- Linux-stable-mirror - lists.linaro.org

+ ocfs2-fix-ocfs2-read-block-panic.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: ocfs2: fix ocfs2 read block panic has been added to the -mm tree. Its filename is ocfs2-fix-ocfs2-read-block-panic.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/ocfs2-fix-ocfs2-read-block-panic.p… and later at http://ozlabs.org/~akpm/mmotm/broken-out/ocfs2-fix-ocfs2-read-block-panic.p… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Junxiao Bi <junxiao.bi(a)oracle.com> Subject: ocfs2: fix ocfs2 read block panic While reading block, it is possible that io error return due to underlying storage issue, in this case, BH_NeedsValidate was left in the buffer head. Then when reading the very block next time, if it was already linked into journal, that will trigger the following panic. [203748.702517] kernel BUG at fs/ocfs2/buffer_head_io.c:342! [203748.702533] invalid opcode: 0000 [#1] SMP [203748.702561] Modules linked in: ocfs2 ocfs2_dlmfs ocfs2_stack_o2cb ocfs2_dlm ocfs2_nodemanager ocfs2_stackglue configfs sunrpc dm_switch dm_queue_length dm_multipath bonding be2iscsi iscsi_boot_sysfs bnx2i cnic uio cxgb4i iw_cxgb4 cxgb4 cxgb3i libcxgbi iw_cxgb3 cxgb3 mdio ib_iser rdma_cm ib_cm iw_cm ib_sa ib_mad ib_core ib_addr ipv6 iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ipmi_devintf iTCO_wdt iTCO_vendor_support dcdbas ipmi_ssif i2c_core ipmi_si ipmi_msghandler acpi_pad pcspkr sb_edac edac_core lpc_ich mfd_core shpchp sg tg3 ptp pps_core ext4 jbd2 mbcache2 sr_mod cdrom sd_mod ahci libahci megaraid_sas wmi dm_mirror dm_region_hash dm_log dm_mod [203748.703024] CPU: 7 PID: 38369 Comm: touch Not tainted 4.1.12-124.18.6.el6uek.x86_64 #2 [203748.703045] Hardware name: Dell Inc. PowerEdge R620/0PXXHP, BIOS 2.5.2 01/28/2015 [203748.703067] task: ffff880768139c00 ti: ffff88006ff48000 task.ti: ffff88006ff48000 [203748.703088] RIP: 0010:[<ffffffffa05e9f09>] [<ffffffffa05e9f09>] ocfs2_read_blocks+0x669/0x7f0 [ocfs2] [203748.703130] RSP: 0018:ffff88006ff4b818 EFLAGS: 00010206 [203748.703389] RAX: 0000000008620029 RBX: ffff88006ff4b910 RCX: 0000000000000000 [203748.703885] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 00000000023079fe [203748.704382] RBP: ffff88006ff4b8d8 R08: 0000000000000000 R09: ffff8807578c25b0 [203748.704877] R10: 000000000f637376 R11: 000000003030322e R12: 0000000000000000 [203748.705373] R13: ffff88006ff4b910 R14: ffff880732fe38f0 R15: 0000000000000000 [203748.705871] FS: 00007f401992c700(0000) GS:ffff880bfebc0000(0000) knlGS:0000000000000000 [203748.706370] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [203748.706627] CR2: 00007f4019252440 CR3: 00000000a621e000 CR4: 0000000000060670 [203748.707124] Stack: [203748.707371] ffff88006ff4b828 ffffffffa0609f52 ffff88006ff4b838 0000000000000001 [203748.707885] 0000000000000000 0000000000000000 ffff880bf67c3800 ffffffffa05eca00 [203748.708399] 00000000023079ff ffffffff81c58b80 0000000000000000 0000000000000000 [203748.708915] Call Trace: [203748.709175] [<ffffffffa0609f52>] ? ocfs2_inode_cache_io_unlock+0x12/0x20 [ocfs2] [203748.709680] [<ffffffffa05eca00>] ? ocfs2_empty_dir_filldir+0x80/0x80 [ocfs2] [203748.710185] [<ffffffffa05ec0cb>] ocfs2_read_dir_block_direct+0x3b/0x200 [ocfs2] [203748.710691] [<ffffffffa05f0fbf>] ocfs2_prepare_dx_dir_for_insert.isra.57+0x19f/0xf60 [ocfs2] [203748.711204] [<ffffffffa065660f>] ? ocfs2_metadata_cache_io_unlock+0x1f/0x30 [ocfs2] [203748.711716] [<ffffffffa05f4f3a>] ocfs2_prepare_dir_for_insert+0x13a/0x890 [ocfs2] [203748.712227] [<ffffffffa05f442e>] ? ocfs2_check_dir_for_entry+0x8e/0x140 [ocfs2] [203748.712737] [<ffffffffa061b2f2>] ocfs2_mknod+0x4b2/0x1370 [ocfs2] [203748.713003] [<ffffffffa061c385>] ocfs2_create+0x65/0x170 [ocfs2] [203748.713263] [<ffffffff8121714b>] vfs_create+0xdb/0x150 [203748.713518] [<ffffffff8121b225>] do_last+0x815/0x1210 [203748.713772] [<ffffffff812192e9>] ? path_init+0xb9/0x450 [203748.714123] [<ffffffff8121bca0>] path_openat+0x80/0x600 [203748.714378] [<ffffffff811bcd45>] ? handle_pte_fault+0xd15/0x1620 [203748.714634] [<ffffffff8121d7ba>] do_filp_open+0x3a/0xb0 [203748.714888] [<ffffffff8122a767>] ? __alloc_fd+0xa7/0x130 [203748.715143] [<ffffffff81209ffc>] do_sys_open+0x12c/0x220 [203748.715403] [<ffffffff81026ddb>] ? syscall_trace_enter_phase1+0x11b/0x180 [203748.715668] [<ffffffff816f0c9f>] ? system_call_after_swapgs+0xe9/0x190 [203748.715928] [<ffffffff8120a10e>] SyS_open+0x1e/0x20 [203748.716184] [<ffffffff816f0d5e>] system_call_fastpath+0x18/0xd7 [203748.716440] Code: 00 00 48 8b 7b 08 48 83 c3 10 45 89 f8 44 89 e1 44 89 f2 4c 89 ee e8 07 06 11 e1 48 8b 03 48 85 c0 75 df 8b 5d c8 e9 4d fa ff ff <0f> 0b 48 8b 7d a0 e8 dc c6 06 00 48 b8 00 00 00 00 00 00 00 10 [203748.717505] RIP [<ffffffffa05e9f09>] ocfs2_read_blocks+0x669/0x7f0 [ocfs2] [203748.717775] RSP <ffff88006ff4b818> Joesph ever reported a similar panic. Link: https://oss.oracle.com/pipermail/ocfs2-devel/2013-May/008931.html Link: http://lkml.kernel.org/r/20180912063207.29484-1-junxiao.bi@oracle.com Signed-off-by: Junxiao Bi <junxiao.bi(a)oracle.com> Cc: Joseph Qi <jiangqi903(a)gmail.com> Cc: Mark Fasheh <mark(a)fasheh.com> Cc: Joel Becker <jlbec(a)evilplan.org> Cc: Changwei Ge <ge.changwei(a)h3c.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/ocfs2/buffer_head_io.c | 1 + 1 file changed, 1 insertion(+) --- a/fs/ocfs2/buffer_head_io.c~ocfs2-fix-ocfs2-read-block-panic +++ a/fs/ocfs2/buffer_head_io.c @@ -342,6 +342,7 @@ int ocfs2_read_blocks(struct ocfs2_cachi * for this bh as it's not marked locally * uptodate. */ status = -EIO; + clear_buffer_needs_validate(bh); put_bh(bh); bhs[i] = NULL; continue; _ Patches currently in -mm which might be from junxiao.bi(a)oracle.com are ocfs2-fix-ocfs2-read-block-panic.patch

7 years, 1 month

1
0
0 0

Please consider for stable

by Juergen Gross

Upstream commit f7c90c2aa4004808dff777ba6ae2c7294dd06851 ("x86/xen: don't write ptes directly in 32-bit PV guests") should be considered for stable kernels from 4.14 up (I'll send backports for older kernels when I know you are taking the patch). The patch avoids 32-bit Xen PV guests creating intermediate L1TF vulnerable PTEs. Juergen

7 years, 1 month

2
1
0 0

Please consider for stable

by Juergen Gross

Upstream commit b2d7a075a1ccef2fb321d595802190c8e9b39004 ("x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear") should be considered for stable kernels from 4.17 up (I'll send backports for older kernels when I know you are taking the patch). The patch seems not only to avoid intermediate L1TF vulnerable PTEs, but there are reports of it fixing the issue mentioned in https://bugzilla.kernel.org/show_bug.cgi?id=198497 Juergen

7 years, 1 month

2
1
0 0

[PATCH 7/7] perf tools: Fix maps__find_symbol_by_name()

by Arnaldo Carvalho de Melo

From: Adrian Hunter <adrian.hunter(a)intel.com> Commit 1c5aae7710bb ("perf machine: Create maps for x86 PTI entry trampolines") revealed a problem with maps__find_symbol_by_name() that resulted in probes not being found e.g. $ sudo perf probe xsk_mmap xsk_mmap is out of .text, skip it. Probe point 'xsk_mmap' not found. Error: Failed to add events. maps__find_symbol_by_name() can optionally return the map of the found symbol. It can get the map wrong because, in fact, the symbol is found on the map's dso, not allowing for the possibility that the dso has more than one map. Fix by always checking the map contains the symbol. Reported-by: Björn Töpel <bjorn.topel(a)intel.com> Signed-off-by: Adrian Hunter <adrian.hunter(a)intel.com> Tested-by: Björn Töpel <bjorn.topel(a)intel.com> Cc: Jiri Olsa <jolsa(a)redhat.com> Cc: stable(a)vger.kernel.org Fixes: 1c5aae7710bb ("perf machine: Create maps for x86 PTI entry trampolines") Link: http://lkml.kernel.org/r/20180907085116.25782-1-adrian.hunter@intel.com Signed-off-by: Arnaldo Carvalho de Melo <acme(a)redhat.com> --- tools/perf/util/map.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tools/perf/util/map.c b/tools/perf/util/map.c index 36d0763311ef..6a6929f208b4 100644 --- a/tools/perf/util/map.c +++ b/tools/perf/util/map.c @@ -576,6 +576,13 @@ struct symbol *map_groups__find_symbol(struct map_groups *mg, return NULL; } +static bool map__contains_symbol(struct map *map, struct symbol *sym) +{ + u64 ip = map->unmap_ip(map, sym->start); + + return ip >= map->start && ip < map->end; +} + struct symbol *maps__find_symbol_by_name(struct maps *maps, const char *name, struct map **mapp) { @@ -591,6 +598,10 @@ struct symbol *maps__find_symbol_by_name(struct maps *maps, const char *name, if (sym == NULL) continue; + if (!map__contains_symbol(pos, sym)) { + sym = NULL; + continue; + } if (mapp != NULL) *mapp = pos; goto out; -- 2.14.4

7 years, 1 month

1
0
0 0

[PATCH 4.4 00/31] 4.4.143-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.143 release. There are 31 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sun Jul 22 12:13:28 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.143-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.143-rc1 Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL. Santosh Shilimkar <santosh.shilimkar(a)oracle.com> rds: avoid unenecessary cong_update in loop transport Eric Biggers <ebiggers(a)google.com> KEYS: DNS: fix parsing multiple options Florian Westphal <fw(a)strlen.de> netfilter: ebtables: reject non-bridge targets Paul Burton <paul.burton(a)mips.com> MIPS: Use async IPIs for arch_trigger_cpumask_backtrace() Paul Burton <paul.burton(a)mips.com> MIPS: Call dump_stack() from show_regs() Ping-Ke Shih <pkshih(a)realtek.com> rtlwifi: rtl8821ae: fix firmware is not ready to run Gustavo A. R. Silva <gustavo(a)embeddedor.com> net: cxgb3_main: fix potential Spectre v1 Alex Vesker <valex(a)mellanox.com> net/mlx5: Fix command interface race in polling mode Konstantin Khlebnikov <khlebnikov(a)yandex-team.ru> net_sched: blackhole: tell upper qdisc about dropped packets Jason Wang <jasowang(a)redhat.com> vhost_net: validate sock before trying to put its fd Ilpo Järvinen <ilpo.jarvinen(a)helsinki.fi> tcp: prevent bogus FRTO undos with non-SACK flows Yuchung Cheng <ycheng(a)google.com> tcp: fix Fast Open key endianness Jiri Slaby <jslaby(a)suse.cz> r8152: napi hangup fix after disconnect Sudarsana Reddy Kalluru <sudarsana.kalluru(a)cavium.com> qed: Limit msix vectors in kdump kernel to the minimum required count. Eric Dumazet <edumazet(a)google.com> net: sungem: fix rx checksum support Alex Vesker <valex(a)mellanox.com> net/mlx5: Fix incorrect raw command length parsing Eric Dumazet <edumazet(a)google.com> net: dccp: switch rx_tstamp_last_feedback to monotonic clock Eric Dumazet <edumazet(a)google.com> net: dccp: avoid crash in ccid3_hc_rx_send_feedback() Gustavo A. R. Silva <gustavo(a)embeddedor.com> atm: zatm: Fix potential Spectre v1 Christian Lamparter <chunkeey(a)googlemail.com> crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak Christian Lamparter <chunkeey(a)googlemail.com> crypto: crypto4xx - remove bad list_del Jonas Gorski <jonas.gorski(a)gmail.com> bcm63xx_enet: do not write to random DMA channel on BCM6345 Jonas Gorski <jonas.gorski(a)gmail.com> bcm63xx_enet: correct clock usage alex chen <alex.chen(a)huawei.com> ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent David S. Miller <davem(a)davemloft.net> Revert "sit: reload iphdr in ipip6_rcv" H. Peter Anvin <hpa(a)linux.intel.com> x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h> Nick Desaulniers <ndesaulniers(a)google.com> compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations David Rientjes <rientjes(a)google.com> compiler, clang: always inline when CONFIG_OPTIMIZE_INLINING is disabled Linus Torvalds <torvalds(a)linux-foundation.org> compiler, clang: properly override 'inline' for clang David Rientjes <rientjes(a)google.com> compiler, clang: suppress warning for unused static inline functions ------------- Diffstat: Makefile | 4 +- arch/mips/kernel/process.c | 31 +++++++++++- arch/mips/kernel/traps.c | 1 + arch/x86/include/asm/asm.h | 59 +++++++++++++++++++++++ drivers/atm/zatm.c | 2 + drivers/crypto/amcc/crypto4xx_core.c | 23 +++++---- drivers/net/ethernet/broadcom/bcm63xx_enet.c | 34 +++++++++---- drivers/net/ethernet/chelsio/cxgb3/cxgb3_main.c | 2 + drivers/net/ethernet/mellanox/mlx5/core/cmd.c | 8 ++-- drivers/net/ethernet/qlogic/qed/qed_main.c | 9 ++++ drivers/net/ethernet/sun/sungem.c | 22 +++++---- drivers/net/usb/r8152.c | 3 +- drivers/net/wireless/realtek/rtlwifi/core.c | 1 - drivers/vhost/net.c | 3 +- fs/ocfs2/cluster/nodemanager.c | 63 +++++++++++++++++++++---- include/linux/compiler-gcc.h | 35 ++++++++++---- net/bridge/netfilter/ebtables.c | 13 +++++ net/dccp/ccids/ccid3.c | 16 ++++--- net/dns_resolver/dns_key.c | 28 ++++++----- net/ipv4/sysctl_net_ipv4.c | 18 +++++-- net/ipv4/tcp_input.c | 9 ++++ net/ipv6/sit.c | 1 - net/nfc/llcp_commands.c | 9 ++-- net/rds/loop.c | 1 + net/rds/rds.h | 5 ++ net/rds/recv.c | 5 ++ net/sched/sch_blackhole.c | 2 +- 27 files changed, 320 insertions(+), 87 deletions(-)

7 years, 1 month

6
36
0 0

[PATCH] tcp: Revert "tcp: tcp_probe: use spin_lock_bh()"

by Matthieu Baerts

From: Eric Dumazet <edumazet(a)google.com> commit 29869d66870a715177bfb505f66a7e0e8bcc89c3 upstream. This reverts commit e70ac171658679ecf6bea4bbd9e9325cd6079d2b. jtcp_rcv_established() is in fact called with hard irq being disabled. Initial bug report from Ricardo Nabinger Sanchez [1] still needs to be investigated, but does not look like a TCP bug. [1] https://www.spinics.net/lists/netdev/msg420960.html Note: reasons for the backport in v4.9.y are described there: https://www.spinics.net/lists/stable/msg255166.html Signed-off-by: Eric Dumazet <edumazet(a)google.com> Reported-by: kernel test robot <xiaolong.ye(a)intel.com> Cc: Ricardo Nabinger Sanchez <rnsanchez(a)gmail.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Cc: stable(a)vger.kernel.org # 4.9 Signed-off-by: Matthieu Baerts <matthieu.baerts(a)tessares.net> --- net/ipv4/tcp_probe.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/ipv4/tcp_probe.c b/net/ipv4/tcp_probe.c index 3d063eb37848..f6c50af24a64 100644 --- a/net/ipv4/tcp_probe.c +++ b/net/ipv4/tcp_probe.c @@ -117,7 +117,7 @@ static void jtcp_rcv_established(struct sock *sk, struct sk_buff *skb, (fwmark > 0 && skb->mark == fwmark)) && (full || tp->snd_cwnd != tcp_probe.lastcwnd)) { - spin_lock_bh(&tcp_probe.lock); + spin_lock(&tcp_probe.lock); /* If log fills, just silently drop */ if (tcp_probe_avail() > 1) { struct tcp_log *p = tcp_probe.log + tcp_probe.head; @@ -157,7 +157,7 @@ static void jtcp_rcv_established(struct sock *sk, struct sk_buff *skb, tcp_probe.head = (tcp_probe.head + 1) & (bufsize - 1); } tcp_probe.lastcwnd = tp->snd_cwnd; - spin_unlock_bh(&tcp_probe.lock); + spin_unlock(&tcp_probe.lock); wake_up(&tcp_probe.wait); } -- 2.17.1

7 years, 1 month

2
1
0 0

Nomination of amdgpu fixes for stable backport

by Michel Dänzer

Hi stable kernel maintainers, please squash these amdgpu fixes together and backport them to all applicable stable branches: 15e6b76880e65be24250e30986084b5569b7a06f "drm/amdgpu: Warn and update pin_size values when destroying a pinned BO" 456607d816d89a442a3d5ec98b02c8bc950b5228 "drm/amdgpu: Don't warn on destroying a pinned BO" (These depend on commits a5ccfe5c20740f2fbf00291490cdf8d2373ec255 and ddc21af4d0f37f42b33c54cb69b215997fe5b082, which already have Cc: stable) -- Earthling Michel Dänzer | http://www.amd.com Libre software enthusiast | Mesa and X developer

7 years, 1 month

3
11
0 0

[PATCH stable] x86/tsc: Prevent result truncation on 32 bit

by Thomas Gleixner

Subject: x86/tsc: Prevent result truncation on 32 bit From: Chuanhua Lei <chuanhua.lei(a)linux.intel.com> Date: Thu Sep 6 18:03:23 2018 +0800 From: Chuanhua Lei <chuanhua.lei(a)linux.intel.com> Commit 17f6bac2249356c795339e03a0742cd79be3cab8 upstream. Loops per jiffy is calculated by multiplying tsc_khz with 1e3 and then dividing it by HZ. Both tsc_khz and the temporary variable holding the multiplication result are of type unsigned long, so on 32bit the result is truncated to the lower 32bit. Use u64 as type for the temporary variable and cast tsc_khz to it before multiplying. [ tglx: Backport to stable. Due to massive code changes is the upstream commit not applicable anymore. The issue has gone unnoticed in kernels pre 4.19 because the bogus LPJ value gets fixed up in a later stage of early boot, but it still might cause subtle and hard to debug issues between these two points. ] Fixes: dd759d93f4dd ("x86/timers: Add simple udelay calibration") Signed-off-by: Chuanhua Lei <chuanhua.lei(a)linux.intel.com> Signed-off-by: Thomas Gleixner <tglx(a)linutronix.de> Cc: yixin.zhu(a)linux.intel.com Cc: "H. Peter Anvin" <hpa(a)zytor.com> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Len Brown <len.brown(a)intel.com> Cc: Pavel Tatashin <pavel.tatashin(a)microsoft.com> Cc: Rajvi Jingar <rajvi.jingar(a)intel.com> Cc: Dou Liyang <douly.fnst(a)cn.fujitsu.com> Cc: Ville Syrjala <ville.syrjala(a)linux.intel.com> Link: https://lkml.kernel.org/r/1536228203-18701-1-git-send-email-chuanhua.lei@li… --- arch/x86/kernel/tsc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/arch/x86/kernel/tsc.c +++ b/arch/x86/kernel/tsc.c @@ -1343,7 +1343,7 @@ device_initcall(init_tsc_clocksource); void __init tsc_early_delay_calibrate(void) { - unsigned long lpj; + u64 lpj; if (!boot_cpu_has(X86_FEATURE_TSC)) return; @@ -1355,7 +1355,7 @@ void __init tsc_early_delay_calibrate(vo if (!tsc_khz) return; - lpj = tsc_khz * 1000; + lpj = (u64)tsc_khz * 1000; do_div(lpj, HZ); loops_per_jiffy = lpj; }

7 years, 1 month

2
1
0 0

[STABLE v4.18 BACKPORT] drm/i915: set DP Main Stream Attribute for color range on DDI platforms

by Jani Nikula

commit 6209c285e7a5e68dbcdf8fd2456c6dd68433806b upstream. Since Haswell we have no color range indication either in the pipe or port registers for DP. Instead, there's a separate register for setting the DP Main Stream Attributes (MSA) directly. The MSA register definition makes no references to colorimetry, just a vague reference to the DP spec. The connection to the color range was lost. Apparently we've failed to set the proper MSA bit for limited, or CEA, range ever since the first DDI platforms. We've started setting other MSA parameters since commit dae847991a43 ("drm/i915: add intel_ddi_set_pipe_settings"). Without the crucial bit of information, the DP sink has no way of knowing the source is actually transmitting limited range RGB, leading to "washed out" colors. With the colorimetry information, compliant sinks should be able to handle the limited range properly. Native (i.e. non-LSPCON) HDMI was not affected because we do pass the color range via AVI infoframes. Though not the root cause, the problem was made worse for DDI platforms with commit 55bc60db5988 ("drm/i915: Add "Automatic" mode for the "Broadcast RGB" property"), which selects limited range RGB automatically based on the mode, as per the DP, HDMI and CEA specs. After all these years, the fix boils down to flipping one bit. [Per testing reports, this fixes DP sinks, but not the LSPCON. My educated guess is that the LSPCON fails to turn the CEA range MSA into AVI infoframes for HDMI.] Reported-by: Michał Kopeć <mkopec12(a)gmail.com> Reported-by: N. W. <nw9165-3201(a)yahoo.com> Reported-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> Reported-by: Tom Yan <tom.ty89(a)gmail.com> Tested-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> References: https://bugs.freedesktop.org/show_bug.cgi?id=100023 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=107476 Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=94921 Cc: Paulo Zanoni <paulo.r.zanoni(a)intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> # v3.9+ Reviewed-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Signed-off-by: Jani Nikula <jani.nikula(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180814060001.18224-1-jani.n… (cherry picked from commit dc5977da99ea28094b8fa4e9bacbd29bedc41de5) Signed-off-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> --- drivers/gpu/drm/i915/i915_reg.h | 1 + drivers/gpu/drm/i915/intel_ddi.c | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/drivers/gpu/drm/i915/i915_reg.h b/drivers/gpu/drm/i915/i915_reg.h index 7720569f2024..6e048ee88e3f 100644 --- a/drivers/gpu/drm/i915/i915_reg.h +++ b/drivers/gpu/drm/i915/i915_reg.h @@ -8825,6 +8825,7 @@ enum skl_power_gate { #define TRANS_MSA_10_BPC (2<<5) #define TRANS_MSA_12_BPC (3<<5) #define TRANS_MSA_16_BPC (4<<5) +#define TRANS_MSA_CEA_RANGE (1<<3) /* LCPLL Control */ #define LCPLL_CTL _MMIO(0x130040) diff --git a/drivers/gpu/drm/i915/intel_ddi.c b/drivers/gpu/drm/i915/intel_ddi.c index fed26d6e4e27..e195c287c263 100644 --- a/drivers/gpu/drm/i915/intel_ddi.c +++ b/drivers/gpu/drm/i915/intel_ddi.c @@ -1659,6 +1659,10 @@ void intel_ddi_set_pipe_settings(const struct intel_crtc_state *crtc_state) WARN_ON(transcoder_is_dsi(cpu_transcoder)); temp = TRANS_MSA_SYNC_CLK; + + if (crtc_state->limited_color_range) + temp |= TRANS_MSA_CEA_RANGE; + switch (crtc_state->pipe_bpp) { case 18: temp |= TRANS_MSA_6_BPC; -- 2.11.0

7 years, 1 month

2
1
0 0

FAILED: patch "[PATCH] drm/i915: set DP Main Stream Attribute for color range on DDI" failed to apply to 4.19-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.19-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 6209c285e7a5e68dbcdf8fd2456c6dd68433806b Mon Sep 17 00:00:00 2001 From: Jani Nikula <jani.nikula(a)intel.com> Date: Tue, 14 Aug 2018 09:00:01 +0300 Subject: [PATCH] drm/i915: set DP Main Stream Attribute for color range on DDI platforms MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Since Haswell we have no color range indication either in the pipe or port registers for DP. Instead, there's a separate register for setting the DP Main Stream Attributes (MSA) directly. The MSA register definition makes no references to colorimetry, just a vague reference to the DP spec. The connection to the color range was lost. Apparently we've failed to set the proper MSA bit for limited, or CEA, range ever since the first DDI platforms. We've started setting other MSA parameters since commit dae847991a43 ("drm/i915: add intel_ddi_set_pipe_settings"). Without the crucial bit of information, the DP sink has no way of knowing the source is actually transmitting limited range RGB, leading to "washed out" colors. With the colorimetry information, compliant sinks should be able to handle the limited range properly. Native (i.e. non-LSPCON) HDMI was not affected because we do pass the color range via AVI infoframes. Though not the root cause, the problem was made worse for DDI platforms with commit 55bc60db5988 ("drm/i915: Add "Automatic" mode for the "Broadcast RGB" property"), which selects limited range RGB automatically based on the mode, as per the DP, HDMI and CEA specs. After all these years, the fix boils down to flipping one bit. [Per testing reports, this fixes DP sinks, but not the LSPCON. My educated guess is that the LSPCON fails to turn the CEA range MSA into AVI infoframes for HDMI.] Reported-by: Michał Kopeć <mkopec12(a)gmail.com> Reported-by: N. W. <nw9165-3201(a)yahoo.com> Reported-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> Reported-by: Tom Yan <tom.ty89(a)gmail.com> Tested-by: Nicholas Stommel <nicholas.stommel(a)gmail.com> References: https://bugs.freedesktop.org/show_bug.cgi?id=100023 Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=107476 Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=94921 Cc: Paulo Zanoni <paulo.r.zanoni(a)intel.com> Cc: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Cc: Ville Syrjälä <ville.syrjala(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> # v3.9+ Reviewed-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> Signed-off-by: Jani Nikula <jani.nikula(a)intel.com> Link: https://patchwork.freedesktop.org/patch/msgid/20180814060001.18224-1-jani.n… (cherry picked from commit dc5977da99ea28094b8fa4e9bacbd29bedc41de5) Signed-off-by: Rodrigo Vivi <rodrigo.vivi(a)intel.com> diff --git a/drivers/gpu/drm/i915/i915_reg.h b/drivers/gpu/drm/i915/i915_reg.h index 91e7483228e1..08ec7446282e 100644 --- a/drivers/gpu/drm/i915/i915_reg.h +++ b/drivers/gpu/drm/i915/i915_reg.h @@ -9201,6 +9201,7 @@ enum skl_power_gate { #define TRANS_MSA_10_BPC (2 << 5) #define TRANS_MSA_12_BPC (3 << 5) #define TRANS_MSA_16_BPC (4 << 5) +#define TRANS_MSA_CEA_RANGE (1 << 3) /* LCPLL Control */ #define LCPLL_CTL _MMIO(0x130040) diff --git a/drivers/gpu/drm/i915/intel_ddi.c b/drivers/gpu/drm/i915/intel_ddi.c index 39d66f8493fa..8761513f3532 100644 --- a/drivers/gpu/drm/i915/intel_ddi.c +++ b/drivers/gpu/drm/i915/intel_ddi.c @@ -1685,6 +1685,10 @@ void intel_ddi_set_pipe_settings(const struct intel_crtc_state *crtc_state) WARN_ON(transcoder_is_dsi(cpu_transcoder)); temp = TRANS_MSA_SYNC_CLK; + + if (crtc_state->limited_color_range) + temp |= TRANS_MSA_CEA_RANGE; + switch (crtc_state->pipe_bpp) { case 18: temp |= TRANS_MSA_6_BPC;

7 years, 1 month

3
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror