September 2018 - Linux-stable-mirror

by Greg KH

I'm announcing the release of the 4.14.68 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 6 arch/Kconfig | 3 arch/arc/Kconfig | 3 arch/arc/include/asm/cache.h | 4 arch/arc/include/asm/delay.h | 3 arch/arc/mm/cache.c | 7 - arch/arc/plat-eznps/include/plat/ctop.h | 10 + arch/arc/plat-eznps/mtm.c | 6 arch/arm/probes/kprobes/core.c | 4 arch/arm/probes/kprobes/test-core.c | 1 arch/arm64/boot/dts/rockchip/rk3328.dtsi | 2 arch/arm64/kernel/probes/kprobes.c | 2 arch/arm64/mm/init.c | 6 arch/mips/Makefile | 12 - arch/mips/bcm47xx/setup.c | 6 arch/mips/include/asm/mipsregs.h | 3 arch/mips/include/asm/processor.h | 15 ++ arch/mips/kernel/ptrace.c | 2 arch/mips/kernel/ptrace32.c | 2 arch/mips/lib/multi3.c | 6 arch/powerpc/net/bpf_jit_comp64.c | 29 ---- arch/s390/include/asm/qdio.h | 1 arch/s390/mm/fault.c | 2 arch/s390/mm/page-states.c | 2 arch/s390/net/bpf_jit_comp.c | 2 arch/s390/numa/numa.c | 16 -- arch/s390/pci/pci.c | 2 arch/sparc/include/asm/Kbuild | 1 arch/sparc/kernel/time_64.c | 2 arch/x86/Kconfig | 1 arch/x86/boot/compressed/Makefile | 8 - arch/x86/entry/vdso/Makefile | 6 arch/x86/events/amd/ibs.c | 6 arch/x86/events/core.c | 2 arch/x86/include/asm/irqflags.h | 3 arch/x86/include/asm/processor.h | 6 arch/x86/include/asm/tlbflush.h | 40 +++++ arch/x86/include/asm/vgtod.h | 2 arch/x86/kernel/cpu/bugs.c | 50 ++++++- arch/x86/kernel/cpu/common.c | 1 arch/x86/kernel/cpu/intel.c | 3 arch/x86/kernel/dumpstack.c | 4 arch/x86/kernel/process_64.c | 1 arch/x86/kvm/svm.c | 8 - arch/x86/kvm/vmx.c | 18 +- arch/x86/lib/usercopy.c | 5 arch/x86/mm/init.c | 4 arch/x86/mm/mmap.c | 2 arch/x86/mm/tlb.c | 7 + drivers/base/power/clock_ops.c | 2 drivers/block/nbd.c | 96 +++++++++++--- drivers/cdrom/cdrom.c | 2 drivers/char/tpm/tpm-interface.c | 2 drivers/clk/rockchip/clk-rk3399.c | 2 drivers/crypto/vmx/aes_ctr.c | 31 ++-- drivers/gpio/gpiolib-acpi.c | 56 ++++++++ drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 12 + drivers/gpu/drm/imx/imx-ldb.c | 9 - drivers/gpu/drm/udl/udl_drv.h | 2 drivers/gpu/drm/udl/udl_fb.c | 17 +- drivers/gpu/drm/udl/udl_main.c | 35 ++--- drivers/gpu/drm/udl/udl_transfer.c | 39 ++--- drivers/hwmon/nct6775.c | 2 drivers/i2c/busses/i2c-davinci.c | 8 - drivers/i2c/i2c-core-base.c | 2 drivers/i2c/i2c-mux.c | 4 drivers/iommu/arm-smmu.c | 16 +- drivers/misc/mei/main.c | 1 drivers/net/can/m_can/m_can.c | 7 - drivers/net/can/mscan/mpc5xxx_can.c | 5 drivers/net/ethernet/3com/Kconfig | 2 drivers/net/ethernet/amd/Kconfig | 4 drivers/net/ethernet/atheros/atl1c/atl1c_main.c | 1 drivers/net/ethernet/broadcom/bnx2x/bnx2x_ethtool.c | 13 + drivers/net/ethernet/cirrus/Kconfig | 1 drivers/net/ethernet/cisco/enic/enic_main.c | 80 ++++------- drivers/net/ethernet/huawei/hinic/hinic_main.c | 1 drivers/net/ethernet/netronome/nfp/flower/main.c | 4 drivers/net/ethernet/qlogic/qed/qed_l2.c | 15 +- drivers/net/ethernet/qlogic/qed/qed_l2.h | 2 drivers/net/ethernet/qlogic/qed/qed_mcp.c | 13 + drivers/net/ethernet/qlogic/qed/qed_sriov.c | 2 drivers/net/ethernet/qlogic/qed/qed_vf.c | 4 drivers/net/ethernet/qlogic/qed/qed_vf.h | 7 - drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c | 1 drivers/net/usb/qmi_wwan.c | 2 drivers/net/wan/lmc/lmc_main.c | 2 drivers/net/wireless/broadcom/b43/leds.c | 2 drivers/net/wireless/broadcom/b43legacy/leds.c | 2 drivers/nvme/host/pci.c | 8 + drivers/pinctrl/freescale/pinctrl-imx1-core.c | 2 drivers/platform/x86/ideapad-laptop.c | 4 drivers/power/supply/generic-adc-battery.c | 25 ++- drivers/s390/cio/qdio_main.c | 5 drivers/scsi/fcoe/fcoe_ctlr.c | 6 drivers/scsi/libfc/fc_rport.c | 1 drivers/scsi/libiscsi.c | 12 - drivers/scsi/mpt3sas/mpt3sas_transport.c | 5 drivers/scsi/scsi_sysfs.c | 20 ++ drivers/scsi/vmw_pvscsi.c | 11 + drivers/staging/media/omap4iss/iss_video.c | 3 drivers/target/iscsi/cxgbit/cxgbit_target.c | 16 +- drivers/target/iscsi/iscsi_target_login.c | 35 +++-- drivers/usb/gadget/function/f_uac2.c | 24 +-- drivers/usb/gadget/function/u_audio.c | 88 ++++-------- drivers/usb/gadget/udc/r8a66597-udc.c | 6 drivers/usb/phy/phy-fsl-usb.c | 4 fs/btrfs/disk-io.c | 10 - fs/btrfs/extent-tree.c | 2 fs/btrfs/inode.c | 26 --- fs/btrfs/super.c | 1 fs/cachefiles/namei.c | 1 fs/cachefiles/rdwr.c | 17 +- fs/cifs/cifs_debug.c | 30 +++- fs/cifs/cifsfs.c | 18 +- fs/cifs/inode.c | 2 fs/cifs/link.c | 4 fs/cifs/sess.c | 6 fs/cifs/smb2inode.c | 2 fs/cifs/smb2ops.c | 36 ++++- fs/cifs/smb2pdu.c | 8 + fs/cifs/smb2pdu.h | 11 + fs/ext4/mmp.c | 7 - fs/ext4/namei.c | 1 fs/ext4/super.c | 2 fs/ext4/sysfs.c | 13 + fs/ext4/xattr.c | 2 fs/fscache/operation.c | 6 fs/fuse/dev.c | 39 ++++- fs/fuse/dir.c | 10 - fs/fuse/file.c | 1 fs/fuse/fuse_i.h | 5 fs/fuse/inode.c | 37 +++-- fs/squashfs/file.c | 50 ++++--- fs/squashfs/file_cache.c | 4 fs/squashfs/file_direct.c | 24 +-- fs/squashfs/squashfs.h | 3 fs/sysfs/file.c | 44 ++++++ include/linux/printk.h | 4 include/linux/rtmutex.h | 7 + include/linux/sysfs.h | 14 ++ ipc/sem.c | 2 kernel/kprobes.c | 4 kernel/locking/rtmutex.c | 29 +++- kernel/printk/internal.h | 9 + kernel/printk/printk.c | 57 +++++--- kernel/printk/printk_safe.c | 58 +++++--- kernel/sched/rt.c | 2 kernel/stop_machine.c | 43 +++--- kernel/trace/trace.c | 4 kernel/watchdog.c | 4 kernel/watchdog_hld.c | 2 kernel/workqueue.c | 2 lib/nmi_backtrace.c | 3 mm/memcontrol.c | 15 +- mm/memory.c | 33 +++- mm/zswap.c | 9 + net/caif/caif_dev.c | 4 net/core/lwt_bpf.c | 2 net/ipv6/esp6.c | 4 net/ipv6/ip6_vti.c | 11 - net/mac80211/util.c | 3 net/netfilter/nf_tables_api.c | 59 +++++--- net/netfilter/nft_set_hash.c | 1 net/wireless/nl80211.c | 1 net/xfrm/xfrm_policy.c | 3 net/xfrm/xfrm_user.c | 10 - scripts/gcc-plugins/gcc-common.h | 4 scripts/gcc-plugins/latent_entropy_plugin.c | 17 -- scripts/gcc-plugins/randomize_layout_plugin.c | 75 +++------- scripts/gcc-plugins/structleak_plugin.c | 19 +- sound/soc/sirf/sirf-usp.c | 7 - sound/soc/soc-pcm.c | 8 + sound/soc/zte/zx-tdm.c | 4 tools/power/x86/turbostat/turbostat.c | 8 - tools/testing/selftests/ftrace/test.d/00basic/snapshot.tc | 28 ++++ tools/usb/ffs-test.c | 19 ++ virt/kvm/arm/mmu.c | 42 ++++-- 178 files changed, 1396 insertions(+), 776 deletions(-) Alberto Panizzo (1): clk: rockchip: fix clk_i2sout parent selection bits on rk3399 Aleksander Morgado (1): qmi_wwan: fix interface number for DW5821e production firmware Alexander Sverdlin (1): i2c: davinci: Avoid zero value of CLKH Alexander Usyskin (1): mei: don't update offset in write Andi Kleen (2): x86/spectre: Add missing family 6 check to microcode check x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ Andrey Ryabinin (1): fuse: Don't access pipe->buffers without pipe_lock() Andy Lutomirski (2): x86/vdso: Fix vDSO build if a retpoline is emitted x86/nmi: Fix NMI uaccess race against CR3 switching Arnd Bergmann (1): ext4: sysfs: print ext4_super_block fields as little-endian Bart Van Assche (3): scsi: mpt3sas: Fix _transport_smp_handler() error path scsi: sysfs: Introduce sysfs_{un,}break_active_protection() scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Benjamin Tissoires (1): gpiolib-acpi: make sure we trigger edge events at least once on boot Bernd Edlinger (1): nl80211: Add a missing break in parse_station_flags Calvin Walton (1): tools/power turbostat: Read extended processor family from CPUID Claudio Imbrenda (1): s390/kvm: fix deadlock when killed by oom Colin Ian King (1): drivers: net: lmc: fix case value for target abort error Dan Carpenter (2): pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() PM / clk: signedness bug in of_pm_clk_add_clks() Daniel Borkmann (1): bpf, ppc64: fix unexpected r0=0 exit path inside bpf_xadd Davidlohr Bueso (1): ipc/sem.c: prevent queue.status tearing in semop Eric Sandeen (1): ext4: reset error code in ext4_find_entry in fallback Ethan Lien (1): btrfs: use correct compare function of dirty_metadata_bytes Eugeniu Rosca (3): usb: gadget: f_uac2: fix error handling in afunc_bind (again) usb: gadget: u_audio: fix pcm/card naming in g_audio_setup() usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' Eugeniy Paltsev (1): ARC: dma [non-IOC] setup SMP_CACHE_BYTES and cache_line_size Eyal Birger (1): vti6: fix PMTU caching and reporting on xmit Faiz Abbas (1): can: m_can: Move accessing of message ram to after clocks are enabled Florian Westphal (4): xfrm: free skb if nlsk pointer is NULL netfilter: nf_tables: fix memory leaks on chain rename netfilter: nf_tables: don't allow to rename to already-pending name atl1c: reserve min skb headroom Gerald Schaefer (1): s390/mm: fix addressing exception after suspend/resume Govindarajulu Varadarajan (2): enic: handle mtu change for vf properly enic: do not call enic_change_mtu in enic_probe Greg Hackmann (1): arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() Greg Kroah-Hartman (1): Linux 4.14.68 Guenter Roeck (1): media: staging: omap4iss: Include asm/cacheflush.h after generic includes Gustavo A. R. Silva (2): ASoC: sirf: Fix potential NULL pointer dereference hwmon: (nct6775) Fix potential Spectre v1 H. Nikolaus Schaller (2): power: generic-adc-battery: fix out-of-bounds write when copying channel properties power: generic-adc-battery: check for duplicate properties copied from iio channels Hailong Liu (1): sched/rt: Restore rt_runtime after disabling RT_RUNTIME_SHARE Huacai Chen (1): MIPS: Change definition of cpu_relax() for Loongson-3 Hugh Dickins (1): mm: delete historical BUG from zap_pmd_range() Huibin Hong (1): arm64: dts: rockchip: corrected uart1 clock-names for rk3328 Jann Horn (1): x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() Jerome Brunet (1): ASoC: dpcm: don't merge format from invalid codec dai Jia-Ju Bai (2): usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() Jim Gill (1): scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED Johannes Thumshirn (3): scsi: fcoe: fix use-after-free in fcoe_ctlr_els_send scsi: fcoe: drop frames in ELS LOGO error path scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO John Hurley (1): nfp: flower: fix port metadata conversion bug Josef Bacik (4): nbd: don't requeue the same request twice. nbd: handle unexpected replies better btrfs: don't leak ret from do_chunk_alloc Btrfs: fix btrfs_write_inode vs delayed iput deadlock Josh Poimboeuf (1): x86/kvm/vmx: Remove duplicate l1d flush definitions Joshua Frkuska (1): usb: gadget: u_audio: update hw_ptr in iso_complete after data copied Julian Wiedmann (1): s390/qdio: reset old sbal_state flags Kees Cook (2): x86/boot: Fix if_changed build flip/flop bug gcc-plugins: Use dynamic initializers Kiran Kumar Modukuri (3): fscache: Allow cancelled operations to be enqueued cachefiles: Fix refcounting bug in backing-file read monitoring cachefiles: Wait rather than BUG'ing on "Unexpected object collision" Kirill Tkhai (2): memcg: remove memcg_cgroup::id from IDR on mem_cgroup_css_alloc() failure fuse: Add missed unlock_page() to fuse_readpages_fill() Len Brown (1): tools/power turbostat: fix -S on UP systems Li Wang (1): zswap: re-check zswap_is_full() after do zswap_shrink() Linus Torvalds (1): squashfs metadata 2: electric boogaloo Lucas Stach (2): drm/imx: imx-ldb: disable LDB on driver bind drm/imx: imx-ldb: check if channel is enabled before printing warning Maciej W. Rozycki (1): MIPS: Correct the 64-bit DSP accumulator register size Martin Schwidefsky (2): s390: fix br_r1_trampoline for machines without exrl s390/numa: move initial setup of node_to_cpumask_map Masami Hiramatsu (4): selftests/ftrace: Add snapshot and tracing_on test case kprobes/arm64: Fix %p uses in error messages kprobes/arm: Fix %p uses in error messages kprobes: Make list and blacklist root user read only Michael Buesch (2): b43legacy/leds: Ensure NUL-termination of LED name string b43/leds: Ensure NUL-termination of LED name string Michal Wnukowski (1): nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event Mike Christie (1): iscsi target: fix session creation failure handling Miklos Szeredi (5): fuse: fix initial parallel dirops fuse: fix double request_end() fuse: fix unlocked access to processing queue fuse: umount should wait for all requests fuse: Fix oops at process_init_reply() Mikulas Patocka (4): udl-kms: change down_interruptible to down udl-kms: handle allocation failure udl-kms: fix crash due to uninitialized memory udl-kms: avoid division Nicholas Mc Guire (2): can: mpc5xxx_can: check of_iomap return before use cifs: check kmalloc before use Nicholas Piggin (1): mm: move tlb_table_flush to tlb_flush_mmu_free Nick Desaulniers (1): x86/irqflags: Mark native_restore_fl extern inline Ofer Levi (1): ARC: [plat-eznps] Add missing struct nps_host_reg_aux_dpc Paul Burton (2): MIPS: Always use -march=<arch>, not -<arch> shortcuts MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 Paulo Flabiano Smorigo (1): crypto: vmx - Use skcipher for ctr fallback Peter Rosin (2): locking/rtmutex: Allow specifying a subclass for nested locking i2c/mux, locking/core: Annotate the nested rt_mutex usage Peter Senna Tschudin (1): tools: usb: ffs-test: Fix build on big endian systems Peter Zijlstra (2): stop_machine: Reflow cpu_stop_queue_two_works() mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE Petr Mladek (3): printk: Split the code for storing a message into the log buffer printk: Create helper function to queue deferred console handling printk/nmi: Prevent deadlock when accessing the main log buffer in NMI Phillip Lougher (1): Squashfs: Compute expected length from inode size rather than block length Prasad Sodagudi (1): stop_machine: Atomically queue and wake stopper threads Punit Agrawal (2): KVM: arm/arm64: Skip updating PMD entry if no change KVM: arm/arm64: Skip updating PTE entry if no change Rafał Miłecki (1): Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum" Randy Dunlap (6): usb/phy: fix PPC64 build errors in phy-fsl-usb.c net: prevent ISA drivers from building on PPC32 arc: [plat-eznps] fix data type errors in platform headers arc: [plat-eznps] fix printk warning in arc/plat-eznps/mtm.c arc: fix build errors in arc/include/asm/delay.h arc: fix type warnings in arc/mm/cache.c Rian Hunter (1): x86/process: Re-export start_thread() Ricardo Schwarzmeier (1): tpm: Return the actual size when receiving an unsupported command Samuel Neves (1): x86/vdso: Fix lsl operand order Scott Bauer (1): cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Sean Christopherson (1): KVM: vmx: use local variable for current_vmptr when emulating VMPTRST Sean Paul (1): drm/bridge: adv7511: Reset registers on hotplug Sebastian Ott (1): s390/pci: fix out of bounds access during irq setup Shubhrajyoti Datta (1): net: axienet: Fix double deregister of mdio Steve French (5): cifs: add missing debug entries for kconfig options smb3: enumerating snapshots was leaving part of the data off end smb3: Do not send SMB3 SET_INFO if nothing changed smb3: don't request leases in symlink creation and query smb3: fill in statfs fsid and correct namelen Steven Rostedt (VMware) (1): sparc/time: Add missing __init to init_tick_ops() Sudarsana Reddy Kalluru (4): qed: Fix link flap issue due to mismatching EEE capabilities. qed: Fix possible race for the link state value. qed: Correct Multicast API to reflect existence of 256 approximate buckets. bnx2x: Fix invalid memory access in rss hash config path. Taehee Yoo (2): netfilter: nft_set_hash: add rcu_barrier() in the nft_rhash_destroy() bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog() Takashi Iwai (2): platform/x86: ideapad-laptop: Apply no_hw_rfkill to Y20-15IKBM, too ASoC: zte: Fix incorrect PCM format bit usages Theodore Ts'o (2): ext4: clear mmp sequence number when remounting read-only ext4: check for NUL characters in extended attribute's name Thomas Gleixner (2): perf/x86/amd/ibs: Don't access non-started event KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled Thomas Petazzoni (1): sparc: use asm-generic version of msi.h Tommi Rantala (1): xfrm: fix missing dst_release() after policy blocking lbcast and multicast Valdis Kletnieks (1): gcc-plugins: Add include required by GCC release 8 Varun Prakash (2): scsi: target: iscsi: cxgbit: fix max iso npdu calculation scsi: libiscsi: fix possible NULL pointer dereference in case of TMF Vincent Whitchurch (1): watchdog: Mark watchdog touch functions as notrace Vivek Gautam (1): iommu/arm-smmu: Error out only if not enough context interrupts Vladimir Zapolskiy (3): usb: gadget: u_audio: remove caching of stream buffer parameters usb: gadget: u_audio: remove cached period bytes value usb: gadget: u_audio: protect stream runtime fields with stream spinlock Vlastimil Babka (3): x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM x86/speculation/l1tf: Suggest what to do on systems with too much RAM YueHaibing (1): net: caif: Add a missing rcu_read_unlock() in caif_flow_cb Zhen Lei (1): esp6: fix memleak on error path in esp6_input dann frazier (1): hinic: Link the logical network device to the pci device in sysfs jie@chenjie6@huwei.com (1): mm/memory.c: check return value of ioremap_prot mpubbise(a)codeaurora.org (1): mac80211: add stations tied to AP_VLANs during hw reconfig

6 years, 4 months

1
1
0 0

Linux 4.9.125

by Greg KH

I'm announcing the release of the 4.9.125 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arc/include/asm/delay.h | 3 arch/arc/mm/cache.c | 7 - arch/arc/plat-eznps/include/plat/ctop.h | 1 arch/arm/kvm/mmu.c | 42 +++++-- arch/arm64/kernel/probes/kprobes.c | 2 arch/arm64/mm/init.c | 6 - arch/mips/bcm47xx/setup.c | 6 - arch/mips/include/asm/mipsregs.h | 3 arch/mips/include/asm/processor.h | 2 arch/mips/kernel/ptrace.c | 2 arch/mips/kernel/ptrace32.c | 2 arch/mips/lib/multi3.c | 6 - arch/powerpc/net/bpf_jit_comp64.c | 29 ----- arch/s390/include/asm/qdio.h | 1 arch/s390/mm/fault.c | 2 arch/s390/net/bpf_jit_comp.c | 2 arch/s390/numa/numa.c | 16 -- arch/s390/pci/pci.c | 2 arch/sparc/kernel/pcic.c | 2 arch/x86/boot/compressed/Makefile | 8 + arch/x86/events/amd/ibs.c | 6 - arch/x86/include/asm/irqflags.h | 3 arch/x86/include/asm/processor.h | 6 - arch/x86/kernel/cpu/bugs.c | 50 ++++++++ arch/x86/kernel/cpu/common.c | 1 arch/x86/kernel/cpu/intel.c | 3 arch/x86/kernel/dumpstack.c | 4 arch/x86/kernel/process_64.c | 1 arch/x86/kvm/svm.c | 8 - arch/x86/kvm/vmx.c | 3 arch/x86/mm/init.c | 4 arch/x86/mm/mmap.c | 2 drivers/base/power/clock_ops.c | 2 drivers/cdrom/cdrom.c | 2 drivers/clk/rockchip/clk-rk3399.c | 2 drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 12 ++ drivers/gpu/drm/imx/imx-ldb.c | 9 + drivers/gpu/drm/udl/udl_fb.c | 2 drivers/gpu/drm/udl/udl_main.c | 35 +++--- drivers/i2c/busses/i2c-davinci.c | 8 + drivers/misc/mei/main.c | 1 drivers/net/can/mscan/mpc5xxx_can.c | 5 drivers/net/ethernet/3com/Kconfig | 2 drivers/net/ethernet/amd/Kconfig | 4 drivers/net/ethernet/atheros/atl1c/atl1c_main.c | 1 drivers/net/ethernet/broadcom/bnx2x/bnx2x_ethtool.c | 13 +- drivers/net/ethernet/cirrus/Kconfig | 1 drivers/net/ethernet/cisco/enic/enic_main.c | 78 ++++---------- drivers/net/ethernet/qlogic/qed/qed_l2.c | 15 +- drivers/net/ethernet/qlogic/qed/qed_l2.h | 2 drivers/net/ethernet/qlogic/qed/qed_mcp.c | 1 drivers/net/ethernet/qlogic/qed/qed_sriov.c | 2 drivers/net/ethernet/qlogic/qed/qed_vf.c | 4 drivers/net/ethernet/qlogic/qed/qed_vf.h | 7 + drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c | 1 drivers/net/usb/qmi_wwan.c | 2 drivers/net/wan/lmc/lmc_main.c | 2 drivers/net/wireless/broadcom/b43/leds.c | 2 drivers/net/wireless/broadcom/b43legacy/leds.c | 2 drivers/pinctrl/freescale/pinctrl-imx1-core.c | 2 drivers/power/supply/generic-adc-battery.c | 25 ++-- drivers/s390/cio/qdio_main.c | 5 drivers/scsi/fcoe/fcoe_ctlr.c | 4 drivers/scsi/libfc/fc_rport.c | 1 drivers/scsi/libiscsi.c | 12 +- drivers/scsi/scsi_sysfs.c | 20 +++ drivers/scsi/vmw_pvscsi.c | 11 + drivers/staging/android/ion/ion-ioctl.c | 12 +- drivers/staging/android/ion/ion.c | 65 +++++++---- drivers/staging/android/ion/ion_priv.h | 6 - drivers/staging/media/omap4iss/iss_video.c | 3 drivers/target/iscsi/iscsi_target_login.c | 35 +++--- drivers/usb/gadget/function/f_uac2.c | 20 +-- drivers/usb/gadget/udc/r8a66597-udc.c | 6 - drivers/usb/phy/phy-fsl-usb.c | 4 fs/cachefiles/namei.c | 1 fs/cachefiles/rdwr.c | 17 ++- fs/cifs/cifs_debug.c | 30 ++++- fs/cifs/inode.c | 2 fs/cifs/link.c | 4 fs/cifs/sess.c | 6 + fs/cifs/smb2inode.c | 2 fs/cifs/smb2ops.c | 34 ++++-- fs/ext4/namei.c | 1 fs/ext4/sysfs.c | 13 +- fs/ext4/xattr.c | 2 fs/fscache/operation.c | 6 - fs/fuse/dev.c | 39 +++++-- fs/fuse/dir.c | 10 + fs/fuse/file.c | 1 fs/fuse/fuse_i.h | 5 fs/fuse/inode.c | 37 +++--- fs/squashfs/file.c | 50 +++++--- fs/squashfs/file_cache.c | 4 fs/squashfs/file_direct.c | 24 ++-- fs/squashfs/squashfs.h | 3 fs/sysfs/file.c | 44 +++++++ include/linux/sysfs.h | 14 ++ kernel/kprobes.c | 4 kernel/sysctl.c | 3 mm/memcontrol.c | 15 +- mm/memory.c | 3 mm/zswap.c | 9 + net/caif/caif_dev.c | 4 net/ipv4/cipso_ipv4.c | 12 +- net/ipv6/ip6_vti.c | 11 + net/mac80211/util.c | 3 net/wireless/nl80211.c | 1 net/xfrm/xfrm_policy.c | 3 net/xfrm/xfrm_user.c | 10 + sound/soc/sirf/sirf-usp.c | 7 - sound/soc/soc-pcm.c | 8 + tools/power/x86/turbostat/turbostat.c | 8 - tools/testing/selftests/ftrace/test.d/00basic/snapshot.tc | 28 +++++ tools/usb/ffs-test.c | 19 ++- 116 files changed, 777 insertions(+), 405 deletions(-) Alberto Panizzo (1): clk: rockchip: fix clk_i2sout parent selection bits on rk3399 Aleksander Morgado (1): qmi_wwan: fix interface number for DW5821e production firmware Alexander Sverdlin (1): i2c: davinci: Avoid zero value of CLKH Alexander Usyskin (1): mei: don't update offset in write Andi Kleen (2): x86/spectre: Add missing family 6 check to microcode check x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ Andrey Ryabinin (1): fuse: Don't access pipe->buffers without pipe_lock() Arnd Bergmann (1): ext4: sysfs: print ext4_super_block fields as little-endian Bart Van Assche (2): scsi: sysfs: Introduce sysfs_{un,}break_active_protection() scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Bernd Edlinger (1): nl80211: Add a missing break in parse_station_flags Calvin Walton (1): tools/power turbostat: Read extended processor family from CPUID Claudio Imbrenda (1): s390/kvm: fix deadlock when killed by oom Colin Ian King (1): drivers: net: lmc: fix case value for target abort error Dan Carpenter (2): pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() PM / clk: signedness bug in of_pm_clk_add_clks() Daniel Borkmann (1): bpf, ppc64: fix unexpected r0=0 exit path inside bpf_xadd Daniel Rosenberg (1): staging: android: ion: check for kref overflow Eric Sandeen (1): ext4: reset error code in ext4_find_entry in fallback Ethan Zhao (1): sched/sysctl: Check user input value of sysctl_sched_time_avg Eugeniu Rosca (1): usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' Eyal Birger (1): vti6: fix PMTU caching and reporting on xmit Florian Westphal (2): xfrm: free skb if nlsk pointer is NULL atl1c: reserve min skb headroom Govindarajulu Varadarajan (1): enic: handle mtu change for vf properly Greg Hackmann (2): arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free Greg Kroah-Hartman (1): Linux 4.9.125 Guenter Roeck (1): media: staging: omap4iss: Include asm/cacheflush.h after generic includes Gustavo A. R. Silva (1): ASoC: sirf: Fix potential NULL pointer dereference H. Nikolaus Schaller (2): power: generic-adc-battery: fix out-of-bounds write when copying channel properties power: generic-adc-battery: check for duplicate properties copied from iio channels Jann Horn (1): x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() Jerome Brunet (1): ASoC: dpcm: don't merge format from invalid codec dai Jia-Ju Bai (2): usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() Jim Gill (1): scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED Johannes Thumshirn (2): scsi: fcoe: drop frames in ELS LOGO error path scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO Josh Poimboeuf (1): x86/kvm/vmx: Remove duplicate l1d flush definitions Julian Wiedmann (1): s390/qdio: reset old sbal_state flags Kees Cook (1): x86/boot: Fix if_changed build flip/flop bug Kiran Kumar Modukuri (3): fscache: Allow cancelled operations to be enqueued cachefiles: Fix refcounting bug in backing-file read monitoring cachefiles: Wait rather than BUG'ing on "Unexpected object collision" Kirill Tkhai (2): memcg: remove memcg_cgroup::id from IDR on mem_cgroup_css_alloc() failure fuse: Add missed unlock_page() to fuse_readpages_fill() Len Brown (1): tools/power turbostat: fix -S on UP systems Li Wang (1): zswap: re-check zswap_is_full() after do zswap_shrink() Linus Torvalds (1): squashfs metadata 2: electric boogaloo Lucas Stach (2): drm/imx: imx-ldb: disable LDB on driver bind drm/imx: imx-ldb: check if channel is enabled before printing warning Maciej W. Rozycki (1): MIPS: Correct the 64-bit DSP accumulator register size Martin Schwidefsky (2): s390: fix br_r1_trampoline for machines without exrl s390/numa: move initial setup of node_to_cpumask_map Masami Hiramatsu (3): selftests/ftrace: Add snapshot and tracing_on test case kprobes/arm64: Fix %p uses in error messages kprobes: Make list and blacklist root user read only Michael Buesch (2): b43legacy/leds: Ensure NUL-termination of LED name string b43/leds: Ensure NUL-termination of LED name string Mike Christie (1): iscsi target: fix session creation failure handling Miklos Szeredi (5): fuse: fix initial parallel dirops fuse: fix double request_end() fuse: fix unlocked access to processing queue fuse: umount should wait for all requests fuse: Fix oops at process_init_reply() Mikulas Patocka (3): udl-kms: change down_interruptible to down udl-kms: handle allocation failure udl-kms: fix crash due to uninitialized memory Nicholas Mc Guire (2): can: mpc5xxx_can: check of_iomap return before use cifs: check kmalloc before use Nick Desaulniers (1): x86/irqflags: Mark native_restore_fl extern inline Paul Burton (1): MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 Peter Senna Tschudin (1): tools: usb: ffs-test: Fix build on big endian systems Phillip Lougher (1): Squashfs: Compute expected length from inode size rather than block length Punit Agrawal (2): KVM: arm/arm64: Skip updating PTE entry if no change KVM: arm/arm64: Skip updating PMD entry if no change Rafał Miłecki (1): Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum" Randy Dunlap (5): usb/phy: fix PPC64 build errors in phy-fsl-usb.c net: prevent ISA drivers from building on PPC32 arc: [plat-eznps] fix data type errors in platform headers arc: fix build errors in arc/include/asm/delay.h arc: fix type warnings in arc/mm/cache.c Rian Hunter (1): x86/process: Re-export start_thread() Scott Bauer (1): cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Sean Paul (1): drm/bridge: adv7511: Reset registers on hotplug Sebastian Ott (1): s390/pci: fix out of bounds access during irq setup Shubhrajyoti Datta (1): net: axienet: Fix double deregister of mdio Steve French (4): cifs: add missing debug entries for kconfig options smb3: enumerating snapshots was leaving part of the data off end smb3: Do not send SMB3 SET_INFO if nothing changed smb3: don't request leases in symlink creation and query Sudarsana Reddy Kalluru (3): qed: Fix possible race for the link state value. qed: Correct Multicast API to reflect existence of 256 approximate buckets. bnx2x: Fix invalid memory access in rss hash config path. Theodore Ts'o (1): ext4: check for NUL characters in extended attribute's name Thomas Gleixner (2): perf/x86/amd/ibs: Don't access non-started event KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled Thomas Petazzoni (1): sparc: kernel/pcic: silence gcc 7.x warning in pcibios_fixup_bus() Tommi Rantala (1): xfrm: fix missing dst_release() after policy blocking lbcast and multicast Varun Prakash (1): scsi: libiscsi: fix possible NULL pointer dereference in case of TMF Vlastimil Babka (3): x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM x86/speculation/l1tf: Suggest what to do on systems with too much RAM YueHaibing (1): net: caif: Add a missing rcu_read_unlock() in caif_flow_cb jie@chenjie6@huwei.com (1): mm/memory.c: check return value of ioremap_prot mpubbise(a)codeaurora.org (1): mac80211: add stations tied to AP_VLANs during hw reconfig yujuan.qi (1): Cipso: cipso_v4_optptr enter infinite loop

6 years, 4 months

1
1
0 0

Linux 4.4.154

by Greg KH

I'm announcing the release of the 4.4.154 kernel. All users of the 4.4 kernel series must upgrade. The updated 4.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.4.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arc/include/asm/delay.h | 3 arch/arc/mm/cache.c | 7 - arch/arm/kvm/mmu.c | 42 +++++-- arch/arm64/mm/init.c | 6 - arch/mips/bcm47xx/setup.c | 6 - arch/mips/include/asm/mipsregs.h | 3 arch/mips/include/asm/processor.h | 2 arch/mips/kernel/ptrace.c | 2 arch/mips/kernel/ptrace32.c | 2 arch/mips/lib/multi3.c | 6 - arch/s390/include/asm/qdio.h | 1 arch/s390/mm/fault.c | 2 arch/s390/net/bpf_jit_comp.c | 2 arch/s390/pci/pci.c | 2 arch/x86/include/asm/irqflags.h | 3 arch/x86/include/asm/processor.h | 4 arch/x86/kernel/cpu/bugs.c | 4 arch/x86/kernel/cpu/intel.c | 3 arch/x86/kernel/process_64.c | 1 arch/x86/mm/init.c | 4 arch/x86/mm/mmap.c | 2 drivers/cdrom/cdrom.c | 2 drivers/gpu/drm/i2c/adv7511.c | 12 ++ drivers/gpu/drm/imx/imx-ldb.c | 9 + drivers/gpu/drm/udl/udl_fb.c | 2 drivers/gpu/drm/udl/udl_main.c | 35 +++--- drivers/i2c/busses/i2c-davinci.c | 8 + drivers/net/can/mscan/mpc5xxx_can.c | 5 drivers/net/ethernet/3com/Kconfig | 2 drivers/net/ethernet/amd/Kconfig | 4 drivers/net/ethernet/atheros/atl1c/atl1c_main.c | 1 drivers/net/ethernet/broadcom/bnx2x/bnx2x_ethtool.c | 13 +- drivers/net/ethernet/cirrus/Kconfig | 1 drivers/net/ethernet/cisco/enic/enic_main.c | 78 ++++---------- drivers/net/ethernet/qlogic/qed/qed_mcp.c | 1 drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c | 1 drivers/net/wan/lmc/lmc_main.c | 2 drivers/pinctrl/freescale/pinctrl-imx1-core.c | 2 drivers/s390/cio/qdio_main.c | 5 drivers/scsi/fcoe/fcoe_ctlr.c | 4 drivers/scsi/libiscsi.c | 12 +- drivers/scsi/scsi_sysfs.c | 20 +++ drivers/scsi/vmw_pvscsi.c | 11 + drivers/staging/media/omap4iss/iss_video.c | 3 drivers/target/iscsi/iscsi_target_login.c | 35 +++--- drivers/usb/gadget/function/f_uac2.c | 20 +-- drivers/usb/gadget/udc/r8a66597-udc.c | 6 - drivers/usb/phy/phy-fsl-usb.c | 4 fs/btrfs/extent-tree.c | 2 fs/cachefiles/namei.c | 1 fs/cachefiles/rdwr.c | 17 ++- fs/cifs/cifs_debug.c | 30 ++++- fs/cifs/inode.c | 2 fs/cifs/link.c | 4 fs/cifs/sess.c | 6 + fs/cifs/smb2inode.c | 2 fs/ext4/namei.c | 1 fs/ext4/sysfs.c | 13 +- fs/ext4/xattr.c | 2 fs/fscache/operation.c | 6 - fs/fuse/dev.c | 39 +++++-- fs/fuse/file.c | 1 fs/fuse/fuse_i.h | 1 fs/fuse/inode.c | 23 +--- fs/sysfs/file.c | 44 +++++++ include/linux/sysfs.h | 14 ++ kernel/kprobes.c | 4 kernel/sysctl.c | 3 mm/memory.c | 3 mm/zswap.c | 9 + net/caif/caif_dev.c | 4 net/ipv4/cipso_ipv4.c | 12 +- net/ipv6/ip6_vti.c | 11 + net/mac80211/util.c | 3 net/wireless/nl80211.c | 1 net/xfrm/xfrm_policy.c | 3 net/xfrm/xfrm_user.c | 10 + sound/soc/sirf/sirf-usp.c | 7 - sound/soc/soc-pcm.c | 8 + tools/power/x86/turbostat/turbostat.c | 8 - tools/testing/selftests/ftrace/test.d/00basic/snapshot.tc | 28 +++++ tools/usb/ffs-test.c | 19 ++- 83 files changed, 513 insertions(+), 235 deletions(-) Alexander Sverdlin (1): i2c: davinci: Avoid zero value of CLKH Andi Kleen (1): x86/spectre: Add missing family 6 check to microcode check Andrey Ryabinin (1): fuse: Don't access pipe->buffers without pipe_lock() Arnd Bergmann (1): ext4: sysfs: print ext4_super_block fields as little-endian Bart Van Assche (2): scsi: sysfs: Introduce sysfs_{un,}break_active_protection() scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Bernd Edlinger (1): nl80211: Add a missing break in parse_station_flags Calvin Walton (1): tools/power turbostat: Read extended processor family from CPUID Claudio Imbrenda (1): s390/kvm: fix deadlock when killed by oom Colin Ian King (1): drivers: net: lmc: fix case value for target abort error Dan Carpenter (1): pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() Eric Sandeen (1): ext4: reset error code in ext4_find_entry in fallback Ethan Zhao (1): sched/sysctl: Check user input value of sysctl_sched_time_avg Eugeniu Rosca (1): usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' Eyal Birger (1): vti6: fix PMTU caching and reporting on xmit Florian Westphal (2): xfrm: free skb if nlsk pointer is NULL atl1c: reserve min skb headroom Govindarajulu Varadarajan (1): enic: handle mtu change for vf properly Greg Hackmann (1): arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() Greg Kroah-Hartman (1): Linux 4.4.154 Guenter Roeck (1): media: staging: omap4iss: Include asm/cacheflush.h after generic includes Gustavo A. R. Silva (1): ASoC: sirf: Fix potential NULL pointer dereference Jerome Brunet (1): ASoC: dpcm: don't merge format from invalid codec dai Jia-Ju Bai (2): usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() Jim Gill (1): scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED Johannes Thumshirn (1): scsi: fcoe: drop frames in ELS LOGO error path Josef Bacik (1): btrfs: don't leak ret from do_chunk_alloc Julian Wiedmann (1): s390/qdio: reset old sbal_state flags Kiran Kumar Modukuri (3): fscache: Allow cancelled operations to be enqueued cachefiles: Fix refcounting bug in backing-file read monitoring cachefiles: Wait rather than BUG'ing on "Unexpected object collision" Kirill Tkhai (1): fuse: Add missed unlock_page() to fuse_readpages_fill() Len Brown (1): tools/power turbostat: fix -S on UP systems Li Wang (1): zswap: re-check zswap_is_full() after do zswap_shrink() Lucas Stach (2): drm/imx: imx-ldb: disable LDB on driver bind drm/imx: imx-ldb: check if channel is enabled before printing warning Maciej W. Rozycki (1): MIPS: Correct the 64-bit DSP accumulator register size Martin Schwidefsky (1): s390: fix br_r1_trampoline for machines without exrl Masami Hiramatsu (2): selftests/ftrace: Add snapshot and tracing_on test case kprobes: Make list and blacklist root user read only Mike Christie (1): iscsi target: fix session creation failure handling Miklos Szeredi (4): fuse: fix double request_end() fuse: fix unlocked access to processing queue fuse: umount should wait for all requests fuse: Fix oops at process_init_reply() Mikulas Patocka (3): udl-kms: change down_interruptible to down udl-kms: handle allocation failure udl-kms: fix crash due to uninitialized memory Nicholas Mc Guire (2): can: mpc5xxx_can: check of_iomap return before use cifs: check kmalloc before use Nick Desaulniers (1): x86/irqflags: Mark native_restore_fl extern inline Paul Burton (1): MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7 Peter Senna Tschudin (1): tools: usb: ffs-test: Fix build on big endian systems Punit Agrawal (2): KVM: arm/arm64: Skip updating PTE entry if no change KVM: arm/arm64: Skip updating PMD entry if no change Rafał Miłecki (1): Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum" Randy Dunlap (4): usb/phy: fix PPC64 build errors in phy-fsl-usb.c net: prevent ISA drivers from building on PPC32 arc: fix build errors in arc/include/asm/delay.h arc: fix type warnings in arc/mm/cache.c Rian Hunter (1): x86/process: Re-export start_thread() Scott Bauer (1): cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Sean Paul (1): drm/bridge: adv7511: Reset registers on hotplug Sebastian Ott (1): s390/pci: fix out of bounds access during irq setup Shubhrajyoti Datta (1): net: axienet: Fix double deregister of mdio Steve French (3): cifs: add missing debug entries for kconfig options smb3: Do not send SMB3 SET_INFO if nothing changed smb3: don't request leases in symlink creation and query Sudarsana Reddy Kalluru (2): qed: Fix possible race for the link state value. bnx2x: Fix invalid memory access in rss hash config path. Theodore Ts'o (1): ext4: check for NUL characters in extended attribute's name Tommi Rantala (1): xfrm: fix missing dst_release() after policy blocking lbcast and multicast Varun Prakash (1): scsi: libiscsi: fix possible NULL pointer dereference in case of TMF Vlastimil Babka (3): x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM x86/speculation/l1tf: Suggest what to do on systems with too much RAM YueHaibing (1): net: caif: Add a missing rcu_read_unlock() in caif_flow_cb jie@chenjie6@huwei.com (1): mm/memory.c: check return value of ioremap_prot mpubbise(a)codeaurora.org (1): mac80211: add stations tied to AP_VLANs during hw reconfig yujuan.qi (1): Cipso: cipso_v4_optptr enter infinite loop

6 years, 4 months

1
1
0 0

Linux 3.18.121

by Greg KH

I'm announcing the release of the 3.18.121 kernel. All users of the 3.18 kernel series must upgrade. The updated 3.18.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-3.18.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 arch/arc/include/asm/delay.h | 3 arch/arc/mm/cache_arc700.c | 7 - arch/arm/kvm/mmu.c | 42 +++++-- arch/arm64/mm/init.c | 6 - arch/mips/bcm47xx/setup.c | 6 - arch/mips/include/asm/mipsregs.h | 3 arch/mips/include/asm/processor.h | 2 arch/mips/kernel/ptrace.c | 2 arch/mips/kernel/ptrace32.c | 2 arch/s390/include/asm/qdio.h | 1 arch/s390/mm/fault.c | 2 arch/s390/pci/pci.c | 2 arch/x86/kernel/process_64.c | 1 drivers/cdrom/cdrom.c | 2 drivers/gpu/drm/udl/udl_fb.c | 2 drivers/gpu/drm/udl/udl_main.c | 35 +++--- drivers/net/can/mscan/mpc5xxx_can.c | 5 drivers/net/ethernet/atheros/atl1c/atl1c_main.c | 1 drivers/net/ethernet/broadcom/bnx2x/bnx2x_ethtool.c | 13 +- drivers/net/ethernet/cisco/enic/enic_main.c | 78 ++++---------- drivers/net/ethernet/xilinx/xilinx_axienet_mdio.c | 1 drivers/net/wan/lmc/lmc_main.c | 2 drivers/pinctrl/freescale/pinctrl-imx1-core.c | 2 drivers/s390/cio/qdio_main.c | 5 drivers/scsi/fcoe/fcoe_ctlr.c | 4 drivers/scsi/libiscsi.c | 12 +- drivers/scsi/scsi_sysfs.c | 20 +++ drivers/scsi/vmw_pvscsi.c | 11 + drivers/staging/imx-drm/imx-ldb.c | 9 + drivers/staging/media/omap4iss/iss_video.c | 3 drivers/usb/gadget/function/f_uac2.c | 20 +-- drivers/usb/gadget/udc/r8a66597-udc.c | 6 - drivers/usb/phy/phy-fsl-usb.c | 4 fs/btrfs/extent-tree.c | 2 fs/cachefiles/namei.c | 1 fs/cachefiles/rdwr.c | 17 ++- fs/ext4/namei.c | 1 fs/fscache/operation.c | 6 - fs/fuse/dev.c | 7 - fs/fuse/file.c | 1 fs/sysfs/file.c | 44 +++++++ include/linux/sysfs.h | 14 ++ kernel/kprobes.c | 4 kernel/sysctl.c | 3 mm/memory.c | 3 mm/zswap.c | 9 + net/caif/caif_dev.c | 4 net/ipv4/cipso_ipv4.c | 12 +- net/mac80211/util.c | 3 net/wireless/nl80211.c | 1 net/xfrm/xfrm_policy.c | 3 net/xfrm/xfrm_user.c | 10 + sound/soc/sirf/sirf-usp.c | 7 - tools/power/x86/turbostat/turbostat.c | 8 - tools/testing/selftests/ftrace/test.d/00basic/snapshot.tc | 28 +++++ tools/usb/ffs-test.c | 19 ++- 57 files changed, 353 insertions(+), 170 deletions(-) Andrey Ryabinin (1): fuse: Don't access pipe->buffers without pipe_lock() Bart Van Assche (2): scsi: sysfs: Introduce sysfs_{un,}break_active_protection() scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock Bernd Edlinger (1): nl80211: Add a missing break in parse_station_flags Calvin Walton (1): tools/power turbostat: Read extended processor family from CPUID Claudio Imbrenda (1): s390/kvm: fix deadlock when killed by oom Colin Ian King (1): drivers: net: lmc: fix case value for target abort error Dan Carpenter (1): pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show() Eric Sandeen (1): ext4: reset error code in ext4_find_entry in fallback Ethan Zhao (1): sched/sysctl: Check user input value of sysctl_sched_time_avg Eugeniu Rosca (1): usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3' Florian Westphal (2): xfrm: free skb if nlsk pointer is NULL atl1c: reserve min skb headroom Govindarajulu Varadarajan (1): enic: handle mtu change for vf properly Greg Hackmann (1): arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() Greg Kroah-Hartman (1): Linux 3.18.121 Guenter Roeck (1): media: staging: omap4iss: Include asm/cacheflush.h after generic includes Gustavo A. R. Silva (1): ASoC: sirf: Fix potential NULL pointer dereference Jia-Ju Bai (2): usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() Jim Gill (1): scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED Johannes Thumshirn (1): scsi: fcoe: drop frames in ELS LOGO error path Josef Bacik (1): btrfs: don't leak ret from do_chunk_alloc Julian Wiedmann (1): s390/qdio: reset old sbal_state flags Kiran Kumar Modukuri (3): fscache: Allow cancelled operations to be enqueued cachefiles: Fix refcounting bug in backing-file read monitoring cachefiles: Wait rather than BUG'ing on "Unexpected object collision" Kirill Tkhai (1): fuse: Add missed unlock_page() to fuse_readpages_fill() Len Brown (1): tools/power turbostat: fix -S on UP systems Li Wang (1): zswap: re-check zswap_is_full() after do zswap_shrink() Lucas Stach (2): drm/imx: imx-ldb: disable LDB on driver bind drm/imx: imx-ldb: check if channel is enabled before printing warning Maciej W. Rozycki (1): MIPS: Correct the 64-bit DSP accumulator register size Masami Hiramatsu (2): selftests/ftrace: Add snapshot and tracing_on test case kprobes: Make list and blacklist root user read only Mikulas Patocka (3): udl-kms: change down_interruptible to down udl-kms: handle allocation failure udl-kms: fix crash due to uninitialized memory Nicholas Mc Guire (1): can: mpc5xxx_can: check of_iomap return before use Peter Senna Tschudin (1): tools: usb: ffs-test: Fix build on big endian systems Punit Agrawal (2): KVM: arm/arm64: Skip updating PTE entry if no change KVM: arm/arm64: Skip updating PMD entry if no change Rafał Miłecki (1): Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum" Randy Dunlap (3): usb/phy: fix PPC64 build errors in phy-fsl-usb.c arc: fix build errors in arc/include/asm/delay.h arc: fix type warnings in arc/mm/cache.c Rian Hunter (1): x86/process: Re-export start_thread() Scott Bauer (1): cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status Sebastian Ott (1): s390/pci: fix out of bounds access during irq setup Shubhrajyoti Datta (1): net: axienet: Fix double deregister of mdio Sudarsana Reddy Kalluru (1): bnx2x: Fix invalid memory access in rss hash config path. Tommi Rantala (1): xfrm: fix missing dst_release() after policy blocking lbcast and multicast Varun Prakash (1): scsi: libiscsi: fix possible NULL pointer dereference in case of TMF YueHaibing (1): net: caif: Add a missing rcu_read_unlock() in caif_flow_cb jie@chenjie6@huwei.com (1): mm/memory.c: check return value of ioremap_prot mpubbise(a)codeaurora.org (1): mac80211: add stations tied to AP_VLANs during hw reconfig yujuan.qi (1): Cipso: cipso_v4_optptr enter infinite loop

6 years, 4 months

1
1
0 0

[PATCH] tpm: fix response size validation in tpm_get_random()

by Jarkko Sakkinen

When checking whether the response is large enough to be able to contain the received random bytes in tpm_get_random() and tpm2_get_random(), they fail to take account the header size, which should be added to the minimum size. This commit fixes this issue. Cc: stable(a)vger.kernel.org Fixes: c659af78eb7b ("tpm: Check size of response before accessing data") Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com> --- drivers/char/tpm/tpm-interface.c | 3 ++- drivers/char/tpm/tpm2-cmd.c | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 1a803b0cf980..318a7078b2ba 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -1321,7 +1321,8 @@ int tpm_get_random(struct tpm_chip *chip, u8 *out, size_t max) } rlength = be32_to_cpu(tpm_cmd.header.out.length); - if (rlength < offsetof(struct tpm_getrandom_out, rng_data) + + if (rlength < TPM_HEADER_SIZE + + offsetof(struct tpm_getrandom_out, rng_data) + recd) { total = -EFAULT; break; diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index c31b490bd41d..3acf4fd4e5a5 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -329,7 +329,9 @@ int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max) &buf.data[TPM_HEADER_SIZE]; recd = min_t(u32, be16_to_cpu(out->size), num_bytes); if (tpm_buf_length(&buf) < - offsetof(struct tpm2_get_random_out, buffer) + recd) { + TPM_HEADER_SIZE + + offsetof(struct tpm2_get_random_out, buffer) + + recd) { err = -EFAULT; goto out; } -- 2.17.1

6 years, 4 months

2
2
0 0

v3.18.121 build: 0 failures 1 warnings (v3.18.121)

by Build bot for Mark Brown

Tree/Branch: v3.18.121 Git describe: v3.18.121 Commit: ba6984fc01 Linux 3.18.121 Build Time: 0 min 1 sec Passed: 7 / 7 (100.00 %) Failed: 0 / 7 ( 0.00 %) Errors: 0 Warnings: 1 Section Mismatches: 0 ------------------------------------------------------------------------------- defconfigs with issues (other than build errors): 7 warnings 0 mismatches : x86_64-allmodconfig 2 warnings 0 mismatches : x86_64-defconfig ------------------------------------------------------------------------------- Warnings Summary: 1 9 ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] =============================================================================== Detailed per-defconfig build reports below: ------------------------------------------------------------------------------- x86_64-allmodconfig : PASS, 0 errors, 7 warnings, 0 section mismatches Warnings: ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ------------------------------------------------------------------------------- x86_64-defconfig : PASS, 0 errors, 2 warnings, 0 section mismatches Warnings: ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ../include/linux/ftrace.h:632:36: warning: calling '__builtin_return_address' with a nonzero argument is unsafe [-Wframe-address] ------------------------------------------------------------------------------- Passed with no errors, warnings or mismatches: x86_64-allnoconfig arm-multi_v7_defconfig arm-allmodconfig arm-allnoconfig arm-multi_v5_defconfig

6 years, 4 months

1
0
0 0

patch "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usb: cdc-wdm: Fix a sleep-in-atomic-context bug in to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 6e22e3af7bb3a7b9dc53cb4687659f6e63fca427 Mon Sep 17 00:00:00 2001 From: Jia-Ju Bai <baijiaju1990(a)gmail.com> Date: Sat, 1 Sep 2018 16:12:10 +0800 Subject: usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt() wdm_in_callback() is a completion handler function for the USB driver. So it should not sleep. But it calls service_outstanding_interrupt(), which calls usb_submit_urb() with GFP_KERNEL. To fix this bug, GFP_KERNEL is replaced with GFP_ATOMIC. This bug is found by my static analysis tool DSAC. Signed-off-by: Jia-Ju Bai <baijiaju1990(a)gmail.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/class/cdc-wdm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/class/cdc-wdm.c b/drivers/usb/class/cdc-wdm.c index bec581fb7c63..656d247819c9 100644 --- a/drivers/usb/class/cdc-wdm.c +++ b/drivers/usb/class/cdc-wdm.c @@ -460,7 +460,7 @@ static int service_outstanding_interrupt(struct wdm_device *desc) set_bit(WDM_RESPONDING, &desc->flags); spin_unlock_irq(&desc->iuspin); - rv = usb_submit_urb(desc->response, GFP_KERNEL); + rv = usb_submit_urb(desc->response, GFP_ATOMIC); spin_lock_irq(&desc->iuspin); if (rv) { dev_err(&desc->intf->dev, -- 2.18.0

6 years, 4 months

1
0
0 0

patch "usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From 6d4f268fa132742fe96dad22307c68d237356d88 Mon Sep 17 00:00:00 2001 From: Jia-Ju Bai <baijiaju1990(a)gmail.com> Date: Sat, 1 Sep 2018 17:23:47 +0800 Subject: usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() i_usX2Y_subs_startup in usbusx2yaudio.c is a completion handler function for the USB driver. So it should not sleep, but it is can sleep according to the function call paths (from bottom to top) in Linux-4.16. [FUNC] msleep drivers/usb/host/u132-hcd.c, 2558: msleep in u132_get_frame drivers/usb/core/hcd.c, 2231: [FUNC_PTR]u132_get_frame in usb_hcd_get_frame_number drivers/usb/core/usb.c, 822: usb_hcd_get_frame_number in usb_get_current_frame_number sound/usb/usx2y/usbusx2yaudio.c, 303: usb_get_current_frame_number in i_usX2Y_urb_complete sound/usb/usx2y/usbusx2yaudio.c, 366: i_usX2Y_urb_complete in i_usX2Y_subs_startup Note that [FUNC_PTR] means a function pointer call is used. To fix this bug, msleep() is replaced with mdelay(). This bug is found by my static analysis tool DSAC. Signed-off-by: Jia-Ju Bai <baijiaju1990(a)gmail.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/host/u132-hcd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/usb/host/u132-hcd.c b/drivers/usb/host/u132-hcd.c index 072bd5d5738e..5b8a3d9530c4 100644 --- a/drivers/usb/host/u132-hcd.c +++ b/drivers/usb/host/u132-hcd.c @@ -2555,7 +2555,7 @@ static int u132_get_frame(struct usb_hcd *hcd) } else { int frame = 0; dev_err(&u132->platform_dev->dev, "TODO: u132_get_frame\n"); - msleep(100); + mdelay(100); return frame; } } -- 2.18.0

6 years, 4 months

1
0
0 0

patch "usb: misc: uss720: Fix two sleep-in-atomic-context bugs" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usb: misc: uss720: Fix two sleep-in-atomic-context bugs to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From bc8acc214d3f1cafebcbcd101a695bbac716595d Mon Sep 17 00:00:00 2001 From: Jia-Ju Bai <baijiaju1990(a)gmail.com> Date: Sat, 1 Sep 2018 16:25:08 +0800 Subject: usb: misc: uss720: Fix two sleep-in-atomic-context bugs async_complete() in uss720.c is a completion handler function for the USB driver. So it should not sleep, but it is can sleep according to the function call paths (from bottom to top) in Linux-4.16. [FUNC] set_1284_register(GFP_KERNEL) drivers/usb/misc/uss720.c, 372: set_1284_register in parport_uss720_frob_control drivers/parport/ieee1284.c, 560: [FUNC_PTR]parport_uss720_frob_control in parport_ieee1284_ack_data_avail drivers/parport/ieee1284.c, 577: parport_ieee1284_ack_data_avail in parport_ieee1284_interrupt ./include/linux/parport.h, 474: parport_ieee1284_interrupt in parport_generic_irq drivers/usb/misc/uss720.c, 116: parport_generic_irq in async_complete [FUNC] get_1284_register(GFP_KERNEL) drivers/usb/misc/uss720.c, 382: get_1284_register in parport_uss720_read_status drivers/parport/ieee1284.c, 555: [FUNC_PTR]parport_uss720_read_status in parport_ieee1284_ack_data_avail drivers/parport/ieee1284.c, 577: parport_ieee1284_ack_data_avail in parport_ieee1284_interrupt ./include/linux/parport.h, 474: parport_ieee1284_interrupt in parport_generic_irq drivers/usb/misc/uss720.c, 116: parport_generic_irq in async_complete Note that [FUNC_PTR] means a function pointer call is used. To fix these bugs, GFP_KERNEL is replaced with GFP_ATOMIC. These bugs are found by my static analysis tool DSAC. Signed-off-by: Jia-Ju Bai <baijiaju1990(a)gmail.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/misc/uss720.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/usb/misc/uss720.c b/drivers/usb/misc/uss720.c index 82f220631bd7..b5d661644263 100644 --- a/drivers/usb/misc/uss720.c +++ b/drivers/usb/misc/uss720.c @@ -369,7 +369,7 @@ static unsigned char parport_uss720_frob_control(struct parport *pp, unsigned ch mask &= 0x0f; val &= 0x0f; d = (priv->reg[1] & (~mask)) ^ val; - if (set_1284_register(pp, 2, d, GFP_KERNEL)) + if (set_1284_register(pp, 2, d, GFP_ATOMIC)) return 0; priv->reg[1] = d; return d & 0xf; @@ -379,7 +379,7 @@ static unsigned char parport_uss720_read_status(struct parport *pp) { unsigned char ret; - if (get_1284_register(pp, 1, &ret, GFP_KERNEL)) + if (get_1284_register(pp, 1, &ret, GFP_ATOMIC)) return 0; return ret & 0xf8; } -- 2.18.0

6 years, 4 months

1
0
0 0

patch "usb: Avoid use-after-free by flushing endpoints early in" added to usb-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usb: Avoid use-after-free by flushing endpoints early in to my usb git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git in the usb-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From f9a5b4f58b280c1d26255376713c132f93837621 Mon Sep 17 00:00:00 2001 From: Mathias Nyman <mathias.nyman(a)linux.intel.com> Date: Mon, 3 Sep 2018 15:44:16 +0300 Subject: usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() The steps taken by usb core to set a new interface is very different from what is done on the xHC host side. xHC hardware will do everything in one go. One command is used to set up new endpoints, free old endpoints, check bandwidth, and run the new endpoints. All this is done by xHC when usb core asks the hcd to check for available bandwidth. At this point usb core has not yet flushed the old endpoints, which will cause use-after-free issues in xhci driver as queued URBs are cancelled on a re-allocated endpoint. To resolve this add a call to usb_disable_interface() which will flush the endpoints before calling usb_hcd_alloc_bandwidth() Additional checks in xhci driver will also be implemented to gracefully handle stale URB cancel on freed and re-allocated endpoints Cc: <stable(a)vger.kernel.org> Reported-by: Sudip Mukherjee <sudipm.mukherjee(a)gmail.com> Signed-off-by: Mathias Nyman <mathias.nyman(a)linux.intel.com> Acked-by: Alan Stern <stern(a)rowland.harvard.edu> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/core/message.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/drivers/usb/core/message.c b/drivers/usb/core/message.c index 228672f2c4a1..bfa5eda0cc26 100644 --- a/drivers/usb/core/message.c +++ b/drivers/usb/core/message.c @@ -1341,6 +1341,11 @@ void usb_enable_interface(struct usb_device *dev, * is submitted that needs that bandwidth. Some other operating systems * allocate bandwidth early, when a configuration is chosen. * + * xHCI reserves bandwidth and configures the alternate setting in + * usb_hcd_alloc_bandwidth(). If it fails the original interface altsetting + * may be disabled. Drivers cannot rely on any particular alternate + * setting being in effect after a failure. + * * This call is synchronous, and may not be used in an interrupt context. * Also, drivers must not change altsettings while urbs are scheduled for * endpoints in that interface; all such urbs must first be completed @@ -1376,6 +1381,12 @@ int usb_set_interface(struct usb_device *dev, int interface, int alternate) alternate); return -EINVAL; } + /* + * usb3 hosts configure the interface in usb_hcd_alloc_bandwidth, + * including freeing dropped endpoint ring buffers. + * Make sure the interface endpoints are flushed before that + */ + usb_disable_interface(dev, iface, false); /* Make sure we have enough bandwidth for this alternate interface. * Remove the current alt setting and add the new alt setting. -- 2.18.0

6 years, 4 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror September 2018