- Linux-stable-mirror - lists.linaro.org

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.14 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit f952480a8fc14ea24a4de9582e425924f98c92d3: Linux 4.14.58 (2018-07-25 11:25:11 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git tags/for-greg-4.14-27072018 for you to fetch changes up to 7ed2a5a95ac91dfa95411e3516fee3abc900452b: drm/dp/mst: Fix off-by-one typo when dump payload table (2018-07-26 12:33:36 -0400) - ---------------------------------------------------------------- for-greg-4.14-27072018 - ---------------------------------------------------------------- Alex Williamson (2): vfio/mdev: Check globally for duplicate devices vfio/type1: Fix task tracking for QEMU vCPU hotplug Alexandre Belloni (4): rtc: ensure rtc_set_alarm fails when alarms are not supported rtc: tps6586x: fix possible race condition rtc: vr41xx: fix possible race condition rtc: tps65910: fix possible race condition Alexey Khoroshilov (1): spi: meson-spicc: Fix error handling in meson_spicc_probe() Alexey Kodanev (1): netfilter: nf_tables: check msg_type before nft_trans_set(trans) Anatoly Pugachev (1): disable loading f2fs module on PAGE_SIZE > 4KB Andrey Smirnov (1): soc: imx: gpcv2: Do not pass static memory as platform data Andy Shevchenko (1): drm/dp/mst: Fix off-by-one typo when dump payload table Anson Huang (1): regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Bartlomiej Zolnierkiewicz (1): thermal: exynos: fix setting rising_threshold for Exynos5433 Ben Skeggs (1): drm/nouveau/fifo/gk104-: poll for runlist update completion Benjamin Poirier (1): e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes Brad Love (1): media: saa7164: Fix driver name in debug output Chad Dupuis (1): scsi: qedf: Set the UNLOADING flag when removing a vport Chao Yu (5): f2fs: fix error path of move_data_page f2fs: fix to don't trigger writeback during recovery f2fs: fix to wait page writeback during revoking atomic write f2fs: fix to detect failure of dquot_initialize f2fs: fix race in between GC and atomic open Chengguang Xu (1): ceph: fix alignment of rasize Chintan Pandya (1): mm: vmalloc: avoid racy handling of debugobjects in vunmap Chris Novakovic (1): ipconfig: Correctly initialise ic_nameservers Christoph Hellwig (1): PCI: Prevent sysfs disable of device while driver is attached Christophe Leroy (2): powerpc/lib: Adjust .balign inside string functions for PPC32 powerpc/8xx: fix invalid register expression in head_8xx.S Colin Ian King (1): media: smiapp: fix timeout checking in smiapp_read_nvm Cong Wang (1): infiniband: fix a possible use-after-free bug DaeRyong Jeong (1): tty: Fix data race in tty_insert_flip_string_fixed_flag Damien Le Moal (1): libata: Fix command retry decision Dan Carpenter (1): scsi: megaraid: silence a static checker bug Daniel DÃaz (1): selftests/intel_pstate: Improve test, minor fixes David Lechner (1): drm/tilcdc: Fix setting clock divider for omap-l138 David Sterba (1): btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Dmitry Osipenko (2): memory: tegra: Do not handle spurious interrupts memory: tegra: Apply interrupts mask per SoC Dmitry Torokhov (1): HID: i2c-hid: check if device is there before really probing Dominik Bozek (1): usb: hub: Don't wait for connect state at resume for powered-off ports Doug Oucahrek (1): staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Doug Oucharek (1): staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 Douglas Anderson (2): serial: core: Make sure compiler barfs for 16-byte earlycon names regulator: Don't return or expect -errno from of_map_mode() Emil Tantilov (1): ixgbevf: fix MAC address changes through ixgbevf_set_mac() Enric Balletbo i Serra (1): arm64: defconfig: Enable Rockchip io-domain driver Eric Biggers (1): fscrypt: use unbound workqueue for decryption Ethan Lien (1): btrfs: balance dirty metadata pages in btrfs_finish_ordered_io Eyal Reizer (1): wlcore: sdio: check for valid platform device data before suspend Ezequiel Garcia (1): media: tw686x: Fix incorrect vb2_mem_ops GFP flags Filippo Muzzini (1): block, bfq: remove wrong lock in bfq_requests_merged Florent Fourcot (1): netfilter: ipset: forbid family for hash:mac sets Florian Fainelli (1): net: phy: phylink: Release link GPIO Fuyun Liang (1): net: hns3: Fixes the init of the VALID BD info in the descriptor Ganapathi Bhat (1): mwifiex: handle race during mwifiex_usb_disconnect Geert Uytterhoeven (4): vfio: platform: Fix reset module leak in error path spi: sh-msiof: Fix setting SIRMDR1.SYNCAC to match SITMDR1.SYNCAC ARM: dts: emev2: Add missing interrupt-affinity to PMU node ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Gioh Kim (1): md/raid1: add error handling of read error from FailFast device Grygorii Strashko (1): net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Hans Verkuil (1): media: videobuf2-core: don't call memop 'finish' when queueing Hans de Goede (1): ACPI / LPSS: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is 2 Huang Ying (1): mm: /proc/pid/pagemap: hide swap entries from unprivileged users Huazhong Tan (1): net: hns3: Fixes the out of bounds access in hclge_map_tqp Jacob Keller (1): i40e: free the skb after clearing the bitlock Jaegeuk Kim (1): f2fs: avoid fsync() failure caused by EAGAIN in writepage() Jakub Kicinski (1): bpf: fix references to free_bpf_prog_info() in comments James Simmons (1): staging: lustre: llite: correct removexattr detection Jan Kiszka (1): PCI: Fix devm_pci_alloc_host_bridge() memory leak Jane Wan (1): mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Javier GonzÃ¡lez (1): lightnvm: pblk: warn in case of corrupted write buffer Jens Remus (1): scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger Jian-Hong Pan (1): Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Jianchao Wang (1): nvme-rdma: stop admin queue before freeing it Jiri Olsa (1): perf tools: Fix pmu events parsing rule Jonathan NeuschÃ¤fer (1): powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet JosÃ© Roberto de Souza (1): drm: Add DP PSR2 sink enable bit Jozsef Kadlecsik (1): netfilter: ipset: List timing out entries with "timeout 1" instead of zero Juergen Gross (1): xen/netfront: raise max number of slots in xennet_get_responses() Julia Lawall (1): pinctrl: at91-pio4: add missing of_node_put Kai Chieh Chuang (1): ASoC: dpcm: fix BE dai not hw_free and shutdown Kan Liang (2): perf/x86/intel/uncore: Correct fixed counter index check in generic code perf/x86/intel/uncore: Correct fixed counter index check for NHM Keith Busch (1): nvme-pci: Fix AER reset handling Kirill Marinushkin (2): ASoC: topology: Fix bclk and fsync inversion in set_link_hw_format() ASoC: topology: Add missing clock gating parameter when parsing hw_configs Kirill Tkhai (1): fasync: Fix deadlock between task-context and interrupt-context kill_fasync() Kuninori Morimoto (1): arm64: dts: renesas: salvator-common: use audio-graph-card for Sound Laurentiu Tudor (1): irqchip/ls-scfg-msi: Map MSIs in the iommu Leon Romanovsky (1): RDMA/mad: Convert BUG_ONs to error flows Luc Van Oostenryck (2): drm/radeon: fix mode_valid's return type drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Marc Zyngier (1): dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA Marco Felsch (1): watchdog: da9063: Fix updating timeout value Mark Rutland (2): kcov: ensure irq code sees a valid area drivers/perf: arm-ccn: don't log to dmesg in event_init Martin Blumenstingl (1): dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Mathieu Malaterre (7): mm/slub.c: add __printf verification to slab_err() powerpc/32: Add a missing include header powerpc/chrp/time: Make some functions static, add missing header include powerpc/powermac: Add missing prototype for note_bootable_part() powerpc/powermac: Mark variable x as unused powerpc: Add __printf verification to prom_printf nvmem: properly handle returned value nvmem_reg_read Matthew R. Ochs (1): scsi: cxlflash: Avoid clobbering context control register value Mauro Carvalho Chehab (4): media: atomisp: ov2680: don't declare unused vars media: siano: get rid of __le32/__le16 cast warnings media: atomisp: compat32: fix __user annotations media: si470x: fix __be16 annotations Maya Erez (1): scsi: ufs: fix exception event handling Michael Chan (1): bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. Michael Grzeschik (1): usbip: dynamically allocate idev by nports found in sysfs Michal Simek (1): microblaze: Fix simpleImage format generation Michal Suchanek (1): powerpc/64s: Add barrier_nospec Michal VokÃ¡Ä (1): net: dsa: qca8k: Add support for QCA8334 switch Mika Westerberg (1): PCI: pciehp: Request control of native hotplug only if supported Mimi Zohar (1): ima: based on policy verify firmware signatures (pre-allocated buffer) NeilBrown (1): staging: lustre: ldlm: free resource when ldlm_lock_create() fails. Nicholas Piggin (1): powerpc/64s: Fix compiler store ordering to SLB shadow area Olga Kornievskaia (1): skip LAYOUTRETURN if layout is invalid Omar Sandoval (2): Btrfs: don't return ino to ino cache if inode item removal fails Btrfs: don't BUG_ON() in btrfs_truncate_inode_items() Ondrej MosnÃ¡Äek (1): audit: allow not equal op for audit by executable Patrice Chotard (1): ARM: dts: stih407-pinctrl: Fix complain about IRQ_TYPE_NONE usage Peng Li (1): net: hns3: Updates RX packet info fetch in case of multi BD Petr Machata (1): mlxsw: spectrum_switchdev: Fix port_vlan refcounting Qu Wenruo (1): btrfs: qgroup: Finish rescan when hit the last leaf of extent tree Sahitya Tummala (1): f2fs: Fix deadlock in shutdown ioctl Sam Bobroff (1): powerpc/eeh: Fix use-after-release of EEH driver Sami Tolvanen (1): media: media-device: fix ioctl function types Samuel Li (1): drm/amdgpu: Remove VRAM from shared bo domains. Sandipan Das (1): bpf: powerpc64: pad function address loads with NOPs Satendra Singh Thakur (1): drm/atomic: Handling the case when setting old crtc for plane Scott Mayhew (1): nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Scott Wood (1): x86/microcode: Make the late update update_lock a raw lock for RT Sean Lanigan (1): brcmfmac: Add support for bcm43364 wireless chipset Sebastian Andrzej Siewior (2): PM / wakeup: Make s2idle_lock a RAW_SPINLOCK delayacct: Use raw_spinlocks Sergey Senozhatsky (1): printk: drop in_nmi check from printk_safe_flush_on_panic() Shaul Triebitz (1): iwlwifi: pcie: fix race in Rx buffer allocator Shawn Lin (1): mmc: dw_mmc: update actual clock for mmc debugfs Shivasharan S (1): scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Shuah Khan (Samsung OSG) (3): usbip: usbip_detach: Fix memory, udev context and udev leak selftests: memfd: return Kselftest Skip code for skipped tests selftests: intel_pstate: return Kselftest Skip code for skipped tests Siva Rebbagondla (2): rsi: Fix 'invalid vdd' warning in mmc rsi: fix nommu_map_sg overflow kernel panic Stefan Wahren (1): staging: vchiq_core: Fix missing semaphore release in error case Stephen Hemminger (1): hv_netvsc: fix network namespace issues with VF support Stewart Smith (1): hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Subhash Jadavani (1): scsi: ufs: ufshcd: fix possible unclocked register access Sudeep Holla (1): tick: Prefer a lower rating device only if it's CPU local device Suman Anna (1): media: omap3isp: fix unbalanced dma_iommu_mapping Sven Eckelmann (9): ath: Add regulatory mapping for FCC3_ETSIC ath: Add regulatory mapping for ETSI8_WORLD ath: Add regulatory mapping for APL13_WORLD ath: Add regulatory mapping for APL2_FCCA ath: Add regulatory mapping for Uganda ath: Add regulatory mapping for Tanzania ath: Add regulatory mapping for Serbia ath: Add regulatory mapping for Bermuda ath: Add regulatory mapping for Bahamas Takashi Iwai (2): ALSA: emu10k1: Rate-limit error messages about page errors ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback Takashi Sakamoto (1): ALSA: hda/ca0132: fix build failure when a local macro is defined Terry Junge (1): HID: hid-plantronics: Re-resend Update to map button for PTT products Tetsuo Handa (1): kernel/hung_task.c: show all hung tasks before panic Thierry Escande (1): Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Thomas Gleixner (1): stop_machine: Use raw spinlocks Thomas Richter (2): s390/cpum_sf: Add data entry sizes to sampling trailer entry perf: fix invalid bit in diagnostic entry Thor Thayer (1): EDAC, altera: Fix ARM64 build warning Tobin C. Harding (1): mmc: pwrseq: Use kmalloc_array instead of stack VLA Tony Lindgren (1): spi: Add missing pm_runtime_put_noidle() after failed get Trond Myklebust (2): NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY pnfs: Don't release the sequence slot until we've processed layoutget on open Tudor-Dan Ambarus (2): crypto: authencesn - don't leak pointers to authenc keys crypto: authenc - don't leak pointers to authenc keys Uma Krishnan (1): scsi: cxlflash: Synchronize reset and remove ops Vic Wei (1): Bluetooth: btusb: add ID for LiteOn 04ca:301a Ville SyrjÃ¤lÃ¤ (1): drm/atomic-helper: Drop plane->fb references only for drm_atomic_helper_shutdown() Vincent Palatin (1): mfd: cros_ec: Fail early if we cannot identify the EC Vinicius Costa Gomes (1): igb: Fix queue selection on MAC filters on i210 Wang YanQing (1): bpf, arm32: fix inconsistent naming about emit_a32_lsr_{r64,i64} Wei Xu (1): nvme: lightnvm: add granby support Wei Yongjun (1): media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Wenwen Wang (2): scsi: 3w-9xxx: fix a missing-check bug scsi: 3w-xxxx: fix a missing-check bug Will Deacon (1): arm64: cmpwait: Clear event register before arming exclusive monitor Wolfram Sang (1): backlight: pwm_bl: Don't use GPIOF_* with gpiod_get_direction Xi Wang (1): net: hns3: Fix the missing client list node initialization Xiang Chen (1): scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw Xinming Hu (1): mwifiex: correct histogram data with appropriate index Xose Vazquez Perez (1): scsi: scsi_dh: replace too broad "TP9" string with the exact models Yixun Lan (1): dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Yufen Yu (1): md: fix NULL dereference of mddev->pers in remove_and_add_spares() Zhouyang Jia (2): ALSA: emu10k1: add error handling for snd_ctl_add ALSA: fm801: add error handling for snd_ctl_add .../devicetree/bindings/net/meson-dwmac.txt | 1 + .../devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 + Documentation/vfio-mediated-device.txt | 5 + arch/arm/boot/dts/emev2.dtsi | 5 +- arch/arm/boot/dts/sh73a0.dtsi | 5 +- arch/arm/boot/dts/stih407-pinctrl.dtsi | 10 +- arch/arm/net/bpf_jit_32.c | 10 +- arch/arm64/boot/dts/renesas/salvator-common.dtsi | 38 ++++--- arch/arm64/configs/defconfig | 2 + arch/arm64/include/asm/cmpxchg.h | 4 +- arch/microblaze/boot/Makefile | 10 +- arch/powerpc/include/asm/barrier.h | 15 +++ arch/powerpc/include/asm/cache.h | 3 + arch/powerpc/kernel/eeh_driver.c | 28 ++--- arch/powerpc/kernel/head_8xx.S | 2 +- arch/powerpc/kernel/pci_32.c | 1 + arch/powerpc/kernel/prom_init.c | 114 +++++++++++---------- arch/powerpc/lib/string.S | 7 +- arch/powerpc/mm/slb.c | 8 +- arch/powerpc/net/bpf_jit_comp64.c | 34 ++++-- arch/powerpc/platforms/chrp/time.c | 6 +- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 + arch/powerpc/platforms/powermac/bootx_init.c | 4 +- arch/powerpc/platforms/powermac/setup.c | 1 + arch/s390/include/asm/cpu_mf.h | 6 +- arch/x86/events/intel/uncore.c | 2 +- arch/x86/events/intel/uncore_nhmex.c | 2 +- arch/x86/kernel/cpu/microcode/core.c | 6 +- block/bfq-iosched.c | 2 - crypto/authenc.c | 1 + crypto/authencesn.c | 1 + drivers/acpi/acpi_lpss.c | 6 +- drivers/acpi/pci_root.c | 4 +- drivers/ata/libata-eh.c | 12 ++- drivers/bluetooth/btusb.c | 4 + drivers/bluetooth/hci_qca.c | 2 +- drivers/bus/arm-ccn.c | 20 ++-- drivers/edac/altera_edac.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 8 +- drivers/gpu/drm/drm_atomic.c | 4 +- drivers/gpu/drm/drm_atomic_helper.c | 78 +++++++------- drivers/gpu/drm/drm_dp_mst_topology.c | 9 +- drivers/gpu/drm/gma500/psb_intel_drv.h | 2 +- drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 +- drivers/gpu/drm/nouveau/nvkm/engine/fifo/gk104.c | 8 +- drivers/gpu/drm/radeon/radeon_connectors.c | 10 +- drivers/gpu/drm/tilcdc/tilcdc_crtc.c | 2 +- drivers/hid/hid-plantronics.c | 6 +- drivers/hid/i2c-hid/i2c-hid.c | 8 ++ drivers/infiniband/core/mad.c | 11 +- drivers/infiniband/core/ucma.c | 6 +- drivers/irqchip/irq-ls-scfg-msi.c | 3 + drivers/lightnvm/pblk-rb.c | 5 +- drivers/md/md.c | 3 + drivers/md/raid1.c | 2 + drivers/media/common/siano/smsendian.c | 14 +-- drivers/media/i2c/smiapp/smiapp-core.c | 11 +- drivers/media/media-device.c | 21 ++-- drivers/media/pci/saa7164/saa7164-fw.c | 3 +- drivers/media/pci/tw686x/tw686x-video.c | 3 +- drivers/media/platform/omap3isp/isp.c | 7 +- drivers/media/platform/rcar_jpu.c | 4 +- drivers/media/radio/si470x/radio-si470x-i2c.c | 6 +- drivers/media/v4l2-core/videobuf2-core.c | 9 +- drivers/memory/tegra/mc.c | 22 +--- drivers/memory/tegra/mc.h | 9 ++ drivers/memory/tegra/tegra114.c | 2 + drivers/memory/tegra/tegra124.c | 6 ++ drivers/memory/tegra/tegra210.c | 3 + drivers/memory/tegra/tegra30.c | 2 + drivers/mfd/cros_ec.c | 6 +- drivers/mmc/core/pwrseq_simple.c | 14 ++- drivers/mmc/host/dw_mmc.c | 4 + drivers/mtd/nand/fsl_ifc_nand.c | 17 +-- drivers/net/dsa/qca8k.c | 1 + drivers/net/ethernet/broadcom/bnxt/bnxt.c | 3 + .../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 7 +- .../net/ethernet/hisilicon/hns3/hns3pf/hns3_enet.c | 24 ++++- drivers/net/ethernet/intel/e1000e/netdev.c | 15 ++- drivers/net/ethernet/intel/i40e/i40e_ptp.c | 7 +- drivers/net/ethernet/intel/igb/igb_main.c | 9 +- drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 + .../ethernet/mellanox/mlxsw/spectrum_switchdev.c | 4 +- drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 +- drivers/net/hyperv/hyperv_net.h | 2 + drivers/net/hyperv/netvsc_drv.c | 43 ++++---- drivers/net/phy/phylink.c | 2 + drivers/net/wireless/ath/regd.h | 5 + drivers/net/wireless/ath/regd_common.h | 13 +++ .../wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 + drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 + drivers/net/wireless/marvell/mwifiex/usb.c | 3 + drivers/net/wireless/marvell/mwifiex/util.c | 8 +- drivers/net/wireless/rsi/rsi_91x_hal.c | 35 ++++--- drivers/net/wireless/rsi/rsi_91x_sdio.c | 23 +++-- drivers/net/wireless/rsi/rsi_sdio.h | 2 +- drivers/net/wireless/ti/wlcore/sdio.c | 5 + drivers/net/xen-netfront.c | 4 +- drivers/nvme/host/pci.c | 5 + drivers/nvme/host/rdma.c | 10 +- drivers/nvmem/core.c | 7 ++ drivers/pci/pci-sysfs.c | 15 +-- drivers/pci/probe.c | 4 +- drivers/pinctrl/pinctrl-at91-pio4.c | 4 +- drivers/regulator/cpcap-regulator.c | 2 +- drivers/regulator/of_regulator.c | 13 +-- drivers/regulator/pfuze100-regulator.c | 1 + drivers/regulator/twl-regulator.c | 2 +- drivers/rtc/interface.c | 5 + drivers/rtc/rtc-tps6586x.c | 14 ++- drivers/rtc/rtc-tps65910.c | 12 ++- drivers/rtc/rtc-vr41xx.c | 9 +- drivers/s390/scsi/zfcp_dbf.c | 2 + drivers/scsi/3w-9xxx.c | 5 + drivers/scsi/3w-xxxx.c | 3 + drivers/scsi/cxlflash/main.c | 11 +- drivers/scsi/cxlflash/sislite.h | 1 + drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 11 +- drivers/scsi/megaraid.c | 3 + drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 + drivers/scsi/qedf/qedf_main.c | 10 ++ drivers/scsi/scsi_dh.c | 5 +- drivers/scsi/ufs/ufshcd.c | 28 +++-- drivers/soc/imx/gpcv2.c | 22 ++-- drivers/spi/spi-meson-spicc.c | 11 +- drivers/spi/spi-sh-msiof.c | 6 +- drivers/spi/spi.c | 1 + .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd.c | 2 +- .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 30 +++--- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 +- drivers/staging/lustre/lustre/llite/xattr.c | 6 +- drivers/staging/media/atomisp/i2c/ov2680.c | 6 +- .../atomisp/pci/atomisp2/atomisp_compat_ioctl32.c | 49 ++++----- .../vc04_services/interface/vchiq_arm/vchiq_core.c | 1 + drivers/thermal/samsung/exynos_tmu.c | 1 + drivers/tty/hvc/hvc_opal.c | 1 - drivers/tty/pty.c | 3 + drivers/usb/core/hub.c | 4 + drivers/vfio/mdev/mdev_core.c | 102 +++++++----------- drivers/vfio/mdev/mdev_private.h | 2 +- drivers/vfio/platform/vfio_platform_common.c | 15 ++- drivers/vfio/vfio_iommu_type1.c | 73 ++++++++----- drivers/video/backlight/pwm_bl.c | 6 +- drivers/watchdog/da9063_wdt.c | 17 ++- fs/btrfs/inode.c | 33 +++--- fs/btrfs/qgroup.c | 19 ++++ fs/btrfs/tree-log.c | 10 +- fs/ceph/super.c | 2 +- fs/crypto/crypto.c | 11 +- fs/f2fs/data.c | 8 +- fs/f2fs/file.c | 18 +++- fs/f2fs/gc.c | 11 +- fs/f2fs/segment.c | 5 + fs/f2fs/super.c | 6 ++ fs/fcntl.c | 15 ++- fs/nfs/nfs4proc.c | 14 ++- fs/nfs/pnfs.c | 6 +- fs/nfsd/nfs4xdr.c | 2 + fs/proc/task_mmu.c | 26 +++-- include/drm/drm_dp_helper.h | 1 + include/linux/delayacct.h | 2 +- include/linux/dma-iommu.h | 1 + include/linux/fs.h | 2 +- include/linux/mmc/sdio_ids.h | 1 + include/linux/netfilter/ipset/ip_set_timeout.h | 10 +- include/linux/regulator/consumer.h | 1 + include/linux/serial_core.h | 3 +- include/soc/tegra/mc.h | 2 + include/uapi/sound/asoc.h | 23 ++++- kernel/auditfilter.c | 2 +- kernel/auditsc.c | 2 + kernel/bpf/verifier.c | 4 +- kernel/delayacct.c | 17 +-- kernel/hung_task.c | 11 +- kernel/kcov.c | 3 +- kernel/power/suspend.c | 14 +-- kernel/printk/printk_safe.c | 2 +- kernel/stop_machine.c | 24 ++--- kernel/time/tick-common.c | 3 +- mm/slub.c | 2 +- mm/vmalloc.c | 3 +- net/ipv4/ipconfig.c | 13 +++ net/netfilter/ipset/ip_set_hash_gen.h | 5 +- net/netfilter/nf_tables_api.c | 11 +- security/integrity/ima/ima_main.c | 1 + sound/pci/emu10k1/emupcm.c | 4 +- sound/pci/emu10k1/memory.c | 6 +- sound/pci/fm801.c | 16 ++- sound/pci/hda/patch_ca0132.c | 8 +- sound/soc/soc-pcm.c | 6 +- sound/soc/soc-topology.c | 19 +++- sound/usb/pcm.c | 2 +- tools/perf/util/parse-events.y | 14 ++- tools/testing/selftests/intel_pstate/run.sh | 29 +++--- tools/testing/selftests/memfd/run_tests.sh | 14 ++- tools/usb/usbip/libsrc/vhci_driver.c | 32 +++--- tools/usb/usbip/libsrc/vhci_driver.h | 3 +- tools/usb/usbip/src/usbip_detach.c | 9 +- 198 files changed, 1288 insertions(+), 719 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAltbytYACgkQ3qZv95d3 LNwx+g//dcNlLXanKYC/5UNH0gSdCefzqLW1p5bdTREZhGtNFg8QhJ4H+UayQl15 uYdsK2qS9nK1U9Kc9ISbQOZTgab4gy/xF4DXOI1Y+wnLmZaDD4Tzfj7T8tU6LyHj Dh5VOE9ufmeOxzsQKlFWIKuz6BF8qqfH64huU+Jks0jiZ2oc5HfyXj5M1Q2u/Qwy CcnTSiXqwhoYqg+pa0KN2+45xynQQeXivtVDf8Hv2dRbd/IF61Ye5wXg6UM8Hm46 IZhJHcIcg5tk2jwCFqsGQQe1BVWbCILxIT8tXvtoKzksFnvo9KtiDABZ7r5khm3x SRYhPJrSbYxykGxXSsMvvTVVGZ0YF0QNL37YvR50jTNNVhutz+yLbXX1JF42IGQd uZrfrCfacKZSxSOPB7q0S4NG6ETmb1isbOtEI3D60hGzEQh6nPvht53rCHfiKkI9 HdqHoZ7DhJ0D9lA+IzQHKL1RlVU/5+w4gxy+hG0URsm2Lovm3KAL+SiSDXgnXINM pNbO2mXHqagV3x2gH9TsxRySTRCdCKKUgvlhKgipQmLHpdVPLFEMiHABRy866BW8 791kpwL6i2BwS9UoqolMAhd1ERP02ZxrcgpzFbru6F0Xe9xoyKLlVo0Nn0ZzX3bx QXtdr7IwyCvRpYG70QrBT9q/HPZrOmXGrx1K+e0VOKe+jBG016c= =URIl -----END PGP SIGNATURE-----

7 years, 4 months

2
1
0 0

[GIT PULL] commits for Linux 4.17

by Sasha Levin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Greg, Pleae pull commits for Linux 4.17 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 50f9e029a6f9f440b8da4259fb7f9b879361368a: Linux 4.17.10 (2018-07-25 11:26:13 +0200) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git for-greg-4.17-27072018 for you to fetch changes up to 04f9b013a879b7a0958264b1e8e9274d65acd76e: drm/amdgpu: Avoid reclaim while holding locks taken in MMU notifier (2018-07-25 09:07:32 -0400) - ---------------------------------------------------------------- for-greg-4.17-27072018 - ---------------------------------------------------------------- Aaron Lu (1): mem_cgroup: make sure moving_account, move_lock_task and stat_cpu in the same cacheline Alex Elder (3): soc: qcom: qmi: fix a buffer sizing bug soc: qcom: smem: fix qcom_smem_set_global_partition() soc: qcom: smem: byte swap values properly Alex Williamson (2): vfio/mdev: Check globally for duplicate devices vfio/type1: Fix task tracking for QEMU vCPU hotplug Alexander Duyck (1): ixgbe: Fix setting of TC configuration for macvlan case Alexandre Belloni (4): rtc: ensure rtc_set_alarm fails when alarms are not supported rtc: tps6586x: fix possible race condition rtc: vr41xx: fix possible race condition rtc: tps65910: fix possible race condition Alexey Khoroshilov (1): spi: meson-spicc: Fix error handling in meson_spicc_probe() Alexey Kodanev (1): netfilter: nf_tables: check msg_type before nft_trans_set(trans) Anatoly Pugachev (1): disable loading f2fs module on PAGE_SIZE > 4KB Anders Roxell (1): selftests/filesystems: devpts_pts included wrong header Andrew Elble (1): nfsd: fix error handling in nfs4_set_delegation() Andrey Smirnov (1): soc: imx: gpcv2: Do not pass static memory as platform data Andy Shevchenko (1): drm/dp/mst: Fix off-by-one typo when dump payload table Anson Huang (1): regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops Antoine Tenart (1): net: phy: sfp: handle cases where neither BR, min nor BR, max is given Arnd Bergmann (2): drivers/bus: arm-cci: fix build warnings y2038: ipc: Use ktime_get_real_seconds consistently Bartlomiej Zolnierkiewicz (1): thermal: exynos: fix setting rising_threshold for Exynos5433 Ben Hutchings (1): IB: Fix RDMA_RXE and INFINIBAND_RDMAVT dependencies for DMA_VIRT_OPS Ben Skeggs (3): drm/nouveau: remove fence wait code from deferred client work handler drm/nouveau/gem: lookup VMAs for buffers referenced by pushbuf ioctl drm/nouveau/fifo/gk104-: poll for runlist update completion Benjamin Poirier (1): e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes Bjorn Helgaas (1): PCI/ASPM: Disable ASPM L1.2 Substate if we don't have LTR Brad Love (2): media: saa7164: Fix driver name in debug output media: em28xx: Fix DualHD broken second tuner Chad Dupuis (1): scsi: qedf: Set the UNLOADING flag when removing a vport Changbin Du (1): regulator: add dummy function of_find_regulator_by_node Chao Yu (6): f2fs: fix error path of move_data_page f2fs: don't drop dentry pages after fs shutdown f2fs: fix to don't trigger writeback during recovery f2fs: fix to wait page writeback during revoking atomic write f2fs: fix to detect failure of dquot_initialize f2fs: fix race in between GC and atomic open Charles Keepax (1): ASoC: compress: Only call free for components which have been opened Chengguang Xu (1): ceph: fix alignment of rasize Chintan Pandya (1): mm: vmalloc: avoid racy handling of debugobjects in vunmap Chris Novakovic (1): ipconfig: Correctly initialise ic_nameservers Christian Gromm (1): staging: most: cdev: fix chrdev_region leak Christian Lamparter (1): pinctrl: msm: fix gpio-hog related boot issues Christoph Hellwig (1): PCI: Prevent sysfs disable of device while driver is attached Christophe Leroy (2): powerpc/lib: Adjust .balign inside string functions for PPC32 powerpc/8xx: fix invalid register expression in head_8xx.S Colin Ian King (1): media: smiapp: fix timeout checking in smiapp_read_nvm Cong Wang (1): infiniband: fix a possible use-after-free bug DaeRyong Jeong (1): tty: Fix data race in tty_insert_flip_string_fixed_flag Damien Le Moal (1): libata: Fix command retry decision Dan Carpenter (2): KVM: x86: prevent integer overflows in KVM_MEMORY_ENCRYPT_REG_REGION scsi: megaraid: silence a static checker bug Daniel DÃaz (1): selftests/intel_pstate: Improve test, minor fixes David Howells (1): rxrpc: Fix terminal retransmission connection ID to include the channel David Lechner (1): drm/tilcdc: Fix setting clock divider for omap-l138 David Sterba (1): btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups Dmitry Osipenko (2): memory: tegra: Do not handle spurious interrupts memory: tegra: Apply interrupts mask per SoC Dmitry Torokhov (1): HID: i2c-hid: check if device is there before really probing Dominik Bozek (1): usb: hub: Don't wait for connect state at resume for powered-off ports Doug Oucahrek (1): staging: lustre: o2iblnd: fix race at kiblnd_connect_peer Doug Oucharek (1): staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 Douglas Anderson (2): serial: core: Make sure compiler barfs for 16-byte earlycon names regulator: Don't return or expect -errno from of_map_mode() Emil Tantilov (1): ixgbevf: fix MAC address changes through ixgbevf_set_mac() Enric Balletbo i Serra (1): arm64: defconfig: Enable Rockchip io-domain driver Eric Biggers (1): fscrypt: use unbound workqueue for decryption Ethan Lien (1): btrfs: balance dirty metadata pages in btrfs_finish_ordered_io Eyal Reizer (1): wlcore: sdio: check for valid platform device data before suspend Ezequiel Garcia (1): media: tw686x: Fix incorrect vb2_mem_ops GFP flags Fabio Estevam (2): ASoC: fsl_ssi: Use u32 variable type when using regmap_read() ARM: dts: imx6qdl-wandboard: Let the codec control MCLK pinctrl Felix Fietkau (1): mt76: add rcu locking around tx scheduling Felix Kuehling (1): drm/amdgpu: Avoid reclaim while holding locks taken in MMU notifier Filippo Muzzini (1): block, bfq: remove wrong lock in bfq_requests_merged Florent Fourcot (1): netfilter: ipset: forbid family for hash:mac sets Florian Fainelli (1): net: phy: phylink: Release link GPIO Fuyun Liang (1): net: hns3: Fixes the init of the VALID BD info in the descriptor Ganapathi Bhat (1): mwifiex: handle race during mwifiex_usb_disconnect Geert Uytterhoeven (4): vfio: platform: Fix reset module leak in error path spi: sh-msiof: Fix setting SIRMDR1.SYNCAC to match SITMDR1.SYNCAC ARM: dts: emev2: Add missing interrupt-affinity to PMU node ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node Gioh Kim (1): md/raid1: add error handling of read error from FailFast device Gregory Greenman (1): iwlwifi: mvm: open BA session only when sta is authorized Grygorii Strashko (1): net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value Gustavo A. R. Silva (1): qtnfmac: pearl: pcie: fix memory leak in qtnf_fw_work_handler Hans Verkuil (2): media: videobuf2-core: don't call memop 'finish' when queueing media: cec: fix smatch error Hans de Goede (1): ACPI / LPSS: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is 2 Huang Ying (1): mm: /proc/pid/pagemap: hide swap entries from unprivileged users Huazhong Tan (1): net: hns3: Fixes the out of bounds access in hclge_map_tqp Ido Schimmel (1): mlxsw: spectrum_router: Return an error for non-default FIB rules Igor Konopko (2): lightnvm: fix partial read error path lightnvm: proper error handling for pblk_bio_add_pages Jacob Keller (2): i40e: free the skb after clearing the bitlock i40e: avoid overflow in i40e_ptp_adjfreq() Jacopo Mondi (2): media: arch: sh: migor: Fix TW9910 PDN gpio media: renesas-ceu: Set mbus_fmt on subdev operations Jaegeuk Kim (2): f2fs: avoid fsync() failure caused by EAGAIN in writepage() f2fs: check cap_resource only for data blocks Jakub Kicinski (1): bpf: fix references to free_bpf_prog_info() in comments Jakub Pawlak (1): i40e: Add advertising 10G LR mode James Simmons (1): staging: lustre: llite: correct removexattr detection Jan Kiszka (1): PCI: Fix devm_pci_alloc_host_bridge() memory leak Jane Wan (1): mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages Javier GonzÃ¡lez (1): lightnvm: pblk: warn in case of corrupted write buffer Jens Remus (1): scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger Jian-Hong Pan (1): Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011 Jianchao Wang (1): nvme-rdma: stop admin queue before freeing it Jiri Olsa (1): perf tools: Fix pmu events parsing rule Jonathan NeuschÃ¤fer (1): powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet JosÃ© Roberto de Souza (1): drm: Add DP PSR2 sink enable bit Jozsef Kadlecsik (1): netfilter: ipset: List timing out entries with "timeout 1" instead of zero Juergen Gross (1): xen/netfront: raise max number of slots in xennet_get_responses() Julia Lawall (1): pinctrl: at91-pio4: add missing of_node_put Kai Chieh Chuang (1): ASoC: dpcm: fix BE dai not hw_free and shutdown Kan Liang (2): perf/x86/intel/uncore: Correct fixed counter index check in generic code perf/x86/intel/uncore: Correct fixed counter index check for NHM Keith Busch (1): nvme-pci: Fix AER reset handling Kenneth Feng (1): drm/amd/powerplay: Set higher SCLK&MCLK frequency than dpm7 in OD (v2) Kirill Marinushkin (2): ASoC: topology: Fix bclk and fsync inversion in set_link_hw_format() ASoC: topology: Add missing clock gating parameter when parsing hw_configs Kirill Tkhai (1): fasync: Fix deadlock between task-context and interrupt-context kill_fasync() Kishon Vijay Abraham I (1): mmc: sdhci-omap: Fix when capabilities are obtained from SDHCI_CAPABILITIES reg Kuninori Morimoto (1): arm64: dts: renesas: salvator-common: use audio-graph-card for Sound Laurentiu Tudor (1): irqchip/ls-scfg-msi: Map MSIs in the iommu Leo (Sunpeng) Li (1): drm/amd/display: Fix dim display on DCE11 Leon Romanovsky (1): RDMA/mad: Convert BUG_ONs to error flows Lijun Ou (1): net: hns3: Fixes initalization of RoCE handle and makes it conditional Lorenzo Bianconi (2): mt76x2: apply coverage class on slot time too mt76x2: fix avg_rssi estimation Luc Van Oostenryck (2): drm/radeon: fix mode_valid's return type drm/gma500: fix psb_intel_lvds_mode_valid()'s return type Luis Henriques (1): ceph: fix use-after-free in ceph_statfs() Marc Zyngier (1): dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA Marco Felsch (1): watchdog: da9063: Fix updating timeout value Mario Limonciello (1): platform/x86: dell-smbios: Match on www.dell.com in OEM strings too Mark Rutland (2): kcov: ensure irq code sees a valid area drivers/perf: arm-ccn: don't log to dmesg in event_init Martin Blumenstingl (1): dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC Masahisa KOJIMA (1): net: socionext: reset hardware in ndo_stop Mathieu Malaterre (8): mm/slub.c: add __printf verification to slab_err() powerpc/32: Add a missing include header powerpc/chrp/time: Make some functions static, add missing header include powerpc/powermac: Add missing prototype for note_bootable_part() powerpc/powermac: Mark variable x as unused powerpc: Add __printf verification to prom_printf clocksource: Move inline keyword to the beginning of function declarations nvmem: properly handle returned value nvmem_reg_read Matthew R. Ochs (1): scsi: cxlflash: Avoid clobbering context control register value Mauro Carvalho Chehab (7): media: cec-pin-error-inj: avoid a false-positive Spectre detection media: atomisp: ov2680: don't declare unused vars media: staging: atomisp: Comment out several unused sensor resolutions media: em28xx: fix a regression with HVR-950 media: siano: get rid of __le32/__le16 cast warnings media: atomisp: compat32: fix __user annotations media: si470x: fix __be16 annotations Maxime Chevallier (1): net: mvpp2: Add missing VLAN tag detection Maya Erez (1): scsi: ufs: fix exception event handling Michael Chan (2): bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only. bnxt_en: Always forward VF MAC address to the PF. Michael Grzeschik (1): usbip: dynamically allocate idev by nports found in sysfs Michal Simek (1): microblaze: Fix simpleImage format generation Michal Suchanek (1): powerpc/64s: Add barrier_nospec Michal VokÃ¡Ä (1): net: dsa: qca8k: Add support for QCA8334 switch Mika Westerberg (1): PCI: pciehp: Request control of native hotplug only if supported Mike Looijmans (1): clk-si544: Properly round requested frequency to nearest match Mikita Lipski (1): drm/amd/display: Do not program interrupt status on disabled crtc Mimi Zohar (1): ima: based on policy verify firmware signatures (pre-allocated buffer) NeilBrown (1): staging: lustre: ldlm: free resource when ldlm_lock_create() fails. Nicholas Piggin (1): powerpc/64s: Fix compiler store ordering to SLB shadow area Olga Kornievskaia (1): skip LAYOUTRETURN if layout is invalid Omar Sandoval (2): Btrfs: don't return ino to ino cache if inode item removal fails Btrfs: don't BUG_ON() in btrfs_truncate_inode_items() Ondrej MosnÃ¡Äek (1): audit: allow not equal op for audit by executable Oza Pawandeep (1): PCI/DPC: Clear interrupt status in interrupt handler top half Patrice Chotard (2): ARM: dts: stih410: Fix complain about IRQ_TYPE_NONE usage ARM: dts: stih407-pinctrl: Fix complain about IRQ_TYPE_NONE usage Patrick Bellasi (1): sched/cpufreq: Modify aggregate utilization to always include blocked FAIR utilization Paul Cercueil (1): clk: ingenic: jz4770: Modify C1CLK clock to disable CPU clock stop on idle Peng Li (1): net: hns3: Updates RX packet info fetch in case of multi BD Petr Machata (1): mlxsw: spectrum_switchdev: Fix port_vlan refcounting Philippe CORNU (1): drm/stm: ltdc: fix warning in ltdc_crtc_update_clut() Qu Wenruo (1): btrfs: qgroup: Finish rescan when hit the last leaf of extent tree Ram Pai (1): mm, powerpc, x86: define VM_PKEY_BITx bits if CONFIG_ARCH_HAS_PKEYS is enabled Rob Herring (1): ARM: dts: imx53: Fix LDB OF graph warning Sahitya Tummala (1): f2fs: Fix deadlock in shutdown ioctl Sam Bobroff (1): powerpc/eeh: Fix use-after-release of EEH driver Sami Tolvanen (1): media: media-device: fix ioctl function types Samuel Li (1): drm/amdgpu: Remove VRAM from shared bo domains. Sandipan Das (2): bpf: fix multi-function JITed dump obtained via syscall bpf: powerpc64: pad function address loads with NOPs Sanjay Kumar Konduri (1): rsi: Add null check for virtual interfaces in wowlan config Satendra Singh Thakur (1): drm/atomic: Handling the case when setting old crtc for plane Scott Mayhew (1): nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo Scott Wood (1): x86/microcode: Make the late update update_lock a raw lock for RT Sean Lanigan (1): brcmfmac: Add support for bcm43364 wireless chipset Sean Young (1): media: rc: mce_kbd decoder: low timeout values cause double keydowns Sebastian Andrzej Siewior (2): PM / wakeup: Make s2idle_lock a RAW_SPINLOCK delayacct: Use raw_spinlocks Sekhar Nori (1): clk: davinci: psc-da830: fix USB0 48MHz PHY clock registration Sergey Matyukevich (1): qtnfmac: fix invalid STA state on EAPOL failure Sergey Senozhatsky (1): printk: drop in_nmi check from printk_safe_flush_on_panic() Sergio Paracuellos (1): staging: ks7010: fix error handling in ks7010_upload_firmware Shaul Triebitz (1): iwlwifi: pcie: fix race in Rx buffer allocator Shawn Lin (1): mmc: dw_mmc: update actual clock for mmc debugfs Shirish S (1): drm/amd/display: remove need of modeset flag for overlay planes (V2) Shivasharan S (1): scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs Shuah Khan (Samsung OSG) (5): usbip: usbip_detach: Fix memory, udev context and udev leak selftests: memfd: return Kselftest Skip code for skipped tests selftests: kvm: return Kselftest Skip code for skipped tests selftests: intel_pstate: return Kselftest Skip code for skipped tests selftests: filesystems: return Kselftest Skip code for skipped tests Siva Rebbagondla (2): rsi: Fix 'invalid vdd' warning in mmc rsi: fix nommu_map_sg overflow kernel panic Stefan Wahren (1): staging: vchiq_core: Fix missing semaphore release in error case Stephen Hemminger (1): hv_netvsc: fix network namespace issues with VF support Stewart Smith (1): hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common() Subhash Jadavani (1): scsi: ufs: ufshcd: fix possible unclocked register access Sudeep Holla (1): tick: Prefer a lower rating device only if it's CPU local device Suman Anna (1): media: omap3isp: fix unbalanced dma_iommu_mapping Sven Eckelmann (9): ath: Add regulatory mapping for FCC3_ETSIC ath: Add regulatory mapping for ETSI8_WORLD ath: Add regulatory mapping for APL13_WORLD ath: Add regulatory mapping for APL2_FCCA ath: Add regulatory mapping for Uganda ath: Add regulatory mapping for Tanzania ath: Add regulatory mapping for Serbia ath: Add regulatory mapping for Bermuda ath: Add regulatory mapping for Bahamas Takashi Iwai (3): ALSA: emu10k1: Rate-limit error messages about page errors ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback dma-direct: try reallocation with GFP_DMA32 if possible Takashi Sakamoto (1): ALSA: hda/ca0132: fix build failure when a local macro is defined Tamizh Chelvam (1): ath10k: fix kernel panic while reading tpc_stats Terry Junge (1): HID: hid-plantronics: Re-resend Update to map button for PTT products Tetsuo Handa (2): mm: check for SIGKILL inside dup_mmap() loop kernel/hung_task.c: show all hung tasks before panic Thierry Escande (2): lib/test_printf.c: call wait_for_random_bytes() before plain %p tests Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning Thierry Reding (1): gpu: host1x: Acquire a reference to the IOVA cache Thomas Gleixner (1): stop_machine: Use raw spinlocks Thomas Hebb (1): ath10k: search all IEs for variant before falling back Thomas Richter (2): s390/cpum_sf: Add data entry sizes to sampling trailer entry perf: fix invalid bit in diagnostic entry Thor Thayer (1): EDAC, altera: Fix ARM64 build warning Tobin C. Harding (1): mmc: pwrseq: Use kmalloc_array instead of stack VLA Tomasz Figa (1): drm/rockchip: analogix_dp: Do not call Analogix code before bind Tony Lindgren (1): spi: Add missing pm_runtime_put_noidle() after failed get Trond Myklebust (3): NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY pnfs: Don't release the sequence slot until we've processed layoutget on open NFS: Fix up nfs_post_op_update_inode() to force ctime updates Tudor-Dan Ambarus (2): crypto: authencesn - don't leak pointers to authenc keys crypto: authenc - don't leak pointers to authenc keys Uma Krishnan (1): scsi: cxlflash: Synchronize reset and remove ops Vic Wei (1): Bluetooth: btusb: add ID for LiteOn 04ca:301a Ville SyrjÃ¤lÃ¤ (1): drm/atomic-helper: Drop plane->fb references only for drm_atomic_helper_shutdown() Vincent Palatin (1): mfd: cros_ec: Fail early if we cannot identify the EC Vinicius Costa Gomes (1): igb: Fix queue selection on MAC filters on i210 Viresh Kumar (1): soc/tegra: pmc: Don't allocate struct tegra_powergate on stack Wang YanQing (1): bpf, arm32: fix inconsistent naming about emit_a32_lsr_{r64,i64} Wei Xu (1): nvme: lightnvm: add granby support Wei Yongjun (1): media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open() Wenwen Wang (2): scsi: 3w-9xxx: fix a missing-check bug scsi: 3w-xxxx: fix a missing-check bug Will Deacon (1): arm64: cmpwait: Clear event register before arming exclusive monitor Wolfram Sang (2): watchdog: renesas-wdt: Add support for the R8A77965 WDT backlight: pwm_bl: Don't use GPIOF_* with gpiod_get_direction Xi Wang (3): net: hns3: Fix for VF mailbox cannot receiving PF response net: hns3: Fix the missing client list node initialization net: hns3: Fix for hns3 module is loaded multiple times problem Xiang Chen (1): scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw Xinming Hu (1): mwifiex: correct histogram data with appropriate index Xose Vazquez Perez (1): scsi: scsi_dh: replace too broad "TP9" string with the exact models Yixun Lan (1): dt-bindings: net: meson-dwmac: new compatible name for AXG SoC Yufen Yu (1): md: fix NULL dereference of mddev->pers in remove_and_add_spares() Yunlei He (1): f2fs: fix missing clear FI_NO_PREALLOC in some error case Yunsheng Lin (4): net: hns3: Fix for phy not link up problem after resetting net: hns3: Fix for service_task not running problem after resetting net: hns3: Fix for CMDQ and Misc. interrupt init order problem net: hns3: Fix for fiber link up problem Zhouyang Jia (2): ALSA: emu10k1: add error handling for snd_ctl_add ALSA: fm801: add error handling for snd_ctl_add .../devicetree/bindings/net/meson-dwmac.txt | 1 + .../devicetree/bindings/pinctrl/meson,pinctrl.txt | 2 + .../devicetree/bindings/watchdog/renesas-wdt.txt | 1 + Documentation/vfio-mediated-device.txt | 5 + arch/arm/boot/dts/emev2.dtsi | 5 +- arch/arm/boot/dts/imx53-ppd.dts | 2 - arch/arm/boot/dts/imx53.dtsi | 8 ++ arch/arm/boot/dts/imx6qdl-wandboard-revb1.dtsi | 1 - arch/arm/boot/dts/imx6qdl-wandboard-revc1.dtsi | 1 - arch/arm/boot/dts/imx6qdl-wandboard-revd1.dtsi | 1 - arch/arm/boot/dts/imx6qdl-wandboard.dtsi | 8 ++ arch/arm/boot/dts/sh73a0.dtsi | 5 +- arch/arm/boot/dts/stih407-pinctrl.dtsi | 10 +- arch/arm/boot/dts/stih410.dtsi | 18 +-- arch/arm/net/bpf_jit_32.c | 10 +- arch/arm64/boot/dts/renesas/salvator-common.dtsi | 38 +++--- arch/arm64/configs/defconfig | 2 + arch/arm64/include/asm/cmpxchg.h | 4 +- arch/microblaze/boot/Makefile | 10 +- arch/powerpc/include/asm/barrier.h | 15 +++ arch/powerpc/include/asm/cache.h | 3 + arch/powerpc/include/asm/pkeys.h | 2 + arch/powerpc/kernel/eeh_driver.c | 28 +++-- arch/powerpc/kernel/head_8xx.S | 2 +- arch/powerpc/kernel/pci_32.c | 1 + arch/powerpc/kernel/prom_init.c | 114 +++++++++--------- arch/powerpc/lib/string.S | 7 +- arch/powerpc/mm/slb.c | 8 +- arch/powerpc/net/bpf_jit_comp64.c | 34 ++++-- arch/powerpc/platforms/chrp/time.c | 6 +- arch/powerpc/platforms/embedded6xx/hlwd-pic.c | 5 + arch/powerpc/platforms/powermac/bootx_init.c | 4 +- arch/powerpc/platforms/powermac/setup.c | 1 + arch/s390/include/asm/cpu_mf.h | 6 +- arch/sh/boards/mach-migor/setup.c | 2 +- arch/x86/events/intel/uncore.c | 2 +- arch/x86/events/intel/uncore_nhmex.c | 2 +- arch/x86/kernel/cpu/microcode/core.c | 6 +- arch/x86/kvm/svm.c | 8 +- block/bfq-iosched.c | 2 - crypto/authenc.c | 1 + crypto/authencesn.c | 1 + drivers/acpi/acpi_lpss.c | 6 +- drivers/acpi/pci_root.c | 4 +- drivers/ata/libata-eh.c | 12 +- drivers/bluetooth/btusb.c | 4 + drivers/bluetooth/hci_qca.c | 2 +- drivers/clk/clk-si544.c | 1 + drivers/clk/davinci/psc-da830.c | 3 +- drivers/clk/ingenic/jz4770-cgu.c | 3 +- drivers/edac/altera_edac.c | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu_mn.c | 17 +-- drivers/gpu/drm/amd/amdgpu/amdgpu_object.c | 8 +- drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 8 +- .../gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_irq.c | 3 + .../amd/display/dc/dce110/dce110_hw_sequencer.c | 4 +- drivers/gpu/drm/amd/powerplay/hwmgr/smu7_hwmgr.c | 7 +- drivers/gpu/drm/drm_atomic.c | 4 +- drivers/gpu/drm/drm_atomic_helper.c | 78 ++++++------ drivers/gpu/drm/drm_dp_mst_topology.c | 9 +- drivers/gpu/drm/gma500/psb_intel_drv.h | 2 +- drivers/gpu/drm/gma500/psb_intel_lvds.c | 2 +- drivers/gpu/drm/nouveau/nouveau_dma.c | 10 +- drivers/gpu/drm/nouveau/nouveau_dma.h | 5 +- drivers/gpu/drm/nouveau/nouveau_drm.c | 30 +++-- drivers/gpu/drm/nouveau/nouveau_gem.c | 19 ++- drivers/gpu/drm/nouveau/nvkm/engine/fifo/gk104.c | 8 +- drivers/gpu/drm/radeon/radeon_connectors.c | 10 +- drivers/gpu/drm/rockchip/analogix_dp-rockchip.c | 9 ++ drivers/gpu/drm/stm/ltdc.c | 3 - drivers/gpu/drm/tilcdc/tilcdc_crtc.c | 2 +- drivers/gpu/host1x/dev.c | 11 +- drivers/hid/hid-plantronics.c | 6 +- drivers/hid/i2c-hid/i2c-hid.c | 8 ++ drivers/infiniband/core/mad.c | 11 +- drivers/infiniband/core/ucma.c | 6 +- drivers/infiniband/sw/rdmavt/Kconfig | 2 +- drivers/infiniband/sw/rxe/Kconfig | 1 + drivers/irqchip/irq-ls-scfg-msi.c | 3 + drivers/lightnvm/pblk-core.c | 6 +- drivers/lightnvm/pblk-rb.c | 5 +- drivers/lightnvm/pblk-read.c | 8 +- drivers/md/md.c | 3 + drivers/md/raid1.c | 2 + drivers/media/cec/cec-pin-error-inj.c | 33 ++--- drivers/media/common/siano/smsendian.c | 14 +-- drivers/media/common/videobuf2/videobuf2-core.c | 9 +- drivers/media/i2c/smiapp/smiapp-core.c | 11 +- drivers/media/media-device.c | 21 ++-- drivers/media/pci/saa7164/saa7164-fw.c | 3 +- drivers/media/pci/tw686x/tw686x-video.c | 3 +- drivers/media/platform/omap3isp/isp.c | 7 +- drivers/media/platform/rcar_jpu.c | 4 +- drivers/media/platform/renesas-ceu.c | 20 ++- drivers/media/radio/si470x/radio-si470x-i2c.c | 6 +- drivers/media/rc/ir-mce_kbd-decoder.c | 12 +- drivers/media/usb/em28xx/em28xx-dvb.c | 4 +- drivers/memory/tegra/mc.c | 22 +--- drivers/memory/tegra/mc.h | 9 ++ drivers/memory/tegra/tegra114.c | 2 + drivers/memory/tegra/tegra124.c | 6 + drivers/memory/tegra/tegra210.c | 3 + drivers/memory/tegra/tegra30.c | 2 + drivers/mfd/cros_ec.c | 6 +- drivers/mmc/core/pwrseq_simple.c | 14 ++- drivers/mmc/host/dw_mmc.c | 4 + drivers/mmc/host/sdhci-omap.c | 17 ++- drivers/mtd/nand/raw/fsl_ifc_nand.c | 17 +-- drivers/net/dsa/qca8k.c | 1 + drivers/net/ethernet/broadcom/bnxt/bnxt.c | 5 +- drivers/net/ethernet/broadcom/bnxt/bnxt_sriov.c | 3 +- drivers/net/ethernet/hisilicon/hns3/hnae3.c | 1 + drivers/net/ethernet/hisilicon/hns3/hnae3.h | 2 + drivers/net/ethernet/hisilicon/hns3/hns3_enet.c | 41 ++++--- drivers/net/ethernet/hisilicon/hns3/hns3_enet.h | 2 + .../ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 17 +-- .../ethernet/hisilicon/hns3/hns3pf/hclge_main.h | 2 +- .../ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 28 +++-- .../ethernet/hisilicon/hns3/hns3vf/hclgevf_main.h | 2 +- drivers/net/ethernet/intel/e1000e/netdev.c | 15 +-- drivers/net/ethernet/intel/i40e/i40e.h | 2 +- drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 4 +- drivers/net/ethernet/intel/i40e/i40e_ptp.c | 48 +++++--- drivers/net/ethernet/intel/igb/igb_main.c | 9 +- drivers/net/ethernet/intel/ixgbe/ixgbe_lib.c | 8 ++ drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 8 -- drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 1 + drivers/net/ethernet/marvell/mvpp2.c | 3 + .../net/ethernet/mellanox/mlxsw/spectrum_router.c | 14 +-- .../ethernet/mellanox/mlxsw/spectrum_switchdev.c | 4 +- drivers/net/ethernet/socionext/netsec.c | 23 ++-- drivers/net/ethernet/ti/cpsw-phy-sel.c | 8 +- drivers/net/hyperv/hyperv_net.h | 2 + drivers/net/hyperv/netvsc_drv.c | 43 +++---- drivers/net/phy/phylink.c | 2 + drivers/net/phy/sfp-bus.c | 7 ++ drivers/net/wireless/ath/ath10k/core.c | 134 +++++++++++---------- drivers/net/wireless/ath/ath10k/debug.c | 8 +- drivers/net/wireless/ath/ath10k/wmi.c | 6 + drivers/net/wireless/ath/ath10k/wmi.h | 2 +- drivers/net/wireless/ath/regd.h | 5 + drivers/net/wireless/ath/regd_common.h | 13 ++ .../wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c | 1 + drivers/net/wireless/intel/iwlwifi/mvm/mac80211.c | 8 +- drivers/net/wireless/intel/iwlwifi/mvm/rs.c | 38 +++--- drivers/net/wireless/intel/iwlwifi/mvm/rs.h | 7 +- drivers/net/wireless/intel/iwlwifi/mvm/sta.c | 2 +- drivers/net/wireless/intel/iwlwifi/mvm/sta.h | 10 +- drivers/net/wireless/intel/iwlwifi/pcie/rx.c | 2 + drivers/net/wireless/marvell/mwifiex/usb.c | 3 + drivers/net/wireless/marvell/mwifiex/util.c | 8 +- drivers/net/wireless/mediatek/mt76/mt76x2_init.c | 3 + drivers/net/wireless/mediatek/mt76/mt76x2_main.c | 3 +- drivers/net/wireless/mediatek/mt76/mt76x2_phy.c | 6 +- drivers/net/wireless/mediatek/mt76/tx.c | 2 + drivers/net/wireless/quantenna/qtnfmac/cfg80211.c | 21 ++-- drivers/net/wireless/quantenna/qtnfmac/event.c | 8 +- .../net/wireless/quantenna/qtnfmac/pearl/pcie.c | 4 + drivers/net/wireless/rsi/rsi_91x_hal.c | 35 +++--- drivers/net/wireless/rsi/rsi_91x_mac80211.c | 7 +- drivers/net/wireless/rsi/rsi_91x_sdio.c | 23 ++-- drivers/net/wireless/rsi/rsi_sdio.h | 2 +- drivers/net/wireless/ti/wlcore/sdio.c | 5 + drivers/net/xen-netfront.c | 4 +- drivers/nvme/host/pci.c | 16 ++- drivers/nvme/host/rdma.c | 10 +- drivers/nvmem/core.c | 7 ++ drivers/pci/pci-sysfs.c | 15 ++- drivers/pci/pcie/aspm.c | 9 ++ drivers/pci/pcie/dpc.c | 5 +- drivers/pci/probe.c | 4 +- drivers/perf/arm-cci.c | 6 +- drivers/perf/arm-ccn.c | 20 +-- drivers/pinctrl/pinctrl-at91-pio4.c | 4 +- drivers/pinctrl/qcom/pinctrl-msm.c | 23 +++- drivers/platform/x86/dell-smbios-base.c | 5 +- drivers/regulator/cpcap-regulator.c | 2 +- drivers/regulator/internal.h | 9 +- drivers/regulator/of_regulator.c | 13 +- drivers/regulator/pfuze100-regulator.c | 1 + drivers/regulator/twl-regulator.c | 2 +- drivers/rtc/interface.c | 5 + drivers/rtc/rtc-tps6586x.c | 14 ++- drivers/rtc/rtc-tps65910.c | 12 +- drivers/rtc/rtc-vr41xx.c | 9 +- drivers/s390/scsi/zfcp_dbf.c | 2 + drivers/scsi/3w-9xxx.c | 5 + drivers/scsi/3w-xxxx.c | 3 + drivers/scsi/cxlflash/main.c | 11 +- drivers/scsi/cxlflash/sislite.h | 1 + drivers/scsi/hisi_sas/hisi_sas_v3_hw.c | 11 +- drivers/scsi/megaraid.c | 3 + drivers/scsi/megaraid/megaraid_sas_fusion.c | 3 + drivers/scsi/qedf/qedf_main.c | 10 ++ drivers/scsi/scsi_dh.c | 5 +- drivers/scsi/ufs/ufshcd.c | 28 ++++- drivers/soc/imx/gpcv2.c | 22 ++-- drivers/soc/qcom/qmi_interface.c | 5 +- drivers/soc/qcom/smem.c | 27 +++-- drivers/soc/tegra/pmc.c | 20 +-- drivers/spi/spi-meson-spicc.c | 11 +- drivers/spi/spi-sh-msiof.c | 6 +- drivers/spi/spi.c | 1 + drivers/staging/ks7010/ks7010_sdio.c | 3 + .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd.c | 2 +- .../staging/lustre/lnet/klnds/o2iblnd/o2iblnd_cb.c | 30 ++--- drivers/staging/lustre/lustre/ldlm/ldlm_lock.c | 6 +- drivers/staging/lustre/lustre/llite/xattr.c | 6 +- drivers/staging/media/atomisp/i2c/atomisp-ov2680.c | 6 +- drivers/staging/media/atomisp/i2c/gc2235.h | 9 +- drivers/staging/media/atomisp/i2c/ov2680.h | 5 +- drivers/staging/media/atomisp/i2c/ov2722.h | 6 + drivers/staging/media/atomisp/i2c/ov5693/ov5693.h | 18 ++- .../atomisp/pci/atomisp2/atomisp_compat_ioctl32.c | 49 ++++---- drivers/staging/most/cdev/cdev.c | 6 +- .../vc04_services/interface/vchiq_arm/vchiq_core.c | 1 + drivers/thermal/samsung/exynos_tmu.c | 1 + drivers/tty/hvc/hvc_opal.c | 1 - drivers/tty/pty.c | 3 + drivers/usb/core/hub.c | 4 + drivers/vfio/mdev/mdev_core.c | 102 ++++++---------- drivers/vfio/mdev/mdev_private.h | 2 +- drivers/vfio/platform/vfio_platform_common.c | 15 ++- drivers/vfio/vfio_iommu_type1.c | 73 +++++++---- drivers/video/backlight/pwm_bl.c | 6 +- drivers/watchdog/da9063_wdt.c | 17 ++- fs/btrfs/inode.c | 33 +++-- fs/btrfs/qgroup.c | 19 +++ fs/btrfs/tree-log.c | 10 +- fs/ceph/super.c | 13 +- fs/crypto/crypto.c | 11 +- fs/f2fs/data.c | 14 ++- fs/f2fs/f2fs.h | 8 +- fs/f2fs/file.c | 20 ++- fs/f2fs/gc.c | 11 +- fs/f2fs/segment.c | 5 + fs/f2fs/super.c | 6 + fs/fcntl.c | 15 ++- fs/nfs/inode.c | 3 +- fs/nfs/nfs4proc.c | 14 ++- fs/nfs/pnfs.c | 6 +- fs/nfsd/nfs4state.c | 5 +- fs/nfsd/nfs4xdr.c | 2 + fs/proc/task_mmu.c | 30 +++-- include/drm/drm_dp_helper.h | 1 + include/linux/delayacct.h | 2 +- include/linux/dma-iommu.h | 1 + include/linux/fs.h | 2 +- include/linux/memcontrol.h | 23 +++- include/linux/mm.h | 9 +- include/linux/mmc/sdio_ids.h | 1 + include/linux/netfilter/ipset/ip_set_timeout.h | 10 +- include/linux/regulator/consumer.h | 1 + include/linux/serial_core.h | 3 +- include/soc/tegra/mc.h | 2 + include/uapi/sound/asoc.h | 23 +++- ipc/msg.c | 6 +- ipc/sem.c | 6 +- kernel/auditfilter.c | 2 +- kernel/auditsc.c | 2 + kernel/bpf/syscall.c | 37 +++++- kernel/bpf/verifier.c | 4 +- kernel/delayacct.c | 17 +-- kernel/fork.c | 8 ++ kernel/hung_task.c | 11 +- kernel/kcov.c | 3 +- kernel/power/suspend.c | 14 +-- kernel/printk/printk_safe.c | 2 +- kernel/sched/cpufreq_schedutil.c | 17 ++- kernel/stop_machine.c | 24 ++-- kernel/time/clocksource.c | 4 +- kernel/time/tick-common.c | 3 +- lib/dma-direct.c | 7 ++ lib/test_printf.c | 7 ++ mm/slub.c | 2 +- mm/vmalloc.c | 3 +- net/ipv4/ipconfig.c | 13 ++ net/netfilter/ipset/ip_set_hash_gen.h | 5 +- net/netfilter/nf_tables_api.c | 11 +- net/rxrpc/conn_event.c | 2 +- security/integrity/ima/ima_main.c | 1 + sound/pci/emu10k1/emupcm.c | 4 +- sound/pci/emu10k1/memory.c | 6 +- sound/pci/fm801.c | 16 ++- sound/pci/hda/patch_ca0132.c | 8 +- sound/soc/fsl/fsl_ssi.c | 3 +- sound/soc/soc-compress.c | 52 ++++---- sound/soc/soc-pcm.c | 6 +- sound/soc/soc-topology.c | 19 ++- sound/usb/pcm.c | 2 +- tools/perf/util/parse-events.y | 14 ++- tools/testing/selftests/filesystems/Makefile | 1 + tools/testing/selftests/filesystems/devpts_pts.c | 13 +- tools/testing/selftests/intel_pstate/run.sh | 29 +++-- tools/testing/selftests/kvm/lib/assert.c | 9 +- tools/testing/selftests/kvm/vmx_tsc_adjust_test.c | 2 + tools/testing/selftests/memfd/run_tests.sh | 14 ++- tools/usb/usbip/libsrc/vhci_driver.c | 32 +++-- tools/usb/usbip/libsrc/vhci_driver.h | 3 +- tools/usb/usbip/src/usbip_detach.c | 9 +- 300 files changed, 2016 insertions(+), 1139 deletions(-) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE4n5dijQDou9mhzu83qZv95d3LNwFAltbyp4ACgkQ3qZv95d3 LNzoMg/9FAvnKWLP30n6XsXTkAmpAaZV3Q1ydYH8ornqyp5+KKZascqwMP6cxL8h cgZ2M9QB/ah0gzqldqrwhyz9/aDYXur6CQax53QuZ5IFxOxIU2D/EqPSKgpD3veE 5eddqa5n6kxUvd4Ok/U5OzQyXoGgFZ1BgCoAlFYl0NQhDZ06A2H92+HuLPdQiVI4 d9N+ZmRWYQHaNmshoM8QOcvbppBdHe2fuatjwFxx/Ef3EE89VDFSJFpS8TZkiiXD DzMoj+i3fBcNtAb1V3XNwyFPZSt9bFsOzbIbGcGpZyf55y5leB5xyyFDcvflqf6y RqPivhe7BNB+xnvEjoIvaUuDpJwS0DvfvdMn/suC/DRIUxJjJOsM4Z7yeAFJVawW DC1a0w38O/KLYVAtThNbPi6w1Br9m7F3RbQOJkj+KC25O45kTbExWZjsCJDrriQh wB4FOwbB+UGXGe7ei1iJu6jxfN/JTn54+MIwhTP6CcA1jRSCpFMhUItvM2ieWNTi Aqg7xArVC2GDXo8WJMoBW3tBes2iMBlbbxbf5P70HiAXXRn4bBCYEj0bGKZyKKfQ SZAsg4xtMpYED2snQprkKp6FuO8BHZpnZtOkGmpiLMlSzwTb3sv6kWDTSObQPEAT aeKmf9+E3bUybjxA+a2lzpn9rqyaUt0JO45szJU3rjacALK+cKg= =g87N -----END PGP SIGNATURE-----

7 years, 4 months

2
1
0 0

[PATCH] usb: dwc2: Fix DMA alignment to start at allocated boundary

by Antti Seppälä

commit 56406e017a883b54b339207b230f85599f4d70ae upstream. The commit 3bc04e28a030 ("usb: dwc2: host: Get aligned DMA in a more supported way") introduced a common way to align DMA allocations. The code in the commit aligns the struct dma_aligned_buffer but the actual DMA address pointed by data[0] gets aligned to an offset from the allocated boundary by the kmalloc_ptr and the old_xfer_buffer pointers. This is against the recommendation in Documentation/DMA-API.txt which states: Therefore, it is recommended that driver writers who don't take special care to determine the cache line size at run time only map virtual regions that begin and end on page boundaries (which are guaranteed also to be cache line boundaries). The effect of this is that architectures with non-coherent DMA caches may run into memory corruption or kernel crashes with Unhandled kernel unaligned accesses exceptions. Fix the alignment by positioning the DMA area in front of the allocation and use memory at the end of the area for storing the orginal transfer_buffer pointer. This may have the added benefit of increased performance as the DMA area is now fully aligned on all architectures. Tested with Lantiq xRX200 (MIPS) and RPi Model B Rev 2 (ARM). Fixes: 3bc04e28a030 ("usb: dwc2: host: Get aligned DMA in a more supported way") Cc: <stable(a)vger.kernel.org> Reviewed-by: Douglas Anderson <dianders(a)chromium.org> [ Antti: backported to 4.9: edited difference in whitespace ] Signed-off-by: Antti Seppälä <a.seppala(a)gmail.com> Signed-off-by: Felipe Balbi <felipe.balbi(a)linux.intel.com> --- Notes: This is the same patch already applied upstream and queued for stable kernels 4.14 and 4.17 but with a minor whitespace edit to make it apply also on 4.9. drivers/usb/dwc2/hcd.c | 44 +++++++++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/drivers/usb/dwc2/hcd.c b/drivers/usb/dwc2/hcd.c index 0a0cf154814b..984d6aae7529 100644 --- a/drivers/usb/dwc2/hcd.c +++ b/drivers/usb/dwc2/hcd.c @@ -2544,34 +2544,29 @@ static void dwc2_hc_init_xfer(struct dwc2_hsotg *hsotg, #define DWC2_USB_DMA_ALIGN 4 -struct dma_aligned_buffer { - void *kmalloc_ptr; - void *old_xfer_buffer; - u8 data[0]; -}; - static void dwc2_free_dma_aligned_buffer(struct urb *urb) { - struct dma_aligned_buffer *temp; + void *stored_xfer_buffer; if (!(urb->transfer_flags & URB_ALIGNED_TEMP_BUFFER)) return; - temp = container_of(urb->transfer_buffer, - struct dma_aligned_buffer, data); + /* Restore urb->transfer_buffer from the end of the allocated area */ + memcpy(&stored_xfer_buffer, urb->transfer_buffer + + urb->transfer_buffer_length, sizeof(urb->transfer_buffer)); if (usb_urb_dir_in(urb)) - memcpy(temp->old_xfer_buffer, temp->data, + memcpy(stored_xfer_buffer, urb->transfer_buffer, urb->transfer_buffer_length); - urb->transfer_buffer = temp->old_xfer_buffer; - kfree(temp->kmalloc_ptr); + kfree(urb->transfer_buffer); + urb->transfer_buffer = stored_xfer_buffer; urb->transfer_flags &= ~URB_ALIGNED_TEMP_BUFFER; } static int dwc2_alloc_dma_aligned_buffer(struct urb *urb, gfp_t mem_flags) { - struct dma_aligned_buffer *temp, *kmalloc_ptr; + void *kmalloc_ptr; size_t kmalloc_size; if (urb->num_sgs || urb->sg || @@ -2579,22 +2574,29 @@ static int dwc2_alloc_dma_aligned_buffer(struct urb *urb, gfp_t mem_flags) !((uintptr_t)urb->transfer_buffer & (DWC2_USB_DMA_ALIGN - 1))) return 0; - /* Allocate a buffer with enough padding for alignment */ + /* + * Allocate a buffer with enough padding for original transfer_buffer + * pointer. This allocation is guaranteed to be aligned properly for + * DMA + */ kmalloc_size = urb->transfer_buffer_length + - sizeof(struct dma_aligned_buffer) + DWC2_USB_DMA_ALIGN - 1; + sizeof(urb->transfer_buffer); kmalloc_ptr = kmalloc(kmalloc_size, mem_flags); if (!kmalloc_ptr) return -ENOMEM; - /* Position our struct dma_aligned_buffer such that data is aligned */ - temp = PTR_ALIGN(kmalloc_ptr + 1, DWC2_USB_DMA_ALIGN) - 1; - temp->kmalloc_ptr = kmalloc_ptr; - temp->old_xfer_buffer = urb->transfer_buffer; + /* + * Position value of original urb->transfer_buffer pointer to the end + * of allocation for later referencing + */ + memcpy(kmalloc_ptr + urb->transfer_buffer_length, + &urb->transfer_buffer, sizeof(urb->transfer_buffer)); + if (usb_urb_dir_out(urb)) - memcpy(temp->data, urb->transfer_buffer, + memcpy(kmalloc_ptr, urb->transfer_buffer, urb->transfer_buffer_length); - urb->transfer_buffer = temp->data; + urb->transfer_buffer = kmalloc_ptr; urb->transfer_flags |= URB_ALIGNED_TEMP_BUFFER; -- 2.13.6

7 years, 4 months

2
1
0 0

FAILED: patch "[PATCH] ring_buffer: tracing: Inherit the tracing setting to next" failed to apply to 3.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 3.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 73c8d8945505acdcbae137c2e00a1232e0be709f Mon Sep 17 00:00:00 2001 From: Masami Hiramatsu <mhiramat(a)kernel.org> Date: Sat, 14 Jul 2018 01:28:15 +0900 Subject: [PATCH] ring_buffer: tracing: Inherit the tracing setting to next ring buffer Maintain the tracing on/off setting of the ring_buffer when switching to the trace buffer snapshot. Taking a snapshot is done by swapping the backup ring buffer (max_tr_buffer). But since the tracing on/off setting is defined by the ring buffer, when swapping it, the tracing on/off setting can also be changed. This causes a strange result like below: /sys/kernel/debug/tracing # cat tracing_on 1 /sys/kernel/debug/tracing # echo 0 > tracing_on /sys/kernel/debug/tracing # cat tracing_on 0 /sys/kernel/debug/tracing # echo 1 > snapshot /sys/kernel/debug/tracing # cat tracing_on 1 /sys/kernel/debug/tracing # echo 1 > snapshot /sys/kernel/debug/tracing # cat tracing_on 0 We don't touch tracing_on, but snapshot changes tracing_on setting each time. This is an anomaly, because user doesn't know that each "ring_buffer" stores its own tracing-enable state and the snapshot is done by swapping ring buffers. Link: http://lkml.kernel.org/r/153149929558.11274.11730609978254724394.stgit@devb… Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Shuah Khan <shuah(a)kernel.org> Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Hiraku Toyooka <hiraku.toyooka(a)cybertrust.co.jp> Cc: stable(a)vger.kernel.org Fixes: debdd57f5145 ("tracing: Make a snapshot feature available from userspace") Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> [ Updated commit log and comment in the code ] Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/include/linux/ring_buffer.h b/include/linux/ring_buffer.h index b72ebdff0b77..003d09ab308d 100644 --- a/include/linux/ring_buffer.h +++ b/include/linux/ring_buffer.h @@ -165,6 +165,7 @@ void ring_buffer_record_enable(struct ring_buffer *buffer); void ring_buffer_record_off(struct ring_buffer *buffer); void ring_buffer_record_on(struct ring_buffer *buffer); int ring_buffer_record_is_on(struct ring_buffer *buffer); +int ring_buffer_record_is_set_on(struct ring_buffer *buffer); void ring_buffer_record_disable_cpu(struct ring_buffer *buffer, int cpu); void ring_buffer_record_enable_cpu(struct ring_buffer *buffer, int cpu); diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index 6a46af21765c..0b0b688ea166 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -3226,6 +3226,22 @@ int ring_buffer_record_is_on(struct ring_buffer *buffer) return !atomic_read(&buffer->record_disabled); } +/** + * ring_buffer_record_is_set_on - return true if the ring buffer is set writable + * @buffer: The ring buffer to see if write is set enabled + * + * Returns true if the ring buffer is set writable by ring_buffer_record_on(). + * Note that this does NOT mean it is in a writable state. + * + * It may return true when the ring buffer has been disabled by + * ring_buffer_record_disable(), as that is a temporary disabling of + * the ring buffer. + */ +int ring_buffer_record_is_set_on(struct ring_buffer *buffer) +{ + return !(atomic_read(&buffer->record_disabled) & RB_BUFFER_OFF); +} + /** * ring_buffer_record_disable_cpu - stop all writes into the cpu_buffer * @buffer: The ring buffer to stop writes to. diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 87cf25171fb8..823687997b01 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -1373,6 +1373,12 @@ update_max_tr(struct trace_array *tr, struct task_struct *tsk, int cpu) arch_spin_lock(&tr->max_lock); + /* Inherit the recordable setting from trace_buffer */ + if (ring_buffer_record_is_set_on(tr->trace_buffer.buffer)) + ring_buffer_record_on(tr->max_buffer.buffer); + else + ring_buffer_record_off(tr->max_buffer.buffer); + swap(tr->trace_buffer.buffer, tr->max_buffer.buffer); __update_max_tr(tr, tsk, cpu);

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] ring_buffer: tracing: Inherit the tracing setting to next" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 73c8d8945505acdcbae137c2e00a1232e0be709f Mon Sep 17 00:00:00 2001 From: Masami Hiramatsu <mhiramat(a)kernel.org> Date: Sat, 14 Jul 2018 01:28:15 +0900 Subject: [PATCH] ring_buffer: tracing: Inherit the tracing setting to next ring buffer Maintain the tracing on/off setting of the ring_buffer when switching to the trace buffer snapshot. Taking a snapshot is done by swapping the backup ring buffer (max_tr_buffer). But since the tracing on/off setting is defined by the ring buffer, when swapping it, the tracing on/off setting can also be changed. This causes a strange result like below: /sys/kernel/debug/tracing # cat tracing_on 1 /sys/kernel/debug/tracing # echo 0 > tracing_on /sys/kernel/debug/tracing # cat tracing_on 0 /sys/kernel/debug/tracing # echo 1 > snapshot /sys/kernel/debug/tracing # cat tracing_on 1 /sys/kernel/debug/tracing # echo 1 > snapshot /sys/kernel/debug/tracing # cat tracing_on 0 We don't touch tracing_on, but snapshot changes tracing_on setting each time. This is an anomaly, because user doesn't know that each "ring_buffer" stores its own tracing-enable state and the snapshot is done by swapping ring buffers. Link: http://lkml.kernel.org/r/153149929558.11274.11730609978254724394.stgit@devb… Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Shuah Khan <shuah(a)kernel.org> Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Hiraku Toyooka <hiraku.toyooka(a)cybertrust.co.jp> Cc: stable(a)vger.kernel.org Fixes: debdd57f5145 ("tracing: Make a snapshot feature available from userspace") Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> [ Updated commit log and comment in the code ] Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/include/linux/ring_buffer.h b/include/linux/ring_buffer.h index b72ebdff0b77..003d09ab308d 100644 --- a/include/linux/ring_buffer.h +++ b/include/linux/ring_buffer.h @@ -165,6 +165,7 @@ void ring_buffer_record_enable(struct ring_buffer *buffer); void ring_buffer_record_off(struct ring_buffer *buffer); void ring_buffer_record_on(struct ring_buffer *buffer); int ring_buffer_record_is_on(struct ring_buffer *buffer); +int ring_buffer_record_is_set_on(struct ring_buffer *buffer); void ring_buffer_record_disable_cpu(struct ring_buffer *buffer, int cpu); void ring_buffer_record_enable_cpu(struct ring_buffer *buffer, int cpu); diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index 6a46af21765c..0b0b688ea166 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -3226,6 +3226,22 @@ int ring_buffer_record_is_on(struct ring_buffer *buffer) return !atomic_read(&buffer->record_disabled); } +/** + * ring_buffer_record_is_set_on - return true if the ring buffer is set writable + * @buffer: The ring buffer to see if write is set enabled + * + * Returns true if the ring buffer is set writable by ring_buffer_record_on(). + * Note that this does NOT mean it is in a writable state. + * + * It may return true when the ring buffer has been disabled by + * ring_buffer_record_disable(), as that is a temporary disabling of + * the ring buffer. + */ +int ring_buffer_record_is_set_on(struct ring_buffer *buffer) +{ + return !(atomic_read(&buffer->record_disabled) & RB_BUFFER_OFF); +} + /** * ring_buffer_record_disable_cpu - stop all writes into the cpu_buffer * @buffer: The ring buffer to stop writes to. diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 87cf25171fb8..823687997b01 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -1373,6 +1373,12 @@ update_max_tr(struct trace_array *tr, struct task_struct *tsk, int cpu) arch_spin_lock(&tr->max_lock); + /* Inherit the recordable setting from trace_buffer */ + if (ring_buffer_record_is_set_on(tr->trace_buffer.buffer)) + ring_buffer_record_on(tr->max_buffer.buffer); + else + ring_buffer_record_off(tr->max_buffer.buffer); + swap(tr->trace_buffer.buffer, tr->max_buffer.buffer); __update_max_tr(tr, tsk, cpu);

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] ring_buffer: tracing: Inherit the tracing setting to next" failed to apply to 4.9-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.9-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 73c8d8945505acdcbae137c2e00a1232e0be709f Mon Sep 17 00:00:00 2001 From: Masami Hiramatsu <mhiramat(a)kernel.org> Date: Sat, 14 Jul 2018 01:28:15 +0900 Subject: [PATCH] ring_buffer: tracing: Inherit the tracing setting to next ring buffer Maintain the tracing on/off setting of the ring_buffer when switching to the trace buffer snapshot. Taking a snapshot is done by swapping the backup ring buffer (max_tr_buffer). But since the tracing on/off setting is defined by the ring buffer, when swapping it, the tracing on/off setting can also be changed. This causes a strange result like below: /sys/kernel/debug/tracing # cat tracing_on 1 /sys/kernel/debug/tracing # echo 0 > tracing_on /sys/kernel/debug/tracing # cat tracing_on 0 /sys/kernel/debug/tracing # echo 1 > snapshot /sys/kernel/debug/tracing # cat tracing_on 1 /sys/kernel/debug/tracing # echo 1 > snapshot /sys/kernel/debug/tracing # cat tracing_on 0 We don't touch tracing_on, but snapshot changes tracing_on setting each time. This is an anomaly, because user doesn't know that each "ring_buffer" stores its own tracing-enable state and the snapshot is done by swapping ring buffers. Link: http://lkml.kernel.org/r/153149929558.11274.11730609978254724394.stgit@devb… Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Shuah Khan <shuah(a)kernel.org> Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Hiraku Toyooka <hiraku.toyooka(a)cybertrust.co.jp> Cc: stable(a)vger.kernel.org Fixes: debdd57f5145 ("tracing: Make a snapshot feature available from userspace") Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> [ Updated commit log and comment in the code ] Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/include/linux/ring_buffer.h b/include/linux/ring_buffer.h index b72ebdff0b77..003d09ab308d 100644 --- a/include/linux/ring_buffer.h +++ b/include/linux/ring_buffer.h @@ -165,6 +165,7 @@ void ring_buffer_record_enable(struct ring_buffer *buffer); void ring_buffer_record_off(struct ring_buffer *buffer); void ring_buffer_record_on(struct ring_buffer *buffer); int ring_buffer_record_is_on(struct ring_buffer *buffer); +int ring_buffer_record_is_set_on(struct ring_buffer *buffer); void ring_buffer_record_disable_cpu(struct ring_buffer *buffer, int cpu); void ring_buffer_record_enable_cpu(struct ring_buffer *buffer, int cpu); diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index 6a46af21765c..0b0b688ea166 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -3226,6 +3226,22 @@ int ring_buffer_record_is_on(struct ring_buffer *buffer) return !atomic_read(&buffer->record_disabled); } +/** + * ring_buffer_record_is_set_on - return true if the ring buffer is set writable + * @buffer: The ring buffer to see if write is set enabled + * + * Returns true if the ring buffer is set writable by ring_buffer_record_on(). + * Note that this does NOT mean it is in a writable state. + * + * It may return true when the ring buffer has been disabled by + * ring_buffer_record_disable(), as that is a temporary disabling of + * the ring buffer. + */ +int ring_buffer_record_is_set_on(struct ring_buffer *buffer) +{ + return !(atomic_read(&buffer->record_disabled) & RB_BUFFER_OFF); +} + /** * ring_buffer_record_disable_cpu - stop all writes into the cpu_buffer * @buffer: The ring buffer to stop writes to. diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 87cf25171fb8..823687997b01 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -1373,6 +1373,12 @@ update_max_tr(struct trace_array *tr, struct task_struct *tsk, int cpu) arch_spin_lock(&tr->max_lock); + /* Inherit the recordable setting from trace_buffer */ + if (ring_buffer_record_is_set_on(tr->trace_buffer.buffer)) + ring_buffer_record_on(tr->max_buffer.buffer); + else + ring_buffer_record_off(tr->max_buffer.buffer); + swap(tr->trace_buffer.buffer, tr->max_buffer.buffer); __update_max_tr(tr, tsk, cpu);

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] ring_buffer: tracing: Inherit the tracing setting to next" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 73c8d8945505acdcbae137c2e00a1232e0be709f Mon Sep 17 00:00:00 2001 From: Masami Hiramatsu <mhiramat(a)kernel.org> Date: Sat, 14 Jul 2018 01:28:15 +0900 Subject: [PATCH] ring_buffer: tracing: Inherit the tracing setting to next ring buffer Maintain the tracing on/off setting of the ring_buffer when switching to the trace buffer snapshot. Taking a snapshot is done by swapping the backup ring buffer (max_tr_buffer). But since the tracing on/off setting is defined by the ring buffer, when swapping it, the tracing on/off setting can also be changed. This causes a strange result like below: /sys/kernel/debug/tracing # cat tracing_on 1 /sys/kernel/debug/tracing # echo 0 > tracing_on /sys/kernel/debug/tracing # cat tracing_on 0 /sys/kernel/debug/tracing # echo 1 > snapshot /sys/kernel/debug/tracing # cat tracing_on 1 /sys/kernel/debug/tracing # echo 1 > snapshot /sys/kernel/debug/tracing # cat tracing_on 0 We don't touch tracing_on, but snapshot changes tracing_on setting each time. This is an anomaly, because user doesn't know that each "ring_buffer" stores its own tracing-enable state and the snapshot is done by swapping ring buffers. Link: http://lkml.kernel.org/r/153149929558.11274.11730609978254724394.stgit@devb… Cc: Ingo Molnar <mingo(a)redhat.com> Cc: Shuah Khan <shuah(a)kernel.org> Cc: Tom Zanussi <tom.zanussi(a)linux.intel.com> Cc: Hiraku Toyooka <hiraku.toyooka(a)cybertrust.co.jp> Cc: stable(a)vger.kernel.org Fixes: debdd57f5145 ("tracing: Make a snapshot feature available from userspace") Signed-off-by: Masami Hiramatsu <mhiramat(a)kernel.org> [ Updated commit log and comment in the code ] Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/include/linux/ring_buffer.h b/include/linux/ring_buffer.h index b72ebdff0b77..003d09ab308d 100644 --- a/include/linux/ring_buffer.h +++ b/include/linux/ring_buffer.h @@ -165,6 +165,7 @@ void ring_buffer_record_enable(struct ring_buffer *buffer); void ring_buffer_record_off(struct ring_buffer *buffer); void ring_buffer_record_on(struct ring_buffer *buffer); int ring_buffer_record_is_on(struct ring_buffer *buffer); +int ring_buffer_record_is_set_on(struct ring_buffer *buffer); void ring_buffer_record_disable_cpu(struct ring_buffer *buffer, int cpu); void ring_buffer_record_enable_cpu(struct ring_buffer *buffer, int cpu); diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index 6a46af21765c..0b0b688ea166 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -3226,6 +3226,22 @@ int ring_buffer_record_is_on(struct ring_buffer *buffer) return !atomic_read(&buffer->record_disabled); } +/** + * ring_buffer_record_is_set_on - return true if the ring buffer is set writable + * @buffer: The ring buffer to see if write is set enabled + * + * Returns true if the ring buffer is set writable by ring_buffer_record_on(). + * Note that this does NOT mean it is in a writable state. + * + * It may return true when the ring buffer has been disabled by + * ring_buffer_record_disable(), as that is a temporary disabling of + * the ring buffer. + */ +int ring_buffer_record_is_set_on(struct ring_buffer *buffer) +{ + return !(atomic_read(&buffer->record_disabled) & RB_BUFFER_OFF); +} + /** * ring_buffer_record_disable_cpu - stop all writes into the cpu_buffer * @buffer: The ring buffer to stop writes to. diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 87cf25171fb8..823687997b01 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -1373,6 +1373,12 @@ update_max_tr(struct trace_array *tr, struct task_struct *tsk, int cpu) arch_spin_lock(&tr->max_lock); + /* Inherit the recordable setting from trace_buffer */ + if (ring_buffer_record_is_set_on(tr->trace_buffer.buffer)) + ring_buffer_record_on(tr->max_buffer.buffer); + else + ring_buffer_record_off(tr->max_buffer.buffer); + swap(tr->trace_buffer.buffer, tr->max_buffer.buffer); __update_max_tr(tr, tsk, cpu);

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] kthread, tracing: Don't expose half-written comm when" failed to apply to 3.18-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 3.18-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 3e536e222f2930534c252c1cc7ae799c725c5ff9 Mon Sep 17 00:00:00 2001 From: Snild Dolkow <snild(a)sony.com> Date: Thu, 26 Jul 2018 09:15:39 +0200 Subject: [PATCH] kthread, tracing: Don't expose half-written comm when creating kthreads There is a window for racing when printing directly to task->comm, allowing other threads to see a non-terminated string. The vsnprintf function fills the buffer, counts the truncated chars, then finally writes the \0 at the end. creator other vsnprintf: fill (not terminated) count the rest trace_sched_waking(p): ... memcpy(comm, p->comm, TASK_COMM_LEN) write \0 The consequences depend on how 'other' uses the string. In our case, it was copied into the tracing system's saved cmdlines, a buffer of adjacent TASK_COMM_LEN-byte buffers (note the 'n' where 0 should be): crash-arm64> x/1024s savedcmd->saved_cmdlines | grep 'evenk' 0xffffffd5b3818640: "irq/497-pwr_evenkworker/u16:12" ...and a strcpy out of there would cause stack corruption: [224761.522292] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ffffff9bf9783c78 crash-arm64> kbt | grep 'comm\|trace_print_context' #6 0xffffff9bf9783c78 in trace_print_context+0x18c(+396) comm (char [16]) = "irq/497-pwr_even" crash-arm64> rd 0xffffffd4d0e17d14 8 ffffffd4d0e17d14: 2f71726900000000 5f7277702d373934 ....irq/497-pwr_ ffffffd4d0e17d24: 726f776b6e657665 3a3631752f72656b evenkworker/u16: ffffffd4d0e17d34: f9780248ff003231 cede60e0ffffff9b 12..H.x......`.. ffffffd4d0e17d44: cede60c8ffffffd4 00000fffffffffd4 .....`.......... The workaround in e09e28671 (use strlcpy in __trace_find_cmdline) was likely needed because of this same bug. Solved by vsnprintf:ing to a local buffer, then using set_task_comm(). This way, there won't be a window where comm is not terminated. Link: http://lkml.kernel.org/r/20180726071539.188015-1-snild@sony.com Cc: stable(a)vger.kernel.org Fixes: bc0c38d139ec7 ("ftrace: latency tracer infrastructure") Reviewed-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> Signed-off-by: Snild Dolkow <snild(a)sony.com> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/kernel/kthread.c b/kernel/kthread.c index 750cb8082694..486dedbd9af5 100644 --- a/kernel/kthread.c +++ b/kernel/kthread.c @@ -325,8 +325,14 @@ struct task_struct *__kthread_create_on_node(int (*threadfn)(void *data), task = create->result; if (!IS_ERR(task)) { static const struct sched_param param = { .sched_priority = 0 }; + char name[TASK_COMM_LEN]; - vsnprintf(task->comm, sizeof(task->comm), namefmt, args); + /* + * task is already visible to other tasks, so updating + * COMM must be protected. + */ + vsnprintf(name, sizeof(name), namefmt, args); + set_task_comm(task, name); /* * root may have changed our (kthreadd's) priority or CPU mask. * The kernel thread should not inherit these properties.

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] kthread, tracing: Don't expose half-written comm when" failed to apply to 4.4-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.4-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 3e536e222f2930534c252c1cc7ae799c725c5ff9 Mon Sep 17 00:00:00 2001 From: Snild Dolkow <snild(a)sony.com> Date: Thu, 26 Jul 2018 09:15:39 +0200 Subject: [PATCH] kthread, tracing: Don't expose half-written comm when creating kthreads There is a window for racing when printing directly to task->comm, allowing other threads to see a non-terminated string. The vsnprintf function fills the buffer, counts the truncated chars, then finally writes the \0 at the end. creator other vsnprintf: fill (not terminated) count the rest trace_sched_waking(p): ... memcpy(comm, p->comm, TASK_COMM_LEN) write \0 The consequences depend on how 'other' uses the string. In our case, it was copied into the tracing system's saved cmdlines, a buffer of adjacent TASK_COMM_LEN-byte buffers (note the 'n' where 0 should be): crash-arm64> x/1024s savedcmd->saved_cmdlines | grep 'evenk' 0xffffffd5b3818640: "irq/497-pwr_evenkworker/u16:12" ...and a strcpy out of there would cause stack corruption: [224761.522292] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ffffff9bf9783c78 crash-arm64> kbt | grep 'comm\|trace_print_context' #6 0xffffff9bf9783c78 in trace_print_context+0x18c(+396) comm (char [16]) = "irq/497-pwr_even" crash-arm64> rd 0xffffffd4d0e17d14 8 ffffffd4d0e17d14: 2f71726900000000 5f7277702d373934 ....irq/497-pwr_ ffffffd4d0e17d24: 726f776b6e657665 3a3631752f72656b evenkworker/u16: ffffffd4d0e17d34: f9780248ff003231 cede60e0ffffff9b 12..H.x......`.. ffffffd4d0e17d44: cede60c8ffffffd4 00000fffffffffd4 .....`.......... The workaround in e09e28671 (use strlcpy in __trace_find_cmdline) was likely needed because of this same bug. Solved by vsnprintf:ing to a local buffer, then using set_task_comm(). This way, there won't be a window where comm is not terminated. Link: http://lkml.kernel.org/r/20180726071539.188015-1-snild@sony.com Cc: stable(a)vger.kernel.org Fixes: bc0c38d139ec7 ("ftrace: latency tracer infrastructure") Reviewed-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> Signed-off-by: Snild Dolkow <snild(a)sony.com> Signed-off-by: Steven Rostedt (VMware) <rostedt(a)goodmis.org> diff --git a/kernel/kthread.c b/kernel/kthread.c index 750cb8082694..486dedbd9af5 100644 --- a/kernel/kthread.c +++ b/kernel/kthread.c @@ -325,8 +325,14 @@ struct task_struct *__kthread_create_on_node(int (*threadfn)(void *data), task = create->result; if (!IS_ERR(task)) { static const struct sched_param param = { .sched_priority = 0 }; + char name[TASK_COMM_LEN]; - vsnprintf(task->comm, sizeof(task->comm), namefmt, args); + /* + * task is already visible to other tasks, so updating + * COMM must be protected. + */ + vsnprintf(name, sizeof(name), namefmt, args); + set_task_comm(task, name); /* * root may have changed our (kthreadd's) priority or CPU mask. * The kernel thread should not inherit these properties.

7 years, 4 months

1
0
0 0

FAILED: patch "[PATCH] mm: fix vma_is_anonymous() false-positives" failed to apply to 4.17-stable tree

by gregkh＠linuxfoundation.org

The patch below does not apply to the 4.17-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to <stable(a)vger.kernel.org>. thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From bfd40eaff5abb9f62c8ef94ca13ed0d94a560f10 Mon Sep 17 00:00:00 2001 From: "Kirill A. Shutemov" <kirill.shutemov(a)linux.intel.com> Date: Thu, 26 Jul 2018 16:37:35 -0700 Subject: [PATCH] mm: fix vma_is_anonymous() false-positives vma_is_anonymous() relies on ->vm_ops being NULL to detect anonymous VMA. This is unreliable as ->mmap may not set ->vm_ops. False-positive vma_is_anonymous() may lead to crashes: next ffff8801ce5e7040 prev ffff8801d20eca50 mm ffff88019c1e13c0 prot 27 anon_vma ffff88019680cdd8 vm_ops 0000000000000000 pgoff 0 file ffff8801b2ec2d00 private_data 0000000000000000 flags: 0xff(read|write|exec|shared|mayread|maywrite|mayexec|mayshare) ------------[ cut here ]------------ kernel BUG at mm/memory.c:1422! invalid opcode: 0000 [#1] SMP KASAN CPU: 0 PID: 18486 Comm: syz-executor3 Not tainted 4.18.0-rc3+ #136 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:zap_pmd_range mm/memory.c:1421 [inline] RIP: 0010:zap_pud_range mm/memory.c:1466 [inline] RIP: 0010:zap_p4d_range mm/memory.c:1487 [inline] RIP: 0010:unmap_page_range+0x1c18/0x2220 mm/memory.c:1508 Call Trace: unmap_single_vma+0x1a0/0x310 mm/memory.c:1553 zap_page_range_single+0x3cc/0x580 mm/memory.c:1644 unmap_mapping_range_vma mm/memory.c:2792 [inline] unmap_mapping_range_tree mm/memory.c:2813 [inline] unmap_mapping_pages+0x3a7/0x5b0 mm/memory.c:2845 unmap_mapping_range+0x48/0x60 mm/memory.c:2880 truncate_pagecache+0x54/0x90 mm/truncate.c:800 truncate_setsize+0x70/0xb0 mm/truncate.c:826 simple_setattr+0xe9/0x110 fs/libfs.c:409 notify_change+0xf13/0x10f0 fs/attr.c:335 do_truncate+0x1ac/0x2b0 fs/open.c:63 do_sys_ftruncate+0x492/0x560 fs/open.c:205 __do_sys_ftruncate fs/open.c:215 [inline] __se_sys_ftruncate fs/open.c:213 [inline] __x64_sys_ftruncate+0x59/0x80 fs/open.c:213 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe Reproducer: #include <stdio.h> #include <stddef.h> #include <stdint.h> #include <stdlib.h> #include <string.h> #include <sys/types.h> #include <sys/stat.h> #include <sys/ioctl.h> #include <sys/mman.h> #include <unistd.h> #include <fcntl.h> #define KCOV_INIT_TRACE _IOR('c', 1, unsigned long) #define KCOV_ENABLE _IO('c', 100) #define KCOV_DISABLE _IO('c', 101) #define COVER_SIZE (1024<<10) #define KCOV_TRACE_PC 0 #define KCOV_TRACE_CMP 1 int main(int argc, char **argv) { int fd; unsigned long *cover; system("mount -t debugfs none /sys/kernel/debug"); fd = open("/sys/kernel/debug/kcov", O_RDWR); ioctl(fd, KCOV_INIT_TRACE, COVER_SIZE); cover = mmap(NULL, COVER_SIZE * sizeof(unsigned long), PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0); munmap(cover, COVER_SIZE * sizeof(unsigned long)); cover = mmap(NULL, COVER_SIZE * sizeof(unsigned long), PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0); memset(cover, 0, COVER_SIZE * sizeof(unsigned long)); ftruncate(fd, 3UL << 20); return 0; } This can be fixed by assigning anonymous VMAs own vm_ops and not relying on it being NULL. If ->mmap() failed to set ->vm_ops, mmap_region() will set it to dummy_vm_ops. This way we will have non-NULL ->vm_ops for all VMAs. Link: http://lkml.kernel.org/r/20180724121139.62570-4-kirill.shutemov@linux.intel… Signed-off-by: Kirill A. Shutemov <kirill.shutemov(a)linux.intel.com> Reported-by: syzbot+3f84280d52be9b7083cc(a)syzkaller.appspotmail.com Acked-by: Linus Torvalds <torvalds(a)linux-foundation.org> Reviewed-by: Andrew Morton <akpm(a)linux-foundation.org> Cc: Dmitry Vyukov <dvyukov(a)google.com> Cc: Oleg Nesterov <oleg(a)redhat.com> Cc: Andrea Arcangeli <aarcange(a)redhat.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds(a)linux-foundation.org> diff --git a/drivers/char/mem.c b/drivers/char/mem.c index ffeb60d3434c..df66a9dd0aae 100644 --- a/drivers/char/mem.c +++ b/drivers/char/mem.c @@ -708,6 +708,7 @@ static int mmap_zero(struct file *file, struct vm_area_struct *vma) #endif if (vma->vm_flags & VM_SHARED) return shmem_zero_setup(vma); + vma_set_anonymous(vma); return 0; } diff --git a/fs/exec.c b/fs/exec.c index 72e961a62adb..bdd0eacefdf5 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -293,6 +293,7 @@ static int __bprm_mm_init(struct linux_binprm *bprm) bprm->vma = vma = vm_area_alloc(mm); if (!vma) return -ENOMEM; + vma_set_anonymous(vma); if (down_write_killable(&mm->mmap_sem)) { err = -EINTR; diff --git a/include/linux/mm.h b/include/linux/mm.h index 31540f166987..7ba6d356d18f 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -454,10 +454,18 @@ struct vm_operations_struct { static inline void vma_init(struct vm_area_struct *vma, struct mm_struct *mm) { + static const struct vm_operations_struct dummy_vm_ops = {}; + vma->vm_mm = mm; + vma->vm_ops = &dummy_vm_ops; INIT_LIST_HEAD(&vma->anon_vma_chain); } +static inline void vma_set_anonymous(struct vm_area_struct *vma) +{ + vma->vm_ops = NULL; +} + struct mmu_gather; struct inode; diff --git a/mm/mmap.c b/mm/mmap.c index ff1944d8d458..17bbf4d3e24f 100644 --- a/mm/mmap.c +++ b/mm/mmap.c @@ -1778,6 +1778,8 @@ unsigned long mmap_region(struct file *file, unsigned long addr, error = shmem_zero_setup(vma); if (error) goto free_vma; + } else { + vma_set_anonymous(vma); } vma_link(mm, vma, prev, rb_link, rb_parent); @@ -2983,6 +2985,7 @@ static int do_brk_flags(unsigned long addr, unsigned long len, unsigned long fla return -ENOMEM; } + vma_set_anonymous(vma); vma->vm_start = addr; vma->vm_end = addr + len; vma->vm_pgoff = pgoff; diff --git a/mm/nommu.c b/mm/nommu.c index 1d22fdbf7d7c..9fc9e43335b6 100644 --- a/mm/nommu.c +++ b/mm/nommu.c @@ -1145,6 +1145,8 @@ static int do_mmap_private(struct vm_area_struct *vma, if (ret < len) memset(base + ret, 0, len - ret); + } else { + vma_set_anonymous(vma); } return 0;

7 years, 4 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror