- Linux-stable-mirror - lists.linaro.org

[PATCH AUTOSEL 3.18 1/4] media: af9035: prevent buffer overflow on write

by Sasha Levin

From: Jozef Balga <jozef.balga(a)gmail.com> [ Upstream commit 312f73b648626a0526a3aceebb0a3192aaba05ce ] When less than 3 bytes are written to the device, memcpy is called with negative array size which leads to buffer overflow and kernel panic. This patch adds a condition and returns -EOPNOTSUPP instead. Fixes bugzilla issue 64871 [mchehab+samsung(a)kernel.org: fix a merge conflict and changed the condition to match the patch's comment, e. g. len == 3 could also be valid] Signed-off-by: Jozef Balga <jozef.balga(a)gmail.com> Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/media/usb/dvb-usb-v2/af9035.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/media/usb/dvb-usb-v2/af9035.c b/drivers/media/usb/dvb-usb-v2/af9035.c index 1896ab218b11..efc1545bf29e 100644 --- a/drivers/media/usb/dvb-usb-v2/af9035.c +++ b/drivers/media/usb/dvb-usb-v2/af9035.c @@ -389,8 +389,10 @@ static int af9035_i2c_master_xfer(struct i2c_adapter *adap, msg[0].addr == (state->af9033_i2c_addr[1] >> 1)) reg |= 0x100000; - ret = af9035_wr_regs(d, reg, &msg[0].buf[3], - msg[0].len - 3); + ret = (msg[0].len >= 3) ? af9035_wr_regs(d, reg, + &msg[0].buf[3], + msg[0].len - 3) + : -EOPNOTSUPP; } else { /* I2C write */ u8 buf[MAX_XFER_SIZE]; -- 2.17.1

7 years, 1 month

1
3
0 0

[PATCH AUTOSEL 4.4 1/9] media: af9035: prevent buffer overflow on write

by Sasha Levin

From: Jozef Balga <jozef.balga(a)gmail.com> [ Upstream commit 312f73b648626a0526a3aceebb0a3192aaba05ce ] When less than 3 bytes are written to the device, memcpy is called with negative array size which leads to buffer overflow and kernel panic. This patch adds a condition and returns -EOPNOTSUPP instead. Fixes bugzilla issue 64871 [mchehab+samsung(a)kernel.org: fix a merge conflict and changed the condition to match the patch's comment, e. g. len == 3 could also be valid] Signed-off-by: Jozef Balga <jozef.balga(a)gmail.com> Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/media/usb/dvb-usb-v2/af9035.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/media/usb/dvb-usb-v2/af9035.c b/drivers/media/usb/dvb-usb-v2/af9035.c index 6e02a15d39ce..abddb621d9e6 100644 --- a/drivers/media/usb/dvb-usb-v2/af9035.c +++ b/drivers/media/usb/dvb-usb-v2/af9035.c @@ -389,8 +389,10 @@ static int af9035_i2c_master_xfer(struct i2c_adapter *adap, msg[0].addr == (state->af9033_i2c_addr[1] >> 1)) reg |= 0x100000; - ret = af9035_wr_regs(d, reg, &msg[0].buf[3], - msg[0].len - 3); + ret = (msg[0].len >= 3) ? af9035_wr_regs(d, reg, + &msg[0].buf[3], + msg[0].len - 3) + : -EOPNOTSUPP; } else { /* I2C write */ u8 buf[MAX_XFER_SIZE]; -- 2.17.1

7 years, 1 month

1
8
0 0

[PATCH AUTOSEL 4.9 01/23] media: af9035: prevent buffer overflow on write

by Sasha Levin

From: Jozef Balga <jozef.balga(a)gmail.com> [ Upstream commit 312f73b648626a0526a3aceebb0a3192aaba05ce ] When less than 3 bytes are written to the device, memcpy is called with negative array size which leads to buffer overflow and kernel panic. This patch adds a condition and returns -EOPNOTSUPP instead. Fixes bugzilla issue 64871 [mchehab+samsung(a)kernel.org: fix a merge conflict and changed the condition to match the patch's comment, e. g. len == 3 could also be valid] Signed-off-by: Jozef Balga <jozef.balga(a)gmail.com> Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/media/usb/dvb-usb-v2/af9035.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/media/usb/dvb-usb-v2/af9035.c b/drivers/media/usb/dvb-usb-v2/af9035.c index 8961dd732522..64be30d53847 100644 --- a/drivers/media/usb/dvb-usb-v2/af9035.c +++ b/drivers/media/usb/dvb-usb-v2/af9035.c @@ -406,8 +406,10 @@ static int af9035_i2c_master_xfer(struct i2c_adapter *adap, msg[0].addr == (state->af9033_i2c_addr[1] >> 1)) reg |= 0x100000; - ret = af9035_wr_regs(d, reg, &msg[0].buf[3], - msg[0].len - 3); + ret = (msg[0].len >= 3) ? af9035_wr_regs(d, reg, + &msg[0].buf[3], + msg[0].len - 3) + : -EOPNOTSUPP; } else { /* I2C write */ u8 buf[MAX_XFER_SIZE]; -- 2.17.1

7 years, 1 month

1
22
0 0

[PATCH AUTOSEL 4.14 01/32] media: af9035: prevent buffer overflow on write

by Sasha Levin

From: Jozef Balga <jozef.balga(a)gmail.com> [ Upstream commit 312f73b648626a0526a3aceebb0a3192aaba05ce ] When less than 3 bytes are written to the device, memcpy is called with negative array size which leads to buffer overflow and kernel panic. This patch adds a condition and returns -EOPNOTSUPP instead. Fixes bugzilla issue 64871 [mchehab+samsung(a)kernel.org: fix a merge conflict and changed the condition to match the patch's comment, e. g. len == 3 could also be valid] Signed-off-by: Jozef Balga <jozef.balga(a)gmail.com> Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/media/usb/dvb-usb-v2/af9035.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/media/usb/dvb-usb-v2/af9035.c b/drivers/media/usb/dvb-usb-v2/af9035.c index 666d319d3d1a..1f6c1eefe389 100644 --- a/drivers/media/usb/dvb-usb-v2/af9035.c +++ b/drivers/media/usb/dvb-usb-v2/af9035.c @@ -402,8 +402,10 @@ static int af9035_i2c_master_xfer(struct i2c_adapter *adap, if (msg[0].addr == state->af9033_i2c_addr[1]) reg |= 0x100000; - ret = af9035_wr_regs(d, reg, &msg[0].buf[3], - msg[0].len - 3); + ret = (msg[0].len >= 3) ? af9035_wr_regs(d, reg, + &msg[0].buf[3], + msg[0].len - 3) + : -EOPNOTSUPP; } else { /* I2C write */ u8 buf[MAX_XFER_SIZE]; -- 2.17.1

7 years, 1 month

1
31
0 0

[GIT PULL] commits for Linux 3.18

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 3.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 921b2fed6a79439ef1609ef4af0ada5cccb3555c: Linux 3.18.123 (2018-09-26 08:33:59 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-3.18-08102018 for you to fetch changes up to 9ea48c2937d91b2c0d6ce1a7c047798298de6701: xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (2018-09-28 10:16:27 -0400) - ---------------------------------------------------------------- for-greg-3.18-08102018 - ---------------------------------------------------------------- Anton Vasilyev (1): usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] Ben Hutchings (1): USB: yurex: Check for truncation in yurex_read() Dan Carpenter (1): cifs: read overflow in is_valid_oplock_break() Jann Horn (1): RDMA/ucma: check fd type in ucma_migrate_id() Joe Thornber (1): dm thin metadata: try to avoid ever aborting transactions Josh Abraham (1): xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage Julian Wiedmann (1): s390/qeth: don't dump past end of unknown HW header Kai-Heng Feng (1): r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED Randy Dunlap (2): arch/hexagon: fix kernel/dma.c build warning hexagon: modify ffs() and fls() to return int Stephen Boyd (1): pinctrl: msm: Really mask level interrupts to prevent latching Stephen Rothwell (1): fs/cifs: suppress a string overflow warning Vitaly Kuznetsov (1): xen/manage: don't complain about an empty value in control/sysrq node arch/hexagon/include/asm/bitops.h | 4 +- arch/hexagon/kernel/dma.c | 2 +- drivers/infiniband/core/ucma.c | 6 +++ drivers/md/dm-thin-metadata.c | 36 +++++++++++++++++- drivers/md/dm-thin.c | 73 ++++++++++++++++++++++++++++++++---- drivers/net/ethernet/realtek/r8169.c | 9 +++-- drivers/pinctrl/qcom/pinctrl-msm.c | 24 ++++++++++++ drivers/s390/net/qeth_l2_main.c | 2 +- drivers/s390/net/qeth_l3_main.c | 2 +- drivers/usb/gadget/udc/fotg210-udc.c | 15 +++++--- drivers/usb/misc/yurex.c | 3 ++ drivers/xen/events/events_base.c | 2 +- drivers/xen/manage.c | 6 ++- fs/cifs/cifssmb.c | 11 ++++-- fs/cifs/misc.c | 8 ++++ 15 files changed, 175 insertions(+), 28 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlu7caEACgkQ3qZv95d3 LNwjIRAAg+Kz3Igp9uJpAc9uUri/IxF3qwXL00FZT92BJTi0FqUEyJIQqtCbu7mo hyTNwNjw0PBQfrXcnDGWHTFcl5vICdd4KiFm5NRZB3UNdhYy+ATaBPWFA56Y7dSK oFd/IBWt9XQT/OWLJslul1PXR+JsulaRhFHYJPWJ0K9oys8jbTyTVBSvos1Wshzk wMJ9X3tTtQ/NfoXega1xdxgHIIwV9L4gR2jfTSMz0t5DnypGddUDlAR8/800yJGH J23tXprXRI7AZ5sf9qM2ybhL6MGvgU/86nd4DsA3Igkspi9jQDjXiV9FMGFx+PiB BjQraiLfXVI0bPsswsWBYKWwuZwheTf0WxlofAjO/Ct5aAZ14zlwg/HVOvFOpU5O PpxLGrJ2e28lsinhVSd8aLbJu1Jc4GpkAwp+0OHuolWqZlUTrbLrfKHho+SMANNs Y6smRnSYpgzhYI1l/9W8xoFMyP7CNRqihPGAZY2PKbPRPy4CXgQcGMC0OM8hLA+e Mf/g+GglCwqUZw3l6V8wZY83+X6gB/qhoSryrPgi2n2u9onA/aXtUOWynjmzXOKY oU0lW2CW5yThgo73pBTKLDW8bc5Vy9QuMFmnuXoaUsMIXJ3FjR799pFsyRaZMd/1 AuRnQ16Uw2N+W9xZLRTE3F8l9eapA47N+DTbOKVgJRFmhNjv7xM= =dYwu -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[GIT PULL] commits for Linux 4.4

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.4 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 9c6cd3f3a4b8194e82fa927bc00028c7a505e3b3: Linux 4.4.159 (2018-09-29 03:08:55 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.4-08102018 for you to fetch changes up to 78c9795a56513a101b1620f0e34d89c114a7a59a: xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (2018-09-29 13:03:41 -0400) - ---------------------------------------------------------------- for-greg-4.4-08102018 - ---------------------------------------------------------------- Anton Vasilyev (1): usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] Ben Hutchings (1): USB: yurex: Check for truncation in yurex_read() Ben Skeggs (1): drm/nouveau/TBDdevinit: don't fail when PMU/PRE_OS is missing from VBIOS Dan Carpenter (1): cifs: read overflow in is_valid_oplock_break() Jann Horn (1): RDMA/ucma: check fd type in ucma_migrate_id() Joe Thornber (1): dm thin metadata: try to avoid ever aborting transactions Josh Abraham (1): xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage Julian Wiedmann (1): s390/qeth: don't dump past end of unknown HW header Kai-Heng Feng (1): r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED Miguel Ojeda (1): arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto" Olaf Hering (1): xen: avoid crash in disable_hotplug_cpu Randy Dunlap (2): arch/hexagon: fix kernel/dma.c build warning hexagon: modify ffs() and fls() to return int Sandipan Das (1): perf probe powerpc: Ignore SyS symbols irrespective of endianness Stephen Boyd (1): pinctrl: msm: Really mask level interrupts to prevent latching Stephen Rothwell (1): fs/cifs: suppress a string overflow warning Vitaly Kuznetsov (1): xen/manage: don't complain about an empty value in control/sysrq node arch/arm64/include/asm/jump_label.h | 4 +- arch/hexagon/include/asm/bitops.h | 4 +- arch/hexagon/kernel/dma.c | 2 +- .../gpu/drm/nouveau/nvkm/subdev/devinit/gm204.c | 3 +- drivers/infiniband/core/ucma.c | 6 ++ drivers/md/dm-thin-metadata.c | 36 ++++++++++- drivers/md/dm-thin.c | 73 +++++++++++++++++++--- drivers/net/ethernet/realtek/r8169.c | 9 ++- drivers/pinctrl/qcom/pinctrl-msm.c | 24 +++++++ drivers/s390/net/qeth_l2_main.c | 2 +- drivers/s390/net/qeth_l3_main.c | 2 +- drivers/usb/gadget/udc/fotg210-udc.c | 15 +++-- drivers/usb/misc/yurex.c | 3 + drivers/xen/cpu_hotplug.c | 15 ++--- drivers/xen/events/events_base.c | 2 +- drivers/xen/manage.c | 6 +- fs/cifs/cifssmb.c | 11 +++- fs/cifs/misc.c | 8 +++ tools/perf/arch/powerpc/util/sym-handling.c | 4 +- 19 files changed, 190 insertions(+), 39 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlu7cZoACgkQ3qZv95d3 LNwdwQ//dsOKScH3qjTVEsX+fIwRTTnw9qTnQeCobQm2C2ibPnoVKST+oqaXoffQ 7QwdtrIXxNc/i4Ga4JuqV4AZUSuyrgsppueoHwoF+8v5Pa5hiwexlbSBJ0CmtTg9 mma8c6QGjyObaxtytWohX0AZ/1awLrmh2RYYngGTeMyTyfylRDwZoj9DA1lzT1Vv M9Qm+aDV7IApjiQW0Jb7UHZVGV8pyps0NRm0MUiwzNeoTTTOBW+s3uY1yu7pytpt +Gw1s39pmaAwmPfrxsjyzZMbFVogK9KFa/0nSVN56oo+qamq3IzvFYFIj78GJv1P hPhCH1T1OVprZPt3FAdYPnpuWvb/4maogGyrEu1LME09erC9NpLs9ovTiORTmc5h ucUJmgtHF7EXb53R//m8jLcWKWnlIRPezKxIGv/vUx5N86LOWixX/yFtZU3QanMj yKbQBz/eBYhe0Mj8G+roI3kIN0naplH5FuluissaMWRzdBXTDUMe+YKmEEYWVIHs V2KX2aiYbaAojv4/JLaKnPV0HMIG6+DUJq/h8yFDxMn8kUeiKyW7JVpNWrNgz38p oIYK5qf/JO9RqKbQK1qLOi8HkFNTq9VOFoEBz9SnEHwiJq39wLs3W3wZIAGcLnhd sfy1yJM5ihbGX51oSAbc4O/5bxzmnPzycq8AA84JnYfN65zYBjw= =+003 -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[GIT PULL] commits for Linux 4.9

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.9 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit cdd48f386d7e6671e7cc21e517ae258b298ec877: Linux 4.9.131 (2018-10-03 17:01:55 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.9-08102018 for you to fetch changes up to 3c29b011970e1edb3d203e2e2517daad893c8ed4: xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (2018-10-03 22:23:44 -0400) - ---------------------------------------------------------------- for-greg-4.9-08102018 - ---------------------------------------------------------------- Anton Vasilyev (1): usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] Ben Hutchings (1): USB: yurex: Check for truncation in yurex_read() Ben Skeggs (1): drm/nouveau/TBDdevinit: don't fail when PMU/PRE_OS is missing from VBIOS Dan Carpenter (1): cifs: read overflow in is_valid_oplock_break() Daniel Jurgens (1): net/mlx5: Consider PCI domain in search for next dev Harry Mallon (1): HID: hid-saitek: Add device ID for RAT 7 Contagion Heinz Mauelshagen (1): dm raid: fix rebuild of specific devices by updating superblock Hisao Tanabe (1): perf evsel: Fix potential null pointer dereference in perf_evsel__new_idx() Jacek Tomaka (1): perf/x86/intel: Add support/quirk for the MISPREDICT bit on Knights Landing CPUs Jann Horn (1): RDMA/ucma: check fd type in ucma_migrate_id() Joe Thornber (1): dm thin metadata: try to avoid ever aborting transactions Josh Abraham (1): xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage Julian Wiedmann (1): s390/qeth: don't dump past end of unknown HW header Kai-Heng Feng (1): r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED Miguel Ojeda (1): arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto" Netanel Belgazal (1): net: ena: fix driver when PAGE_SIZE == 64kB Olaf Hering (1): xen: avoid crash in disable_hotplug_cpu Randy Dunlap (2): arch/hexagon: fix kernel/dma.c build warning hexagon: modify ffs() and fls() to return int Sagi Grimberg (1): nvmet-rdma: fix possible bogus dereference under heavy load Sandipan Das (1): perf probe powerpc: Ignore SyS symbols irrespective of endianness Sean O'Brien (1): HID: add support for Apple Magic Keyboards Stephen Boyd (1): pinctrl: msm: Really mask level interrupts to prevent latching Stephen Rothwell (1): fs/cifs: suppress a string overflow warning Vitaly Kuznetsov (1): xen/manage: don't complain about an empty value in control/sysrq node Wenjia Zhang (1): s390/qeth: use vzalloc for QUERY OAT buffer arch/arm64/include/asm/jump_label.h | 4 +- arch/hexagon/include/asm/bitops.h | 4 +- arch/hexagon/kernel/dma.c | 2 +- arch/x86/events/intel/lbr.c | 4 ++ .../gpu/drm/nouveau/nvkm/subdev/devinit/gm200.c | 3 +- drivers/hid/hid-apple.c | 9 ++- drivers/hid/hid-ids.h | 3 + drivers/hid/hid-saitek.c | 2 + drivers/infiniband/core/ucma.c | 6 ++ drivers/md/dm-raid.c | 5 ++ drivers/md/dm-thin-metadata.c | 36 ++++++++++- drivers/md/dm-thin.c | 73 +++++++++++++++++++--- drivers/net/ethernet/amazon/ena/ena_netdev.c | 10 +-- drivers/net/ethernet/amazon/ena/ena_netdev.h | 11 ++++ drivers/net/ethernet/mellanox/mlx5/core/dev.c | 7 ++- drivers/net/ethernet/realtek/r8169.c | 9 ++- drivers/nvme/target/rdma.c | 27 +++++++- drivers/pinctrl/qcom/pinctrl-msm.c | 24 +++++++ drivers/s390/net/qeth_core_main.c | 5 +- drivers/s390/net/qeth_l2_main.c | 2 +- drivers/s390/net/qeth_l3_main.c | 2 +- drivers/usb/gadget/udc/fotg210-udc.c | 15 +++-- drivers/usb/misc/yurex.c | 3 + drivers/xen/cpu_hotplug.c | 15 ++--- drivers/xen/events/events_base.c | 2 +- drivers/xen/manage.c | 6 +- fs/cifs/cifssmb.c | 11 +++- fs/cifs/misc.c | 8 +++ tools/perf/arch/powerpc/util/sym-handling.c | 4 +- tools/perf/util/evsel.c | 5 +- 30 files changed, 263 insertions(+), 54 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlu7cZMACgkQ3qZv95d3 LNyMbQ//fC/jcjVOdeQmwRDBUo13zt25Eb/MeXdLdAS2NleK44wY+/e804oq3CBV qACG1CIWtP0tV0V295NrblM6xWxroPnGU8X3GdXgfT97MIByGkGEv3kU+4Nsc4c6 Gv/QlBRHcZM5QFLAk6J6nOwzEk5BKNh/XyJuaniz9DNnQGTfDMLFpN4xpFJHIZlU 5NFlcTeycPnU8ljPFxfupGQ78XVQp1QCJKT3Zrc9iPnMUDlxMdW3ERHIi3uYkyva RXrYIZJ8KYSq2RqLT8nMMiNybKy3F+20/UdfTIl7uk71AkLUB75JjWFMu9MkOWCm k0KRJ89whIN9pH5imEt7pcqFKwkyjyVT0Zk+SJQJ4Xi6+Yc0Q8p2uBteopcerwJ9 tShMyUcOSgmEctg4ujchfUalOXB2CWewV+CKyblhiiURqSTBjPZFxKtwwQF8SF/r 28MlCx8gHL9zjNpGL6z0TEp9CSPlrCjggdKca07aYZj/XJz9rV0zXh7DHNa1gUTt s7mYPZDK9RryNHVaJMss/W5eIfdy2JE1vpsQlyFgVxWxkFKmWT4iZgZwO+NqTtjd 1x1nVtw1KRnGQP748d3iBtUApsH9jS1PDer9ZJXyjVEy2jfiK6exHRcC7HGkCtz4 UTLoqw65N+bTUfGvAnlOJ8EqD9hjqLFZyTKNQ1uiK19/UDzhdp0= =nX+I -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[GIT PULL] commits for Linux 4.14

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.14 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit e6abbe80c8838e9c0bdb51835e6218008fa49386: Linux 4.14.74 (2018-10-03 17:01:00 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.14-08102018 for you to fetch changes up to 3ab4f07c10e5c704c2c46d772debf0b2fb7c3467: xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (2018-10-03 22:23:37 -0400) - ---------------------------------------------------------------- for-greg-4.14-08102018 - ---------------------------------------------------------------- Anton Vasilyev (1): usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] Ben Hutchings (1): USB: yurex: Check for truncation in yurex_read() Ben Skeggs (2): drm/nouveau/TBDdevinit: don't fail when PMU/PRE_OS is missing from VBIOS drm/nouveau/disp: fix DP disable race Chris Phlipot (1): perf util: Fix bad memory access in trace info. Christian König (1): drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk Dan Carpenter (1): cifs: read overflow in is_valid_oplock_break() Daniel Jurgens (1): net/mlx5: Consider PCI domain in search for next dev Hans de Goede (1): HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report Harry Mallon (1): HID: hid-saitek: Add device ID for RAT 7 Contagion Heinz Mauelshagen (1): dm raid: fix rebuild of specific devices by updating superblock Hisao Tanabe (1): perf evsel: Fix potential null pointer dereference in perf_evsel__new_idx() Jacek Tomaka (1): perf/x86/intel: Add support/quirk for the MISPREDICT bit on Knights Landing CPUs Jann Horn (1): RDMA/ucma: check fd type in ucma_migrate_id() Joe Thornber (1): dm thin metadata: try to avoid ever aborting transactions Josh Abraham (1): xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage Julian Wiedmann (1): s390/qeth: don't dump past end of unknown HW header Kai-Heng Feng (1): r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED Martin Willi (1): netfilter: xt_cluster: add dependency on conntrack module Matt Ranostay (1): Revert "iio: temperature: maxim_thermocouple: add MAX31856 part" Miguel Ojeda (1): arm64: jump_label.h: use asm_volatile_goto macro instead of "asm goto" Netanel Belgazal (2): net: ena: fix driver when PAGE_SIZE == 64kB net: ena: fix missing calls to READ_ONCE Nilesh Javali (1): scsi: qedi: Add the CRC size within iSCSI NVM image Olaf Hering (1): xen: avoid crash in disable_hotplug_cpu Pablo Neira Ayuso (1): netfilter: conntrack: timeout interface depend on CONFIG_NF_CONNTRACK_TIMEOUT Randy Dunlap (2): arch/hexagon: fix kernel/dma.c build warning hexagon: modify ffs() and fls() to return int Sagi Grimberg (1): nvmet-rdma: fix possible bogus dereference under heavy load Sandipan Das (1): perf probe powerpc: Ignore SyS symbols irrespective of endianness Sean O'Brien (1): HID: add support for Apple Magic Keyboards Stephen Boyd (1): pinctrl: msm: Really mask level interrupts to prevent latching Stephen Rothwell (1): fs/cifs: suppress a string overflow warning Taehee Yoo (1): netfilter: nf_tables: release chain in flushing set Vincent Pelletier (1): scsi: iscsi: target: Set conn->sess to NULL when iscsi_login_set_conn_values fails Vitaly Kuznetsov (1): xen/manage: don't complain about an empty value in control/sysrq node Wenjia Zhang (1): s390/qeth: use vzalloc for QUERY OAT buffer arch/arm64/include/asm/jump_label.h | 4 +- arch/hexagon/include/asm/bitops.h | 4 +- arch/hexagon/kernel/dma.c | 2 +- arch/x86/events/intel/lbr.c | 4 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 23 ++++--- drivers/gpu/drm/nouveau/nvkm/engine/disp/dp.c | 17 +++-- drivers/gpu/drm/nouveau/nvkm/engine/disp/nv50.c | 6 +- drivers/gpu/drm/nouveau/nvkm/engine/disp/outp.c | 2 + drivers/gpu/drm/nouveau/nvkm/engine/disp/outp.h | 3 +- .../gpu/drm/nouveau/nvkm/subdev/devinit/gm200.c | 3 +- drivers/hid/hid-apple.c | 9 ++- drivers/hid/hid-ids.h | 3 + drivers/hid/hid-saitek.c | 2 + drivers/hid/hid-sensor-hub.c | 23 +++++++ drivers/iio/temperature/maxim_thermocouple.c | 1 - drivers/infiniband/core/ucma.c | 6 ++ drivers/md/dm-raid.c | 5 ++ drivers/md/dm-thin-metadata.c | 36 ++++++++++- drivers/md/dm-thin.c | 73 +++++++++++++++++++--- drivers/net/ethernet/amazon/ena/ena_com.c | 8 +-- drivers/net/ethernet/amazon/ena/ena_netdev.c | 10 +-- drivers/net/ethernet/amazon/ena/ena_netdev.h | 11 ++++ drivers/net/ethernet/mellanox/mlx5/core/dev.c | 7 ++- drivers/net/ethernet/realtek/r8169.c | 9 ++- drivers/nvme/target/rdma.c | 27 +++++++- drivers/pinctrl/qcom/pinctrl-msm.c | 24 +++++++ drivers/s390/net/qeth_core_main.c | 5 +- drivers/s390/net/qeth_l2_main.c | 2 +- drivers/s390/net/qeth_l3_main.c | 2 +- drivers/scsi/qedi/qedi.h | 7 ++- drivers/scsi/qedi/qedi_main.c | 28 +++++---- drivers/target/iscsi/iscsi_target_login.c | 8 +-- drivers/usb/gadget/udc/fotg210-udc.c | 15 +++-- drivers/usb/misc/yurex.c | 3 + drivers/xen/cpu_hotplug.c | 15 ++--- drivers/xen/events/events_base.c | 2 +- drivers/xen/manage.c | 6 +- fs/cifs/cifssmb.c | 11 +++- fs/cifs/misc.c | 8 +++ net/ipv4/netfilter/nf_conntrack_proto_icmp.c | 8 +-- net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c | 8 +-- net/netfilter/nf_conntrack_proto_dccp.c | 12 ++-- net/netfilter/nf_conntrack_proto_generic.c | 8 +-- net/netfilter/nf_conntrack_proto_gre.c | 8 +-- net/netfilter/nf_conntrack_proto_sctp.c | 14 ++--- net/netfilter/nf_conntrack_proto_tcp.c | 12 ++-- net/netfilter/nf_conntrack_proto_udp.c | 20 +++--- net/netfilter/nf_tables_api.c | 1 + net/netfilter/xt_cluster.c | 14 ++++- tools/perf/arch/powerpc/util/sym-handling.c | 4 +- tools/perf/util/evsel.c | 5 +- tools/perf/util/trace-event-info.c | 2 +- 52 files changed, 408 insertions(+), 142 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAlu7cYwACgkQ3qZv95d3 LNwxIg//XuOMBAUlGyM9sgqUgbHSoTCeq+NssR49ijpiK/Qa068KIBCcBFUHd9SX fBdxDbF80d56CVC34EbdltN7OjafPlVPbOnA2MAUel64pvrNNkBEEecXKXk7rOrq xnSX4wbQX/vJcdbPf1RgE4RQuSCLhRVpbCSL74W+MP9FZv9gHlF9Cfle6tVnWR6j nSVYw8Uyh4Hh3vAncf8tdBwrm2+eg7QEAalssD2mGiNdVnxWcuw30y8eUDyPI8p9 iBYhmLMrXKdrcupBHRMYv7bA/BA3fW9fBb2iOQYiuWCRe82dyFrcp6Zqu0MlzGQn TzgxnROGvujDMkRyMTcwPEISrirDWnMwUyyk4cCKl+K/sxsT+PTW/yMkLgluldLv KHmyeYNGyTXxOozTUSUmF3VcXanxM++xUGVsEP/zGn5UjO919iVjF71mqgZPUXpC bUfdcI0bdmpDnbayVQDoztidg+Ru9aRKA1DmMdBX2B/MSE6/xAZ8my3FPUJ+/Nkq YH8SypNLG4v45KGwLaVO4mPZqhMW6bFc8l/edrtNoaPuDtSwd/2YREvIY0W039Ux 6PkWPwrIa+L4eW8MjpCCmRstgma3CrMFfOwHNmvtvsvCgtxMMnSvrdqqm3PtE3Pv FylEUBHdkuU0XUJAV2kd5XwiczsokrN7G1WENuvylWYwJ+39io0= =jkO/ -----END PGP SIGNATURE-----

7 years, 1 month

1
0
0 0

[PATCH] kernel/bounds: Provide prototype for foo

by Kieran Bingham

kernel/bounds.c is recompiled on every build, and shows the following warning when compiling with W=1: CC kernel/bounds.s linux/kernel/bounds.c:16:6: warning: no previous prototype for ‘foo’ [-Wmissing-prototypes] void foo(void) ^~~ Provide a prototype to satisfy the compiler. Signed-off-by: Kieran Bingham <kieran.bingham+renesas(a)ideasonboard.com> Cc: stable(a)vger.kernel.org --- I compile all of my incremental builds with W=1, which allows me to know instantly if I add a new compiler warning in code I generate. This warning always comes up and seems trivial to clean up. --- kernel/bounds.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel/bounds.c b/kernel/bounds.c index c373e887c066..60136d937800 100644 --- a/kernel/bounds.c +++ b/kernel/bounds.c @@ -13,6 +13,8 @@ #include <linux/log2.h> #include <linux/spinlock_types.h> +void foo(void); + void foo(void) { /* The enum constants to put into include/generated/bounds.h */ -- 2.17.1

7 years, 1 month

7
16
0 0

[PATCH v2] filesystem-dax: Fix dax_layout_busy_page() livelock

by Dan Williams

In the presence of multi-order entries the typical pagevec_lookup_entries() pattern may loop forever: while (index < end && pagevec_lookup_entries(&pvec, mapping, index, min(end - index, (pgoff_t)PAGEVEC_SIZE), indices)) { ... for (i = 0; i < pagevec_count(&pvec); i++) { index = indices[i]; ... } index++; /* BUG */ } The loop updates 'index' for each index found and then increments to the next possible page to continue the lookup. However, if the last entry in the pagevec is multi-order then the next possible page index is more than 1 page away. Fix this locally for the filesystem-dax case by checking for dax-multi-order entries. Going forward new users of multi-order entries need to be similarly careful, or we need a generic way to report the page increment in the radix iterator. Fixes: 5fac7408d828 ("mm, fs, dax: handle layout changes to pinned dax...") Cc: <stable(a)vger.kernel.org> Cc: Jan Kara <jack(a)suse.cz> Cc: Ross Zwisler <zwisler(a)kernel.org> Cc: Matthew Wilcox <willy(a)infradead.org> Signed-off-by: Dan Williams <dan.j.williams(a)intel.com> --- Changes in v2: * Only update nr_pages if the last entry in the pagevec is multi-order. fs/dax.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/fs/dax.c b/fs/dax.c index 4becbf168b7f..0fb270f0a0ef 100644 --- a/fs/dax.c +++ b/fs/dax.c @@ -666,6 +666,8 @@ struct page *dax_layout_busy_page(struct address_space *mapping) while (index < end && pagevec_lookup_entries(&pvec, mapping, index, min(end - index, (pgoff_t)PAGEVEC_SIZE), indices)) { + pgoff_t nr_pages = 1; + for (i = 0; i < pagevec_count(&pvec); i++) { struct page *pvec_ent = pvec.pages[i]; void *entry; @@ -680,8 +682,15 @@ struct page *dax_layout_busy_page(struct address_space *mapping) xa_lock_irq(&mapping->i_pages); entry = get_unlocked_mapping_entry(mapping, index, NULL); - if (entry) + if (entry) { page = dax_busy_page(entry); + /* + * Account for multi-order entries at + * the end of the pagevec. + */ + if (i + 1 >= pagevec_count(&pvec)) + nr_pages = 1UL << dax_radix_order(entry); + } put_unlocked_mapping_entry(mapping, index, entry); xa_unlock_irq(&mapping->i_pages); if (page) @@ -696,7 +705,7 @@ struct page *dax_layout_busy_page(struct address_space *mapping) */ pagevec_remove_exceptionals(&pvec); pagevec_release(&pvec); - index++; + index += nr_pages; if (page) break;

7 years, 1 month

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror