- Linux-stable-mirror - lists.linaro.org

for stable: sched/fair: Fix vruntime_normalized() for remote non-migration wakeup

by Steve Muckle

Please pick up the following commit which has merged to Linus' tree: commit d0cdb3ce8834332d918fc9c8ff74f8a169ec9abe Author: Steve Muckle <smuckle(a)google.com> Date: Fri Aug 31 15:42:17 2018 -0700 sched/fair: Fix vruntime_normalized() for remote non-migration wakeup This commit is 3 lines in diffs. It fixes an issue where, during certain usecases, a task's vruntime may be greatly inflated, causing it to not execute with the priority that it should. The commit it fixes went into 4.7 so the fix should go into 4.9, 4.14, and 4.18. I have verified the commit applies cleanly to 4.9.128, 4.14.71, and 4.18.9. thanks, Steve

7 years, 1 month

2
1
0 0

FAILED: patch "[PATCH] ext4: close race between direct IO and ext4_break_layouts()" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From b1f382178d150f256c1cf95b9341fda6eb764459 Mon Sep 17 00:00:00 2001 From: Ross Zwisler <zwisler(a)kernel.org> Date: Tue, 11 Sep 2018 13:31:16 -0400 Subject: [PATCH] ext4: close race between direct IO and ext4_break_layouts() If the refcount of a page is lowered between the time that it is returned by dax_busy_page() and when the refcount is again checked in ext4_break_layouts() => ___wait_var_event(), the waiting function ext4_wait_dax_page() will never be called. This means that ext4_break_layouts() will still have 'retry' set to false, so we'll stop looping and never check the refcount of other pages in this inode. Instead, always continue looping as long as dax_layout_busy_page() gives us a page which it found with an elevated refcount. Signed-off-by: Ross Zwisler <ross.zwisler(a)linux.intel.com> Reviewed-by: Jan Kara <jack(a)suse.cz> Signed-off-by: Jan Kara <jack(a)suse.cz> Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)vger.kernel.org diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c index 694f31364206..723058bfe43b 100644 --- a/fs/ext4/inode.c +++ b/fs/ext4/inode.c @@ -4195,9 +4195,8 @@ int ext4_update_disksize_before_punch(struct inode *inode, loff_t offset, return 0; } -static void ext4_wait_dax_page(struct ext4_inode_info *ei, bool *did_unlock) +static void ext4_wait_dax_page(struct ext4_inode_info *ei) { - *did_unlock = true; up_write(&ei->i_mmap_sem); schedule(); down_write(&ei->i_mmap_sem); @@ -4207,14 +4206,12 @@ int ext4_break_layouts(struct inode *inode) { struct ext4_inode_info *ei = EXT4_I(inode); struct page *page; - bool retry; int error; if (WARN_ON_ONCE(!rwsem_is_locked(&ei->i_mmap_sem))) return -EINVAL; do { - retry = false; page = dax_layout_busy_page(inode->i_mapping); if (!page) return 0; @@ -4222,8 +4219,8 @@ int ext4_break_layouts(struct inode *inode) error = ___wait_var_event(&page->_refcount, atomic_read(&page->_refcount) == 1, TASK_INTERRUPTIBLE, 0, 0, - ext4_wait_dax_page(ei, &retry)); - } while (error == 0 && retry); + ext4_wait_dax_page(ei)); + } while (error == 0); return error; }

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] drm/vmwgfx: Fix buffer object eviction" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From e71cf591876536f7dd5a54ef68d631278ca6faa1 Mon Sep 17 00:00:00 2001 From: Thomas Hellstrom <thellstrom(a)vmware.com> Date: Fri, 14 Sep 2018 09:24:19 +0200 Subject: [PATCH] drm/vmwgfx: Fix buffer object eviction MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Commit 19be55701071 ("drm/ttm: add operation ctx to ttm_bo_validate v2") introduced a regression where the vmwgfx driver refused to evict a buffer that was still busy instead of waiting for it to become idle. Fix this. Cc: <stable(a)vger.kernel.org> Signed-off-by: Thomas Hellstrom <thellstrom(a)vmware.com> Reviewed-by: Christian König <christian.koenig(a)amd.com> diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c b/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c index 1f134570b759..f0ab6b2313bb 100644 --- a/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c +++ b/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c @@ -3729,7 +3729,7 @@ int vmw_validate_single_buffer(struct vmw_private *dev_priv, { struct vmw_buffer_object *vbo = container_of(bo, struct vmw_buffer_object, base); - struct ttm_operation_ctx ctx = { interruptible, true }; + struct ttm_operation_ctx ctx = { interruptible, false }; int ret; if (vbo->pin_count > 0)

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] scsi: target: iscsi: Use bin2hex instead of a" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8c39e2699f8acb2e29782a834e56306da24937fe Mon Sep 17 00:00:00 2001 From: Vincent Pelletier <plr.vincent(a)gmail.com> Date: Sun, 9 Sep 2018 04:09:27 +0000 Subject: [PATCH] scsi: target: iscsi: Use bin2hex instead of a re-implementation Signed-off-by: Vincent Pelletier <plr.vincent(a)gmail.com> Reviewed-by: Mike Christie <mchristi(a)redhat.com> Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com> diff --git a/drivers/target/iscsi/iscsi_target_auth.c b/drivers/target/iscsi/iscsi_target_auth.c index 6c3b4c022894..4e680d753941 100644 --- a/drivers/target/iscsi/iscsi_target_auth.c +++ b/drivers/target/iscsi/iscsi_target_auth.c @@ -26,15 +26,6 @@ #include "iscsi_target_nego.h" #include "iscsi_target_auth.h" -static void chap_binaryhex_to_asciihex(char *dst, char *src, int src_len) -{ - int i; - - for (i = 0; i < src_len; i++) { - sprintf(&dst[i*2], "%02x", (int) src[i] & 0xff); - } -} - static int chap_gen_challenge( struct iscsi_conn *conn, int caller, @@ -50,7 +41,7 @@ static int chap_gen_challenge( ret = get_random_bytes_wait(chap->challenge, CHAP_CHALLENGE_LENGTH); if (unlikely(ret)) return ret; - chap_binaryhex_to_asciihex(challenge_asciihex, chap->challenge, + bin2hex(challenge_asciihex, chap->challenge, CHAP_CHALLENGE_LENGTH); /* * Set CHAP_C, and copy the generated challenge into c_str. @@ -289,7 +280,7 @@ static int chap_server_compute_md5( goto out; } - chap_binaryhex_to_asciihex(response, server_digest, MD5_SIGNATURE_SIZE); + bin2hex(response, server_digest, MD5_SIGNATURE_SIZE); pr_debug("[server] MD5 Server Digest: %s\n", response); if (memcmp(server_digest, client_digest, MD5_SIGNATURE_SIZE) != 0) { @@ -411,7 +402,7 @@ static int chap_server_compute_md5( /* * Convert response from binary hex to ascii hext. */ - chap_binaryhex_to_asciihex(response, digest, MD5_SIGNATURE_SIZE); + bin2hex(response, digest, MD5_SIGNATURE_SIZE); *nr_out_len += sprintf(nr_out_ptr + *nr_out_len, "CHAP_R=0x%s", response); *nr_out_len += 1;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] scsi: target: iscsi: Use bin2hex instead of a" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 8c39e2699f8acb2e29782a834e56306da24937fe Mon Sep 17 00:00:00 2001 From: Vincent Pelletier <plr.vincent(a)gmail.com> Date: Sun, 9 Sep 2018 04:09:27 +0000 Subject: [PATCH] scsi: target: iscsi: Use bin2hex instead of a re-implementation Signed-off-by: Vincent Pelletier <plr.vincent(a)gmail.com> Reviewed-by: Mike Christie <mchristi(a)redhat.com> Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com> diff --git a/drivers/target/iscsi/iscsi_target_auth.c b/drivers/target/iscsi/iscsi_target_auth.c index 6c3b4c022894..4e680d753941 100644 --- a/drivers/target/iscsi/iscsi_target_auth.c +++ b/drivers/target/iscsi/iscsi_target_auth.c @@ -26,15 +26,6 @@ #include "iscsi_target_nego.h" #include "iscsi_target_auth.h" -static void chap_binaryhex_to_asciihex(char *dst, char *src, int src_len) -{ - int i; - - for (i = 0; i < src_len; i++) { - sprintf(&dst[i*2], "%02x", (int) src[i] & 0xff); - } -} - static int chap_gen_challenge( struct iscsi_conn *conn, int caller, @@ -50,7 +41,7 @@ static int chap_gen_challenge( ret = get_random_bytes_wait(chap->challenge, CHAP_CHALLENGE_LENGTH); if (unlikely(ret)) return ret; - chap_binaryhex_to_asciihex(challenge_asciihex, chap->challenge, + bin2hex(challenge_asciihex, chap->challenge, CHAP_CHALLENGE_LENGTH); /* * Set CHAP_C, and copy the generated challenge into c_str. @@ -289,7 +280,7 @@ static int chap_server_compute_md5( goto out; } - chap_binaryhex_to_asciihex(response, server_digest, MD5_SIGNATURE_SIZE); + bin2hex(response, server_digest, MD5_SIGNATURE_SIZE); pr_debug("[server] MD5 Server Digest: %s\n", response); if (memcmp(server_digest, client_digest, MD5_SIGNATURE_SIZE) != 0) { @@ -411,7 +402,7 @@ static int chap_server_compute_md5( /* * Convert response from binary hex to ascii hext. */ - chap_binaryhex_to_asciihex(response, digest, MD5_SIGNATURE_SIZE); + bin2hex(response, digest, MD5_SIGNATURE_SIZE); *nr_out_len += sprintf(nr_out_ptr + *nr_out_len, "CHAP_R=0x%s", response); *nr_out_len += 1;

7 years, 1 month

1
0
0 0

[PATCH stable 4.18] bpf/verifier: disallow pointer subtraction

by Daniel Borkmann

From: Alexei Starovoitov <ast(a)kernel.org> commit dd066823db2ac4e22f721ec85190817b58059a54 upstream. Subtraction of pointers was accidentally allowed for unpriv programs by commit 82abbf8d2fc4. Revert that part of commit. Fixes: 82abbf8d2fc4 ("bpf: do not allow root to mangle valid pointers") Reported-by: Jann Horn <jannh(a)google.com> Acked-by: Daniel Borkmann <daniel(a)iogearbox.net> Signed-off-by: Alexei Starovoitov <ast(a)kernel.org> Signed-off-by: Daniel Borkmann <daniel(a)iogearbox.net> --- kernel/bpf/verifier.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 63aaac5..adbe21c 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -3132,7 +3132,7 @@ static int adjust_reg_min_max_vals(struct bpf_verifier_env *env, * an arbitrary scalar. Disallow all math except * pointer subtraction */ - if (opcode == BPF_SUB){ + if (opcode == BPF_SUB && env->allow_ptr_leaks) { mark_reg_unknown(env, regs, insn->dst_reg); return 0; } -- 2.9.5

7 years, 1 month

2
1
0 0

Re: [PATCH] drm/syncobj: Don't leak fences when WAIT_FOR_SUBMIT is set

by Chris Wilson

Quoting Jason Ekstrand (2018-09-26 10:43:59) > On Wed, Sep 26, 2018 at 3:18 AM Chris Wilson <chris(a)chris-wilson.co.uk> wrote: > > Quoting Jason Ekstrand (2018-09-26 08:17:03) > > We attempt to get fences earlier in the hopes that everything will > > already have fences and no callbacks will be needed. If we do succeed > > in getting a fence, getting one a second time will result in a duplicate > > ref with no unref. This is causing memory leaks in Vulkan applications > > that create a lot of fences; playing for a few hours can, apparently, > > bring down the system. > > > > Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=107899 > > Signed-off-by: Jason Ekstrand <jason(a)jlekstrand.net> > > Cc: stable(a)vger.kernel.org > > --- > > drivers/gpu/drm/drm_syncobj.c | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > diff --git a/drivers/gpu/drm/drm_syncobj.c b/drivers/gpu/drm/ > drm_syncobj.c > > index adb3cb27d31e..759278fef35a 100644 > > --- a/drivers/gpu/drm/drm_syncobj.c > > +++ b/drivers/gpu/drm/drm_syncobj.c > > @@ -97,6 +97,8 @@ static int drm_syncobj_fence_get_or_add_callback(struct > drm_syncobj *syncobj, > > { > > int ret; > > > > + WARN_ON(*fence); > > I would have just put if (*fence) return; since the function is tied to > the array_wait implementation. > > > I considered doing that but marginally liked this better. If you have a > preference, I'm happy to change itl. Patch works, the difference is insignificant, land the patch and close the bug. -Chris

7 years, 1 month

1
0
0 0

[PATCH 4.14 000/173] 4.14.72-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.72 release. There are 173 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Sep 26 11:30:10 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.72-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.72-rc1 Benjamin Poirier <bpoirier(a)suse.com> e1000e: Fix check_for_link return value with autoneg off Benjamin Poirier <bpoirier(a)suse.com> e1000e: Fix link check race condition Benjamin Poirier <bpoirier(a)suse.com> Revert "e1000e: Separate signaling for link check/link up" Benjamin Poirier <bpoirier(a)suse.com> e1000e: Avoid missed interrupts following ICR read Benjamin Poirier <bpoirier(a)suse.com> e1000e: Fix queue interrupt re-raising in Other interrupt Benjamin Poirier <bpoirier(a)suse.com> Partial revert "e1000e: Avoid receiver overrun interrupt bursts" Benjamin Poirier <bpoirier(a)suse.com> e1000e: Remove Other from EIAC David Ahern <dsahern(a)gmail.com> net/ipv6: prevent use after free in ip6_route_mpath_notify Chris Wilson <chris(a)chris-wilson.co.uk> drm/i915: Apply the GTT write flush for all !llc machines Jaechul Lee <jcsing.lee(a)samsung.com> ASoC: samsung: Fix invalid argument when devm_gpiod_get is called Christophe Jaillet <christophe.jaillet(a)wanadoo.fr> ASoC: samsung: i2s: Fix error handling path in i2s_set_sysclk() Michal Simek <michal.simek(a)xilinx.com> earlycon: Remove hardcoded port->uartclk initialization in of_setup_earlycon Michal Simek <michal.simek(a)xilinx.com> earlycon: Initialize port->uartclk based on clock-frequency property Dan Carpenter <dan.carpenter(a)oracle.com> mei: bus: type promotion bug in mei_nfc_if_version() Mikko Perttunen <mperttunen(a)nvidia.com> clk: tegra: bpmp: Don't crash when a clock fails to register Douglas Anderson <dianders(a)chromium.org> pinctrl: qcom: spmi-gpio: Fix pmic_gpio_config_get() to be compliant Douglas Anderson <dianders(a)chromium.org> pinctrl: msm: Fix msm_config_group_get() to be compliant Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> gpiolib: Respect error code of ->get_direction() Ming Lei <ming.lei(a)redhat.com> blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() Ming Lei <ming.lei(a)redhat.com> blk-mq: only attempt to merge bio if there is rq in sw queue Bart Van Assche <bart.vanassche(a)wdc.com> IB/nes: Fix a compiler warning Dan Carpenter <dan.carpenter(a)oracle.com> drm/panel: type promotion bug in s6e8aa0_read_mtp_id() John Stultz <john.stultz(a)linaro.org> selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock adjustments are in progress Hannes Reinecke <hare(a)suse.de> scsi: libfc: fixup 'sleeping function called from invalid context' Timo Wischer <twischer(a)de.adit-jv.com> ALSA: pcm: Fix snd_interval_refine first/last with open min/max Zhouyang Jia <jiazhouyang09(a)gmail.com> rtc: bq4802: add error handling for devm_ioremap Wei Lu <wei.lu2(a)amd.com> drm/amdkfd: Fix error codes in kfd_get_process Paul E. McKenney <paulmck(a)linux.vnet.ibm.com> rcu: Fix grace-period hangs due to race with CPU offline Peter Rosin <peda(a)axentia.se> input: rohm_bu21023: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) Peter Rosin <peda(a)axentia.se> mfd: 88pm860x-i2c: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> gpiolib: Mark gpio_suffixes array with __maybe_unused Wei Yongjun <weiyongjun1(a)huawei.com> gpio: pxa: Fix potential NULL dereference Tuomas Tynkkynen <tuomas(a)tuxera.com> staging: bcm2835-audio: Don't leak workqueue if open fails Suzuki K Poulose <suzuki.poulose(a)arm.com> coresight: ETM: Add support for Arm Cortex-A73 and Cortex-A35 Robin Murphy <robin.murphy(a)arm.com> coresight: tpiu: Fix disabling timeouts Suzuki K Poulose <suzuki.poulose(a)arm.com> coresight: Handle errors in finding input/output ports Quentin Perret <quentin.perret(a)arm.com> sched/fair: Fix util_avg of new tasks for asymmetric systems Julia Lawall <Julia.Lawall(a)lip6.fr> parport: sunbpp: fix error return code Thierry Reding <treding(a)nvidia.com> drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping Karol Herbst <karolherbst(a)gmail.com> drm/nouveau/debugfs: Wake up GPU before doing any reclocking Lyude Paul <lyude(a)redhat.com> drm/nouveau: Fix runtime PM leak in drm_open() Stefan Agner <stefan(a)agner.ch> mmc: sdhci: do not try to use 3.3V signaling if not supported Stefan Agner <stefan(a)agner.ch> mmc: tegra: prevent HS200 on Tegra 3 Laurentiu Tudor <laurentiu.tudor(a)nxp.com> mmc: sdhci-of-esdhc: set proper dma mask for ls104x chips Johan Hovold <johan(a)kernel.org> tty: fix termios input-speed encoding Johan Hovold <johan(a)kernel.org> tty: fix termios input-speed encoding when using BOTHER Enrico Scholz <enrico.scholz(a)sigma-chemnitz.de> gpu: ipu-v3: csi: pass back mbus_code_to_bus_cfg error codes Rick Farrington <ricardo.farrington(a)cavium.com> liquidio: fix hang when re-binding VF host drv after running DPDK VF driver Nicholas Mc Guire <hofrat(a)osadl.org> ARM: hisi: check of_iomap and fix missing of_node_put Nicholas Mc Guire <hofrat(a)osadl.org> ARM: hisi: fix error handling and missing of_node_put Nicholas Mc Guire <hofrat(a)osadl.org> ARM: hisi: handle of_iomap and fix missing of_node_put Ard Biesheuvel <ard.biesheuvel(a)linaro.org> efi/esrt: Only call efi_mem_reserve() for boot services memory Andrea Parri <andrea.parri(a)amarulasolutions.com> sched/core: Use smp_mb() in wake_woken_function() Tony Lindgren <tony(a)atomide.com> pinctrl: pinmux: Return selector to the pinctrl driver Tony Lindgren <tony(a)atomide.com> pinctrl: rza1: Fix selector use for groups and functions Mike Christie <mchristi(a)redhat.com> configfs: fix registered group removal Paul Burton <paul.burton(a)mips.com> MIPS: loongson64: cs5536: Fix PCI_OHCI_INT_REG reads Eric Biggers <ebiggers(a)google.com> security: check for kstrdup() failure in lsm_append() Nicholas Mc Guire <hofrat(a)osadl.org> KVM: PPC: Book3S HV: Add of_node_put() in success path Matthew Garrett <mjg59(a)google.com> evm: Don't deadlock if a crypto algorithm is unavailable Philipp Puschmann <pp(a)emlix.com> Bluetooth: Use lock_sock_nested in bt_accept_enqueue Miklos Szeredi <mszeredi(a)redhat.com> vfs: fix freeze protection in mnt_want_write_file() for overlayfs Jann Horn <jannh(a)google.com> mtdchar: fix overflows in adjustment of `count` Ronny Chevalier <ronny.chevalier(a)hp.com> audit: fix use-after-free in audit_add_watch Viresh Kumar <viresh.kumar(a)linaro.org> arm64: dts: uniphier: Add missing cooling device properties for CPUs Noa Osherovich <noaos(a)mellanox.com> net/mlx5: Add missing SET_DRIVER_VERSION command translation Maciej W. Rozycki <macro(a)mips.com> binfmt_elf: Respect error return from `regset->active' Trond Myklebust <trondmy(a)gmail.com> NFSv4.1 fix infinite loop on I/O. Boris Ostrovsky <boris.ostrovsky(a)oracle.com> x86/EISA: Don't probe EISA bus for Xen PV guests Yabin Cui <yabinc(a)google.com> perf/core: Force USER_DS when recording user stack data Max Filippov <jcmvbkbc(a)gmail.com> xtensa: ISS: don't allocate memory in platform_setup Dan Carpenter <dan.carpenter(a)oracle.com> CIFS: fix wrapping bugs in num_entries() Dan Carpenter <dan.carpenter(a)oracle.com> cifs: prevent integer overflow in nxt_dir_entry() Oliver Neukum <oneukum(a)suse.com> Revert "cdc-acm: implement put_char() and flush_chars()" Jia-Ju Bai <baijiaju1990(a)gmail.com> usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt() Ben Hutchings <ben.hutchings(a)codethink.co.uk> USB: yurex: Fix buffer over-read in yurex_write() Johan Hovold <johan(a)kernel.org> USB: serial: ti_usb_3410_5052: fix array underflow in completion handler Jia-Ju Bai <baijiaju1990(a)gmail.com> usb: misc: uss720: Fix two sleep-in-atomic-context bugs Johan Hovold <johan(a)kernel.org> USB: serial: io_ti: fix array underflow in completion handler Alan Stern <stern(a)rowland.harvard.edu> USB: net2280: Fix erroneous synchronization change Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 Maxence Duprès <xpros64(a)hotmail.fr> USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller Jia-Ju Bai <baijiaju1990(a)gmail.com> usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() Mathias Nyman <mathias.nyman(a)linux.intel.com> usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() Oliver Neukum <oneukum(a)suse.com> usb: uas: add support for more quirk flags Tim Anderson <tsa(a)biglakesoftware.com> USB: Add quirk to support DJI CineSSD Tomas Winkler <tomas.winkler(a)intel.com> mei: bus: need to unlink client before freeing Alexander Usyskin <alexander.usyskin(a)intel.com> mei: ignore not found client in the enumeration Mathias Nyman <mathias.nyman(a)linux.intel.com> usb: Don't die twice if PCI xhci host is not responding in resume Mathias Nyman <mathias.nyman(a)linux.intel.com> xhci: Fix use after free for URB cancellation on a reallocated endpoint Gustavo A. R. Silva <gustavo(a)embeddedor.com> misc: hmc6352: fix potential Spectre v1 K. Y. Srinivasan <kys(a)microsoft.com> Tools: hv: Fix a bug in the key delete code Corey Minyard <cminyard(a)mvista.com> ipmi: Fix I2C client removal in the SSIF driver Andreas Kemnade <andreas(a)kemnade.info> mmc: omap_hsmmc: fix wakeirq handling on removal Ingo Franzki <ifranzki(a)linux.ibm.com> s390/crypto: Fix return code checking in cbc_paes_crypt() Aaron Knister <aaron.s.knister(a)nasa.gov> IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler Juergen Gross <jgross(a)suse.com> xen/netfront: fix waiting for xenbus state change Bin Yang <bin.yang(a)intel.com> pstore: Fix incorrect persistent ram buffer mapping Parav Pandit <parav(a)mellanox.com> RDMA/cma: Protect cma dev list with lock Xiao Liang <xiliang(a)redhat.com> xen-netfront: fix warn message as irq device name has '/' Joerg Roedel <jroedel(a)suse.de> x86/mm/pti: Add an overflow check to pti_clone_pmds() Jiang Biao <jiang.biao2(a)zte.com.cn> x86/pti: Check the return value of pti_user_pagetable_walk_pmd() Jiang Biao <jiang.biao2(a)zte.com.cn> x86/pti: Check the return value of pti_user_pagetable_walk_p4d() Michael Müller <michael(a)fds-team.de> crypto: sharah - Unregister correct algorithms for SAHARA 3 Hanna Hawa <hannah(a)marvell.com> dmaengine: mv_xor_v2: kill the tasklets upon exit Jae Hyun Yoo <jae.hyun.yoo(a)linux.intel.com> i2c: aspeed: Fix initial values of master and slave state Pingfan Liu <kernelfans(a)gmail.com> drivers/base: stop new probing during shutdown Christoffer Dall <christoffer.dall(a)arm.com> KVM: arm/arm64: Fix vgic init race Randy Dunlap <rdunlap(a)infradead.org> platform/x86: toshiba_acpi: Fix defined but not used build warnings Julian Wiedmann <jwi(a)linux.ibm.com> s390/qeth: reset layer2 attribute on layer switch Julian Wiedmann <jwi(a)linux.ibm.com> s390/qeth: fix race in used-buffer accounting Bhushan Shah <bshah(a)kde.org> ARM: dts: qcom: msm8974-hammerhead: increase load on l20 for sdhci Loic Poulain <loic.poulain(a)linaro.org> arm64: dts: qcom: db410c: Fix Bluetooth LED trigger Vitaly Kuznetsov <vkuznets(a)redhat.com> xen-netfront: fix queue name setting Jakub Kicinski <jakub.kicinski(a)netronome.com> nfp: avoid buffer leak when FW communication fails Ard Biesheuvel <ard.biesheuvel(a)linaro.org> efi/arm: preserve early mapping of UEFI memory map longer for BGRT Leonard Crestez <leonard.crestez(a)nxp.com> reset: imx7: Fix always writing bits as 0 Mark Rutland <mark.rutland(a)arm.com> arm64: fix possible spectre-v1 write in ptrace_hbp_set_event() YueHaibing <yuehaibing(a)huawei.com> wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of qe_muram_alloc Piotr Sawicki <p.sawicki2(a)partner.samsung.com> Smack: Fix handling of IPv4 traffic received by PF_INET6 sockets Manikanta Pubbisetty <mpubbise(a)codeaurora.org> mac80211: restrict delayed tailroom needed decrement Paul Cercueil <paul(a)crapouillou.net> MIPS: jz4740: Bump zload address Oder Chiou <oder_chiou(a)realtek.com> ASoC: rt5514: Fix the issue of the delay volume applied Nicholas Mc Guire <hofrat(a)osadl.org> staging: bcm2835-camera: handle wait_for_completion_timeout return properly Nicholas Mc Guire <hofrat(a)osadl.org> staging: bcm2835-camera: fix timeout handling in wait_for_completion_timeout Nicholas Piggin <npiggin(a)gmail.com> powerpc/powernv: opal_put_chars partial write fix Mark Rutland <mark.rutland(a)arm.com> KVM: arm/arm64: vgic: Fix possible spectre-v1 write in vgic_mmio_write_apr() Sagi Grimberg <sagi(a)grimberg.me> nvme-rdma: unquiesce queues when deleting the controller Sandipan Das <sandipan(a)linux.ibm.com> perf powerpc: Fix callchain ip filtering Krzysztof Kozlowski <krzk(a)kernel.org> ARM: exynos: Clear global variable on init error path Fredrik Noring <noring(a)nocrew.org> fbdev: Distinguish between interlaced and progressive modes Daniel Mack <daniel(a)zonque.org> video: fbdev: pxafb: clear allocated memory for video modes Sandipan Das <sandipan(a)linux.ibm.com> perf powerpc: Fix callchain ip filtering when return address is in a register Randy Dunlap <rdunlap(a)infradead.org> fbdev/via: fix defined but not used warning Anton Vasilyev <vasilyev(a)ispras.ru> video: goldfishfb: fix memory leak on driver remove Jiri Olsa <jolsa(a)redhat.com> perf tools: Fix struct comm_str removal crash Dan Carpenter <dan.carpenter(a)oracle.com> fbdev: omapfb: off by one in omapfb_register_client() Jiri Olsa <jolsa(a)kernel.org> perf tools: Synthesize GROUP_DESC feature in pipe mode Bob Peterson <rpeterso(a)redhat.com> gfs2: Don't reject a supposedly full bitmap if we have blocks reserved Thomas Richter <tmricht(a)linux.ibm.com> perf test: Fix subtest number when showing results Todor Tomov <todor.tomov(a)linaro.org> media: ov5645: Supported external clock is 24MHz Randy Dunlap <rdunlap(a)infradead.org> mtd/maps: fix solutionengine.c printk format warnings Wei Yongjun <weiyongjun1(a)huawei.com> IB/ipoib: Fix error return code in ipoib_dev_init() Mike Snitzer <snitzer(a)redhat.com> block: allow max_discard_segments to be stacked Zhu Yanjun <yanjun.zhu(a)oracle.com> IB/rxe: Drop QP0 silently Hans Verkuil <hverkuil(a)xs4all.nl> media: videobuf2-core: check for q->error in vb2_core_qbuf() Felix Fietkau <nbd(a)nbd.name> MIPS: ath79: fix system restart John Keeping <john(a)metanate.com> dmaengine: pl330: fix irq race with terminate_all Krzysztof Ha?asa <khalasa(a)piap.pl> media: tw686x: Fix oops on buffer alloc failure Masahiro Yamada <yamada.masahiro(a)socionext.com> kbuild: add .DELETE_ON_ERROR special target Rajan Vaja <rajan.vaja(a)xilinx.com> clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure Mikko Perttunen <mperttunen(a)nvidia.com> clk: core: Potentially free connection id Nicholas Mc Guire <hofrat(a)osadl.org> clk: imx6ul: fix missing of_node_put() Andreas Gruenbacher <agruenba(a)redhat.com> gfs2: Special-case rindex for gfs2_grow YueHaibing <yuehaibing(a)huawei.com> amd-xgbe: use dma_mapping_error to check map errors YueHaibing <yuehaibing(a)huawei.com> xfrm: fix 'passing zero to ERR_PTR()' warning Takashi Iwai <tiwai(a)suse.de> ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro Takashi Iwai <tiwai(a)suse.de> ALSA: msnd: Fix the default sample sizes Jean-Philippe Brucker <jean-philippe.brucker(a)arm.com> iommu/io-pgtable-arm-v7s: Abort allocation when table address overflows the PTE Miao Zhong <zhongmiao(a)hisilicon.com> iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register Erich E. Hoover <ehoover(a)sweptlaser.com> usb: dwc3: change stream event enable bit back to 13 Takashi Iwai <tiwai(a)suse.de> hv/netvsc: Fix NULL dereference at single queue mode fallback Vincent Whitchurch <vincent.whitchurch(a)axis.com> tcp: really ignore MSG_ZEROCOPY if no SO_ZEROCOPY Haishuang Yan <yanhaishuang(a)cmss.chinamobile.com> erspan: return PACKET_REJECT when the appropriate tunnel is not found Haishuang Yan <yanhaishuang(a)cmss.chinamobile.com> erspan: fix error handling for erspan tunnel Vakul Garg <vakul.garg(a)nxp.com> net/tls: Set count of SG entries if sk_alloc_sg returns -ENOSPC Raed Salem <raeds(a)mellanox.com> net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables Jack Morgenstein <jackm(a)dev.mellanox.co.il> net/mlx5: Fix debugfs cleanup in the device init/remove flow Huy Nguyen <huyn(a)mellanox.com> net/mlx5: Check for error in mlx5_attach_interface Cong Wang <xiyou.wangcong(a)gmail.com> rds: fix two RCU related problems Stefan Wahren <stefan.wahren(a)i2se.com> net: qca_spi: Fix race condition in spi transfers Jack Morgenstein <jackm(a)dev.mellanox.co.il> net/mlx5: Fix use-after-free in self-healing flow Petr Oros <poros(a)redhat.com> be2net: Fix memory leak in be_cmd_get_profile_config() ------------- Diffstat: Makefile | 4 +- .../dts/qcom-msm8974-lge-nexus5-hammerhead.dts | 2 + arch/arm/mach-exynos/suspend.c | 1 + arch/arm/mach-hisi/hotplug.c | 41 +++++--- arch/arm64/boot/dts/qcom/apq8016-sbc.dtsi | 2 +- arch/arm64/boot/dts/socionext/uniphier-ld20.dtsi | 2 + arch/arm64/kernel/ptrace.c | 19 ++-- arch/mips/ath79/setup.c | 1 + arch/mips/include/asm/mach-ath79/ath79.h | 1 + arch/mips/jz4740/Platform | 2 +- arch/mips/loongson64/common/cs5536/cs5536_ohci.c | 2 +- arch/powerpc/kvm/book3s_hv.c | 2 + arch/powerpc/platforms/powernv/opal.c | 2 +- arch/s390/crypto/paes_s390.c | 2 +- arch/x86/kernel/eisa.c | 10 +- arch/x86/mm/pti.c | 25 ++++- arch/xtensa/platforms/iss/setup.c | 25 +++-- block/blk-core.c | 8 +- block/blk-mq-sched.c | 3 +- block/blk-settings.c | 2 +- crypto/api.c | 2 +- drivers/base/core.c | 3 + drivers/char/ipmi/ipmi_ssif.c | 19 ++-- drivers/clk/clk-fixed-factor.c | 9 +- drivers/clk/clk.c | 3 + drivers/clk/imx/clk-imx6ul.c | 1 + drivers/clk/tegra/clk-bpmp.c | 12 ++- drivers/crypto/sahara.c | 4 +- drivers/dma/mv_xor_v2.c | 2 + drivers/dma/pl330.c | 5 +- drivers/firmware/efi/arm-init.c | 1 - drivers/firmware/efi/arm-runtime.c | 4 +- drivers/firmware/efi/esrt.c | 3 +- drivers/gpio/gpio-pxa.c | 2 + drivers/gpio/gpiolib.c | 6 ++ drivers/gpio/gpiolib.h | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_process.c | 2 + drivers/gpu/drm/i915/i915_gem.c | 4 +- drivers/gpu/drm/nouveau/nouveau_debugfs.c | 4 + drivers/gpu/drm/nouveau/nouveau_drm.c | 6 +- drivers/gpu/drm/nouveau/nvkm/engine/device/tegra.c | 13 +++ drivers/gpu/drm/panel/panel-samsung-s6e8aa0.c | 2 +- drivers/gpu/ipu-v3/ipu-csi.c | 20 +++- drivers/hwtracing/coresight/coresight-etm4x.c | 31 +++--- drivers/hwtracing/coresight/coresight-tpiu.c | 7 +- drivers/hwtracing/coresight/coresight.c | 7 +- drivers/i2c/busses/i2c-aspeed.c | 4 +- drivers/infiniband/core/cma.c | 12 ++- drivers/infiniband/hw/nes/nes.h | 2 +- drivers/infiniband/sw/rxe/rxe_recv.c | 9 +- drivers/infiniband/ulp/ipoib/ipoib_cm.c | 2 + drivers/infiniband/ulp/ipoib/ipoib_main.c | 3 +- drivers/input/touchscreen/rohm_bu21023.c | 4 +- drivers/iommu/arm-smmu-v3.c | 1 + drivers/iommu/io-pgtable-arm-v7s.c | 7 +- drivers/media/i2c/ov5645.c | 13 +-- drivers/media/pci/tw686x/tw686x-video.c | 11 ++- drivers/media/v4l2-core/videobuf2-core.c | 5 + drivers/mfd/88pm860x-i2c.c | 8 +- drivers/misc/hmc6352.c | 2 + drivers/misc/mei/bus-fixup.c | 2 +- drivers/misc/mei/bus.c | 9 +- drivers/misc/mei/hbm.c | 9 +- drivers/mmc/host/omap_hsmmc.c | 1 + drivers/mmc/host/sdhci-of-esdhc.c | 6 ++ drivers/mmc/host/sdhci-tegra.c | 3 +- drivers/mmc/host/sdhci.c | 9 +- drivers/mtd/maps/solutionengine.c | 6 +- drivers/mtd/mtdchar.c | 10 +- drivers/net/ethernet/amd/xgbe/xgbe-desc.c | 7 +- .../ethernet/cavium/liquidio/cn23xx_pf_device.c | 3 + .../ethernet/cavium/liquidio/cn23xx_vf_device.c | 3 + drivers/net/ethernet/emulex/benet/be_cmds.c | 2 +- drivers/net/ethernet/intel/e1000e/defines.h | 21 +++- drivers/net/ethernet/intel/e1000e/ich8lan.c | 42 ++++---- drivers/net/ethernet/intel/e1000e/mac.c | 25 ++--- drivers/net/ethernet/intel/e1000e/netdev.c | 33 +++---- drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 1 + drivers/net/ethernet/mellanox/mlx5/core/dev.c | 15 ++- .../ethernet/mellanox/mlx5/core/eswitch_offloads.c | 1 + drivers/net/ethernet/mellanox/mlx5/core/health.c | 10 +- drivers/net/ethernet/mellanox/mlx5/core/main.c | 12 ++- .../net/ethernet/netronome/nfp/nfp_net_common.c | 13 ++- drivers/net/ethernet/qualcomm/qca_7k.c | 76 +++++++------- drivers/net/ethernet/qualcomm/qca_spi.c | 110 +++++++++++---------- drivers/net/ethernet/qualcomm/qca_spi.h | 5 - drivers/net/hyperv/rndis_filter.c | 2 +- drivers/net/wan/fsl_ucc_hdlc.c | 6 +- drivers/net/xen-netfront.c | 30 +++--- drivers/nvme/host/rdma.c | 2 + drivers/parport/parport_sunbpp.c | 8 +- drivers/pinctrl/pinctrl-rza1.c | 24 ++--- drivers/pinctrl/pinmux.c | 16 ++- drivers/pinctrl/qcom/pinctrl-msm.c | 14 ++- drivers/pinctrl/qcom/pinctrl-spmi-gpio.c | 32 ++++-- drivers/platform/x86/toshiba_acpi.c | 3 +- drivers/reset/reset-imx7.c | 2 +- drivers/rtc/rtc-bq4802.c | 4 + drivers/s390/net/qeth_core_main.c | 3 +- drivers/s390/net/qeth_core_sys.c | 1 + drivers/scsi/libfc/fc_disc.c | 7 +- .../vc04_services/bcm2835-audio/bcm2835-vchiq.c | 16 +-- .../vc04_services/bcm2835-camera/bcm2835-camera.c | 7 +- .../vc04_services/bcm2835-camera/mmal-vchiq.c | 11 ++- drivers/tty/serial/earlycon.c | 5 +- drivers/tty/tty_baudrate.c | 13 ++- drivers/usb/class/cdc-acm.c | 73 -------------- drivers/usb/class/cdc-acm.h | 1 - drivers/usb/class/cdc-wdm.c | 2 +- drivers/usb/core/hcd-pci.c | 2 - drivers/usb/core/message.c | 11 +++ drivers/usb/core/quirks.c | 7 ++ drivers/usb/dwc3/gadget.h | 2 +- drivers/usb/gadget/udc/net2280.c | 16 ++- drivers/usb/gadget/udc/renesas_usb3.c | 5 +- drivers/usb/host/u132-hcd.c | 2 +- drivers/usb/host/xhci.c | 30 ++++++ drivers/usb/misc/uss720.c | 4 +- drivers/usb/misc/yurex.c | 5 +- drivers/usb/serial/io_ti.h | 2 +- drivers/usb/serial/ti_usb_3410_5052.c | 2 +- drivers/usb/storage/scsiglue.c | 9 ++ drivers/usb/storage/uas.c | 21 ++++ drivers/usb/storage/unusual_devs.h | 7 ++ drivers/video/fbdev/core/modedb.c | 41 +++++--- drivers/video/fbdev/goldfishfb.c | 1 + drivers/video/fbdev/omap/omapfb_main.c | 2 +- drivers/video/fbdev/pxafb.c | 4 +- drivers/video/fbdev/via/viafbdev.c | 3 +- fs/binfmt_elf.c | 2 +- fs/cifs/readdir.c | 11 ++- fs/cifs/smb2pdu.c | 25 +++-- fs/configfs/dir.c | 11 +++ fs/gfs2/bmap.c | 2 +- fs/gfs2/rgrp.c | 3 +- fs/namespace.c | 7 +- fs/nfs/nfs4proc.c | 10 +- fs/nfs/nfs4state.c | 2 + fs/pstore/ram_core.c | 17 +++- include/linux/crypto.h | 5 + include/linux/mlx5/driver.h | 2 +- kernel/audit_watch.c | 12 ++- kernel/events/core.c | 4 + kernel/rcu/tree.c | 6 ++ kernel/rcu/tree.h | 4 + kernel/sched/fair.c | 10 +- kernel/sched/wait.c | 47 ++++----- net/bluetooth/af_bluetooth.c | 2 +- net/core/skbuff.c | 3 - net/ipv4/ip_gre.c | 4 + net/ipv4/tcp.c | 2 +- net/ipv6/route.c | 13 ++- net/mac80211/cfg.c | 2 +- net/mac80211/key.c | 24 +++-- net/rds/bind.c | 5 +- net/tls/tls_sw.c | 6 ++ net/xfrm/xfrm_policy.c | 5 +- scripts/Kbuild.include | 3 + security/integrity/evm/evm_crypto.c | 3 +- security/security.c | 2 + security/smack/smack_lsm.c | 14 ++- sound/core/pcm_lib.c | 14 ++- sound/isa/msnd/msnd_pinnacle.c | 4 +- sound/soc/codecs/rt5514.c | 8 +- sound/soc/samsung/i2s.c | 5 +- sound/soc/samsung/tm2_wm5110.c | 3 +- sound/usb/quirks-table.h | 3 +- tools/hv/hv_kvp_daemon.c | 2 +- tools/perf/arch/powerpc/util/skip-callchain-idx.c | 10 +- tools/perf/tests/builtin-test.c | 2 +- tools/perf/util/comm.c | 16 ++- tools/perf/util/header.c | 2 +- tools/testing/selftests/timers/raw_skew.c | 5 + virt/kvm/arm/vgic/vgic-init.c | 4 + virt/kvm/arm/vgic/vgic-mmio-v2.c | 3 + 175 files changed, 1043 insertions(+), 611 deletions(-)

7 years, 1 month

9
185
0 0

FAILED: patch "[PATCH] spi: spi-fsl-dspi: fix broken DSPI_EOQ_MODE" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 5223c9c1cbfc0cd4d0a1b50758e0949af3290fa1 Mon Sep 17 00:00:00 2001 From: Angelo Dureghello <angelo(a)sysam.it> Date: Sat, 18 Aug 2018 01:51:58 +0200 Subject: [PATCH] spi: spi-fsl-dspi: fix broken DSPI_EOQ_MODE This patch fixes the dspi_eoq_write function used by the ColdFire mcf5441x family. The 16 bit cmd part must be re-set at each data transfer. Also, now that fifo_size variables are used for eoq_read/write, a proper fifo size must be set (16 slots for the ColdFire dspi module version). Signed-off-by: Angelo Dureghello <angelo(a)sysam.it> Acked-by: Esben Haabendal <esben(a)haabendal.dk> Signed-off-by: Mark Brown <broonie(a)kernel.org> Cc: stable(a)vger.kernel.org diff --git a/drivers/spi/spi-fsl-dspi.c b/drivers/spi/spi-fsl-dspi.c index 7cb3ab0a35a0..3082e72e4f6c 100644 --- a/drivers/spi/spi-fsl-dspi.c +++ b/drivers/spi/spi-fsl-dspi.c @@ -30,7 +30,11 @@ #define DRIVER_NAME "fsl-dspi" +#ifdef CONFIG_M5441x +#define DSPI_FIFO_SIZE 16 +#else #define DSPI_FIFO_SIZE 4 +#endif #define DSPI_DMA_BUFSIZE (DSPI_FIFO_SIZE * 1024) #define SPI_MCR 0x00 @@ -623,9 +627,11 @@ static void dspi_tcfq_read(struct fsl_dspi *dspi) static void dspi_eoq_write(struct fsl_dspi *dspi) { int fifo_size = DSPI_FIFO_SIZE; + u16 xfer_cmd = dspi->tx_cmd; /* Fill TX FIFO with as many transfers as possible */ while (dspi->len && fifo_size--) { + dspi->tx_cmd = xfer_cmd; /* Request EOQF for last transfer in FIFO */ if (dspi->len == dspi->bytes_per_word || fifo_size == 0) dspi->tx_cmd |= SPI_PUSHR_CMD_EOQ;

7 years, 1 month

1
0
0 0

FAILED: patch "[PATCH] mtd: partitions: fix unbalanced of_node_get/put()" failed to apply to 4.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 85516a9881a31e2c7a8d10f4697f3adcccc7cef1 Mon Sep 17 00:00:00 2001 From: Miquel Raynal <miquel.raynal(a)bootlin.com> Date: Fri, 7 Sep 2018 16:35:54 +0200 Subject: [PATCH] mtd: partitions: fix unbalanced of_node_get/put() While at first mtd_part_of_parse() would just call of_get_chil_by_name(), it has been patched to deal with sub-partitions and will now directly manipulate the node returned by mtd_get_of_node() if the MTD device is a partition. A of_node_put() was a bit below in the code, to balance the of_get_child_by_name(). However, despite its name, mtd_get_of_node() does not take a reference on the OF node. It is a simple helper hiding some pointer logic to retrieve the OF node related to an MTD device. The direct effect of such unbalanced reference counting is visible by rmmod'ing any module that would have added MTD partitions: OF: ERROR: Bad of_node_put() on <of_path_to_partition> As it seems normal to get a reference on the OF node during the of_property_for_each_string() that follows, add a call to of_node_get() when relevant. Fixes: 76a832254ab0 ("mtd: partitions: use DT info for parsing partitions with "compatible" prop") Cc: stable(a)vger.kernel.org Signed-off-by: Miquel Raynal <miquel.raynal(a)bootlin.com> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> diff --git a/drivers/mtd/mtdpart.c b/drivers/mtd/mtdpart.c index 52e2cb35fc79..99c460facd5e 100644 --- a/drivers/mtd/mtdpart.c +++ b/drivers/mtd/mtdpart.c @@ -873,8 +873,11 @@ static int mtd_part_of_parse(struct mtd_info *master, int ret, err = 0; np = mtd_get_of_node(master); - if (!mtd_is_partition(master)) + if (mtd_is_partition(master)) + of_node_get(np); + else np = of_get_child_by_name(np, "partitions"); + of_property_for_each_string(np, "compatible", prop, compat) { parser = mtd_part_get_compatible_parser(compat); if (!parser)

7 years, 1 month

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror