- Linux-stable-mirror - lists.linaro.org

by Greg KH

I'm announcing the release of the 4.14.31 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-bus-iio | 2 Makefile | 11 + arch/arm64/mm/mmu.c | 10 + arch/h8300/include/asm/byteorder.h | 1 arch/mips/lantiq/Kconfig | 2 arch/mips/lantiq/xway/sysctrl.c | 6 - arch/mips/ralink/mt7621.c | 42 +++---- arch/mips/ralink/reset.c | 7 - arch/x86/Makefile | 9 + arch/x86/boot/compressed/misc.c | 4 arch/x86/entry/entry_64.S | 2 arch/x86/entry/vsyscall/vsyscall_64.c | 2 arch/x86/events/intel/core.c | 2 arch/x86/events/intel/uncore_snbep.c | 33 +++-- arch/x86/include/asm/vmx.h | 1 arch/x86/kernel/idt.c | 2 arch/x86/kernel/traps.c | 15 +- arch/x86/kvm/vmx.c | 9 + arch/x86/mm/pgtable.c | 48 ++++++++ arch/x86/net/bpf_jit_comp.c | 3 arch/x86/platform/efi/efi_64.c | 2 drivers/acpi/acpi_watchdog.c | 4 drivers/acpi/numa.c | 10 + drivers/ata/ahci.c | 4 drivers/ata/libata-core.c | 26 +++- drivers/ata/libata-scsi.c | 10 + drivers/bluetooth/btusb.c | 8 - drivers/clk/bcm/clk-bcm2835.c | 12 +- drivers/clk/sunxi-ng/ccu-sun6i-a31.c | 6 - drivers/gpu/drm/drm_framebuffer.c | 7 + drivers/gpu/drm/drm_syncobj.c | 81 +++++-------- drivers/gpu/drm/radeon/radeon_connectors.c | 31 ++--- drivers/gpu/drm/udl/udl_fb.c | 9 + drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 13 ++ drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 1 drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 39 +++++- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 13 +- drivers/gpu/drm/vmwgfx/vmwgfx_scrn.c | 5 drivers/gpu/drm/vmwgfx/vmwgfx_stdu.c | 5 drivers/hv/ring_buffer.c | 52 +++++--- drivers/iio/accel/st_accel_core.c | 2 drivers/iio/adc/meson_saradc.c | 4 drivers/iio/chemical/ccs811.c | 3 drivers/iio/imu/st_lsm6dsx/st_lsm6dsx_core.c | 2 drivers/iio/pressure/st_pressure_core.c | 2 drivers/infiniband/hw/mlx5/mr.c | 12 +- drivers/mmc/core/block.c | 19 +++ drivers/mmc/core/card.h | 1 drivers/mmc/core/quirks.h | 6 + drivers/mmc/host/dw_mmc-exynos.c | 8 + drivers/mmc/host/dw_mmc.c | 15 +- drivers/mtd/mtdchar.c | 4 drivers/mtd/nand/fsl_ifc_nand.c | 32 ++--- drivers/net/can/cc770/cc770.c | 100 ++++++++++------- drivers/net/can/cc770/cc770.h | 2 drivers/net/can/ifi_canfd/ifi_canfd.c | 75 +++++++----- drivers/net/can/peak_canfd/peak_canfd.c | 25 +--- drivers/net/can/peak_canfd/peak_pciefd_main.c | 8 + drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c | 24 +--- drivers/net/wireless/realtek/rtlwifi/rtl8723be/hw.c | 3 drivers/nvdimm/blk.c | 3 drivers/nvdimm/btt.c | 3 drivers/pci/quirks.c | 2 drivers/pinctrl/samsung/pinctrl-exynos-arm.c | 56 ++++++++- drivers/pinctrl/samsung/pinctrl-exynos-arm64.c | 14 ++ drivers/pinctrl/samsung/pinctrl-s3c24xx.c | 28 ++++ drivers/pinctrl/samsung/pinctrl-s3c64xx.c | 7 + drivers/pinctrl/samsung/pinctrl-samsung.c | 61 ++++++---- drivers/pinctrl/samsung/pinctrl-samsung.h | 40 ++++-- drivers/staging/android/ion/ion_cma_heap.c | 17 ++ drivers/staging/lustre/lustre/ptlrpc/sec.c | 2 drivers/tty/vt/vt.c | 8 - drivers/usb/host/xhci-hub.c | 5 drivers/usb/host/xhci.c | 34 +---- drivers/usb/host/xhci.h | 3 drivers/watchdog/wdat_wdt.c | 2 fs/hugetlbfs/inode.c | 17 ++ fs/ncpfs/ncplib_kernel.c | 4 fs/nfsd/nfs4state.c | 62 +++++++--- include/asm-generic/pgtable.h | 10 + include/drm/drm_syncobj.h | 5 include/linux/fsl_ifc.h | 6 - include/linux/memblock.h | 1 include/trace/events/mmc.h | 4 include/uapi/linux/usb/audio.h | 4 kernel/bpf/syscall.c | 2 kernel/cgroup/cgroup.c | 10 + kernel/events/core.c | 4 kernel/time/posix-timers.c | 11 + kernel/trace/trace_kprobe.c | 4 kernel/trace/trace_probe.c | 8 - kernel/trace/trace_probe.h | 2 lib/ioremap.c | 6 - mm/huge_memory.c | 4 mm/hugetlb.c | 7 + mm/khugepaged.c | 7 + mm/memblock.c | 28 ---- mm/page_alloc.c | 13 -- mm/shmem.c | 31 +++-- mm/vmscan.c | 31 ++--- sound/drivers/aloop.c | 17 ++ sound/pci/hda/hda_intel.c | 5 sound/pci/hda/patch_realtek.c | 20 +++ tools/perf/builtin-stat.c | 2 tools/testing/selftests/x86/protection_keys.c | 10 - tools/testing/selftests/x86/ptrace_syscall.c | 8 + 106 files changed, 978 insertions(+), 546 deletions(-) Adrian Hunter (1): mmc: core: Fix tracepoint print of blk_addr and blksz Andrey Ryabinin (1): mm/vmscan: wake up flushers for legacy cgroups too Andri Yngvason (3): can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack can: cc770: Fix queue stall & dropped RTR reply can: cc770: Fix use after free in cc770_tx_interrupt() Andy Lutomirski (2): x86/entry/64: Don't use IST entry for #BP stack selftests/x86/ptrace_syscall: Fix for yet more glibc interference Arend Van Spriel (1): brcmfmac: fix P2P_DEVICE ethernet address generation Arnd Bergmann (1): h8300: remove extraneous __BIG_ENDIAN definition Bastian Stender (1): mmc: block: fix updating ext_csd caches on ioctl call Boris Brezillon (2): clk: bcm2835: Fix ana->maskX definitions clk: bcm2835: Protect sections updating shared registers Boris Ostrovsky (1): x86/vsyscall/64: Use proper accessor to update P4D entry Chen-Yu Tsai (1): clk: sunxi-ng: a31: Fix CLK_OUT_* clock ops Chenbo Feng (1): bpf: skip unnecessary capability check Chris Wilson (1): drm/syncobj: Stop reusing the same struct file for all syncobj -> fd Dan Carpenter (3): iio: adc: meson-saradc: unlock on error in meson_sar_adc_lock() staging: ncpfs: memory corruption in ncp_read_kernel() perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period() Dan Williams (1): acpi, numa: fix pxm to online numa node associations Daniel Borkmann (2): kbuild: disable clang's default use of -fmerge-all-constants bpf, x64: increase number of passes Daniel Stone (1): drm: Reject getfb for multi-plane framebuffers Daniel Vacek (1): Revert "mm: page_alloc: skip over regions of invalid pfns where possible" Dave Hansen (1): x86/pkeys/selftests: Rename 'si_pkey' to 'siginfo_pkey' Dirk Behme (1): mmc: core: Disable HPI for certain Micron (Numonyx) eMMC cards Eric Biggers (3): libata: fix length validation of ATAPI-relayed SCSI commands libata: remove WARN() for DMA or PIO command without data libata: don't try to pass through NCQ commands to non-NCQ devices Evgeniy Didin (2): mmc: dw_mmc: Fix the DTO/CTO timeout overflow calculation for 32-bit systems mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs Greg Kroah-Hartman (2): drm: udl: Properly check framebuffer mmap offsets Linux 4.14.31 H.J. Lu (2): x86/build/64: Force the linker to use 2MB page size x86/boot/64: Verify alignment of the LOAD segment Hans de Goede (7): PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L ahci: Add PCI-id for the Highpoint Rocketraid 644L card Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version Ilya Pronin (1): perf stat: Fix CVS output format for non-supported counters Jaehoon Chung (1): mmc: dw_mmc: exynos: fix the suspend/resume issue for exynos5433 Jagdish Gediya (3): mtd: nand: fsl_ifc: Fix nand waitfunc return value mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver >= 2.0.0 mtd: nand: fsl_ifc: Read ECCSTAT0 and ECCSTAT1 registers for IFC 2.0 Jeff Layton (1): nfsd: remove blocked locks on client teardown Ju Hyung Park (1): libata: Enable queued TRIM for Samsung SSD 860 Kai-Heng Feng (2): Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table libata: disable LPM for Crucial BX100 SSD 500GB drive Kailang Yang (2): ALSA: hda/realtek - Fix speaker no sound after system resume ALSA: hda/realtek - Fix Dell headset Mic can't record Kan Liang (2): perf/x86/intel/uncore: Fix Skylake UPI event format perf/x86/intel/uncore: Fix multi-domain PCI CHA enumeration bug on Skylake servers Kirill A. Shutemov (3): mm/khugepaged.c: convert VM_BUG_ON() to collapse fail mm/thp: do not wait for lock_page() in deferred_split_scan() mm/shmem: do not wait for lock_page() in shmem_unused_huge_shrink() Kirill Marinushkin (1): ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit Krzysztof Kozlowski (1): pinctrl: samsung: Validate alias coming from DT Larry Finger (1): rtlwifi: rtl8723be: Fix loss of signal Leon Romanovsky (1): RDMA/mlx5: Fix crash while accessing garbage pointer and freed memory Liam Mark (1): staging: android: ion: Zero CMA allocated memory Linus Torvalds (2): tty: vt: fix up tabstops properly kvm/x86: fix icebp instruction handling Linus Walleij (1): iio: ABI: Fix name of timestamp sysfs file Lorenzo Bianconi (1): iio: imu: st_lsm6dsx: fix endianness in st_lsm6dsx_read_oneshot() Lu Baolu (2): usb: xhci: Disable slot even when virt-dev is null usb: xhci: Fix potential memory leak in xhci_disable_slot() Marek Vasut (2): can: ifi: Repair the error handling can: ifi: Check core revision upon probe Masami Hiramatsu (1): tracing: probeevent: Fix to support minus offset from symbol Mathias Kresin (3): MIPS: lantiq: Fix Danube USB clock MIPS: lantiq: Enable AHB Bus for USB MIPS: lantiq: ase: Enable MFD_SYSCON Michael Kelley (1): Drivers: hv: vmbus: Fix ring buffer signaling Michael Nosthoff (1): iio: st_pressure: st_accel: pass correct platform data to init Michel Dänzer (1): drm/radeon: Don't turn off DP sink when disconnected Mike Kravetz (1): hugetlbfs: check for pgoff value overflow Nadav Amit (1): staging: lustre: ptlrpc: kfree used instead of kvfree NeilBrown (2): MIPS: ralink: Remove ralink_halt() MIPS: ralink: Fix booting on MT7621 OuYang ZhiZhong (1): mtdchar: fix usage of mtd_ooblayout_ecc() Richard Lai (1): iio: chemical: ccs811: Corrected firmware boot/application mode transition Song Liu (1): perf/core: Fix ctx_event_type in ctx_resched() Stephane Grosjean (2): can: peak/pcie_fd: fix echo_skb is occupied! bug can: peak/pcie_fd: remove useless code when interface starts Takashi Iwai (6): ALSA: aloop: Sync stale timer before release ALSA: aloop: Fix access to not-yet-ready substream via cable ALSA: hda - Force polling mode on CFL for fixing codec communication ALSA: hda/realtek - Always immediately update mute LED with pin VREF Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174 ACPI / watchdog: Fix off-by-one error at resource assignment Tejun Heo (1): cgroup: fix rule checking for threaded mode switching Tetsuo Handa (1): lockdep: fix fs_reclaim warning Thomas Gleixner (1): posix-timers: Protect posix clock array access against speculation Thomas Hellstrom (2): drm/vmwgfx: Fix black screen and device errors when running without fbdev drm/vmwgfx: Fix a destoy-while-held mutex problem. Toshi Kani (2): mm/vmalloc: add interfaces to free unmapped page table x86/mm: implement free pmd/pte page interfaces Vishal Verma (1): libnvdimm, {btt, blk}: do integrity setup before add_disk() Waiman Long (1): x86/efi: Free efi_pgd with free_pages()

7 years, 7 months

1
1
0 0

Linux 4.15.14

by Greg KH

I'm announcing the release of the 4.15.14 kernel. All users of the 4.15 kernel series must upgrade. The updated 4.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.15.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Documentation/ABI/testing/sysfs-bus-iio | 2 Makefile | 11 + arch/arm64/mm/mmu.c | 10 + arch/h8300/include/asm/byteorder.h | 1 arch/mips/lantiq/Kconfig | 2 arch/mips/lantiq/xway/sysctrl.c | 6 arch/mips/ralink/mt7621.c | 42 +++-- arch/mips/ralink/reset.c | 7 arch/x86/Makefile | 9 + arch/x86/boot/compressed/misc.c | 4 arch/x86/entry/entry_64.S | 2 arch/x86/entry/vsyscall/vsyscall_64.c | 2 arch/x86/events/intel/core.c | 2 arch/x86/events/intel/uncore_snbep.c | 33 ++-- arch/x86/include/asm/vmx.h | 1 arch/x86/kernel/idt.c | 2 arch/x86/kernel/traps.c | 15 +- arch/x86/kvm/vmx.c | 9 + arch/x86/mm/pgtable.c | 48 ++++++ arch/x86/net/bpf_jit_comp.c | 3 arch/x86/platform/efi/efi_64.c | 2 drivers/acpi/acpi_watchdog.c | 4 drivers/acpi/numa.c | 10 - drivers/ata/ahci.c | 4 drivers/ata/libata-core.c | 26 +++ drivers/ata/libata-scsi.c | 10 + drivers/bluetooth/btusb.c | 8 - drivers/clk/bcm/clk-bcm2835.c | 12 + drivers/clk/sunxi-ng/ccu-sun6i-a31.c | 6 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c | 2 drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_helpers.c | 2 drivers/gpu/drm/drm_framebuffer.c | 7 drivers/gpu/drm/radeon/radeon_connectors.c | 31 +--- drivers/gpu/drm/udl/udl_fb.c | 9 - drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 13 + drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 1 drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 39 ++++- drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 13 + drivers/gpu/drm/vmwgfx/vmwgfx_scrn.c | 5 drivers/gpu/drm/vmwgfx/vmwgfx_stdu.c | 5 drivers/hv/ring_buffer.c | 52 ++++--- drivers/hwmon/k10temp.c | 6 drivers/iio/accel/st_accel_core.c | 2 drivers/iio/adc/meson_saradc.c | 4 drivers/iio/chemical/ccs811.c | 3 drivers/iio/imu/st_lsm6dsx/st_lsm6dsx.h | 2 drivers/iio/imu/st_lsm6dsx/st_lsm6dsx_buffer.c | 21 +- drivers/iio/imu/st_lsm6dsx/st_lsm6dsx_core.c | 8 - drivers/iio/pressure/st_pressure_core.c | 2 drivers/infiniband/hw/mlx5/mr.c | 12 + drivers/media/platform/tegra-cec/tegra_cec.c | 17 -- drivers/mmc/core/block.c | 19 ++ drivers/mmc/core/card.h | 1 drivers/mmc/core/quirks.h | 6 drivers/mmc/host/dw_mmc-exynos.c | 8 - drivers/mmc/host/dw_mmc.c | 15 +- drivers/mtd/mtdchar.c | 4 drivers/mtd/nand/fsl_ifc_nand.c | 32 +--- drivers/net/can/cc770/cc770.c | 100 ++++++++------ drivers/net/can/cc770/cc770.h | 2 drivers/net/can/ifi_canfd/ifi_canfd.c | 75 ++++++---- drivers/net/can/peak_canfd/peak_canfd.c | 25 +-- drivers/net/can/peak_canfd/peak_pciefd_main.c | 8 - drivers/net/wireless/broadcom/brcm80211/brcmfmac/p2p.c | 24 +-- drivers/net/wireless/realtek/rtlwifi/rtl8723be/hw.c | 3 drivers/nvdimm/blk.c | 3 drivers/nvdimm/btt.c | 3 drivers/pci/quirks.c | 2 drivers/pinctrl/samsung/pinctrl-exynos-arm.c | 56 ++++++- drivers/pinctrl/samsung/pinctrl-exynos-arm64.c | 14 + drivers/pinctrl/samsung/pinctrl-s3c24xx.c | 28 +++ drivers/pinctrl/samsung/pinctrl-s3c64xx.c | 7 drivers/pinctrl/samsung/pinctrl-samsung.c | 61 +++++--- drivers/pinctrl/samsung/pinctrl-samsung.h | 40 +++-- drivers/staging/android/ion/ion_cma_heap.c | 17 ++ drivers/tty/vt/vt.c | 8 - drivers/watchdog/wdat_wdt.c | 2 fs/hugetlbfs/inode.c | 17 +- fs/ncpfs/ncplib_kernel.c | 4 fs/nfsd/nfs4state.c | 62 ++++++-- include/asm-generic/pgtable.h | 10 + include/linux/fsl_ifc.h | 6 include/linux/memblock.h | 1 include/trace/events/mmc.h | 4 include/uapi/linux/usb/audio.h | 4 kernel/bpf/syscall.c | 2 kernel/cgroup/cgroup.c | 10 + kernel/events/core.c | 4 kernel/module.c | 2 kernel/sched/core.c | 15 +- kernel/time/posix-timers.c | 11 + kernel/trace/bpf_trace.c | 68 +++++---- kernel/trace/trace_kprobe.c | 4 kernel/trace/trace_probe.c | 8 - kernel/trace/trace_probe.h | 2 lib/ioremap.c | 6 mm/huge_memory.c | 4 mm/hugetlb.c | 7 mm/khugepaged.c | 7 mm/memblock.c | 28 --- mm/page_alloc.c | 13 - mm/shmem.c | 31 ++-- mm/vmscan.c | 31 ++-- sound/drivers/aloop.c | 17 ++ sound/pci/hda/hda_intel.c | 5 sound/pci/hda/patch_realtek.c | 20 ++ tools/perf/builtin-stat.c | 2 tools/testing/selftests/x86/ptrace_syscall.c | 8 - 108 files changed, 1013 insertions(+), 512 deletions(-) Adrian Hunter (1): mmc: core: Fix tracepoint print of blk_addr and blksz Andrey Ryabinin (1): mm/vmscan: wake up flushers for legacy cgroups too Andri Yngvason (3): can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack can: cc770: Fix queue stall & dropped RTR reply can: cc770: Fix use after free in cc770_tx_interrupt() Andy Lutomirski (2): x86/entry/64: Don't use IST entry for #BP stack selftests/x86/ptrace_syscall: Fix for yet more glibc interference Arend Van Spriel (1): brcmfmac: fix P2P_DEVICE ethernet address generation Arnd Bergmann (1): h8300: remove extraneous __BIG_ENDIAN definition Bastian Stender (1): mmc: block: fix updating ext_csd caches on ioctl call Boris Brezillon (2): clk: bcm2835: Fix ana->maskX definitions clk: bcm2835: Protect sections updating shared registers Boris Ostrovsky (1): x86/vsyscall/64: Use proper accessor to update P4D entry Chen-Yu Tsai (1): clk: sunxi-ng: a31: Fix CLK_OUT_* clock ops Chenbo Feng (1): bpf: skip unnecessary capability check Dan Carpenter (3): iio: adc: meson-saradc: unlock on error in meson_sar_adc_lock() staging: ncpfs: memory corruption in ncp_read_kernel() perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period() Dan Williams (1): acpi, numa: fix pxm to online numa node associations Daniel Borkmann (2): kbuild: disable clang's default use of -fmerge-all-constants bpf, x64: increase number of passes Daniel Stone (1): drm: Reject getfb for multi-plane framebuffers Daniel Vacek (1): Revert "mm: page_alloc: skip over regions of invalid pfns where possible" Dirk Behme (1): mmc: core: Disable HPI for certain Micron (Numonyx) eMMC cards Eric Biggers (3): libata: fix length validation of ATAPI-relayed SCSI commands libata: remove WARN() for DMA or PIO command without data libata: don't try to pass through NCQ commands to non-NCQ devices Evgeniy Didin (2): mmc: dw_mmc: Fix the DTO/CTO timeout overflow calculation for 32-bit systems mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs Greg Kroah-Hartman (2): drm: udl: Properly check framebuffer mmap offsets Linux 4.15.14 Guenter Roeck (2): hwmon: (k10temp) Only apply temperature offset if result is positive hwmon: (k10temp) Add temperature offset for Ryzen 1900X H.J. Lu (2): x86/build/64: Force the linker to use 2MB page size x86/boot/64: Verify alignment of the LOAD segment Hans Verkuil (1): media: tegra-cec: reset rx_buf_cnt when start bit detected Hans de Goede (7): PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L ahci: Add PCI-id for the Highpoint Rocketraid 644L card Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version Harry Wentland (2): drm/amd/display: We shouldn't set format_default on plane as atomic driver drm/amd/display: Add one to EDID's audio channel count when passing to DC Ilya Pronin (1): perf stat: Fix CVS output format for non-supported counters Jaehoon Chung (1): mmc: dw_mmc: exynos: fix the suspend/resume issue for exynos5433 Jagdish Gediya (3): mtd: nand: fsl_ifc: Fix nand waitfunc return value mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver >= 2.0.0 mtd: nand: fsl_ifc: Read ECCSTAT0 and ECCSTAT1 registers for IFC 2.0 Jeff Layton (1): nfsd: remove blocked locks on client teardown Ju Hyung Park (1): libata: Enable queued TRIM for Samsung SSD 860 Kai-Heng Feng (2): Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table libata: disable LPM for Crucial BX100 SSD 500GB drive Kailang Yang (2): ALSA: hda/realtek - Fix speaker no sound after system resume ALSA: hda/realtek - Fix Dell headset Mic can't record Kan Liang (2): perf/x86/intel/uncore: Fix Skylake UPI event format perf/x86/intel/uncore: Fix multi-domain PCI CHA enumeration bug on Skylake servers Kirill A. Shutemov (3): mm/khugepaged.c: convert VM_BUG_ON() to collapse fail mm/thp: do not wait for lock_page() in deferred_split_scan() mm/shmem: do not wait for lock_page() in shmem_unused_huge_shrink() Kirill Marinushkin (1): ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit Krzysztof Kozlowski (1): pinctrl: samsung: Validate alias coming from DT Larry Finger (1): rtlwifi: rtl8723be: Fix loss of signal Leon Romanovsky (1): RDMA/mlx5: Fix crash while accessing garbage pointer and freed memory Leon Yu (1): module: propagate error in modules_open() Liam Mark (1): staging: android: ion: Zero CMA allocated memory Linus Torvalds (2): tty: vt: fix up tabstops properly kvm/x86: fix icebp instruction handling Linus Walleij (1): iio: ABI: Fix name of timestamp sysfs file Lorenzo Bianconi (2): iio: imu: st_lsm6dsx: fix endianness in st_lsm6dsx_read_oneshot() iio: imu: st_lsm6dsx: introduce conf_lock mutex Marek Vasut (2): can: ifi: Repair the error handling can: ifi: Check core revision upon probe Masami Hiramatsu (1): tracing: probeevent: Fix to support minus offset from symbol Mathias Kresin (3): MIPS: lantiq: Fix Danube USB clock MIPS: lantiq: Enable AHB Bus for USB MIPS: lantiq: ase: Enable MFD_SYSCON Michael Kelley (1): Drivers: hv: vmbus: Fix ring buffer signaling Michael Nosthoff (1): iio: st_pressure: st_accel: pass correct platform data to init Michel Dänzer (1): drm/radeon: Don't turn off DP sink when disconnected Mike Kravetz (1): hugetlbfs: check for pgoff value overflow NeilBrown (2): MIPS: ralink: Remove ralink_halt() MIPS: ralink: Fix booting on MT7621 OuYang ZhiZhong (1): mtdchar: fix usage of mtd_ooblayout_ecc() Richard Lai (1): iio: chemical: ccs811: Corrected firmware boot/application mode transition Song Liu (1): perf/core: Fix ctx_event_type in ctx_resched() Stephane Grosjean (2): can: peak/pcie_fd: fix echo_skb is occupied! bug can: peak/pcie_fd: remove useless code when interface starts Takashi Iwai (6): ALSA: aloop: Sync stale timer before release ALSA: aloop: Fix access to not-yet-ready substream via cable ALSA: hda - Force polling mode on CFL for fixing codec communication ALSA: hda/realtek - Always immediately update mute LED with pin VREF Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174 ACPI / watchdog: Fix off-by-one error at resource assignment Tejun Heo (2): sched, cgroup: Don't reject lower cpu.max on ancestors cgroup: fix rule checking for threaded mode switching Tetsuo Handa (1): lockdep: fix fs_reclaim warning Thomas Gleixner (1): posix-timers: Protect posix clock array access against speculation Thomas Hellstrom (2): drm/vmwgfx: Fix black screen and device errors when running without fbdev drm/vmwgfx: Fix a destoy-while-held mutex problem. Toshi Kani (2): mm/vmalloc: add interfaces to free unmapped page table x86/mm: implement free pmd/pte page interfaces Vishal Verma (1): libnvdimm, {btt, blk}: do integrity setup before add_disk() Waiman Long (1): x86/efi: Free efi_pgd with free_pages() Yonghong Song (1): trace/bpf: remove helper bpf_perf_prog_read_value from tracepoint type programs

7 years, 7 months

1
1
0 0

[PATCH 1/1] Drivers: hv: vmbus: Fix ring buffer signaling

by kys＠exchange.microsoft.com

From: Michael Kelley <mhkelley(a)outlook.com> Fix bugs in signaling the Hyper-V host when freeing space in the host->guest ring buffer: 1. The interrupt_mask must not be used to determine whether to signal on the host->guest ring buffer 2. The ring buffer write_index must be read (via hv_get_bytes_to_write) *after* pending_send_sz is read in order to avoid a race condition 3. Comparisons with pending_send_sz must treat the "equals" case as not-enough-space 4. Don't signal if the pending_send_sz feature is not present. Older versions of Hyper-V that don't implement this feature will poll. Fixes: 03bad714a161 ("vmbus: more host signalling avoidance") Cc: Stable <stable(a)vger.kernel.org> # 4.14 and above Signed-off-by: Michael Kelley <mhkelley(a)outlook.com> Signed-off-by: K. Y. Srinivasan <kys(a)microsoft.com> --- drivers/hv/ring_buffer.c | 52 ++++++++++++++++++++++++++++++++---------------- 1 file changed, 35 insertions(+), 17 deletions(-) diff --git a/drivers/hv/ring_buffer.c b/drivers/hv/ring_buffer.c index 1aa17795727b..3cd7f29906ae 100644 --- a/drivers/hv/ring_buffer.c +++ b/drivers/hv/ring_buffer.c @@ -376,13 +376,24 @@ __hv_pkt_iter_next(struct vmbus_channel *channel, } EXPORT_SYMBOL_GPL(__hv_pkt_iter_next); +/* How many bytes were read in this iterator cycle */ +static u32 hv_pkt_iter_bytes_read(const struct hv_ring_buffer_info *rbi, + u32 start_read_index) +{ + if (rbi->priv_read_index >= start_read_index) + return rbi->priv_read_index - start_read_index; + else + return rbi->ring_datasize - start_read_index + + rbi->priv_read_index; +} + /* * Update host ring buffer after iterating over packets. */ void hv_pkt_iter_close(struct vmbus_channel *channel) { struct hv_ring_buffer_info *rbi = &channel->inbound; - u32 orig_write_sz = hv_get_bytes_to_write(rbi); + u32 curr_write_sz, pending_sz, bytes_read, start_read_index; /* * Make sure all reads are done before we update the read index since @@ -390,8 +401,12 @@ void hv_pkt_iter_close(struct vmbus_channel *channel) * is updated. */ virt_rmb(); + start_read_index = rbi->ring_buffer->read_index; rbi->ring_buffer->read_index = rbi->priv_read_index; + if (!rbi->ring_buffer->feature_bits.feat_pending_send_sz) + return; + /* * Issue a full memory barrier before making the signaling decision. * Here is the reason for having this barrier: @@ -405,26 +420,29 @@ void hv_pkt_iter_close(struct vmbus_channel *channel) */ virt_mb(); - /* If host has disabled notifications then skip */ - if (rbi->ring_buffer->interrupt_mask) + pending_sz = READ_ONCE(rbi->ring_buffer->pending_send_sz); + if (!pending_sz) return; - if (rbi->ring_buffer->feature_bits.feat_pending_send_sz) { - u32 pending_sz = READ_ONCE(rbi->ring_buffer->pending_send_sz); + /* + * Ensure the read of write_index in hv_get_bytes_to_write() + * happens after the read of pending_send_sz. + */ + virt_rmb(); + curr_write_sz = hv_get_bytes_to_write(rbi); + bytes_read = hv_pkt_iter_bytes_read(rbi, start_read_index); - /* - * If there was space before we began iteration, - * then host was not blocked. Also handles case where - * pending_sz is zero then host has nothing pending - * and does not need to be signaled. - */ - if (orig_write_sz > pending_sz) - return; + /* + * If there was space before we began iteration, + * then host was not blocked. + */ - /* If pending write will not fit, don't give false hope. */ - if (hv_get_bytes_to_write(rbi) < pending_sz) - return; - } + if (curr_write_sz - bytes_read > pending_sz) + return; + + /* If pending write will not fit, don't give false hope. */ + if (curr_write_sz <= pending_sz) + return; vmbus_setevent(channel); } -- 2.15.1

7 years, 7 months

4
4
0 0

Patch "team: Fix double free in error path" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled team: Fix double free in error path to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: team-fix-double-free-in-error-path.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Arkadi Sharshevsky <arkadis(a)mellanox.com> Date: Thu, 8 Mar 2018 12:42:10 +0200 Subject: team: Fix double free in error path From: Arkadi Sharshevsky <arkadis(a)mellanox.com> [ Upstream commit cbcc607e18422555db569b593608aec26111cb0b ] The __send_and_alloc_skb() receives a skb ptr as a parameter but in case it fails the skb is not valid: - Send failed and released the skb internally. - Allocation failed. The current code tries to release the skb in case of failure which causes redundant freeing. Fixes: 9b00cf2d1024 ("team: implement multipart netlink messages for options transfers") Signed-off-by: Arkadi Sharshevsky <arkadis(a)mellanox.com> Acked-by: Jiri Pirko <jiri(a)mellanox.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/net/team/team.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) --- a/drivers/net/team/team.c +++ b/drivers/net/team/team.c @@ -2380,7 +2380,7 @@ send_done: if (!nlh) { err = __send_and_alloc_skb(&skb, team, portid, send_func); if (err) - goto errout; + return err; goto send_done; } @@ -2660,7 +2660,7 @@ send_done: if (!nlh) { err = __send_and_alloc_skb(&skb, team, portid, send_func); if (err) - goto errout; + return err; goto send_done; } Patches currently in stable-queue which might be from arkadis(a)mellanox.com are queue-4.4/team-fix-double-free-in-error-path.patch

7 years, 7 months

1
0
0 0

Patch "s390/qeth: when thread completes, wake up all waiters" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled s390/qeth: when thread completes, wake up all waiters to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: s390-qeth-when-thread-completes-wake-up-all-waiters.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Date: Tue, 20 Mar 2018 07:59:13 +0100 Subject: s390/qeth: when thread completes, wake up all waiters From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> [ Upstream commit 1063e432bb45be209427ed3f1ca3908e4aa3c7d7 ] qeth_wait_for_threads() is potentially called by multiple users, make sure to notify all of them after qeth_clear_thread_running_bit() adjusted the thread_running_mask. With no timeout, callers would otherwise stall. Signed-off-by: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/s390/net/qeth_core_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/s390/net/qeth_core_main.c +++ b/drivers/s390/net/qeth_core_main.c @@ -952,7 +952,7 @@ void qeth_clear_thread_running_bit(struc spin_lock_irqsave(&card->thread_mask_lock, flags); card->thread_running_mask &= ~thread; spin_unlock_irqrestore(&card->thread_mask_lock, flags); - wake_up(&card->wait_q); + wake_up_all(&card->wait_q); } EXPORT_SYMBOL_GPL(qeth_clear_thread_running_bit); Patches currently in stable-queue which might be from jwi(a)linux.vnet.ibm.com are queue-4.4/s390-qeth-when-thread-completes-wake-up-all-waiters.patch queue-4.4/s390-qeth-lock-read-device-while-queueing-next-buffer.patch queue-4.4/net-iucv-free-memory-obtained-by-kzalloc.patch queue-4.4/s390-qeth-on-channel-error-reject-further-cmd-requests.patch queue-4.4/s390-qeth-free-netdevice-when-removing-a-card.patch

7 years, 7 months

1
0
0 0

Patch "skbuff: Fix not waking applications when errors are enqueued" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled skbuff: Fix not waking applications when errors are enqueued to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: skbuff-fix-not-waking-applications-when-errors-are-enqueued.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Vinicius Costa Gomes <vinicius.gomes(a)intel.com> Date: Wed, 14 Mar 2018 13:32:09 -0700 Subject: skbuff: Fix not waking applications when errors are enqueued From: Vinicius Costa Gomes <vinicius.gomes(a)intel.com> [ Upstream commit 6e5d58fdc9bedd0255a8781b258f10bbdc63e975 ] When errors are enqueued to the error queue via sock_queue_err_skb() function, it is possible that the waiting application is not notified. Calling 'sk->sk_data_ready()' would not notify applications that selected only POLLERR events in poll() (for example). Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Reported-by: Randy E. Witt <randy.e.witt(a)intel.com> Reviewed-by: Eric Dumazet <edumazet(a)google.com> Signed-off-by: Vinicius Costa Gomes <vinicius.gomes(a)intel.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/core/skbuff.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -3571,7 +3571,7 @@ int sock_queue_err_skb(struct sock *sk, skb_queue_tail(&sk->sk_error_queue, skb); if (!sock_flag(sk, SOCK_DEAD)) - sk->sk_data_ready(sk); + sk->sk_error_report(sk); return 0; } EXPORT_SYMBOL(sock_queue_err_skb); Patches currently in stable-queue which might be from vinicius.gomes(a)intel.com are queue-4.4/skbuff-fix-not-waking-applications-when-errors-are-enqueued.patch

7 years, 7 months

1
0
0 0

Patch "s390/qeth: on channel error, reject further cmd requests" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled s390/qeth: on channel error, reject further cmd requests to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: s390-qeth-on-channel-error-reject-further-cmd-requests.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Date: Tue, 20 Mar 2018 07:59:15 +0100 Subject: s390/qeth: on channel error, reject further cmd requests From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> [ Upstream commit a6c3d93963e4b333c764fde69802c3ea9eaa9d5c ] When the IRQ handler determines that one of the cmd IO channels has failed and schedules recovery, block any further cmd requests from being submitted. The request would inevitably stall, and prevent the recovery from making progress until the request times out. This sort of error was observed after Live Guest Relocation, where the pending IO on the READ channel intentionally gets terminated to kick-start recovery. Simultaneously the guest executed SIOCETHTOOL, triggering qeth to issue a QUERY CARD INFO command. The command then stalled in the inoperabel WRITE channel. Signed-off-by: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/s390/net/qeth_core_main.c | 1 + 1 file changed, 1 insertion(+) --- a/drivers/s390/net/qeth_core_main.c +++ b/drivers/s390/net/qeth_core_main.c @@ -1166,6 +1166,7 @@ static void qeth_irq(struct ccw_device * } rc = qeth_get_problem(cdev, irb); if (rc) { + card->read_or_write_problem = 1; qeth_clear_ipacmd_list(card); qeth_schedule_recovery(card); goto out; Patches currently in stable-queue which might be from jwi(a)linux.vnet.ibm.com are queue-4.4/s390-qeth-when-thread-completes-wake-up-all-waiters.patch queue-4.4/s390-qeth-lock-read-device-while-queueing-next-buffer.patch queue-4.4/net-iucv-free-memory-obtained-by-kzalloc.patch queue-4.4/s390-qeth-on-channel-error-reject-further-cmd-requests.patch queue-4.4/s390-qeth-free-netdevice-when-removing-a-card.patch

7 years, 7 months

1
0
0 0

Patch "s390/qeth: lock read device while queueing next buffer" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled s390/qeth: lock read device while queueing next buffer to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: s390-qeth-lock-read-device-while-queueing-next-buffer.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Date: Tue, 20 Mar 2018 07:59:14 +0100 Subject: s390/qeth: lock read device while queueing next buffer From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> [ Upstream commit 17bf8c9b3d499d5168537c98b61eb7a1fcbca6c2 ] For calling ccw_device_start(), issue_next_read() needs to hold the device's ccwlock. This is satisfied for the IRQ handler path (where qeth_irq() gets called under the ccwlock), but we need explicit locking for the initial call by the MPC initialization. Signed-off-by: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/s390/net/qeth_core_main.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) --- a/drivers/s390/net/qeth_core_main.c +++ b/drivers/s390/net/qeth_core_main.c @@ -517,8 +517,7 @@ static inline int qeth_is_cq(struct qeth queue == card->qdio.no_in_queues - 1; } - -static int qeth_issue_next_read(struct qeth_card *card) +static int __qeth_issue_next_read(struct qeth_card *card) { int rc; struct qeth_cmd_buffer *iob; @@ -549,6 +548,17 @@ static int qeth_issue_next_read(struct q return rc; } +static int qeth_issue_next_read(struct qeth_card *card) +{ + int ret; + + spin_lock_irq(get_ccwdev_lock(CARD_RDEV(card))); + ret = __qeth_issue_next_read(card); + spin_unlock_irq(get_ccwdev_lock(CARD_RDEV(card))); + + return ret; +} + static struct qeth_reply *qeth_alloc_reply(struct qeth_card *card) { struct qeth_reply *reply; @@ -1174,7 +1184,7 @@ static void qeth_irq(struct ccw_device * return; if (channel == &card->read && channel->state == CH_STATE_UP) - qeth_issue_next_read(card); + __qeth_issue_next_read(card); iob = channel->iob; index = channel->buf_no; Patches currently in stable-queue which might be from jwi(a)linux.vnet.ibm.com are queue-4.4/s390-qeth-when-thread-completes-wake-up-all-waiters.patch queue-4.4/s390-qeth-lock-read-device-while-queueing-next-buffer.patch queue-4.4/net-iucv-free-memory-obtained-by-kzalloc.patch queue-4.4/s390-qeth-on-channel-error-reject-further-cmd-requests.patch queue-4.4/s390-qeth-free-netdevice-when-removing-a-card.patch

7 years, 7 months

1
0
0 0

Patch "s390/qeth: free netdevice when removing a card" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled s390/qeth: free netdevice when removing a card to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: s390-qeth-free-netdevice-when-removing-a-card.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Date: Tue, 20 Mar 2018 07:59:12 +0100 Subject: s390/qeth: free netdevice when removing a card From: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> [ Upstream commit 6be687395b3124f002a653c1a50b3260222b3cd7 ] On removal, a qeth card's netdevice is currently not properly freed because the call chain looks as follows: qeth_core_remove_device(card) lx_remove_device(card) unregister_netdev(card->dev) card->dev = NULL !!! qeth_core_free_card(card) if (card->dev) !!! free_netdev(card->dev) Fix it by free'ing the netdev straight after unregistering. This also fixes the sysfs-driven layer switch case (qeth_dev_layer2_store()), where the need to free the current netdevice was not considered at all. Note that free_netdev() takes care of the netif_napi_del() for us too. Fixes: 4a71df50047f ("qeth: new qeth device driver") Signed-off-by: Julian Wiedmann <jwi(a)linux.vnet.ibm.com> Reviewed-by: Ursula Braun <ubraun(a)linux.vnet.ibm.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/s390/net/qeth_core_main.c | 2 -- drivers/s390/net/qeth_l2_main.c | 2 +- drivers/s390/net/qeth_l3_main.c | 2 +- 3 files changed, 2 insertions(+), 4 deletions(-) --- a/drivers/s390/net/qeth_core_main.c +++ b/drivers/s390/net/qeth_core_main.c @@ -4969,8 +4969,6 @@ static void qeth_core_free_card(struct q QETH_DBF_HEX(SETUP, 2, &card, sizeof(void *)); qeth_clean_channel(&card->read); qeth_clean_channel(&card->write); - if (card->dev) - free_netdev(card->dev); kfree(card->ip_tbd_list); qeth_free_qdio_buffers(card); unregister_service_level(&card->qeth_service_level); --- a/drivers/s390/net/qeth_l2_main.c +++ b/drivers/s390/net/qeth_l2_main.c @@ -1062,8 +1062,8 @@ static void qeth_l2_remove_device(struct qeth_l2_set_offline(cgdev); if (card->dev) { - netif_napi_del(&card->napi); unregister_netdev(card->dev); + free_netdev(card->dev); card->dev = NULL; } return; --- a/drivers/s390/net/qeth_l3_main.c +++ b/drivers/s390/net/qeth_l3_main.c @@ -3243,8 +3243,8 @@ static void qeth_l3_remove_device(struct qeth_l3_set_offline(cgdev); if (card->dev) { - netif_napi_del(&card->napi); unregister_netdev(card->dev); + free_netdev(card->dev); card->dev = NULL; } Patches currently in stable-queue which might be from jwi(a)linux.vnet.ibm.com are queue-4.4/s390-qeth-when-thread-completes-wake-up-all-waiters.patch queue-4.4/s390-qeth-lock-read-device-while-queueing-next-buffer.patch queue-4.4/net-iucv-free-memory-obtained-by-kzalloc.patch queue-4.4/s390-qeth-on-channel-error-reject-further-cmd-requests.patch queue-4.4/s390-qeth-free-netdevice-when-removing-a-card.patch

7 years, 7 months

1
0
0 0

Patch "netlink: avoid a double skb free in genlmsg_mcast()" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled netlink: avoid a double skb free in genlmsg_mcast() to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: netlink-avoid-a-double-skb-free-in-genlmsg_mcast.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Mar 29 08:33:08 CEST 2018 From: Nicolas Dichtel <nicolas.dichtel(a)6wind.com> Date: Wed, 14 Mar 2018 21:10:23 +0100 Subject: netlink: avoid a double skb free in genlmsg_mcast() From: Nicolas Dichtel <nicolas.dichtel(a)6wind.com> [ Upstream commit 02a2385f37a7c6594c9d89b64c4a1451276f08eb ] nlmsg_multicast() consumes always the skb, thus the original skb must be freed only when this function is called with a clone. Fixes: cb9f7a9a5c96 ("netlink: ensure to loop over all netns in genlmsg_multicast_allns()") Reported-by: Ben Hutchings <ben.hutchings(a)codethink.co.uk> Signed-off-by: Nicolas Dichtel <nicolas.dichtel(a)6wind.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/netlink/genetlink.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/net/netlink/genetlink.c +++ b/net/netlink/genetlink.c @@ -1143,7 +1143,7 @@ static int genlmsg_mcast(struct sk_buff if (!err) delivered = true; else if (err != -ESRCH) - goto error; + return err; return delivered ? 0 : -ESRCH; error: kfree_skb(skb); Patches currently in stable-queue which might be from nicolas.dichtel(a)6wind.com are queue-4.4/netlink-avoid-a-double-skb-free-in-genlmsg_mcast.patch

7 years, 7 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror