- Linux-stable-mirror - lists.linaro.org

[Linux-stable-mirror] Patch "ANDROID: binder: remove waitqueue when thread exits." has been added to the 4.15-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled ANDROID: binder: remove waitqueue when thread exits. to the 4.15-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: android-binder-remove-waitqueue-when-thread-exits.patch and it can be found in the queue-4.15 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From f5cb779ba16334b45ba8946d6bfa6d9834d1527f Mon Sep 17 00:00:00 2001 From: Martijn Coenen <maco(a)android.com> Date: Fri, 5 Jan 2018 11:27:07 +0100 Subject: ANDROID: binder: remove waitqueue when thread exits. From: Martijn Coenen <maco(a)android.com> commit f5cb779ba16334b45ba8946d6bfa6d9834d1527f upstream. binder_poll() passes the thread->wait waitqueue that can be slept on for work. When a thread that uses epoll explicitly exits using BINDER_THREAD_EXIT, the waitqueue is freed, but it is never removed from the corresponding epoll data structure. When the process subsequently exits, the epoll cleanup code tries to access the waitlist, which results in a use-after-free. Prevent this by using POLLFREE when the thread exits. Signed-off-by: Martijn Coenen <maco(a)android.com> Reported-by: syzbot <syzkaller(a)googlegroups.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/android/binder.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) --- a/drivers/android/binder.c +++ b/drivers/android/binder.c @@ -4302,6 +4302,18 @@ static int binder_thread_release(struct if (t) spin_lock(&t->lock); } + + /* + * If this thread used poll, make sure we remove the waitqueue + * from any epoll data structures holding it with POLLFREE. + * waitqueue_active() is safe to use here because we're holding + * the inner lock. + */ + if ((thread->looper & BINDER_LOOPER_STATE_POLL) && + waitqueue_active(&thread->wait)) { + wake_up_poll(&thread->wait, POLLHUP | POLLFREE); + } + binder_inner_proc_unlock(thread->proc); if (send_reply) Patches currently in stable-queue which might be from maco(a)android.com are queue-4.15/android-binder-remove-waitqueue-when-thread-exits.patch queue-4.15/android-binder-use-vm_alloc-to-get-vm-area.patch

7 years, 4 months

1
0
0 0

[Linux-stable-mirror] Patch "x86/efi: Clarify that reset attack mitigation needs appropriate userspace" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled x86/efi: Clarify that reset attack mitigation needs appropriate userspace to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: x86-efi-clarify-that-reset-attack-mitigation-needs-appropriate-userspace.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From a5c03c31af2291f13689d11760c0b59fb70c9a5a Mon Sep 17 00:00:00 2001 From: Matthew Garrett <mjg59(a)google.com> Date: Tue, 16 Jan 2018 09:10:02 +0000 Subject: x86/efi: Clarify that reset attack mitigation needs appropriate userspace From: Matthew Garrett <mjg59(a)google.com> commit a5c03c31af2291f13689d11760c0b59fb70c9a5a upstream. Some distributions have turned on the reset attack mitigation feature, which is designed to force the platform to clear the contents of RAM if the machine is shut down uncleanly. However, in order for the platform to be able to determine whether the shutdown was clean or not, userspace has to be configured to clear the MemoryOverwriteRequest flag on shutdown - otherwise the firmware will end up clearing RAM on every reboot, which is unnecessarily time consuming. Add some additional clarity to the kconfig text to reduce the risk of systems being configured this way. Signed-off-by: Matthew Garrett <mjg59(a)google.com> Acked-by: Ard Biesheuvel <ard.biesheuvel(a)linaro.org> Cc: Linus Torvalds <torvalds(a)linux-foundation.org> Cc: Peter Zijlstra <peterz(a)infradead.org> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: linux-efi(a)vger.kernel.org Cc: linux-kernel(a)vger.kernel.org Signed-off-by: Ingo Molnar <mingo(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/firmware/efi/Kconfig | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) --- a/drivers/firmware/efi/Kconfig +++ b/drivers/firmware/efi/Kconfig @@ -159,7 +159,10 @@ config RESET_ATTACK_MITIGATION using the TCG Platform Reset Attack Mitigation specification. This protects against an attacker forcibly rebooting the system while it still contains secrets in RAM, booting another OS and extracting the - secrets. + secrets. This should only be enabled when userland is configured to + clear the MemoryOverwriteRequest flag on clean shutdown after secrets + have been evicted, since otherwise it will trigger even on clean + reboots. endmenu Patches currently in stable-queue which might be from mjg59(a)google.com are queue-4.14/x86-efi-clarify-that-reset-attack-mitigation-needs-appropriate-userspace.patch

7 years, 4 months

1
0
0 0

[Linux-stable-mirror] Patch "usbip: prevent bind loops on devices attached to vhci_hcd" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usbip: prevent bind loops on devices attached to vhci_hcd to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: usbip-prevent-bind-loops-on-devices-attached-to-vhci_hcd.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From ef54cf0c600fb8f5737fb001a9e357edda1a1de8 Mon Sep 17 00:00:00 2001 From: Shuah Khan <shuahkh(a)osg.samsung.com> Date: Wed, 17 Jan 2018 12:07:30 -0700 Subject: usbip: prevent bind loops on devices attached to vhci_hcd From: Shuah Khan <shuahkh(a)osg.samsung.com> commit ef54cf0c600fb8f5737fb001a9e357edda1a1de8 upstream. usbip host binds to devices attached to vhci_hcd on the same server when user does attach over localhost or specifies the server as the remote. usbip attach -r localhost -b busid or usbip attach -r servername (or server IP) Unbind followed by bind works, however device is left in a bad state with accesses via the attached busid result in errors and system hangs during shutdown. Fix it to check and bail out if the device is already attached to vhci_hcd. Signed-off-by: Shuah Khan <shuahkh(a)osg.samsung.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- tools/usb/usbip/src/usbip_bind.c | 9 +++++++++ 1 file changed, 9 insertions(+) --- a/tools/usb/usbip/src/usbip_bind.c +++ b/tools/usb/usbip/src/usbip_bind.c @@ -144,6 +144,7 @@ static int bind_device(char *busid) int rc; struct udev *udev; struct udev_device *dev; + const char *devpath; /* Check whether the device with this bus ID exists. */ udev = udev_new(); @@ -152,8 +153,16 @@ static int bind_device(char *busid) err("device with the specified bus ID does not exist"); return -1; } + devpath = udev_device_get_devpath(dev); udev_unref(udev); + /* If the device is already attached to vhci_hcd - bail out */ + if (strstr(devpath, USBIP_VHCI_DRV_NAME)) { + err("bind loop detected: device: %s is attached to %s\n", + devpath, USBIP_VHCI_DRV_NAME); + return -1; + } + rc = unbind_other(busid); if (rc == UNBIND_ST_FAILED) { err("could not unbind driver from device on busid %s", busid); Patches currently in stable-queue which might be from shuahkh(a)osg.samsung.com are queue-4.14/usbip-list-don-t-list-devices-attached-to-vhci_hcd.patch queue-4.14/usbip-prevent-bind-loops-on-devices-attached-to-vhci_hcd.patch queue-4.14/cpupowerutils-bench-fix-cpu-online-check.patch queue-4.14/cpupower-fix-cpupower-working-when-cpu0-is-offline.patch

7 years, 4 months

1
0
0 0

[Linux-stable-mirror] Patch "usbip: list: don't list devices attached to vhci_hcd" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usbip: list: don't list devices attached to vhci_hcd to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: usbip-list-don-t-list-devices-attached-to-vhci_hcd.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From ef824501f50846589f02173d73ce3fe6021a9d2a Mon Sep 17 00:00:00 2001 From: Shuah Khan <shuahkh(a)osg.samsung.com> Date: Wed, 17 Jan 2018 12:08:03 -0700 Subject: usbip: list: don't list devices attached to vhci_hcd From: Shuah Khan <shuahkh(a)osg.samsung.com> commit ef824501f50846589f02173d73ce3fe6021a9d2a upstream. usbip host lists devices attached to vhci_hcd on the same server when user does attach over localhost or specifies the server as the remote. usbip attach -r localhost -b busid or usbip attach -r servername (or server IP) Fix it to check and not list devices that are attached to vhci_hcd. Signed-off-by: Shuah Khan <shuahkh(a)osg.samsung.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- tools/usb/usbip/src/usbip_list.c | 9 +++++++++ 1 file changed, 9 insertions(+) --- a/tools/usb/usbip/src/usbip_list.c +++ b/tools/usb/usbip/src/usbip_list.c @@ -187,6 +187,7 @@ static int list_devices(bool parsable) const char *busid; char product_name[128]; int ret = -1; + const char *devpath; /* Create libudev context. */ udev = udev_new(); @@ -209,6 +210,14 @@ static int list_devices(bool parsable) path = udev_list_entry_get_name(dev_list_entry); dev = udev_device_new_from_syspath(udev, path); + /* Ignore devices attached to vhci_hcd */ + devpath = udev_device_get_devpath(dev); + if (strstr(devpath, USBIP_VHCI_DRV_NAME)) { + dbg("Skip the device %s already attached to %s\n", + devpath, USBIP_VHCI_DRV_NAME); + continue; + } + /* Get device information. */ idVendor = udev_device_get_sysattr_value(dev, "idVendor"); idProduct = udev_device_get_sysattr_value(dev, "idProduct"); Patches currently in stable-queue which might be from shuahkh(a)osg.samsung.com are queue-4.14/usbip-list-don-t-list-devices-attached-to-vhci_hcd.patch queue-4.14/usbip-prevent-bind-loops-on-devices-attached-to-vhci_hcd.patch queue-4.14/cpupowerutils-bench-fix-cpu-online-check.patch queue-4.14/cpupower-fix-cpupower-working-when-cpu0-is-offline.patch

7 years, 4 months

1
0
0 0

[Linux-stable-mirror] Patch "usb: uas: unconditionally bring back host after reset" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usb: uas: unconditionally bring back host after reset to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: usb-uas-unconditionally-bring-back-host-after-reset.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From cbeef22fd611c4f47c494b821b2b105b8af970bb Mon Sep 17 00:00:00 2001 From: Oliver Neukum <oneukum(a)suse.com> Date: Thu, 11 Jan 2018 13:10:16 +0100 Subject: usb: uas: unconditionally bring back host after reset From: Oliver Neukum <oneukum(a)suse.com> commit cbeef22fd611c4f47c494b821b2b105b8af970bb upstream. Quoting Hans: If we return 1 from our post_reset handler, then our disconnect handler will be called immediately afterwards. Since pre_reset blocks all scsi requests our disconnect handler will then hang in the scsi_remove_host call. This is esp. bad because our disconnect handler hanging for ever also stops the USB subsys from enumerating any new USB devices, causes commands like lsusb to hang, etc. In practice this happens when unplugging some uas devices because the hub code may see the device as needing a warm-reset and calls usb_reset_device before seeing the disconnect. In this case uas_configure_endpoints fails with -ENODEV. We do not want to print an error for this, so this commit also silences the shost_printk for -ENODEV. ENDQUOTE However, if we do that we better drop any unconditional execution and report to the SCSI subsystem that we have undergone a reset but we are not operational now. Signed-off-by: Oliver Neukum <oneukum(a)suse.com> Reported-by: Hans de Goede <hdegoede(a)redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/storage/uas.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) --- a/drivers/usb/storage/uas.c +++ b/drivers/usb/storage/uas.c @@ -1076,20 +1076,19 @@ static int uas_post_reset(struct usb_int return 0; err = uas_configure_endpoints(devinfo); - if (err) { + if (err && err != ENODEV) shost_printk(KERN_ERR, shost, "%s: alloc streams error %d after reset", __func__, err); - return 1; - } + /* we must unblock the host in every case lest we deadlock */ spin_lock_irqsave(shost->host_lock, flags); scsi_report_bus_reset(shost, 0); spin_unlock_irqrestore(shost->host_lock, flags); scsi_unblock_requests(shost); - return 0; + return err ? 1 : 0; } static int uas_suspend(struct usb_interface *intf, pm_message_t message) Patches currently in stable-queue which might be from oneukum(a)suse.com are queue-4.14/usb-uas-unconditionally-bring-back-host-after-reset.patch queue-4.14/cdc-acm-apply-quirk-for-card-reader.patch queue-4.14/usb-cdc-acm-do-not-log-urb-submission-errors-on-disconnect.patch

7 years, 4 months

1
0
0 0

[Linux-stable-mirror] Patch "USB: serial: simple: add Motorola Tetra driver" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: simple: add Motorola Tetra driver to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: usb-serial-simple-add-motorola-tetra-driver.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 46fe895e22ab3845515ec06b01eaf1282b342e29 Mon Sep 17 00:00:00 2001 From: Johan Hovold <johan(a)kernel.org> Date: Thu, 18 Jan 2018 14:46:41 +1100 Subject: USB: serial: simple: add Motorola Tetra driver From: Johan Hovold <johan(a)kernel.org> commit 46fe895e22ab3845515ec06b01eaf1282b342e29 upstream. Add new Motorola Tetra (simple) driver for Motorola Solutions TETRA PEI devices. D: Ver= 2.00 Cls=00(>ifc ) Sub=00 Prot=00 MxPS=64 #Cfgs= 1 P: Vendor=0cad ProdID=9011 Rev=24.16 S: Manufacturer=Motorola Solutions Inc. S: Product=Motorola Solutions TETRA PEI interface C: #Ifs= 2 Cfg#= 1 Atr=80 MxPwr=500mA I: If#= 0 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=00 Prot=00 Driver=(none) I: If#= 1 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=00 Prot=00 Driver=(none) Note that these devices do not support the CDC SET_CONTROL_LINE_STATE request (for any interface). Reported-by: Max Schulze <max.schulze(a)posteo.de> Tested-by: Max Schulze <max.schulze(a)posteo.de> Signed-off-by: Johan Hovold <johan(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/serial/Kconfig | 1 + drivers/usb/serial/usb-serial-simple.c | 7 +++++++ 2 files changed, 8 insertions(+) --- a/drivers/usb/serial/Kconfig +++ b/drivers/usb/serial/Kconfig @@ -63,6 +63,7 @@ config USB_SERIAL_SIMPLE - Google USB serial devices - HP4x calculators - a number of Motorola phones + - Motorola Tetra devices - Novatel Wireless GPS receivers - Siemens USB/MPI adapter. - ViVOtech ViVOpay USB device. --- a/drivers/usb/serial/usb-serial-simple.c +++ b/drivers/usb/serial/usb-serial-simple.c @@ -80,6 +80,11 @@ DEVICE(vivopay, VIVOPAY_IDS); { USB_DEVICE(0x22b8, 0x2c64) } /* Motorola V950 phone */ DEVICE(moto_modem, MOTO_IDS); +/* Motorola Tetra driver */ +#define MOTOROLA_TETRA_IDS() \ + { USB_DEVICE(0x0cad, 0x9011) } /* Motorola Solutions TETRA PEI */ +DEVICE(motorola_tetra, MOTOROLA_TETRA_IDS); + /* Novatel Wireless GPS driver */ #define NOVATEL_IDS() \ { USB_DEVICE(0x09d7, 0x0100) } /* NovAtel FlexPack GPS */ @@ -110,6 +115,7 @@ static struct usb_serial_driver * const &google_device, &vivopay_device, &moto_modem_device, + &motorola_tetra_device, &novatel_gps_device, &hp4x_device, &suunto_device, @@ -125,6 +131,7 @@ static const struct usb_device_id id_tab GOOGLE_IDS(), VIVOPAY_IDS(), MOTO_IDS(), + MOTOROLA_TETRA_IDS(), NOVATEL_IDS(), HP4X_IDS(), SUUNTO_IDS(), Patches currently in stable-queue which might be from johan(a)kernel.org are queue-4.14/usb-serial-pl2303-new-device-id-for-chilitag.patch queue-4.14/usb-serial-simple-add-motorola-tetra-driver.patch queue-4.14/usb-serial-io_edgeport-fix-possible-sleep-in-atomic.patch queue-4.14/usb-option-add-support-for-fs040u-modem.patch

7 years, 4 months

1
0
0 0

[Linux-stable-mirror] Patch "USB: serial: pl2303: new device id for Chilitag" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: pl2303: new device id for Chilitag to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: usb-serial-pl2303-new-device-id-for-chilitag.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From d08dd3f3dd2ae351b793fc5b76abdbf0fd317b12 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Date: Thu, 25 Jan 2018 09:48:55 +0100 Subject: USB: serial: pl2303: new device id for Chilitag MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit From: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> commit d08dd3f3dd2ae351b793fc5b76abdbf0fd317b12 upstream. This adds a new device id for Chilitag devices to the pl2303 driver. Reported-by: "Chu.Mike [朱堅宜]" <Mike-Chu(a)prolific.com.tw> Acked-by: Johan Hovold <johan(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/serial/pl2303.c | 1 + drivers/usb/serial/pl2303.h | 1 + 2 files changed, 2 insertions(+) --- a/drivers/usb/serial/pl2303.c +++ b/drivers/usb/serial/pl2303.c @@ -41,6 +41,7 @@ static const struct usb_device_id id_tab { USB_DEVICE(PL2303_VENDOR_ID, PL2303_PRODUCT_ID_RSAQ2) }, { USB_DEVICE(PL2303_VENDOR_ID, PL2303_PRODUCT_ID_DCU11) }, { USB_DEVICE(PL2303_VENDOR_ID, PL2303_PRODUCT_ID_RSAQ3) }, + { USB_DEVICE(PL2303_VENDOR_ID, PL2303_PRODUCT_ID_CHILITAG) }, { USB_DEVICE(PL2303_VENDOR_ID, PL2303_PRODUCT_ID_PHAROS) }, { USB_DEVICE(PL2303_VENDOR_ID, PL2303_PRODUCT_ID_ALDIGA) }, { USB_DEVICE(PL2303_VENDOR_ID, PL2303_PRODUCT_ID_MMX) }, --- a/drivers/usb/serial/pl2303.h +++ b/drivers/usb/serial/pl2303.h @@ -17,6 +17,7 @@ #define PL2303_PRODUCT_ID_DCU11 0x1234 #define PL2303_PRODUCT_ID_PHAROS 0xaaa0 #define PL2303_PRODUCT_ID_RSAQ3 0xaaa2 +#define PL2303_PRODUCT_ID_CHILITAG 0xaaa8 #define PL2303_PRODUCT_ID_ALDIGA 0x0611 #define PL2303_PRODUCT_ID_MMX 0x0612 #define PL2303_PRODUCT_ID_GPRS 0x0609 Patches currently in stable-queue which might be from gregkh(a)linuxfoundation.org are queue-4.14/kvm-nvmx-fix-vmx_check_nested_events-return-value-in-case-an-event-was-reinjected-to-l2.patch queue-4.14/kvm-x86-don-t-re-execute-instruction-when-not-passing-cr2-value.patch queue-4.14/drm-bridge-tc358767-fix-timing-calculations.patch queue-4.14/lockd-fix-list_add-double-add-caused-by-legacy-signal-interface.patch queue-4.14/xfs-always-free-inline-data-before-resetting-inode-fork-during-ifree.patch queue-4.14/kvm-x86-fix-em_fxstor-sleeping-while-in-atomic.patch queue-4.14/s390-zcrypt-fix-wrong-comparison-leading-to-strange-load-balancing.patch queue-4.14/crypto-ecdh-fix-typo-in-kpp-dependency-of-crypto_ecdh.patch queue-4.14/quota-propagate-error-from-__dquot_initialize.patch queue-4.14/kvm-x86-ioapic-preserve-read-only-values-in-the-redirection-table.patch queue-4.14/vfs-handle-lazytime-in-do_mount.patch queue-4.14/nfsd-ensure-we-check-stateid-validity-in-the-seqid-operation-checks.patch queue-4.14/hid-wacom-ekr-ensure-devres-groups-at-higher-indexes-are-released.patch queue-4.14/kvm-nvmx-fix-mmu-context-after-vmlaunch-vmresume-failure.patch queue-4.14/alsa-hda-reduce-the-suspend-time-consumption-for-alc256.patch queue-4.14/staging-lustre-separate-a-connection-destroy-from-free-struct-kib_conn.patch queue-4.14/drm-amdgpu-don-t-try-to-move-pinned-bos.patch queue-4.14/sunrpc-allow-connect-to-return-ehostunreach.patch queue-4.14/tty-fix-data-race-between-tty_init_dev-and-flush-of-buf.patch queue-4.14/nvme-pci-avoid-hmb-desc-array-idx-out-of-bound-when-hmmaxd-set.patch queue-4.14/crypto-aesni-fix-out-of-bounds-access-of-the-data-buffer-in-generic-gcm-aesni.patch queue-4.14/drm-omap-displays-panel-dpi-add-backlight-dependency.patch queue-4.14/drm-bridge-tc358767-fix-auxdatan-registers-access.patch queue-4.14/xfs-log-recovery-should-replay-deferred-ops-in-order.patch queue-4.14/nfsd-check-for-use-of-the-closed-special-stateid.patch queue-4.14/kvm-x86-ioapic-fix-level-triggered-eoi-and-ioapic-reconfigure-race.patch queue-4.14/bcache-check-return-value-of-register_shrinker.patch queue-4.14/nfsd-close-should-return-the-invalid-special-stateid-for-nfsv4.x-x-0.patch queue-4.14/crypto-af_alg-whitelist-mask-and-type.patch queue-4.14/arm-dts-nsp-disable-ahci-controller-for-hr-nsp-boards.patch queue-4.14/quota-check-for-register_shrinker-failure.patch queue-4.14/mac80211-fix-the-update-of-path-metric-for-rann-frame.patch queue-4.14/xen-netfront-remove-warning-when-unloading-module.patch queue-4.14/nvmet-fc-correct-ref-counting-error-when-deferred-rcv-used.patch queue-4.14/crypto-gcm-add-gcm-iv-size-constant.patch queue-4.14/null_blk-fix-dev-badblocks-leak.patch queue-4.14/kvm-vmx-fix-rflags-cache-during-vcpu-reset.patch queue-4.14/drm-rockchip-dw-mipi-dsi-fix-possible-un-balanced-runtime-pm-enable.patch queue-4.14/hid-wacom-fix-reporting-of-touch-toggle-wacom_hid_wd_mute_device-events.patch queue-4.14/nvme-fabrics-introduce-init-command-check-for-a-queue-that-is-not-alive.patch queue-4.14/crypto-aesni-handle-zero-length-dst-buffer.patch queue-4.14/drm-bridge-fix-lvds-encoder-since-the-panel_bridge-rework.patch queue-4.14/mei-me-allow-runtime-pm-for-platform-with-d0i3.patch queue-4.14/iio-chemical-ccs811-fix-output-of-iio_concentration-channels.patch queue-4.14/kmemleak-add-scheduling-point-to-kmemleak_scan.patch queue-4.14/net-ethernet-xilinx-mark-xilinx_ll_temac-broken-on-64-bit.patch queue-4.14/bnxt_en-fix-an-error-handling-path-in-bnxt_get_module_eeprom.patch queue-4.14/staging-ccree-fix-fips-event-irq-handling-build.patch queue-4.14/test_firmware-fix-missing-unlock-on-error-in-config_num_requests_store.patch queue-4.14/drm-amdkfd-fix-sdma-oversubsription-handling.patch queue-4.14/staging-ccree-nullify-backup_info-when-unused.patch queue-4.14/scripts-faddr2line-extend-usage-on-generic-arch.patch queue-4.14/grace-replace-bug_on-by-warn_once-in-exit_net-hook.patch queue-4.14/xfs-ubsan-fixes.patch queue-4.14/gpio-iop-add-missing-module_description-author-license.patch queue-4.14/net-phy-marvell10g-fix-the-phy-id-mask.patch queue-4.14/kvm-x86-emulate-ud-while-in-guest-mode.patch queue-4.14/arm-dts-nsp-fix-ppi-interrupt-types.patch queue-4.14/xfs-fortify-xfs_alloc_buftarg-error-handling.patch queue-4.14/usbip-list-don-t-list-devices-attached-to-vhci_hcd.patch queue-4.14/scsi-ufs-ufshcd-fix-potential-null-pointer-dereference-in-ufshcd_config_vreg.patch queue-4.14/btrfs-bail-out-gracefully-rather-than-bug_on.patch queue-4.14/kvm-x86-fix-operand-address-size-during-instruction-decoding.patch queue-4.14/crypto-aesni-add-wrapper-for-generic-gcm-aes.patch queue-4.14/rxrpc-the-mutex-lock-returned-by-rxrpc_accept_call-needs-releasing.patch queue-4.14/usb-uas-unconditionally-bring-back-host-after-reset.patch queue-4.14/kvm-x86-emulator-return-to-user-mode-on-l1-cpl-0-emulation-failure.patch queue-4.14/sctp-set-sender-next_tsn-for-the-old-result-with-ctsn_ack_point-plus-1.patch queue-4.14/crypto-aesni-fix-typo-in-generic_gcmaes_decrypt.patch queue-4.14/kvm-nvmx-nsvm-don-t-intercept-ud-when-running-l2.patch queue-4.14/nvme-fc-check-if-queue-is-ready-in-queue_rq.patch queue-4.14/btrfs-incremental-send-fix-wrong-unlink-path-after-renaming-file.patch queue-4.14/usb-gadget-fix-high-bandwidth-check-in-usb_gadget_ep_match_desc.patch queue-4.14/usbip-prevent-bind-loops-on-devices-attached-to-vhci_hcd.patch queue-4.14/kvm-let-kvm_set_signal_mask-work-as-advertised.patch queue-4.14/btrfs-fix-deadlock-when-writing-out-space-cache.patch queue-4.14/drm-amdkfd-fix-sdma-ring-buffer-size-calculation.patch queue-4.14/input-synaptics-rmi4-do-not-delete-interrupt-memory-too-early.patch queue-4.14/scsi-aacraid-prevent-crash-in-case-of-free-interrupt-during-scsi-eh-path.patch queue-4.14/iwlwifi-mvm-fix-the-tx-queue-hang-timeout-for-monitor-vif-type.patch queue-4.14/android-binder-remove-waitqueue-when-thread-exits.patch queue-4.14/net-mvpp2-fix-the-txq_init-error-path.patch queue-4.14/drm-bridge-tc358767-filter-out-too-high-modes.patch queue-4.14/nvme-pci-fix-null-pointer-dereference-in-nvme_free_host_mem.patch queue-4.14/ima-policy-fix-parsing-of-fsuuid.patch queue-4.14/kvm-x86-fix-cpuid-function-for-word-6-80000001_ecx.patch queue-4.14/kvm-x86-fix-softlockup-when-get-the-current-kvmclock.patch queue-4.14/spi-imx-do-not-access-registers-while-clocks-disabled.patch queue-4.14/cdc-acm-apply-quirk-for-card-reader.patch queue-4.14/staging-rtl8188eu-fix-incorrect-response-to-siocgiwessid.patch queue-4.14/crypto-aesni-fix-out-of-bounds-access-of-the-aad-buffer-in-generic-gcm-aesni.patch queue-4.14/serial-imx-only-wakeup-via-rtsden-bit-if-the-system-has-rts-cts.patch queue-4.14/btrfs-fix-transaction-abort-during-failure-in-btrfs_rm_dev_item.patch queue-4.14/xfs-properly-retry-failed-dquot-items-in-case-of-error-during-buffer-writeback.patch queue-4.14/rxrpc-provide-a-different-lockdep-key-for-call-user_mutex-for-kernel-calls.patch queue-4.14/cpupowerutils-bench-fix-cpu-online-check.patch queue-4.14/serial-8250_of-fix-return-code-when-probe-function-fails-to-get-reset.patch queue-4.14/iio-adc-stm32-fix-scan-of-multiple-channels-with-dma.patch queue-4.14/drm-bridge-tc358767-fix-1-lane-behavior.patch queue-4.14/mac80211-use-qos-ndp-for-ap-probing.patch queue-4.14/drm-amdgpu-fix-sdma-load-unload-sequence-on-hws-disabled-mode.patch queue-4.14/kvm-x86-ioapic-clear-remote-irr-when-entry-is-switched-to-edge-triggered.patch queue-4.14/cpufreq-add-loongson-machine-dependencies.patch queue-4.14/power-reset-zx-reboot-add-missing-module_description-author-license.patch queue-4.14/igb-free-irqs-when-device-is-hotplugged.patch queue-4.14/i2c-i2c-boardinfo-fix-memory-leaks-on-devinfo.patch queue-4.14/scsi-aacraid-fix-udev-inquiry-race-condition.patch queue-4.14/scsi-aacraid-fix-hang-in-kdump.patch queue-4.14/nvme-pci-disable-apst-on-samsung-ssd-960-evo-asus-prime-b350m-a.patch queue-4.14/acpi-bus-leave-modalias-empty-for-devices-which-are-not-present.patch queue-4.14/nvme-loop-check-if-queue-is-ready-in-queue_rq.patch queue-4.14/tools-gpio-fix-build-error-with-musl-libc.patch queue-4.14/futex-fix-owner_dead-fixup.patch queue-4.14/perf-core-fix-memory-leak-triggered-by-perf-namespace.patch queue-4.14/sctp-only-allow-the-asoc-reset-when-the-asoc-outq-is-empty.patch queue-4.14/android-binder-use-vm_alloc-to-get-vm-area.patch queue-4.14/drm-bridge-tc358767-fix-dp0_misc-register-set.patch queue-4.14/crypto-inside-secure-avoid-unmapping-dma-memory-that-was-not-mapped.patch queue-4.14/drm-vc4-move-irq-enable-to-pm-path.patch queue-4.14/usb-gadget-don-t-dereference-g-until-after-it-has-been-null-checked.patch queue-4.14/sctp-avoid-flushing-unsent-queue-when-doing-asoc-reset.patch queue-4.14/gpio-fix-kernel-stack-leak-to-userspace.patch queue-4.14/gpio-ath79-add-missing-module_description-license.patch queue-4.14/crypto-aesni-use-gcm-iv-size-constant.patch queue-4.14/drm-omap-fix-error-handling-path-in-omap_dmm_probe.patch queue-4.14/loop-fix-concurrent-lo_open-lo_release.patch queue-4.14/media-usbtv-add-a-new-usbid.patch queue-4.14/btrfs-fix-list_add-corruption-and-soft-lockups-in-fsync.patch queue-4.14/x86-xen-support-early-interrupts-in-xen-pv-guests.patch queue-4.14/drm-bridge-tc358767-do-no-fail-on-hi-res-displays.patch queue-4.14/usb-serial-pl2303-new-device-id-for-chilitag.patch queue-4.14/usb-serial-simple-add-motorola-tetra-driver.patch queue-4.14/usb-cdc-acm-do-not-log-urb-submission-errors-on-disconnect.patch queue-4.14/s390-fix-alloc_pgste-check-in-init_new_context-again.patch queue-4.14/s390-topology-fix-compile-error-in-file-arch-s390-kernel-smp.c.patch queue-4.14/cpupower-fix-cpupower-working-when-cpu0-is-offline.patch queue-4.14/auxdisplay-img-ascii-lcd-only-build-on-archs-that-have-iomem.patch queue-4.14/nvme-rdma-don-t-complete-requests-before-a-send-work-request-has-completed.patch queue-4.14/usb-serial-io_edgeport-fix-possible-sleep-in-atomic.patch queue-4.14/usb-option-add-support-for-fs040u-modem.patch queue-4.14/input-synaptics-rmi4-unmask-f03-interrupts-when-port-is-opened.patch queue-4.14/usb-f_fs-prevent-gadget-unbind-if-it-is-already-unbound.patch queue-4.14/crypto-inside-secure-fix-hash-when-length-is-a-multiple-of-a-block.patch queue-4.14/iwlwifi-fix-access-to-prph-when-transport-is-stopped.patch queue-4.14/rxrpc-fix-service-endpoint-expiry.patch queue-4.14/uapi-fix-linux-kfd_ioctl.h-userspace-compilation-errors.patch queue-4.14/crypto-sha3-generic-fixes-for-alignment-and-big-endian-operation.patch queue-4.14/hwmon-pmbus-use-64bit-math-for-direct-format-values.patch queue-4.14/reiserfs-remove-unneeded-i_version-bump.patch queue-4.14/openvswitch-fix-the-incorrect-flow-action-alloc-size.patch queue-4.14/gpio-stmpe-i2c-transfer-are-forbiden-in-atomic-context.patch queue-4.14/mtd-nand-denali_pci-add-missing-module_description-author-license.patch queue-4.14/x86-efi-clarify-that-reset-attack-mitigation-needs-appropriate-userspace.patch queue-4.14/serial-8250_uniphier-fix-error-return-code-in-uniphier_uart_probe.patch queue-4.14/drm-vc4-account-for-interrupts-in-flight.patch queue-4.14/race-of-lockd-inetaddr-notifiers-vs-nlmsvc_rqst-change.patch

7 years, 4 months

1
0
0 0

[Linux-stable-mirror] Patch "USB: serial: io_edgeport: fix possible sleep-in-atomic" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled USB: serial: io_edgeport: fix possible sleep-in-atomic to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: usb-serial-io_edgeport-fix-possible-sleep-in-atomic.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From c7b8f77872c73f69a16528a9eb87afefcccdc18b Mon Sep 17 00:00:00 2001 From: Jia-Ju Bai <baijiaju1990(a)gmail.com> Date: Wed, 13 Dec 2017 20:34:36 +0800 Subject: USB: serial: io_edgeport: fix possible sleep-in-atomic From: Jia-Ju Bai <baijiaju1990(a)gmail.com> commit c7b8f77872c73f69a16528a9eb87afefcccdc18b upstream. According to drivers/usb/serial/io_edgeport.c, the driver may sleep under a spinlock. The function call path is: edge_bulk_in_callback (acquire the spinlock) process_rcvd_data process_rcvd_status change_port_settings send_iosp_ext_cmd write_cmd_usb usb_kill_urb --> may sleep To fix it, the redundant usb_kill_urb() is removed from the error path after usb_submit_urb() fails. This possible bug is found by my static analysis tool (DSAC) and checked by my code review. Signed-off-by: Jia-Ju Bai <baijiaju1990(a)gmail.com> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Johan Hovold <johan(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/serial/io_edgeport.c | 1 - 1 file changed, 1 deletion(-) --- a/drivers/usb/serial/io_edgeport.c +++ b/drivers/usb/serial/io_edgeport.c @@ -2286,7 +2286,6 @@ static int write_cmd_usb(struct edgeport /* something went wrong */ dev_err(dev, "%s - usb_submit_urb(write command) failed, status = %d\n", __func__, status); - usb_kill_urb(urb); usb_free_urb(urb); atomic_dec(&CmdUrbs); return status; Patches currently in stable-queue which might be from baijiaju1990(a)gmail.com are queue-4.14/usb-serial-io_edgeport-fix-possible-sleep-in-atomic.patch

7 years, 4 months

1
0
0 0

[Linux-stable-mirror] Patch "usb: option: Add support for FS040U modem" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usb: option: Add support for FS040U modem to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: usb-option-add-support-for-fs040u-modem.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 69341bd15018da0a662847e210f9b2380c71e623 Mon Sep 17 00:00:00 2001 From: OKAMOTO Yoshiaki <yokamoto(a)allied-telesis.co.jp> Date: Tue, 16 Jan 2018 09:51:17 +0000 Subject: usb: option: Add support for FS040U modem From: OKAMOTO Yoshiaki <yokamoto(a)allied-telesis.co.jp> commit 69341bd15018da0a662847e210f9b2380c71e623 upstream. FS040U modem is manufactured by omega, and sold by Fujisoft. This patch adds ID of the modem to use option1 driver. Interface 3 is used as qmi_wwan, so the interface is ignored. Signed-off-by: Yoshiaki Okamoto <yokamoto(a)allied-telesis.co.jp> Signed-off-by: Hiroyuki Yamamoto <hyamamo(a)allied-telesis.co.jp> Acked-by: Johan Hovold <johan(a)kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/serial/option.c | 5 +++++ 1 file changed, 5 insertions(+) --- a/drivers/usb/serial/option.c +++ b/drivers/usb/serial/option.c @@ -383,6 +383,9 @@ static void option_instat_callback(struc #define FOUR_G_SYSTEMS_PRODUCT_W14 0x9603 #define FOUR_G_SYSTEMS_PRODUCT_W100 0x9b01 +/* Fujisoft products */ +#define FUJISOFT_PRODUCT_FS040U 0x9b02 + /* iBall 3.5G connect wireless modem */ #define IBALL_3_5G_CONNECT 0x9605 @@ -1897,6 +1900,8 @@ static const struct usb_device_id option { USB_DEVICE(LONGCHEER_VENDOR_ID, FOUR_G_SYSTEMS_PRODUCT_W100), .driver_info = (kernel_ulong_t)&four_g_w100_blacklist }, + {USB_DEVICE(LONGCHEER_VENDOR_ID, FUJISOFT_PRODUCT_FS040U), + .driver_info = (kernel_ulong_t)&net_intf3_blacklist}, { USB_DEVICE_INTERFACE_CLASS(LONGCHEER_VENDOR_ID, SPEEDUP_PRODUCT_SU9800, 0xff) }, { USB_DEVICE_INTERFACE_CLASS(LONGCHEER_VENDOR_ID, 0x9801, 0xff), .driver_info = (kernel_ulong_t)&net_intf3_blacklist }, Patches currently in stable-queue which might be from yokamoto(a)allied-telesis.co.jp are queue-4.14/usb-option-add-support-for-fs040u-modem.patch

7 years, 4 months

1
0
0 0

[Linux-stable-mirror] Patch "usb/gadget: Fix "high bandwidth" check in usb_gadget_ep_match_desc()" has been added to the 4.14-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled usb/gadget: Fix "high bandwidth" check in usb_gadget_ep_match_desc() to the 4.14-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: usb-gadget-fix-high-bandwidth-check-in-usb_gadget_ep_match_desc.patch and it can be found in the queue-4.14 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 11fb37998759c48e4e4c200c974593cbeab25d3e Mon Sep 17 00:00:00 2001 From: Benjamin Herrenschmidt <benh(a)kernel.crashing.org> Date: Fri, 12 Jan 2018 17:50:02 +1100 Subject: usb/gadget: Fix "high bandwidth" check in usb_gadget_ep_match_desc() From: Benjamin Herrenschmidt <benh(a)kernel.crashing.org> commit 11fb37998759c48e4e4c200c974593cbeab25d3e upstream. The current code tries to test for bits that are masked out by usb_endpoint_maxp(). Instead, use the proper accessor to access the new high bandwidth bits. Signed-off-by: Benjamin Herrenschmidt <benh(a)kernel.crashing.org> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/usb/gadget/udc/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/drivers/usb/gadget/udc/core.c +++ b/drivers/usb/gadget/udc/core.c @@ -923,7 +923,7 @@ int usb_gadget_ep_match_desc(struct usb_ return 0; /* "high bandwidth" works only at high speed */ - if (!gadget_is_dualspeed(gadget) && usb_endpoint_maxp(desc) & (3<<11)) + if (!gadget_is_dualspeed(gadget) && usb_endpoint_maxp_mult(desc) > 1) return 0; switch (type) { Patches currently in stable-queue which might be from benh(a)kernel.crashing.org are queue-4.14/usb-gadget-fix-high-bandwidth-check-in-usb_gadget_ep_match_desc.patch

7 years, 4 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror