September 2019 - Linux-stable-mirror

[PATCH] ALSA: hda/realtek - Fix the problem of two front mics on a ThinkCentre

by Hui Wang

This ThinkCentre machine has a new realtek codec alc222, it is not in the support list, we add it in the realtek.c then this machine can apply FIXUPs for the realtek codec. And this machine has two front mics which can't be handled by PA so far, it uses the pin 0x18 and 0x19 as the front mics, as a result the existing FIXUP ALC294_FIXUP_LENOVO_MIC_LOCATION doesn't work on this machine. Fortunately another FIXUP ALC283_FIXUP_HEADSET_MIC also can change the location for one of the two mics on this machine. Cc: <stable(a)vger.kernel.org> Signed-off-by: Hui Wang <hui.wang(a)canonical.com> --- sound/pci/hda/patch_realtek.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c index 3b9583aa63c1..74697c1dd1d5 100644 --- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -7151,6 +7151,7 @@ static const struct snd_pci_quirk alc269_fixup_tbl[] = { SND_PCI_QUIRK(0x17aa, 0x312a, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), SND_PCI_QUIRK(0x17aa, 0x312f, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), SND_PCI_QUIRK(0x17aa, 0x313c, "ThinkCentre Station", ALC294_FIXUP_LENOVO_MIC_LOCATION), + SND_PCI_QUIRK(0x17aa, 0x3151, "ThinkCentre Station", ALC283_FIXUP_HEADSET_MIC), SND_PCI_QUIRK(0x17aa, 0x3902, "Lenovo E50-80", ALC269_FIXUP_DMIC_THINKPAD_ACPI), SND_PCI_QUIRK(0x17aa, 0x3977, "IdeaPad S210", ALC283_FIXUP_INT_MIC), SND_PCI_QUIRK(0x17aa, 0x3978, "Lenovo B50-70", ALC269_FIXUP_DMIC_THINKPAD_ACPI), @@ -9038,6 +9039,7 @@ static int patch_alc680(struct hda_codec *codec) static const struct hda_device_id snd_hda_id_realtek[] = { HDA_CODEC_ENTRY(0x10ec0215, "ALC215", patch_alc269), HDA_CODEC_ENTRY(0x10ec0221, "ALC221", patch_alc269), + HDA_CODEC_ENTRY(0x10ec0222, "ALC222", patch_alc269), HDA_CODEC_ENTRY(0x10ec0225, "ALC225", patch_alc269), HDA_CODEC_ENTRY(0x10ec0231, "ALC231", patch_alc269), HDA_CODEC_ENTRY(0x10ec0233, "ALC233", patch_alc269), -- 2.17.1

5 years, 4 months

3
3
0 0

[PATCH 4.19] mt76: mt76x0u: do not reset radio on resume

by Stanislaw Gruszka

commit 8f2d163cb26da87e7d8e1677368b8ba1ba4d30b3 upstream. On some machines mt76x0u firmware can hung during resume, what result on messages like below: [ 475.480062] mt76x0 1-8:1.0: Error: MCU response pre-completed! [ 475.990066] mt76x0 1-8:1.0: Error: send MCU cmd failed:-110 [ 475.990075] mt76x0 1-8:1.0: Error: MCU response pre-completed! [ 476.500003] mt76x0 1-8:1.0: Error: send MCU cmd failed:-110 [ 476.500012] mt76x0 1-8:1.0: Error: MCU response pre-completed! [ 477.010046] mt76x0 1-8:1.0: Error: send MCU cmd failed:-110 [ 477.010055] mt76x0 1-8:1.0: Error: MCU response pre-completed! [ 477.529997] mt76x0 1-8:1.0: Error: send MCU cmd failed:-110 [ 477.530006] mt76x0 1-8:1.0: Error: MCU response pre-completed! [ 477.824907] mt76x0 1-8:1.0: Error: send MCU cmd failed:-71 [ 477.824916] mt76x0 1-8:1.0: Error: MCU response pre-completed! [ 477.825029] usb 1-8: USB disconnect, device number 6 and possible whole system freeze. This can be avoided, if we do not perform mt76x0_chip_onoff() reset. Cc: stable(a)vger.kernel.org Fixes: 134b2d0d1fcf ("mt76x0: init files") Signed-off-by: Stanislaw Gruszka <sgruszka(a)redhat.com> Signed-off-by: Kalle Valo <kvalo(a)codeaurora.org> --- drivers/net/wireless/mediatek/mt76/mt76x0/init.c | 4 ++-- drivers/net/wireless/mediatek/mt76/mt76x0/mt76x0.h | 2 +- drivers/net/wireless/mediatek/mt76/mt76x0/usb.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/drivers/net/wireless/mediatek/mt76/mt76x0/init.c b/drivers/net/wireless/mediatek/mt76/mt76x0/init.c index 0a3e046d78db..da2ba51dec35 100644 --- a/drivers/net/wireless/mediatek/mt76/mt76x0/init.c +++ b/drivers/net/wireless/mediatek/mt76/mt76x0/init.c @@ -369,7 +369,7 @@ static void mt76x0_stop_hardware(struct mt76x0_dev *dev) mt76x0_chip_onoff(dev, false, false); } -int mt76x0_init_hardware(struct mt76x0_dev *dev) +int mt76x0_init_hardware(struct mt76x0_dev *dev, bool reset) { static const u16 beacon_offsets[16] = { /* 512 byte per beacon */ @@ -382,7 +382,7 @@ int mt76x0_init_hardware(struct mt76x0_dev *dev) dev->beacon_offsets = beacon_offsets; - mt76x0_chip_onoff(dev, true, true); + mt76x0_chip_onoff(dev, true, reset); ret = mt76x0_wait_asic_ready(dev); if (ret) diff --git a/drivers/net/wireless/mediatek/mt76/mt76x0/mt76x0.h b/drivers/net/wireless/mediatek/mt76/mt76x0/mt76x0.h index fc9857f61771..f9dfe5097b09 100644 --- a/drivers/net/wireless/mediatek/mt76/mt76x0/mt76x0.h +++ b/drivers/net/wireless/mediatek/mt76/mt76x0/mt76x0.h @@ -279,7 +279,7 @@ void mt76x0_addr_wr(struct mt76x0_dev *dev, const u32 offset, const u8 *addr); /* Init */ struct mt76x0_dev *mt76x0_alloc_device(struct device *dev); -int mt76x0_init_hardware(struct mt76x0_dev *dev); +int mt76x0_init_hardware(struct mt76x0_dev *dev, bool reset); int mt76x0_register_device(struct mt76x0_dev *dev); void mt76x0_cleanup(struct mt76x0_dev *dev); void mt76x0_chip_onoff(struct mt76x0_dev *dev, bool enable, bool reset); diff --git a/drivers/net/wireless/mediatek/mt76/mt76x0/usb.c b/drivers/net/wireless/mediatek/mt76/mt76x0/usb.c index 54ae1f113be2..5aacb1f6a841 100644 --- a/drivers/net/wireless/mediatek/mt76/mt76x0/usb.c +++ b/drivers/net/wireless/mediatek/mt76/mt76x0/usb.c @@ -300,7 +300,7 @@ static int mt76x0_probe(struct usb_interface *usb_intf, if (!(mt76_rr(dev, MT_EFUSE_CTRL) & MT_EFUSE_CTRL_SEL)) dev_warn(dev->mt76.dev, "Warning: eFUSE not present\n"); - ret = mt76x0_init_hardware(dev); + ret = mt76x0_init_hardware(dev, true); if (ret) goto err; @@ -354,7 +354,7 @@ static int mt76x0_resume(struct usb_interface *usb_intf) struct mt76x0_dev *dev = usb_get_intfdata(usb_intf); int ret; - ret = mt76x0_init_hardware(dev); + ret = mt76x0_init_hardware(dev, false); if (ret) return ret; -- 2.20.1

5 years, 4 months

2
1
0 0

[PATCH] rtc : Restricting year setting between 2000 to 2099 in rtc-s35390a driver

by Sonawane, Aashish P

S-35390A RTC chip allows to set the lower two digit of the Western calendar year (00 to 99) and links together with the auto calendar from the year 2000 to the year 2099. If we try to set year earlier than 2000 then hardware clock get reset to "epoch". This patch check for year value between 2000 to 2099 otherwise returns "EINVAL" error. In conclusion this patch restricts system to set hardware clock to set year below and above the year 2000 and 2099 respectively. Signed-off-by: Aashish P Sonawane mailto:AashishPSonawane@eaton.com Suggested-by: Meghan Saitwal mailto:MeghanSaitwal@eaton.com ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------diff --git a/drivers/rtc/rtc-s35390a.c b/drivers/rtc/rtc-s35390a.c index 84806ff763cf..aea52548571e 100644 --- a/drivers/rtc/rtc-s35390a.c +++ b/drivers/rtc/rtc-s35390a.c @@ -214,6 +214,9 @@ static int s35390a_rtc_set_time(struct device *dev, struct rtc_time *tm) int i, err; char buf[7], status; + if (tm->tm_year < 100 || tm->tm_year > 199) + return EINVAL; + dev_dbg(&client->dev, "%s: tm is secs=%d, mins=%d, hours=%d mday=%d, " "mon=%d, year=%d, wday=%d\n", __func__, tm->tm_sec, tm->tm_min, tm->tm_hour, tm->tm_mday, tm->tm_mon, tm->tm_year,

5 years, 4 months

2
1
0 0

patch "/dev/mem: Bail out upon SIGKILL." added to char-misc-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled /dev/mem: Bail out upon SIGKILL. to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the char-misc-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 8619e5bdeee8b2c685d686281f2d2a6017c4bc15 Mon Sep 17 00:00:00 2001 From: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> Date: Mon, 26 Aug 2019 22:13:25 +0900 Subject: /dev/mem: Bail out upon SIGKILL. syzbot found that a thread can stall for minutes inside read_mem() or write_mem() after that thread was killed by SIGKILL [1]. Reading from iomem areas of /dev/mem can be slow, depending on the hardware. While reading 2GB at one read() is legal, delaying termination of killed thread for minutes is bad. Thus, allow reading/writing /dev/mem and /dev/kmem to be preemptible and killable. [ 1335.912419][T20577] read_mem: sz=4096 count=2134565632 [ 1335.943194][T20577] read_mem: sz=4096 count=2134561536 [ 1335.978280][T20577] read_mem: sz=4096 count=2134557440 [ 1336.011147][T20577] read_mem: sz=4096 count=2134553344 [ 1336.041897][T20577] read_mem: sz=4096 count=2134549248 Theoretically, reading/writing /dev/mem and /dev/kmem can become "interruptible". But this patch chose "killable". Future patch will make them "interruptible" so that we can revert to "killable" if some program regressed. [1] https://syzkaller.appspot.com/bug?id=a0e3436829698d5824231251fad9d8e998f94f… Signed-off-by: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> Cc: stable <stable(a)vger.kernel.org> Reported-by: syzbot <syzbot+8ab2d0f39fb79fe6ca40(a)syzkaller.appspotmail.com> Link: https://lore.kernel.org/r/1566825205-10703-1-git-send-email-penguin-kernel@… Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/char/mem.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/drivers/char/mem.c b/drivers/char/mem.c index b08dc50f9f26..9eb564c002f6 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -97,6 +97,13 @@ void __weak unxlate_dev_mem_ptr(phys_addr_t phys, void *addr) } #endif +static inline bool should_stop_iteration(void) +{ + if (need_resched()) + cond_resched(); + return fatal_signal_pending(current); +} + /* * This funcion reads the *physical* memory. The f_pos points directly to the * memory location. @@ -175,6 +182,8 @@ static ssize_t read_mem(struct file *file, char __user *buf, p += sz; count -= sz; read += sz; + if (should_stop_iteration()) + break; } kfree(bounce); @@ -251,6 +260,8 @@ static ssize_t write_mem(struct file *file, const char __user *buf, p += sz; count -= sz; written += sz; + if (should_stop_iteration()) + break; } *ppos += written; @@ -468,6 +479,10 @@ static ssize_t read_kmem(struct file *file, char __user *buf, read += sz; low_count -= sz; count -= sz; + if (should_stop_iteration()) { + count = 0; + break; + } } } @@ -492,6 +507,8 @@ static ssize_t read_kmem(struct file *file, char __user *buf, buf += sz; read += sz; p += sz; + if (should_stop_iteration()) + break; } free_page((unsigned long)kbuf); } @@ -544,6 +561,8 @@ static ssize_t do_write_kmem(unsigned long p, const char __user *buf, p += sz; count -= sz; written += sz; + if (should_stop_iteration()) + break; } *ppos += written; @@ -595,6 +614,8 @@ static ssize_t write_kmem(struct file *file, const char __user *buf, buf += sz; virtr += sz; p += sz; + if (should_stop_iteration()) + break; } free_page((unsigned long)kbuf); } -- 2.23.0

5 years, 4 months

1
0
0 0

patch "firmware: google: check if size is valid when decoding VPD data" added to char-misc-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled firmware: google: check if size is valid when decoding VPD data to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the char-misc-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From 4b708b7b1a2c09fbdfff6b942ebe3a160213aacd Mon Sep 17 00:00:00 2001 From: Hung-Te Lin <hungte(a)chromium.org> Date: Fri, 30 Aug 2019 10:23:58 +0800 Subject: firmware: google: check if size is valid when decoding VPD data The VPD implementation from Chromium Vital Product Data project used to parse data from untrusted input without checking if the meta data is invalid or corrupted. For example, the size from decoded content may be negative value, or larger than whole input buffer. Such invalid data may cause buffer overflow. To fix that, the size parameters passed to vpd_decode functions should be changed to unsigned integer (u32) type, and the parsing of entry header should be refactored so every size field is correctly verified before starting to decode. Fixes: ad2ac9d5c5e0 ("firmware: Google VPD: import lib_vpd source files") Signed-off-by: Hung-Te Lin <hungte(a)chromium.org> Cc: stable <stable(a)vger.kernel.org> Reviewed-by: Guenter Roeck <linux(a)roeck-us.net> Reviewed-by: Stephen Boyd <swboyd(a)chromium.org> Link: https://lore.kernel.org/r/20190830022402.214442-1-hungte@chromium.org Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/firmware/google/vpd.c | 4 +- drivers/firmware/google/vpd_decode.c | 55 ++++++++++++++++------------ drivers/firmware/google/vpd_decode.h | 6 +-- 3 files changed, 37 insertions(+), 28 deletions(-) diff --git a/drivers/firmware/google/vpd.c b/drivers/firmware/google/vpd.c index 0739f3b70347..db0812263d46 100644 --- a/drivers/firmware/google/vpd.c +++ b/drivers/firmware/google/vpd.c @@ -92,8 +92,8 @@ static int vpd_section_check_key_name(const u8 *key, s32 key_len) return VPD_OK; } -static int vpd_section_attrib_add(const u8 *key, s32 key_len, - const u8 *value, s32 value_len, +static int vpd_section_attrib_add(const u8 *key, u32 key_len, + const u8 *value, u32 value_len, void *arg) { int ret; diff --git a/drivers/firmware/google/vpd_decode.c b/drivers/firmware/google/vpd_decode.c index 92e3258552fc..dda525c0f968 100644 --- a/drivers/firmware/google/vpd_decode.c +++ b/drivers/firmware/google/vpd_decode.c @@ -9,8 +9,8 @@ #include "vpd_decode.h" -static int vpd_decode_len(const s32 max_len, const u8 *in, - s32 *length, s32 *decoded_len) +static int vpd_decode_len(const u32 max_len, const u8 *in, + u32 *length, u32 *decoded_len) { u8 more; int i = 0; @@ -30,18 +30,39 @@ static int vpd_decode_len(const s32 max_len, const u8 *in, } while (more); *decoded_len = i; + return VPD_OK; +} + +static int vpd_decode_entry(const u32 max_len, const u8 *input_buf, + u32 *_consumed, const u8 **entry, u32 *entry_len) +{ + u32 decoded_len; + u32 consumed = *_consumed; + + if (vpd_decode_len(max_len - consumed, &input_buf[consumed], + entry_len, &decoded_len) != VPD_OK) + return VPD_FAIL; + if (max_len - consumed < decoded_len) + return VPD_FAIL; + + consumed += decoded_len; + *entry = input_buf + consumed; + + /* entry_len is untrusted data and must be checked again. */ + if (max_len - consumed < *entry_len) + return VPD_FAIL; + consumed += decoded_len; + *_consumed = consumed; return VPD_OK; } -int vpd_decode_string(const s32 max_len, const u8 *input_buf, s32 *consumed, +int vpd_decode_string(const u32 max_len, const u8 *input_buf, u32 *consumed, vpd_decode_callback callback, void *callback_arg) { int type; - int res; - s32 key_len; - s32 value_len; - s32 decoded_len; + u32 key_len; + u32 value_len; const u8 *key; const u8 *value; @@ -56,26 +77,14 @@ int vpd_decode_string(const s32 max_len, const u8 *input_buf, s32 *consumed, case VPD_TYPE_STRING: (*consumed)++; - /* key */ - res = vpd_decode_len(max_len - *consumed, &input_buf[*consumed], - &key_len, &decoded_len); - if (res != VPD_OK || *consumed + decoded_len >= max_len) + if (vpd_decode_entry(max_len, input_buf, consumed, &key, + &key_len) != VPD_OK) return VPD_FAIL; - *consumed += decoded_len; - key = &input_buf[*consumed]; - *consumed += key_len; - - /* value */ - res = vpd_decode_len(max_len - *consumed, &input_buf[*consumed], - &value_len, &decoded_len); - if (res != VPD_OK || *consumed + decoded_len > max_len) + if (vpd_decode_entry(max_len, input_buf, consumed, &value, + &value_len) != VPD_OK) return VPD_FAIL; - *consumed += decoded_len; - value = &input_buf[*consumed]; - *consumed += value_len; - if (type == VPD_TYPE_STRING) return callback(key, key_len, value, value_len, callback_arg); diff --git a/drivers/firmware/google/vpd_decode.h b/drivers/firmware/google/vpd_decode.h index cf8c2ace155a..8dbe41cac599 100644 --- a/drivers/firmware/google/vpd_decode.h +++ b/drivers/firmware/google/vpd_decode.h @@ -25,8 +25,8 @@ enum { }; /* Callback for vpd_decode_string to invoke. */ -typedef int vpd_decode_callback(const u8 *key, s32 key_len, - const u8 *value, s32 value_len, +typedef int vpd_decode_callback(const u8 *key, u32 key_len, + const u8 *value, u32 value_len, void *arg); /* @@ -44,7 +44,7 @@ typedef int vpd_decode_callback(const u8 *key, s32 key_len, * If one entry is successfully decoded, sends it to callback and returns the * result. */ -int vpd_decode_string(const s32 max_len, const u8 *input_buf, s32 *consumed, +int vpd_decode_string(const u32 max_len, const u8 *input_buf, u32 *consumed, vpd_decode_callback callback, void *callback_arg); #endif /* __VPD_DECODE_H */ -- 2.23.0

5 years, 4 months

1
0
0 0

patch "firmware: google: check if size is valid when decoding VPD data" added to char-misc-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled firmware: google: check if size is valid when decoding VPD data to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the char-misc-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From d616b75cb793a0707345ccf4c6f239b6d16e1e5b Mon Sep 17 00:00:00 2001 From: Hung-Te Lin <hungte(a)chromium.org> Date: Fri, 30 Aug 2019 10:23:58 +0800 Subject: firmware: google: check if size is valid when decoding VPD data The VPD implementation from Chromium Vital Product Data project used to parse data from untrusted input without checking if the meta data is invalid or corrupted. For example, the size from decoded content may be negative value, or larger than whole input buffer. Such invalid data may cause buffer overflow. To fix that, the size parameters passed to vpd_decode functions should be changed to unsigned integer (u32) type, and the parsing of entry header should be refactored so every size field is correctly verified before starting to decode. Fixes: ad2ac9d5c5e0 ("firmware: Google VPD: import lib_vpd source files") Signed-off-by: Hung-Te Lin <hungte(a)chromium.org> Cc: stable <stable(a)vger.kernel.org> Reviewed-by: Guenter Roeck <linux(a)roeck-us.net> Reviewed-by: Stephen Boyd <swboyd(a)chromium.org> Link: https://lore.kernel.org/r/20190830022402.214442-1-hungte@chromium.org Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/firmware/google/vpd.c | 4 +- drivers/firmware/google/vpd_decode.c | 55 ++++++++++++++++------------ drivers/firmware/google/vpd_decode.h | 6 +-- 3 files changed, 37 insertions(+), 28 deletions(-) diff --git a/drivers/firmware/google/vpd.c b/drivers/firmware/google/vpd.c index 0739f3b70347..db0812263d46 100644 --- a/drivers/firmware/google/vpd.c +++ b/drivers/firmware/google/vpd.c @@ -92,8 +92,8 @@ static int vpd_section_check_key_name(const u8 *key, s32 key_len) return VPD_OK; } -static int vpd_section_attrib_add(const u8 *key, s32 key_len, - const u8 *value, s32 value_len, +static int vpd_section_attrib_add(const u8 *key, u32 key_len, + const u8 *value, u32 value_len, void *arg) { int ret; diff --git a/drivers/firmware/google/vpd_decode.c b/drivers/firmware/google/vpd_decode.c index 92e3258552fc..dda525c0f968 100644 --- a/drivers/firmware/google/vpd_decode.c +++ b/drivers/firmware/google/vpd_decode.c @@ -9,8 +9,8 @@ #include "vpd_decode.h" -static int vpd_decode_len(const s32 max_len, const u8 *in, - s32 *length, s32 *decoded_len) +static int vpd_decode_len(const u32 max_len, const u8 *in, + u32 *length, u32 *decoded_len) { u8 more; int i = 0; @@ -30,18 +30,39 @@ static int vpd_decode_len(const s32 max_len, const u8 *in, } while (more); *decoded_len = i; + return VPD_OK; +} + +static int vpd_decode_entry(const u32 max_len, const u8 *input_buf, + u32 *_consumed, const u8 **entry, u32 *entry_len) +{ + u32 decoded_len; + u32 consumed = *_consumed; + + if (vpd_decode_len(max_len - consumed, &input_buf[consumed], + entry_len, &decoded_len) != VPD_OK) + return VPD_FAIL; + if (max_len - consumed < decoded_len) + return VPD_FAIL; + + consumed += decoded_len; + *entry = input_buf + consumed; + + /* entry_len is untrusted data and must be checked again. */ + if (max_len - consumed < *entry_len) + return VPD_FAIL; + consumed += decoded_len; + *_consumed = consumed; return VPD_OK; } -int vpd_decode_string(const s32 max_len, const u8 *input_buf, s32 *consumed, +int vpd_decode_string(const u32 max_len, const u8 *input_buf, u32 *consumed, vpd_decode_callback callback, void *callback_arg) { int type; - int res; - s32 key_len; - s32 value_len; - s32 decoded_len; + u32 key_len; + u32 value_len; const u8 *key; const u8 *value; @@ -56,26 +77,14 @@ int vpd_decode_string(const s32 max_len, const u8 *input_buf, s32 *consumed, case VPD_TYPE_STRING: (*consumed)++; - /* key */ - res = vpd_decode_len(max_len - *consumed, &input_buf[*consumed], - &key_len, &decoded_len); - if (res != VPD_OK || *consumed + decoded_len >= max_len) + if (vpd_decode_entry(max_len, input_buf, consumed, &key, + &key_len) != VPD_OK) return VPD_FAIL; - *consumed += decoded_len; - key = &input_buf[*consumed]; - *consumed += key_len; - - /* value */ - res = vpd_decode_len(max_len - *consumed, &input_buf[*consumed], - &value_len, &decoded_len); - if (res != VPD_OK || *consumed + decoded_len > max_len) + if (vpd_decode_entry(max_len, input_buf, consumed, &value, + &value_len) != VPD_OK) return VPD_FAIL; - *consumed += decoded_len; - value = &input_buf[*consumed]; - *consumed += value_len; - if (type == VPD_TYPE_STRING) return callback(key, key_len, value, value_len, callback_arg); diff --git a/drivers/firmware/google/vpd_decode.h b/drivers/firmware/google/vpd_decode.h index cf8c2ace155a..8dbe41cac599 100644 --- a/drivers/firmware/google/vpd_decode.h +++ b/drivers/firmware/google/vpd_decode.h @@ -25,8 +25,8 @@ enum { }; /* Callback for vpd_decode_string to invoke. */ -typedef int vpd_decode_callback(const u8 *key, s32 key_len, - const u8 *value, s32 value_len, +typedef int vpd_decode_callback(const u8 *key, u32 key_len, + const u8 *value, u32 value_len, void *arg); /* @@ -44,7 +44,7 @@ typedef int vpd_decode_callback(const u8 *key, s32 key_len, * If one entry is successfully decoded, sends it to callback and returns the * result. */ -int vpd_decode_string(const s32 max_len, const u8 *input_buf, s32 *consumed, +int vpd_decode_string(const u32 max_len, const u8 *input_buf, u32 *consumed, vpd_decode_callback callback, void *callback_arg); #endif /* __VPD_DECODE_H */ -- 2.23.0

5 years, 4 months

1
0
0 0

patch "/dev/mem: Bail out upon SIGKILL." added to char-misc-testing

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled /dev/mem: Bail out upon SIGKILL. to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-testing branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will be merged to the char-misc-next branch sometime soon, after it passes testing, and the merge window is open. If you have any questions about this process, please let me know. >From e1b19733d5a9e0aed3f5594a51b21601b4618578 Mon Sep 17 00:00:00 2001 From: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> Date: Mon, 26 Aug 2019 22:13:25 +0900 Subject: /dev/mem: Bail out upon SIGKILL. syzbot found that a thread can stall for minutes inside read_mem() or write_mem() after that thread was killed by SIGKILL [1]. Reading from iomem areas of /dev/mem can be slow, depending on the hardware. While reading 2GB at one read() is legal, delaying termination of killed thread for minutes is bad. Thus, allow reading/writing /dev/mem and /dev/kmem to be preemptible and killable. [ 1335.912419][T20577] read_mem: sz=4096 count=2134565632 [ 1335.943194][T20577] read_mem: sz=4096 count=2134561536 [ 1335.978280][T20577] read_mem: sz=4096 count=2134557440 [ 1336.011147][T20577] read_mem: sz=4096 count=2134553344 [ 1336.041897][T20577] read_mem: sz=4096 count=2134549248 Theoretically, reading/writing /dev/mem and /dev/kmem can become "interruptible". But this patch chose "killable". Future patch will make them "interruptible" so that we can revert to "killable" if some program regressed. [1] https://syzkaller.appspot.com/bug?id=a0e3436829698d5824231251fad9d8e998f94f… Signed-off-by: Tetsuo Handa <penguin-kernel(a)I-love.SAKURA.ne.jp> Cc: stable <stable(a)vger.kernel.org> Reported-by: syzbot <syzbot+8ab2d0f39fb79fe6ca40(a)syzkaller.appspotmail.com> Link: https://lore.kernel.org/r/1566825205-10703-1-git-send-email-penguin-kernel@… Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/char/mem.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/drivers/char/mem.c b/drivers/char/mem.c index b08dc50f9f26..9eb564c002f6 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -97,6 +97,13 @@ void __weak unxlate_dev_mem_ptr(phys_addr_t phys, void *addr) } #endif +static inline bool should_stop_iteration(void) +{ + if (need_resched()) + cond_resched(); + return fatal_signal_pending(current); +} + /* * This funcion reads the *physical* memory. The f_pos points directly to the * memory location. @@ -175,6 +182,8 @@ static ssize_t read_mem(struct file *file, char __user *buf, p += sz; count -= sz; read += sz; + if (should_stop_iteration()) + break; } kfree(bounce); @@ -251,6 +260,8 @@ static ssize_t write_mem(struct file *file, const char __user *buf, p += sz; count -= sz; written += sz; + if (should_stop_iteration()) + break; } *ppos += written; @@ -468,6 +479,10 @@ static ssize_t read_kmem(struct file *file, char __user *buf, read += sz; low_count -= sz; count -= sz; + if (should_stop_iteration()) { + count = 0; + break; + } } } @@ -492,6 +507,8 @@ static ssize_t read_kmem(struct file *file, char __user *buf, buf += sz; read += sz; p += sz; + if (should_stop_iteration()) + break; } free_page((unsigned long)kbuf); } @@ -544,6 +561,8 @@ static ssize_t do_write_kmem(unsigned long p, const char __user *buf, p += sz; count -= sz; written += sz; + if (should_stop_iteration()) + break; } *ppos += written; @@ -595,6 +614,8 @@ static ssize_t write_kmem(struct file *file, const char __user *buf, buf += sz; virtr += sz; p += sz; + if (should_stop_iteration()) + break; } free_page((unsigned long)kbuf); } -- 2.23.0

5 years, 4 months

1
0
0 0

[PATCH] drm/i915: Restore relaxed padding (OCL_OOB_SUPPRES_ENABLE) for skl+

by Chris Wilson

This bit was fliped on for "syncing dependencies between camera and graphics". BSpec has no recollection why, and it is causing unrecoverable GPU hangs with Vulkan compute workloads. >From BSpec, setting bit5 to 0 enables relaxed padding requiremets for buffers, 1D and 2D non-array, non-MSAA, non-mip-mapped linear surfaces; and *must* be set to 0h on skl+ to ensure "Out of Bounds" case is suppressed. Reported-by: Jason Ekstrand <jason(a)jlekstrand.net> Suggested-by: Jason Ekstrand <jason(a)jlekstrand.net> Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=110998 Fixes: 8424171e135c ("drm/i915/gen9: h/w w/a: syncing dependencies between camera and graphics") Signed-off-by: Chris Wilson <chris(a)chris-wilson.co.uk> Tested-by: denys.kostin(a)globallogic.com Cc: Jason Ekstrand <jason(a)jlekstrand.net> Cc: Mika Kuoppala <mika.kuoppala(a)linux.intel.com> Cc: <stable(a)vger.kernel.org> # v4.1+ --- drivers/gpu/drm/i915/gt/intel_workarounds.c | 5 ----- 1 file changed, 5 deletions(-) diff --git a/drivers/gpu/drm/i915/gt/intel_workarounds.c b/drivers/gpu/drm/i915/gt/intel_workarounds.c index 8639fcccdb42..243d3f77be13 100644 --- a/drivers/gpu/drm/i915/gt/intel_workarounds.c +++ b/drivers/gpu/drm/i915/gt/intel_workarounds.c @@ -297,11 +297,6 @@ static void gen9_ctx_workarounds_init(struct intel_engine_cs *engine, FLOW_CONTROL_ENABLE | PARTIAL_INSTRUCTION_SHOOTDOWN_DISABLE); - /* Syncing dependencies between camera and graphics:skl,bxt,kbl */ - if (!IS_COFFEELAKE(i915)) - WA_SET_BIT_MASKED(HALF_SLICE_CHICKEN3, - GEN9_DISABLE_OCL_OOB_SUPPRESS_LOGIC); - /* WaEnableYV12BugFixInHalfSliceChicken7:skl,bxt,kbl,glk,cfl */ /* WaEnableSamplerGPGPUPreemptionSupport:skl,bxt,kbl,cfl */ WA_SET_BIT_MASKED(GEN9_HALF_SLICE_CHICKEN7, -- 2.23.0

5 years, 4 months

2
1
0 0

✅ PASS: Stable queue: queue-5.2

by CKI Project

Hello, We ran automated tests on a patchset that was proposed for merging into this kernel tree. The patches were applied to: Kernel repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git Commit: c3915fe1bf12 - Linux 5.2.11 The results of these automated tests are provided below. Overall result: PASSED Merge: OK Compile: OK Tests: OK All kernel binaries, config files, and logs are available for download here: https://artifacts.cki-project.org/pipelines/142860 Please reply to this email if you have any questions about the tests that we ran or if you have any suggestions on how to make future tests more effective. ,-. ,-. ( C ) ( K ) Continuous `-',-.`-' Kernel ( I ) Integration `-' ______________________________________________________________________________ Merge testing ------------- We cloned this repository and checked out the following commit: Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git Commit: c3915fe1bf12 - Linux 5.2.11 We grabbed the 110eaebd5e54 commit of the stable queue repository. We then merged the patchset with `git am`: dmaengine-ste_dma40-fix-unneeded-variable-warning.patch nvme-multipath-revalidate-nvme_ns_head-gendisk-in-nv.patch afs-fix-the-cb.probeuuid-service-handler-to-reply-co.patch afs-fix-loop-index-mixup-in-afs_deliver_vl_get_entry.patch fs-afs-fix-a-possible-null-pointer-dereference-in-af.patch afs-fix-off-by-one-in-afs_rename-expected-data-versi.patch afs-only-update-d_fsdata-if-different-in-afs_d_reval.patch afs-fix-missing-dentry-data-version-updating.patch nvmet-fix-use-after-free-bug-when-a-port-is-removed.patch nvmet-loop-flush-nvme_delete_wq-when-removing-the-po.patch nvmet-file-fix-nvmet_file_flush-always-returning-an-.patch nvme-core-fix-extra-device_put-call-on-error-path.patch nvme-fix-a-possible-deadlock-when-passthru-commands-.patch nvme-rdma-fix-possible-use-after-free-in-connect-err.patch nvme-fix-controller-removal-race-with-scan-work.patch nvme-pci-fix-async-probe-remove-race.patch soundwire-cadence_master-fix-register-definition-for.patch soundwire-cadence_master-fix-definitions-for-intstat.patch auxdisplay-panel-need-to-delete-scan_timer-when-misc.patch btrfs-trim-check-the-range-passed-into-to-prevent-ov.patch ib-mlx5-fix-implicit-mr-release-flow.patch dmaengine-stm32-mdma-fix-a-possible-null-pointer-der.patch omap-dma-omap_vout_vrfb-fix-off-by-one-fi-value.patch iommu-dma-handle-sg-length-overflow-better.patch dma-direct-don-t-truncate-dma_required_mask-to-bus-a.patch usb-gadget-composite-clear-suspended-on-reset-discon.patch usb-gadget-mass_storage-fix-races-between-fsg_disabl.patch habanalabs-fix-dram-usage-accounting-on-context-tear.patch habanalabs-fix-endianness-handling-for-packets-from-.patch habanalabs-fix-completion-queue-handling-when-host-i.patch habanalabs-fix-endianness-handling-for-internal-qman.patch habanalabs-fix-device-irq-unmasking-for-be-host.patch xen-blkback-fix-memory-leaks.patch arm64-cpufeature-don-t-treat-granule-sizes-as-strict.patch riscv-fix-flush_tlb_range-end-address-for-flush_tlb_.patch i2c-rcar-avoid-race-when-unregistering-slave-client.patch i2c-emev2-avoid-race-when-unregistering-slave-client.patch drm-scheduler-use-job-count-instead-of-peek.patch drm-ast-fixed-reboot-test-may-cause-system-hanged.patch usb-host-fotg2-restart-hcd-after-port-reset.patch tools-hv-fixed-python-pep8-flake8-warnings-for-lsvmb.patch tools-hv-fix-kvp-and-vss-daemons-exit-code.patch locking-rwsem-add-missing-acquire-to-read_slowpath-e.patch lcoking-rwsem-add-missing-acquire-to-read_slowpath-s.patch watchdog-bcm2835_wdt-fix-module-autoload.patch selftests-bpf-install-files-test_xdp_vlan.sh.patch drm-bridge-tfp410-fix-memleak-in-get_modes.patch mt76-usb-fix-rx-a-msdu-support.patch ipv6-addrconf-allow-adding-multicast-addr-if-ifa_f_mcautojoin-is-set.patch ipv6-fix-return-value-of-ipv6_mc_may_pull-for-malformed-packets.patch net-cpsw-fix-null-pointer-exception-in-the-probe-error-path.patch net-fix-__ip_mc_inc_group-usage.patch net-smc-make-sure-epollout-is-raised.patch tcp-make-sure-epollout-wont-be-missed.patch ipv4-mpls-fix-mpls_xmit-for-iptunnel.patch openvswitch-fix-conntrack-cache-with-timeout.patch ipv4-icmp-fix-rt-dst-dev-null-pointer-dereference.patch xfrm-xfrm_policy-fix-dst-dev-null-pointer-dereference-in-collect_md-mode.patch mm-zsmalloc.c-fix-build-when-config_compaction-n.patch alsa-usb-audio-check-mixer-unit-bitmap-yet-more-strictly.patch alsa-hda-ca0132-add-new-sbz-quirk.patch alsa-line6-fix-memory-leak-at-line6_init_pcm-error-path.patch alsa-hda-fixes-inverted-conexant-gpio-mic-mute-led.patch alsa-seq-fix-potential-concurrent-access-to-the-deleted-pool.patch alsa-usb-audio-fix-invalid-null-check-in-snd_emuusb_set_samplerate.patch alsa-usb-audio-add-implicit-fb-quirk-for-behringer-ufx1604.patch kvm-x86-skip-populating-logical-dest-map-if-apic-is-not-sw-enabled.patch kvm-x86-hyper-v-don-t-crash-on-kvm_get_supported_hv_cpuid-when-kvm_intel.nested-is-disabled.patch kvm-x86-don-t-update-rip-or-do-single-step-on-faulting-emulation.patch uprobes-x86-fix-detection-of-32-bit-user-mode.patch x86-mm-cpa-prevent-large-page-split-when-ftrace-flips-rw-on-kernel-text.patch x86-apic-do-not-initialize-ldr-and-dfr-for-bigsmp.patch x86-apic-include-the-ldr-when-clearing-out-apic-registers.patch hid-logitech-hidpp-remove-support-for-the-g700-over-.patch ftrace-fix-null-pointer-dereference-in-t_probe_next.patch ftrace-check-for-successful-allocation-of-hash.patch ftrace-check-for-empty-hash-and-comment-the-race-with-registering-probes.patch usbtmc-more-sanity-checking-for-packet-size.patch usb-storage-add-new-jms567-revision-to-unusual_devs.patch usb-cdc-wdm-fix-race-between-write-and-disconnect-due-to-flag-abuse.patch usb-hcd-use-managed-device-resources.patch usb-chipidea-udc-don-t-do-hardware-access-if-gadget-has-stopped.patch usb-host-ohci-fix-a-race-condition-between-shutdown-and-irq.patch usb-host-xhci-rcar-fix-typo-in-compatible-string-matching.patch usb-storage-ums-realtek-update-module-parameter-description-for-auto_delink_en.patch usb-storage-ums-realtek-whitelist-auto-delink-support.patch tools-power-turbostat-fix-caller-parameter-of-get_tdp_amd.patch kvm-ppc-book3s-fix-incorrect-guest-to-user-translation-error-handling.patch kvm-arm-arm64-vgic-fix-potential-deadlock-when-ap_list-is-long.patch kvm-arm-arm64-vgic-v2-handle-sgi-bits-in-gicd_i-s-c-pendr0-as-wi.patch mei-me-add-tiger-lake-point-lp-device-id.patch revert-mmc-sdhci-tegra-drop-get_ro-implementation.patch mmc-sdhci-of-at91-add-quirk-for-broken-hs200.patch mmc-sdhci-cadence-enable-v4_mode-to-fix-adma-64-bit-addressing.patch mmc-core-fix-init-of-sd-cards-reporting-an-invalid-vdd-range.patch mmc-sdhci-sprd-fixed-incorrect-clock-divider.patch mmc-sdhci-sprd-add-sdhci_quirk2_preset_value_broken.patch stm-class-fix-a-double-free-of-stm_source_device.patch intel_th-pci-add-support-for-another-lewisburg-pch.patch intel_th-pci-add-tiger-lake-support.patch typec-tcpm-fix-a-typo-in-the-comparison-of-pdo_max_voltage.patch fsi-scom-don-t-abort-operations-for-minor-errors.patch lkdtm-bugs-fix-build-error-in-lkdtm_exhaust_stack.patch nfsv4-pnfs-fix-a-page-lock-leak-in-nfs_pageio_resend.patch nfs-ensure-o_direct-reports-an-error-if-the-bytes-read-written-is-0.patch revert-nfsv4-flexfiles-abort-i-o-early-if-the-layout-segment-was-invalidated.patch lib-logic_pio-fix-rcu-usage.patch lib-logic_pio-avoid-possible-overlap-for-unregistering-regions.patch lib-logic_pio-add-logic_pio_unregister_range.patch drm-amdgpu-add-aptx-quirk-for-dell-latitude-5495.patch drm-amdgpu-fix-gfxoff-on-picasso-and-raven2.patch drm-i915-don-t-deballoon-unused-ggtt-drm_mm_node-in-linux-guest.patch drm-i915-call-dma_set_max_seg_size-in-i915_driver_hw_probe.patch i2c-piix4-fix-port-selection-for-amd-family-16h-model-30h.patch bus-hisi_lpc-unregister-logical-pio-range-to-avoid-potential-use-after-free.patch bus-hisi_lpc-add-.remove-method-to-avoid-driver-unbind-crash.patch vmci-release-resource-if-the-work-is-already-queued.patch crypto-ccp-ignore-unconfigured-ccp-device-on-suspend-resume.patch sunrpc-don-t-handle-errors-if-the-bind-connect-succeeded.patch mt76-mt76x0u-do-not-reset-radio-on-resume.patch mms-sdhci-sprd-add-sdhci_quirk_broken_card_detection.patch mm-memcg-partially-revert-mm-memcontrol.c-keep-local-vm-counters-in-sync-with-the-hierarchical-ones.patch mm-memcontrol-fix-percpu-vmstats-and-vmevents-flush.patch revert-cfg80211-fix-processing-world-regdomain-when-non-modular.patch mac80211-fix-possible-sta-leak.patch cfg80211-fix-extended-key-id-key-install-checks.patch mac80211-don-t-memset-rxcb-prior-to-pae-intercept.patch mac80211-correctly-set-noencrypt-for-pae-frames.patch mmc-sdhci-sprd-clear-the-uhs-i-modes-read-from-regis.patch mmc-sdhci-sprd-implement-the-get_max_timeout_count-i.patch mmc-sdhci-sprd-add-get_ro-hook-function.patch iwlwifi-add-new-cards-for-22000-and-fix-struct-name.patch iwlwifi-add-new-cards-for-22000-and-change-wrong-str.patch iwlwifi-add-new-cards-for-9000-and-20000-series.patch iwlwifi-change-0x02f0-fw-from-qu-to-quz.patch iwlwifi-pcie-add-support-for-qu-c-step-devices.patch iwlwifi-pcie-don-t-switch-fw-to-qnj-when-ax201-is-de.patch iwlwifi-pcie-handle-switching-killer-qu-b0-nics-to-c.patch drm-i915-do-not-create-a-new-max_bpc-prop-for-mst-co.patch drm-i915-dp-fix-dsc-enable-code-to-use-cpu_transcode.patch Compile testing --------------- We compiled the kernel for 3 architectures: aarch64: make options: -j30 INSTALL_MOD_STRIP=1 targz-pkg ppc64le: make options: -j30 INSTALL_MOD_STRIP=1 targz-pkg x86_64: make options: -j30 INSTALL_MOD_STRIP=1 targz-pkg Hardware testing ---------------- We booted each kernel and ran the following tests: aarch64: Host 1: ✅ Boot test [0] ✅ Podman system integration test (as root) [1] ✅ Podman system integration test (as user) [1] ✅ Loopdev Sanity [2] ✅ jvm test suite [3] ✅ AMTU (Abstract Machine Test Utility) [4] ✅ LTP: openposix test suite [5] ✅ Ethernet drivers sanity [6] ✅ Networking socket: fuzz [7] ✅ Networking: igmp conformance test [8] ✅ audit: audit testsuite test [9] ✅ httpd: mod_ssl smoke sanity [10] ✅ iotop: sanity [11] ✅ tuned: tune-processes-through-perf [12] ✅ Usex - version 1.9-29 [13] ✅ stress: stress-ng [14] 🚧 ✅ LTP lite [15] 🚧 ✅ Memory function: kaslr [16] 🚧 ✅ Networking ipsec: basic netns transport [17] 🚧 ✅ Networking ipsec: basic netns tunnel [17] 🚧 ✅ trace: ftrace/tracer [18] Host 2: ✅ Boot test [0] ✅ selinux-policy: serge-testsuite [19] 🚧 ✅ Storage blktests [20] ppc64le: Host 1: ✅ Boot test [0] ✅ Podman system integration test (as root) [1] ✅ Podman system integration test (as user) [1] ✅ Loopdev Sanity [2] ✅ jvm test suite [3] ✅ AMTU (Abstract Machine Test Utility) [4] ✅ LTP: openposix test suite [5] ✅ Ethernet drivers sanity [6] ✅ Networking socket: fuzz [7] ✅ audit: audit testsuite test [9] ✅ httpd: mod_ssl smoke sanity [10] ✅ iotop: sanity [11] ✅ tuned: tune-processes-through-perf [12] ✅ Usex - version 1.9-29 [13] 🚧 ✅ LTP lite [15] 🚧 ✅ Memory function: kaslr [16] 🚧 ✅ Networking ipsec: basic netns tunnel [17] 🚧 ✅ trace: ftrace/tracer [18] Host 2: ✅ Boot test [0] ✅ selinux-policy: serge-testsuite [19] 🚧 ✅ Storage blktests [20] x86_64: Host 1: ✅ Boot test [0] ✅ selinux-policy: serge-testsuite [19] 🚧 ✅ Storage blktests [20] 🚧 ✅ IOMMU boot test [21] Host 2: ⚡ Internal infrastructure issues prevented one or more tests (marked with ⚡⚡⚡) from running on this architecture. This is not the fault of the kernel that was tested. ✅ Boot test [0] ✅ Podman system integration test (as root) [1] ✅ Podman system integration test (as user) [1] ✅ Loopdev Sanity [2] ✅ jvm test suite [3] ✅ AMTU (Abstract Machine Test Utility) [4] ✅ LTP: openposix test suite [5] ✅ Ethernet drivers sanity [6] ✅ Networking socket: fuzz [7] ✅ Networking: igmp conformance test [8] ✅ audit: audit testsuite test [9] ✅ httpd: mod_ssl smoke sanity [10] ✅ iotop: sanity [11] ✅ tuned: tune-processes-through-perf [12] ✅ pciutils: sanity smoke test [22] ✅ Usex - version 1.9-29 [13] ✅ stress: stress-ng [14] 🚧 ⚡⚡⚡ LTP lite [15] 🚧 ✅ Memory function: kaslr [16] 🚧 ✅ Networking ipsec: basic netns transport [17] 🚧 ✅ Networking ipsec: basic netns tunnel [17] 🚧 ✅ trace: ftrace/tracer [18] Test source: 💚 Pull requests are welcome for new tests or improvements to existing tests! [0]: https://github.com/CKI-project/tests-beaker/archive/master.zip#distribution… [1]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/container/p… [2]: https://github.com/CKI-project/tests-beaker/archive/master.zip#filesystems/… [3]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/jvm [4]: https://github.com/CKI-project/tests-beaker/archive/master.zip#misc/amtu [5]: https://github.com/CKI-project/tests-beaker/archive/master.zip#distribution… [6]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [7]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [8]: https://github.com/CKI-project/tests-beaker/archive/master.zip#networking/i… [9]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/aud… [10]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/htt… [11]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/iot… [12]: https://github.com/CKI-project/tests-beaker/archive/master.zip#packages/tun… [13]: https://github.com/CKI-project/tests-beaker/archive/master.zip#standards/us… [14]: https://github.com/CKI-project/tests-beaker/archive/master.zip#stress/stres… [15]: https://github.com/CKI-project/tests-beaker/archive/master.zip#distribution… [16]: https://github.com/CKI-project/tests-beaker/archive/master.zip#memory/funct… [17]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/networking/… [18]: https://github.com/CKI-project/tests-beaker/archive/master.zip#trace/ftrace… [19]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/packages/se… [20]: https://github.com/CKI-project/tests-beaker/archive/master.zip#storage/blk [21]: https://github.com/CKI-project/tests-beaker/archive/master.zip#/iommu/boot [22]: https://github.com/CKI-project/tests-beaker/archive/master.zip#pciutils/san… Waived tests ------------ If the test run included waived tests, they are marked with 🚧. Such tests are executed but their results are not taken into account. Tests are waived when their results are not reliable enough, e.g. when they're just introduced or are being fixed.

5 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] iwlwifi: pcie: handle switching killer Qu B0 NICs to C0" failed to apply to 5.2-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 5.2-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From b9500577d361522a3d9f14da8cf41dc1d824904e Mon Sep 17 00:00:00 2001 From: Luca Coelho <luciano.coelho(a)intel.com> Date: Wed, 21 Aug 2019 20:17:32 +0300 Subject: [PATCH] iwlwifi: pcie: handle switching killer Qu B0 NICs to C0 We need to use a different firmware for C0 versions of killer Qu NICs. Add structures for them and handle them in the if block that detects C0 revisions. Additionally, instead of having an inclusive check for QnJ devices, make the selection exclusive, so that switching to QnJ is the exception, not the default. This prevents us from having to add all the non-QnJ cards to an exclusion list. To do so, only go into the QnJ block if the device has an RF ID type HR and HW revision QnJ. Cc: stable(a)vger.kernel.org # 5.2 Signed-off-by: Luca Coelho <luciano.coelho(a)intel.com> Link: https://lore.kernel.org/r/20190821171732.2266-1-luca@coelho.fi Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> diff --git a/drivers/net/wireless/intel/iwlwifi/cfg/22000.c b/drivers/net/wireless/intel/iwlwifi/cfg/22000.c index 1f500cddb3a7..55b713255b8e 100644 --- a/drivers/net/wireless/intel/iwlwifi/cfg/22000.c +++ b/drivers/net/wireless/intel/iwlwifi/cfg/22000.c @@ -556,6 +556,30 @@ const struct iwl_cfg killer1650i_2ax_cfg_qu_b0_hr_b0 = { .max_tx_agg_size = IEEE80211_MAX_AMPDU_BUF_HT, }; +const struct iwl_cfg killer1650s_2ax_cfg_qu_c0_hr_b0 = { + .name = "Killer(R) Wi-Fi 6 AX1650i 160MHz Wireless Network Adapter (201NGW)", + .fw_name_pre = IWL_QU_C_HR_B_FW_PRE, + IWL_DEVICE_22500, + /* + * This device doesn't support receiving BlockAck with a large bitmap + * so we need to restrict the size of transmitted aggregation to the + * HT size; mac80211 would otherwise pick the HE max (256) by default. + */ + .max_tx_agg_size = IEEE80211_MAX_AMPDU_BUF_HT, +}; + +const struct iwl_cfg killer1650i_2ax_cfg_qu_c0_hr_b0 = { + .name = "Killer(R) Wi-Fi 6 AX1650s 160MHz Wireless Network Adapter (201D2W)", + .fw_name_pre = IWL_QU_C_HR_B_FW_PRE, + IWL_DEVICE_22500, + /* + * This device doesn't support receiving BlockAck with a large bitmap + * so we need to restrict the size of transmitted aggregation to the + * HT size; mac80211 would otherwise pick the HE max (256) by default. + */ + .max_tx_agg_size = IEEE80211_MAX_AMPDU_BUF_HT, +}; + const struct iwl_cfg iwl22000_2ax_cfg_jf = { .name = "Intel(R) Dual Band Wireless AX 22000", .fw_name_pre = IWL_QU_B_JF_B_FW_PRE, diff --git a/drivers/net/wireless/intel/iwlwifi/iwl-config.h b/drivers/net/wireless/intel/iwlwifi/iwl-config.h index 1c1bf1b281cd..6c04f8223aff 100644 --- a/drivers/net/wireless/intel/iwlwifi/iwl-config.h +++ b/drivers/net/wireless/intel/iwlwifi/iwl-config.h @@ -577,6 +577,8 @@ extern const struct iwl_cfg iwl_ax1650i_cfg_quz_hr; extern const struct iwl_cfg iwl_ax1650s_cfg_quz_hr; extern const struct iwl_cfg killer1650s_2ax_cfg_qu_b0_hr_b0; extern const struct iwl_cfg killer1650i_2ax_cfg_qu_b0_hr_b0; +extern const struct iwl_cfg killer1650s_2ax_cfg_qu_c0_hr_b0; +extern const struct iwl_cfg killer1650i_2ax_cfg_qu_c0_hr_b0; extern const struct iwl_cfg killer1650x_2ax_cfg; extern const struct iwl_cfg killer1650w_2ax_cfg; extern const struct iwl_cfg iwl9461_2ac_cfg_qu_b0_jf_b0; diff --git a/drivers/net/wireless/intel/iwlwifi/pcie/drv.c b/drivers/net/wireless/intel/iwlwifi/pcie/drv.c index 7c5aaeaf7fe5..d9ed53b7c768 100644 --- a/drivers/net/wireless/intel/iwlwifi/pcie/drv.c +++ b/drivers/net/wireless/intel/iwlwifi/pcie/drv.c @@ -1062,6 +1062,10 @@ static int iwl_pci_probe(struct pci_dev *pdev, const struct pci_device_id *ent) iwl_trans->cfg = &iwl9560_2ac_cfg_qu_c0_jf_b0; else if (iwl_trans->cfg == &iwl9560_2ac_160_cfg_qu_b0_jf_b0) iwl_trans->cfg = &iwl9560_2ac_160_cfg_qu_c0_jf_b0; + else if (iwl_trans->cfg == &killer1650s_2ax_cfg_qu_b0_hr_b0) + iwl_trans->cfg = &killer1650s_2ax_cfg_qu_c0_hr_b0; + else if (iwl_trans->cfg == &killer1650i_2ax_cfg_qu_b0_hr_b0) + iwl_trans->cfg = &killer1650i_2ax_cfg_qu_c0_hr_b0; } /* same thing for QuZ... */ diff --git a/drivers/net/wireless/intel/iwlwifi/pcie/trans.c b/drivers/net/wireless/intel/iwlwifi/pcie/trans.c index 935e35dafce5..db62c8314603 100644 --- a/drivers/net/wireless/intel/iwlwifi/pcie/trans.c +++ b/drivers/net/wireless/intel/iwlwifi/pcie/trans.c @@ -3602,12 +3602,7 @@ struct iwl_trans *iwl_trans_pcie_alloc(struct pci_dev *pdev, } } else if (CSR_HW_RF_ID_TYPE_CHIP_ID(trans->hw_rf_id) == CSR_HW_RF_ID_TYPE_CHIP_ID(CSR_HW_RF_ID_TYPE_HR) && - ((trans->cfg != &iwl_ax200_cfg_cc && - trans->cfg != &iwl_ax201_cfg_qu_hr && - trans->cfg != &killer1650x_2ax_cfg && - trans->cfg != &killer1650w_2ax_cfg && - trans->cfg != &iwl_ax201_cfg_quz_hr) || - trans->hw_rev == CSR_HW_REV_TYPE_QNJ_B0)) { + trans->hw_rev == CSR_HW_REV_TYPE_QNJ_B0) { u32 hw_status; hw_status = iwl_read_prph(trans, UMAG_GEN_HW_STATUS);

5 years, 4 months

3
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror September 2019