- Linux-stable-mirror - lists.linaro.org

[PATCH 1/1] hugetlbfs: fix bug in pgoff overflow checking

by Mike Kravetz

This is a fix for a regression in 32 bit kernels caused by an invalid check for pgoff overflow in hugetlbfs mmap setup. The check incorrectly specified that the size of a loff_t was the same as the size of a long. The regression prevents mapping hugetlbfs files at offset greater than 4GB on 32 bit kernels. Fix the check by using sizeof(loff_t) to get size. In addition, make sure pgoff + length can be represented by a signed long huge page offset. This check is only necessary on 32 bit kernels. Fixes: 63489f8e8211 ("hugetlbfs: check for pgoff value overflow") Cc: <stable(a)vger.kernel.org> Reported-by: Dan Rue <dan.rue(a)linaro.org> Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> --- fs/hugetlbfs/inode.c | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c index b9a254dcc0e7..8450a1d75dfa 100644 --- a/fs/hugetlbfs/inode.c +++ b/fs/hugetlbfs/inode.c @@ -116,7 +116,8 @@ static void huge_pagevec_release(struct pagevec *pvec) * bit into account. */ #define PGOFF_LOFFT_MAX \ - (((1UL << (PAGE_SHIFT + 1)) - 1) << (BITS_PER_LONG - (PAGE_SHIFT + 1))) + (((1UL << (PAGE_SHIFT + 1)) - 1) << \ + ((sizeof(loff_t) * BITS_PER_BYTE) - (PAGE_SHIFT + 1))) static int hugetlbfs_file_mmap(struct file *file, struct vm_area_struct *vma) { @@ -138,21 +139,32 @@ static int hugetlbfs_file_mmap(struct file *file, struct vm_area_struct *vma) /* * page based offset in vm_pgoff could be sufficiently large to - * overflow a (l)off_t when converted to byte offset. + * overflow a loff_t when converted to byte offset. */ - if (vma->vm_pgoff & PGOFF_LOFFT_MAX) + if ((loff_t)vma->vm_pgoff & (loff_t)PGOFF_LOFFT_MAX) return -EINVAL; - /* must be huge page aligned */ + /* vm_pgoff must be huge page aligned */ if (vma->vm_pgoff & (~huge_page_mask(h) >> PAGE_SHIFT)) return -EINVAL; + /* + * Compute file offset of the end of this mapping + */ vma_len = (loff_t)(vma->vm_end - vma->vm_start); len = vma_len + ((loff_t)vma->vm_pgoff << PAGE_SHIFT); - /* check for overflow */ + + /* Check to ensure this did not overflow loff_t */ if (len < vma_len) return -EINVAL; + /* + * On 32 bit systems, this check is necessary to ensure the last page + * of mapping can be represented as a signed long huge page index. + */ + if ((len >> huge_page_shift(h)) > LONG_MAX) + return -EINVAL; + inode_lock(inode); file_accessed(file); -- 2.13.6

7 years, 5 months

2
1
0 0

[PATCH v2 1/4] virt: vbox: Move declarations of vboxguest private functions to private header

by Hans de Goede

Move the declarations of functions from vboxguest_utils.c which are only meant for vboxguest internal use from include/linux/vbox_utils.h to drivers/virt/vboxguest/vboxguest_core.h. Cc: stable(a)vger.kernel.org Signed-off-by: Hans de Goede <hdegoede(a)redhat.com> --- drivers/virt/vboxguest/vboxguest_core.h | 8 ++++++++ include/linux/vbox_utils.h | 23 ----------------------- 2 files changed, 8 insertions(+), 23 deletions(-) diff --git a/drivers/virt/vboxguest/vboxguest_core.h b/drivers/virt/vboxguest/vboxguest_core.h index 6c784bf4fa6d..39ed85cf9244 100644 --- a/drivers/virt/vboxguest/vboxguest_core.h +++ b/drivers/virt/vboxguest/vboxguest_core.h @@ -171,4 +171,12 @@ irqreturn_t vbg_core_isr(int irq, void *dev_id); void vbg_linux_mouse_event(struct vbg_dev *gdev); +/* Private (non exported) functions form vboxguest_utils.c */ +void *vbg_req_alloc(size_t len, enum vmmdev_request_type req_type); +int vbg_req_perform(struct vbg_dev *gdev, void *req); +int vbg_hgcm_call32( + struct vbg_dev *gdev, u32 client_id, u32 function, u32 timeout_ms, + struct vmmdev_hgcm_function_parameter32 *parm32, u32 parm_count, + int *vbox_status); + #endif diff --git a/include/linux/vbox_utils.h b/include/linux/vbox_utils.h index c71def6b310f..a240ed2a0372 100644 --- a/include/linux/vbox_utils.h +++ b/include/linux/vbox_utils.h @@ -24,24 +24,6 @@ __printf(1, 2) void vbg_debug(const char *fmt, ...); #define vbg_debug pr_debug #endif -/** - * Allocate memory for generic request and initialize the request header. - * - * Return: the allocated memory - * @len: Size of memory block required for the request. - * @req_type: The generic request type. - */ -void *vbg_req_alloc(size_t len, enum vmmdev_request_type req_type); - -/** - * Perform a generic request. - * - * Return: VBox status code - * @gdev: The Guest extension device. - * @req: Pointer to the request structure. - */ -int vbg_req_perform(struct vbg_dev *gdev, void *req); - int vbg_hgcm_connect(struct vbg_dev *gdev, struct vmmdev_hgcm_service_location *loc, u32 *client_id, int *vbox_status); @@ -52,11 +34,6 @@ int vbg_hgcm_call(struct vbg_dev *gdev, u32 client_id, u32 function, u32 timeout_ms, struct vmmdev_hgcm_function_parameter *parms, u32 parm_count, int *vbox_status); -int vbg_hgcm_call32( - struct vbg_dev *gdev, u32 client_id, u32 function, u32 timeout_ms, - struct vmmdev_hgcm_function_parameter32 *parm32, u32 parm_count, - int *vbox_status); - /** * Convert a VirtualBox status code to a standard Linux kernel return value. * Return: 0 or negative errno value. -- 2.17.0.rc1

7 years, 5 months

1
2
0 0

[PATCH v4 2/6] PCI: aardvark: Fix logic in advk_pcie_valid_device()

by Thomas Petazzoni

From: Victor Gu <xigu(a)marvell.com> The PCI configuration space read/write functions were special casing the situation where PCI_SLOT(devfn) != 0, and returned PCIBIOS_DEVICE_NOT_FOUND in this case. However, while this is what is intended for the root bus, it is not intended for the child busses, as it prevents discovering devices with PCI_SLOT(x) != 0. Therefore, we return PCIBIOS_DEVICE_NOT_FOUND only if we're on the root bus. Fixes: 8c39d710363c1 ("PCI: aardvark: Add Aardvark PCI host controller driver") Cc: <stable(a)vger.kernel.org> Signed-off-by: Victor Gu <xigu(a)marvell.com> Reviewed-by: Wilson Ding <dingwei(a)marvell.com> Reviewed-by: Nadav Haklai <nadavh(a)marvell.com> [Thomas: tweak commit log.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni(a)bootlin.com> --- Changes since v2: - The logic has been factorized into a advk_pcie_valid_device() helper in a previous patch, so this patch was adjusted accordingly. --- drivers/pci/host/pci-aardvark.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/pci/host/pci-aardvark.c b/drivers/pci/host/pci-aardvark.c index 82bff709a4b3..9d7f9f1c6837 100644 --- a/drivers/pci/host/pci-aardvark.c +++ b/drivers/pci/host/pci-aardvark.c @@ -433,7 +433,7 @@ static int advk_pcie_wait_pio(struct advk_pcie *pcie) static bool advk_pcie_valid_device(struct advk_pcie *pcie, struct pci_bus *bus, int devfn) { - if (PCI_SLOT(devfn) != 0) + if ((bus->number == pcie->root_bus_nr) && PCI_SLOT(devfn) != 0) return false; return true; -- 2.14.3

7 years, 5 months

2
2
0 0

[PATCH] media: v4l2-compat-ioctl32: don't oops on overlay

by Mauro Carvalho Chehab

At put_v4l2_window32(), it tries to access kp->clips. However, kp points to an userspace pointer. So, it should be obtained via get_user(), otherwise it can OOPS: vivid-000: ================== END STATUS ================== BUG: unable to handle kernel paging request at 00000000fffb18e0 IP: [<ffffffffc05468d9>] __put_v4l2_format32+0x169/0x220 [videodev] PGD 3f5776067 PUD 3f576f067 PMD 3f5769067 PTE 800000042548f067 Oops: 0001 [#1] SMP Modules linked in: vivid videobuf2_vmalloc videobuf2_memops v4l2_dv_timings videobuf2_core v4l2_common videodev media xt_CHECKSUM iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_nat_ipv4 nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack tun bridge stp llc ebtable_filter ebtables ip6table_filter ip6_tables bluetooth rfkill binfmt_misc snd_hda_codec_hdmi i915 snd_hda_intel snd_hda_controller snd_hda_codec intel_rapl x86_pkg_temp_thermal snd_hwdep intel_powerclamp snd_pcm coretemp snd_seq_midi kvm_intel kvm snd_seq_midi_event snd_rawmidi i2c_algo_bit drm_kms_helper snd_seq drm crct10dif_pclmul e1000e snd_seq_device crc32_pclmul snd_timer ghash_clmulni_intel snd mei_me mei ptp pps_core soundcore lpc_ich video crc32c_intel [last unloaded: media] CPU: 2 PID: 28332 Comm: v4l2-compliance Not tainted 3.18.102+ #107 Hardware name: /NUC5i7RYB, BIOS RYBDWi35.86A.0364.2017.0511.0949 05/11/2017 task: ffff8804293f8000 ti: ffff8803f5640000 task.ti: ffff8803f5640000 RIP: 0010:[<ffffffffc05468d9>] [<ffffffffc05468d9>] __put_v4l2_format32+0x169/0x220 [videodev] RSP: 0018:ffff8803f5643e28 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00000000fffb1ab4 RDX: 00000000fffb1a68 RSI: 00000000fffb18d8 RDI: 00000000fffb1aa8 RBP: ffff8803f5643e48 R08: 0000000000000001 R09: ffff8803f54b0378 R10: 0000000000000000 R11: 0000000000000168 R12: 00000000fffb18c0 R13: 00000000fffb1a94 R14: 00000000fffb18c8 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff880456d00000(0063) knlGS:00000000f7100980 CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 CR2: 00000000fffb18e0 CR3: 00000003f552b000 CR4: 00000000003407e0 Stack: 00000000fffb1a94 00000000c0cc5640 0000000000000056 ffff8804274f3600 ffff8803f5643ed0 ffffffffc0547e16 0000000000000003 ffff8803f5643eb0 ffffffff81301460 ffff88009db44b01 ffff880441942520 ffff8800c0d05640 Call Trace: [<ffffffffc0547e16>] v4l2_compat_ioctl32+0x12d6/0x1b1d [videodev] [<ffffffff81301460>] ? file_has_perm+0x70/0xc0 [<ffffffff81252a2c>] compat_SyS_ioctl+0xec/0x1200 [<ffffffff8173241a>] sysenter_dispatch+0x7/0x21 Code: 00 00 48 8b 80 48 c0 ff ff 48 83 e8 38 49 39 c6 0f 87 2b ff ff ff 49 8d 45 1c e8 a3 ce e3 c0 85 c0 0f 85 1a ff ff ff 41 8d 40 ff <4d> 8b 64 24 20 41 89 d5 48 8d 44 40 03 4d 8d 34 c4 eb 15 0f 1f RIP [<ffffffffc05468d9>] __put_v4l2_format32+0x169/0x220 [videodev] RSP <ffff8803f5643e28> CR2: 00000000fffb18e0 Tested with vivid driver on Kernel v3.18.102. Same bug happens upstream too: BUG: KASAN: user-memory-access in __put_v4l2_format32+0x98/0x4d0 [videodev] Read of size 8 at addr 00000000ffe48400 by task v4l2-compliance/8713 CPU: 0 PID: 8713 Comm: v4l2-compliance Not tainted 4.16.0-rc4+ #108 Hardware name: /NUC5i7RYB, BIOS RYBDWi35.86A.0364.2017.0511.0949 05/11/2017 Call Trace: dump_stack+0x5c/0x7c kasan_report+0x164/0x380 ? __put_v4l2_format32+0x98/0x4d0 [videodev] __put_v4l2_format32+0x98/0x4d0 [videodev] v4l2_compat_ioctl32+0x1aec/0x27a0 [videodev] ? __fsnotify_inode_delete+0x20/0x20 ? __put_v4l2_format32+0x4d0/0x4d0 [videodev] compat_SyS_ioctl+0x646/0x14d0 ? do_ioctl+0x30/0x30 do_fast_syscall_32+0x191/0x3f4 entry_SYSENTER_compat+0x6b/0x7a ================================================================== Disabling lock debugging due to kernel taint BUG: unable to handle kernel paging request at 00000000ffe48400 IP: __put_v4l2_format32+0x98/0x4d0 [videodev] PGD 3a22fb067 P4D 3a22fb067 PUD 39b6f0067 PMD 39b6f1067 PTE 80000003256af067 Oops: 0001 [#1] SMP KASAN Modules linked in: vivid videobuf2_vmalloc videobuf2_dma_contig videobuf2_memops v4l2_tpg v4l2_dv_timings videobuf2_v4l2 videobuf2_common v4l2_common videodev xt_CHECKSUM iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_nat_ipv4 nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack libcrc32c tun bridge stp llc ebtable_filter ebtables ip6table_filter ip6_tables bluetooth rfkill ecdh_generic binfmt_misc snd_hda_codec_hdmi intel_rapl x86_pkg_temp_thermal intel_powerclamp i915 coretemp snd_hda_intel snd_hda_codec kvm_intel snd_hwdep snd_hda_core kvm snd_pcm irqbypass crct10dif_pclmul crc32_pclmul snd_seq_midi ghash_clmulni_intel snd_seq_midi_event i2c_algo_bit intel_cstate snd_rawmidi intel_uncore snd_seq drm_kms_helper e1000e snd_seq_device snd_timer intel_rapl_perf drm ptp snd mei_me mei lpc_ich pps_core soundcore video crc32c_intel CPU: 0 PID: 8713 Comm: v4l2-compliance Tainted: G B 4.16.0-rc4+ #108 Hardware name: /NUC5i7RYB, BIOS RYBDWi35.86A.0364.2017.0511.0949 05/11/2017 RIP: 0010:__put_v4l2_format32+0x98/0x4d0 [videodev] RSP: 0018:ffff8803b9be7d30 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffff8803ac983e80 RCX: ffffffff8cd929f2 RDX: 1ffffffff1d0a149 RSI: 0000000000000297 RDI: 0000000000000297 RBP: 00000000ffe485c0 R08: fffffbfff1cf5123 R09: ffffffff8e7a8948 R10: 0000000000000001 R11: fffffbfff1cf5122 R12: 00000000ffe483e0 R13: 00000000ffe485c4 R14: ffff8803ac985918 R15: 00000000ffe483e8 FS: 0000000000000000(0000) GS:ffff880407400000(0063) knlGS:00000000f7a46980 CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 CR2: 00000000ffe48400 CR3: 00000003a83f2003 CR4: 00000000003606f0 Call Trace: v4l2_compat_ioctl32+0x1aec/0x27a0 [videodev] ? __fsnotify_inode_delete+0x20/0x20 ? __put_v4l2_format32+0x4d0/0x4d0 [videodev] compat_SyS_ioctl+0x646/0x14d0 ? do_ioctl+0x30/0x30 do_fast_syscall_32+0x191/0x3f4 entry_SYSENTER_compat+0x6b/0x7a Code: 4c 89 f7 4d 8d 7c 24 08 e8 e6 a4 69 cb 48 8b 83 98 1a 00 00 48 83 e8 10 49 39 c7 0f 87 9d 01 00 00 49 8d 7c 24 20 e8 c8 a4 69 cb <4d> 8b 74 24 20 4c 89 ef 4c 89 fe ba 10 00 00 00 e8 23 d9 08 cc RIP: __put_v4l2_format32+0x98/0x4d0 [videodev] RSP: ffff8803b9be7d30 CR2: 00000000ffe48400 cc: stable(a)vger.kernel.org Signed-off-by: Mauro Carvalho Chehab <mchehab(a)s-opensource.com> --- drivers/media/v4l2-core/v4l2-compat-ioctl32.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/media/v4l2-core/v4l2-compat-ioctl32.c b/drivers/media/v4l2-core/v4l2-compat-ioctl32.c index 5198c9eeb348..4312935f1dfc 100644 --- a/drivers/media/v4l2-core/v4l2-compat-ioctl32.c +++ b/drivers/media/v4l2-core/v4l2-compat-ioctl32.c @@ -101,7 +101,7 @@ static int get_v4l2_window32(struct v4l2_window __user *kp, static int put_v4l2_window32(struct v4l2_window __user *kp, struct v4l2_window32 __user *up) { - struct v4l2_clip __user *kclips = kp->clips; + struct v4l2_clip __user *kclips; struct v4l2_clip32 __user *uclips; compat_caddr_t p; u32 clipcount; @@ -116,6 +116,8 @@ static int put_v4l2_window32(struct v4l2_window __user *kp, if (!clipcount) return 0; + if (get_user(kclips, &kp->clips)) + return -EFAULT; if (get_user(p, &up->clips)) return -EFAULT; uclips = compat_ptr(p); -- 2.14.3

7 years, 5 months

4
7
0 0

patch "USB: serial: ftdi_sio: add Id for Physik Instrumente E-870" added to usb-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: ftdi_sio: add Id for Physik Instrumente E-870 to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the usb-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 79a0b33165d8d8ec0840fcfc74fd0a8f219abeee Mon Sep 17 00:00:00 2001 From: "Teichmann, Martin" <martin.teichmann(a)xfel.eu> Date: Thu, 29 Mar 2018 08:39:37 +0200 Subject: USB: serial: ftdi_sio: add Id for Physik Instrumente E-870 This adds support for the Physik Instrumente E-870 PIShift Drive Electronics, a Piezo motor driver. Signed-off-by: Martin Teichmann <martin.teichmann(a)xfel.eu> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/ftdi_sio.c | 1 + drivers/usb/serial/ftdi_sio_ids.h | 1 + 2 files changed, 2 insertions(+) diff --git a/drivers/usb/serial/ftdi_sio.c b/drivers/usb/serial/ftdi_sio.c index f58c4ff6b387..85774cf4cc8f 100644 --- a/drivers/usb/serial/ftdi_sio.c +++ b/drivers/usb/serial/ftdi_sio.c @@ -893,6 +893,7 @@ static const struct usb_device_id id_table_combined[] = { { USB_DEVICE(PI_VID, PI_1014_PID) }, { USB_DEVICE(PI_VID, PI_1015_PID) }, { USB_DEVICE(PI_VID, PI_1016_PID) }, + { USB_DEVICE(PI_VID, PI_E870_PID) }, { USB_DEVICE(KONDO_VID, KONDO_USB_SERIAL_PID) }, { USB_DEVICE(BAYER_VID, BAYER_CONTOUR_CABLE_PID) }, { USB_DEVICE(FTDI_VID, MARVELL_OPENRD_PID), diff --git a/drivers/usb/serial/ftdi_sio_ids.h b/drivers/usb/serial/ftdi_sio_ids.h index 8b4ecd2bd297..14dff44a2a93 100644 --- a/drivers/usb/serial/ftdi_sio_ids.h +++ b/drivers/usb/serial/ftdi_sio_ids.h @@ -978,6 +978,7 @@ #define PI_1014_PID 0x1014 /* PI Device */ #define PI_1015_PID 0x1015 /* PI Device */ #define PI_1016_PID 0x1016 /* PI Digital Servo Module */ +#define PI_E870_PID 0x1019 /* PI E-870 Piezomotor Controller */ /* * Kondo Kagaku Co.Ltd. -- 2.16.3

7 years, 5 months

3
2
0 0

[PATCH] Revert "USB: serial: ftdi_sio: add Id for Physik Instrumente E-870"

by Johan Hovold

This reverts commit 79a0b33165d8d8ec0840fcfc74fd0a8f219abeee. Turns out this is not an FTDI device after all. Reported-by: Martin Teichmann <martin.teichmann(a)xfel.eu> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- Greg, I included the stable tag above as the offending patch had it, but I will try to remember to speak out in case it gets added to the stable queue in the first place. Thanks, Johan drivers/usb/serial/ftdi_sio.c | 1 - drivers/usb/serial/ftdi_sio_ids.h | 1 - 2 files changed, 2 deletions(-) diff --git a/drivers/usb/serial/ftdi_sio.c b/drivers/usb/serial/ftdi_sio.c index 85774cf4cc8f..f58c4ff6b387 100644 --- a/drivers/usb/serial/ftdi_sio.c +++ b/drivers/usb/serial/ftdi_sio.c @@ -893,7 +893,6 @@ static const struct usb_device_id id_table_combined[] = { { USB_DEVICE(PI_VID, PI_1014_PID) }, { USB_DEVICE(PI_VID, PI_1015_PID) }, { USB_DEVICE(PI_VID, PI_1016_PID) }, - { USB_DEVICE(PI_VID, PI_E870_PID) }, { USB_DEVICE(KONDO_VID, KONDO_USB_SERIAL_PID) }, { USB_DEVICE(BAYER_VID, BAYER_CONTOUR_CABLE_PID) }, { USB_DEVICE(FTDI_VID, MARVELL_OPENRD_PID), diff --git a/drivers/usb/serial/ftdi_sio_ids.h b/drivers/usb/serial/ftdi_sio_ids.h index 14dff44a2a93..8b4ecd2bd297 100644 --- a/drivers/usb/serial/ftdi_sio_ids.h +++ b/drivers/usb/serial/ftdi_sio_ids.h @@ -978,7 +978,6 @@ #define PI_1014_PID 0x1014 /* PI Device */ #define PI_1015_PID 0x1015 /* PI Device */ #define PI_1016_PID 0x1016 /* PI Digital Servo Module */ -#define PI_E870_PID 0x1019 /* PI E-870 Piezomotor Controller */ /* * Kondo Kagaku Co.Ltd. -- 2.16.3

7 years, 5 months

1
0
0 0

patch "USB: serial: ftdi_sio: add Id for Physik Instrumente E-870" added to usb-next

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: ftdi_sio: add Id for Physik Instrumente E-870 to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-next branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will also be merged in the next major kernel release during the merge window. If you have any questions about this process, please let me know. >From 79a0b33165d8d8ec0840fcfc74fd0a8f219abeee Mon Sep 17 00:00:00 2001 From: "Teichmann, Martin" <martin.teichmann(a)xfel.eu> Date: Thu, 29 Mar 2018 08:39:37 +0200 Subject: USB: serial: ftdi_sio: add Id for Physik Instrumente E-870 This adds support for the Physik Instrumente E-870 PIShift Drive Electronics, a Piezo motor driver. Signed-off-by: Martin Teichmann <martin.teichmann(a)xfel.eu> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/ftdi_sio.c | 1 + drivers/usb/serial/ftdi_sio_ids.h | 1 + 2 files changed, 2 insertions(+) diff --git a/drivers/usb/serial/ftdi_sio.c b/drivers/usb/serial/ftdi_sio.c index f58c4ff6b387..85774cf4cc8f 100644 --- a/drivers/usb/serial/ftdi_sio.c +++ b/drivers/usb/serial/ftdi_sio.c @@ -893,6 +893,7 @@ static const struct usb_device_id id_table_combined[] = { { USB_DEVICE(PI_VID, PI_1014_PID) }, { USB_DEVICE(PI_VID, PI_1015_PID) }, { USB_DEVICE(PI_VID, PI_1016_PID) }, + { USB_DEVICE(PI_VID, PI_E870_PID) }, { USB_DEVICE(KONDO_VID, KONDO_USB_SERIAL_PID) }, { USB_DEVICE(BAYER_VID, BAYER_CONTOUR_CABLE_PID) }, { USB_DEVICE(FTDI_VID, MARVELL_OPENRD_PID), diff --git a/drivers/usb/serial/ftdi_sio_ids.h b/drivers/usb/serial/ftdi_sio_ids.h index 8b4ecd2bd297..14dff44a2a93 100644 --- a/drivers/usb/serial/ftdi_sio_ids.h +++ b/drivers/usb/serial/ftdi_sio_ids.h @@ -978,6 +978,7 @@ #define PI_1014_PID 0x1014 /* PI Device */ #define PI_1015_PID 0x1015 /* PI Device */ #define PI_1016_PID 0x1016 /* PI Digital Servo Module */ +#define PI_E870_PID 0x1019 /* PI E-870 Piezomotor Controller */ /* * Kondo Kagaku Co.Ltd. -- 2.16.3

7 years, 5 months

1
0
0 0

[PATCH v4 3/7] phy: qcom-qusb2: Fix crash if nvmem cell not specified

by Manu Gautam

Driver currently crashes due to NULL pointer deference while updating PHY tune register if nvmem cell is NULL. Since, fused value for Tune1/2 register is optional, we'd rather bail out. Fixes: ca04d9d3e1b1 ("phy: qcom-qusb2: New driver for QUSB2 PHY on Qcom chips") Reviewed-by: Vivek Gautam <vivek.gautam(a)codeaurora.org> Reviewed-by: Evan Green <evgreen(a)chromium.org> Cc: stable <stable(a)vger.kernel.org> # 4.14+ Signed-off-by: Manu Gautam <mgautam(a)codeaurora.org> --- drivers/phy/qualcomm/phy-qcom-qusb2.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/phy/qualcomm/phy-qcom-qusb2.c b/drivers/phy/qualcomm/phy-qcom-qusb2.c index 94afeac..40fdef8 100644 --- a/drivers/phy/qualcomm/phy-qcom-qusb2.c +++ b/drivers/phy/qualcomm/phy-qcom-qusb2.c @@ -315,6 +315,10 @@ static void qusb2_phy_set_tune2_param(struct qusb2_phy *qphy) const struct qusb2_phy_cfg *cfg = qphy->cfg; u8 *val; + /* efuse register is optional */ + if (!qphy->cell) + return; + /* * Read efuse register having TUNE2/1 parameter's high nibble. * If efuse register shows value as 0x0, or if we fail to find -- The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum, a Linux Foundation Collaborative Project

7 years, 5 months

1
0
0 0

Patch "net: hns: Fix a skb used after free bug" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled net: hns: Fix a skb used after free bug to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: net-hns-fix-a-skb-used-after-free-bug.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 27463ad99f738ed93c7c8b3e2e5bc8c4853a2ff2 Mon Sep 17 00:00:00 2001 From: Yunsheng Lin <linyunsheng(a)huawei.com> Date: Thu, 6 Jul 2017 10:22:00 +0800 Subject: net: hns: Fix a skb used after free bug From: Yunsheng Lin <linyunsheng(a)huawei.com> commit 27463ad99f738ed93c7c8b3e2e5bc8c4853a2ff2 upstream. skb maybe freed in hns_nic_net_xmit_hw() and return NETDEV_TX_OK, which cause hns_nic_net_xmit to use a freed skb. BUG: KASAN: use-after-free in hns_nic_net_xmit_hw+0x62c/0x940... [17659.112635] alloc_debug_processing+0x18c/0x1a0 [17659.117208] __slab_alloc+0x52c/0x560 [17659.120909] kmem_cache_alloc_node+0xac/0x2c0 [17659.125309] __alloc_skb+0x6c/0x260 [17659.128837] tcp_send_ack+0x8c/0x280 [17659.132449] __tcp_ack_snd_check+0x9c/0xf0 [17659.136587] tcp_rcv_established+0x5a4/0xa70 [17659.140899] tcp_v4_do_rcv+0x27c/0x620 [17659.144687] tcp_prequeue_process+0x108/0x170 [17659.149085] tcp_recvmsg+0x940/0x1020 [17659.152787] inet_recvmsg+0x124/0x180 [17659.156488] sock_recvmsg+0x64/0x80 [17659.160012] SyS_recvfrom+0xd8/0x180 [17659.163626] __sys_trace_return+0x0/0x4 [17659.167506] INFO: Freed in kfree_skbmem+0xa0/0xb0 age=23 cpu=1 pid=13 [17659.174000] free_debug_processing+0x1d4/0x2c0 [17659.178486] __slab_free+0x240/0x390 [17659.182100] kmem_cache_free+0x24c/0x270 [17659.186062] kfree_skbmem+0xa0/0xb0 [17659.189587] __kfree_skb+0x28/0x40 [17659.193025] napi_gro_receive+0x168/0x1c0 [17659.197074] hns_nic_rx_up_pro+0x58/0x90 [17659.201038] hns_nic_rx_poll_one+0x518/0xbc0 [17659.205352] hns_nic_common_poll+0x94/0x140 [17659.209576] net_rx_action+0x458/0x5e0 [17659.213363] __do_softirq+0x1b8/0x480 [17659.217062] run_ksoftirqd+0x64/0x80 [17659.220679] smpboot_thread_fn+0x224/0x310 [17659.224821] kthread+0x150/0x170 [17659.228084] ret_from_fork+0x10/0x40 BUG: KASAN: use-after-free in hns_nic_net_xmit+0x8c/0xc0... [17751.080490] __slab_alloc+0x52c/0x560 [17751.084188] kmem_cache_alloc+0x244/0x280 [17751.088238] __build_skb+0x40/0x150 [17751.091764] build_skb+0x28/0x100 [17751.095115] __alloc_rx_skb+0x94/0x150 [17751.098900] __napi_alloc_skb+0x34/0x90 [17751.102776] hns_nic_rx_poll_one+0x180/0xbc0 [17751.107097] hns_nic_common_poll+0x94/0x140 [17751.111333] net_rx_action+0x458/0x5e0 [17751.115123] __do_softirq+0x1b8/0x480 [17751.118823] run_ksoftirqd+0x64/0x80 [17751.122437] smpboot_thread_fn+0x224/0x310 [17751.126575] kthread+0x150/0x170 [17751.129838] ret_from_fork+0x10/0x40 [17751.133454] INFO: Freed in kfree_skbmem+0xa0/0xb0 age=19 cpu=7 pid=43 [17751.139951] free_debug_processing+0x1d4/0x2c0 [17751.144436] __slab_free+0x240/0x390 [17751.148051] kmem_cache_free+0x24c/0x270 [17751.152014] kfree_skbmem+0xa0/0xb0 [17751.155543] __kfree_skb+0x28/0x40 [17751.159022] napi_gro_receive+0x168/0x1c0 [17751.163074] hns_nic_rx_up_pro+0x58/0x90 [17751.167041] hns_nic_rx_poll_one+0x518/0xbc0 [17751.171358] hns_nic_common_poll+0x94/0x140 [17751.175585] net_rx_action+0x458/0x5e0 [17751.179373] __do_softirq+0x1b8/0x480 [17751.183076] run_ksoftirqd+0x64/0x80 [17751.186691] smpboot_thread_fn+0x224/0x310 [17751.190826] kthread+0x150/0x170 [17751.194093] ret_from_fork+0x10/0x40 Fixes: 13ac695e7ea1 ("net:hns: Add support of Hip06 SoC to the Hislicon Network Subsystem") Signed-off-by: Yunsheng Lin <linyunsheng(a)huawei.com> Signed-off-by: lipeng <lipeng321(a)huawei.com> Reported-by: Jun He <hjat2005(a)huawei.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Erick Reyes <erickreyes(a)google.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/net/ethernet/hisilicon/hns/hns_enet.c | 22 ++++++++++------------ drivers/net/ethernet/hisilicon/hns/hns_enet.h | 6 +++--- 2 files changed, 13 insertions(+), 15 deletions(-) --- a/drivers/net/ethernet/hisilicon/hns/hns_enet.c +++ b/drivers/net/ethernet/hisilicon/hns/hns_enet.c @@ -299,9 +299,9 @@ static void fill_tso_desc(struct hnae_ri mtu); } -int hns_nic_net_xmit_hw(struct net_device *ndev, - struct sk_buff *skb, - struct hns_nic_ring_data *ring_data) +netdev_tx_t hns_nic_net_xmit_hw(struct net_device *ndev, + struct sk_buff *skb, + struct hns_nic_ring_data *ring_data) { struct hns_nic_priv *priv = netdev_priv(ndev); struct hnae_ring *ring = ring_data->ring; @@ -360,6 +360,10 @@ int hns_nic_net_xmit_hw(struct net_devic dev_queue = netdev_get_tx_queue(ndev, skb->queue_mapping); netdev_tx_sent_queue(dev_queue, skb->len); + netif_trans_update(ndev); + ndev->stats.tx_bytes += skb->len; + ndev->stats.tx_packets++; + wmb(); /* commit all data before submit */ assert(skb->queue_mapping < priv->ae_handle->q_num); hnae_queue_xmit(priv->ae_handle->qs[skb->queue_mapping], buf_num); @@ -1408,17 +1412,11 @@ static netdev_tx_t hns_nic_net_xmit(stru struct net_device *ndev) { struct hns_nic_priv *priv = netdev_priv(ndev); - int ret; assert(skb->queue_mapping < ndev->ae_handle->q_num); - ret = hns_nic_net_xmit_hw(ndev, skb, - &tx_ring_data(priv, skb->queue_mapping)); - if (ret == NETDEV_TX_OK) { - netif_trans_update(ndev); - ndev->stats.tx_bytes += skb->len; - ndev->stats.tx_packets++; - } - return (netdev_tx_t)ret; + + return hns_nic_net_xmit_hw(ndev, skb, + &tx_ring_data(priv, skb->queue_mapping)); } static int hns_nic_change_mtu(struct net_device *ndev, int new_mtu) --- a/drivers/net/ethernet/hisilicon/hns/hns_enet.h +++ b/drivers/net/ethernet/hisilicon/hns/hns_enet.h @@ -91,8 +91,8 @@ void hns_ethtool_set_ops(struct net_devi void hns_nic_net_reset(struct net_device *ndev); void hns_nic_net_reinit(struct net_device *netdev); int hns_nic_init_phy(struct net_device *ndev, struct hnae_handle *h); -int hns_nic_net_xmit_hw(struct net_device *ndev, - struct sk_buff *skb, - struct hns_nic_ring_data *ring_data); +netdev_tx_t hns_nic_net_xmit_hw(struct net_device *ndev, + struct sk_buff *skb, + struct hns_nic_ring_data *ring_data); #endif /**__HNS_ENET_H */ Patches currently in stable-queue which might be from linyunsheng(a)huawei.com are queue-4.9/net-hns-fix-a-skb-used-after-free-bug.patch

7 years, 5 months

1
0
0 0

[PATCH v4 5/6] PCI: aardvark: Fix PCIe Max Read Request Size setting

by Thomas Petazzoni

From: Evan Wang <xswang(a)marvell.com> There is an obvious typo issue in the definition of the PCIe maximum read request size: a bit shift is directly used as a value, while it should be used to shift the correct value. Fixes: 8c39d710363c1 ("PCI: aardvark: Add Aardvark PCI host controller driver") Cc: <stable(a)vger.kernel.org> Signed-off-by: Evan Wang <xswang(a)marvell.com> Reviewed-by: Victor Gu <xigu(a)marvell.com> Reviewed-by: Nadav Haklai <nadavh(a)marvell.com> [Thomas: tweak commit log.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni(a)bootlin.com> --- drivers/pci/host/pci-aardvark.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/pci/host/pci-aardvark.c b/drivers/pci/host/pci-aardvark.c index f94bd70a8f6d..69c4fd50947e 100644 --- a/drivers/pci/host/pci-aardvark.c +++ b/drivers/pci/host/pci-aardvark.c @@ -29,6 +29,7 @@ #define PCIE_CORE_DEV_CTRL_STATS_MAX_PAYLOAD_SZ_SHIFT 5 #define PCIE_CORE_DEV_CTRL_STATS_SNOOP_DISABLE (0 << 11) #define PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SIZE_SHIFT 12 +#define PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SZ 0x2 #define PCIE_CORE_LINK_CTRL_STAT_REG 0xd0 #define PCIE_CORE_LINK_L0S_ENTRY BIT(0) #define PCIE_CORE_LINK_TRAINING BIT(5) @@ -295,7 +296,8 @@ static void advk_pcie_setup_hw(struct advk_pcie *pcie) reg = PCIE_CORE_DEV_CTRL_STATS_RELAX_ORDER_DISABLE | (7 << PCIE_CORE_DEV_CTRL_STATS_MAX_PAYLOAD_SZ_SHIFT) | PCIE_CORE_DEV_CTRL_STATS_SNOOP_DISABLE | - PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SIZE_SHIFT; + (PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SZ << + PCIE_CORE_DEV_CTRL_STATS_MAX_RD_REQ_SIZE_SHIFT); advk_writel(pcie, reg, PCIE_CORE_DEV_CTRL_STATS_REG); /* Program PCIe Control 2 to disable strict ordering */ -- 2.14.3

7 years, 5 months

1
0
0 0

[PATCH v4 4/6] PCI: aardvark: Use ISR1 instead of ISR0 interrupt in legacy irq mode

by Thomas Petazzoni

From: Victor Gu <xigu(a)marvell.com> The Aardvark has two interrupts sets: - first set is bit[23:16] of PCIe ISR 0 register(RD0074840h) - second set is bit[11:8] of PCIe ISR 1 register(RD0074848h) Only one set should be used, while another set should be masked. The second set, ISR1, is more advanced, the Legacy INT_X status bit is asserted once Assert_INTX message is received, and de-asserted after Deassert_INTX message is received. Therefore, it matches what the driver is currently doing in the ->irq_mask() and ->irq_unmask() functions. The ISR0 requires additional work to deassert the interrupt, which the driver doesn't do currently. This commit resolves a number of issues with legacy interrupts. This is part of fixing bug https://bugzilla.kernel.org/show_bug.cgi?id=196339, this commit was reported as the user to be important to get a Intel 7260 mini-PCIe WiFi card working. Fixes: 8c39d710363c1 ("PCI: aardvark: Add Aardvark PCI host controller driver") Cc: <stable(a)vger.kernel.org> Signed-off-by: Victor Gu <xigu(a)marvell.com> Reviewed-by: Evan Wang <xswang(a)marvell.com> Reviewed-by: Nadav Haklai <nadavh(a)marvell.com> [Thomas: tweak commit log.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni(a)bootlin.com> --- drivers/pci/host/pci-aardvark.c | 41 ++++++++++++++++++++++++----------------- 1 file changed, 24 insertions(+), 17 deletions(-) diff --git a/drivers/pci/host/pci-aardvark.c b/drivers/pci/host/pci-aardvark.c index 2d0f8148ae9b..f94bd70a8f6d 100644 --- a/drivers/pci/host/pci-aardvark.c +++ b/drivers/pci/host/pci-aardvark.c @@ -100,7 +100,8 @@ #define PCIE_ISR1_MASK_REG (CONTROL_BASE_ADDR + 0x4C) #define PCIE_ISR1_POWER_STATE_CHANGE BIT(4) #define PCIE_ISR1_FLUSH BIT(5) -#define PCIE_ISR1_ALL_MASK GENMASK(5, 4) +#define PCIE_ISR1_INTX_ASSERT(val) BIT(8 + (val)) +#define PCIE_ISR1_ALL_MASK GENMASK(11, 4) #define PCIE_MSI_ADDR_LOW_REG (CONTROL_BASE_ADDR + 0x50) #define PCIE_MSI_ADDR_HIGH_REG (CONTROL_BASE_ADDR + 0x54) #define PCIE_MSI_STATUS_REG (CONTROL_BASE_ADDR + 0x58) @@ -616,9 +617,9 @@ static void advk_pcie_irq_mask(struct irq_data *d) irq_hw_number_t hwirq = irqd_to_hwirq(d); u32 mask; - mask = advk_readl(pcie, PCIE_ISR0_MASK_REG); - mask |= PCIE_ISR0_INTX_ASSERT(hwirq); - advk_writel(pcie, mask, PCIE_ISR0_MASK_REG); + mask = advk_readl(pcie, PCIE_ISR1_MASK_REG); + mask |= PCIE_ISR1_INTX_ASSERT(hwirq); + advk_writel(pcie, mask, PCIE_ISR1_MASK_REG); } static void advk_pcie_irq_unmask(struct irq_data *d) @@ -627,9 +628,9 @@ static void advk_pcie_irq_unmask(struct irq_data *d) irq_hw_number_t hwirq = irqd_to_hwirq(d); u32 mask; - mask = advk_readl(pcie, PCIE_ISR0_MASK_REG); - mask &= ~PCIE_ISR0_INTX_ASSERT(hwirq); - advk_writel(pcie, mask, PCIE_ISR0_MASK_REG); + mask = advk_readl(pcie, PCIE_ISR1_MASK_REG); + mask &= ~PCIE_ISR1_INTX_ASSERT(hwirq); + advk_writel(pcie, mask, PCIE_ISR1_MASK_REG); } static int advk_pcie_irq_map(struct irq_domain *h, @@ -772,29 +773,35 @@ static void advk_pcie_handle_msi(struct advk_pcie *pcie) static void advk_pcie_handle_int(struct advk_pcie *pcie) { - u32 val, mask, status; + u32 isr0_val, isr0_mask, isr0_status; + u32 isr1_val, isr1_mask, isr1_status; int i, virq; - val = advk_readl(pcie, PCIE_ISR0_REG); - mask = advk_readl(pcie, PCIE_ISR0_MASK_REG); - status = val & ((~mask) & PCIE_ISR0_ALL_MASK); + isr0_val = advk_readl(pcie, PCIE_ISR0_REG); + isr0_mask = advk_readl(pcie, PCIE_ISR0_MASK_REG); + isr0_status = isr0_val & ((~isr0_mask) & PCIE_ISR0_ALL_MASK); - if (!status) { - advk_writel(pcie, val, PCIE_ISR0_REG); + isr1_val = advk_readl(pcie, PCIE_ISR1_REG); + isr1_mask = advk_readl(pcie, PCIE_ISR1_MASK_REG); + isr1_status = isr1_val & ((~isr1_mask) & PCIE_ISR1_ALL_MASK); + + if (!isr0_status && !isr1_status) { + advk_writel(pcie, isr0_val, PCIE_ISR0_REG); + advk_writel(pcie, isr1_val, PCIE_ISR1_REG); return; } /* Process MSI interrupts */ - if (status & PCIE_ISR0_MSI_INT_PENDING) + if (isr0_status & PCIE_ISR0_MSI_INT_PENDING) advk_pcie_handle_msi(pcie); /* Process legacy interrupts */ for (i = 0; i < PCI_NUM_INTX; i++) { - if (!(status & PCIE_ISR0_INTX_ASSERT(i))) + if (!(isr1_status & PCIE_ISR1_INTX_ASSERT(i))) continue; - advk_writel(pcie, PCIE_ISR0_INTX_ASSERT(i), - PCIE_ISR0_REG); + advk_writel(pcie, PCIE_ISR1_INTX_ASSERT(i), + PCIE_ISR1_REG); virq = irq_find_mapping(pcie->irq_domain, i); generic_handle_irq(virq); -- 2.14.3

7 years, 5 months

1
0
0 0

[PATCH v4 3/6] PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf()

by Thomas Petazzoni

From: Victor Gu <xigu(a)marvell.com> When setting the PIO_ADDR_LS register during a configuration read, we were properly passing the device number, function number and register number, but not the bus number, causing issues when reading the configuration of PCIe devices. Fixes: 8c39d710363c1 ("PCI: aardvark: Add Aardvark PCI host controller driver") Cc: <stable(a)vger.kernel.org> Signed-off-by: Victor Gu <xigu(a)marvell.com> Reviewed-by: Wilson Ding <dingwei(a)marvell.com> Reviewed-by: Nadav Haklai <nadavh(a)marvell.com> [Thomas: tweak commit log.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni(a)bootlin.com> --- Changes since v2: - Drop PCIE_BDF() macro, since it's no longer used. Noticed by Bjorn Helgaas. --- drivers/pci/host/pci-aardvark.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/drivers/pci/host/pci-aardvark.c b/drivers/pci/host/pci-aardvark.c index 9d7f9f1c6837..2d0f8148ae9b 100644 --- a/drivers/pci/host/pci-aardvark.c +++ b/drivers/pci/host/pci-aardvark.c @@ -172,8 +172,6 @@ #define PCIE_CONFIG_WR_TYPE0 0xa #define PCIE_CONFIG_WR_TYPE1 0xb -/* PCI_BDF shifts 8bit, so we need extra 4bit shift */ -#define PCIE_BDF(dev) (dev << 4) #define PCIE_CONF_BUS(bus) (((bus) & 0xff) << 20) #define PCIE_CONF_DEV(dev) (((dev) & 0x1f) << 15) #define PCIE_CONF_FUNC(fun) (((fun) & 0x7) << 12) @@ -465,7 +463,7 @@ static int advk_pcie_rd_conf(struct pci_bus *bus, u32 devfn, advk_writel(pcie, reg, PIO_CTRL); /* Program the address registers */ - reg = PCIE_BDF(devfn) | PCIE_CONF_REG(where); + reg = PCIE_CONF_ADDR(bus->number, devfn, where); advk_writel(pcie, reg, PIO_ADDR_LS); advk_writel(pcie, 0, PIO_ADDR_MS); -- 2.14.3

7 years, 5 months

1
0
0 0

Linux 4.4.125

by Greg KH

I'm announcing the release of the 4.4.125 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 11 ++ arch/arm64/mm/mmu.c | 12 ++ arch/mips/ralink/reset.c | 7 - arch/x86/Makefile | 9 + arch/x86/boot/compressed/misc.c | 4 arch/x86/entry/entry_64.S | 2 arch/x86/include/asm/vmx.h | 1 arch/x86/kernel/cpu/perf_event_intel.c | 2 arch/x86/kernel/traps.c | 24 ++-- arch/x86/kvm/vmx.c | 9 + arch/x86/mm/pgtable.c | 48 +++++++++ arch/x86/net/bpf_jit_comp.c | 3 drivers/acpi/numa.c | 10 +- drivers/ata/ahci.c | 4 drivers/ata/libata-core.c | 26 ++++- drivers/ata/libata-scsi.c | 4 drivers/bluetooth/btusb.c | 2 drivers/clk/bcm/clk-bcm2835.c | 4 drivers/gpu/drm/radeon/radeon_connectors.c | 31 ++---- drivers/gpu/drm/udl/udl_fb.c | 9 + drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 28 +++-- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 12 +- drivers/gpu/drm/vmwgfx/vmwgfx_scrn.c | 5 - drivers/gpu/drm/vmwgfx/vmwgfx_stdu.c | 5 - drivers/iio/accel/st_accel_core.c | 2 drivers/iio/pressure/st_pressure_core.c | 2 drivers/mmc/host/dw_mmc.c | 6 - drivers/mtd/nand/fsl_ifc_nand.c | 5 - drivers/net/can/cc770/cc770.c | 100 ++++++++++++-------- drivers/net/can/cc770/cc770.h | 2 drivers/net/wireless/brcm80211/brcmfmac/p2p.c | 24 ++-- drivers/net/wireless/realtek/rtlwifi/rtl8723be/hw.c | 3 drivers/pci/quirks.c | 2 drivers/staging/lustre/lustre/ptlrpc/sec.c | 2 drivers/tty/vt/vt.c | 8 - fs/ncpfs/ncplib_kernel.c | 4 include/asm-generic/pgtable.h | 10 ++ include/uapi/linux/usb/audio.h | 4 kernel/bpf/syscall.c | 2 kernel/trace/trace_kprobe.c | 4 kernel/trace/trace_probe.c | 8 - kernel/trace/trace_probe.h | 2 lib/ioremap.c | 6 - sound/drivers/aloop.c | 17 +++ sound/pci/hda/patch_realtek.c | 6 + 45 files changed, 339 insertions(+), 152 deletions(-) Andri Yngvason (3): can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack can: cc770: Fix queue stall & dropped RTR reply can: cc770: Fix use after free in cc770_tx_interrupt() Andy Lutomirski (1): x86/entry/64: Don't use IST entry for #BP stack Arend Van Spriel (1): brcmfmac: fix P2P_DEVICE ethernet address generation Boris Brezillon (1): clk: bcm2835: Protect sections updating shared registers Chenbo Feng (1): bpf: skip unnecessary capability check Dan Carpenter (2): staging: ncpfs: memory corruption in ncp_read_kernel() perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period() Dan Williams (1): acpi, numa: fix pxm to online numa node associations Daniel Borkmann (2): kbuild: disable clang's default use of -fmerge-all-constants bpf, x64: increase number of passes Eric Biggers (2): libata: fix length validation of ATAPI-relayed SCSI commands libata: remove WARN() for DMA or PIO command without data Evgeniy Didin (1): mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs Greg Kroah-Hartman (2): drm: udl: Properly check framebuffer mmap offsets Linux 4.4.125 H.J. Lu (2): x86/build/64: Force the linker to use 2MB page size x86/boot/64: Verify alignment of the LOAD segment Hans de Goede (6): PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L ahci: Add PCI-id for the Highpoint Rocketraid 644L card libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version Jagdish Gediya (1): mtd: nand: fsl_ifc: Fix nand waitfunc return value Ju Hyung Park (1): libata: Enable queued TRIM for Samsung SSD 860 Kai-Heng Feng (1): libata: disable LPM for Crucial BX100 SSD 500GB drive Kirill Marinushkin (1): ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit Larry Finger (1): rtlwifi: rtl8723be: Fix loss of signal Linus Torvalds (2): tty: vt: fix up tabstops properly kvm/x86: fix icebp instruction handling Masami Hiramatsu (1): tracing: probeevent: Fix to support minus offset from symbol Michael Nosthoff (1): iio: st_pressure: st_accel: pass correct platform data to init Michel Dänzer (1): drm/radeon: Don't turn off DP sink when disconnected Nadav Amit (1): staging: lustre: ptlrpc: kfree used instead of kvfree NeilBrown (1): MIPS: ralink: Remove ralink_halt() Takashi Iwai (4): ALSA: aloop: Sync stale timer before release ALSA: aloop: Fix access to not-yet-ready substream via cable ALSA: hda/realtek - Always immediately update mute LED with pin VREF Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174 Thomas Hellstrom (1): drm/vmwgfx: Fix a destoy-while-held mutex problem. Toshi Kani (2): mm/vmalloc: add interfaces to free unmapped page table x86/mm: implement free pmd/pte page interfaces

7 years, 5 months

1
1
0 0

Linux 4.9.91

by Greg KH

I'm announcing the release of the 4.9.91 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-bus-iio | 2 Makefile | 11 + arch/arm64/mm/mmu.c | 10 + arch/mips/ralink/reset.c | 7 - arch/x86/Makefile | 9 + arch/x86/boot/compressed/misc.c | 4 arch/x86/entry/entry_64.S | 2 arch/x86/events/intel/core.c | 2 arch/x86/events/intel/uncore_snbep.c | 33 +++-- arch/x86/include/asm/vmx.h | 1 arch/x86/kernel/traps.c | 24 +--- arch/x86/kvm/vmx.c | 9 + arch/x86/mm/pgtable.c | 48 ++++++++ arch/x86/net/bpf_jit_comp.c | 3 drivers/acpi/acpi_watchdog.c | 4 drivers/acpi/numa.c | 10 + drivers/ata/ahci.c | 4 drivers/ata/libata-core.c | 26 +++- drivers/ata/libata-scsi.c | 10 + drivers/bluetooth/btusb.c | 2 drivers/clk/bcm/clk-bcm2835.c | 12 +- drivers/clk/sunxi-ng/ccu-sun6i-a31.c | 6 - drivers/gpu/drm/radeon/radeon_connectors.c | 31 ++--- drivers/gpu/drm/udl/udl_fb.c | 9 + drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 28 +++- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 12 +- drivers/gpu/drm/vmwgfx/vmwgfx_scrn.c | 5 drivers/gpu/drm/vmwgfx/vmwgfx_stdu.c | 5 drivers/iio/accel/st_accel_core.c | 2 drivers/iio/pressure/st_pressure_core.c | 2 drivers/mmc/host/dw_mmc.c | 6 - drivers/mtd/mtdchar.c | 4 drivers/mtd/nand/fsl_ifc_nand.c | 32 ++--- drivers/net/can/cc770/cc770.c | 100 ++++++++++------- drivers/net/can/cc770/cc770.h | 2 drivers/net/can/ifi_canfd/ifi_canfd.c | 75 +++++++----- drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c | 24 +--- drivers/net/wireless/realtek/rtlwifi/rtl8723be/hw.c | 3 drivers/nvdimm/blk.c | 3 drivers/nvdimm/btt.c | 3 drivers/pci/quirks.c | 2 drivers/staging/lustre/lustre/ptlrpc/sec.c | 2 drivers/tty/vt/vt.c | 8 - drivers/watchdog/wdat_wdt.c | 2 fs/ncpfs/ncplib_kernel.c | 4 fs/nfsd/nfs4state.c | 62 +++++++--- include/asm-generic/pgtable.h | 10 + include/linux/fsl_ifc.h | 6 - include/uapi/linux/usb/audio.h | 4 kernel/bpf/syscall.c | 2 kernel/trace/trace_kprobe.c | 4 kernel/trace/trace_probe.c | 8 - kernel/trace/trace_probe.h | 2 lib/ioremap.c | 6 - mm/huge_memory.c | 4 mm/khugepaged.c | 7 + mm/shmem.c | 31 +++-- sound/drivers/aloop.c | 17 ++ sound/pci/hda/patch_realtek.c | 6 - tools/perf/builtin-stat.c | 2 tools/testing/selftests/x86/Makefile | 2 tools/testing/selftests/x86/mpx-mini-test.c | 3 tools/testing/selftests/x86/protection_keys.c | 49 +++++--- tools/testing/selftests/x86/ptrace_syscall.c | 8 + 64 files changed, 545 insertions(+), 291 deletions(-) Andri Yngvason (3): can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack can: cc770: Fix queue stall & dropped RTR reply can: cc770: Fix use after free in cc770_tx_interrupt() Andy Lutomirski (3): selftests/x86/ptrace_syscall: Fix for yet more glibc interference x86/entry/64: Don't use IST entry for #BP stack selftests/x86/protection_keys: Fix syscall NR redefinition warnings Arend Van Spriel (1): brcmfmac: fix P2P_DEVICE ethernet address generation Boris Brezillon (2): clk: bcm2835: Fix ana->maskX definitions clk: bcm2835: Protect sections updating shared registers Chen-Yu Tsai (1): clk: sunxi-ng: a31: Fix CLK_OUT_* clock ops Chenbo Feng (1): bpf: skip unnecessary capability check Dan Carpenter (2): staging: ncpfs: memory corruption in ncp_read_kernel() perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period() Dan Williams (1): acpi, numa: fix pxm to online numa node associations Daniel Borkmann (2): kbuild: disable clang's default use of -fmerge-all-constants bpf, x64: increase number of passes Dave Hansen (2): selftests, x86, protection_keys: fix wrong offset in siginfo x86/pkeys/selftests: Rename 'si_pkey' to 'siginfo_pkey' Eric Biggers (3): libata: fix length validation of ATAPI-relayed SCSI commands libata: remove WARN() for DMA or PIO command without data libata: don't try to pass through NCQ commands to non-NCQ devices Eric W. Biederman (1): signal/testing: Don't look for __SI_FAULT in userspace Evgeniy Didin (1): mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs Greg Kroah-Hartman (2): drm: udl: Properly check framebuffer mmap offsets Linux 4.9.91 H.J. Lu (2): x86/build/64: Force the linker to use 2MB page size x86/boot/64: Verify alignment of the LOAD segment Hans de Goede (6): PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L ahci: Add PCI-id for the Highpoint Rocketraid 644L card libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version Ilya Pronin (1): perf stat: Fix CVS output format for non-supported counters Jagdish Gediya (3): mtd: nand: fsl_ifc: Fix nand waitfunc return value mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver >= 2.0.0 mtd: nand: fsl_ifc: Read ECCSTAT0 and ECCSTAT1 registers for IFC 2.0 Jeff Layton (1): nfsd: remove blocked locks on client teardown Ju Hyung Park (1): libata: Enable queued TRIM for Samsung SSD 860 Kai-Heng Feng (1): libata: disable LPM for Crucial BX100 SSD 500GB drive Kan Liang (2): perf/x86/intel/uncore: Fix Skylake UPI event format perf/x86/intel/uncore: Fix multi-domain PCI CHA enumeration bug on Skylake servers Kirill A. Shutemov (3): mm/khugepaged.c: convert VM_BUG_ON() to collapse fail mm/thp: do not wait for lock_page() in deferred_split_scan() mm/shmem: do not wait for lock_page() in shmem_unused_huge_shrink() Kirill Marinushkin (1): ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit Larry Finger (1): rtlwifi: rtl8723be: Fix loss of signal Linus Torvalds (2): tty: vt: fix up tabstops properly kvm/x86: fix icebp instruction handling Linus Walleij (1): iio: ABI: Fix name of timestamp sysfs file Marek Vasut (2): can: ifi: Repair the error handling can: ifi: Check core revision upon probe Masami Hiramatsu (1): tracing: probeevent: Fix to support minus offset from symbol Michael Nosthoff (1): iio: st_pressure: st_accel: pass correct platform data to init Michel Dänzer (1): drm/radeon: Don't turn off DP sink when disconnected Nadav Amit (1): staging: lustre: ptlrpc: kfree used instead of kvfree NeilBrown (1): MIPS: ralink: Remove ralink_halt() OuYang ZhiZhong (1): mtdchar: fix usage of mtd_ooblayout_ecc() Shuah Khan (1): selftests: x86: sysret_ss_attrs doesn't build on a PIE build Takashi Iwai (5): ALSA: aloop: Sync stale timer before release ALSA: aloop: Fix access to not-yet-ready substream via cable ALSA: hda/realtek - Always immediately update mute LED with pin VREF Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174 ACPI / watchdog: Fix off-by-one error at resource assignment Thomas Hellstrom (1): drm/vmwgfx: Fix a destoy-while-held mutex problem. Toshi Kani (2): mm/vmalloc: add interfaces to free unmapped page table x86/mm: implement free pmd/pte page interfaces Vishal Verma (1): libnvdimm, {btt, blk}: do integrity setup before add_disk()

7 years, 5 months

1
1
0 0

Linux 4.14.31

by Greg KH

I'm announcing the release of the 4.14.31 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-bus-iio | 2 Makefile | 11 + arch/arm64/mm/mmu.c | 10 + arch/h8300/include/asm/byteorder.h | 1 arch/mips/lantiq/Kconfig | 2 arch/mips/lantiq/xway/sysctrl.c | 6 - arch/mips/ralink/mt7621.c | 42 +++---- arch/mips/ralink/reset.c | 7 - arch/x86/Makefile | 9 + arch/x86/boot/compressed/misc.c | 4 arch/x86/entry/entry_64.S | 2 arch/x86/entry/vsyscall/vsyscall_64.c | 2 arch/x86/events/intel/core.c | 2 arch/x86/events/intel/uncore_snbep.c | 33 +++-- arch/x86/include/asm/vmx.h | 1 arch/x86/kernel/idt.c | 2 arch/x86/kernel/traps.c | 15 +- arch/x86/kvm/vmx.c | 9 + arch/x86/mm/pgtable.c | 48 ++++++++ arch/x86/net/bpf_jit_comp.c | 3 arch/x86/platform/efi/efi_64.c | 2 drivers/acpi/acpi_watchdog.c | 4 drivers/acpi/numa.c | 10 + drivers/ata/ahci.c | 4 drivers/ata/libata-core.c | 26 +++- drivers/ata/libata-scsi.c | 10 + drivers/bluetooth/btusb.c | 8 - drivers/clk/bcm/clk-bcm2835.c | 12 +- drivers/clk/sunxi-ng/ccu-sun6i-a31.c | 6 - drivers/gpu/drm/drm_framebuffer.c | 7 + drivers/gpu/drm/drm_syncobj.c | 81 +++++-------- drivers/gpu/drm/radeon/radeon_connectors.c | 31 ++--- drivers/gpu/drm/udl/udl_fb.c | 9 + drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 13 ++ drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 1 drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 39 +++++- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 13 +- drivers/gpu/drm/vmwgfx/vmwgfx_scrn.c | 5 drivers/gpu/drm/vmwgfx/vmwgfx_stdu.c | 5 drivers/hv/ring_buffer.c | 52 +++++--- drivers/iio/accel/st_accel_core.c | 2 drivers/iio/adc/meson_saradc.c | 4 drivers/iio/chemical/ccs811.c | 3 drivers/iio/imu/st_lsm6dsx/st_lsm6dsx_core.c | 2 drivers/iio/pressure/st_pressure_core.c | 2 drivers/infiniband/hw/mlx5/mr.c | 12 +- drivers/mmc/core/block.c | 19 +++ drivers/mmc/core/card.h | 1 drivers/mmc/core/quirks.h | 6 + drivers/mmc/host/dw_mmc-exynos.c | 8 + drivers/mmc/host/dw_mmc.c | 15 +- drivers/mtd/mtdchar.c | 4 drivers/mtd/nand/fsl_ifc_nand.c | 32 ++--- drivers/net/can/cc770/cc770.c | 100 ++++++++++------- drivers/net/can/cc770/cc770.h | 2 drivers/net/can/ifi_canfd/ifi_canfd.c | 75 +++++++----- drivers/net/can/peak_canfd/peak_canfd.c | 25 +--- drivers/net/can/peak_canfd/peak_pciefd_main.c | 8 + drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c | 24 +--- drivers/net/wireless/realtek/rtlwifi/rtl8723be/hw.c | 3 drivers/nvdimm/blk.c | 3 drivers/nvdimm/btt.c | 3 drivers/pci/quirks.c | 2 drivers/pinctrl/samsung/pinctrl-exynos-arm.c | 56 ++++++++- drivers/pinctrl/samsung/pinctrl-exynos-arm64.c | 14 ++ drivers/pinctrl/samsung/pinctrl-s3c24xx.c | 28 ++++ drivers/pinctrl/samsung/pinctrl-s3c64xx.c | 7 + drivers/pinctrl/samsung/pinctrl-samsung.c | 61 ++++++---- drivers/pinctrl/samsung/pinctrl-samsung.h | 40 ++++-- drivers/staging/android/ion/ion_cma_heap.c | 17 ++ drivers/staging/lustre/lustre/ptlrpc/sec.c | 2 drivers/tty/vt/vt.c | 8 - drivers/usb/host/xhci-hub.c | 5 drivers/usb/host/xhci.c | 34 +---- drivers/usb/host/xhci.h | 3 drivers/watchdog/wdat_wdt.c | 2 fs/hugetlbfs/inode.c | 17 ++ fs/ncpfs/ncplib_kernel.c | 4 fs/nfsd/nfs4state.c | 62 +++++++--- include/asm-generic/pgtable.h | 10 + include/drm/drm_syncobj.h | 5 include/linux/fsl_ifc.h | 6 - include/linux/memblock.h | 1 include/trace/events/mmc.h | 4 include/uapi/linux/usb/audio.h | 4 kernel/bpf/syscall.c | 2 kernel/cgroup/cgroup.c | 10 + kernel/events/core.c | 4 kernel/time/posix-timers.c | 11 + kernel/trace/trace_kprobe.c | 4 kernel/trace/trace_probe.c | 8 - kernel/trace/trace_probe.h | 2 lib/ioremap.c | 6 - mm/huge_memory.c | 4 mm/hugetlb.c | 7 + mm/khugepaged.c | 7 + mm/memblock.c | 28 ---- mm/page_alloc.c | 13 -- mm/shmem.c | 31 +++-- mm/vmscan.c | 31 ++--- sound/drivers/aloop.c | 17 ++ sound/pci/hda/hda_intel.c | 5 sound/pci/hda/patch_realtek.c | 20 +++ tools/perf/builtin-stat.c | 2 tools/testing/selftests/x86/protection_keys.c | 10 - tools/testing/selftests/x86/ptrace_syscall.c | 8 + 106 files changed, 978 insertions(+), 546 deletions(-) Adrian Hunter (1): mmc: core: Fix tracepoint print of blk_addr and blksz Andrey Ryabinin (1): mm/vmscan: wake up flushers for legacy cgroups too Andri Yngvason (3): can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack can: cc770: Fix queue stall & dropped RTR reply can: cc770: Fix use after free in cc770_tx_interrupt() Andy Lutomirski (2): x86/entry/64: Don't use IST entry for #BP stack selftests/x86/ptrace_syscall: Fix for yet more glibc interference Arend Van Spriel (1): brcmfmac: fix P2P_DEVICE ethernet address generation Arnd Bergmann (1): h8300: remove extraneous __BIG_ENDIAN definition Bastian Stender (1): mmc: block: fix updating ext_csd caches on ioctl call Boris Brezillon (2): clk: bcm2835: Fix ana->maskX definitions clk: bcm2835: Protect sections updating shared registers Boris Ostrovsky (1): x86/vsyscall/64: Use proper accessor to update P4D entry Chen-Yu Tsai (1): clk: sunxi-ng: a31: Fix CLK_OUT_* clock ops Chenbo Feng (1): bpf: skip unnecessary capability check Chris Wilson (1): drm/syncobj: Stop reusing the same struct file for all syncobj -> fd Dan Carpenter (3): iio: adc: meson-saradc: unlock on error in meson_sar_adc_lock() staging: ncpfs: memory corruption in ncp_read_kernel() perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period() Dan Williams (1): acpi, numa: fix pxm to online numa node associations Daniel Borkmann (2): kbuild: disable clang's default use of -fmerge-all-constants bpf, x64: increase number of passes Daniel Stone (1): drm: Reject getfb for multi-plane framebuffers Daniel Vacek (1): Revert "mm: page_alloc: skip over regions of invalid pfns where possible" Dave Hansen (1): x86/pkeys/selftests: Rename 'si_pkey' to 'siginfo_pkey' Dirk Behme (1): mmc: core: Disable HPI for certain Micron (Numonyx) eMMC cards Eric Biggers (3): libata: fix length validation of ATAPI-relayed SCSI commands libata: remove WARN() for DMA or PIO command without data libata: don't try to pass through NCQ commands to non-NCQ devices Evgeniy Didin (2): mmc: dw_mmc: Fix the DTO/CTO timeout overflow calculation for 32-bit systems mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs Greg Kroah-Hartman (2): drm: udl: Properly check framebuffer mmap offsets Linux 4.14.31 H.J. Lu (2): x86/build/64: Force the linker to use 2MB page size x86/boot/64: Verify alignment of the LOAD segment Hans de Goede (7): PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L ahci: Add PCI-id for the Highpoint Rocketraid 644L card Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version Ilya Pronin (1): perf stat: Fix CVS output format for non-supported counters Jaehoon Chung (1): mmc: dw_mmc: exynos: fix the suspend/resume issue for exynos5433 Jagdish Gediya (3): mtd: nand: fsl_ifc: Fix nand waitfunc return value mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver >= 2.0.0 mtd: nand: fsl_ifc: Read ECCSTAT0 and ECCSTAT1 registers for IFC 2.0 Jeff Layton (1): nfsd: remove blocked locks on client teardown Ju Hyung Park (1): libata: Enable queued TRIM for Samsung SSD 860 Kai-Heng Feng (2): Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table libata: disable LPM for Crucial BX100 SSD 500GB drive Kailang Yang (2): ALSA: hda/realtek - Fix speaker no sound after system resume ALSA: hda/realtek - Fix Dell headset Mic can't record Kan Liang (2): perf/x86/intel/uncore: Fix Skylake UPI event format perf/x86/intel/uncore: Fix multi-domain PCI CHA enumeration bug on Skylake servers Kirill A. Shutemov (3): mm/khugepaged.c: convert VM_BUG_ON() to collapse fail mm/thp: do not wait for lock_page() in deferred_split_scan() mm/shmem: do not wait for lock_page() in shmem_unused_huge_shrink() Kirill Marinushkin (1): ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit Krzysztof Kozlowski (1): pinctrl: samsung: Validate alias coming from DT Larry Finger (1): rtlwifi: rtl8723be: Fix loss of signal Leon Romanovsky (1): RDMA/mlx5: Fix crash while accessing garbage pointer and freed memory Liam Mark (1): staging: android: ion: Zero CMA allocated memory Linus Torvalds (2): tty: vt: fix up tabstops properly kvm/x86: fix icebp instruction handling Linus Walleij (1): iio: ABI: Fix name of timestamp sysfs file Lorenzo Bianconi (1): iio: imu: st_lsm6dsx: fix endianness in st_lsm6dsx_read_oneshot() Lu Baolu (2): usb: xhci: Disable slot even when virt-dev is null usb: xhci: Fix potential memory leak in xhci_disable_slot() Marek Vasut (2): can: ifi: Repair the error handling can: ifi: Check core revision upon probe Masami Hiramatsu (1): tracing: probeevent: Fix to support minus offset from symbol Mathias Kresin (3): MIPS: lantiq: Fix Danube USB clock MIPS: lantiq: Enable AHB Bus for USB MIPS: lantiq: ase: Enable MFD_SYSCON Michael Kelley (1): Drivers: hv: vmbus: Fix ring buffer signaling Michael Nosthoff (1): iio: st_pressure: st_accel: pass correct platform data to init Michel Dänzer (1): drm/radeon: Don't turn off DP sink when disconnected Mike Kravetz (1): hugetlbfs: check for pgoff value overflow Nadav Amit (1): staging: lustre: ptlrpc: kfree used instead of kvfree NeilBrown (2): MIPS: ralink: Remove ralink_halt() MIPS: ralink: Fix booting on MT7621 OuYang ZhiZhong (1): mtdchar: fix usage of mtd_ooblayout_ecc() Richard Lai (1): iio: chemical: ccs811: Corrected firmware boot/application mode transition Song Liu (1): perf/core: Fix ctx_event_type in ctx_resched() Stephane Grosjean (2): can: peak/pcie_fd: fix echo_skb is occupied! bug can: peak/pcie_fd: remove useless code when interface starts Takashi Iwai (6): ALSA: aloop: Sync stale timer before release ALSA: aloop: Fix access to not-yet-ready substream via cable ALSA: hda - Force polling mode on CFL for fixing codec communication ALSA: hda/realtek - Always immediately update mute LED with pin VREF Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174 ACPI / watchdog: Fix off-by-one error at resource assignment Tejun Heo (1): cgroup: fix rule checking for threaded mode switching Tetsuo Handa (1): lockdep: fix fs_reclaim warning Thomas Gleixner (1): posix-timers: Protect posix clock array access against speculation Thomas Hellstrom (2): drm/vmwgfx: Fix black screen and device errors when running without fbdev drm/vmwgfx: Fix a destoy-while-held mutex problem. Toshi Kani (2): mm/vmalloc: add interfaces to free unmapped page table x86/mm: implement free pmd/pte page interfaces Vishal Verma (1): libnvdimm, {btt, blk}: do integrity setup before add_disk() Waiman Long (1): x86/efi: Free efi_pgd with free_pages()

7 years, 5 months

1
1
0 0

Linux 4.15.14

by Greg KH

I'm announcing the release of the 4.15.14 kernel. All users of the 4.15 kernel series must upgrade. The updated 4.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.15.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-bus-iio | 2 Makefile | 11 + arch/arm64/mm/mmu.c | 10 + arch/h8300/include/asm/byteorder.h | 1 arch/mips/lantiq/Kconfig | 2 arch/mips/lantiq/xway/sysctrl.c | 6 arch/mips/ralink/mt7621.c | 42 +++-- arch/mips/ralink/reset.c | 7 arch/x86/Makefile | 9 + arch/x86/boot/compressed/misc.c | 4 arch/x86/entry/entry_64.S | 2 arch/x86/entry/vsyscall/vsyscall_64.c | 2 arch/x86/events/intel/core.c | 2 arch/x86/events/intel/uncore_snbep.c | 33 ++-- arch/x86/include/asm/vmx.h | 1 arch/x86/kernel/idt.c | 2 arch/x86/kernel/traps.c | 15 +- arch/x86/kvm/vmx.c | 9 + arch/x86/mm/pgtable.c | 48 ++++++ arch/x86/net/bpf_jit_comp.c | 3 arch/x86/platform/efi/efi_64.c | 2 drivers/acpi/acpi_watchdog.c | 4 drivers/acpi/numa.c | 10 - drivers/ata/ahci.c | 4 drivers/ata/libata-core.c | 26 +++ drivers/ata/libata-scsi.c | 10 + drivers/bluetooth/btusb.c | 8 - drivers/clk/bcm/clk-bcm2835.c | 12 + drivers/clk/sunxi-ng/ccu-sun6i-a31.c | 6 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c | 2 drivers/gpu/drm/drm_framebuffer.c | 7 drivers/gpu/drm/radeon/radeon_connectors.c | 31 +--- drivers/gpu/drm/udl/udl_fb.c | 9 - drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 13 + drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 1 drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 39 ++++- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 13 + drivers/gpu/drm/vmwgfx/vmwgfx_scrn.c | 5 drivers/gpu/drm/vmwgfx/vmwgfx_stdu.c | 5 drivers/hv/ring_buffer.c | 52 ++++--- drivers/hwmon/k10temp.c | 6 drivers/iio/accel/st_accel_core.c | 2 drivers/iio/adc/meson_saradc.c | 4 drivers/iio/chemical/ccs811.c | 3 drivers/iio/imu/st_lsm6dsx/st_lsm6dsx.h | 2 drivers/iio/imu/st_lsm6dsx/st_lsm6dsx_buffer.c | 21 +- drivers/iio/imu/st_lsm6dsx/st_lsm6dsx_core.c | 8 - drivers/iio/pressure/st_pressure_core.c | 2 drivers/infiniband/hw/mlx5/mr.c | 12 + drivers/media/platform/tegra-cec/tegra_cec.c | 17 -- drivers/mmc/core/block.c | 19 ++ drivers/mmc/core/card.h | 1 drivers/mmc/core/quirks.h | 6 drivers/mmc/host/dw_mmc-exynos.c | 8 - drivers/mmc/host/dw_mmc.c | 15 +- drivers/mtd/mtdchar.c | 4 drivers/mtd/nand/fsl_ifc_nand.c | 32 +--- drivers/net/can/cc770/cc770.c | 100 ++++++++------ drivers/net/can/cc770/cc770.h | 2 drivers/net/can/ifi_canfd/ifi_canfd.c | 75 ++++++---- drivers/net/can/peak_canfd/peak_canfd.c | 25 +-- drivers/net/can/peak_canfd/peak_pciefd_main.c | 8 - drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c | 24 +-- drivers/net/wireless/realtek/rtlwifi/rtl8723be/hw.c | 3 drivers/nvdimm/blk.c | 3 drivers/nvdimm/btt.c | 3 drivers/pci/quirks.c | 2 drivers/pinctrl/samsung/pinctrl-exynos-arm.c | 56 ++++++- drivers/pinctrl/samsung/pinctrl-exynos-arm64.c | 14 + drivers/pinctrl/samsung/pinctrl-s3c24xx.c | 28 +++ drivers/pinctrl/samsung/pinctrl-s3c64xx.c | 7 drivers/pinctrl/samsung/pinctrl-samsung.c | 61 +++++--- drivers/pinctrl/samsung/pinctrl-samsung.h | 40 +++-- drivers/staging/android/ion/ion_cma_heap.c | 17 ++ drivers/tty/vt/vt.c | 8 - drivers/watchdog/wdat_wdt.c | 2 fs/hugetlbfs/inode.c | 17 +- fs/ncpfs/ncplib_kernel.c | 4 fs/nfsd/nfs4state.c | 62 ++++++-- include/asm-generic/pgtable.h | 10 + include/linux/fsl_ifc.h | 6 include/linux/memblock.h | 1 include/trace/events/mmc.h | 4 include/uapi/linux/usb/audio.h | 4 kernel/bpf/syscall.c | 2 kernel/cgroup/cgroup.c | 10 + kernel/events/core.c | 4 kernel/module.c | 2 kernel/sched/core.c | 15 +- kernel/time/posix-timers.c | 11 + kernel/trace/bpf_trace.c | 68 +++++---- kernel/trace/trace_kprobe.c | 4 kernel/trace/trace_probe.c | 8 - kernel/trace/trace_probe.h | 2 lib/ioremap.c | 6 mm/huge_memory.c | 4 mm/hugetlb.c | 7 mm/khugepaged.c | 7 mm/memblock.c | 28 --- mm/page_alloc.c | 13 - mm/shmem.c | 31 ++-- mm/vmscan.c | 31 ++-- sound/drivers/aloop.c | 17 ++ sound/pci/hda/hda_intel.c | 5 sound/pci/hda/patch_realtek.c | 20 ++ tools/perf/builtin-stat.c | 2 tools/testing/selftests/x86/ptrace_syscall.c | 8 - 108 files changed, 1013 insertions(+), 512 deletions(-) Adrian Hunter (1): mmc: core: Fix tracepoint print of blk_addr and blksz Andrey Ryabinin (1): mm/vmscan: wake up flushers for legacy cgroups too Andri Yngvason (3): can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack can: cc770: Fix queue stall & dropped RTR reply can: cc770: Fix use after free in cc770_tx_interrupt() Andy Lutomirski (2): x86/entry/64: Don't use IST entry for #BP stack selftests/x86/ptrace_syscall: Fix for yet more glibc interference Arend Van Spriel (1): brcmfmac: fix P2P_DEVICE ethernet address generation Arnd Bergmann (1): h8300: remove extraneous __BIG_ENDIAN definition Bastian Stender (1): mmc: block: fix updating ext_csd caches on ioctl call Boris Brezillon (2): clk: bcm2835: Fix ana->maskX definitions clk: bcm2835: Protect sections updating shared registers Boris Ostrovsky (1): x86/vsyscall/64: Use proper accessor to update P4D entry Chen-Yu Tsai (1): clk: sunxi-ng: a31: Fix CLK_OUT_* clock ops Chenbo Feng (1): bpf: skip unnecessary capability check Dan Carpenter (3): iio: adc: meson-saradc: unlock on error in meson_sar_adc_lock() staging: ncpfs: memory corruption in ncp_read_kernel() perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period() Dan Williams (1): acpi, numa: fix pxm to online numa node associations Daniel Borkmann (2): kbuild: disable clang's default use of -fmerge-all-constants bpf, x64: increase number of passes Daniel Stone (1): drm: Reject getfb for multi-plane framebuffers Daniel Vacek (1): Revert "mm: page_alloc: skip over regions of invalid pfns where possible" Dirk Behme (1): mmc: core: Disable HPI for certain Micron (Numonyx) eMMC cards Eric Biggers (3): libata: fix length validation of ATAPI-relayed SCSI commands libata: remove WARN() for DMA or PIO command without data libata: don't try to pass through NCQ commands to non-NCQ devices Evgeniy Didin (2): mmc: dw_mmc: Fix the DTO/CTO timeout overflow calculation for 32-bit systems mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs Greg Kroah-Hartman (2): drm: udl: Properly check framebuffer mmap offsets Linux 4.15.14 Guenter Roeck (2): hwmon: (k10temp) Only apply temperature offset if result is positive hwmon: (k10temp) Add temperature offset for Ryzen 1900X H.J. Lu (2): x86/build/64: Force the linker to use 2MB page size x86/boot/64: Verify alignment of the LOAD segment Hans Verkuil (1): media: tegra-cec: reset rx_buf_cnt when start bit detected Hans de Goede (7): PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L ahci: Add PCI-id for the Highpoint Rocketraid 644L card Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version Harry Wentland (2): drm/amd/display: We shouldn't set format_default on plane as atomic driver drm/amd/display: Add one to EDID's audio channel count when passing to DC Ilya Pronin (1): perf stat: Fix CVS output format for non-supported counters Jaehoon Chung (1): mmc: dw_mmc: exynos: fix the suspend/resume issue for exynos5433 Jagdish Gediya (3): mtd: nand: fsl_ifc: Fix nand waitfunc return value mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver >= 2.0.0 mtd: nand: fsl_ifc: Read ECCSTAT0 and ECCSTAT1 registers for IFC 2.0 Jeff Layton (1): nfsd: remove blocked locks on client teardown Ju Hyung Park (1): libata: Enable queued TRIM for Samsung SSD 860 Kai-Heng Feng (2): Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table libata: disable LPM for Crucial BX100 SSD 500GB drive Kailang Yang (2): ALSA: hda/realtek - Fix speaker no sound after system resume ALSA: hda/realtek - Fix Dell headset Mic can't record Kan Liang (2): perf/x86/intel/uncore: Fix Skylake UPI event format perf/x86/intel/uncore: Fix multi-domain PCI CHA enumeration bug on Skylake servers Kirill A. Shutemov (3): mm/khugepaged.c: convert VM_BUG_ON() to collapse fail mm/thp: do not wait for lock_page() in deferred_split_scan() mm/shmem: do not wait for lock_page() in shmem_unused_huge_shrink() Kirill Marinushkin (1): ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit Krzysztof Kozlowski (1): pinctrl: samsung: Validate alias coming from DT Larry Finger (1): rtlwifi: rtl8723be: Fix loss of signal Leon Romanovsky (1): RDMA/mlx5: Fix crash while accessing garbage pointer and freed memory Leon Yu (1): module: propagate error in modules_open() Liam Mark (1): staging: android: ion: Zero CMA allocated memory Linus Torvalds (2): tty: vt: fix up tabstops properly kvm/x86: fix icebp instruction handling Linus Walleij (1): iio: ABI: Fix name of timestamp sysfs file Lorenzo Bianconi (2): iio: imu: st_lsm6dsx: fix endianness in st_lsm6dsx_read_oneshot() iio: imu: st_lsm6dsx: introduce conf_lock mutex Marek Vasut (2): can: ifi: Repair the error handling can: ifi: Check core revision upon probe Masami Hiramatsu (1): tracing: probeevent: Fix to support minus offset from symbol Mathias Kresin (3): MIPS: lantiq: Fix Danube USB clock MIPS: lantiq: Enable AHB Bus for USB MIPS: lantiq: ase: Enable MFD_SYSCON Michael Kelley (1): Drivers: hv: vmbus: Fix ring buffer signaling Michael Nosthoff (1): iio: st_pressure: st_accel: pass correct platform data to init Michel Dänzer (1): drm/radeon: Don't turn off DP sink when disconnected Mike Kravetz (1): hugetlbfs: check for pgoff value overflow NeilBrown (2): MIPS: ralink: Remove ralink_halt() MIPS: ralink: Fix booting on MT7621 OuYang ZhiZhong (1): mtdchar: fix usage of mtd_ooblayout_ecc() Richard Lai (1): iio: chemical: ccs811: Corrected firmware boot/application mode transition Song Liu (1): perf/core: Fix ctx_event_type in ctx_resched() Stephane Grosjean (2): can: peak/pcie_fd: fix echo_skb is occupied! bug can: peak/pcie_fd: remove useless code when interface starts Takashi Iwai (6): ALSA: aloop: Sync stale timer before release ALSA: aloop: Fix access to not-yet-ready substream via cable ALSA: hda - Force polling mode on CFL for fixing codec communication ALSA: hda/realtek - Always immediately update mute LED with pin VREF Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174 ACPI / watchdog: Fix off-by-one error at resource assignment Tejun Heo (2): sched, cgroup: Don't reject lower cpu.max on ancestors cgroup: fix rule checking for threaded mode switching Tetsuo Handa (1): lockdep: fix fs_reclaim warning Thomas Gleixner (1): posix-timers: Protect posix clock array access against speculation Thomas Hellstrom (2): drm/vmwgfx: Fix black screen and device errors when running without fbdev drm/vmwgfx: Fix a destoy-while-held mutex problem. Toshi Kani (2): mm/vmalloc: add interfaces to free unmapped page table x86/mm: implement free pmd/pte page interfaces Vishal Verma (1): libnvdimm, {btt, blk}: do integrity setup before add_disk() Waiman Long (1): x86/efi: Free efi_pgd with free_pages() Yonghong Song (1): trace/bpf: remove helper bpf_perf_prog_read_value from tracepoint type programs

7 years, 5 months

1
1
0 0

[PATCH 1/1] Drivers: hv: vmbus: Fix ring buffer signaling

by kys＠exchange.microsoft.com

From: Michael Kelley <mhkelley(a)outlook.com> Fix bugs in signaling the Hyper-V host when freeing space in the host->guest ring buffer: 1. The interrupt_mask must not be used to determine whether to signal on the host->guest ring buffer 2. The ring buffer write_index must be read (via hv_get_bytes_to_write) *after* pending_send_sz is read in order to avoid a race condition 3. Comparisons with pending_send_sz must treat the "equals" case as not-enough-space 4. Don't signal if the pending_send_sz feature is not present. Older versions of Hyper-V that don't implement this feature will poll. Fixes: 03bad714a161 ("vmbus: more host signalling avoidance") Cc: Stable <stable(a)vger.kernel.org> # 4.14 and above Signed-off-by: Michael Kelley <mhkelley(a)outlook.com> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> --- drivers/hv/ring_buffer.c | 52 ++++++++++++++++++++++++++++++++---------------- 1 file changed, 35 insertions(+), 17 deletions(-) diff --git a/drivers/hv/ring_buffer.c b/drivers/hv/ring_buffer.c index 1aa17795727b..3cd7f29906ae 100644 --- a/drivers/hv/ring_buffer.c +++ b/drivers/hv/ring_buffer.c @@ -376,13 +376,24 @@ __hv_pkt_iter_next(struct vmbus_channel *channel, } EXPORT_SYMBOL_GPL(__hv_pkt_iter_next); +/* How many bytes were read in this iterator cycle */ +static u32 hv_pkt_iter_bytes_read(const struct hv_ring_buffer_info *rbi, + u32 start_read_index) +{ + if (rbi->priv_read_index >= start_read_index) + return rbi->priv_read_index - start_read_index; + else + return rbi->ring_datasize - start_read_index + + rbi->priv_read_index; +} + /* * Update host ring buffer after iterating over packets. */ void hv_pkt_iter_close(struct vmbus_channel *channel) { struct hv_ring_buffer_info *rbi = &channel->inbound; - u32 orig_write_sz = hv_get_bytes_to_write(rbi); + u32 curr_write_sz, pending_sz, bytes_read, start_read_index; /* * Make sure all reads are done before we update the read index since @@ -390,8 +401,12 @@ void hv_pkt_iter_close(struct vmbus_channel *channel) * is updated. */ virt_rmb(); + start_read_index = rbi->ring_buffer->read_index; rbi->ring_buffer->read_index = rbi->priv_read_index; + if (!rbi->ring_buffer->feature_bits.feat_pending_send_sz) + return; + /* * Issue a full memory barrier before making the signaling decision. * Here is the reason for having this barrier: @@ -405,26 +420,29 @@ void hv_pkt_iter_close(struct vmbus_channel *channel) */ virt_mb(); - /* If host has disabled notifications then skip */ - if (rbi->ring_buffer->interrupt_mask) + pending_sz = READ_ONCE(rbi->ring_buffer->pending_send_sz); + if (!pending_sz) return; - if (rbi->ring_buffer->feature_bits.feat_pending_send_sz) { - u32 pending_sz = READ_ONCE(rbi->ring_buffer->pending_send_sz); + /* + * Ensure the read of write_index in hv_get_bytes_to_write() + * happens after the read of pending_send_sz. + */ + virt_rmb(); + curr_write_sz = hv_get_bytes_to_write(rbi); + bytes_read = hv_pkt_iter_bytes_read(rbi, start_read_index); - /* - * If there was space before we began iteration, - * then host was not blocked. Also handles case where - * pending_sz is zero then host has nothing pending - * and does not need to be signaled. - */ - if (orig_write_sz > pending_sz) - return; + /* + * If there was space before we began iteration, + * then host was not blocked. + */ - /* If pending write will not fit, don't give false hope. */ - if (hv_get_bytes_to_write(rbi) < pending_sz) - return; - } + if (curr_write_sz - bytes_read > pending_sz) + return; + + /* If pending write will not fit, don't give false hope. */ + if (curr_write_sz <= pending_sz) + return; vmbus_setevent(channel); } -- 2.15.1

7 years, 5 months

4
4
0 0

Patch "team: Fix double free in error path" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled team: Fix double free in error path to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: team-fix-double-free-in-error-path.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Arkadi Sharshevsky <arkadis(a)mellanox.com> Date: Thu, 8 Mar 2018 12:42:10 +0200 Subject: team: Fix double free in error path From: Arkadi Sharshevsky <arkadis(a)mellanox.com> [ Upstream commit cbcc607e18422555db569b593608aec26111cb0b ] The __send_and_alloc_skb() receives a skb ptr as a parameter but in case it fails the skb is not valid: - Send failed and released the skb internally. - Allocation failed. The current code tries to release the skb in case of failure which causes redundant freeing. Fixes: 9b00cf2d1024 ("team: implement multipart netlink messages for options transfers") Signed-off-by: Arkadi Sharshevsky <arkadis(a)mellanox.com> Acked-by: Jiri Pirko <jiri(a)mellanox.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/net/team/team.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/drivers/net/team/team.c +++ b/drivers/net/team/team.c @@ -2380,7 +2380,7 @@ send_done: if (!nlh) { err = __send_and_alloc_skb(&skb, team, portid, send_func); if (err) - goto errout; + return err; goto send_done; } @@ -2660,7 +2660,7 @@ send_done: if (!nlh) { err = __send_and_alloc_skb(&skb, team, portid, send_func); if (err) - goto errout; + return err; goto send_done; } Patches currently in stable-queue which might be from arkadis(a)mellanox.com are queue-4.4/team-fix-double-free-in-error-path.patch

7 years, 5 months

1
0
0 0

Patch "s390/qeth: when thread completes, wake up all waiters" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled s390/qeth: when thread completes, wake up all waiters to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: s390-qeth-when-thread-completes-wake-up-all-waiters.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Date: Tue, 20 Mar 2018 07:59:13 +0100 Subject: s390/qeth: when thread completes, wake up all waiters From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> [ Upstream commit 1063e432bb45be209427ed3f1ca3908e4aa3c7d7 ] qeth_wait_for_threads() is potentially called by multiple users, make sure to notify all of them after qeth_clear_thread_running_bit() adjusted the thread_running_mask. With no timeout, callers would otherwise stall. Signed-off-by: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/s390/net/qeth_core_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/s390/net/qeth_core_main.c +++ b/drivers/s390/net/qeth_core_main.c @@ -952,7 +952,7 @@ void qeth_clear_thread_running_bit(struc spin_lock_irqsave(&card->thread_mask_lock, flags); card->thread_running_mask &= ~thread; spin_unlock_irqrestore(&card->thread_mask_lock, flags); - wake_up(&card->wait_q); + wake_up_all(&card->wait_q); } EXPORT_SYMBOL_GPL(qeth_clear_thread_running_bit); Patches currently in stable-queue which might be from jwi(a)linux.vnet.ibm.com are queue-4.4/s390-qeth-when-thread-completes-wake-up-all-waiters.patch queue-4.4/s390-qeth-lock-read-device-while-queueing-next-buffer.patch queue-4.4/net-iucv-free-memory-obtained-by-kzalloc.patch queue-4.4/s390-qeth-on-channel-error-reject-further-cmd-requests.patch queue-4.4/s390-qeth-free-netdevice-when-removing-a-card.patch

7 years, 5 months

1
0
0 0

Patch "skbuff: Fix not waking applications when errors are enqueued" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled skbuff: Fix not waking applications when errors are enqueued to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: skbuff-fix-not-waking-applications-when-errors-are-enqueued.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Vinicius Costa Gomes <vinicius.gomes(a)intel.com> Date: Wed, 14 Mar 2018 13:32:09 -0700 Subject: skbuff: Fix not waking applications when errors are enqueued From: Vinicius Costa Gomes <vinicius.gomes(a)intel.com> [ Upstream commit 6e5d58fdc9bedd0255a8781b258f10bbdc63e975 ] When errors are enqueued to the error queue via sock_queue_err_skb() function, it is possible that the waiting application is not notified. Calling 'sk->sk_data_ready()' would not notify applications that selected only POLLERR events in poll() (for example). Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Reported-by: Randy E. Witt <randy.e.witt(a)intel.com> Reviewed-by: Eric Dumazet <edumazet(a)google.com> Signed-off-by: Vinicius Costa Gomes <vinicius.gomes(a)intel.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/core/skbuff.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -3571,7 +3571,7 @@ int sock_queue_err_skb(struct sock *sk, skb_queue_tail(&sk->sk_error_queue, skb); if (!sock_flag(sk, SOCK_DEAD)) - sk->sk_data_ready(sk); + sk->sk_error_report(sk); return 0; } EXPORT_SYMBOL(sock_queue_err_skb); Patches currently in stable-queue which might be from vinicius.gomes(a)intel.com are queue-4.4/skbuff-fix-not-waking-applications-when-errors-are-enqueued.patch

7 years, 5 months

1
0
0 0

Patch "s390/qeth: on channel error, reject further cmd requests" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled s390/qeth: on channel error, reject further cmd requests to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: s390-qeth-on-channel-error-reject-further-cmd-requests.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Date: Tue, 20 Mar 2018 07:59:15 +0100 Subject: s390/qeth: on channel error, reject further cmd requests From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> [ Upstream commit a6c3d93963e4b333c764fde69802c3ea9eaa9d5c ] When the IRQ handler determines that one of the cmd IO channels has failed and schedules recovery, block any further cmd requests from being submitted. The request would inevitably stall, and prevent the recovery from making progress until the request times out. This sort of error was observed after Live Guest Relocation, where the pending IO on the READ channel intentionally gets terminated to kick-start recovery. Simultaneously the guest executed SIOCETHTOOL, triggering qeth to issue a QUERY CARD INFO command. The command then stalled in the inoperabel WRITE channel. Signed-off-by: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/s390/net/qeth_core_main.c | 1 + 1 file changed, 1 insertion(+) --- a/drivers/s390/net/qeth_core_main.c +++ b/drivers/s390/net/qeth_core_main.c @@ -1166,6 +1166,7 @@ static void qeth_irq(struct ccw_device * } rc = qeth_get_problem(cdev, irb); if (rc) { + card->read_or_write_problem = 1; qeth_clear_ipacmd_list(card); qeth_schedule_recovery(card); goto out; Patches currently in stable-queue which might be from jwi(a)linux.vnet.ibm.com are queue-4.4/s390-qeth-when-thread-completes-wake-up-all-waiters.patch queue-4.4/s390-qeth-lock-read-device-while-queueing-next-buffer.patch queue-4.4/net-iucv-free-memory-obtained-by-kzalloc.patch queue-4.4/s390-qeth-on-channel-error-reject-further-cmd-requests.patch queue-4.4/s390-qeth-free-netdevice-when-removing-a-card.patch

7 years, 5 months

1
0
0 0

Patch "s390/qeth: lock read device while queueing next buffer" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled s390/qeth: lock read device while queueing next buffer to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: s390-qeth-lock-read-device-while-queueing-next-buffer.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Date: Tue, 20 Mar 2018 07:59:14 +0100 Subject: s390/qeth: lock read device while queueing next buffer From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> [ Upstream commit 17bf8c9b3d499d5168537c98b61eb7a1fcbca6c2 ] For calling ccw_device_start(), issue_next_read() needs to hold the device's ccwlock. This is satisfied for the IRQ handler path (where qeth_irq() gets called under the ccwlock), but we need explicit locking for the initial call by the MPC initialization. Signed-off-by: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/s390/net/qeth_core_main.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) --- a/drivers/s390/net/qeth_core_main.c +++ b/drivers/s390/net/qeth_core_main.c @@ -517,8 +517,7 @@ static inline int qeth_is_cq(struct qeth queue == card->qdio.no_in_queues - 1; } - -static int qeth_issue_next_read(struct qeth_card *card) +static int __qeth_issue_next_read(struct qeth_card *card) { int rc; struct qeth_cmd_buffer *iob; @@ -549,6 +548,17 @@ static int qeth_issue_next_read(struct q return rc; } +static int qeth_issue_next_read(struct qeth_card *card) +{ + int ret; + + spin_lock_irq(get_ccwdev_lock(CARD_RDEV(card))); + ret = __qeth_issue_next_read(card); + spin_unlock_irq(get_ccwdev_lock(CARD_RDEV(card))); + + return ret; +} + static struct qeth_reply *qeth_alloc_reply(struct qeth_card *card) { struct qeth_reply *reply; @@ -1174,7 +1184,7 @@ static void qeth_irq(struct ccw_device * return; if (channel == &card->read && channel->state == CH_STATE_UP) - qeth_issue_next_read(card); + __qeth_issue_next_read(card); iob = channel->iob; index = channel->buf_no; Patches currently in stable-queue which might be from jwi(a)linux.vnet.ibm.com are queue-4.4/s390-qeth-when-thread-completes-wake-up-all-waiters.patch queue-4.4/s390-qeth-lock-read-device-while-queueing-next-buffer.patch queue-4.4/net-iucv-free-memory-obtained-by-kzalloc.patch queue-4.4/s390-qeth-on-channel-error-reject-further-cmd-requests.patch queue-4.4/s390-qeth-free-netdevice-when-removing-a-card.patch

7 years, 5 months

1
0
0 0

Patch "s390/qeth: free netdevice when removing a card" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled s390/qeth: free netdevice when removing a card to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: s390-qeth-free-netdevice-when-removing-a-card.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Date: Tue, 20 Mar 2018 07:59:12 +0100 Subject: s390/qeth: free netdevice when removing a card From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> [ Upstream commit 6be687395b3124f002a653c1a50b3260222b3cd7 ] On removal, a qeth card's netdevice is currently not properly freed because the call chain looks as follows: qeth_core_remove_device(card) lx_remove_device(card) unregister_netdev(card->dev) card->dev = NULL !!! qeth_core_free_card(card) if (card->dev) !!! free_netdev(card->dev) Fix it by free'ing the netdev straight after unregistering. This also fixes the sysfs-driven layer switch case (qeth_dev_layer2_store()), where the need to free the current netdevice was not considered at all. Note that free_netdev() takes care of the netif_napi_del() for us too. Fixes: 4a71df50047f ("qeth: new qeth device driver") Signed-off-by: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Reviewed-by: Ursula Braun <ubraun(a)linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/s390/net/qeth_core_main.c | 2 -- drivers/s390/net/qeth_l2_main.c | 2 +- drivers/s390/net/qeth_l3_main.c | 2 +- 3 files changed, 2 insertions(+), 4 deletions(-) --- a/drivers/s390/net/qeth_core_main.c +++ b/drivers/s390/net/qeth_core_main.c @@ -4969,8 +4969,6 @@ static void qeth_core_free_card(struct q QETH_DBF_HEX(SETUP, 2, &card, sizeof(void *)); qeth_clean_channel(&card->read); qeth_clean_channel(&card->write); - if (card->dev) - free_netdev(card->dev); kfree(card->ip_tbd_list); qeth_free_qdio_buffers(card); unregister_service_level(&card->qeth_service_level); --- a/drivers/s390/net/qeth_l2_main.c +++ b/drivers/s390/net/qeth_l2_main.c @@ -1062,8 +1062,8 @@ static void qeth_l2_remove_device(struct qeth_l2_set_offline(cgdev); if (card->dev) { - netif_napi_del(&card->napi); unregister_netdev(card->dev); + free_netdev(card->dev); card->dev = NULL; } return; --- a/drivers/s390/net/qeth_l3_main.c +++ b/drivers/s390/net/qeth_l3_main.c @@ -3243,8 +3243,8 @@ static void qeth_l3_remove_device(struct qeth_l3_set_offline(cgdev); if (card->dev) { - netif_napi_del(&card->napi); unregister_netdev(card->dev); + free_netdev(card->dev); card->dev = NULL; } Patches currently in stable-queue which might be from jwi(a)linux.vnet.ibm.com are queue-4.4/s390-qeth-when-thread-completes-wake-up-all-waiters.patch queue-4.4/s390-qeth-lock-read-device-while-queueing-next-buffer.patch queue-4.4/net-iucv-free-memory-obtained-by-kzalloc.patch queue-4.4/s390-qeth-on-channel-error-reject-further-cmd-requests.patch queue-4.4/s390-qeth-free-netdevice-when-removing-a-card.patch

7 years, 5 months

1
0
0 0

Patch "netlink: avoid a double skb free in genlmsg_mcast()" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled netlink: avoid a double skb free in genlmsg_mcast() to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: netlink-avoid-a-double-skb-free-in-genlmsg_mcast.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Nicolas Dichtel <nicolas.dichtel(a)6wind.com> Date: Wed, 14 Mar 2018 21:10:23 +0100 Subject: netlink: avoid a double skb free in genlmsg_mcast() From: Nicolas Dichtel <nicolas.dichtel(a)6wind.com> [ Upstream commit 02a2385f37a7c6594c9d89b64c4a1451276f08eb ] nlmsg_multicast() consumes always the skb, thus the original skb must be freed only when this function is called with a clone. Fixes: cb9f7a9a5c96 ("netlink: ensure to loop over all netns in genlmsg_multicast_allns()") Reported-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk> Signed-off-by: Nicolas Dichtel <nicolas.dichtel(a)6wind.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/netlink/genetlink.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/net/netlink/genetlink.c +++ b/net/netlink/genetlink.c @@ -1143,7 +1143,7 @@ static int genlmsg_mcast(struct sk_buff if (!err) delivered = true; else if (err != -ESRCH) - goto error; + return err; return delivered ? 0 : -ESRCH; error: kfree_skb(skb); Patches currently in stable-queue which might be from nicolas.dichtel(a)6wind.com are queue-4.4/netlink-avoid-a-double-skb-free-in-genlmsg_mcast.patch

7 years, 5 months

1
0
0 0

Patch "net: systemport: Rewrite __bcm_sysport_tx_reclaim()" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled net: systemport: Rewrite __bcm_sysport_tx_reclaim() to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: net-systemport-rewrite-__bcm_sysport_tx_reclaim.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Mar 28 20:16:33 CEST 2018 From: Florian Fainelli <f.fainelli(a)gmail.com> Date: Tue, 13 Mar 2018 14:45:07 -0700 Subject: net: systemport: Rewrite __bcm_sysport_tx_reclaim() From: Florian Fainelli <f.fainelli(a)gmail.com> [ Upstream commit 484d802d0f2f29c335563fcac2a8facf174a1bbc ] There is no need for complex checking between the last consumed index and current consumed index, a simple subtraction will do. This also eliminates the possibility of a permanent transmit queue stall under the following conditions: - one CPU bursts ring->size worth of traffic (up to 256 buffers), to the point where we run out of free descriptors, so we stop the transmit queue at the end of bcm_sysport_xmit() - because of our locking, we have the transmit process disable interrupts which means we can be blocking the TX reclamation process - when TX reclamation finally runs, we will be computing the difference between ring->c_index (last consumed index by SW) and what the HW reports through its register - this register is masked with (ring->size - 1) = 0xff, which will lead to stripping the upper bits of the index (register is 16-bits wide) - we will be computing last_tx_cn as 0, which means there is no work to be done, and we never wake-up the transmit queue, leaving it permanently disabled A practical example is e.g: ring->c_index aka last_c_index = 12, we pushed 256 entries, HW consumer index = 268, we mask it with 0xff = 12, so last_tx_cn == 0, nothing happens. Fixes: 80105befdb4b ("net: systemport: add Broadcom SYSTEMPORT Ethernet MAC driver") Signed-off-by: Florian Fainelli <f.fainelli(a)gmail.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/net/ethernet/broadcom/bcmsysport.c | 33 +++++++++++++---------------- drivers/net/ethernet/broadcom/bcmsysport.h | 2 - 2 files changed, 16 insertions(+), 19 deletions(-) --- a/drivers/net/ethernet/broadcom/bcmsysport.c +++ b/drivers/net/ethernet/broadcom/bcmsysport.c @@ -729,37 +729,33 @@ static unsigned int __bcm_sysport_tx_rec struct bcm_sysport_tx_ring *ring) { struct net_device *ndev = priv->netdev; - unsigned int c_index, last_c_index, last_tx_cn, num_tx_cbs; unsigned int pkts_compl = 0, bytes_compl = 0; + unsigned int txbds_processed = 0; struct bcm_sysport_cb *cb; + unsigned int txbds_ready; + unsigned int c_index; u32 hw_ind; /* Compute how many descriptors have been processed since last call */ hw_ind = tdma_readl(priv, TDMA_DESC_RING_PROD_CONS_INDEX(ring->index)); c_index = (hw_ind >> RING_CONS_INDEX_SHIFT) & RING_CONS_INDEX_MASK; - ring->p_index = (hw_ind & RING_PROD_INDEX_MASK); - - last_c_index = ring->c_index; - num_tx_cbs = ring->size; - - c_index &= (num_tx_cbs - 1); - - if (c_index >= last_c_index) - last_tx_cn = c_index - last_c_index; - else - last_tx_cn = num_tx_cbs - last_c_index + c_index; + txbds_ready = (c_index - ring->c_index) & RING_CONS_INDEX_MASK; netif_dbg(priv, tx_done, ndev, - "ring=%d c_index=%d last_tx_cn=%d last_c_index=%d\n", - ring->index, c_index, last_tx_cn, last_c_index); + "ring=%d old_c_index=%u c_index=%u txbds_ready=%u\n", + ring->index, ring->c_index, c_index, txbds_ready); - while (last_tx_cn-- > 0) { - cb = ring->cbs + last_c_index; + while (txbds_processed < txbds_ready) { + cb = &ring->cbs[ring->clean_index]; bcm_sysport_tx_reclaim_one(priv, cb, &bytes_compl, &pkts_compl); ring->desc_count++; - last_c_index++; - last_c_index &= (num_tx_cbs - 1); + txbds_processed++; + + if (likely(ring->clean_index < ring->size - 1)) + ring->clean_index++; + else + ring->clean_index = 0; } ring->c_index = c_index; @@ -1229,6 +1225,7 @@ static int bcm_sysport_init_tx_ring(stru netif_napi_add(priv->netdev, &ring->napi, bcm_sysport_tx_poll, 64); ring->index = index; ring->size = size; + ring->clean_index = 0; ring->alloc_size = ring->size; ring->desc_cpu = p; ring->desc_count = ring->size; --- a/drivers/net/ethernet/broadcom/bcmsysport.h +++ b/drivers/net/ethernet/broadcom/bcmsysport.h @@ -638,7 +638,7 @@ struct bcm_sysport_tx_ring { unsigned int desc_count; /* Number of descriptors */ unsigned int curr_desc; /* Current descriptor */ unsigned int c_index; /* Last consumer index */ - unsigned int p_index; /* Current producer index */ + unsigned int clean_index; /* Current clean index */ struct bcm_sysport_cb *cbs; /* Transmit control blocks */ struct dma_desc *desc_cpu; /* CPU view of the descriptor */ struct bcm_sysport_priv *priv; /* private context backpointer */ Patches currently in stable-queue which might be from f.fainelli(a)gmail.com are queue-4.4/net-systemport-rewrite-__bcm_sysport_tx_reclaim.patch queue-4.4/net-fec-fix-unbalanced-pm-runtime-calls.patch

7 years, 5 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror