This is the start of the stable review cycle for the 5.14.2 release. There are 14 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know.
Responses should be made by Wed, 08 Sep 2021 12:54:40 +0000. Anything received after that time might be too late.
The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.14.2-rc1.... or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.14.y and the diffstat can be found below.
thanks,
greg k-h
------------- Pseudo-Shortlog of commits:
Greg Kroah-Hartman gregkh@linuxfoundation.org Linux 5.14.2-rc1
Pavel Skripkin paskripkin@gmail.com media: stkwebcam: fix memory leak in stk_camera_probe
Takashi Iwai tiwai@suse.de ALSA: usb-audio: Work around for XRUN with low latency playback
Zubin Mithra zsm@chromium.org ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
Takashi Iwai tiwai@suse.de ALSA: hda/realtek: Workaround for conflicting SSID on ASUS ROG Strix G17
Takashi Iwai tiwai@suse.de ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC
Johnathon Clark john.clark@cantab.net ALSA: hda/realtek: Quirk for HP Spectre x360 14 amp setup
Alan Stern stern@rowland.harvard.edu HID: usbhid: Fix warning caused by 0-length input reports
Michal Kubecek mkubecek@suse.cz HID: usbhid: Fix flood of "control queue full" messages
Johan Hovold johan@kernel.org USB: serial: cp210x: fix flow-control error handling
Johan Hovold johan@kernel.org USB: serial: cp210x: fix control-characters error handling
Robert Marko robert.marko@sartura.hr USB: serial: pl2303: fix GL type detection
Randy Dunlap rdunlap@infradead.org xtensa: fix kconfig unmet dependency warning for HAVE_FUTEX_CMPXCHG
Jan Kara jack@suse.cz ext4: fix e2fsprogs checksum failure for mounted filesystem
Theodore Ts'o tytso@mit.edu ext4: fix race writing to an inline_data file while its xattrs are changing
-------------
Diffstat:
Makefile | 4 ++-- arch/xtensa/Kconfig | 2 +- drivers/hid/usbhid/hid-core.c | 16 ++++++++-------- drivers/media/usb/stkwebcam/stk-webcam.c | 6 ++++-- drivers/usb/serial/cp210x.c | 21 +++++++++++++-------- drivers/usb/serial/pl2303.c | 1 + fs/ext4/inline.c | 6 ++++++ fs/ext4/super.c | 8 ++++++++ sound/core/pcm_lib.c | 2 +- sound/pci/hda/patch_realtek.c | 11 +++++++++++ sound/usb/card.h | 2 ++ sound/usb/endpoint.c | 9 +++++++++ sound/usb/pcm.c | 13 +++++++++++-- 13 files changed, 77 insertions(+), 24 deletions(-)
From: Theodore Ts'o tytso@mit.edu
commit a54c4613dac1500b40e4ab55199f7c51f028e848 upstream.
The location of the system.data extended attribute can change whenever xattr_sem is not taken. So we need to recalculate the i_inline_off field since it mgiht have changed between ext4_write_begin() and ext4_write_end().
This means that caching i_inline_off is probably not helpful, so in the long run we should probably get rid of it and shrink the in-memory ext4 inode slightly, but let's fix the race the simple way for now.
Cc: stable@kernel.org Fixes: f19d5870cbf72 ("ext4: add normal write support for inline data") Reported-by: syzbot+13146364637c7363a7de@syzkaller.appspotmail.com Signed-off-by: Theodore Ts'o tytso@mit.edu Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- fs/ext4/inline.c | 6 ++++++ 1 file changed, 6 insertions(+)
--- a/fs/ext4/inline.c +++ b/fs/ext4/inline.c @@ -750,6 +750,12 @@ int ext4_write_inline_data_end(struct in ext4_write_lock_xattr(inode, &no_expand); BUG_ON(!ext4_has_inline_data(inode));
+ /* + * ei->i_inline_off may have changed since ext4_write_begin() + * called ext4_try_to_write_inline_data() + */ + (void) ext4_find_inline_data_nolock(inode); + kaddr = kmap_atomic(page); ext4_write_inline_data(inode, &iloc, kaddr, pos, len); kunmap_atomic(kaddr);
From: Jan Kara jack@suse.cz
commit b2bbb92f7042e8075fb036bf97043339576330c3 upstream.
Commit 81414b4dd48 ("ext4: remove redundant sb checksum recomputation") removed checksum recalculation after updating superblock free space / inode counters in ext4_fill_super() based on the fact that we will recalculate the checksum on superblock writeout.
That is correct assumption but until the writeout happens (which can take a long time) the checksum is incorrect in the buffer cache and if programs such as tune2fs or resize2fs is called shortly after a file system is mounted can fail. So return back the checksum recalculation and add a comment explaining why.
Fixes: 81414b4dd48f ("ext4: remove redundant sb checksum recomputation") Cc: stable@kernel.org Reported-by: Boyang Xue bxue@redhat.com Signed-off-by: Jan Kara jack@suse.cz Signed-off-by: Theodore Ts'o tytso@mit.edu Link: https://lore.kernel.org/r/20210812124737.21981-1-jack@suse.cz Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- fs/ext4/super.c | 8 ++++++++ 1 file changed, 8 insertions(+)
--- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -5032,6 +5032,14 @@ no_journal: err = percpu_counter_init(&sbi->s_freeinodes_counter, freei, GFP_KERNEL); } + /* + * Update the checksum after updating free space/inode + * counters. Otherwise the superblock can have an incorrect + * checksum in the buffer cache until it is written out and + * e2fsprogs programs trying to open a file system immediately + * after it is mounted can fail. + */ + ext4_superblock_csum_set(sb); if (!err) err = percpu_counter_init(&sbi->s_dirs_counter, ext4_count_dirs(sb), GFP_KERNEL);
From: Randy Dunlap rdunlap@infradead.org
commit ed5aacc81cd41efc4d561e14af408d1003f7b855 upstream.
XTENSA should only select HAVE_FUTEX_CMPXCHG when FUTEX is set/enabled. This prevents a kconfig warning.
WARNING: unmet direct dependencies detected for HAVE_FUTEX_CMPXCHG Depends on [n]: FUTEX [=n] Selected by [y]: - XTENSA [=y] && !MMU [=n]
Fixes: d951ba21b959 ("xtensa: nommu: select HAVE_FUTEX_CMPXCHG") Signed-off-by: Randy Dunlap rdunlap@infradead.org Cc: Max Filippov jcmvbkbc@gmail.com Cc: Chris Zankel chris@zankel.net Cc: linux-xtensa@linux-xtensa.org Message-Id: 20210526070337.28130-1-rdunlap@infradead.org Signed-off-by: Max Filippov jcmvbkbc@gmail.com Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- arch/xtensa/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
--- a/arch/xtensa/Kconfig +++ b/arch/xtensa/Kconfig @@ -30,7 +30,7 @@ config XTENSA select HAVE_DMA_CONTIGUOUS select HAVE_EXIT_THREAD select HAVE_FUNCTION_TRACER - select HAVE_FUTEX_CMPXCHG if !MMU + select HAVE_FUTEX_CMPXCHG if !MMU && FUTEX select HAVE_HW_BREAKPOINT if PERF_EVENTS select HAVE_IRQ_TIME_ACCOUNTING select HAVE_PCI
From: Robert Marko robert.marko@sartura.hr
commit dcf097e7d21fbdfbf20e473ac155f4d154018374 upstream.
At least some PL2303GL have a bcdDevice of 0x405 instead of 0x100 as the datasheet claims. Add it to the list of known release numbers for the HXN (G) type.
Fixes: 894758d0571d ("USB: serial: pl2303: tighten type HXN (G) detection") Signed-off-by: Robert Marko robert.marko@sartura.hr Cc: stable@vger.kernel.org # 5.13 Link: https://lore.kernel.org/r/20210826110239.5269-1-robert.marko@sartura.hr Signed-off-by: Johan Hovold johan@kernel.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- drivers/usb/serial/pl2303.c | 1 + 1 file changed, 1 insertion(+)
--- a/drivers/usb/serial/pl2303.c +++ b/drivers/usb/serial/pl2303.c @@ -433,6 +433,7 @@ static int pl2303_detect_type(struct usb switch (bcdDevice) { case 0x100: case 0x305: + case 0x405: /* * Assume it's an HXN-type if the device doesn't * support the old read request value.
From: Johan Hovold johan@kernel.org
commit 2d9a00705910ccea2dc5d9cba5469ff2de72fc87 upstream.
In the unlikely event that setting the software flow-control characters fails the other flow-control settings should still be updated (just like all other terminal settings).
Move out the error message printed by the set_chars() helper to make it more obvious that this is intentional.
Fixes: 7748feffcd80 ("USB: serial: cp210x: add support for software flow control") Cc: stable@vger.kernel.org # 5.11 Reviewed-by: Greg Kroah-Hartman gregkh@linuxfoundation.org Signed-off-by: Johan Hovold johan@kernel.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- drivers/usb/serial/cp210x.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-)
--- a/drivers/usb/serial/cp210x.c +++ b/drivers/usb/serial/cp210x.c @@ -1164,10 +1164,8 @@ static int cp210x_set_chars(struct usb_s
kfree(dmabuf);
- if (result < 0) { - dev_err(&port->dev, "failed to set special chars: %d\n", result); + if (result < 0) return result; - }
return 0; } @@ -1219,8 +1217,10 @@ static void cp210x_set_flow_control(stru chars.bXoffChar = STOP_CHAR(tty);
ret = cp210x_set_chars(port, &chars); - if (ret) - return; + if (ret) { + dev_err(&port->dev, "failed to set special chars: %d\n", + ret); + } }
mutex_lock(&port_priv->mutex);
From: Johan Hovold johan@kernel.org
commit ba4bbdabecd11530dca78dbae3ee7e51ffdc0a06 upstream.
Make sure that the driver crtscts state is not updated in the unlikely event that the flow-control request fails. Not doing so could break RTS control.
Fixes: 5951b8508855 ("USB: serial: cp210x: suppress modem-control errors") Cc: stable@vger.kernel.org # 5.11 Reviewed-by: Greg Kroah-Hartman gregkh@linuxfoundation.org Signed-off-by: Johan Hovold johan@kernel.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- drivers/usb/serial/cp210x.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-)
--- a/drivers/usb/serial/cp210x.c +++ b/drivers/usb/serial/cp210x.c @@ -1190,6 +1190,7 @@ static void cp210x_set_flow_control(stru struct cp210x_flow_ctl flow_ctl; u32 flow_repl; u32 ctl_hs; + bool crtscts; int ret;
/* @@ -1249,14 +1250,14 @@ static void cp210x_set_flow_control(stru flow_repl |= CP210X_SERIAL_RTS_FLOW_CTL; else flow_repl |= CP210X_SERIAL_RTS_INACTIVE; - port_priv->crtscts = true; + crtscts = true; } else { ctl_hs &= ~CP210X_SERIAL_CTS_HANDSHAKE; if (port_priv->rts) flow_repl |= CP210X_SERIAL_RTS_ACTIVE; else flow_repl |= CP210X_SERIAL_RTS_INACTIVE; - port_priv->crtscts = false; + crtscts = false; }
if (I_IXOFF(tty)) { @@ -1279,8 +1280,12 @@ static void cp210x_set_flow_control(stru flow_ctl.ulControlHandshake = cpu_to_le32(ctl_hs); flow_ctl.ulFlowReplace = cpu_to_le32(flow_repl);
- cp210x_write_reg_block(port, CP210X_SET_FLOW, &flow_ctl, + ret = cp210x_write_reg_block(port, CP210X_SET_FLOW, &flow_ctl, sizeof(flow_ctl)); + if (ret) + goto out_unlock; + + port_priv->crtscts = crtscts; out_unlock: mutex_unlock(&port_priv->mutex); }
From: Michal Kubecek mkubecek@suse.cz
commit 5049307d37a760e304ad191c5dc7c6851266d2f8 upstream.
[patch description by Alan Stern]
Commit 7652dd2c5cb7 ("USB: core: Check buffer length matches wLength for control transfers") causes control URB submissions to fail if the transfer_buffer_length value disagrees with the setup packet's wLength valuel. Unfortunately, it turns out that the usbhid can trigger this failure mode when it submits a control request for an input report: It pads the transfer buffer size to a multiple of the maxpacket value but does not increase wLength correspondingly.
These failures have caused problems for people using an APS UPC, in the form of a flood of log messages resembling:
hid-generic 0003:051D:0002.0002: control queue full
This patch fixes the problem by setting the wLength value equal to the padded transfer_buffer_length value in hid_submit_ctrl(). As a nice bonus, the code which stores the transfer_buffer_length value is now shared between the two branches of an "if" statement, so it can be de-duplicated.
Signed-off-by: Michal Kubecek mkubecek@suse.cz Signed-off-by: Alan Stern stern@rowland.harvard.edu Fixes: 7652dd2c5cb7 ("USB: core: Check buffer length matches wLength for control transfers") Tested-by: Oleksandr Natalenko oleksandr@natalenko.name Tested-by: Benjamin Tissoires benjamin.tissoires@redhat.com Acked-by: Benjamin Tissoires benjamin.tissoires@redhat.com Cc: stable@vger.kernel.org Signed-off-by: Jiri Kosina jkosina@suse.cz Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- drivers/hid/usbhid/hid-core.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-)
--- a/drivers/hid/usbhid/hid-core.c +++ b/drivers/hid/usbhid/hid-core.c @@ -377,27 +377,26 @@ static int hid_submit_ctrl(struct hid_de len = hid_report_len(report); if (dir == USB_DIR_OUT) { usbhid->urbctrl->pipe = usb_sndctrlpipe(hid_to_usb_dev(hid), 0); - usbhid->urbctrl->transfer_buffer_length = len; if (raw_report) { memcpy(usbhid->ctrlbuf, raw_report, len); kfree(raw_report); usbhid->ctrl[usbhid->ctrltail].raw_report = NULL; } } else { - int maxpacket, padlen; + int maxpacket;
usbhid->urbctrl->pipe = usb_rcvctrlpipe(hid_to_usb_dev(hid), 0); maxpacket = usb_maxpacket(hid_to_usb_dev(hid), usbhid->urbctrl->pipe, 0); if (maxpacket > 0) { - padlen = DIV_ROUND_UP(len, maxpacket); - padlen *= maxpacket; - if (padlen > usbhid->bufsize) - padlen = usbhid->bufsize; + len = DIV_ROUND_UP(len, maxpacket); + len *= maxpacket; + if (len > usbhid->bufsize) + len = usbhid->bufsize; } else - padlen = 0; - usbhid->urbctrl->transfer_buffer_length = padlen; + len = 0; } + usbhid->urbctrl->transfer_buffer_length = len; usbhid->urbctrl->dev = hid_to_usb_dev(hid);
usbhid->cr->bRequestType = USB_TYPE_CLASS | USB_RECIP_INTERFACE | dir;
From: Alan Stern stern@rowland.harvard.edu
commit 0a824efdb724e07574bafcd2c2486b2a3de35ff6 upstream.
Syzbot found a warning caused by hid_submit_ctrl() submitting a control request to transfer a 0-length input report:
usb 1-1: BOGUS control dir, pipe 80000280 doesn't match bRequestType a1
(The warning message is a little difficult to understand. It means that the control request claims to be for an IN transfer but this contradicts the USB spec, which requires 0-length control transfers always to be in the OUT direction.)
Now, a zero-length report isn't good for anything and there's no reason for a device to have one, but the fuzzer likes to pick out these weird edge cases. In the future, perhaps we will decide to reject 0-length reports at probe time. For now, the simplest approach for avoiding these warnings is to pretend that the report actually has length 1.
Signed-off-by: Alan Stern stern@rowland.harvard.edu Reported-and-tested-by: syzbot+9b57a46bf1801ce2a2ca@syzkaller.appspotmail.com Tested-by: Oleksandr Natalenko oleksandr@natalenko.name Tested-by: Benjamin Tissoires benjamin.tissoires@redhat.com Acked-by: Benjamin Tissoires benjamin.tissoires@redhat.com Cc: stable@vger.kernel.org Signed-off-by: Jiri Kosina jkosina@suse.cz Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- drivers/hid/usbhid/hid-core.c | 1 + 1 file changed, 1 insertion(+)
--- a/drivers/hid/usbhid/hid-core.c +++ b/drivers/hid/usbhid/hid-core.c @@ -389,6 +389,7 @@ static int hid_submit_ctrl(struct hid_de maxpacket = usb_maxpacket(hid_to_usb_dev(hid), usbhid->urbctrl->pipe, 0); if (maxpacket > 0) { + len += (len == 0); /* Don't allow 0-length reports */ len = DIV_ROUND_UP(len, maxpacket); len *= maxpacket; if (len > usbhid->bufsize)
From: Johnathon Clark john.clark@cantab.net
commit 93ab3eafb0b3551c54175cb38afed3b82356a047 upstream.
This patch extends support for the HP Spectre x360 14 amp enable quirk to support a model of the device with an additional subdevice ID.
Signed-off-by: Johnathon Clark john.clark@cantab.net Link: https://lore.kernel.org/r/20210823162110.8870-1-john.clark@cantab.net Cc: stable@vger.kernel.org Signed-off-by: Takashi Iwai tiwai@suse.de Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- sound/pci/hda/patch_realtek.c | 1 + 1 file changed, 1 insertion(+)
--- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -8438,6 +8438,7 @@ static const struct snd_pci_quirk alc269 SND_PCI_QUIRK(0x103c, 0x87f2, "HP ProBook 640 G8 Notebook PC", ALC236_FIXUP_HP_GPIO_LED), SND_PCI_QUIRK(0x103c, 0x87f4, "HP", ALC287_FIXUP_HP_GPIO_LED), SND_PCI_QUIRK(0x103c, 0x87f5, "HP", ALC287_FIXUP_HP_GPIO_LED), + SND_PCI_QUIRK(0x103c, 0x87f6, "HP Spectre x360 14", ALC245_FIXUP_HP_X360_AMP), SND_PCI_QUIRK(0x103c, 0x87f7, "HP Spectre x360 14", ALC245_FIXUP_HP_X360_AMP), SND_PCI_QUIRK(0x103c, 0x8805, "HP ProBook 650 G8 Notebook PC", ALC236_FIXUP_HP_GPIO_LED), SND_PCI_QUIRK(0x103c, 0x880d, "HP EliteBook 830 G8 Notebook PC", ALC285_FIXUP_HP_GPIO_LED),
From: Takashi Iwai tiwai@suse.de
commit 7af5a14371c1cf94a41f08eabb62a3faceec8911 upstream.
We've got a regression report for USB-audio with Sony WALKMAN NW-A45 DAC device where no sound is audible on recent kernel. The bisection resulted in the code change wrt endpoint management, and the further debug session revealed that it was caused by the order of the USB audio interface. In the earlier code, we always set up the USB interface at first before other setups, but it was changed to be done at the last for UAC2/3, which is more standard way, while keeping the old way for UAC1. OTOH, this device seems requiring the setup of the interface at first just like UAC1.
This patch works around the regression by applying the interface setup specifically for the WALKMAN at the beginning of the endpoint setup procedure. This change is written straightforwardly to be easily backported in old kernels. A further cleanup to move the workaround into a generic quirk section will follow in a later patch.
Fixes: bf6313a0ff76 ("ALSA: usb-audio: Refactor endpoint management") Cc: stable@vger.kernel.org BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=214105 Link: https://lore.kernel.org/r/20210824054700.8236-1-tiwai@suse.de Signed-off-by: Takashi Iwai tiwai@suse.de Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- sound/usb/endpoint.c | 5 +++++ 1 file changed, 5 insertions(+)
--- a/sound/usb/endpoint.c +++ b/sound/usb/endpoint.c @@ -1287,6 +1287,11 @@ int snd_usb_endpoint_configure(struct sn * to be set up before parameter setups */ iface_first = ep->cur_audiofmt->protocol == UAC_VERSION_1; + /* Workaround for Sony WALKMAN NW-A45 DAC; + * it requires the interface setup at first like UAC1 + */ + if (chip->usb_id == USB_ID(0x054c, 0x0b8c)) + iface_first = true; if (iface_first) { err = endpoint_set_interface(chip, ep, true); if (err < 0)
From: Takashi Iwai tiwai@suse.de
commit 13d9c6b998aaa76fd098133277a28a21f2cc2264 upstream.
ASUS ROG Strix G17 has the very same PCI and codec SSID (1043:103f) as ASUS TX300, and unfortunately, the existing quirk for TX300 is broken on ASUS ROG. Actually the device works without the quirk, so we'll need to clear the quirk before applying for this device. Since ASUS ROG has a different codec (ALC294 - while TX300 has ALC282), this patch adds a workaround for the device, just clearing the codec->fixup_id by checking the codec vendor_id.
It's a bit ugly to add such a workaround there, but it seems to be the simplest way.
BugLink: https://bugzilla.kernel.org/show_bug.cgi?id=214101 Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20210820143214.3654-1-tiwai@suse.de Signed-off-by: Takashi Iwai tiwai@suse.de Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- sound/pci/hda/patch_realtek.c | 10 ++++++++++ 1 file changed, 10 insertions(+)
--- a/sound/pci/hda/patch_realtek.c +++ b/sound/pci/hda/patch_realtek.c @@ -9522,6 +9522,16 @@ static int patch_alc269(struct hda_codec
snd_hda_pick_fixup(codec, alc269_fixup_models, alc269_fixup_tbl, alc269_fixups); + /* FIXME: both TX300 and ROG Strix G17 have the same SSID, and + * the quirk breaks the latter (bko#214101). + * Clear the wrong entry. + */ + if (codec->fixup_id == ALC282_FIXUP_ASUS_TX300 && + codec->core.vendor_id == 0x10ec0294) { + codec_dbg(codec, "Clear wrong fixup for ASUS ROG Strix G17\n"); + codec->fixup_id = HDA_FIXUP_ID_NOT_SET; + } + snd_hda_pick_pin_fixup(codec, alc269_pin_fixup_tbl, alc269_fixups, true); snd_hda_pick_pin_fixup(codec, alc269_fallback_pin_fixup_tbl, alc269_fixups, false); snd_hda_pick_fixup(codec, NULL, alc269_fixup_vendor_tbl,
From: Zubin Mithra zsm@chromium.org
commit f3eef46f0518a2b32ca1244015820c35a22cfe4a upstream.
Syzkaller reported a divide error in snd_pcm_lib_ioctl. fifo_size is of type snd_pcm_uframes_t(unsigned long). If frame_size is 0x100000000, the error occurs.
Fixes: a9960e6a293e ("ALSA: pcm: fix fifo_size frame calculation") Signed-off-by: Zubin Mithra zsm@chromium.org Reviewed-by: Guenter Roeck groeck@chromium.org Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20210827153735.789452-1-zsm@chromium.org Signed-off-by: Takashi Iwai tiwai@suse.de Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- sound/core/pcm_lib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
--- a/sound/core/pcm_lib.c +++ b/sound/core/pcm_lib.c @@ -1746,7 +1746,7 @@ static int snd_pcm_lib_ioctl_fifo_size(s channels = params_channels(params); frame_size = snd_pcm_format_size(format, channels); if (frame_size > 0) - params->fifo_size /= (unsigned)frame_size; + params->fifo_size /= frame_size; } return 0; }
From: Takashi Iwai tiwai@suse.de
commit 4267c5a8f3133db0572cd9abee059b42cafbbdad upstream.
The recent change for low latency playback works in most of test cases but it turned out still to hit errors on some use cases, most notably with JACK with small buffer sizes. This is because USB-audio driver fills up and submits full URBs at the beginning, while the URBs would return immediately and try to fill more -- that can easily trigger XRUN. It was more or less expected, but in the small buffer size, the problem became pretty obvious.
Fixing this behavior properly would require the change of the fundamental driver design, so it's no trivial task, unfortunately. Instead, here we work around the problem just by switching back to the old method when the given configuration is too fragile with the low latency stream handling. As a threshold, we calculate the total buffer bytes in all plus one URBs, and check whether it's beyond the PCM buffer bytes. The one extra URB is needed because XRUN happens at the next submission after the first round.
Fixes: 307cc9baac5c ("ALSA: usb-audio: Reduce latency at playback start, take#2") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20210827203311.5987-1-tiwai@suse.de Signed-off-by: Takashi Iwai tiwai@suse.de Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- sound/usb/card.h | 2 ++ sound/usb/endpoint.c | 4 ++++ sound/usb/pcm.c | 13 +++++++++++-- 3 files changed, 17 insertions(+), 2 deletions(-)
--- a/sound/usb/card.h +++ b/sound/usb/card.h @@ -94,6 +94,7 @@ struct snd_usb_endpoint { struct list_head ready_playback_urbs; /* playback URB FIFO for implicit fb */
unsigned int nurbs; /* # urbs */ + unsigned int nominal_queue_size; /* total buffer sizes in URBs */ unsigned long active_mask; /* bitmask of active urbs */ unsigned long unlink_mask; /* bitmask of unlinked urbs */ char *syncbuf; /* sync buffer for all sync URBs */ @@ -187,6 +188,7 @@ struct snd_usb_substream { } dsd_dop;
bool trigger_tstamp_pending_update; /* trigger timestamp being updated from initial estimate */ + bool early_playback_start; /* early start needed for playback? */ struct media_ctl *media_ctl; };
--- a/sound/usb/endpoint.c +++ b/sound/usb/endpoint.c @@ -1126,6 +1126,10 @@ static int data_ep_set_params(struct snd INIT_LIST_HEAD(&u->ready_list); }
+ /* total buffer bytes of all URBs plus the next queue; + * referred in pcm.c + */ + ep->nominal_queue_size = maxsize * urb_packs * (ep->nurbs + 1); return 0;
out_of_memory: --- a/sound/usb/pcm.c +++ b/sound/usb/pcm.c @@ -614,6 +614,14 @@ static int snd_usb_pcm_prepare(struct sn subs->period_elapsed_pending = 0; runtime->delay = 0;
+ /* check whether early start is needed for playback stream */ + subs->early_playback_start = + subs->direction == SNDRV_PCM_STREAM_PLAYBACK && + subs->data_endpoint->nominal_queue_size >= subs->buffer_bytes; + + if (subs->early_playback_start) + ret = start_endpoints(subs); + unlock: snd_usb_unlock_shutdown(chip); return ret; @@ -1394,7 +1402,7 @@ static void prepare_playback_urb(struct subs->trigger_tstamp_pending_update = false; }
- if (period_elapsed && !subs->running) { + if (period_elapsed && !subs->running && !subs->early_playback_start) { subs->period_elapsed_pending = 1; period_elapsed = 0; } @@ -1448,7 +1456,8 @@ static int snd_usb_substream_playback_tr prepare_playback_urb, retire_playback_urb, subs); - if (cmd == SNDRV_PCM_TRIGGER_START) { + if (!subs->early_playback_start && + cmd == SNDRV_PCM_TRIGGER_START) { err = start_endpoints(subs); if (err < 0) { snd_usb_endpoint_set_callback(subs->data_endpoint,
From: Pavel Skripkin paskripkin@gmail.com
commit 514e97674400462cc09c459a1ddfb9bf39017223 upstream.
My local syzbot instance hit memory leak in usb_set_configuration(). The problem was in unputted usb interface. In case of errors after usb_get_intf() the reference should be putted to correclty free memory allocated for this interface.
Fixes: ec16dae5453e ("V4L/DVB (7019): V4L: add support for Syntek DC1125 webcams") Cc: stable@vger.kernel.org Signed-off-by: Pavel Skripkin paskripkin@gmail.com Signed-off-by: Hans Verkuil hverkuil-cisco@xs4all.nl Signed-off-by: Mauro Carvalho Chehab mchehab+huawei@kernel.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- drivers/media/usb/stkwebcam/stk-webcam.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)
--- a/drivers/media/usb/stkwebcam/stk-webcam.c +++ b/drivers/media/usb/stkwebcam/stk-webcam.c @@ -1346,7 +1346,7 @@ static int stk_camera_probe(struct usb_i if (!dev->isoc_ep) { pr_err("Could not find isoc-in endpoint\n"); err = -ENODEV; - goto error; + goto error_put; } dev->vsettings.palette = V4L2_PIX_FMT_RGB565; dev->vsettings.mode = MODE_VGA; @@ -1359,10 +1359,12 @@ static int stk_camera_probe(struct usb_i
err = stk_register_video_device(dev); if (err) - goto error; + goto error_put;
return 0;
+error_put: + usb_put_intf(interface); error: v4l2_ctrl_handler_free(hdl); v4l2_device_unregister(&dev->v4l2_dev);
On Mon, 6 Sep 2021 14:55:46 +0200, Greg Kroah-Hartman gregkh@linuxfoundation.org wrote:
This is the start of the stable review cycle for the 5.14.2 release. There are 14 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know.
Responses should be made by Wed, 08 Sep 2021 12:54:40 +0000. Anything received after that time might be too late.
The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.14.2-rc1.... or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.14.y and the diffstat can be found below.
thanks,
greg k-h
5.14.2-rc1 Successfully Compiled and booted on my Raspberry PI 4b (8g) (bcm2711)
Tested-by: Fox Chen foxhlchen@gmail.com
On Mon, 6 Sept 2021 at 18:28, Greg Kroah-Hartman gregkh@linuxfoundation.org wrote:
This is the start of the stable review cycle for the 5.14.2 release. There are 14 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know.
Responses should be made by Wed, 08 Sep 2021 12:54:40 +0000. Anything received after that time might be too late.
The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.14.2-rc1.... or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.14.y and the diffstat can be found below.
thanks,
greg k-h
Results from Linaro’s test farm. No regressions on arm64, arm, x86_64, and i386.
Tested-by: Linux Kernel Functional Testing lkft@linaro.org
## Build * kernel: 5.14.2-rc1 * git: https://gitlab.com/Linaro/lkft/mirrors/stable/linux-stable-rc * git branch: linux-5.14.y * git commit: afbaa4bb4e04f7c99e483611d4436b299129483d * git describe: v5.14.1-15-gafbaa4bb4e04 * test details: https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-5.14.y/build/v5.14....
## No regressions (compared to v5.14-12-g95dc72bb9c03)
## No fixes (compared to v5.14-12-g95dc72bb9c03)
## Test result summary total: 89039, pass: 74152, fail: 1065, skip: 13023, xfail: 799
## Build Summary * arc: 10 total, 10 passed, 0 failed * arm: 289 total, 289 passed, 0 failed * arm64: 39 total, 39 passed, 0 failed * dragonboard-410c: 1 total, 1 passed, 0 failed * hi6220-hikey: 1 total, 1 passed, 0 failed * i386: 38 total, 38 passed, 0 failed * juno-r2: 1 total, 1 passed, 0 failed * mips: 51 total, 51 passed, 0 failed * parisc: 12 total, 12 passed, 0 failed * powerpc: 36 total, 35 passed, 1 failed * riscv: 30 total, 30 passed, 0 failed * s390: 27 total, 18 passed, 9 failed * sh: 24 total, 24 passed, 0 failed * sparc: 12 total, 12 passed, 0 failed * x15: 1 total, 0 passed, 1 failed * x86: 1 total, 1 passed, 0 failed * x86_64: 39 total, 39 passed, 0 failed
## Test suites summary * fwts * igt-gpu-tools * install-android-platform-tools-r2600 * kselftest-android * kselftest-arm64 * kselftest-arm64/arm64.btitest.bti_c_func * kselftest-arm64/arm64.btitest.bti_j_func * kselftest-arm64/arm64.btitest.bti_jc_func * kselftest-arm64/arm64.btitest.bti_none_func * kselftest-arm64/arm64.btitest.nohint_func * kselftest-arm64/arm64.btitest.paciasp_func * kselftest-arm64/arm64.nobtitest.bti_c_func * kselftest-arm64/arm64.nobtitest.bti_j_func * kselftest-arm64/arm64.nobtitest.bti_jc_func * kselftest-arm64/arm64.nobtitest.bti_none_func * kselftest-arm64/arm64.nobtitest.nohint_func * kselftest-arm64/arm64.nobtitest.paciasp_func * kselftest-bpf * kselftest-breakpoints * kselftest-capabilities * kselftest-cgroup * kselftest-clone3 * kselftest-core * kselftest-cpu-hotplug * kselftest-cpufreq * kselftest-drivers * kselftest-efivarfs * kselftest-filesystems * kselftest-firmware * kselftest-fpu * kselftest-futex * kselftest-gpio * kselftest-intel_pstate * kselftest-ipc * kselftest-ir * kselftest-kcmp * kselftest-kexec * kselftest-kvm * kselftest-lib * kselftest-livepatch * kselftest-lkdtm * kselftest-membarrier * kselftest-memfd * kselftest-memory-hotplug * kselftest-mincore * kselftest-mount * kselftest-mqueue * kselftest-net * kselftest-netfilter * kselftest-nsfs * kselftest-openat2 * kselftest-pid_namespace * kselftest-pidfd * kselftest-proc * kselftest-pstore * kselftest-ptrace * kselftest-rseq * kselftest-rtc * kselftest-seccomp * kselftest-sigaltstack * kselftest-size * kselftest-splice * kselftest-static_keys * kselftest-sync * kselftest-sysctl * kselftest-tc-testing * kselftest-timens * kselftest-timers * kselftest-tmpfs * kselftest-tpm2 * kselftest-user * kselftest-vm * kselftest-x86 * kselftest-zram * kunit * kvm-unit-tests * libgpiod * libhugetlbfs * linux-log-parser * ltp-cap_bounds-tests * ltp-commands-tests * ltp-containers-tests * ltp-controllers-tests * ltp-cpuhotplug-tests * ltp-crypto-tests * ltp-cve-tests * ltp-dio-tests * ltp-fcntl-locktests-tests * ltp-filecaps-tests * ltp-fs-tests * ltp-fs_bind-tests * ltp-fs_perms_simple-tests * ltp-fsx-tests * ltp-hugetlb-tests * ltp-io-tests * ltp-ipc-tests * ltp-math-tests * ltp-mm-tests * ltp-nptl-tests * ltp-open-posix-tests * ltp-pty-tests * ltp-sched-tests * ltp-securebits-tests * ltp-syscalls-tests * ltp-tracing-tests * network-basic-tests * packetdrill * perf * prep-inline * rcutorture * ssuite * v4l2-compliance
-- Linaro LKFT https://lkft.linaro.org
On Mon, 06 Sep 2021 14:55:46 +0200, Greg Kroah-Hartman wrote:
This is the start of the stable review cycle for the 5.14.2 release. There are 14 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know.
Responses should be made by Wed, 08 Sep 2021 12:54:40 +0000. Anything received after that time might be too late.
The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.14.2-rc1.... or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.14.y and the diffstat can be found below.
thanks,
greg k-h
All tests passing for Tegra ...
Test results for stable-v5.14: 10 builds: 10 pass, 0 fail 28 boots: 28 pass, 0 fail 114 tests: 114 pass, 0 fail
Linux version: 5.14.2-rc1-gafbaa4bb4e04 Boards tested: tegra124-jetson-tk1, tegra186-p2771-0000, tegra194-p2972-0000, tegra194-p3509-0000+p3668-0000, tegra20-ventana, tegra210-p2371-2180, tegra210-p3450-0000, tegra30-cardhu-a04
Tested-by: Jon Hunter jonathanh@nvidia.com
Jon
On 9/6/2021 5:55 AM, Greg Kroah-Hartman wrote:
This is the start of the stable review cycle for the 5.14.2 release. There are 14 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know.
Responses should be made by Wed, 08 Sep 2021 12:54:40 +0000. Anything received after that time might be too late.
The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.14.2-rc1.... or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.14.y and the diffstat can be found below.
thanks,
greg k-h
On ARCH_BRCMSTB using 32-bit and 64-bit ARM kernels:
Tested-by: Florian Fainelli f.fainelli@gmail.com
On 9/6/21 6:55 AM, Greg Kroah-Hartman wrote:
This is the start of the stable review cycle for the 5.14.2 release. There are 14 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know.
Responses should be made by Wed, 08 Sep 2021 12:54:40 +0000. Anything received after that time might be too late.
The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.14.2-rc1.... or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.14.y and the diffstat can be found below.
thanks,
greg k-h
Compiled and booted on my test system. No dmesg regressions.
Tested-by: Shuah Khan skhan@linuxfoundation.org
thanks, -- Shuah
On Mon, Sep 06, 2021 at 02:55:46PM +0200, Greg Kroah-Hartman wrote:
This is the start of the stable review cycle for the 5.14.2 release. There are 14 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know.
Responses should be made by Wed, 08 Sep 2021 12:54:40 +0000. Anything received after that time might be too late.
The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v5.x/stable-review/patch-5.14.2-rc1.... or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-5.14.y and the diffstat can be found below.
thanks,
greg k-h
Tested rc1 against the Fedora build system (aarch64, armv7, ppc64le, s390x, x86_64), and boot tested x86_64. No regressions noted.
Tested-by: Justin M. Forbes jforbes@fedoraproject.org
On Mon, Sep 06, 2021 at 02:55:46PM +0200, Greg Kroah-Hartman wrote:
This is the start of the stable review cycle for the 5.14.2 release. There are 14 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know.
Responses should be made by Wed, 08 Sep 2021 12:54:40 +0000. Anything received after that time might be too late.
Build results: total: 154 pass: 154 fail: 0 Qemu test results: total: 479 pass: 479 fail: 0
Tested-by: Guenter Roeck linux@roeck-us.net
Guenter
linux-stable-mirror@lists.linaro.org
-
Florian Fainelli -
Fox Chen -
Greg Kroah-Hartman -
Guenter Roeck -
Jon Hunter -
Justin Forbes -
Naresh Kamboju -
Shuah Khan