- Linux-stable-mirror - lists.linaro.org

[PATCH AUTOSEL 4.4 01/17] usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i]

by Sasha Levin

From: Anton Vasilyev <vasilyev(a)ispras.ru> [ Upstream commit c37bd52836296ecc9a0fc8060b819089aebdbcde ] There is no deallocation of fotg210->ep[i] elements, allocated at fotg210_udc_probe. The patch adds deallocation of fotg210->ep array elements and simplifies error path of fotg210_udc_probe(). Found by Linux Driver Verification project (linuxtesting.org). Signed-off-by: Anton Vasilyev <vasilyev(a)ispras.ru> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/usb/gadget/udc/fotg210-udc.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/drivers/usb/gadget/udc/fotg210-udc.c b/drivers/usb/gadget/udc/fotg210-udc.c index 6ba122cc7490..95df2b3bb6a1 100644 --- a/drivers/usb/gadget/udc/fotg210-udc.c +++ b/drivers/usb/gadget/udc/fotg210-udc.c @@ -1066,12 +1066,15 @@ static struct usb_gadget_ops fotg210_gadget_ops = { static int fotg210_udc_remove(struct platform_device *pdev) { struct fotg210_udc *fotg210 = platform_get_drvdata(pdev); + int i; usb_del_gadget_udc(&fotg210->gadget); iounmap(fotg210->reg); free_irq(platform_get_irq(pdev, 0), fotg210); fotg210_ep_free_request(&fotg210->ep[0]->ep, fotg210->ep0_req); + for (i = 0; i < FOTG210_MAX_NUM_EP; i++) + kfree(fotg210->ep[i]); kfree(fotg210); return 0; @@ -1102,7 +1105,7 @@ static int fotg210_udc_probe(struct platform_device *pdev) /* initialize udc */ fotg210 = kzalloc(sizeof(struct fotg210_udc), GFP_KERNEL); if (fotg210 == NULL) - goto err_alloc; + goto err; for (i = 0; i < FOTG210_MAX_NUM_EP; i++) { _ep[i] = kzalloc(sizeof(struct fotg210_ep), GFP_KERNEL); @@ -1114,7 +1117,7 @@ static int fotg210_udc_probe(struct platform_device *pdev) fotg210->reg = ioremap(res->start, resource_size(res)); if (fotg210->reg == NULL) { pr_err("ioremap error.\n"); - goto err_map; + goto err_alloc; } spin_lock_init(&fotg210->lock); @@ -1162,7 +1165,7 @@ static int fotg210_udc_probe(struct platform_device *pdev) fotg210->ep0_req = fotg210_ep_alloc_request(&fotg210->ep[0]->ep, GFP_KERNEL); if (fotg210->ep0_req == NULL) - goto err_req; + goto err_map; fotg210_init(fotg210); @@ -1190,12 +1193,14 @@ static int fotg210_udc_probe(struct platform_device *pdev) fotg210_ep_free_request(&fotg210->ep[0]->ep, fotg210->ep0_req); err_map: - if (fotg210->reg) - iounmap(fotg210->reg); + iounmap(fotg210->reg); err_alloc: + for (i = 0; i < FOTG210_MAX_NUM_EP; i++) + kfree(fotg210->ep[i]); kfree(fotg210); +err: return ret; } -- 2.17.1

7 years, 2 months

1
16
0 0

[PATCH AUTOSEL 4.9 01/26] HID: add support for Apple Magic Keyboards

by Sasha Levin

From: Sean O'Brien <seobrien(a)chromium.org> [ Upstream commit ee345492437043a79db058a3d4f029ebcb52089a ] USB device Vendor 05ac (Apple) Device 026c (Magic Keyboard with Numeric Keypad) Bluetooth devices Vendor 004c (Apple) Device 0267 (Magic Keyboard) Device 026c (Magic Keyboard with Numeric Keypad) Support already exists for the Magic Keyboard over USB connection. Add support for the Magic Keyboard over Bluetooth connection, and for the Magic Keyboard with Numeric Keypad over Bluetooth and USB connection. Signed-off-by: Sean O'Brien <seobrien(a)chromium.org> Reviewed-by: Benjamin Tissoires <benjamin.tissoires(a)redhat.com> Signed-off-by: Jiri Kosina <jkosina(a)suse.cz> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- drivers/hid/hid-apple.c | 9 ++++++++- drivers/hid/hid-ids.h | 2 ++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/drivers/hid/hid-apple.c b/drivers/hid/hid-apple.c index 2e046082210f..65a0c79f212e 100644 --- a/drivers/hid/hid-apple.c +++ b/drivers/hid/hid-apple.c @@ -333,7 +333,8 @@ static int apple_input_mapping(struct hid_device *hdev, struct hid_input *hi, struct hid_field *field, struct hid_usage *usage, unsigned long **bit, int *max) { - if (usage->hid == (HID_UP_CUSTOM | 0x0003)) { + if (usage->hid == (HID_UP_CUSTOM | 0x0003) || + usage->hid == (HID_UP_MSVENDOR | 0x0003)) { /* The fn key on Apple USB keyboards */ set_bit(EV_REP, hi->input->evbit); hid_map_usage_clear(hi, usage, bit, max, EV_KEY, KEY_FN); @@ -476,6 +477,12 @@ static const struct hid_device_id apple_devices[] = { .driver_data = APPLE_NUMLOCK_EMULATION | APPLE_HAS_FN }, { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_ANSI), .driver_data = APPLE_HAS_FN }, + { HID_BLUETOOTH_DEVICE(BT_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_ANSI), + .driver_data = APPLE_HAS_FN }, + { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_NUMPAD_ANSI), + .driver_data = APPLE_HAS_FN }, + { HID_BLUETOOTH_DEVICE(BT_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_NUMPAD_ANSI), + .driver_data = APPLE_HAS_FN }, { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING_ANSI), .driver_data = APPLE_HAS_FN }, { HID_USB_DEVICE(USB_VENDOR_ID_APPLE, USB_DEVICE_ID_APPLE_WELLSPRING_ISO), diff --git a/drivers/hid/hid-ids.h b/drivers/hid/hid-ids.h index de64cd33590a..ad5048e6b0d3 100644 --- a/drivers/hid/hid-ids.h +++ b/drivers/hid/hid-ids.h @@ -83,6 +83,7 @@ #define USB_DEVICE_ID_ANTON_TOUCH_PAD 0x3101 #define USB_VENDOR_ID_APPLE 0x05ac +#define BT_VENDOR_ID_APPLE 0x004c #define USB_DEVICE_ID_APPLE_MIGHTYMOUSE 0x0304 #define USB_DEVICE_ID_APPLE_MAGICMOUSE 0x030d #define USB_DEVICE_ID_APPLE_MAGICTRACKPAD 0x030e @@ -152,6 +153,7 @@ #define USB_DEVICE_ID_APPLE_ALU_WIRELESS_2011_ISO 0x0256 #define USB_DEVICE_ID_APPLE_ALU_WIRELESS_2011_JIS 0x0257 #define USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_ANSI 0x0267 +#define USB_DEVICE_ID_APPLE_MAGIC_KEYBOARD_NUMPAD_ANSI 0x026c #define USB_DEVICE_ID_APPLE_WELLSPRING8_ANSI 0x0290 #define USB_DEVICE_ID_APPLE_WELLSPRING8_ISO 0x0291 #define USB_DEVICE_ID_APPLE_WELLSPRING8_JIS 0x0292 -- 2.17.1

7 years, 2 months

1
25
0 0

[PATCH AUTOSEL 4.14 01/37] netfilter: xt_cluster: add dependency on conntrack module

by Sasha Levin

From: Martin Willi <martin(a)strongswan.org> [ Upstream commit c1dc2912059901f97345d9e10c96b841215fdc0f ] The cluster match requires conntrack for matching packets. If the netns does not have conntrack hooks registered, the match does not work at all. Implicitly load the conntrack hook for the family, exactly as many other extensions do. This ensures that the match works even if the hooks have not been registered by other means. Signed-off-by: Martin Willi <martin(a)strongswan.org> Acked-by: Florian Westphal <fw(a)strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> Signed-off-by: Sasha Levin <alexander.levin(a)microsoft.com> --- net/netfilter/xt_cluster.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/net/netfilter/xt_cluster.c b/net/netfilter/xt_cluster.c index 57ef175dfbfa..504d5f730f4e 100644 --- a/net/netfilter/xt_cluster.c +++ b/net/netfilter/xt_cluster.c @@ -133,6 +133,7 @@ xt_cluster_mt(const struct sk_buff *skb, struct xt_action_param *par) static int xt_cluster_mt_checkentry(const struct xt_mtchk_param *par) { struct xt_cluster_match_info *info = par->matchinfo; + int ret; if (info->total_nodes > XT_CLUSTER_NODES_MAX) { pr_info("you have exceeded the maximum " @@ -145,7 +146,17 @@ static int xt_cluster_mt_checkentry(const struct xt_mtchk_param *par) "higher than the total number of nodes\n"); return -EDOM; } - return 0; + + ret = nf_ct_netns_get(par->net, par->family); + if (ret < 0) + pr_info_ratelimited("cannot load conntrack support for proto=%u\n", + par->family); + return ret; +} + +static void xt_cluster_mt_destroy(const struct xt_mtdtor_param *par) +{ + nf_ct_netns_put(par->net, par->family); } static struct xt_match xt_cluster_match __read_mostly = { @@ -154,6 +165,7 @@ static struct xt_match xt_cluster_match __read_mostly = { .match = xt_cluster_mt, .checkentry = xt_cluster_mt_checkentry, .matchsize = sizeof(struct xt_cluster_match_info), + .destroy = xt_cluster_mt_destroy, .me = THIS_MODULE, }; -- 2.17.1

7 years, 2 months

1
36
0 0

Re: Patch "slub: make ->cpu_partial unsigned int" has been added to the 3.18-stable tree

by Alexey Dobriyan

On Sun, Sep 30, 2018 at 05:45:31AM -0700, gregkh(a)linuxfoundation.org wrote: > > This is a note to let you know that I've just added the patch titled > > slub: make ->cpu_partial unsigned int > From e5d9998f3e09359b372a037a6ac55ba235d95d57 Mon Sep 17 00:00:00 2001 > From: Alexey Dobriyan <adobriyan(a)gmail.com> > Date: Thu, 5 Apr 2018 16:21:10 -0700 > Subject: slub: make ->cpu_partial unsigned int This doesn't fix any bug that I know of, should not be in -stable.

7 years, 2 months

1
1
0 0

[PATCH 3.16 000/131] 3.16.59-rc1 review

by Ben Hutchings

This is the start of the stable review cycle for the 3.16.59 release. There are 131 patches in this series, which will be posted as responses to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Mon Oct 01 21:43:06 UTC 2018. Anything received after that time might be too late. All the patches have also been committed to the linux-3.16.y-rc branch of https://git.kernel.org/pub/scm/linux/kernel/git/bwh/linux-stable-rc.git . A shortlog and diffstat can be found below. Ben. ------------- Andi Kleen (10): x86/mm/kmmio: Make the tracer robust against L1TF [1063711b57393c1999248cccb57bebfaf16739e7] x86/mm/pat: Make set_memory_np() L1TF safe [958f79b9ee55dfaf00c8106ed1c22a2919e0028b] x86/speculation/l1tf: Add sysfs reporting for l1tf [17dbca119312b4e8173d4e25ff64262119fcef38] x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings [42e4089c7890725fcd329999252dc489b72f2921] x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT [50896e180c6aa3a9c61a26ced99e15d602666a4c] x86/speculation/l1tf: Invert all not present mappings [f22cc87f6c1f771b57c407555cfefd811cdd9507] x86/speculation/l1tf: Limit swap file size to MAX_PA/2 [377eeaa8e11fe815b1d07c81c4a0e2843a8c15eb] x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert [0768f91530ff46683e0b372df14fd79fe8d156e5] x86/speculation/l1tf: Make sure the first page is always reserved [10a70416e1f067f6c4efda6ffd8ea96002ac4223] x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation [6b28baca9b1f0d4a42b865da7a05b1c81424bd5c] Andy Lutomirski (2): mm/vmstat: Make NR_TLB_REMOTE_FLUSH_RECEIVED available even on UP [5dd0b16cdaff9b94da06074d5888b03235c0bf17] mm: Add vm_insert_pfn_prot() [1745cbc5d0dee0749a6bc0ea8e872c5db0074061] Andy Whitcroft (1): floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl [65eea8edc315589d6c993cf12dbb5d0e9ef1fe4e] Ben Hutchings (3): x86/cpufeatures: Show KAISER in cpuinfo [not upstream; upstream shows the related PTI feature] x86/speculation/l1tf: Protect NUMA-balance entries against L1TF [not upstream; these functions were removed in 4.0] x86: mm: Add PUD functions [a00cc7d9dd93d66a3fb83fc52aa57a4bec51c517] Borislav Petkov (3): Documentation/spec_ctrl: Do some minor cleanups [dd0792699c4058e63c0715d9a7c2d40226fcdddc] x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host} [cc69b34989210f067b2c51d5539b5f96ebcc3a01] x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP [e7c587da125291db39ddf1f49b18e5970adbac17] Dan Williams (1): mm: fix cache mode tracking in vm_insert_mixed() [87744ab3832b83ba71b931f86f9cfdb000d07da5] Daniel Rosenberg (1): HID: debug: check length before copy_to_user() [717adfdaf14704fd3ec7fa2c04520c0723247eac] Dave Airlie (2): drm/drivers: add support for using the arch wc mapping API. [7cf321d118a825c1541b43ca45294126fd474efa] x86/io: add interface to reserve io memtype for a resource range. (v1.1) [8ef4227615e158faa4ee85a1d6466782f7e22f2f] Dave Hansen (1): x86/mm: Move swap offset/type up in PTE to work around erratum [00839ee3b299303c6a5e26a0a2485427a3afcbbf] Finn Thain (1): via-cuda: Use spinlock_irq_save/restore instead of enable/disable_irq [ac39452e942af6a212e8f89e8a36b71354323845] Jim Mattson (1): x86/cpu: Make alternative_msr_write work for 32-bit code [5f2b745f5e1304f438f9b2cd03ebc8120b6e0d3b] Jiri Kosina (3): x86/bugs: Fix __ssb_select_mitigation() return type [d66d8ff3d21667b41eddbe86b35ab411e40d8c5f] x86/bugs: Make cpu_show_common() static [7bb4d366cba992904bffa4820d24e70a3de93e76] x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures [6c26fcd2abfe0a56bbd95271fce02df2896cfd24] Juergen Gross (1): x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths [74899d92e66663dc7671a8017b3146dcd4735f3b] Kees Cook (6): exec: Limit arg stack to at most 75% of _STK_LIM [da029c11e6b12f321f36dac8771e833b65cec962] nospec: Allow getting/setting on non-current task [7bbf1373e228840bb0295a2ca26d548ef37f448e] proc: Provide details on speculation flaw mitigations [fae1fa0fc6cca8beee3ab8ed71d54f9a78fa3f64] seccomp: Add filter flag to opt-out of SSB mitigation [00a02d0c502a06d15e07b857f8ff921e3e402675] seccomp: Enable speculation flaw mitigations [5c3070890d06ff82eecb808d02d2ca39169533ef] x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass [f21b53b20c754021935ea43364dbf53778eeba32] Kirill A. Shutemov (39): alpha: drop _PAGE_FILE and pte_file()-related helpers [b816157a5366550c5ee29a6431ba1abb88721266] arc: drop _PAGE_FILE and pte_file()-related helpers [18747151308f9e0fb63766057957617ec4afa190] arm64: drop PTE_FILE and pte_file()-related helpers [9b3e661e58b90b0c2d5c2168c23408f1e59e9e35] arm: drop L_PTE_FILE and pte_file()-related helpers [b007ea798f5c568d3f464d37288220ef570f062c] asm-generic: drop unused pte_file* helpers [5064c8e19dc215afae8ffae95570e7f22062d49c] avr32: drop _PAGE_FILE and pte_file()-related helpers [7a7d2db4b8b3505a3195178619ffcc80985c4be1] blackfin: drop pte_file() [2bc6ff14d46745a7728ed4ed90c5e0edca91f52e] c6x: drop pte_file() [f5b45de9b00eb53d11ada85c61e4ea1c31ab8218] cris: drop _PAGE_FILE and pte_file()-related helpers [103f3d9a26df944f4c29de190d72dfbf913c71af] frv: drop _PAGE_FILE and pte_file()-related helpers [ca5bfa7b390017f053d7581bc701518b87bc3d43] hexagon: drop _PAGE_FILE and pte_file()-related helpers [d99f95e6522db22192c331c75de182023a49fbcc] ia64: drop _PAGE_FILE and pte_file()-related helpers [636a002b704e0a36cefb5f4cf0293fab858fc46c] m32r: drop _PAGE_FILE and pte_file()-related helpers [406b16e26d0996516c8d1641008a7d326bf282d6] m68k: drop _PAGE_FILE and pte_file()-related helpers [1eeda0abf4425c91e7ce3ca32f1908c3a51bf84e] metag: drop _PAGE_FILE and pte_file()-related helpers [22f9bf3950f20d24198791685f2dccac2c4ef38a] microblaze: drop _PAGE_FILE and pte_file()-related helpers [937fa39fb22fea1c1d8ca9e5f31c452b91ac7239] mips: drop _PAGE_FILE and pte_file()-related helpers [b32da82e28ce90bff4e371fc15d2816fa3175bb0] mm: drop support of non-linear mapping from fault codepath [9b4bdd2ffab9557ac43af7dff02e7dab1c8c58bd] mm: drop support of non-linear mapping from unmap/zap codepath [8a5f14a23177061ec11daeaa3d09d0765d785c47] mm: drop vm_ops->remap_pages and generic_file_remap_pages() stub [d83a08db5ba6072caa658745881f4baa9bad6a08] mm: fix regression in remap_file_pages() emulation [48f7df329474b49d83d0dffec1b6186647f11976] mm: remove rest usage of VM_NONLINEAR and pte_file() [0661a33611fca12570cba48d9344ce68834ee86c] mm: replace remap_file_pages() syscall with emulation [c8d78c1823f46519473949d33f0d1d33fe21ea16] mm: replace vma->sharead.linear with vma->shared [ac51b934f3912582d3c897c6c4d09b32ea57b2c7] mn10300: drop _PAGE_FILE and pte_file()-related helpers [6bf63a8ccb1dccd6ab81bc8bc46863493629cdb8] openrisc: drop _PAGE_FILE and pte_file()-related helpers [3824e3cf7e865b2ff0b71de23b16e332fe6a853a] parisc: drop _PAGE_FILE and pte_file()-related helpers [8d55da810f1fabcf1d4c0bbc46205e5f2c0fa84b] powerpc: drop _PAGE_FILE and pte_file()-related helpers [780fc5642f59b6c6e2b05794de60b2d2ad5f040e] proc: drop handling non-linear mappings [1da4b35b001481df99a6dcab12d5d39a876f7056] rmap: drop support of non-linear mappings [27ba0644ea9dfe6e7693abc85837b60e40583b96] s390: drop pte_file()-related helpers [6e76d4b20bf6b514408ab5bd07f4a76723259b64] score: drop _PAGE_FILE and pte_file()-related helpers [917e401ea75478d4f4575bc8b0ef3d14ecf9ef69] sh: drop _PAGE_FILE and pte_file()-related helpers [8b70beac99466b6d164de9fe647b3567e6f17e3a] sparc: drop pte_file()-related helpers [6a8c4820895cf1dd2a128aef67ce079ba6eded80] tile: drop pte_file()-related helpers [eb12f4872a3845a8803f689646dea5b92a30aff7] um: drop _PAGE_FILE and pte_file()-related helpers [3513006a5691ae3629eef9ddef0b71a47c40dfbc] unicore32: drop pte_file()-related helpers [40171798fe11a6dc1d963058b097b2c4c9d34a9c] x86: drop _PAGE_FILE and pte_file()-related helpers [0a191362058391878cc2a4d4ccddcd8223eb4f79] xtensa: drop _PAGE_FILE and pte_file()-related helpers [d9ecee281b8f89da6d3203be62802eda991e37cc] Konrad Rzeszutek Wilk (17): KVM/VMX: Expose SSBD properly to guests [0aa48468d00959c8a37cd3ac727284f4f7359151] proc: Use underscores for SSBD in 'status' [e96f46ee8587607a828f783daa6eb5b44d25004d] x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest [da39556f66f5cfe8f9c989206974f1cb16ca5d7c] x86/bugs, KVM: Support the combination of guest and host IBRS [5cf687548705412da47c9cec342fd952d71ed3d5] x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested [764f3c21588a059cd783c6ba0734d4db2d72822d] x86/bugs/intel: Set proper CPU features and setup RDS [772439717dbf703b39990be58d8d4e3e4ad0598a] x86/bugs: Concentrate bug detection into a separate function [4a28bfe3267b68e22c663ac26185aa16c9b879ef] x86/bugs: Concentrate bug reporting into a separate function [d1059518b4789cabe34bb4b714d07e6089c82ca1] x86/bugs: Expose /sys/../spec_store_bypass [c456442cd3a59eeb1d60293c26cbe2ff2c4e42cf] x86/bugs: Fix the parameters alignment and missing void [ffed645e3be0e32f8e9ab068d257aee8d0fe8eec] x86/bugs: Move the l1tf function and define pr_fmt properly [56563f53d3066afa9e63d6c997bf67e76a8b05c0] x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation [24f7fc83b9204d20f878c57cb77d261ae825e033] x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits [1b86883ccb8d5d9506529d42dbe1a5257cb30b18] x86/bugs: Rename SSBD_NO to SSB_NO [240da953fcc6a9008c92fae5b1f727ee5ed167ab] x86/bugs: Rename _RDS to _SSBD [9f65fb29374ee37856dbad847b4e121aab72b510] x86/bugs: Whitelist allowed SPEC_CTRL MSR values [1115a859f33276fe8afb31c60cf9d8e657872558] x86/cpufeatures: Add X86_FEATURE_RDS [0cc5fa00b0a88dad140b4e5c2cead9951ad36822] Linus Torvalds (3): x86/nospec: Simplify alternative_msr_write() [1aa7a5735a41418d8e01fa7c9565eb2657e2ea3f] x86/speculation/l1tf: Change order of offset/type in swap entry [bcd11afa7adad8d720e7ba5ef58bdcd9775cf45f] x86/speculation/l1tf: Protect swap entries against L1TF [2f22b4cd45b67b3496f4aa4c7180a1271c6452f6] Markus Trippelsdorf (1): x86/tools: Fix gcc-7 warning in relocs.c [7ebb916782949621ff6819acf373a06902df7679] Michal Hocko (1): x86/speculation/l1tf: Fix up pte->pfn conversion for PAE [e14d7dfb41f5807a0c1c26a13f2b8ef16af24935] Naoya Horiguchi (3): mm/pagewalk: remove pgd_entry() and pud_entry() [0b1fbfe50006c41014cc25660c0e735d21c34939] mm: x86: move _PAGE_SWP_SOFT_DIRTY from bit 7 to bit 1 [eee4818baac0f2b37848fdf90e4b16430dc536ac] pagewalk: improve vma handling [fafaa4264eba49fd10695c193a82760558d093f4] Sean Christopherson (1): x86/speculation/l1tf: Exempt zeroed PTEs from inversion [f19f5c49bbc3ffcc9126cc245fc1b24cc29f4a37] Thomas Gleixner (19): KVM: SVM: Move spec control call after restore of GS [15e6c22fd8e5a42c5ed6d487b7c9fe44c2517765] KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled [024d83cadc6b2af027e473720f3c3da97496c318] prctl: Add force disable speculation [356e4bfff2c5489e016fdb925adbf12a1e3950ee] prctl: Add speculation control prctls [b617cfc858161140d69cc0b5cc211996b557a1c7] seccomp: Move speculation migitation control to arch code [8bf37d8c067bb7eb8e7c381bdadf9bd89182b6bc] seccomp: Use PR_SPEC_FORCE_DISABLE [b849a812f7eb92e96d1c8239b06581b2cfd8b275] x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL [ccbcd2674472a978b48c91c1fbfb66c0ff959f24] x86/bugs: Expose x86_spec_ctrl_base directly [fa8ac4988249c38476f6ad678a4848a736373403] x86/bugs: Remove x86_spec_ctrl_set() [4b59bdb569453a60b752b274ca61f009e37f4dae] x86/bugs: Rework spec_ctrl base and mask logic [be6fcb5478e95bb1c91f489121238deb3abca46a] x86/cpufeatures: Add FEATURE_ZEN [d1035d971829dcf80e8686ccde26f94b0a069472] x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS [7eb8956a7fec3c1f0abc2a5517dada99ccc8a961] x86/cpufeatures: Disentangle SSBD enumeration [52817587e706686fcdb27f14c1b000c92f266c96] x86/process: Allow runtime control of Speculative Store Bypass [885f82bfbc6fefb6664ea27965c3ab9ac4194b8c] x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG [47c61b3955cf712cadfc25635bf9bc174af030ea] x86/speculation: Add prctl for Speculative Store Bypass mitigation [a73ec77ee17ec556fe7f165d00314cb7c047b1ac] x86/speculation: Create spec-ctrl.h to avoid include hell [28a2775217b17208811fa43a9e96bd1fdf417b86] x86/speculation: Handle HT correctly on AMD [1f50ddb4f4189243c05926b842dc1a0332195f31] x86/speculation: Rework speculative_store_bypass_update() [0270be3e34efb05a88bc4c422572ece038ef3608] Tom Lendacky (2): KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD [bc226f07dcd3c9ef0b7f6236fe356ea4a9cb4769] x86/speculation: Add virtualized speculative store bypass disable support [11fb0683493b2da112cd64c9dada221b52463bf7] Tyler Hicks (2): irda: Fix memory leak caused by repeated binds of irda socket [not upstream; irda has been removed] irda: Only insert new objects into the global database via setsockopt [not upstream; irda has been removed] Vincent Pelletier (1): scsi: target: iscsi: Use hex2bin instead of a re-implementation [1816494330a83f2a064499d8ed2797045641f92c] Vlastimil Babka (6): x86/init: fix build with CONFIG_SWAP=n [792adb90fa724ce07c0171cbc96b9215af4b1045] x86/speculation/l1tf: Extend 64bit swap file size limit [1a7ed1ba4bba6c075d5ad61bb75e3fbc870840d6] x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM [b0a182f875689647b014bc01d36b340217792852] x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit [9df9516940a61d29aedf4d91b483ca6597e7d480] x86/speculation/l1tf: Protect PAE swap entries against L1TF [0d0f6249058834ffe1ceaad0bb31464af66f6e7a] x86/speculation/l1tf: Suggest what to do on systems with too much RAM [6a012288d6906fee1dbc244050ade1dafe4a9c8d] Documentation/ABI/testing/sysfs-devices-system-cpu | 1 + Documentation/cachetlb.txt | 8 +- Documentation/kernel-parameters.txt | 45 +++ Documentation/spec_ctrl.rst | 94 +++++ Documentation/vm/remap_file_pages.txt | 7 +- Makefile | 4 +- arch/alpha/include/asm/pgtable.h | 7 - arch/arc/include/asm/pgtable.h | 13 +- arch/arm/include/asm/pgtable-2level.h | 1 - arch/arm/include/asm/pgtable-3level.h | 1 - arch/arm/include/asm/pgtable-nommu.h | 2 - arch/arm/include/asm/pgtable.h | 20 +- arch/arm/mm/proc-macros.S | 2 +- arch/arm64/include/asm/pgtable.h | 22 +- arch/avr32/include/asm/pgtable.h | 25 -- arch/blackfin/include/asm/pgtable.h | 5 - arch/c6x/include/asm/pgtable.h | 5 - arch/cris/include/arch-v10/arch/mmu.h | 3 - arch/cris/include/arch-v32/arch/mmu.h | 3 - arch/cris/include/asm/pgtable.h | 4 - arch/frv/include/asm/pgtable.h | 27 +- arch/hexagon/include/asm/pgtable.h | 60 +-- arch/ia64/include/asm/pgtable.h | 25 +- arch/m32r/include/asm/pgtable-2level.h | 4 - arch/m32r/include/asm/pgtable.h | 11 - arch/m68k/include/asm/mcf_pgtable.h | 23 +- arch/m68k/include/asm/motorola_pgtable.h | 15 - arch/m68k/include/asm/pgtable_no.h | 2 - arch/m68k/include/asm/sun3_pgtable.h | 15 - arch/metag/include/asm/pgtable.h | 6 - arch/microblaze/include/asm/pgtable.h | 11 - arch/mips/include/asm/pgtable-32.h | 39 -- arch/mips/include/asm/pgtable-64.h | 9 - arch/mips/include/asm/pgtable-bits.h | 10 - arch/mips/include/asm/pgtable.h | 2 - arch/mn10300/include/asm/pgtable.h | 17 +- arch/openrisc/include/asm/pgtable.h | 8 - arch/openrisc/kernel/head.S | 5 - arch/parisc/include/asm/pgtable.h | 10 - arch/powerpc/include/asm/pgtable-ppc32.h | 9 +- arch/powerpc/include/asm/pgtable-ppc64.h | 5 +- arch/powerpc/include/asm/pgtable.h | 1 - arch/powerpc/include/asm/pte-40x.h | 1 - arch/powerpc/include/asm/pte-44x.h | 5 - arch/powerpc/include/asm/pte-8xx.h | 1 - arch/powerpc/include/asm/pte-book3e.h | 1 - arch/powerpc/include/asm/pte-fsl-booke.h | 3 - arch/powerpc/include/asm/pte-hash32.h | 1 - arch/powerpc/include/asm/pte-hash64.h | 1 - arch/powerpc/mm/pgtable_64.c | 2 +- arch/s390/include/asm/pgtable.h | 29 +- arch/score/include/asm/pgtable-bits.h | 1 - arch/score/include/asm/pgtable.h | 18 +- arch/sh/include/asm/pgtable_32.h | 30 +- arch/sh/include/asm/pgtable_64.h | 9 +- arch/sparc/include/asm/pgtable_32.h | 24 -- arch/sparc/include/asm/pgtable_64.h | 40 -- arch/sparc/include/asm/pgtsrmmu.h | 14 +- arch/tile/include/asm/pgtable.h | 11 - arch/tile/mm/homecache.c | 4 - arch/um/include/asm/pgtable-2level.h | 9 - arch/um/include/asm/pgtable-3level.h | 20 - arch/um/include/asm/pgtable.h | 9 - arch/unicore32/include/asm/pgtable-hwdef.h | 1 - arch/unicore32/include/asm/pgtable.h | 14 - arch/x86/include/asm/cpufeature.h | 21 +- arch/x86/include/asm/io.h | 6 + arch/x86/include/asm/kvm_host.h | 1 + arch/x86/include/asm/nospec-branch.h | 43 +- arch/x86/include/asm/page_32_types.h | 9 +- arch/x86/include/asm/pgtable-2level.h | 55 +-- arch/x86/include/asm/pgtable-3level.h | 49 ++- arch/x86/include/asm/pgtable-invert.h | 41 ++ arch/x86/include/asm/pgtable.h | 144 +++++-- arch/x86/include/asm/pgtable_64.h | 60 ++- arch/x86/include/asm/pgtable_types.h | 13 +- arch/x86/include/asm/processor.h | 5 + arch/x86/include/asm/spec-ctrl.h | 80 ++++ arch/x86/include/asm/thread_info.h | 10 +- arch/x86/include/uapi/asm/msr-index.h | 9 + arch/x86/kernel/cpu/amd.c | 22 + arch/x86/kernel/cpu/bugs.c | 441 ++++++++++++++++++++- arch/x86/kernel/cpu/common.c | 97 ++++- arch/x86/kernel/cpu/cpu.h | 3 + arch/x86/kernel/cpu/intel.c | 3 + arch/x86/kernel/process.c | 146 +++++++ arch/x86/kernel/setup.c | 6 + arch/x86/kernel/smpboot.c | 5 + arch/x86/kvm/cpuid.c | 21 +- arch/x86/kvm/cpuid.h | 16 +- arch/x86/kvm/svm.c | 72 +++- arch/x86/kvm/vmx.c | 27 +- arch/x86/kvm/x86.c | 7 +- arch/x86/mm/init.c | 24 ++ arch/x86/mm/kmmio.c | 25 +- arch/x86/mm/mmap.c | 21 + arch/x86/mm/pageattr.c | 6 +- arch/x86/mm/pat.c | 14 + arch/x86/tools/relocs.c | 5 +- arch/x86/xen/smp.c | 5 + arch/xtensa/include/asm/pgtable.h | 10 - drivers/base/cpu.c | 16 + drivers/block/floppy.c | 3 + drivers/gpu/drm/ast/ast_ttm.c | 6 + drivers/gpu/drm/cirrus/cirrus_ttm.c | 7 + drivers/gpu/drm/drm_vma_manager.c | 3 +- drivers/gpu/drm/mgag200/mgag200_ttm.c | 7 + drivers/gpu/drm/nouveau/nouveau_ttm.c | 8 + drivers/gpu/drm/radeon/radeon_object.c | 5 + drivers/hid/hid-debug.c | 8 +- drivers/macintosh/via-cuda.c | 16 +- drivers/target/iscsi/iscsi_target_auth.c | 30 +- fs/9p/vfs_file.c | 2 - fs/btrfs/file.c | 1 - fs/ceph/addr.c | 1 - fs/cifs/file.c | 1 - fs/exec.c | 11 +- fs/ext4/file.c | 1 - fs/f2fs/file.c | 1 - fs/fuse/file.c | 1 - fs/gfs2/file.c | 1 - fs/inode.c | 1 - fs/nfs/file.c | 1 - fs/nilfs2/file.c | 1 - fs/ocfs2/mmap.c | 1 - fs/proc/array.c | 26 ++ fs/proc/task_mmu.c | 15 - fs/ubifs/file.c | 1 - fs/xfs/xfs_file.c | 1 - include/asm-generic/pgtable.h | 27 +- include/linux/cpu.h | 4 + include/linux/fs.h | 6 +- include/linux/io.h | 22 + include/linux/mm.h | 50 +-- include/linux/mm_types.h | 12 +- include/linux/nospec.h | 10 + include/linux/rmap.h | 2 - include/linux/sched.h | 10 +- include/linux/seccomp.h | 2 + include/linux/swapfile.h | 2 + include/linux/swapops.h | 4 +- include/linux/vm_event_item.h | 2 - include/uapi/linux/prctl.h | 12 + include/uapi/linux/seccomp.h | 3 + kernel/fork.c | 8 +- kernel/seccomp.c | 16 +- kernel/sys.c | 23 ++ mm/Makefile | 2 +- mm/filemap.c | 1 - mm/filemap_xip.c | 1 - mm/fremap.c | 283 ------------- mm/gup.c | 2 +- mm/interval_tree.c | 34 +- mm/ksm.c | 2 +- mm/madvise.c | 13 +- mm/memcontrol.c | 7 +- mm/memory.c | 285 ++++++------- mm/migrate.c | 32 -- mm/mincore.c | 9 +- mm/mmap.c | 117 +++++- mm/mprotect.c | 51 ++- mm/mremap.c | 2 - mm/msync.c | 5 +- mm/nommu.c | 8 - mm/pagewalk.c | 213 +++++----- mm/rmap.c | 222 +---------- mm/shmem.c | 1 - mm/swap.c | 4 +- mm/swapfile.c | 46 ++- net/irda/af_irda.c | 13 +- 170 files changed, 2215 insertions(+), 1885 deletions(-) -- Ben Hutchings For every action, there is an equal and opposite criticism. - Harrison

7 years, 2 months

2
133
0 0

patch "tools: hv: fcopy: set 'error' in case an unknown operation was" added to char-misc-linus

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled tools: hv: fcopy: set 'error' in case an unknown operation was to my char-misc git tree which can be found at git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc.git in the char-misc-linus branch. The patch will show up in the next release of the linux-next tree (usually sometime within the next 24 hours during the week.) The patch will hopefully also be merged in Linus's tree for the next -rc kernel release. If you have any questions about this process, please let me know. >From c2d68afba86d1ff01e7300c68bc16a9234dcd8e9 Mon Sep 17 00:00:00 2001 From: Vitaly Kuznetsov <vkuznets(a)redhat.com> Date: Mon, 17 Sep 2018 04:14:55 +0000 Subject: tools: hv: fcopy: set 'error' in case an unknown operation was requested 'error' variable is left uninitialized in case we see an unknown operation. As we don't immediately return and proceed to pwrite() we need to set it to something, HV_E_FAIL sounds good enough. Signed-off-by: Vitaly Kuznetsov <vkuznets(a)redhat.com> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> Cc: stable <stable(a)vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- tools/hv/hv_fcopy_daemon.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/hv/hv_fcopy_daemon.c b/tools/hv/hv_fcopy_daemon.c index d78aed86af09..8ff8cb1a11f4 100644 --- a/tools/hv/hv_fcopy_daemon.c +++ b/tools/hv/hv_fcopy_daemon.c @@ -234,6 +234,7 @@ int main(int argc, char *argv[]) break; default: + error = HV_E_FAIL; syslog(LOG_ERR, "Unknown operation: %d", buffer.hdr.operation); -- 2.19.0

7 years, 2 months

1
0
0 0

Re: ovl: hash non-dir by lower inode for fsnotify

by Mark Salyzyn

764baba80168ad3adafb521d2ab483ccbc49e344 ovl: hash non-dir by lower inode for fsnotify is not part of 4.14 stable and yet it was marked for 4.13 stable merge when committed. Please evaluate. Sincerely -- Mark Salyzyn

7 years, 2 months

2
5
0 0

Please apply 2c155709e4ef ("staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free") to 3.18.y

by Greg Hackmann

2c155709e4ef ("staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free") was applied to 4.4.y a couple of weeks ago, and is needed on 3.18.y too. The patch cherry-picks and builds as-is on top of 3.18.123.

7 years, 2 months

2
1
0 0

scsi: target: iscsi: Use bin2hex instead of a re-implementation

by Vincent Pelletier

commit 8c39e2699f8acb2e29782a834e56306da24937fe upstream. Signed-off-by: Vincent Pelletier <plr.vincent(a)gmail.com> Reviewed-by: Mike Christie <mchristi(a)redhat.com> Signed-off-by: Martin K. Petersen <martin.petersen(a)oracle.com> [plr.vincent(a)gmail.com: hunk context change for 4.4 and 4.9, no code change] --- drivers/target/iscsi/iscsi_target_auth.c | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/drivers/target/iscsi/iscsi_target_auth.c b/drivers/target/iscsi/iscsi_target_auth.c index b380bc7ee10a..3184e023a052 100644 --- a/drivers/target/iscsi/iscsi_target_auth.c +++ b/drivers/target/iscsi/iscsi_target_auth.c @@ -26,15 +26,6 @@ #include "iscsi_target_nego.h" #include "iscsi_target_auth.h" -static void chap_binaryhex_to_asciihex(char *dst, char *src, int src_len) -{ - int i; - - for (i = 0; i < src_len; i++) { - sprintf(&dst[i*2], "%02x", (int) src[i] & 0xff); - } -} - static void chap_gen_challenge( struct iscsi_conn *conn, int caller, @@ -47,7 +38,7 @@ static void chap_gen_challenge( memset(challenge_asciihex, 0, CHAP_CHALLENGE_LENGTH * 2 + 1); get_random_bytes(chap->challenge, CHAP_CHALLENGE_LENGTH); - chap_binaryhex_to_asciihex(challenge_asciihex, chap->challenge, + bin2hex(challenge_asciihex, chap->challenge, CHAP_CHALLENGE_LENGTH); /* * Set CHAP_C, and copy the generated challenge into c_str. @@ -287,7 +278,7 @@ static int chap_server_compute_md5( } crypto_free_hash(tfm); - chap_binaryhex_to_asciihex(response, server_digest, MD5_SIGNATURE_SIZE); + bin2hex(response, server_digest, MD5_SIGNATURE_SIZE); pr_debug("[server] MD5 Server Digest: %s\n", response); if (memcmp(server_digest, client_digest, MD5_SIGNATURE_SIZE) != 0) { @@ -431,7 +422,7 @@ static int chap_server_compute_md5( /* * Convert response from binary hex to ascii hext. */ - chap_binaryhex_to_asciihex(response, digest, MD5_SIGNATURE_SIZE); + bin2hex(response, digest, MD5_SIGNATURE_SIZE); *nr_out_len += sprintf(nr_out_ptr + *nr_out_len, "CHAP_R=0x%s", response); *nr_out_len += 1; -- 2.19.0

7 years, 2 months

2
1
0 0

[PATCH v4.4.y] ext4: never move the system.data xattr out of the inode body

by Zubin Mithra

From: Theodore Ts'o <tytso(a)mit.edu> commit 8cdb5240ec5928b20490a2bb34cb87e9a5f40226 upstream. When expanding the extra isize space, we must never move the system.data xattr out of the inode body. For performance reasons, it doesn't make any sense, and the inline data implementation assumes that system.data xattr is never in the external xattr block. This addresses CVE-2018-10880 https://bugzilla.kernel.org/show_bug.cgi?id=200005 Backport Note: - dfa2064b22("ext4: factor out loop for freeing inode xattr space") factored out the loop from inside ext4_expand_extra_isize_ea to a separate function named ext4_xattr_make_inode_space. As the above commit is not present in 4.4.y, make the change inside ext4_expand_extra_isize_ea. Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)kernel.org Signed-off-by: Zubin Mithra <zsm(a)chromium.org> --- fs/ext4/xattr.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 9fb2a751fce4..b51bb73b06a6 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -1386,6 +1386,11 @@ retry: /* Find the entry best suited to be pushed into EA block */ entry = NULL; for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) { + /* never move system.data out of the inode */ + if ((last->e_name_len == 4) && + (last->e_name_index == EXT4_XATTR_INDEX_SYSTEM) && + !memcmp(last->e_name, "data", 4)) + continue; total_size = EXT4_XATTR_SIZE(le32_to_cpu(last->e_value_size)) + EXT4_XATTR_LEN(last->e_name_len); -- 2.19.0.605.g01d371f741-goog

7 years, 2 months

2
1
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror