com> staging: rtl8192u: return -ENOMEM on failed allocation of priv->oldaddr lionel.debieve(a)st.com <lionel.debieve(a)st.com> hwrng: stm32 - add reset during probe Govindarajulu Varadarajan <gvaradar(a)cisco.com> enic: enable rq before updating rq descriptors Shawn Lin <shawn.lin(a)rock-chips.com> clk: rockchip: Prevent calculating mmc phase if clock rate is zero Brad Love <brad(a)nextdimension.cc> media: em28xx: USB bulk packet size fix Qi Hou <qi.hou(a)windriver.com> dmaengine: pl330: fix a race condition in case of threaded irqs Arnd Bergmann <arnd(a)arndb.de> media: s3c-camif: fix out-of-bounds array access Brad Love <brad(a)nextdimension.cc> media: cx23885: Set subdev host data to clk_freq pointer Brad Love <brad(a)nextdimension.cc> media: cx23885: Override 888 ImpactVCBe crystal frequency Takashi Iwai <tiwai(a)suse.de> ALSA: vmaster: Propagate slave error Ivan Gorinov <ivan.gorinov(a)intel.com> x86/devicetree: Fix device IRQ settings in DT Ivan Gorinov <ivan.gorinov(a)intel.com> x86/devicetree: Initialize device tree before using it Chris Dickens <christopher.a.dickens(a)gmail.com> usb: gadget: composite: fix incorrect handling of OS desc requests Wolfram Sang <wsa+renesas(a)sang-engineering.com> usb: gadget: udc: change comparison to bitshift when dealing with a mask Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Fix fallocate chunk size Maurizio Lombardi <mlombard(a)redhat.com> cdrom: do not call check_disk_change() inside cdrom_open() Guenter Roeck <linux(a)roeck-us.net> hwmon: (pmbus/adm1275) Accept negative page register values Guenter Roeck <linux(a)roeck-us.net> hwmon: (pmbus/max8688) Accept negative page register values Peter Zijlstra <peterz(a)infradead.org> perf/core: Fix perf_output_read_group() Ranjani Sridharan <ranjani.sridharan(a)linux.intel.com> ASoC: topology: create TLV data for dapm widgets Mathieu Malaterre <malat(a)debian.org> powerpc: Add missing prototype for arch_irq_work_raise() Lars-Peter Clausen <lars(a)metafoo.de> usb: gadget: ffs: Execute copy_to_user() with USER_DS set Lars-Peter Clausen <lars(a)metafoo.de> usb: gadget: ffs: Let setup() return USB_GADGET_DELAYED_STATUS Grigor Tovmasyan <Grigor.Tovmasyan(a)synopsys.com> usb: dwc2: Fix interval type issue Kamlakant Patel <kamlakant.patel(a)cavium.com> ipmi_ssif: Fix kernel panic at msg_done_handler Rafael J. Wysocki <rjw(a)rjwysocki.net> PCI: Restore config space on runtime resume despite being unbound Mathias Kresin <dev(a)kresin.me> MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: zero usb device slot_id member when disabling and freeing a xhci slot Vitaly Kuznetsov <vkuznets(a)redhat.com> KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use Gregory CLEMENT <gregory.clement(a)bootlin.com> i2c: mv64xxx: Apply errata delay only in standard mode Seunghun Han <kkamagui(a)gmail.com> ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c Erik Schmauss <erik.schmauss(a)intel.com> ACPICA: Events: add a return on failure from acpi_hw_register_read Coly Li <colyli(a)suse.de> bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set Michael Schmitz <schmitzmic(a)gmail.com> zorro: Set up z->dev.dma_mask for the DMA API Shawn Lin <shawn.lin(a)rock-chips.com> clk: Don't show the incorrect clock phase Chunyu Hu <chuhu(a)redhat.com> cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path Thinh Nguyen <Thinh.Nguyen(a)synopsys.com> usb: dwc3: Update DWC_usb31 GTXFIFOSIZ reg fields Philipp Puschmann <pp(a)emlix.com> arm: dts: socfpga: fix GIC PPI warning Jay Vosburgh <jay.vosburgh(a)canonical.com> virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS Petr Vorel <pvorel(a)suse.cz> ima: Fallback to the builtin hash algorithm Jiandi An <anjiandi(a)codeaurora.org> ima: Fix Kconfig to select TPM 2.0 CRB interface Karthikeyan Periyasamy <periyasa(a)codeaurora.org> ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) Leon Romanovsky <leonro(a)mellanox.com> net/mlx5: Protect from command bit overflow Michael Ellerman <mpe(a)ellerman.id.au> selftests: Print the test we're running to /dev/kmsg Frank Asseg <frank.asseg(a)objecthunter.net> tools/thermal: tmon: fix for segfault Michael Ellerman <mpe(a)ellerman.id.au> powerpc/perf: Fix kernel address leak via sampling registers Madhavan Srinivasan <maddy(a)linux.vnet.ibm.com> powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer Alexandre Belloni <alexandre.belloni(a)bootlin.com> rtc: hctosys: Ensure system time doesn't overflow time_t Guenter Roeck <linux(a)roeck-us.net> hwmon: (nct6775) Fix writing pwmX_mode Helge Deller <deller(a)gmx.de> parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode Greg Ungerer <gerg(a)linux-m68k.org> m68k: set dma and coherent masks for platform FEC ethernets Michael Ellerman <mpe(a)ellerman.id.au> powerpc/mpic: Check if cpu_possible() in mpic_physmask() Lenny Szubowicz <lszubowi(a)redhat.com> ACPI: acpi_pad: Fix memory leak in power saving threads Dan Carpenter <dan.carpenter(a)oracle.com> xen/acpi: off by one in read_acpi_id() Jeff Mahoney <jeffm(a)suse.com> btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers Filipe Manana <fdmanana(a)suse.com> Btrfs: fix copy_items() return value when logging an inode Qu Wenruo <wqu(a)suse.com> btrfs: tests/qgroup: Fix wrong tree backref level Vicente Bergas <vicencb(a)gmail.com> Bluetooth: btusb: Add USB ID 7392:a611 for Edimax EW-7611ULB Florian Fainelli <f.fainelli(a)gmail.com> net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() Bryan O'Donoghue <pure.logic(a)nexus-software.ie> rtc: snvs: Fix usage of snvs_rtc_enable David S. Miller <davem(a)davemloft.net> sparc64: Make atomic_xchg() an inline function rather than a macro. David Howells <dhowells(a)redhat.com> fscache: Fix hanging wait on page discarded by writeback Sean Christopherson <sean.j.christopherson(a)intel.com> KVM: VMX: raise internal error for exception during invalid protected mode state Davidlohr Bueso <dave(a)stgolabs.net> sched/rt: Fix rq->clock_update_flags < RQCF_ACT_SKIP warning Jun Piao <piaojun(a)huawei.com> ocfs2/dlm: don't handle migrate lockres if already in shutdown Nikolay Borisov <nborisov(a)suse.com> btrfs: Fix possible softlock on single core machines Liu Bo <bo.liu(a)linux.alibaba.com> Btrfs: fix NULL pointer dereference in log_dir_items Liu Bo <bo.liu(a)linux.alibaba.com> Btrfs: bail out on error during replay_dir_deletes Huang Ying <ying.huang(a)intel.com> mm: fix races between address_space dereference and free in page_evicatable Claudio Imbrenda <imbrenda(a)linux.vnet.ibm.com> mm/ksm: fix interaction with THP Esben Haabendal <eha(a)deif.com> dp83640: Ensure against premature access to PHY registers after reset Dave Carroll <david.carroll(a)microsemi.com> scsi: aacraid: Insure command thread is not recursively stopped Shunyong Yang <shunyong.yang(a)hxt-semitech.com> cpufreq: CPPC: Initialize shared perf capabilities of CPUs Carlos Maiolino <cmaiolino(a)redhat.com> Force log to disk before reading the AGF during a fstrim Jens Axboe <axboe(a)kernel.dk> sr: get/drop reference to device in revalidate and check_events Tom Abraham <tabraham(a)suse.com> swap: divide-by-zero when zero length swap file on ssd Danilo Krummrich <danilokrummrich(a)dk-develop.de> fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table Joerg Roedel <joro(a)8bytes.org> x86/pgtable: Don't set huge PUD/PMD on non-leaf entries Rich Felker <dalias(a)libc.org> sh: fix debug trap failure to process signals before return to user Yelena Krivosheev <yelena(a)marvell.com> net: mvneta: fix enable of all initialized RXQs Toshiaki Makita <makita.toshiaki(a)lab.ntt.co.jp> net: Fix untag for vlan packets without ethernet header Vinayak Menon <vinmenon(a)codeaurora.org> mm/kmemleak.c: wait for scan completion before disabling free Cong Wang <xiyou.wangcong(a)gmail.com> llc: properly handle dev_queue_xmit() return value Giuseppe Lippolis <giu.lippolis(a)gmail.com> net-usb: add qmi_wwan if on lte modem wistron neweb d18q1 Torsten Hilbrich <torsten.hilbrich(a)secunet.com> net/usb/qmi_wwan.c: Add USB id for lt4120 modem Pawel Dembicki <paweldembicki(a)gmail.com> net: qmi_wwan: add BroadMobi BM806U 2020:2033 Jinbum Park <jinb.park7(a)gmail.com> ARM: 8748/1: mm: Define vdso_start, vdso_end as array Linus Lüssing <linus.luessing(a)c0d3.blue> batman-adv: fix packet loss for broadcasted DHCP packets to a server Linus Lüssing <linus.luessing(a)c0d3.blue> batman-adv: fix multicast-via-unicast transmission with AP isolation Masami Hiramatsu <mhiramat(a)kernel.org> selftests: ftrace: Add a testcase for probepoint Masami Hiramatsu <mhiramat(a)kernel.org> selftests: ftrace: Add a testcase for string type with kprobe_event Masami Hiramatsu <mhiramat(a)kernel.org> selftests: ftrace: Add probe event argument syntax testcase Yisheng Xie <xieyisheng1(a)huawei.com> mm/mempolicy.c: avoid use uninitialized preferred_node Chien Tin Tung <chien.tin.tung(a)intel.com> RDMA/ucma: Correct option size check using optlen Song Liu <songliubraving(a)fb.com> perf/cgroup: Fix child event counting bug Stefano Brivio <sbrivio(a)redhat.com> vti4: Don't override MTU passed on link creation via IFLA_MTU Stefano Brivio <sbrivio(a)redhat.com> vti4: Don't count header length twice on tunnel setup Matthias Schiffer <mschiffer(a)universe-factory.net> batman-adv: fix header size check in batadv_dbg_arp() Toshiaki Makita <makita.toshiaki(a)lab.ntt.co.jp> net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off Rob Herring <robh(a)kernel.org> microblaze: switch to NO_BOOTMEM Cathy Zhou <Cathy.Zhou(a)Oracle.COM> sunvnet: does not support GSO for sctp Sabrina Dubroca <sd(a)queasysnail.net> ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu Arvind Yadav <arvind.yadav.cs(a)gmail.com> workqueue: use put_device() instead of kfree() Michael Chan <michael.chan(a)broadcom.com> bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa(). Florian Westphal <fw(a)strlen.de> netfilter: ebtables: fix erroneous reject of last rule Fredrik Noring <noring(a)nocrew.org> USB: OHCI: Fix NULL dereference in HCDs using HCD_LOCAL_MEM Arvind Yadav <arvind.yadav.cs(a)gmail.com> xen: xenbus: use put_device() instead of kfree() Peter Malone <peter.malone(a)gmail.com> fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper(). Jeremy Cline <jeremy(a)jcline.org> scsi: sd: Keep disk read-only when re-reading partition Hannes Reinecke <hare(a)suse.de> scsi: mpt3sas: Do not mark fw_event workqueue as WQ_MEM_RECLAIM Merlijn Wajer <merlijn(a)wizzup.org> usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers Pierre-Yves Kerbrat <pkerbrat(a)kalray.eu> e1000e: allocate ring descriptors with dma_zalloc_coherent Benjamin Poirier <bpoirier(a)suse.com> e1000e: Fix check_for_link return value with autoneg off Igor Pylypiv <igor.pylypiv(a)gmail.com> watchdog: f71808e_wdt: Fix magic close handling Paul Mackerras <paulus(a)ozlabs.org> KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing Michael Ellerman <mpe(a)ellerman.id.au> selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable Filipe Manana <fdmanana(a)suse.com> Btrfs: send, fix issuing write op when processing hole in no data mode Roger Pau Monne <roger.pau(a)citrix.com> xen/pirq: fix error path cleanup when binding MSIs Joey Pabalinas <joeypabalinas(a)gmail.com> net/tcp/illinois: replace broken algorithm reference link Claudiu Manoil <claudiu.manoil(a)nxp.com> gianfar: Fix Rx byte accounting for ndev stats Xin Long <lucien.xin(a)gmail.com> sit: fix IFLA_MTU ignored on NEWLINK Tang Junhui <tang.junhui(a)zte.com.cn> bcache: fix kcrashes with fio in RAID5 backend dev Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3 Dave Airlie <airlied(a)redhat.com> virtio-gpu: fix ioctl and expose the fixed status to userspace. Eric Dumazet <edumazet(a)google.com> r8152: fix tx packets accounting Colin Ian King <colin.king(a)canonical.com> clocksource/drivers/fsl_ftm_timer: Fix error return checking Jianchao Wang <jianchao.w.wang(a)oracle.com> nvme-pci: Fix nvme queue cleanup if IRQ setup fails Florian Westphal <fw(a)strlen.de> netfilter: ebtables: convert BUG_ONs to WARN_ONs Matthias Schiffer <mschiffer(a)universe-factory.net> batman-adv: invalidate checksum on fragment reassembly Matthias Schiffer <mschiffer(a)universe-factory.net> batman-adv: fix packet checksum in receive path Yufen Yu <yuyufen(a)huawei.com> md/raid1: fix NULL pointer dereference Mauro Carvalho Chehab <mchehab(a)s-opensource.com> media: dmxdev: fix error code for invalid ioctls Samuel Neves <sneves(a)dei.uc.pt> x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations Andrea Parri <parri.andrea(a)gmail.com> locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs Johannes Berg <johannes.berg(a)intel.com> regulatory: add NUL to request alpha2 Eric Dumazet <edumazet(a)google.com> smsc75xx: fix smsc75xx_set_features() Tony Lindgren <tony(a)atomide.com> ARM: OMAP: Fix dmtimer init for omap1 Sebastian Ott <sebott(a)linux.vnet.ibm.com> s390/cio: clear timer when terminating driver I/O Sebastian Ott <sebott(a)linux.vnet.ibm.com> s390/cio: fix return code after missing interrupt Mark Lord <mlord(a)pobox.com> powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access David Rientjes <rientjes(a)google.com> kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE Arnd Bergmann <arnd(a)arndb.de> md: raid5: avoid string overflow warning Andrea Parri <parri.andrea(a)gmail.com> locking/xchg/alpha: Add unconditional memory barrier to cmpxchg() Andreas Kemnade <andreas(a)kemnade.info> usb: musb: fix enumeration after resume Markus Elfring <elfring(a)users.sourceforge.net> drm/exynos: g2d: Delete an error message for a failed memory allocation in two functions Wolfram Sang <wsa+renesas(a)sang-engineering.com> drm/exynos: fix comparison to bitshift when dealing with a mask Yufen Yu <yuyufen(a)huawei.com> md raid10: fix NULL deference in handle_write_completed() Felix Fietkau <nbd(a)nbd.name> mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 Kees Cook <keescook(a)chromium.org> NFC: llcp: Limit size of SDP URI Geert Uytterhoeven <geert+renesas(a)glider.be> ARM: OMAP1: clock: Fix debugfs_create_*() usage Tony Lindgren <tony(a)atomide.com> ARM: OMAP3: Fix prm wake interrupt for resume Qi Hou <qi.hou(a)windriver.com> ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt Manish Rangankar <manish.rangankar(a)cavium.com> scsi: qla4xxx: skip error recovery in case of register disconnect. Meelis Roos <mroos(a)linux.ee> scsi: aacraid: fix shutdown crash when init fails Michael Kelley (EOSG) <Michael.H.Kelley(a)microsoft.com> scsi: storvsc: Increase cmd_per_lun for higher speed devices Anders Roxell <anders.roxell(a)linaro.org> selftests: memfd: add config fragment for fuse Vardan Mikayelyan <mvardan(a)synopsys.com> usb: dwc2: Fix dwc2_hsotg_core_init_disconnected() Stefan Agner <stefan(a)agner.ch> usb: gadget: fsl_udc_core: fix ep valid checks John Keeping <john(a)metanate.com> usb: gadget: f_uac2: fix bFirstInterface in composite gadget Ulf Magnusson <ulfalizer(a)gmail.com> ARC: Fix malformed ARC_EMUL_UNALIGNED default Bart Van Assche <bart.vanassche(a)wdc.com> scsi: qla2xxx: Avoid triggering undefined behavior in qla2x00_mbx_completion() Dan Carpenter <dan.carpenter(a)oracle.com> scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() Dan Carpenter <dan.carpenter(a)oracle.com> scsi: sym53c8xx_2: iterator underflow in sym_getsync() Chad Dupuis <chad.dupuis(a)cavium.com> scsi: bnx2fc: Fix check in SCSI completion handler for timed out request Sujit Reddy Thumma <sthumma(a)codeaurora.org> scsi: ufs: Enable quirk to ignore sending WRITE_SAME command Mark Salter <msalter(a)redhat.com> irqchip/gic-v3: Change pr_debug message to pr_devel Will Deacon <will.deacon(a)arm.com> locking/qspinlock: Ensure node->count is updated before initialising node Jesper Dangaard Brouer <brouer(a)redhat.com> tools/libbpf: handle issues with bpf ELF objects containing .eh_frames Tang Junhui <tang.junhui(a)zte.com.cn> bcache: return attach error when no cache set exist Tang Junhui <tang.junhui(a)zte.com.cn> bcache: fix for data collapse after re-attaching an attached device Tang Junhui <tang.junhui(a)zte.com.cn> bcache: fix for allocator and register thread race Coly Li <colyli(a)suse.de> bcache: properly set task state in bch_writeback_thread() Arnd Bergmann <arnd(a)arndb.de> cifs: silence compiler warnings showing up with gcc-8.0.0 Alexey Dobriyan <adobriyan(a)gmail.com> proc: fix /proc/*/map_files lookup Will Deacon <will.deacon(a)arm.com> arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics Guanglei Li <guanglei.li(a)oracle.com> RDS: IB: Fix null pointer issue Ross Lagerwall <ross.lagerwall(a)citrix.com> xen/grant-table: Use put_page instead of free_page Ross Lagerwall <ross.lagerwall(a)citrix.com> xen-netfront: Fix race between device setup and open Matt Redfearn <matt.redfearn(a)mips.com> MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS Yonghong Song <yhs(a)fb.com> bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y Chen Yu <yu.c.chen(a)intel.com> ACPI: processor_perflib: Do not send _PPC change notification if not ready Jean Delvare <jdelvare(a)suse.de> firmware: dmi_scan: Fix handling of empty DMI strings Arnd Bergmann <arnd(a)arndb.de> x86/power: Fix swsusp_arch_resume prototype Alex Estrin <alex.estrin(a)intel.com> IB/ipoib: Fix for potential no-carrier state Mel Gorman <mgorman(a)techsingularity.net> mm: pin address_space before dereferencing it while isolating an LRU page Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> asm-generic: provide generic_pmdp_establish() Yisheng Xie <xieyisheng1(a)huawei.com> mm/mempolicy: add nodes_empty check in SYSC_migrate_pages Yisheng Xie <xieyisheng1(a)huawei.com> mm/mempolicy: fix the check of nodemask from user piaojun <piaojun(a)huawei.com> ocfs2: return error when we attempt to access a dirty bh in jbd2 piaojun <piaojun(a)huawei.com> ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute piaojun <piaojun(a)huawei.com> ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid Logan Gunthorpe <logang(a)deltatee.com> ntb_transport: Fix bug with max_mw_size parameter Leon Romanovsky <leonro(a)mellanox.com> RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure Michael Bringmann <mwb(a)linux.vnet.ibm.com> powerpc/numa: Ensure nodes initialized for hotplug Michael Bringmann <mwb(a)linux.vnet.ibm.com> powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes Jake Daryll Obina <jake.obina(a)gmail.com> jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path Dan Carpenter <dan.carpenter(a)oracle.com> HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() Arnd Bergmann <arnd(a)arndb.de> scsi: fas216: fix sense buffer initialization Liu Bo <bo.li.liu(a)oracle.com> Btrfs: fix scrub to repair raid6 corruption Nikolay Borisov <nborisov(a)suse.com> btrfs: Fix out of bounds access in btrfs_search_slot Liu Bo <bo.li.liu(a)oracle.com> Btrfs: set plug for fsync Wei Yongjun <weiyongjun1(a)huawei.com> ipmi/powernv: Fix error return code in ipmi_powernv_probe() weiyongjun (A) <weiyongjun1(a)huawei.com> mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl() Ulf Magnusson <ulfalizer(a)gmail.com> kconfig: Fix expr_free() E_NOT leak Ulf Magnusson <ulfalizer(a)gmail.com> kconfig: Fix automatic menu creation mem leak Ulf Magnusson <ulfalizer(a)gmail.com> kconfig: Don't leak main menus during parsing Guenter Roeck <linux(a)roeck-us.net> watchdog: sp5100_tco: Fix watchdog disable bit Jan Chochol <jan(a)chochol.info> nfs: Do not convert nfs_idmap_cache_timeout to jiffies mulhern <amulhern(a)redhat.com> dm thin: fix documentation relative to low water mark threshold Steven Rostedt (VMware) <rostedt(a)goodmis.org> tools lib traceevent: Fix get_field_str() for dynamic strings Arnaldo Carvalho de Melo <acme(a)redhat.com> perf callchain: Fix attr.sample_max_stack setting Steven Rostedt (VMware) <rostedt(a)goodmis.org> tools lib traceevent: Simplify pointer print logic and fix %pF Alex Williamson <alex.williamson(a)redhat.com> PCI: Add function 1 DMA alias quirk for Marvell 9128 Anna-Maria Gleixner <anna-maria(a)linutronix.de> tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account Paolo Bonzini <pbonzini(a)redhat.com> kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl Dan Carpenter <dan.carpenter(a)oracle.com> ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() Takashi Iwai <tiwai(a)suse.de> ALSA: hda - Use IS_REACHABLE() for dependency on input NeilBrown <neilb(a)suse.com> NFSv4: always set NFS_LOCK_LOST when a lock is lost. Hector Martin <marcan(a)marcan.st> firewire-ohci: work around oversized DMA reads on JMicron controllers Al Viro <viro(a)zeniv.linux.org.uk> do d_instantiate/unlock_new_inode combinations safely Brian Foster <bfoster(a)redhat.com> xfs: remove racy hasattr check from attr ops zhongjiang <zhongjiang(a)huawei.com> kernel/signal.c: avoid undefined behaviour in kill_something_info Gustavo A. R. Silva <gustavo(a)embeddedor.com> kernel/sys.c: fix potential Spectre v1 issue David Hildenbrand <david(a)redhat.com> kasan: fix memory hotplug during boot Davidlohr Bueso <dave(a)stgolabs.net> ipc/shm: fix shmat() nil address after round-down when remapping Davidlohr Bueso <dave(a)stgolabs.net> Revert "ipc/shm: Fix shmat mmap nil-page protection" Joe Jin <joe.jin(a)oracle.com> xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent Sudip Mukherjee <sudipm.mukherjee(a)gmail.com> libata: blacklist Micron 500IT SSD with MU01 firmware Tejun Heo <tj(a)kernel.org> libata: Blacklist some Sandisk SSDs for NCQ Corneliu Doban <corneliu.doban(a)broadcom.com> mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register Ben Hutchings <ben.hutchings(a)codethink.co.uk> ALSA: timer: Fix pause event notification Al Viro <viro(a)zeniv.linux.org.uk> aio: fix io_destroy(2) vs. lookup_ioctx() race Al Viro <viro(a)zeniv.linux.org.uk> affs_lookup(): close a race with affs_remove_link() Colin Ian King <colin.king(a)canonical.com> KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable" Maciej W. Rozycki <macro(a)mips.com> MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs Maciej W. Rozycki <macro(a)mips.com> MIPS: ptrace: Expose FIR register through FP regset ------------- Diffstat: Documentation/device-mapper/thin-provisioning.txt | 8 +- Makefile | 4 +- arch/alpha/include/asm/xchg.h | 30 +++++-- arch/arc/Kconfig | 1 - arch/arm/boot/dts/socfpga.dtsi | 2 +- arch/arm/include/asm/vdso.h | 2 - arch/arm/kernel/vdso.c | 12 +-- arch/arm/mach-omap1/clock.c | 6 +- arch/arm/mach-omap2/pm.c | 4 +- arch/arm/mach-omap2/timer.c | 19 +++-- arch/arm/plat-omap/dmtimer.c | 7 +- arch/arm64/include/asm/spinlock.h | 4 +- arch/m68k/coldfire/device.c | 12 ++- arch/microblaze/Kconfig | 1 + arch/microblaze/mm/init.c | 56 ++----------- arch/mips/cavium-octeon/octeon-irq.c | 10 +-- arch/mips/include/asm/mach-ath79/ar71xx_regs.h | 2 +- arch/mips/kernel/ptrace.c | 22 ++++- arch/mips/kernel/ptrace32.c | 4 +- arch/mips/kvm/mips.c | 2 +- arch/mips/txx9/rbtx4939/setup.c | 4 +- arch/powerpc/include/asm/irq_work.h | 1 + arch/powerpc/kvm/book3s_hv.c | 12 +-- arch/powerpc/mm/numa.c | 78 ++++++++++++++--- arch/powerpc/net/bpf_jit_comp.c | 3 + arch/powerpc/perf/core-book3s.c | 25 ++++++ arch/powerpc/sysdev/mpic.c | 2 +- arch/s390/include/asm/nospec-insn.h | 13 +++ arch/s390/kernel/asm-offsets.c | 1 + arch/s390/kernel/mcount.S | 14 ++-- arch/sh/kernel/entry-common.S | 2 +- arch/sparc/include/asm/atomic_64.h | 6 +- arch/x86/kernel/apic/apic.c | 2 +- arch/x86/kernel/devicetree.c | 21 +++-- arch/x86/kernel/smpboot.c | 1 + arch/x86/kvm/lapic.c | 10 ++- arch/x86/kvm/vmx.c | 20 +++-- arch/x86/kvm/x86.c | 7 +- arch/x86/mm/pgtable.c | 9 ++ arch/x86/power/hibernate_32.c | 2 +- arch/x86/power/hibernate_64.c | 2 +- drivers/acpi/acpi_pad.c | 3 + drivers/acpi/acpica/evevent.c | 9 +- drivers/acpi/acpica/nseval.c | 8 ++ drivers/acpi/processor_perflib.c | 2 +- drivers/ata/libata-core.c | 6 ++ drivers/block/paride/pcd.c | 2 + drivers/bluetooth/btusb.c | 6 ++ drivers/cdrom/cdrom.c | 3 - drivers/cdrom/gdrom.c | 3 + drivers/char/hw_random/stm32-rng.c | 9 ++ drivers/char/ipmi/ipmi_powernv.c | 5 +- drivers/char/ipmi/ipmi_ssif.c | 4 +- drivers/clk/clk.c | 3 + drivers/clk/rockchip/clk-mmc-phase.c | 23 +++++ drivers/clk/samsung/clk-exynos3250.c | 4 +- drivers/clk/samsung/clk-exynos5250.c | 8 +- drivers/clk/samsung/clk-exynos5260.c | 2 +- drivers/clk/samsung/clk-exynos5433.c | 12 +-- drivers/clk/samsung/clk-s3c2410.c | 16 ++-- drivers/clocksource/fsl_ftm_timer.c | 2 +- drivers/cpufreq/cppc_cpufreq.c | 23 ++++- drivers/crypto/sunxi-ss/sun4i-ss-core.c | 1 + drivers/dma/pl330.c | 6 +- drivers/dma/sh/rcar-dmac.c | 2 +- drivers/firewire/ohci.c | 8 +- drivers/firmware/dmi_scan.c | 22 ++--- drivers/gpu/drm/exynos/exynos_drm_g2d.c | 6 +- drivers/gpu/drm/exynos/regs-fimc.h | 2 +- drivers/gpu/drm/rockchip/rockchip_drm_gem.c | 7 +- drivers/gpu/drm/virtio/virtgpu_ioctl.c | 17 ++-- drivers/hid/hid-roccat-kovaplus.c | 2 + drivers/hwmon/nct6775.c | 10 +-- drivers/hwmon/pmbus/adm1275.c | 4 +- drivers/hwmon/pmbus/max8688.c | 2 +- drivers/i2c/busses/i2c-mv64xxx.c | 8 +- drivers/ide/ide-cd.c | 2 + drivers/infiniband/core/ucma.c | 2 +- drivers/infiniband/hw/mlx5/qp.c | 5 +- drivers/infiniband/ulp/ipoib/ipoib_main.c | 3 + drivers/irqchip/irq-gic-v3.c | 2 +- drivers/md/bcache/alloc.c | 4 +- drivers/md/bcache/bcache.h | 2 +- drivers/md/bcache/btree.c | 9 +- drivers/md/bcache/request.c | 2 +- drivers/md/bcache/super.c | 23 +++-- drivers/md/bcache/sysfs.c | 11 ++- drivers/md/bcache/writeback.c | 27 ++++-- drivers/md/raid1.c | 11 +++ drivers/md/raid10.c | 6 +- drivers/md/raid5.c | 7 +- drivers/media/dvb-core/dmxdev.c | 2 +- drivers/media/pci/cx23885/cx23885-cards.c | 4 + drivers/media/pci/cx23885/cx23885-core.c | 10 +++ drivers/media/pci/cx25821/cx25821-core.c | 7 +- drivers/media/platform/s3c-camif/camif-capture.c | 7 +- drivers/media/usb/em28xx/em28xx.h | 2 +- drivers/message/fusion/mptctl.c | 2 + drivers/mmc/host/sdhci-iproc.c | 30 +++++-- drivers/net/ethernet/broadcom/bgmac.c | 3 +- drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 + drivers/net/ethernet/cisco/enic/enic_main.c | 10 ++- drivers/net/ethernet/freescale/gianfar.c | 7 +- drivers/net/ethernet/intel/e1000e/ich8lan.c | 2 +- drivers/net/ethernet/intel/e1000e/mac.c | 2 +- drivers/net/ethernet/intel/e1000e/netdev.c | 4 +- drivers/net/ethernet/marvell/mvneta.c | 1 + drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 2 +- drivers/net/ethernet/sun/sunvnet.c | 2 +- drivers/net/phy/dp83640.c | 18 ++++ drivers/net/usb/qmi_wwan.c | 5 ++ drivers/net/usb/r8152.c | 2 +- drivers/net/usb/smsc75xx.c | 7 +- drivers/net/virtio_net.c | 2 +- drivers/net/wireless/ath/ath10k/mac.c | 10 +++ drivers/net/wireless/mac80211_hwsim.c | 4 +- drivers/net/xen-netfront.c | 46 +++++----- drivers/ntb/ntb_transport.c | 3 + drivers/nvme/host/pci.c | 5 +- drivers/parisc/lba_pci.c | 20 ++++- drivers/pci/pci-driver.c | 17 ++-- drivers/pci/quirks.c | 5 ++ drivers/regulator/of_regulator.c | 1 + drivers/rtc/hctosys.c | 5 ++ drivers/rtc/rtc-snvs.c | 15 +++- drivers/rtc/rtc-tx4939.c | 6 +- drivers/s390/cio/device_fsm.c | 7 +- drivers/s390/cio/io_sch.h | 1 + drivers/scsi/aacraid/commsup.c | 4 +- drivers/scsi/aacraid/linit.c | 5 +- drivers/scsi/arm/fas216.c | 2 +- drivers/scsi/bnx2fc/bnx2fc_io.c | 1 + drivers/scsi/lpfc/lpfc_attr.c | 5 ++ drivers/scsi/lpfc/lpfc_hbadisc.c | 5 +- drivers/scsi/lpfc/lpfc_sli.c | 2 + drivers/scsi/mpt3sas/mpt3sas_scsih.c | 2 +- drivers/scsi/qla2xxx/qla_isr.c | 6 +- drivers/scsi/qla4xxx/ql4_def.h | 2 + drivers/scsi/qla4xxx/ql4_os.c | 46 ++++++++++ drivers/scsi/sd.c | 3 +- drivers/scsi/sr.c | 21 ++++- drivers/scsi/storvsc_drv.c | 2 +- drivers/scsi/sym53c8xx_2/sym_hipd.c | 2 +- drivers/scsi/ufs/ufshcd.c | 2 + drivers/staging/rtl8192u/r8192U_core.c | 2 + drivers/tty/serial/arc_uart.c | 5 ++ drivers/tty/serial/fsl_lpuart.c | 4 + drivers/tty/serial/imx.c | 6 ++ drivers/tty/serial/mxs-auart.c | 4 + drivers/tty/serial/samsung.c | 4 + drivers/tty/serial/xilinx_uartps.c | 2 +- drivers/usb/dwc2/core.h | 2 +- drivers/usb/dwc2/gadget.c | 12 +-- drivers/usb/dwc3/core.h | 2 + drivers/usb/gadget/composite.c | 40 +++++---- drivers/usb/gadget/function/f_fs.c | 6 +- drivers/usb/gadget/function/f_uac2.c | 2 + drivers/usb/gadget/udc/fsl_udc_core.c | 4 +- drivers/usb/gadget/udc/goku_udc.h | 2 +- drivers/usb/host/ohci-hcd.c | 3 +- drivers/usb/host/xhci-mem.c | 2 + drivers/usb/musb/musb_core.c | 5 +- drivers/video/fbdev/sbuslib.c | 4 +- drivers/watchdog/f71808e_wdt.c | 3 +- drivers/watchdog/sp5100_tco.h | 2 +- drivers/xen/events/events_base.c | 4 +- drivers/xen/grant-table.c | 4 +- drivers/xen/swiotlb-xen.c | 2 +- drivers/xen/xen-acpi-processor.c | 6 +- drivers/xen/xenbus/xenbus_probe.c | 5 +- drivers/zorro/zorro.c | 12 +++ fs/affs/namei.c | 10 ++- fs/aio.c | 4 +- fs/btrfs/ctree.c | 12 ++- fs/btrfs/disk-io.c | 2 +- fs/btrfs/extent-tree.c | 1 + fs/btrfs/file.c | 9 ++ fs/btrfs/inode.c | 16 +--- fs/btrfs/raid56.c | 18 +++- fs/btrfs/send.c | 3 + fs/btrfs/tests/qgroup-tests.c | 2 +- fs/btrfs/tree-log.c | 12 ++- fs/btrfs/volumes.c | 9 +- fs/cifs/cifssmb.c | 4 +- fs/dcache.c | 22 +++++ fs/ecryptfs/inode.c | 3 +- fs/ext2/namei.c | 6 +- fs/ext4/namei.c | 6 +- fs/f2fs/namei.c | 12 +-- fs/fscache/page.c | 13 ++- fs/gfs2/file.c | 5 +- fs/gfs2/quota.h | 2 + fs/jffs2/dir.c | 12 +-- fs/jffs2/fs.c | 1 - fs/jfs/namei.c | 12 +-- fs/nfs/nfs4proc.c | 12 ++- fs/nfs/nfs4state.c | 5 +- fs/nfs/nfs4sysctl.c | 2 +- fs/nilfs2/namei.c | 6 +- fs/ocfs2/acl.c | 6 ++ fs/ocfs2/dlm/dlmdomain.c | 14 ---- fs/ocfs2/dlm/dlmdomain.h | 25 +++++- fs/ocfs2/dlm/dlmrecovery.c | 9 ++ fs/ocfs2/journal.c | 23 ++--- fs/ocfs2/super.c | 5 +- fs/ocfs2/xattr.c | 2 + fs/proc/base.c | 29 ++++++- fs/proc/proc_sysctl.c | 3 + fs/reiserfs/namei.c | 12 +-- fs/udf/namei.c | 6 +- fs/udf/super.c | 5 +- fs/ufs/namei.c | 6 +- fs/xfs/libxfs/xfs_attr.c | 6 -- fs/xfs/xfs_discard.c | 14 ++-- include/asm-generic/pgtable.h | 15 ++++ include/linux/dcache.h | 1 + include/linux/suspend.h | 2 + include/linux/usb/composite.h | 3 + include/net/ip.h | 11 ++- include/net/ip_fib.h | 1 + include/net/llc_conn.h | 2 +- include/net/mac80211.h | 2 +- include/net/regulatory.h | 2 +- include/net/route.h | 3 +- include/trace/events/timer.h | 20 ++++- include/uapi/drm/virtgpu_drm.h | 1 + include/uapi/linux/if_ether.h | 1 + ipc/shm.c | 19 +++-- kernel/audit.c | 2 + kernel/debug/kdb/kdb_main.c | 27 ++++-- kernel/events/core.c | 24 ++++-- kernel/locking/qspinlock.c | 8 ++ kernel/power/power.h | 3 - kernel/relay.c | 2 +- kernel/sched/rt.c | 2 + kernel/signal.c | 4 + kernel/sys.c | 3 + kernel/workqueue.c | 2 +- lib/test_bpf.c | 31 +++++-- mm/kasan/kasan.c | 2 +- mm/kmemleak.c | 12 +-- mm/ksm.c | 28 +++++++ mm/mempolicy.c | 36 ++++++-- mm/swapfile.c | 4 + mm/vmscan.c | 22 ++++- net/batman-adv/distributed-arp-table.c | 2 +- net/batman-adv/fragmentation.c | 3 +- net/batman-adv/gateway_client.c | 3 + net/batman-adv/multicast.c | 4 +- net/batman-adv/soft-interface.c | 8 +- net/bridge/netfilter/ebtables.c | 33 +++++--- net/core/skbuff.c | 9 +- net/ipv4/ip_vti.c | 2 - net/ipv4/route.c | 26 ++++-- net/ipv4/tcp_illinois.c | 2 +- net/ipv4/xfrm4_policy.c | 1 + net/ipv6/sit.c | 7 ++ net/llc/llc_c_ac.c | 15 ++-- net/llc/llc_conn.c | 32 +++++-- net/netlabel/netlabel_unlabeled.c | 10 +++ net/nfc/llcp_commands.c | 4 + net/nfc/netlink.c | 3 +- net/rds/ib.c | 3 +- scripts/kconfig/expr.c | 2 +- scripts/kconfig/menu.c | 1 + scripts/kconfig/zconf.y | 33 ++++++-- security/integrity/ima/Kconfig | 1 + security/integrity/ima/ima_crypto.c | 2 + security/integrity/ima/ima_main.c | 13 +++ sound/core/timer.c | 4 +- sound/core/vmaster.c | 5 +- sound/pci/hda/Kconfig | 1 - sound/pci/hda/patch_realtek.c | 5 ++ sound/soc/au1x/ac97c.c | 6 +- sound/soc/samsung/i2s.c | 13 ++- sound/soc/soc-topology.c | 3 + tools/lib/bpf/libbpf.c | 26 ++++++ tools/lib/traceevent/event-parse.c | 17 ++-- tools/lib/traceevent/parse-filter.c | 10 ++- tools/perf/tests/vmlinux-kallsyms.c | 2 +- tools/perf/util/evsel.c | 8 +- tools/perf/util/hist.c | 4 +- tools/perf/util/hist.h | 1 - tools/testing/selftests/Makefile | 1 + .../ftrace/test.d/kprobe/kprobe_args_string.tc | 46 ++++++++++ .../ftrace/test.d/kprobe/kprobe_args_syntax.tc | 97 ++++++++++++++++++++++ .../selftests/ftrace/test.d/kprobe/probepoint.tc | 43 ++++++++++ tools/testing/selftests/memfd/config | 1 + tools/testing/selftests/net/psock_fanout.c | 3 +- tools/testing/selftests/powerpc/mm/subpage_prot.c | 14 ++++ tools/thermal/tmon/sysfs.c | 12 +-- tools/thermal/tmon/tmon.c | 1 - 292 files changed, 1883 insertions(+), 687 deletions(-)

7 years, 5 months

17
294
0 0

[PATCHES] Networking

by David Miller

Please queue up the following networking bug fixes for v4.14 and v4.15 -stable, respecetively. Thank you!

7 years, 5 months

6
7
0 0

FAILED: patch "[PATCH] f2fs: truncate preallocated blocks in error case" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From dc7a10ddee0c56c6d891dd18de5c4ee9869545e0 Mon Sep 17 00:00:00 2001 From: Jaegeuk Kim <jaegeuk(a)kernel.org> Date: Fri, 30 Mar 2018 17:58:13 -0700 Subject: [PATCH] f2fs: truncate preallocated blocks in error case If write is failed, we must deallocate the blocks that we couldn't write. Cc: stable(a)vger.kernel.org Reviewed-by: Chao Yu <yuchao0(a)huawei.com> Signed-off-by: Jaegeuk Kim <jaegeuk(a)kernel.org> diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c index 8068b015ece5..6b94f19b3fa8 100644 --- a/fs/f2fs/file.c +++ b/fs/f2fs/file.c @@ -2911,6 +2911,8 @@ static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from) ret = generic_write_checks(iocb, from); if (ret > 0) { + bool preallocated = false; + size_t target_size = 0; int err; if (iov_iter_fault_in_readable(from, iov_iter_count(from))) @@ -2927,6 +2929,9 @@ static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from) } } else { + preallocated = true; + target_size = iocb->ki_pos + iov_iter_count(from); + err = f2fs_preallocate_blocks(iocb, from); if (err) { clear_inode_flag(inode, FI_NO_PREALLOC); @@ -2939,6 +2944,10 @@ static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from) blk_finish_plug(&plug); clear_inode_flag(inode, FI_NO_PREALLOC); + /* if we couldn't write data, we should deallocate blocks. */ + if (preallocated && i_size_read(inode) < target_size) + f2fs_truncate(inode); + if (ret > 0) f2fs_update_iostat(F2FS_I_SB(inode), APP_WRITE_IO, ret); }

7 years, 5 months

3
2
0 0

FAILED: patch "[PATCH] mm: hwpoison: disable memory error handling on 1GB hugepage" failed to apply to 4.14-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.14-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 31286a8484a85e8b4e91ddb0f5415aee8a416827 Mon Sep 17 00:00:00 2001 From: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Date: Thu, 5 Apr 2018 16:23:05 -0700 Subject: [PATCH] mm: hwpoison: disable memory error handling on 1GB hugepage Recently the following BUG was reported: Injecting memory failure for pfn 0x3c0000 at process virtual address 0x7fe300000000 Memory failure: 0x3c0000: recovery action for huge page: Recovered BUG: unable to handle kernel paging request at ffff8dfcc0003000 IP: gup_pgd_range+0x1f0/0xc20 PGD 17ae72067 P4D 17ae72067 PUD 0 Oops: 0000 [#1] SMP PTI ... CPU: 3 PID: 5467 Comm: hugetlb_1gb Not tainted 4.15.0-rc8-mm1-abc+ #3 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-1.fc25 04/01/2014 You can easily reproduce this by calling madvise(MADV_HWPOISON) twice on a 1GB hugepage. This happens because get_user_pages_fast() is not aware of a migration entry on pud that was created in the 1st madvise() event. I think that conversion to pud-aligned migration entry is working, but other MM code walking over page table isn't prepared for it. We need some time and effort to make all this work properly, so this patch avoids the reported bug by just disabling error handling for 1GB hugepage. [n-horiguchi(a)ah.jp.nec.com: v2] Link: http://lkml.kernel.org/r/1517284444-18149-1-git-send-email-n-horiguchi@ah.j… Link: http://lkml.kernel.org/r/1517207283-15769-1-git-send-email-n-horiguchi@ah.j… Signed-off-by: Naoya Horiguchi <n-horiguchi(a)ah.jp.nec.com> Acked-by: Michal Hocko <mhocko(a)suse.com> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Reviewed-by: Mike Kravetz <mike.kravetz(a)oracle.com> Acked-by: Punit Agrawal <punit.agrawal(a)arm.com> Tested-by: Michael Ellerman <mpe(a)ellerman.id.au> Cc: Anshuman Khandual <khandual(a)linux.vnet.ibm.com> Cc: "Aneesh Kumar K.V" <aneesh.kumar(a)linux.vnet.ibm.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/include/linux/mm.h b/include/linux/mm.h index 2e40a44a1fae..2e2be527642a 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -2613,6 +2613,7 @@ enum mf_action_page_type { MF_MSG_POISONED_HUGE, MF_MSG_HUGE, MF_MSG_FREE_HUGE, + MF_MSG_NON_PMD_HUGE, MF_MSG_UNMAP_FAILED, MF_MSG_DIRTY_SWAPCACHE, MF_MSG_CLEAN_SWAPCACHE, diff --git a/mm/memory-failure.c b/mm/memory-failure.c index 8291b75f42c8..2d4bf647cf01 100644 --- a/mm/memory-failure.c +++ b/mm/memory-failure.c @@ -502,6 +502,7 @@ static const char * const action_page_types[] = { [MF_MSG_POISONED_HUGE] = "huge page already hardware poisoned", [MF_MSG_HUGE] = "huge page", [MF_MSG_FREE_HUGE] = "free huge page", + [MF_MSG_NON_PMD_HUGE] = "non-pmd-sized huge page", [MF_MSG_UNMAP_FAILED] = "unmapping failed page", [MF_MSG_DIRTY_SWAPCACHE] = "dirty swapcache page", [MF_MSG_CLEAN_SWAPCACHE] = "clean swapcache page", @@ -1084,6 +1085,21 @@ static int memory_failure_hugetlb(unsigned long pfn, int flags) return 0; } + /* + * TODO: hwpoison for pud-sized hugetlb doesn't work right now, so + * simply disable it. In order to make it work properly, we need + * make sure that: + * - conversion of a pud that maps an error hugetlb into hwpoison + * entry properly works, and + * - other mm code walking over page table is aware of pud-aligned + * hwpoison entries. + */ + if (huge_page_size(page_hstate(head)) > PMD_SIZE) { + action_result(pfn, MF_MSG_NON_PMD_HUGE, MF_IGNORED); + res = -EBUSY; + goto out; + } + if (!hwpoison_user_mappings(p, pfn, flags, &head)) { action_result(pfn, MF_MSG_UNMAP_FAILED, MF_IGNORED); res = -EBUSY;

7 years, 5 months

3
2
0 0

[v4.14-stable] arm64: dts: stratix10: Fix SPI IRQ for Stratix10

by thor.thayer＠linux.intel.com

From: Thor Thayer <thor.thayer(a)linux.intel.com> Fix the SPI interrupt numbers for Stratix10. This is a backport for stable 4.9.x and 4.14.x branches. (original includes other changes that are not relevant to this branch): [backport 'commit 889d15090420 ("arm64: dts: stratix10: fix SPI settings")'] Cc: <stable(a)vger.kernel.org> # 4.9.x Cc: <stable(a)vger.kernel.org> # 4.14.x Fixes: 78cd6a9d8e154 ("arm64: dts: Add base stratix 10 dtsi") Signed-off-by: Thor Thayer <thor.thayer(a)linux.intel.com> --- arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi index 57f75453ee93..5db972c0492f 100644 --- a/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi +++ b/arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi @@ -230,7 +230,7 @@ #address-cells = <1>; #size-cells = <0>; reg = <0xffda4000 0x1000>; - interrupts = <0 101 4>; + interrupts = <0 99 4>; num-cs = <4>; status = "disabled"; }; @@ -240,7 +240,7 @@ #address-cells = <1>; #size-cells = <0>; reg = <0xffda5000 0x1000>; - interrupts = <0 102 4>; + interrupts = <0 100 4>; num-cs = <4>; status = "disabled"; }; -- 2.7.4

7 years, 5 months

2
1
0 0

10d94ff4d558b96b for 4.14.y

by Janne Huttunen

Please consider the upstream commit below for the 4.14.y branch. Without the fix the configuration mentioned in the commit message crashes every time immediately at boot. What's even worse, at least in our setup this crash is completely silent and the computer just seems to hang, so the user gets no hints what actually happened. commit 10d94ff4d558b96bfc4f55bb0051ae4d938246fe Author: Rakib Mullick <rakib.mullick(a)gmail.com> Date: Wed Nov 1 10:14:51 2017 +0600 irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1)

7 years, 5 months

2
2
0 0

[PATCH 4.9 v2] mlxsw: spectrum: Forbid linking of VLAN devices to devices that have uppers

by Ido Schimmel

Jiri Slaby noticed that the backport of upstream commit 25cc72a33835 ("mlxsw: spectrum: Forbid linking to devices that have uppers") to kernel 4.9.y introduced the same check twice in the same function instead of in two different places. Fix this by relocating one of the checks to its intended place, thus preventing unsupported configurations as described in the original commit. Fixes: 73ee5a73e75f ("mlxsw: spectrum: Forbid linking to devices that have uppers") Signed-off-by: Ido Schimmel <idosch(a)mellanox.com> Reported-by: Jiri Slaby <jslaby(a)suse.cz> --- Greg, didn't hear from you, so posting v2. Removed the "commit <sha1> upstream" line from the changelog which I think is what caused the confusion. Please let me know if further changes are required. Thanks. --- drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c index d50350c7adc4..22a5916e477e 100644 --- a/drivers/net/ethernet/mellanox/mlxsw/spectrum.c +++ b/drivers/net/ethernet/mellanox/mlxsw/spectrum.c @@ -4187,10 +4187,6 @@ static int mlxsw_sp_netdevice_port_upper_event(struct net_device *dev, if (netif_is_lag_port(dev) && is_vlan_dev(upper_dev) && !netif_is_lag_master(vlan_dev_real_dev(upper_dev))) return -EINVAL; - if (!info->linking) - break; - if (netdev_has_any_upper_dev(upper_dev)) - return -EINVAL; break; case NETDEV_CHANGEUPPER: upper_dev = info->upper_dev; @@ -4566,6 +4562,8 @@ static int mlxsw_sp_netdevice_vport_event(struct net_device *dev, return -EINVAL; if (!info->linking) break; + if (netdev_has_any_upper_dev(upper_dev)) + return -EINVAL; /* We can't have multiple VLAN interfaces configured on * the same port and being members in the same bridge. */ -- 2.14.4

7 years, 5 months

2
1
0 0

Request: d5ce4c31d6df518d for 4.14.y

by Janne Huttunen

Please consider the two upstream commits below for the 4.14.y branch. As a part of an automated test setup, we deploy a disk image into various types of hardware. With the current 4.14.y kernel and certain hardware configurations, the first attempt to write the image to the disk always fails with 'Remote I/O error'. Retrying the exact same command then always succeeds. The second patch below fixes this issue allowing the first attempt to work. It requires the first patch to compile without errors. commit 425a4dba7953e35ffd096771973add6d2f40d2ed Author: Ilya Dryomov <idryomov(a)gmail.com> Date: Mon Oct 16 15:59:09 2017 +0200 block: factor out __blkdev_issue_zero_pages() commit d5ce4c31d6df518dd8f63bbae20d7423c5018a6c Author: Ilya Dryomov <idryomov(a)gmail.com> Date: Mon Oct 16 15:59:10 2017 +0200 block: cope with WRITE ZEROES failing in blkdev_issue_zeroout()

7 years, 5 months

2
1
0 0

FAILED: patch "[PATCH] ext4: do not update s_last_mounted of a frozen fs" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From db6516a5e7ddb6dc72d167b920f2f272596ea22d Mon Sep 17 00:00:00 2001 From: Amir Goldstein <amir73il(a)gmail.com> Date: Sun, 13 May 2018 22:54:44 -0400 Subject: [PATCH] ext4: do not update s_last_mounted of a frozen fs If fs is frozen after mount and before the first file open, the update of s_last_mounted bypasses freeze protection and prints out a WARNING splat: $ mount /vdf $ fsfreeze -f /vdf $ cat /vdf/foo [ 31.578555] WARNING: CPU: 1 PID: 1415 at fs/ext4/ext4_jbd2.c:53 ext4_journal_check_start+0x48/0x82 [ 31.614016] Call Trace: [ 31.614997] __ext4_journal_start_sb+0xe4/0x1a4 [ 31.616771] ? ext4_file_open+0xb6/0x189 [ 31.618094] ext4_file_open+0xb6/0x189 If fs is frozen, skip s_last_mounted update. [backport hint: to apply to stable tree, need to apply also patches vfs: add the sb_start_intwrite_trylock() helper ext4: factor out helper ext4_sample_last_mounted()] Cc: stable(a)vger.kernel.org Fixes: bc0b0d6d69ee ("ext4: update the s_last_mounted field in the superblock") Signed-off-by: Amir Goldstein <amir73il(a)gmail.com> Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Reviewed-by: Jan Kara <jack(a)suse.cz> diff --git a/fs/ext4/file.c b/fs/ext4/file.c index c48ea76b63e4..7f8023340eb8 100644 --- a/fs/ext4/file.c +++ b/fs/ext4/file.c @@ -393,7 +393,7 @@ static int ext4_sample_last_mounted(struct super_block *sb, if (likely(sbi->s_mount_flags & EXT4_MF_MNTDIR_SAMPLED)) return 0; - if (sb_rdonly(sb)) + if (sb_rdonly(sb) || !sb_start_intwrite_trylock(sb)) return 0; sbi->s_mount_flags |= EXT4_MF_MNTDIR_SAMPLED; @@ -407,21 +407,25 @@ static int ext4_sample_last_mounted(struct super_block *sb, path.mnt = mnt; path.dentry = mnt->mnt_root; cp = d_path(&path, buf, sizeof(buf)); + err = 0; if (IS_ERR(cp)) - return 0; + goto out; handle = ext4_journal_start_sb(sb, EXT4_HT_MISC, 1); + err = PTR_ERR(handle); if (IS_ERR(handle)) - return PTR_ERR(handle); + goto out; BUFFER_TRACE(sbi->s_sbh, "get_write_access"); err = ext4_journal_get_write_access(handle, sbi->s_sbh); if (err) - goto out; + goto out_journal; strlcpy(sbi->s_es->s_last_mounted, cp, sizeof(sbi->s_es->s_last_mounted)); ext4_handle_dirty_super(handle, sb); -out: +out_journal: ext4_journal_stop(handle); +out: + sb_end_intwrite(sb); return err; }

7 years, 5 months

4
10
0 0

FAILED: patch "[PATCH] ext4: avoid running out of journal credits when appending to" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8bc1379b82b8e809eef77a9fedbb75c6c297be19 Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Sat, 16 Jun 2018 23:41:59 -0400 Subject: [PATCH] ext4: avoid running out of journal credits when appending to an inline file Use a separate journal transaction if it turns out that we need to convert an inline file to use an data block. Otherwise we could end up failing due to not having journal credits. This addresses CVE-2018-10883. https://bugzilla.kernel.org/show_bug.cgi?id=200071 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)kernel.org diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index 856b6a54d82b..859d6433dcc1 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -3013,9 +3013,6 @@ extern int ext4_inline_data_fiemap(struct inode *inode, struct iomap; extern int ext4_inline_data_iomap(struct inode *inode, struct iomap *iomap); -extern int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed); extern int ext4_inline_data_truncate(struct inode *inode, int *has_inline); extern int ext4_convert_inline_data(struct inode *inode); diff --git a/fs/ext4/inline.c b/fs/ext4/inline.c index d79115d8d716..851bc552d849 100644 --- a/fs/ext4/inline.c +++ b/fs/ext4/inline.c @@ -887,11 +887,11 @@ int ext4_da_write_inline_data_begin(struct address_space *mapping, flags |= AOP_FLAG_NOFS; if (ret == -ENOSPC) { + ext4_journal_stop(handle); ret = ext4_da_convert_inline_data_to_extent(mapping, inode, flags, fsdata); - ext4_journal_stop(handle); if (ret == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) goto retry_journal; @@ -1891,42 +1891,6 @@ int ext4_inline_data_fiemap(struct inode *inode, return (error < 0 ? error : 0); } -/* - * Called during xattr set, and if we can sparse space 'needed', - * just create the extent tree evict the data to the outer block. - * - * We use jbd2 instead of page cache to move data to the 1st block - * so that the whole transaction can be committed as a whole and - * the data isn't lost because of the delayed page cache write. - */ -int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed) -{ - int error; - struct ext4_xattr_entry *entry; - struct ext4_inode *raw_inode; - struct ext4_iloc iloc; - - error = ext4_get_inode_loc(inode, &iloc); - if (error) - return error; - - raw_inode = ext4_raw_inode(&iloc); - entry = (struct ext4_xattr_entry *)((void *)raw_inode + - EXT4_I(inode)->i_inline_off); - if (EXT4_XATTR_LEN(entry->e_name_len) + - EXT4_XATTR_SIZE(le32_to_cpu(entry->e_value_size)) < needed) { - error = -ENOSPC; - goto out; - } - - error = ext4_convert_inline_data_nolock(handle, inode, &iloc); -out: - brelse(iloc.bh); - return error; -} - int ext4_inline_data_truncate(struct inode *inode, int *has_inline) { handle_t *handle; diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 72377b77fbd7..723df14f4084 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -2212,23 +2212,8 @@ int ext4_xattr_ibody_inline_set(handle_t *handle, struct inode *inode, if (EXT4_I(inode)->i_extra_isize == 0) return -ENOSPC; error = ext4_xattr_set_entry(i, s, handle, inode, false /* is_block */); - if (error) { - if (error == -ENOSPC && - ext4_has_inline_data(inode)) { - error = ext4_try_to_evict_inline_data(handle, inode, - EXT4_XATTR_LEN(strlen(i->name) + - EXT4_XATTR_SIZE(i->value_len))); - if (error) - return error; - error = ext4_xattr_ibody_find(inode, i, is); - if (error) - return error; - error = ext4_xattr_set_entry(i, s, handle, inode, - false /* is_block */); - } - if (error) - return error; - } + if (error) + return error; header = IHDR(inode, ext4_raw_inode(&is->iloc)); if (!IS_LAST_ENTRY(s->first)) { header->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC);

7 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] ext4: avoid running out of journal credits when appending to" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8bc1379b82b8e809eef77a9fedbb75c6c297be19 Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Sat, 16 Jun 2018 23:41:59 -0400 Subject: [PATCH] ext4: avoid running out of journal credits when appending to an inline file Use a separate journal transaction if it turns out that we need to convert an inline file to use an data block. Otherwise we could end up failing due to not having journal credits. This addresses CVE-2018-10883. https://bugzilla.kernel.org/show_bug.cgi?id=200071 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)kernel.org diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index 856b6a54d82b..859d6433dcc1 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -3013,9 +3013,6 @@ extern int ext4_inline_data_fiemap(struct inode *inode, struct iomap; extern int ext4_inline_data_iomap(struct inode *inode, struct iomap *iomap); -extern int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed); extern int ext4_inline_data_truncate(struct inode *inode, int *has_inline); extern int ext4_convert_inline_data(struct inode *inode); diff --git a/fs/ext4/inline.c b/fs/ext4/inline.c index d79115d8d716..851bc552d849 100644 --- a/fs/ext4/inline.c +++ b/fs/ext4/inline.c @@ -887,11 +887,11 @@ int ext4_da_write_inline_data_begin(struct address_space *mapping, flags |= AOP_FLAG_NOFS; if (ret == -ENOSPC) { + ext4_journal_stop(handle); ret = ext4_da_convert_inline_data_to_extent(mapping, inode, flags, fsdata); - ext4_journal_stop(handle); if (ret == -ENOSPC && ext4_should_retry_alloc(inode->i_sb, &retries)) goto retry_journal; @@ -1891,42 +1891,6 @@ int ext4_inline_data_fiemap(struct inode *inode, return (error < 0 ? error : 0); } -/* - * Called during xattr set, and if we can sparse space 'needed', - * just create the extent tree evict the data to the outer block. - * - * We use jbd2 instead of page cache to move data to the 1st block - * so that the whole transaction can be committed as a whole and - * the data isn't lost because of the delayed page cache write. - */ -int ext4_try_to_evict_inline_data(handle_t *handle, - struct inode *inode, - int needed) -{ - int error; - struct ext4_xattr_entry *entry; - struct ext4_inode *raw_inode; - struct ext4_iloc iloc; - - error = ext4_get_inode_loc(inode, &iloc); - if (error) - return error; - - raw_inode = ext4_raw_inode(&iloc); - entry = (struct ext4_xattr_entry *)((void *)raw_inode + - EXT4_I(inode)->i_inline_off); - if (EXT4_XATTR_LEN(entry->e_name_len) + - EXT4_XATTR_SIZE(le32_to_cpu(entry->e_value_size)) < needed) { - error = -ENOSPC; - goto out; - } - - error = ext4_convert_inline_data_nolock(handle, inode, &iloc); -out: - brelse(iloc.bh); - return error; -} - int ext4_inline_data_truncate(struct inode *inode, int *has_inline) { handle_t *handle; diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 72377b77fbd7..723df14f4084 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -2212,23 +2212,8 @@ int ext4_xattr_ibody_inline_set(handle_t *handle, struct inode *inode, if (EXT4_I(inode)->i_extra_isize == 0) return -ENOSPC; error = ext4_xattr_set_entry(i, s, handle, inode, false /* is_block */); - if (error) { - if (error == -ENOSPC && - ext4_has_inline_data(inode)) { - error = ext4_try_to_evict_inline_data(handle, inode, - EXT4_XATTR_LEN(strlen(i->name) + - EXT4_XATTR_SIZE(i->value_len))); - if (error) - return error; - error = ext4_xattr_ibody_find(inode, i, is); - if (error) - return error; - error = ext4_xattr_set_entry(i, s, handle, inode, - false /* is_block */); - } - if (error) - return error; - } + if (error) + return error; header = IHDR(inode, ext4_raw_inode(&is->iloc)); if (!IS_LAST_ENTRY(s->first)) { header->h_magic = cpu_to_le32(EXT4_XATTR_MAGIC);

7 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] ext4: never move the system.data xattr out of the inode body" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8cdb5240ec5928b20490a2bb34cb87e9a5f40226 Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Sat, 16 Jun 2018 15:40:48 -0400 Subject: [PATCH] ext4: never move the system.data xattr out of the inode body When expanding the extra isize space, we must never move the system.data xattr out of the inode body. For performance reasons, it doesn't make any sense, and the inline data implementation assumes that system.data xattr is never in the external xattr block. This addresses CVE-2018-10880 https://bugzilla.kernel.org/show_bug.cgi?id=200005 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)kernel.org diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 0263692979ec..72377b77fbd7 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -2657,6 +2657,11 @@ static int ext4_xattr_make_inode_space(handle_t *handle, struct inode *inode, last = IFIRST(header); /* Find the entry best suited to be pushed into EA block */ for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) { + /* never move system.data out of the inode */ + if ((last->e_name_len == 4) && + (last->e_name_index == EXT4_XATTR_INDEX_SYSTEM) && + !memcmp(last->e_name, "data", 4)) + continue; total_size = EXT4_XATTR_LEN(last->e_name_len); if (!last->e_value_inum) total_size += EXT4_XATTR_SIZE(

7 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] ext4: never move the system.data xattr out of the inode body" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8cdb5240ec5928b20490a2bb34cb87e9a5f40226 Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Sat, 16 Jun 2018 15:40:48 -0400 Subject: [PATCH] ext4: never move the system.data xattr out of the inode body When expanding the extra isize space, we must never move the system.data xattr out of the inode body. For performance reasons, it doesn't make any sense, and the inline data implementation assumes that system.data xattr is never in the external xattr block. This addresses CVE-2018-10880 https://bugzilla.kernel.org/show_bug.cgi?id=200005 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)kernel.org diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 0263692979ec..72377b77fbd7 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -2657,6 +2657,11 @@ static int ext4_xattr_make_inode_space(handle_t *handle, struct inode *inode, last = IFIRST(header); /* Find the entry best suited to be pushed into EA block */ for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) { + /* never move system.data out of the inode */ + if ((last->e_name_len == 4) && + (last->e_name_index == EXT4_XATTR_INDEX_SYSTEM) && + !memcmp(last->e_name, "data", 4)) + continue; total_size = EXT4_XATTR_LEN(last->e_name_len); if (!last->e_value_inum) total_size += EXT4_XATTR_SIZE(

7 years, 5 months

1
0
0 0

FAILED: patch "[PATCH] ext4: always verify the magic number in xattr blocks" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 513f86d73855ce556ea9522b6bfd79f87356dc3a Mon Sep 17 00:00:00 2001 From: Theodore Ts'o <tytso(a)mit.edu> Date: Wed, 13 Jun 2018 00:51:28 -0400 Subject: [PATCH] ext4: always verify the magic number in xattr blocks If there an inode points to a block which is also some other type of metadata block (such as a block allocation bitmap), the buffer_verified flag can be set when it was validated as that other metadata block type; however, it would make a really terrible external attribute block. The reason why we use the verified flag is to avoid constantly reverifying the block. However, it doesn't take much overhead to make sure the magic number of the xattr block is correct, and this will avoid potential crashes. This addresses CVE-2018-10879. https://bugzilla.kernel.org/show_bug.cgi?id=200001 Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Reviewed-by: Andreas Dilger <adilger(a)dilger.ca> Cc: stable(a)kernel.org diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 230ba79715f6..0263692979ec 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -230,12 +230,12 @@ __ext4_xattr_check_block(struct inode *inode, struct buffer_head *bh, { int error = -EFSCORRUPTED; - if (buffer_verified(bh)) - return 0; - if (BHDR(bh)->h_magic != cpu_to_le32(EXT4_XATTR_MAGIC) || BHDR(bh)->h_blocks != cpu_to_le32(1)) goto errout; + if (buffer_verified(bh)) + return 0; + error = -EFSBADCRC; if (!ext4_xattr_block_csum_verify(inode, bh)) goto errout;

7 years, 5 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror