- Linux-stable-mirror - lists.linaro.org

[Linux-stable-mirror] Patch "net: 3com: typhoon: typhoon_init_one: fix incorrect return values" has been added to the 3.18-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled net: 3com: typhoon: typhoon_init_one: fix incorrect return values to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: net-3com-typhoon-typhoon_init_one-fix-incorrect-return-values.patch and it can be found in the queue-3.18 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Tue Nov 28 10:58:31 CET 2017 From: Thomas Preisner <thomas.preisner+linux(a)fau.de> Date: Fri, 30 Dec 2016 03:37:53 +0100 Subject: net: 3com: typhoon: typhoon_init_one: fix incorrect return values From: Thomas Preisner <thomas.preisner+linux(a)fau.de> [ Upstream commit 107fded7bf616ad6f46823d98b8ed6405d7adf2d ] In a few cases the err-variable is not set to a negative error code if a function call in typhoon_init_one() fails and thus 0 is returned instead. It may be better to set err to the appropriate negative error code before returning. Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=188841 Reported-by: Pan Bian <bianpan2016(a)163.com> Signed-off-by: Thomas Preisner <thomas.preisner+linux(a)fau.de> Signed-off-by: Milan Stephan <milan.stephan+linux(a)fau.de> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/net/ethernet/3com/typhoon.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) --- a/drivers/net/ethernet/3com/typhoon.c +++ b/drivers/net/ethernet/3com/typhoon.c @@ -2398,8 +2398,9 @@ typhoon_init_one(struct pci_dev *pdev, c *(__be16 *)&dev->dev_addr[0] = htons(le16_to_cpu(xp_resp[0].parm1)); *(__be32 *)&dev->dev_addr[2] = htonl(le32_to_cpu(xp_resp[0].parm2)); - if(!is_valid_ether_addr(dev->dev_addr)) { + if (!is_valid_ether_addr(dev->dev_addr)) { err_msg = "Could not obtain valid ethernet address, aborting"; + err = -EIO; goto error_out_reset; } @@ -2407,7 +2408,8 @@ typhoon_init_one(struct pci_dev *pdev, c * later when we print out the version reported. */ INIT_COMMAND_WITH_RESPONSE(&xp_cmd, TYPHOON_CMD_READ_VERSIONS); - if(typhoon_issue_command(tp, 1, &xp_cmd, 3, xp_resp) < 0) { + err = typhoon_issue_command(tp, 1, &xp_cmd, 3, xp_resp); + if (err < 0) { err_msg = "Could not get Sleep Image version"; goto error_out_reset; } @@ -2449,7 +2451,8 @@ typhoon_init_one(struct pci_dev *pdev, c dev->features = dev->hw_features | NETIF_F_HW_VLAN_CTAG_RX | NETIF_F_RXCSUM; - if(register_netdev(dev) < 0) { + err = register_netdev(dev); + if (err < 0) { err_msg = "unable to register netdev"; goto error_out_reset; } Patches currently in stable-queue which might be from thomas.preisner+linux(a)fau.de are queue-3.18/net-3com-typhoon-typhoon_init_one-fix-incorrect-return-values.patch queue-3.18/net-3com-typhoon-typhoon_init_one-make-return-values-more-specific.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] [GIT PULL] commits for Linux 3.18

by alexander.levin＠verizon.com

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Greg, Pleae pull commits for Linux 3.18 . I've sent a review request for all commits over a week ago and all comments were addressed. Thanks, Sasha ===== The following changes since commit 7166ceea0a4eba3f8c86925ad60e6f0543db6234: Linux 3.18.84 (2017-11-24 08:30:05 +0100) are available in the git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sashal/linux-stable.git for-greg-3.18-2 for you to fetch changes up to d140a493dcb8c85a96b97318d269a67f20df773f: xen: xenbus driver must not accept invalid transaction ids (2017-11-24 10:53:28 -0500) - ---------------------------------------------------------------- Bjorn Helgaas (1): PCI: Apply _HPX settings only to relevant devices Daniel Vetter (1): drm/armada: Fix compile fail Florian Westphal (1): netfilter: nf_tables: fix oob access Gabriele Mazzotta (1): ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE Heiko Carstens (1): s390/kbuild: enable modversions for symbols exported from asm Juergen Gross (1): xen: xenbus driver must not accept invalid transaction ids Masashi Honma (2): mac80211: Remove invalid flag operations in mesh TSF synchronization mac80211: Suppress NEW_PEER_CANDIDATE event if no room Pablo Neira Ayuso (1): netfilter: nft_queue: use raw_smp_processor_id() Pan Bian (2): staging: iio: cdc: fix improper return value btrfs: return the actual error value from from btrfs_uuid_tree_iterate Richard Fitzgerald (1): ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data Santosh Shilimkar (1): RDS: RDMA: return appropriate error on rdma map failures Thomas Preisner (2): net: 3com: typhoon: typhoon_init_one: make return values more specific net: 3com: typhoon: typhoon_init_one: fix incorrect return values arch/s390/include/asm/asm-prototypes.h | 8 ++++++++ drivers/gpu/drm/armada/Makefile | 2 ++ drivers/net/ethernet/3com/typhoon.c | 25 ++++++++++++++----------- drivers/pci/probe.c | 15 +++++++++++++-- drivers/staging/iio/cdc/ad7150.c | 2 +- drivers/xen/xenbus/xenbus_dev_frontend.c | 2 +- fs/btrfs/uuid-tree.c | 4 +--- net/mac80211/ieee80211_i.h | 1 - net/mac80211/mesh.c | 3 --- net/mac80211/mesh_plink.c | 14 ++++++++------ net/mac80211/mesh_sync.c | 11 ----------- net/netfilter/nf_tables_api.c | 2 +- net/netfilter/nft_queue.c | 2 +- net/rds/send.c | 11 ++++++++++- sound/pci/hda/patch_realtek.c | 2 +- sound/soc/codecs/wm_adsp.c | 25 ++++++++++++++++++++++++- 16 files changed, 85 insertions(+), 44 deletions(-) create mode 100644 arch/s390/include/asm/asm-prototypes.h -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJaGFN3AAoJEN6mb/eXdyzcOXsP/1Uar5gqz6/0IwAskr3H37Wj zVQo8VcKxRIvPeB6nr/FWFp7Yx2FA+FpA/HkR/y33Byyui0Q5a704JsBvPrS3P7z GTEzEEuxMxSxfg6xBPxpex/HcblOX3KAVKgbLlBYym++Ur8E5g7xja+Di1DOtYUN 6WtBv4J/eOINLrqVnV6vkxdBP0tre7NVcSv6Tcr7Kx4tHrZwmn2uECxn0GpQ4rEr 24WnTaIroBA7W7yANuez72X3GG3PdrpX/k9fmr0Is0EPhGGnow00sY8NDPV3fUWx ycNARvS2cDL/hzNyWk+b34eGnpH+JHhelouWM+wUxtNHEYHtXCCoD/sPYJ9GBq24 OcUieoyQjV1OtECN2/fA8zRhipiJ4T8OXUAxE/gInBEoNAJ47acA62oESEGoTk1h 2j805GYJYm7ckydIms1JSw1KtccPK3KMAz2KhFdzmY5xislFidkQYee5TmCEU54z zQRKYOWff+pgV5UC1t9rU+NwmlhWW7RJoGFMi7NMKxNP7xeAByEtuha4cq9Zna88 +H2/13T8QDjcHgkOGFPGWI9z2PJwzh/qGUPWmT/VUdAY1isBa1qqYw4/hz61D6ge 3s8UaOy9/fNV7mFhPKDMjKHDL3/M7hTPXzmk+tB1NookrdrmxQDxJ2cinvKxm7xa +HfblLM3g97Rz+FcVYzq =41fD -----END PGP SIGNATURE-----

7 years, 2 months

2
1
0 0

[Linux-stable-mirror] Patch "mac80211: Suppress NEW_PEER_CANDIDATE event if no room" has been added to the 3.18-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled mac80211: Suppress NEW_PEER_CANDIDATE event if no room to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: mac80211-suppress-new_peer_candidate-event-if-no-room.patch and it can be found in the queue-3.18 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Tue Nov 28 10:58:31 CET 2017 From: Masashi Honma <masashi.honma(a)gmail.com> Date: Wed, 30 Nov 2016 09:06:04 +0900 Subject: mac80211: Suppress NEW_PEER_CANDIDATE event if no room From: Masashi Honma <masashi.honma(a)gmail.com> [ Upstream commit 11197d006bcfabf0173a7820a163fcaac420d10e ] Previously, kernel sends NEW_PEER_CANDIDATE event to user land even if the found peer does not have any room to accept other peer. This causes continuous connection trials. Signed-off-by: Masashi Honma <masashi.honma(a)gmail.com> Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/mac80211/mesh_plink.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) --- a/net/mac80211/mesh_plink.c +++ b/net/mac80211/mesh_plink.c @@ -448,12 +448,14 @@ mesh_sta_info_alloc(struct ieee80211_sub /* Userspace handles station allocation */ if (sdata->u.mesh.user_mpm || - sdata->u.mesh.security & IEEE80211_MESH_SEC_AUTHED) - cfg80211_notify_new_peer_candidate(sdata->dev, addr, - elems->ie_start, - elems->total_len, - GFP_KERNEL); - else + sdata->u.mesh.security & IEEE80211_MESH_SEC_AUTHED) { + if (mesh_peer_accepts_plinks(elems) && + mesh_plink_availables(sdata)) + cfg80211_notify_new_peer_candidate(sdata->dev, addr, + elems->ie_start, + elems->total_len, + GFP_KERNEL); + } else sta = __mesh_sta_info_alloc(sdata, addr); return sta; Patches currently in stable-queue which might be from masashi.honma(a)gmail.com are queue-3.18/mac80211-suppress-new_peer_candidate-event-if-no-room.patch queue-3.18/mac80211-remove-invalid-flag-operations-in-mesh-tsf-synchronization.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "mac80211: Remove invalid flag operations in mesh TSF synchronization" has been added to the 3.18-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled mac80211: Remove invalid flag operations in mesh TSF synchronization to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: mac80211-remove-invalid-flag-operations-in-mesh-tsf-synchronization.patch and it can be found in the queue-3.18 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Tue Nov 28 10:58:31 CET 2017 From: Masashi Honma <masashi.honma(a)gmail.com> Date: Thu, 8 Dec 2016 10:15:50 +0900 Subject: mac80211: Remove invalid flag operations in mesh TSF synchronization From: Masashi Honma <masashi.honma(a)gmail.com> [ Upstream commit 76f43b4c0a9337af22827d78de4f2b8fd5328489 ] mesh_sync_offset_adjust_tbtt() implements Extensible synchronization framework ([1] 13.13.2 Extensible synchronization framework). It shall not operate the flag "TBTT Adjusting subfield" ([1] 8.4.2.100.8 Mesh Capability), since it is used only for MBCA ([1] 13.13.4 Mesh beacon collision avoidance, see 13.13.4.4.3 TBTT scanning and adjustment procedures for detail). So this patch remove the flag operations. [1] IEEE Std 802.11 2012 Signed-off-by: Masashi Honma <masashi.honma(a)gmail.com> [remove adjusting_tbtt entirely, since it's now unused] Signed-off-by: Johannes Berg <johannes.berg(a)intel.com> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/mac80211/ieee80211_i.h | 1 - net/mac80211/mesh.c | 3 --- net/mac80211/mesh_sync.c | 11 ----------- 3 files changed, 15 deletions(-) --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h @@ -640,7 +640,6 @@ struct ieee80211_if_mesh { const struct ieee80211_mesh_sync_ops *sync_ops; s64 sync_offset_clockdrift_max; spinlock_t sync_offset_lock; - bool adjusting_tbtt; /* mesh power save */ enum nl80211_mesh_power_mode nonpeer_pm; int ps_peers_light_sleep; --- a/net/mac80211/mesh.c +++ b/net/mac80211/mesh.c @@ -289,8 +289,6 @@ int mesh_add_meshconf_ie(struct ieee8021 /* Mesh PS mode. See IEEE802.11-2012 8.4.2.100.8 */ *pos |= ifmsh->ps_peers_deep_sleep ? IEEE80211_MESHCONF_CAPAB_POWER_SAVE_LEVEL : 0x00; - *pos++ |= ifmsh->adjusting_tbtt ? - IEEE80211_MESHCONF_CAPAB_TBTT_ADJUSTING : 0x00; *pos++ = 0x00; return 0; @@ -790,7 +788,6 @@ int ieee80211_start_mesh(struct ieee8021 ifmsh->mesh_cc_id = 0; /* Disabled */ /* register sync ops from extensible synchronization framework */ ifmsh->sync_ops = ieee80211_mesh_sync_ops_get(ifmsh->mesh_sp_id); - ifmsh->adjusting_tbtt = false; ifmsh->sync_offset_clockdrift_max = 0; set_bit(MESH_WORK_HOUSEKEEPING, &ifmsh->wrkq_flags); ieee80211_mesh_root_setup(ifmsh); --- a/net/mac80211/mesh_sync.c +++ b/net/mac80211/mesh_sync.c @@ -119,7 +119,6 @@ static void mesh_sync_offset_rx_bcn_pres */ if (elems->mesh_config && mesh_peer_tbtt_adjusting(elems)) { - clear_sta_flag(sta, WLAN_STA_TOFFSET_KNOWN); msync_dbg(sdata, "STA %pM : is adjusting TBTT\n", sta->sta.addr); goto no_sync; @@ -168,11 +167,9 @@ static void mesh_sync_offset_adjust_tbtt struct beacon_data *beacon) { struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh; - u8 cap; WARN_ON(ifmsh->mesh_sp_id != IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET); WARN_ON(!rcu_read_lock_held()); - cap = beacon->meshconf->meshconf_cap; spin_lock_bh(&ifmsh->sync_offset_lock); @@ -186,21 +183,13 @@ static void mesh_sync_offset_adjust_tbtt "TBTT : kicking off TBTT adjustment with clockdrift_max=%lld\n", ifmsh->sync_offset_clockdrift_max); set_bit(MESH_WORK_DRIFT_ADJUST, &ifmsh->wrkq_flags); - - ifmsh->adjusting_tbtt = true; } else { msync_dbg(sdata, "TBTT : max clockdrift=%lld; too small to adjust\n", (long long)ifmsh->sync_offset_clockdrift_max); ifmsh->sync_offset_clockdrift_max = 0; - - ifmsh->adjusting_tbtt = false; } spin_unlock_bh(&ifmsh->sync_offset_lock); - - beacon->meshconf->meshconf_cap = ifmsh->adjusting_tbtt ? - IEEE80211_MESHCONF_CAPAB_TBTT_ADJUSTING | cap : - ~IEEE80211_MESHCONF_CAPAB_TBTT_ADJUSTING & cap; } static const struct sync_method sync_methods[] = { Patches currently in stable-queue which might be from masashi.honma(a)gmail.com are queue-3.18/mac80211-suppress-new_peer_candidate-event-if-no-room.patch queue-3.18/mac80211-remove-invalid-flag-operations-in-mesh-tsf-synchronization.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "drm/armada: Fix compile fail" has been added to the 3.18-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled drm/armada: Fix compile fail to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: drm-armada-fix-compile-fail.patch and it can be found in the queue-3.18 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Tue Nov 28 10:58:31 CET 2017 From: Daniel Vetter <daniel.vetter(a)ffwll.ch> Date: Fri, 30 Dec 2016 17:38:52 +0100 Subject: drm/armada: Fix compile fail From: Daniel Vetter <daniel.vetter(a)ffwll.ch> [ Upstream commit 7357f89954b6d005df6ab8929759e78d7d9a80f9 ] I reported the include issue for tracepoints a while ago, but nothing seems to have happened. Now it bit us, since the drm_mm_print conversion was broken for armada. Fix it, so I can re-enable armada in the drm-misc build configs. v2: Rebase just the compile fix on top of Chris' build fix. Cc: Russell King <rmk+kernel(a)armlinux.org.uk> Cc: Chris Wilson <chris(a)chris-wilson.co.uk> Acked: Chris Wilson <chris(a)chris-wilson.co.uk> Signed-off-by: Daniel Vetter <daniel.vetter(a)intel.com> Link: http://patchwork.freedesktop.org/patch/msgid/1483115932-19584-1-git-send-em… Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/gpu/drm/armada/Makefile | 2 ++ 1 file changed, 2 insertions(+) --- a/drivers/gpu/drm/armada/Makefile +++ b/drivers/gpu/drm/armada/Makefile @@ -5,3 +5,5 @@ armada-y += armada_510.o armada-$(CONFIG_DEBUG_FS) += armada_debugfs.o obj-$(CONFIG_DRM_ARMADA) := armada.o + +CFLAGS_armada_trace.o := -I$(src) Patches currently in stable-queue which might be from daniel.vetter(a)ffwll.ch are queue-3.18/drm-armada-fix-compile-fail.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "btrfs: return the actual error value from from btrfs_uuid_tree_iterate" has been added to the 3.18-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled btrfs: return the actual error value from from btrfs_uuid_tree_iterate to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: btrfs-return-the-actual-error-value-from-from-btrfs_uuid_tree_iterate.patch and it can be found in the queue-3.18 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Tue Nov 28 10:58:31 CET 2017 From: Pan Bian <bianpan2016(a)163.com> Date: Sun, 4 Dec 2016 12:51:53 +0800 Subject: btrfs: return the actual error value from from btrfs_uuid_tree_iterate From: Pan Bian <bianpan2016(a)163.com> [ Upstream commit 73ba39ab9307340dc98ec3622891314bbc09cc2e ] In function btrfs_uuid_tree_iterate(), errno is assigned to variable ret on errors. However, it directly returns 0. It may be better to return ret. This patch also removes the warning, because the caller already prints a warning. Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=188731 Signed-off-by: Pan Bian <bianpan2016(a)163.com> Reviewed-by: Omar Sandoval <osandov(a)fb.com> [ edited subject ] Signed-off-by: David Sterba <dsterba(a)suse.com> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- fs/btrfs/uuid-tree.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) --- a/fs/btrfs/uuid-tree.c +++ b/fs/btrfs/uuid-tree.c @@ -348,7 +348,5 @@ skip: out: btrfs_free_path(path); - if (ret) - btrfs_warn(fs_info, "btrfs_uuid_tree_iterate failed %d", ret); - return 0; + return ret; } Patches currently in stable-queue which might be from bianpan2016(a)163.com are queue-3.18/net-3com-typhoon-typhoon_init_one-fix-incorrect-return-values.patch queue-3.18/btrfs-return-the-actual-error-value-from-from-btrfs_uuid_tree_iterate.patch queue-3.18/staging-iio-cdc-fix-improper-return-value.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data" has been added to the 3.18-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: asoc-wm_adsp-don-t-overrun-firmware-file-buffer-when-reading-region-data.patch and it can be found in the queue-3.18 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Tue Nov 28 10:58:31 CET 2017 From: Richard Fitzgerald <rf(a)opensource.wolfsonmicro.com> Date: Tue, 20 Dec 2016 10:29:12 +0000 Subject: ASoC: wm_adsp: Don't overrun firmware file buffer when reading region data From: Richard Fitzgerald <rf(a)opensource.wolfsonmicro.com> [ Upstream commit 1cab2a84f470e15ecc8e5143bfe9398c6e888032 ] Protect against corrupt firmware files by ensuring that the length we get for the data in a region actually lies within the available firmware file data buffer. Signed-off-by: Richard Fitzgerald <rf(a)opensource.wolfsonmicro.com> Signed-off-by: Mark Brown <broonie(a)kernel.org> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- sound/soc/codecs/wm_adsp.c | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) --- a/sound/soc/codecs/wm_adsp.c +++ b/sound/soc/codecs/wm_adsp.c @@ -532,7 +532,7 @@ static int wm_adsp_load(struct wm_adsp * const struct wmfw_region *region; const struct wm_adsp_region *mem; const char *region_name; - char *file, *text; + char *file, *text = NULL; struct wm_adsp_buf *buf; unsigned int reg; int regions = 0; @@ -677,10 +677,21 @@ static int wm_adsp_load(struct wm_adsp * regions, le32_to_cpu(region->len), offset, region_name); + if ((pos + le32_to_cpu(region->len) + sizeof(*region)) > + firmware->size) { + adsp_err(dsp, + "%s.%d: %s region len %d bytes exceeds file length %zu\n", + file, regions, region_name, + le32_to_cpu(region->len), firmware->size); + ret = -EINVAL; + goto out_fw; + } + if (text) { memcpy(text, region->data, le32_to_cpu(region->len)); adsp_info(dsp, "%s: %s\n", file, text); kfree(text); + text = NULL; } if (reg) { @@ -737,6 +748,7 @@ out_fw: regmap_async_complete(regmap); wm_adsp_buf_free(&buf_list); release_firmware(firmware); + kfree(text); out: kfree(file); @@ -1316,6 +1328,17 @@ static int wm_adsp_load_coeff(struct wm_ } if (reg) { + if ((pos + le32_to_cpu(blk->len) + sizeof(*blk)) > + firmware->size) { + adsp_err(dsp, + "%s.%d: %s region len %d bytes exceeds file length %zu\n", + file, blocks, region_name, + le32_to_cpu(blk->len), + firmware->size); + ret = -EINVAL; + goto out_fw; + } + buf = wm_adsp_buf_alloc(blk->data, le32_to_cpu(blk->len), &buf_list); Patches currently in stable-queue which might be from rf(a)opensource.wolfsonmicro.com are queue-3.18/asoc-wm_adsp-don-t-overrun-firmware-file-buffer-when-reading-region-data.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE" has been added to the 3.18-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: alsa-hda-apply-alc269_fixup_no_shutup-on-hda_fixup_act_probe.patch and it can be found in the queue-3.18 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Tue Nov 28 10:58:31 CET 2017 From: Gabriele Mazzotta <gabriele.mzt(a)gmail.com> Date: Sat, 24 Dec 2016 19:50:00 +0100 Subject: ALSA: hda - Apply ALC269_FIXUP_NO_SHUTUP on HDA_FIXUP_ACT_PROBE From: Gabriele Mazzotta <gabriele.mzt(a)gmail.com> [ Upstream commit 972aa2c708703c21f14eb958b37e82aae2530e44 ] Setting shutup when the action is HDA_FIXUP_ACT_PRE_PROBE might not have the desired effect since it could be overridden by another more generic shutup function. Prevent this by setting the more specific shutup function on HDA_FIXUP_ACT_PROBE. Signed-off-by: Gabriele Mazzotta <gabriele.mzt(a)gmail.com> Signed-off-by: Takashi Iwai <tiwai(a)suse.de> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- sound/pci/hda/patch_realtek.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -4289,7 +4289,7 @@ static void alc_no_shutup(struct hda_cod static void alc_fixup_no_shutup(struct hda_codec *codec, const struct hda_fixup *fix, int action) { - if (action == HDA_FIXUP_ACT_PRE_PROBE) { + if (action == HDA_FIXUP_ACT_PROBE) { struct alc_spec *spec = codec->spec; spec->shutup = alc_no_shutup; } Patches currently in stable-queue which might be from gabriele.mzt(a)gmail.com are queue-3.18/alsa-hda-apply-alc269_fixup_no_shutup-on-hda_fixup_act_probe.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "xen: xenbus driver must not accept invalid transaction ids" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled xen: xenbus driver must not accept invalid transaction ids to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: xen-xenbus-driver-must-not-accept-invalid-transaction-ids.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Tue Nov 28 10:56:34 CET 2017 From: Juergen Gross <jgross(a)suse.com> Date: Thu, 22 Dec 2016 08:19:46 +0100 Subject: xen: xenbus driver must not accept invalid transaction ids From: Juergen Gross <jgross(a)suse.com> [ Upstream commit 639b08810d6ad74ded2c5f6e233c4fcb9d147168 ] When accessing Xenstore in a transaction the user is specifying a transaction id which he normally obtained from Xenstore when starting the transaction. Xenstore is validating a transaction id against all known transaction ids of the connection the request came in. As all requests of a domain not being the one where Xenstore lives share one connection, validation of transaction ids of different users of Xenstore in that domain should be done by the kernel of that domain being the multiplexer between the Xenstore users in that domain and Xenstore. In order to prohibit one Xenstore user "hijacking" a transaction from another user the xenbus driver has to verify a given transaction id against all known transaction ids of the user before forwarding it to Xenstore. Signed-off-by: Juergen Gross <jgross(a)suse.com> Reviewed-by: Boris Ostrovsky <boris.ostrovsky(a)oracle.com> Signed-off-by: Juergen Gross <jgross(a)suse.com> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/xen/xenbus/xenbus_dev_frontend.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/xen/xenbus/xenbus_dev_frontend.c +++ b/drivers/xen/xenbus/xenbus_dev_frontend.c @@ -316,7 +316,7 @@ static int xenbus_write_transaction(unsi rc = -ENOMEM; goto out; } - } else if (msg_type == XS_TRANSACTION_END) { + } else if (u->u.msg.tx_id != 0) { list_for_each_entry(trans, &u->transactions, list) if (trans->handle.id == u->u.msg.tx_id) break; Patches currently in stable-queue which might be from jgross(a)suse.com are queue-4.4/xen-xenbus-driver-must-not-accept-invalid-transaction-ids.patch

7 years, 2 months

1
0
0 0

[Linux-stable-mirror] Patch "staging: iio: cdc: fix improper return value" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled staging: iio: cdc: fix improper return value to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: staging-iio-cdc-fix-improper-return-value.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Tue Nov 28 10:56:34 CET 2017 From: Pan Bian <bianpan2016(a)163.com> Date: Sat, 3 Dec 2016 21:44:30 +0800 Subject: staging: iio: cdc: fix improper return value From: Pan Bian <bianpan2016(a)163.com> [ Upstream commit 91ca1a8c584f55857b1f6ab20a1d3a1ce7a559bb ] At the end of function ad7150_write_event_config(), directly returns 0. As a result, the errors will be ignored by the callers. It may be better to return variable "ret". Signed-off-by: Pan Bian <bianpan2016(a)163.com> Signed-off-by: Jonathan Cameron <jic23(a)kernel.org> Signed-off-by: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/staging/iio/cdc/ad7150.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/staging/iio/cdc/ad7150.c +++ b/drivers/staging/iio/cdc/ad7150.c @@ -272,7 +272,7 @@ static int ad7150_write_event_config(str error_ret: mutex_unlock(&chip->state_lock); - return 0; + return ret; } static int ad7150_read_event_value(struct iio_dev *indio_dev, Patches currently in stable-queue which might be from bianpan2016(a)163.com are queue-4.4/iio-light-fix-improper-return-value.patch queue-4.4/net-3com-typhoon-typhoon_init_one-fix-incorrect-return-values.patch queue-4.4/btrfs-return-the-actual-error-value-from-from-btrfs_uuid_tree_iterate.patch queue-4.4/staging-iio-cdc-fix-improper-return-value.patch

7 years, 2 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror