mirror of
https://github.com/rd-stuffs/msm-4.14.git
synced 2025-02-20 11:45:48 +08:00
51459 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Jaegeuk Kim
|
a2a9032a98 |
f2fs/fscrypt: updates to v4.17-rc1
Pull f2fs update from Jaegeuk Kim: "In this round, we've mainly focused on performance tuning and critical bug fixes occurred in low-end devices. Sheng Yong introduced lost_found feature to keep missing files during recovery instead of thrashing them. We're preparing coming fsverity implementation. And, we've got more features to communicate with users for better performance. In low-end devices, some memory-related issues were fixed, and subtle race condtions and corner cases were addressed as well. Enhancements: - large nat bitmaps for more free node ids - add three block allocation policies to pass down write hints given by user - expose extension list to user and introduce hot file extension - tune small devices seamlessly for low-end devices - set readdir_ra by default - give more resources under gc_urgent mode regarding to discard and cleaning - introduce fsync_mode to enforce posix or not - nowait aio support - add lost_found feature to keep dangling inodes - reserve bits for future fsverity feature - add test_dummy_encryption for FBE Bug fixes: - don't use highmem for dentry pages - align memory boundary for bitops - truncate preallocated blocks in write errors - guarantee i_times on fsync call - clear CP_TRIMMED_FLAG correctly - prevent node chain loop during recovery - avoid data race between atomic write and background cleaning - avoid unnecessary selinux violation warnings on resgid option - GFP_NOFS to avoid deadlock in quota and read paths - fix f2fs_skip_inode_update to allow i_size recovery In addition to the above, there are several minor bug fixes and clean-ups" Cherry-pick from origin/upstream-f2fs-stable-linux-4.14.y: de465aa57271 f2fs: remain written times to update inode during fsync d0ebaf0b37b2 f2fs: make assignment of t->dentry_bitmap more readable 7f05fb451696 f2fs: truncate preallocated blocks in error case a0a9a51ecdd1 f2fs: fix a wrong condition in f2fs_skip_inode_update 5dc89047c9e8 f2fs: reserve bits for fs-verity 0751f01376d5 f2fs: Add a segment type check in inplace write 27d9598d4d38 f2fs: no need to initialize zero value for GFP_F2FS_ZERO 42a34ff76240 f2fs: don't track new nat entry in nat set 14040505a620 f2fs: clean up with F2FS_BLK_ALIGN fcea9e00a0ea f2fs: check blkaddr more accuratly before issue a bio 2c217b078fee f2fs: Set GF_NOFS in read_cache_page_gfp while doing f2fs_quota_read 0a8cedc2cea3 f2fs: introduce a new mount option test_dummy_encryption 5786b414a719 f2fs: introduce F2FS_FEATURE_LOST_FOUND feature 9813cae680f0 f2fs: release locks before return in f2fs_ioc_gc_range() cee6482cd12c f2fs: align memory boundary for bitops 8dbfcba5f5d6 f2fs: remove unneeded set_cold_node() 7e93bf8ebc34 f2fs: add nowait aio support 1e64d3ed2753 f2fs: wrap all options with f2fs_sb_info.mount_opt 7f270a67a1da f2fs: Don't overwrite all types of node to keep node chain c6a9e6a41f4f f2fs: introduce mount option for fsync mode 82bebed3c1fd f2fs: fix to restore old mount option in ->remount_fs 808427a63b93 f2fs: wrap sb_rdonly with f2fs_readonly 5ebe362c0c60 f2fs: avoid selinux denial on CAP_SYS_RESOURCE ea34734357a9 f2fs: support hot file extension 2189c2e46468 f2fs: fix to avoid race in between atomic write and background GC 5f6950805928 f2fs: do gc in greedy mode for whole range if gc_urgent mode is set 79f1a15fa536 f2fs: issue discard aggressively in the gc_urgent mode aea8da88a747 f2fs: set readdir_ra by default 8fe06ea28273 f2fs: add auto tuning for small devices 073c145d5bef f2fs: add mount option for segment allocation policy e7efe40d7aa5 f2fs: don't stop GC if GC is contended 882d0e094488 f2fs: expose extension_list sysfs entry 52320a2a28be f2fs: fix to set KEEP_SIZE bit in f2fs_zero_range ef66237f28e9 f2fs: introduce sb_lock to make encrypt pwsalt update exclusive c8e77267ed1f f2fs: remove redundant initialization of pointer 'p' 755dcc3262d4 f2fs: flush cp pack except cp pack 2 page at first 92223ccb699a f2fs: clean up f2fs_sb_has_xxx functions d8ecd46ca803 f2fs: remove redundant check of page type when submit bio 99f512132e54 f2fs: fix to handle looped node chain during recovery 66a2346def3d f2fs: handle quota for orphan inodes bd9e1956d17e f2fs: support passing down write hints to block layer with F2FS policy d8f02c3b68c5 f2fs: support passing down write hints given by users to block layer d4fff1411d4e f2fs: fix to clear CP_TRIMMED_FLAG f50100868cb8 f2fs: support large nat bitmap e9437125502c f2fs: fix to check extent cache in f2fs_drop_extent_tree 5c1d55c37f2c f2fs: restrict inline_xattr_size configuration 74d48dc6ec93 f2fs: fix heap mode to reset it back 68afcb259568 f2fs: fix potential corruption in area before F2FS_SUPER_OFFSET 6b4edfb10398 fscrypt: fix build with pre-4.6 gcc versions 4bcc4865feab fscrypt: remove 'ci' parameter from fscrypt_put_encryption_info() 69e5234f04b6 fscrypt: fix up fscrypt_fname_encrypted_size() for internal use 7919cba92304 fscrypt: define fscrypt_fname_alloc_buffer() to be for presented names aef0017f3b1a fscrypt: calculate NUL-padding length in one place only 5232cae0e922 fscrypt: move fscrypt_symlink_data to fscrypt_private.h 169bd9ba8542 ubifs: switch to fscrypt_get_symlink() 63498ca7def3 ubifs: switch to fscrypt ->symlink() helper functions a85637d12cb1 fscrypt: remove fscrypt_fname_usr_to_disk() 77bb20f72679 ext4: switch to fscrypt_get_symlink() 79b3f39a2e79 ext4: switch to fscrypt ->symlink() helper functions 70fe2fb67bc6 f2fs: switch to fscrypt_get_symlink() 96dda4e02d6b f2fs: switch to fscrypt ->symlink() helper functions 0063988cc044 fscrypt: new helper function - fscrypt_get_symlink() 48a0375c8889 fscrypt: new helper functions for ->symlink() 585a194dd1d0 fscrypt: trim down fscrypt.h includes 411771ab56f4 fscrypt: move fscrypt_is_dot_dotdot() to fs/crypto/fname.c ad35db34396b fscrypt: move fscrypt_valid_enc_modes() to fscrypt_private.h 72b3e1c61d8b fscrypt: move fscrypt_operations declaration to fscrypt_supp.h 2fa9a1f9268a fscrypt: split fscrypt_dummy_context_enabled() into supp/notsupp versions e298b5de1cca fscrypt: move fscrypt_ctx declaration to fscrypt_supp.h 8db0a6de3cf0 fscrypt: move fscrypt_info_cachep declaration to fscrypt_private.h c73c350ade4e fscrypt: move fscrypt_control_page() to supp/notsupp headers ca64f2f4609d fscrypt: move fscrypt_has_encryption_key() to supp/notsupp headers Signed-off-by: Jaegeuk Kim <jaegeuk@google.com> |
||
Isaac J. Manjarres
|
b0166e2f2f |
Merge remote-tracking branch 'remotes/origin/tmp-27e69ad' into msm-4.14
* remotes/origin/tmp-27e69ad: Linux 4.14.33 Revert "ip6_vti: adjust vti mtu according to mtu of lower device" Revert "cpufreq: Fix governor module removal race" Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin" Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin" Fix slab name "biovec-(1<<(21-12))" net: hns: Fix ethtool private flags ARM: dts: DRA76-EVM: Set powerhold property for tps65917 vt: change SGR 21 to follow the standards Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list Input: ALPS - fix TrackStick detection on Thinkpad L570 and Latitude 7370 Revert "base: arch_topology: fix section mismatch build warnings" staging: comedi: ni_mio_common: ack ai fifo error interrupts. Btrfs: fix unexpected cow in run_delalloc_nocow crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one crypto: arm,arm64 - Fix random regeneration of S_shipped crypto: ccp - return an actual key size from RSA max_size callback crypto: caam - Fix null dereference at error path crypto: ahash - Fix early termination in hash walk crypto: testmgr - Fix incorrect values in PKCS#1 test vector crypto: inside-secure - fix clock management crypto: lrw - Free rctx->ext with kzfree parport_pc: Add support for WCH CH382L PCI-E single parallel port card. media: usbtv: prevent double free in error case /dev/mem: Avoid overwriting "err" in read_mem() mei: remove dev_err message on an unsupported ioctl serial: 8250: Add Nuvoton NPCM UART USB: serial: cp210x: add ELDAT Easywave RX09 id USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator USB: serial: ftdi_sio: add RT Systems VX-8 cable bitmap: fix memset optimization on big-endian systems usb: dwc2: Improve gadget state disconnection handling Bluetooth: Fix missing encryption refresh on Security Request phy: qcom-ufs: add MODULE_LICENSE tag netfilter: x_tables: add and use xt_check_proc_name netfilter: drop template ct when conntrack is skipped. l2tp: fix races with ipv4-mapped ipv6 addresses netfilter: bridge: ebt_among: add more missing match size checks netfilter: x_tables: make allocation less aggressive percpu: add __GFP_NORETRY semantics to the percpu balancing path xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() RDMA/ucma: Introduce safer rdma_addr_size() variants RDMA/ucma: Check that device exists prior to accessing it RDMA/ucma: Check that device is connected prior to access it RDMA/rdma_cm: Fix use after free race with process_one_req RDMA/ucma: Ensure that CM_ID exists prior to access it RDMA/ucma: Fix use-after-free access in ucma_close RDMA/ucma: Check AF family prior resolving address xfrm_user: uncoditionally validate esn replay attribute struct partitions/msdos: Unable to mount UFS 44bsd partitions powerpc/64s: Fix i-side SLB miss bad address handler saving nonvolatile GPRs powerpc/64s: Fix lost pending interrupt due to race causing lost update to irq_happened i2c: i2c-stm32f7: fix no check on returned setup ipc/shm.c: add split function to shm_vm_ops ceph: only dirty ITER_IOVEC pages for direct read perf/hwbp: Simplify the perf-hwbp code, fix documentation x86/platform/uv/BAU: Add APIC idt entry ALSA: pcm: potential uninitialized return values ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() ALSA: usb-audio: Add native DSD support for TEAC UD-301 mtd: nand: atmel: Fix get_sectorsize() function mtd: jedec_probe: Fix crash in jedec_read_mfr() ARM: dts: sun6i: a31s: bpi-m2: add missing regulators ARM: dts: sun6i: a31s: bpi-m2: improve pmic properties ARM: 8746/1: vfp: Go back to clearing vfp_current_hw_state[] ARM: OMAP: Fix SRAM W+X mapping ANDROID: fuse: Add null terminator to path in canonical path to avoid issue ANDROID: sdcardfs: Fix sdcardfs to stop creating cases-sensitive duplicate entries. Conflicts: drivers/phy/qualcomm/phy-qcom-ufs.c Change-Id: Iab5cb23d596cebf19e0eb63a71828507dfb47054 Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
Greg Kroah-Hartman
|
7e76ead2d2 |
This is the 4.14.34 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlrPNhoACgkQONu9yGCS aT6BgRAAlQVoTa9PEk/vyJACP/IDnzW/UUhUatTTBcsj8hAOzeF5tpFPvvqG+Aoj TfjujeFN8YgqepBKEWdAvUknJtO9Ka+1Q7elBg1A9ygwPXn4XCVV1Cu+Q7w9gmci OJd/3ubevqGV0enA9wzxsczhG8ua/8EZiBM5pz8NDXy4nZ7rtxCUs+8npCj23/dJ klN70Gv58ClSaI4CUTXejBxm9/EGIrY0+SoS3+M1rj8vV8kgr8uzqDuk/Kv12YL8 /XVbB6QHPauvJAw9QFaP9xi2M7hZ03YJlo0hHMoPUXyLK2CJ5w/NJmJcKOu+eKx0 GGn/qQ0C8uAXGFfJjwHNj3MHDgPVayIvE7SMVKRIY8EcSYv9AsL+YDo6KK9WRmuE 3VLxOFO8Z2vVaVATU3U/m/+lK+kyDqStwwp7IFTbYSb3GpSD8JeruBWcbM2ywPCX J+n3DWrvwcvIsS1+URJogiaamo7J6u4upyz9ilym7XovMub5RfjmhIAKBsd3DqEL PZ+MLM+TMUq6smSlSFdrSuU+aquhbaKaD/LdXmVlsIjMQOOkQCU8d6mHYfW7jBEP 6oE/VjXSewMdsrux3C4rKW/TnnXRWNHPY47SqObkqEx1uf2uFPSi5jIKRCBZtNfT 2nMEfDnW/FBuQVoWvBx01eiSeupNRl0ULbdtdrMS7YMFY8gaVOY= =+4X0 -----END PGP SIGNATURE----- Merge 4.14.34 into android-4.14 Changes in 4.14.34 i40iw: Fix sequence number for the first partial FPDU i40iw: Correct Q1/XF object count equation i40iw: Validate correct IRD/ORD connection parameters clk: meson: mpll: use 64-bit maths in params_from_rate ARM: dts: ls1021a: add "fsl,ls1021a-esdhc" compatible string to esdhc node Bluetooth: Add a new 04ca:3015 QCA_ROME device ipv6: Reinject IPv6 packets if IPsec policy matches after SNAT thermal: power_allocator: fix one race condition issue for thermal_instances list perf probe: Find versioned symbols from map perf probe: Add warning message if there is unexpected event name perf evsel: Enable ignore_missing_thread for pid option net: hns3: free the ring_data structrue when change tqps net: hns3: fix for getting auto-negotiation state in hclge_get_autoneg l2tp: fix missing print session offset info rds; Reset rs->rs_bound_addr in rds_add_bound() failure path ACPI / video: Default lcd_only to true on Win8-ready and newer machines net/mlx4_en: Change default QoS settings VFS: close race between getcwd() and d_move() watchdog: dw_wdt: add stop watchdog operation clk: divider: fix incorrect usage of container_of PM / devfreq: Fix potential NULL pointer dereference in governor_store selftests/net: fix bugs in address and port initialization RDMA/cma: Mark end of CMA ID messages hwmon: (ina2xx) Make calibration register value fixed clk: sunxi-ng: a83t: Add M divider to TCON1 clock media: videobuf2-core: don't go out of the buffer range ASoC: Intel: Skylake: Disable clock gating during firmware and library download ASoC: Intel: cht_bsw_rt5645: Analog Mic support spi: sh-msiof: Fix timeout failures for TX-only DMA transfers scsi: libiscsi: Allow sd_shutdown on bad transport scsi: mpt3sas: Proper handling of set/clear of "ATA command pending" flag. irqchip/gic-v3: Fix the driver probe() fail due to disabled GICC entry ACPI: EC: Fix debugfs_create_*() usage mac80211: Fix setting TX power on monitor interfaces vfb: fix video mode and line_length being set when loaded gpio: label descriptors using the device name powernv-cpufreq: Add helper to extract pstate from PMSR IB/rdmavt: Allocate CQ memory on the correct node blk-mq: avoid to map CPU into stale hw queue blk-mq: fix race between updating nr_hw_queues and switching io sched backlight: tdo24m: Fix the SPI CS between transfers pinctrl: baytrail: Enable glitch filter for GPIOs used as interrupts nvme_fcloop: disassocate local port structs nvme_fcloop: fix abort race condition tpm: return a TPM_RC_COMMAND_CODE response if command is not implemented perf report: Fix a no annotate browser displayed issue staging: lustre: disable preempt while sampling processor id. ASoC: Intel: sst: Fix the return value of 'sst_send_byte_stream_mrfld()' power: supply: axp288_charger: Properly stop work on probe-error / remove rt2x00: do not pause queue unconditionally on error path wl1251: check return from call to wl1251_acx_arp_ip_filter net/mlx5: Fix race for multiple RoCE enable net: hns3: Fix an error of total drop packet statistics net: hns3: Fix a loop index error of tqp statistics query net: hns3: Fix an error macro definition of HNS3_TQP_STAT net: hns3: fix for changing MTU bcache: ret IOERR when read meets metadata error bcache: stop writeback thread after detaching bcache: segregate flash only volume write streams scsi: libsas: fix memory leak in sas_smp_get_phy_events() scsi: libsas: fix error when getting phy events scsi: libsas: initialize sas_phy status according to response of DISCOVER blk-mq: fix kernel oops in blk_mq_tag_idle() tty: n_gsm: Allow ADM response in addition to UA for control dlci block, bfq: put async queues for root bfq groups too EDAC, mv64x60: Fix an error handling path uio_hv_generic: check that host supports monitor page i40evf: don't rely on netif_running() outside rtnl_lock() cxgb4vf: Fix SGE FL buffer initialization logic for 64K pages scsi: megaraid_sas: Error handling for invalid ldcount provided by firmware in RAID map scsi: megaraid_sas: unload flag should be set after scsi_remove_host is called RDMA/cma: Fix rdma_cm path querying for RoCE gpio: thunderx: fix error return code in thunderx_gpio_probe() x86/gart: Exclude GART aperture from vmcore sdhci: Advertise 2.0v supply on SDIO host controller ibmvnic: Don't handle RX interrupts when not up. Input: goodix - disable IRQs while suspended mtd: mtd_oobtest: Handle bitflips during reads crypto: aes-generic - build with -Os on gcc-7+ perf tools: Fix copyfile_offset update of output offset tcmu: release blocks for partially setup cmds thermal: int3400_thermal: fix error handling in int3400_thermal_probe() objtool: Add Clang support crypto: arm64/aes-ce-cipher - move assembler code to .S file x86/microcode: Propagate return value from updating functions x86/CPU: Add a microcode loader callback x86/CPU: Check CPU feature bits after microcode upgrade x86/microcode: Get rid of struct apply_microcode_ctx x86/microcode/intel: Check microcode revision before updating sibling threads x86/microcode/intel: Writeback and invalidate caches before updating microcode x86/microcode: Do not upload microcode if CPUs are offline x86/microcode/intel: Look into the patch cache first x86/microcode: Request microcode on the BSP x86/microcode: Synchronize late microcode loading x86/microcode: Attempt late loading only when new microcode is present x86/microcode: Fix CPU synchronization routine arp: fix arp_filter on l3slave devices ipv6: the entire IPv6 header chain must fit the first fragment lan78xx: Crash in lan78xx_writ_reg (Workqueue: events lan78xx_deferred_multicast_write) net: fix possible out-of-bound read in skb_network_protocol() net/ipv6: Fix route leaking between VRFs net/ipv6: Increment OUTxxx counters after netfilter hook netlink: make sure nladdr has correct size in netlink_connect() net sched actions: fix dumping which requires several messages to user space net/sched: fix NULL dereference in the error path of tcf_bpf_init() pptp: remove a buggy dst release in pptp_connect() r8169: fix setting driver_data after register_netdev sctp: do not leak kernel memory to user space sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6 sky2: Increase D3 delay to sky2 stops working after suspend vhost: correctly remove wait queue during poll failure vlan: also check phy_driver ts_info for vlan's real device vrf: Fix use after free and double free in vrf_finish_output bonding: fix the err path for dev hwaddr sync in bond_enslave bonding: move dev_mc_sync after master_upper_dev_link in bond_enslave bonding: process the err returned by dev_set_allmulti properly in bond_enslave net: fool proof dev_valid_name() ip_tunnel: better validate user provided tunnel names ipv6: sit: better validate user provided tunnel names ip6_gre: better validate user provided tunnel names ip6_tunnel: better validate user provided tunnel names vti6: better validate user provided tunnel names net/mlx5e: Avoid using the ipv6 stub in the TC offload neigh update path net/mlx5e: Fix memory usage issues in offloading TC flows nfp: use full 40 bits of the NSP buffer address ipv6: sr: fix seg6 encap performances with TSO enabled net/mlx5e: Don't override vport admin link state in switchdev mode net/mlx5e: Sync netdev vxlan ports at open net/sched: fix NULL dereference in the error path of tunnel_key_init() net/sched: fix NULL dereference on the error path of tcf_skbmod_init() strparser: Fix sign of err codes net/mlx4_en: Fix mixed PFC and Global pause user control requests net/mlx5e: Fix traffic being dropped on VF representor vhost: validate log when IOTLB is enabled route: check sysctl_fib_multipath_use_neigh earlier than hash team: move dev_mc_sync after master_upper_dev_link in team_port_add vhost_net: add missing lock nesting notation net/mlx4_core: Fix memory leak while delete slave's resources Linux 4.14.34 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
NeilBrown
|
db470ce8c6 |
VFS: close race between getcwd() and d_move()
[ Upstream commit 61647823aa920e395afcce4b57c32afb51456cab ] d_move() will call __d_drop() and then __d_rehash() on the dentry being moved. This creates a small window when the dentry appears to be unhashed. Many tests of d_unhashed() are made under ->d_lock and so are safe from racing with this window, but some aren't. In particular, getcwd() calls d_unlinked() (which calls d_unhashed()) without d_lock protection, so it can race. This races has been seen in practice with lustre, which uses d_move() as part of name lookup. See: https://jira.hpdd.intel.com/browse/LU-9735 It could race with a regular rename(), and result in ENOENT instead of either the 'before' or 'after' name. The race can be demonstrated with a simple program which has two threads, one renaming a directory back and forth while another calls getcwd() within that directory: it should never fail, but does. See: https://patchwork.kernel.org/patch/9455345/ We could fix this race by taking d_lock and rechecking when d_unhashed() reports true. Alternately when can remove the window, which is the approach this patch takes. ___d_drop() is introduce which does *not* clear d_hash.pprev so the dentry still appears to be hashed. __d_drop() calls ___d_drop(), then clears d_hash.pprev. __d_move() now uses ___d_drop() and only clears d_hash.pprev when not rehashing. Signed-off-by: NeilBrown <neilb@suse.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
27e69ad2ae |
This is the 4.14.33 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlrKCn4ACgkQONu9yGCS aT5N9Q//fD3Bsaf4GuQxBLR0Jd6tNpunTMyc98TxQ1SUqN72YHiVhhZ88F5syRXd OsdOUIbmlnGPGfiV4sFf9HPmji4OCmTwBdWOjeja75TjApJ98H1gMUlULbiFYgdc TMitrwfNmxjUsdbCUGO2E3+9xKXjWcqmDfqeE4zano9iejPLiDwulIiG52QTVIlY FGm0nxYPq2A4AlF4u2B7sHaf1PEeopcmx/wNaAAZQf3pzXo8SukThQaeQihYMUv2 4iU6EDmorTFy2V+r6N58AU4BEVj1fsiWLVObNRjfRkQ6NiljhzHgoSxrqXF+lOFu ZGOOLJ7oiVJMXBBFKkDCA9qKvLcVRmwEz8gwdvylhWuOoUIvRxfPBdbPenz7YXYS 0ySXA0zU6KT31O+70ryE2UQonQ27fF71hohBRm1a5Z88uy24eCbFR1b5+8ldVKeF 2SFruhtoaI9iG6aaIFW8bNLVU3d5wyhp+NrL57y4STeR/fDC5ed3jnaOaXKpM4Dl DnteX/UtTvlVTwhBNgSEaCxB53gHWM9/ueEJaijfSiQVaIyrXL0atz8ZhZPlXwVG n13Dl4nWbXO6/TckK+VqhCTJ/54vEZzKfvR6u9+QiusA5AcS5rFz/4nQx6fVpt1z XgmUPtaC63TPc7E3iY/SvX2FtOWpdjqR/Tv32xbIjwSfDdnOl2M= =kd9N -----END PGP SIGNATURE----- Merge 4.14.33 into android-4.14 Changes in 4.14.33 ARM: OMAP: Fix SRAM W+X mapping ARM: 8746/1: vfp: Go back to clearing vfp_current_hw_state[] ARM: dts: sun6i: a31s: bpi-m2: improve pmic properties ARM: dts: sun6i: a31s: bpi-m2: add missing regulators mtd: jedec_probe: Fix crash in jedec_read_mfr() mtd: nand: atmel: Fix get_sectorsize() function ALSA: usb-audio: Add native DSD support for TEAC UD-301 ALSA: pcm: Use dma_bytes as size parameter in dma_mmap_coherent() ALSA: pcm: potential uninitialized return values x86/platform/uv/BAU: Add APIC idt entry perf/hwbp: Simplify the perf-hwbp code, fix documentation ceph: only dirty ITER_IOVEC pages for direct read ipc/shm.c: add split function to shm_vm_ops i2c: i2c-stm32f7: fix no check on returned setup powerpc/64s: Fix lost pending interrupt due to race causing lost update to irq_happened powerpc/64s: Fix i-side SLB miss bad address handler saving nonvolatile GPRs partitions/msdos: Unable to mount UFS 44bsd partitions xfrm_user: uncoditionally validate esn replay attribute struct RDMA/ucma: Check AF family prior resolving address RDMA/ucma: Fix use-after-free access in ucma_close RDMA/ucma: Ensure that CM_ID exists prior to access it RDMA/rdma_cm: Fix use after free race with process_one_req RDMA/ucma: Check that device is connected prior to access it RDMA/ucma: Check that device exists prior to accessing it RDMA/ucma: Introduce safer rdma_addr_size() variants net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems percpu: add __GFP_NORETRY semantics to the percpu balancing path netfilter: x_tables: make allocation less aggressive netfilter: bridge: ebt_among: add more missing match size checks l2tp: fix races with ipv4-mapped ipv6 addresses netfilter: drop template ct when conntrack is skipped. netfilter: x_tables: add and use xt_check_proc_name phy: qcom-ufs: add MODULE_LICENSE tag Bluetooth: Fix missing encryption refresh on Security Request usb: dwc2: Improve gadget state disconnection handling bitmap: fix memset optimization on big-endian systems USB: serial: ftdi_sio: add RT Systems VX-8 cable USB: serial: ftdi_sio: add support for Harman FirmwareHubEmulator USB: serial: cp210x: add ELDAT Easywave RX09 id serial: 8250: Add Nuvoton NPCM UART mei: remove dev_err message on an unsupported ioctl /dev/mem: Avoid overwriting "err" in read_mem() media: usbtv: prevent double free in error case parport_pc: Add support for WCH CH382L PCI-E single parallel port card. crypto: lrw - Free rctx->ext with kzfree crypto: inside-secure - fix clock management crypto: testmgr - Fix incorrect values in PKCS#1 test vector crypto: ahash - Fix early termination in hash walk crypto: caam - Fix null dereference at error path crypto: ccp - return an actual key size from RSA max_size callback crypto: arm,arm64 - Fix random regeneration of S_shipped crypto: x86/cast5-avx - fix ECB encryption when long sg follows short one Btrfs: fix unexpected cow in run_delalloc_nocow staging: comedi: ni_mio_common: ack ai fifo error interrupts. Revert "base: arch_topology: fix section mismatch build warnings" Input: ALPS - fix TrackStick detection on Thinkpad L570 and Latitude 7370 Input: i8042 - add Lenovo ThinkPad L460 to i8042 reset list Input: i8042 - enable MUX on Sony VAIO VGN-CS series to fix touchpad vt: change SGR 21 to follow the standards ARM: dts: DRA76-EVM: Set powerhold property for tps65917 net: hns: Fix ethtool private flags Fix slab name "biovec-(1<<(21-12))" Revert "ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin" Revert "ARM: dts: omap3-n900: Fix the audio CODEC's reset pin" Revert "cpufreq: Fix governor module removal race" Revert "ip6_vti: adjust vti mtu according to mtu of lower device" Linux 4.14.33 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Liu Bo
|
4be89529c0 |
Btrfs: fix unexpected cow in run_delalloc_nocow
commit 5811375325420052fcadd944792a416a43072b7f upstream.
Fstests generic/475 provides a way to fail metadata reads while
checking if checksum exists for the inode inside run_delalloc_nocow(),
and csum_exist_in_range() interprets error (-EIO) as inode having
checksum and makes its caller enter the cow path.
In case of free space inode, this ends up with a warning in
cow_file_range().
The same problem applies to btrfs_cross_ref_exist() since it may also
read metadata in between.
With this, run_delalloc_nocow() bails out when errors occur at the two
places.
cc: <stable@vger.kernel.org> v2.6.28+
Fixes: 17d217fe970d ("Btrfs: fix nodatasum handling in balancing code")
Signed-off-by: Liu Bo <bo.li.liu@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Yan, Zheng
|
f00a344718 |
ceph: only dirty ITER_IOVEC pages for direct read
commit 85784f9395987a422fa04263e7c0fb13da11eb5c upstream. If a page is already locked, attempting to dirty it leads to a deadlock in lock_page(). This is what currently happens to ITER_BVEC pages when a dio-enabled loop device is backed by ceph: $ losetup --direct-io /dev/loop0 /mnt/cephfs/img $ xfs_io -c 'pread 0 4k' /dev/loop0 Follow other file systems and only dirty ITER_IOVEC pages. Cc: stable@kernel.org Signed-off-by: "Yan, Zheng" <zyan@redhat.com> Reviewed-by: Ilya Dryomov <idryomov@gmail.com> Signed-off-by: Ilya Dryomov <idryomov@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Ritesh Harjani
|
f956575ffd |
ANDROID: fuse: Add null terminator to path in canonical path to avoid issue
page allocated in fuse_dentry_canonical_path to be handled in fuse_dev_do_write is allocated using __get_free_pages(GFP_KERNEL). This may not return a page with data filled with 0. Now this page may not have a null terminator at all. If this happens and userspace fuse daemon screws up by passing a string to kernel which is not NULL terminated (or did not fill anything), then inside fuse driver in kernel when we try to do strlen(fuse_dev_write->kern_path->getname_kernel) on that page data -> it may give us issue with kernel paging request. Unable to handle kernel paging request at virtual address ------------[ cut here ]------------ <..> PC is at strlen+0x10/0x90 LR is at getname_kernel+0x2c/0xf4 <..> strlen+0x10/0x90 kern_path+0x28/0x4c fuse_dev_do_write+0x5b8/0x694 fuse_dev_write+0x74/0x94 do_iter_readv_writev+0x80/0xb8 do_readv_writev+0xec/0x1cc vfs_writev+0x54/0x64 SyS_writev+0x64/0xe4 el0_svc_naked+0x24/0x28 To avoid this we should ensure in case of FUSE_CANONICAL_PATH, the page is null terminated. Change-Id: I33ca7cc76b4472eaa982c67bb20685df451121f5 Signed-off-by: Ritesh Harjani <riteshh@codeaurora.org> Bug: 75984715 [Daniel - small edit, using args size ] Signed-off-by: Daniel Rosenberg <drosen@google.com> |
||
|
Ritesh Harjani
|
802d80cd74 |
ANDROID: sdcardfs: Fix sdcardfs to stop creating cases-sensitive duplicate entries.
sdcardfs_name_match gets a 'name' argument from the underlying FS. This need not be null terminated string. So in sdcardfs_name_match -> qstr_case_eq -> we should use str_n_case_eq. This happens because few of the entries in lower level FS may not be NULL terminated and may have some garbage characters passed while doing sdcardfs_name_match. For e.g. # dmesg |grep Download [ 103.646386] sdcardfs_name_match: q1->name=.nomedia, q1->len=8, q2->name=Download\x17\x80\x03, q2->len=8 [ 104.021340] sdcardfs_name_match: q1->name=.nomedia, q1->len=8, q2->name=Download\x17\x80\x03, q2->len=8 [ 105.196864] sdcardfs_name_match: q1->name=.nomedia, q1->len=8, q2->name=Download\x17\x80\x03, q2->len=8 [ 109.113521] sdcardfs_name_match: q1->name=logs, q1->len=4, q2->name=Download\x17\x80\x03, q2->len=8 Now when we try to create a directory with different case for a such files. SDCARDFS creates a entry if it could not find the underlying entry in it's dcache. To reproduce:- 1. bootup the device wait for some time after sdcardfs mounting to complete. 2. cd /storage/emulated/0 3. echo 3 > /proc/sys/vm/drop_caches 4. mkdir download We now start seeing two entries with name. Download & download. Change-Id: I976d92a220a607dd8cdb96c01c2041c5c2bc3326 Signed-off-by: Ritesh Harjani <riteshh@codeaurora.org> bug: 75987238 |
||
|
Isaac J. Manjarres
|
7ed7e2acf0 |
Merge remote-tracking branch 'remotes/origin/tmp-51e322a' into msm-4.14
* remotes/origin/tmp-51e322a: Linux 4.14.32 s390/qeth: on channel error, reject further cmd requests s390/qeth: lock read device while queueing next buffer s390/qeth: when thread completes, wake up all waiters s390/qeth: free netdevice when removing a card dpaa_eth: remove duplicate increment of the tx_errors counter dpaa_eth: increment the RX dropped counter when needed dpaa_eth: remove duplicate initialization dpaa_eth: fix error in dpaa_remove() soc/fsl/qbman: fix issue in qman_delete_cgr_safe() team: Fix double free in error path skbuff: Fix not waking applications when errors are enqueued qede: Fix qedr link update net: systemport: Rewrite __bcm_sysport_tx_reclaim() net: Only honor ifindex in IP_PKTINFO if non-0 netlink: avoid a double skb free in genlmsg_mcast() net/iucv: Free memory obtained by kzalloc net: fec: Fix unbalanced PM runtime calls net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY interface net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred l2tp: do not accept arbitrary sockets ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() dccp: check sk for closed state in dccp_sendmsg() net: Fix hlist corruptions in inet_evict_bucket() net: use skb_to_full_sk() in skb_update_prio() ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() sch_netem: fix skb leak in netem_enqueue() kcm: lock lower socket in kcm_attach rhashtable: Fix rhlist duplicates insertion ppp: avoid loop in xmit recursion detection code net sched actions: return explicit error when tunnel_key mode is not specified net: phy: Tell caller result of phy_change() mlxsw: spectrum_buffers: Set a minimum quota for CPU port traffic ipv6: sr: fix scheduling in RCU when creating seg6 lwtunnel state ipv6: sr: fix NULL pointer dereference when setting encap source address ipv6: old_dport should be a __be16 in __ip6_datagram_connect() net: ipv6: keep sk status consistent after datagram connect failure macvlan: filter out unsupported feature flags devlink: Remove redundant free on error path net: phy: relax error checking when creating sysfs link netdev->phydev sysfs: symlink: export sysfs_create_link_nowarn() qed: Fix non TCP packets should be dropped on iWARP ll2 connection tcp: purge write queue upon aborting the connection tcp: reset sk_send_head in tcp_write_queue_purge Change-Id: Ief39b9585daef847f0456cfe8fa70ba0178ea127 Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
|
Isaac J. Manjarres
|
976852dffe |
Merge remote-tracking branch 'remotes/origin/tmp-331d833' into msm-4.14
* remotes/origin/tmp-331d833:
Linux 4.14.31
bpf, x64: increase number of passes
bpf: skip unnecessary capability check
kbuild: disable clang's default use of -fmerge-all-constants
x86/pkeys/selftests: Rename 'si_pkey' to 'siginfo_pkey'
usb: xhci: Fix potential memory leak in xhci_disable_slot()
usb: xhci: Disable slot even when virt-dev is null
staging: lustre: ptlrpc: kfree used instead of kvfree
staging: android: ion: Zero CMA allocated memory
iio: imu: st_lsm6dsx: fix endianness in st_lsm6dsx_read_oneshot()
iio: ABI: Fix name of timestamp sysfs file
perf/x86/intel/uncore: Fix multi-domain PCI CHA enumeration bug on Skylake servers
perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period()
perf/core: Fix ctx_event_type in ctx_resched()
perf stat: Fix CVS output format for non-supported counters
perf/x86/intel/uncore: Fix Skylake UPI event format
drm/syncobj: Stop reusing the same struct file for all syncobj -> fd
x86/boot/64: Verify alignment of the LOAD segment
x86/build/64: Force the linker to use 2MB page size
kvm/x86: fix icebp instruction handling
posix-timers: Protect posix clock array access against speculation
x86/efi: Free efi_pgd with free_pages()
x86/vsyscall/64: Use proper accessor to update P4D entry
selftests/x86/ptrace_syscall: Fix for yet more glibc interference
x86/entry/64: Don't use IST entry for #BP stack
tty: vt: fix up tabstops properly
can: cc770: Fix use after free in cc770_tx_interrupt()
can: cc770: Fix queue stall & dropped RTR reply
can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack
can: ifi: Check core revision upon probe
can: ifi: Repair the error handling
can: peak/pcie_fd: remove useless code when interface starts
can: peak/pcie_fd: fix echo_skb is occupied! bug
staging: ncpfs: memory corruption in ncp_read_kernel()
mtd: nand: fsl_ifc: Read ECCSTAT0 and ECCSTAT1 registers for IFC 2.0
mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver >= 2.0.0
mtd: nand: fsl_ifc: Fix nand waitfunc return value
mtdchar: fix usage of mtd_ooblayout_ecc()
tracing: probeevent: Fix to support minus offset from symbol
rtlwifi: rtl8723be: Fix loss of signal
brcmfmac: fix P2P_DEVICE ethernet address generation
libnvdimm, {btt, blk}: do integrity setup before add_disk()
ACPI / watchdog: Fix off-by-one error at resource assignment
acpi, numa: fix pxm to online numa node associations
mm/vmscan: wake up flushers for legacy cgroups too
drm: udl: Properly check framebuffer mmap offsets
drm: Reject getfb for multi-plane framebuffers
drm/radeon: Don't turn off DP sink when disconnected
drm/vmwgfx: Fix a destoy-while-held mutex problem.
drm/vmwgfx: Fix black screen and device errors when running without fbdev
Revert "mm: page_alloc: skip over regions of invalid pfns where possible"
mm/shmem: do not wait for lock_page() in shmem_unused_huge_shrink()
mm/thp: do not wait for lock_page() in deferred_split_scan()
mm/khugepaged.c: convert VM_BUG_ON() to collapse fail
x86/mm: implement free pmd/pte page interfaces
mm/vmalloc: add interfaces to free unmapped page table
h8300: remove extraneous __BIG_ENDIAN definition
hugetlbfs: check for pgoff value overflow
nfsd: remove blocked locks on client teardown
cgroup: fix rule checking for threaded mode switching
libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions
libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs
libata: Enable queued TRIM for Samsung SSD 860
libata: disable LPM for Crucial BX100 SSD 500GB drive
libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs
libata: don't try to pass through NCQ commands to non-NCQ devices
libata: remove WARN() for DMA or PIO command without data
libata: fix length validation of ATAPI-relayed SCSI commands
Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174
Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table
Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
pinctrl: samsung: Validate alias coming from DT
Drivers: hv: vmbus: Fix ring buffer signaling
RDMA/mlx5: Fix crash while accessing garbage pointer and freed memory
clk: sunxi-ng: a31: Fix CLK_OUT_* clock ops
clk: bcm2835: Protect sections updating shared registers
clk: bcm2835: Fix ana->maskX definitions
lockdep: fix fs_reclaim warning
ahci: Add PCI-id for the Highpoint Rocketraid 644L card
PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L
mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs
mmc: dw_mmc: exynos: fix the suspend/resume issue for exynos5433
mmc: dw_mmc: Fix the DTO/CTO timeout overflow calculation for 32-bit systems
mmc: block: fix updating ext_csd caches on ioctl call
mmc: core: Disable HPI for certain Micron (Numonyx) eMMC cards
mmc: core: Fix tracepoint print of blk_addr and blksz
ALSA: hda/realtek - Always immediately update mute LED with pin VREF
ALSA: hda/realtek - Fix Dell headset Mic can't record
ALSA: hda/realtek - Fix speaker no sound after system resume
ALSA: hda - Force polling mode on CFL for fixing codec communication
ALSA: aloop: Fix access to not-yet-ready substream via cable
ALSA: aloop: Sync stale timer before release
ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit
iio: adc: meson-saradc: unlock on error in meson_sar_adc_lock()
iio: st_pressure: st_accel: pass correct platform data to init
iio: chemical: ccs811: Corrected firmware boot/application mode transition
MIPS: lantiq: ase: Enable MFD_SYSCON
MIPS: lantiq: Enable AHB Bus for USB
MIPS: lantiq: Fix Danube USB clock
MIPS: ralink: Fix booting on MT7621
MIPS: ralink: Remove ralink_halt()
ANDROID: arm64: Image.gz-dtb build target depends on Image.gz
Conflicts:
drivers/staging/android/ion/ion_cma_heap.c
Change-Id: I1ed32b5d3bcf4db15991859bdd89fed0d70fdb86
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
51e322a7f1 |
This is the 4.14.32 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlq/swYACgkQONu9yGCS aT4nzRAAvGd/yvI4f4KdSWrhAWDkpS6n40BMXHAsfRh4z6lBFs310nuYtm6UJqYc 9PTg6jMHFO01oRwDGUFr1uZnD64Ov9YhWwrLt6tQ4wZsA34O1vna9rBB6YEPtaxZ jt9c8bzLFjqLzBdeEf4B31jsDKspUzIgopUx5rDeFrVZDhg4Ie2RLIWRIHztQgON OKMoGL3MOWp9v6MB99Ya4GZyzP1BYQaED630SK2pQtBcMWT4ObA4nxIwY6biLmQw 03SFNwjCCk9o5vpIkBb+B5CogrhSOoSKmE4wNjav7MRTdz6wJCFbS3TI596OT8v7 jTOKo29Z+sqkVIwrox8u0tclblLQ3yKY4Jikt5vwgA0COzuctVnbe8G+2flcUKY4 +XxO/RYNNC8s4GWYCEWlaPbHMsctg8l7LfaPVkfUvf6EpgQl6PU6ioqsObd/kt6F v7ztiDMvZOHxFM/5aX3ICdSkfDlauiKDUu2N9spfNWJQCcKFYkpEeZ+lVAE4jyiP wvtnp/LMtqQJZ/gucH4RIjzvWJAj5oJ9yuQB46jV3P+OvhfhIJ4MhPbfmGAH/HNY zw3BlHcWa5bU5lmwlavaBzCYeKKx6OOeTVJwSf7QGTnDMQFaCmTgozkSYx1BqZHj Y2pjHWQBGpHc3JBGhvkJSlTsF3Dcy1xzQqx+mNNgOCOaRqWiOgg= =nvns -----END PGP SIGNATURE----- Merge 4.14.32 into android-4.14 Changes in 4.14.32 tcp: reset sk_send_head in tcp_write_queue_purge tcp: purge write queue upon aborting the connection qed: Fix non TCP packets should be dropped on iWARP ll2 connection sysfs: symlink: export sysfs_create_link_nowarn() net: phy: relax error checking when creating sysfs link netdev->phydev devlink: Remove redundant free on error path macvlan: filter out unsupported feature flags net: ipv6: keep sk status consistent after datagram connect failure ipv6: old_dport should be a __be16 in __ip6_datagram_connect() ipv6: sr: fix NULL pointer dereference when setting encap source address ipv6: sr: fix scheduling in RCU when creating seg6 lwtunnel state mlxsw: spectrum_buffers: Set a minimum quota for CPU port traffic net: phy: Tell caller result of phy_change() net sched actions: return explicit error when tunnel_key mode is not specified ppp: avoid loop in xmit recursion detection code rhashtable: Fix rhlist duplicates insertion kcm: lock lower socket in kcm_attach sch_netem: fix skb leak in netem_enqueue() ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() net: use skb_to_full_sk() in skb_update_prio() net: Fix hlist corruptions in inet_evict_bucket() dccp: check sk for closed state in dccp_sendmsg() ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() l2tp: do not accept arbitrary sockets net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY interface net: fec: Fix unbalanced PM runtime calls net/iucv: Free memory obtained by kzalloc netlink: avoid a double skb free in genlmsg_mcast() net: Only honor ifindex in IP_PKTINFO if non-0 net: systemport: Rewrite __bcm_sysport_tx_reclaim() qede: Fix qedr link update skbuff: Fix not waking applications when errors are enqueued team: Fix double free in error path soc/fsl/qbman: fix issue in qman_delete_cgr_safe() dpaa_eth: fix error in dpaa_remove() dpaa_eth: remove duplicate initialization dpaa_eth: increment the RX dropped counter when needed dpaa_eth: remove duplicate increment of the tx_errors counter s390/qeth: free netdevice when removing a card s390/qeth: when thread completes, wake up all waiters s390/qeth: lock read device while queueing next buffer s390/qeth: on channel error, reject further cmd requests Linux 4.14.32 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Grygorii Strashko
|
223c542442 |
sysfs: symlink: export sysfs_create_link_nowarn()
[ Upstream commit 2399ac42e762ab25c58420e25359b2921afdc55f ]
The sysfs_create_link_nowarn() is going to be used in phylib framework in
subsequent patch which can be built as module. Hence, export
sysfs_create_link_nowarn() to avoid build errors.
Cc: Florian Fainelli <f.fainelli@gmail.com>
Cc: Andrew Lunn <andrew@lunn.ch>
Fixes: a3995460491d ("net: phy: Relax error checking on sysfs_create_link()")
Signed-off-by: Grygorii Strashko <grygorii.strashko@ti.com>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
331d833ece |
This is the 4.14.31 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlq7wdMACgkQONu9yGCS
aT70mg//WB+ClT+ek6RRdhQglQWXMrqk+bv6mO+zGARnq09RfnBeK8vSfijOlgFx
ZPrtv1EjyEBfH3mEkYG9S8hQmrkX4c1TWu6litN4z21dbrkx7QoWlvUDxMcWOjD0
kcjFX95SKcAswMpdkRuVIVirdPcaT98F0+RDNVwVdD6rC34ZhACXELJSiGaMR2nX
1lVjq+/ixuP7xr7L38KE0Bb3vdATCHE7BsHzSikXhFEwXdORRQDVO/YlUvBmAi1j
vOoTZSAq1EDHe+Wp4uWMYKr1LYhY55lCndfXz+gTopFWdqGmh4iN7aU5giHHa7ff
pznFCzDFpNMhWitDns0wh9RHgIgrJcEFNFef7Z3OOghtnh4tTmWe3LxtcbnzXRrd
jrGBSlLHe/4VsAcWIDyx8ujq05qbggFD+dJuK6LSMV/GLiQ0hzQYf92x2WI5Qwd/
d0Iiq0bHygZMmTty1J1kXELiJLsMObQvgEcnDTM6bw+KRA7l26F5Tkwa6JRdytoG
ZG58TL5vpJRFwqVA3jwWkUNUydmipqWiR0wIsGiqSDSQaUoNHM1UIXuZke4TT2I/
Bl+MtbR/s85Y3nJX48XUPn1rY7a2mjyvWcLgXryf0wb5rA4Te+anC0xN694tvs6O
Fgt/vPkOFaWiBSKaRQHl25BegJI2fnbIrWy1Gy2jYG0T1NyMrZc=
=8/Im
-----END PGP SIGNATURE-----
Merge 4.14.31 into android-4.14
Changes in 4.14.31
MIPS: ralink: Remove ralink_halt()
MIPS: ralink: Fix booting on MT7621
MIPS: lantiq: Fix Danube USB clock
MIPS: lantiq: Enable AHB Bus for USB
MIPS: lantiq: ase: Enable MFD_SYSCON
iio: chemical: ccs811: Corrected firmware boot/application mode transition
iio: st_pressure: st_accel: pass correct platform data to init
iio: adc: meson-saradc: unlock on error in meson_sar_adc_lock()
ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit
ALSA: aloop: Sync stale timer before release
ALSA: aloop: Fix access to not-yet-ready substream via cable
ALSA: hda - Force polling mode on CFL for fixing codec communication
ALSA: hda/realtek - Fix speaker no sound after system resume
ALSA: hda/realtek - Fix Dell headset Mic can't record
ALSA: hda/realtek - Always immediately update mute LED with pin VREF
mmc: core: Fix tracepoint print of blk_addr and blksz
mmc: core: Disable HPI for certain Micron (Numonyx) eMMC cards
mmc: block: fix updating ext_csd caches on ioctl call
mmc: dw_mmc: Fix the DTO/CTO timeout overflow calculation for 32-bit systems
mmc: dw_mmc: exynos: fix the suspend/resume issue for exynos5433
mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs
PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L
ahci: Add PCI-id for the Highpoint Rocketraid 644L card
lockdep: fix fs_reclaim warning
clk: bcm2835: Fix ana->maskX definitions
clk: bcm2835: Protect sections updating shared registers
clk: sunxi-ng: a31: Fix CLK_OUT_* clock ops
RDMA/mlx5: Fix crash while accessing garbage pointer and freed memory
Drivers: hv: vmbus: Fix ring buffer signaling
pinctrl: samsung: Validate alias coming from DT
Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table
Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174
libata: fix length validation of ATAPI-relayed SCSI commands
libata: remove WARN() for DMA or PIO command without data
libata: don't try to pass through NCQ commands to non-NCQ devices
libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs
libata: disable LPM for Crucial BX100 SSD 500GB drive
libata: Enable queued TRIM for Samsung SSD 860
libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs
libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions
libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
cgroup: fix rule checking for threaded mode switching
nfsd: remove blocked locks on client teardown
hugetlbfs: check for pgoff value overflow
h8300: remove extraneous __BIG_ENDIAN definition
mm/vmalloc: add interfaces to free unmapped page table
x86/mm: implement free pmd/pte page interfaces
mm/khugepaged.c: convert VM_BUG_ON() to collapse fail
mm/thp: do not wait for lock_page() in deferred_split_scan()
mm/shmem: do not wait for lock_page() in shmem_unused_huge_shrink()
Revert "mm: page_alloc: skip over regions of invalid pfns where possible"
drm/vmwgfx: Fix black screen and device errors when running without fbdev
drm/vmwgfx: Fix a destoy-while-held mutex problem.
drm/radeon: Don't turn off DP sink when disconnected
drm: Reject getfb for multi-plane framebuffers
drm: udl: Properly check framebuffer mmap offsets
mm/vmscan: wake up flushers for legacy cgroups too
acpi, numa: fix pxm to online numa node associations
ACPI / watchdog: Fix off-by-one error at resource assignment
libnvdimm, {btt, blk}: do integrity setup before add_disk()
brcmfmac: fix P2P_DEVICE ethernet address generation
rtlwifi: rtl8723be: Fix loss of signal
tracing: probeevent: Fix to support minus offset from symbol
mtdchar: fix usage of mtd_ooblayout_ecc()
mtd: nand: fsl_ifc: Fix nand waitfunc return value
mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver >= 2.0.0
mtd: nand: fsl_ifc: Read ECCSTAT0 and ECCSTAT1 registers for IFC 2.0
staging: ncpfs: memory corruption in ncp_read_kernel()
can: peak/pcie_fd: fix echo_skb is occupied! bug
can: peak/pcie_fd: remove useless code when interface starts
can: ifi: Repair the error handling
can: ifi: Check core revision upon probe
can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack
can: cc770: Fix queue stall & dropped RTR reply
can: cc770: Fix use after free in cc770_tx_interrupt()
tty: vt: fix up tabstops properly
x86/entry/64: Don't use IST entry for #BP stack
selftests/x86/ptrace_syscall: Fix for yet more glibc interference
x86/vsyscall/64: Use proper accessor to update P4D entry
x86/efi: Free efi_pgd with free_pages()
posix-timers: Protect posix clock array access against speculation
kvm/x86: fix icebp instruction handling
x86/build/64: Force the linker to use 2MB page size
x86/boot/64: Verify alignment of the LOAD segment
drm/syncobj: Stop reusing the same struct file for all syncobj -> fd
perf/x86/intel/uncore: Fix Skylake UPI event format
perf stat: Fix CVS output format for non-supported counters
perf/core: Fix ctx_event_type in ctx_resched()
perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period()
perf/x86/intel/uncore: Fix multi-domain PCI CHA enumeration bug on Skylake servers
iio: ABI: Fix name of timestamp sysfs file
iio: imu: st_lsm6dsx: fix endianness in st_lsm6dsx_read_oneshot()
staging: android: ion: Zero CMA allocated memory
staging: lustre: ptlrpc: kfree used instead of kvfree
usb: xhci: Disable slot even when virt-dev is null
usb: xhci: Fix potential memory leak in xhci_disable_slot()
x86/pkeys/selftests: Rename 'si_pkey' to 'siginfo_pkey'
kbuild: disable clang's default use of -fmerge-all-constants
bpf: skip unnecessary capability check
bpf, x64: increase number of passes
Linux 4.14.31
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Dan Carpenter
|
2a2b9ef309 |
staging: ncpfs: memory corruption in ncp_read_kernel()
commit 4c41aa24baa4ed338241d05494f2c595c885af8f upstream. If the server is malicious then *bytes_read could be larger than the size of the "target" buffer. It would lead to memory corruption when we do the memcpy(). Reported-by: Dr Silvio Cesare of InfoSect <Silvio Cesare <silvio.cesare@gmail.com> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Cc: stable <stable@vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Mike Kravetz
|
1e8628443e |
hugetlbfs: check for pgoff value overflow
commit 63489f8e821144000e0bdca7e65a8d1cc23a7ee7 upstream.
A vma with vm_pgoff large enough to overflow a loff_t type when
converted to a byte offset can be passed via the remap_file_pages system
call. The hugetlbfs mmap routine uses the byte offset to calculate
reservations and file size.
A sequence such as:
mmap(0x20a00000, 0x600000, 0, 0x66033, -1, 0);
remap_file_pages(0x20a00000, 0x600000, 0, 0x20000000000000, 0);
will result in the following when task exits/file closed,
kernel BUG at mm/hugetlb.c:749!
Call Trace:
hugetlbfs_evict_inode+0x2f/0x40
evict+0xcb/0x190
__dentry_kill+0xcb/0x150
__fput+0x164/0x1e0
task_work_run+0x84/0xa0
exit_to_usermode_loop+0x7d/0x80
do_syscall_64+0x18b/0x190
entry_SYSCALL_64_after_hwframe+0x3d/0xa2
The overflowed pgoff value causes hugetlbfs to try to set up a mapping
with a negative range (end < start) that leaves invalid state which
causes the BUG.
The previous overflow fix to this code was incomplete and did not take
the remap_file_pages system call into account.
[mike.kravetz@oracle.com: v3]
Link: http://lkml.kernel.org/r/20180309002726.7248-1-mike.kravetz@oracle.com
[akpm@linux-foundation.org: include mmdebug.h]
[akpm@linux-foundation.org: fix -ve left shift count on sh]
Link: http://lkml.kernel.org/r/20180308210502.15952-1-mike.kravetz@oracle.com
Fixes: 045c7a3f53d9 ("hugetlbfs: fix offset overflow in hugetlbfs mmap")
Signed-off-by: Mike Kravetz <mike.kravetz@oracle.com>
Reported-by: Nic Losby <blurbdust@gmail.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Cc: "Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>
Cc: Yisheng Xie <xieyisheng1@huawei.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Jeff Layton
|
797bfd05d4 |
nfsd: remove blocked locks on client teardown
commit 68ef3bc3166468678d5e1fdd216628c35bd1186f upstream. We had some reports of panics in nfsd4_lm_notify, and that showed a nfs4_lockowner that had outlived its so_client. Ensure that we walk any leftover lockowners after tearing down all of the stateids, and remove any blocked locks that they hold. With this change, we also don't need to walk the nbl_lru on nfsd_net shutdown, as that will happen naturally when we tear down the clients. Fixes: 76d348fadff5 (nfsd: have nfsd4_lock use blocking locks for v4.1+ locks) Reported-by: Frank Sorenson <fsorenso@redhat.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> Cc: stable@vger.kernel.org # 4.9 Signed-off-by: J. Bruce Fields <bfields@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Isaac J. Manjarres
|
805d13413a |
Merge remote-tracking branch 'remotes/origin/tmp-a45ab56' into msm-4.14
* remotes/origin/tmp-a45ab56: Linux 4.14.30 RDMA/vmw_pvrdma: Fix usage of user response structures in ABI file kbuild: fix linker feature test macros when cross compiling with Clang RDMA/ucma: Don't allow join attempts for unsupported AF family RDMA/ucma: Fix access to non-initialized CM_ID object clk: migrate the count of orphaned clocks at init RDMA/core: Do not use invalid destination in determining port reuse serial: 8250_pci: Don't fail on multiport card class IB/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq IB/mlx5: Fix integer overflows in mlx5_ib_create_srq scsi: mpt3sas: wait for and flush running commands on shutdown/unload scsi: mpt3sas: fix oops in error handlers after shutdown/unload dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63 crypto: artpec6 - set correct iv size for gcm(aes) clk: si5351: Rename internal plls to avoid name collisions clk: axi-clkgen: Correctly handle nocount bit in recalc_rate() clk: Don't touch hardware when reparenting during registration clk: at91: pmc: Wait for clocks when resuming nfsd4: permit layoutget of executable-only files ARM: dts: aspeed-evb: Add unit name to memory node RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS scsi: lpfc: Fix issues connecting with nvme initiator scsi: lpfc: Fix SCSI LUN discovery when SCSI and NVME enabled soc: qcom: smsm: fix child-node lookup ip_gre: fix potential memory leak in erspan_rcv ip_gre: fix error path when erspan_rcv failed ip6_vti: adjust vti mtu according to mtu of lower device iommu/vt-d: clean up pr_irq if request_threaded_irq fails pinctrl: rockchip: enable clock when reading pin direction register pinctrl: Really force states during suspend/resume media: davinci: fix a debug printk PCI: rcar: Handle rcar_pcie_parse_request_of_pci_ranges() failures PCI: endpoint: Fix find_first_zero_bit() usage PCI: designware-ep: Fix ->get_msi() to check MSI_EN bit coresight: Fix disabling of CoreSight TPIU pty: cancel pty slave port buf's work in tty_release drm/omap: DMM: Check for DMM readiness after successful transaction commit mmc: sdhci-xenon: wait 5ms after set 1.8V signal enable omapdrm: panel: fix compatible vendor string for td028ttec1 vgacon: Set VGA struct resource types iser-target: avoid reinitializing rdma contexts for isert commands IB/umem: Fix use of npages/nmap fields RDMA/cma: Use correct size when writing netlink stats IB/ipoib: Avoid memory leak if the SA returns a different DGID rtc: ac100: Fix multiple race conditions media: s5p-mfc: Fix lock contention - request_firmware() once sfp: fix non-detection of PHY sfp: fix EEPROM reading in the case of non-SFF8472 SFPs net: phy: meson-gxl: check phy_write return value /dev/mem: Add bounce buffer for copy-out mmc: block: fix logical error to avoid memory leak mmc: avoid removing non-removable hosts during suspend drm/tilcdc: ensure nonatomic iowrite64 is not used dmaengine: zynqmp_dma: Fix race condition in the probe platform/chrome: Use proper protocol transfer function watchdog: Fix kref imbalance seen if handle_boot_enabled=0 watchdog: Fix potential kref imbalance when opening watchdog cros_ec: fix nul-termination for firmware build info serial: 8250_dw: Disable clock on error tty: goldfish: Enable 'earlycon' only if built-in qmi_wwan: set FLAG_SEND_ZLP to avoid network initiated disconnect media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart ath10k: handling qos at STA side based on AP WMM enable/disable media: bt8xx: Fix err 'bt878_probe()' rtlwifi: always initialize variables given to RT_TRACE() rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled. spi: sh-msiof: Avoid writing to registers from spi_master.setup() hv_netvsc: Fix the TX/RX buffer default sizes hv_netvsc: Fix the receive buffer size limit RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo() drm/msm: fix leak in failed get_pages media: c8sectpfe: fix potential NULL pointer dereference in c8sectpfe_timer_interrupt cpufreq: longhaul: Revert transition_delay_us to 200 ms Bluetooth: btqcomsmd: Fix skb double free corruption Bluetooth: hci_qca: Avoid setup failure on missing rampatch staging: android: ashmem: Fix possible deadlock in ashmem_ioctl scsi: megaraid_sas: Do not use 32-bit atomic request descriptor for Ventura controllers FROMLIST: crypto: arm64/speck - add NEON-accelerated implementation of Speck-XTS BACKPORT: kbuild: fix linker feature test macros when cross compiling with Clang Conflicts: drivers/clk/clk.c drivers/gpu/drm/msm/msm_gem.c Change-Id: Ia2b16feb38555f4f7ba11aef07d6e601b2e41fdc Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
a45ab563a4 |
This is the 4.14.30 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlq2IfoACgkQONu9yGCS aT5mvw//Vqj0kVcbbIVWlafFnsRS7+u4VggHOLBmunW/GATBqXFeqFa/naJ3GB2H Ji91CkHUaR/8hohgMndd4GIJFxOYEf9zMzWxyza5pjcgBzwFHywd3n2cgnNzwPgE xHv3HbLXT4MjHbtk6Zf3vVb+khcLikWtXbdBoO+K+sJWcITA31GuQSFuICXAeiTu K5yvGA/Y3dUMm1dN2fzV3ZuEZ8vuHVMVmzUHg+RlHVfLEVVkCOL2JupO+8S060Px 0heMcRaWTceyyAQ66xJ1hYo1Ia9qK0jTlohvYmRP1lguR6KTw0O8rBhJlUsmrPo0 17xohxgYbpwjs+g3cVas4Jf2bzlPa+PjYk6ZIkci/7tvZilF5HscZIJRwstgFjSY CM7TGk6bpadVT6rSzC2pUGdyPOElPAUYJZTinhRoSQWQL0A4HH4YFM0Wf6qVD1w+ KtESJR9VG8AKnp+w4HLwCpua/2zRCHANgpdItRKSO/hEnShP1CAsi60l9pHJI/e7 myOpE4OoJZSJMO26MoFsO3LWAlleGwUKGp/Lh/Gz/ANpks8HUnSGCVH1I+sWKfY1 nHL6tGFga8T5f3nAgJT2e8RNMkNI7AzYM8s0ygVy/JZ6qgtPtzHsSW5DRFYt+fy/ tqP0m+26e5TjYSKO4oaPmFfWEWjCzWYfXg4sk4d9dZZA+41r0B0= =pK0E -----END PGP SIGNATURE----- Merge 4.14.30 into android-4.14 Changes in 4.14.30 scsi: megaraid_sas: Do not use 32-bit atomic request descriptor for Ventura controllers staging: android: ashmem: Fix possible deadlock in ashmem_ioctl Bluetooth: hci_qca: Avoid setup failure on missing rampatch Bluetooth: btqcomsmd: Fix skb double free corruption cpufreq: longhaul: Revert transition_delay_us to 200 ms media: c8sectpfe: fix potential NULL pointer dereference in c8sectpfe_timer_interrupt drm/msm: fix leak in failed get_pages RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo() hv_netvsc: Fix the receive buffer size limit hv_netvsc: Fix the TX/RX buffer default sizes spi: sh-msiof: Avoid writing to registers from spi_master.setup() rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled. rtlwifi: always initialize variables given to RT_TRACE() media: bt8xx: Fix err 'bt878_probe()' ath10k: handling qos at STA side based on AP WMM enable/disable media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart qmi_wwan: set FLAG_SEND_ZLP to avoid network initiated disconnect tty: goldfish: Enable 'earlycon' only if built-in serial: 8250_dw: Disable clock on error cros_ec: fix nul-termination for firmware build info watchdog: Fix potential kref imbalance when opening watchdog watchdog: Fix kref imbalance seen if handle_boot_enabled=0 platform/chrome: Use proper protocol transfer function dmaengine: zynqmp_dma: Fix race condition in the probe drm/tilcdc: ensure nonatomic iowrite64 is not used mmc: avoid removing non-removable hosts during suspend mmc: block: fix logical error to avoid memory leak /dev/mem: Add bounce buffer for copy-out net: phy: meson-gxl: check phy_write return value sfp: fix EEPROM reading in the case of non-SFF8472 SFPs sfp: fix non-detection of PHY media: s5p-mfc: Fix lock contention - request_firmware() once rtc: ac100: Fix multiple race conditions IB/ipoib: Avoid memory leak if the SA returns a different DGID RDMA/cma: Use correct size when writing netlink stats IB/umem: Fix use of npages/nmap fields iser-target: avoid reinitializing rdma contexts for isert commands vgacon: Set VGA struct resource types omapdrm: panel: fix compatible vendor string for td028ttec1 mmc: sdhci-xenon: wait 5ms after set 1.8V signal enable drm/omap: DMM: Check for DMM readiness after successful transaction commit pty: cancel pty slave port buf's work in tty_release coresight: Fix disabling of CoreSight TPIU PCI: designware-ep: Fix ->get_msi() to check MSI_EN bit PCI: endpoint: Fix find_first_zero_bit() usage PCI: rcar: Handle rcar_pcie_parse_request_of_pci_ranges() failures media: davinci: fix a debug printk pinctrl: Really force states during suspend/resume pinctrl: rockchip: enable clock when reading pin direction register iommu/vt-d: clean up pr_irq if request_threaded_irq fails ip6_vti: adjust vti mtu according to mtu of lower device ip_gre: fix error path when erspan_rcv failed ip_gre: fix potential memory leak in erspan_rcv soc: qcom: smsm: fix child-node lookup scsi: lpfc: Fix SCSI LUN discovery when SCSI and NVME enabled scsi: lpfc: Fix issues connecting with nvme initiator RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS ARM: dts: aspeed-evb: Add unit name to memory node nfsd4: permit layoutget of executable-only files clk: at91: pmc: Wait for clocks when resuming clk: Don't touch hardware when reparenting during registration clk: axi-clkgen: Correctly handle nocount bit in recalc_rate() clk: si5351: Rename internal plls to avoid name collisions crypto: artpec6 - set correct iv size for gcm(aes) dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63 scsi: mpt3sas: fix oops in error handlers after shutdown/unload scsi: mpt3sas: wait for and flush running commands on shutdown/unload IB/mlx5: Fix integer overflows in mlx5_ib_create_srq IB/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq serial: 8250_pci: Don't fail on multiport card class RDMA/core: Do not use invalid destination in determining port reuse clk: migrate the count of orphaned clocks at init RDMA/ucma: Fix access to non-initialized CM_ID object RDMA/ucma: Don't allow join attempts for unsupported AF family kbuild: fix linker feature test macros when cross compiling with Clang RDMA/vmw_pvrdma: Fix usage of user response structures in ABI file Linux 4.14.30 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Benjamin Coddington
|
14d920fc45 |
nfsd4: permit layoutget of executable-only files
[ Upstream commit 66282ec1cf004c09083c29cb5e49019037937bbd ] Clients must be able to read a file in order to execute it, and for pNFS that means the client needs to be able to perform a LAYOUTGET on the file. This behavior for executable-only files was added for OPEN in commit a043226bc140 "nfsd4: permit read opens of executable-only files". This fixes up xfstests generic/126 on block/scsi layouts. Signed-off-by: Benjamin Coddington <bcodding@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Blagovest Kolenichev
|
24b2e60f51 |
Merge android-4.14.29 (45c8dbe) into msm-4.14
* refs/heads/tmp-45c8dbe
Linux 4.14.29
usb: dwc3: Fix GDBGFIFOSPACE_TYPE values
USB: gadget: udc: Add missing platform_device_put() on error in bdc_pci_probe()
scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure
scsi: qla2xxx: Fix logo flag for qlt_free_session_done()
scsi: qla2xxx: Fix NULL pointer access for fcport structure
scsi: qla2xxx: Fix smatch warning in qla25xx_delete_{rsp|req}_que
btrfs: Fix memory barriers usage with device stats counters
btrfs: remove spurious WARN_ON(ref->count < 0) in find_parent_nodes
btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device
btrfs: alloc_chunk: fix DUP stripe size handling
btrfs: add missing initialization in btrfs_check_shared
btrfs: Fix NULL pointer exception in find_bio_stripe
irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis
RDMAVT: Fix synchronization around percpu_ref
fs/aio: Use RCU accessors for kioctx_table->table[]
fs/aio: Add explicit RCU grace period when freeing kioctx
lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
KVM: arm/arm64: vgic: Don't populate multiple LRs with the same vintid
kvm: arm/arm64: vgic-v3: Tighten synchronization for guests using v2 on v3
KVM: arm/arm64: Reduce verbosity of KVM init log
fs: Teach path_connected to handle nfs filesystems with multiple roots.
drm/amdgpu/dce: Don't turn off DP sink when disconnected
drm/radeon: fix prime teardown order
drm/amdgpu: fix prime teardown order
drm/nouveau/bl: Fix oops on driver unbind
ALSA: seq: Clear client entry before deleting else at closing
ALSA: seq: Fix possible UAF in snd_seq_check_queue()
ALSA: hda - Revert power_save option default value
ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats()
parisc: Handle case where flush_cache_range is called with no context
x86/mm: Fix vmalloc_fault to use pXd_large
KVM: x86: Fix device passthrough when SME is active
x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist
x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels
x86/vm86/32: Fix POPF emulation
selftests/x86/entry_from_vm86: Add test cases for POPF
selftests/x86: Add tests for the STR and SLDT instructions
selftests/x86: Add tests for User-Mode Instruction Prevention
selftests/x86/entry_from_vm86: Exit with 1 if we fail
x86/cpufeatures: Add Intel PCONFIG cpufeature
x86/cpufeatures: Add Intel Total Memory Encryption cpufeature
ANDROID: arm-smccc: fix clang build
staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
Linux 4.14.28
drm/i915/glk: Disable Guc and HuC on GLK
dmaengine: qcom_hidma: check pending interrupts
IB/mlx5: revisit -Wmaybe-uninitialized warning
ima: relax requiring a file signature for new files with zero length
locking/locktorture: Fix num reader/writer corner cases
rcutorture/configinit: Fix build directory error message
ipvlan: add L2 check for packets arriving via virtual devices
Fix misannotated out-of-line _copy_to_user()
mmc: mmc_test: Ensure command queue is disabled for testing
ASoC: nuc900: Fix a loop timeout test
crypto: caam/qi - use correct print specifier for size_t
mac80211: remove BUG() when interface type is invalid
mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED
agp/intel: Flush all chipset writes after updating the GGTT
arm64: dts: renesas: salvator-common: Add EthernetAVB PHY reset
powerpc/64: Don't trace irqs-off at interrupt return to soft-disabled context
powerpc/modules: Don't try to restore r2 after a sibling call
drm/amdkfd: Fix memory leaks in kfd topology
veth: set peer GSO values
net: sched: drop qdisc_reset from dev_graft_qdisc
virtio_net: Disable interrupts if napi_complete_done rescheduled napi
media: davinci: vpif_capture: add NULL check on devm_kzalloc return value
media: cpia2: Fix a couple off by one bugs
dm raid: fix raid set size revalidation
media: vsp1: Prevent suspending and resuming DRM pipelines
scsi: dh: add new rdac devices
scsi: devinfo: apply to HP XP the same flags as Hitachi VSP
scsi: core: scsi_get_device_flags_keyed(): Always return device flags
bnxt_en: Don't print "Link speed -1 no longer supported" messages.
spi: sun6i: disable/unprepare clocks on remove
tools/usbip: fixes build with musl libc toolchain
ath10k: fix invalid STS_CAP_OFFSET_MASK
mwifiex: cfg80211: do not change virtual interface during scan processing
clk: qcom: msm8916: fix mnd_width for codec_digcodec
drm/amdgpu:fix virtual dce bug
iwlwifi: mvm: avoid dumping assert log when device is stopped
perf annotate: Fix objdump comment parsing for Intel mov dissassembly
perf annotate: Fix unnecessary memory allocation for s390x
pinctrl: sh-pfc: r8a7795-es1: Fix MOD_SEL1 bit[25:24] to 0x3 when using STP_ISEN_1_D
pinctrl: sh-pfc: r8a7791: Add can_clk function
drm/sun4i: Fix format mask in DE2 driver
pwm: stmpe: Fix wrong register offset for hwpwm=2 case
scsi: ses: don't ask for diagnostic pages repeatedly during probe
drm/amdgpu:fix random missing of FLR NOTIFY
cpufreq: Fix governor module removal race
ath10k: update tdls teardown state to target
iio: health: max30102: Add power enable parameter to get_temp function
iio: adc: ina2xx: Shift bus voltage register to mask flag bits
drm/etnaviv: make THERMAL selectable
power: supply: ab8500_charger: Bail out in case of error in 'ab8500_charger_init_hw_registers()'
power: supply: ab8500_charger: Fix an error handling path
leds: pm8058: Silence pointer to integer size warning
xfrm: Fix xfrm_replay_overflow_offload_esn
userns: Don't fail follow_automount based on s_user_ns
mtd: nand: ifc: update bufnum mask for ver >= 2.0.0
ARM: dts: omap3-n900: Fix the audio CODEC's reset pin
ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin
net: thunderx: Set max queue count taking XDP_TX into account
mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]()
net: xfrm: allow clearing socket xfrm policies.
rtc: brcmstb-waketimer: fix error handling in brcmstb_waketmr_probe()
net: ieee802154: adf7242: Fix bug if defined DEBUG
test_firmware: fix setting old custom fw path back on exit
crypto: cavium - fix memory leak on info
crypto: ecc - Fix NULL pointer deref. on no default_rng
sched: Stop resched_cpu() from sending IPIs to offline CPUs
sched: Stop switched_to_rt() from sending IPIs to offline CPUs
USB: ledtrig-usbport: fix of-node leak
typec: tcpm: fusb302: Resolve out of order messaging events
staging: rtl8822be: fix missing null check on dev_alloc_skb return
drm/amdgpu: fix get_max_engine_clock_in_mhz
ARM: dts: exynos: Correct Trats2 panel reset line
clk: meson: gxbb: fix wrong clock for SARADC/SANA
ARM: dts: koelsch: Move cec_clock to root node
iwlwifi: mvm: rs: don't override the rate history in the search cycle
HID: elo: clear BTN_LEFT mapping
HID: multitouch: Only look at non touch fields in first packet of a frame
video/hdmi: Allow "empty" HDMI infoframes
dma-buf/fence: Fix lock inversion within dma-fence-array
drm/edid: set ELD connector type in drm_edid_to_eld()
Revert "btrfs: use proper endianness accessors for super_copy"
dm mpath: fix passing integrity data
earlycon: add reg-offset to physical address before mapping
serial: core: mark port as initialized in autoconfig
serial: 8250_pci: Add Brainboxes UC-260 4 port serial device
usb: dwc3: Fix lock-up on ID change during system suspend/resume
usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb()
usb: usbmon: Read text within supplied buffer size
usb: quirks: add control message delay for 1b1c:1b20
usbip: vudc: fix null pointer dereference on udc->lock
USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h
staging: android: ashmem: Fix lockdep issue during llseek
staging: comedi: fix comedi_nsamples_left.
uas: fix comparison for error code
tty/serial: atmel: add new version check for usart
serial: sh-sci: prevent lockup on full TTY buffers
xhci: fix endpoint context tracer output
xhci: Fix front USB ports on ASUS PRIME B350M-A
usb: host: xhci-rcar: add support for r8a77965
ASoC: rt5651: Fix regcache sync errors on resume
ASoC: wm_adsp: For TLV controls only register TLV get/set
ASoC: sgtl5000: Fix suspend/resume
ASoC: sun4i-i2s: Fix RX slot number of SUN8I
x86: Treat R_X86_64_PLT32 as R_X86_64_PC32
net: phy: Restore phy_resume() locking assumption
net: phy: fix resume handling
ANDROID: sdcardfs: fix lock issue on 32 bit/SMP architectures
Change-Id: Ida88909c333e059adf42a8794c3b92b1d15252f7
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
45c8dbed17 |
This is the 4.14.29 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlqyPMUACgkQONu9yGCS
aT520BAAy2D8GgiOXzjy95u2B76qXeMTMd8aeGwXoxe6YTuDZ+sLIzShBUf/itth
nrMOU+0rD2rjKJ/vp3Okm2XK08T08YV8aENE2CzG2vu0hYL+GYAXgQ6TpjYa/Vqh
Hv8AloyPs7eV1NN5Bd3OIwFWLeNKIYYJ33vlXaYWgkwYXZP5ZUicHcDXIDp6H0RU
Y5DoVF0N/GQkPVXsODSC/Ts0Xsi1IQCb41sn50PY2BwI62ZXip7nlWE59nsSd9gg
GYlLRhsXpJxvaMCwoOckbO8TcGYkHPVgLCLJmXv4b5NnvEptyRCnJcWxE7fmlzpE
4qlMn3Cin/Ve3hzw+HOiwR6WA/lUML/gUEnA6779RhAiJ+XkT6tnm8JZj9nrXW5i
nKET4hUFOY/Rnrd5OQmzhbOAQ2LYBkAupvZGJzLG9vyqlfg9T3HRV/f3+Ruz1wI/
c5b3EiSQlQ+ibn7ecyFUC3sDnqifXcc2fzEcEowtDrQ7KoVabTXXCH6e017S94uR
Ox4m1ICEplcOVitTvRYdP3fgOcGeyOxuq97t61SysFEauwz4F9p1Dfy4ou6oSdzl
yN4CJ7NS2xtV4A+y6sQEj85oDc84kWFlxvHmkayDoDXtwJu+wMncT9nFSHEssUsc
wgL3X2Mq/C9NUf2N4qlNH1PMCPO9CRgeCuUYBZHqsNpA/6u5wDE=
=kcqi
-----END PGP SIGNATURE-----
Merge 4.14.29 into android-4.14
Changes in 4.14.29
x86/cpufeatures: Add Intel Total Memory Encryption cpufeature
x86/cpufeatures: Add Intel PCONFIG cpufeature
selftests/x86/entry_from_vm86: Exit with 1 if we fail
selftests/x86: Add tests for User-Mode Instruction Prevention
selftests/x86: Add tests for the STR and SLDT instructions
selftests/x86/entry_from_vm86: Add test cases for POPF
x86/vm86/32: Fix POPF emulation
x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels
x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist
KVM: x86: Fix device passthrough when SME is active
x86/mm: Fix vmalloc_fault to use pXd_large
parisc: Handle case where flush_cache_range is called with no context
ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats()
ALSA: hda - Revert power_save option default value
ALSA: seq: Fix possible UAF in snd_seq_check_queue()
ALSA: seq: Clear client entry before deleting else at closing
drm/nouveau/bl: Fix oops on driver unbind
drm/amdgpu: fix prime teardown order
drm/radeon: fix prime teardown order
drm/amdgpu/dce: Don't turn off DP sink when disconnected
fs: Teach path_connected to handle nfs filesystems with multiple roots.
KVM: arm/arm64: Reduce verbosity of KVM init log
kvm: arm/arm64: vgic-v3: Tighten synchronization for guests using v2 on v3
KVM: arm/arm64: vgic: Don't populate multiple LRs with the same vintid
lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
fs/aio: Add explicit RCU grace period when freeing kioctx
fs/aio: Use RCU accessors for kioctx_table->table[]
RDMAVT: Fix synchronization around percpu_ref
irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis
btrfs: Fix NULL pointer exception in find_bio_stripe
btrfs: add missing initialization in btrfs_check_shared
btrfs: alloc_chunk: fix DUP stripe size handling
btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device
btrfs: remove spurious WARN_ON(ref->count < 0) in find_parent_nodes
btrfs: Fix memory barriers usage with device stats counters
scsi: qla2xxx: Fix smatch warning in qla25xx_delete_{rsp|req}_que
scsi: qla2xxx: Fix NULL pointer access for fcport structure
scsi: qla2xxx: Fix logo flag for qlt_free_session_done()
scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure
USB: gadget: udc: Add missing platform_device_put() on error in bdc_pci_probe()
usb: dwc3: Fix GDBGFIFOSPACE_TYPE values
Linux 4.14.29
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Nikolay Borisov
|
1a89025056 |
btrfs: Fix memory barriers usage with device stats counters
commit 9deae9689231964972a94bb56a79b669f9d47ac1 upstream.
Commit addc3fa74e5b ("Btrfs: Fix the problem that the dirty flag of dev
stats is cleared") reworked the way device stats changes are tracked. A
new atomic dev_stats_ccnt counter was introduced which is incremented
every time any of the device stats counters are changed. This serves as
a flag whether there are any pending stats changes. However, this patch
only partially implemented the correct memory barriers necessary:
- It only ordered the stores to the counters but not the reads e.g.
btrfs_run_dev_stats
- It completely omitted any comments documenting the intended design and
how the memory barriers pair with each-other
This patch provides the necessary comments as well as adds a missing
smp_rmb in btrfs_run_dev_stats. Furthermore since dev_stats_cnt is only
a snapshot at best there was no point in reading the counter twice -
once in btrfs_dev_stats_dirty and then again when assigning stats_cnt.
Just collapse both reads into 1.
Fixes: addc3fa74e5b ("Btrfs: Fix the problem that the dirty flag of dev stats is cleared")
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Zygo Blaxell
|
d35115930d |
btrfs: remove spurious WARN_ON(ref->count < 0) in find_parent_nodes
commit c8195a7b1ad5648857ce20ba24f384faed8512bc upstream. Until v4.14, this warning was very infrequent: WARNING: CPU: 3 PID: 18172 at fs/btrfs/backref.c:1391 find_parent_nodes+0xc41/0x14e0 Modules linked in: [...] CPU: 3 PID: 18172 Comm: bees Tainted: G D W L 4.11.9-zb64+ #1 Hardware name: System manufacturer System Product Name/M5A78L-M/USB3, BIOS 2101 12/02/2014 Call Trace: dump_stack+0x85/0xc2 __warn+0xd1/0xf0 warn_slowpath_null+0x1d/0x20 find_parent_nodes+0xc41/0x14e0 __btrfs_find_all_roots+0xad/0x120 ? extent_same_check_offsets+0x70/0x70 iterate_extent_inodes+0x168/0x300 iterate_inodes_from_logical+0x87/0xb0 ? iterate_inodes_from_logical+0x87/0xb0 ? extent_same_check_offsets+0x70/0x70 btrfs_ioctl+0x8ac/0x2820 ? lock_acquire+0xc2/0x200 do_vfs_ioctl+0x91/0x700 ? __fget+0x112/0x200 SyS_ioctl+0x79/0x90 entry_SYSCALL_64_fastpath+0x23/0xc6 ? trace_hardirqs_off_caller+0x1f/0x140 Starting with v4.14 (specifically 86d5f9944252 ("btrfs: convert prelimary reference tracking to use rbtrees")) the WARN_ON occurs three orders of magnitude more frequently--almost once per second while running workloads like bees. Replace the WARN_ON() with a comment rationale for its removal. The rationale is paraphrased from an explanation by Edmund Nadolski <enadolski@suse.de> on the linux-btrfs mailing list. Fixes: 8da6d5815c59 ("Btrfs: added btrfs_find_all_roots()") Signed-off-by: Zygo Blaxell <ce3g8jdj@umail.furryterror.org> Reviewed-by: Lu Fengqi <lufq.fnst@cn.fujitsu.com> Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Nikolay Borisov
|
cb6945546b |
btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device
commit fd649f10c3d21ee9d7542c609f29978bdf73ab94 upstream.
Commit 4fde46f0cc71 ("Btrfs: free the stale device") introduced
btrfs_free_stale_device which iterates the device lists for all
registered btrfs filesystems and deletes those devices which aren't
mounted. In a btrfs_devices structure has only 1 device attached to it
and it is unused then btrfs_free_stale_devices will proceed to also free
the btrfs_fs_devices struct itself. Currently this leads to a use after
free since list_for_each_entry will try to perform a check on the
already freed memory to see if it has to terminate the loop.
The fix is to use 'break' when we know we are freeing the current
fs_devs.
Fixes: 4fde46f0cc71 ("Btrfs: free the stale device")
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: Anand Jain <anand.jain@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Hans van Kranenburg
|
0136bd7238 |
btrfs: alloc_chunk: fix DUP stripe size handling
commit 92e222df7b8f05c565009c7383321b593eca488b upstream. In case of using DUP, we search for enough unallocated disk space on a device to hold two stripes. The devices_info[ndevs-1].max_avail that holds the amount of unallocated space found is directly assigned to stripe_size, while it's actually twice the stripe size. Later on in the code, an unconditional division of stripe_size by dev_stripes corrects the value, but in the meantime there's a check to see if the stripe_size does not exceed max_chunk_size. Since during this check stripe_size is twice the amount as intended, the check will reduce the stripe_size to max_chunk_size if the actual correct to be used stripe_size is more than half the amount of max_chunk_size. The unconditional division later tries to correct stripe_size, but will actually make sure we can't allocate more than half the max_chunk_size. Fix this by moving the division by dev_stripes before the max chunk size check, so it always contains the right value, instead of putting a duct tape division in further on to get it fixed again. Since in all other cases than DUP, dev_stripes is 1, this change only affects DUP. Other attempts in the past were made to fix this: * 37db63a400 "Btrfs: fix max chunk size check in chunk allocator" tried to fix the same problem, but still resulted in part of the code acting on a wrongly doubled stripe_size value. * 86db25785a "Btrfs: fix max chunk size on raid5/6" unintentionally broke this fix again. The real problem was already introduced with the rest of the code in 73c5de0051. The user visible result however will be that the max chunk size for DUP will suddenly double, while it's actually acting according to the limits in the code again like it was 5 years ago. Reported-by: Naohiro Aota <naohiro.aota@wdc.com> Link: https://www.spinics.net/lists/linux-btrfs/msg69752.html Fixes: 73c5de0051 ("btrfs: quasi-round-robin for chunk allocation") Fixes: 86db25785a ("Btrfs: fix max chunk size on raid5/6") Signed-off-by: Hans van Kranenburg <hans.van.kranenburg@mendix.com> Reviewed-by: David Sterba <dsterba@suse.com> [ update comment ] Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Edmund Nadolski
|
7e7fbff126 |
btrfs: add missing initialization in btrfs_check_shared
commit 18bf591ba9753e3e5ba91f38f756a800693408f4 upstream.
This patch addresses an issue that causes fiemap to falsely
report a shared extent. The test case is as follows:
xfs_io -f -d -c "pwrite -b 16k 0 64k" -c "fiemap -v" /media/scratch/file5
sync
xfs_io -c "fiemap -v" /media/scratch/file5
which gives the resulting output:
wrote 65536/65536 bytes at offset 0
64 KiB, 4 ops; 0.0000 sec (121.359 MiB/sec and 7766.9903 ops/sec)
/media/scratch/file5:
EXT: FILE-OFFSET BLOCK-RANGE TOTAL FLAGS
0: [0..127]: 24576..24703 128 0x2001
/media/scratch/file5:
EXT: FILE-OFFSET BLOCK-RANGE TOTAL FLAGS
0: [0..127]: 24576..24703 128 0x1
This is because btrfs_check_shared calls find_parent_nodes
repeatedly in a loop, passing a share_check struct to report
the count of shared extent. But btrfs_check_shared does not
re-initialize the count value to zero for subsequent calls
from the loop, resulting in a false share count value. This
is a regressive behavior from 4.13.
With proper re-initialization the test result is as follows:
wrote 65536/65536 bytes at offset 0
64 KiB, 4 ops; 0.0000 sec (110.035 MiB/sec and 7042.2535 ops/sec)
/media/scratch/file5:
EXT: FILE-OFFSET BLOCK-RANGE TOTAL FLAGS
0: [0..127]: 24576..24703 128 0x1
/media/scratch/file5:
EXT: FILE-OFFSET BLOCK-RANGE TOTAL FLAGS
0: [0..127]: 24576..24703 128 0x1
which corrects the regression.
Fixes: 3ec4d3238ab ("btrfs: allow backref search checks for shared extents")
Signed-off-by: Edmund Nadolski <enadolski@suse.com>
[ add text from cover letter to changelog ]
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Dmitriy Gorokh
|
e625797168 |
btrfs: Fix NULL pointer exception in find_bio_stripe
commit 047fdea6341966a0898e3b16c51f54d4f5ba030a upstream. On detaching of a disk which is a part of a RAID6 filesystem, the following kernel OOPS may happen: [63122.680461] BTRFS error (device sdo): bdev /dev/sdo errs: wr 0, rd 0, flush 1, corrupt 0, gen 0 [63122.719584] BTRFS warning (device sdo): lost page write due to IO error on /dev/sdo [63122.719587] BTRFS error (device sdo): bdev /dev/sdo errs: wr 1, rd 0, flush 1, corrupt 0, gen 0 [63122.803516] BTRFS warning (device sdo): lost page write due to IO error on /dev/sdo [63122.803519] BTRFS error (device sdo): bdev /dev/sdo errs: wr 2, rd 0, flush 1, corrupt 0, gen 0 [63122.863902] BTRFS critical (device sdo): fatal error on device /dev/sdo [63122.935338] BUG: unable to handle kernel NULL pointer dereference at 0000000000000080 [63122.946554] IP: fail_bio_stripe+0x58/0xa0 [btrfs] [63122.958185] PGD 9ecda067 P4D 9ecda067 PUD b2b37067 PMD 0 [63122.971202] Oops: 0000 [#1] SMP [63123.006760] CPU: 0 PID: 3979 Comm: kworker/u8:9 Tainted: G W 4.14.2-16-scst34x+ #8 [63123.007091] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006 [63123.007402] Workqueue: btrfs-worker btrfs_worker_helper [btrfs] [63123.007595] task: ffff880036ea4040 task.stack: ffffc90006384000 [63123.007796] RIP: 0010:fail_bio_stripe+0x58/0xa0 [btrfs] [63123.007968] RSP: 0018:ffffc90006387ad8 EFLAGS: 00010287 [63123.008140] RAX: 0000000000000002 RBX: ffff88004beaa0b8 RCX: ffff8800b2bd5690 [63123.008359] RDX: 0000000000000000 RSI: ffff88007bb43500 RDI: ffff88004beaa000 [63123.008621] RBP: ffffc90006387ae8 R08: 0000000099100000 R09: ffff8800b2bd5600 [63123.008840] R10: 0000000000000004 R11: 0000000000010000 R12: ffff88007bb43500 [63123.009059] R13: 00000000fffffffb R14: ffff880036fc5180 R15: 0000000000000004 [63123.009278] FS: 0000000000000000(0000) GS:ffff8800b7000000(0000) knlGS:0000000000000000 [63123.009564] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [63123.009748] CR2: 0000000000000080 CR3: 00000000b0866000 CR4: 00000000000406f0 [63123.009969] Call Trace: [63123.010085] raid_write_end_io+0x7e/0x80 [btrfs] [63123.010251] bio_endio+0xa1/0x120 [63123.010378] generic_make_request+0x218/0x270 [63123.010921] submit_bio+0x66/0x130 [63123.011073] finish_rmw+0x3fc/0x5b0 [btrfs] [63123.011245] full_stripe_write+0x96/0xc0 [btrfs] [63123.011428] raid56_parity_write+0x117/0x170 [btrfs] [63123.011604] btrfs_map_bio+0x2ec/0x320 [btrfs] [63123.011759] ? ___cache_free+0x1c5/0x300 [63123.011909] __btrfs_submit_bio_done+0x26/0x50 [btrfs] [63123.012087] run_one_async_done+0x9c/0xc0 [btrfs] [63123.012257] normal_work_helper+0x19e/0x300 [btrfs] [63123.012429] btrfs_worker_helper+0x12/0x20 [btrfs] [63123.012656] process_one_work+0x14d/0x350 [63123.012888] worker_thread+0x4d/0x3a0 [63123.013026] ? _raw_spin_unlock_irqrestore+0x15/0x20 [63123.013192] kthread+0x109/0x140 [63123.013315] ? process_scheduled_works+0x40/0x40 [63123.013472] ? kthread_stop+0x110/0x110 [63123.013610] ret_from_fork+0x25/0x30 [63123.014469] RIP: fail_bio_stripe+0x58/0xa0 [btrfs] RSP: ffffc90006387ad8 [63123.014678] CR2: 0000000000000080 [63123.016590] ---[ end trace a295ea7259c17880 ]— This is reproducible in a cycle, where a series of writes is followed by SCSI device delete command. The test may take up to few minutes. Fixes: 74d46992e0d9 ("block: replace bi_bdev with a gendisk pointer and partitions index") [ no signed-off-by provided ] Author: Dmitriy Gorokh <Dmitriy.Gorokh@wdc.com> Reviewed-by: Liu Bo <bo.li.liu@oracle.com> Reviewed-by: David Sterba <dsterba@suse.com> Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Tejun Heo
|
cd21b3400b |
fs/aio: Use RCU accessors for kioctx_table->table[]
commit d0264c01e7587001a8c4608a5d1818dba9a4c11a upstream.
While converting ioctx index from a list to a table, db446a08c23d
("aio: convert the ioctx list to table lookup v3") missed tagging
kioctx_table->table[] as an array of RCU pointers and using the
appropriate RCU accessors. This introduces a small window in the
lookup path where init and access may race.
Mark kioctx_table->table[] with __rcu and use the approriate RCU
accessors when using the field.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Jann Horn <jannh@google.com>
Fixes: db446a08c23d ("aio: convert the ioctx list to table lookup v3")
Cc: Benjamin LaHaise <bcrl@kvack.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: stable@vger.kernel.org # v3.12+
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Tejun Heo
|
076c7c0680 |
fs/aio: Add explicit RCU grace period when freeing kioctx
commit a6d7cff472eea87d96899a20fa718d2bab7109f3 upstream.
While fixing refcounting, e34ecee2ae79 ("aio: Fix a trinity splat")
incorrectly removed explicit RCU grace period before freeing kioctx.
The intention seems to be depending on the internal RCU grace periods
of percpu_ref; however, percpu_ref uses a different flavor of RCU,
sched-RCU. This can lead to kioctx being freed while RCU read
protected dereferences are still in progress.
Fix it by updating free_ioctx() to go through call_rcu() explicitly.
v2: Comment added to explain double bouncing.
Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Jann Horn <jannh@google.com>
Fixes: e34ecee2ae79 ("aio: Fix a trinity splat")
Cc: Kent Overstreet <kent.overstreet@gmail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: stable@vger.kernel.org # v3.13+
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Al Viro
|
b071bce3ff |
lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
commit 3b821409632ab778d46e807516b457dfa72736ed upstream. In case when dentry passed to lock_parent() is protected from freeing only by the fact that it's on a shrink list and trylock of parent fails, we could get hit by __dentry_kill() (and subsequent dentry_kill(parent)) between unlocking dentry and locking presumed parent. We need to recheck that dentry is alive once we lock both it and parent *and* postpone rcu_read_unlock() until after that point. Otherwise we could return a pointer to struct dentry that already is rcu-scheduled for freeing, with ->d_lock held on it; caller's subsequent attempt to unlock it can end up with memory corruption. Cc: stable@vger.kernel.org # 3.12+, counting backports Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Eric W. Biederman
|
0481f001d9 |
fs: Teach path_connected to handle nfs filesystems with multiple roots.
commit 95dd77580ccd66a0da96e6d4696945b8cea39431 upstream. On nfsv2 and nfsv3 the nfs server can export subsets of the same filesystem and report the same filesystem identifier, so that the nfs client can know they are the same filesystem. The subsets can be from disjoint directory trees. The nfsv2 and nfsv3 filesystems provides no way to find the common root of all directory trees exported form the server with the same filesystem identifier. The practical result is that in struct super s_root for nfs s_root is not necessarily the root of the filesystem. The nfs mount code sets s_root to the root of the first subset of the nfs filesystem that the kernel mounts. This effects the dcache invalidation code in generic_shutdown_super currently called shrunk_dcache_for_umount and that code for years has gone through an additional list of dentries that might be dentry trees that need to be freed to accomodate nfs. When I wrote path_connected I did not realize nfs was so special, and it's hueristic for avoiding calling is_subdir can fail. The practical case where this fails is when there is a move of a directory from the subtree exposed by one nfs mount to the subtree exposed by another nfs mount. This move can happen either locally or remotely. With the remote case requiring that the move directory be cached before the move and that after the move someone walks the path to where the move directory now exists and in so doing causes the already cached directory to be moved in the dcache through the magic of d_splice_alias. If someone whose working directory is in the move directory or a subdirectory and now starts calling .. from the initial mount of nfs (where s_root == mnt_root), then path_connected as a heuristic will not bother with the is_subdir check. As s_root really is not the root of the nfs filesystem this heuristic is wrong, and the path may actually not be connected and path_connected can fail. The is_subdir function might be cheap enough that we can call it unconditionally. Verifying that will take some benchmarking and the result may not be the same on all kernels this fix needs to be backported to. So I am avoiding that for now. Filesystems with snapshots such as nilfs and btrfs do something similar. But as the directory tree of the snapshots are disjoint from one another and from the main directory tree rename won't move things between them and this problem will not occur. Cc: stable@vger.kernel.org Reported-by: Al Viro <viro@ZenIV.linux.org.uk> Fixes: 397d425dc26d ("vfs: Test for and handle paths that are unreachable from their mnt_root") Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
267c6efd76 |
This is the 4.14.28 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlqvagEACgkQONu9yGCS aT6OIxAAmZR4SyE7pWG9IwDzRcWhkPqknnKyM9SsfZ4m9TjiTRDZudUuJHy9LYko L1uCqQqd2cb88DkkY7aoThlZUNQmRKxbqlm1KGFnxYTIWpqmwC0Cod47P1gPdfu8 eCHFTskA3LzhWKtKISIYAstfgiiSMPDcaK+AoMFSgNHJPIRzK1ixMbPqd+NskBBn jkSAWgc3z7GazyPgX9mnR8jh6hrPBARgDgCUUlc5kG4xBQMJD5u00Z2u6hgPgGeH AjmB/LGWepZC/e+XbJGZlu2J/gOREkqpGmIgBlhLMZKFaa1uGb6do6vDpUwQsfHY NutaJ5sKuDRRk72jWNvYLxXetV+X8yMR/NcbUwN7NLe9tKQRQKQicscYSnSma5p+ /9kusRfbDuDgx6dSDf8qtfL4N01suUpZadfHRYJWTnmsR718ybc05LYegcve6m3n c1VL8oAVB9SHLWEEirqDfBIsDPwwUt2D+3Qa2BK7aLFdWJD8DAwBB+vuYOscvPMQ 4R4YG3Tt2jxlbdYSNnnF2/Y8RvJvYSH9TCz2ZxjTYjO1di+ildnF2KP2ncXnfU6s 2i5c/5efb5FRQUN3x2EiGK9adRhHc6D2vheOMOMGIFJX/hI4fDNuQyX9676hliMc +BRom5CU7712BVeR70+XuO9K9M1UDeqUGK0tgWFc8xI9LdrnfVc= =85d3 -----END PGP SIGNATURE----- Merge 4.14.28 into android-4.14 Changes in 4.14.28 net: phy: fix resume handling net: phy: Restore phy_resume() locking assumption x86: Treat R_X86_64_PLT32 as R_X86_64_PC32 ASoC: sun4i-i2s: Fix RX slot number of SUN8I ASoC: sgtl5000: Fix suspend/resume ASoC: wm_adsp: For TLV controls only register TLV get/set ASoC: rt5651: Fix regcache sync errors on resume usb: host: xhci-rcar: add support for r8a77965 xhci: Fix front USB ports on ASUS PRIME B350M-A xhci: fix endpoint context tracer output serial: sh-sci: prevent lockup on full TTY buffers tty/serial: atmel: add new version check for usart uas: fix comparison for error code staging: comedi: fix comedi_nsamples_left. staging: android: ashmem: Fix lockdep issue during llseek USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h usbip: vudc: fix null pointer dereference on udc->lock usb: quirks: add control message delay for 1b1c:1b20 usb: usbmon: Read text within supplied buffer size usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb() usb: dwc3: Fix lock-up on ID change during system suspend/resume serial: 8250_pci: Add Brainboxes UC-260 4 port serial device serial: core: mark port as initialized in autoconfig earlycon: add reg-offset to physical address before mapping dm mpath: fix passing integrity data Revert "btrfs: use proper endianness accessors for super_copy" drm/edid: set ELD connector type in drm_edid_to_eld() dma-buf/fence: Fix lock inversion within dma-fence-array video/hdmi: Allow "empty" HDMI infoframes HID: multitouch: Only look at non touch fields in first packet of a frame HID: elo: clear BTN_LEFT mapping iwlwifi: mvm: rs: don't override the rate history in the search cycle ARM: dts: koelsch: Move cec_clock to root node clk: meson: gxbb: fix wrong clock for SARADC/SANA ARM: dts: exynos: Correct Trats2 panel reset line drm/amdgpu: fix get_max_engine_clock_in_mhz staging: rtl8822be: fix missing null check on dev_alloc_skb return typec: tcpm: fusb302: Resolve out of order messaging events USB: ledtrig-usbport: fix of-node leak sched: Stop switched_to_rt() from sending IPIs to offline CPUs sched: Stop resched_cpu() from sending IPIs to offline CPUs crypto: ecc - Fix NULL pointer deref. on no default_rng crypto: cavium - fix memory leak on info test_firmware: fix setting old custom fw path back on exit net: ieee802154: adf7242: Fix bug if defined DEBUG rtc: brcmstb-waketimer: fix error handling in brcmstb_waketmr_probe() net: xfrm: allow clearing socket xfrm policies. mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]() net: thunderx: Set max queue count taking XDP_TX into account ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin ARM: dts: omap3-n900: Fix the audio CODEC's reset pin mtd: nand: ifc: update bufnum mask for ver >= 2.0.0 userns: Don't fail follow_automount based on s_user_ns xfrm: Fix xfrm_replay_overflow_offload_esn leds: pm8058: Silence pointer to integer size warning power: supply: ab8500_charger: Fix an error handling path power: supply: ab8500_charger: Bail out in case of error in 'ab8500_charger_init_hw_registers()' drm/etnaviv: make THERMAL selectable iio: adc: ina2xx: Shift bus voltage register to mask flag bits iio: health: max30102: Add power enable parameter to get_temp function ath10k: update tdls teardown state to target cpufreq: Fix governor module removal race drm/amdgpu:fix random missing of FLR NOTIFY scsi: ses: don't ask for diagnostic pages repeatedly during probe pwm: stmpe: Fix wrong register offset for hwpwm=2 case drm/sun4i: Fix format mask in DE2 driver pinctrl: sh-pfc: r8a7791: Add can_clk function pinctrl: sh-pfc: r8a7795-es1: Fix MOD_SEL1 bit[25:24] to 0x3 when using STP_ISEN_1_D perf annotate: Fix unnecessary memory allocation for s390x perf annotate: Fix objdump comment parsing for Intel mov dissassembly iwlwifi: mvm: avoid dumping assert log when device is stopped drm/amdgpu:fix virtual dce bug clk: qcom: msm8916: fix mnd_width for codec_digcodec mwifiex: cfg80211: do not change virtual interface during scan processing ath10k: fix invalid STS_CAP_OFFSET_MASK tools/usbip: fixes build with musl libc toolchain spi: sun6i: disable/unprepare clocks on remove bnxt_en: Don't print "Link speed -1 no longer supported" messages. scsi: core: scsi_get_device_flags_keyed(): Always return device flags scsi: devinfo: apply to HP XP the same flags as Hitachi VSP scsi: dh: add new rdac devices media: vsp1: Prevent suspending and resuming DRM pipelines dm raid: fix raid set size revalidation media: cpia2: Fix a couple off by one bugs media: davinci: vpif_capture: add NULL check on devm_kzalloc return value virtio_net: Disable interrupts if napi_complete_done rescheduled napi net: sched: drop qdisc_reset from dev_graft_qdisc veth: set peer GSO values drm/amdkfd: Fix memory leaks in kfd topology powerpc/modules: Don't try to restore r2 after a sibling call powerpc/64: Don't trace irqs-off at interrupt return to soft-disabled context arm64: dts: renesas: salvator-common: Add EthernetAVB PHY reset agp/intel: Flush all chipset writes after updating the GGTT mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED mac80211: remove BUG() when interface type is invalid crypto: caam/qi - use correct print specifier for size_t ASoC: nuc900: Fix a loop timeout test mmc: mmc_test: Ensure command queue is disabled for testing Fix misannotated out-of-line _copy_to_user() ipvlan: add L2 check for packets arriving via virtual devices rcutorture/configinit: Fix build directory error message locking/locktorture: Fix num reader/writer corner cases ima: relax requiring a file signature for new files with zero length IB/mlx5: revisit -Wmaybe-uninitialized warning dmaengine: qcom_hidma: check pending interrupts drm/i915/glk: Disable Guc and HuC on GLK Linux 4.14.28 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Eric W. Biederman
|
5aac93adff |
userns: Don't fail follow_automount based on s_user_ns
[ Upstream commit bbc3e471011417598e598707486f5d8814ec9c01 ]
When vfs_submount was added the test to limit automounts from
filesystems that with s_user_ns != &init_user_ns accidentially left
in follow_automount. The test was never about any security concerns
and was always about how do we implement this for filesystems whose
s_user_ns != &init_user_ns.
At the moment this check makes no difference as there are no
filesystems that both set FS_USERNS_MOUNT and implement d_automount.
Remove this check now while I am thinking about it so there will not
be odd booby traps for someone who does want to make this combination
work.
vfs_submount still needs improvements to allow this combination to work,
and vfs_submount contains a check that presents a warning.
The autofs4 filesystem could be modified to set FS_USERNS_MOUNT and it would
need not work on this code path, as userspace performs the mounts.
Fixes: 93faccbbfa95 ("fs: Better permission checking for submounts")
Fixes: aeaa4a79ff6a ("fs: Call d_automount with the filesystems creds")
Acked-by: Ian Kent <raven@themaw.net>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Greg Kroah-Hartman
|
2b0509fa4a |
Revert "btrfs: use proper endianness accessors for super_copy"
This reverts commit 3c181c12c431fe33b669410d663beb9cceefcd1b as it causes breakage on big endian systems with btrfs images. Reported-by: Christoph Biedl <linux-kernel.bfrz@manchmal.in-ulm.de> Cc: Anand Jain <anand.jain@oracle.com> Cc: Liu Bo <bo.li.liu@oracle.com> Cc: David Sterba <dsterba@suse.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Daniel Rosenberg
|
b01df612f7 |
ANDROID: sdcardfs: fix lock issue on 32 bit/SMP architectures
Fixes: cc668ff4b6a1 ("ANDROID: sdcardfs: Hold i_mutex for i_size_write")
Change-Id: If7f2ed90f59c552b9ef9262b0f6aaed394f68784
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 73287721
|
||
|
Isaac J. Manjarres
|
3ba3c6ce0a |
Merge remote-tracking branch 'remotes/origin/tmp-df0daba' into msm-4.14
* remotes/origin/tmp-df0daba: Linux 4.14.27 x86/kprobes: Fix kernel crash when probing .entry_trampoline code objtool: Fix 32-bit build objtool: Fix another switch table detection issue objtool, retpolines: Integrate objtool with retpoline support more closely objtool: Add module specific retpoline rules kbuild: move cc-option and cc-disable-warning after incl. arch Makefile kbuild: Set KBUILD_CFLAGS before incl. arch Makefile kbuild: re-order the code to not parse unnecessary variables objtool: Add retpoline validation objtool: Use existing global variables for options x86/mm/sme, objtool: Annotate indirect call in sme_encrypt_execute() x86/boot, objtool: Annotate indirect jump in secondary_startup_64() x86/paravirt, objtool: Annotate indirect calls x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP x86/speculation, objtool: Annotate indirect calls/jumps for objtool x86/retpoline: Support retpoline builds with Clang x86/speculation: Use IBRS if available before calling into firmware Revert "x86/retpoline: Simplify vmexit_fill_RSB()" x86-64/realmode: Add instruction suffix x86/LDT: Avoid warning in 32-bit builds with older gcc x86/asm: Improve how GEN_*_SUFFIXED_RMWcc() specify clobbers x86/mm: Remove stale comment about KMEMCHECK x86/entry/64: Use 'xorl' for faster register clearing x86/entry: Reduce the code footprint of the 'idtentry' macro nospec: Include <asm/barrier.h> dependency nospec: Kill array_index_nospec_mask_check() MIPS: CPC: Map registers using DT in mips_cpc_default_phys_base() dt-bindings: Document mti,mips-cpc binding scsi: qla2xxx: Fix recursion while sending terminate exchange scsi: qla2xxx: Fix NULL pointer crash due to probe failure ALSA: hda: add dock and led support for HP ProBook 640 G2 ALSA: hda: add dock and led support for HP EliteBook 820 G3 ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines ALSA: seq: More protection for concurrent write and ioctl races ALSA: seq: Don't allow resizing pool in use ALSA: hda/realtek - Make dock sound work on ThinkPad L570 ALSA: hda/realtek - Fix dock line-out volume on Dell Precision 7520 ALSA: hda/realtek: Limit mic boost on T480 ALSA: hda/realtek - Add headset mode support for Dell laptop ALSA: hda/realtek - Add support headset mode for DELL WYSE x86/spectre_v2: Don't check microcode versions when running under hypervisors perf tools: Fix trigger class trigger_on() x86/MCE: Serialize sysfs changes x86/MCE: Save microcode revision in machine check records bcache: don't attach backing with duplicate UUID bcache: fix crashes in duplicate cache device register IB/mlx5: Fix incorrect size of klms in the memory region dm bufio: avoid false-positive Wmaybe-uninitialized warning kbuild: Handle builtin dtb file names containing hyphens IB/core: Fix missing RDMA cgroups release in case of failure to register device arm64: mm: fix thinko in non-global page table attribute check KVM: s390: fix memory overwrites when not using SCA entries virtio_ring: fix num_free handling in error case loop: Fix lost writes caused by missing flag Documentation/sphinx: Fix Directive import error mm/memblock.c: hardcode the end_pfn being -1 lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() Input: matrix_keypad - fix race when disabling interrupts PCI: dwc: Fix enumeration end when reaching root subordinate MIPS: OCTEON: irq: Check for null return on kzalloc allocation MIPS: ath25: Check for kzalloc allocation failure MIPS: BMIPS: Do not mask IPIs during suspend drm/amdgpu:Always save uvd vcpu_bo in VM Mode drm/amdgpu:Correct max uvd handles drm/amdgpu: fix KV harvesting drm/radeon: fix KV harvesting drm/amdgpu: Notify sbios device ready before send request drm/amdgpu: used cached pcie gen info for SI (v2) drm/amd/powerplay: fix power over limit on Fiji drm/radeon: insist on 32-bit DMA for Cedar on PPC64/PPC64LE Revert "drm/radeon/pm: autoswitch power state when in balanced mode" drm/amd/powerplay/vega10: allow mclk switching with no displays drm/amd/powerplay/smu7: allow mclk switching with no displays drm/nouveau: prefer XBGR2101010 for addfb ioctl drm/amdgpu: Fix deadlock on runtime suspend drm/radeon: Fix deadlock on runtime suspend drm/nouveau: Fix deadlock on runtime suspend drm: Allow determining if current task is output poll worker workqueue: Allow retrieval of current task's work struct drm/i915: Always call to intel_display_set_init_power() in resume_early. scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS scsi: core: Avoid that ATA error handling can trigger a kernel hang or oops drm/i915/perf: fix perf stream opening lock drm/i915: Try EDID bitbanging on HDMI after failed read drm/i915: Update watermark state correctly in sanitize_watermarks drm/i915: Disable DC states around GMBUS on GLK drm/i915: Clear the in-use marker on execbuf failure drm/i915: Fix rsvd2 mask when out-fence is returned regulator: stm32-vrefbuf: fix check on ready flag net/smc: fix NULL pointer dereference on sock_create_kern() error path IB/uverbs: Improve lockdep_check RDMA/mlx5: Fix integer overflow while resizing CQ RDMA/ucma: Check that user doesn't overflow QP state RDMA/ucma: Limit possible option size NFS: Fix unstable write completion pNFS: Prevent the layout header refcount going to zero in pnfs_roc() NFS: Fix an incorrect type in struct nfs_direct_req scsi: qla2xxx: Fix memory leak in dual/target mode scsi: qla2xxx: Fix system crash in qlt_plogi_ack_unref scsi: qla2xxx: Remove aborting ELS IOCB call issued as part of timeout. scsi: qla2xxx: Defer processing of GS IOCB calls scsi: qla2xxx: Clear loop id after delete scsi: qla2xxx: Fix scan state field for fcport scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport scsi: qla2xxx: Fix abort command deadlock due to spinlock scsi: qla2xxx: Fix PRLI state check scsi: qla2xxx: Fix Relogin being triggered too fast scsi: qla2xxx: Fix NPIV host cleanup in target mode scsi: qla2xxx: Fix login state machine stuck at GPDB scsi: qla2xxx: Serialize GPNID for multiple RSCN scsi: qla2xxx: Retry switch command on time out scsi: qla2xxx: Fix re-login for Nport Handle in use scsi: qla2xxx: Skip IRQ affinity for Target QPairs scsi: qla2xxx: Move session delete to driver work queue scsi: qla2xxx: Fix gpnid error processing scsi: qla2xxx: Fix system crash for Notify ack timeout handling tpm: only attempt to disable the LPC CLKRUN if is already enabled tpm: remove unused variables tpm: delete the TPM_TIS_CLK_ENABLE flag tpm: Keep CLKRUN enabled throughout the duration of transmit_cmd() tpm_tis: Move ilb_base_addr to tpm_tis_data netfilter: use skb_to_full_sk in ip6_route_me_harder netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt netfilter: bridge: ebt_among: add missing match size checks netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets netfilter: IDLETIMER: be syzkaller friendly netfilter: nat: cope with negative port range netfilter: x_tables: fix missing timer initialization in xt_LED netfilter: xt_hashlimit: fix lock imbalance netfilter: ipt_CLUSTERIP: fix a race condition of proc file creation netfilter: add back stackpointer size checks ASoC: Intel: kbl: fix jack name ASoC: Intel: Skylake: Fix jack name format substitution ARM: omap2: hide omap3_save_secure_ram on non-OMAP3 builds watchdog: hpwdt: Remove legacy NMI sourcing. watchdog: hpwdt: fix unused variable warning watchdog: hpwdt: Check source of NMI watchdog: hpwdt: SMBIOS check kbuild: move "_all" target out of $(KBUILD_SRC) conditional FROMLIST: f2fs: don't put dentry page in pagecache into highmem Conflicts: Makefile Change-Id: I9c0acaa8aea9f4986bf01898de8d4be4658c64ce Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
df0daba830 |
This is the 4.14.27 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlqqQuAACgkQONu9yGCS aT5HWQ/+JN9PWuHl/QWq7WbwoXu6Y8tqXFmuw2v/jViWJyKyBPD9lh3KcZ+wEYYk Vd8IIImgDsMjvaQ1/dzFSfUrFe3JsSDlVvdFSpmjAoFTpYCsQM2FUz/b4o/D/l9S AO3OifGW//yqt6a5YdI+5Q7vHMsUiLstfQl/vPy1RC8uvq5JSGwnTRIF0oI+PvG9 X79pUxCirkPoLrvK2ruBdsRY+zTzGlSm+OPv7u93M6ZEugDPoQaWxYfHZbyKihtV 30lV1tkl+zwAeW8m51IrftQPxq58CHWFlb2g+UdainrCu3XkSQODgonPudyBcgIt oU4pTK6EEh9ntGmF8gI3lPLFb41lD9j3UsYP5BWf9BLV8t5ryUox4yEoJXXWv4cP +/UsK7cNaBSdT6TtQHOwKhkx7vUQ0+J8nqRJvkfkfQYwv+1jfQqz1Kl9fplu1Pgt t/LuuL4C4n8eMKwWunspd0SXdIqhZpkwZ/ECWulLQ4yeQMWeitObtN/dA71bBkLu U9u7djLgztLIeKPAHyrxGEZMhwP1kNiRrMJKNZhugPtx0IhoIDvNvdXvxIE2izbP Xm+MMxoQ05kIrL+DqnJH9FJSx2TTej5B1p4NIexxZ0YSaW+UPk1u2AVz2PAU+G2K CLLuD7lfsya4Zu64ZJKXTf5KFwkeHQqXKI6w8lYxz188+p70ghk= =2ZQa -----END PGP SIGNATURE----- Merge 4.14.27 into android-4.14 Changes in 4.14.27 kbuild: move "_all" target out of $(KBUILD_SRC) conditional watchdog: hpwdt: SMBIOS check watchdog: hpwdt: Check source of NMI watchdog: hpwdt: fix unused variable warning watchdog: hpwdt: Remove legacy NMI sourcing. ARM: omap2: hide omap3_save_secure_ram on non-OMAP3 builds ASoC: Intel: Skylake: Fix jack name format substitution ASoC: Intel: kbl: fix jack name netfilter: add back stackpointer size checks netfilter: ipt_CLUSTERIP: fix a race condition of proc file creation netfilter: xt_hashlimit: fix lock imbalance netfilter: x_tables: fix missing timer initialization in xt_LED netfilter: nat: cope with negative port range netfilter: IDLETIMER: be syzkaller friendly netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets netfilter: bridge: ebt_among: add missing match size checks netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt netfilter: use skb_to_full_sk in ip6_route_me_harder tpm_tis: Move ilb_base_addr to tpm_tis_data tpm: Keep CLKRUN enabled throughout the duration of transmit_cmd() tpm: delete the TPM_TIS_CLK_ENABLE flag tpm: remove unused variables tpm: only attempt to disable the LPC CLKRUN if is already enabled scsi: qla2xxx: Fix system crash for Notify ack timeout handling scsi: qla2xxx: Fix gpnid error processing scsi: qla2xxx: Move session delete to driver work queue scsi: qla2xxx: Skip IRQ affinity for Target QPairs scsi: qla2xxx: Fix re-login for Nport Handle in use scsi: qla2xxx: Retry switch command on time out scsi: qla2xxx: Serialize GPNID for multiple RSCN scsi: qla2xxx: Fix login state machine stuck at GPDB scsi: qla2xxx: Fix NPIV host cleanup in target mode scsi: qla2xxx: Fix Relogin being triggered too fast scsi: qla2xxx: Fix PRLI state check scsi: qla2xxx: Fix abort command deadlock due to spinlock scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport scsi: qla2xxx: Fix scan state field for fcport scsi: qla2xxx: Clear loop id after delete scsi: qla2xxx: Defer processing of GS IOCB calls scsi: qla2xxx: Remove aborting ELS IOCB call issued as part of timeout. scsi: qla2xxx: Fix system crash in qlt_plogi_ack_unref scsi: qla2xxx: Fix memory leak in dual/target mode NFS: Fix an incorrect type in struct nfs_direct_req pNFS: Prevent the layout header refcount going to zero in pnfs_roc() NFS: Fix unstable write completion RDMA/ucma: Limit possible option size RDMA/ucma: Check that user doesn't overflow QP state RDMA/mlx5: Fix integer overflow while resizing CQ IB/uverbs: Improve lockdep_check net/smc: fix NULL pointer dereference on sock_create_kern() error path regulator: stm32-vrefbuf: fix check on ready flag drm/i915: Fix rsvd2 mask when out-fence is returned drm/i915: Clear the in-use marker on execbuf failure drm/i915: Disable DC states around GMBUS on GLK drm/i915: Update watermark state correctly in sanitize_watermarks drm/i915: Try EDID bitbanging on HDMI after failed read drm/i915/perf: fix perf stream opening lock scsi: core: Avoid that ATA error handling can trigger a kernel hang or oops scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS drm/i915: Always call to intel_display_set_init_power() in resume_early. workqueue: Allow retrieval of current task's work struct drm: Allow determining if current task is output poll worker drm/nouveau: Fix deadlock on runtime suspend drm/radeon: Fix deadlock on runtime suspend drm/amdgpu: Fix deadlock on runtime suspend drm/nouveau: prefer XBGR2101010 for addfb ioctl drm/amd/powerplay/smu7: allow mclk switching with no displays drm/amd/powerplay/vega10: allow mclk switching with no displays Revert "drm/radeon/pm: autoswitch power state when in balanced mode" drm/radeon: insist on 32-bit DMA for Cedar on PPC64/PPC64LE drm/amd/powerplay: fix power over limit on Fiji drm/amdgpu: used cached pcie gen info for SI (v2) drm/amdgpu: Notify sbios device ready before send request drm/radeon: fix KV harvesting drm/amdgpu: fix KV harvesting drm/amdgpu:Correct max uvd handles drm/amdgpu:Always save uvd vcpu_bo in VM Mode MIPS: BMIPS: Do not mask IPIs during suspend MIPS: ath25: Check for kzalloc allocation failure MIPS: OCTEON: irq: Check for null return on kzalloc allocation PCI: dwc: Fix enumeration end when reaching root subordinate Input: matrix_keypad - fix race when disabling interrupts lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() mm/memblock.c: hardcode the end_pfn being -1 Documentation/sphinx: Fix Directive import error loop: Fix lost writes caused by missing flag virtio_ring: fix num_free handling in error case KVM: s390: fix memory overwrites when not using SCA entries arm64: mm: fix thinko in non-global page table attribute check IB/core: Fix missing RDMA cgroups release in case of failure to register device kbuild: Handle builtin dtb file names containing hyphens dm bufio: avoid false-positive Wmaybe-uninitialized warning IB/mlx5: Fix incorrect size of klms in the memory region bcache: fix crashes in duplicate cache device register bcache: don't attach backing with duplicate UUID x86/MCE: Save microcode revision in machine check records x86/MCE: Serialize sysfs changes perf tools: Fix trigger class trigger_on() x86/spectre_v2: Don't check microcode versions when running under hypervisors ALSA: hda/realtek - Add support headset mode for DELL WYSE ALSA: hda/realtek - Add headset mode support for Dell laptop ALSA: hda/realtek: Limit mic boost on T480 ALSA: hda/realtek - Fix dock line-out volume on Dell Precision 7520 ALSA: hda/realtek - Make dock sound work on ThinkPad L570 ALSA: seq: Don't allow resizing pool in use ALSA: seq: More protection for concurrent write and ioctl races ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines ALSA: hda: add dock and led support for HP EliteBook 820 G3 ALSA: hda: add dock and led support for HP ProBook 640 G2 scsi: qla2xxx: Fix NULL pointer crash due to probe failure scsi: qla2xxx: Fix recursion while sending terminate exchange dt-bindings: Document mti,mips-cpc binding MIPS: CPC: Map registers using DT in mips_cpc_default_phys_base() nospec: Kill array_index_nospec_mask_check() nospec: Include <asm/barrier.h> dependency x86/entry: Reduce the code footprint of the 'idtentry' macro x86/entry/64: Use 'xorl' for faster register clearing x86/mm: Remove stale comment about KMEMCHECK x86/asm: Improve how GEN_*_SUFFIXED_RMWcc() specify clobbers x86/LDT: Avoid warning in 32-bit builds with older gcc x86-64/realmode: Add instruction suffix Revert "x86/retpoline: Simplify vmexit_fill_RSB()" x86/speculation: Use IBRS if available before calling into firmware x86/retpoline: Support retpoline builds with Clang x86/speculation, objtool: Annotate indirect calls/jumps for objtool x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP x86/paravirt, objtool: Annotate indirect calls x86/boot, objtool: Annotate indirect jump in secondary_startup_64() x86/mm/sme, objtool: Annotate indirect call in sme_encrypt_execute() objtool: Use existing global variables for options objtool: Add retpoline validation kbuild: re-order the code to not parse unnecessary variables kbuild: Set KBUILD_CFLAGS before incl. arch Makefile kbuild: move cc-option and cc-disable-warning after incl. arch Makefile objtool: Add module specific retpoline rules objtool, retpolines: Integrate objtool with retpoline support more closely objtool: Fix another switch table detection issue objtool: Fix 32-bit build x86/kprobes: Fix kernel crash when probing .entry_trampoline code Linux 4.14.27 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Trond Myklebust
|
7b7574e9b2 |
NFS: Fix unstable write completion
commit c4f24df942a181699c5bab01b8e5e82b925f77f3 upstream.
We do want to respect the FLUSH_SYNC argument to nfs_commit_inode() to
ensure that all outstanding COMMIT requests to the inode in question are
complete. Currently we may exit early from both nfs_commit_inode() and
nfs_write_inode() even if there are COMMIT requests in flight, or unstable
writes on the commit list.
In order to get the right semantics w.r.t. sync_inode(), we don't need
to have nfs_commit_inode() reset the inode dirty flags when called from
nfs_wb_page() and/or nfs_wb_all(). We just need to ensure that
nfs_write_inode() leaves them in the right state if there are outstanding
commits, or stable pages.
Reported-by: Scott Mayhew <smayhew@redhat.com>
Fixes: dc4fd9ab01ab ("nfs: don't wait on commit in nfs_commit_inode()...")
Cc: stable@vger.kernel.org # v4.14+
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Trond Myklebust
|
e131a6d68c |
pNFS: Prevent the layout header refcount going to zero in pnfs_roc()
commit 9c6376ebddad585da4238532dd6d90ae23ffee67 upstream. Ensure that we hold a reference to the layout header when processing the pNFS return-on-close so that the refcount value does not inadvertently go to zero. Reported-by: Tigran Mkrtchyan <tigran.mkrtchyan@desy.de> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com> Cc: stable@vger.kernel.org # v4.10+ Tested-by: Tigran Mkrtchyan <tigran.mkrtchyan@desy.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Trond Myklebust
|
2bca2c58d8 |
NFS: Fix an incorrect type in struct nfs_direct_req
commit d9ee65539d3eabd9ade46cca1780e3309ad0f907 upstream.
The start offset needs to be of type loff_t.
Fixed: 5fadeb47dcc5c ("nfs: count DIO good bytes correctly with mirroring")
Cc: stable@vger.kernel.org # v4.0+
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Yunlong Song
|
e9931e76ec |
FROMLIST: f2fs: don't put dentry page in pagecache into highmem
Cherry-pick from origin/upstream-f2fs-stable-linux-4.14.y:
88406d1edeee ("f2fs: don't put dentry page in pagecache into highmem")
Previous dentry page uses highmem, which will cause panic in platforms
using highmem (such as arm), since the address space of dentry pages
from highmem directly goes into the decryption path via the function
fscrypt_fname_disk_to_usr. But sg_init_one assumes the address is not
from highmem, and then cause panic since it doesn't call kmap_high but
kunmap_high is triggered at the end. To fix this problem in a simple
way, this patch avoids to put dentry page in pagecache into highmem.
Change-Id: I4982f527bd054176bf21d72a426e08cf2b985b0c
Signed-off-by: Yunlong Song <yunlong.song@huawei.com>
Reviewed-by: Chao Yu <yuchao0@huawei.com>
[Jaegeuk Kim: fix coding style]
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
|
||
|
Isaac J. Manjarres
|
40324f8696 |
Merge remote-tracking branch 'remotes/origin/tmp-4576e0e' into msm-4.14
* remotes/origin/tmp-4576e0e:
Linux 4.14.26
KVM: x86: fix backward migration with async_PF
bpf, ppc64: fix out of bounds access in tail call
bpf: allow xadd only on aligned memory
bpf: add schedule points in percpu arrays management
bpf, arm64: fix out of bounds access in tail call
bpf, x64: implement retpoline for tail call
bpf: fix rcu lockdep warning for lpm_trie map_free callback
bpf: fix memory leak in lpm_trie map_free callback function
bpf: fix mlock precharge on arraymaps
Linux 4.14.25
nvme-rdma: don't suppress send completions
md: only allow remove_and_add_spares when no sync_thread running.
ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
ARM: dts: LogicPD SOM-LV: Fix I2C1 pinmux
ACPI / bus: Parse tables as term_list for Dell XPS 9570 and Precision M5530
KVM/x86: remove WARN_ON() for when vm_munmap() fails
KVM/x86: Fix wrong macro references of X86_CR0_PG_BIT and X86_CR4_PAE_BIT in kvm_valid_sregs()
PCI/ASPM: Deal with missing root ports in link state handling
KVM: x86: fix vcpu initialization with userspace lapic
KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely()
KVM: x86: move LAPIC initialization after VMCS creation
KVM/x86: Remove indirect MSR op calls from SPEC_CTRL
KVM: mmu: Fix overlap between public and private memslots
KVM: X86: Fix SMRAM accessing even if VM is shutdown
KVM: x86: extend usage of RET_MMIO_PF_* constants
ARM: kvm: fix building with gcc-8
ARM: mvebu: Fix broken PL310_ERRATA_753970 selects
ARM: dts: rockchip: Remove 1.8 GHz operation point from phycore som
ARM: orion: fix orion_ge00_switch_board_info initialization
x86/mm: Fix {pmd,pud}_{set,clear}_flags()
nospec: Allow index argument to have const-qualified type
KVM: s390: consider epoch index on TOD clock syncs
KVM: s390: consider epoch index on hotplugged CPUs
KVM: s390: provide only a single function for setting the tod (fix SCK)
KVM: s390: take care of clock-comparator sign control
EDAC, sb_edac: Fix out of bound writes during DIMM configuration on KNL
media: m88ds3103: don't call a non-initalized function
blk-mq: don't call io sched's .requeue_request when requeueing rq to ->dispatch
s390/qeth: fix IPA command submission race
s390/qeth: fix IP address lookup for L3 devices
Revert "s390/qeth: fix using of ref counter for rxip addresses"
s390/qeth: fix double-free on IP add/remove race
s390/qeth: fix IP removal on offline cards
s390/qeth: fix overestimated count of buffer elements
s390/qeth: fix SETIP command handling
s390/qeth: fix underestimated count of buffer elements
virtio-net: disable NAPI only when enabled during XDP set
tuntap: disable preemption during XDP processing
tuntap: correctly add the missing XDP flush
tcp: purge write queue upon RST
netlink: put module reference if dump start fails
mlxsw: spectrum_router: Do not unconditionally clear route offload indication
cls_u32: fix use after free in u32_destroy_key()
amd-xgbe: Restore PCI interrupt enablement setting on resume
net/mlx5e: Verify inline header size do not exceed SKB linear size
bridge: Fix VLAN reference count problem
sctp: fix dst refcnt leak in sctp_v6_get_dst()
net: ipv4: Set addr_type in hash_keys for forwarded case
mlxsw: spectrum_router: Fix error path in mlxsw_sp_vr_create
tcp: revert F-RTO extension to detect more spurious timeouts
tcp: revert F-RTO middle-box workaround
sctp: do not pr_err for the duplicated node in transport rhlist
net/sched: cls_u32: fix cls_u32 on filter replace
net_sched: gen_estimator: fix broken estimators based on percpu stats
net/mlx5e: Fix loopback self test when GRO is off
doc: Change the min default value of tcp_wmem/tcp_rmem.
tcp_bbr: better deal with suboptimal GSO
rxrpc: Fix send in rxrpc_send_data_packet()
tcp: Honor the eor bit in tcp_mtu_probe
net: phy: fix phy_start to consider PHY_IGNORE_INTERRUPT
net/mlx5e: Specify numa node when allocating drop rq
mlxsw: spectrum_switchdev: Check success of FDB add operation
sctp: fix dst refcnt leak in sctp_v4_get_dst
net/mlx5e: Fix TCP checksum in LRO buffers
udplite: fix partial checksum initialization
sctp: verify size of a new chunk in _sctp_make_chunk()
ppp: prevent unregistered channels from connecting to PPP units
net: sched: report if filter is too large to dump
netlink: ensure to loop over all netns in genlmsg_multicast_allns()
net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68
net: fix race on decreasing number of TX queues
net: ethernet: ti: cpsw: fix net watchdog timeout
net: amd-xgbe: fix comparison to bitshift when dealing with a mask
ipv6 sit: work around bogus gcc-8 -Wrestrict warning
hdlc_ppp: carrier detect ok, don't turn off negotiation
fib_semantics: Don't match route with mismatching tclassid
bridge: check brport attr show in brport_show
x86/cpu_entry_area: Sync cpu_entry_area to initial_page_table
x86/platform/intel-mid: Handle Intel Edison reboot correctly
x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
direct-io: Fix sleep in atomic due to sync AIO
dax: fix vma_is_fsdax() helper
cpufreq: s3c24xx: Fix broken s3c_cpufreq_init()
vfio: disable filesystem-dax page pinning
block: kyber: fix domain token leak during requeue
block: fix the count of PGPGOUT for WRITE_SAME
btrfs: use proper endianness accessors for super_copy
parisc: Fix ordering of cache and TLB flushes
parisc: Reduce irq overhead when run in qemu
parisc: Use cr16 interval timers unconditionally on qemu
timers: Forward timer base before migrating timers
mmc: dw_mmc: Fix out-of-bounds access for slot's caps
mmc: dw_mmc: Factor out dw_mci_init_slot_caps
mmc: dw_mmc: Avoid accessing registers in runtime suspended state
mmc: dw_mmc-k3: Fix out-of-bounds access through DT alias
mmc: sdhci-pci: Fix S0i3 for Intel BYT-based controllers
ALSA: hda - Fix pincfg at resume on Lenovo T470 dock
ALSA: hda: Add a power_save blacklist
ALSA: x86: Fix missing spinlock and mutex initializations
ALSA: control: Fix memory corruption risk in snd_ctl_elem_read
ALSA: usb-audio: Add a quirck for B&W PX headphones
tpm_tis_spi: Use DMA-safe memory for SPI transfers
tpm: constify transmit data pointers
tpm_tis: fix potential buffer overruns caused by bit glitches on the bus
tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the bus
tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on the bus
tpm: fix potential buffer overruns caused by bit glitches on the bus
tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the bus
ixgbe: fix crash in build_skb Rx code path
Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
ANDROID: uid_sys_stats: Copy task_struct comm field to bigger buffer
FROMLIST: ARM: amba: Don't read past the end of sysfs "driver_override" buffer
Conflicts:
kernel/time/timer.c
Change-Id: Iab19f552a822c233175e6553faf5c62447844201
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
732ccfad6e |
This is the 4.14.25 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlqiLKAACgkQONu9yGCS
aT6v+BAAqksTfviS5Ar4+si/6RYsj8x8gz0yYiidh2/L09BMa1E6lsNouHxko1/f
kdjmjK/BDcVZcZtNCZk5p0+PYt8sU0IFoSZvAD7+4zsbNnAR4z0O+2LMdengnzuY
d4U1dpKW0rBdRHNhrZLDr4m5VgDm+MMG5glMdg52bDHmP0449yS8pADgFGtgNvRe
Z1pd5XyrUJ4bz7K2qcmlm0IS/Rev3c1m4wtJW15IvdjfwFkhSbj/2t1sQrFeqMFz
Unvg/bIchTSCluRjagbb+fKHV0PhfBMIr2dAb7pobIOSeJsKSix2HGy8ugRy2yLR
ssATVpkLWvmisPQYXQ6gaUixg4hVGryqc3AeuEMc0NWUZyBn5XKVNC4+Uyq/Wv1I
XsvhcyJ0meB4SxnrU5SO9cxJdOmXIgJijNuyFCO5/Qv/WUZGjhQU0RGsixdPx1MU
7KYDFPd0H9aV7zliaWEXuCuH4tsASgfKojQble9OID1/q/8YJIgG5jqkljAcYcXG
AuFmHXHIWim7hB3zc5jq5KxtfA2hbZ3ixWxmV79dL6V8DBeZsTPqPfhizCYAneAU
D3830bIBP1HYPlVdPZV5GWVDEc9H4HHPIRTrXhHc7apQDt3wjqWWShrYyIfDLtnB
eSCN5heTxWpUjHVjyX56v4uoOWPwjrw2MpQRxt1KsX+B8a2HEb4=
=ULMj
-----END PGP SIGNATURE-----
Merge 4.14.25 into android-4.14
Changes in 4.14.25
Bluetooth: btusb: Use DMI matching for QCA reset_resume quirking
ixgbe: fix crash in build_skb Rx code path
tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the bus
tpm: fix potential buffer overruns caused by bit glitches on the bus
tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on the bus
tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the bus
tpm_tis: fix potential buffer overruns caused by bit glitches on the bus
tpm: constify transmit data pointers
tpm_tis_spi: Use DMA-safe memory for SPI transfers
ALSA: usb-audio: Add a quirck for B&W PX headphones
ALSA: control: Fix memory corruption risk in snd_ctl_elem_read
ALSA: x86: Fix missing spinlock and mutex initializations
ALSA: hda: Add a power_save blacklist
ALSA: hda - Fix pincfg at resume on Lenovo T470 dock
mmc: sdhci-pci: Fix S0i3 for Intel BYT-based controllers
mmc: dw_mmc-k3: Fix out-of-bounds access through DT alias
mmc: dw_mmc: Avoid accessing registers in runtime suspended state
mmc: dw_mmc: Factor out dw_mci_init_slot_caps
mmc: dw_mmc: Fix out-of-bounds access for slot's caps
timers: Forward timer base before migrating timers
parisc: Use cr16 interval timers unconditionally on qemu
parisc: Reduce irq overhead when run in qemu
parisc: Fix ordering of cache and TLB flushes
btrfs: use proper endianness accessors for super_copy
block: fix the count of PGPGOUT for WRITE_SAME
block: kyber: fix domain token leak during requeue
vfio: disable filesystem-dax page pinning
cpufreq: s3c24xx: Fix broken s3c_cpufreq_init()
dax: fix vma_is_fsdax() helper
direct-io: Fix sleep in atomic due to sync AIO
x86/xen: Zero MSR_IA32_SPEC_CTRL before suspend
x86/platform/intel-mid: Handle Intel Edison reboot correctly
x86/cpu_entry_area: Sync cpu_entry_area to initial_page_table
bridge: check brport attr show in brport_show
fib_semantics: Don't match route with mismatching tclassid
hdlc_ppp: carrier detect ok, don't turn off negotiation
ipv6 sit: work around bogus gcc-8 -Wrestrict warning
net: amd-xgbe: fix comparison to bitshift when dealing with a mask
net: ethernet: ti: cpsw: fix net watchdog timeout
net: fix race on decreasing number of TX queues
net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68
netlink: ensure to loop over all netns in genlmsg_multicast_allns()
net: sched: report if filter is too large to dump
ppp: prevent unregistered channels from connecting to PPP units
sctp: verify size of a new chunk in _sctp_make_chunk()
udplite: fix partial checksum initialization
net/mlx5e: Fix TCP checksum in LRO buffers
sctp: fix dst refcnt leak in sctp_v4_get_dst
mlxsw: spectrum_switchdev: Check success of FDB add operation
net/mlx5e: Specify numa node when allocating drop rq
net: phy: fix phy_start to consider PHY_IGNORE_INTERRUPT
tcp: Honor the eor bit in tcp_mtu_probe
rxrpc: Fix send in rxrpc_send_data_packet()
tcp_bbr: better deal with suboptimal GSO
doc: Change the min default value of tcp_wmem/tcp_rmem.
net/mlx5e: Fix loopback self test when GRO is off
net_sched: gen_estimator: fix broken estimators based on percpu stats
net/sched: cls_u32: fix cls_u32 on filter replace
sctp: do not pr_err for the duplicated node in transport rhlist
tcp: revert F-RTO middle-box workaround
tcp: revert F-RTO extension to detect more spurious timeouts
mlxsw: spectrum_router: Fix error path in mlxsw_sp_vr_create
net: ipv4: Set addr_type in hash_keys for forwarded case
sctp: fix dst refcnt leak in sctp_v6_get_dst()
bridge: Fix VLAN reference count problem
net/mlx5e: Verify inline header size do not exceed SKB linear size
amd-xgbe: Restore PCI interrupt enablement setting on resume
cls_u32: fix use after free in u32_destroy_key()
mlxsw: spectrum_router: Do not unconditionally clear route offload indication
netlink: put module reference if dump start fails
tcp: purge write queue upon RST
tuntap: correctly add the missing XDP flush
tuntap: disable preemption during XDP processing
virtio-net: disable NAPI only when enabled during XDP set
s390/qeth: fix underestimated count of buffer elements
s390/qeth: fix SETIP command handling
s390/qeth: fix overestimated count of buffer elements
s390/qeth: fix IP removal on offline cards
s390/qeth: fix double-free on IP add/remove race
Revert "s390/qeth: fix using of ref counter for rxip addresses"
s390/qeth: fix IP address lookup for L3 devices
s390/qeth: fix IPA command submission race
blk-mq: don't call io sched's .requeue_request when requeueing rq to ->dispatch
media: m88ds3103: don't call a non-initalized function
EDAC, sb_edac: Fix out of bound writes during DIMM configuration on KNL
KVM: s390: take care of clock-comparator sign control
KVM: s390: provide only a single function for setting the tod (fix SCK)
KVM: s390: consider epoch index on hotplugged CPUs
KVM: s390: consider epoch index on TOD clock syncs
nospec: Allow index argument to have const-qualified type
x86/mm: Fix {pmd,pud}_{set,clear}_flags()
ARM: orion: fix orion_ge00_switch_board_info initialization
ARM: dts: rockchip: Remove 1.8 GHz operation point from phycore som
ARM: mvebu: Fix broken PL310_ERRATA_753970 selects
ARM: kvm: fix building with gcc-8
KVM: x86: extend usage of RET_MMIO_PF_* constants
KVM: X86: Fix SMRAM accessing even if VM is shutdown
KVM: mmu: Fix overlap between public and private memslots
KVM/x86: Remove indirect MSR op calls from SPEC_CTRL
KVM: x86: move LAPIC initialization after VMCS creation
KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely()
KVM: x86: fix vcpu initialization with userspace lapic
PCI/ASPM: Deal with missing root ports in link state handling
KVM/x86: Fix wrong macro references of X86_CR0_PG_BIT and X86_CR4_PAE_BIT in kvm_valid_sregs()
KVM/x86: remove WARN_ON() for when vm_munmap() fails
ACPI / bus: Parse tables as term_list for Dell XPS 9570 and Precision M5530
ARM: dts: LogicPD SOM-LV: Fix I2C1 pinmux
ARM: dts: LogicPD Torpedo: Fix I2C1 pinmux
md: only allow remove_and_add_spares when no sync_thread running.
nvme-rdma: don't suppress send completions
Linux 4.14.25
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Jan Kara
|
93e1f7fc77 |
direct-io: Fix sleep in atomic due to sync AIO
commit d9c10e5b8863cfb6886d1640386455075c6e979d upstream. Commit e864f39569f4 "fs: add RWF_DSYNC aand RWF_SYNC" added additional way for direct IO to become synchronous and thus trigger fsync from the IO completion handler. Then commit 9830f4be159b "fs: Use RWF_* flags for AIO operations" allowed these flags to be set for AIO as well. However that commit forgot to update the condition checking whether the IO completion handling should be defered to a workqueue and thus AIO DIO with RWF_[D]SYNC set will call fsync() from IRQ context resulting in sleep in atomic. Fix the problem by checking directly iocb flags (the same way as it is done in dio_complete()) instead of checking all conditions that could lead to IO being synchronous. CC: Christoph Hellwig <hch@lst.de> CC: Goldwyn Rodrigues <rgoldwyn@suse.com> CC: stable@vger.kernel.org Reported-by: Mark Rutland <mark.rutland@arm.com> Tested-by: Mark Rutland <mark.rutland@arm.com> Fixes: 9830f4be159b29399d107bffb99e0132bc5aedd4 Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: Jens Axboe <axboe@kernel.dk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Anand Jain
|
eae6179f55 |
btrfs: use proper endianness accessors for super_copy
commit 3c181c12c431fe33b669410d663beb9cceefcd1b upstream. The fs_info::super_copy is a byte copy of the on-disk structure and all members must use the accessor macros/functions to obtain the right value. This was missing in update_super_roots and in sysfs readers. Moving between opposite endianness hosts will report bogus numbers in sysfs, and mount may fail as the root will not be restored correctly. If the filesystem is always used on a same endian host, this will not be a problem. Fix this by using the btrfs_set_super...() functions to set fs_info::super_copy values, and for the sysfs, use the cached fs_info::nodesize/sectorsize values. CC: stable@vger.kernel.org Fixes: df93589a17378 ("btrfs: export more from FS_INFO to sysfs") Signed-off-by: Anand Jain <anand.jain@oracle.com> Reviewed-by: Liu Bo <bo.li.liu@oracle.com> Reviewed-by: David Sterba <dsterba@suse.com> [ update changelog ] Signed-off-by: David Sterba <dsterba@suse.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Isaac J. Manjarres
|
07f0d9dd34 |
Merge remote-tracking branch 'remotes/origin/tmp-85ab9a0' into msm-4.14
* remotes/origin/tmp-85ab9a0: Linux 4.14.24 net: sched: fix use-after-free in tcf_block_put_ext net_sched: get rid of rcu_barrier() in tcf_block_put_ext() net: sched: crash on blocks with goto chain action net: sched: fix crash when deleting secondary chains arm64: dts: marvell: mcbin: add comphy references to Ethernet ports arm64: dts: marvell: add comphy nodes on cp110 master and slave powerpc/pseries: Enable RAS hotplug events later MIPS: Implement __multi3 for GCC7 MIPS64r6 builds mlxsw: pci: Wait after reset before accessing HW nfp: always unmask aux interrupts at init of_mdio: avoid MDIO bus removal when a PHY is missing net: gianfar_ptp: move set_fipers() to spinlock protecting area sctp: make use of pre-calculated len sctp: add a ceiling to optlen in some sockopts xen/gntdev: Fix partial gntdev_mmap() cleanup xen/gntdev: Fix off-by-one error when unmapping with holes SolutionEngine771x: fix Ether platform data mdio-sun4i: Fix a memory leak xen-netfront: enable device after manual module load bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine. bnxt_en: Fix population of flow_type in bnxt_hwrm_cfa_flow_alloc() x86/platform/intel-mid: Revert "Make 'bt_sfi_data' const" nvme-fabrics: initialize default host->id in nvmf_host_default() powerpc/pseries: Make RAS IRQ explicitly dependent on DLPAR WQ leds: core: Fix regression caused by commit 2b83ff96f51d bpf: sockmap missing NULL psock check ia64, sched/cputime: Fix build error if CONFIG_VIRT_CPU_ACCOUNTING_NATIVE=y block: drain queue before waiting for q_usage_counter becoming zero wcn36xx: Fix dynamic power saving can: flex_can: Correct the checking for frame length in flexcan_start_xmit() mac80211: mesh: drop frames appearing to be from us nl80211: Check for the required netlink attribute presence net: ena: unmask MSI-X only after device initialization is completed i40e: don't remove netdev->dev_addr when syncing uc list i40e/i40evf: Account for frags split over multiple descriptors in check linearize uapi libc compat: add fallback for unsupported libcs x86/efi: Fix kernel param add_efi_memmap regression RDMA/netlink: Fix locking around __ib_get_device_by_index drm/ttm: check the return value of kzalloc NET: usb: qmi_wwan: add support for YUGA CLM920-NC5 PID 0x9625 e1000: fix disabling already-disabled warning macvlan: Fix one possible double free xfs: quota: check result of register_shrinker() xfs: quota: fix missed destroy of qi_tree_lock IB/ipoib: Fix race condition in neigh creation IB/mlx4: Fix mlx4_ib_alloc_mr error flow Input: xen-kbdfront - do not advertise multi-touch pressure support ip6_tunnel: allow ip6gre dev mtu to be set below 1280 btrfs: Fix flush bio leak s390/dasd: fix wrongly assigned configuration data afs: Fix missing error handling in afs_write_end() genirq: Guard handle_bad_irq log messages IB/mlx5: Fix mlx5_ib_alloc_mr error flow led: core: Fix brightness setting when setting delay_off=0 perf/x86/intel: Plug memory leak in intel_pmu_init() bnx2x: Improve reliability in case of nested PCI errors tg3: Enable PHY reset in MTU change path for 5720 tg3: Add workaround to restrict 5762 MRRS to 2048 tipc: fix tipc_mon_delete() oops in tipc_enable_bearer() error path tipc: error path leak fixes in tipc_enable_bearer() netfilter: nf_tables: fix potential NULL-ptr deref in nf_tables_dump_obj_done() crypto: inside-secure - fix request allocations in invalidation path crypto: inside-secure - free requests even if their handling failed crypto: inside-secure - per request invalidation arm64: dts: renesas: ulcb: Remove renesas, no-ether-link property lib/mpi: Fix umul_ppmm() for MIPS64r6 crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t ARM: dts: ls1021a: fix incorrect clock references RDMA/vmw_pvrdma: Call ib_umem_release on destroy QP path i915: Reject CCS modifiers for pipe C on Geminilake netfilter: uapi: correct UNTRACKED conntrack state bit number scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error netfilter: nf_tables: fix chain filter in nf_tables_dump_rules() xen/balloon: Mark unallocated host memory as UNUSABLE ASoC: rsnd: fixup ADG register mask net/mlx5: Stay in polling mode when command EQ destroy fails net/mlx5: Cleanup IRQs in case of unload failure net/mlx5e: Fix ETS BW check net: stmmac: Fix bad RX timestamp extraction net: stmmac: Fix TX timestamp calculation ip6_tunnel: get the min mtu properly in ip6_tnl_xmit ip6_gre: remove the incorrect mtu limit for ipgre tap ip_gre: remove the incorrect mtu limit for ipgre tap vxlan: update skb dst pmtu on tx path net: arc_emac: fix arc_emac_rx() error paths net: mediatek: setup proper state for disabled GMAC on the default x86-64/Xen: eliminate W+X mappings staging: ion: Fix ion_cma_heap allocations cgroup: Fix deadlock in cpu hotplug path ASoC: nau8825: fix issue that pop noise when start capture spi: atmel: fixed spin_lock usage inside atmel_spi_remove mac80211_hwsim: Fix a possible sleep-in-atomic bug in hwsim_get_radio_nl x86/stacktrace: Make zombie stack traces reliable xfrm: Reinject transport-mode packets through tasklet drm/nouveau/pci: do a msi rearm on init net: phy: xgene: disable clk on error paths sget(): handle failures of register_shrinker() sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege x86/asm: Allow again using asm.h when building for the 'bpf' clang target ARM: 8731/1: Fix csum_partial_copy_from_user() stack mismatch parisc: Reduce thread stack to 16 kb ipv6: icmp6: Allow icmp messages to be looped back mtd: nand: brcmnand: Zero bitflip is not an error mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM net: usb: qmi_wwan: add Telit ME910 PID 0x1101 support net: aquantia: Fix hardware DMA stream overload on large MRRS net: aquantia: Fix actual speed capabilities reporting nvme: check hw sectors before setting chunk sectors nvme-fc: remove double put reference if admin connect fails phy: cpcap-usb: Fix platform_get_irq_byname's error checking. dmaengine: fsl-edma: disable clks on all error paths scsi: aacraid: Fix I/O drop during reset mm/frame_vector.c: release a semaphore in 'get_vaddr_frames()' exec: avoid gcc-8 warning for get_task_comm hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers) Conflicts: drivers/staging/android/ion/Kconfig drivers/staging/android/ion/ion_cma_heap.c Change-Id: I58485dd9ac8092a184c42a8e125e44523221e3ea Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
85ab9a0468 |
This is the 4.14.24 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlqaaf0ACgkQONu9yGCS aT7cDxAAxjZ8e9TGlix7q2wIWSFRfAaWpb4SyZYxP6pYnrdhrHr6IQ+U5ydtiRcz T+zYkpXGMTMdkmKogXITp8FUL9ztkABJ/RyHcYuTdxTSpSUN67KNrVwGbM5NobX/ dPwPkkvUQDh1jyCUsqbYMoGfBSJVH5e7KgsfCtpcnckNzX3R2TOuwRb7aVjpyD63 Nb2tY70o07bjQZ+M3iWM1cHQ5AaMkJcZeML7mc/40AAcDB0pPNr53LKfVjSFrwgK Od5tOHR//XF17Kdi1dtT+XSmHsXcocq4FEp6x4htJPD19uOou5KC31ceXi2k8UEG g6iCRrsijdTrsl0ajyrwvXRWtQFN5fUw6BjA1G1/82FE8Eovxv28VjEHFElS+jX3 gQNDsyeJjQIP7Kpq2tRLmUTtFBGnBW7pcLRR/9jmZJdKsvTGa1BwOUbp9OO2FHip hiijnuqz8gpS9mEilALpAF7QLQk3dX8qLS1HZO3KKnFLxwSJqZhENvdfPZ2Fl7kr 4zavBe7suEyj1+jEt6xqksNOEZh+KAqRIhOZVBry9bvxAG4VCiN6pxEx63uIimMC bN9OFZZACFlao/4MCOggS0M48/tWU15Hep+jstUZ3FarUfrNy4VcRjcrTKdDEPMX Z5kwJEi9p/J0cReQMagJ/Y63aG4lPHTW8wUxOlHcp+e1wi0q+Kc= =h0lU -----END PGP SIGNATURE----- Merge 4.14.24 into android-4.14 Changes in 4.14.24 hrtimer: Ensure POSIX compliance (relative CLOCK_REALTIME hrtimers) exec: avoid gcc-8 warning for get_task_comm mm/frame_vector.c: release a semaphore in 'get_vaddr_frames()' scsi: aacraid: Fix I/O drop during reset dmaengine: fsl-edma: disable clks on all error paths phy: cpcap-usb: Fix platform_get_irq_byname's error checking. nvme-fc: remove double put reference if admin connect fails nvme: check hw sectors before setting chunk sectors net: aquantia: Fix actual speed capabilities reporting net: aquantia: Fix hardware DMA stream overload on large MRRS net: usb: qmi_wwan: add Telit ME910 PID 0x1101 support mtd: nand: gpmi: Fix failure when a erased page has a bitflip at BBM mtd: nand: brcmnand: Zero bitflip is not an error ipv6: icmp6: Allow icmp messages to be looped back parisc: Reduce thread stack to 16 kb ARM: 8731/1: Fix csum_partial_copy_from_user() stack mismatch x86/asm: Allow again using asm.h when building for the 'bpf' clang target sctp: fix the issue that a __u16 variable may overflow in sctp_ulpq_renege sget(): handle failures of register_shrinker() net: phy: xgene: disable clk on error paths drm/nouveau/pci: do a msi rearm on init xfrm: Reinject transport-mode packets through tasklet x86/stacktrace: Make zombie stack traces reliable mac80211_hwsim: Fix a possible sleep-in-atomic bug in hwsim_get_radio_nl spi: atmel: fixed spin_lock usage inside atmel_spi_remove ASoC: nau8825: fix issue that pop noise when start capture cgroup: Fix deadlock in cpu hotplug path staging: ion: Fix ion_cma_heap allocations x86-64/Xen: eliminate W+X mappings net: mediatek: setup proper state for disabled GMAC on the default net: arc_emac: fix arc_emac_rx() error paths vxlan: update skb dst pmtu on tx path ip_gre: remove the incorrect mtu limit for ipgre tap ip6_gre: remove the incorrect mtu limit for ipgre tap ip6_tunnel: get the min mtu properly in ip6_tnl_xmit net: stmmac: Fix TX timestamp calculation net: stmmac: Fix bad RX timestamp extraction net/mlx5e: Fix ETS BW check net/mlx5: Cleanup IRQs in case of unload failure net/mlx5: Stay in polling mode when command EQ destroy fails ASoC: rsnd: fixup ADG register mask xen/balloon: Mark unallocated host memory as UNUSABLE netfilter: nf_tables: fix chain filter in nf_tables_dump_rules() scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error netfilter: uapi: correct UNTRACKED conntrack state bit number i915: Reject CCS modifiers for pipe C on Geminilake RDMA/vmw_pvrdma: Call ib_umem_release on destroy QP path ARM: dts: ls1021a: fix incorrect clock references crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t lib/mpi: Fix umul_ppmm() for MIPS64r6 arm64: dts: renesas: ulcb: Remove renesas, no-ether-link property crypto: inside-secure - per request invalidation crypto: inside-secure - free requests even if their handling failed crypto: inside-secure - fix request allocations in invalidation path netfilter: nf_tables: fix potential NULL-ptr deref in nf_tables_dump_obj_done() tipc: error path leak fixes in tipc_enable_bearer() tipc: fix tipc_mon_delete() oops in tipc_enable_bearer() error path tg3: Add workaround to restrict 5762 MRRS to 2048 tg3: Enable PHY reset in MTU change path for 5720 bnx2x: Improve reliability in case of nested PCI errors perf/x86/intel: Plug memory leak in intel_pmu_init() led: core: Fix brightness setting when setting delay_off=0 IB/mlx5: Fix mlx5_ib_alloc_mr error flow genirq: Guard handle_bad_irq log messages afs: Fix missing error handling in afs_write_end() s390/dasd: fix wrongly assigned configuration data btrfs: Fix flush bio leak ip6_tunnel: allow ip6gre dev mtu to be set below 1280 Input: xen-kbdfront - do not advertise multi-touch pressure support IB/mlx4: Fix mlx4_ib_alloc_mr error flow IB/ipoib: Fix race condition in neigh creation xfs: quota: fix missed destroy of qi_tree_lock xfs: quota: check result of register_shrinker() macvlan: Fix one possible double free e1000: fix disabling already-disabled warning NET: usb: qmi_wwan: add support for YUGA CLM920-NC5 PID 0x9625 drm/ttm: check the return value of kzalloc RDMA/netlink: Fix locking around __ib_get_device_by_index x86/efi: Fix kernel param add_efi_memmap regression uapi libc compat: add fallback for unsupported libcs i40e/i40evf: Account for frags split over multiple descriptors in check linearize i40e: don't remove netdev->dev_addr when syncing uc list net: ena: unmask MSI-X only after device initialization is completed nl80211: Check for the required netlink attribute presence mac80211: mesh: drop frames appearing to be from us can: flex_can: Correct the checking for frame length in flexcan_start_xmit() wcn36xx: Fix dynamic power saving block: drain queue before waiting for q_usage_counter becoming zero ia64, sched/cputime: Fix build error if CONFIG_VIRT_CPU_ACCOUNTING_NATIVE=y bpf: sockmap missing NULL psock check leds: core: Fix regression caused by commit 2b83ff96f51d powerpc/pseries: Make RAS IRQ explicitly dependent on DLPAR WQ nvme-fabrics: initialize default host->id in nvmf_host_default() x86/platform/intel-mid: Revert "Make 'bt_sfi_data' const" bnxt_en: Fix population of flow_type in bnxt_hwrm_cfa_flow_alloc() bnxt_en: Fix the 'Invalid VF' id check in bnxt_vf_ndo_prep routine. xen-netfront: enable device after manual module load mdio-sun4i: Fix a memory leak SolutionEngine771x: fix Ether platform data xen/gntdev: Fix off-by-one error when unmapping with holes xen/gntdev: Fix partial gntdev_mmap() cleanup sctp: add a ceiling to optlen in some sockopts sctp: make use of pre-calculated len net: gianfar_ptp: move set_fipers() to spinlock protecting area of_mdio: avoid MDIO bus removal when a PHY is missing nfp: always unmask aux interrupts at init mlxsw: pci: Wait after reset before accessing HW MIPS: Implement __multi3 for GCC7 MIPS64r6 builds powerpc/pseries: Enable RAS hotplug events later arm64: dts: marvell: add comphy nodes on cp110 master and slave arm64: dts: marvell: mcbin: add comphy references to Ethernet ports net: sched: fix crash when deleting secondary chains net: sched: crash on blocks with goto chain action net_sched: get rid of rcu_barrier() in tcf_block_put_ext() net: sched: fix use-after-free in tcf_block_put_ext Linux 4.14.24 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Aliaksei Karaliou
|
4d3d428c56 |
xfs: quota: check result of register_shrinker()
[ Upstream commit 3a3882ff26fbdbaf5f7e13f6a0bccfbf7121041d ] xfs_qm_init_quotainfo() does not check result of register_shrinker() which was tagged as __must_check recently, reported by sparse. Signed-off-by: Aliaksei Karaliou <akaraliou.dev@gmail.com> [darrick: move xfs_qm_destroy_quotainos nearer xfs_qm_init_quotainos] Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Sasha Levin <alexander.levin@verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Aliaksei Karaliou
|
4def40b2ee |
xfs: quota: fix missed destroy of qi_tree_lock
[ Upstream commit 2196881566225f3c3428d1a5f847a992944daa5b ] xfs_qm_destroy_quotainfo() does not destroy quotainfo->qi_tree_lock while destroys quotainfo->qi_quotaofflock. Signed-off-by: Aliaksei Karaliou <akaraliou.dev@gmail.com> Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Sasha Levin <alexander.levin@verizon.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |