- Linux-stable-mirror - lists.linaro.org

[PATCH v2 2/8] mtd: maps: gpio-addr-flash: Fix ioremapped size

by Ricardo Ribalda Delgado

We should only iomap the area of the chip that is memory mapped. Otherwise we could be mapping devices beyond the memory space or that belong to other devices. Signed-off-by: Ricardo Ribalda Delgado <ricardo.ribalda(a)gmail.com> Fixes: ebd71e3a4861 ("mtd: maps: gpio-addr-flash: fix warnings and make more portable") Cc: <stable(a)vger.kernel.org> --- Changelog v2: >From Boris Brezillon: -Add Fixes and cc:stable 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/mtd/maps/gpio-addr-flash.c b/drivers/mtd/maps/gpio-addr-flash.c index 17be47f72973..6de16e81994c 100644 --- a/drivers/mtd/maps/gpio-addr-flash.c +++ b/drivers/mtd/maps/gpio-addr-flash.c @@ -234,7 +234,7 @@ static int gpio_flash_probe(struct platform_device *pdev) state->map.copy_to = gf_copy_to; state->map.bankwidth = pdata->width; state->map.size = state->win_size * (1 << state->gpio_count); - state->map.virt = ioremap_nocache(memory->start, state->map.size); + state->map.virt = ioremap_nocache(memory->start, state->win_size); if (!state->map.virt) return -ENOMEM; -- 2.18.0

7 years, 2 months

1
0
0 0

patch "USB: serial: ti_usb_3410_5052: fix array underflow in completion" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: ti_usb_3410_5052: fix array underflow in completion to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 5dfdd24eb3d39d815bc952ae98128e967c9bba49 Mon Sep 17 00:00:00 2001 From: Johan Hovold <johan(a)kernel.org> Date: Tue, 21 Aug 2018 11:59:53 +0200 Subject: USB: serial: ti_usb_3410_5052: fix array underflow in completion handler Similarly to a recently reported bug in io_ti, a malicious USB device could set port_number to a negative value and we would underflow the port array in the interrupt completion handler. As these devices only have one or two ports, fix this by making sure we only consider the seventh bit when determining the port number (and ignore bits 0xb0 which are typically set to 0x30). Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/ti_usb_3410_5052.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/serial/ti_usb_3410_5052.c b/drivers/usb/serial/ti_usb_3410_5052.c index 3010878f7f8e..e3c5832337e0 100644 --- a/drivers/usb/serial/ti_usb_3410_5052.c +++ b/drivers/usb/serial/ti_usb_3410_5052.c @@ -1119,7 +1119,7 @@ static void ti_break(struct tty_struct *tty, int break_state) static int ti_get_port_from_code(unsigned char code) { - return (code >> 4) - 3; + return (code >> 6) & 0x01; } static int ti_get_func_from_code(unsigned char code) -- 2.18.0

7 years, 2 months

1
0
0 0

patch "USB: serial: io_ti: fix array underflow in completion handler" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: io_ti: fix array underflow in completion handler to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 691a03cfe8ca483f9c48153b869d354e4ae3abef Mon Sep 17 00:00:00 2001 From: Johan Hovold <johan(a)kernel.org> Date: Tue, 21 Aug 2018 11:59:52 +0200 Subject: USB: serial: io_ti: fix array underflow in completion handler As reported by Dan Carpenter, a malicious USB device could set port_number to a negative value and we would underflow the port array in the interrupt completion handler. As these devices only have one or two ports, fix this by making sure we only consider the seventh bit when determining the port number (and ignore bits 0xb0 which are typically set to 0x30). Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Cc: stable <stable(a)vger.kernel.org> Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com> Signed-off-by: Johan Hovold <johan(a)kernel.org> --- drivers/usb/serial/io_ti.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/serial/io_ti.h b/drivers/usb/serial/io_ti.h index e53c68261017..9bbcee37524e 100644 --- a/drivers/usb/serial/io_ti.h +++ b/drivers/usb/serial/io_ti.h @@ -173,7 +173,7 @@ struct ump_interrupt { } __attribute__((packed)); -#define TIUMP_GET_PORT_FROM_CODE(c) (((c) >> 4) - 3) +#define TIUMP_GET_PORT_FROM_CODE(c) (((c) >> 6) & 0x01) #define TIUMP_GET_FUNC_FROM_CODE(c) ((c) & 0x0f) #define TIUMP_INTERRUPT_CODE_LSR 0x03 #define TIUMP_INTERRUPT_CODE_MSR 0x04 -- 2.18.0

7 years, 2 months

1
0
0 0

Linux 4.18.6

by Greg KH

I'm announcing the release of the 4.18.6 kernel. All users of the 4.18 kernel series must upgrade. The updated 4.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 6 - arch/Kconfig | 3 arch/arm/net/bpf_jit_32.c | 2 arch/arm/probes/kprobes/core.c | 4 arch/arm/probes/kprobes/test-core.c | 1 arch/arm64/boot/dts/rockchip/rk3328.dtsi | 2 arch/arm64/include/asm/cache.h | 4 arch/arm64/include/asm/cpucaps.h | 3 arch/arm64/kernel/cpu_errata.c | 23 +++ arch/arm64/kernel/cpufeature.c | 2 arch/arm64/kernel/probes/kprobes.c | 2 arch/arm64/mm/init.c | 6 - arch/mips/Makefile | 12 -- arch/mips/include/asm/processor.h | 15 ++ arch/mips/kernel/ptrace.c | 2 arch/mips/kernel/ptrace32.c | 2 arch/mips/lib/memset.S | 3 arch/mips/lib/multi3.c | 6 - arch/s390/include/asm/qdio.h | 1 arch/s390/lib/mem.S | 16 +- arch/s390/mm/fault.c | 2 arch/s390/mm/page-states.c | 2 arch/s390/net/bpf_jit_comp.c | 2 arch/s390/numa/numa.c | 16 -- arch/s390/pci/pci.c | 2 arch/s390/purgatory/Makefile | 7 - arch/x86/Kconfig | 1 arch/x86/Makefile | 11 + arch/x86/entry/vdso/Makefile | 6 - arch/x86/events/core.c | 2 arch/x86/include/asm/irqflags.h | 3 arch/x86/include/asm/processor.h | 6 - arch/x86/include/asm/stacktrace.h | 2 arch/x86/include/asm/tlbflush.h | 40 ++++++ arch/x86/include/asm/vgtod.h | 2 arch/x86/kernel/cpu/bugs.c | 50 +++++++- arch/x86/kernel/cpu/common.c | 1 arch/x86/kernel/cpu/intel.c | 3 arch/x86/kernel/dumpstack.c | 25 +++- arch/x86/kernel/early-quirks.c | 18 +++ arch/x86/kernel/process_64.c | 1 arch/x86/kvm/hyperv.c | 27 +++- arch/x86/kvm/hyperv.h | 2 arch/x86/kvm/svm.c | 8 - arch/x86/kvm/x86.c | 15 +- arch/x86/lib/usercopy.c | 5 arch/x86/mm/fault.c | 2 arch/x86/mm/init.c | 4 arch/x86/mm/mmap.c | 2 arch/x86/mm/tlb.c | 7 + drivers/ata/libata-core.c | 3 drivers/ata/libata.h | 2 drivers/base/power/clock_ops.c | 2 drivers/cdrom/cdrom.c | 2 drivers/char/tpm/tpm-interface.c | 53 +++++++-- drivers/char/tpm/tpm.h | 12 +- drivers/char/tpm/tpm2-space.c | 16 +- drivers/char/tpm/tpm_crb.c | 101 ++++------------- drivers/clk/clk-npcm7xx.c | 4 drivers/clk/rockchip/clk-rk3399.c | 2 drivers/gpu/drm/udl/udl_drv.h | 2 drivers/gpu/drm/udl/udl_fb.c | 17 +- drivers/gpu/drm/udl/udl_main.c | 35 +++-- drivers/gpu/drm/udl/udl_transfer.c | 39 +++--- drivers/hwmon/k10temp.c | 2 drivers/hwmon/nct6775.c | 2 drivers/iommu/arm-smmu.c | 16 +- drivers/misc/mei/main.c | 1 drivers/mtd/nand/raw/fsmc_nand.c | 2 drivers/mtd/nand/raw/marvell_nand.c | 73 ++++++++++-- drivers/mtd/nand/raw/nand_hynix.c | 10 + drivers/mtd/nand/raw/qcom_nandc.c | 53 ++++++++- drivers/net/wireless/broadcom/b43/leds.c | 2 drivers/net/wireless/broadcom/b43legacy/leds.c | 2 drivers/nvme/host/pci.c | 8 + drivers/pinctrl/freescale/pinctrl-imx1-core.c | 2 drivers/platform/x86/ideapad-laptop.c | 4 drivers/platform/x86/wmi.c | 9 - drivers/power/supply/generic-adc-battery.c | 25 ++-- drivers/regulator/arizona-ldo1.c | 27 ++++ drivers/s390/cio/qdio_main.c | 5 drivers/scsi/libsas/sas_ata.c | 40 ++++-- drivers/scsi/libsas/sas_discover.c | 2 drivers/scsi/mpt3sas/mpt3sas_base.c | 1 drivers/scsi/mpt3sas/mpt3sas_scsih.c | 2 drivers/scsi/mpt3sas/mpt3sas_transport.c | 5 drivers/scsi/qla2xxx/qla_init.c | 2 drivers/scsi/qla2xxx/qla_iocb.c | 1 drivers/scsi/scsi_sysfs.c | 20 +++ drivers/soc/qcom/rmtfs_mem.c | 3 drivers/target/iscsi/iscsi_target_login.c | 35 +++-- fs/btrfs/disk-io.c | 10 + fs/btrfs/extent-tree.c | 2 fs/btrfs/inode.c | 26 ---- fs/btrfs/send.c | 146 +++++++++++++++++++++++-- fs/btrfs/super.c | 1 fs/btrfs/tree-log.c | 66 +++++++++++ fs/cifs/cifs_debug.c | 30 +++-- fs/cifs/cifsfs.c | 18 +-- fs/cifs/cifsglob.h | 1 fs/cifs/inode.c | 2 fs/cifs/link.c | 4 fs/cifs/sess.c | 6 + fs/cifs/smb2inode.c | 6 - fs/cifs/smb2ops.c | 72 ++++++++++-- fs/cifs/smb2pdu.c | 8 + fs/cifs/smb2pdu.h | 11 + fs/cifs/smb2proto.h | 1 fs/cifs/smb2transport.c | 5 fs/ext4/balloc.c | 6 - fs/ext4/ialloc.c | 6 - fs/ext4/namei.c | 1 fs/ext4/super.c | 22 +-- fs/ext4/sysfs.c | 13 +- fs/ext4/xattr.c | 2 fs/fuse/dev.c | 39 +++++- fs/fuse/dir.c | 10 + fs/fuse/file.c | 1 fs/fuse/fuse_i.h | 5 fs/fuse/inode.c | 37 +++--- fs/sysfs/file.c | 44 +++++++ include/drm/i915_drm.h | 4 include/linux/libata.h | 2 include/linux/printk.h | 4 include/linux/sysfs.h | 14 ++ include/linux/tpm.h | 2 include/scsi/libsas.h | 2 kernel/kprobes.c | 38 +++--- kernel/printk/internal.h | 9 + kernel/printk/printk.c | 57 +++++---- kernel/printk/printk_safe.c | 58 ++++++--- kernel/stop_machine.c | 43 ++++--- kernel/trace/trace.c | 4 kernel/watchdog.c | 4 kernel/watchdog_hld.c | 2 kernel/workqueue.c | 2 lib/nmi_backtrace.c | 3 lib/vsprintf.c | 1 mm/memory.c | 24 +++- net/sunrpc/xprtrdma/verbs.c | 5 scripts/kernel-doc | 20 +-- sound/soc/codecs/wm_adsp.c | 8 + sound/soc/sirf/sirf-usp.c | 7 - sound/soc/soc-pcm.c | 8 + sound/soc/zte/zx-tdm.c | 4 tools/perf/arch/s390/util/kvm-stat.c | 2 virt/kvm/arm/arch_timer.c | 15 +- virt/kvm/arm/mmu.c | 42 +++++-- 148 files changed, 1439 insertions(+), 579 deletions(-) Abhishek Sahu (1): mtd: rawnand: qcom: wait for desc completion in all BAM channels Ajit Pandey (1): ASoC: wm_adsp: Correct DSP pointer for preloader control Alberto Panizzo (1): clk: rockchip: fix clk_i2sout parent selection bits on rk3399 Alexander Usyskin (1): mei: don't update offset in write Andi Kleen (2): x86/spectre: Add missing family 6 check to microcode check x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ Andrey Ryabinin (1): fuse: Don't access pipe->buffers without pipe_lock() Andy Lutomirski (2): x86/vdso: Fix vDSO build if a retpoline is emitted x86/nmi: Fix NMI uaccess race against CR3 switching Arnd Bergmann (1): ext4: sysfs: print ext4_super_block fields as little-endian Aurelien Aptel (1): CIFS: fix uninitialized ptr deref in smb2 signing Bart Van Assche (4): lib/vsprintf: Do not handle %pO[^F] as %px scsi: mpt3sas: Fix _transport_smp_handler() error path scsi: sysfs: Introduce sysfs_{un,}break_active_protection() scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Ben Hutchings (2): scripts/kernel-doc: Escape all literal braces in regexes x86: Allow generating user-space headers without a compiler Boris Brezillon (2): mtd: rawnand: hynix: Use ->exec_op() in hynix_nand_reg_write_op() mtd: rawnand: fsmc: Stop using chip->read_buf() Charles Keepax (1): regulator: arizona-ldo1: Use correct device to get enable GPIO Christoffer Dall (2): KVM: arm/arm64: Fix potential loss of ptimer interrupts KVM: arm/arm64: Fix lost IRQs from emulated physcial timer when blocked Chuck Lever (1): xprtrdma: Fix disconnect regression Claudio Imbrenda (1): s390/kvm: fix deadlock when killed by oom Dan Carpenter (2): pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() PM / clk: signedness bug in of_pm_clk_add_clks() Daniel Borkmann (1): bpf, arm32: fix stack var offset in jit Daniel Mack (1): mtd: rawnand: marvell: add suspend and resume hooks Eric Sandeen (1): ext4: reset error code in ext4_find_entry in fallback Ethan Lien (1): btrfs: use correct compare function of dirty_metadata_bytes Filipe Manana (3): Btrfs: fix mount failure after fsync due to hard link recreation Btrfs: fix send failure when root has deleted files still open Btrfs: send, fix incorrect file layout after hole punching beyond eof Gerald Schaefer (1): s390/mm: fix addressing exception after suspend/resume Greg Hackmann (1): arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() Greg Kroah-Hartman (1): Linux 4.18.6 Gustavo A. R. Silva (3): ASoC: sirf: Fix potential NULL pointer dereference hwmon: (nct6775) Fix potential Spectre v1 clk: npcm7xx: fix memory allocation H. Nikolaus Schaller (2): power: generic-adc-battery: fix out-of-bounds write when copying channel properties power: generic-adc-battery: check for duplicate properties copied from iio channels Himanshu Madhani (1): scsi: qla2xxx: Fix stalled relogin Huacai Chen (1): MIPS: Change definition of cpu_relax() for Loongson-3 Huibin Hong (1): arm64: dts: rockchip: corrected uart1 clock-names for rk3328 Jann Horn (2): x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() x86/dumpstack: Don't dump kernel memory based on usermode RIP Jason Yan (1): scsi: libsas: dynamically allocate and free ata host Jerome Brunet (1): ASoC: dpcm: don't merge format from invalid codec dai Johan Hovold (1): soc: qcom: rmtfs-mem: fix memleak in probe error paths Josef Bacik (2): btrfs: don't leak ret from do_chunk_alloc Btrfs: fix btrfs_write_inode vs delayed iput deadlock Julian Wiedmann (1): s390/qdio: reset old sbal_state flags Kees Cook (1): platform/x86: wmi: Do not mix pages and kmalloc Kirill Tkhai (1): fuse: Add missed unlock_page() to fuse_readpages_fill() Maciej W. Rozycki (1): MIPS: Correct the 64-bit DSP accumulator register size Martin Schwidefsky (3): s390/lib: use expoline for all bcr instructions s390: fix br_r1_trampoline for machines without exrl s390/numa: move initial setup of node_to_cpumask_map Masami Hiramatsu (5): kprobes/arm64: Fix %p uses in error messages kprobes: Show blacklist addresses as same as kallsyms does kprobes: Replace %p with other pointer types kprobes/arm: Fix %p uses in error messages kprobes: Make list and blacklist root user read only Matt Redfearn (1): MIPS: memset.S: Fix byte_fixup for MIPSr6 Michael Buesch (2): b43legacy/leds: Ensure NUL-termination of LED name string b43/leds: Ensure NUL-termination of LED name string Michael Larabel (1): hwmon: (k10temp) 27C Offset needed for Threadripper2 Michal Wnukowski (1): nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event Mike Christie (1): iscsi target: fix session creation failure handling Miklos Szeredi (5): fuse: fix initial parallel dirops fuse: fix double request_end() fuse: fix unlocked access to processing queue fuse: umount should wait for all requests fuse: Fix oops at process_init_reply() Mikulas Patocka (4): udl-kms: change down_interruptible to down udl-kms: handle allocation failure udl-kms: fix crash due to uninitialized memory udl-kms: avoid division Nicholas Mc Guire (1): cifs: check kmalloc before use Nicholas Piggin (1): mm: move tlb_table_flush to tlb_flush_mmu_free Nick Desaulniers (1): x86/irqflags: Mark native_restore_fl extern inline Paolo Bonzini (1): KVM: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd Paul Burton (2): MIPS: Always use -march=<arch>, not -<arch> shortcuts MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 Paulo Zanoni (1): x86/gpu: reserve ICL's graphics stolen memory Peter Zijlstra (2): stop_machine: Reflow cpu_stop_queue_two_works() mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE Petr Mladek (3): printk: Split the code for storing a message into the log buffer printk: Create helper function to queue deferred console handling printk/nmi: Prevent deadlock when accessing the main log buffer in NMI Philipp Rudo (2): s390/purgatory: Fix crash with expoline enabled s390/purgatory: Add missing FORCE to Makefile targets Prasad Sodagudi (1): stop_machine: Atomically queue and wake stopper threads Punit Agrawal (2): KVM: arm/arm64: Skip updating PMD entry if no change KVM: arm/arm64: Skip updating PTE entry if no change Rian Hunter (1): x86/process: Re-export start_thread() Ricardo Schwarzmeier (1): tpm: Return the actual size when receiving an unsupported command Ronnie Sahlberg (2): cifs: add missing support for ACLs in SMB 3.11 cifs: use a refcount to protect open/closing the cached file handle Samuel Neves (1): x86/vdso: Fix lsl operand order Scott Bauer (1): cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Sebastian Ott (1): s390/pci: fix out of bounds access during irq setup Sreekanth Reddy (1): scsi: mpt3sas: Fix calltrace observed while running IO & reset Steve French (5): cifs: add missing debug entries for kconfig options smb3: enumerating snapshots was leaving part of the data off end smb3: Do not send SMB3 SET_INFO if nothing changed smb3: don't request leases in symlink creation and query smb3: fill in statfs fsid and correct namelen Suzuki K Poulose (2): arm64: Fix mismatched cache line size detection arm64: Handle mismatched cache type Takashi Iwai (2): platform/x86: ideapad-laptop: Apply no_hw_rfkill to Y20-15IKBM, too ASoC: zte: Fix incorrect PCM format bit usages Theodore Ts'o (1): ext4: check for NUL characters in extended attribute's name Thomas Gleixner (1): KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled Thomas Richter (1): perf kvm: Fix subcommands on s390 Tomas Winkler (1): tpm: separate cmd_ready/go_idle from runtime_pm Valdis Kletnieks (1): PATCH scripts/kernel-doc Vincent Whitchurch (1): watchdog: Mark watchdog touch functions as notrace Vivek Gautam (1): iommu/arm-smmu: Error out only if not enough context interrupts Vlastimil Babka (3): x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM x86/speculation/l1tf: Suggest what to do on systems with too much RAM Wang Shilong (2): ext4: use ext4_warning() for sb_getblk failure ext4: fix race when setting the bitmap corrupted flag

7 years, 2 months

1
1
0 0

Linux 4.14.68

by Greg KH

I'm announcing the release of the 4.14.68 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 6 arch/Kconfig | 3 arch/arc/Kconfig | 3 arch/arc/include/asm/cache.h | 4 arch/arc/include/asm/delay.h | 3 arch/arc/mm/cache.c | 7 - arch/arc/plat-eznps/include/plat/ctop.h | 10 + arch/arc/plat-eznps/mtm.c | 6 arch/arm/probes/kprobes/core.c | 4 arch/arm/probes/kprobes/test-core.c | 1 arch/arm64/boot/dts/rockchip/rk3328.dtsi | 2 arch/arm64/kernel/probes/kprobes.c | 2 arch/arm64/mm/init.c | 6 arch/mips/Makefile | 12 - arch/mips/bcm47xx/setup.c | 6 arch/mips/include/asm/mipsregs.h | 3 arch/mips/include/asm/processor.h | 15 ++ arch/mips/kernel/ptrace.c | 2 arch/mips/kernel/ptrace32.c | 2 arch/mips/lib/multi3.c | 6 arch/powerpc/net/bpf_jit_comp64.c | 29 ---- arch/s390/include/asm/qdio.h | 1 arch/s390/mm/fault.c | 2 arch/s390/mm/page-states.c | 2 arch/s390/net/bpf_jit_comp.c | 2 arch/s390/numa/numa.c | 16 -- arch/s390/pci/pci.c | 2 arch/sparc/include/asm/Kbuild | 1 arch/sparc/kernel/time_64.c | 2 arch/x86/Kconfig | 1 arch/x86/boot/compressed/Makefile | 8 - arch/x86/entry/vdso/Makefile | 6 arch/x86/events/amd/ibs.c | 6 arch/x86/events/core.c | 2 arch/x86/include/asm/irqflags.h | 3 arch/x86/include/asm/processor.h | 6 arch/x86/include/asm/tlbflush.h | 40 +++++ arch/x86/include/asm/vgtod.h | 2 arch/x86/kernel/cpu/bugs.c | 50 ++++++- arch/x86/kernel/cpu/common.c | 1 arch/x86/kernel/cpu/intel.c | 3 arch/x86/kernel/dumpstack.c | 4 arch/x86/kernel/process_64.c | 1 arch/x86/kvm/svm.c | 8 - arch/x86/kvm/vmx.c | 18 +- arch/x86/lib/usercopy.c | 5 arch/x86/mm/init.c | 4 arch/x86/mm/mmap.c | 2 arch/x86/mm/tlb.c | 7 + drivers/base/power/clock_ops.c | 2 drivers/block/nbd.c | 96 +++++++++++--- drivers/cdrom/cdrom.c | 2 drivers/char/tpm/tpm-interface.c | 2 drivers/clk/rockchip/clk-rk3399.c | 2 drivers/crypto/vmx/aes_ctr.c | 31 ++-- drivers/gpio/gpiolib-acpi.c | 56 ++++++++ drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 12 + drivers/gpu/drm/imx/imx-ldb.c | 9 - drivers/gpu/drm/udl/udl_drv.h | 2 drivers/gpu/drm/udl/udl_fb.c | 17 +- drivers/gpu/drm/udl/udl_main.c | 35 ++--- drivers/gpu/drm/udl/udl_transfer.c | 39 ++--- drivers/hwmon/nct6775.c | 2 drivers/i2c/busses/i2c-davinci.c | 8 - drivers/i2c/i2c-core-base.c | 2 drivers/i2c/i2c-mux.c | 4 drivers/iommu/arm-smmu.c | 16 +- drivers/misc/mei/main.c | 1 drivers/net/can/m_can/m_can.c | 7 - drivers/net/can/mscan/mpc5xxx_can.c | 5 drivers/net/ethernet/3com/Kconfig | 2 drivers/net/ethernet/amd/Kconfig | 4 drivers/net/ethernet/atheros/atl1c/atl1c_main.c | 1 drivers/net/ethernet/broadcom/bnx2x/bnx2x_ethtool.c | 13 + drivers/net/ethernet/cirrus/Kconfig | 1 drivers/net/ethernet/cisco/enic/enic_main.c | 80 ++++------- drivers/net/ethernet/huawei/hinic/hinic_main.c | 1 drivers/net/ethernet/netronome/nfp/flower/main.c | 4 drivers/net/ethernet/qlogic/qed/qed_l2.c | 15 +- drivers/net/ethernet/qlogic/qed/qed_l2.h | 2 drivers/net/ethernet/qlogic/qed/qed_mcp.c | 13 + drivers/net/ethernet/qlogic/qed/qed_sriov.c | 2 drivers/net/ethernet/qlogic/qed/qed_vf.c | 4 drivers/net/ethernet/qlogic/qed/qed_vf.h | 7 - drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c | 1 drivers/net/usb/qmi_wwan.c | 2 drivers/net/wan/lmc/lmc_main.c | 2 drivers/net/wireless/broadcom/b43/leds.c | 2 drivers/net/wireless/broadcom/b43legacy/leds.c | 2 drivers/nvme/host/pci.c | 8 + drivers/pinctrl/freescale/pinctrl-imx1-core.c | 2 drivers/platform/x86/ideapad-laptop.c | 4 drivers/power/supply/generic-adc-battery.c | 25 ++- drivers/s390/cio/qdio_main.c | 5 drivers/scsi/fcoe/fcoe_ctlr.c | 6 drivers/scsi/libfc/fc_rport.c | 1 drivers/scsi/libiscsi.c | 12 - drivers/scsi/mpt3sas/mpt3sas_transport.c | 5 drivers/scsi/scsi_sysfs.c | 20 ++ drivers/scsi/vmw_pvscsi.c | 11 + drivers/staging/media/omap4iss/iss_video.c | 3 drivers/target/iscsi/cxgbit/cxgbit_target.c | 16 +- drivers/target/iscsi/iscsi_target_login.c | 35 +++-- drivers/usb/gadget/function/f_uac2.c | 24 +-- drivers/usb/gadget/function/u_audio.c | 88 ++++-------- drivers/usb/gadget/udc/r8a66597-udc.c | 6 drivers/usb/phy/phy-fsl-usb.c | 4 fs/btrfs/disk-io.c | 10 - fs/btrfs/extent-tree.c | 2 fs/btrfs/inode.c | 26 --- fs/btrfs/super.c | 1 fs/cachefiles/namei.c | 1 fs/cachefiles/rdwr.c | 17 +- fs/cifs/cifs_debug.c | 30 +++- fs/cifs/cifsfs.c | 18 +- fs/cifs/inode.c | 2 fs/cifs/link.c | 4 fs/cifs/sess.c | 6 fs/cifs/smb2inode.c | 2 fs/cifs/smb2ops.c | 36 ++++- fs/cifs/smb2pdu.c | 8 + fs/cifs/smb2pdu.h | 11 + fs/ext4/mmp.c | 7 - fs/ext4/namei.c | 1 fs/ext4/super.c | 2 fs/ext4/sysfs.c | 13 + fs/ext4/xattr.c | 2 fs/fscache/operation.c | 6 fs/fuse/dev.c | 39 ++++- fs/fuse/dir.c | 10 - fs/fuse/file.c | 1 fs/fuse/fuse_i.h | 5 fs/fuse/inode.c | 37 +++-- fs/squashfs/file.c | 50 ++++--- fs/squashfs/file_cache.c | 4 fs/squashfs/file_direct.c | 24 +-- fs/squashfs/squashfs.h | 3 fs/sysfs/file.c | 44 ++++++ include/linux/printk.h | 4 include/linux/rtmutex.h | 7 + include/linux/sysfs.h | 14 ++ ipc/sem.c | 2 kernel/kprobes.c | 4 kernel/locking/rtmutex.c | 29 +++- kernel/printk/internal.h | 9 + kernel/printk/printk.c | 57 +++++--- kernel/printk/printk_safe.c | 58 +++++--- kernel/sched/rt.c | 2 kernel/stop_machine.c | 43 +++--- kernel/trace/trace.c | 4 kernel/watchdog.c | 4 kernel/watchdog_hld.c | 2 kernel/workqueue.c | 2 lib/nmi_backtrace.c | 3 mm/memcontrol.c | 15 +- mm/memory.c | 33 +++- mm/zswap.c | 9 + net/caif/caif_dev.c | 4 net/core/lwt_bpf.c | 2 net/ipv6/esp6.c | 4 net/ipv6/ip6_vti.c | 11 - net/mac80211/util.c | 3 net/netfilter/nf_tables_api.c | 59 +++++--- net/netfilter/nft_set_hash.c | 1 net/wireless/nl80211.c | 1 net/xfrm/xfrm_policy.c | 3 net/xfrm/xfrm_user.c | 10 - scripts/gcc-plugins/gcc-common.h | 4 scripts/gcc-plugins/latent_entropy_plugin.c | 17 -- scripts/gcc-plugins/randomize_layout_plugin.c | 75 +++------- scripts/gcc-plugins/structleak_plugin.c | 19 +- sound/soc/sirf/sirf-usp.c | 7 - sound/soc/soc-pcm.c | 8 + sound/soc/zte/zx-tdm.c | 4 tools/power/x86/turbostat/turbostat.c | 8 - tools/testing/selftests/ftrace/test.d/00basic/snapshot.tc | 28 ++++ tools/usb/ffs-test.c | 19 ++ virt/kvm/arm/mmu.c | 42 ++++-- 178 files changed, 1396 insertions(+), 776 deletions(-) Alberto Panizzo (1): clk: rockchip: fix clk_i2sout parent selection bits on rk3399 Aleksander Morgado (1): qmi_wwan: fix interface number for DW5821e production firmware Alexander Sverdlin (1): i2c: davinci: Avoid zero value of CLKH Alexander Usyskin (1): mei: don't update offset in write Andi Kleen (2): x86/spectre: Add missing family 6 check to microcode check x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ Andrey Ryabinin (1): fuse: Don't access pipe->buffers without pipe_lock() Andy Lutomirski (2): x86/vdso: Fix vDSO build if a retpoline is emitted x86/nmi: Fix NMI uaccess race against CR3 switching Arnd Bergmann (1): ext4: sysfs: print ext4_super_block fields as little-endian Bart Van Assche (3): scsi: mpt3sas: Fix _transport_smp_handler() error path scsi: sysfs: Introduce sysfs_{un,}break_active_protection() scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Benjamin Tissoires (1): gpiolib-acpi: make sure we trigger edge events at least once on boot Bernd Edlinger (1): nl80211: Add a missing break in parse_station_flags Calvin Walton (1): tools/power turbostat: Read extended processor family from CPUID Claudio Imbrenda (1): s390/kvm: fix deadlock when killed by oom Colin Ian King (1): drivers: net: lmc: fix case value for target abort error Dan Carpenter (2): pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() PM / clk: signedness bug in of_pm_clk_add_clks() Daniel Borkmann (1): bpf, ppc64: fix unexpected r0=0 exit path inside bpf_xadd Davidlohr Bueso (1): ipc/sem.c: prevent queue.status tearing in semop Eric Sandeen (1): ext4: reset error code in ext4_find_entry in fallback Ethan Lien (1): btrfs: use correct compare function of dirty_metadata_bytes Eugeniu Rosca (3): usb: gadget: f_uac2: fix error handling in afunc_bind (again) usb: gadget: u_audio: fix pcm/card naming in g_audio_setup() usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' Eugeniy Paltsev (1): ARC: dma [non-IOC] setup SMP_CACHE_BYTES and cache_line_size Eyal Birger (1): vti6: fix PMTU caching and reporting on xmit Faiz Abbas (1): can: m_can: Move accessing of message ram to after clocks are enabled Florian Westphal (4): xfrm: free skb if nlsk pointer is NULL netfilter: nf_tables: fix memory leaks on chain rename netfilter: nf_tables: don't allow to rename to already-pending name atl1c: reserve min skb headroom Gerald Schaefer (1): s390/mm: fix addressing exception after suspend/resume Govindarajulu Varadarajan (2): enic: handle mtu change for vf properly enic: do not call enic_change_mtu in enic_probe Greg Hackmann (1): arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() Greg Kroah-Hartman (1): Linux 4.14.68 Guenter Roeck (1): media: staging: omap4iss: Include asm/cacheflush.h after generic includes Gustavo A. R. Silva (2): ASoC: sirf: Fix potential NULL pointer dereference hwmon: (nct6775) Fix potential Spectre v1 H. Nikolaus Schaller (2): power: generic-adc-battery: fix out-of-bounds write when copying channel properties power: generic-adc-battery: check for duplicate properties copied from iio channels Hailong Liu (1): sched/rt: Restore rt_runtime after disabling RT_RUNTIME_SHARE Huacai Chen (1): MIPS: Change definition of cpu_relax() for Loongson-3 Hugh Dickins (1): mm: delete historical BUG from zap_pmd_range() Huibin Hong (1): arm64: dts: rockchip: corrected uart1 clock-names for rk3328 Jann Horn (1): x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() Jerome Brunet (1): ASoC: dpcm: don't merge format from invalid codec dai Jia-Ju Bai (2): usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() Jim Gill (1): scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED Johannes Thumshirn (3): scsi: fcoe: fix use-after-free in fcoe_ctlr_els_send scsi: fcoe: drop frames in ELS LOGO error path scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO John Hurley (1): nfp: flower: fix port metadata conversion bug Josef Bacik (4): nbd: don't requeue the same request twice. nbd: handle unexpected replies better btrfs: don't leak ret from do_chunk_alloc Btrfs: fix btrfs_write_inode vs delayed iput deadlock Josh Poimboeuf (1): x86/kvm/vmx: Remove duplicate l1d flush definitions Joshua Frkuska (1): usb: gadget: u_audio: update hw_ptr in iso_complete after data copied Julian Wiedmann (1): s390/qdio: reset old sbal_state flags Kees Cook (2): x86/boot: Fix if_changed build flip/flop bug gcc-plugins: Use dynamic initializers Kiran Kumar Modukuri (3): fscache: Allow cancelled operations to be enqueued cachefiles: Fix refcounting bug in backing-file read monitoring cachefiles: Wait rather than BUG'ing on "Unexpected object collision" Kirill Tkhai (2): memcg: remove memcg_cgroup::id from IDR on mem_cgroup_css_alloc() failure fuse: Add missed unlock_page() to fuse_readpages_fill() Len Brown (1): tools/power turbostat: fix -S on UP systems Li Wang (1): zswap: re-check zswap_is_full() after do zswap_shrink() Linus Torvalds (1): squashfs metadata 2: electric boogaloo Lucas Stach (2): drm/imx: imx-ldb: disable LDB on driver bind drm/imx: imx-ldb: check if channel is enabled before printing warning Maciej W. Rozycki (1): MIPS: Correct the 64-bit DSP accumulator register size Martin Schwidefsky (2): s390: fix br_r1_trampoline for machines without exrl s390/numa: move initial setup of node_to_cpumask_map Masami Hiramatsu (4): selftests/ftrace: Add snapshot and tracing_on test case kprobes/arm64: Fix %p uses in error messages kprobes/arm: Fix %p uses in error messages kprobes: Make list and blacklist root user read only Michael Buesch (2): b43legacy/leds: Ensure NUL-termination of LED name string b43/leds: Ensure NUL-termination of LED name string Michal Wnukowski (1): nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event Mike Christie (1): iscsi target: fix session creation failure handling Miklos Szeredi (5): fuse: fix initial parallel dirops fuse: fix double request_end() fuse: fix unlocked access to processing queue fuse: umount should wait for all requests fuse: Fix oops at process_init_reply() Mikulas Patocka (4): udl-kms: change down_interruptible to down udl-kms: handle allocation failure udl-kms: fix crash due to uninitialized memory udl-kms: avoid division Nicholas Mc Guire (2): can: mpc5xxx_can: check of_iomap return before use cifs: check kmalloc before use Nicholas Piggin (1): mm: move tlb_table_flush to tlb_flush_mmu_free Nick Desaulniers (1): x86/irqflags: Mark native_restore_fl extern inline Ofer Levi (1): ARC: [plat-eznps] Add missing struct nps_host_reg_aux_dpc Paul Burton (2): MIPS: Always use -march=<arch>, not -<arch> shortcuts MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 Paulo Flabiano Smorigo (1): crypto: vmx - Use skcipher for ctr fallback Peter Rosin (2): locking/rtmutex: Allow specifying a subclass for nested locking i2c/mux, locking/core: Annotate the nested rt_mutex usage Peter Senna Tschudin (1): tools: usb: ffs-test: Fix build on big endian systems Peter Zijlstra (2): stop_machine: Reflow cpu_stop_queue_two_works() mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE Petr Mladek (3): printk: Split the code for storing a message into the log buffer printk: Create helper function to queue deferred console handling printk/nmi: Prevent deadlock when accessing the main log buffer in NMI Phillip Lougher (1): Squashfs: Compute expected length from inode size rather than block length Prasad Sodagudi (1): stop_machine: Atomically queue and wake stopper threads Punit Agrawal (2): KVM: arm/arm64: Skip updating PMD entry if no change KVM: arm/arm64: Skip updating PTE entry if no change Rafał Miłecki (1): Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum" Randy Dunlap (6): usb/phy: fix PPC64 build errors in phy-fsl-usb.c net: prevent ISA drivers from building on PPC32 arc: [plat-eznps] fix data type errors in platform headers arc: [plat-eznps] fix printk warning in arc/plat-eznps/mtm.c arc: fix build errors in arc/include/asm/delay.h arc: fix type warnings in arc/mm/cache.c Rian Hunter (1): x86/process: Re-export start_thread() Ricardo Schwarzmeier (1): tpm: Return the actual size when receiving an unsupported command Samuel Neves (1): x86/vdso: Fix lsl operand order Scott Bauer (1): cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Sean Christopherson (1): KVM: vmx: use local variable for current_vmptr when emulating VMPTRST Sean Paul (1): drm/bridge: adv7511: Reset registers on hotplug Sebastian Ott (1): s390/pci: fix out of bounds access during irq setup Shubhrajyoti Datta (1): net: axienet: Fix double deregister of mdio Steve French (5): cifs: add missing debug entries for kconfig options smb3: enumerating snapshots was leaving part of the data off end smb3: Do not send SMB3 SET_INFO if nothing changed smb3: don't request leases in symlink creation and query smb3: fill in statfs fsid and correct namelen Steven Rostedt (VMware) (1): sparc/time: Add missing __init to init_tick_ops() Sudarsana Reddy Kalluru (4): qed: Fix link flap issue due to mismatching EEE capabilities. qed: Fix possible race for the link state value. qed: Correct Multicast API to reflect existence of 256 approximate buckets. bnx2x: Fix invalid memory access in rss hash config path. Taehee Yoo (2): netfilter: nft_set_hash: add rcu_barrier() in the nft_rhash_destroy() bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog() Takashi Iwai (2): platform/x86: ideapad-laptop: Apply no_hw_rfkill to Y20-15IKBM, too ASoC: zte: Fix incorrect PCM format bit usages Theodore Ts'o (2): ext4: clear mmp sequence number when remounting read-only ext4: check for NUL characters in extended attribute's name Thomas Gleixner (2): perf/x86/amd/ibs: Don't access non-started event KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled Thomas Petazzoni (1): sparc: use asm-generic version of msi.h Tommi Rantala (1): xfrm: fix missing dst_release() after policy blocking lbcast and multicast Valdis Kletnieks (1): gcc-plugins: Add include required by GCC release 8 Varun Prakash (2): scsi: target: iscsi: cxgbit: fix max iso npdu calculation scsi: libiscsi: fix possible NULL pointer dereference in case of TMF Vincent Whitchurch (1): watchdog: Mark watchdog touch functions as notrace Vivek Gautam (1): iommu/arm-smmu: Error out only if not enough context interrupts Vladimir Zapolskiy (3): usb: gadget: u_audio: remove caching of stream buffer parameters usb: gadget: u_audio: remove cached period bytes value usb: gadget: u_audio: protect stream runtime fields with stream spinlock Vlastimil Babka (3): x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM x86/speculation/l1tf: Suggest what to do on systems with too much RAM YueHaibing (1): net: caif: Add a missing rcu_read_unlock() in caif_flow_cb Zhen Lei (1): esp6: fix memleak on error path in esp6_input dann frazier (1): hinic: Link the logical network device to the pci device in sysfs jie@chenjie6@huwei.com (1): mm/memory.c: check return value of ioremap_prot mpubbise(a)codeaurora.org (1): mac80211: add stations tied to AP_VLANs during hw reconfig

7 years, 2 months

1
1
0 0

Linux 4.9.125

by Greg KH

I'm announcing the release of the 4.9.125 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arc/include/asm/delay.h | 3 arch/arc/mm/cache.c | 7 - arch/arc/plat-eznps/include/plat/ctop.h | 1 arch/arm/kvm/mmu.c | 42 +++++-- arch/arm64/kernel/probes/kprobes.c | 2 arch/arm64/mm/init.c | 6 - arch/mips/bcm47xx/setup.c | 6 - arch/mips/include/asm/mipsregs.h | 3 arch/mips/include/asm/processor.h | 2 arch/mips/kernel/ptrace.c | 2 arch/mips/kernel/ptrace32.c | 2 arch/mips/lib/multi3.c | 6 - arch/powerpc/net/bpf_jit_comp64.c | 29 ----- arch/s390/include/asm/qdio.h | 1 arch/s390/mm/fault.c | 2 arch/s390/net/bpf_jit_comp.c | 2 arch/s390/numa/numa.c | 16 -- arch/s390/pci/pci.c | 2 arch/sparc/kernel/pcic.c | 2 arch/x86/boot/compressed/Makefile | 8 + arch/x86/events/amd/ibs.c | 6 - arch/x86/include/asm/irqflags.h | 3 arch/x86/include/asm/processor.h | 6 - arch/x86/kernel/cpu/bugs.c | 50 ++++++++ arch/x86/kernel/cpu/common.c | 1 arch/x86/kernel/cpu/intel.c | 3 arch/x86/kernel/dumpstack.c | 4 arch/x86/kernel/process_64.c | 1 arch/x86/kvm/svm.c | 8 - arch/x86/kvm/vmx.c | 3 arch/x86/mm/init.c | 4 arch/x86/mm/mmap.c | 2 drivers/base/power/clock_ops.c | 2 drivers/cdrom/cdrom.c | 2 drivers/clk/rockchip/clk-rk3399.c | 2 drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 12 ++ drivers/gpu/drm/imx/imx-ldb.c | 9 + drivers/gpu/drm/udl/udl_fb.c | 2 drivers/gpu/drm/udl/udl_main.c | 35 +++--- drivers/i2c/busses/i2c-davinci.c | 8 + drivers/misc/mei/main.c | 1 drivers/net/can/mscan/mpc5xxx_can.c | 5 drivers/net/ethernet/3com/Kconfig | 2 drivers/net/ethernet/amd/Kconfig | 4 drivers/net/ethernet/atheros/atl1c/atl1c_main.c | 1 drivers/net/ethernet/broadcom/bnx2x/bnx2x_ethtool.c | 13 +- drivers/net/ethernet/cirrus/Kconfig | 1 drivers/net/ethernet/cisco/enic/enic_main.c | 78 ++++---------- drivers/net/ethernet/qlogic/qed/qed_l2.c | 15 +- drivers/net/ethernet/qlogic/qed/qed_l2.h | 2 drivers/net/ethernet/qlogic/qed/qed_mcp.c | 1 drivers/net/ethernet/qlogic/qed/qed_sriov.c | 2 drivers/net/ethernet/qlogic/qed/qed_vf.c | 4 drivers/net/ethernet/qlogic/qed/qed_vf.h | 7 + drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c | 1 drivers/net/usb/qmi_wwan.c | 2 drivers/net/wan/lmc/lmc_main.c | 2 drivers/net/wireless/broadcom/b43/leds.c | 2 drivers/net/wireless/broadcom/b43legacy/leds.c | 2 drivers/pinctrl/freescale/pinctrl-imx1-core.c | 2 drivers/power/supply/generic-adc-battery.c | 25 ++-- drivers/s390/cio/qdio_main.c | 5 drivers/scsi/fcoe/fcoe_ctlr.c | 4 drivers/scsi/libfc/fc_rport.c | 1 drivers/scsi/libiscsi.c | 12 +- drivers/scsi/scsi_sysfs.c | 20 +++ drivers/scsi/vmw_pvscsi.c | 11 + drivers/staging/android/ion/ion-ioctl.c | 12 +- drivers/staging/android/ion/ion.c | 65 +++++++---- drivers/staging/android/ion/ion_priv.h | 6 - drivers/staging/media/omap4iss/iss_video.c | 3 drivers/target/iscsi/iscsi_target_login.c | 35 +++--- drivers/usb/gadget/function/f_uac2.c | 20 +-- drivers/usb/gadget/udc/r8a66597-udc.c | 6 - drivers/usb/phy/phy-fsl-usb.c | 4 fs/cachefiles/namei.c | 1 fs/cachefiles/rdwr.c | 17 ++- fs/cifs/cifs_debug.c | 30 ++++- fs/cifs/inode.c | 2 fs/cifs/link.c | 4 fs/cifs/sess.c | 6 + fs/cifs/smb2inode.c | 2 fs/cifs/smb2ops.c | 34 ++++-- fs/ext4/namei.c | 1 fs/ext4/sysfs.c | 13 +- fs/ext4/xattr.c | 2 fs/fscache/operation.c | 6 - fs/fuse/dev.c | 39 +++++-- fs/fuse/dir.c | 10 + fs/fuse/file.c | 1 fs/fuse/fuse_i.h | 5 fs/fuse/inode.c | 37 +++--- fs/squashfs/file.c | 50 +++++--- fs/squashfs/file_cache.c | 4 fs/squashfs/file_direct.c | 24 ++-- fs/squashfs/squashfs.h | 3 fs/sysfs/file.c | 44 +++++++ include/linux/sysfs.h | 14 ++ kernel/kprobes.c | 4 kernel/sysctl.c | 3 mm/memcontrol.c | 15 +- mm/memory.c | 3 mm/zswap.c | 9 + net/caif/caif_dev.c | 4 net/ipv4/cipso_ipv4.c | 12 +- net/ipv6/ip6_vti.c | 11 + net/mac80211/util.c | 3 net/wireless/nl80211.c | 1 net/xfrm/xfrm_policy.c | 3 net/xfrm/xfrm_user.c | 10 + sound/soc/sirf/sirf-usp.c | 7 - sound/soc/soc-pcm.c | 8 + tools/power/x86/turbostat/turbostat.c | 8 - tools/testing/selftests/ftrace/test.d/00basic/snapshot.tc | 28 +++++ tools/usb/ffs-test.c | 19 ++- 116 files changed, 777 insertions(+), 405 deletions(-) Alberto Panizzo (1): clk: rockchip: fix clk_i2sout parent selection bits on rk3399 Aleksander Morgado (1): qmi_wwan: fix interface number for DW5821e production firmware Alexander Sverdlin (1): i2c: davinci: Avoid zero value of CLKH Alexander Usyskin (1): mei: don't update offset in write Andi Kleen (2): x86/spectre: Add missing family 6 check to microcode check x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ Andrey Ryabinin (1): fuse: Don't access pipe->buffers without pipe_lock() Arnd Bergmann (1): ext4: sysfs: print ext4_super_block fields as little-endian Bart Van Assche (2): scsi: sysfs: Introduce sysfs_{un,}break_active_protection() scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Bernd Edlinger (1): nl80211: Add a missing break in parse_station_flags Calvin Walton (1): tools/power turbostat: Read extended processor family from CPUID Claudio Imbrenda (1): s390/kvm: fix deadlock when killed by oom Colin Ian King (1): drivers: net: lmc: fix case value for target abort error Dan Carpenter (2): pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() PM / clk: signedness bug in of_pm_clk_add_clks() Daniel Borkmann (1): bpf, ppc64: fix unexpected r0=0 exit path inside bpf_xadd Daniel Rosenberg (1): staging: android: ion: check for kref overflow Eric Sandeen (1): ext4: reset error code in ext4_find_entry in fallback Ethan Zhao (1): sched/sysctl: Check user input value of sysctl_sched_time_avg Eugeniu Rosca (1): usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' Eyal Birger (1): vti6: fix PMTU caching and reporting on xmit Florian Westphal (2): xfrm: free skb if nlsk pointer is NULL atl1c: reserve min skb headroom Govindarajulu Varadarajan (1): enic: handle mtu change for vf properly Greg Hackmann (2): arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free Greg Kroah-Hartman (1): Linux 4.9.125 Guenter Roeck (1): media: staging: omap4iss: Include asm/cacheflush.h after generic includes Gustavo A. R. Silva (1): ASoC: sirf: Fix potential NULL pointer dereference H. Nikolaus Schaller (2): power: generic-adc-battery: fix out-of-bounds write when copying channel properties power: generic-adc-battery: check for duplicate properties copied from iio channels Jann Horn (1): x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() Jerome Brunet (1): ASoC: dpcm: don't merge format from invalid codec dai Jia-Ju Bai (2): usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() Jim Gill (1): scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED Johannes Thumshirn (2): scsi: fcoe: drop frames in ELS LOGO error path scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO Josh Poimboeuf (1): x86/kvm/vmx: Remove duplicate l1d flush definitions Julian Wiedmann (1): s390/qdio: reset old sbal_state flags Kees Cook (1): x86/boot: Fix if_changed build flip/flop bug Kiran Kumar Modukuri (3): fscache: Allow cancelled operations to be enqueued cachefiles: Fix refcounting bug in backing-file read monitoring cachefiles: Wait rather than BUG'ing on "Unexpected object collision" Kirill Tkhai (2): memcg: remove memcg_cgroup::id from IDR on mem_cgroup_css_alloc() failure fuse: Add missed unlock_page() to fuse_readpages_fill() Len Brown (1): tools/power turbostat: fix -S on UP systems Li Wang (1): zswap: re-check zswap_is_full() after do zswap_shrink() Linus Torvalds (1): squashfs metadata 2: electric boogaloo Lucas Stach (2): drm/imx: imx-ldb: disable LDB on driver bind drm/imx: imx-ldb: check if channel is enabled before printing warning Maciej W. Rozycki (1): MIPS: Correct the 64-bit DSP accumulator register size Martin Schwidefsky (2): s390: fix br_r1_trampoline for machines without exrl s390/numa: move initial setup of node_to_cpumask_map Masami Hiramatsu (3): selftests/ftrace: Add snapshot and tracing_on test case kprobes/arm64: Fix %p uses in error messages kprobes: Make list and blacklist root user read only Michael Buesch (2): b43legacy/leds: Ensure NUL-termination of LED name string b43/leds: Ensure NUL-termination of LED name string Mike Christie (1): iscsi target: fix session creation failure handling Miklos Szeredi (5): fuse: fix initial parallel dirops fuse: fix double request_end() fuse: fix unlocked access to processing queue fuse: umount should wait for all requests fuse: Fix oops at process_init_reply() Mikulas Patocka (3): udl-kms: change down_interruptible to down udl-kms: handle allocation failure udl-kms: fix crash due to uninitialized memory Nicholas Mc Guire (2): can: mpc5xxx_can: check of_iomap return before use cifs: check kmalloc before use Nick Desaulniers (1): x86/irqflags: Mark native_restore_fl extern inline Paul Burton (1): MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 Peter Senna Tschudin (1): tools: usb: ffs-test: Fix build on big endian systems Phillip Lougher (1): Squashfs: Compute expected length from inode size rather than block length Punit Agrawal (2): KVM: arm/arm64: Skip updating PTE entry if no change KVM: arm/arm64: Skip updating PMD entry if no change Rafał Miłecki (1): Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum" Randy Dunlap (5): usb/phy: fix PPC64 build errors in phy-fsl-usb.c net: prevent ISA drivers from building on PPC32 arc: [plat-eznps] fix data type errors in platform headers arc: fix build errors in arc/include/asm/delay.h arc: fix type warnings in arc/mm/cache.c Rian Hunter (1): x86/process: Re-export start_thread() Scott Bauer (1): cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Sean Paul (1): drm/bridge: adv7511: Reset registers on hotplug Sebastian Ott (1): s390/pci: fix out of bounds access during irq setup Shubhrajyoti Datta (1): net: axienet: Fix double deregister of mdio Steve French (4): cifs: add missing debug entries for kconfig options smb3: enumerating snapshots was leaving part of the data off end smb3: Do not send SMB3 SET_INFO if nothing changed smb3: don't request leases in symlink creation and query Sudarsana Reddy Kalluru (3): qed: Fix possible race for the link state value. qed: Correct Multicast API to reflect existence of 256 approximate buckets. bnx2x: Fix invalid memory access in rss hash config path. Theodore Ts'o (1): ext4: check for NUL characters in extended attribute's name Thomas Gleixner (2): perf/x86/amd/ibs: Don't access non-started event KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled Thomas Petazzoni (1): sparc: kernel/pcic: silence gcc 7.x warning in pcibios_fixup_bus() Tommi Rantala (1): xfrm: fix missing dst_release() after policy blocking lbcast and multicast Varun Prakash (1): scsi: libiscsi: fix possible NULL pointer dereference in case of TMF Vlastimil Babka (3): x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM x86/speculation/l1tf: Suggest what to do on systems with too much RAM YueHaibing (1): net: caif: Add a missing rcu_read_unlock() in caif_flow_cb jie@chenjie6@huwei.com (1): mm/memory.c: check return value of ioremap_prot mpubbise(a)codeaurora.org (1): mac80211: add stations tied to AP_VLANs during hw reconfig yujuan.qi (1): Cipso: cipso_v4_optptr enter infinite loop

7 years, 2 months

1
1
0 0

Linux 4.4.154

by Greg KH

I'm announcing the release of the 4.4.154 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arc/include/asm/delay.h | 3 arch/arc/mm/cache.c | 7 - arch/arm/kvm/mmu.c | 42 +++++-- arch/arm64/mm/init.c | 6 - arch/mips/bcm47xx/setup.c | 6 - arch/mips/include/asm/mipsregs.h | 3 arch/mips/include/asm/processor.h | 2 arch/mips/kernel/ptrace.c | 2 arch/mips/kernel/ptrace32.c | 2 arch/mips/lib/multi3.c | 6 - arch/s390/include/asm/qdio.h | 1 arch/s390/mm/fault.c | 2 arch/s390/net/bpf_jit_comp.c | 2 arch/s390/pci/pci.c | 2 arch/x86/include/asm/irqflags.h | 3 arch/x86/include/asm/processor.h | 4 arch/x86/kernel/cpu/bugs.c | 4 arch/x86/kernel/cpu/intel.c | 3 arch/x86/kernel/process_64.c | 1 arch/x86/mm/init.c | 4 arch/x86/mm/mmap.c | 2 drivers/cdrom/cdrom.c | 2 drivers/gpu/drm/i2c/adv7511.c | 12 ++ drivers/gpu/drm/imx/imx-ldb.c | 9 + drivers/gpu/drm/udl/udl_fb.c | 2 drivers/gpu/drm/udl/udl_main.c | 35 +++--- drivers/i2c/busses/i2c-davinci.c | 8 + drivers/net/can/mscan/mpc5xxx_can.c | 5 drivers/net/ethernet/3com/Kconfig | 2 drivers/net/ethernet/amd/Kconfig | 4 drivers/net/ethernet/atheros/atl1c/atl1c_main.c | 1 drivers/net/ethernet/broadcom/bnx2x/bnx2x_ethtool.c | 13 +- drivers/net/ethernet/cirrus/Kconfig | 1 drivers/net/ethernet/cisco/enic/enic_main.c | 78 ++++---------- drivers/net/ethernet/qlogic/qed/qed_mcp.c | 1 drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c | 1 drivers/net/wan/lmc/lmc_main.c | 2 drivers/pinctrl/freescale/pinctrl-imx1-core.c | 2 drivers/s390/cio/qdio_main.c | 5 drivers/scsi/fcoe/fcoe_ctlr.c | 4 drivers/scsi/libiscsi.c | 12 +- drivers/scsi/scsi_sysfs.c | 20 +++ drivers/scsi/vmw_pvscsi.c | 11 + drivers/staging/media/omap4iss/iss_video.c | 3 drivers/target/iscsi/iscsi_target_login.c | 35 +++--- drivers/usb/gadget/function/f_uac2.c | 20 +-- drivers/usb/gadget/udc/r8a66597-udc.c | 6 - drivers/usb/phy/phy-fsl-usb.c | 4 fs/btrfs/extent-tree.c | 2 fs/cachefiles/namei.c | 1 fs/cachefiles/rdwr.c | 17 ++- fs/cifs/cifs_debug.c | 30 ++++- fs/cifs/inode.c | 2 fs/cifs/link.c | 4 fs/cifs/sess.c | 6 + fs/cifs/smb2inode.c | 2 fs/ext4/namei.c | 1 fs/ext4/sysfs.c | 13 +- fs/ext4/xattr.c | 2 fs/fscache/operation.c | 6 - fs/fuse/dev.c | 39 +++++-- fs/fuse/file.c | 1 fs/fuse/fuse_i.h | 1 fs/fuse/inode.c | 23 +--- fs/sysfs/file.c | 44 +++++++ include/linux/sysfs.h | 14 ++ kernel/kprobes.c | 4 kernel/sysctl.c | 3 mm/memory.c | 3 mm/zswap.c | 9 + net/caif/caif_dev.c | 4 net/ipv4/cipso_ipv4.c | 12 +- net/ipv6/ip6_vti.c | 11 + net/mac80211/util.c | 3 net/wireless/nl80211.c | 1 net/xfrm/xfrm_policy.c | 3 net/xfrm/xfrm_user.c | 10 + sound/soc/sirf/sirf-usp.c | 7 - sound/soc/soc-pcm.c | 8 + tools/power/x86/turbostat/turbostat.c | 8 - tools/testing/selftests/ftrace/test.d/00basic/snapshot.tc | 28 +++++ tools/usb/ffs-test.c | 19 ++- 83 files changed, 513 insertions(+), 235 deletions(-) Alexander Sverdlin (1): i2c: davinci: Avoid zero value of CLKH Andi Kleen (1): x86/spectre: Add missing family 6 check to microcode check Andrey Ryabinin (1): fuse: Don't access pipe->buffers without pipe_lock() Arnd Bergmann (1): ext4: sysfs: print ext4_super_block fields as little-endian Bart Van Assche (2): scsi: sysfs: Introduce sysfs_{un,}break_active_protection() scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Bernd Edlinger (1): nl80211: Add a missing break in parse_station_flags Calvin Walton (1): tools/power turbostat: Read extended processor family from CPUID Claudio Imbrenda (1): s390/kvm: fix deadlock when killed by oom Colin Ian King (1): drivers: net: lmc: fix case value for target abort error Dan Carpenter (1): pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() Eric Sandeen (1): ext4: reset error code in ext4_find_entry in fallback Ethan Zhao (1): sched/sysctl: Check user input value of sysctl_sched_time_avg Eugeniu Rosca (1): usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' Eyal Birger (1): vti6: fix PMTU caching and reporting on xmit Florian Westphal (2): xfrm: free skb if nlsk pointer is NULL atl1c: reserve min skb headroom Govindarajulu Varadarajan (1): enic: handle mtu change for vf properly Greg Hackmann (1): arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() Greg Kroah-Hartman (1): Linux 4.4.154 Guenter Roeck (1): media: staging: omap4iss: Include asm/cacheflush.h after generic includes Gustavo A. R. Silva (1): ASoC: sirf: Fix potential NULL pointer dereference Jerome Brunet (1): ASoC: dpcm: don't merge format from invalid codec dai Jia-Ju Bai (2): usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() Jim Gill (1): scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED Johannes Thumshirn (1): scsi: fcoe: drop frames in ELS LOGO error path Josef Bacik (1): btrfs: don't leak ret from do_chunk_alloc Julian Wiedmann (1): s390/qdio: reset old sbal_state flags Kiran Kumar Modukuri (3): fscache: Allow cancelled operations to be enqueued cachefiles: Fix refcounting bug in backing-file read monitoring cachefiles: Wait rather than BUG'ing on "Unexpected object collision" Kirill Tkhai (1): fuse: Add missed unlock_page() to fuse_readpages_fill() Len Brown (1): tools/power turbostat: fix -S on UP systems Li Wang (1): zswap: re-check zswap_is_full() after do zswap_shrink() Lucas Stach (2): drm/imx: imx-ldb: disable LDB on driver bind drm/imx: imx-ldb: check if channel is enabled before printing warning Maciej W. Rozycki (1): MIPS: Correct the 64-bit DSP accumulator register size Martin Schwidefsky (1): s390: fix br_r1_trampoline for machines without exrl Masami Hiramatsu (2): selftests/ftrace: Add snapshot and tracing_on test case kprobes: Make list and blacklist root user read only Mike Christie (1): iscsi target: fix session creation failure handling Miklos Szeredi (4): fuse: fix double request_end() fuse: fix unlocked access to processing queue fuse: umount should wait for all requests fuse: Fix oops at process_init_reply() Mikulas Patocka (3): udl-kms: change down_interruptible to down udl-kms: handle allocation failure udl-kms: fix crash due to uninitialized memory Nicholas Mc Guire (2): can: mpc5xxx_can: check of_iomap return before use cifs: check kmalloc before use Nick Desaulniers (1): x86/irqflags: Mark native_restore_fl extern inline Paul Burton (1): MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 Peter Senna Tschudin (1): tools: usb: ffs-test: Fix build on big endian systems Punit Agrawal (2): KVM: arm/arm64: Skip updating PTE entry if no change KVM: arm/arm64: Skip updating PMD entry if no change Rafał Miłecki (1): Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum" Randy Dunlap (4): usb/phy: fix PPC64 build errors in phy-fsl-usb.c net: prevent ISA drivers from building on PPC32 arc: fix build errors in arc/include/asm/delay.h arc: fix type warnings in arc/mm/cache.c Rian Hunter (1): x86/process: Re-export start_thread() Scott Bauer (1): cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Sean Paul (1): drm/bridge: adv7511: Reset registers on hotplug Sebastian Ott (1): s390/pci: fix out of bounds access during irq setup Shubhrajyoti Datta (1): net: axienet: Fix double deregister of mdio Steve French (3): cifs: add missing debug entries for kconfig options smb3: Do not send SMB3 SET_INFO if nothing changed smb3: don't request leases in symlink creation and query Sudarsana Reddy Kalluru (2): qed: Fix possible race for the link state value. bnx2x: Fix invalid memory access in rss hash config path. Theodore Ts'o (1): ext4: check for NUL characters in extended attribute's name Tommi Rantala (1): xfrm: fix missing dst_release() after policy blocking lbcast and multicast Varun Prakash (1): scsi: libiscsi: fix possible NULL pointer dereference in case of TMF Vlastimil Babka (3): x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM x86/speculation/l1tf: Suggest what to do on systems with too much RAM YueHaibing (1): net: caif: Add a missing rcu_read_unlock() in caif_flow_cb jie@chenjie6@huwei.com (1): mm/memory.c: check return value of ioremap_prot mpubbise(a)codeaurora.org (1): mac80211: add stations tied to AP_VLANs during hw reconfig yujuan.qi (1): Cipso: cipso_v4_optptr enter infinite loop

7 years, 2 months

1
1
0 0

Linux 3.18.121

by Greg KH

I'm announcing the release of the 3.18.121 kernel. All users of the 3.18 kernel series must upgrade. The updated 3.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arc/include/asm/delay.h | 3 arch/arc/mm/cache_arc700.c | 7 - arch/arm/kvm/mmu.c | 42 +++++-- arch/arm64/mm/init.c | 6 - arch/mips/bcm47xx/setup.c | 6 - arch/mips/include/asm/mipsregs.h | 3 arch/mips/include/asm/processor.h | 2 arch/mips/kernel/ptrace.c | 2 arch/mips/kernel/ptrace32.c | 2 arch/s390/include/asm/qdio.h | 1 arch/s390/mm/fault.c | 2 arch/s390/pci/pci.c | 2 arch/x86/kernel/process_64.c | 1 drivers/cdrom/cdrom.c | 2 drivers/gpu/drm/udl/udl_fb.c | 2 drivers/gpu/drm/udl/udl_main.c | 35 +++--- drivers/net/can/mscan/mpc5xxx_can.c | 5 drivers/net/ethernet/atheros/atl1c/atl1c_main.c | 1 drivers/net/ethernet/broadcom/bnx2x/bnx2x_ethtool.c | 13 +- drivers/net/ethernet/cisco/enic/enic_main.c | 78 ++++---------- drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c | 1 drivers/net/wan/lmc/lmc_main.c | 2 drivers/pinctrl/freescale/pinctrl-imx1-core.c | 2 drivers/s390/cio/qdio_main.c | 5 drivers/scsi/fcoe/fcoe_ctlr.c | 4 drivers/scsi/libiscsi.c | 12 +- drivers/scsi/scsi_sysfs.c | 20 +++ drivers/scsi/vmw_pvscsi.c | 11 + drivers/staging/imx-drm/imx-ldb.c | 9 + drivers/staging/media/omap4iss/iss_video.c | 3 drivers/usb/gadget/function/f_uac2.c | 20 +-- drivers/usb/gadget/udc/r8a66597-udc.c | 6 - drivers/usb/phy/phy-fsl-usb.c | 4 fs/btrfs/extent-tree.c | 2 fs/cachefiles/namei.c | 1 fs/cachefiles/rdwr.c | 17 ++- fs/ext4/namei.c | 1 fs/fscache/operation.c | 6 - fs/fuse/dev.c | 7 - fs/fuse/file.c | 1 fs/sysfs/file.c | 44 +++++++ include/linux/sysfs.h | 14 ++ kernel/kprobes.c | 4 kernel/sysctl.c | 3 mm/memory.c | 3 mm/zswap.c | 9 + net/caif/caif_dev.c | 4 net/ipv4/cipso_ipv4.c | 12 +- net/mac80211/util.c | 3 net/wireless/nl80211.c | 1 net/xfrm/xfrm_policy.c | 3 net/xfrm/xfrm_user.c | 10 + sound/soc/sirf/sirf-usp.c | 7 - tools/power/x86/turbostat/turbostat.c | 8 - tools/testing/selftests/ftrace/test.d/00basic/snapshot.tc | 28 +++++ tools/usb/ffs-test.c | 19 ++- 57 files changed, 353 insertions(+), 170 deletions(-) Andrey Ryabinin (1): fuse: Don't access pipe->buffers without pipe_lock() Bart Van Assche (2): scsi: sysfs: Introduce sysfs_{un,}break_active_protection() scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Bernd Edlinger (1): nl80211: Add a missing break in parse_station_flags Calvin Walton (1): tools/power turbostat: Read extended processor family from CPUID Claudio Imbrenda (1): s390/kvm: fix deadlock when killed by oom Colin Ian King (1): drivers: net: lmc: fix case value for target abort error Dan Carpenter (1): pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() Eric Sandeen (1): ext4: reset error code in ext4_find_entry in fallback Ethan Zhao (1): sched/sysctl: Check user input value of sysctl_sched_time_avg Eugeniu Rosca (1): usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' Florian Westphal (2): xfrm: free skb if nlsk pointer is NULL atl1c: reserve min skb headroom Govindarajulu Varadarajan (1): enic: handle mtu change for vf properly Greg Hackmann (1): arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() Greg Kroah-Hartman (1): Linux 3.18.121 Guenter Roeck (1): media: staging: omap4iss: Include asm/cacheflush.h after generic includes Gustavo A. R. Silva (1): ASoC: sirf: Fix potential NULL pointer dereference Jia-Ju Bai (2): usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() Jim Gill (1): scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED Johannes Thumshirn (1): scsi: fcoe: drop frames in ELS LOGO error path Josef Bacik (1): btrfs: don't leak ret from do_chunk_alloc Julian Wiedmann (1): s390/qdio: reset old sbal_state flags Kiran Kumar Modukuri (3): fscache: Allow cancelled operations to be enqueued cachefiles: Fix refcounting bug in backing-file read monitoring cachefiles: Wait rather than BUG'ing on "Unexpected object collision" Kirill Tkhai (1): fuse: Add missed unlock_page() to fuse_readpages_fill() Len Brown (1): tools/power turbostat: fix -S on UP systems Li Wang (1): zswap: re-check zswap_is_full() after do zswap_shrink() Lucas Stach (2): drm/imx: imx-ldb: disable LDB on driver bind drm/imx: imx-ldb: check if channel is enabled before printing warning Maciej W. Rozycki (1): MIPS: Correct the 64-bit DSP accumulator register size Masami Hiramatsu (2): selftests/ftrace: Add snapshot and tracing_on test case kprobes: Make list and blacklist root user read only Mikulas Patocka (3): udl-kms: change down_interruptible to down udl-kms: handle allocation failure udl-kms: fix crash due to uninitialized memory Nicholas Mc Guire (1): can: mpc5xxx_can: check of_iomap return before use Peter Senna Tschudin (1): tools: usb: ffs-test: Fix build on big endian systems Punit Agrawal (2): KVM: arm/arm64: Skip updating PTE entry if no change KVM: arm/arm64: Skip updating PMD entry if no change Rafał Miłecki (1): Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum" Randy Dunlap (3): usb/phy: fix PPC64 build errors in phy-fsl-usb.c arc: fix build errors in arc/include/asm/delay.h arc: fix type warnings in arc/mm/cache.c Rian Hunter (1): x86/process: Re-export start_thread() Scott Bauer (1): cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Sebastian Ott (1): s390/pci: fix out of bounds access during irq setup Shubhrajyoti Datta (1): net: axienet: Fix double deregister of mdio Sudarsana Reddy Kalluru (1): bnx2x: Fix invalid memory access in rss hash config path. Tommi Rantala (1): xfrm: fix missing dst_release() after policy blocking lbcast and multicast Varun Prakash (1): scsi: libiscsi: fix possible NULL pointer dereference in case of TMF YueHaibing (1): net: caif: Add a missing rcu_read_unlock() in caif_flow_cb jie@chenjie6@huwei.com (1): mm/memory.c: check return value of ioremap_prot mpubbise(a)codeaurora.org (1): mac80211: add stations tied to AP_VLANs during hw reconfig yujuan.qi (1): Cipso: cipso_v4_optptr enter infinite loop

7 years, 2 months

1
1
0 0

[PATCH] tpm: fix response size validation in tpm_get_random()

by Jarkko Sakkinen

When checking whether the response is large enough to be able to contain the received random bytes in tpm_get_random() and tpm2_get_random(), they fail to take account the header size, which should be added to the minimum size. This commit fixes this issue. Cc: stable(a)vger.kernel.org Fixes: c659af78eb7b ("tpm: Check size of response before accessing data") Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com> --- drivers/char/tpm/tpm-interface.c | 3 ++- drivers/char/tpm/tpm2-cmd.c | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 1a803b0cf980..318a7078b2ba 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -1321,7 +1321,8 @@ int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max) } rlength = be32_to_cpu(tpm_cmd.header.out.length); - if (rlength < offsetof(struct tpm_getrandom_out, rng_data) + + if (rlength < TPM_HEADER_SIZE + + offsetof(struct tpm_getrandom_out, rng_data) + recd) { total = -EFAULT; break; diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index c31b490bd41d..3acf4fd4e5a5 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -329,7 +329,9 @@ int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max) &buf.data[TPM_HEADER_SIZE]; recd = min_t(u32, be16_to_cpu(out->size), num_bytes); if (tpm_buf_length(&buf) < - offsetof(struct tpm2_get_random_out, buffer) + recd) { + TPM_HEADER_SIZE + + offsetof(struct tpm2_get_random_out, buffer) + + recd) { err = -EFAULT; goto out; } -- 2.17.1

7 years, 2 months

2
2
0 0

v3.18.121 build: 0 failures 1 warnings (v3.18.121)

by Build bot for Mark Brown

Tree/Branch: v3.18.121 Git describe: v3.18.121 Commit: ba6984fc01 Linux 3.18.121 Build Time: 0 min 1 sec Passed: 7 / 7 (100.00 %) Failed: 0 / 7 ( 0.00 %) Errors: 0 Warnings: 1 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 7 warnings 0 mismatches : x86_64-allmodconfig 2 warnings 0 mismatches : x86_64-defconfig ------------------------------------------------------------------------------- Warnings Summary: 1 9 ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 7 warnings, 0 section mismatches Warnings: ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ------------------------------------------------------------------------------- x86_64-defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: x86_64-allnoconfig arm-multi_v7_defconfig arm-allmodconfig arm-allnoconfig arm-multi_v5_defconfig

7 years, 2 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror