November 2018 - Linux-stable-mirror

[PATCH 2/2] drm/vc4: Set ->legacy_cursor_update to false when doing non-async updates

by Boris Brezillon

drm_atomic_helper_setup_commit() auto-completes commit->flip_done when state->legacy_cursor_update is true, but we now for sure that we want a sync update when we call drm_atomic_helper_setup_commit() from vc4_atomic_commit(). Explicitly set state->legacy_cursor_update to false to prevent this auto-completion. Fixes: 184d3cf4f738 ("drm/vc4: Use wait_for_flip_done() instead of wait_for_vblanks()") Cc: <stable(a)vger.kernel.org> Signed-off-by: Boris Brezillon <boris.brezillon(a)bootlin.com> --- drivers/gpu/drm/vc4/vc4_kms.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/gpu/drm/vc4/vc4_kms.c b/drivers/gpu/drm/vc4/vc4_kms.c index 127468785f74..1f94b9affe4b 100644 --- a/drivers/gpu/drm/vc4/vc4_kms.c +++ b/drivers/gpu/drm/vc4/vc4_kms.c @@ -214,6 +214,12 @@ static int vc4_atomic_commit(struct drm_device *dev, return 0; } + /* We know for sure we don't want an async update here. Set + * state->legacy_cursor_update to false to prevent + * drm_atomic_helper_setup_commit() from auto-completing + * commit->flip_done. + */ + state->legacy_cursor_update = false; ret = drm_atomic_helper_setup_commit(state, nonblock); if (ret) return ret; -- 2.17.1

5 years, 11 months

2
1
0 0

stable/linux-4.19.y build: 187 builds: 0 failed, 187 passed, 12 warnings (v4.19.2)

by kernelci.org bot

stable/linux-4.19.y build: 187 builds: 0 failed, 187 passed, 12 warnings (v4.19.2) Full Build Summary: https://kernelci.org/build/stable/branch/linux-4.19.y/kernel/v4.19.2/ Tree: stable Branch: linux-4.19.y Git Describe: v4.19.2 Git Commit: 7950eb316adf792283cac5743dfe5a11e74833dc Git URL: http://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git Built: 4 unique architectures Warnings Detected: arm: gcc version 7.3.0 (Debian 7.3.0-28) aspeed_g4_defconfig: 1 warning aspeed_g5_defconfig: 1 warning multi_v5_defconfig: 1 warning multi_v7_defconfig: 1 warning qcom_defconfig: 1 warning mips: gcc version 6.3.0 (GCC) db1xxx_defconfig: 1 warning decstation_defconfig: 1 warning lemote2f_defconfig: 1 warning loongson3_defconfig: 2 warnings nlm_xlp_defconfig: 1 warning sb1250_swarm_defconfig: 1 warning Warnings summary: 3 net/core/rtnetlink.c:3156:1: warning: the frame size of 1312 bytes is larger than 1024 bytes [-Wframe-larger-than=] 3 drivers/i2c/busses/i2c-aspeed.c:567:1: warning: label 'out' defined but not used [-Wunused-label] 2 arch/arm/boot/dts/qcom-apq8064-arrow-sd-600eval.dtb: Warning (graph_endpoint): /soc/mdp@5100000/ports/port@3/endpoint: graph connection to node '/soc/hdmi-tx@4a00000/ports/port@0/endpoint' is not bidirectional 1 include/linux/list.h:63:13: warning: 'head' may be used uninitialized in this function [-Wmaybe-uninitialized] 1 drivers/scsi/raid_class.c:64:24: warning: unused variable 'i' [-Wunused-variable] 1 drivers/net/ethernet/amd/declance.c:1232:2: warning: 'desc' may be used uninitialized in this function [-Wmaybe-uninitialized] 1 arch/mips/configs/loongson3_defconfig:55:warning: symbol value 'm' invalid for HOTPLUG_PCI_SHPC ================================================================================ Detailed per-defconfig build reports: -------------------------------------------------------------------------------- acs5k_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- acs5k_tiny_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (x86) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (arm64) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- allnoconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- am200epdkit_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ar7_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- aspeed_g4_defconfig (arm) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/i2c/busses/i2c-aspeed.c:567:1: warning: label 'out' defined but not used [-Wunused-label] -------------------------------------------------------------------------------- aspeed_g5_defconfig (arm) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/i2c/busses/i2c-aspeed.c:567:1: warning: label 'out' defined but not used [-Wunused-label] -------------------------------------------------------------------------------- assabet_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- at91_dt_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ath25_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ath79_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- axm55xx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- badge4_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- bcm2835_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- bcm47xx_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- bcm63xx_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- bigsur_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- bmips_be_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- bmips_stb_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- capcella_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- cavium_octeon_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- cerfcube_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ci20_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- clps711x_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- cm_x2xx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- cm_x300_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- cns3420vb_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- cobalt_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- colibri_pxa270_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- colibri_pxa300_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- collie_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- corgi_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- davinci_all_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- db1xxx_defconfig (mips) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: include/linux/list.h:63:13: warning: 'head' may be used uninitialized in this function [-Wmaybe-uninitialized] -------------------------------------------------------------------------------- decstation_defconfig (mips) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/net/ethernet/amd/declance.c:1232:2: warning: 'desc' may be used uninitialized in this function [-Wmaybe-uninitialized] -------------------------------------------------------------------------------- defconfig (arm64) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- dove_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- e55_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ebsa110_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- efm32_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- em_x270_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ep93xx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- eseries_pxa_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- exynos_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ezx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- footbridge_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- fuloong2e_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- gcw0_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- gemini_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- gpr_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- h3600_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- h5000_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- hackkit_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- hisi_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- i386_defconfig (x86) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imote2_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v4_v5_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- imx_v6_v7_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- integrator_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- iop13xx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- iop32x_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- iop33x_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ip22_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ip27_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ip28_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ip32_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ixp4xx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- jazz_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- jmr3927_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- jornada720_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- keystone_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- ks8695_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lart_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lasat_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lemote2f_defconfig (mips) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: net/core/rtnetlink.c:3156:1: warning: the frame size of 1312 bytes is larger than 1024 bytes [-Wframe-larger-than=] -------------------------------------------------------------------------------- loongson1b_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- loongson1c_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- loongson3_defconfig (mips) — PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: arch/mips/configs/loongson3_defconfig:55:warning: symbol value 'm' invalid for HOTPLUG_PCI_SHPC net/core/rtnetlink.c:3156:1: warning: the frame size of 1312 bytes is larger than 1024 bytes [-Wframe-larger-than=] -------------------------------------------------------------------------------- lpc18xx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lpc32xx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lpd270_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- lubbock_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- magician_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mainstone_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- malta_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- malta_kvm_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- malta_kvm_guest_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- malta_qemu_32r6_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- maltaaprp_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- maltasmvp_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- maltasmvp_eva_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- maltaup_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- maltaup_xpa_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- markeins_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mini2440_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mips_paravirt_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mmp2_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- moxart_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mpc30x_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mps2_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- msp71xx_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mtx1_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v4t_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- multi_v5_defconfig (arm) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/i2c/busses/i2c-aspeed.c:567:1: warning: label 'out' defined but not used [-Wunused-label] -------------------------------------------------------------------------------- multi_v7_defconfig (arm) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: arch/arm/boot/dts/qcom-apq8064-arrow-sd-600eval.dtb: Warning (graph_endpoint): /soc/mdp@5100000/ports/port@3/endpoint: graph connection to node '/soc/hdmi-tx@4a00000/ports/port@0/endpoint' is not bidirectional -------------------------------------------------------------------------------- mv78xx0_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mvebu_v5_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mvebu_v7_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- mxs_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- neponset_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- netwinder_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- netx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nhk8815_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nlm_xlp_defconfig (mips) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: net/core/rtnetlink.c:3156:1: warning: the frame size of 1312 bytes is larger than 1024 bytes [-Wframe-larger-than=] -------------------------------------------------------------------------------- nlm_xlr_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nuc910_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nuc950_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- nuc960_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap1_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omap2plus_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- omega2p_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- orion5x_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- oxnas_v6_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- palmz72_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pcm027_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pic32mzda_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pistachio_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pleb_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pnx8335_stb225_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- prima2_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pxa168_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pxa255-idp_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pxa3xx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pxa910_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- pxa_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- qcom_defconfig (arm) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: arch/arm/boot/dts/qcom-apq8064-arrow-sd-600eval.dtb: Warning (graph_endpoint): /soc/mdp@5100000/ports/port@3/endpoint: graph connection to node '/soc/hdmi-tx@4a00000/ports/port@0/endpoint' is not bidirectional -------------------------------------------------------------------------------- qi_lb60_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- raumfeld_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rb532_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rbtx49xx_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- realview_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rm200_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rpc_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- rt305x_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- s3c2410_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- s3c6400_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- s5pv210_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- sama5_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- sb1250_swarm_defconfig (mips) — PASS, 0 errors, 1 warning, 0 section mismatches Warnings: drivers/scsi/raid_class.c:64:24: warning: unused variable 'i' [-Wunused-variable] -------------------------------------------------------------------------------- shannon_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- shmobile_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- simpad_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- socfpga_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spear13xx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spear3xx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spear6xx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- spitz_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- stm32_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- sunxi_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tango4_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tb0219_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tb0226_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tb0287_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tct_hammer_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tegra_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (arm64) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (x86) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- tinyconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- trizeps4_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- u300_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- u8500_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- versatile_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vexpress_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vf610m4_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- viper_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vocore2_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- vt8500_v6_v7_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- workpad_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- x86_64_defconfig (x86) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- xcep_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- xway_defconfig (mips) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- zeus_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches -------------------------------------------------------------------------------- zx_defconfig (arm) — PASS, 0 errors, 0 warnings, 0 section mismatches --- For more info write to <info(a)kernelci.org>

5 years, 11 months

1
0
0 0

[PATCH] selinux: check length properly in SCTP bind hook

by Ondrej Mosnacek

selinux_sctp_bind_connect() must verify if the address buffer has sufficient length before accessing the 'sa_family' field. See __sctp_connect() for a similar check. The length of the whole address ('len') is already checked in the callees. Reported-by: Qian Cai <cai(a)gmx.us> Fixes: d452930fd3b9 ("selinux: Add SCTP support") Cc: <stable(a)vger.kernel.org> # 4.17+ Cc: Richard Haines <richard_c_haines(a)btinternet.com> Signed-off-by: Ondrej Mosnacek <omosnace(a)redhat.com> --- Hi, On Mon, Nov 12, 2018 at 8:39 PM Qian Cai <cai(a)gmx.us> wrote: > Running the trinity fuzzer on the latest mainline (rc2) generates this, > > [15029.879626] BUG: KASAN: slab-out-of-bounds in selinux_sctp_bind_connect+0x60/0x150 > [15029.887275] Read of size 2 at addr ffff801ec53c5080 by task trinity-main/18081 > [15029.887294] > [15029.887304] CPU: 28 PID: 18081 Comm: trinity-main Tainted: G W OE 4.20.0-rc2+ #15 > [15029.887311] Hardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.50 06/01/2018 > [15000.084786] [15029.887320] Call trace: > [15029.915511] dump_backtrace+0x0/0x2c8 > [15029.920046] show_stack+0x24/0x30 > [15029.923367] dump_stack+0x118/0x19c > [15029.927539] print_address_description+0x68/0x2a0 > [15029.932245] kasan_report+0x1b4/0x348 > [15029.938760] __asan_load2+0x7c/0xa0 > [15029.945098] selinux_sctp_bind_connect+0x60/0x150 > > [15029.950571] security_sctp_bind_connect+0x58/0x90 > [15029.955493] __sctp_setsockopt_connectx+0x68/0x128 [sctp] > [15029.960943] sctp_setsockopt+0x764/0x2928 [sctp] > [15029.965564] sock_common_setsockopt+0x6c/0x80 > [15029.969923] __arm64_sys_setsockopt+0x13c/0x1f0 > [15029.974456] el0_svc_handler+0xd4/0x198 > [15029.978293] el0_svc+0x8/0xc > [15029.981174] > [15029.982667] Allocated by task 18081: > [15029.986245] kasan_kmalloc.part.1+0x40/0x108 > [15029.990517] kasan_kmalloc+0xb4/0xc8 > [15029.994094] __kmalloc_node+0x1c4/0x638 > [15029.997933] kvmalloc_node+0x98/0xa8 > [15030.001511] vmemdup_user+0x34/0x128 > [15030.005137] __sctp_setsockopt_connectx+0x44/0x128 [sctp] > [15030.010586] sctp_setsockopt+0x764/0x2928 [sctp] > [15030.015205] sock_common_setsockopt+0x6c/0x80 > [15030.019564] __arm64_sys_setsockopt+0x13c/0x1f0 > [15030.024096] el0_svc_handler+0xd4/0x198 > [15030.027933] el0_svc+0x8/0xc > [15030.030814] > [15030.032306] Freed by task 3025: > [15030.035451] __kasan_slab_free+0x114/0x228 > [15030.039548] kasan_slab_free+0x10/0x18 > [15030.043299] kfree+0x114/0x408 > [15030.046357] selinux_sk_free_security+0x38/0x48 > [15030.050888] security_sk_free+0x3c/0x58 > [15030.054727] __sk_destruct+0x3e8/0x570 > [15030.058478] sk_destruct+0x4c/0x58 > [15030.061881] __sk_free+0x68/0x138 > [15030.065197] sk_free+0x3c/0x48 > [15030.068255] unix_release_sock+0x4a8/0x550 > [15030.072353] unix_release+0x34/0x50 > [15030.075843] __sock_release+0x74/0x110 > [15030.079593] sock_close+0x24/0x38 > [15030.082913] __fput+0x1b8/0x368 > [15030.086055] ____fput+0x20/0x30 > [15030.089199] task_work_run+0x14c/0x1a8 > [15030.092951] do_notify_resume+0x1e4/0x200 > [15030.096961] work_pending+0x8/0x14 > [15030.100363] > [15030.101856] The buggy address belongs to the object at ffff801ec53c5080 > [15030.101856] which belongs to the cache kmalloc-128 of size 128 > [15030.114376] The buggy address is located 0 bytes inside of > [15030.114376] 128-byte region [ffff801ec53c5080, ffff801ec53c5100) > [15030.125939] The buggy address belongs to the page: > [15030.130732] page:ffff7fe007b14f00 count:1 mapcount:0 mapping:ffff8016c0010480 index:0x0 > [15030.138738] flags: 0x5fffff0000000200(slab) > [15030.142926] raw: 5fffff0000000200 ffff7fe007980608 ffff801ec000fd60 ffff8016c0010480 > [15030.150671] raw: 0000000000000000 0000000000660066 00000001ffffffff 0000000000000000 > [15030.158413] page dumped because: kasan: bad access detected > [15030.163984] > [15030.165476] Memory state around the buggy address: > [15030.170269] ffff801ec53c4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc > [15030.177491] ffff801ec53c5000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc > [15030.184714] >ffff801ec53c5080: 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc > [15030.191934] ^ > [15030.195164] ffff801ec53c5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc > [15030.202386] ffff801ec53c5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc > [15030.209607] ================================================================== > [15030.216828] Disabling lock debugging due to kernel taint I think I found the cause - Qian, can you test this patch if it fixes the problem? security/selinux/hooks.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 7ce683259357..a67459eb62d5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -5318,6 +5318,9 @@ static int selinux_sctp_bind_connect(struct sock *sk, int optname, addr_buf = address; while (walk_size < addrlen) { + if (walk_size + sizeof(sa_family_t) > addrlen) + return -EINVAL; + addr = addr_buf; switch (addr->sa_family) { case AF_UNSPEC: -- 2.17.2

5 years, 11 months

3
3
0 0

[PATCH] mac80211: ignore tx status for PS stations in ieee80211_tx_status_ext

by Felix Fietkau

Make it behave like regular ieee80211_tx_status calls, except for the lack of filtered frame processing. This fixes spurious low-ack triggered disconnections with powersave clients connected to an AP. Fixes: f027c2aca0cf4 ("mac80211: add ieee80211_tx_status_noskb") Cc: stable(a)vger.kernel.org Signed-off-by: Felix Fietkau <nbd(a)nbd.name> --- net/mac80211/status.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net/mac80211/status.c b/net/mac80211/status.c index aa4afbf0abaf..a794ca729000 100644 --- a/net/mac80211/status.c +++ b/net/mac80211/status.c @@ -964,6 +964,8 @@ void ieee80211_tx_status_ext(struct ieee80211_hw *hw, /* Track when last TDLS packet was ACKed */ if (test_sta_flag(sta, WLAN_STA_TDLS_PEER_AUTH)) sta->status_stats.last_tdls_pkt_time = jiffies; + } else if (test_sta_flag(sta, WLAN_STA_PS_STA)) { + return; } else { ieee80211_lost_packet(sta, info); } -- 2.17.0

5 years, 11 months

1
0
0 0

[PATCH 4.14 000/222] 4.14.81-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.81 release. There are 222 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Tue Nov 13 22:15:32 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.81-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.81-rc1 Daniel Colascione <dancol(a)google.com> bpf: wait for running BPF programs when updating map-in-map David Ahern <dsahern(a)gmail.com> net: sched: Remove TCA_OPTIONS from policy Filipe Manana <fdmanana(a)suse.com> Btrfs: fix fsync after hole punching when using no-holes feature Filipe Manana <fdmanana(a)suse.com> Btrfs: fix use-after-free when dumping free space Filipe Manana <fdmanana(a)suse.com> Btrfs: fix use-after-free during inode eviction Josef Bacik <josef(a)toxicpanda.com> btrfs: move the dio_sem higher up the callchain Josef Bacik <josef(a)toxicpanda.com> btrfs: don't run delayed_iputs in commit Josef Bacik <josef(a)toxicpanda.com> btrfs: only free reserved extent if we didn't insert it Josef Bacik <jbacik(a)fb.com> btrfs: don't use ctl->free_space for max_extent_size Josef Bacik <jbacik(a)fb.com> btrfs: set max_extent_size properly Filipe Manana <fdmanana(a)suse.com> Btrfs: fix assertion on fsync of regular file when using no-holes feature Filipe Manana <fdmanana(a)suse.com> Btrfs: fix null pointer dereference on compressed write path error Qu Wenruo <wqu(a)suse.com> btrfs: qgroup: Dirty all qgroups before rescan Filipe Manana <fdmanana(a)suse.com> Btrfs: fix wrong dentries after fsync of file that got its parent replaced Filipe Manana <fdmanana(a)suse.com> Btrfs: fix warning when replaying log after fsync of a tmpfile Josef Bacik <josef(a)toxicpanda.com> btrfs: make sure we create all new block groups Josef Bacik <jbacik(a)fb.com> btrfs: reset max_extent_size on clear in a bitmap Josef Bacik <josef(a)toxicpanda.com> btrfs: protect space cache inode alloc with GFP_NOFS Josef Bacik <josef(a)toxicpanda.com> btrfs: wait on caching when putting the bg cache Jeff Mahoney <jeffm(a)suse.com> btrfs: don't attempt to trim devices that don't support it Jeff Mahoney <jeffm(a)suse.com> btrfs: iterate all devices during trim, instead of fs_devices::alloc_list Qu Wenruo <wqu(a)suse.com> btrfs: Ensure btrfs_trim_fs can trim the whole filesystem Qu Wenruo <wqu(a)suse.com> btrfs: Enhance btrfs_trim_fs function to handle error better Jeff Mahoney <jeffm(a)suse.com> btrfs: fix error handling in free_log_tree Qu Wenruo <wqu(a)suse.com> btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock Qu Wenruo <wqu(a)suse.com> btrfs: Handle owner mismatch gracefully when walking up tree Qu Wenruo <wqu(a)suse.com> btrfs: qgroup: Avoid calling qgroup functions if qgroup is not enabled Breno Leitao <leitao(a)debian.org> selftests/powerpc: Fix ptrace tm failure Johan Hovold <johan(a)kernel.org> soc/tegra: pmc: Fix child-node lookup Thor Thayer <thor.thayer(a)linux.intel.com> arm64: dts: stratix10: Correct System Manager register size Thor Thayer <thor.thayer(a)linux.intel.com> ARM: dts: socfpga: Fix SDRAM node address for Arria10 Nicolas Pitre <nicolas.pitre(a)linaro.org> Cramfs: fix abad comparison when wrap-arounds occur Colin Ian King <colin.king(a)canonical.com> rpmsg: smd: fix memory leak on channel create Tri Vo <trong(a)android.com> arm64: lse: remove -fcall-used-x0 flag Hans Verkuil <hansverk(a)cisco.com> media: media colorspaces*.rst: rename AdobeRGB to opRGB Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> media: em28xx: make v4l2-compliance happier by starting sequence on zero Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> media: em28xx: fix input name for Terratec AV 350 Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> media: tvp5150: avoid going past array on v4l2_querymenu() Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> media: em28xx: use a default format if TRY_FMT fails Manjunath Patil <manjunath.b.patil(a)oracle.com> xen-blkfront: fix kernel panic with negotiate_mq error path Juergen Gross <jgross(a)suse.com> xen: fix xen_qlock_wait() He Zhe <zhe.he(a)windriver.com> kgdboc: Passing ekgdboc to command line causes panic Hans Verkuil <hverkuil(a)xs4all.nl> media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD Maciej W. Rozycki <macro(a)linux-mips.org> TC: Set DMA masks for devices Will Deacon <will.deacon(a)arm.com> iommu/arm-smmu: Ensure that page-table updates are visible before TLBI Aaro Koskinen <aaro.koskinen(a)iki.fi> MIPS: OCTEON: fix out of bounds array access on CN68XX Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/msi: Fix compile error on mpc83xx Damien Le Moal <damien.lemoal(a)wdc.com> dm zoned: fix various dmz_get_mblock() issues Damien Le Moal <damien.lemoal(a)wdc.com> dm zoned: fix metadata block ref counting Wenwen Wang <wang6495(a)umn.edu> dm ioctl: harden copy_params()'s copy_from_user() from malicious users Amir Goldstein <amir73il(a)gmail.com> lockd: fix access beyond unterminated strings in prints Trond Myklebust <trondmy(a)gmail.com> nfsd: Fix an Oops in free_session() Benjamin Coddington <bcodding(a)redhat.com> nfs: Fix a missed page unlock after pg_doio() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Fix the r/wsize checking Lukas Wunner <lukas(a)wunner.de> genirq: Fix race on spurious interrupt detection He Zhe <zhe.he(a)windriver.com> printk: Fix panic caused by passing log_buf_len to command line Steve French <stfrench(a)microsoft.com> smb3: on kerberos mount if server doesn't specify auth type use krb5 Steve French <stfrench(a)microsoft.com> smb3: do not attempt cifs operation in smb3 query info error path Steve French <stfrench(a)microsoft.com> smb3: allow stats which track session and share reconnects to be reset Andreas Kemnade <andreas(a)kemnade.info> w1: omap-hdq: fix missing bus unregister at removal Eugen Hristev <eugen.hristev(a)microchip.com> iio: adc: at91: fix wrong channel number in triggered buffer mode Eugen Hristev <eugen.hristev(a)microchip.com> iio: adc: at91: fix acking DRDY irq on simple conversions Alexey Khoroshilov <khoroshilov(a)ispras.ru> iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() Lars-Peter Clausen <lars(a)metafoo.de> iio: ad5064: Fix regulator handling Arnd Bergmann <arnd(a)arndb.de> kbuild: fix kernel/bounds.c 'W=1' warning Mark Rutland <mark.rutland(a)arm.com> KVM: arm64: Fix caching of host MDCR_EL2 value Ralph Campbell <rcampbell(a)nvidia.com> mm/rmap: map_pte() was not handling private ZONE_DEVICE page properly Mike Kravetz <mike.kravetz(a)oracle.com> hugetlbfs: dirty pages as they are added to pagecache Eric Biggers <ebiggers(a)google.com> ima: fix showing large 'violations' or 'runtime_measurements_count' Vlastimil Babka <vbabka(a)suse.cz> mm: /proc/pid/smaps_rollup: fix NULL pointer deref in smaps_pte_range() Horia Geantă <horia.geanta(a)nxp.com> crypto: tcrypt - fix ghash-generic speed test Ondrej Mosnacek <omosnace(a)redhat.com> crypto: lrw - Fix out-of bounds access on counter overflow Eric W. Biederman <ebiederm(a)xmission.com> signal: Guard against negative signal numbers in copy_siginfo_from_user32 Eric W. Biederman <ebiederm(a)xmission.com> signal/GenWQE: Fix sending of SIGKILL Keith Busch <keith.busch(a)intel.com> PCI: vmd: White list for fast interrupt handlers Bin Meng <bmeng.cn(a)gmail.com> PCI: Add Device IDs for Intel GPU "spurious interrupt" quirk Lukas Wunner <lukas(a)wunner.de> PCI/ASPM: Fix link_state teardown on device removal Vignesh R <vigneshr(a)ti.com> ARM: dts: dra7: Fix up unaligned access setting for PCIe EP Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> EDAC, skx_edac: Fix logical channel intermediate decoding Tony Luck <tony.luck(a)intel.com> EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting Michael Jin <mikhail.jin(a)gmail.com> EDAC, amd64: Add Family 17h, models 10h-2fh support Breno Leitao <leitao(a)debian.org> HID: hiddev: fix potential Spectre v1 Theodore Ts'o <tytso(a)mit.edu> ext4: fix use-after-free race in ext4_remount()'s error path Wang Shilong <wshilong(a)ddn.com> ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR Wang Shilong <wangshilong1991(a)gmail.com> ext4: fix setattr project check in fssetxattr ioctl Lukas Czerner <lczerner(a)redhat.com> ext4: initialize retries variable in ext4_da_write_inline_data_begin() Al Viro <viro(a)zeniv.linux.org.uk> gfs2_meta: ->mount() can get NULL dev_name Jan Kara <jack(a)suse.cz> jbd2: fix use after free in jbd2_log_do_checkpoint() Artemy Kovalyov <artemyko(a)mellanox.com> IB/mlx5: Fix MR cache initialization Takashi Iwai <tiwai(a)suse.de> ASoC: intel: skylake: Add missing break in skl_tplg_get_token() Dan Williams <dan.j.williams(a)intel.com> libnvdimm, region: Fail badblocks listing for inactive regions Alexander Duyck <alexander.h.duyck(a)linux.intel.com> libnvdimm: Hold reference on parent while scheduling async init Pierre Yves MORDRET <pierre-yves.mordret(a)st.com> dmaengine: stm32-dma: fix incomplete configuration in cyclic mode Christian Lamparter <chunkeey(a)gmail.com> dmaengine: ppc4xx: fix off-by-one build failure Stefan Nuernberger <snu(a)amazon.com> net/ipv4: defensive cipso option parsing Luca Coelho <luciano.coelho(a)intel.com> iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com> usb: gadget: udc: renesas_usb3: Fix b-device mode for "workaround" Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten Lubomir Rintel <lkundrak(a)v3.sk> libertas: don't set URB_ZERO_PACKET on IN USB transfer Juergen Gross <jgross(a)suse.com> xen/pvh: don't try to unplug emulated devices Roger Pau Monne <roger.pau(a)citrix.com> xen/pvh: increase early stack size Juergen Gross <jgross(a)suse.com> xen: make xen_qlock_wait() nestable Juergen Gross <jgross(a)suse.com> xen: fix race in xen_qlock_wait() Boris Ostrovsky <boris.ostrovsky(a)oracle.com> xen/balloon: Support xend-based toolstack Vasilis Liaskovitis <vliaskovitis(a)suse.com> xen/blkfront: avoid NULL blkfront_info dereference on device removal Dr. Greg Wettstein <greg(a)wind.enjellic.com> tpm: Restore functionality to xen vtpm driver. Joe Jin <joe.jin(a)oracle.com> xen-swiotlb: use actually allocated size on check physical continuous Marek Szyprowski <m.szyprowski(a)samsung.com> ARM: dts: exynos: Mark 1 GHz CPU OPP as suspend OPP on Exynos5250 Marek Szyprowski <m.szyprowski(a)samsung.com> ARM: dts: exynos: Convert exynos5250.dtsi to opp-v2 bindings Viresh Kumar <viresh.kumar(a)linaro.org> arm: dts: exynos: Add missing cooling device properties for CPUs Viresh Kumar <viresh.kumar(a)linaro.org> ARM: dts: exynos: Remove "cooling-{min|max}-level" for CPU nodes Chao Yu <yuchao0(a)huawei.com> f2fs: fix to account IO correctly Jaegeuk Kim <jaegeuk(a)kernel.org> Revert "f2fs: fix to clear PG_checked flag in set_page_dirty()" Prarit Bhargava <prarit(a)redhat.com> cpupower: Fix AMD Family 0x17 msr_pstate size Takashi Iwai <tiwai(a)suse.de> ALSA: hda: Check the non-cached stream buffers more explicitly Vijay Immanuel <vijayi(a)attalasystems.com> IB/rxe: fix for duplicate request processing and ack psns Paul Cercueil <paul(a)crapouillou.net> dmaengine: dma-jz4780: Return error if not probed from DT Alexandre Belloni <alexandre.belloni(a)bootlin.com> mfd: menelaus: Fix possible race condition and leak Eric W. Biederman <ebiederm(a)xmission.com> signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init Yunlei He <heyunlei(a)huawei.com> f2fs: report error if quota off error during umount James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Correct race with abort on completion path James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Correct soft lockup when running mds diagnostics Alexandre Belloni <alexandre.belloni(a)bootlin.com> uio: ensure class is registered before devices Waiman Long <longman(a)redhat.com> driver/dma/ioat: Call del_timer_sync() without holding prep_lock Loic Poulain <loic.poulain(a)linaro.org> usb: chipidea: Prevent unbalanced IRQ disable Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix implicit casts in endianness helpers Vignesh R <vigneshr(a)ti.com> PCI: dwc: pci-dra7xx: Enable errata i870 for both EP and RC mode Suzuki K Poulose <suzuki.poulose(a)arm.com> coresight: etb10: Fix handling of perf mode Tonghao Zhang <xiangxia.m.yue(a)gmail.com> PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice Chao Yu <yuchao0(a)huawei.com> f2fs: fix to recover inode's i_flags during POR Shaohua Li <shli(a)fb.com> MD: fix invalid stored role for a disk Theodore Ts'o <tytso(a)mit.edu> ext4: fix argument checking in EXT4_IOC_MOVE_EXT Alexandre Belloni <alexandre.belloni(a)bootlin.com> usb: gadget: udc: atmel: handle at91sam9rl PMC Mika Westerberg <mika.westerberg(a)linux.intel.com> PCI / ACPI: Enable wake automatically for power managed bridges Jorgen Hansen <jhansen(a)vmware.com> VMCI: Resource wildcard match fixed Dexuan Cui <decui(a)microsoft.com> Drivers: hv: vmbus: Use cpumask_var_t for on-stack cpu mask Javier Martinez Canillas <javierm(a)redhat.com> tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated Honghui Zhang <honghui.zhang(a)mediatek.com> PCI: mediatek: Fix mtk_pcie_find_port() endpoint/port matching logic Tudor.Ambarus(a)microchip.com <Tudor.Ambarus(a)microchip.com> usb: host: ohci-at91: fix request of irq for optional gpio Selvin Xavier <selvin.xavier(a)broadcom.com> RDMA/bnxt_re: Fix recursive lock warning in debug kernel Denis Drozdov <denisd(a)mellanox.com> IB/ipoib: Clear IPCB before icmp_send Parav Pandit <parav(a)mellanox.com> RDMA/core: Do not expose unsupported counters Wenwen Wang <wang6495(a)umn.edu> scsi: megaraid_sas: fix a missing-check bug Jim Mattson <jmattson(a)google.com> KVM: nVMX: Clear reserved bits of #DB exit qualification David Howells <dhowells(a)redhat.com> UAPI: ndctl: Fix g++-unsupported initialisation in headers Finn Thain <fthain(a)telegraphics.com.au> scsi: esp_scsi: Track residual for PIO transfers Michal Hocko <mhocko(a)suse.com> cgroup, netclassid: add a preemption point to write_classid Geert Uytterhoeven <geert+renesas(a)glider.be> thermal: da9062/61: Prevent hardware access during system suspend Martin Willi <martin(a)strongswan.org> ath10k: schedule hardware restart if WMI command times out Sebastian Basierski <sebastianx.basierski(a)intel.com> ixgbevf: VF2VF TCP RSS Sara Sharon <sara.sharon(a)intel.com> iwlwifi: mvm: fix BAR seq ctrl reporting Andrew Lunn <andrew(a)lunn.ch> net: dsa: mv88e6xxx: Fix writing to a PHY page. Douglas Anderson <dianders(a)chromium.org> pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant Douglas Anderson <dianders(a)chromium.org> pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant Stephen Boyd <swboyd(a)chromium.org> pinctrl: qcom: spmi-mpp: Fix drive strength setting Hans de Goede <hdegoede(a)redhat.com> ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers Masami Hiramatsu <mhiramat(a)kernel.org> kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() Paolo Valente <paolo.valente(a)linaro.org> block, bfq: correctly charge and reset entity service in all cases Antoine Tenart <antoine.tenart(a)bootlin.com> net: phy: phylink: ensure the carrier is off when starting phylink Arend van Spriel <arend.vanspriel(a)broadcom.com> brcmfmac: fix for proper support of 160MHz bandwidth YueHaibing <yuehaibing(a)huawei.com> pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux Ben Hutchings <ben(a)decadent.org.uk> x86: boot: Fix EFI stub alignment Christian Hewitt <christianshewitt(a)gmail.com> Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth Will Deacon <will.deacon(a)arm.com> signal: Introduce COMPAT_SIGMINSTKSZ for use in compat_sys_sigaltstack Gustavo A. R. Silva <gustavo(a)embeddedor.com> mtd: rawnand: atmel: Fix potential NULL pointer dereference Viresh Kumar <viresh.kumar(a)linaro.org> cpufreq: dt: Try freeing static OPPs only if we have added them Dou Liyang <douly.fnst(a)cn.fujitsu.com> ACPI / processor: Fix the return value of acpi_processor_ids_walk() Lubomir Rintel <lkundrak(a)v3.sk> x86/olpc: Indicate that legacy PC XO-1 platform should not register RTC Emmanuel Grumbach <emmanuel.grumbach(a)intel.com> iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface Shaul Triebitz <shaul.triebitz(a)intel.com> iwlwifi: pcie: avoid empty free RB queue Yu Zhao <yuzhao(a)google.com> mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 Prarit Bhargava <prarit(a)redhat.com> cpupower: Fix coredump on VMWare Sanskriti Sharma <sansharm(a)redhat.com> perf strbuf: Match va_{add,copy} with va_end Sanskriti Sharma <sansharm(a)redhat.com> perf tools: Cleanup trace-event-info 'tdata' leak Sanskriti Sharma <sansharm(a)redhat.com> perf tools: Free temporary 'sys' string in read_event_files() Nathan Chancellor <natechancellor(a)gmail.com> spi: spi-ep93xx: Use dma_data_direction for ep93xx_spi_dma_{finish,prepare} Jia-Ju Bai <baijiaju1990(a)gmail.com> lightnvm: pblk: fix two sleep-in-atomic-context bugs Thierry Reding <treding(a)nvidia.com> hwmon: (pwm-fan) Set fan speed to 0 on suspend Janosch Frank <frankja(a)linux.ibm.com> s390/sthyi: Fix machine name validity indication Serhey Popovych <serhe.popovych(a)gmail.com> tun: Consistently configure generic netdev params via rtnetlink Ryan C Goodfellow <rgoodfel(a)isi.edu> nfp: devlink port split support for 1x100G CXP NIC Omar Sandoval <osandov(a)fb.com> swim: fix cleanup on setup error Omar Sandoval <osandov(a)fb.com> ataflop: fix error handling during setup Waiman Long <longman(a)redhat.com> locking/lockdep: Fix debug_locks off performance problem Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: rcar: cleanup DMA for all kinds of failure Masami Hiramatsu <mhiramat(a)kernel.org> selftests: ftrace: Add synthetic event syntax testcase Nathan Chancellor <natechancellor(a)gmail.com> net: qla3xxx: Remove overflowing shift statement Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> x86/fpu: Remove second definition of fpu in __fpu__restore_sig() David Miller <davem(a)davemloft.net> perf cpu_map: Align cpu map synthesized events properly. Jarod Wilson <jarod(a)redhat.com> perf tools: Fix use of alternatives to find JDIR Song Muchun <smuchun(a)gmail.com> sched/fair: Fix the min_vruntime update logic in dequeue_entity() David S. Miller <davem(a)davemloft.net> sparc64: Make proc_id signed. David S. Miller <davem(a)davemloft.net> sparc: Throttle perf events properly. David S. Miller <davem(a)davemloft.net> sparc: Fix single-pcr perf event counter management. Jiri Olsa <jolsa(a)redhat.com> perf vendor events intel: Fix wrong filter_band* values for uncore events Florian Westphal <fw(a)strlen.de> xfrm: policy: use hlist rcu variants on insert Jiri Olsa <jolsa(a)kernel.org> Revert "perf tools: Fix PMU term format max value calculation" Eric Dumazet <edumazet(a)google.com> bpf: do not blindly change rlimit in reuseport net selftest Marek Szyprowski <m.szyprowski(a)samsung.com> ARM: dts: exynos: Disable pull control for MAX8997 interrupts on Origen Sai Praneeth <sai.praneeth.prakhya(a)intel.com> x86/speculation: Support Enhanced IBRS on future CPUs Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> x86/mm/pat: Disable preemption around __flush_tlb_all() He Zhe <zhe.he(a)windriver.com> x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided Juergen Gross <jgross(a)suse.com> x86/xen: Fix boot loader version reported for PVH guests Jiri Kosina <jkosina(a)suse.cz> x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation Alex Stanoev <alex(a)astanoev.com> ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops Jeremy Cline <jcline(a)redhat.com> ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) Hui Wang <hui.wang(a)canonical.com> ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 Takashi Iwai <tiwai(a)suse.de> ALSA: hda - Fix headphone pin config for ASUS G751 Takashi Iwai <tiwai(a)suse.de> ALSA: hda - Add quirk for ASUS G751 laptop Helge Deller <deller(a)gmx.de> parisc: Fix exported address of os_hpmc handler Helge Deller <deller(a)gmx.de> parisc: Fix map_pages() to not overwrite existing pte entries John David Anglin <dave.anglin(a)bell.net> parisc: Fix address in HPMC IVA Jan Glauber <jglauber(a)cavium.com> ipmi: Fix timer race with module unload Erik Schmauss <erik.schmauss(a)intel.com> ACPICA: AML interpreter: add region addresses in global list during initialization Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> cpufreq: conservative: Take limits changes into account properly Hou Tao <houtao1(a)huawei.com> jffs2: free jffs2_sb_info through jffs2_kill_sb() Dmitry Bazhenov <bazhenov.dn(a)gmail.com> hwmon: (pmbus) Fix page count auto-detection. Tang Junhui <tang.junhui.linux(a)gmail.com> bcache: fix miss key refill->end in writeback Tang Junhui <tang.junhui.linux(a)gmail.com> bcache: trace missed reading by cache_missed Rafał Miłecki <rafal(a)milecki.pl> spi: bcm-qspi: switch back to reading flash using smaller chunks Liu Xiang <liu.xiang6(a)zte.com.cn> mtd: spi-nor: fsl-quadspi: fix read error for flash size larger than 16MB ------------- Diffstat: Documentation/media/uapi/v4l/biblio.rst | 10 -- Documentation/media/uapi/v4l/colorspaces-defs.rst | 8 +- .../media/uapi/v4l/colorspaces-details.rst | 13 ++- Makefile | 4 +- arch/arm/boot/dts/dra7.dtsi | 2 +- arch/arm/boot/dts/exynos3250.dtsi | 16 +++ arch/arm/boot/dts/exynos4210-origen.dts | 9 ++ arch/arm/boot/dts/exynos4210.dtsi | 15 ++- arch/arm/boot/dts/exynos4412.dtsi | 2 - arch/arm/boot/dts/exynos5250.dtsi | 116 ++++++++++++++++----- arch/arm/boot/dts/exynos5420-cpus.dtsi | 16 --- arch/arm/boot/dts/exynos5422-cpus.dtsi | 16 --- arch/arm/boot/dts/socfpga_arria10.dtsi | 2 +- arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 2 +- arch/arm64/lib/Makefile | 2 +- arch/mips/cavium-octeon/executive/cvmx-helper.c | 2 +- arch/parisc/kernel/entry.S | 2 +- arch/parisc/kernel/hpmc.S | 3 +- arch/parisc/kernel/traps.c | 3 +- arch/parisc/mm/init.c | 8 +- arch/powerpc/include/asm/mpic.h | 7 ++ arch/s390/kvm/sthyi.c | 8 +- arch/sparc/include/asm/cpudata_64.h | 2 +- arch/sparc/kernel/perf_event.c | 26 ++++- arch/x86/boot/tools/build.c | 7 ++ arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/include/asm/nospec-branch.h | 1 + arch/x86/include/asm/tlbflush.h | 6 ++ arch/x86/kernel/check.c | 15 +++ arch/x86/kernel/cpu/bugs.c | 77 ++++++++++++-- arch/x86/kernel/cpu/common.c | 3 + arch/x86/kernel/fpu/signal.c | 1 - arch/x86/kvm/vmx.c | 7 +- arch/x86/mm/pageattr.c | 6 +- arch/x86/platform/olpc/olpc-xo1-rtc.c | 3 + arch/x86/xen/enlighten_pvh.c | 2 +- arch/x86/xen/platform-pci-unplug.c | 4 + arch/x86/xen/spinlock.c | 35 +++---- arch/x86/xen/xen-pvh.S | 2 +- block/bfq-wf2q.c | 13 ++- crypto/lrw.c | 7 +- crypto/tcrypt.c | 3 + drivers/acpi/acpi_lpss.c | 2 + drivers/acpi/acpi_processor.c | 7 +- drivers/acpi/acpica/dsopcode.c | 4 + drivers/block/ataflop.c | 25 +++-- drivers/block/swim.c | 13 ++- drivers/block/xen-blkfront.c | 4 + drivers/bluetooth/btbcm.c | 1 + drivers/char/ipmi/ipmi_ssif.c | 10 +- drivers/char/tpm/tpm-interface.c | 3 +- drivers/char/tpm/xen-tpmfront.c | 2 +- drivers/cpufreq/cpufreq-dt.c | 34 +++--- drivers/cpufreq/cpufreq_conservative.c | 6 +- drivers/crypto/caam/regs.h | 28 ++--- drivers/dma/dma-jz4780.c | 5 + drivers/dma/ioat/init.c | 9 +- drivers/dma/ppc4xx/adma.c | 2 +- drivers/dma/stm32-dma.c | 8 +- drivers/edac/amd64_edac.c | 14 +++ drivers/edac/amd64_edac.h | 3 + drivers/edac/i7core_edac.c | 1 + drivers/edac/sb_edac.c | 1 + drivers/edac/skx_edac.c | 3 +- drivers/hid/usbhid/hiddev.c | 18 +++- drivers/hv/channel_mgmt.c | 14 ++- drivers/hwmon/pmbus/pmbus.c | 2 + drivers/hwmon/pmbus/pmbus_core.c | 5 +- drivers/hwmon/pwm-fan.c | 12 ++- drivers/hwtracing/coresight/coresight-etb10.c | 4 + drivers/i2c/busses/i2c-rcar.c | 6 +- drivers/iio/adc/at91_adc.c | 6 +- drivers/iio/adc/fsl-imx25-gcq.c | 6 ++ drivers/iio/dac/ad5064.c | 53 +++++++--- drivers/infiniband/core/sysfs.c | 19 ++-- drivers/infiniband/hw/bnxt_re/qplib_rcfw.c | 13 ++- drivers/infiniband/hw/mlx5/mr.c | 2 +- drivers/infiniband/sw/rxe/rxe_resp.c | 8 +- drivers/infiniband/sw/rxe/rxe_verbs.h | 2 + drivers/infiniband/ulp/ipoib/ipoib_cm.c | 8 +- drivers/iommu/arm-smmu.c | 6 ++ drivers/lightnvm/pblk-recovery.c | 6 +- drivers/md/bcache/btree.c | 2 +- drivers/md/bcache/request.c | 2 +- drivers/md/dm-ioctl.c | 18 ++-- drivers/md/dm-zoned-metadata.c | 80 ++++++++------ drivers/md/md.c | 4 + drivers/media/common/v4l2-tpg/v4l2-tpg-core.c | 2 +- drivers/media/i2c/tvp5150.c | 2 +- drivers/media/usb/em28xx/em28xx-cards.c | 4 +- drivers/media/usb/em28xx/em28xx-video.c | 8 +- drivers/mfd/menelaus.c | 13 ++- drivers/misc/genwqe/card_base.h | 2 +- drivers/misc/genwqe/card_dev.c | 9 +- drivers/misc/vmw_vmci/vmci_driver.c | 2 +- drivers/misc/vmw_vmci/vmci_resource.c | 3 +- drivers/mmc/host/sdhci-pci-o2micro.c | 3 + drivers/mtd/nand/atmel/nand-controller.c | 4 + drivers/mtd/spi-nor/fsl-quadspi.c | 1 + drivers/net/dsa/mv88e6xxx/phy.c | 3 + drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 4 + drivers/net/ethernet/netronome/nfp/nfp_devlink.c | 17 ++- drivers/net/ethernet/qlogic/qla3xxx.c | 2 - drivers/net/phy/phylink.c | 3 + drivers/net/tun.c | 2 + drivers/net/wireless/ath/ath10k/wmi.c | 6 ++ .../net/wireless/broadcom/brcm80211/brcmutil/d11.c | 34 +++++- .../broadcom/brcm80211/include/brcmu_wifi.h | 2 + drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 9 +- drivers/net/wireless/intel/iwlwifi/mvm/rs.c | 24 ++++- drivers/net/wireless/intel/iwlwifi/mvm/tx.c | 9 +- drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 32 ++++-- drivers/net/wireless/marvell/libertas/if_usb.c | 2 - drivers/nvdimm/bus.c | 4 + drivers/nvdimm/region_devs.c | 11 +- drivers/pci/dwc/pci-dra7xx.c | 11 +- drivers/pci/host/pcie-mediatek.c | 11 ++ drivers/pci/host/vmd.c | 13 ++- drivers/pci/msi.c | 9 +- drivers/pci/pci-acpi.c | 16 ++- drivers/pci/pcie/aspm.c | 2 +- drivers/pci/quirks.c | 4 + drivers/pci/remove.c | 4 +- drivers/pcmcia/ricoh.h | 35 +++++++ drivers/pcmcia/yenta_socket.c | 3 +- drivers/pinctrl/qcom/pinctrl-spmi-mpp.c | 27 +++-- drivers/pinctrl/qcom/pinctrl-ssbi-gpio.c | 28 +++-- drivers/rpmsg/qcom_smd.c | 7 +- drivers/scsi/esp_scsi.c | 1 + drivers/scsi/esp_scsi.h | 2 + drivers/scsi/lpfc/lpfc_scsi.c | 14 ++- drivers/scsi/lpfc/lpfc_sli.c | 7 ++ drivers/scsi/mac_esp.c | 2 + drivers/scsi/megaraid/megaraid_sas_base.c | 3 + drivers/soc/tegra/pmc.c | 2 +- drivers/spi/spi-bcm-qspi.c | 2 +- drivers/spi/spi-ep93xx.c | 36 +++++-- drivers/tc/tc.c | 8 +- drivers/thermal/da9062-thermal.c | 4 +- drivers/tty/serial/kgdboc.c | 5 + drivers/uio/uio.c | 9 ++ drivers/usb/chipidea/otg.h | 3 +- drivers/usb/gadget/udc/atmel_usba_udc.c | 2 + drivers/usb/gadget/udc/renesas_usb3.c | 3 + drivers/usb/host/ohci-at91.c | 2 + drivers/usb/usbip/vudc_main.c | 10 +- drivers/w1/masters/omap_hdq.c | 2 + drivers/xen/swiotlb-xen.c | 6 ++ drivers/xen/xen-balloon.c | 13 ++- fs/btrfs/extent-tree.c | 113 ++++++++++++++------ fs/btrfs/file.c | 12 +++ fs/btrfs/free-space-cache.c | 42 ++++++-- fs/btrfs/inode.c | 15 ++- fs/btrfs/ioctl.c | 11 +- fs/btrfs/qgroup.c | 5 + fs/btrfs/qgroup.h | 2 + fs/btrfs/relocation.c | 2 +- fs/btrfs/transaction.c | 9 -- fs/btrfs/tree-log.c | 116 +++++++++++++++++---- fs/cifs/cifs_debug.c | 3 + fs/cifs/cifs_spnego.c | 6 +- fs/cifs/inode.c | 10 +- fs/cramfs/inode.c | 3 +- fs/ext4/ext4.h | 3 +- fs/ext4/inline.c | 2 +- fs/ext4/ioctl.c | 64 +++++++----- fs/ext4/move_extent.c | 8 +- fs/ext4/super.c | 73 ++++++++----- fs/f2fs/data.c | 8 +- fs/f2fs/recovery.c | 1 + fs/f2fs/super.c | 19 +++- fs/gfs2/ops_fstype.c | 3 + fs/jbd2/checkpoint.c | 4 +- fs/jffs2/super.c | 4 +- fs/lockd/host.c | 2 +- fs/nfs/nfs4client.c | 16 +-- fs/nfs/pagelist.c | 40 +++---- fs/proc/task_mmu.c | 4 +- include/linux/compat.h | 3 + include/linux/signal.h | 2 +- include/linux/tc.h | 1 + include/uapi/linux/ndctl.h | 48 ++++----- kernel/bounds.c | 4 +- kernel/bpf/syscall.c | 13 +++ kernel/cpu.c | 11 +- kernel/irq/manage.c | 8 +- kernel/kprobes.c | 27 +++-- kernel/locking/lockdep.c | 4 +- kernel/printk/printk.c | 7 +- kernel/sched/fair.c | 2 +- kernel/signal.c | 18 ++-- lib/debug_locks.c | 2 +- mm/hugetlb.c | 6 ++ mm/page_vma_mapped.c | 24 ++++- net/core/netclassid_cgroup.c | 1 + net/ipv4/cipso_ipv4.c | 11 +- net/sched/sch_api.c | 1 - net/sunrpc/svc_xprt.c | 2 +- net/xfrm/xfrm_policy.c | 8 +- security/integrity/ima/ima_fs.c | 6 +- sound/pci/ca0106/ca0106.h | 2 +- sound/pci/hda/hda_controller.h | 1 + sound/pci/hda/hda_intel.c | 11 +- sound/pci/hda/patch_conexant.c | 1 + sound/pci/hda/patch_realtek.c | 26 +++++ sound/soc/intel/skylake/skl-topology.c | 1 + tools/perf/Makefile.config | 2 +- .../pmu-events/arch/x86/ivytown/uncore-power.json | 16 +-- .../pmu-events/arch/x86/jaketown/uncore-power.json | 16 +-- tools/perf/util/event.c | 1 + tools/perf/util/pmu.c | 13 +-- tools/perf/util/strbuf.c | 10 +- tools/perf/util/trace-event-info.c | 2 + tools/perf/util/trace-event-read.c | 5 +- tools/power/cpupower/utils/cpufreq-info.c | 2 + tools/power/cpupower/utils/helpers/amd.c | 7 +- .../inter-event/trigger-synthetic-event-syntax.tc | 80 ++++++++++++++ tools/testing/selftests/net/reuseport_bpf.c | 13 ++- .../selftests/powerpc/ptrace/ptrace-tm-spd-gpr.c | 4 +- virt/kvm/arm/arm.c | 4 +- 221 files changed, 1841 insertions(+), 677 deletions(-)

5 years, 11 months

6
230
0 0

[PATCH 4.9 000/141] 4.9.137-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.137 release. There are 141 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Tue Nov 13 22:15:38 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.137-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.137-rc1 Josef Bacik <jbacik(a)fb.com> btrfs: set max_extent_size properly Filipe Manana <fdmanana(a)suse.com> Btrfs: fix null pointer dereference on compressed write path error Qu Wenruo <wqu(a)suse.com> btrfs: qgroup: Dirty all qgroups before rescan Filipe Manana <fdmanana(a)suse.com> Btrfs: fix wrong dentries after fsync of file that got its parent replaced Josef Bacik <josef(a)toxicpanda.com> btrfs: make sure we create all new block groups Josef Bacik <jbacik(a)fb.com> btrfs: reset max_extent_size on clear in a bitmap Josef Bacik <josef(a)toxicpanda.com> btrfs: wait on caching when putting the bg cache Jeff Mahoney <jeffm(a)suse.com> btrfs: don't attempt to trim devices that don't support it Jeff Mahoney <jeffm(a)suse.com> btrfs: iterate all devices during trim, instead of fs_devices::alloc_list Jeff Mahoney <jeffm(a)suse.com> btrfs: fix error handling in free_log_tree Qu Wenruo <wqu(a)suse.com> btrfs: locking: Add extra check in btrfs_init_new_buffer() to avoid deadlock Qu Wenruo <wqu(a)suse.com> btrfs: Handle owner mismatch gracefully when walking up tree Johan Hovold <johan(a)kernel.org> soc/tegra: pmc: Fix child-node lookup Thor Thayer <thor.thayer(a)linux.intel.com> arm64: dts: stratix10: Correct System Manager register size Nicolas Pitre <nicolas.pitre(a)linaro.org> Cramfs: fix abad comparison when wrap-arounds occur Colin Ian King <colin.king(a)canonical.com> rpmsg: smd: fix memory leak on channel create Tri Vo <trong(a)android.com> arm64: lse: remove -fcall-used-x0 flag Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> media: em28xx: make v4l2-compliance happier by starting sequence on zero Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> media: em28xx: fix input name for Terratec AV 350 Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> media: tvp5150: avoid going past array on v4l2_querymenu() Mauro Carvalho Chehab <mchehab+samsung(a)kernel.org> media: em28xx: use a default format if TRY_FMT fails Juergen Gross <jgross(a)suse.com> xen: fix xen_qlock_wait() He Zhe <zhe.he(a)windriver.com> kgdboc: Passing ekgdboc to command line causes panic Hans Verkuil <hverkuil(a)xs4all.nl> media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD Maciej W. Rozycki <macro(a)linux-mips.org> TC: Set DMA masks for devices Aaro Koskinen <aaro.koskinen(a)iki.fi> MIPS: OCTEON: fix out of bounds array access on CN68XX Christophe Leroy <christophe.leroy(a)c-s.fr> powerpc/msi: Fix compile error on mpc83xx Wenwen Wang <wang6495(a)umn.edu> dm ioctl: harden copy_params()'s copy_from_user() from malicious users Amir Goldstein <amir73il(a)gmail.com> lockd: fix access beyond unterminated strings in prints Trond Myklebust <trondmy(a)gmail.com> nfsd: Fix an Oops in free_session() Trond Myklebust <trond.myklebust(a)hammerspace.com> NFSv4.1: Fix the r/wsize checking Lukas Wunner <lukas(a)wunner.de> genirq: Fix race on spurious interrupt detection He Zhe <zhe.he(a)windriver.com> printk: Fix panic caused by passing log_buf_len to command line Steve French <stfrench(a)microsoft.com> smb3: on kerberos mount if server doesn't specify auth type use krb5 Steve French <stfrench(a)microsoft.com> smb3: do not attempt cifs operation in smb3 query info error path Steve French <stfrench(a)microsoft.com> smb3: allow stats which track session and share reconnects to be reset Andreas Kemnade <andreas(a)kemnade.info> w1: omap-hdq: fix missing bus unregister at removal Eugen Hristev <eugen.hristev(a)microchip.com> iio: adc: at91: fix wrong channel number in triggered buffer mode Eugen Hristev <eugen.hristev(a)microchip.com> iio: adc: at91: fix acking DRDY irq on simple conversions Alexey Khoroshilov <khoroshilov(a)ispras.ru> iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() Lars-Peter Clausen <lars(a)metafoo.de> iio: ad5064: Fix regulator handling Arnd Bergmann <arnd(a)arndb.de> kbuild: fix kernel/bounds.c 'W=1' warning Mike Kravetz <mike.kravetz(a)oracle.com> hugetlbfs: dirty pages as they are added to pagecache Eric Biggers <ebiggers(a)google.com> ima: fix showing large 'violations' or 'runtime_measurements_count' Horia Geantă <horia.geanta(a)nxp.com> crypto: tcrypt - fix ghash-generic speed test Ondrej Mosnacek <omosnace(a)redhat.com> crypto: lrw - Fix out-of bounds access on counter overflow Eric W. Biederman <ebiederm(a)xmission.com> signal/GenWQE: Fix sending of SIGKILL Bin Meng <bmeng.cn(a)gmail.com> PCI: Add Device IDs for Intel GPU "spurious interrupt" quirk Qiuxu Zhuo <qiuxu.zhuo(a)intel.com> EDAC, skx_edac: Fix logical channel intermediate decoding Tony Luck <tony.luck(a)intel.com> EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting Breno Leitao <leitao(a)debian.org> HID: hiddev: fix potential Spectre v1 Wang Shilong <wshilong(a)ddn.com> ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR Lukas Czerner <lczerner(a)redhat.com> ext4: initialize retries variable in ext4_da_write_inline_data_begin() Al Viro <viro(a)zeniv.linux.org.uk> gfs2_meta: ->mount() can get NULL dev_name Jan Kara <jack(a)suse.cz> jbd2: fix use after free in jbd2_log_do_checkpoint() Takashi Iwai <tiwai(a)suse.de> ASoC: intel: skylake: Add missing break in skl_tplg_get_token() Alexander Duyck <alexander.h.duyck(a)linux.intel.com> libnvdimm: Hold reference on parent while scheduling async init Stefan Nuernberger <snu(a)amazon.com> net/ipv4: defensive cipso option parsing Luca Coelho <luciano.coelho(a)intel.com> iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() Shuah Khan (Samsung OSG) <shuah(a)kernel.org> usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten Lubomir Rintel <lkundrak(a)v3.sk> libertas: don't set URB_ZERO_PACKET on IN USB transfer Juergen Gross <jgross(a)suse.com> xen: make xen_qlock_wait() nestable Juergen Gross <jgross(a)suse.com> xen: fix race in xen_qlock_wait() Vasilis Liaskovitis <vliaskovitis(a)suse.com> xen/blkfront: avoid NULL blkfront_info dereference on device removal Dr. Greg Wettstein <greg(a)wind.enjellic.com> tpm: Restore functionality to xen vtpm driver. Joe Jin <joe.jin(a)oracle.com> xen-swiotlb: use actually allocated size on check physical continuous Marek Szyprowski <m.szyprowski(a)samsung.com> ARM: dts: exynos: Mark 1 GHz CPU OPP as suspend OPP on Exynos5250 Marek Szyprowski <m.szyprowski(a)samsung.com> ARM: dts: exynos: Convert exynos5250.dtsi to opp-v2 bindings Viresh Kumar <viresh.kumar(a)linaro.org> arm: dts: exynos: Add missing cooling device properties for CPUs Viresh Kumar <viresh.kumar(a)linaro.org> ARM: dts: exynos: Remove "cooling-{min|max}-level" for CPU nodes Takashi Iwai <tiwai(a)suse.de> ALSA: hda: Check the non-cached stream buffers more explicitly Paul Cercueil <paul(a)crapouillou.net> dmaengine: dma-jz4780: Return error if not probed from DT Eric W. Biederman <ebiederm(a)xmission.com> signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init James Smart <jsmart2021(a)gmail.com> scsi: lpfc: Correct soft lockup when running mds diagnostics Alexandre Belloni <alexandre.belloni(a)bootlin.com> uio: ensure class is registered before devices Waiman Long <longman(a)redhat.com> driver/dma/ioat: Call del_timer_sync() without holding prep_lock Loic Poulain <loic.poulain(a)linaro.org> usb: chipidea: Prevent unbalanced IRQ disable Horia Geantă <horia.geanta(a)nxp.com> crypto: caam - fix implicit casts in endianness helpers Suzuki K Poulose <suzuki.poulose(a)arm.com> coresight: etb10: Fix handling of perf mode Tonghao Zhang <xiangxia.m.yue(a)gmail.com> PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice Shaohua Li <shli(a)fb.com> MD: fix invalid stored role for a disk Theodore Ts'o <tytso(a)mit.edu> ext4: fix argument checking in EXT4_IOC_MOVE_EXT Alexandre Belloni <alexandre.belloni(a)bootlin.com> usb: gadget: udc: atmel: handle at91sam9rl PMC Jorgen Hansen <jhansen(a)vmware.com> VMCI: Resource wildcard match fixed Javier Martinez Canillas <javierm(a)redhat.com> tpm: suppress transmit cmd error logs when TPM 1.2 is disabled/deactivated Denis Drozdov <denisd(a)mellanox.com> IB/ipoib: Clear IPCB before icmp_send Parav Pandit <parav(a)mellanox.com> RDMA/core: Do not expose unsupported counters Wenwen Wang <wang6495(a)umn.edu> scsi: megaraid_sas: fix a missing-check bug Finn Thain <fthain(a)telegraphics.com.au> scsi: esp_scsi: Track residual for PIO transfers Michal Hocko <mhocko(a)suse.com> cgroup, netclassid: add a preemption point to write_classid Martin Willi <martin(a)strongswan.org> ath10k: schedule hardware restart if WMI command times out Sebastian Basierski <sebastianx.basierski(a)intel.com> ixgbevf: VF2VF TCP RSS Douglas Anderson <dianders(a)chromium.org> pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant Douglas Anderson <dianders(a)chromium.org> pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant Stephen Boyd <swboyd(a)chromium.org> pinctrl: qcom: spmi-mpp: Fix drive strength setting Hans de Goede <hdegoede(a)redhat.com> ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers Masami Hiramatsu <mhiramat(a)kernel.org> kprobes: Return error if we fail to reuse kprobe instead of BUG_ON() Arend van Spriel <arend.vanspriel(a)broadcom.com> brcmfmac: fix for proper support of 160MHz bandwidth YueHaibing <yuehaibing(a)huawei.com> pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux Ben Hutchings <ben(a)decadent.org.uk> x86: boot: Fix EFI stub alignment Christian Hewitt <christianshewitt(a)gmail.com> Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth Viresh Kumar <viresh.kumar(a)linaro.org> cpufreq: dt: Try freeing static OPPs only if we have added them Lubomir Rintel <lkundrak(a)v3.sk> x86/olpc: Indicate that legacy PC XO-1 platform should not register RTC Shaul Triebitz <shaul.triebitz(a)intel.com> iwlwifi: pcie: avoid empty free RB queue Yu Zhao <yuzhao(a)google.com> mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 Prarit Bhargava <prarit(a)redhat.com> cpupower: Fix coredump on VMWare Sanskriti Sharma <sansharm(a)redhat.com> perf strbuf: Match va_{add,copy} with va_end Sanskriti Sharma <sansharm(a)redhat.com> perf tools: Cleanup trace-event-info 'tdata' leak Sanskriti Sharma <sansharm(a)redhat.com> perf tools: Free temporary 'sys' string in read_event_files() Thierry Reding <treding(a)nvidia.com> hwmon: (pwm-fan) Set fan speed to 0 on suspend Janosch Frank <frankja(a)linux.ibm.com> s390/sthyi: Fix machine name validity indication Serhey Popovych <serhe.popovych(a)gmail.com> tun: Consistently configure generic netdev params via rtnetlink Omar Sandoval <osandov(a)fb.com> swim: fix cleanup on setup error Omar Sandoval <osandov(a)fb.com> ataflop: fix error handling during setup Waiman Long <longman(a)redhat.com> locking/lockdep: Fix debug_locks off performance problem Wolfram Sang <wsa+renesas(a)sang-engineering.com> i2c: rcar: cleanup DMA for all kinds of failure Masami Hiramatsu <mhiramat(a)kernel.org> selftests: ftrace: Add synthetic event syntax testcase Nathan Chancellor <natechancellor(a)gmail.com> net: qla3xxx: Remove overflowing shift statement Sebastian Andrzej Siewior <bigeasy(a)linutronix.de> x86/fpu: Remove second definition of fpu in __fpu__restore_sig() David Miller <davem(a)davemloft.net> perf cpu_map: Align cpu map synthesized events properly. Song Muchun <smuchun(a)gmail.com> sched/fair: Fix the min_vruntime update logic in dequeue_entity() David S. Miller <davem(a)davemloft.net> sparc64: Make proc_id signed. David S. Miller <davem(a)davemloft.net> sparc: Fix single-pcr perf event counter management. Florian Westphal <fw(a)strlen.de> xfrm: policy: use hlist rcu variants on insert Jiri Olsa <jolsa(a)kernel.org> Revert "perf tools: Fix PMU term format max value calculation" Eric Dumazet <edumazet(a)google.com> bpf: do not blindly change rlimit in reuseport net selftest Sai Praneeth <sai.praneeth.prakhya(a)intel.com> x86/speculation: Support Enhanced IBRS on future CPUs He Zhe <zhe.he(a)windriver.com> x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided Jiri Kosina <jkosina(a)suse.cz> x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation Alex Stanoev <alex(a)astanoev.com> ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops Jeremy Cline <jcline(a)redhat.com> ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) Takashi Iwai <tiwai(a)suse.de> ALSA: hda - Fix headphone pin config for ASUS G751 Takashi Iwai <tiwai(a)suse.de> ALSA: hda - Add quirk for ASUS G751 laptop Helge Deller <deller(a)gmx.de> parisc: Fix map_pages() to not overwrite existing pte entries John David Anglin <dave.anglin(a)bell.net> parisc: Fix address in HPMC IVA Jan Glauber <jglauber(a)cavium.com> ipmi: Fix timer race with module unload Erik Schmauss <erik.schmauss(a)intel.com> ACPICA: AML interpreter: add region addresses in global list during initialization Maciej S. Szmigiero <mail(a)maciej.szmigiero.name> pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges Hou Tao <houtao1(a)huawei.com> jffs2: free jffs2_sb_info through jffs2_kill_sb() Dmitry Bazhenov <bazhenov.dn(a)gmail.com> hwmon: (pmbus) Fix page count auto-detection. Tang Junhui <tang.junhui.linux(a)gmail.com> bcache: fix miss key refill->end in writeback ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/exynos3250.dtsi | 16 +++ arch/arm/boot/dts/exynos4210.dtsi | 15 ++- arch/arm/boot/dts/exynos4412.dtsi | 2 - arch/arm/boot/dts/exynos5250.dtsi | 116 ++++++++++++++++----- arch/arm/boot/dts/exynos5420-cpus.dtsi | 16 --- arch/arm/boot/dts/exynos5422-cpus.dtsi | 16 --- arch/arm64/boot/dts/altera/socfpga_stratix10.dtsi | 2 +- arch/arm64/lib/Makefile | 2 +- arch/mips/cavium-octeon/executive/cvmx-helper.c | 2 +- arch/parisc/kernel/entry.S | 2 +- arch/parisc/kernel/traps.c | 3 +- arch/parisc/mm/init.c | 8 +- arch/powerpc/include/asm/mpic.h | 7 ++ arch/s390/kvm/sthyi.c | 8 +- arch/sparc/include/asm/cpudata_64.h | 2 +- arch/sparc/kernel/perf_event.c | 17 ++- arch/x86/boot/tools/build.c | 7 ++ arch/x86/include/asm/cpufeatures.h | 1 + arch/x86/include/asm/nospec-branch.h | 1 + arch/x86/kernel/check.c | 15 +++ arch/x86/kernel/cpu/bugs.c | 77 ++++++++++++-- arch/x86/kernel/cpu/common.c | 3 + arch/x86/kernel/fpu/signal.c | 1 - arch/x86/platform/olpc/olpc-xo1-rtc.c | 3 + arch/x86/xen/spinlock.c | 35 +++---- crypto/lrw.c | 7 +- crypto/tcrypt.c | 3 + drivers/acpi/acpi_lpss.c | 2 + drivers/acpi/acpica/dsopcode.c | 4 + drivers/block/ataflop.c | 25 +++-- drivers/block/swim.c | 13 ++- drivers/block/xen-blkfront.c | 3 + drivers/bluetooth/btbcm.c | 1 + drivers/char/ipmi/ipmi_ssif.c | 10 +- drivers/char/tpm/tpm-interface.c | 3 +- drivers/char/tpm/xen-tpmfront.c | 2 +- drivers/cpufreq/cpufreq-dt.c | 34 +++--- drivers/crypto/caam/regs.h | 28 ++--- drivers/dma/dma-jz4780.c | 5 + drivers/dma/ioat/init.c | 9 +- drivers/edac/i7core_edac.c | 1 + drivers/edac/sb_edac.c | 1 + drivers/edac/skx_edac.c | 3 +- drivers/hid/usbhid/hiddev.c | 18 +++- drivers/hwmon/pmbus/pmbus.c | 2 + drivers/hwmon/pmbus/pmbus_core.c | 5 +- drivers/hwmon/pwm-fan.c | 12 ++- drivers/hwtracing/coresight/coresight-etb10.c | 4 + drivers/i2c/busses/i2c-rcar.c | 6 +- drivers/iio/adc/at91_adc.c | 6 +- drivers/iio/adc/fsl-imx25-gcq.c | 6 ++ drivers/iio/dac/ad5064.c | 53 +++++++--- drivers/infiniband/core/sysfs.c | 19 ++-- drivers/infiniband/ulp/ipoib/ipoib_cm.c | 8 +- drivers/md/bcache/btree.c | 2 +- drivers/md/dm-ioctl.c | 18 ++-- drivers/md/md.c | 4 + drivers/media/common/v4l2-tpg/v4l2-tpg-core.c | 2 +- drivers/media/i2c/tvp5150.c | 2 +- drivers/media/usb/em28xx/em28xx-cards.c | 4 +- drivers/media/usb/em28xx/em28xx-video.c | 8 +- drivers/misc/genwqe/card_base.h | 2 +- drivers/misc/genwqe/card_dev.c | 9 +- drivers/misc/vmw_vmci/vmci_driver.c | 2 +- drivers/misc/vmw_vmci/vmci_resource.c | 3 +- drivers/mmc/host/sdhci-pci-o2micro.c | 3 + drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 4 + drivers/net/ethernet/qlogic/qla3xxx.c | 2 - drivers/net/tun.c | 2 + drivers/net/wireless/ath/ath10k/wmi.c | 6 ++ .../net/wireless/broadcom/brcm80211/brcmutil/d11.c | 34 +++++- .../broadcom/brcm80211/include/brcmu_wifi.h | 2 + drivers/net/wireless/intel/iwlwifi/mvm/rs.c | 24 ++++- drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 32 ++++-- drivers/net/wireless/marvell/libertas/if_usb.c | 2 - drivers/nvdimm/bus.c | 4 + drivers/pci/msi.c | 9 +- drivers/pci/quirks.c | 4 + drivers/pcmcia/ricoh.h | 35 +++++++ drivers/pcmcia/yenta_socket.c | 3 +- drivers/pinctrl/qcom/pinctrl-spmi-mpp.c | 27 +++-- drivers/pinctrl/qcom/pinctrl-ssbi-gpio.c | 28 +++-- drivers/rpmsg/qcom_smd.c | 7 +- drivers/scsi/esp_scsi.c | 1 + drivers/scsi/esp_scsi.h | 2 + drivers/scsi/lpfc/lpfc_sli.c | 7 ++ drivers/scsi/mac_esp.c | 2 + drivers/scsi/megaraid/megaraid_sas_base.c | 3 + drivers/soc/tegra/pmc.c | 2 +- drivers/tc/tc.c | 8 +- drivers/tty/serial/kgdboc.c | 5 + drivers/uio/uio.c | 9 ++ drivers/usb/chipidea/otg.h | 3 +- drivers/usb/gadget/udc/atmel_usba_udc.c | 2 + drivers/usb/usbip/vudc_main.c | 10 +- drivers/w1/masters/omap_hdq.c | 2 + drivers/xen/swiotlb-xen.c | 6 ++ fs/btrfs/extent-tree.c | 47 +++++++-- fs/btrfs/free-space-cache.c | 32 ++++-- fs/btrfs/inode.c | 1 + fs/btrfs/qgroup.c | 1 + fs/btrfs/relocation.c | 2 +- fs/btrfs/tree-log.c | 39 +++++-- fs/cifs/cifs_debug.c | 3 + fs/cifs/cifs_spnego.c | 6 +- fs/cifs/inode.c | 10 +- fs/cramfs/inode.c | 3 +- fs/ext4/inline.c | 2 +- fs/ext4/ioctl.c | 4 +- fs/ext4/move_extent.c | 8 +- fs/gfs2/ops_fstype.c | 3 + fs/jbd2/checkpoint.c | 4 +- fs/jffs2/super.c | 4 +- fs/lockd/host.c | 2 +- fs/nfs/nfs4client.c | 16 +-- include/linux/tc.h | 1 + kernel/bounds.c | 4 +- kernel/cpu.c | 11 +- kernel/irq/manage.c | 8 +- kernel/kprobes.c | 27 +++-- kernel/locking/lockdep.c | 4 +- kernel/printk/printk.c | 7 +- kernel/sched/fair.c | 2 +- kernel/signal.c | 2 +- lib/debug_locks.c | 2 +- mm/hugetlb.c | 6 ++ net/core/netclassid_cgroup.c | 1 + net/ipv4/cipso_ipv4.c | 11 +- net/sunrpc/svc_xprt.c | 2 +- net/xfrm/xfrm_policy.c | 8 +- security/integrity/ima/ima_fs.c | 6 +- sound/pci/ca0106/ca0106.h | 2 +- sound/pci/hda/hda_controller.h | 1 + sound/pci/hda/hda_intel.c | 11 +- sound/pci/hda/patch_conexant.c | 1 + sound/pci/hda/patch_realtek.c | 20 ++++ sound/soc/intel/skylake/skl-topology.c | 1 + tools/perf/util/event.c | 1 + tools/perf/util/pmu.c | 13 +-- tools/perf/util/strbuf.c | 10 +- tools/perf/util/trace-event-info.c | 2 + tools/perf/util/trace-event-read.c | 5 +- tools/power/cpupower/utils/cpufreq-info.c | 2 + tools/power/cpupower/utils/helpers/amd.c | 5 + .../inter-event/trigger-synthetic-event-syntax.tc | 80 ++++++++++++++ tools/testing/selftests/net/reuseport_bpf.c | 13 ++- 147 files changed, 1116 insertions(+), 360 deletions(-)

5 years, 11 months

5
147
0 0

[PATCH v7 08/17] tpm: call tpm2_flush_space() on error in tpm_try_transmit()

by Jarkko Sakkinen

Always call tpm2_flush_space() on failure in tpm_try_transmit() so that the volatile memory of the TPM gets cleared. If /dev/tpm0 does not have sufficient permissions (usually it has), this could lead to the leakage of TPM objects. Through /dev/tpmrm0 this issue does not raise any new security concerns. Cc: James Bottomley <James.Bottomley(a)HansenPartnership.com> Cc: stable(a)vger.kernel.org Fixes: 745b361e989a ("tpm:tpm: infrastructure for TPM spaces") Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com> Reviewed-by: Stefan Berger <stefanb(a)linux.ibm.com> --- drivers/char/tpm/tpm-interface.c | 29 ++++++++++++----------------- drivers/char/tpm/tpm.h | 1 + drivers/char/tpm/tpm2-space.c | 2 +- 3 files changed, 14 insertions(+), 18 deletions(-) diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 11af50646ed1..ef00b698ec02 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -224,14 +224,14 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip, rc = tpm2_prepare_space(chip, space, ordinal, buf); if (rc) - goto out; + goto out_idle; rc = chip->ops->send(chip, buf, count); if (rc < 0) { if (rc != -EPIPE) dev_err(&chip->dev, "%s: tpm_send: error %d\n", __func__, rc); - goto out; + goto out_space; } if (chip->flags & TPM_CHIP_FLAG_IRQ) @@ -247,7 +247,7 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip, if (chip->ops->req_canceled(chip, status)) { dev_err(&chip->dev, "Operation Canceled\n"); rc = -ECANCELED; - goto out; + goto out_space; } tpm_msleep(TPM_TIMEOUT_POLL); @@ -257,28 +257,23 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip, chip->ops->cancel(chip); dev_err(&chip->dev, "Operation Timed out\n"); rc = -ETIME; - goto out; + goto out_space; out_recv: len = chip->ops->recv(chip, buf, bufsiz); if (len < 0) { rc = len; - dev_err(&chip->dev, - "tpm_transmit: tpm_recv: error %d\n", rc); - goto out; - } else if (len < TPM_HEADER_SIZE) { + dev_err(&chip->dev, "tpm_transmit: tpm_recv: error %d\n", rc); + } else if (len < TPM_HEADER_SIZE || len != be32_to_cpu(header->length)) rc = -EFAULT; - goto out; - } - if (len != be32_to_cpu(header->length)) { - rc = -EFAULT; - goto out; - } - - rc = tpm2_commit_space(chip, space, ordinal, buf, &len); +out_space: + if (rc) + tpm2_flush_space(chip); + else + rc = tpm2_commit_space(chip, space, ordinal, buf, &len); -out: +out_idle: /* may fail but do not override previous error value in rc */ tpm_go_idle(chip, flags); diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index 86fa8ac0ae20..92638ec6ec97 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -576,6 +576,7 @@ int tpm2_probe(struct tpm_chip *chip); int tpm2_find_cc(struct tpm_chip *chip, u32 cc); int tpm2_init_space(struct tpm_space *space); void tpm2_del_space(struct tpm_chip *chip, struct tpm_space *space); +void tpm2_flush_space(struct tpm_chip *chip); int tpm2_prepare_space(struct tpm_chip *chip, struct tpm_space *space, u32 cc, u8 *cmd); int tpm2_commit_space(struct tpm_chip *chip, struct tpm_space *space, diff --git a/drivers/char/tpm/tpm2-space.c b/drivers/char/tpm/tpm2-space.c index 862ee1ce1755..393d9aadadce 100644 --- a/drivers/char/tpm/tpm2-space.c +++ b/drivers/char/tpm/tpm2-space.c @@ -162,7 +162,7 @@ static int tpm2_save_context(struct tpm_chip *chip, u32 handle, u8 *buf, return 0; } -static void tpm2_flush_space(struct tpm_chip *chip) +void tpm2_flush_space(struct tpm_chip *chip) { struct tpm_space *space = &chip->work_space; int i; -- 2.19.1

5 years, 11 months

1
0
0 0

[PATCH v6 04/17] tpm: call tpm2_flush_space() on error in tpm_try_transmit()

by Jarkko Sakkinen

Always call tpm2_flush_space() on failure in tpm_try_transmit() so that the volatile memory of the TPM gets cleared. If /dev/tpm0 does not have sufficient permissions (usually it has), this could lead to the leakage of TPM objects. Through /dev/tpmrm0 this issue does not raise any new security concerns. Cc: James Bottomley <James.Bottomley(a)HansenPartnership.com> Cc: stable(a)vger.kernel.org Fixes: 745b361e989a ("tpm:tpm: infrastructure for TPM spaces") Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com> Reviewed-by: Stefan Berger <stefanb(a)linux.ibm.com> --- drivers/char/tpm/tpm-interface.c | 33 +++++++++++++++----------------- drivers/char/tpm/tpm.h | 1 + drivers/char/tpm/tpm2-space.c | 2 +- 3 files changed, 17 insertions(+), 19 deletions(-) diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 64510ed81b46..c9efd1b9fd2c 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -224,14 +224,14 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip, rc = tpm2_prepare_space(chip, space, ordinal, buf); if (rc) - goto out; + goto out_idle; rc = chip->ops->send(chip, buf, count); if (rc < 0) { if (rc != -EPIPE) dev_err(&chip->dev, "%s: tpm_send: error %d\n", __func__, rc); - goto out; + goto out_space; } if (chip->flags & TPM_CHIP_FLAG_IRQ) @@ -247,7 +247,7 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip, if (chip->ops->req_canceled(chip, status)) { dev_err(&chip->dev, "Operation Canceled\n"); rc = -ECANCELED; - goto out; + goto out_space; } tpm_msleep(TPM_TIMEOUT_POLL); @@ -257,30 +257,27 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip, chip->ops->cancel(chip); dev_err(&chip->dev, "Operation Timed out\n"); rc = -ETIME; - goto out; + goto out_space; out_recv: len = chip->ops->recv(chip, buf, bufsiz); if (len < 0) { rc = len; - dev_err(&chip->dev, - "tpm_transmit: tpm_recv: error %d\n", rc); - goto out; - } else if (len < TPM_HEADER_SIZE) { + dev_err(&chip->dev, "tpm_transmit: tpm_recv: error %d\n", rc); + } else if (len < TPM_HEADER_SIZE || len != be32_to_cpu(header->length)) rc = -EFAULT; - goto out; - } - if (len != be32_to_cpu(header->length)) { - rc = -EFAULT; - goto out; +out_space: + if (rc) { + tpm2_flush_space(chip); + } else { + rc = tpm2_commit_space(chip, space, ordinal, buf, &len); + if (rc) + dev_err(&chip->dev, "tpm2_commit_space: error %d\n", + rc); } - rc = tpm2_commit_space(chip, space, ordinal, buf, &len); - if (rc) - dev_err(&chip->dev, "tpm2_commit_space: error %d\n", rc); - -out: +out_idle: /* may fail but do not override previous error value in rc */ tpm_go_idle(chip, flags); diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index 49bca4d1e786..229ac42b644e 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -579,6 +579,7 @@ int tpm2_probe(struct tpm_chip *chip); int tpm2_find_cc(struct tpm_chip *chip, u32 cc); int tpm2_init_space(struct tpm_space *space); void tpm2_del_space(struct tpm_chip *chip, struct tpm_space *space); +void tpm2_flush_space(struct tpm_chip *chip); int tpm2_prepare_space(struct tpm_chip *chip, struct tpm_space *space, u32 cc, u8 *cmd); int tpm2_commit_space(struct tpm_chip *chip, struct tpm_space *space, diff --git a/drivers/char/tpm/tpm2-space.c b/drivers/char/tpm/tpm2-space.c index 1131a8e7b79b..d53c882268ff 100644 --- a/drivers/char/tpm/tpm2-space.c +++ b/drivers/char/tpm/tpm2-space.c @@ -162,7 +162,7 @@ static int tpm2_save_context(struct tpm_chip *chip, u32 handle, u8 *buf, return 0; } -static void tpm2_flush_space(struct tpm_chip *chip) +void tpm2_flush_space(struct tpm_chip *chip) { struct tpm_space *space = &chip->work_space; int i; -- 2.19.1

5 years, 11 months

1
0
0 0

[RESEND PATCH] mfd: tps6586x: Handle interrupts on suspend

by Jon Hunter

From: Jonathan Hunter <jonathanh(a)nvidia.com> The tps6586x driver creates an irqchip that is used by its various child devices for managing interrupts. The tps6586x-rtc device is one of its children that uses the tps6586x irqchip. When using the tps6586x-rtc as a wake-up device from suspend, the following is seen: PM: Syncing filesystems ... done. Freezing user space processes ... (elapsed 0.001 seconds) done. OOM killer disabled. Freezing remaining freezable tasks ... (elapsed 0.000 seconds) done. Disabling non-boot CPUs ... Entering suspend state LP1 Enabling non-boot CPUs ... CPU1 is up tps6586x 3-0034: failed to read interrupt status tps6586x 3-0034: failed to read interrupt status The reason why the tps6586x interrupt status cannot be read is because the tps6586x interrupt is not masked during suspend and when the tps6586x-rtc interrupt occurs, to wake-up the device, the interrupt is seen before the i2c controller has been resumed in order to read the tps6586x interrupt status. The tps6586x-rtc driver sets it's interrupt as a wake-up source during suspend, which gets propagated to the parent tps6586x interrupt. However, the tps6586x-rtc driver cannot disable it's interrupt during suspend otherwise we would never be woken up and so the tps6586x must disable it's interrupt instead. Prevent the tps6586x interrupt handler from executing on exiting suspend before the i2c controller has been resumed by disabling the tps6586x interrupt on entering suspend and re-enabling it on resuming from suspend. Cc: stable(a)vger.kernel.org Signed-off-by: Jon Hunter <jonathanh(a)nvidia.com> Reviewed-by: Dmitry Osipenko <digetx(a)gmail.com> Tested-by: Dmitry Osipenko <digetx(a)gmail.com> Acked-by: Thierry Reding <treding(a)nvidia.com> --- drivers/mfd/tps6586x.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/drivers/mfd/tps6586x.c b/drivers/mfd/tps6586x.c index b89379782741..9c7925ca13cf 100644 --- a/drivers/mfd/tps6586x.c +++ b/drivers/mfd/tps6586x.c @@ -592,6 +592,29 @@ static int tps6586x_i2c_remove(struct i2c_client *client) return 0; } +static int __maybe_unused tps6586x_i2c_suspend(struct device *dev) +{ + struct tps6586x *tps6586x = dev_get_drvdata(dev); + + if (tps6586x->client->irq) + disable_irq(tps6586x->client->irq); + + return 0; +} + +static int __maybe_unused tps6586x_i2c_resume(struct device *dev) +{ + struct tps6586x *tps6586x = dev_get_drvdata(dev); + + if (tps6586x->client->irq) + enable_irq(tps6586x->client->irq); + + return 0; +} + +static SIMPLE_DEV_PM_OPS(tps6586x_pm_ops, tps6586x_i2c_suspend, + tps6586x_i2c_resume); + static const struct i2c_device_id tps6586x_id_table[] = { { "tps6586x", 0 }, { }, @@ -602,6 +625,7 @@ static struct i2c_driver tps6586x_driver = { .driver = { .name = "tps6586x", .of_match_table = of_match_ptr(tps6586x_of_match), + .pm = &tps6586x_pm_ops, }, .probe = tps6586x_i2c_probe, .remove = tps6586x_i2c_remove, -- 2.7.4

5 years, 11 months

2
1
0 0

[PATCH] mfd: tps6586x: Handle interrupts on suspend

by Jon Hunter

From: Jonathan Hunter <jonathanh(a)nvidia.com> The tps6586x driver creates an irqchip that is used by its various child devices for managing interrupts. The tps6586x-rtc device is one of its children that uses the tps6586x irqchip. When using the tps6586x-rtc as a wake-up device from suspend, the following is seen: PM: Syncing filesystems ... done. Freezing user space processes ... (elapsed 0.001 seconds) done. OOM killer disabled. Freezing remaining freezable tasks ... (elapsed 0.000 seconds) done. Disabling non-boot CPUs ... Entering suspend state LP1 Enabling non-boot CPUs ... CPU1 is up tps6586x 3-0034: failed to read interrupt status tps6586x 3-0034: failed to read interrupt status The reason why the tps6586x interrupt status cannot be read is because the tps6586x interrupt is not masked during suspend and when the tps6586x-rtc interrupt occurs, to wake-up the device, the interrupt is seen before the i2c controller has been resumed in order to read the tps6586x interrupt status. The tps6586x-rtc driver sets it's interrupt as a wake-up source during suspend, which gets propagated to the parent tps6586x interrupt. However, the tps6586x-rtc driver cannot disable it's interrupt during suspend otherwise we would never be woken up and so the tps6586x must disable it's interrupt instead. Prevent the tps6586x interrupt handler from executing on exiting suspend before the i2c controller has been resumed by disabling the tps6586x interrupt on entering suspend and re-enabling it on resuming from suspend. Cc: stable(a)vger.kernel.org Signed-off-by: Jon Hunter <jonathanh(a)nvidia.com> --- drivers/mfd/tps6586x.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/drivers/mfd/tps6586x.c b/drivers/mfd/tps6586x.c index b89379782741..9c7925ca13cf 100644 --- a/drivers/mfd/tps6586x.c +++ b/drivers/mfd/tps6586x.c @@ -592,6 +592,29 @@ static int tps6586x_i2c_remove(struct i2c_client *client) return 0; } +static int __maybe_unused tps6586x_i2c_suspend(struct device *dev) +{ + struct tps6586x *tps6586x = dev_get_drvdata(dev); + + if (tps6586x->client->irq) + disable_irq(tps6586x->client->irq); + + return 0; +} + +static int __maybe_unused tps6586x_i2c_resume(struct device *dev) +{ + struct tps6586x *tps6586x = dev_get_drvdata(dev); + + if (tps6586x->client->irq) + enable_irq(tps6586x->client->irq); + + return 0; +} + +static SIMPLE_DEV_PM_OPS(tps6586x_pm_ops, tps6586x_i2c_suspend, + tps6586x_i2c_resume); + static const struct i2c_device_id tps6586x_id_table[] = { { "tps6586x", 0 }, { }, @@ -602,6 +625,7 @@ static struct i2c_driver tps6586x_driver = { .driver = { .name = "tps6586x", .of_match_table = of_match_ptr(tps6586x_of_match), + .pm = &tps6586x_pm_ops, }, .probe = tps6586x_i2c_probe, .remove = tps6586x_i2c_remove, -- 2.7.4

5 years, 11 months

4
11
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror November 2018