Stable team, please backport commit
a306343bcd7d ("drm/i915/edp: Do not do link training fallback or prune modes on EDP")
to v4.13+
Fixes: 9301397a63b3 ("drm/i915: Implement Link Rate fallback on Link training failure")
BR,
Jani.
--
Jani Nikula, Intel Open Source Technology Center
cache_reap() is initially scheduled in start_cpu_timer() via
schedule_delayed_work_on(). But then the next iterations are scheduled via
schedule_delayed_work(), i.e. using WORK_CPU_UNBOUND.
Thus since commit ef557180447f ("workqueue: schedule WORK_CPU_UNBOUND work on
wq_unbound_cpumask CPUs") there is no guarantee the future iterations will run
on the originally intended cpu, although it's still preferred. I was able to
demonstrate this with /sys/module/workqueue/parameters/debug_force_rr_cpu.
IIUC, it may also happen due to migrating timers in nohz context. As a result,
some cpu's would be calling cache_reap() more frequently and others never.
This patch uses schedule_delayed_work_on() with the current cpu when scheduling
the next iteration.
Signed-off-by: Vlastimil Babka <vbabka(a)suse.cz>
Fixes: ef557180447f ("workqueue: schedule WORK_CPU_UNBOUND work on wq_unbound_cpumask CPUs")
CC: <stable(a)vger.kernel.org>
Cc: Joonsoo Kim <iamjoonsoo.kim(a)lge.com>
Cc: David Rientjes <rientjes(a)google.com>
Cc: Pekka Enberg <penberg(a)kernel.org>
Cc: Christoph Lameter <cl(a)linux.com>
Cc: Tejun Heo <tj(a)kernel.org>
Cc: Lai Jiangshan <jiangshanlai(a)gmail.com>
Cc: John Stultz <john.stultz(a)linaro.org>
Cc: Thomas Gleixner <tglx(a)linutronix.de>
Cc: Stephen Boyd <sboyd(a)kernel.org>
---
mm/slab.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/mm/slab.c b/mm/slab.c
index 9095c3945425..a76006aae857 100644
--- a/mm/slab.c
+++ b/mm/slab.c
@@ -4074,7 +4074,8 @@ static void cache_reap(struct work_struct *w)
next_reap_node();
out:
/* Set up the next iteration */
- schedule_delayed_work(work, round_jiffies_relative(REAPTIMEOUT_AC));
+ schedule_delayed_work_on(smp_processor_id(), work,
+ round_jiffies_relative(REAPTIMEOUT_AC));
}
void get_slabinfo(struct kmem_cache *cachep, struct slabinfo *sinfo)
--
2.16.3
From: Takashi Iwai <tiwai(a)suse.de>
[ Upstream commit d7f910bfedd863d13ea320030fe98e42d0938ed5 ]
For accessing the snd_timer_user queue indices, we take tu->qlock.
But it's forgotten in a couple of places.
The one in snd_timer_user_params() should be safe without the
spinlock as the timer is already stopped. But it's better for
consistency.
The one in poll is just a read-out, so it's not inevitably needed, but
it'd be good to make the result consistent, too.
Tested-by: Alexander Potapenko <glider(a)google.com>
Signed-off-by: Takashi Iwai <tiwai(a)suse.de>
Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com>
---
sound/core/timer.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/sound/core/timer.c b/sound/core/timer.c
index e5ddc475dca4..bbde1bcdd985 100644
--- a/sound/core/timer.c
+++ b/sound/core/timer.c
@@ -1773,6 +1773,7 @@ static int snd_timer_user_params(struct file *file,
}
}
}
+ spin_lock_irq(&tu->qlock);
tu->qhead = tu->qtail = tu->qused = 0;
if (tu->timeri->flags & SNDRV_TIMER_IFLG_EARLY_EVENT) {
if (tu->tread) {
@@ -1793,6 +1794,7 @@ static int snd_timer_user_params(struct file *file,
}
tu->filter = params.filter;
tu->ticks = params.ticks;
+ spin_unlock_irq(&tu->qlock);
err = 0;
_end:
if (copy_to_user(_params, ¶ms, sizeof(params)))
@@ -2034,10 +2036,12 @@ static unsigned int snd_timer_user_poll(struct file *file, poll_table * wait)
poll_wait(file, &tu->qchange_sleep, wait);
mask = 0;
+ spin_lock_irq(&tu->qlock);
if (tu->qused)
mask |= POLLIN | POLLRDNORM;
if (tu->disconnected)
mask |= POLLERR;
+ spin_unlock_irq(&tu->qlock);
return mask;
}
--
2.15.1
The patch titled
Subject: resource: fix integer overflow at reallocation
has been removed from the -mm tree. Its filename was
resource-fix-integer-overflow-at-reallocation.patch
This patch was dropped because an alternative patch was merged
------------------------------------------------------
From: Takashi Iwai <tiwai(a)suse.de>
Subject: resource: fix integer overflow at reallocation
We've got a bug report indicating a kernel panic at booting on an x86-32
system, and it turned out to be the invalid resource assigned after PCI
resource reallocation. __find_resource() first aligns the resource start
address and resets the end address with start+size-1 accordingly, then
checks whether it's contained. Here the end address may overflow the
integer, although resource_contains() still returns true because the
function validates only start and end address. So this ends up with
returning an invalid resource (start > end).
There was already an attempt to cover such a problem in the commit
47ea91b4052d ("Resource: fix wrong resource window calculation"), but this
case is an overseen one.
This patch adds the validity check in resource_contains() to see whether
the given resource has a valid range for avoiding the integer overflow
problem.
Bugzilla: http://bugzilla.opensuse.org/show_bug.cgi?id=1086739
Link: http://lkml.kernel.org/r/20180408072026.27365-1-tiwai@suse.de
Fixes: 23c570a67448 ("resource: ability to resize an allocated resource")
Signed-off-by: Takashi Iwai <tiwai(a)suse.de>
Reported-by: Michael Henders <hendersm(a)shaw.ca>
Tested-by: Michael Henders <hendersm(a)shaw.ca>
Reviewed-by: Ram Pai <linuxram(a)us.ibm.com>
Cc: Bjorn Helgaas <bhelgaas(a)google.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
include/linux/ioport.h | 3 +++
1 file changed, 3 insertions(+)
diff -puN include/linux/ioport.h~resource-fix-integer-overflow-at-reallocation include/linux/ioport.h
--- a/include/linux/ioport.h~resource-fix-integer-overflow-at-reallocation
+++ a/include/linux/ioport.h
@@ -212,6 +212,9 @@ static inline bool resource_contains(str
return false;
if (r1->flags & IORESOURCE_UNSET || r2->flags & IORESOURCE_UNSET)
return false;
+ /* sanity check whether it's a valid resource range */
+ if (r2->end < r2->start)
+ return false;
return r1->start <= r2->start && r1->end >= r2->end;
}
_
Patches currently in -mm which might be from tiwai(a)suse.de are
resource-fix-integer-overflow-at-reallocation-v1.patch
The patch titled
Subject: rapidio: fix rio_dma_transfer error handling
has been added to the -mm tree. Its filename is
rapidio-fix-rio_dma_transfer-error-handling.patch
This patch should soon appear at
http://ozlabs.org/~akpm/mmots/broken-out/rapidio-fix-rio_dma_transfer-error…
and later at
http://ozlabs.org/~akpm/mmotm/broken-out/rapidio-fix-rio_dma_transfer-error…
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next and is updated
there every 3-4 working days
------------------------------------------------------
From: Ioan Nicu <ioan.nicu.ext(a)nokia.com>
Subject: rapidio: fix rio_dma_transfer error handling
Some of the mport_dma_req structure members were initialized late
inside the do_dma_request() function, just before submitting the
request to the dma engine. But we have some error branches before
that. In case of such an error, the code would return on the error
path and trigger the calling of dma_req_free() with a req structure
which is not completely initialized. This causes a NULL pointer
dereference in dma_req_free().
This patch fixes these error branches by making sure that all
necessary mport_dma_req structure members are initialized in
rio_dma_transfer() immediately after the request structure gets
allocated.
Link: http://lkml.kernel.org/r/20180412150605.GA31409@nokia.com
Signed-off-by: Ioan Nicu <ioan.nicu.ext(a)nokia.com>
Tested-by: Alexander Sverdlin <alexander.sverdlin(a)nokia.com>
Acked-by: Alexandre Bounine <alex.bou9(a)gmail.com>
Cc: Barry Wood <barry.wood(a)idt.com>
Cc: Matt Porter <mporter(a)kernel.crashing.org>
Cc: Christophe JAILLET <christophe.jaillet(a)wanadoo.fr>
Cc: Logan Gunthorpe <logang(a)deltatee.com>
Cc: Chris Wilson <chris(a)chris-wilson.co.uk>
Cc: Tvrtko Ursulin <tvrtko.ursulin(a)intel.com>
Cc: Frank Kunz <frank.kunz(a)nokia.com>
Cc: <stable(a)vger.kernel.org>
Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org>
---
drivers/rapidio/devices/rio_mport_cdev.c | 19 +++++++++----------
1 file changed, 9 insertions(+), 10 deletions(-)
diff -puN drivers/rapidio/devices/rio_mport_cdev.c~rapidio-fix-rio_dma_transfer-error-handling drivers/rapidio/devices/rio_mport_cdev.c
--- a/drivers/rapidio/devices/rio_mport_cdev.c~rapidio-fix-rio_dma_transfer-error-handling
+++ a/drivers/rapidio/devices/rio_mport_cdev.c
@@ -740,10 +740,7 @@ static int do_dma_request(struct mport_d
tx->callback = dma_xfer_callback;
tx->callback_param = req;
- req->dmach = chan;
- req->sync = sync;
req->status = DMA_IN_PROGRESS;
- init_completion(&req->req_comp);
kref_get(&req->refcount);
cookie = dmaengine_submit(tx);
@@ -831,13 +828,20 @@ rio_dma_transfer(struct file *filp, u32
if (!req)
return -ENOMEM;
- kref_init(&req->refcount);
-
ret = get_dma_channel(priv);
if (ret) {
kfree(req);
return ret;
}
+ chan = priv->dmach;
+
+ kref_init(&req->refcount);
+ init_completion(&req->req_comp);
+ req->dir = dir;
+ req->filp = filp;
+ req->priv = priv;
+ req->dmach = chan;
+ req->sync = sync;
/*
* If parameter loc_addr != NULL, we are transferring data from/to
@@ -925,11 +929,6 @@ rio_dma_transfer(struct file *filp, u32
xfer->offset, xfer->length);
}
- req->dir = dir;
- req->filp = filp;
- req->priv = priv;
- chan = priv->dmach;
-
nents = dma_map_sg(chan->device->dev,
req->sgt.sgl, req->sgt.nents, dir);
if (nents == 0) {
_
Patches currently in -mm which might be from ioan.nicu.ext(a)nokia.com are
rapidio-fix-rio_dma_transfer-error-handling.patch
Hi,
Hope all is well!
We are a database organization. We provide business executives' contact
information.
Below, I've included a few examples:
Industry-Specific Lists: Agriculture, Business Services, Chambers of
Commerce, Cities, Towns & Municipalities, Construction, Consumer Services,
Cultural, Education, Energy, Utilities & Waste Treatment, Finance,
Government, Healthcare, Hospitality, Insurance, Law Firms & Legal Services,
Manufacturing, Media & Internet, Metals & Mining, Organizations, Real
Estate, Retail, Software, Telecommunications, Transportation, and more!
Technology-Specific Lists: SAP users, PeopleSoft users, SIEBEL customers,
Oracle Application customers, Microsoft Dynamic users, Sales force users,
Microsoft Exchange users, QuickBooks, Lawson users, Act users, JD Edward
users, ASP users, Microsoft GP Applications users, Net Suite users, IBM
DBMS Application users, McAfee users, MS Dynamics GP (Great Plains), and
many more.
Title-Specific Lists: C-level executives: CEO, CFO, CIO, CTO, CMO, CISO,
CSO, COO Key decision-makers: All C-level, VP-level, and Director-level
executives HR Executives: VP of HR, HR Director & HR Manager, etc.
Marketing Executives: CMO, VP of Marketing, Director of Marketing,
Marketing Managers IT Executives: CIO, CTO, CISO, IT-VP, IT-Director, IT
Manager, MIS Manager, etc.
Please keep me informed for any additional details. I look forward to
hearing from you.
Regards,
Joann Kaur
Marketing Executive
This is the start of the stable review cycle for the 3.18.105 release.
There are 121 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Fri Apr 13 18:34:28 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v3.x/stable-review/patch-3.18.105-r…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-3.18.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 3.18.105-rc1
Paolo Abeni <pabeni(a)redhat.com>
ipv6: the entire IPv6 header chain must fit the first fragment
Craig Dillabaugh <cdillaba(a)mojatatu.com>
net sched actions: fix dumping which requires several messages to user space
Heiner Kallweit <hkallweit1(a)gmail.com>
r8169: fix setting driver_data after register_netdev
Eric Dumazet <edumazet(a)google.com>
ip6_tunnel: better validate user provided tunnel names
Eric Dumazet <edumazet(a)google.com>
vti6: better validate user provided tunnel names
Eric Dumazet <edumazet(a)google.com>
ip6_gre: better validate user provided tunnel names
Eric Dumazet <edumazet(a)google.com>
ipv6: sit: better validate user provided tunnel names
Eric Dumazet <edumazet(a)google.com>
ip_tunnel: better validate user provided tunnel names
Eric Dumazet <edumazet(a)google.com>
net: fool proof dev_valid_name()
Xin Long <lucien.xin(a)gmail.com>
bonding: process the err returned by dev_set_allmulti properly in bond_enslave
Xin Long <lucien.xin(a)gmail.com>
bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave
Xin Long <lucien.xin(a)gmail.com>
bonding: fix the err path for dev hwaddr sync in bond_enslave
Jason Wang <jasowang(a)redhat.com>
vhost: correctly remove wait queue during poll failure
Kai-Heng Feng <kai.heng.feng(a)canonical.com>
sky2: Increase D3 delay to sky2 stops working after suspend
Eric Dumazet <edumazet(a)google.com>
sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
Eric Dumazet <edumazet(a)google.com>
sctp: do not leak kernel memory to user space
Eric Dumazet <edumazet(a)google.com>
pptp: remove a buggy dst release in pptp_connect()
Alexander Potapenko <glider(a)google.com>
netlink: make sure nladdr has correct size in netlink_connect()
Eric Dumazet <edumazet(a)google.com>
net: fix possible out-of-bound read in skb_network_protocol()
Mel Gorman <mgorman(a)suse.de>
futex: Remove requirement for lock_page() in get_futex_key()
Theodore Ts'o <tytso(a)mit.edu>
random: use lockless method of accessing and updating f->reg_idx
Nathan Chancellor <natechancellor(a)gmail.com>
virtio_net: check return value of skb_to_sgvec in one more location
Jason A. Donenfeld <Jason(a)zx2c4.com>
virtio_net: check return value of skb_to_sgvec always
Jason A. Donenfeld <Jason(a)zx2c4.com>
rxrpc: check return value of skb_to_sgvec always
Jason A. Donenfeld <Jason(a)zx2c4.com>
ipsec: check return value of skb_to_sgvec always
Christophe JAILLET <christophe.jaillet(a)wanadoo.fr>
EDAC, mv64x60: Fix an error handling path
Tony Lindgren <tony(a)atomide.com>
tty: n_gsm: Allow ADM response in addition to UA for control dlci
chenxiang <chenxiang66(a)hisilicon.com>
scsi: libsas: initialize sas_phy status according to response of DISCOVER
Jason Yan <yanaijie(a)huawei.com>
scsi: libsas: fix error when getting phy events
Jason Yan <yanaijie(a)huawei.com>
scsi: libsas: fix memory leak in sas_smp_get_phy_events()
Tang Junhui <tang.junhui(a)zte.com.cn>
bcache: segregate flash only volume write streams
Tang Junhui <tang.junhui(a)zte.com.cn>
bcache: stop writeback thread after detaching
Roopa Prabhu <roopa(a)cumulusnetworks.com>
vxlan: dont migrate permanent fdb entries during learn
Bob Moore <robert.moore(a)intel.com>
ACPICA: Disassembler: Abort on an invalid/unknown AML opcode
Lv Zheng <lv.zheng(a)intel.com>
ACPICA: Events: Add runtime stub support for event APIs
Marcel Holtmann <marcel(a)holtmann.org>
Bluetooth: Send HCI Set Event Mask Page 2 command only when needed
Lorenzo Bianconi <lorenzo.bianconi83(a)gmail.com>
iio: magnetometer: st_magn_spi: fix spi_device_id table
Jag Raman <jag.raman(a)oracle.com>
sparc64: ldc abort during vds iso boot
Xin Long <lucien.xin(a)gmail.com>
sctp: fix recursive locking warning in sctp_do_peeloff
Mintz, Yuval <Yuval.Mintz(a)cavium.com>
bnx2x: Allow vfs to disable txvlan offload
Arnd Bergmann <arnd(a)arndb.de>
xen: avoid type warning in xchg_xen_ulong
Namhyung Kim <namhyung(a)kernel.org>
perf tests: Decompress kernel module before objdump
Christian Lamparter <chunkeey(a)googlemail.com>
net: emac: fix reset timeout with AR8035 phy
Marcin Nowakowski <marcin.nowakowski(a)imgtec.com>
MIPS: kprobes: flush_insn_slot should flush only if probe initialised
Marcin Nowakowski <marcin.nowakowski(a)imgtec.com>
MIPS: mm: fixed mappings: correct initialisation
Peter Zijlstra <peterz(a)infradead.org>
perf/core: Correct event creation with PERF_FORMAT_GROUP
Chris Wilson <chris(a)chris-wilson.co.uk>
e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails
Russell King <rmk+kernel(a)armlinux.org.uk>
net: phy: avoid genphy_aneg_done() for PHYs without clause 22 support
A Sun <as1033x(a)comcast.net>
mceusb: sporadic RX truncation corruption fix
Pan Bian <bianpan2016(a)163.com>
cx25840: fix unchecked return values
Jacob Keller <jacob.e.keller(a)intel.com>
e1000e: fix race condition around skb_tstamp_tx()
Robert Jarzmik <robert.jarzmik(a)free.fr>
tags: honor COMPILED_SOURCE with apart output directory
Milian Wolff <milian.wolff(a)kdab.com>
perf report: Ensure the perf DSO mapping matches what libdw sees
Talat Batheesh <talatb(a)mellanox.com>
net/mlx4: Fix the check in attaching steering rules
Jason A. Donenfeld <Jason(a)zx2c4.com>
skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow
Dmitry Monakhov <dmonakhov(a)openvz.org>
bio-integrity: Do not allocate integrity context for bio w/o data
Thomas Bogendoerfer <tsbogend(a)alpha.franken.de>
Fix serial console on SNI RM400 machines
Tomi Valkeinen <tomi.valkeinen(a)ti.com>
drm/omap: fix tiled buffer stride calculations
Jia-Ju Bai <baijiaju1990(a)163.com>
mISDN: Fix a sleep-in-atomic bug
Jia-Ju Bai <baijiaju1990(a)163.com>
qlcnic: Fix a sleep-in-atomic bug in qlcnic_82xx_hw_write_wx_2M and qlcnic_82xx_hw_read_wx_2M
Jiri Olsa <jolsa(a)kernel.org>
perf trace: Add mmap alias for s390
Michael Ellerman <mpe(a)ellerman.id.au>
powerpc/spufs: Fix coredump of SPU contexts
Roman Pen <roman.penyaev(a)profitbricks.com>
KVM: SVM: do not zero out segment attributes if segment is unusable or not present
Gustavo A. R. Silva <garsilva(a)embeddedor.com>
net: freescale: fix potential null pointer dereference
Vaibhav Jain <vaibhav(a)linux.vnet.ibm.com>
rtc: interface: Validate alarm-time before handling rollover
Will Deacon <will.deacon(a)arm.com>
arm64: futex: Fix undefined behaviour with FUTEX_OP_OPARG_SHIFT usage
Ivan Mikhaylov <ivan(a)de.ibm.com>
powerpc/[booke|4xx]: Don't clobber TCR[WP] when setting TCR[DIE]
Miklos Szeredi <mszeredi(a)redhat.com>
ovl: filter trusted xattr for non-admin
Firo Yang <firogm(a)gmail.com>
hdlcdrv: Fix divide by zero in hdlcdrv_ioctl
Colin Ian King <colin.king(a)canonical.com>
wl1251: check return from call to wl1251_acx_arp_ip_filter
Pieter \"PoroCYon\" Sluys <pcy(a)national.shitposting.agency>
vfb: fix video mode and line_length being set when loaded
Rafael David Tinoco <rafael.tinoco(a)canonical.com>
scsi: libiscsi: Allow sd_shutdown on bad transport
Hangbin Liu <liuhangbin(a)gmail.com>
l2tp: fix missing print session offset info
linzhang <xiaolou4617(a)gmail.com>
net: llc: add lock_sock in llc_ui_bind to avoid a race condition
Jan H. Schönherr <jschoenh(a)amazon.de>
KVM: nVMX: Fix handling of lmsw instruction
Nithin Sujir <nsujir(a)tintri.com>
bonding: Don't update slave->link until ready to commit
Roman Kapl <roman.kapl(a)sysgo.com>
net: move somaxconn init from sysctl code
Eryu Guan <eguan(a)redhat.com>
ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff()
Michael Schmitz <schmitzmic(a)gmail.com>
fix race in drivers/char/random.c:get_reg()
Maurizio Lombardi <mlombard(a)redhat.com>
scsi: bnx2fc: fix race condition in bnx2fc_get_host_stats()
Liping Zhang <zlpnobody(a)gmail.com>
netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
Dan Carpenter <dan.carpenter(a)oracle.com>
libceph: NULL deref on crush_decode() error path
Dan Carpenter <dan.carpenter(a)oracle.com>
block: fix an error code in add_partition()
Tin Huynh <tnhuynh(a)apm.com>
leds: pca955x: Correct I2C Functionality
Kees Cook <keescook(a)chromium.org>
ray_cs: Avoid reading past end of buffer
Suman Anna <s-anna(a)ti.com>
ARM: davinci: da8xx: Create DSP device only when assigned memory
Antony Antony <antony(a)phenome.org>
xfrm: fix state migration copy replay sequence numbers
Michael Ellerman <mpe(a)ellerman.id.au>
selftests/powerpc: Fix TM resched DSCR test with some compilers
Colin Ian King <colin.king(a)canonical.com>
ath5k: fix memory leak on buf on failed eeprom read
Geert Uytterhoeven <geert+renesas(a)glider.be>
sh_eth: Use platform device for printing before register_netdev()
Alan Stern <stern(a)rowland.harvard.edu>
USB: ene_usb6250: fix SCSI residue overwriting
linzhang <xiaolou4617(a)gmail.com>
net: x25: fix one potential use-after-free issue
Alan Stern <stern(a)rowland.harvard.edu>
USB: ene_usb6250: fix first command execution
Jisheng Zhang <jszhang(a)marvell.com>
usb: chipidea: properly handle host or gadget initialization failure
Ihar Hrachyshka <ihrachys(a)redhat.com>
neighbour: update neigh timestamps iff update is effective
Thomas Petazzoni <thomas.petazzoni(a)free-electrons.com>
ata: libahci: properly propagate return value of platform_get_irq()
Colin Ian King <colin.king(a)canonical.com>
btrfs: fix incorrect error return ret being passed to mapping_set_error
Pan Bian <bianpan2016(a)163.com>
usb: dwc3: keystone: check return value
Anup Patel <anup.patel(a)broadcom.com>
async_tx: Fix DMA_PREP_FENCE usage in do_async_gen_syndrome()
Mahesh Bandewar <maheshb(a)google.com>
ipv6: avoid dad-failures for addresses with NODAD
Fabio Estevam <fabio.estevam(a)nxp.com>
ARM: dts: imx6qdl-wandboard: Fix audio channel swap
Peter Zijlstra <peterz(a)infradead.org>
x86/tsc: Provide 'tsc=unstable' boot parameter
Andrea della Porta <sfaragnaus(a)gmail.com>
staging: wlan-ng: prism2mgmt.c: fixed a double endian conversion before calling hfa384x_drvr_setconfig16, also fixes relative sparse warning
Dan Carpenter <dan.carpenter(a)oracle.com>
PowerCap: Fix an error code in powercap_register_zone()
Christophe JAILLET <christophe.jaillet(a)wanadoo.fr>
SMB2: Fix share type handling
Neil Horman <nhorman(a)tuxdriver.com>
vmxnet3: ensure that adapter is in proper state during force_close
Paul Mackerras <paulus(a)ozlabs.org>
KVM: PPC: Book3S PR: Check copy_to/from_user return values
Colin Ian King <colin.king(a)canonical.com>
netxen_nic: set rcode to the return status from the call to netxen_issue_cmd
Stefan Wahren <stefan.wahren(a)i2se.com>
net: qca_spi: Fix alignment issues in rx path
Rabin Vincent <rabinv(a)axis.com>
CIFS: silence lockdep splat in cifs_relock_file()
Talat Batheesh <talatb(a)mellanox.com>
net/mlx4_en: Avoid adding steering rules with invalid ring
Heiko Carstens <heiko.carstens(a)de.ibm.com>
s390: move _text symbol to address higher than zero
Kirill Tkhai <ktkhai(a)virtuozzo.com>
pidns: disable pid allocation if pid_ns_prepare_proc() is failed in alloc_pid()
J. Bruce Fields <bfields(a)redhat.com>
lockd: fix lockd shutdown race
Grygorii Strashko <grygorii.strashko(a)ti.com>
net: ethernet: ti: cpsw: adjust cpsw fifos depth for fullduplex flow control
Kees Cook <keescook(a)chromium.org>
qlge: Avoid reading past end of buffer
Kees Cook <keescook(a)chromium.org>
bna: Avoid reading past end of buffer
Luca Coelho <luciano.coelho(a)intel.com>
mac80211: bail out from prep_connection() if a reconfig is ongoing
Steffen Klassert <steffen.klassert(a)secunet.com>
af_key: Fix slab-out-of-bounds in pfkey_compile_policy.
Bart Van Assche <bart.vanassche(a)sandisk.com>
IB/srpt: Fix abort handling
Trond Myklebust <trond.myklebust(a)primarydata.com>
NFSv4.1: RECLAIM_COMPLETE must handle NFS4ERR_CONN_NOT_BOUND_TO_SESSION
-------------
Diffstat:
Makefile | 4 +-
arch/arm/boot/dts/imx6qdl-wandboard.dtsi | 1 +
arch/arm/include/asm/xen/events.h | 2 +-
arch/arm/mach-davinci/devices-da8xx.c | 10 +++
arch/arm64/include/asm/futex.h | 8 +-
arch/mips/include/asm/kprobes.h | 3 +-
arch/mips/mm/pgtable-32.c | 6 +-
arch/powerpc/kernel/time.c | 14 +++-
arch/powerpc/kvm/book3s_pr_papr.c | 34 ++++++--
arch/powerpc/platforms/cell/spufs/coredump.c | 2 +
arch/s390/kernel/vmlinux.lds.S | 8 +-
arch/sparc/kernel/ldc.c | 7 +-
arch/x86/kernel/tsc.c | 2 +
arch/x86/kvm/svm.c | 24 +++---
arch/x86/kvm/vmx.c | 7 +-
block/bio-integrity.c | 3 +
block/partition-generic.c | 4 +-
crypto/async_tx/async_pq.c | 5 +-
drivers/acpi/acpica/evxfevnt.c | 18 ++++
drivers/acpi/acpica/psobject.c | 14 ++++
drivers/ata/libahci_platform.c | 5 +-
drivers/char/random.c | 10 ++-
drivers/edac/mv64x60_edac.c | 2 +-
drivers/gpu/drm/omapdrm/omap_gem.c | 4 +-
drivers/iio/magnetometer/st_magn_spi.c | 2 -
drivers/infiniband/ulp/srpt/ib_srpt.c | 6 +-
drivers/isdn/mISDN/stack.c | 2 +-
drivers/leds/leds-pca955x.c | 2 +-
drivers/md/bcache/alloc.c | 19 +++--
drivers/md/bcache/super.c | 6 ++
drivers/media/i2c/cx25840/cx25840-core.c | 36 ++++----
drivers/media/rc/mceusb.c | 9 +-
drivers/net/bonding/bond_main.c | 84 ++++++++++---------
drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c | 19 ++++-
drivers/net/ethernet/brocade/bna/bfa_ioc.c | 2 +-
drivers/net/ethernet/freescale/fsl_pq_mdio.c | 9 +-
drivers/net/ethernet/ibm/emac/core.c | 26 +++++-
drivers/net/ethernet/intel/e1000e/netdev.c | 17 +++-
drivers/net/ethernet/marvell/sky2.c | 2 +-
drivers/net/ethernet/mellanox/mlx4/mcg.c | 15 +++-
drivers/net/ethernet/mellanox/mlx4/qp.c | 13 +++
.../net/ethernet/qlogic/netxen/netxen_nic_ctx.c | 2 +-
drivers/net/ethernet/qlogic/qlcnic/qlcnic_hw.c | 2 +-
drivers/net/ethernet/qlogic/qlge/qlge_dbg.c | 4 +-
drivers/net/ethernet/qualcomm/qca_spi.c | 10 ++-
drivers/net/ethernet/realtek/r8169.c | 4 +-
drivers/net/ethernet/renesas/sh_eth.c | 2 +-
drivers/net/ethernet/ti/cpsw.c | 16 ++++
drivers/net/hamradio/hdlcdrv.c | 2 +
drivers/net/phy/phy.c | 6 ++
drivers/net/ppp/pptp.c | 1 -
drivers/net/virtio_net.c | 16 +++-
drivers/net/vmxnet3/vmxnet3_drv.c | 5 ++
drivers/net/vxlan.c | 2 +-
drivers/net/wireless/ath/ath5k/debug.c | 5 +-
drivers/net/wireless/ray_cs.c | 7 +-
drivers/net/wireless/ti/wl1251/main.c | 3 +-
drivers/powercap/powercap_sys.c | 1 +
drivers/rtc/interface.c | 9 +-
drivers/scsi/bnx2fc/bnx2fc.h | 1 +
drivers/scsi/bnx2fc/bnx2fc_fcoe.c | 10 ++-
drivers/scsi/libiscsi.c | 24 +++++-
drivers/scsi/libsas/sas_expander.c | 4 +-
drivers/staging/wlan-ng/prism2mgmt.c | 2 +-
drivers/tty/n_gsm.c | 17 +++-
drivers/tty/serial/sccnxp.c | 15 ++--
drivers/usb/chipidea/core.c | 29 +++++--
drivers/usb/dwc3/dwc3-keystone.c | 4 +
drivers/usb/storage/ene_ub6250.c | 11 ++-
drivers/vhost/vhost.c | 3 +-
drivers/video/fbdev/vfb.c | 17 ++++
fs/btrfs/extent_io.c | 2 +-
fs/cifs/file.c | 2 +-
fs/cifs/smb2pdu.c | 14 ++--
fs/ext4/file.c | 2 +-
fs/lockd/svc.c | 6 +-
fs/nfs/nfs4proc.c | 7 +-
fs/nfs/nfs4state.c | 10 ++-
fs/overlayfs/inode.c | 12 ++-
include/linux/mlx4/qp.h | 1 +
include/linux/skbuff.h | 8 +-
include/net/x25.h | 4 +-
kernel/events/core.c | 15 ++--
kernel/futex.c | 98 ++++++++++++++++++++--
kernel/pid.c | 4 +-
net/bluetooth/hci_core.c | 17 +++-
net/ceph/osdmap.c | 1 +
net/core/dev.c | 4 +-
net/core/neighbour.c | 14 +++-
net/core/net_namespace.c | 19 +++++
net/core/skbuff.c | 65 +++++++++-----
net/core/sysctl_net_core.c | 2 -
net/ipv4/ah4.c | 8 +-
net/ipv4/esp4.c | 12 ++-
net/ipv4/ip_tunnel.c | 11 +--
net/ipv6/addrconf.c | 5 +-
net/ipv6/ah6.c | 8 +-
net/ipv6/esp6.c | 12 ++-
net/ipv6/ip6_gre.c | 8 +-
net/ipv6/ip6_output.c | 13 ++-
net/ipv6/ip6_tunnel.c | 7 +-
net/ipv6/ip6_vti.c | 7 +-
net/ipv6/sit.c | 8 +-
net/key/af_key.c | 2 +-
net/l2tp/l2tp_netlink.c | 2 +
net/llc/af_llc.c | 3 +
net/mac80211/mlme.c | 4 +
net/netfilter/nf_conntrack_netlink.c | 7 +-
net/netlink/af_netlink.c | 3 +
net/rxrpc/rxkad.c | 21 +++--
net/sched/act_api.c | 4 +-
net/sctp/ipv6.c | 4 +-
net/sctp/socket.c | 17 ++--
net/x25/af_x25.c | 24 ++++--
net/x25/sysctl_net_x25.c | 5 +-
net/xfrm/xfrm_state.c | 2 +
scripts/tags.sh | 1 +
tools/perf/builtin-trace.c | 4 +
tools/perf/tests/code-reading.c | 20 ++++-
tools/perf/util/unwind-libdw.c | 8 ++
.../testing/selftests/powerpc/tm/tm-resched-dscr.c | 2 +-
121 files changed, 925 insertions(+), 314 deletions(-)
Hi,
[This is an automated email]
This commit has been processed because it contains a "Fixes:" tag,
fixing commit: c71bf099abdd Btrfs: Avoid orphan inodes cleanup while replaying log.
The bot has also determined it's probably a bug fixing patch. (score: 6.2138)
The bot has tested the following trees: v4.16.1, v4.15.16, v4.14.33, v4.9.93, v4.4.127.
v4.16.1: Build OK!
v4.15.16: Build OK!
v4.14.33: Build OK!
v4.9.93: Build failed! Errors:
tree-log.c:2367:24: error: ‘struct btrfs_fs_info’ has no member named ‘sectorsize’
tree-log.c:2367:24: error: ‘struct btrfs_fs_info’ has no member named ‘sectorsize’
tree-log.c:4224:13: error: ‘struct inode’ has no member named ‘flags’; did you mean ‘i_flags’?
tree-log.c:4229:38: error: ‘struct inode’ has no member named ‘vfs_inode’
tree-log.c:4239:4: error: implicit declaration of function ‘refcount_inc’; did you mean ‘i_readcount_inc’? [-Werror=implicit-function-declaration]
v4.4.127: Failed to apply! Possible dependencies:
0132761017e0 ("btrfs: fix string and comment grammatical issues and typos")
--
Thanks,
Sasha
The patch
ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
has been applied to the asoc tree at
https://git.kernel.org/pub/scm/linux/kernel/git/broonie/sound.git
All being well this means that it will be integrated into the linux-next
tree (usually sometime in the next 24 hours) and sent to Linus during
the next merge window (or sooner if it is a bug fix), however if
problems are discovered then the patch may be dropped or reverted.
You may get further e-mails resulting from automated or manual testing
and review of the tree, please engage with people reporting problems and
send followup patches addressing any issues that are reported if needed.
If any updates are required or you are submitting further changes they
should be sent as incremental updates against current git, existing
patches will not be replaced.
Please add any relevant lists and maintainers to the CCs when replying
to this mail.
Thanks,
Mark
>From c656941df9bc80f7ec65b92ca73c42f8b0b62628 Mon Sep 17 00:00:00 2001
From: Nicolin Chen <nicoleotsuka(a)gmail.com>
Date: Sun, 8 Apr 2018 16:57:35 -0700
Subject: [PATCH] ASoC: fsl_esai: Fix divisor calculation failure at lower
ratio
When the desired ratio is less than 256, the savesub (tolerance)
in the calculation would become 0. This will then fail the loop-
search immediately without reporting any errors.
But if the ratio is smaller enough, there is no need to calculate
the tolerance because PM divisor alone is enough to get the ratio.
So a simple fix could be just to set PM directly instead of going
into the loop-search.
Reported-by: Marek Vasut <marex(a)denx.de>
Signed-off-by: Nicolin Chen <nicoleotsuka(a)gmail.com>
Tested-by: Marek Vasut <marex(a)denx.de>
Reviewed-by: Fabio Estevam <fabio.estevam(a)nxp.com>
Signed-off-by: Mark Brown <broonie(a)kernel.org>
Cc: stable(a)vger.kernel.org
---
sound/soc/fsl/fsl_esai.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/sound/soc/fsl/fsl_esai.c b/sound/soc/fsl/fsl_esai.c
index 40a700493f4c..da8fd98c7f51 100644
--- a/sound/soc/fsl/fsl_esai.c
+++ b/sound/soc/fsl/fsl_esai.c
@@ -144,6 +144,13 @@ static int fsl_esai_divisor_cal(struct snd_soc_dai *dai, bool tx, u32 ratio,
psr = ratio <= 256 * maxfp ? ESAI_xCCR_xPSR_BYPASS : ESAI_xCCR_xPSR_DIV8;
+ /* Do not loop-search if PM (1 ~ 256) alone can serve the ratio */
+ if (ratio <= 256) {
+ pm = ratio;
+ fp = 1;
+ goto out;
+ }
+
/* Set the max fluctuation -- 0.1% of the max devisor */
savesub = (psr ? 1 : 8) * 256 * maxfp / 1000;
--
2.17.0
Hi,
Did you get a chance to review my below email? Kindly let me know your
requirements and I will get back with detailed information on the same.
Warm Regards,
Annette Ryan
I'm announcing the release of the 4.16.2 kernel.
All users of the 4.16 kernel series must upgrade.
The updated 4.16.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.16.y
and can be browsed at the normal kernel.org git web browser:
http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
thanks,
greg k-h
------------
Makefile | 2 +-
drivers/net/ethernet/marvell/sky2.c | 2 +-
drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c | 9 +++++----
drivers/net/ppp/pptp.c | 1 -
drivers/sbus/char/Kconfig | 3 ++-
net/8021q/vlan_dev.c | 6 +++++-
net/core/dev.c | 2 +-
net/dsa/dsa_priv.h | 8 +++++++-
net/ipv4/arp.c | 2 +-
net/ipv4/ip_tunnel.c | 11 ++++++-----
net/ipv6/ip6_gre.c | 8 +++++---
net/ipv6/ip6_output.c | 7 +++++--
net/ipv6/ip6_tunnel.c | 11 +++++++----
net/ipv6/ip6_vti.c | 7 +++++--
net/ipv6/sit.c | 8 +++++---
net/sched/act_bpf.c | 12 ++++++++----
net/sched/cls_u32.c | 1 +
net/sctp/ipv6.c | 4 +++-
net/sctp/socket.c | 13 ++++++++-----
19 files changed, 76 insertions(+), 41 deletions(-)
Andrew Lunn (1):
net: dsa: Discard frames from unused ports
Cong Wang (1):
net_sched: fix a missing idr_remove() in u32_delete_key()
Davide Caratti (1):
net/sched: fix NULL dereference in the error path of tcf_bpf_init()
Dirk van der Merwe (1):
nfp: use full 40 bits of the NSP buffer address
Eric Dumazet (9):
pptp: remove a buggy dst release in pptp_connect()
sctp: do not leak kernel memory to user space
sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
net: fool proof dev_valid_name()
ip_tunnel: better validate user provided tunnel names
ipv6: sit: better validate user provided tunnel names
ip6_gre: better validate user provided tunnel names
ip6_tunnel: better validate user provided tunnel names
vti6: better validate user provided tunnel names
Greg Kroah-Hartman (1):
Linux 4.16.2
Guenter Roeck (1):
sparc64: Oracle DAX driver depends on SPARC64
Hangbin Liu (1):
vlan: also check phy_driver ts_info for vlan's real device
Jeff Barnhill (1):
net/ipv6: Increment OUTxxx counters after netfilter hook
Kai-Heng Feng (1):
sky2: Increase D3 delay to sky2 stops working after suspend
Miguel Fadon Perlines (1):
arp: fix arp_filter on l3slave devices
This is the start of the stable review cycle for the 4.16.2 release.
There are 18 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Thu Apr 12 21:27:41 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.16.2-rc1…
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.16.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh(a)linuxfoundation.org>
Linux 4.16.2-rc1
Dirk van der Merwe <dirk.vandermerwe(a)netronome.com>
nfp: use full 40 bits of the NSP buffer address
Cong Wang <xiyou.wangcong(a)gmail.com>
net_sched: fix a missing idr_remove() in u32_delete_key()
Eric Dumazet <edumazet(a)google.com>
vti6: better validate user provided tunnel names
Eric Dumazet <edumazet(a)google.com>
ip6_tunnel: better validate user provided tunnel names
Eric Dumazet <edumazet(a)google.com>
ip6_gre: better validate user provided tunnel names
Eric Dumazet <edumazet(a)google.com>
ipv6: sit: better validate user provided tunnel names
Eric Dumazet <edumazet(a)google.com>
ip_tunnel: better validate user provided tunnel names
Eric Dumazet <edumazet(a)google.com>
net: fool proof dev_valid_name()
Hangbin Liu <liuhangbin(a)gmail.com>
vlan: also check phy_driver ts_info for vlan's real device
Kai-Heng Feng <kai.heng.feng(a)canonical.com>
sky2: Increase D3 delay to sky2 stops working after suspend
Eric Dumazet <edumazet(a)google.com>
sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
Eric Dumazet <edumazet(a)google.com>
sctp: do not leak kernel memory to user space
Eric Dumazet <edumazet(a)google.com>
pptp: remove a buggy dst release in pptp_connect()
Davide Caratti <dcaratti(a)redhat.com>
net/sched: fix NULL dereference in the error path of tcf_bpf_init()
Jeff Barnhill <0xeffeff(a)gmail.com>
net/ipv6: Increment OUTxxx counters after netfilter hook
Andrew Lunn <andrew(a)lunn.ch>
net: dsa: Discard frames from unused ports
Miguel Fadon Perlines <mfadon(a)teldat.com>
arp: fix arp_filter on l3slave devices
Guenter Roeck <linux(a)roeck-us.net>
sparc64: Oracle DAX driver depends on SPARC64
-------------
Diffstat:
Makefile | 4 ++--
drivers/net/ethernet/marvell/sky2.c | 2 +-
drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c | 9 +++++----
drivers/net/ppp/pptp.c | 1 -
drivers/sbus/char/Kconfig | 3 ++-
net/8021q/vlan_dev.c | 6 +++++-
net/core/dev.c | 2 +-
net/dsa/dsa_priv.h | 8 +++++++-
net/ipv4/arp.c | 2 +-
net/ipv4/ip_tunnel.c | 11 ++++++-----
net/ipv6/ip6_gre.c | 8 +++++---
net/ipv6/ip6_output.c | 7 +++++--
net/ipv6/ip6_tunnel.c | 11 +++++++----
net/ipv6/ip6_vti.c | 7 +++++--
net/ipv6/sit.c | 8 +++++---
net/sched/act_bpf.c | 12 ++++++++----
net/sched/cls_u32.c | 1 +
net/sctp/ipv6.c | 4 +++-
net/sctp/socket.c | 13 ++++++++-----
19 files changed, 77 insertions(+), 42 deletions(-)
From: Andy Lutomirski <luto(a)kernel.org>
commit: 9d05041679904b12c12421cbcf9cb5f4860a8d7b upstream
32-bit kernels handle nested NMIs in C. Enable the exact same
handling on 64-bit kernels as well. This isn't currently
necessary, but it will become necessary once the asm code starts
allowing limited nesting.
Signed-off-by: Andy Lutomirski <luto(a)kernel.org>
Reviewed-by: Steven Rostedt <rostedt(a)goodmis.org>
Cc: Borislav Petkov <bp(a)suse.de>
Cc: Linus Torvalds <torvalds(a)linux-foundation.org>
Cc: Peter Zijlstra <peterz(a)infradead.org>
Cc: Thomas Gleixner <tglx(a)linutronix.de>
Cc: stable(a)vger.kernel.org
Signed-off-by: Ingo Molnar <mingo(a)kernel.org>
Backported-by: Chenggang <chenggang.qin(a)linux.alibaba.com>
---
7u/arch/x86/kernel/nmi.c | 122 ++++++++++++++++++++---------------------------
1 file changed, 51 insertions(+), 71 deletions(-)
diff --git a/7u/arch/x86/kernel/nmi.c b/7u/arch/x86/kernel/nmi.c
index 6030805..a735412 100644
--- a/7u/arch/x86/kernel/nmi.c
+++ b/7u/arch/x86/kernel/nmi.c
@@ -359,15 +359,15 @@ static __kprobes void default_do_nmi(struct pt_regs *regs)
}
/*
- * NMIs can hit breakpoints which will cause it to lose its
- * NMI context with the CPU when the breakpoint does an iret.
- */
-#ifdef CONFIG_X86_32
-/*
- * For i386, NMIs use the same stack as the kernel, and we can
- * add a workaround to the iret problem in C (preventing nested
- * NMIs if an NMI takes a trap). Simply have 3 states the NMI
- * can be in:
+ * NMIs can hit breakpoints which will cause it to lose its NMI context
+ * with the CPU when the breakpoint or page fault does an IRET.
+ *
+ * As a result, NMIs can nest if NMIs get unmasked due an IRET during
+ * NMI processing. On x86_64, the asm glue protects us from nested NMIs
+ * if the outer NMI came from kernel mode, but we can still nest if the
+ * outer NMI came from user mode.
+ *
+ * To handle these nested NMIs, we have three states:
*
* 1) not running
* 2) executing
@@ -381,15 +381,14 @@ static __kprobes void default_do_nmi(struct pt_regs *regs)
* (Note, the latch is binary, thus multiple NMIs triggering,
* when one is running, are ignored. Only one NMI is restarted.)
*
- * If an NMI hits a breakpoint that executes an iret, another
- * NMI can preempt it. We do not want to allow this new NMI
- * to run, but we want to execute it when the first one finishes.
- * We set the state to "latched", and the exit of the first NMI will
- * perform a dec_return, if the result is zero (NOT_RUNNING), then
- * it will simply exit the NMI handler. If not, the dec_return
- * would have set the state to NMI_EXECUTING (what we want it to
- * be when we are running). In this case, we simply jump back
- * to rerun the NMI handler again, and restart the 'latched' NMI.
+ * If an NMI executes an iret, another NMI can preempt it. We do not
+ * want to allow this new NMI to run, but we want to execute it when the
+ * first one finishes. We set the state to "latched", and the exit of
+ * the first NMI will perform a dec_return, if the result is zero
+ * (NOT_RUNNING), then it will simply exit the NMI handler. If not, the
+ * dec_return would have set the state to NMI_EXECUTING (what we want it
+ * to be when we are running). In this case, we simply jump back to
+ * rerun the NMI handler again, and restart the 'latched' NMI.
*
* No trap (breakpoint or page fault) should be hit before nmi_restart,
* thus there is no race between the first check of state for NOT_RUNNING
@@ -412,49 +411,36 @@ enum nmi_states {
static DEFINE_PER_CPU(enum nmi_states, nmi_state);
static DEFINE_PER_CPU(unsigned long, nmi_cr2);
-#define nmi_nesting_preprocess(regs) \
- do { \
- if (this_cpu_read(nmi_state) != NMI_NOT_RUNNING) { \
- this_cpu_write(nmi_state, NMI_LATCHED); \
- return; \
- } \
- this_cpu_write(nmi_state, NMI_EXECUTING); \
- this_cpu_write(nmi_cr2, read_cr2()); \
- } while (0); \
- nmi_restart:
-
-#define nmi_nesting_postprocess() \
- do { \
- if (unlikely(this_cpu_read(nmi_cr2) != read_cr2())) \
- write_cr2(this_cpu_read(nmi_cr2)); \
- if (this_cpu_dec_return(nmi_state)) \
- goto nmi_restart; \
- } while (0)
-#else /* x86_64 */
+#ifdef CONFIG_X86_64
/*
- * In x86_64 things are a bit more difficult. This has the same problem
- * where an NMI hitting a breakpoint that calls iret will remove the
- * NMI context, allowing a nested NMI to enter. What makes this more
- * difficult is that both NMIs and breakpoints have their own stack.
- * When a new NMI or breakpoint is executed, the stack is set to a fixed
- * point. If an NMI is nested, it will have its stack set at that same
- * fixed address that the first NMI had, and will start corrupting the
- * stack. This is handled in entry_64.S, but the same problem exists with
- * the breakpoint stack.
+ * In x86_64, we need to handle breakpoint -> NMI -> breakpoint. Without
+ * some care, the inner breakpoint will clobber the outer breakpoint's
+ * stack.
*
- * If a breakpoint is being processed, and the debug stack is being used,
- * if an NMI comes in and also hits a breakpoint, the stack pointer
- * will be set to the same fixed address as the breakpoint that was
- * interrupted, causing that stack to be corrupted. To handle this case,
- * check if the stack that was interrupted is the debug stack, and if
- * so, change the IDT so that new breakpoints will use the current stack
- * and not switch to the fixed address. On return of the NMI, switch back
- * to the original IDT.
+ * If a breakpoint is being processed, and the debug stack is being
+ * used, if an NMI comes in and also hits a breakpoint, the stack
+ * pointer will be set to the same fixed address as the breakpoint that
+ * was interrupted, causing that stack to be corrupted. To handle this
+ * case, check if the stack that was interrupted is the debug stack, and
+ * if so, change the IDT so that new breakpoints will use the current
+ * stack and not switch to the fixed address. On return of the NMI,
+ * switch back to the original IDT.
*/
static DEFINE_PER_CPU(int, update_debug_stack);
+#endif
-static inline void nmi_nesting_preprocess(struct pt_regs *regs)
+dotraplinkage notrace void
+do_nmi(struct pt_regs *regs, long error_code)
{
+ if (this_cpu_read(nmi_state) != NMI_NOT_RUNNING) {
+ this_cpu_write(nmi_state, NMI_LATCHED);
+ return;
+ }
+ this_cpu_write(nmi_state, NMI_EXECUTING);
+ this_cpu_write(nmi_cr2, read_cr2());
+nmi_restart:
+
+#ifdef CONFIG_X86_64
/*
* If we interrupted a breakpoint, it is possible that
* the nmi handler will have breakpoints too. We need to
@@ -465,22 +451,8 @@ static inline void nmi_nesting_preprocess(struct pt_regs *regs)
debug_stack_set_zero();
this_cpu_write(update_debug_stack, 1);
}
-}
-
-static inline void nmi_nesting_postprocess(void)
-{
- if (unlikely(this_cpu_read(update_debug_stack))) {
- debug_stack_reset();
- this_cpu_write(update_debug_stack, 0);
- }
-}
#endif
-dotraplinkage notrace __kprobes void
-do_nmi(struct pt_regs *regs, long error_code)
-{
- nmi_nesting_preprocess(regs);
-
nmi_enter();
inc_irq_stat(__nmi_count);
@@ -489,9 +461,17 @@ do_nmi(struct pt_regs *regs, long error_code)
default_do_nmi(regs);
nmi_exit();
+#ifdef CONFIG_X86_64
+ if (unlikely(this_cpu_read(update_debug_stack))) {
+ debug_stack_reset();
+ this_cpu_write(update_debug_stack, 0);
+ }
+#endif
- /* On i386, may loop back to preprocess */
- nmi_nesting_postprocess();
+ if (unlikely(this_cpu_read(nmi_cr2) != read_cr2()))
+ write_cr2(this_cpu_read(nmi_cr2));
+ if (this_cpu_dec_return(nmi_state))
+ goto nmi_restart;
}
void stop_nmi(void)
--
1.8.3.1