September 2023 - Linux-stable-mirror

[PATCH v5] mtd: rawnand: qcom: Unmap the right resource upon probe failure

by Bibek Kumar Patro

We currently provide the physical address of the DMA region rather than the output of dma_map_resource() which is obviously wrong. Fixes: 7330fc505af4 ("mtd: rawnand: qcom: stop using phys_to_dma()") Cc: stable(a)vger.kernel.org Reviewed-by: Manivannan Sadhasivam <mani(a)kernel.org> Signed-off-by: Bibek Kumar Patro <quic_bibekkum(a)quicinc.com> --- v5: Incorporated suggestions from Miquel/Mani - Added tag to automatically include this patch in stable tree. v4: Incorporated suggestion from Miquel - Modified title and commit description. https://lore.kernel.org/all/20230912115903.1007-1-quic_bibekkum@quicinc.com/ v3: Incorporated comments from Miquel - Modified the commit message and title as per suggestions. https://lore.kernel.org/all/20230912101814.7748-1-quic_bibekkum@quicinc.com/ v2: Incorporated comments from Pavan/Mani. https://lore.kernel.org/all/20230911133026.29868-1-quic_bibekkum@quicinc.co… v1: https://lore.kernel.org/all/20230907092854.11408-1-quic_bibekkum@quicinc.co… drivers/mtd/nand/raw/qcom_nandc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/mtd/nand/raw/qcom_nandc.c b/drivers/mtd/nand/raw/qcom_nandc.c index 64499c1b3603..b079605c84d3 100644 --- a/drivers/mtd/nand/raw/qcom_nandc.c +++ b/drivers/mtd/nand/raw/qcom_nandc.c @@ -3444,7 +3444,7 @@ static int qcom_nandc_probe(struct platform_device *pdev) err_aon_clk: clk_disable_unprepare(nandc->core_clk); err_core_clk: - dma_unmap_resource(dev, res->start, resource_size(res), + dma_unmap_resource(dev, nandc->base_dma, resource_size(res), DMA_BIDIRECTIONAL, 0); return ret; } -- 2.17.1

1 year, 9 months

2
1
0 0

[PATCH v4 4/6] mm: Make PR_MDWE_REFUSE_EXEC_GAIN an unsigned long

by Florent Revest

Defining a prctl flag as an int is a footgun because on a 64 bit machine and with a variadic implementation of prctl (like in musl and glibc), when used directly as a prctl argument, it can get casted to long with garbage upper bits which would result in unexpected behaviors. This patch changes the constant to an unsigned long to eliminate that possibilities. This does not break UAPI. Fixes: b507808ebce2 ("mm: implement memory-deny-write-execute as a prctl") Cc: stable(a)vger.kernel.org Signed-off-by: Florent Revest <revest(a)chromium.org> Suggested-by: Alexey Izbyshev <izbyshev(a)ispras.ru> Reviewed-by: David Hildenbrand <david(a)redhat.com> Reviewed-by: Kees Cook <keescook(a)chromium.org> Acked-by: Catalin Marinas <catalin.marinas(a)arm.com> --- include/uapi/linux/prctl.h | 2 +- tools/include/uapi/linux/prctl.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h index 3c36aeade991..9a85c69782bd 100644 --- a/include/uapi/linux/prctl.h +++ b/include/uapi/linux/prctl.h @@ -283,7 +283,7 @@ struct prctl_mm_map { /* Memory deny write / execute */ #define PR_SET_MDWE 65 -# define PR_MDWE_REFUSE_EXEC_GAIN 1 +# define PR_MDWE_REFUSE_EXEC_GAIN (1UL << 0) #define PR_GET_MDWE 66 diff --git a/tools/include/uapi/linux/prctl.h b/tools/include/uapi/linux/prctl.h index 3c36aeade991..9a85c69782bd 100644 --- a/tools/include/uapi/linux/prctl.h +++ b/tools/include/uapi/linux/prctl.h @@ -283,7 +283,7 @@ struct prctl_mm_map { /* Memory deny write / execute */ #define PR_SET_MDWE 65 -# define PR_MDWE_REFUSE_EXEC_GAIN 1 +# define PR_MDWE_REFUSE_EXEC_GAIN (1UL << 0) #define PR_GET_MDWE 66 -- 2.42.0.rc2.253.gd59a3bf2b4-goog

1 year, 9 months

2
2
0 0

Hi

by Lucas Santiago Copertari Ramonda

Olá, querido, Em duas ocasiões, enviei-lhe um e-mail ao qual você não respondeu. Você consegue encontrar tempo para me responder agora? ....................................... Hi Dear,On two occasions, I have sent an email to you which you have not responded to.Can you find time to respond to me now?

1 year, 9 months

1
0
0 0

Prezentacja

by Mateusz Talaga

Dzień dobry! Czy mógłbym przedstawić rozwiązanie, które umożliwia monitoring każdego auta w czasie rzeczywistym w tym jego pozycję, zużycie paliwa i przebieg? Dodatkowo nasze narzędzie minimalizuje koszty utrzymania samochodów, skraca czas przejazdów, a także tworzenie planu tras czy dostaw. Z naszej wiedzy i doświadczenia korzysta już ponad 49 tys. Klientów. Monitorujemy 809 000 pojazdów na całym świecie, co jest naszą najlepszą wizytówką. Bardzo proszę o e-maila zwrotnego, jeśli moglibyśmy wspólnie omówić potencjał wykorzystania takiego rozwiązania w Państwa firmie. Pozdrawiam Mateusz Talaga

1 year, 9 months

1
0
0 0

[PATCH stable 6.1.y 1/2] KVM: arm64: Prevent the donation of no-map pages

by Suraj Jitindar Singh

From: Quentin Perret <qperret(a)google.com> commit 43c1ff8b75011bc3e3e923adf31ba815864a2494 upstream. Memory regions marked as "no-map" in the host device-tree routinely include TrustZone carev-outs and DMA pools. Although donating such pages to the hypervisor may not breach confidentiality, it could be used to corrupt its state in uncontrollable ways. To prevent this, let's block host-initiated memory transitions targeting "no-map" pages altogether in nVHE protected mode as there should be no valid reason to do this in current operation. Thankfully, the pKVM EL2 hypervisor has a full copy of the host's list of memblock regions, so we can easily check for the presence of the MEMBLOCK_NOMAP flag on a region containing pages being donated from the host. Reviewed-by: Philippe Mathieu-Daudé <philmd(a)linaro.org> Tested-by: Vincent Donnefort <vdonnefort(a)google.com> Signed-off-by: Quentin Perret <qperret(a)google.com> Signed-off-by: Will Deacon <will(a)kernel.org> Signed-off-by: Marc Zyngier <maz(a)kernel.org> Link: https://lore.kernel.org/r/20221110190259.26861-8-will@kernel.org [ bp: clean ] Signed-off-by: Suraj Jitindar Singh <surajjs(a)amazon.com> --- arch/arm64/kvm/hyp/nvhe/mem_protect.c | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/arch/arm64/kvm/hyp/nvhe/mem_protect.c b/arch/arm64/kvm/hyp/nvhe/mem_protect.c index 07f9dc9848ef..0f6c053686c7 100644 --- a/arch/arm64/kvm/hyp/nvhe/mem_protect.c +++ b/arch/arm64/kvm/hyp/nvhe/mem_protect.c @@ -195,7 +195,7 @@ struct kvm_mem_range { u64 end; }; -static bool find_mem_range(phys_addr_t addr, struct kvm_mem_range *range) +static struct memblock_region *find_mem_range(phys_addr_t addr, struct kvm_mem_range *range) { int cur, left = 0, right = hyp_memblock_nr; struct memblock_region *reg; @@ -218,18 +218,28 @@ static bool find_mem_range(phys_addr_t addr, struct kvm_mem_range *range) } else { range->start = reg->base; range->end = end; - return true; + return reg; } } - return false; + return NULL; } bool addr_is_memory(phys_addr_t phys) { struct kvm_mem_range range; - return find_mem_range(phys, &range); + return !!find_mem_range(phys, &range); +} + +static bool addr_is_allowed_memory(phys_addr_t phys) +{ + struct memblock_region *reg; + struct kvm_mem_range range; + + reg = find_mem_range(phys, &range); + + return reg && !(reg->flags & MEMBLOCK_NOMAP); } static bool is_in_mem_range(u64 addr, struct kvm_mem_range *range) @@ -348,7 +358,7 @@ static bool host_stage2_force_pte_cb(u64 addr, u64 end, enum kvm_pgtable_prot pr static int host_stage2_idmap(u64 addr) { struct kvm_mem_range range; - bool is_memory = find_mem_range(addr, &range); + bool is_memory = !!find_mem_range(addr, &range); enum kvm_pgtable_prot prot; int ret; @@ -425,7 +435,7 @@ static int __check_page_state_visitor(u64 addr, u64 end, u32 level, struct check_walk_data *d = arg; kvm_pte_t pte = *ptep; - if (kvm_pte_valid(pte) && !addr_is_memory(kvm_pte_to_phys(pte))) + if (kvm_pte_valid(pte) && !addr_is_allowed_memory(kvm_pte_to_phys(pte))) return -EINVAL; return d->get_page_state(pte) == d->desired ? 0 : -EPERM; -- 2.34.1

1 year, 9 months

5
7
0 0

[PATCH v1 0/8] Fix set_huge_pte_at() panic on arm64

by Ryan Roberts

Hi All, This series fixes a bug in arm64's implementation of set_huge_pte_at(), which can result in an unprivileged user causing a kernel panic. The problem was triggered when running the new uffd poison mm selftest for HUGETLB memory. This test (and the uffd poison feature) was merged for v6.6-rc1. However, upon inspection there are multiple other pre-existing paths that can trigger this bug. Ideally, I'd like to get this fix in for v6.6 if possible? And I guess it should be backported too, given there are call sites where this can theoretically happen that pre-date v6.6-rc1 (I've cc'ed stable(a)vger.kernel.org). Description of Bug ------------------ arm64's huge pte implementation supports multiple huge page sizes, some of which are implemented in the page table with contiguous mappings. So set_huge_pte_at() needs to work out how big the logical pte is, so that it can also work out how many physical ptes (or pmds) need to be written. It does this by grabbing the folio out of the pte and querying its size. However, there are cases when the pte being set is actually a swap entry. But this also used to work fine, because for huge ptes, we only ever saw migration entries and hwpoison entries. And both of these types of swap entries have a PFN embedded, so the code would grab that and everything still worked out. But over time, more calls to set_huge_pte_at() have been added that set swap entry types that do not embed a PFN. And this causes the code to go bang. The triggering case is for the uffd poison test, commit 99aa77215ad0 ("selftests/mm: add uffd unit test for UFFDIO_POISON"), which sets a PTE_MARKER_POISONED swap entry. But review shows there are other places too (PTE_MARKER_UFFD_WP). If CONFIG_DEBUG_VM is enabled, we do at least get a BUG(), but otherwise, it will dereference a bad pointer in page_folio(): static inline struct folio *hugetlb_swap_entry_to_folio(swp_entry_t entry) { VM_BUG_ON(!is_migration_entry(entry) && !is_hwpoison_entry(entry)); return page_folio(pfn_to_page(swp_offset_pfn(entry))); } So the root cause is due to commit 18f3962953e4 ("mm: hugetlb: kill set_huge_swap_pte_at()"), which aimed to simplify the interface to the core code by removing set_huge_swap_pte_at() (which took a page size parameter) and replacing it with calls to set_huge_swap_pte_at() where the size was inferred from the folio, as descibed above. While that commit didn't break anything at the time, it did break the interface because it couldn't handle swap entries without PFNs. And since then new callers have come along which rely on this working. Fix --- The simplest fix would have been to revert the dodgy cleanup commit, but since things have moved on, this would have required an audit of all the new set_huge_pte_at() call sites to see if they should be converted to set_huge_swap_pte_at(). As per the original intent of the change, it would also leave us open to future bugs when people invariably get it wrong and call the wrong helper. So instead, I've converted the first parameter of set_huge_pte_at() to be a vma rather than an mm. This means that the arm64 code can easily recover the huge page size in all cases. It's a bigger change, due to needing to touch the arches that implement the function, but it is entirely mechanical, so in my view, low risk. I've compile-tested all touched arches; arm64, parisc, powerpc, riscv, s390 (and additionally x86_64). I've additionally booted and run mm selftests against arm64, where I observe the uffd poison test is fixed, and there are no other regressions. Patches ------- patches 1-7: Convert core mm and arches to pass vma instead of mm patch: 8: Fixes the arm64 bug Patches based on v6.6-rc2. Thanks, Ryan Ryan Roberts (8): parisc: hugetlb: Convert set_huge_pte_at() to take vma powerpc: hugetlb: Convert set_huge_pte_at() to take vma riscv: hugetlb: Convert set_huge_pte_at() to take vma s390: hugetlb: Convert set_huge_pte_at() to take vma sparc: hugetlb: Convert set_huge_pte_at() to take vma mm: hugetlb: Convert set_huge_pte_at() to take vma arm64: hugetlb: Convert set_huge_pte_at() to take vma arm64: hugetlb: Fix set_huge_pte_at() to work with all swap entries arch/arm64/include/asm/hugetlb.h | 2 +- arch/arm64/mm/hugetlbpage.c | 22 ++++---------- arch/parisc/include/asm/hugetlb.h | 2 +- arch/parisc/mm/hugetlbpage.c | 4 +-- .../include/asm/nohash/32/hugetlb-8xx.h | 3 +- arch/powerpc/mm/book3s64/hugetlbpage.c | 2 +- arch/powerpc/mm/book3s64/radix_hugetlbpage.c | 2 +- arch/powerpc/mm/nohash/8xx.c | 2 +- arch/powerpc/mm/pgtable.c | 7 ++++- arch/riscv/include/asm/hugetlb.h | 2 +- arch/riscv/mm/hugetlbpage.c | 3 +- arch/s390/include/asm/hugetlb.h | 8 +++-- arch/s390/mm/hugetlbpage.c | 8 ++++- arch/sparc/include/asm/hugetlb.h | 8 +++-- arch/sparc/mm/hugetlbpage.c | 8 ++++- include/asm-generic/hugetlb.h | 6 ++-- include/linux/hugetlb.h | 6 ++-- mm/damon/vaddr.c | 2 +- mm/hugetlb.c | 30 +++++++++---------- mm/migrate.c | 2 +- mm/rmap.c | 10 +++---- mm/vmalloc.c | 5 +++- 22 files changed, 80 insertions(+), 64 deletions(-) -- 2.25.1

1 year, 9 months

9
31
0 0

[PATCH 4.14 000/186] 4.14.326-rc1 review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.14.326 release. There are 186 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Fri, 22 Sep 2023 11:28:09 +0000. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.326-r… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.14.326-rc1 Jamal Hadi Salim <jhs(a)mojatatu.com> net/sched: Retire rsvp classifier valis <sec(a)valis.email> net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free William Zhang <william.zhang(a)broadcom.com> mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write William Zhang <william.zhang(a)broadcom.com> mtd: rawnand: brcmnand: Fix ECC level field setting for v7.2 controller William Zhang <william.zhang(a)broadcom.com> mtd: rawnand: brcmnand: Fix potential false time out warning William Zhang <william.zhang(a)broadcom.com> mtd: rawnand: brcmnand: Fix crash during the panic_write Jeff Layton <jlayton(a)kernel.org> nfsd: fix change_info in NFSv4 RENAME replies Filipe Manana <fdmanana(a)suse.com> btrfs: fix lockdep splat and potential deadlock after failure running delayed items Christian Brauner <brauner(a)kernel.org> attr: block mode changes of symlinks Nigel Croxon <ncroxon(a)redhat.com> md/raid1: fix error: ISO C90 forbids mixed declarations Zhen Lei <thunder.leizhen(a)huawei.com> kobject: Add sanity check for kset->kobj.ktype in kset_register() Christophe Leroy <christophe.leroy(a)csgroup.eu> serial: cpm_uart: Avoid suspicious locking Konstantin Shelekhin <k.shelekhin(a)yadro.com> scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() Ma Ke <make_ruc2021(a)163.com> usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: pci: cx23885: replace BUG with error return Hans Verkuil <hverkuil-cisco(a)xs4all.nl> media: tuners: qt1010: replace BUG_ON with a regular error Andy Shevchenko <andriy.shevchenko(a)linux.intel.com> iio: core: Use min() instead of min_t() to make code more robust Zhang Shurong <zhang_shurong(a)foxmail.com> media: az6007: Fix null-ptr-deref in az6007_i2c_xfer() Zhang Shurong <zhang_shurong(a)foxmail.com> media: anysee: fix null-ptr-deref in anysee_master_xfer Zhang Shurong <zhang_shurong(a)foxmail.com> media: af9005: Fix null-ptr-deref in af9005_i2c_xfer Zhang Shurong <zhang_shurong(a)foxmail.com> media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer() Zhang Shurong <zhang_shurong(a)foxmail.com> media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer ruanjinjie <ruanjinjie(a)huawei.com> powerpc/pseries: fix possible memory leak in ibmebus_bus_init() Liu Shixin via Jfs-discussion <jfs-discussion(a)lists.sourceforge.net> jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount Andrew Kanner <andrew.kanner(a)gmail.com> fs/jfs: prevent double-free in dbUnmount() after failed jfs_remount() Georg Ottinger <g.ottinger(a)gmx.at> ext2: fix datatype of block number in ext2_xattr_set2() Zhang Shurong <zhang_shurong(a)foxmail.com> md: raid1: fix potential OOB in raid1_remove_disk() Tuo Li <islituo(a)gmail.com> drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() GONG, Ruiqi <gongruiqi1(a)huawei.com> alx: fix OOB-read compiler warning Alexander Steffen <Alexander.Steffen(a)infineon.com> tpm_tis: Resend command to recover from data transfer errors Mark O'Donovan <shiftee(a)posteo.net> crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() Dmitry Antipov <dmantipov(a)yandex.ru> wifi: mwifiex: fix fortify warning Dongliang Mu <dzm91(a)hust.edu.cn> wifi: ath9k: fix printk specifier Tomislav Novak <tnovak(a)meta.com> hw_breakpoint: fix single-stepping when using bpf_overflow_handler Jiri Slaby (SUSE) <jirislaby(a)kernel.org> ACPI: video: Add backlight=native DMI quirk for Lenovo Ideapad Z470 Abhishek Mainkar <abmainkar(a)nvidia.com> ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer Qu Wenruo <wqu(a)suse.com> btrfs: output extra debug info if we failed to find an inline backref Fedor Pchelkin <pchelkin(a)ispras.ru> autofs: fix memory leak of waitqueues in autofs_catatonic_mode Helge Deller <deller(a)gmx.de> parisc: Drop loops_per_jiffy from per_cpu struct Kuniyuki Iwashima <kuniyu(a)amazon.com> kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg(). Vadim Fedorenko <vadim.fedorenko(a)linux.dev> ixgbe: fix timestamp configuration code Shigeru Yoshida <syoshida(a)redhat.com> kcm: Fix memory leak in error path of kcm_sendmsg() Hangyu Hua <hbh25y(a)gmail.com> net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all() Damien Le Moal <dlemoal(a)kernel.org> ata: pata_ftide010: Add missing MODULE_DESCRIPTION Damien Le Moal <dlemoal(a)kernel.org> ata: sata_gemini: Add missing MODULE_DESCRIPTION Olga Zaborska <olga.zaborska(a)intel.com> igb: Change IGB_MIN to allow set rx/tx value between 64 and 80 Olga Zaborska <olga.zaborska(a)intel.com> igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80 Shigeru Yoshida <syoshida(a)redhat.com> kcm: Destroy mutex in kcm_exit_net() valis <sec(a)valis.email> net: sched: sch_qfq: Fix UAF in qfq_dequeue() Kuniyuki Iwashima <kuniyu(a)amazon.com> af_unix: Fix data race around sk->sk_err. Kuniyuki Iwashima <kuniyu(a)amazon.com> af_unix: Fix data-races around sk->sk_shutdown. Kuniyuki Iwashima <kuniyu(a)amazon.com> af_unix: Fix data-race around unix_tot_inflight. Kuniyuki Iwashima <kuniyu(a)amazon.com> af_unix: Fix data-races around user->unix_inflight. Alex Henrie <alexhenrie24(a)gmail.com> net: ipv6/addrconf: avoid integer underflow in ipv6_create_tempaddr Corinna Vinschen <vinschen(a)redhat.com> igb: disable virtualization features on 82580 Eric Dumazet <edumazet(a)google.com> net: read sk->sk_family once in sk_mc_loop() Vladimir Zapolskiy <vz(a)mleia.com> pwm: lpc32xx: Remove handling of PWM channels Raag Jadav <raag.jadav(a)intel.com> watchdog: intel-mid_wdt: add MODULE_ALIAS() to allow auto-load Sean Christopherson <seanjc(a)google.com> x86/virt: Drop unnecessary check on extended CPUID level in cpu_has_svm() Fedor Pchelkin <pchelkin(a)ispras.ru> NFSv4/pnfs: minor fix for cleanup path in nfs4_get_device_info Dmitry Baryshkov <dmitry.baryshkov(a)linaro.org> clk: qcom: gcc-mdm9615: use proper parent for pll0_vote clock Helge Deller <deller(a)gmx.de> parisc: led: Reduce CPU overhead for disk & lan LED computation Helge Deller <deller(a)gmx.de> parisc: led: Fix LAN receive and transmit LEDs Thomas Zimmermann <tzimmermann(a)suse.de> drm/ast: Fix DRAM init on AST2200 Thomas Zimmermann <tzimmermann(a)suse.de> fbdev/ep93xx-fb: Do not assign to struct fb_info.dev Quinn Tran <qutran(a)marvell.com> scsi: qla2xxx: Turn off noisy message log Quinn Tran <qutran(a)marvell.com> scsi: qla2xxx: fix inconsistent TMF timeout Thomas Bourgoin <thomas.bourgoin(a)foss.st.com> crypto: stm32 - fix loop iterating through scatterlist for DMA Enlin Mu <enlin.mu(a)unisoc.com> pstore/ram: Check start of empty przs during init Nicolas Dichtel <nicolas.dichtel(a)6wind.com> net: handle ARPHRD_PPP in dev_is_mac_header_xmit() Thore Sommer <public(a)thson.de> X.509: if signature is unsupported skip validation Jann Horn <jannh(a)google.com> dccp: Fix out of bounds access in DCCP error handler Helge Deller <deller(a)gmx.de> parisc: Fix /proc/cpuinfo output for lscpu Aleksa Sarai <cyphar(a)cyphar.com> procfs: block chmod on /proc/thread-self/comm Bjorn Helgaas <bhelgaas(a)google.com> Revert "PCI: Mark NVIDIA T4 GPUs to avoid bus reset" Dave Jiang <dave.jiang(a)intel.com> ntb: Fix calculation ntb_transport_tx_free_entry() Dave Jiang <dave.jiang(a)intel.com> ntb: Clean up tx tail index on link down Dave Jiang <dave.jiang(a)intel.com> ntb: Drop packets when qp link is down Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> media: dvb: symbol fixup for dvb_attach() Thomas Zimmermann <tzimmermann(a)suse.de> backlight/lv5207lp: Compare against struct fb_info.device Thomas Zimmermann <tzimmermann(a)suse.de> backlight/bd6107: Compare against struct fb_info.device Thomas Zimmermann <tzimmermann(a)suse.de> backlight/gpio_backlight: Compare against struct fb_info.device Gustavo A. R. Silva <gustavoars(a)kernel.org> ARM: OMAP2+: Fix -Warray-bounds warning in _pwrdm_state_switch() Takashi Iwai <tiwai(a)suse.de> ALSA: pcm: Fix missing fixup call in compat hw_refine ioctl Boris Brezillon <boris.brezillon(a)collabora.com> PM / devfreq: Fix leak in devfreq_dev_release() Radoslaw Tyl <radoslawx.tyl(a)intel.com> igb: set max size RX buffer when store bad packet is enabled Wander Lairson Costa <wander(a)redhat.com> netfilter: xt_sctp: validate the flag_info count Wander Lairson Costa <wander(a)redhat.com> netfilter: xt_u32: validate user space input Kyle Zeng <zengyhkyle(a)gmail.com> netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c Eric Dumazet <edumazet(a)google.com> igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU ruanjinjie <ruanjinjie(a)huawei.com> dmaengine: ste_dma40: Add missing IRQ check in d40_probe Jiasheng Jiang <jiasheng(a)iscas.ac.cn> rpmsg: glink: Add check for kstrdup Rahul Rameshbabu <sergeantsagara(a)protonmail.com> HID: multitouch: Correct devm device reference for hidinput input_dev name Leon Romanovsky <leonro(a)nvidia.com> Revert "IB/isert: Fix incorrect release of isert connection" Peng Fan <peng.fan(a)nxp.com> amba: bus: fix refcount leak Yi Yang <yiyang13(a)huawei.com> serial: tegra: handle clk prepare error in tegra_uart_hw_init() Chengfeng Ye <dg573847474(a)gmail.com> scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock Tony Battersby <tonyb(a)cybernetics.com> scsi: core: Use 32-bit hostnum in scsi_host_lookup() Lu Jialin <lujialin4(a)huawei.com> cgroup:namespace: Remove unused cgroup_namespaces_init() Alan Stern <stern(a)rowland.harvard.edu> USB: gadget: f_mass_storage: Fix unused variable warning Colin Ian King <colin.i.king(a)gmail.com> media: go7007: Remove redundant if statement Rob Clark <robdclark(a)chromium.org> dma-buf/sync_file: Fix docs syntax Oleksandr Natalenko <oleksandr(a)redhat.com> scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly Oleksandr Natalenko <oleksandr(a)redhat.com> scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly Randy Dunlap <rdunlap(a)infradead.org> x86/APM: drop the duplicate APM_MINOR_DEV macro Lin Ma <linma(a)zju.edu.cn> scsi: qla4xxx: Add length check when parsing nlattrs Lin Ma <linma(a)zju.edu.cn> scsi: be2iscsi: Add length check when parsing nlattrs Lin Ma <linma(a)zju.edu.cn> scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() Xu Yang <xu.yang_2(a)nxp.com> usb: phy: mxs: fix getting wrong state with mxs_phy_is_otg_host() Irui Wang <irui.wang(a)mediatek.com> media: mediatek: vcodec: Return NULL if no vdec_fb is found Daniil Dulov <d.dulov(a)aladdin.ru> media: cx24120: Add retval check for cx24120_message_send() Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer() Daniil Dulov <d.dulov(a)aladdin.ru> media: dib7000p: Fix potential division by zero Dongliang Mu <dzm91(a)hust.edu.cn> drivers: usb: smsusb: fix error handling code in smsusb_init_device Chuck Lever <chuck.lever(a)oracle.com> NFSD: da_addr_body field missing in some GETDEVICEINFO replies Su Hui <suhui(a)nfschina.com> fs: lockd: avoid possible wrong NULL parameter Alexei Filippov <halip0503(a)gmail.com> jfs: validate max amount of blocks before allocation. Russell Currey <ruscur(a)russell.cc> powerpc/iommu: Fix notifiers being shared by PCI and VIO buses Dan Carpenter <dan.carpenter(a)linaro.org> nfs/blocklayout: Use the passed in gfp flags Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> wifi: ath10k: Use RMW accessors for changing LNKCTL Ilpo Järvinen <ilpo.jarvinen(a)linux.intel.com> PCI: pciehp: Use RMW accessors for changing LNKCTL Wu Zongyong <wuzongyong(a)linux.alibaba.com> PCI: Mark NVIDIA T4 GPUs to avoid bus reset Zhang Jianhua <chris.zjh(a)huawei.com> clk: sunxi-ng: Modify mismatched function name Minjie Du <duminjie(a)vivo.com> drivers: clk: keystone: Fix parameter judgment in _of_pll_clk_init() Su Hui <suhui(a)nfschina.com> ALSA: ac97: Fix possible error value of *rac97 Gaosheng Cui <cuigaosheng1(a)huawei.com> audit: fix possible soft lockup in __audit_inode_child() Dan Carpenter <dan.carpenter(a)linaro.org> smackfs: Prevent underflow in smk_set_cipso() Ruan Jinjie <ruanjinjie(a)huawei.com> of: unittest: fix null pointer dereferencing in of_unittest_find_node_by_name() Bogdan Togorean <bogdan.togorean(a)analog.com> drm: adv7511: Fix low refresh rate register for ADV7533/5 Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: samsung: s5pv210-smdkv210: correct ethernet reg addresses (split) Krzysztof Kozlowski <krzysztof.kozlowski(a)linaro.org> ARM: dts: samsung: s3c6410-mini6410: correct ethernet reg addresses (split) Rafał Miłecki <rafal(a)milecki.pl> ARM: dts: BCM53573: Use updated "spi-gpio" binding properties Rafał Miłecki <rafal(a)milecki.pl> ARM: dts: BCM53573: Add cells sizes to PCIe node Kuniyuki Iwashima <kuniyu(a)amazon.com> netrom: Deny concurrent connect(). Jinjie Ruan <ruanjinjie(a)huawei.com> net: arcnet: Do not call kfree_skb() under local_irq_disable() Wang Ming <machel(a)vivo.com> wifi: ath9k: use IS_ERR() with debugfs_create_dir() Dmitry Antipov <dmantipov(a)yandex.ru> wifi: mwifiex: avoid possible NULL skb pointer dereference Fedor Pchelkin <pchelkin(a)ispras.ru> wifi: ath9k: protect WMI command response buffer replacement with a lock Polaris Pi <pinkperfect2021(a)gmail.com> wifi: mwifiex: Fix missed return in oob checks failed path Dmitry Antipov <dmantipov(a)yandex.ru> wifi: mwifiex: fix memory leak in mwifiex_histogram_read() Artem Chernyshev <artem.chernyshev(a)red-soft.ru> fs: ocfs2: namei: check return value of ocfs2_add_entry() Yan Zhai <yan(a)cloudflare.com> lwt: Check LWTUNNEL_XMIT_CONTINUE strictly Gaurav Jain <gaurav.jain(a)nxp.com> crypto: caam - fix unchecked return value error Menglong Dong <imagedong(a)tencent.com> net: tcp: fix unexcepted socket die when snd_wnd is 0 Yuanjun Gong <ruc_gongyuanjun(a)163.com> Bluetooth: nokia: fix value check in nokia_bluetooth_serdev_probe() Polaris Pi <pinkperfect2021(a)gmail.com> wifi: mwifiex: Fix OOB and integer underflow when rx packets Marc Kleine-Budde <mkl(a)pengutronix.de> can: gs_usb: gs_usb_receive_bulk_callback(): count RX overflow errors also in case of OOM Zhang Shurong <zhang_shurong(a)foxmail.com> spi: tegra20-sflash: fix to check return value of platform_get_irq() in tegra_sflash_probe() Dan Carpenter <dan.carpenter(a)linaro.org> regmap: rbtree: Use alloc_flags for memory allocations Liao Chang <liaochang1(a)huawei.com> cpufreq: powernow-k8: Use related_cpus instead of cpus in driver.exit() Wang Ming <machel(a)vivo.com> fs: Fix error checking for d_hash_and_lookup() Matthew Wilcox <willy(a)infradead.org> reiserfs: Check the return value from __getblk() Sabrina Dubroca <sd(a)queasysnail.net> Revert "net: macsec: preserve ingress frame ordering" Jan Kara <jack(a)suse.cz> udf: Handle error when adding extent to a file Vladislav Efanov <VEfanov(a)ispras.ru> udf: Check consistency of Space Bitmap Descriptor Christophe Leroy <christophe.leroy(a)csgroup.eu> powerpc/32s: Fix assembler warning about r0 Joel Stanley <joel(a)jms.id.au> powerpc/32: Include .branch_lt in data section Takashi Iwai <tiwai(a)suse.de> ALSA: seq: oss: Fix racy open/close of MIDI devices Shyam Prasad N <sprasad(a)microsoft.com> cifs: add a warning when the in-flight count goes negative Dan Carpenter <dan.carpenter(a)linaro.org> sctp: handle invalid error codes without calling BUG() David Christensen <drc(a)linux.vnet.ibm.com> bnx2x: fix page fault following EEH recovery Dmitry Mastykin <dmastykin(a)astralinux.ru> netlabel: fix shift wrapping bug in netlbl_catmap_setlong() Chengfeng Ye <dg573847474(a)gmail.com> scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock Baoquan He <bhe(a)redhat.com> idmaengine: make FSL_EDMA and INTEL_IDMA64 depends on HAS_IOMEM Martin Kohn <m.kohn(a)welotec.com> net: usb: qmi_wwan: add Quectel EM05GV2 Christian Göttsche <cgzones(a)googlemail.com> security: keys: perform capable check only on privileged operations Edgar <ljijcj(a)163.com> ASoc: codecs: ES8316: Fix DMIC config Winston Wen <wentao(a)uniontech.com> fs/nls: make load_nls() take a const parameter Stefan Haberland <sth(a)linux.ibm.com> s390/dasd: use correct number of retries for ERP requests Ben Hutchings <benh(a)debian.org> m68k: Fix invalid .section syntax Yuanjun Gong <ruc_gongyuanjun(a)163.com> ethernet: atheros: fix return value check in atl1c_tso_csum() Dmytro Maluka <dmy(a)semihalf.com> ASoC: da7219: Flush pending AAD IRQ when suspending Dominique Martinet <asmadeus(a)codewreck.org> 9p: virtio: make sure 'offs' is initialized in zc_request Andrey Ryabinin <aryabinin(a)virtuozzo.com> lib/ubsan: remove returns-nonnull-attribute checks Mario Limonciello <mario.limonciello(a)amd.com> pinctrl: amd: Don't show `Invalid config param` errors Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse Ryusuke Konishi <konishi.ryusuke(a)gmail.com> nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers() Hugo Villeneuve <hvilleneuve(a)dimonoff.com> serial: sc16is7xx: fix bug when first setting GPIO direction Zheng Wang <zyytlz.wz(a)163.com> Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition Aaron Armstrong Skomra <aaron.skomra(a)wacom.com> HID: wacom: remove the battery when the EKR is off Slark Xiao <slark_xiao(a)163.com> USB: serial: option: add FOXCONN T99W368/T99W373 product Martin Kohn <m.kohn(a)welotec.com> USB: serial: option: add Quectel EM05G variant (0x030e) Christoph Hellwig <hch(a)lst.de> modules: only allow symbol_get of EXPORT_SYMBOL_GPL modules Christoph Hellwig <hch(a)lst.de> rtc: ds1685: use EXPORT_SYMBOL_GPL for ds1685_rtc_poweroff Christoph Hellwig <hch(a)lst.de> mmc: au1xmmc: force non-modular build and remove symbol_get usage Arnd Bergmann <arnd(a)arndb.de> ARM: pxa: remove use of symbol_get() ------------- Diffstat: Makefile | 4 +- arch/arm/boot/dts/bcm53573.dtsi | 3 + arch/arm/boot/dts/bcm947189acdbmr.dts | 6 +- arch/arm/boot/dts/s3c6410-mini6410.dts | 2 +- arch/arm/boot/dts/s5pv210-smdkv210.dts | 2 +- arch/arm/kernel/hw_breakpoint.c | 8 +- arch/arm/mach-omap2/powerdomain.c | 2 +- arch/arm/mach-pxa/sharpsl_pm.c | 2 - arch/arm/mach-pxa/spitz.c | 14 +- arch/arm64/kernel/hw_breakpoint.c | 4 +- arch/m68k/fpsp040/skeleton.S | 4 +- arch/m68k/ifpsp060/os.S | 4 +- arch/m68k/kernel/relocate_kernel.S | 4 +- arch/mips/alchemy/devboards/db1000.c | 8 +- arch/mips/alchemy/devboards/db1200.c | 19 +- arch/mips/alchemy/devboards/db1300.c | 10 +- arch/parisc/include/asm/led.h | 4 +- arch/parisc/include/asm/processor.h | 1 - arch/parisc/kernel/processor.c | 18 +- arch/powerpc/kernel/head_32.S | 2 +- arch/powerpc/kernel/iommu.c | 17 +- arch/powerpc/kernel/vmlinux.lds.S | 1 + arch/powerpc/platforms/pseries/ibmebus.c | 1 + arch/x86/include/asm/virtext.h | 6 - arch/x86/kernel/apm_32.c | 6 - crypto/asymmetric_keys/x509_public_key.c | 5 + drivers/acpi/acpica/psopcode.c | 2 +- drivers/acpi/video_detect.c | 9 + drivers/amba/bus.c | 1 + drivers/ata/pata_ftide010.c | 1 + drivers/ata/sata_gemini.c | 1 + drivers/base/regmap/regcache-rbtree.c | 10 +- drivers/bluetooth/btsdio.c | 1 + drivers/bluetooth/hci_nokia.c | 6 +- drivers/char/tpm/tpm_tis_core.c | 15 +- drivers/clk/keystone/pll.c | 2 +- drivers/clk/qcom/gcc-mdm9615.c | 2 +- drivers/clk/sunxi-ng/ccu_mmc_timing.c | 2 +- drivers/cpufreq/powernow-k8.c | 3 +- drivers/crypto/caam/caampkc.c | 4 +- drivers/crypto/stm32/stm32-hash.c | 2 +- drivers/devfreq/devfreq.c | 1 + drivers/dma/Kconfig | 2 + drivers/dma/ste_dma40.c | 4 + drivers/gpu/drm/ast/ast_post.c | 2 +- drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 9 +- drivers/gpu/drm/exynos/exynos_drm_crtc.c | 5 +- drivers/hid/hid-multitouch.c | 13 +- drivers/hid/wacom.h | 1 + drivers/hid/wacom_sys.c | 25 +- drivers/hid/wacom_wac.c | 1 + drivers/hid/wacom_wac.h | 1 + drivers/iio/industrialio-core.c | 2 +- drivers/infiniband/ulp/isert/ib_isert.c | 2 + drivers/md/raid1.c | 3 + drivers/media/dvb-frontends/ascot2e.c | 2 +- drivers/media/dvb-frontends/atbm8830.c | 2 +- drivers/media/dvb-frontends/au8522_dig.c | 2 +- drivers/media/dvb-frontends/bcm3510.c | 2 +- drivers/media/dvb-frontends/cx22700.c | 2 +- drivers/media/dvb-frontends/cx22702.c | 2 +- drivers/media/dvb-frontends/cx24110.c | 2 +- drivers/media/dvb-frontends/cx24113.c | 2 +- drivers/media/dvb-frontends/cx24116.c | 2 +- drivers/media/dvb-frontends/cx24120.c | 6 +- drivers/media/dvb-frontends/cx24123.c | 2 +- drivers/media/dvb-frontends/cxd2820r_core.c | 2 +- drivers/media/dvb-frontends/cxd2841er.c | 4 +- drivers/media/dvb-frontends/dib0070.c | 2 +- drivers/media/dvb-frontends/dib0090.c | 4 +- drivers/media/dvb-frontends/dib3000mb.c | 2 +- drivers/media/dvb-frontends/dib3000mc.c | 2 +- drivers/media/dvb-frontends/dib7000m.c | 2 +- drivers/media/dvb-frontends/dib7000p.c | 4 +- drivers/media/dvb-frontends/dib8000.c | 2 +- drivers/media/dvb-frontends/dib9000.c | 2 +- drivers/media/dvb-frontends/drx39xyj/drxj.c | 2 +- drivers/media/dvb-frontends/drxd_hard.c | 2 +- drivers/media/dvb-frontends/drxk_hard.c | 2 +- drivers/media/dvb-frontends/ds3000.c | 2 +- drivers/media/dvb-frontends/dvb-pll.c | 2 +- drivers/media/dvb-frontends/ec100.c | 2 +- drivers/media/dvb-frontends/helene.c | 4 +- drivers/media/dvb-frontends/horus3a.c | 2 +- drivers/media/dvb-frontends/isl6405.c | 2 +- drivers/media/dvb-frontends/isl6421.c | 2 +- drivers/media/dvb-frontends/isl6423.c | 2 +- drivers/media/dvb-frontends/itd1000.c | 2 +- drivers/media/dvb-frontends/ix2505v.c | 2 +- drivers/media/dvb-frontends/l64781.c | 2 +- drivers/media/dvb-frontends/lg2160.c | 2 +- drivers/media/dvb-frontends/lgdt3305.c | 2 +- drivers/media/dvb-frontends/lgdt3306a.c | 2 +- drivers/media/dvb-frontends/lgs8gxx.c | 2 +- drivers/media/dvb-frontends/lnbh25.c | 2 +- drivers/media/dvb-frontends/lnbp21.c | 4 +- drivers/media/dvb-frontends/lnbp22.c | 2 +- drivers/media/dvb-frontends/m88ds3103.c | 2 +- drivers/media/dvb-frontends/m88rs2000.c | 2 +- drivers/media/dvb-frontends/mb86a16.c | 2 +- drivers/media/dvb-frontends/mb86a20s.c | 2 +- drivers/media/dvb-frontends/mt312.c | 2 +- drivers/media/dvb-frontends/mt352.c | 2 +- drivers/media/dvb-frontends/nxt200x.c | 2 +- drivers/media/dvb-frontends/nxt6000.c | 2 +- drivers/media/dvb-frontends/or51132.c | 2 +- drivers/media/dvb-frontends/or51211.c | 2 +- drivers/media/dvb-frontends/s5h1409.c | 2 +- drivers/media/dvb-frontends/s5h1411.c | 2 +- drivers/media/dvb-frontends/s5h1420.c | 2 +- drivers/media/dvb-frontends/s5h1432.c | 2 +- drivers/media/dvb-frontends/s921.c | 2 +- drivers/media/dvb-frontends/si21xx.c | 2 +- drivers/media/dvb-frontends/sp887x.c | 2 +- drivers/media/dvb-frontends/stb0899_drv.c | 2 +- drivers/media/dvb-frontends/stb6000.c | 2 +- drivers/media/dvb-frontends/stb6100.c | 2 +- drivers/media/dvb-frontends/stv0288.c | 2 +- drivers/media/dvb-frontends/stv0297.c | 2 +- drivers/media/dvb-frontends/stv0299.c | 2 +- drivers/media/dvb-frontends/stv0367.c | 6 +- drivers/media/dvb-frontends/stv0900_core.c | 2 +- drivers/media/dvb-frontends/stv6110.c | 2 +- drivers/media/dvb-frontends/stv6110x.c | 2 +- drivers/media/dvb-frontends/tda10021.c | 2 +- drivers/media/dvb-frontends/tda10023.c | 2 +- drivers/media/dvb-frontends/tda10048.c | 2 +- drivers/media/dvb-frontends/tda1004x.c | 4 +- drivers/media/dvb-frontends/tda10086.c | 2 +- drivers/media/dvb-frontends/tda665x.c | 2 +- drivers/media/dvb-frontends/tda8083.c | 2 +- drivers/media/dvb-frontends/tda8261.c | 2 +- drivers/media/dvb-frontends/tda826x.c | 2 +- drivers/media/dvb-frontends/ts2020.c | 2 +- drivers/media/dvb-frontends/tua6100.c | 2 +- drivers/media/dvb-frontends/ves1820.c | 2 +- drivers/media/dvb-frontends/ves1x93.c | 2 +- drivers/media/dvb-frontends/zl10036.c | 2 +- drivers/media/dvb-frontends/zl10039.c | 2 +- drivers/media/dvb-frontends/zl10353.c | 2 +- drivers/media/pci/bt8xx/dst.c | 2 +- drivers/media/pci/bt8xx/dst_ca.c | 2 +- drivers/media/pci/cx23885/cx23885-video.c | 2 +- .../media/platform/mtk-vcodec/vdec/vdec_vp9_if.c | 5 +- drivers/media/tuners/fc0011.c | 2 +- drivers/media/tuners/fc0012.c | 2 +- drivers/media/tuners/fc0013.c | 2 +- drivers/media/tuners/max2165.c | 2 +- drivers/media/tuners/mc44s803.c | 2 +- drivers/media/tuners/mt2060.c | 2 +- drivers/media/tuners/mt2131.c | 2 +- drivers/media/tuners/mt2266.c | 2 +- drivers/media/tuners/mxl5005s.c | 2 +- drivers/media/tuners/qt1010.c | 13 +- drivers/media/tuners/tda18218.c | 2 +- drivers/media/tuners/xc4000.c | 2 +- drivers/media/tuners/xc5000.c | 2 +- drivers/media/usb/dvb-usb-v2/af9035.c | 14 +- drivers/media/usb/dvb-usb-v2/anysee.c | 2 +- drivers/media/usb/dvb-usb-v2/az6007.c | 8 + drivers/media/usb/dvb-usb/af9005.c | 5 + drivers/media/usb/dvb-usb/dw2102.c | 24 + drivers/media/usb/dvb-usb/m920x.c | 5 +- drivers/media/usb/go7007/go7007-i2c.c | 2 - drivers/media/usb/siano/smsusb.c | 21 +- drivers/mmc/host/Kconfig | 5 +- drivers/mtd/nand/brcmnand/brcmnand.c | 112 ++- drivers/net/arcnet/arcnet.c | 2 +- drivers/net/can/usb/gs_usb.c | 5 +- drivers/net/ethernet/atheros/alx/ethtool.c | 5 +- drivers/net/ethernet/atheros/atl1c/atl1c_main.c | 7 +- drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c | 9 +- drivers/net/ethernet/intel/igb/igb.h | 4 +- drivers/net/ethernet/intel/igb/igb_main.c | 16 +- drivers/net/ethernet/intel/igbvf/igbvf.h | 4 +- drivers/net/ethernet/intel/ixgbe/ixgbe_ptp.c | 28 +- drivers/net/ethernet/mediatek/mtk_eth_soc.c | 3 + drivers/net/macsec.c | 3 +- drivers/net/usb/qmi_wwan.c | 1 + drivers/net/wireless/ath/ath10k/pci.c | 9 +- drivers/net/wireless/ath/ath9k/ahb.c | 4 +- drivers/net/wireless/ath/ath9k/htc_drv_debug.c | 2 +- drivers/net/wireless/ath/ath9k/pci.c | 4 +- drivers/net/wireless/ath/ath9k/wmi.c | 14 +- drivers/net/wireless/marvell/mwifiex/debugfs.c | 9 +- drivers/net/wireless/marvell/mwifiex/sta_rx.c | 12 +- drivers/net/wireless/marvell/mwifiex/tdls.c | 9 +- drivers/net/wireless/marvell/mwifiex/uap_txrx.c | 30 +- drivers/net/wireless/marvell/mwifiex/util.c | 10 +- drivers/ntb/ntb_transport.c | 19 +- drivers/of/unittest.c | 10 +- drivers/parisc/led.c | 4 +- drivers/pci/hotplug/pciehp_hpc.c | 12 +- drivers/pinctrl/pinctrl-amd.c | 4 +- drivers/pwm/pwm-lpc32xx.c | 16 +- drivers/rpmsg/qcom_glink_native.c | 4 + drivers/rtc/rtc-ds1685.c | 2 +- drivers/s390/block/dasd_3990_erp.c | 2 +- drivers/scsi/be2iscsi/be_iscsi.c | 4 + drivers/scsi/fcoe/fcoe_ctlr.c | 20 +- drivers/scsi/hosts.c | 4 +- drivers/scsi/qedf/qedf_dbg.h | 2 + drivers/scsi/qedf/qedf_debugfs.c | 28 +- drivers/scsi/qedi/qedi_main.c | 5 +- drivers/scsi/qla2xxx/qla_isr.c | 1 - drivers/scsi/qla2xxx/qla_nvme.c | 2 +- drivers/scsi/qla4xxx/ql4_os.c | 15 + drivers/scsi/scsi_transport_iscsi.c | 8 + drivers/spi/spi-tegra20-sflash.c | 6 +- drivers/target/iscsi/iscsi_target_configfs.c | 54 +- drivers/tty/serial/cpm_uart/cpm_uart_core.c | 13 +- drivers/tty/serial/sc16is7xx.c | 11 +- drivers/tty/serial/serial-tegra.c | 6 +- drivers/usb/gadget/function/f_mass_storage.c | 2 +- drivers/usb/gadget/udc/fsl_qe_udc.c | 2 + drivers/usb/phy/phy-mxs-usb.c | 10 +- drivers/usb/serial/option.c | 7 + drivers/video/backlight/bd6107.c | 2 +- drivers/video/backlight/gpio_backlight.c | 2 +- drivers/video/backlight/lv5207lp.c | 2 +- drivers/video/fbdev/ep93xx-fb.c | 1 - drivers/watchdog/intel-mid_wdt.c | 1 + fs/attr.c | 20 +- fs/autofs4/waitq.c | 3 +- fs/btrfs/delayed-inode.c | 19 +- fs/btrfs/extent-tree.c | 5 + fs/cifs/smb2ops.c | 1 + fs/ext2/xattr.c | 4 +- fs/jfs/jfs_dmap.c | 1 + fs/jfs/jfs_extent.c | 5 + fs/jfs/jfs_imap.c | 1 + fs/lockd/mon.c | 3 + fs/namei.c | 2 +- fs/nfs/blocklayout/dev.c | 4 +- fs/nfs/pnfs_dev.c | 2 +- fs/nfsd/blocklayoutxdr.c | 9 + fs/nfsd/flexfilelayoutxdr.c | 9 + fs/nfsd/nfs4proc.c | 4 +- fs/nfsd/nfs4xdr.c | 25 +- fs/nilfs2/alloc.c | 3 +- fs/nilfs2/inode.c | 7 +- fs/nilfs2/segment.c | 5 + fs/nls/nls_base.c | 4 +- fs/ocfs2/namei.c | 4 + fs/proc/base.c | 3 +- fs/pstore/ram_core.c | 2 +- fs/reiserfs/journal.c | 4 +- fs/udf/balloc.c | 31 +- fs/udf/inode.c | 41 +- include/linux/if_arp.h | 4 + include/linux/nls.h | 2 +- include/linux/perf_event.h | 22 +- include/net/lwtunnel.h | 5 +- include/scsi/scsi_host.h | 2 +- include/uapi/linux/sync_file.h | 2 +- kernel/auditsc.c | 2 + kernel/cgroup/namespace.c | 6 - kernel/module.c | 15 +- lib/kobject.c | 5 + lib/mpi/mpi-cmp.c | 8 +- lib/ubsan.c | 24 - lib/ubsan.h | 5 - net/9p/trans_virtio.c | 2 +- net/core/sock.c | 9 +- net/dccp/ipv4.c | 13 +- net/dccp/ipv6.c | 15 +- net/ipv4/igmp.c | 3 +- net/ipv4/ip_output.c | 2 +- net/ipv4/tcp_timer.c | 18 +- net/ipv6/addrconf.c | 2 +- net/ipv6/ip6_output.c | 2 +- net/kcm/kcmsock.c | 15 +- net/netfilter/ipset/ip_set_hash_netportnet.c | 1 + net/netfilter/xt_sctp.c | 2 + net/netfilter/xt_u32.c | 21 + net/netlabel/netlabel_kapi.c | 3 +- net/netrom/af_netrom.c | 5 + net/sched/Kconfig | 28 - net/sched/Makefile | 2 - net/sched/cls_fw.c | 1 - net/sched/cls_rsvp.c | 28 - net/sched/cls_rsvp.h | 779 --------------------- net/sched/cls_rsvp6.c | 28 - net/sched/sch_plug.c | 2 +- net/sched/sch_qfq.c | 22 +- net/sctp/sm_sideeffect.c | 5 +- net/unix/af_unix.c | 2 +- net/unix/scm.c | 6 +- scripts/Makefile.ubsan | 1 - security/keys/keyctl.c | 11 +- security/smack/smackfs.c | 2 +- sound/core/pcm_compat.c | 8 +- sound/core/seq/oss/seq_oss_midi.c | 35 +- sound/pci/ac97/ac97_codec.c | 5 +- sound/soc/codecs/da7219-aad.c | 2 + sound/soc/codecs/es8316.c | 2 +- 296 files changed, 1101 insertions(+), 1500 deletions(-)

1 year, 9 months

5
191
0 0

[PATCH] PM: hibernate: use __get_safe_page() rather than touching the list.

by Brian Geffon

We found at least one situation where the safe pages list was empty and get_buffer() would gladly try to use a NULL pointer. Signed-off-by: Brian Geffon <bgeffon(a)google.com> Fixes: 8357376 ("swsusp: Improve handling of highmem") Cc: stable(a)vger.kernel.org Change-Id: Ibb43a9b4ac5ff2d7e3021fdacc08e116650231e9 --- kernel/power/snapshot.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/kernel/power/snapshot.c b/kernel/power/snapshot.c index 362e6bae5891..2dcb33248518 100644 --- a/kernel/power/snapshot.c +++ b/kernel/power/snapshot.c @@ -2544,8 +2544,9 @@ static void *get_highmem_page_buffer(struct page *page, pbe->copy_page = pfn_to_page(pfn); } else { /* Copy of the page will be stored in normal memory */ - kaddr = safe_pages_list; - safe_pages_list = safe_pages_list->next; + kaddr = __get_safe_page(ca->gfp_mask); + if (!kaddr) + return ERR_PTR(-ENOMEM); pbe->copy_page = virt_to_page(kaddr); } pbe->next = highmem_pblist; @@ -2747,8 +2748,9 @@ static void *get_buffer(struct memory_bitmap *bm, struct chain_allocator *ca) return ERR_PTR(-ENOMEM); } pbe->orig_address = page_address(page); - pbe->address = safe_pages_list; - safe_pages_list = safe_pages_list->next; + pbe->address = __get_safe_page(ca->gfp_mask); + if (!pbe->address) + return ERR_PTR(-ENOMEM); pbe->next = restore_pblist; restore_pblist = pbe; return pbe->address; -- 2.42.0.459.ge4e396fd5e-goog

1 year, 9 months

3
2
0 0

+ mm-make-pr_mdwe_refuse_exec_gain-an-unsigned-long.patch added to mm-unstable branch

by Andrew Morton

The patch titled Subject: mm: make PR_MDWE_REFUSE_EXEC_GAIN an unsigned long has been added to the -mm mm-unstable branch. Its filename is mm-make-pr_mdwe_refuse_exec_gain-an-unsigned-long.patch This patch will shortly appear at https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patche… This patch will later appear in the mm-unstable branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next via the mm-everything branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm and is updated there every 2-3 working days ------------------------------------------------------ From: Florent Revest <revest(a)chromium.org> Subject: mm: make PR_MDWE_REFUSE_EXEC_GAIN an unsigned long Date: Mon, 28 Aug 2023 17:08:56 +0200 Defining a prctl flag as an int is a footgun because on a 64 bit machine and with a variadic implementation of prctl (like in musl and glibc), when used directly as a prctl argument, it can get casted to long with garbage upper bits which would result in unexpected behaviors. This patch changes the constant to an unsigned long to eliminate that possibilities. This does not break UAPI. Link: https://lkml.kernel.org/r/20230828150858.393570-5-revest@chromium.org Fixes: b507808ebce2 ("mm: implement memory-deny-write-execute as a prctl") Signed-off-by: Florent Revest <revest(a)chromium.org> Suggested-by: Alexey Izbyshev <izbyshev(a)ispras.ru> Reviewed-by: David Hildenbrand <david(a)redhat.com> Reviewed-by: Kees Cook <keescook(a)chromium.org> Acked-by: Catalin Marinas <catalin.marinas(a)arm.com> Cc: <stable(a)vger.kernel.org> Cc: Anshuman Khandual <anshuman.khandual(a)arm.com> Cc: Ayush Jain <ayush.jain3(a)amd.com> Cc: Greg Thelen <gthelen(a)google.com> Cc: Joey Gouly <joey.gouly(a)arm.com> Cc: KP Singh <kpsingh(a)kernel.org> Cc: Mark Brown <broonie(a)kernel.org> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Peter Xu <peterx(a)redhat.com> Cc: Ryan Roberts <ryan.roberts(a)arm.com> Cc: Szabolcs Nagy <Szabolcs.Nagy(a)arm.com> Cc: Topi Miettinen <toiwoton(a)gmail.com> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- include/uapi/linux/prctl.h | 2 +- tools/include/uapi/linux/prctl.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) --- a/include/uapi/linux/prctl.h~mm-make-pr_mdwe_refuse_exec_gain-an-unsigned-long +++ a/include/uapi/linux/prctl.h @@ -283,7 +283,7 @@ struct prctl_mm_map { /* Memory deny write / execute */ #define PR_SET_MDWE 65 -# define PR_MDWE_REFUSE_EXEC_GAIN 1 +# define PR_MDWE_REFUSE_EXEC_GAIN (1UL << 0) #define PR_GET_MDWE 66 --- a/tools/include/uapi/linux/prctl.h~mm-make-pr_mdwe_refuse_exec_gain-an-unsigned-long +++ a/tools/include/uapi/linux/prctl.h @@ -283,7 +283,7 @@ struct prctl_mm_map { /* Memory deny write / execute */ #define PR_SET_MDWE 65 -# define PR_MDWE_REFUSE_EXEC_GAIN 1 +# define PR_MDWE_REFUSE_EXEC_GAIN (1UL << 0) #define PR_GET_MDWE 66 _ Patches currently in -mm which might be from revest(a)chromium.org are kselftest-vm-fix-tabs-spaces-inconsistency-in-the-mdwe-test.patch kselftest-vm-fix-mdwes-mmap_fixed-test-case.patch kselftest-vm-check-errnos-in-mdwe_test.patch mm-make-pr_mdwe_refuse_exec_gain-an-unsigned-long.patch mm-add-a-no_inherit-flag-to-the-pr_set_mdwe-prctl.patch kselftest-vm-add-tests-for-no-inherit-memory-deny-write-execute.patch

1 year, 9 months

1
0
0 0

RE:Bags manufacturer 2023/9/228:35:33

by Steven

Hi, We are a professional bags manufacturer from China supplying all types of customized bags. If you're interested, please don't hesitate to contact me. Best regards, Steven There were three heads close together for a space of twenty seconds or so, and then a fearful explosion happened—the unique, tremendous laughter of Mr Colclough, which went off like a charge of melinite and staggered the furniture THE FIGHT IN THE COACH-HOUSE So many shocks, emotions, perils, horrors, added to the wound, his first, had tried his youthful body and sensitive nature too severely

1 year, 9 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror September 2023