- Linux-stable-mirror - lists.linaro.org

Re: [Xen-devel] [PATCH 2/2] xen: make xen_qlock_wait() nestable

by Juergen Gross

On 01/10/2018 10:57, Jan Beulich wrote: >>>> On 01.10.18 at 09:16, <jgross(a)suse.com> wrote: >> xen_qlock_wait() isn't safe for nested calls due to interrupts. A call >> of xen_qlock_kick() might be ignored in case a deeper nesting level >> was active right before the call of xen_poll_irq(): >> >> CPU 1: CPU 2: >> spin_lock(lock1) >> spin_lock(lock1) >> -> xen_qlock_wait() >> -> xen_clear_irq_pending() >> Interrupt happens >> spin_unlock(lock1) >> -> xen_qlock_kick(CPU 2) >> spin_lock_irqsave(lock2) >> spin_lock_irqsave(lock2) >> -> xen_qlock_wait() >> -> xen_clear_irq_pending() >> clears kick for lock1 >> -> xen_poll_irq() >> spin_unlock_irq_restore(lock2) >> -> xen_qlock_kick(CPU 2) >> wakes up >> spin_unlock_irq_restore(lock2) >> IRET >> resumes in xen_qlock_wait() >> -> xen_poll_irq() >> never wakes up >> >> The solution is to disable interrupts in xen_qlock_wait() and not to >> poll for the irq in case xen_qlock_wait() is called in nmi context. > > Are precautions against NMI really worthwhile? Locks acquired both > in NMI context as well as outside of it are liable to deadlock anyway, > aren't they? The locks don't need to be the same. A NMI-only lock tried to be acquired with xen_qlock_wait() for another lock having been interrupted by the NMI will be enough to risk the issue. So yes, I believe the test for NMI is good to have. Juergen

7 years, 1 month

2
1
0 0

Re: [Xen-devel] [PATCH 1/2] xen: fix race in xen_qlock_wait()

by Juergen Gross

On 01/10/2018 10:54, Jan Beulich wrote: >>>> On 01.10.18 at 09:16, <jgross(a)suse.com> wrote: >> In the following situation a vcpu waiting for a lock might not be >> woken up from xen_poll_irq(): >> >> CPU 1: CPU 2: CPU 3: >> takes a spinlock >> tries to get lock >> -> xen_qlock_wait() >> -> xen_clear_irq_pending() > > Doesn't the last line above ... > >> frees the lock >> -> xen_qlock_kick(cpu2) > > ... need to be below here? You are right, of course! Thanks for noticing. Juergen

7 years, 1 month

1
0
0 0

[PATCH 1/2] xen: fix race in xen_qlock_wait()

by Juergen Gross

In the following situation a vcpu waiting for a lock might not be woken up from xen_poll_irq(): CPU 1: CPU 2: CPU 3: takes a spinlock tries to get lock -> xen_qlock_wait() -> xen_clear_irq_pending() frees the lock -> xen_qlock_kick(cpu2) takes lock again tries to get lock -> *lock = _Q_SLOW_VAL -> *lock == _Q_SLOW_VAL ? -> xen_poll_irq() frees the lock -> xen_qlock_kick(cpu3) And cpu 2 will sleep forever. This can be avoided easily by modifying xen_qlock_wait() to call xen_poll_irq() only if the related irq was not pending and to call xen_clear_irq_pending() only if it was pending. Cc: stable(a)vger.kernel.org Cc: Waiman.Long(a)hp.com Cc: peterz(a)infradead.org Signed-off-by: Juergen Gross <jgross(a)suse.com> --- arch/x86/xen/spinlock.c | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/arch/x86/xen/spinlock.c b/arch/x86/xen/spinlock.c index 973f10e05211..cd210a4ba7b1 100644 --- a/arch/x86/xen/spinlock.c +++ b/arch/x86/xen/spinlock.c @@ -45,17 +45,12 @@ static void xen_qlock_wait(u8 *byte, u8 val) if (irq == -1) return; - /* clear pending */ - xen_clear_irq_pending(irq); - barrier(); + /* If irq pending already clear it and return. */ + if (xen_test_irq_pending(irq)) { + xen_clear_irq_pending(irq); + return; + } - /* - * We check the byte value after clearing pending IRQ to make sure - * that we won't miss a wakeup event because of the clearing. - * - * The sync_clear_bit() call in xen_clear_irq_pending() is atomic. - * So it is effectively a memory barrier for x86. - */ if (READ_ONCE(*byte) != val) return; -- 2.16.4

7 years, 1 month

2
2
0 0

[PATCH stable v4.17] PCI: aardvark: Size bridges before resources allocation

by Thomas Petazzoni

From: Zachary Zhang <zhangzg(a)marvell.com> commit 91a2968e245d6ba616db37001fa1a043078b1a65 usptream. The PCIE I/O and MEM resource allocation mechanism is that root bus goes through the following steps: 1. Check PCI bridges' range and computes I/O and Mem base/limits. 2. Sort all subordinate devices I/O and MEM resource requirements and allocate the resources and writes/updates subordinate devices' requirements to PCI bridges I/O and Mem MEM/limits registers. Currently, PCI Aardvark driver only handles the second step and lacks the first step, so there is an I/O and MEM resource allocation failure when using a PCI switch. This commit fixes that by sizing bridges before doing the resource allocation. Fixes: 8c39d710363c1 ("PCI: aardvark: Add Aardvark PCI host controller driver") Signed-off-by: Zachary Zhang <zhangzg(a)marvell.com> [Thomas: edit commit log.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni(a)bootlin.com> Signed-off-by: Lorenzo Pieralisi <lorenzo.pieralisi(a)arm.com> Cc: <stable(a)vger.kernel.org> --- drivers/pci/host/pci-aardvark.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/pci/host/pci-aardvark.c b/drivers/pci/host/pci-aardvark.c index d0867a311f42..806fa836b2d6 100644 --- a/drivers/pci/host/pci-aardvark.c +++ b/drivers/pci/host/pci-aardvark.c @@ -951,6 +951,7 @@ static int advk_pcie_probe(struct platform_device *pdev) bus = bridge->bus; + pci_bus_size_bridges(bus); pci_bus_assign_resources(bus); list_for_each_entry(child, &bus->children, node) -- 2.14.4

7 years, 1 month

2
2
0 0

[GIT PULL] commits for Linux 4.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 183348489d36bbe1ace1364830425009e98bcc25: Linux 4.18.10 (2018-09-26 08:39:43 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.18-27092018 for you to fetch changes up to cff7c1624dbdd1ef6aa98be11b05a5b516656248: gpio: tegra: Fix tegra_gpio_irq_set_type() (2018-09-27 20:22:08 -0400) - ---------------------------------------------------------------- for-greg-4.18-27092018 - ---------------------------------------------------------------- Akinobu Mita (6): iio: adc: ina2xx: avoid kthread_stop() with stale task_struct iio: accel: adxl345: convert address field usage in iio_chan_spec media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power media: soc_camera: ov772x: correct setting of banding filter media: ov772x: add checks for register read errors media: ov772x: allow i2c controllers without I2C_FUNC_PROTOCOL_MANGLING Alagu Sankar (2): ath10k: sdio: use same endpoint id for all packets in a bundle ath10k: sdio: set skb len for all rx packets Alexey Kardashevskiy (1): powerpc/powernv/ioda2: Reduce upper limit for DMA window size Alexey Khoroshilov (1): media: fsl-viu: fix error handling in viu_of_probe() Alistair Strachan (1): staging: android: ashmem: Fix mmap size validation Andreas Gruenbacher (1): iomap: complete partial direct I/O writes synchronously Andy Shevchenko (1): x86/tsc: Add missing header to tsc_msr.c Anton Vasilyev (1): uwb: hwa-rc: fix memory leak at probe Bart Van Assche (4): include/rdma/opa_addr.h: Fix an endianness issue scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size scsi: klist: Make it safe to use klists in atomic context scsi: target: Avoid that EXTENDED COPY commands trigger lock inversion Ben Greear (1): ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock Benjamin Tissoires (1): power: remove possible deadlock when unregistering power_supply Bob Copeland (1): ath10k: use locked skb_dequeue for rx completions Brandon Maier (2): net: phy: xgmiitorgmii: Check read_status results net: phy: xgmiitorgmii: Check phy_driver ready before accessing Breno Leitao (1): scsi: ibmvscsi: Improve strings handling Brian Norris (1): ath10k: snoc: use correct bus-specific pointer in RX retry Christophe JAILLET (2): serial: pxa: Fix an error handling path in 'serial_pxa_probe()' EDAC, altera: Fix an error handling path in altr_s10_sdram_probe() Colin Ian King (2): staging: rts5208: fix missing error check on call to rtsx_write_register ath10k: fix memory leak of tpc_stats Dan Carpenter (6): vmci: type promotion bug in qp_host_get_user_memory() RDMA/bnxt_re: Fix a couple off by one bugs RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c IB/core: type promotion bug in rdma_rw_init_one_mr() ASoC: qdsp6: qdafe: fix some off by one bugs rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() Dan Williams (1): x86/numa_emulation: Fix emulated-to-physical node mapping Daniel Vetter (1): drm/omap: gem: Fix mm_list locking Dave Gerlach (1): ARM: hwmod: RTC: Don't assume lock/unlock will be called with irq enabled Dmitry Osipenko (1): gpio: tegra: Fix tegra_gpio_irq_set_type() Eric Anholt (2): drm/v3d: Take a lock across GPU scheduler job creation and queuing. drm/vc4: Add missing formats to vc4_format_mod_supported(). Ethan Tuttle (1): ARM: mvebu: declare asm symbols as character arrays in pmsu.c Frederic Weisbecker (1): perf/hw_breakpoint: Split attribute parse and commit Fuyun Liang (1): net: hns3: Fix for mailbox message truncated problem Ganesh Goudar (1): cxgb4: Fix the condition to check if the card is T5 Geert Uytterhoeven (3): serial: sh-sci: Stop RX FIFO timer during port shutdown arm64: dts: renesas: salvator-common: Fix adv7482 decimal unit addresses ASoC: rt1305: Use ULL suffixes for 64-bit constants Guoqing Jiang (1): md-cluster: clear another node's suspend_area after the copy is finished Gustavo A. R. Silva (1): drm/amd/display/dc/dce: Fix multiple potential integer overflows Hans de Goede (2): power: supply: axp288_charger: Fix initial constant_charge_current value ASoC: Intel: bytcr_rt5640: Fix Acer Iconia 8 over-current detect threshold Hari Bathini (1): powerpc/kdump: Handle crashkernel memory reservation failure Heiko Carstens (1): s390/sysinfo: add missing #ifdef CONFIG_PROC_FS Hugo Lefeuvre (1): staging: pi433: fix race condition in pi433_ioctl J. Bruce Fields (1): nfsd: fix corrupted reply to badly ordered compound Jan Beulich (1): x86/entry/64: Add two more instruction suffixes Jan KundrÃ¡t (1): spi: orion: fix CS GPIO handling again Javier Martinez Canillas (1): media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data Jean-Christophe Dubois (1): thermal: i.MX: Allow thermal probe to fail gracefully in case of bad calibration. Jernej Skrabec (2): drm/sun4i: Enable DW HDMI PHY clock drm/sun4i: Fix releasing node when enumerating enpoints Jessica Yu (1): module: exclude SHN_UNDEF symbols from kallsyms api Jian-Hong Pan (1): Bluetooth: Add a new Realtek 8723DE ID 0bda:b009 Johan Hovold (4): misc: sram: enable clock before registering regions USB: serial: kobil_sct: fix modem-status error handling EDAC, i7core: Fix memleaks and use-after-free on probe and remove EDAC: Fix memleak in module init error path Johannes Berg (1): bitfield: fix *_encode_bits() JoÃ£o Paulo Rechi Vita (1): platform/x86: asus-wireless: Fix uninitialized symbol usage Julia Lawall (1): usb: wusbcore: security: cast sizeof to int for comparison Kai-Heng Feng (1): ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge Kamal Heib (1): staging: mt7621-eth: Fix memory leak in mtk_add_mac() error path Kan Liang (1): perf/x86/intel/lbr: Fix incomplete LBR call stack Kevin Hilman (1): ARM: dts: dra7: fix DCAN node addresses Konstantin Khorenko (1): fs/lock: skip lock owner pid translation in case we are in init_pid_ns Kuninori Morimoto (1): ASoC: rsnd: SSI parent cares SWSP bit Laurent Pinchart (1): arm64: dts: renesas: Fix VSPD registers range Leon Romanovsky (2): RDMA/i40w: Hold read semaphore while looking after VMA RDMA/uverbs: Don't overwrite NULL pointer with ZERO_SIZE_PTR Liam Girdwood (1): ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs Lorenzo Bianconi (1): mt76x2: fix mrr idx/count estimation in mt76x2_mac_fill_tx_status() Maor Gottlieb (1): IB/mlx5: Fix GRE flow specification Masahiro Yamada (1): MIPS: boot: fix build rule of vmlinux.its.S Matt Ranostay (1): tsl2550: fix lux1_input error in low light Maxime Ripard (1): drm/vc4: plane: Expand the lower bits by repeating the higher bits Michael Scott (1): 6lowpan: iphc: reset mac_header after decompress to fix panic Nadav Amit (1): gpio: Fix wrong rounding in gpio-menz127 Nicholas Mc Guire (1): ALSA: snd-aoa: add of_node_put() in error path Niklas Cassel (2): iommu/msm: Don't call iommu_device_{,un}link from atomic context ath10k: transmit queued frames after processing rx packets Oleksandr Andrushchenko (1): Input: xen-kbdfront - fix multi-touch XenStore node's locations Ondrej MosnÃ¡Äek (1): audit: Fix extended comparison of GID/EGID Peter Rosin (1): mtd: rawnand: atmel: add module param to avoid using dma Peter Seiderer (1): media: staging/imx: fill vb2_v4l2_buffer field entry Petr Machata (1): selftests: forwarding: Tweak tc filters for mirror-to-gretap tests Randy Dunlap (1): Documentation/process: fix reST table border error Ravi Chandra Sadineni (1): ACPI / button: increment wakeup count only when notified Rosen Penev (1): staging: mt7621-dts: Fix remaining pcie warnings Sandipan Das (1): perf tests: Fix indexing when invoking subtests Shivasharan S (1): scsi: megaraid_sas: Update controller info during resume Stafford Horne (1): crypto: skcipher - Fix -Wstringop-truncation warnings Stefan Agner (1): brcmsmac: fix wrap around in conversion from constant to s16 Stephen Boyd (1): HID: i2c-hid: Use devm to allocate i2c_hid struct Sudeep Holla (1): power: vexpress: fix corruption in notifier registration Sylwester Nawrocki (1): media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() Tarick Bedeir (1): IB/mlx4: Test port number before querying type. Thomas Gleixner (3): alarmtimer: Prevent overflow for relative nanosleep posix-timers: Make forward callback return s64 posix-timers: Sanitize overrun handling Tony Lindgren (1): wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() Toshiaki Makita (1): vhost_net: Avoid tx vring kicks during busyloop Uwe Kleine-KÃ¶nig (1): siox: don't create a thread without starting it Vasily Gorbik (4): s390/mm: correct allocate_pgste proc_handler callback s390/dasd: correct numa_node in dasd_alloc_queue s390/scm_blk: correct numa_node in scm_blk_dev_setup s390/extmem: fix gcc 8 stringop-overflow warning Viresh Kumar (2): ARM: dts: ls1021a: Add missing cooling device properties for CPUs arm: dts: mediatek: Add missing cooling device properties for CPUs Wei Yongjun (1): misc: ibmvmc: Use GFP_ATOMIC under spin lock Wesley Chalmers (1): drm/amd/display: fix use of uninitialized memory William Breathitt Gray (1): iio: 104-quad-8: Fix off-by-one error in register selection Xiaofei Tan (1): scsi: hisi_sas: Fix the conflict between dev gone and host reset YueHaibing (1): ath10k: fix incorrect size of dma_free_coherent in ath10k_ce_alloc_src_ring_64 Yunsheng Lin (3): net: hns3: Fix for mac pause not disable in pfc mode net: hns3: Fix warning bug when doing lp selftest net: hns3: Fix get_vector ops in hclgevf_main module Zhen Lei (1): iommu/amd: make sure TLB to be flushed before IOVA freed Zhouyang Jia (4): drivers/tty: add error handling for pcmcia_loop_config media: tm6000: add error handling for dvb_register_adapter HID: hid-ntrig: add error handling for sysfs_create_group scsi: bnx2i: add error handling for ioremap_nocache Documentation/process/2.Process.rst | 2 +- arch/arm/boot/dts/dra7.dtsi | 4 +- arch/arm/boot/dts/ls1021a.dtsi | 1 + arch/arm/boot/dts/mt7623.dtsi | 3 + arch/arm/mach-mvebu/pmsu.c | 6 +- arch/arm/mach-omap2/omap_hwmod_reset.c | 12 ++-- arch/arm64/boot/dts/renesas/r8a7795-es1.dtsi | 2 +- arch/arm64/boot/dts/renesas/r8a7795.dtsi | 6 +- arch/arm64/boot/dts/renesas/r8a7796.dtsi | 6 +- arch/arm64/boot/dts/renesas/r8a77965.dtsi | 4 +- arch/arm64/boot/dts/renesas/r8a77970.dtsi | 2 +- arch/arm64/boot/dts/renesas/r8a77995.dtsi | 4 +- arch/arm64/boot/dts/renesas/salvator-common.dtsi | 4 +- arch/mips/boot/Makefile | 6 +- arch/powerpc/kernel/machine_kexec.c | 7 +- arch/powerpc/platforms/powernv/pci-ioda.c | 2 +- arch/s390/kernel/sysinfo.c | 4 ++ arch/s390/mm/extmem.c | 4 +- arch/s390/mm/pgalloc.c | 2 +- arch/x86/entry/entry_64.S | 4 +- arch/x86/events/intel/lbr.c | 32 +++++++-- arch/x86/events/perf_event.h | 1 + arch/x86/kernel/tsc_msr.c | 1 + arch/x86/mm/numa_emulation.c | 2 +- crypto/ablkcipher.c | 2 + crypto/blkcipher.c | 1 + drivers/acpi/button.c | 13 ++-- drivers/bluetooth/btusb.c | 1 + drivers/edac/altera_edac.c | 3 +- drivers/edac/edac_mc_sysfs.c | 6 +- drivers/edac/i7core_edac.c | 22 +++++-- drivers/gpio/gpio-menz127.c | 4 +- drivers/gpio/gpio-tegra.c | 15 +++-- .../gpu/drm/amd/display/dc/dce/dce_clock_source.c | 10 +-- .../amd/display/dc/dml/dml1_display_rq_dlg_calc.c | 2 + drivers/gpu/drm/omapdrm/omap_debugfs.c | 2 + drivers/gpu/drm/omapdrm/omap_drv.c | 2 +- drivers/gpu/drm/omapdrm/omap_drv.h | 2 +- drivers/gpu/drm/omapdrm/omap_gem.c | 15 +++-- drivers/gpu/drm/sun4i/sun4i_drv.c | 3 +- drivers/gpu/drm/sun4i/sun8i_hdmi_phy.c | 7 +- drivers/gpu/drm/v3d/v3d_drv.h | 5 ++ drivers/gpu/drm/v3d/v3d_gem.c | 4 ++ drivers/gpu/drm/vc4/vc4_plane.c | 3 + drivers/hid/hid-ntrig.c | 2 + drivers/hid/i2c-hid/i2c-hid.c | 9 +-- drivers/iio/accel/adxl345_core.c | 21 +++--- drivers/iio/adc/ina2xx-adc.c | 17 +++-- drivers/iio/counter/104-quad-8.c | 2 +- drivers/infiniband/core/rw.c | 2 +- drivers/infiniband/core/uverbs_cmd.c | 5 +- drivers/infiniband/hw/bnxt_re/qplib_fp.c | 12 ++-- drivers/infiniband/hw/bnxt_re/qplib_sp.c | 4 +- drivers/infiniband/hw/i40iw/i40iw_verbs.c | 2 + drivers/infiniband/hw/mlx4/qp.c | 2 +- drivers/infiniband/hw/mlx5/main.c | 2 +- drivers/input/misc/xen-kbdfront.c | 8 +-- drivers/iommu/amd_iommu.c | 2 +- drivers/iommu/msm_iommu.c | 16 ++--- drivers/md/md-cluster.c | 19 +++--- drivers/media/i2c/ov772x.c | 40 +++++++---- drivers/media/i2c/soc_camera/ov772x.c | 2 +- drivers/media/platform/exynos4-is/fimc-isp-video.c | 11 +++- drivers/media/platform/fsl-viu.c | 38 ++++++----- drivers/media/platform/omap3isp/isp.c | 2 +- drivers/media/platform/s3c-camif/camif-capture.c | 2 + drivers/media/usb/tm6000/tm6000-dvb.c | 5 ++ drivers/misc/ibmvmc.c | 2 +- drivers/misc/sram.c | 13 ++-- drivers/misc/tsl2550.c | 2 +- drivers/misc/vmw_vmci/vmci_queue_pair.c | 4 +- drivers/mtd/nand/raw/atmel/nand-controller.c | 7 +- drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 2 +- drivers/net/ethernet/hisilicon/hns3/hns3_ethtool.c | 2 + .../net/ethernet/hisilicon/hns3/hns3pf/hclge_tm.c | 9 ++- .../ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 11 +++- .../ethernet/hisilicon/hns3/hns3vf/hclgevf_mbx.c | 3 +- drivers/net/phy/xilinx_gmii2rgmii.c | 10 ++- drivers/net/wireless/ath/ath10k/ce.c | 2 +- drivers/net/wireless/ath/ath10k/htt_rx.c | 13 ++-- drivers/net/wireless/ath/ath10k/mac.c | 1 + drivers/net/wireless/ath/ath10k/sdio.c | 9 ++- drivers/net/wireless/ath/ath10k/snoc.c | 2 +- drivers/net/wireless/ath/ath10k/wmi.c | 8 +-- .../broadcom/brcm80211/brcmsmac/phy/phy_qmath.c | 2 +- drivers/net/wireless/mediatek/mt76/mt76x2_mac.c | 6 +- drivers/net/wireless/rndis_wlan.c | 2 + drivers/net/wireless/ti/wlcore/cmd.c | 6 ++ drivers/platform/x86/asus-wireless.c | 23 ++++--- drivers/power/reset/vexpress-poweroff.c | 12 ++-- drivers/power/supply/axp288_charger.c | 2 +- drivers/power/supply/power_supply_core.c | 11 +++- drivers/s390/block/dasd.c | 1 + drivers/s390/block/scm_blk.c | 1 + drivers/scsi/bnx2i/bnx2i_hwi.c | 2 + drivers/scsi/hisi_sas/hisi_sas.h | 1 + drivers/scsi/hisi_sas/hisi_sas_main.c | 6 ++ drivers/scsi/ibmvscsi/ibmvscsi.c | 4 +- drivers/scsi/megaraid/megaraid_sas_base.c | 3 + drivers/siox/siox-core.c | 10 +-- drivers/spi/spi-orion.c | 77 +++++++++++----------- drivers/staging/android/ashmem.c | 6 ++ drivers/staging/media/imx/imx-ic-prpencvf.c | 1 + drivers/staging/media/imx/imx-media-csi.c | 1 + drivers/staging/mt7621-dts/gbpc1.dts | 2 + drivers/staging/mt7621-dts/mt7621.dtsi | 21 +++--- drivers/staging/mt7621-eth/mtk_eth_soc.c | 13 +++- drivers/staging/pi433/pi433_if.c | 7 +- drivers/staging/rts5208/sd.c | 2 +- drivers/target/iscsi/iscsi_target_tpg.c | 3 +- drivers/target/target_core_device.c | 22 +++++-- drivers/thermal/imx_thermal.c | 5 +- drivers/tty/serial/8250/serial_cs.c | 6 +- drivers/tty/serial/pxa.c | 3 +- drivers/tty/serial/sh-sci.c | 2 + drivers/usb/serial/kobil_sct.c | 12 +++- drivers/usb/wusbcore/security.c | 2 +- drivers/uwb/hwa-rc.c | 1 + drivers/vhost/net.c | 35 ++++++---- fs/iomap.c | 21 +++--- fs/locks.c | 7 ++ fs/nfsd/nfs4proc.c | 1 + include/linux/bitfield.h | 6 +- include/linux/posix-timers.h | 4 +- include/linux/power_supply.h | 1 + include/rdma/opa_addr.h | 2 +- kernel/auditsc.c | 8 +-- kernel/events/hw_breakpoint.c | 57 +++++++++++----- kernel/module.c | 6 +- kernel/time/alarmtimer.c | 7 +- kernel/time/posix-cpu-timers.c | 2 +- kernel/time/posix-timers.c | 33 ++++++---- kernel/time/posix-timers.h | 2 +- lib/klist.c | 10 +-- net/6lowpan/iphc.c | 1 + sound/aoa/core/gpio-feature.c | 4 +- sound/pci/hda/hda_intel.c | 3 +- sound/soc/codecs/rt1305.c | 4 +- sound/soc/intel/boards/bytcr_rt5640.c | 2 +- sound/soc/qcom/qdsp6/q6afe.c | 6 +- sound/soc/sh/rcar/ssi.c | 32 +++++---- sound/soc/soc-dapm.c | 7 ++ tools/perf/tests/builtin-test.c | 2 +- .../net/forwarding/mirror_gre_bridge_1d_vlan.sh | 6 +- .../selftests/net/forwarding/mirror_gre_lib.sh | 2 +- .../net/forwarding/mirror_gre_vlan_bridge_1q.sh | 6 +- 146 files changed, 730 insertions(+), 393 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlutdSQACgkQ3qZv95d3 LNye/hAAp6z1BlOIB6qXmT45+02RP2jdIWxsy/a0zhhHyFMwrvFPHpTVOGmC6ULe rIU2Al97oudFf+J5Y/7OkgO5D38OOpEtj/Ko8e4uwok7gPOFkZCOSEGQOwajJybD E26j0Ft2alsTSC/YWBvTT4yEeV/Al/PeguT4qk/gx7DhXlrHm8SOHCVXwcYflQKG ccaaE2p0Ft5KC3oWDKVkGfV3RyiOqVnzGqCABNxT83uoYkEWrQhzhaKF8Hpypk2A 8iT0Ckln/QwXft4l7FayED3PvlK/ouiFvg2V92WiSsOuWZde7Rm6vn/GX8CZwVp+ FVkRaF83SE+vZRL4FHRBhtk7rzh/1dWaVK08kpDDgHHp8v/NAUZf6oBeaQsRZhaa SkABie08EncIjHtjf9ZxCVUQ8EMZ2C+Bz0CmitB1YbKp+tndZcbtCNi4Vc5WzxP/ blhSPD0jKvuV3PYbLA9RC0bP2JzczVUcp3Nr8sJn/S6uwgife9j18zc2zQoDvesy jYLcQfOVfaQqhvk9SeID21Sa/0R8glnNOxNirUYfXNg2ebeq1zorHAlsk6C/IxHe Cg7FEKLReEXLX3B9X65t2LZqOwhDU/8wVq6lqf2BvSECLczWIzWUq09YKQJuOXI3 RXVzmQ97N77iwFAw2kEldQrZjqNZLoZXH5dgV+fYPACyRernxZ0= =PH5a -----END PGP SIGNATURE-----

7 years, 1 month

2
2
0 0

[PATCH AUTOSEL 3.18 01/13] usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i]

by Sasha Levin

From: Anton Vasilyev <vasilyev(a)ispras.ru> [ Upstream commit c37bd52836296ecc9a0fc8060b819089aebdbcde ] There is no deallocation of fotg210->ep[i] elements, allocated at fotg210_udc_probe. The patch adds deallocation of fotg210->ep array elements and simplifies error path of fotg210_udc_probe(). Found by Linux Driver Verification project (linuxtesting.org). Signed-off-by: Anton Vasilyev <vasilyev(a)ispras.ru> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/usb/gadget/udc/fotg210-udc.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/drivers/usb/gadget/udc/fotg210-udc.c b/drivers/usb/gadget/udc/fotg210-udc.c index 1d315921bf34..9500e2b6cd59 100644 --- a/drivers/usb/gadget/udc/fotg210-udc.c +++ b/drivers/usb/gadget/udc/fotg210-udc.c @@ -1077,12 +1077,15 @@ static struct usb_gadget_ops fotg210_gadget_ops = { static int fotg210_udc_remove(struct platform_device *pdev) { struct fotg210_udc *fotg210 = platform_get_drvdata(pdev); + int i; usb_del_gadget_udc(&fotg210->gadget); iounmap(fotg210->reg); free_irq(platform_get_irq(pdev, 0), fotg210); fotg210_ep_free_request(&fotg210->ep[0]->ep, fotg210->ep0_req); + for (i = 0; i < FOTG210_MAX_NUM_EP; i++) + kfree(fotg210->ep[i]); kfree(fotg210); return 0; @@ -1113,7 +1116,7 @@ static int fotg210_udc_probe(struct platform_device *pdev) /* initialize udc */ fotg210 = kzalloc(sizeof(struct fotg210_udc), GFP_KERNEL); if (fotg210 == NULL) - goto err_alloc; + goto err; for (i = 0; i < FOTG210_MAX_NUM_EP; i++) { _ep[i] = kzalloc(sizeof(struct fotg210_ep), GFP_KERNEL); @@ -1125,7 +1128,7 @@ static int fotg210_udc_probe(struct platform_device *pdev) fotg210->reg = ioremap(res->start, resource_size(res)); if (fotg210->reg == NULL) { pr_err("ioremap error.\n"); - goto err_map; + goto err_alloc; } spin_lock_init(&fotg210->lock); @@ -1162,7 +1165,7 @@ static int fotg210_udc_probe(struct platform_device *pdev) fotg210->ep0_req = fotg210_ep_alloc_request(&fotg210->ep[0]->ep, GFP_KERNEL); if (fotg210->ep0_req == NULL) - goto err_req; + goto err_map; fotg210_init(fotg210); @@ -1191,12 +1194,14 @@ static int fotg210_udc_probe(struct platform_device *pdev) fotg210_ep_free_request(&fotg210->ep[0]->ep, fotg210->ep0_req); err_map: - if (fotg210->reg) - iounmap(fotg210->reg); + iounmap(fotg210->reg); err_alloc: + for (i = 0; i < FOTG210_MAX_NUM_EP; i++) + kfree(fotg210->ep[i]); kfree(fotg210); +err: return ret; } -- 2.17.1

7 years, 1 month

1
12
0 0

[PATCH AUTOSEL 4.4 01/17] usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i]

by Sasha Levin

From: Anton Vasilyev <vasilyev(a)ispras.ru> [ Upstream commit c37bd52836296ecc9a0fc8060b819089aebdbcde ] There is no deallocation of fotg210->ep[i] elements, allocated at fotg210_udc_probe. The patch adds deallocation of fotg210->ep array elements and simplifies error path of fotg210_udc_probe(). Found by Linux Driver Verification project (linuxtesting.org). Signed-off-by: Anton Vasilyev <vasilyev(a)ispras.ru> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/usb/gadget/udc/fotg210-udc.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/drivers/usb/gadget/udc/fotg210-udc.c b/drivers/usb/gadget/udc/fotg210-udc.c index 6ba122cc7490..95df2b3bb6a1 100644 --- a/drivers/usb/gadget/udc/fotg210-udc.c +++ b/drivers/usb/gadget/udc/fotg210-udc.c @@ -1066,12 +1066,15 @@ static struct usb_gadget_ops fotg210_gadget_ops = { static int fotg210_udc_remove(struct platform_device *pdev) { struct fotg210_udc *fotg210 = platform_get_drvdata(pdev); + int i; usb_del_gadget_udc(&fotg210->gadget); iounmap(fotg210->reg); free_irq(platform_get_irq(pdev, 0), fotg210); fotg210_ep_free_request(&fotg210->ep[0]->ep, fotg210->ep0_req); + for (i = 0; i < FOTG210_MAX_NUM_EP; i++) + kfree(fotg210->ep[i]); kfree(fotg210); return 0; @@ -1102,7 +1105,7 @@ static int fotg210_udc_probe(struct platform_device *pdev) /* initialize udc */ fotg210 = kzalloc(sizeof(struct fotg210_udc), GFP_KERNEL); if (fotg210 == NULL) - goto err_alloc; + goto err; for (i = 0; i < FOTG210_MAX_NUM_EP; i++) { _ep[i] = kzalloc(sizeof(struct fotg210_ep), GFP_KERNEL); @@ -1114,7 +1117,7 @@ static int fotg210_udc_probe(struct platform_device *pdev) fotg210->reg = ioremap(res->start, resource_size(res)); if (fotg210->reg == NULL) { pr_err("ioremap error.\n"); - goto err_map; + goto err_alloc; } spin_lock_init(&fotg210->lock); @@ -1162,7 +1165,7 @@ static int fotg210_udc_probe(struct platform_device *pdev) fotg210->ep0_req = fotg210_ep_alloc_request(&fotg210->ep[0]->ep, GFP_KERNEL); if (fotg210->ep0_req == NULL) - goto err_req; + goto err_map; fotg210_init(fotg210); @@ -1190,12 +1193,14 @@ static int fotg210_udc_probe(struct platform_device *pdev) fotg210_ep_free_request(&fotg210->ep[0]->ep, fotg210->ep0_req); err_map: - if (fotg210->reg) - iounmap(fotg210->reg); + iounmap(fotg210->reg); err_alloc: + for (i = 0; i < FOTG210_MAX_NUM_EP; i++) + kfree(fotg210->ep[i]); kfree(fotg210); +err: return ret; } -- 2.17.1

7 years, 1 month

1
16
0 0

[PATCH AUTOSEL 4.9 01/26] HID: add support for Apple Magic Keyboards

by Sasha Levin

From: Sean O'Brien <seobrien(a)chromium.org> [ Upstream commit ee345492437043a79db058a3d4f029ebcb52089a ] USB device Vendor 05ac (Apple) Device 026c (Magic Keyboard with Numeric Keypad) Bluetooth devices Vendor 004c (Apple) Device 0267 (Magic Keyboard) Device 026c (Magic Keyboard with Numeric Keypad) Support already exists for the Magic Keyboard over USB connection. Add support for the Magic Keyboard over Bluetooth connection, and for the Magic Keyboard with Numeric Keypad over Bluetooth and USB connection. Signed-off-by: Sean O'Brien <seobrien(a)chromium.org> Reviewed-by: Benjamin Tissoires <benjamin.tissoires(a)redhat.com> Signed-off-by: Jiri Kosina <jkosina(a)suse.cz> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/hid/hid-apple.c | 9 ++++++++- drivers/hid/hid-ids.h | 2 ++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/drivers/hid/hid-apple.c b/drivers/hid/hid-apple.c index 2e046082210f..65a0c79f212e 100644 --- a/drivers/hid/hid-apple.c +++ b/drivers/hid/hid-apple.c @@ -333,7 +333,8 @@ static int apple_input_mapping(struct hid_device *hdev, struct hid_input *hi, struct hid_field *field, struct hid_usage *usage, unsigned long **bit, int *max) { - if (usage->hid == (HID_UP_CUSTOM | 0x0003)) { + if (usage->hid == (HID_UP_CUSTOM | 0x0003) || + usage->hid == (HID_UP_MSVENDOR | 0x0003)) { /* The fn key on Apple USB keyboards */ set_bit(EV_REP, hi->input->evbit); hid_map_usage_clear(hi, usage, bit, max, EV_KEY, KEY_FN); @@ -476,6 +477,12 @@ static const struct hid_device_id apple_devices[] = { .driver_data = APPLE_NUMLOCK_EMULATION | APPLE_HAS_FN }, { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_ANSI), .driver_data = APPLE_HAS_FN }, + { HID_BLUETOOTH_DEVICE(BT_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_ANSI), + .driver_data = APPLE_HAS_FN }, + { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_NUMPAD_ANSI), + .driver_data = APPLE_HAS_FN }, + { HID_BLUETOOTH_DEVICE(BT_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_NUMPAD_ANSI), + .driver_data = APPLE_HAS_FN }, { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING_ANSI), .driver_data = APPLE_HAS_FN }, { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING_ISO), diff --git a/drivers/hid/hid-ids.h b/drivers/hid/hid-ids.h index de64cd33590a..ad5048e6b0d3 100644 --- a/drivers/hid/hid-ids.h +++ b/drivers/hid/hid-ids.h @@ -83,6 +83,7 @@ #define USB_DEVICE_ID_ANTON_TOUCH_PAD 0x3101 #define USB_VENDOR_ID_APPLE 0x05ac +#define BT_VENDOR_ID_APPLE 0x004c #define USB_DEVICE_ID_APPLE_MIGHTYMOUSE 0x0304 #define USB_DEVICE_ID_APPLE_MAGICMOUSE 0x030d #define USB_DEVICE_ID_APPLE_MAGICTRACKPAD 0x030e @@ -152,6 +153,7 @@ #define USB_DEVICE_ID_APPLE_ALU_WIRELESS_2011_ISO 0x0256 #define USB_DEVICE_ID_APPLE_ALU_WIRELESS_2011_JIS 0x0257 #define USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_ANSI 0x0267 +#define USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_NUMPAD_ANSI 0x026c #define USB_DEVICE_ID_APPLE_WELLSPRING8_ANSI 0x0290 #define USB_DEVICE_ID_APPLE_WELLSPRING8_ISO 0x0291 #define USB_DEVICE_ID_APPLE_WELLSPRING8_JIS 0x0292 -- 2.17.1

7 years, 1 month

1
25
0 0

[PATCH AUTOSEL 4.14 01/37] netfilter: xt_cluster: add dependency on conntrack module

by Sasha Levin

From: Martin Willi <martin(a)strongswan.org> [ Upstream commit c1dc2912059901f97345d9e10c96b841215fdc0f ] The cluster match requires conntrack for matching packets. If the netns does not have conntrack hooks registered, the match does not work at all. Implicitly load the conntrack hook for the family, exactly as many other extensions do. This ensures that the match works even if the hooks have not been registered by other means. Signed-off-by: Martin Willi <martin(a)strongswan.org> Acked-by: Florian Westphal <fw(a)strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- net/netfilter/xt_cluster.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/net/netfilter/xt_cluster.c b/net/netfilter/xt_cluster.c index 57ef175dfbfa..504d5f730f4e 100644 --- a/net/netfilter/xt_cluster.c +++ b/net/netfilter/xt_cluster.c @@ -133,6 +133,7 @@ xt_cluster_mt(const struct sk_buff *skb, struct xt_action_param *par) static int xt_cluster_mt_checkentry(const struct xt_mtchk_param *par) { struct xt_cluster_match_info *info = par->matchinfo; + int ret; if (info->total_nodes > XT_CLUSTER_NODES_MAX) { pr_info("you have exceeded the maximum " @@ -145,7 +146,17 @@ static int xt_cluster_mt_checkentry(const struct xt_mtchk_param *par) "higher than the total number of nodes\n"); return -EDOM; } - return 0; + + ret = nf_ct_netns_get(par->net, par->family); + if (ret < 0) + pr_info_ratelimited("cannot load conntrack support for proto=%u\n", + par->family); + return ret; +} + +static void xt_cluster_mt_destroy(const struct xt_mtdtor_param *par) +{ + nf_ct_netns_put(par->net, par->family); } static struct xt_match xt_cluster_match __read_mostly = { @@ -154,6 +165,7 @@ static struct xt_match xt_cluster_match __read_mostly = { .match = xt_cluster_mt, .checkentry = xt_cluster_mt_checkentry, .matchsize = sizeof(struct xt_cluster_match_info), + .destroy = xt_cluster_mt_destroy, .me = THIS_MODULE, }; -- 2.17.1

7 years, 1 month

1
36
0 0

Re: Patch "slub: make ->cpu_partial unsigned int" has been added to the 3.18-stable tree

by Alexey Dobriyan

On Sun, Sep 30, 2018 at 05:45:31AM -0700, gregkh(a)linuxfoundation.org wrote: > > This is a note to let you know that I've just added the patch titled > > slub: make ->cpu_partial unsigned int > From e5d9998f3e09359b372a037a6ac55ba235d95d57 Mon Sep 17 00:00:00 2001 > From: Alexey Dobriyan <adobriyan(a)gmail.com> > Date: Thu, 5 Apr 2018 16:21:10 -0700 > Subject: slub: make ->cpu_partial unsigned int This doesn't fix any bug that I know of, should not be in -stable.

7 years, 1 month

1
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror