February 2018 - Linux-stable-mirror

Patch "crypto: inside-secure - per request invalidation" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled crypto: inside-secure - per request invalidation to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: crypto-inside-secure-per-request-invalidation.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 28 16:23:28 CET 2018 From: Ofer Heifetz <oferh(a)marvell.com> Date: Mon, 11 Dec 2017 12:10:55 +0100 Subject: crypto: inside-secure - per request invalidation From: Ofer Heifetz <oferh(a)marvell.com> [ Upstream commit 1eb7b40386c97f6c4d1c62931bf306f4535a4bd6 ] When an invalidation request is needed we currently override the context .send and .handle_result helpers. This is wrong as under high load other requests can already be queued and overriding the context helpers will make them execute the wrong .send and .handle_result functions. This commit fixes this by adding a needs_inv flag in the request to choose the action to perform when sending requests or handling their results. This flag will be set when needed (i.e. when the context flag will be set). Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") Signed-off-by: Ofer Heifetz <oferh(a)marvell.com> [Antoine: commit message, and removed non related changes from the original commit] Signed-off-by: Antoine Tenart <antoine.tenart(a)free-electrons.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/crypto/inside-secure/safexcel_cipher.c | 71 ++++++++++++++++++++----- drivers/crypto/inside-secure/safexcel_hash.c | 67 ++++++++++++++++++----- 2 files changed, 111 insertions(+), 27 deletions(-) --- a/drivers/crypto/inside-secure/safexcel_cipher.c +++ b/drivers/crypto/inside-secure/safexcel_cipher.c @@ -14,6 +14,7 @@ #include <crypto/aes.h> #include <crypto/skcipher.h> +#include <crypto/internal/skcipher.h> #include "safexcel.h" @@ -33,6 +34,10 @@ struct safexcel_cipher_ctx { unsigned int key_len; }; +struct safexcel_cipher_req { + bool needs_inv; +}; + static void safexcel_cipher_token(struct safexcel_cipher_ctx *ctx, struct crypto_async_request *async, struct safexcel_command_desc *cdesc, @@ -126,9 +131,9 @@ static int safexcel_context_control(stru return 0; } -static int safexcel_handle_result(struct safexcel_crypto_priv *priv, int ring, - struct crypto_async_request *async, - bool *should_complete, int *ret) +static int safexcel_handle_req_result(struct safexcel_crypto_priv *priv, int ring, + struct crypto_async_request *async, + bool *should_complete, int *ret) { struct skcipher_request *req = skcipher_request_cast(async); struct safexcel_result_desc *rdesc; @@ -265,7 +270,6 @@ static int safexcel_aes_send(struct cryp spin_unlock_bh(&priv->ring[ring].egress_lock); request->req = &req->base; - ctx->base.handle_result = safexcel_handle_result; *commands = n_cdesc; *results = n_rdesc; @@ -341,8 +345,6 @@ static int safexcel_handle_inv_result(st ring = safexcel_select_ring(priv); ctx->base.ring = ring; - ctx->base.needs_inv = false; - ctx->base.send = safexcel_aes_send; spin_lock_bh(&priv->ring[ring].queue_lock); enq_ret = crypto_enqueue_request(&priv->ring[ring].queue, async); @@ -359,6 +361,26 @@ static int safexcel_handle_inv_result(st return ndesc; } +static int safexcel_handle_result(struct safexcel_crypto_priv *priv, int ring, + struct crypto_async_request *async, + bool *should_complete, int *ret) +{ + struct skcipher_request *req = skcipher_request_cast(async); + struct safexcel_cipher_req *sreq = skcipher_request_ctx(req); + int err; + + if (sreq->needs_inv) { + sreq->needs_inv = false; + err = safexcel_handle_inv_result(priv, ring, async, + should_complete, ret); + } else { + err = safexcel_handle_req_result(priv, ring, async, + should_complete, ret); + } + + return err; +} + static int safexcel_cipher_send_inv(struct crypto_async_request *async, int ring, struct safexcel_request *request, int *commands, int *results) @@ -368,8 +390,6 @@ static int safexcel_cipher_send_inv(stru struct safexcel_crypto_priv *priv = ctx->priv; int ret; - ctx->base.handle_result = safexcel_handle_inv_result; - ret = safexcel_invalidate_cache(async, &ctx->base, priv, ctx->base.ctxr_dma, ring, request); if (unlikely(ret)) @@ -381,11 +401,29 @@ static int safexcel_cipher_send_inv(stru return 0; } +static int safexcel_send(struct crypto_async_request *async, + int ring, struct safexcel_request *request, + int *commands, int *results) +{ + struct skcipher_request *req = skcipher_request_cast(async); + struct safexcel_cipher_req *sreq = skcipher_request_ctx(req); + int ret; + + if (sreq->needs_inv) + ret = safexcel_cipher_send_inv(async, ring, request, + commands, results); + else + ret = safexcel_aes_send(async, ring, request, + commands, results); + return ret; +} + static int safexcel_cipher_exit_inv(struct crypto_tfm *tfm) { struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm); struct safexcel_crypto_priv *priv = ctx->priv; struct skcipher_request req; + struct safexcel_cipher_req *sreq = skcipher_request_ctx(&req); struct safexcel_inv_result result = {}; int ring = ctx->base.ring; @@ -399,7 +437,7 @@ static int safexcel_cipher_exit_inv(stru skcipher_request_set_tfm(&req, __crypto_skcipher_cast(tfm)); ctx = crypto_tfm_ctx(req.base.tfm); ctx->base.exit_inv = true; - ctx->base.send = safexcel_cipher_send_inv; + sreq->needs_inv = true; spin_lock_bh(&priv->ring[ring].queue_lock); crypto_enqueue_request(&priv->ring[ring].queue, &req.base); @@ -424,19 +462,21 @@ static int safexcel_aes(struct skcipher_ enum safexcel_cipher_direction dir, u32 mode) { struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(req->base.tfm); + struct safexcel_cipher_req *sreq = skcipher_request_ctx(req); struct safexcel_crypto_priv *priv = ctx->priv; int ret, ring; + sreq->needs_inv = false; ctx->direction = dir; ctx->mode = mode; if (ctx->base.ctxr) { - if (ctx->base.needs_inv) - ctx->base.send = safexcel_cipher_send_inv; + if (ctx->base.needs_inv) { + sreq->needs_inv = true; + ctx->base.needs_inv = false; + } } else { ctx->base.ring = safexcel_select_ring(priv); - ctx->base.send = safexcel_aes_send; - ctx->base.ctxr = dma_pool_zalloc(priv->context_pool, EIP197_GFP_FLAGS(req->base), &ctx->base.ctxr_dma); @@ -476,6 +516,11 @@ static int safexcel_skcipher_cra_init(st alg.skcipher.base); ctx->priv = tmpl->priv; + ctx->base.send = safexcel_send; + ctx->base.handle_result = safexcel_handle_result; + + crypto_skcipher_set_reqsize(__crypto_skcipher_cast(tfm), + sizeof(struct safexcel_cipher_req)); return 0; } --- a/drivers/crypto/inside-secure/safexcel_hash.c +++ b/drivers/crypto/inside-secure/safexcel_hash.c @@ -32,6 +32,7 @@ struct safexcel_ahash_req { bool last_req; bool finish; bool hmac; + bool needs_inv; int nents; @@ -121,9 +122,9 @@ static void safexcel_context_control(str } } -static int safexcel_handle_result(struct safexcel_crypto_priv *priv, int ring, - struct crypto_async_request *async, - bool *should_complete, int *ret) +static int safexcel_handle_req_result(struct safexcel_crypto_priv *priv, int ring, + struct crypto_async_request *async, + bool *should_complete, int *ret) { struct safexcel_result_desc *rdesc; struct ahash_request *areq = ahash_request_cast(async); @@ -169,9 +170,9 @@ static int safexcel_handle_result(struct return 1; } -static int safexcel_ahash_send(struct crypto_async_request *async, int ring, - struct safexcel_request *request, int *commands, - int *results) +static int safexcel_ahash_send_req(struct crypto_async_request *async, int ring, + struct safexcel_request *request, + int *commands, int *results) { struct ahash_request *areq = ahash_request_cast(async); struct crypto_ahash *ahash = crypto_ahash_reqtfm(areq); @@ -310,7 +311,6 @@ send_command: req->processed += len; request->req = &areq->base; - ctx->base.handle_result = safexcel_handle_result; *commands = n_cdesc; *results = 1; @@ -394,8 +394,6 @@ static int safexcel_handle_inv_result(st ring = safexcel_select_ring(priv); ctx->base.ring = ring; - ctx->base.needs_inv = false; - ctx->base.send = safexcel_ahash_send; spin_lock_bh(&priv->ring[ring].queue_lock); enq_ret = crypto_enqueue_request(&priv->ring[ring].queue, async); @@ -412,6 +410,26 @@ static int safexcel_handle_inv_result(st return 1; } +static int safexcel_handle_result(struct safexcel_crypto_priv *priv, int ring, + struct crypto_async_request *async, + bool *should_complete, int *ret) +{ + struct ahash_request *areq = ahash_request_cast(async); + struct safexcel_ahash_req *req = ahash_request_ctx(areq); + int err; + + if (req->needs_inv) { + req->needs_inv = false; + err = safexcel_handle_inv_result(priv, ring, async, + should_complete, ret); + } else { + err = safexcel_handle_req_result(priv, ring, async, + should_complete, ret); + } + + return err; +} + static int safexcel_ahash_send_inv(struct crypto_async_request *async, int ring, struct safexcel_request *request, int *commands, int *results) @@ -420,7 +438,6 @@ static int safexcel_ahash_send_inv(struc struct safexcel_ahash_ctx *ctx = crypto_ahash_ctx(crypto_ahash_reqtfm(areq)); int ret; - ctx->base.handle_result = safexcel_handle_inv_result; ret = safexcel_invalidate_cache(async, &ctx->base, ctx->priv, ctx->base.ctxr_dma, ring, request); if (unlikely(ret)) @@ -432,11 +449,29 @@ static int safexcel_ahash_send_inv(struc return 0; } +static int safexcel_ahash_send(struct crypto_async_request *async, + int ring, struct safexcel_request *request, + int *commands, int *results) +{ + struct ahash_request *areq = ahash_request_cast(async); + struct safexcel_ahash_req *req = ahash_request_ctx(areq); + int ret; + + if (req->needs_inv) + ret = safexcel_ahash_send_inv(async, ring, request, + commands, results); + else + ret = safexcel_ahash_send_req(async, ring, request, + commands, results); + return ret; +} + static int safexcel_ahash_exit_inv(struct crypto_tfm *tfm) { struct safexcel_ahash_ctx *ctx = crypto_tfm_ctx(tfm); struct safexcel_crypto_priv *priv = ctx->priv; struct ahash_request req; + struct safexcel_ahash_req *rctx = ahash_request_ctx(&req); struct safexcel_inv_result result = {}; int ring = ctx->base.ring; @@ -450,7 +485,7 @@ static int safexcel_ahash_exit_inv(struc ahash_request_set_tfm(&req, __crypto_ahash_cast(tfm)); ctx = crypto_tfm_ctx(req.base.tfm); ctx->base.exit_inv = true; - ctx->base.send = safexcel_ahash_send_inv; + rctx->needs_inv = true; spin_lock_bh(&priv->ring[ring].queue_lock); crypto_enqueue_request(&priv->ring[ring].queue, &req.base); @@ -501,14 +536,16 @@ static int safexcel_ahash_enqueue(struct struct safexcel_crypto_priv *priv = ctx->priv; int ret, ring; - ctx->base.send = safexcel_ahash_send; + req->needs_inv = false; if (req->processed && ctx->digest == CONTEXT_CONTROL_DIGEST_PRECOMPUTED) ctx->base.needs_inv = safexcel_ahash_needs_inv_get(areq); if (ctx->base.ctxr) { - if (ctx->base.needs_inv) - ctx->base.send = safexcel_ahash_send_inv; + if (ctx->base.needs_inv) { + ctx->base.needs_inv = false; + req->needs_inv = true; + } } else { ctx->base.ring = safexcel_select_ring(priv); ctx->base.ctxr = dma_pool_zalloc(priv->context_pool, @@ -642,6 +679,8 @@ static int safexcel_ahash_cra_init(struc struct safexcel_alg_template, alg.ahash); ctx->priv = tmpl->priv; + ctx->base.send = safexcel_ahash_send; + ctx->base.handle_result = safexcel_handle_result; crypto_ahash_set_reqsize(__crypto_ahash_cast(tfm), sizeof(struct safexcel_ahash_req)); Patches currently in stable-queue which might be from oferh(a)marvell.com are queue-4.14/crypto-inside-secure-per-request-invalidation.patch queue-4.14/crypto-inside-secure-fix-request-allocations-in-invalidation-path.patch queue-4.14/crypto-inside-secure-free-requests-even-if-their-handling-failed.patch

6 years, 10 months

1
0
0 0

Patch "crypto: inside-secure - free requests even if their handling failed" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled crypto: inside-secure - free requests even if their handling failed to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: crypto-inside-secure-free-requests-even-if-their-handling-failed.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 28 16:23:28 CET 2018 From: "Antoine Ténart" <antoine.tenart(a)free-electrons.com> Date: Mon, 11 Dec 2017 12:10:56 +0100 Subject: crypto: inside-secure - free requests even if their handling failed From: "Antoine Ténart" <antoine.tenart(a)free-electrons.com> [ Upstream commit 0a02dcca126280595950f3ea809f77c9cb0a235c ] This patch frees the request private data even if its handling failed, as it would never be freed otherwise. Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") Suggested-by: Ofer Heifetz <oferh(a)marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart(a)free-electrons.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/crypto/inside-secure/safexcel.c | 1 + 1 file changed, 1 insertion(+) --- a/drivers/crypto/inside-secure/safexcel.c +++ b/drivers/crypto/inside-secure/safexcel.c @@ -607,6 +607,7 @@ static inline void safexcel_handle_resul ndesc = ctx->handle_result(priv, ring, sreq->req, &should_complete, &ret); if (ndesc < 0) { + kfree(sreq); dev_err(priv->dev, "failed to handle result (%d)", ndesc); return; } Patches currently in stable-queue which might be from antoine.tenart(a)free-electrons.com are queue-4.14/crypto-inside-secure-per-request-invalidation.patch queue-4.14/crypto-inside-secure-fix-request-allocations-in-invalidation-path.patch queue-4.14/crypto-inside-secure-free-requests-even-if-their-handling-failed.patch

6 years, 10 months

1
0
0 0

Patch "crypto: inside-secure - fix request allocations in invalidation path" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled crypto: inside-secure - fix request allocations in invalidation path to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: crypto-inside-secure-fix-request-allocations-in-invalidation-path.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 28 16:23:28 CET 2018 From: "Antoine Ténart" <antoine.tenart(a)free-electrons.com> Date: Mon, 11 Dec 2017 12:10:57 +0100 Subject: crypto: inside-secure - fix request allocations in invalidation path From: "Antoine Ténart" <antoine.tenart(a)free-electrons.com> [ Upstream commit 7cad2fabd5691dbb17762877d4e7f236fe4bc181 ] This patch makes use of the SKCIPHER_REQUEST_ON_STACK and AHASH_REQUEST_ON_STACK helpers to allocate enough memory to contain both the crypto request structures and their embedded context (__ctx). Fixes: 1b44c5a60c13 ("crypto: inside-secure - add SafeXcel EIP197 crypto engine driver") Suggested-by: Ofer Heifetz <oferh(a)marvell.com> Signed-off-by: Antoine Tenart <antoine.tenart(a)free-electrons.com> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/crypto/inside-secure/safexcel_cipher.c | 16 ++++++++-------- drivers/crypto/inside-secure/safexcel_hash.c | 14 +++++++------- 2 files changed, 15 insertions(+), 15 deletions(-) --- a/drivers/crypto/inside-secure/safexcel_cipher.c +++ b/drivers/crypto/inside-secure/safexcel_cipher.c @@ -422,25 +422,25 @@ static int safexcel_cipher_exit_inv(stru { struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm); struct safexcel_crypto_priv *priv = ctx->priv; - struct skcipher_request req; - struct safexcel_cipher_req *sreq = skcipher_request_ctx(&req); + SKCIPHER_REQUEST_ON_STACK(req, __crypto_skcipher_cast(tfm)); + struct safexcel_cipher_req *sreq = skcipher_request_ctx(req); struct safexcel_inv_result result = {}; int ring = ctx->base.ring; - memset(&req, 0, sizeof(struct skcipher_request)); + memset(req, 0, sizeof(struct skcipher_request)); /* create invalidation request */ init_completion(&result.completion); - skcipher_request_set_callback(&req, CRYPTO_TFM_REQ_MAY_BACKLOG, - safexcel_inv_complete, &result); + skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, + safexcel_inv_complete, &result); - skcipher_request_set_tfm(&req, __crypto_skcipher_cast(tfm)); - ctx = crypto_tfm_ctx(req.base.tfm); + skcipher_request_set_tfm(req, __crypto_skcipher_cast(tfm)); + ctx = crypto_tfm_ctx(req->base.tfm); ctx->base.exit_inv = true; sreq->needs_inv = true; spin_lock_bh(&priv->ring[ring].queue_lock); - crypto_enqueue_request(&priv->ring[ring].queue, &req.base); + crypto_enqueue_request(&priv->ring[ring].queue, &req->base); spin_unlock_bh(&priv->ring[ring].queue_lock); if (!priv->ring[ring].need_dequeue) --- a/drivers/crypto/inside-secure/safexcel_hash.c +++ b/drivers/crypto/inside-secure/safexcel_hash.c @@ -470,25 +470,25 @@ static int safexcel_ahash_exit_inv(struc { struct safexcel_ahash_ctx *ctx = crypto_tfm_ctx(tfm); struct safexcel_crypto_priv *priv = ctx->priv; - struct ahash_request req; - struct safexcel_ahash_req *rctx = ahash_request_ctx(&req); + AHASH_REQUEST_ON_STACK(req, __crypto_ahash_cast(tfm)); + struct safexcel_ahash_req *rctx = ahash_request_ctx(req); struct safexcel_inv_result result = {}; int ring = ctx->base.ring; - memset(&req, 0, sizeof(struct ahash_request)); + memset(req, 0, sizeof(struct ahash_request)); /* create invalidation request */ init_completion(&result.completion); - ahash_request_set_callback(&req, CRYPTO_TFM_REQ_MAY_BACKLOG, + ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, safexcel_inv_complete, &result); - ahash_request_set_tfm(&req, __crypto_ahash_cast(tfm)); - ctx = crypto_tfm_ctx(req.base.tfm); + ahash_request_set_tfm(req, __crypto_ahash_cast(tfm)); + ctx = crypto_tfm_ctx(req->base.tfm); ctx->base.exit_inv = true; rctx->needs_inv = true; spin_lock_bh(&priv->ring[ring].queue_lock); - crypto_enqueue_request(&priv->ring[ring].queue, &req.base); + crypto_enqueue_request(&priv->ring[ring].queue, &req->base); spin_unlock_bh(&priv->ring[ring].queue_lock); if (!priv->ring[ring].need_dequeue) Patches currently in stable-queue which might be from antoine.tenart(a)free-electrons.com are queue-4.14/crypto-inside-secure-per-request-invalidation.patch queue-4.14/crypto-inside-secure-fix-request-allocations-in-invalidation-path.patch queue-4.14/crypto-inside-secure-free-requests-even-if-their-handling-failed.patch

6 years, 10 months

1
0
0 0

Patch "crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: crypto-af_alg-fix-race-around-ctx-rcvused-by-making-it-atomic_t.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 28 16:23:28 CET 2018 From: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> Date: Tue, 19 Dec 2017 10:27:24 +0000 Subject: crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t From: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> [ Upstream commit af955bf15d2c27496b0269b1f05c26f758c68314 ] This variable was increased and decreased without any protection. Result was an occasional misscount and negative wrap around resulting in false resource allocation failures. Fixes: 7d2c3f54e6f6 ("crypto: af_alg - remove locking in async callback") Signed-off-by: Jonathan Cameron <Jonathan.Cameron(a)huawei.com> Reviewed-by: Stephan Mueller <smueller(a)chronox.de> Signed-off-by: Herbert Xu <herbert(a)gondor.apana.org.au> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- crypto/af_alg.c | 4 ++-- crypto/algif_aead.c | 2 +- crypto/algif_skcipher.c | 2 +- include/crypto/if_alg.h | 5 +++-- 4 files changed, 7 insertions(+), 6 deletions(-) --- a/crypto/af_alg.c +++ b/crypto/af_alg.c @@ -693,7 +693,7 @@ void af_alg_free_areq_sgls(struct af_alg unsigned int i; list_for_each_entry_safe(rsgl, tmp, &areq->rsgl_list, list) { - ctx->rcvused -= rsgl->sg_num_bytes; + atomic_sub(rsgl->sg_num_bytes, &ctx->rcvused); af_alg_free_sg(&rsgl->sgl); list_del(&rsgl->list); if (rsgl != &areq->first_rsgl) @@ -1192,7 +1192,7 @@ int af_alg_get_rsgl(struct sock *sk, str areq->last_rsgl = rsgl; len += err; - ctx->rcvused += err; + atomic_add(err, &ctx->rcvused); rsgl->sg_num_bytes = err; iov_iter_advance(&msg->msg_iter, err); } --- a/crypto/algif_aead.c +++ b/crypto/algif_aead.c @@ -571,7 +571,7 @@ static int aead_accept_parent_nokey(void INIT_LIST_HEAD(&ctx->tsgl_list); ctx->len = len; ctx->used = 0; - ctx->rcvused = 0; + atomic_set(&ctx->rcvused, 0); ctx->more = 0; ctx->merge = 0; ctx->enc = 0; --- a/crypto/algif_skcipher.c +++ b/crypto/algif_skcipher.c @@ -391,7 +391,7 @@ static int skcipher_accept_parent_nokey( INIT_LIST_HEAD(&ctx->tsgl_list); ctx->len = len; ctx->used = 0; - ctx->rcvused = 0; + atomic_set(&ctx->rcvused, 0); ctx->more = 0; ctx->merge = 0; ctx->enc = 0; --- a/include/crypto/if_alg.h +++ b/include/crypto/if_alg.h @@ -18,6 +18,7 @@ #include <linux/if_alg.h> #include <linux/scatterlist.h> #include <linux/types.h> +#include <linux/atomic.h> #include <net/sock.h> #include <crypto/aead.h> @@ -155,7 +156,7 @@ struct af_alg_ctx { struct af_alg_completion completion; size_t used; - size_t rcvused; + atomic_t rcvused; bool more; bool merge; @@ -228,7 +229,7 @@ static inline int af_alg_rcvbuf(struct s struct af_alg_ctx *ctx = ask->private; return max_t(int, max_t(int, sk->sk_rcvbuf & PAGE_MASK, PAGE_SIZE) - - ctx->rcvused, 0); + atomic_read(&ctx->rcvused), 0); } /** Patches currently in stable-queue which might be from Jonathan.Cameron(a)huawei.com are queue-4.14/crypto-af_alg-fix-race-around-ctx-rcvused-by-making-it-atomic_t.patch

6 years, 10 months

1
0
0 0

Patch "cgroup: Fix deadlock in cpu hotplug path" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled cgroup: Fix deadlock in cpu hotplug path to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: cgroup-fix-deadlock-in-cpu-hotplug-path.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 28 16:23:28 CET 2018 From: Prateek Sood <prsood(a)codeaurora.org> Date: Tue, 19 Dec 2017 12:56:57 +0530 Subject: cgroup: Fix deadlock in cpu hotplug path From: Prateek Sood <prsood(a)codeaurora.org> [ Upstream commit 116d2f7496c51b2e02e8e4ecdd2bdf5fb9d5a641 ] Deadlock during cgroup migration from cpu hotplug path when a task T is being moved from source to destination cgroup. kworker/0:0 cpuset_hotplug_workfn() cpuset_hotplug_update_tasks() hotplug_update_tasks_legacy() remove_tasks_in_empty_cpuset() cgroup_transfer_tasks() // stuck in iterator loop cgroup_migrate() cgroup_migrate_add_task() In cgroup_migrate_add_task() it checks for PF_EXITING flag of task T. Task T will not migrate to destination cgroup. css_task_iter_start() will keep pointing to task T in loop waiting for task T cg_list node to be removed. Task T do_exit() exit_signals() // sets PF_EXITING exit_task_namespaces() switch_task_namespaces() free_nsproxy() put_mnt_ns() drop_collected_mounts() namespace_unlock() synchronize_rcu() _synchronize_rcu_expedited() schedule_work() // on cpu0 low priority worker pool wait_event() // waiting for work item to execute Task T inserted a work item in the worklist of cpu0 low priority worker pool. It is waiting for expedited grace period work item to execute. This work item will only be executed once kworker/0:0 complete execution of cpuset_hotplug_workfn(). kworker/0:0 ==> Task T ==>kworker/0:0 In case of PF_EXITING task being migrated from source to destination cgroup, migrate next available task in source cgroup. Signed-off-by: Prateek Sood <prsood(a)codeaurora.org> Signed-off-by: Tejun Heo <tj(a)kernel.org> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- kernel/cgroup/cgroup-v1.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) --- a/kernel/cgroup/cgroup-v1.c +++ b/kernel/cgroup/cgroup-v1.c @@ -123,7 +123,11 @@ int cgroup_transfer_tasks(struct cgroup */ do { css_task_iter_start(&from->self, 0, &it); - task = css_task_iter_next(&it); + + do { + task = css_task_iter_next(&it); + } while (task && (task->flags & PF_EXITING)); + if (task) get_task_struct(task); css_task_iter_end(&it); Patches currently in stable-queue which might be from prsood(a)codeaurora.org are queue-4.14/cgroup-fix-deadlock-in-cpu-hotplug-path.patch

6 years, 10 months

1
0
0 0

Patch "can: flex_can: Correct the checking for frame length in flexcan_start_xmit()" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled can: flex_can: Correct the checking for frame length in flexcan_start_xmit() to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: can-flex_can-correct-the-checking-for-frame-length-in-flexcan_start_xmit.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 28 16:23:28 CET 2018 From: Luu An Phu <phu.luuan(a)nxp.com> Date: Tue, 2 Jan 2018 10:44:18 +0700 Subject: can: flex_can: Correct the checking for frame length in flexcan_start_xmit() From: Luu An Phu <phu.luuan(a)nxp.com> [ Upstream commit 13454c14550065fcc1705d6bd4ee6d40e057099f ] The flexcan_start_xmit() function compares the frame length with data register length to write frame content into data[0] and data[1] register. Data register length is 4 bytes and frame maximum length is 8 bytes. Fix the check that compares frame length with 3. Because the register length is 4. Signed-off-by: Luu An Phu <phu.luuan(a)nxp.com> Reviewed-by: Oliver Hartkopp <socketcan(a)hartkopp.net> Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/net/can/flexcan.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/net/can/flexcan.c +++ b/drivers/net/can/flexcan.c @@ -526,7 +526,7 @@ static int flexcan_start_xmit(struct sk_ data = be32_to_cpup((__be32 *)&cf->data[0]); flexcan_write(data, &priv->tx_mb->data[0]); } - if (cf->can_dlc > 3) { + if (cf->can_dlc > 4) { data = be32_to_cpup((__be32 *)&cf->data[4]); flexcan_write(data, &priv->tx_mb->data[1]); } Patches currently in stable-queue which might be from phu.luuan(a)nxp.com are queue-4.14/can-flex_can-correct-the-checking-for-frame-length-in-flexcan_start_xmit.patch

6 years, 10 months

1
0
0 0

Patch "btrfs: Fix flush bio leak" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled btrfs: Fix flush bio leak to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: btrfs-fix-flush-bio-leak.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 28 16:23:28 CET 2018 From: Nikolay Borisov <nborisov(a)suse.com> Date: Wed, 13 Dec 2017 13:50:07 +0200 Subject: btrfs: Fix flush bio leak From: Nikolay Borisov <nborisov(a)suse.com> [ Upstream commit beed9263f4000c48a5c48912f26576f6fa091181 ] Commit e0ae99941423 ("btrfs: preallocate device flush bio") reworked the way the flush bio is allocated and used. Concretely it allocates the bio in __alloc_device and then re-uses it multiple times with a very simple endio routine that just calls complete() without consuming a reference. Allocated bios by default come with a ref count of 1, which is then consumed by the endio routine (or not, in which case they should be bio_put by the caller). The way the impleementation works now is that the flush bio has a refcount of 2 and we only ever bio_put it once, leaving it to hang indefinitely. Fix this by removing the extra bio_get in __alloc_device. Fixes: e0ae99941423 ("btrfs: preallocate device flush bio") Signed-off-by: Nikolay Borisov <nborisov(a)suse.com> Reviewed-by: Liu Bo <bo.li.liu(a)oracle.com> Reviewed-by: David Sterba <dsterba(a)suse.com> Signed-off-by: David Sterba <dsterba(a)suse.com> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- fs/btrfs/volumes.c | 1 - 1 file changed, 1 deletion(-) --- a/fs/btrfs/volumes.c +++ b/fs/btrfs/volumes.c @@ -236,7 +236,6 @@ static struct btrfs_device *__alloc_devi kfree(dev); return ERR_PTR(-ENOMEM); } - bio_get(dev->flush_bio); INIT_LIST_HEAD(&dev->dev_list); INIT_LIST_HEAD(&dev->dev_alloc_list); Patches currently in stable-queue which might be from nborisov(a)suse.com are queue-4.14/btrfs-fix-flush-bio-leak.patch

6 years, 10 months

1
0
0 0

Patch "bpf: sockmap missing NULL psock check" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled bpf: sockmap missing NULL psock check to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: bpf-sockmap-missing-null-psock-check.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 28 16:23:28 CET 2018 From: John Fastabend <john.fastabend(a)gmail.com> Date: Thu, 4 Jan 2018 20:02:09 -0800 Subject: bpf: sockmap missing NULL psock check From: John Fastabend <john.fastabend(a)gmail.com> [ Upstream commit 5731a879d03bdaa00265f8ebc32dfd0e65d25276 ] Add psock NULL check to handle a racing sock event that can get the sk_callback_lock before this case but after xchg happens causing the refcnt to hit zero and sock user data (psock) to be null and queued for garbage collection. Also add a comment in the code because this is a bit subtle and not obvious in my opinion. Signed-off-by: John Fastabend <john.fastabend(a)gmail.com> Signed-off-by: Daniel Borkmann <daniel(a)iogearbox.net> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- kernel/bpf/sockmap.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) --- a/kernel/bpf/sockmap.c +++ b/kernel/bpf/sockmap.c @@ -588,8 +588,15 @@ static void sock_map_free(struct bpf_map write_lock_bh(&sock->sk_callback_lock); psock = smap_psock_sk(sock); - smap_list_remove(psock, &stab->sock_map[i]); - smap_release_sock(psock, sock); + /* This check handles a racing sock event that can get the + * sk_callback_lock before this case but after xchg happens + * causing the refcnt to hit zero and sock user data (psock) + * to be null and queued for garbage collection. + */ + if (likely(psock)) { + smap_list_remove(psock, &stab->sock_map[i]); + smap_release_sock(psock, sock); + } write_unlock_bh(&sock->sk_callback_lock); } rcu_read_unlock(); Patches currently in stable-queue which might be from john.fastabend(a)gmail.com are queue-4.14/bpf-sockmap-missing-null-psock-check.patch

6 years, 10 months

1
0
0 0

Patch "bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine." has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine. to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: bnxt_en-fix-the-invalid-vf-id-check-in-bnxt_vf_ndo_prep-routine.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Wed Feb 28 16:23:28 CET 2018 From: Venkat Duvvuru <venkatkumar.duvvuru(a)broadcom.com> Date: Thu, 4 Jan 2018 18:46:55 -0500 Subject: bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine. From: Venkat Duvvuru <venkatkumar.duvvuru(a)broadcom.com> [ Upstream commit 78f300049335ae81a5cc6b4b232481dc5e1f9d41 ] In bnxt_vf_ndo_prep (which is called by bnxt_get_vf_config ndo), there is a check for "Invalid VF id". Currently, the check is done against max_vfs. However, the user doesn't always create max_vfs. So, the check should be against the created number of VFs. The number of bnxt_vf_info structures that are allocated in bnxt_alloc_vf_resources routine is the "number of requested VFs". So, if an "invalid VF id" falls between the requested number of VFs and the max_vfs, the driver will be dereferencing an invalid pointer. Fixes: c0c050c58d84 ("bnxt_en: New Broadcom ethernet driver.") Signed-off-by: Venkat Devvuru <venkatkumar.duvvuru(a)broadcom.com> Signed-off-by: Michael Chan <michael.chan(a)broadcom.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/net/ethernet/broadcom/bnxt/bnxt_sriov.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/net/ethernet/broadcom/bnxt/bnxt_sriov.c +++ b/drivers/net/ethernet/broadcom/bnxt/bnxt_sriov.c @@ -70,7 +70,7 @@ static int bnxt_vf_ndo_prep(struct bnxt netdev_err(bp->dev, "vf ndo called though sriov is disabled\n"); return -EINVAL; } - if (vf_id >= bp->pf.max_vfs) { + if (vf_id >= bp->pf.active_vfs) { netdev_err(bp->dev, "Invalid VF id %d\n", vf_id); return -EINVAL; } Patches currently in stable-queue which might be from venkatkumar.duvvuru(a)broadcom.com are queue-4.14/bnxt_en-fix-population-of-flow_type-in-bnxt_hwrm_cfa_flow_alloc.patch queue-4.14/bnxt_en-fix-the-invalid-vf-id-check-in-bnxt_vf_ndo_prep-routine.patch

6 years, 10 months

1
0
0 0

[GIT PULL] commits for Linux 4.14

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Greg, Pleae pull commits for Linux 4.14 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 0146985addc322ca518d27fecfe98ae5acda7c1e: Linux 4.14.17 (2018-02-03 17:39:25 +0100) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.14-23022018 for you to fetch changes up to 325a9ccd612b7152566373774adaf6ad8f607e5f: mlxsw: pci: Wait after reset before accessing HW (2018-02-03 12:51:56 -0500) - ---------------------------------------------------------------- for-greg-4.14-23022018 - ---------------------------------------------------------------- Abhijeet Kumar (1): ASoC: nau8825: fix issue that pop noise when start capture Al Viro (1): sget(): handle failures of register_shrinker() Albert Hsieh (1): mtd: nand: brcmnand: Zero bitflip is not an error Alexander Duyck (1): i40e/i40evf: Account for frags split over multiple descriptors in check linearize Alexander Kochetkov (1): net: arc_emac: fix arc_emac_rx() error paths Alexey Khoroshilov (1): net: phy: xgene: disable clk on error paths Aliaksei Karaliou (2): xfs: quota: fix missed destroy of qi_tree_lock xfs: quota: check result of register_shrinker() Andreas Platschek (1): dmaengine: fsl-edma: disable clks on all error paths Andy Shevchenko (1): x86/platform/intel-mid: Revert "Make 'bt_sfi_data' const" Antoine Tenart (2): crypto: inside-secure - free requests even if their handling failed crypto: inside-secure - fix request allocations in invalidation path Arnaldo Carvalho de Melo (1): x86/asm: Allow again using asm.h when building for the 'bpf' clang target Arnd Bergmann (2): exec: avoid gcc-8 warning for get_task_comm ARM: dts: ls1021a: fix incorrect clock references Arvind Yadav (1): phy: cpcap-usb: Fix platform_get_irq_byname's error checking. Bogdan Mirea (1): arm64: dts: renesas: ulcb: Remove renesas, no-ether-link property Boris Ostrovsky (1): xen/balloon: Mark unallocated host memory as UNUSABLE Brendan McGrath (1): ipv6: icmp6: Allow icmp messages to be looped back Bryan Tan (1): RDMA/vmw_pvrdma: Call ib_umem_release on destroy QP path Cathy Avery (1): scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error Christophe JAILLET (2): mm/frame_vector.c: release a semaphore in 'get_vaddr_frames()' mdio-sun4i: Fix a memory leak Chunyan Zhang (1): ARM: 8731/1: Fix csum_partial_copy_from_user() stack mismatch Daniele Palmas (1): net: usb: qmi_wwan: add Telit ME910 PID 0x1101 support Dave Young (1): x86/efi: Fix kernel param add_efi_memmap regression David Howells (1): afs: Fix missing error handling in afs_write_end() Eduardo Otubo (1): xen-netfront: enable device after manual module load Erez Shitrit (1): IB/ipoib: Fix race condition in neigh creation Ewan D. Milne (1): nvme-fabrics: initialize default host->id in nvmf_host_default() Felix Janda (1): uapi libc compat: add fallback for unsupported libcs Florian Westphal (1): netfilter: uapi: correct UNTRACKED conntrack state bit number Fredrik Hallenberg (2): net: stmmac: Fix TX timestamp calculation net: stmmac: Fix bad RX timestamp extraction Gabriel Krisman Bertazi (1): i915: Reject CCS modifiers for pipe C on Geminilake Gao Feng (1): macvlan: Fix one possible double free Guenter Roeck (1): genirq: Guard handle_bad_irq log messages Guilherme G. Piccoli (1): bnx2x: Improve reliability in case of nested PCI errors Hangbin Liu (1): netfilter: nf_tables: fix potential NULL-ptr deref in nf_tables_dump_obj_done() Hannes Reinecke (1): scsi: core: check for device state in __scsi_remove_target() Hao Chen (1): nl80211: Check for the required netlink attribute presence Herbert Xu (1): xfrm: Reinject transport-mode packets through tasklet Huy Nguyen (1): net/mlx5e: Fix ETS BW check Igor Russkikh (2): net: aquantia: Fix actual speed capabilities reporting net: aquantia: Fix hardware DMA stream overload on large MRRS Jacek Anaszewski (1): leds: core: Fix regression caused by commit 2b83ff96f51d Jacob Keller (1): i40e: don't remove netdev->dev_addr when syncing uc list Jakub Kicinski (1): nfp: always unmask aux interrupts at init James Hogan (1): lib/mpi: Fix umul_ppmm() for MIPS64r6 James Smart (1): nvme-fc: remove double put reference if admin connect fails Jan Beulich (1): x86-64/Xen: eliminate W+X mappings Jia-Ju Bai (1): mac80211_hwsim: Fix a possible sleep-in-atomic bug in hwsim_get_radio_nl Johannes Berg (1): mac80211: mesh: drop frames appearing to be from us John David Anglin (1): parisc: Reduce thread stack to 16 kb John Fastabend (1): bpf: sockmap missing NULL psock check John Stultz (1): staging: ion: Fix ion_cma_heap allocations Jonathan Cameron (1): crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t Josh Poimboeuf (1): x86/stacktrace: Make zombie stack traces reliable Karol Herbst (1): drm/nouveau/pci: do a msi rearm on init Keith Busch (1): nvme: check hw sectors before setting chunk sectors Kuninori Morimoto (1): ASoC: rsnd: fixup ADG register mask Lan Tianyu (1): KVM/x86: Check input paging mode when cs.l is set Leon Romanovsky (2): IB/mlx4: Fix mlx4_ib_alloc_mr error flow RDMA/netlink: Fix locking around __ib_get_device_by_index Loic Poulain (1): wcn36xx: Fix dynamic power saving Luu An Phu (1): can: flex_can: Correct the checking for frame length in flexcan_start_xmit() Madalin Bucur (1): of_mdio: avoid MDIO bus removal when a PHY is missing Marcelo Ricardo Leitner (2): sctp: add a ceiling to optlen in some sockopts sctp: make use of pre-calculated len Matthieu CASTET (1): led: core: Fix brightness setting when setting delay_off=0 Michael Ellerman (1): powerpc/pseries: Make RAS IRQ explicitly dependent on DLPAR WQ Ming Lei (1): block: drain queue before waiting for q_usage_counter becoming zero Moshe Shemesh (2): net/mlx5: Cleanup IRQs in case of unload failure net/mlx5: Stay in polling mode when command EQ destroy fails Netanel Belgazal (1): net: ena: unmask MSI-X only after device initialization is completed Nikolay Borisov (1): btrfs: Fix flush bio leak Nitzan Carmi (1): IB/mlx5: Fix mlx5_ib_alloc_mr error flow Ofer Heifetz (1): crypto: inside-secure - per request invalidation Oleksandr Andrushchenko (1): Input: xen-kbdfront - do not advertise multi-touch pressure support Pablo Neira Ayuso (1): netfilter: nf_tables: fix chain filter in nf_tables_dump_rules() Prasad B Munirathnam (1): scsi: aacraid: Fix I/O drop during reset Prateek Sood (1): cgroup: Fix deadlock in cpu hotplug path Radu Pirea (1): spi: atmel: fixed spin_lock usage inside atmel_spi_remove Ross Lagerwall (2): xen/gntdev: Fix off-by-one error when unmapping with holes xen/gntdev: Fix partial gntdev_mmap() cleanup Russell King (1): net: phy: fix resume handling SZ Lin (æž—ä¸Šæ™º) (1): NET: usb: qmi_wwan: add support for YUGA CLM920-NC5 PID 0x9625 Sascha Hauer (1): mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM Sean Wang (1): net: mediatek: setup proper state for disabled GMAC on the default Sergei Shtylyov (1): SolutionEngine771x: fix Ether platform data Siva Reddy Kallam (2): tg3: Add workaround to restrict 5762 MRRS to 2048 tg3: Enable PHY reset in MTU change path for 5720 Stefan Haberland (1): s390/dasd: fix wrongly assigned configuration data Sunil Challa (1): bnxt_en: Fix population of flow_type in bnxt_hwrm_cfa_flow_alloc() Tetsuo Handa (1): mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed. Thomas Gleixner (1): perf/x86/intel: Plug memory leak in intel_pmu_init() Tommi Rantala (2): tipc: error path leak fixes in tipc_enable_bearer() tipc: fix tipc_mon_delete() oops in tipc_enable_bearer() error path Tushar Dave (1): e1000: fix disabling already-disabled warning Valentin Ilie (1): ia64, sched/cputime: Fix build error if CONFIG_VIRT_CPU_ACCOUNTING_NATIVE=y Venkat Duvvuru (1): bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine. Xin Long (6): sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege vxlan: update skb dst pmtu on tx path ip_gre: remove the incorrect mtu limit for ipgre tap ip6_gre: remove the incorrect mtu limit for ipgre tap ip6_tunnel: get the min mtu properly in ip6_tnl_xmit ip6_tunnel: allow ip6gre dev mtu to be set below 1280 Xiongwei Song (1): drm/ttm: check the return value of kzalloc Yangbo Lu (1): net: gianfar_ptp: move set_fipers() to spinlock protecting area Yuval Mintz (1): mlxsw: pci: Wait after reset before accessing HW arch/arm/boot/dts/ls1021a-qds.dts | 2 +- arch/arm/boot/dts/ls1021a-twr.dts | 2 +- arch/arm/lib/csumpartialcopyuser.S | 4 + arch/arm64/boot/dts/renesas/ulcb.dtsi | 1 - arch/ia64/kernel/time.c | 2 +- arch/parisc/include/asm/thread_info.h | 5 ++ arch/powerpc/platforms/pseries/dlpar.c | 21 +++++- arch/powerpc/platforms/pseries/pseries.h | 2 + arch/powerpc/platforms/pseries/ras.c | 3 +- arch/sh/boards/mach-se/770x/setup.c | 10 ++- arch/x86/events/intel/core.c | 5 +- arch/x86/include/asm/asm.h | 2 + arch/x86/kernel/setup.c | 5 +- arch/x86/kernel/stacktrace.c | 6 +- arch/x86/kvm/x86.c | 26 +++++++ .../platform/intel-mid/device_libs/platform_bt.c | 2 +- arch/x86/xen/enlighten.c | 81 +++++++++++++++++++++ arch/x86/xen/enlighten_pv.c | 3 + arch/x86/xen/mmu_pv.c | 12 +++ arch/x86/xen/setup.c | 6 +- block/blk-core.c | 9 ++- block/blk-mq.c | 2 + block/blk.h | 2 + crypto/af_alg.c | 4 +- crypto/algif_aead.c | 2 +- crypto/algif_skcipher.c | 2 +- drivers/crypto/inside-secure/safexcel.c | 1 + drivers/crypto/inside-secure/safexcel_cipher.c | 85 +++++++++++++++++----- drivers/crypto/inside-secure/safexcel_hash.c | 79 +++++++++++++++----- drivers/dma/fsl-edma.c | 28 +++---- drivers/gpu/drm/i915/intel_display.c | 2 +- drivers/gpu/drm/nouveau/nvkm/subdev/pci/base.c | 7 ++ drivers/gpu/drm/ttm/ttm_page_alloc.c | 2 + drivers/infiniband/core/core_priv.h | 2 +- drivers/infiniband/core/device.c | 18 ++++- drivers/infiniband/core/nldev.c | 54 +++++++++----- drivers/infiniband/hw/mlx4/mr.c | 2 +- drivers/infiniband/hw/mlx5/mr.c | 1 + drivers/infiniband/hw/vmw_pvrdma/pvrdma_qp.c | 7 ++ drivers/infiniband/ulp/ipoib/ipoib_main.c | 25 +++++-- drivers/infiniband/ulp/ipoib/ipoib_multicast.c | 5 +- drivers/input/misc/xen-kbdfront.c | 2 - drivers/leds/led-core.c | 1 + drivers/mtd/nand/brcmnand/brcmnand.c | 2 +- drivers/mtd/nand/gpmi-nand/gpmi-nand.c | 6 +- drivers/net/can/flexcan.c | 2 +- drivers/net/ethernet/amazon/ena/ena_netdev.c | 26 +++---- drivers/net/ethernet/aquantia/atlantic/aq_hw.h | 4 +- drivers/net/ethernet/aquantia/atlantic/aq_nic.c | 7 +- drivers/net/ethernet/aquantia/atlantic/aq_nic.h | 2 +- .../net/ethernet/aquantia/atlantic/aq_pci_func.c | 5 +- .../ethernet/aquantia/atlantic/hw_atl/hw_atl_a0.c | 13 +++- .../ethernet/aquantia/atlantic/hw_atl/hw_atl_b0.c | 25 ++++++- .../aquantia/atlantic/hw_atl/hw_atl_llh_internal.h | 6 ++ drivers/net/ethernet/arc/emac_main.c | 53 ++++++++------ drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c | 4 +- drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c | 14 +++- drivers/net/ethernet/broadcom/bnxt/bnxt_sriov.c | 2 +- drivers/net/ethernet/broadcom/bnxt/bnxt_tc.c | 2 +- drivers/net/ethernet/broadcom/tg3.c | 13 +++- drivers/net/ethernet/broadcom/tg3.h | 4 + drivers/net/ethernet/freescale/gianfar_ptp.c | 3 +- drivers/net/ethernet/intel/e1000/e1000.h | 3 +- drivers/net/ethernet/intel/e1000/e1000_main.c | 27 +++++-- drivers/net/ethernet/intel/i40e/i40e_main.c | 17 ++++- drivers/net/ethernet/intel/i40e/i40e_txrx.c | 26 ++++++- drivers/net/ethernet/intel/i40evf/i40e_txrx.c | 26 ++++++- drivers/net/ethernet/mediatek/mtk_eth_soc.c | 11 +-- drivers/net/ethernet/mellanox/mlx5/core/en_dcbnl.c | 10 ++- drivers/net/ethernet/mellanox/mlx5/core/eq.c | 18 +++-- drivers/net/ethernet/mellanox/mlxsw/pci.c | 7 +- drivers/net/ethernet/mellanox/mlxsw/pci_hw.h | 1 + .../net/ethernet/netronome/nfp/nfp_net_common.c | 2 + drivers/net/ethernet/stmicro/stmmac/common.h | 2 +- drivers/net/ethernet/stmicro/stmmac/dwmac4_descs.c | 5 +- drivers/net/ethernet/stmicro/stmmac/enh_desc.c | 3 +- drivers/net/ethernet/stmicro/stmmac/norm_desc.c | 2 +- .../net/ethernet/stmicro/stmmac/stmmac_hwtstamp.c | 6 +- drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +- drivers/net/macvlan.c | 7 +- drivers/net/phy/at803x.c | 4 - drivers/net/phy/mdio-sun4i.c | 6 +- drivers/net/phy/mdio-xgene.c | 21 ++++-- drivers/net/phy/phy.c | 9 +-- drivers/net/phy/phy_device.c | 10 ++- drivers/net/usb/qmi_wwan.c | 2 + drivers/net/vxlan.c | 14 ++++ drivers/net/wireless/ath/wcn36xx/main.c | 23 +++--- drivers/net/wireless/ath/wcn36xx/pmc.c | 6 +- drivers/net/wireless/mac80211_hwsim.c | 2 +- drivers/net/xen-netfront.c | 1 + drivers/nvme/host/core.c | 3 +- drivers/nvme/host/fabrics.c | 1 + drivers/nvme/host/fc.c | 1 - drivers/of/of_mdio.c | 9 ++- drivers/phy/motorola/phy-cpcap-usb.c | 2 +- drivers/s390/block/dasd_3990_erp.c | 10 +++ drivers/scsi/aacraid/aacraid.h | 1 + drivers/scsi/aacraid/linit.c | 2 +- drivers/scsi/scsi_sysfs.c | 5 +- drivers/scsi/storvsc_drv.c | 3 +- drivers/spi/spi-atmel.c | 2 +- drivers/staging/android/ion/Kconfig | 2 +- drivers/staging/android/ion/ion_cma_heap.c | 15 +++- drivers/xen/balloon.c | 65 ++++++++++++++--- drivers/xen/gntdev.c | 8 +- fs/afs/write.c | 8 +- fs/btrfs/volumes.c | 1 - fs/exec.c | 7 +- fs/super.c | 6 +- fs/xfs/xfs_qm.c | 46 ++++++++---- include/crypto/if_alg.h | 5 +- include/linux/mlx5/driver.h | 2 +- include/linux/sched.h | 6 +- include/net/xfrm.h | 3 + include/uapi/linux/libc-compat.h | 55 +++++++++++++- include/uapi/linux/netfilter/nf_conntrack_common.h | 2 +- include/xen/balloon.h | 5 ++ kernel/bpf/sockmap.c | 11 ++- kernel/cgroup/cgroup-v1.c | 6 +- kernel/irq/debug.h | 5 ++ lib/mpi/longlong.h | 18 ++++- mm/frame_vector.c | 6 +- mm/vmscan.c | 3 + net/ipv4/ip_gre.c | 1 + net/ipv4/xfrm4_input.c | 12 ++- net/ipv6/ip6_gre.c | 1 + net/ipv6/ip6_tunnel.c | 15 ++-- net/ipv6/route.c | 1 + net/ipv6/xfrm6_input.c | 10 ++- net/mac80211/rx.c | 2 + net/netfilter/nf_tables_api.c | 8 +- net/sctp/socket.c | 26 +++++-- net/sctp/ulpqueue.c | 24 ++---- net/tipc/bearer.c | 5 +- net/tipc/monitor.c | 6 +- net/wireless/nl80211.c | 3 +- net/xfrm/xfrm_input.c | 57 +++++++++++++++ sound/soc/codecs/nau8825.c | 1 + sound/soc/sh/rcar/adg.c | 6 +- 140 files changed, 1165 insertions(+), 345 deletions(-) -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJakgpRAAoJEN6mb/eXdyzcm8wP/i0X4jER2p2QUfO7HNKbq1mc GTCqqf/3DalsNaS0VAAg4hWTA1MpzsauARE5IxzADaOcThSxNOQflr8Q8N1Th4QL Ta7aeksQtmS9Jal6kI8wSFJ3ZLKKZUFjTC9eDQmrmDyRj69uzAv4PWPGzVIk5V9E temdeMaygrHF/xAFkuXD/eYFIsSAWiRRhEk1A0M/pr+FoX3Cn6w0+xCBGrE8SJDU 0h87PboerYXiXafou0/jN4o82Vy1ZSntlWd8+c/XvYP4Yijan7M2A4mAV+JLXjxv OzEHMNAXyei5NxmpWms4Q0bnwm0cauK4bxA4HvLaNqVA5V6aKeDImPq8lu5FoKk/ On5QgayNTc1AFUqwp/D+kiiD+HMHwU+qjYYK85GNrNaP7CQryOQ8BLLryjoN9uLZ 8x4T8pWJpv1totIT+MKjq5TIQhBs2wxM4hb7RdcYP6tGndu293W8u6icjgji1ItF rfa/gTODV/uFYuZHqjZ37FEObsi/X8JCwzhHWhiPiKVtgypJN+n93RWJ+glSwllT ftTV91rsH/f+3V8sMPmawszr5cvojB0S/wlMwSNTMZ6QRpj2Gn5QEysVOQGR8iuZ LZ0MUG07kV5w/ZFn/b04iQ8quFMCnOkxo4yW48Lr4OvM7QCu1/vq1P5YLBMv5L3v FxWgZ0TDUS8oOBC6qcNZ =waOz -----END PGP SIGNATURE-----

6 years, 10 months

2
1
0 0

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror February 2018