- Linux-stable-mirror - lists.linaro.org

Re: patch "usb: chipidea: fix static checker warning for NULL pointer" added to usb-linus

by Greg KH

On Tue, Jan 22, 2019 at 03:55:54PM +0000, Sasha Levin wrote: > Hi, > > [This is an automated email] > > This commit has been processed because it contains a -stable tag. > The stable tag indicates that it's relevant for the following trees: all > > The bot has tested the following trees: v4.20.3, v4.19.16, v4.14.94, v4.9.151, v4.4.171, v3.18.132. > > v4.20.3: Failed to apply! Possible dependencies: > 7c8e8909417e ("usb: chipidea: imx: add HSIC support") > > v4.19.16: Failed to apply! Possible dependencies: > 7c8e8909417e ("usb: chipidea: imx: add HSIC support") > > v4.14.94: Failed to apply! Possible dependencies: > 7c8e8909417e ("usb: chipidea: imx: add HSIC support") > be9cae2479f4 ("usb: chipidea: imx: Fix ULPI on imx53") > > v4.9.151: Failed to apply! Possible dependencies: > 7c8e8909417e ("usb: chipidea: imx: add HSIC support") > be9cae2479f4 ("usb: chipidea: imx: Fix ULPI on imx53") > d13631bb15ce ("usb: chipidea: imx: configure imx for ULPI phy") > > v4.4.171: Failed to apply! Possible dependencies: > 7c8e8909417e ("usb: chipidea: imx: add HSIC support") > be9cae2479f4 ("usb: chipidea: imx: Fix ULPI on imx53") > d13631bb15ce ("usb: chipidea: imx: configure imx for ULPI phy") > d3d8425a21ed ("usb: chipidea: imx: avoid EPROBE_DEFER printed as error") > > v3.18.132: Failed to apply! Possible dependencies: > 19c1eac2685b ("usb: rename phy to usb_phy in OTG") > 560400875d56 ("usb: chipidea: imx: using common platform flag directly") > 69e28882dc7a ("usb: musb: gadget: do not rely on 'driver' argument") > 7c8e8909417e ("usb: chipidea: imx: add HSIC support") > e14db48dfcf3 ("usb: chipidea: imx: add runtime power management support") > e47d92545c29 ("usb: move the OTG state from the USB PHY to the OTG structure") > ef44cb4226d1 ("usb: allow to supply the PHY in the drivers when using HCD") > > > How should we proceed with this patch? Heh, good catch checker! turns out this patch is not for the stable tree, I messed up :) greg k-h

6 years, 10 months

1
0
0 0

Re: [PATCH 2/2] RDMA/srp: Rework SCSI device reset handling

by Bart Van Assche

On Tue, 2019-01-22 at 15:55 +0000, Sasha Levin wrote: > [This is an automated email] > > This commit has been processed because it contains a "Fixes:" tag, > fixing commit: 94a9174c630c IB/srp: reduce lock coverage of command completion. > > The bot has tested the following trees: v4.20.3, v4.19.16, v4.14.94, v4.9.151, v4.4.171, v3.18.132. > > v4.20.3: Build OK! > v4.19.16: Build OK! > v4.14.94: Build OK! > v4.9.151: Build failed! Errors: > drivers/infiniband/ulp/srp/ib_srp.c:2657:2: error: implicit declaration of function ‘blk_freeze_queue_start’; did you mean ‘blk_mq_freeze_queue_start’? [-Werror=implicit-function-declaration] > drivers/infiniband/ulp/srp/ib_srp.c:2658:14: error: implicit declaration of function ‘blk_mq_freeze_queue_wait_timeout’; did you mean ‘blk_mq_freeze_queue_start’? [-Werror=implicit-function- > declaration] > > v4.4.171: Build failed! Errors: > drivers/infiniband/ulp/srp/ib_srp.c:2612:2: error: implicit declaration of function ‘blk_freeze_queue_start’; did you mean ‘blk_mq_freeze_queue_start’? [-Werror=implicit-function-declaration] > drivers/infiniband/ulp/srp/ib_srp.c:2613:14: error: implicit declaration of function ‘blk_mq_freeze_queue_wait_timeout’; did you mean ‘blk_mq_freeze_queue_start’? [-Werror=implicit-function- > declaration] > > v3.18.132: Failed to apply! Possible dependencies: > 205619f2f824 ("IB/srp: Remove stale connection retry mechanism") > 34aa654ecb8e ("IB/srp: Avoid that I/O hangs due to a cable pull during LUN scanning") > 394c595ee8c3 ("IB/srp: Move ib_destroy_cm_id() call into srp_free_ch_ib()") > 509c07bc1850 ("IB/srp: Separate target and channel variables") > 747fe000ef38 ("IB/srp: Introduce two new srp_target_port member variables") > 77f2c1a40e6f ("IB/srp: Use block layer tags") > d92c0da71a35 ("IB/srp: Add multichannel support") > > > How should we proceed with this patch? Hi Sasha, Patch 2/2 does not have a "Cc: stable" tag because it definitely should NOT be backported to older kernels. This patch only works for blk-mq which is fine with kernel v5.0. Older kernels however support both the legacy block layer and blk-mq. Bart.

6 years, 10 months

1
0
0 0

[PATCH] drm/amdgpu: Add APTX quirk for Lenovo laptop

by Alex Deucher

Needs ATPX rather than _PR3 for dGPU power control. Bug: https://bugzilla.kernel.org/show_bug.cgi?id=202263 Signed-off-by: Alex Deucher <alexander.deucher(a)amd.com> Cc: stable(a)vger.kernel.org --- drivers/gpu/drm/amd/amdgpu/amdgpu_atpx_handler.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_atpx_handler.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_atpx_handler.c index a028661d9e20..92b11de19581 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_atpx_handler.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_atpx_handler.c @@ -576,6 +576,7 @@ static const struct amdgpu_px_quirk amdgpu_px_quirk_list[] = { { 0x1002, 0x6900, 0x1028, 0x0812, AMDGPU_PX_QUIRK_FORCE_ATPX }, { 0x1002, 0x6900, 0x1028, 0x0813, AMDGPU_PX_QUIRK_FORCE_ATPX }, { 0x1002, 0x6900, 0x1025, 0x125A, AMDGPU_PX_QUIRK_FORCE_ATPX }, + { 0x1002, 0x6900, 0x17AA, 0x3806, AMDGPU_PX_QUIRK_FORCE_ATPX }, { 0, 0, 0, 0, 0 }, }; -- 2.20.1

6 years, 10 months

3
2
0 0

[PATCH] input: keyboard: gpio-keys-polled: use input name from pdata if available

by Enrico Weigelt, metux IT consult

Instead of hardcoding the input name to the driver name ('gpio-keys-polled'), allow the passing a name via platform data ('name' field was already present), but default to old behaviour in case of NULL. Signed-off-by: Enrico Weigelt, metux IT consult <info(a)metux.net> --- drivers/input/keyboard/gpio_keys_polled.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/input/keyboard/gpio_keys_polled.c b/drivers/input/keyboard/gpio_keys_polled.c index edc7262..3312186 100644 --- a/drivers/input/keyboard/gpio_keys_polled.c +++ b/drivers/input/keyboard/gpio_keys_polled.c @@ -272,7 +272,7 @@ static int gpio_keys_polled_probe(struct platform_device *pdev) input = poll_dev->input; - input->name = pdev->name; + input->name = (pdata->name ? pdata->name : pdev->name); input->phys = DRV_NAME"/input0"; input->id.bustype = BUS_HOST; -- 1.9.1

6 years, 10 months

2
1
0 0

[PATCH] .gitignore: add some missing excludes

by Enrico Weigelt, metux IT consult

For now they're all catched by ".*", but some folks might remove that in order to add their own .config file. Signed-off-by: Enrico Weigelt, metux IT consult <info(a)metux.net> --- .gitignore | 6 ++++++ scripts/kconfig/.gitignore | 1 + 2 files changed, 7 insertions(+) diff --git a/.gitignore b/.gitignore index 97ba6b7..294452e 100644 --- a/.gitignore +++ b/.gitignore @@ -10,11 +10,14 @@ # Normal rules (sorted alphabetically) # .* +*.cmd +*.config.old *.a *.asn1.[ch] *.bin *.bz2 *.c.[012]*.* +.*.d *.dtb *.dtb.S *.dwo @@ -35,12 +38,15 @@ *.order *.patch *.s +.scmversion *.so *.so.dbg *.su *.symtypes +.tmp_* *.tab.[ch] *.tar +*.version *.xz Module.symvers modules.builtin diff --git a/scripts/kconfig/.gitignore b/scripts/kconfig/.gitignore index 0aabc1d..db990ae 100644 --- a/scripts/kconfig/.gitignore +++ b/scripts/kconfig/.gitignore @@ -2,6 +2,7 @@ # Generated files # *.moc +.mconf-cfg # # configuration programs -- 1.9.1

6 years, 10 months

2
1
0 0

[PATCH v3 1/2] media: imx: csi: Disable SMFC before disabling IDMA channel

by Steve Longerbeam

Disable the SMFC before disabling the IDMA channel, instead of after, in csi_idmac_unsetup(). This fixes a complete system hard lockup on the SabreAuto when streaming from the ADV7180, by repeatedly sending a stream off immediately followed by stream on: while true; do v4l2-ctl -d4 --stream-mmap --stream-count=3; done Eventually this either causes the system lockup or EOF timeouts at all subsequent stream on, until a system reset. The lockup occurs when disabling the IDMA channel at stream off. Stopping the video data stream entering the IDMA channel before disabling the channel itself appears to be a reliable fix for the hard lockup. That can be done either by disabling the SMFC or the CSI before disabling the channel. Disabling the SMFC before the channel is the easiest solution, so do that. Fixes: 4a34ec8e470cb ("[media] media: imx: Add CSI subdev driver") Suggested-by: Peter Seiderer <ps.report(a)gmx.net> Reported-by: Gaël PORTAY <gael.portay(a)collabora.com> Signed-off-by: Steve Longerbeam <slongerbeam(a)gmail.com> Cc: stable(a)vger.kernel.org --- Changes in v3: - switch from disabling the CSI before the channel to disabling the SMFC before the channel. Changes in v2: - restore an empty line - Add Fixes: and Cc: stable --- drivers/staging/media/imx/imx-media-csi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/staging/media/imx/imx-media-csi.c b/drivers/staging/media/imx/imx-media-csi.c index e18f58f56dfb..8610027eac97 100644 --- a/drivers/staging/media/imx/imx-media-csi.c +++ b/drivers/staging/media/imx/imx-media-csi.c @@ -560,8 +560,8 @@ static int csi_idmac_setup_channel(struct csi_priv *priv) static void csi_idmac_unsetup(struct csi_priv *priv, enum vb2_buffer_state state) { - ipu_idmac_disable_channel(priv->idmac_ch); ipu_smfc_disable(priv->smfc); + ipu_idmac_disable_channel(priv->idmac_ch); csi_idmac_unsetup_vb2_buf(priv, state); } -- 2.17.1

6 years, 10 months

3
6
0 0

[PATCH 4/4] can: flexcan: fix NULL pointer exception during bringup

by Marc Kleine-Budde

From: Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> Commit cbffaf7aa09e ("can: flexcan: Always use last mailbox for TX") introduced a loop letting i run up to (including) ARRAY_SIZE(regs->mb) and in the body accessed regs->mb[i] which is an out-of-bounds array access that then resulted in an access to an reserved register area. Later this was changed by commit 0517961ccdf1 ("can: flexcan: Add provision for variable payload size") to iterate a bit differently but still runs one iteration too much resulting to call flexcan_get_mb(priv, priv->mb_count) which results in a WARN_ON and then a NULL pointer exception. This only affects devices compatible with "fsl,p1010-flexcan", "fsl,imx53-flexcan", "fsl,imx35-flexcan", "fsl,imx25-flexcan", "fsl,imx28-flexcan", so newer i.MX SoCs are not affected. Fixes: cbffaf7aa09e ("can: flexcan: Always use last mailbox for TX") Signed-off-by: Uwe Kleine-König <u.kleine-koenig(a)pengutronix.de> Cc: linux-stable <stable(a)vger.kernel.org> # >= 4.20 Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> --- drivers/net/can/flexcan.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/can/flexcan.c b/drivers/net/can/flexcan.c index 5f097648d12d..1c66fb2ad76b 100644 --- a/drivers/net/can/flexcan.c +++ b/drivers/net/can/flexcan.c @@ -1106,7 +1106,7 @@ static int flexcan_chip_start(struct net_device *dev) } } else { /* clear and invalidate unused mailboxes first */ - for (i = FLEXCAN_TX_MB_RESERVED_OFF_FIFO; i <= priv->mb_count; i++) { + for (i = FLEXCAN_TX_MB_RESERVED_OFF_FIFO; i < priv->mb_count; i++) { mb = flexcan_get_mb(priv, i); priv->write(FLEXCAN_MB_CODE_RX_INACTIVE, &mb->can_ctrl); -- 2.20.1

6 years, 10 months

2
1
0 0

[PATCH 2/4] can: bcm: check timer values before ktime conversion

by Marc Kleine-Budde

From: Oliver Hartkopp <socketcan(a)hartkopp.net> Kyungtae Kim detected a potential integer overflow in bcm_[rx|tx]_setup() when the conversion into ktime multiplies the given value with NSEC_PER_USEC (1000). Reference: https://marc.info/?l=linux-can&m=154732118819828&w=2 Add a check for the given tv_usec, so that the value stays below one second. Additionally limit the tv_sec value to a reasonable value for CAN related use-cases of 400 days and ensure all values to be positive. Reported-by: Kyungtae Kim <kt0755(a)gmail.com> Tested-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Signed-off-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Cc: linux-stable <stable(a)vger.kernel.org> # >= 2.6.26 Tested-by: Kyungtae Kim <kt0755(a)gmail.com> Acked-by: Andre Naujoks <nautsch2(a)gmail.com> Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> --- net/can/bcm.c | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/net/can/bcm.c b/net/can/bcm.c index 0af8f0db892a..79bb8afa9c0c 100644 --- a/net/can/bcm.c +++ b/net/can/bcm.c @@ -67,6 +67,9 @@ */ #define MAX_NFRAMES 256 +/* limit timers to 400 days for sending/timeouts */ +#define BCM_TIMER_SEC_MAX (400 * 24 * 60 * 60) + /* use of last_frames[index].flags */ #define RX_RECV 0x40 /* received data for this element */ #define RX_THR 0x80 /* element not been sent due to throttle feature */ @@ -140,6 +143,22 @@ static inline ktime_t bcm_timeval_to_ktime(struct bcm_timeval tv) return ktime_set(tv.tv_sec, tv.tv_usec * NSEC_PER_USEC); } +/* check limitations for timeval provided by user */ +static bool bcm_is_invalid_tv(struct bcm_msg_head *msg_head) +{ + if ((msg_head->ival1.tv_sec < 0) || + (msg_head->ival1.tv_sec > BCM_TIMER_SEC_MAX) || + (msg_head->ival1.tv_usec < 0) || + (msg_head->ival1.tv_usec >= USEC_PER_SEC) || + (msg_head->ival2.tv_sec < 0) || + (msg_head->ival2.tv_sec > BCM_TIMER_SEC_MAX) || + (msg_head->ival2.tv_usec < 0) || + (msg_head->ival2.tv_usec >= USEC_PER_SEC)) + return true; + + return false; +} + #define CFSIZ(flags) ((flags & CAN_FD_FRAME) ? CANFD_MTU : CAN_MTU) #define OPSIZ sizeof(struct bcm_op) #define MHSIZ sizeof(struct bcm_msg_head) @@ -873,6 +892,10 @@ static int bcm_tx_setup(struct bcm_msg_head *msg_head, struct msghdr *msg, if (msg_head->nframes < 1 || msg_head->nframes > MAX_NFRAMES) return -EINVAL; + /* check timeval limitations */ + if ((msg_head->flags & SETTIMER) && bcm_is_invalid_tv(msg_head)) + return -EINVAL; + /* check the given can_id */ op = bcm_find_op(&bo->tx_ops, msg_head, ifindex); if (op) { @@ -1053,6 +1076,10 @@ static int bcm_rx_setup(struct bcm_msg_head *msg_head, struct msghdr *msg, (!(msg_head->can_id & CAN_RTR_FLAG)))) return -EINVAL; + /* check timeval limitations */ + if ((msg_head->flags & SETTIMER) && bcm_is_invalid_tv(msg_head)) + return -EINVAL; + /* check the given can_id */ op = bcm_find_op(&bo->rx_ops, msg_head, ifindex); if (op) { -- 2.20.1

6 years, 10 months

1
0
0 0

[PATCH 1/4] can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by removing it

by Marc Kleine-Budde

From: Manfred Schlaegl <manfred.schlaegl(a)ginzinger.com> This patch revert commit 7da11ba5c506 ("can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb") After introduction of this change we encountered following new error message on various i.MX plattforms (flexcan): | flexcan 53fc8000.can can0: __can_get_echo_skb: BUG! Trying to echo non | existing skb: can_priv::echo_skb[0] The introduction of the message was a mistake because priv->echo_skb[idx] = NULL is a perfectly valid in following case: If CAN_RAW_LOOPBACK is disabled (setsockopt) in applications, the pkt_type of the tx skb's given to can_put_echo_skb is set to PACKET_LOOPBACK. In this case can_put_echo_skb will not set priv->echo_skb[idx]. It is therefore kept NULL. As additional argument for revert: The order of check and usage of idx was changed. idx is used to access an array element before checking it's boundaries. Signed-off-by: Manfred Schlaegl <manfred.schlaegl(a)ginzinger.com> Fixes: 7da11ba5c506 ("can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb") Cc: linux-stable <stable(a)vger.kernel.org> Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> --- drivers/net/can/dev.c | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/drivers/net/can/dev.c b/drivers/net/can/dev.c index 3b3f88ffab53..c05e4d50d43d 100644 --- a/drivers/net/can/dev.c +++ b/drivers/net/can/dev.c @@ -480,8 +480,6 @@ EXPORT_SYMBOL_GPL(can_put_echo_skb); struct sk_buff *__can_get_echo_skb(struct net_device *dev, unsigned int idx, u8 *len_ptr) { struct can_priv *priv = netdev_priv(dev); - struct sk_buff *skb = priv->echo_skb[idx]; - struct canfd_frame *cf; if (idx >= priv->echo_skb_max) { netdev_err(dev, "%s: BUG! Trying to access can_priv::echo_skb out of bounds (%u/max %u)\n", @@ -489,20 +487,21 @@ struct sk_buff *__can_get_echo_skb(struct net_device *dev, unsigned int idx, u8 return NULL; } - if (!skb) { - netdev_err(dev, "%s: BUG! Trying to echo non existing skb: can_priv::echo_skb[%u]\n", - __func__, idx); - return NULL; - } + if (priv->echo_skb[idx]) { + /* Using "struct canfd_frame::len" for the frame + * length is supported on both CAN and CANFD frames. + */ + struct sk_buff *skb = priv->echo_skb[idx]; + struct canfd_frame *cf = (struct canfd_frame *)skb->data; + u8 len = cf->len; - /* Using "struct canfd_frame::len" for the frame - * length is supported on both CAN and CANFD frames. - */ - cf = (struct canfd_frame *)skb->data; - *len_ptr = cf->len; - priv->echo_skb[idx] = NULL; + *len_ptr = len; + priv->echo_skb[idx] = NULL; - return skb; + return skb; + } + + return NULL; } /* -- 2.20.1

6 years, 10 months

1
0
0 0

[PATCH V3] cacheinfo: Keep the old value if of_property_read_u32 fails

by Huacai Chen

Commit 448a5a552f336bd7b847b1951 ("drivers: base: cacheinfo: use OF property_read_u32 instead of get_property,read_number") makes cache size and number_of_sets be 0 if DT doesn't provide there values. I think this is unreasonable so make them keep the old values, which is the same as old kernels. Fixes: 448a5a552f33 ("drivers: base: cacheinfo: use OF property_read_u32 instead of get_property,read_number") Cc: stable(a)vger.kernel.org Signed-off-by: Huacai Chen <chenhc(a)lemote.com> Reviewed-by: Sudeep Holla <sudeep.holla(a)arm.com> --- V2: Add Cc and Reviewed-by V3: Add ChangeLog drivers/base/cacheinfo.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/drivers/base/cacheinfo.c b/drivers/base/cacheinfo.c index cf78fa6..a735953 100644 --- a/drivers/base/cacheinfo.c +++ b/drivers/base/cacheinfo.c @@ -79,8 +79,7 @@ static void cache_size(struct cacheinfo *this_leaf, struct device_node *np) ct_idx = get_cacheinfo_idx(this_leaf->type); propname = cache_type_info[ct_idx].size_prop; - if (of_property_read_u32(np, propname, &this_leaf->size)) - this_leaf->size = 0; + of_property_read_u32(np, propname, &this_leaf->size); } /* not cache_line_size() because that's a macro in include/linux/cache.h */ @@ -114,8 +113,7 @@ static void cache_nr_sets(struct cacheinfo *this_leaf, struct device_node *np) ct_idx = get_cacheinfo_idx(this_leaf->type); propname = cache_type_info[ct_idx].nr_sets_prop; - if (of_property_read_u32(np, propname, &this_leaf->number_of_sets)) - this_leaf->number_of_sets = 0; + of_property_read_u32(np, propname, &this_leaf->number_of_sets); } static void cache_associativity(struct cacheinfo *this_leaf) -- 2.7.0

6 years, 10 months

4
3
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror