April 2021 - Linux-stable-mirror

Re: Needed in 5.4.y: [PATCH 5.10 055/126] ACPI: tables: x86: Reserve memory occupied by ACPI tables

by George Kennedy

Hello Greg, We need the following 2 upstream commits applied to 5.4.y to fix an iBFT boot failure: 2021-03-29 rafael.j.wysocki(a)intel.com - 1a1c130a 2021-03-23 Rafael J. Wysocki ACPI: tables: x86: Reserve memory occupied by ACPI tables 2021-04-13 rafael.j.wysocki(a)intel.com - 6998a88 2021-04-13 Rafael J. Wysocki ACPI: x86: Call acpi_boot_table_init() after acpi_table_upgrade() Currently, only the first commit (1a1c130a) is destined for 5.10 & 5.11. The 2nd commit (6998a88) is needed as well and both commits are needed in 5.4.y. Thank you, George

3 years, 8 months

1
0
0 0

[PATCH 5.13] io_uring: Check current->io_uring in io_uring_cancel_sqpoll

by Palash Oswal

syzkaller identified KASAN: null-ptr-deref Write in io_uring_cancel_sqpoll on v5.12 io_uring_cancel_sqpoll is called by io_sq_thread before calling io_uring_alloc_task_context. This leads to current->io_uring being NULL. io_uring_cancel_sqpoll should not have to deal with threads where current->io_uring is NULL. In order to cast a wider safety net, perform input sanitisation directly in io_uring_cancel_sqpoll and return for NULL value of current->io_uring. Reported-by: syzbot+be51ca5a4d97f017cd50(a)syzkaller.appspotmail.com Cc: stable(a)vger.kernel.org Signed-off-by: Palash Oswal <hello(a)oswalpalash.com> --- fs/io_uring.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/io_uring.c b/fs/io_uring.c index dff34975d86b..eccad51b7954 100644 --- a/fs/io_uring.c +++ b/fs/io_uring.c @@ -8998,6 +8998,8 @@ static void io_uring_cancel_sqpoll(struct io_ring_ctx *ctx) s64 inflight; DEFINE_WAIT(wait); + if (!current->io_uring) + return; WARN_ON_ONCE(!sqd || ctx->sq_data->thread != current); atomic_inc(&tctx->in_idle); -- 2.27.0

3 years, 8 months

3
5
0 0

[PATCH 181/190] Revert "dm ioctl: harden copy_params()'s copy_from_user() from malicious users"

by Greg Kroah-Hartman

This reverts commit 800a7340ab7dd667edf95e74d8e4f23a17e87076. Commits from @umn.edu addresses have been found to be submitted in "bad faith" to try to test the kernel community's ability to review "known malicious" changes. The result of these submissions can be found in a paper published at the 42nd IEEE Symposium on Security and Privacy entitled, "Open Source Insecurity: Stealthily Introducing Vulnerabilities via Hypocrite Commits" written by Qiushi Wu (University of Minnesota) and Kangjie Lu (University of Minnesota). Because of this, all submissions from this group must be reverted from the kernel tree and will need to be re-reviewed again to determine if they actually are a valid fix. Until that work is complete, remove this change to ensure that no problems are being introduced into the codebase. Cc: stable(a)vger.kernel.org Cc: Wenwen Wang <wang6495(a)umn.edu> Cc: Mike Snitzer <snitzer(a)redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/md/dm-ioctl.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c index 1ca65b434f1f..820342de92cd 100644 --- a/drivers/md/dm-ioctl.c +++ b/drivers/md/dm-ioctl.c @@ -1747,7 +1747,8 @@ static void free_params(struct dm_ioctl *param, size_t param_size, int param_fla } static int copy_params(struct dm_ioctl __user *user, struct dm_ioctl *param_kernel, - int ioctl_flags, struct dm_ioctl **param, int *param_flags) + int ioctl_flags, + struct dm_ioctl **param, int *param_flags) { struct dm_ioctl *dmi; int secure_data; @@ -1788,13 +1789,18 @@ static int copy_params(struct dm_ioctl __user *user, struct dm_ioctl *param_kern *param_flags |= DM_PARAMS_MALLOC; - /* Copy from param_kernel (which was already copied from user) */ - memcpy(dmi, param_kernel, minimum_data_size); - - if (copy_from_user(&dmi->data, (char __user *)user + minimum_data_size, - param_kernel->data_size - minimum_data_size)) + if (copy_from_user(dmi, user, param_kernel->data_size)) goto bad; + data_copied: + /* + * Abort if something changed the ioctl data while it was being copied. + */ + if (dmi->data_size != param_kernel->data_size) { + DMERR("rejecting ioctl: data size modified while processing parameters"); + goto bad; + } + /* Wipe the user buffer so we do not return it to userspace */ if (secure_data && clear_user(user, param_kernel->data_size)) goto bad; -- 2.31.1

3 years, 8 months

1
1
0 0

[PATCH 2/8] drm/arm/malidp: Always list modifiers

by Daniel Vetter

Even when all we support is linear, make that explicit. Otherwise the uapi is rather confusing. Cc: stable(a)vger.kernel.org Cc: Pekka Paalanen <pekka.paalanen(a)collabora.com> Cc: Liviu Dudau <liviu.dudau(a)arm.com> Cc: Brian Starkey <brian.starkey(a)arm.com> Signed-off-by: Daniel Vetter <daniel.vetter(a)intel.com> --- drivers/gpu/drm/arm/malidp_planes.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/arm/malidp_planes.c b/drivers/gpu/drm/arm/malidp_planes.c index ddbba67f0283..8c2ab3d653b7 100644 --- a/drivers/gpu/drm/arm/malidp_planes.c +++ b/drivers/gpu/drm/arm/malidp_planes.c @@ -927,6 +927,11 @@ static const struct drm_plane_helper_funcs malidp_de_plane_helper_funcs = { .atomic_disable = malidp_de_plane_disable, }; +static const uint64_t linear_only_modifiers[] = { + DRM_FORMAT_MOD_LINEAR, + DRM_FORMAT_MOD_INVALID +}; + int malidp_de_planes_init(struct drm_device *drm) { struct malidp_drm *malidp = drm->dev_private; @@ -990,8 +995,8 @@ int malidp_de_planes_init(struct drm_device *drm) */ ret = drm_universal_plane_init(drm, &plane->base, crtcs, &malidp_de_plane_funcs, formats, n, - (id == DE_SMART) ? NULL : modifiers, plane_type, - NULL); + (id == DE_SMART) ? linear_only_modifiers : modifiers, + plane_type, NULL); if (ret < 0) goto cleanup; -- 2.31.0

3 years, 8 months

2
1
0 0

[PATCH 5.10 00/36] 5.10.33-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 5.10.33 release. There are 36 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed, 28 Apr 2021 07:28:08 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.10.33-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.10.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 5.10.33-rc1 Mike Galbraith <efault(a)gmx.de> x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access John Paul Adrian Glaubitz <glaubitz(a)physik.fu-berlin.de> ia64: tools: remove duplicate definition of ia64_mf() on ia64 Randy Dunlap <rdunlap(a)infradead.org> ia64: fix discontig.c section mismatches Randy Dunlap <rdunlap(a)infradead.org> csky: change a Kconfig symbol name to fix e1000 build error Arnd Bergmann <arnd(a)arndb.de> kasan: fix hwasan build for gcc Wan Jiabing <wanjiabing(a)vivo.com> cavium/liquidio: Fix duplicate argument Michael Brown <mbrown(a)fensystems.co.uk> xen-netback: Check for hotplug-status existence before watching Jisheng Zhang <Jisheng.Zhang(a)synaptics.com> arm64: kprobes: Restore local irqflag if kprobes is cancelled Vasily Gorbik <gor(a)linux.ibm.com> s390/entry: save the caller of psw_idle Dinghao Liu <dinghao.liu(a)zju.edu.cn> dmaengine: tegra20: Fix runtime PM imbalance on error Phillip Potter <phil(a)philpotter.co.uk> net: geneve: check skb is large enough for IPv4/IPv6 header Tony Lindgren <tony(a)atomide.com> ARM: dts: Fix swapped mmc order for omap3 Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> dmaengine: xilinx: dpdma: Fix race condition in done IRQ Laurent Pinchart <laurent.pinchart(a)ideasonboard.com> dmaengine: xilinx: dpdma: Fix descriptor issuing on video group Shawn Guo <shawn.guo(a)linaro.org> soc: qcom: geni: shield geni_icc_get() for ACPI boot Jiapeng Zhong <abaci-bugfix(a)linux.alibaba.com> HID: wacom: Assign boolean values to a bool variable Douglas Gilbert <dgilbert(a)interlog.com> HID cp2112: fix support for multiple gpiochips Jia-Ju Bai <baijiaju1990(a)gmail.com> HID: alps: fix error return code in alps_input_configured() Shou-Chieh Hsu <shouchieh(a)chromium.org> HID: google: add don USB id Zhen Lei <thunder.leizhen(a)huawei.com> perf map: Fix error return code in maps__clone() Leo Yan <leo.yan(a)linaro.org> perf auxtrace: Fix potential NULL pointer dereference Jim Mattson <jmattson(a)google.com> perf/x86/kvm: Fix Broadwell Xeon stepping in isolation_ucodes[] Kan Liang <kan.liang(a)linux.intel.com> perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 Ali Saidi <alisaidi(a)amazon.com> locking/qrwlock: Fix ordering in queued_write_lock_slowpath() Daniel Borkmann <daniel(a)iogearbox.net> bpf: Tighten speculative pointer arithmetic mask Daniel Borkmann <daniel(a)iogearbox.net> bpf: Refactor and streamline bounds check into helper Andrei Matei <andreimatei1(a)gmail.com> bpf: Allow variable-offset stack access Yonghong Song <yhs(a)fb.com> bpf: Permits pointers on stack for helper calls Andre Przywara <andre.przywara(a)arm.com> arm64: dts: allwinner: Revert SD card CD GPIO for Pine64-LTS Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> pinctrl: core: Show pin numbers for the controllers with base = 0 Christoph Hellwig <hch(a)lst.de> block: return -EBUSY when there are open partitions in blkdev_reread_part Yuanyuan Zhong <yzhong(a)purestorage.com> pinctrl: lewisburg: Update number of pins in community Eli Cohen <elic(a)nvidia.com> vdpa/mlx5: Set err = -ENOMEM in case dma_map_sg_attrs fails James Bottomley <James.Bottomley(a)HansenPartnership.com> KEYS: trusted: Fix TPM reservation for seal/unseal Tony Lindgren <tony(a)atomide.com> gpio: omap: Save and restore sysconfig Xie Yongji <xieyongji(a)bytedance.com> vhost-vdpa: protect concurrent access to vhost device iotlb ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/omap3.dtsi | 3 + .../boot/dts/allwinner/sun50i-a64-pine64-lts.dts | 2 +- arch/arm64/kernel/probes/kprobes.c | 6 +- arch/csky/Kconfig | 2 +- arch/csky/include/asm/page.h | 2 +- arch/ia64/mm/discontig.c | 6 +- arch/s390/kernel/entry.S | 1 + arch/x86/events/intel/core.c | 2 +- arch/x86/events/intel/uncore_snbep.c | 61 +- arch/x86/kernel/crash.c | 2 +- block/ioctl.c | 2 + drivers/dma/tegra20-apb-dma.c | 4 +- drivers/dma/xilinx/xilinx_dpdma.c | 31 +- drivers/gpio/gpio-omap.c | 9 + drivers/hid/hid-alps.c | 1 + drivers/hid/hid-cp2112.c | 22 +- drivers/hid/hid-google-hammer.c | 2 + drivers/hid/hid-ids.h | 1 + drivers/hid/wacom_wac.c | 2 +- drivers/net/ethernet/cavium/liquidio/cn66xx_regs.h | 2 +- drivers/net/geneve.c | 6 + drivers/net/xen-netback/xenbus.c | 12 +- drivers/pinctrl/core.c | 14 +- drivers/pinctrl/intel/pinctrl-lewisburg.c | 6 +- drivers/soc/qcom/qcom-geni-se.c | 3 + drivers/vdpa/mlx5/core/mr.c | 4 +- drivers/vhost/vdpa.c | 6 +- include/linux/bpf.h | 5 + include/linux/bpf_verifier.h | 3 +- include/linux/platform_data/gpio-omap.h | 3 + kernel/bpf/verifier.c | 774 ++++++++++++++++----- kernel/locking/qrwlock.c | 7 +- scripts/Makefile.kasan | 12 +- security/keys/trusted-keys/trusted_tpm2.c | 2 +- tools/arch/ia64/include/asm/barrier.h | 3 - tools/perf/util/auxtrace.c | 2 +- tools/perf/util/map.c | 7 +- 38 files changed, 742 insertions(+), 294 deletions(-)

3 years, 8 months

12
47
0 0

[PATCH] cfg80211: fix locking in netlink owner interface destruction

by Johannes Berg

From: Johannes Berg <johannes.berg(a)intel.com> Harald Arnesen reported [1] a deadlock at reboot time, and after he captured a stack trace a picture developed of what's going on: The distribution he's using is using iwd (not wpa_supplicant) to manage wireless. iwd will usually use the "socket owner" option when it creates new interfaces, so that they're automatically destroyed when it quits (unexpectedly or otherwise). This is also done by wpa_supplicant, but it doesn't do it for the normal one, only for additional ones, which is different with iwd. Anyway, during shutdown, iwd quits while the netdev is still UP, i.e. IFF_UP is set. This causes the stack trace that Linus so nicely transcribed from the pictures: cfg80211_destroy_iface_wk() takes wiphy_lock -> cfg80211_destroy_ifaces() ->ieee80211_del_iface ->ieeee80211_if_remove ->cfg80211_unregister_wdev ->unregister_netdevice_queue ->dev_close_many ->__dev_close_many ->raw_notifier_call_chain ->cfg80211_netdev_notifier_call and that last call tries to take wiphy_lock again. In commit a05829a7222e ("cfg80211: avoid holding the RTNL when calling the driver") I had taken into account the possibility of recursing from cfg80211 into cfg80211_netdev_notifier_call() via the network stack, but only for NETDEV_UNREGISTER, not for what happens here, NETDEV_GOING_DOWN and NETDEV_DOWN notifications. Additionally, while this worked still back in commit 78f22b6a3a92 ("cfg80211: allow userspace to take ownership of interfaces"), it missed another corner case: unregistering a netdev will cause dev_close() to be called, and thus stop wireless operations (e.g. disconnecting), but there are some types of virtual interfaces in wifi that don't have a netdev - for that we need an additional call to cfg80211_leave(). So, to fix this mess, change cfg80211_destroy_ifaces() to not require the wiphy_lock(), but instead make it acquire it, but only after it has actually closed all the netdevs on the list, and then call cfg80211_leave() as well before removing them from the driver, to fix the second issue. The locking change in this requires modifying the nl80211 call to not get the wiphy lock passed in, but acquire it by itself after flushing any potentially pending destruction requests. [1] https://lore.kernel.org/r/09464e67-f3de-ac09-28a3-e27b7914ee7d@skogtun.org Cc: stable(a)vger.kernel.org # 5.12 Reported-by: Harald Arnesen <harald(a)skogtun.org> Fixes: 776a39b8196d ("cfg80211: call cfg80211_destroy_ifaces() with wiphy lock held") Fixes: 78f22b6a3a92 ("cfg80211: allow userspace to take ownership of interfaces") Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> --- Linus, I'll send this the regular way, just CC'ing you since you were involved in the debug. --- net/wireless/core.c | 21 +++++++++++++++++---- net/wireless/nl80211.c | 24 +++++++++++++++++++----- 2 files changed, 36 insertions(+), 9 deletions(-) diff --git a/net/wireless/core.c b/net/wireless/core.c index a2785379df6e..589ee5a69a2e 100644 --- a/net/wireless/core.c +++ b/net/wireless/core.c @@ -332,14 +332,29 @@ static void cfg80211_event_work(struct work_struct *work) void cfg80211_destroy_ifaces(struct cfg80211_registered_device *rdev) { struct wireless_dev *wdev, *tmp; + bool found = false; ASSERT_RTNL(); - lockdep_assert_wiphy(&rdev->wiphy); + list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) { + if (wdev->nl_owner_dead) { + if (wdev->netdev) + dev_close(wdev->netdev); + found = true; + } + } + + if (!found) + return; + + wiphy_lock(&rdev->wiphy); list_for_each_entry_safe(wdev, tmp, &rdev->wiphy.wdev_list, list) { - if (wdev->nl_owner_dead) + if (wdev->nl_owner_dead) { + cfg80211_leave(rdev, wdev); rdev_del_virtual_intf(rdev, wdev); + } } + wiphy_unlock(&rdev->wiphy); } static void cfg80211_destroy_iface_wk(struct work_struct *work) @@ -350,9 +365,7 @@ static void cfg80211_destroy_iface_wk(struct work_struct *work) destroy_work); rtnl_lock(); - wiphy_lock(&rdev->wiphy); cfg80211_destroy_ifaces(rdev); - wiphy_unlock(&rdev->wiphy); rtnl_unlock(); } diff --git a/net/wireless/nl80211.c b/net/wireless/nl80211.c index b1df42e4f1eb..a5224da63832 100644 --- a/net/wireless/nl80211.c +++ b/net/wireless/nl80211.c @@ -3929,7 +3929,7 @@ static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) return err; } -static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) +static int _nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) { struct cfg80211_registered_device *rdev = info->user_ptr[0]; struct vif_params params; @@ -3938,9 +3938,6 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) int err; enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; - /* to avoid failing a new interface creation due to pending removal */ - cfg80211_destroy_ifaces(rdev); - memset(&params, 0, sizeof(params)); if (!info->attrs[NL80211_ATTR_IFNAME]) @@ -4028,6 +4025,21 @@ static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) return genlmsg_reply(msg, info); } +static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) +{ + struct cfg80211_registered_device *rdev = info->user_ptr[0]; + int ret; + + /* to avoid failing a new interface creation due to pending removal */ + cfg80211_destroy_ifaces(rdev); + + wiphy_lock(&rdev->wiphy); + ret = _nl80211_new_interface(skb, info); + wiphy_unlock(&rdev->wiphy); + + return ret; +} + static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) { struct cfg80211_registered_device *rdev = info->user_ptr[0]; @@ -15040,7 +15052,9 @@ static const struct genl_small_ops nl80211_small_ops[] = { .doit = nl80211_new_interface, .flags = GENL_UNS_ADMIN_PERM, .internal_flags = NL80211_FLAG_NEED_WIPHY | - NL80211_FLAG_NEED_RTNL, + NL80211_FLAG_NEED_RTNL | + /* we take the wiphy mutex later ourselves */ + NL80211_FLAG_NO_WIPHY_MTX, }, { .cmd = NL80211_CMD_DEL_INTERFACE, -- 2.30.2

3 years, 8 months

3
4
0 0

stable-rc/queue/4.19 baseline: 123 runs, 4 regressions (v4.19.188-59-g44040da4ce0d1)

by kernelci.org bot

stable-rc/queue/4.19 baseline: 123 runs, 4 regressions (v4.19.188-59-g44040da4ce0d1) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ---------------------+------+-----------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-baylibre | gcc-8 | versatile_defconfig | 1 qemu_arm-versatilepb | arm | lab-broonie | gcc-8 | versatile_defconfig | 1 qemu_arm-versatilepb | arm | lab-cip | gcc-8 | versatile_defconfig | 1 qemu_arm-versatilepb | arm | lab-linaro-lkft | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/queue%2F4.19/kernel/v4.19.18… Test: baseline Tree: stable-rc Branch: queue/4.19 Describe: v4.19.188-59-g44040da4ce0d1 URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: 44040da4ce0d1897073291636e2ae30cfa27557a Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ---------------------+------+-----------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-baylibre | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/plan/id/6087f61cc351ccfa1d9b77ad Results: 0 PASS, 1 FAIL, 0 SKIP Full config: versatile_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//stable-rc/queue-4.19/v4.19.188-59-g44040da4ce… HTML log: https://storage.kernelci.org//stable-rc/queue-4.19/v4.19.188-59-g44040da4ce… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-5-g2f114cc7… * baseline.login: https://kernelci.org/test/case/id/6087f61cc351ccfa1d9b77ae failing since 164 days (last pass: v4.19.157-26-gd59f3161b3a0, first fail: v4.19.157-27-g5543cc2c41d55) platform | arch | lab | compiler | defconfig | regressions ---------------------+------+-----------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-broonie | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/plan/id/6087f6203a9f673fba9b77d0 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: versatile_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//stable-rc/queue-4.19/v4.19.188-59-g44040da4ce… HTML log: https://storage.kernelci.org//stable-rc/queue-4.19/v4.19.188-59-g44040da4ce… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-5-g2f114cc7… * baseline.login: https://kernelci.org/test/case/id/6087f6203a9f673fba9b77d1 failing since 164 days (last pass: v4.19.157-26-gd59f3161b3a0, first fail: v4.19.157-27-g5543cc2c41d55) platform | arch | lab | compiler | defconfig | regressions ---------------------+------+-----------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-cip | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/plan/id/6087f628c351ccfa1d9b77bf Results: 0 PASS, 1 FAIL, 0 SKIP Full config: versatile_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//stable-rc/queue-4.19/v4.19.188-59-g44040da4ce… HTML log: https://storage.kernelci.org//stable-rc/queue-4.19/v4.19.188-59-g44040da4ce… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-5-g2f114cc7… * baseline.login: https://kernelci.org/test/case/id/6087f628c351ccfa1d9b77c0 failing since 164 days (last pass: v4.19.157-26-gd59f3161b3a0, first fail: v4.19.157-27-g5543cc2c41d55) platform | arch | lab | compiler | defconfig | regressions ---------------------+------+-----------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-linaro-lkft | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/plan/id/6087f5dfdcb6286fb99b77b7 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: versatile_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//stable-rc/queue-4.19/v4.19.188-59-g44040da4ce… HTML log: https://storage.kernelci.org//stable-rc/queue-4.19/v4.19.188-59-g44040da4ce… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-5-g2f114cc7… * baseline.login: https://kernelci.org/test/case/id/6087f5dfdcb6286fb99b77b8 failing since 164 days (last pass: v4.19.157-26-gd59f3161b3a0, first fail: v4.19.157-27-g5543cc2c41d55)

3 years, 8 months

1
0
0 0

stable-rc/queue/4.9 baseline: 97 runs, 4 regressions (v4.9.267-38-g98c9d8042520b)

by kernelci.org bot

stable-rc/queue/4.9 baseline: 97 runs, 4 regressions (v4.9.267-38-g98c9d8042520b) Regressions Summary ------------------- platform | arch | lab | compiler | defconfig | regressions ---------------------+------+-----------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-baylibre | gcc-8 | versatile_defconfig | 1 qemu_arm-versatilepb | arm | lab-broonie | gcc-8 | versatile_defconfig | 1 qemu_arm-versatilepb | arm | lab-cip | gcc-8 | versatile_defconfig | 1 qemu_arm-versatilepb | arm | lab-linaro-lkft | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/job/stable-rc/branch/queue%2F4.9/kernel/v4.9.267-… Test: baseline Tree: stable-rc Branch: queue/4.9 Describe: v4.9.267-38-g98c9d8042520b URL: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git SHA: 98c9d8042520b7cf22c22aaa3f9d5ed46e3253f7 Test Regressions ---------------- platform | arch | lab | compiler | defconfig | regressions ---------------------+------+-----------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-baylibre | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/plan/id/6087f1bba2f5f7acae9b77a6 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: versatile_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//stable-rc/queue-4.9/v4.9.267-38-g98c9d8042520… HTML log: https://storage.kernelci.org//stable-rc/queue-4.9/v4.9.267-38-g98c9d8042520… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-5-g2f114cc7… * baseline.login: https://kernelci.org/test/case/id/6087f1bba2f5f7acae9b77a7 failing since 164 days (last pass: v4.9.243-16-gd8d67e375b0a, first fail: v4.9.243-25-ga01fe8e99a22) platform | arch | lab | compiler | defconfig | regressions ---------------------+------+-----------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-broonie | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/plan/id/6087f1e67752c11fed9b77d9 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: versatile_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//stable-rc/queue-4.9/v4.9.267-38-g98c9d8042520… HTML log: https://storage.kernelci.org//stable-rc/queue-4.9/v4.9.267-38-g98c9d8042520… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-5-g2f114cc7… * baseline.login: https://kernelci.org/test/case/id/6087f1e67752c11fed9b77da failing since 164 days (last pass: v4.9.243-16-gd8d67e375b0a, first fail: v4.9.243-25-ga01fe8e99a22) platform | arch | lab | compiler | defconfig | regressions ---------------------+------+-----------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-cip | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/plan/id/6087f1c5e2032039149b77c2 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: versatile_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//stable-rc/queue-4.9/v4.9.267-38-g98c9d8042520… HTML log: https://storage.kernelci.org//stable-rc/queue-4.9/v4.9.267-38-g98c9d8042520… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-5-g2f114cc7… * baseline.login: https://kernelci.org/test/case/id/6087f1c5e2032039149b77c3 failing since 164 days (last pass: v4.9.243-16-gd8d67e375b0a, first fail: v4.9.243-25-ga01fe8e99a22) platform | arch | lab | compiler | defconfig | regressions ---------------------+------+-----------------+----------+---------------------+------------ qemu_arm-versatilepb | arm | lab-linaro-lkft | gcc-8 | versatile_defconfig | 1 Details: https://kernelci.org/test/plan/id/6087f18493b58389459b77b4 Results: 0 PASS, 1 FAIL, 0 SKIP Full config: versatile_defconfig Compiler: gcc-8 (arm-linux-gnueabihf-gcc (Debian 8.3.0-2) 8.3.0) Plain log: https://storage.kernelci.org//stable-rc/queue-4.9/v4.9.267-38-g98c9d8042520… HTML log: https://storage.kernelci.org//stable-rc/queue-4.9/v4.9.267-38-g98c9d8042520… Rootfs: http://storage.kernelci.org/images/rootfs/buildroot/kci-2020.05-5-g2f114cc7… * baseline.login: https://kernelci.org/test/case/id/6087f18493b58389459b77b5 failing since 164 days (last pass: v4.9.243-16-gd8d67e375b0a, first fail: v4.9.243-25-ga01fe8e99a22)

3 years, 8 months

1
0
0 0

[PATCH 041/190] Revert "ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()"

by Greg Kroah-Hartman

This reverts commit 6e6c25283dff866308c87b49434c7dbad4774cc0. Commits from @umn.edu addresses have been found to be submitted in "bad faith" to try to test the kernel community's ability to review "known malicious" changes. The result of these submissions can be found in a paper published at the 42nd IEEE Symposium on Security and Privacy entitled, "Open Source Insecurity: Stealthily Introducing Vulnerabilities via Hypocrite Commits" written by Qiushi Wu (University of Minnesota) and Kangjie Lu (University of Minnesota). Because of this, all submissions from this group must be reverted from the kernel tree and will need to be re-reviewed again to determine if they actually are a valid fix. Until that work is complete, remove this change to ensure that no problems are being introduced into the codebase. Cc: Qiushi Wu <wu000273(a)umn.edu> Cc: 3.10+ <stable(a)vger.kernel.org> # 3.10+ Cc: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/acpi/sysfs.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/drivers/acpi/sysfs.c b/drivers/acpi/sysfs.c index 8baf7644a0d0..842bf63b91e9 100644 --- a/drivers/acpi/sysfs.c +++ b/drivers/acpi/sysfs.c @@ -986,10 +986,8 @@ void acpi_sysfs_add_hotplug_profile(struct acpi_hotplug_profile *hotplug, error = kobject_init_and_add(&hotplug->kobj, &acpi_hotplug_profile_ktype, hotplug_kobj, "%s", name); - if (error) { - kobject_put(&hotplug->kobj); + if (error) goto err_out; - } kobject_uevent(&hotplug->kobj, KOBJ_ADD); return; -- 2.31.1

3 years, 8 months

2
2
0 0

[PATCH 040/190] Revert "ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()"

by Greg Kroah-Hartman

This reverts commit 4d8be4bc94f74bb7d096e1c2e44457b530d5a170. Commits from @umn.edu addresses have been found to be submitted in "bad faith" to try to test the kernel community's ability to review "known malicious" changes. The result of these submissions can be found in a paper published at the 42nd IEEE Symposium on Security and Privacy entitled, "Open Source Insecurity: Stealthily Introducing Vulnerabilities via Hypocrite Commits" written by Qiushi Wu (University of Minnesota) and Kangjie Lu (University of Minnesota). Because of this, all submissions from this group must be reverted from the kernel tree and will need to be re-reviewed again to determine if they actually are a valid fix. Until that work is complete, remove this change to ensure that no problems are being introduced into the codebase. Cc: Qiushi Wu <wu000273(a)umn.edu> Cc: 4.10+ <stable(a)vger.kernel.org> # 4.10+ Cc: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/acpi/cppc_acpi.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/acpi/cppc_acpi.c b/drivers/acpi/cppc_acpi.c index 69057fcd2c04..42650b34e45e 100644 --- a/drivers/acpi/cppc_acpi.c +++ b/drivers/acpi/cppc_acpi.c @@ -830,7 +830,6 @@ int acpi_cppc_processor_probe(struct acpi_processor *pr) "acpi_cppc"); if (ret) { per_cpu(cpc_desc_ptr, pr->id) = NULL; - kobject_put(&cpc_ptr->kobj); goto out_free; } -- 2.31.1

3 years, 8 months

2
2
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror April 2021