mirror of
https://github.com/rd-stuffs/msm-4.14.git
synced 2025-02-20 11:45:48 +08:00
4595 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Andrey Konovalov
|
746f60f238 |
UPSTREAM: kasan: fix invalid-free test crashing the kernel
Upstream commit 91c93ed07f04f5b32a30321d522d8ca9504745bf. When an invalid-free is triggered by one of the KASAN tests, the object doesn't actually get freed. This later leads to a BUG failure in kmem_cache_destroy that checks that there are no allocated objects in the cache that is being destroyed. Fix this by calling kmem_cache_free with the proper object address after the call that triggers invalid-free. Link: http://lkml.kernel.org/r/286eaefc0a6c3fa9b83b87e7d6dc0fbb5b5c9926.1519924383.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Alexander Potapenko <glider@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Geert Uytterhoeven <geert@linux-m68k.org> Cc: Nick Terrell <terrelln@fb.com> Cc: Chris Mason <clm@fb.com> Cc: Yury Norov <ynorov@caviumnetworks.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: "Luis R . Rodriguez" <mcgrof@kernel.org> Cc: Palmer Dabbelt <palmer@dabbelt.com> Cc: "Paul E . McKenney" <paulmck@linux.vnet.ibm.com> Cc: Jeff Layton <jlayton@redhat.com> Cc: "Jason A . Donenfeld" <Jason@zx2c4.com> Cc: Kostya Serebryany <kcc@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Change-Id: I73c3ae90a54a1fa840636dbf9f6ce3c9ea7f80c3 Bug: 128674696 |
||
Dmitry Vyukov
|
8bb837f698 |
UPSTREAM: kasan: detect invalid frees
Upstream commit b1d5728939ebe01a773a75a72e7161408ec9805e. Detect frees of pointers into middle of heap objects. Link: http://lkml.kernel.org/r/cb569193190356beb018a03bb8d6fbae67e7adbc.1514378558.git.dvyukov@google.com Signed-off-by: Dmitry Vyukov <dvyukov@google.com> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>a Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Change-Id: Ife74864d3465730bdf195155c9747f7a375081da Bug: 128674696 |
||
|
Dmitry Vyukov
|
d80cc7c859 |
UPSTREAM: kasan: detect invalid frees for large objects
Upstream commit 47adccce3e8a31d315f47183ab1185862b2fc5d4. Patch series "kasan: detect invalid frees". KASAN detects double-frees, but does not detect invalid-frees (when a pointer into a middle of heap object is passed to free). We recently had a very unpleasant case in crypto code which freed an inner object inside of a heap allocation. This left unnoticed during free, but totally corrupted heap and later lead to a bunch of random crashes all over kernel code. Detect invalid frees. This patch (of 5): Detect frees of pointers into middle of large heap objects. I dropped const from kasan_kfree_large() because it starts propagating through a bunch of functions in kasan_report.c, slab/slub nearest_obj(), all of their local variables, fixup_red_left(), etc. Link: http://lkml.kernel.org/r/1b45b4fe1d20fc0de1329aab674c1dd973fee723.1514378558.git.dvyukov@google.com Signed-off-by: Dmitry Vyukov <dvyukov@google.com> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com>a Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Change-Id: I9bbb41f6d0eb6bdcd8811a32d22565aac84296ee Bug: 128674696 |
||
Paul Lawrence
|
ff31781e80 |
UPSTREAM: kasan: add tests for alloca poisoning
Upstream commit 00a14294bb33af533f7ac002fb20623fdd8ea0d7. Link: http://lkml.kernel.org/r/20171204191735.132544-5-paullawrence@google.com Signed-off-by: Greg Hackmann <ghackmann@google.com> Signed-off-by: Paul Lawrence <paullawrence@google.com> Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Alexander Potapenko <glider@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Cc: Matthias Kaehlcke <mka@chromium.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Change-Id: Icac3cef4c07f321fa9be6332a5759a32c31edac3 Bug: 128674696 |
||
Andrey Ryabinin
|
bd4d1f46ee |
UPSTREAM: lib/strscpy: Shut up KASAN false-positives in strscpy()
Upstream commit 1a3241ff10d038ecd096d03380327f2a0b5840a6.
strscpy() performs the word-at-a-time optimistic reads. So it may may
access the memory past the end of the object, which is perfectly fine
since strscpy() doesn't use that (past-the-end) data and makes sure the
optimistic read won't cross a page boundary.
Use new read_word_at_a_time() to shut up the KASAN.
Note that this potentially could hide some bugs. In example bellow,
stscpy() will copy more than we should (1-3 extra uninitialized bytes):
char dst[8];
char *src;
src = kmalloc(5, GFP_KERNEL);
memset(src, 0xff, 5);
strscpy(dst, src, 8);
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Change-Id: Iaec12827555f2f64710f7bfe6cc2075cf2a1b346
Bug: 128674696
|
||
Greg Kroah-Hartman
|
86281ad1a4 |
This is the 4.14.133 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl0lmcMACgkQONu9yGCS
aT5mWw/8D+Dm4ZnoimKHY+I1lEMPrRrPIODEIAL8ttN7NoMccXgWNtNyS++uNaU1
Ht6TAIDQHWi1Q2ofDYnfhj6cOL3jSSL3I38gjwB/RUx9vbX+w0O12U0kRA8yTPcQ
ZXJnMA1He8nX4d1ZY0R3deyB/FFn6AR1hIGE5slgi5dDW5yfgTWVeMkMOaGEk5h3
5+Qmj7duhBSaUZEjOykJaHGvLniLBSsxIIVvSbNNxOVQVEsGCRb7EBX9SL3mINXl
U0WFux2+lGAhXoEPOlPC/lUkd+wud8PhriHOBgA1soqHpbgM6JNsdGwj+CHzlw+J
lMKJoJObi7A2xMvADITv1Dy426ukNy2MDNq+DLkv37mssoltZ+SNk5kw0g+PB8pq
xJs3hrkc9KAqIbYUUpTEwU1rMWmFkaT8APwSyEhPJtcbLG6gwrJLidE+QF8qJc1X
ICDc8MiNqPGWCoIgTn++PteQN+FP5jBMTOItkNWYvm6zQdx8MRoyVK9g+9JvF9ga
Px414So9pS1dszl7iz6eMYXLdFJ8VWYJOgjylausOT28ThZ5L2V6++NmTSgCUUwc
IMVBnKJNlG7rSsmjiSwBvYflqiXRBc3k99xA2IgzyMuQGDnY4Esd59w6rI7I6C5Q
l9ja1HDi+Uq4lE+dZp07gLs4QVwDuFSf1vQn+uDCjFObFf/uSL0=
=hX0C
-----END PGP SIGNATURE-----
Merge 4.14.133 into android-4.14
Changes in 4.14.133
Bluetooth: Fix faulty expression for minimum encryption key size check
ASoC : cs4265 : readable register too low
ASoC: soc-pcm: BE dai needs prepare when pause release after resume
spi: bitbang: Fix NULL pointer dereference in spi_unregister_master
drm/mediatek: fix unbind functions
drm/mediatek: call drm_atomic_helper_shutdown() when unbinding driver
drm/mediatek: call mtk_dsi_stop() after mtk_drm_crtc_atomic_disable()
ASoC: max98090: remove 24-bit format support if RJ is 0
ASoC: sun4i-i2s: Fix sun8i tx channel offset mask
ASoC: sun4i-i2s: Add offset to RX channel select
usb: gadget: fusb300_udc: Fix memory leak of fusb300->ep[i]
usb: gadget: udc: lpc32xx: allocate descriptor with GFP_ATOMIC
SoC: rt274: Fix internal jack assignment in set_jack callback
scsi: hpsa: correct ioaccel2 chaining
platform/x86: mlx-platform: Fix parent device in i2c-mux-reg device registration
cpuset: restore sanity to cpuset_cpus_allowed_fallback()
scripts/decode_stacktrace.sh: prefix addr2line with $CROSS_COMPILE
mm/mlock.c: change count_mm_mlocked_page_nr return type
module: Fix livepatch/ftrace module text permissions race
ftrace: Fix NULL pointer dereference in free_ftrace_func_mapper()
MIPS: netlogic: xlr: Remove erroneous check in nlm_fmn_send()
drm/i915/dmc: protect against reading random memory
ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME
crypto: user - prevent operating on larval algorithms
crypto: cryptd - Fix skcipher instance memory leak
ALSA: seq: fix incorrect order of dest_client/dest_ports arguments
ALSA: firewire-lib/fireworks: fix miss detection of received MIDI messages
ALSA: line6: Fix write on zero-sized buffer
ALSA: usb-audio: fix sign unintended sign extension on left shifts
ALSA: hda/realtek - Change front mic location for Lenovo M710q
lib/mpi: Fix karactx leak in mpi_powm
tracing/snapshot: Resize spare buffer if size changed
arm64: kaslr: keep modules inside module region when KASAN is enabled
drm/amdgpu/gfx9: use reset default for PA_SC_FIFO_SIZE
drm/imx: notify drm core before sending event during crtc disable
drm/imx: only send event on crtc disable if kept disabled
ftrace/x86: Remove possible deadlock between register_kprobe() and ftrace_run_update_code()
mm/vmscan.c: prevent useless kswapd loops
btrfs: Ensure replaced device doesn't have pending chunk allocation
vhost-net: set packet weight of tx polling to 2 * vq size
vhost_net: use packet weight for rx handler, too
vhost_net: introduce vhost_exceeds_weight()
vhost: introduce vhost_exceeds_weight()
vhost_net: fix possible infinite loop
vhost: vsock: add weight support
vhost: scsi: add weight support
tty: rocket: fix incorrect forward declaration of 'rp_init()'
ARC: handle gcc generated __builtin_trap for older compiler
KVM: x86: degrade WARN to pr_warn_ratelimited
KVM: LAPIC: Fix pending interrupt in IRR blocked by software disable LAPIC
svcrdma: Ignore source port when computing DRC hash
MIPS: Fix bounds check virt_addr_valid
MIPS: Add missing EHB in mtc0 -> mfc0 sequence.
dmaengine: imx-sdma: remove BD_INTR for channel0
stable/btrfs: fix backport bug in d819d97ea025 ("btrfs: honor path->skip_locking in backref code")
Linux 4.14.133
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Herbert Xu
|
9fbe87fc25 |
lib/mpi: Fix karactx leak in mpi_powm
commit c8ea9fce2baf7b643384f36f29e4194fa40d33a6 upstream. Sometimes mpi_powm will leak karactx because a memory allocation failure causes a bail-out that skips the freeing of karactx. This patch moves the freeing of karactx to the end of the function like everything else so that it can't be skipped. Reported-by: syzbot+f7baccc38dcc1e094e77@syzkaller.appspotmail.com Fixes: cdec9cb5167a ("crypto: GnuPG based MPI lib - source files...") Cc: <stable@vger.kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
dc5b5874e1 |
This is the 4.14.125 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlz/gL8ACgkQONu9yGCS
aT4seg//QP6cbLk/0iW5pvrB3pYigMD8Y0O4z3e0QrJrjOhnFYqQqWx8WYZaIoh8
rx49qfk/wz1ck1sXMa1Uj3X+WUJW0D741DdEva9jVko5aRG80MIX9MxIAOM5xc5c
lg1cJWZVlAdRQK2rp6unddRgbFlfuBuae+6Gn10TYYDASH/yjKzCC9Kfztn2IViB
Gtydz+QMpSw6713QS+/gmjzHQyrhD9lkmYFQI0kf8DZwswk7NEf8ZU8jcf9JhZRJ
EfzBy2ExglCNJyCufvaO7HNuP0TSEOKF9KY4ScydzpXvbcBNTyljWF64Y8EO6fop
oK0zDTSw3LmwRi9q2yZjsD1JVapvO00To9v8BpPhEazNNpKXicVutl+CqBVTy+4w
kzESY1jnJesRdtEmbVjgfDpwU/K4FM5ATo/SI5zBObtpsuxHjwivsgvtQWy1Ul9a
N3e3yUVtvE9Z42pz5sXGWo5AH70oFdTs8CB93LVfPpDN7nJiyPJci5BZX0kkYI3s
gb/ix8pBdrwYY9xWBbi5Y+6h0iPvMZA4o5+rR6NitzjmAvt8JbWfEB6W8Fd2Q/1g
1XadZkv1BnmuGL3mc4r6j3WsoRiNaCll65OmV7oAyIMqBWDhk7HxozYdPZlAhCJe
QfdQh16h2IBhL44kUEKzp+29AAqofUEw+i4XjGHP1QFuOv9nNTg=
=2ESo
-----END PGP SIGNATURE-----
Merge 4.14.125 into android-4.14
Changes in 4.14.125
ethtool: fix potential userspace buffer overflow
Fix memory leak in sctp_process_init
neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit
net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query
net: rds: fix memory leak in rds_ib_flush_mr_pool
pktgen: do not sleep with the thread lock held.
ipv6: fix EFAULT on sendto with icmpv6 and hdrincl
ipv6: use READ_ONCE() for inet->hdrincl as in ipv4
net: sfp: read eeprom in maximum 16 byte increments
ipv6: fix the check before getting the cookie in rt6_get_cookie
Revert "fib_rules: fix error in backport of e9919a24d302 ("fib_rules: return 0...")"
Revert "fib_rules: return 0 directly if an exactly same rule exists when NLM_F_EXCL not supplied"
rcu: locking and unlocking need to always be at least barriers
parisc: Use implicit space register selection for loading the coherence index of I/O pdirs
fuse: fallocate: fix return with locked inode
pstore: Remove needless lock during console writes
pstore: Convert buf_lock to semaphore
pstore/ram: Run without kernel crash dump region
x86/power: Fix 'nosmt' vs hibernation triple fault during resume
i2c: xiic: Add max_read_len quirk
MIPS: Bounds check virt_addr_valid
MIPS: pistachio: Build uImage.gz by default
Revert "MIPS: perf: ath79: Fix perfcount IRQ assignment"
genwqe: Prevent an integer overflow in the ioctl
test_firmware: Use correct snprintf() limit
drm/gma500/cdv: Check vbt config bits when detecting lvds panels
drm/nouveau: add kconfig option to turn off nouveau legacy contexts. (v3)
drm/amdgpu/psp: move psp version specific function pointers to early_init
drm/radeon: prefer lower reference dividers
drm/i915: Fix I915_EXEC_RING_MASK
drm/i915/fbc: disable framebuffer compression on GeminiLake
TTY: serial_core, add ->install
qmi_wwan: Add quirk for Quectel dynamic config
fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock
fuse: Add FOPEN_STREAM to use stream_open()
ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled
ethtool: check the return value of get_regs_len
Linux 4.14.125
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Dan Carpenter
|
2418da0204 |
test_firmware: Use correct snprintf() limit
commit bd17cc5a20ae9aaa3ed775f360b75ff93cd66a1d upstream.
The limit here is supposed to be how much of the page is left, but it's
just using PAGE_SIZE as the limit.
The other thing to remember is that snprintf() returns the number of
bytes which would have been copied if we had had enough room. So that
means that if we run out of space then this code would end up passing a
negative value as the limit and the kernel would print an error message.
I have change the code to use scnprintf() which returns the number of
bytes that were successfully printed (not counting the NUL terminator).
Fixes: c92316bf8e94 ("test_firmware: add batched firmware tests")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
acd501fffb |
This is the 4.14.123 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzxMHgACgkQONu9yGCS aT5I0w/+OblFNqCut1rrLwYKOTuF0Xwt6/V6+be+I9r35OyF/ZVm5mLzNfS6GFFO 1l6ZAhHrRzmRZr6nwkmQcrE3miP66PEePRMYTMs38Baz9TW38hA+bEcKvNmNM7Em Y90KPTd4iktHkrw83MPUIucc/F3o3+SaIC/L/uPmQzJc4odRRZZP7qRCIVTwGC5Z 8oxFKBxEUJ6uUmyF1UrCg5TdSmttW2679C6kBFMO2leLmY9nNYjYIwZ8SxRI2OJp CgDDhAF3JgwYRJq9lPtR6+HakB+RhR/YMhcaC3+sjGmryII90D7kBzeL3ozRbI/f MwGI1IsVgl7Qkk/hxaXZACjiUuHPUOu++biAQl2HMlUQ6VkHt8z+yZzxRQg4tOUU W/1LPvSx2MzRNhqn1IxaEcI20qwtVl07U40swN0VU7s7nlwt9Gz0XZRVxzQpY8Fl c1/zzET/4sus8sEMUE6Dbmx7Nyb5Q/KJjt46f8ZeML3/VTeCfdxhlJv0jDjqLPaO QaYf/dTYAWH47MOuIArW6wRmhVDxpQ/b67vfkCe1aOKrXHsjrfwqN8xZkE4yeWTS xj91v7ZlmLhg5lRT0NbCaCK8Ku9stbadcqllWNjAsuWctmsA3+8/GWkjV5hrG/pw DeO5uhtYdOT5B4UeYlP8/rwZYVH1vKwNSelBwKmMjzyYf42VFGg= =6Rms -----END PGP SIGNATURE----- Merge 4.14.123 into android-4.14 Changes in 4.14.123 x86: Hide the int3_emulate_call/jmp functions from UML ext4: do not delete unlinked inode from orphan list on failed truncate f2fs: Fix use of number of devices KVM: x86: fix return value for reserved EFER bio: fix improper use of smp_mb__before_atomic() sbitmap: fix improper use of smp_mb__before_atomic() Revert "scsi: sd: Keep disk read-only when re-reading partition" crypto: vmx - CTR: always increment IV as quadword mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time problem mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem kvm: svm/avic: fix off-by-one in checking host APIC ID libnvdimm/pmem: Bypass CONFIG_HARDENED_USERCOPY overhead libnvdimm/namespace: Fix label tracking error arm64/iommu: handle non-remapped addresses in ->mmap and ->get_sgtable gfs2: Fix sign extension bug in gfs2_update_stats Btrfs: do not abort transaction at btrfs_update_root() after failure to COW path Btrfs: avoid fallback to transaction commit during fsync of files with holes Btrfs: fix race between ranged fsync and writeback of adjacent ranges btrfs: sysfs: Fix error path kobject memory leak btrfs: sysfs: don't leak memory when failing add fsid fbdev: fix divide error in fb_var_to_videomode hugetlb: use same fault hash key for shared and private mappings brcmfmac: assure SSID length from firmware is limited brcmfmac: add subtype check for event handling in data path btrfs: honor path->skip_locking in backref code fbdev: fix WARNING in __alloc_pages_nodemask bug media: cpia2: Fix use-after-free in cpia2_exit media: serial_ir: Fix use-after-free in serial_ir_init_module media: vivid: use vfree() instead of kfree() for dev->bitmap_cap ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit bpf: devmap: fix use-after-free Read in __dev_map_entry_free batman-adv: mcast: fix multicast tt/tvlv worker locking at76c50x-usb: Don't register led_trigger if usb_register_driver failed net: erspan: fix use-after-free Revert "btrfs: Honour FITRIM range constraints during free space trim" gfs2: Fix lru_count going negative cxgb4: Fix error path in cxgb4_init_module NFS: make nfs_match_client killable IB/hfi1: Fix WQ_MEM_RECLAIM warning gfs2: Fix occasional glock use-after-free mmc: core: Verify SD bus width tools/bpf: fix perf build error with uClibc (seen on ARC) dmaengine: tegra210-dma: free dma controller in remove() net: ena: gcc 8: fix compilation warning pinctrl: zte: fix leaked of_node references ASoC: hdmi-codec: unlock the device on startup errors powerpc/perf: Return accordingly on invalid chip-id in powerpc/boot: Fix missing check of lseek() return value ASoC: imx: fix fiq dependencies spi: pxa2xx: fix SCR (divisor) calculation brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() ACPI / property: fix handling of data_nodes in acpi_get_next_subnode() ARM: vdso: Remove dependency with the arch_timer driver internals arm64: Fix compiler warning from pte_unmap() with -Wunused-but-set-variable sched/cpufreq: Fix kobject memleak scsi: qla2xxx: Fix a qla24xx_enable_msix() error path scsi: qla2xxx: Fix abort handling in tcm_qla2xxx_write_pending() scsi: qla2xxx: Avoid that lockdep complains about unsafe locking in tcm_qla2xxx_close_session() Btrfs: fix data bytes_may_use underflow with fallocate due to failed quota reserve btrfs: fix panic during relocation after ENOSPC before writeback happens btrfs: Don't panic when we can't find a root key iwlwifi: pcie: don't crash on invalid RX interrupt rtc: 88pm860x: prevent use-after-free on device remove scsi: qedi: Abort ep termination if offload not scheduled w1: fix the resume command API dmaengine: pl330: _stop: clear interrupt status mac80211/cfg80211: update bss channel on channel switch libbpf: fix samples/bpf build failure due to undefined UINT32_MAX ASoC: fsl_sai: Update is_slave_mode with correct value mwifiex: prevent an array overflow net: cw1200: fix a NULL pointer dereference crypto: sun4i-ss - Fix invalid calculation of hash end bcache: return error immediately in bch_journal_replay() bcache: fix failure in journal relplay bcache: add failure check to run_cache_set() for journal replay bcache: avoid clang -Wunintialized warning vfio-ccw: Do not call flush_workqueue while holding the spinlock vfio-ccw: Release any channel program when releasing/removing vfio-ccw mdev x86/build: Move _etext to actual end of .text smpboot: Place the __percpu annotation correctly x86/mm: Remove in_nmi() warning from 64-bit implementation of vmalloc_fault() mm/uaccess: Use 'unsigned long' to placate UBSAN warnings on older GCC versions HID: logitech-hidpp: use RAP instead of FAP to get the protocol version pinctrl: pistachio: fix leaked of_node references pinctrl: samsung: fix leaked of_node references clk: rockchip: undo several noc and special clocks as critical on rk3288 dmaengine: at_xdmac: remove BUG_ON macro in tasklet media: coda: clear error return value before picture run media: ov6650: Move v4l2_clk_get() to ov6650_video_probe() helper media: au0828: stop video streaming only when last user stops media: ov2659: make S_FMT succeed even if requested format doesn't match audit: fix a memory leak bug media: stm32-dcmi: fix crash when subdev do not expose any formats media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable() media: pvrusb2: Prevent a buffer overflow powerpc/numa: improve control of topology updates powerpc/64: Fix booting large kernels with STRICT_KERNEL_RWX random: add a spinlock_t to struct batched_entropy cgroup: protect cgroup->nr_(dying_)descendants by css_set_lock sched/core: Check quota and period overflow at usec to nsec conversion sched/rt: Check integer overflow at usec to nsec conversion sched/core: Handle overflow in cpu_shares_write_u64 drm/msm: a5xx: fix possible object reference leak USB: core: Don't unbind interfaces following device reset failure x86/irq/64: Limit IST stack overflow check to #DB stack phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode i40e: Able to add up to 16 MAC filters on an untrusted VF i40e: don't allow changes to HW VLAN stripping on active port VLANs arm64: vdso: Fix clock_getres() for CLOCK_REALTIME RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure hwmon: (vt1211) Use request_muxed_region for Super-IO accesses hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses hwmon: (pc87427) Use request_muxed_region for Super-IO accesses hwmon: (f71805f) Use request_muxed_region for Super-IO accesses scsi: libsas: Do discovery on empty PHY to update PHY info mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers mmc_spi: add a status check for spi_sync_locked mmc: sdhci-of-esdhc: add erratum eSDHC5 support mmc: sdhci-of-esdhc: add erratum A-009204 support mmc: sdhci-of-esdhc: add erratum eSDHC-A001 and A-008358 support drm/amdgpu: fix old fence check in amdgpu_fence_emit PM / core: Propagate dev->power.wakeup_path when no callbacks clk: rockchip: Fix video codec clocks on rk3288 extcon: arizona: Disable mic detect if running when driver is removed clk: rockchip: Make rkpwm a critical clock on rk3288 s390: zcrypt: initialize variables before_use x86/microcode: Fix the ancient deprecated microcode loading method s390: cio: fix cio_irb declaration cpufreq: ppc_cbe: fix possible object reference leak cpufreq/pasemi: fix possible object reference leak cpufreq: pmac32: fix possible object reference leak cpufreq: kirkwood: fix possible object reference leak block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR x86/build: Keep local relocations with ld.lld iio: ad_sigma_delta: Properly handle SPI bus locking vs CS assertion iio: hmc5843: fix potential NULL pointer dereferences iio: common: ssp_sensors: Initialize calculated_time in ssp_common_process_data rtlwifi: fix a potential NULL pointer dereference mwifiex: Fix mem leak in mwifiex_tm_cmd brcmfmac: fix missing checks for kmemdup b43: shut up clang -Wuninitialized variable warning brcmfmac: convert dev_init_lock mutex to completion brcmfmac: fix WARNING during USB disconnect in case of unempty psq brcmfmac: fix race during disconnect when USB completion is in progress brcmfmac: fix Oops when bringing up interface during USB disconnect rtc: xgene: fix possible race condition rtlwifi: fix potential NULL pointer dereference scsi: ufs: Fix regulator load and icc-level configuration scsi: ufs: Avoid configuring regulator with undefined voltage range arm64: cpu_ops: fix a leaked reference by adding missing of_node_put x86/uaccess, ftrace: Fix ftrace_likely_update() vs. SMAP x86/uaccess, signal: Fix AC=1 bloat x86/ia32: Fix ia32_restore_sigcontext() AC leak chardev: add additional check for minor range overlap RDMA/hns: Fix bad endianess of port_pd variable HID: core: move Usage Page concatenation to Main item ASoC: eukrea-tlv320: fix a leaked reference by adding missing of_node_put ASoC: fsl_utils: fix a leaked reference by adding missing of_node_put cxgb3/l2t: Fix undefined behaviour HID: logitech-hidpp: change low battery level threshold from 31 to 30 percent spi: tegra114: reset controller on probe kobject: Don't trigger kobject_uevent(KOBJ_REMOVE) twice. media: video-mux: fix null pointer dereferences media: wl128x: prevent two potential buffer overflows scsi: qedf: Add missing return in qedf_post_io_req() in the fcport offload check virtio_console: initialize vtermno value for ports tty: ipwireless: fix missing checks for ioremap x86/mce: Fix machine_check_poll() tests for error types rcutorture: Fix cleanup path for invalid torture_type strings rcuperf: Fix cleanup path for invalid perf_type strings usb: core: Add PM runtime calls to usb_hcd_platform_shutdown scsi: qla4xxx: avoid freeing unallocated dma memory batman-adv: allow updating DAT entry timeouts on incoming ARP Replies dmaengine: tegra210-adma: use devm_clk_*() helpers hwrng: omap - Set default quality thunderbolt: Fix to check for kmemdup failure media: m88ds3103: serialize reset messages in m88ds3103_set_frontend media: vimc: stream: fix thread state before sleep media: go7007: avoid clang frame overflow warning with KASAN media: vimc: zero the media_device on probe scsi: lpfc: Fix FDMI manufacturer attribute value scsi: lpfc: Fix fc4type information for FDMI media: saa7146: avoid high stack usage with clang scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices spi : spi-topcliff-pch: Fix to handle empty DMA buffers spi: rspi: Fix sequencer reset during initialization spi: Fix zero length xfer bug ASoC: davinci-mcasp: Fix clang warning without CONFIG_PM drm/drv: Hold ref on parent device during drm_device lifetime drm: Wake up next in drm_read() chain if we are forced to putback the event vfio-ccw: Prevent quiesce function going into an infinite loop NFS: Fix a double unlock from nfs_match,get_client Linux 4.14.123 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Tetsuo Handa
|
ce4390fb19 |
kobject: Don't trigger kobject_uevent(KOBJ_REMOVE) twice.
[ Upstream commit c03a0fd0b609e2f5c669c2b7f27c8e1928e9196e ]
syzbot is hitting use-after-free bug in uinput module [1]. This is because
kobject_uevent(KOBJ_REMOVE) is called again due to commit 0f4dafc0563c6c49
("Kobject: auto-cleanup on final unref") after memory allocation fault
injection made kobject_uevent(KOBJ_REMOVE) from device_del() from
input_unregister_device() fail, while uinput_destroy_device() is expecting
that kobject_uevent(KOBJ_REMOVE) is not called after device_del() from
input_unregister_device() completed.
That commit intended to catch cases where nobody even attempted to send
"remove" uevents. But there is no guarantee that an event will ultimately
be sent. We are at the point of no return as far as the rest of the kernel
is concerned; there are no repeats or do-overs.
Also, it is not clear whether some subsystem depends on that commit.
If no subsystem depends on that commit, it will be better to remove
the state_{add,remove}_uevent_sent logic. But we don't want to risk
a regression (in a patch which will be backported) by trying to remove
that logic. Therefore, as a first step, let's avoid the use-after-free bug
by making sure that kobject_uevent(KOBJ_REMOVE) won't be triggered twice.
[1] https://syzkaller.appspot.com/bug?id=8b17c134fe938bbddd75a45afaa9e68af43a362d
Reported-by: syzbot <syzbot+f648cfb7e0b52bf7ae32@syzkaller.appspotmail.com>
Analyzed-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Fixes: 0f4dafc0563c6c49 ("Kobject: auto-cleanup on final unref")
Cc: Kay Sievers <kay@vrfy.org>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
Peter Zijlstra
|
a7ab08b7c3 |
mm/uaccess: Use 'unsigned long' to placate UBSAN warnings on older GCC versions
[ Upstream commit 29da93fea3ea39ab9b12270cc6be1b70ef201c9e ] Randy reported objtool triggered on his (GCC-7.4) build: lib/strncpy_from_user.o: warning: objtool: strncpy_from_user()+0x315: call to __ubsan_handle_add_overflow() with UACCESS enabled lib/strnlen_user.o: warning: objtool: strnlen_user()+0x337: call to __ubsan_handle_sub_overflow() with UACCESS enabled This is due to UBSAN generating signed-overflow-UB warnings where it should not. Prior to GCC-8 UBSAN ignored -fwrapv (which the kernel uses through -fno-strict-overflow). Make the functions use 'unsigned long' throughout. Reported-by: Randy Dunlap <rdunlap@infradead.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Acked-by: Randy Dunlap <rdunlap@infradead.org> # build-tested Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: luto@kernel.org Link: http://lkml.kernel.org/r/20190424072208.754094071@infradead.org Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Andrea Parri
|
fce095450b |
sbitmap: fix improper use of smp_mb__before_atomic()
commit a0934fd2b1208458e55fc4b48f55889809fce666 upstream.
This barrier only applies to the read-modify-write operations; in
particular, it does not apply to the atomic_set() primitive.
Replace the barrier with an smp_mb().
Fixes: 6c0ca7ae292ad ("sbitmap: fix wakeup hang after sbq resize")
Cc: stable@vger.kernel.org
Reported-by: "Paul E. McKenney" <paulmck@linux.ibm.com>
Reported-by: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Andrea Parri <andrea.parri@amarulasolutions.com>
Reviewed-by: Ming Lei <ming.lei@redhat.com>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Omar Sandoval <osandov@fb.com>
Cc: Ming Lei <ming.lei@redhat.com>
Cc: linux-block@vger.kernel.org
Cc: "Paul E. McKenney" <paulmck@linux.ibm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
fd9e32a025 |
This is the 4.14.122 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzpbIIACgkQONu9yGCS aT7bGhAAs0CR9GnL3sgl9AlMJ3SHGMnWA+KVt3KCPnIJMMz7QNJrhAUxpg/vBN3l UqOGey7+T4l8KYXzVZyO1Fd9qyQ+qZSr25V/U9FmqboKLxtaG44/R9S8UfhwaWXg RHlWdWc8gwrIcIsXlN+DmDfC3xGvCSC8M2Fh3xXtBR8agK4B06cuCKIFkwBKuOxI zR9WLvGb1Ytletr4ev8yISzEPS8EKPra0Reh6k3cKB8SvVPB5mKfwu7t/7Vqf8/3 HcXvwEXeiz8JTEciWB6ThSNRZ9oWd41jfVAvQb1zLGXaQmAFVve5Q0IOqLkMXIzw RA6p2nsRIGKsZw6LdBz3lmNqOIBgBLS5rmwIUju7BdoVHqVYzBTIz7oEBI0V4xXe XdNexC7IIWGwKcYcWxCIqzSE5JU4dwbYLktZFvqibE7IyslhN2d54Zz/dFycG5YM 6RM1HdEUmJ6lwxXWUCcpCJnObOvhQwCaP5QpCjak/XZvaIJubGhunePOnNbnzUz/ JfWXWEJ+64dv3ZxzqvpZYEb8iBPUMqcavmrIF8lWoKlwcOtnGpWnYzh+kgANw5jF XDij9Riq+9b79fQa0CXKaDik75pNkYucPLTkATBX/mROEHb1mIoxR1Z7Bil6PPiR yUNOfhPBZJ5FcM4eCfTRO3yFuJedfBEyFLnlNtNedM/W8dqu4/0= =3Yy7 -----END PGP SIGNATURE----- Merge 4.14.122 into android-4.14 Changes in 4.14.122 net: avoid weird emergency message net/mlx4_core: Change the error print to info print net: test nouarg before dereferencing zerocopy pointers net: usb: qmi_wwan: add Telit 0x1260 and 0x1261 compositions ppp: deflate: Fix possible crash in deflate_init tipc: switch order of device registration to fix a crash vsock/virtio: free packets during the socket release tipc: fix modprobe tipc failed after switch order of device registration vsock/virtio: Initialize core virtio vsock before registering the driver net: Always descend into dsa/ parisc: Export running_on_qemu symbol for modules parisc: Skip registering LED when running in QEMU parisc: Use PA_ASM_LEVEL in boot code parisc: Rename LEVEL to PA_ASM_LEVEL to avoid name clash with DRBD code stm class: Fix channel free in stm output free path md: add mddev->pers to avoid potential NULL pointer dereference intel_th: msu: Fix single mode with IOMMU p54: drop device reference count if fails to enable device of: fix clang -Wunsequenced for be32_to_cpu() cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level() media: ov6650: Fix sensor possibly not detected on probe Revert "cifs: fix memory leak in SMB2_read" NFS4: Fix v4.0 client state corruption when mount PNFS fallback to MDS if no deviceid found clk: hi3660: Mark clk_gate_ufs_subsys as critical clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider clk: rockchip: fix wrong clock definitions for rk3328 fuse: fix writepages on 32bit fuse: honor RLIMIT_FSIZE in fuse_file_fallocate iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114 ceph: flush dirty inodes before proceeding with remount x86_64: Add gap to int3 to allow for call emulation x86_64: Allow breakpoints to emulate call instructions ftrace/x86_64: Emulate call function while updating in breakpoint handler tracing: Fix partial reading of trace event's id file memory: tegra: Fix integer overflow on tick value calculation perf intel-pt: Fix instructions sampling rate perf intel-pt: Fix improved sample timestamp perf intel-pt: Fix sample timestamp wrt non-taken branches objtool: Allow AR to be overridden with HOSTAR fbdev: sm712fb: fix brightness control on reboot, don't set SR30 fbdev: sm712fb: fix VRAM detection, don't set SR70/71/74/75 fbdev: sm712fb: fix white screen of death on reboot, don't set CR3B-CR3F fbdev: sm712fb: fix boot screen glitch when sm712fb replaces VGA fbdev: sm712fb: fix crashes during framebuffer writes by correctly mapping VRAM fbdev: sm712fb: fix support for 1024x768-16 mode fbdev: sm712fb: use 1024x768 by default on non-MIPS, fix garbled display fbdev: sm712fb: fix crashes and garbled display during DPMS modesetting PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken PCI: Mark Atheros AR9462 to avoid bus reset PCI: Factor out pcie_retrain_link() function PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum dm cache metadata: Fix loading discard bitset dm zoned: Fix zone report handling dm delay: fix a crash when invalid device is specified xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module vti4: ipip tunnel deregistration fixes. esp4: add length check for UDP encapsulation xfrm4: Fix uninitialized memory read in _decode_session4 power: supply: cpcap-battery: Fix division by zero securityfs: fix use-after-free on symlink traversal apparmorfs: fix use-after-free on symlink traversal mac80211: Fix kernel panic due to use of txq after free KVM: arm/arm64: Ensure vcpu target is unset on reset failure power: supply: sysfs: prevent endless uevent loop with CONFIG_POWER_SUPPLY_DEBUG iwlwifi: mvm: check for length correctness in iwl_mvm_create_skb() sched/cpufreq: Fix kobject memleak x86/mm/mem_encrypt: Disable all instrumentation for early SME setup ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour perf bench numa: Add define for RUSAGE_THREAD if not present Revert "Don't jump to compute_result state from check_result state" md/raid: raid5 preserve the writeback action after the parity check driver core: Postpone DMA tear-down until after devres release for probe failure bpf: add map_lookup_elem_sys_only for lookups from syscall side bpf, lru: avoid messing with eviction heuristics upon syscall lookup btrfs: Honour FITRIM range constraints during free space trim fbdev: sm712fb: fix memory frequency by avoiding a switch/case fallthrough Linux 4.14.122 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Gary Hook
|
489e5d8c76 |
x86/mm/mem_encrypt: Disable all instrumentation for early SME setup
[ Upstream commit b51ce3744f115850166f3d6c292b9c8cb849ad4f ]
Enablement of AMD's Secure Memory Encryption feature is determined very
early after start_kernel() is entered. Part of this procedure involves
scanning the command line for the parameter 'mem_encrypt'.
To determine intended state, the function sme_enable() uses library
functions cmdline_find_option() and strncmp(). Their use occurs early
enough such that it cannot be assumed that any instrumentation subsystem
is initialized.
For example, making calls to a KASAN-instrumented function before KASAN
is set up will result in the use of uninitialized memory and a boot
failure.
When AMD's SME support is enabled, conditionally disable instrumentation
of these dependent functions in lib/string.c and arch/x86/lib/cmdline.c.
[ bp: Get rid of intermediary nostackp var and cleanup whitespace. ]
Fixes: aca20d546214 ("x86/mm: Add support to make use of Secure Memory Encryption")
Reported-by: Li RongQing <lirongqing@baidu.com>
Signed-off-by: Gary R Hook <gary.hook@amd.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: Boris Brezillon <bbrezillon@kernel.org>
Cc: Coly Li <colyli@suse.de>
Cc: "dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Kent Overstreet <kent.overstreet@gmail.com>
Cc: "luto@kernel.org" <luto@kernel.org>
Cc: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: "mingo@redhat.com" <mingo@redhat.com>
Cc: "peterz@infradead.org" <peterz@infradead.org>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: x86-ml <x86@kernel.org>
Link: https://lkml.kernel.org/r/155657657552.7116.18363762932464011367.stgit@sosrh3.amd.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Greg Kroah-Hartman
|
2470653b00 |
This is the 4.14.121 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzkLE0ACgkQONu9yGCS
aT4ZkhAAoiWU5PcwwGtVonrlrtUlwFF14ZyDOMh1hkK7EWHWE+8r3In4BnUz6nW/
wA5IZvIClDPn0go44uhGdZG078q7EqBnY2nhTEseG7XYTWSkIOaMsbcW8f5NFkCC
Z9x7KKIIDRGt/uVNKXgIk5nqmFP7ycNgxUfq3bxMkproFLgeHmFihG43YC0O62b2
nAF/q8OVpONqU9zPGwdVoBY+LQIfhsJi04Raoexr4+UFkvoUZF5zDKl6QZVPCXXT
ETi7CXqntfFt92S6Y4rQfZe883oYFfWzi7GFhNL/oU4TMYDG+J8/PBS4rG3nosSp
Lk81SCmTkAaOhG0rBvdkZFthHibGk3+kKuGWehvAhb5qFEJx+znsbwTVWIPTchAc
axxfHOpW1X2rfrPnH/hkHb5unuJTfolquBmmy2D1Glv46LvI19rn1xgHtyGlb5dt
84Gh8Bew372LkUeG7+CCsCKOuMu/8YuvAZ3DMntwGPo7GAnC052MqcpdyV+pj78z
2y7mO8g9BVizaf5NkoZrf58KuSZDTLf1TfTRKHQVvTuxhzrnt/UIUF/BQmY216kd
pEFp1Qq3zAwTaQgCV6s1ZWGHVidFIPQo7xtFND7MIZQYaZfFZivYS3AVdlox1KGd
k2Rsb/Ub2R/KRrfMdjgIkNbEzauOS9miQTjwMr7zt2AsZJFXDwQ=
=CsUM
-----END PGP SIGNATURE-----
Merge 4.14.121 into android-4.14
Changes in 4.14.121
net: core: another layer of lists, around PF_MEMALLOC skb handling
locking/rwsem: Prevent decrement of reader count before increment
PCI: hv: Fix a memory leak in hv_eject_device_work()
PCI: hv: Add hv_pci_remove_slots() when we unload the driver
PCI: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary
x86/speculation/mds: Revert CPU buffer clear on double fault exit
x86/speculation/mds: Improve CPU buffer clear documentation
objtool: Fix function fallthrough detection
ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260
ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3
ARM: exynos: Fix a leaked reference by adding missing of_node_put
power: supply: axp288_charger: Fix unchecked return value
arm64: compat: Reduce address limit
arm64: Clear OSDLR_EL1 on CPU boot
arm64: Save and restore OSDLR_EL1 across suspend/resume
sched/x86: Save [ER]FLAGS on context switch
crypto: chacha20poly1305 - set cra_name correctly
crypto: vmx - fix copy-paste error in CTR mode
crypto: skcipher - don't WARN on unprocessed data after slow walk step
crypto: crct10dif-generic - fix use via crypto_shash_digest()
crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest()
crypto: gcm - fix incompatibility between "gcm" and "gcm_base"
crypto: rockchip - update IV buffer to contain the next IV
crypto: arm/aes-neonbs - don't access already-freed walk.iv
ALSA: usb-audio: Fix a memory leak bug
ALSA: hda/hdmi - Read the pin sense from register when repolling
ALSA: hda/hdmi - Consider eld_valid when reporting jack event
ALSA: hda/realtek - EAPD turn on later
ASoC: max98090: Fix restore of DAPM Muxes
ASoC: RT5677-SPI: Disable 16Bit SPI Transfers
bpf, arm64: remove prefetch insn in xadd mapping
mm/mincore.c: make mincore() more conservative
ocfs2: fix ocfs2 read inode data panic in ocfs2_iget
userfaultfd: use RCU to free the task struct when fork fails
mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L
mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values
mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write
tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0
tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
jbd2: check superblock mapped prior to committing
ext4: make sanity check in mballoc more strict
ext4: ignore e_value_offs for xattrs with value-in-ea-inode
ext4: avoid drop reference to iloc.bh twice
Btrfs: do not start a transaction during fiemap
Btrfs: do not start a transaction at iterate_extent_inodes()
bcache: fix a race between cache register and cacheset unregister
bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim()
ext4: fix use-after-free race with debug_want_extra_isize
ext4: actually request zeroing of inode table after grow
ext4: fix ext4_show_options for file systems w/o journal
ipmi:ssif: compare block number correctly for multi-part return messages
crypto: arm64/aes-neonbs - don't access already-freed walk.iv
crypto: salsa20 - don't access already-freed walk.iv
crypto: ccm - fix incompatibility between "ccm" and "ccm_base"
fib_rules: fix error in backport of e9919a24d302 ("fib_rules: return 0...")
fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount
ext4: zero out the unused memory region in the extent tree block
ext4: fix data corruption caused by overlapping unaligned and aligned IO
ext4: fix use-after-free in dx_release()
ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes
iov_iter: optimize page_copy_sane()
ext4: fix compile error when using BUFFER_TRACE
Linux 4.14.121
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Eric Dumazet
|
d58465aec7 |
iov_iter: optimize page_copy_sane()
commit 6daef95b8c914866a46247232a048447fff97279 upstream. Avoid cache line miss dereferencing struct page if we can. page_copy_sane() mostly deals with order-0 pages. Extra cache line miss is visible on TCP recvmsg() calls dealing with GRO packets (typically 45 page frags are attached to one skb). Bringing the 45 struct pages into cpu cache while copying the data is not free, since the freeing of the skb (and associated page frags put_page()) can happen after cache lines have been evicted. Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Cc: Matthew Wilcox <willy@infradead.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
db393694d6 |
This is the 4.14.118 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzVnmsACgkQONu9yGCS aT6XoBAAzvBXcFwl1t1ELq5YJ9qsChTdnjF15ohgVFaWdM4SDKIM/Unv07P4x8kN BLqK+5u9mjj8jc51WT4GMGFNa2u4bwGtk4yTSEiRWKvZMZlihKBu3CSKD+EL38RF h0J8Z8tPHrfuaByggSI+xd0Pwkf0Ofc2JMoRb8u8MlsQzHMMFbY4brqKxgfl8Zi7 izd25V38rioKs2cSWqQVDjelPRQtOWkKclvwT2WHRQXqC3L2mZ/FsFiHNj/CoptD bQLnycDD9aPx/9kgcVhodPA4xBCuV93EUi9cFb/9SFWPB/JaHCkO1GV0v7DL9YrD RZ7rATAOgXYpTGrM3YK388a7hF4u98G+cGW6v4lCe5uOKFQcUMZVCys3b4rmqgQS c920wwmyUJL+i+48Z+LuK4yLHzfL/YH+3AVYUQ2CSjXFibXi0agKOFfvIYnXZCNI 9ut9N/cNkALib0IwWcadx0uCaq8u1meVoTJ2SQtcIhWU4MKNtqPLWA9vMH98U5M2 lP0lVaBePXU6XqrlGC/RnR1fH2iqmqosmmwi+XAMHqqxMfHIg5blxoD2nTEUeGcr ow54Tp6KSo9TsoHOyzDcB7d7iMaTEcLIKFGbpRkcMj/n3itdpdq7XxYQpGzDpqjq /V/8cfSqIwfPQ1rdByXITxfl8pYy0+ybYFVsE032ZAyzUkA+vsw= =OrBm -----END PGP SIGNATURE----- Merge 4.14.118 into android-4.14 Changes in 4.14.118 scsi: libsas: fix a race condition when smp task timeout Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() ubsan: Fix nasty -Wbuiltin-declaration-mismatch GCC-9 warnings staging: greybus: power_supply: fix prop-descriptor request size ASoC: hdmi-codec: fix S/PDIF DAI ASoC:soc-pcm:fix a codec fixup issue in TDM case ASoC: nau8824: fix the issue of the widget with prefix name ASoC: nau8810: fix the issue of widget with prefixed name ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate ASoC: wm_adsp: Add locking to wm_adsp2_bus_error ASoC: cs4270: Set auto-increment bit for register writes IB/hfi1: Eliminate opcode tests on mr deref MIPS: KGDB: fix kgdb support for SMP platforms. ASoC: tlv320aic32x4: Fix Common Pins drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS perf/x86/intel: Initialize TFA MSR linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() ASoC: rockchip: pdm: fix regmap_ops hang issue slab: fix a crash by reading /proc/slab_allocators virtio_pci: fix a NULL pointer reference in vp_del_vqs RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove scsi: csiostor: fix missing data copy in csio_scsi_err_handler() drm/mediatek: fix possible object reference leak ASoC: Intel: kbl: fix wrong number of channels virtio-blk: limit number of hw queues by nr_cpu_ids platform/x86: pmc_atom: Drop __initconst on dmi table iommu/amd: Set exclusion range correctly genirq: Prevent use-after-free and work list corruption usb: dwc3: Fix default lpm_nyet_threshold value USB: serial: f81232: fix interrupt worker not stop USB: cdc-acm: fix unthrottle races usb-storage: Set virt_boundary_mask to avoid SG overflows intel_th: pci: Add Comet Lake support scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines Bluetooth: hidp: fix buffer overflow Bluetooth: Align minimum encryption key size for LE and BR/EDR connections UAS: fix alignment of scatter/gather segments ASoC: Intel: avoid Oops if DMA setup fails locking/futex: Allow low-level atomic operations to return -EAGAIN arm64: futex: Bound number of LDXR/STXR loops in FUTEX_WAKE_OP Linux 4.14.118 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Andrey Ryabinin
|
4b2bff7b81 |
ubsan: Fix nasty -Wbuiltin-declaration-mismatch GCC-9 warnings
commit f0996bc2978e02d2ea898101462b960f6119b18f upstream.
Building lib/ubsan.c with gcc-9 results in a ton of nasty warnings like
this one:
lib/ubsan.c warning: conflicting types for built-in function
‘__ubsan_handle_negate_overflow’; expected ‘void(void *, void *)’ [-Wbuiltin-declaration-mismatch]
The kernel's declarations of __ubsan_handle_*() often uses 'unsigned
long' types in parameters while GCC these parameters as 'void *' types,
hence the mismatch.
Fix this by using 'void *' to match GCC's declarations.
Reported-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
Fixes: c6d308534aef ("UBSAN: run-time undefined behavior sanity checker")
Cc: <stable@vger.kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
74196c0ea4 |
This is the 4.14.117 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzSZzYACgkQONu9yGCS aT5DQRAAkerBQJtIfamUTQvLOjpfHtDgGkfm4rI93sfBdU5vxO45yP04XiFwKXXU RTTc7wc9YKqVWuUnhcVHhvzkud5pBDICs+aNAiLjuopir7CbbOg3k/nTfFncEqfQ weClaKxfiPBP5a9vlh9LZzW8TixIT9+3Z7/gwuYLMhv4sq5CwCqe1ttFn/DKs9+t EsS5fKNsKgwc8YXK6t8L71kyeDA54TZp9T+yYUy53+4ijSvqGOIVGcK53awUzlhW 64G+nALSjWXnA7z5DFcyFL6hOv7SgShVBYvGd4HsyCSF23xX7MLg6gekP/BBfOeF XT2HiPxEiMaUkUFG21QTxNL27VJqUkiBgf58pO2GdxFc3y5zpwCZ80buG8tMtkKB EYzPKIHGH3VUyqlcNjyw3yVvJJS+Gg+Q8yd0WmZzu8NyDGDVHIOqw9yh2hJqQ+5g DRXEflnnzVQbzymsn4kRyi3uwBbHzdrnVX9uFLxBIKl+0VoE6pUOriwBsnl4OqaI CsS4XngoH94vUspKozxWfRq6Zzo45c/4WB/R2DxaQHYTyoksc4x5COOxkOrcPZEa EqOY63+GM7yiXp+GQHEA94ZwRTq0E544xRvgVtiktoWzZ2N28aNnA9x9/LCOXRFE qQy6/kU6ydDE9x1ioU1zwV+INFh2xTvY/tT0iEousd8tDLCQ5l0= =BZNt -----END PGP SIGNATURE----- Merge 4.14.117 into android-4.14 Changes in 4.14.117 ALSA: line6: use dynamic buffers ipv4: ip_do_fragment: Preserve skb_iif during fragmentation ipv6/flowlabel: wait rcu grace period before put_pid() ipv6: invert flowlabel sharing check in process and user mode sctp: avoid running the sctp state machine recursively packet: validate msg_namelen in send directly bnxt_en: Improve multicast address setup logic. bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() rxrpc: Fix net namespace cleanup net: phy: marvell: Fix buffer overrun with stats counters net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc kasan: remove redundant initialization of variable 'real_size' kasan: prevent compiler from optimizing away memset in tests arm64: Fix single stepping in kernel traps arm64: only advance singlestep for user instruction traps caif: reduce stack size with KASAN ALSA: hda/realtek - Add new Dell platform for headset mode ALSA: hda/realtek - Fixed Dell AIO speaker noise USB: yurex: Fix protection fault after device removal USB: w1 ds2490: Fix bug caused by improper use of altsetting array usb: usbip: fix isoc packet num validation in get_pipe USB: core: Fix unterminated string returned by usb_string() USB: core: Fix bug caused by duplicate interface PM usage counter mm: do not stall register_shrinker() nvme-loop: init nvmet_ctrl fatal_err_work when allocate HID: logitech: check the return value of create_singlethread_workqueue HID: debug: fix race condition with between rdesc_show() and device removal rtc: sh: Fix invalid alarm warning for non-enabled alarm batman-adv: Reduce claim hash refcnt only for removed entry batman-adv: Reduce tt_local hash refcnt only for removed entry batman-adv: Reduce tt_global hash refcnt only for removed entry ARM: dts: rockchip: Fix gpu opp node names for rk3288 igb: Fix WARN_ONCE on runtime suspend net/mlx5: E-Switch, Fix esw manager vport indication for more vport commands bonding: show full hw address in sysfs for slave entries net: stmmac: ratelimit RX error logs net: stmmac: don't overwrite discard_frame status net: stmmac: fix dropping of multi-descriptor RX frames net: stmmac: don't log oversized frames jffs2: fix use-after-free on symlink traversal debugfs: fix use-after-free on symlink traversal rtc: da9063: set uie_unsupported when relevant HID: input: add mapping for Assistant key vfio/pci: use correct format characters scsi: core: add new RDAC LENOVO/DE_Series device scsi: storvsc: Fix calculation of sub-channel count net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw() net: hns: Use NAPI_POLL_WEIGHT for hns driver net: hns: Fix probabilistic memory overwrite when HNS driver initialized net: hns: fix ICMP6 neighbor solicitation messages discard problem net: hns: Fix WARNING when remove HNS driver with SMMU enabled kmemleak: powerpc: skip scanning holes in the .bss section hugetlbfs: fix memory leak for resv_map sh: fix multiple function definition build errors xsysace: Fix error handling in ace_setup ARM: orion: don't use using 64-bit DMA masks ARM: iop: don't use using 64-bit DMA masks perf/x86/amd: Update generic hardware cache events for Family 17h Bluetooth: btusb: request wake pin with NOAUTOEN staging: iio: adt7316: allow adt751x to use internal vref for all dacs staging: iio: adt7316: fix the dac read calculation staging: iio: adt7316: fix the dac write calculation scsi: RDMA/srpt: Fix a credit leak for aborted commands ASoC: stm32: fix sai driver name initialisation IB/core: Unregister notifier before freeing MAD security IB/core: Fix potential memory leak while creating MAD agents IB/core: Destroy QP if XRC QP fails Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ Input: stmfts - acknowledge that setting brightness is a blocking call selinux: never allow relabeling on context mounts powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search x86/mce: Improve error message when kernel cannot recover, p2 clk: x86: Add system specific quirk to mark clocks as critical i2c: i2c-stm32f7: Fix SDADEL minimum formula media: v4l2: i2c: ov7670: Fix PLL bypass register values mm/kmemleak.c: fix unused-function warning Linux 4.14.117 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Andrey Konovalov
|
bd6afee7a5 |
kasan: prevent compiler from optimizing away memset in tests
commit 69ca372c100fba99c78ef826a1795aa86e4f01a8 upstream. A compiler can optimize away memset calls by replacing them with mov instructions. There are KASAN tests that specifically test that KASAN correctly handles memset calls so we don't want this optimization to happen. The solution is to add -fno-builtin flag to test_kasan.ko Link: http://lkml.kernel.org/r/105ec9a308b2abedb1a0d1fdced0c22d765e4732.1519924383.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Alexander Potapenko <glider@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Geert Uytterhoeven <geert@linux-m68k.org> Cc: Nick Terrell <terrelln@fb.com> Cc: Chris Mason <clm@fb.com> Cc: Yury Norov <ynorov@caviumnetworks.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: "Luis R . Rodriguez" <mcgrof@kernel.org> Cc: Palmer Dabbelt <palmer@dabbelt.com> Cc: "Paul E . McKenney" <paulmck@linux.vnet.ibm.com> Cc: Jeff Layton <jlayton@redhat.com> Cc: "Jason A . Donenfeld" <Jason@zx2c4.com> Cc: Kostya Serebryany <kcc@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Colin Ian King
|
13a1d1adad |
kasan: remove redundant initialization of variable 'real_size'
commit 48c232395431c23d35cf3b4c5a090bd793316578 upstream. Variable real_size is initialized with a value that is never read, it is re-assigned a new value later on, hence the initialization is redundant and can be removed. Cleans up clang warning: lib/test_kasan.c:422:21: warning: Value stored to 'real_size' during its initialization is never read Link: http://lkml.kernel.org/r/20180206144950.32457-1-colin.king@canonical.com Signed-off-by: Colin Ian King <colin.king@canonical.com> Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Alexander Potapenko <glider@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
b5123fd473 |
This is the 4.14.115 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzKnvMACgkQONu9yGCS aT6vPRAAgy8sPwaOoETexGtsEaVVaZX2Yt20ekTuNbKHZKBJKXlq+pcfXawwotUE dr+/jRrpUrOD7Ta4y+qU+mKV3eS4FZ8bJaYvEOKkf/wSFG5sWF6pE7jmgnJ2lJVj SafR601YTCh2eZm+rLogqEF+lXZ9rNUCJlnO6q4APnpvuOGqX6kPaqTxDRK+Qfzz mkij3bnw43YAX5lkx9l2OzreNU5jlh2RSamrF0YrqoL01E/7IXYeAnxQl+Atmjmu pLWsWl/rdxVAnDPwpiZZZAEs3/DYpVtP1bcCH7tESLWICawajUsffn5/yVtwl1UW BKl0mFom7K9tZOhSxmf7kvK+Yq8p5AdyooIFVEfoObYMCZAyXarpnBiey4SeqqQU GRi6fLfMeXrk3ikkI3qGbClbjLhiGmUIyYWz0VI2mxf7+SRnOzHsxgILiaJHPQOn 4+6Y8n1XINMMOu6p0apVSZAAlKjnLsUX0gocTaRQsFTzY9Zqm+/hePe6x7Xm+h66 X4e9NAy/RxZog78aVxTihphAX6V5gbRgcYku+UvWTDoIB13XZ7qxcjyod3DiLvZT n3APkif2sC2ATFmJ3eRSLSitFQ2igIAfW3ob9GtdYb/13I7Zsh0K0FqH1icuKVVm VBsTtvNahCMMKXT/Z5hJOO2agXPprx0kGnn1J6vazh/Bs94QBLw= =tLin -----END PGP SIGNATURE----- Merge 4.14.115 into android-4.14 Changes in 4.14.115 kbuild: simplify ld-option implementation cifs: do not attempt cifs operation on smb2+ rename error tracing: Fix a memory leak by early error exit in trace_pid_write() tracing: Fix buffer_ref pipe ops zram: pass down the bvec we need to read into in the work struct lib/Kconfig.debug: fix build error without CONFIG_BLOCK MIPS: scall64-o32: Fix indirect syscall number load trace: Fix preempt_enable_no_resched() abuse IB/rdmavt: Fix frwr memory registration sched/numa: Fix a possible divide-by-zero ceph: only use d_name directly when parent is locked ceph: ensure d_name stability in ceph_dentry_hash() ceph: fix ci->i_head_snapc leak nfsd: Don't release the callback slot unless it was actually held sunrpc: don't mark uninitialised items as VALID. Input: synaptics-rmi4 - write config register values to the right offset vfio/type1: Limit DMA mappings per container dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid ARM: 8857/1: efi: enable CP15 DMB instructions before cleaning the cache drm/vc4: Fix memory leak during gpu reset. Revert "drm/i915/fbdev: Actually configure untiled displays" drm/vc4: Fix compilation error reported by kbuild test bot USB: Add new USB LPM helpers USB: Consolidate LPM checks to avoid enabling LPM twice ext4: fix some error pointer dereferences vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock tipc: handle the err returned from cmd header function slip: make slhc_free() silently accept an error pointer intel_th: gth: Fix an off-by-one in output unassigning fs/proc/proc_sysctl.c: Fix a NULL pointer dereference ipvs: fix warning on unused variable binder: fix handling of misaligned binder object sched/deadline: Correctly handle active 0-lag timers NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family. netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON fm10k: Fix a potential NULL pointer dereference tipc: check bearer name with right length in tipc_nl_compat_bearer_enable tipc: check link name with right length in tipc_nl_compat_link_set dm integrity: change memcmp to strncmp in dm_integrity_ctr x86, retpolines: Raise limit for generating indirect calls from switch-case x86/retpolines: Disable switch jump tables when retpolines are enabled mm: Fix warning in insert_pfn() Revert "block/loop: Use global lock for ioctl() operation." ipv4: add sanity checks in ipv4_link_failure() mlxsw: spectrum: Fix autoneg status in ethtool net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query net: rds: exchange of 8K and 1M pool net: stmmac: move stmmac_check_ether_addr() to driver probe stmmac: pci: Adjust IOT2000 matching team: fix possible recursive locking when add slaves net/rose: Convert timers to use timer_setup() net/rose: fix unbound loop in rose_loopback_timer() ipv4: set the tcp_min_rtt_wlen range from 0 to one day powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg Documentation: Add nospectre_v1 parameter Linux 4.14.115 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
YueHaibing
|
7a326879fc |
lib/Kconfig.debug: fix build error without CONFIG_BLOCK
commit ae3d6a323347940f0548bbb4b17f0bb2e9164169 upstream. If CONFIG_TEST_KMOD is set to M, while CONFIG_BLOCK is not set, XFS and BTRFS can not be compiled successly. Link: http://lkml.kernel.org/r/20190410075434.35220-1-yuehaibing@huawei.com Fixes: d9c6a72d6fa2 ("kmod: add test driver to stress test the module loader") Signed-off-by: YueHaibing <yuehaibing@huawei.com> Reported-by: Hulk Robot <hulkci@huawei.com> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Cc: Petr Mladek <pmladek@suse.com> Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Cc: Matthew Wilcox <willy@infradead.org> Cc: Joe Lawrence <joe.lawrence@redhat.com> Cc: Robin Murphy <robin.murphy@arm.com> Cc: Luis Chamberlain <mcgrof@kernel.org> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
fde41616bc |
This is the 4.14.113 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAly6xv4ACgkQONu9yGCS
aT4RCw/+KeapZUb7jKuLeYCVUiP4NTkLB5TsgxidbaF1wQEpDuMaYXEiZftX0/IN
iCnn6sBO/VIA1l0PA2cGcpBKFRHJVa+tBArj91Z4lJ4eorc0yQDK/iGTjQEZtkHR
DMkMDJ7MTYlvIk97krg26+duVk6FCgy3SYHw8yOMBOI+fZTTmwL6OMMGl9n3MA5Q
tGD+cppZtmsb59wXuEm2AkTnghd+NN2tl8ObKBd2hEym0lLO4gE9bWBwW6+M6eVx
NrEUgHrP0ASXX7kgC6g7liXSuqq15t7GbdJZEXDRFOKgwYK8L15SnYAnYLpjyvnA
1GFSjje/hnFPD5TklNxojOFYT/yQ6a2fZNMb/ZHQMDgzmmXWggG1FXk0f5Otnh/1
2WRvZVPnZI9+GaArzo0uqPAwez7Q7Id5LzfyfZS5tWIyJSgA/pdit1C51vGLe1sB
rmW+QM4DtLh8DLF/Nmpj7AmiwEdpJuAQF5Y4T4LPyXBTSaj1nBPKz77UFfr38Jew
FzrIi9wZGHv48lTniK7wAErwtPcEg63C8WqEkM3W1gMHQWw2N5diN0OdAA5V8+Gt
WF8u2xUtuT44FgOdG94IRwF1tQmJaHZYmJJcx4Bvq9FRTCLCZtMcI3YSkdxRZSB/
YHqjuOuOTH34nnL39vrryw+fyXPp2IQwrsYFiu7UrGR8JiNP3B4=
=uZIa
-----END PGP SIGNATURE-----
Merge 4.14.113 into android-4.14
Changes in 4.14.113
ARC: u-boot args: check that magic number is correct
arc: hsdk_defconfig: Enable CONFIG_BLK_DEV_RAM
perf/core: Restore mmap record type correctly
ext4: add missing brelse() in add_new_gdb_meta_bg()
ext4: report real fs size after failed resize
ALSA: echoaudio: add a check for ioremap_nocache
ALSA: sb8: add a check for request_region
auxdisplay: hd44780: Fix memory leak on ->remove()
IB/mlx4: Fix race condition between catas error reset and aliasguid flows
mmc: davinci: remove extraneous __init annotation
ALSA: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration
thermal/intel_powerclamp: fix __percpu declaration of worker_data
thermal: bcm2835: Fix crash in bcm2835_thermal_debugfs
thermal/int340x_thermal: Add additional UUIDs
thermal/int340x_thermal: fix mode setting
thermal/intel_powerclamp: fix truncated kthread name
scsi: iscsi: flush running unbind operations when removing a session
x86/mm: Don't leak kernel addresses
tools/power turbostat: return the exit status of a command
perf list: Don't forget to drop the reference to the allocated thread_map
perf config: Fix an error in the config template documentation
perf config: Fix a memory leak in collect_config()
perf build-id: Fix memory leak in print_sdt_events()
perf top: Fix error handling in cmd_top()
perf hist: Add missing map__put() in error case
perf evsel: Free evsel->counts in perf_evsel__exit()
perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test
perf tests: Fix memory leak by expr__find_other() in test__expr()
perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test()
irqchip/mbigen: Don't clear eventid when freeing an MSI
x86/hpet: Prevent potential NULL pointer dereference
x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors
drm/nouveau/debugfs: Fix check of pm_runtime_get_sync failure
iommu/vt-d: Check capability before disabling protected memory
x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error
fix incorrect error code mapping for OBJECTID_NOT_FOUND
ext4: prohibit fstrim in norecovery mode
gpio: pxa: handle corner case of unprobed device
rsi: improve kernel thread handling to fix kernel panic
9p: do not trust pdu content for stat item size
9p locks: add mount option for lock retry interval
f2fs: fix to do sanity check with current segment number
netfilter: xt_cgroup: shrink size of v2 path
serial: uartps: console_setup() can't be placed to init section
powerpc/pseries: Remove prrn_work workqueue
media: au0828: cannot kfree dev before usb disconnect
HID: i2c-hid: override HID descriptors for certain devices
ARM: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms
usbip: fix vhci_hcd controller counting
ACPI / SBS: Fix GPE storm on recent MacBookPro's
KVM: nVMX: restore host state in nested_vmx_vmexit for VMFail
compiler.h: update definition of unreachable()
cifs: fallback to older infolevels on findfirst queryinfo retry
kernel: hung_task.c: disable on suspend
crypto: sha256/arm - fix crash bug in Thumb2 build
crypto: sha512/arm - fix crash bug in Thumb2 build
iommu/dmar: Fix buffer overflow during PCI bus notification
soc/tegra: pmc: Drop locking from tegra_powergate_is_powered()
lkdtm: Print real addresses
lkdtm: Add tests for NULL pointer dereference
drm/panel: panel-innolux: set display off in innolux_panel_unprepare
crypto: axis - fix for recursive locking from bottom half
Revert "ACPI / EC: Remove old CLEAR_ON_RESUME quirk"
coresight: cpu-debug: Support for CA73 CPUs
drm/nouveau/volt/gf117: fix speedo readout register
ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t
drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI)
appletalk: Fix use-after-free in atalk_proc_exit
lib/div64.c: off by one in shift
include/linux/swap.h: use offsetof() instead of custom __swapoffset macro
bpf: fix use after free in bpf_evict_inode
dm: disable CRYPTO_TFM_REQ_MAY_SLEEP to fix a GFP_KERNEL recursion deadlock
bpf: reduce verifier memory consumption
bpf: fix verifier memory leaks
bpf: fix verifier NULL pointer dereference
bpf: fix stack state printing in verifier log
bpf: move {prev_,}insn_idx into verifier env
bpf: move tmp variable into ax register in interpreter
bpf: enable access to ax register also from verifier rewrite
bpf: restrict map value pointer arithmetic for unprivileged
bpf: restrict stack pointer arithmetic for unprivileged
bpf: restrict unknown scalars of mixed signed bounds for unprivileged
bpf: fix check_map_access smin_value test when pointer contains offset
bpf: prevent out of bounds speculation on pointer arithmetic
bpf: fix sanitation of alu op with pointer / scalar type from different paths
bpf: fix inner map masking to prevent oob under speculation
bpf: do not restore dst_reg when cur_state is freed
bpf: fix sanitation rewrite in case of non-pointers
bpf: Fix selftests are changes for CVE 2019-7308
net: stmmac: Set dma ring length before enabling the DMA
mm: hide incomplete nr_indirectly_reclaimable in sysfs
appletalk: Fix compile regression
Linux 4.14.113
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Stanislaw Gruszka
|
6dc75ccba5 |
lib/div64.c: off by one in shift
[ Upstream commit cdc94a37493135e355dfc0b0e086d84e3eadb50d ] fls counts bits starting from 1 to 32 (returns 0 for zero argument). If we add 1 we shift right one bit more and loose precision from divisor, what cause function incorect results with some numbers. Corrected code was tested in user-space, see bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=202391 Link: http://lkml.kernel.org/r/1548686944-11891-1-git-send-email-sgruszka@redhat.com Fixes: 658716d19f8f ("div64_u64(): improve precision on 32bit platforms") Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com> Reported-by: Siarhei Volkau <lis8215@gmail.com> Tested-by: Siarhei Volkau <lis8215@gmail.com> Acked-by: Oleg Nesterov <oleg@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
ff17dbeb19 |
This is the 4.14.112 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAly2ycMACgkQONu9yGCS aT7C5hAA0R6ogtbWP8zWyYUPC5hMQUW5QZvbtxAYmdqYHaXZMmu6Zpwi4fwjIXTO SZmLYLNdZCo56hVTsyiBNKIK+5MzQLzce4bftnrO7XyMT+qqxFHoIRrb/LZ9g1Zj 51bPQ1ctCRQi1YcCVqcA18MDy2Vm6BvKgFlQt9A6p9anxlnyldsphl5Af9VaSg3W LgMhoDLYUzG2oqKm2GIy9FrTU/rO5i7nVc2sBQKjol/IPlmiHO+dRCLkjTHTTaI/ 35tu0VZD7BUEmOMtZ3CMi3IgYaBF60Ii7JrXi5/UqOP6cVH1ILNm4PLI0lK4lIM2 BsReZtJSDJazQznygvc9o88SCqCR45HF+zAK80z6O9qQAQ4JXEcyA04sD4enJjVC NB5sgzaJtoNvQpEmfkeQXxH96IamiQJW1SiojTjVG+8CFjpsmLyAs1iQSga17hQI ib+aFvZOCodh/a0sA69vho+9bK0Hq7oGXfaew0Tqw/SX40TPrHt2Oyg7SXv9A6ME M+w3a3DtWcKnUTGyEaM5PSWnNLd7QOlZh+JqD7FTKJHoXmW4ImssicPPVAxrVhp+ gsA29FW+RZbgykAFLnSMIsZWaQwRq54wRER/yFOYeAydmOJkQorja6i7iEClohFD Bgd91KAzCHiBuAe12mdWhhcsR/wcJ6+SPlwst6DrJ7ZIQJJYORo= =HUau -----END PGP SIGNATURE----- Merge 4.14.112 into android-4.14 Changes in 4.14.112 net: sfp: move sfp_register_socket call from sfp_remove to sfp_probe x86/power: Fix some ordering bugs in __restore_processor_context() x86/power/64: Use struct desc_ptr for the IDT in struct saved_context x86/power/32: Move SYSENTER MSR restoration to fix_processor_context() x86/power: Make restore_processor_context() sane drm/i915/gvt: do not let pin count of shadow mm go negative powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD x86: vdso: Use $LD instead of $CC to link x86/vdso: Drop implicit common-page-size linker flag lib/string.c: implement a basic bcmp stating: ccree: revert "staging: ccree: fix leak of import() after init()" arm64: kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region tty: mark Siemens R3964 line discipline as BROKEN tty: ldisc: add sysctl to prevent autoloading of ldiscs ipv6: Fix dangling pointer when ipv6 fragment ipv6: sit: reset ip header pointer in ipip6_rcv kcm: switch order of device registration to fix a crash net-gro: Fix GRO flush when receiving a GSO packet. net/mlx5: Decrease default mr cache size net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock(). net/sched: fix ->get helper of the matchall cls openvswitch: fix flow actions reallocation qmi_wwan: add Olicard 600 sctp: initialize _pad of sockaddr_in before copying to user memory tcp: Ensure DCTCP reacts to losses vrf: check accept_source_route on the original netdevice net/mlx5e: Fix error handling when refreshing TIRs net/mlx5e: Add a lock on tir list nfp: validate the return code from dev_queue_xmit() bnxt_en: Improve RX consumer index validity check. bnxt_en: Reset device on RX buffer errors. net/sched: act_sample: fix divide by zero in the traffic path netns: provide pure entropy for net_hash_mix() net: ethtool: not call vzalloc for zero sized memory request ALSA: seq: Fix OOB-reads from strlcpy ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type hv_netvsc: Fix unwanted wakeup after tx_disable arm64: dts: rockchip: fix rk3328 sdmmc0 write errors parisc: Detect QEMU earlier in boot process parisc: regs_return_value() should return gpr28 alarmtimer: Return correct remaining time drm/udl: add a release method and delay modeset teardown include/linux/bitrev.h: fix constant bitrev ASoC: fsl_esai: fix channel swap issue when stream starts Btrfs: do not allow trimming when a fs is mounted with the nologreplay option btrfs: prop: fix zstd compression parameter validation btrfs: prop: fix vanished compression property after failed set block: do not leak memory in bio_copy_user_iov() block: fix the return errno for direct IO genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() genirq: Initialize request_mutex if CONFIG_SPARSE_IRQ=n virtio: Honour 'may_reduce_num' in vring_create_virtqueue ARM: dts: am335x-evmsk: Correct the regulators for the audio codec ARM: dts: am335x-evm: Correct the regulators for the audio codec ARM: dts: at91: Fix typo in ISC_D0 on PC9 arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value arm64: dts: rockchip: fix rk3328 rgmii high tx error rate arm64: backtrace: Don't bother trying to unwind the userspace stack xen: Prevent buffer overflow in privcmd ioctl sched/fair: Do not re-read ->h_load_next during hierarchical load calculation xtensa: fix return_address x86/perf/amd: Resolve race condition when disabling PMC x86/perf/amd: Resolve NMI latency issues for active PMCs x86/perf/amd: Remove need to check "running" bit in NMI handler PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors arm64: dts: rockchip: fix vcc_host1_5v pin assign on rk3328-rock64 arm64: dts: rockchip: Fix vcc_host1_5v GPIO polarity on rk3328-rock64 Linux 4.14.112 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Nick Desaulniers
|
56dbdae0c4 |
lib/string.c: implement a basic bcmp
[ Upstream commit 5f074f3e192f10c9fade898b9b3b8812e3d83342 ]
A recent optimization in Clang (r355672) lowers comparisons of the
return value of memcmp against zero to comparisons of the return value
of bcmp against zero. This helps some platforms that implement bcmp
more efficiently than memcmp. glibc simply aliases bcmp to memcmp, but
an optimized implementation is in the works.
This results in linkage failures for all targets with Clang due to the
undefined symbol. For now, just implement bcmp as a tailcail to memcmp
to unbreak the build. This routine can be further optimized in the
future.
Other ideas discussed:
* A weak alias was discussed, but breaks for architectures that define
their own implementations of memcmp since aliases to declarations are
not permitted (only definitions). Arch-specific memcmp
implementations typically declare memcmp in C headers, but implement
them in assembly.
* -ffreestanding also is used sporadically throughout the kernel.
* -fno-builtin-bcmp doesn't work when doing LTO.
Link: https://bugs.llvm.org/show_bug.cgi?id=41035
Link: https://code.woboq.org/userspace/glibc/string/memcmp.c.html#bcmp
Link:
|
||
|
Greg Kroah-Hartman
|
171fc237b3 |
This is the 4.14.111 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlynuywACgkQONu9yGCS aT4XGg/9GLwb77V/72a76DfadTeygFT80UZTrIuvIRLUI5T7Hrn89ZuhFRq8EK0C 5qW1OzrKsioNO/7aniz2bArll+uK5Bln1ENX2+xD76b1ZHfK78Z2sKCXx7Z/eBkG qoa+GONc0vhboqIBz7vEf/O0d+kPlXjfzwBR/fPFXGPk1L87ZRD/ISDtg7z6nECL rghvcGhdHnebDJXfJ8BC/kTaj9Ftk0dZR2tqwWW0wV21QpFKyD/8JDbnQI7cVfKu 30gUlBclFilISZBckwTbFb8t2FQfYvAgvORmeSftsgzrrzrvH8IhWpHh3egj/YOU jOS6sE/FU59KVY4+D59HOVne+K+rLfbPN1xeY9TfcwbfwPfYr1c1NzWd+aZ3+cQ/ IasZ/oAWgNUzBwb8+rpySq9nFaXQhxQ+W1fkCR1MqADLaFLiDRXhCenBIki3YyU8 opyNgpFB3rNgkTYTNxL/wofmUBGec3+9Ir3Rs6NlVkw0ucOvlebRWcU1gQugz5QX l6u0D3B5V7Jee5zjFwIYhK0EhiHsku+X8MOmkgFQTzz6kG9xT3xyamd+woqOT7kZ f8Fve14o4YCugpllxUym+2WtxNZK8jN4UhBMzjYaV8pdR+G+fZE+j9ELjmEGnDc7 E2dsJZCquLtTxa7Gu0ZL9XedCVle3tF6JThUvWtD76mWDXJ5dis= =uoou -----END PGP SIGNATURE----- Merge 4.14.111 into android-4.14 Changes in 4.14.111 arm64: debug: Don't propagate UNKNOWN FAR into si_code for debug signals ext4: cleanup bh release code in ext4_ind_remove_space() lib/int_sqrt: optimize initial value compute tty/serial: atmel: Add is_half_duplex helper tty/serial: atmel: RS485 HD w/DMA: enable RX after TX is stopped mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified CIFS: fix POSIX lock leak and invalid ptr deref h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux- f2fs: fix to avoid deadlock in f2fs_read_inline_dir() tracing: kdb: Fix ftdump to not sleep net/mlx5: Avoid panic when setting vport rate net/mlx5: Avoid panic when setting vport mac, getting vport config gpio: gpio-omap: fix level interrupt idling include/linux/relay.h: fix percpu annotation in struct rchan sysctl: handle overflow for file-max enic: fix build warning without CONFIG_CPUMASK_OFFSTACK scsi: hisi_sas: Set PHY linkrate when disconnected iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver perf c2c: Fix c2c report for empty numa node mm/cma.c: cma_declare_contiguous: correct err handling mm/page_ext.c: fix an imbalance with kmemleak mm, mempolicy: fix uninit memory access mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! mm/slab.c: kmemleak no scan alien caches ocfs2: fix a panic problem caused by o2cb_ctl f2fs: do not use mutex lock in atomic context fs/file.c: initialize init_files.resize_wait page_poison: play nicely with KASAN cifs: use correct format characters dm thin: add sanity checks to thin-pool and external snapshot creation cifs: Fix NULL pointer dereference of devname jbd2: fix invalid descriptor block checksum fs: fix guard_bio_eod to check for real EOD errors tools lib traceevent: Fix buffer overflow in arg_eval PCI/PME: Fix hotplug/sysfs remove deadlock in pcie_pme_remove() wil6210: check null pointer in _wil_cfg80211_merge_extra_ies crypto: crypto4xx - add missing of_node_put after of_device_is_available crypto: cavium/zip - fix collision with generic cra_driver_name usb: chipidea: Grab the (legacy) USB PHY by phandle first scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c powerpc/xmon: Fix opcode being uninitialized in print_insn_powerpc coresight: etm4x: Add support to enable ETMv4.2 serial: 8250_pxa: honor the port number from devicetree ARM: 8840/1: use a raw_spinlock_t in unwind iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback mmc: omap: fix the maximum timeout setting e1000e: Fix -Wformat-truncation warnings mlxsw: spectrum: Avoid -Wformat-truncation warnings IB/mlx4: Increase the timeout for CM cache clk: fractional-divider: check parent rate only if flag is set cpufreq: acpi-cpufreq: Report if CPU doesn't support boost technologies efi: cper: Fix possible out-of-bounds access scsi: megaraid_sas: return error when create DMA pool failed scsi: fcoe: make use of fip_mode enum complete perf test: Fix failure of 'evsel-tp-sched' test on s390 SoC: imx-sgtl5000: add missing put_device() media: sh_veu: Correct return type for mem2mem buffer helpers media: s5p-jpeg: Correct return type for mem2mem buffer helpers media: s5p-g2d: Correct return type for mem2mem buffer helpers media: mx2_emmaprp: Correct return type for mem2mem buffer helpers media: mtk-jpeg: Correct return type for mem2mem buffer helpers vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1 HID: intel-ish-hid: avoid binding wrong ishtp_cl_device jbd2: fix race when writing superblock leds: lp55xx: fix null deref on firmware load failure iwlwifi: pcie: fix emergency path ACPI / video: Refactor and fix dmi_is_desktop() kprobes: Prohibit probing on bsearch() netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm ARM: 8833/1: Ensure that NEON code always compiles with Clang ALSA: PCM: check if ops are defined before suspending PCM usb: f_fs: Avoid crash due to out-of-scope stack ptr access sched/topology: Fix percpu data types in struct sd_data & struct s_data bcache: fix input overflow to cache set sysfs file io_error_halflife bcache: fix input overflow to sequential_cutoff bcache: improve sysfs_strtoul_clamp() genirq: Avoid summation loops for /proc/stat iw_cxgb4: fix srqidx leak during connection abort fbdev: fbmem: fix memory access if logo is bigger than the screen cdrom: Fix race condition in cdrom_sysctl_register e1000e: fix cyclic resets at link up with active tx platform/x86: intel_pmc_core: Fix PCH IP sts reading ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe sched/debug: Initialize sd_sysctl_cpus if !CONFIG_CPUMASK_OFFSTACK efi/memattr: Don't bail on zero VA if it equals the region's PA ARM: dts: lpc32xx: Remove leading 0x and 0s from bindings notation efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted soc: qcom: gsbi: Fix error handling in gsbi_probe() mt7601u: bump supported EEPROM version ARM: 8830/1: NOMMU: Toggle only bits in EXC_RETURN we are really care of ARM: avoid Cortex-A9 livelock on tight dmb loops bpf: fix missing prototype warnings cgroup/pids: turn cgroup_subsys->free() into cgroup_subsys->release() to fix the accounting backlight: pwm_bl: Use gpiod_get_value_cansleep() to get initial state tty: increase the default flip buffer limit to 2*640K powerpc/pseries: Perform full re-add of CPU for topology update post-migration usb: dwc3: gadget: Fix OTG events when gadget driver isn't loaded media: mt9m111: set initial frame size other than 0x0 hwrng: virtio - Avoid repeated init of completion soc/tegra: fuse: Fix illegal free of IO base address HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable cpu/hotplug: Mute hotplug lockdep during init dmaengine: imx-dma: fix warning comparison of distinct pointer types dmaengine: qcom_hidma: assign channel cookie correctly dmaengine: qcom_hidma: initialize tx flags in hidma_prep_dma_* netfilter: physdev: relax br_netfilter dependency media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting drm: Auto-set allow_fb_modifiers when given modifiers at plane init drm/nouveau: Stop using drm_crtc_force_disable x86/build: Specify elf_i386 linker emulation explicitly for i386 objects selinux: do not override context on context mounts wlcore: Fix memory leak in case wl12xx_fetch_firmware failure x86/build: Mark per-CPU symbols as absolute explicitly for LLD clk: rockchip: fix frac settings of GPLL clock for rk3328 dmaengine: tegra: avoid overflow of byte tracking drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers ACPI / video: Extend chassis-type detection with a "Lunch Box" check Linux 4.14.111 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Nathan Chancellor
|
416b593a22 |
ARM: 8833/1: Ensure that NEON code always compiles with Clang
[ Upstream commit de9c0d49d85dc563549972edc5589d195cd5e859 ]
While building arm32 allyesconfig, I ran into the following errors:
arch/arm/lib/xor-neon.c:17:2: error: You should compile this file with
'-mfloat-abi=softfp -mfpu=neon'
In file included from lib/raid6/neon1.c:27:
/home/nathan/cbl/prebuilt/lib/clang/8.0.0/include/arm_neon.h:28:2:
error: "NEON support not enabled"
Building V=1 showed NEON_FLAGS getting passed along to Clang but
__ARM_NEON__ was not getting defined. Ultimately, it boils down to Clang
only defining __ARM_NEON__ when targeting armv7, rather than armv6k,
which is the '-march' value for allyesconfig.
>From lib/Basic/Targets/ARM.cpp in the Clang source:
// This only gets set when Neon instructions are actually available, unlike
// the VFP define, hence the soft float and arch check. This is subtly
// different from gcc, we follow the intent which was that it should be set
// when Neon instructions are actually available.
if ((FPU & NeonFPU) && !SoftFloat && ArchVersion >= 7) {
Builder.defineMacro("__ARM_NEON", "1");
Builder.defineMacro("__ARM_NEON__");
// current AArch32 NEON implementations do not support double-precision
// floating-point even when it is present in VFP.
Builder.defineMacro("__ARM_NEON_FP",
"0x" + Twine::utohexstr(HW_FP & ~HW_FP_DP));
}
Ard Biesheuvel recommended explicitly adding '-march=armv7-a' at the
beginning of the NEON_FLAGS definitions so that __ARM_NEON__ always gets
definined by Clang. This doesn't functionally change anything because
that code will only run where NEON is supported, which is implicitly
armv7.
Link: https://github.com/ClangBuiltLinux/linux/issues/287
Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Acked-by: Nicolas Pitre <nico@linaro.org>
Reviewed-by: Nick Desaulniers <ndesaulniers@google.com>
Reviewed-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
Andrea Righi
|
e62824d1f8 |
kprobes: Prohibit probing on bsearch()
[ Upstream commit 02106f883cd745523f7766d90a739f983f19e650 ]
Since kprobe breakpoing handler is using bsearch(), probing on this
routine can cause recursive breakpoint problem.
int3
->do_int3()
->ftrace_int3_handler()
->ftrace_location()
->ftrace_location_range()
->bsearch() -> int3
Prohibit probing on bsearch().
Signed-off-by: Andrea Righi <righi.andrea@gmail.com>
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/154998813406.31052.8791425358974650922.stgit@devbox
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Peter Zijlstra
|
083aa6a5d3 |
lib/int_sqrt: optimize initial value compute
commit f8ae107eef209bff29a5816bc1aad40d5cd69a80 upstream.
The initial value (@m) compute is:
m = 1UL << (BITS_PER_LONG - 2);
while (m > x)
m >>= 2;
Which is a linear search for the highest even bit smaller or equal to @x
We can implement this using a binary search using __fls() (or better when
its hardware implemented).
m = 1UL << (__fls(x) & ~1UL);
Especially for small values of @x; which are the more common arguments
when doing a CDF on idle times; the linear search is near to worst case,
while the binary search of __fls() is a constant 6 (or 5 on 32bit)
branches.
cycles: branches: branch-misses:
PRE:
hot: 43.633557 +- 0.034373 45.333132 +- 0.002277 0.023529 +- 0.000681
cold: 207.438411 +- 0.125840 45.333132 +- 0.002277 6.976486 +- 0.004219
SOFTWARE FLS:
hot: 29.576176 +- 0.028850 26.666730 +- 0.004511 0.019463 +- 0.000663
cold: 165.947136 +- 0.188406 26.666746 +- 0.004511 6.133897 +- 0.004386
HARDWARE FLS:
hot: 24.720922 +- 0.025161 20.666784 +- 0.004509 0.020836 +- 0.000677
cold: 132.777197 +- 0.127471 20.666776 +- 0.004509 5.080285 +- 0.003874
Averages computed over all values <128k using a LFSR to generate order.
Cold numbers have a LFSR based branch trace buffer 'confuser' ran between
each int_sqrt() invocation.
Link: http://lkml.kernel.org/r/20171020164644.936577234@infradead.org
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Suggested-by: Joe Perches <joe@perches.com>
Acked-by: Will Deacon <will.deacon@arm.com>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Anshul Garg <aksgarg1989@gmail.com>
Cc: Davidlohr Bueso <dave@stgolabs.net>
Cc: David Miller <davem@davemloft.net>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Matthew Wilcox <mawilcox@microsoft.com>
Cc: Michael Davidson <md@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Joe Perches <joe@perches.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
588c629944 |
This is the 4.14.110 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlykNbEACgkQONu9yGCS aT5HyQ//X23Zk/FFcyVZv3U/CTmuLGDyLDiVFAKoGwngGhYVSpH5LuF7al/Csihc pKiwi+oz3qj89+/Rx3OvtHUTnIE2sBcuN0nBclwHY+5uTmv6m9a358/LPRWEDl19 HUSFwrRS0bmOcrG5W+p+XSQ/VBv/UhigLQ5PJ9ezvcgUW/kh0SuVd0FTUGxse8wi jaJSaKISSHtwoqoWjLUHeyWR+pl8rRZx6ujfcQXl9+0Ei9Rl/osDezexDNfaoKBA CGHYdFNVlYMhPIO0Z5X0jsIUUnCn5DwmHEFqjQsPq49y1sJhd5yCTciF0VtMaFQm r1+VCNXTEWaEOrHrL8DzkOKXm+mKjY72P1tsodpjGwBb1y1gEtQwH3jf9jhUQvrh 0/YN39BKjE5f0X4Nusri35r+8DgjK9aab5AlMBezIm8luTAkQzfsWjrdo7N00szc GmlxSyqsaMwU9KUPEUD/ILlJaxvTX8eKZtOPourpmVileEjQ5lQvFtu4b8OWgDs3 5UdPbDiaYcQAMTbcJQ4z8DNwOoW9/OHGY2YmOdvbqamRr7T25Eku9v5yjLnR7mIm F1kkx5fhPkMd/zfM27hEavNcpq5sojCCccsm8IwuOcKZxytONpWnDbcVLT7znGEt WArxqoxHfnJ5IbxXSb5xCQdhNg/Fe7JvcF6ztM+C5oy0J7e3Erw= =de4i -----END PGP SIGNATURE----- Merge 4.14.110 into android-4.14 Changes in 4.14.110 Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer video: fbdev: Set pixclock = 0 in goldfishfb stmmac: copy unicast mac address to MAC registers dccp: do not use ipv6 header for ipv4 flow genetlink: Fix a memory leak on error path mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S net: datagram: fix unbounded loop in __skb_try_recv_datagram() net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec net: rose: fix a possible stack overflow net: stmmac: fix memory corruption with large MTUs net-sysfs: call dev_hold if kobject_init_and_add success packets: Always register packet sk in the same order rhashtable: Still do rehash when we get EEXIST tcp: do not use ipv6 header for ipv4 flow thunderx: enable page recycling for non-XDP case thunderx: eliminate extra calls to put_page() for pages held for recycling vxlan: Don't call gro_cells_destroy() before device is unregistered sctp: get sctphdr by offset in sctp_compute_cksum net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 mac8390: Fix mmio access size probe tun: properly test for IFF_UP tun: add a missing rcu_read_unlock() in error path powerpc/64s: Add support for ori barrier_nospec patching powerpc/64s: Patch barrier_nospec in modules powerpc/64s: Enable barrier_nospec based on firmware settings powerpc: Use barrier_nospec in copy_from_user() powerpc/64: Use barrier_nospec in syscall entry powerpc/64s: Enhance the information in cpu_show_spectre_v1() powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 powerpc/64: Disable the speculation barrier from the command line powerpc/64: Make stf barrier PPC_BOOK3S_64 specific. powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC powerpc/64: Call setup_barrier_nospec() from setup_arch() powerpc/64: Make meltdown reporting Book3S 64 specific powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms powerpc/asm: Add a patch_site macro & helpers for patching instructions powerpc/64s: Add new security feature flags for count cache flush powerpc/64s: Add support for software count cache flush powerpc/pseries: Query hypervisor for count cache flush settings powerpc/powernv: Query firmware for count cache flush settings powerpc/fsl: Add infrastructure to fixup branch predictor flush powerpc/fsl: Add macro to flush the branch predictor powerpc/fsl: Fix spectre_v2 mitigations reporting powerpc/fsl: Emulate SPRN_BUCSR register powerpc/fsl: Add nospectre_v2 command line argument powerpc/fsl: Flush the branch predictor at each kernel entry (64bit) powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit) powerpc/fsl: Flush branch predictor when entering KVM powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used powerpc/fsl: Update Spectre v2 reporting powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup' powerpc/fsl: Fix the flush of branch predictor. powerpc/security: Fix spectre_v2 reporting Btrfs: fix incorrect file size after shrinking truncate and fsync btrfs: remove WARN_ON in log_dir_items btrfs: raid56: properly unmap parity page in finish_parity_scrub() ARM: imx6q: cpuidle: fix bug that CPU might not wake up at expected time powerpc: bpf: Fix generation of load/store DW instructions NFSv4.1 don't free interrupted slot on open net: dsa: qca8k: remove leftover phy accessors ALSA: rawmidi: Fix potential Spectre v1 vulnerability ALSA: seq: oss: Fix Spectre v1 vulnerability ALSA: pcm: Fix possible OOB access in PCM oss plugins ALSA: pcm: Don't suspend stream in unrecoverable PCM state ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB kbuild: modversions: Fix relative CRC byte order interpretation fs/open.c: allow opening only regular files during execve() ocfs2: fix inode bh swapping mixup in ocfs2_reflink_inodes_lock scsi: sd: Fix a race between closing an sd device and sd I/O scsi: sd: Quiesce warning if device does not report optimal I/O size scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices tty: atmel_serial: fix a potential NULL pointer dereference staging: comedi: ni_mio_common: Fix divide-by-zero for DIO cmdtest staging: vt6655: Remove vif check from vnt_interrupt staging: vt6655: Fix interrupt race condition on device start up. serial: max310x: Fix to avoid potential NULL pointer dereference serial: sh-sci: Fix setting SCSCR_TIE while transferring data USB: serial: cp210x: add new device id USB: serial: ftdi_sio: add additional NovaTech products USB: serial: mos7720: fix mos_parport refcount imbalance on error path USB: serial: option: set driver_info for SIM5218 and compatibles USB: serial: option: add support for Quectel EM12 USB: serial: option: add Olicard 600 Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links drm/vgem: fix use-after-free when drm_gem_handle_create() fails gpio: exar: add a check for the return value of ida_simple_get fails gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs usb: mtu3: fix EXTCON dependency USB: gadget: f_hid: fix deadlock in f_hidg_write() usb: common: Consider only available nodes for dr_mode usb: host: xhci-rcar: Add XHCI_TRUST_TX_LENGTH quirk xhci: Fix port resume done detection for SS ports with LPM enabled usb: cdc-acm: fix race during wakeup blocking TX traffic mm/migrate.c: add missing flush_dcache_page for non-mapped page migrate perf intel-pt: Fix TSC slip cpu/hotplug: Prevent crash when CPU bringup fails on CONFIG_HOTPLUG_CPU=n x86/smp: Enforce CONFIG_HOTPLUG_CPU when SMP=y KVM: Reject device ioctls from processes other than the VM's creator KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts Revert "USB: core: only clean up what we allocated" vfio: ccw: only free cp on final interrupt Linux 4.14.110 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Herbert Xu
|
9f6e90284f |
rhashtable: Still do rehash when we get EEXIST
[ Upstream commit 408f13ef358aa5ad56dc6230c2c7deb92cf462b1 ]
As it stands if a shrink is delayed because of an outstanding
rehash, we will go into a rescheduling loop without ever doing
the rehash.
This patch fixes this by still carrying out the rehash and then
rescheduling so that we can shrink after the completion of the
rehash should it still be necessary.
The return value of EEXIST captures this case and other cases
(e.g., another thread expanded/rehashed the table at the same
time) where we should still proceed with the rehash.
Fixes: da20420f83ea ("rhashtable: Add nested tables")
Reported-by: Josh Elsasser <jelsasser@appneta.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Tested-by: Josh Elsasser <jelsasser@appneta.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
80571db8bc |
This is the 4.14.109 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlybBpQACgkQONu9yGCS aT4EthAAu0ZHorEo34Ws8VShc5l3/DN/hFP2a/Gv53qQzF4vjp1Tsw6mDH5B6BJP 4Dce05pDYeTXec9+2dHO8p3lumB4V+7M9RuiWaD/CPIVaNL+ahjU5hKBsgVx8KdM sTBnCm15jx/7bK8qqHr2I8DeOPzIJmUugRqvpF2aFmIvRySakmTiI7euWcRFwCIq X/3mdqDpAuXHTnfbKMugKRGnagWy2JFBQtwT6HTh9VF0Zjyi0BTGjdyCq0HZ03o9 NhgVcfu3SFiHGQ1rCGwP1frKPnVpGG95i8eb4j4V0rMdg5AmAjQOqr6tAHa++60H b7UzrRgfvHvDcV7aTjBgdxDgWvSqs4p/8LwhhYHGq0fAqcRiAZAgZqPoKB8HKPSe vQaPL+EdiXCNGm514DyP4cDZwAbcXk7xYp6xCzivlj0VNiTFm7ehfkFDLZZn01l6 s06aVfTlu8yxZDFMO0WAKm9D9pM7TB019qjrhWSwj2bqLVE9mkQ4kfCsOp3eQuYR qhmmgvprJ6WQUVJ7wbcFadsl4xOqyhNWW4bawuHtLlcueGLPawhhPeEdWrZ8Ax4q zCj+weIGw2wgQS6wi1g/Eh5igLi+2ITbkIrljpKzTXgxbUFrwODt5ylg8EXwlixC LXXgwEI61UwkNjuN7f6dvbfagYfsr2DnhaxgB40bjfY8eB6L9uk= =Ur6G -----END PGP SIGNATURE----- Merge 4.14.109 into android-4.14 Changes in 4.14.109 mmc: pxamci: fix enum type confusion drm/vmwgfx: Don't double-free the mode stored in par->set_mode iommu/amd: fix sg->dma_address for sg->offset bigger than PAGE_SIZE libceph: wait for latest osdmap in ceph_monc_blacklist_add() udf: Fix crash on IO error during truncate mips: loongson64: lemote-2f: Add IRQF_NO_SUSPEND to "cascade" irqaction. MIPS: Ensure ELF appended dtb is relocated MIPS: Fix kernel crash for R6 in jump label branch function scsi: ibmvscsi: Protect ibmvscsi_head from concurrent modificaiton scsi: ibmvscsi: Fix empty event pool access during host removal futex: Ensure that futex address is aligned in handle_futex_death() perf probe: Fix getting the kernel map objtool: Move objtool_file struct off the stack ALSA: x86: Fix runtime PM for hdmi-lpe-audio ext4: fix NULL pointer dereference while journal is aborted ext4: fix data corruption caused by unaligned direct AIO ext4: brelse all indirect buffer in ext4_ind_remove_space() media: v4l2-ctrls.c/uvc: zero v4l2_event Bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() Bluetooth: Fix decrementing reference count twice in releasing socket Bluetooth: hci_ldisc: Initialize hci_dev before open() Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto() drm: Reorder set_property_atomic to avoid returning with an active ww_ctx netfilter: ebtables: remove BUGPRINT messages x86/unwind: Handle NULL pointer calls better in frame unwinder x86/unwind: Add hardcoded ORC entry for NULL locking/lockdep: Add debug_locks check in __lock_downgrade() ALSA: hda - Record the current power state before suspend/resume calls ALSA: hda - Enforces runtime_resume after S3 and S4 for each codec lib/int_sqrt: optimize small argument USB: core: only clean up what we allocated scsi: ufs: fix wrong command type of UTRD for UFSHCI v2.1 PCI: designware-ep: dw_pcie_ep_set_msi() should only set MMC bits PCI: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable PCI: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() rtc: Fix overflow when converting time64_t to rtc_time sched/cpufreq/schedutil: Fix error path mutex unlock pwm-backlight: Enable/disable the PWM before/after LCD enable toggle. power: supply: charger-manager: Fix incorrect return value ath10k: avoid possible string overflow Linux 4.14.109 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Tobin C. Harding
|
b27ce7346e |
UPSTREAM: vsprintf: add printk specifier %px
printk specifier %p now hashes all addresses before printing. Sometimes we need to see the actual unmodified address. This can be achieved using %lx but then we face the risk that if in future we want to change the way the Kernel handles printing of pointers we will have to grep through the already existent 50 000 %lx call sites. Let's add specifier %px as a clear, opt-in, way to print a pointer and maintain some level of isolation from all the other hex integer output within the Kernel. Add printk specifier %px to print the actual unmodified address. Signed-off-by: Tobin C. Harding <me@tobin.cc> (cherry picked from commit 7b1924a1d930eb27fc79c4e4e2a6c1c970623e68) Signed-off-by: Sandeep Patil <sspatil@android.com> Bug: 78533979 Test: Build and boot cuttlefish Change-Id: I3fe64ef81cfb62d49822511cf8087e17abc6da37 |
||
|
Tobin C. Harding
|
d3ad09e4f7 |
UPSTREAM: printk: hash addresses printed with %p
Currently there exist approximately 14 000 places in the kernel where
addresses are being printed using an unadorned %p. This potentially
leaks sensitive information regarding the Kernel layout in memory. Many
of these calls are stale, instead of fixing every call lets hash the
address by default before printing. This will of course break some
users, forcing code printing needed addresses to be updated.
Code that _really_ needs the address will soon be able to use the new
printk specifier %px to print the address.
For what it's worth, usage of unadorned %p can be broken down as
follows (thanks to Joe Perches).
$ git grep -E '%p[^A-Za-z0-9]' | cut -f1 -d"/" | sort | uniq -c
1084 arch
20 block
10 crypto
32 Documentation
8121 drivers
1221 fs
143 include
101 kernel
69 lib
100 mm
1510 net
40 samples
7 scripts
11 security
166 sound
152 tools
2 virt
Add function ptr_to_id() to map an address to a 32 bit unique
identifier. Hash any unadorned usage of specifier %p and any malformed
specifiers.
Signed-off-by: Tobin C. Harding <me@tobin.cc>
(cherry picked from commit ad67b74d2469d9b82aaa572d76474c95bc484d57)
Signed-off-by: Sandeep Patil <sspatil@android.com>
Bug: 78533979
Test: Build and boot cuttlefish
Test: CONFIG_TEST_PRINTF
Change-Id: I9aa3dea0d40a13f5c858ad2253a8a712195ab1d5
|
||
|
Tobin C. Harding
|
3a8bb21cd5 |
UPSTREAM: vsprintf: refactor %pK code out of pointer()
Currently code to handle %pK is all within the switch statement in pointer(). This is the wrong level of abstraction. Each of the other switch clauses call a helper function, pK should do the same. Refactor code out of pointer() to new function restricted_pointer(). Signed-off-by: Tobin C. Harding <me@tobin.cc> (cherry picked from commit 57e734423adda83f3b05505875343284efe3b39c) Signed-off-by: Sandeep Patil <sspatil@android.com> Bug: 78533979 Test: Build and boot cuttlefish Change-Id: Ie78731eb52813a696a33d831b52ae7542ab2a90f |
||
|
Peter Zijlstra
|
aab8621776 |
lib/int_sqrt: optimize small argument
commit 3f3295709edea6268ff1609855f498035286af73 upstream.
The current int_sqrt() computation is sub-optimal for the case of small
@x. Which is the interesting case when we're going to do cumulative
distribution functions on idle times, which we assume to be a random
variable, where the target residency of the deepest idle state gives an
upper bound on the variable (5e6ns on recent Intel chips).
In the case of small @x, the compute loop:
while (m != 0) {
b = y + m;
y >>= 1;
if (x >= b) {
x -= b;
y += m;
}
m >>= 2;
}
can be reduced to:
while (m > x)
m >>= 2;
Because y==0, b==m and until x>=m y will remain 0.
And while this is computationally equivalent, it runs much faster
because there's less code, in particular less branches.
cycles: branches: branch-misses:
OLD:
hot: 45.109444 +- 0.044117 44.333392 +- 0.002254 0.018723 +- 0.000593
cold: 187.737379 +- 0.156678 44.333407 +- 0.002254 6.272844 +- 0.004305
PRE:
hot: 67.937492 +- 0.064124 66.999535 +- 0.000488 0.066720 +- 0.001113
cold: 232.004379 +- 0.332811 66.999527 +- 0.000488 6.914634 +- 0.006568
POST:
hot: 43.633557 +- 0.034373 45.333132 +- 0.002277 0.023529 +- 0.000681
cold: 207.438411 +- 0.125840 45.333132 +- 0.002277 6.976486 +- 0.004219
Averages computed over all values <128k using a LFSR to generate order.
Cold numbers have a LFSR based branch trace buffer 'confuser' ran between
each int_sqrt() invocation.
Link: http://lkml.kernel.org/r/20171020164644.876503355@infradead.org
Fixes: 30493cc9dddb ("lib/int_sqrt.c: optimize square root algorithm")
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Suggested-by: Anshul Garg <aksgarg1989@gmail.com>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Davidlohr Bueso <dave@stgolabs.net>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Joe Perches <joe@perches.com>
Cc: David Miller <davem@davemloft.net>
Cc: Matthew Wilcox <mawilcox@microsoft.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Michael Davidson <md@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
4344de2f79 |
This is the 4.14.108 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlyWNiQACgkQONu9yGCS aT4jlw/+J6vIuvv0XYExoBG60RfXdYPJiO6NWoo1gj+61W+uM3JQNdO4n5aUIGdw DMrrtdyBfGUWsP6Y+9YYvazQmUaj4dpC5soG+h9tCtKEbmwUO3zsj6Tg9W+P5fdY SrILqbThA1l3Wn1JX2RP8OI0olYmLmhbzYYIk0cN4hUXO3yIPhmKPnVC+zmijvNI Y5nPMRdUUvlD0ZYV7K5BNkja3I/UHY0Z9WlV0AsWQNV36oYJQL7UMINm1ysY0pLf PXlGnKlFLveif4ElsZf+02dv79Tj3njDHUfTHh9ZhgEcwqpDJFQeMX9udyeZxE4F b+RQzJKxBo6ffQHec7j+mlMr6tPYAfn2/nnlxMFjddXpyVVPk0jG4CpqyyzllkC2 ZGMwrUba1YTSOn7a5OUnNxuMseAn6ly2cLm0Z/BIr712NL7PT7DICtoiF+NkI0kb kvExae+bg4OIMHJDiCH3xRx7pBtus+ABZnbcovAdJmW/ITpLJkbmrMsozpWXjNlz FkuyInDd3jinpGX1AP5lN+QQMUPYsUs1zr7BmWpdOGL2X7/HDA/apw342o8UmffL Rsnck/spMIm8olS1nBZiZGu8nJs8yp4lS8hT/3qevP0aaCeTfVqkyJxEMijkLm4p g1q/yqsE9fIZTenjlSfkIETopSLbiKAwC2Lbs8pYOGiB7mhXcPg= =sq7B -----END PGP SIGNATURE----- Merge 4.14.108 into android-4.14 Changes in 4.14.108 9p: use inode->i_lock to protect i_size_write() under 32-bit 9p/net: fix memory leak in p9_client_create ASoC: fsl_esai: fix register setting issue in RIGHT_J mode iio: adc: exynos-adc: Fix NULL pointer exception on unbind stm class: Fix an endless loop in channel allocation crypto: caam - fixed handling of sg list crypto: ahash - fix another early termination in hash walk crypto: rockchip - fix scatterlist nents error crypto: rockchip - update new iv to device in multiple operations drm/imx: ignore plane updates on disabled crtcs gpu: ipu-v3: Fix i.MX51 CSI control registers offset drm/imx: imx-ldb: add missing of_node_puts gpu: ipu-v3: Fix CSI offsets for imx53 s390/dasd: fix using offset into zero size array error Input: pwm-vibra - prevent unbalanced regulator Input: pwm-vibra - stop regulator after disabling pwm, not before ARM: OMAP2+: Variable "reg" in function omap4_dsi_mux_pads() could be uninitialized ASoC: dapm: fix out-of-bounds accesses to DAPM lookup tables ASoC: rsnd: fixup rsnd_ssi_master_clk_start() user count check KVM: arm/arm64: Reset the VCPU without preemption and vcpu state loaded ARM: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug Input: cap11xx - switch to using set_brightness_blocking() Input: ps2-gpio - flush TX work when closing port Input: matrix_keypad - use flush_delayed_work() mac80211: Fix Tx aggregation session tear down with ITXQs ipvs: fix dependency on nf_defrag_ipv6 floppy: check_events callback should not return a negative number NFS: Don't use page_file_mapping after removing the page mm/gup: fix gup_pmd_range() for dax Revert "mm: use early_pfn_to_nid in page_ext_init" mm: page_alloc: fix ref bias in page_frag_alloc() for 1-byte allocs net: hns: Fix object reference leaks in hns_dsaf_roce_reset() i2c: cadence: Fix the hold bit setting i2c: bcm2835: Clear current buffer pointers and counts after a transfer auxdisplay: ht16k33: fix potential user-after-free on module unload Input: st-keyscan - fix potential zalloc NULL dereference clk: sunxi-ng: v3s: Fix TCON reset de-assert bit clk: sunxi: A31: Fix wrong AHB gate number esp: Skip TX bytes accounting when sending from a request socket ARM: 8824/1: fix a migrating irq bug when hotplug cpu af_key: unconditionally clone on broadcast assoc_array: Fix shortcut creation keys: Fix dependency loop between construction record and auth key scsi: libiscsi: Fix race between iscsi_xmit_task and iscsi_complete_task net: systemport: Fix reception of BPDUs pinctrl: meson: meson8b: fix the sdxc_a data 1..3 pins qmi_wwan: apply SET_DTR quirk to Sierra WP7607 net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe() mailbox: bcm-flexrm-mailbox: Fix FlexRM ring flush timeout issue ASoC: topology: free created components in tplg load error qed: Fix iWARP syn packet mac address validation. arm64: Relax GIC version check during early boot net: marvell: mvneta: fix DMA debug warning tmpfs: fix link accounting when a tmpfile is linked in ixgbe: fix older devices that do not support IXGBE_MRQC_L3L4TXSWEN ARCv2: lib: memcpy: fix doing prefetchw outside of buffer ARC: uacces: remove lp_start, lp_end from clobber list ARCv2: support manual regfile save on interrupts phonet: fix building with clang mac80211_hwsim: propagate genlmsg_reply return code net: thunderx: make CFG_DONE message to run through generic send-ack sequence nfp: bpf: fix code-gen bug on BPF_ALU | BPF_XOR | BPF_K nfp: bpf: fix ALU32 high bits clearance bug net: set static variable an initial value in atl2_probe() tmpfs: fix uninitialized return value in shmem_link media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused() stm class: Prevent division by zero libnvdimm/label: Clear 'updating' flag after label-set update libnvdimm, pfn: Fix over-trim in trim_pfn_device() libnvdimm/pmem: Honor force_raw for legacy pmem regions libnvdimm: Fix altmap reservation size calculation fix cgroup_do_mount() handling of failure exits crypto: arm/crct10dif - revert to C code for short inputs crypto: arm64/crct10dif - revert to C code for short inputs crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails crypto: testmgr - skip crc32c context test for ahash algorithms crypto: arm64/aes-ccm - fix logical bug in AAD MAC handling crypto: arm64/aes-ccm - fix bugs in non-NEON fallback routine CIFS: Do not reset lease state to NONE on lease break CIFS: Fix read after write for files with read caching tracing: Use strncpy instead of memcpy for string keys in hist triggers tracing: Do not free iter->trace in fail path of tracing_open_pipe() xen: fix dom0 boot on huge systems ACPI / device_sysfs: Avoid OF modalias creation for removed device mmc: sdhci-esdhc-imx: fix HS400 timing issue spi: ti-qspi: Fix mmap read when more than one CS in use spi: pxa2xx: Setup maximum supported DMA transfer length regulator: s2mps11: Fix steps for buck7, buck8 and LDO35 regulator: max77620: Initialize values for DT properties regulator: s2mpa01: Fix step values for some LDOs clocksource/drivers/exynos_mct: Move one-shot check from tick clear to ISR clocksource/drivers/exynos_mct: Clear timer interrupt when shutdown s390/setup: fix early warning messages s390/virtio: handle find on invalid queue gracefully scsi: virtio_scsi: don't send sc payload with tmfs scsi: aacraid: Fix performance issue on logical drives scsi: sd: Optimal I/O size should be a multiple of physical block size scsi: target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock fs/devpts: always delete dcache dentry-s in dput() splice: don't merge into linked buffers m68k: Add -ffreestanding to CFLAGS Btrfs: setup a nofs context for memory allocation at __btrfs_set_acl btrfs: ensure that a DUP or RAID1 block group has exactly two stripes Btrfs: fix corruption reading shared and compressed extents after hole punching crypto: pcbc - remove bogus memcpy()s with src == dest libertas_tf: don't set URB_ZERO_PACKET on IN USB transfer irqchip/gic-v3-its: Avoid parsing _indirect_ twice for Device table x86/kprobes: Prohibit probing on optprobe template code cpufreq: tegra124: add missing of_node_put() cpufreq: pxa2xx: remove incorrect __init annotation ext4: add mask of ext4 flags to swap ext4: fix crash during online resizing IB/hfi1: Close race condition on user context disable and close cxl: Wrap iterations over afu slices inside 'afu_list_lock' ext2: Fix underflow in ext2_max_size() clk: uniphier: Fix update register for CPU-gear clk: clk-twl6040: Fix imprecise external abort for pdmclk clk: ingenic: Fix round_rate misbehaving with non-integer dividers clk: ingenic: Fix doc of ingenic_cgu_div_info usb: chipidea: tegra: Fix missed ci_hdrc_remove_device() nfit: acpi_nfit_ctl(): Check out_obj->type in the right place mm: hwpoison: fix thp split handing in soft_offline_in_use_page() mm/vmalloc: fix size check for remap_vmalloc_range_partial() kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv device property: Fix the length used in PROPERTY_ENTRY_STRING() intel_th: Don't reference unassigned outputs parport_pc: fix find_superio io compare code, should use equal test. i2c: tegra: fix maximum transfer size crypto: arm64/aes-neonbs - fix returning final keystream block drm/i915: Relax mmap VMA check serial: uartps: Fix stuck ISR if RX disabled with non-empty FIFO serial: 8250_of: assume reg-shift of 2 for mrvl,mmp-uart serial: 8250_pci: Fix number of ports for ACCES serial cards serial: 8250_pci: Have ACCES cards that use the four port Pericom PI7C9X7954 chip use the pci_pericom_setup() jbd2: clear dirty flag when revoking a buffer from an older transaction jbd2: fix compile warning when using JBUFFER_TRACE security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblock powerpc/32: Clear on-stack exception marker upon exception return powerpc/wii: properly disable use of BATs when requested. powerpc/powernv: Make opal log only readable by root powerpc/83xx: Also save/restore SPRG4-7 during suspend powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest powerpc/ptrace: Simplify vr_get/set() to avoid GCC warning powerpc/hugetlb: Don't do runtime allocation of 16G pages in LPAR configuration powerpc/traps: fix recoverability of machine check handling on book3s/32 powerpc/traps: Fix the message printed when stack overflows ARM: s3c24xx: Fix boolean expressions in osiris_dvs_notify arm64: Fix HCR.TGE status for NMI contexts arm64: debug: Ensure debug handlers check triggering exception level arm64: KVM: Fix architecturally invalid reset value for FPEXC32_EL2 dm: fix to_sector() for 32bit dm integrity: limit the rate of error messages cpcap-charger: generate events for userspace NFS: Fix I/O request leakages NFS: Fix an I/O request leakage in nfs_do_recoalesce NFS: Don't recoalesce on error in nfs_pageio_complete_mirror() nfsd: fix memory corruption caused by readdir nfsd: fix wrong check in write_v4_end_grace() NFSv4.1: Reinitialise sequence results before retransmitting a request PM / wakeup: Rework wakeup source timer cancellation bcache: never writeback a discard operation x86/unwind/orc: Fix ORC unwind table alignment perf intel-pt: Fix CYC timestamp calculation after OVF perf auxtrace: Define auxtrace record alignment perf intel-pt: Fix overlap calculation for padding perf intel-pt: Fix divide by zero when TSC is not available md: Fix failed allocation of md_register_thread tpm/tpm_crb: Avoid unaligned reads in crb_recv() tpm: Unify the send callback behaviour rcu: Do RCU GP kthread self-wakeup from softirq and interrupt media: imx: prpencvf: Stop upstream before disabling IDMA channel media: uvcvideo: Avoid NULL pointer dereference at the end of streaming media: vimc: Add vimc-streamer for stream control media: imx: csi: Disable CSI immediately after last EOF media: imx: csi: Stop upstream before disabling IDMA channel drm/radeon/evergreen_cs: fix missing break in switch statement KVM: Call kvm_arch_memslots_updated() before updating memslots KVM: x86/mmu: Detect MMIO generation wrap in any address space KVM: x86/mmu: Do not cache MMIO accesses while memslots are in flux KVM: nVMX: Sign extend displacements of VMX instr's mem operands KVM: nVMX: Apply addr size mask to effective address for VMX instructions KVM: nVMX: Ignore limit checks on VMX instructions using flat segments s390/setup: fix boot crash for machine without EDAT-1 Linux 4.14.108 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
David Howells
|
d366f51305 |
assoc_array: Fix shortcut creation
[ Upstream commit bb2ba2d75a2d673e76ddaf13a9bd30d6a8b1bb08 ]
Fix the creation of shortcuts for which the length of the index key value
is an exact multiple of the machine word size. The problem is that the
code that blanks off the unused bits of the shortcut value malfunctions if
the number of bits in the last word equals machine word size. This is due
to the "<<" operator being given a shift of zero in this case, and so the
mask that should be all zeros is all ones instead. This causes the
subsequent masking operation to clear everything rather than clearing
nothing.
Ordinarily, the presence of the hash at the beginning of the tree index key
makes the issue very hard to test for, but in this case, it was encountered
due to a development mistake that caused the hash output to be either 0
(keyring) or 1 (non-keyring) only. This made it susceptible to the
keyctl/unlink/valid test in the keyutils package.
The fix is simply to skip the blanking if the shift would be 0. For
example, an index key that is 64 bits long would produce a 0 shift and thus
a 'blank' of all 1s. This would then be inverted and AND'd onto the
index_key, incorrectly clearing the entire last word.
Fixes: 3cb989501c26 ("Add a generic associative array implementation.")
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: James Morris <james.morris@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Greg Kroah-Hartman
|
8ed9bc6e64 |
This is the 4.14.106 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlyJcBwACgkQONu9yGCS
aT7eXQ//bDDaJaziRcXhYnlnvVl4NTgSk55HBg9lprj1Kjd1i4Nx0y+5lsj4nGdT
HBUkmKnEgBibxuAutBZIS1pZKb1Ef7iQOjoPXVFy9y9Ff31eWu/svQewYJHmMecc
K4rHu8IvnC0/lT4B4piPBKF7oV5oHG8ii3zXW1rT9CEpGMKpwGWjMqjDPc5Hzmtl
Q/mjZZe3KuLyaq7Hv08y0EgXr+c4WpbEjl6PekXB5WW4bCfbdNaeiAHB84wsRvbw
IR3IUfF/vRdacYMbpK9BUYar6nflIkQCMwpb5UFNKZooAW4gXCOfyfWZIDYAx3bv
eMc4CWXI4GNK2sCk/PuxmxRzbo/DsHIhSAitRJ/MDiViTM/ZAd4H4h5e2eL7x/Fr
+hRWT0BIsnftIzxApq57SFyw2P3/eluF6Na44En2jfWmfjSvDm/Dgdo3t0bRhJ+4
vwZKSmQZ/PuL69+0091EBwFT1JnHTtLxvuZsk6SMlcHVzQbb27PkU3o4EaX1uQ5o
AWM8vS7G8iW0JDpakyL3ANuqVnOc2epQ2a2oJWWmUMvv/+TCtj6SCmeRWDL1e0eZ
Rt9nKuPpXXKQLLrupjBqRg3o0PenYo6ADV/z4tGVW4hErTedawsVDemWbX2E4HFB
5VpWwA1NCOzHeinVDJmaxeupU5rvxoN9XbjyTs1ZTTEa0YCR9EQ=
=ijAI
-----END PGP SIGNATURE-----
Merge 4.14.106 into android-4.14
Changes in 4.14.106
cpufreq: Use struct kobj_attribute instead of struct global_attr
USB: serial: option: add Telit ME910 ECM composition
USB: serial: cp210x: add ID for Ingenico 3070
USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485
staging: comedi: ni_660x: fix missing break in switch statement
staging: wilc1000: fix to set correct value for 'vif_num'
staging: android: ion: fix sys heap pool's gfp_flags
ip6mr: Do not call __IP6_INC_STATS() from preemptible context
net: dsa: mv88e6xxx: handle unknown duplex modes gracefully in mv88e6xxx_port_set_duplex
net-sysfs: Fix mem leak in netdev_register_kobject
sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79
team: Free BPF filter when unregistering netdev
tipc: fix RDM/DGRAM connect() regression
bnxt_en: Drop oversize TX packets to prevent errors.
geneve: correctly handle ipv6.disable module parameter
hv_netvsc: Fix IP header checksum for coalesced packets
net: dsa: mv88e6xxx: Fix u64 statistics
netlabel: fix out-of-bounds memory accesses
net: netem: fix skb length BUG_ON in __skb_to_sgvec
net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails
net: phy: phylink: fix uninitialized variable in phylink_get_mac_state
net: sit: fix memory leak in sit_init_net()
net: socket: set sock->sk to NULL after calling proto_ops::release()
xen-netback: don't populate the hash cache on XenBus disconnect
xen-netback: fix occasional leak of grant ref mappings under memory pressure
net: Add __icmp_send helper.
net: avoid use IPCB in cipso_v4_error
ipv4: Return error for RTA_VIA attribute
ipv6: Return error for RTA_VIA attribute
mpls: Return error for RTA_GATEWAY attribute
tun: fix blocking read
tun: remove unnecessary memory barrier
net: phy: Micrel KSZ8061: link failure after cable connect
net: dsa: mv88e6xxx: Fix statistics on mv88e6161
x86/CPU/AMD: Set the CPB bit unconditionally on F17h
applicom: Fix potential Spectre v1 vulnerabilities
MIPS: irq: Allocate accurate order pages for irq stack
hugetlbfs: fix races and page leaks during migration
xtensa: fix get_wchan
Bluetooth: Fix locking in bt_accept_enqueue() for BH context
exec: Fix mem leak in kernel_read_file
scsi: core: reset host byte in DID_NEXUS_FAILURE case
media: uvcvideo: Fix 'type' check leading to overflow
vti4: Fix a ipip packet processing bug in 'IPCOMP' virtual tunnel
perf core: Fix perf_proc_update_handler() bug
perf tools: Handle TOPOLOGY headers with no CPU
IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM
iommu/amd: Call free_iova_fast with pfn in map_sg
iommu/amd: Unmap all mapped pages in error path of map_sg
ipvs: Fix signed integer overflow when setsockopt timeout
iommu/amd: Fix IOMMU page flush when detach device from a domain
xtensa: SMP: fix ccount_timer_shutdown
selftests: cpu-hotplug: fix case where CPUs offline > CPUs present
xtensa: SMP: fix secondary CPU initialization
xtensa: smp_lx200_defconfig: fix vectors clash
xtensa: SMP: mark each possible CPU as present
xtensa: SMP: limit number of possible CPUs by NR_CPUS
net: altera_tse: fix msgdma_tx_completion on non-zero fill_level case
net: hns: Fix for missing of_node_put() after of_parse_phandle()
net: hns: Restart autoneg need return failed when autoneg off
net: hns: Fix wrong read accesses via Clause 45 MDIO protocol
net: stmmac: dwmac-rk: fix error handling in rk_gmac_powerup()
netfilter: ebtables: compat: un-break 32bit setsockopt when no rules are present
gpio: vf610: Mask all GPIO interrupts
selftests: timers: use LDLIBS instead of LDFLAGS
nfs: Fix NULL pointer dereference of dev_name
qed: Fix bug in tx promiscuous mode settings
qed: Fix LACP pdu drops for VFs
qed: Fix VF probe failure while FLR
qed: Fix system crash in ll2 xmit
qed: Fix stack out of bounds bug
scsi: libfc: free skb when receiving invalid flogi resp
scsi: 53c700: pass correct "dev" to dma_alloc_attrs()
platform/x86: Fix unmet dependency warning for SAMSUNG_Q10
cifs: fix computation for MAX_SMB2_HDR_SIZE
x86/microcode/amd: Don't falsely trick the late loading mechanism
arm64: kprobe: Always blacklist the KVM world-switch code
apparmor: Fix aa_label_build() error handling for failed merges
x86/kexec: Don't setup EFI info if EFI runtime is not enabled
x86_64: increase stack size for KASAN_EXTRA
mm, memory_hotplug: is_mem_section_removable do not pass the end of a zone
mm, memory_hotplug: test_pages_in_a_zone do not pass the end of zone
lib/test_kmod.c: potential double free in error handling
fs/drop_caches.c: avoid softlockups in drop_pagecache_sb()
autofs: drop dentry reference only when it is never used
autofs: fix error return in autofs_fill_super()
ARM: dts: omap4-droid4: Fix typo in cpcap IRQ flags
arm64: dts: renesas: r8a7796: Enable DMA for SCIF2
soc: fsl: qbman: avoid race in clearing QMan interrupt
bpf: sock recvbuff must be limited by rmem_max in bpf_setsockopt()
ARM: pxa: ssp: unneeded to free devm_ allocated data
arm64: dts: add msm8996 compatible to gicv3
DTS: CI20: Fix bugs in ci20's device tree.
usb: phy: fix link errors
irqchip/mmp: Only touch the PJ4 IRQ & FIQ bits on enable/disable
net: stmmac: Fallback to Platform Data clock in Watchdog conversion
net: stmmac: Send TSO packets always from Queue 0
net: stmmac: Disable EEE mode earlier in XMIT callback
irqchip/gic-v3-its: Fix ITT_entry_size accessor
relay: check return of create_buf_file() properly
bpf, selftests: fix handling of sparse CPU allocations
bpf: fix lockdep false positive in percpu_freelist
drm/sun4i: tcon: Prepare and enable TCON channel 0 clock at init
dmaengine: at_xdmac: Fix wrongfull report of a channel as in use
vsock/virtio: fix kernel panic after device hot-unplug
vsock/virtio: reset connected sockets on device removal
dmaengine: dmatest: Abort test in case of mapping error
selftests: netfilter: fix config fragment CONFIG_NF_TABLES_INET
selftests: netfilter: add simple masq/redirect test cases
netfilter: nf_nat: skip nat clash resolution for same-origin entries
s390/qeth: fix use-after-free in error path
perf symbols: Filter out hidden symbols from labels
perf trace: Support multiple "vfs_getname" probes
MIPS: Remove function size check in get_frame_info()
i2c: omap: Use noirq system sleep pm ops to idle device for suspend
fs: ratelimit __find_get_block_slow() failure message.
qed: Fix EQ full firmware assert.
qed: Consider TX tcs while deriving the max num_queues for PF.
Input: wacom_serial4 - add support for Wacom ArtPad II tablet
Input: elan_i2c - add id for touchpad found in Lenovo s21e-20
iscsi_ibft: Fix missing break in switch statement
scsi: aacraid: Fix missing break in switch statement
arm64: dts: hikey: Give wifi some time after power-on
ARM: dts: exynos: Fix pinctrl definition for eMMC RTSN line on Odroid X2/U3
ARM: dts: exynos: Add minimal clkout parameters to Exynos3250 PMU
drm: disable uncached DMA optimization for ARM and arm64
ARM: 8781/1: Fix Thumb-2 syscall return for binutils 2.29+
gfs2: Fix missed wakeups in find_insert_glock
ath9k: Avoid OF no-EEPROM quirks without qca,no-eeprom
driver core: Postpone DMA tear-down until after devres release
perf/x86/intel: Make cpuc allocations consistent
perf/x86/intel: Generalize dynamic constraint creation
x86: Add TSX Force Abort CPUID/MSR
perf/x86/intel: Implement support for TSX Force Abort
Linux 4.14.106
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Dan Carpenter
|
8d5b255514 |
lib/test_kmod.c: potential double free in error handling
[ Upstream commit db7ddeab3ce5d64c9696e70d61f45ea9909cd196 ] There is a copy and paste bug so we set "config->test_driver" to NULL twice instead of setting "config->test_fs". Smatch complains that it leads to a double free: lib/test_kmod.c:840 __kmod_config_init() warn: 'config->test_fs' double freed Link: http://lkml.kernel.org/r/20190121140011.GA14283@kadam Fixes: d9c6a72d6fa2 ("kmod: add test driver to stress test the module loader") Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Acked-by: Luis Chamberlain <mcgrof@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
0951849351 |
This is the 4.14.99 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlxjFHYACgkQONu9yGCS
aT5H0w/8D6sNHqN7RXJogmqrdCg6xzfwxdQs+56WWjOUrEjfzpT/x6c8+f/s8nuA
lvTO12FKspWxLnwYNx+hcLUnIzs1LX6XxH/ls1mHWVqQ11We/yrUhnpEFhcCLITn
n8fSx6OOI/MeblsvW6qkz+uIf7EwArvCdv956nSeF6UyJVXxe67kyJKZZYCsuvpL
GvBmMpr+REhKu170bHP7cS783iLN6HavEcuzxnjxh7T6+InTa1zJQQATL3NR/PWZ
Cy1RAwS3pSeGA6UqeXbslTPwuQ5MCCXucP3cGvAMRURxNEbUL44dBS1G3+HDurn6
OqXxO4u0mBhRabm4cFGXrFXqVJOCn0O2E1Otjat7S9To/bRINZsVkj+XjqLHyHuN
oPmsQUiRZ3iBOphr69WuxzjQRtHzkalJmo/poAdPhvA4OFqKB8n3Q4GLU1nqp4qx
EXJ7pQo2AanClkP2j7lIQtdM7n8lPyy80hnR484ysP0pZaH2ErGMrK60rzZLDDlY
Zk7i8uZ/jTrHsIXgWYL2F5Lz4St6MY49ePQaFR4Wjy7p76ZoPZMkYmxvA5ZrmOpT
UyggwNwT6kh0/yzXTZZ5O1N+7IUeam9Br+2UHxmpYXMs/P6xjW0YAczDZ9crqiV8
zys1u1gR+DKL/bw7JMEIMDsUZlhhzxmW9Eidfl7QlUpiYJNpM00=
=ShQi
-----END PGP SIGNATURE-----
Merge 4.14.99 into android-4.14
Changes in 4.14.99
drm/bufs: Fix Spectre v1 vulnerability
staging: iio: adc: ad7280a: handle error from __ad7280_read32()
drm/vgem: Fix vgem_init to get drm device available.
pinctrl: bcm2835: Use raw spinlock for RT compatibility
ASoC: Intel: mrfld: fix uninitialized variable access
gpu: ipu-v3: image-convert: Prevent race between run and unprepare
ath9k: dynack: use authentication messages for 'late' ack
scsi: lpfc: Correct LCB RJT handling
scsi: mpt3sas: Call sas_remove_host before removing the target devices
scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event
ARM: 8808/1: kexec:offline panic_smp_self_stop CPU
clk: boston: fix possible memory leak in clk_boston_setup()
dlm: Don't swamp the CPU with callbacks queued during recovery
x86/PCI: Fix Broadcom CNB20LE unintended sign extension (redux)
powerpc/pseries: add of_node_put() in dlpar_detach_node()
crypto: aes_ti - disable interrupts while accessing S-box
drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE
serial: fsl_lpuart: clear parity enable bit when disable parity
ptp: check gettime64 return code in PTP_SYS_OFFSET ioctl
MIPS: Boston: Disable EG20T prefetch
staging:iio:ad2s90: Make probe handle spi_setup failure
fpga: altera-cvp: Fix registration for CvP incapable devices
Tools: hv: kvp: Fix a warning of buffer overflow with gcc 8.0.1
platform/chrome: don't report EC_MKBP_EVENT_SENSOR_FIFO as wakeup
staging: iio: ad7780: update voltage on read
usbnet: smsc95xx: fix rx packet alignment
drm/rockchip: fix for mailbox read size
ARM: OMAP2+: hwmod: Fix some section annotations
net/mlx5: EQ, Use the right place to store/read IRQ affinity hint
modpost: validate symbol names also in find_elf_symbol
perf tools: Add Hygon Dhyana support
soc/tegra: Don't leak device tree node reference
media: mtk-vcodec: Release device nodes in mtk_vcodec_init_enc_pm()
ptp: Fix pass zero to ERR_PTR() in ptp_clock_register
dmaengine: xilinx_dma: Remove __aligned attribute on zynqmp_dma_desc_ll
iio: adc: meson-saradc: check for devm_kasprintf failure
iio: adc: meson-saradc: fix internal clock names
iio: accel: kxcjk1013: Add KIOX010A ACPI Hardware-ID
media: adv*/tc358743/ths8200: fill in min width/height/pixelclock
ACPI: SPCR: Consider baud rate 0 as preconfigured state
staging: pi433: fix potential null dereference
f2fs: move dir data flush to write checkpoint process
f2fs: fix race between write_checkpoint and write_begin
f2fs: fix wrong return value of f2fs_acl_create
i2c: sh_mobile: add support for r8a77990 (R-Car E3)
arm64: io: Ensure calls to delay routines are ordered against prior readX()
sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN
soc: bcm: brcmstb: Don't leak device tree node reference
nfsd4: fix crash on writing v4_end_grace before nfsd startup
drm: Clear state->acquire_ctx before leaving drm_atomic_helper_commit_duplicated_state()
arm64: io: Ensure value passed to __iormb() is held in a 64-bit register
Thermal: do not clear passive state during system sleep
firmware/efi: Add NULL pointer checks in efivars API functions
s390/zcrypt: improve special ap message cmd handling
arm64: ftrace: don't adjust the LR value
ARM: dts: mmp2: fix TWSI2
x86/fpu: Add might_fault() to user_insn()
media: DaVinci-VPBE: fix error handling in vpbe_initialize()
smack: fix access permissions for keyring
usb: dwc3: Correct the logic for checking TRB full in __dwc3_prepare_one_trb()
usb: hub: delay hub autosuspend if USB3 port is still link training
timekeeping: Use proper seqcount initializer
usb: mtu3: fix the issue about SetFeature(U1/U2_Enable)
clk: sunxi-ng: a33: Set CLK_SET_RATE_PARENT for all audio module clocks
driver core: Move async_synchronize_full call
kobject: return error code if writing /sys/.../uevent fails
IB/hfi1: Unreserve a reserved request when it is completed
usb: dwc3: trace: add missing break statement to make compiler happy
pinctrl: sx150x: handle failure case of devm_kstrdup
iommu/amd: Fix amd_iommu=force_isolation
ARM: dts: Fix OMAP4430 SDP Ethernet startup
mips: bpf: fix encoding bug for mm_srlv32_op
media: coda: fix H.264 deblocking filter controls
ARM: dts: Fix up the D-Link DIR-685 MTD partition info
watchdog: renesas_wdt: don't set divider while watchdog is running
usb: dwc3: gadget: Disable CSP for stream OUT ep
iommu/arm-smmu: Add support for qcom,smmu-v2 variant
iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer
sata_rcar: fix deferred probing
clk: imx6sl: ensure MMDC CH0 handshake is bypassed
cpuidle: big.LITTLE: fix refcount leak
OPP: Use opp_table->regulators to verify no regulator case
i2c-axxia: check for error conditions first
phy: sun4i-usb: add support for missing USB PHY index
udf: Fix BUG on corrupted inode
switchtec: Fix SWITCHTEC_IOCTL_EVENT_IDX_ALL flags overwrite
selftests/bpf: use __bpf_constant_htons in test_prog.c
ARM: pxa: avoid section mismatch warning
ASoC: fsl: Fix SND_SOC_EUKREA_TLV320 build error on i.MX8M
KVM: PPC: Book3S: Only report KVM_CAP_SPAPR_TCE_VFIO on powernv machines
mmc: bcm2835: Recover from MMC_SEND_EXT_CSD
mmc: bcm2835: reset host on timeout
memstick: Prevent memstick host from getting runtime suspended during card detection
mmc: sdhci-of-esdhc: Fix timeout checks
mmc: sdhci-xenon: Fix timeout checks
tty: serial: samsung: Properly set flags in autoCTS mode
perf test: Fix perf_event_attr test failure
perf header: Fix unchecked usage of strncpy()
perf probe: Fix unchecked usage of strncpy()
arm64: KVM: Skip MMIO insn after emulation
usb: musb: dsps: fix otg state machine
percpu: convert spin_lock_irq to spin_lock_irqsave.
powerpc/uaccess: fix warning/error with access_ok()
mac80211: fix radiotap vendor presence bitmap handling
xfrm6_tunnel: Fix spi check in __xfrm6_tunnel_alloc_spi
Bluetooth: Fix unnecessary error message for HCI request completion
mlxsw: spectrum: Properly cleanup LAG uppers when removing port from LAG
scsi: smartpqi: correct host serial num for ssa
scsi: smartpqi: correct volume status
scsi: smartpqi: increase fw status register read timeout
cw1200: Fix concurrency use-after-free bugs in cw1200_hw_scan()
powerpc/perf: Fix thresholding counter data for unknown type
drbd: narrow rcu_read_lock in drbd_sync_handshake
drbd: disconnect, if the wrong UUIDs are attached on a connected peer
drbd: skip spurious timeout (ping-timeo) when failing promote
drbd: Avoid Clang warning about pointless switch statment
video: clps711x-fb: release disp device node in probe()
md: fix raid10 hang issue caused by barrier
fbdev: fbmem: behave better with small rotated displays and many CPUs
i40e: define proper net_device::neigh_priv_len
igb: Fix an issue that PME is not enabled during runtime suspend
ACPI/APEI: Clear GHES block_status before panic()
fbdev: fbcon: Fix unregister crash when more than one framebuffer
powerpc/mm: Fix reporting of kernel execute faults on the 8xx
pinctrl: meson: meson8: fix the GPIO function for the GPIOAO pins
pinctrl: meson: meson8b: fix the GPIO function for the GPIOAO pins
KVM: x86: svm: report MSR_IA32_MCG_EXT_CTL as unsupported
powerpc/fadump: Do not allow hot-remove memory from fadump reserved area.
kvm: Change offset in kvm_write_guest_offset_cached to unsigned
NFS: nfs_compare_mount_options always compare auth flavors.
hwmon: (lm80) fix a missing check of the status of SMBus read
hwmon: (lm80) fix a missing check of bus read in lm80 probe
seq_buf: Make seq_buf_puts() null-terminate the buffer
crypto: ux500 - Use proper enum in cryp_set_dma_transfer
crypto: ux500 - Use proper enum in hash_set_dma_transfer
MIPS: ralink: Select CONFIG_CPU_MIPSR2_IRQ_VI on MT7620/8
cifs: check ntwrk_buf_start for NULL before dereferencing it
um: Avoid marking pages with "changed protection"
niu: fix missing checks of niu_pci_eeprom_read
f2fs: fix sbi->extent_list corruption issue
cgroup: fix parsing empty mount option string
scripts/decode_stacktrace: only strip base path when a prefix of the path
ocfs2: don't clear bh uptodate for block read
ocfs2: improve ocfs2 Makefile
isdn: hisax: hfc_pci: Fix a possible concurrency use-after-free bug in HFCPCI_l1hw()
gdrom: fix a memory leak bug
fsl/fman: Use GFP_ATOMIC in {memac,tgec}_add_hash_mac_address()
block/swim3: Fix -EBUSY error when re-opening device after unmount
thermal: bcm2835: enable hwmon explicitly
kdb: Don't back trace on a cpu that didn't round up
thermal: generic-adc: Fix adc to temp interpolation
HID: lenovo: Add checks to fix of_led_classdev_register
kernel/hung_task.c: break RCU locks based on jiffies
proc/sysctl: fix return error for proc_doulongvec_minmax()
kernel/hung_task.c: force console verbose before panic
fs/epoll: drop ovflist branch prediction
exec: load_script: don't blindly truncate shebang string
scripts/gdb: fix lx-version string output
thermal: hwmon: inline helpers when CONFIG_THERMAL_HWMON is not set
dccp: fool proof ccid_hc_[rt]x_parse_options()
enic: fix checksum validation for IPv6
net: dp83640: expire old TX-skb
rxrpc: bad unlock balance in rxrpc_recvmsg
skge: potential memory corruption in skge_get_regs()
rds: fix refcount bug in rds_sock_addref
net: systemport: Fix WoL with password after deep sleep
net/mlx5e: Force CHECKSUM_UNNECESSARY for short ethernet frames
net: dsa: slave: Don't propagate flag changes on down slave interfaces
ALSA: compress: Fix stop handling on compressed capture streams
ALSA: hda - Serialize codec registrations
fuse: call pipe_buf_release() under pipe lock
fuse: decrement NR_WRITEBACK_TEMP on the right page
fuse: handle zero sized retrieve correctly
dmaengine: bcm2835: Fix interrupt race on RT
dmaengine: bcm2835: Fix abort of transactions
dmaengine: imx-dma: fix wrong callback invoke
futex: Handle early deadlock return correctly
irqchip/gic-v3-its: Plug allocation race for devices sharing a DevID
usb: phy: am335x: fix race condition in _probe
usb: dwc3: gadget: Handle 0 xfer length for OUT EP
usb: gadget: udc: net2272: Fix bitwise and boolean operations
usb: gadget: musb: fix short isoc packets with inventra dma
staging: speakup: fix tty-operation NULL derefs
scsi: cxlflash: Prevent deadlock when adapter probe fails
scsi: aic94xx: fix module loading
KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)
kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)
cpu/hotplug: Fix "SMT disabled by BIOS" detection for KVM
perf/x86/intel/uncore: Add Node ID mask
x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out()
perf/core: Don't WARN() for impossible ring-buffer sizes
perf tests evsel-tp-sched: Fix bitwise operator
serial: fix race between flush_to_ldisc and tty_open
serial: 8250_pci: Make PCI class test non fatal
nfsd4: fix cached replies to solo SEQUENCE compounds
nfsd4: catch some false session retries
IB/hfi1: Add limit test for RC/UC send via loopback
perf/x86/intel: Delay memory deallocation until x86_pmu_dead_cpu()
ath9k: dynack: make ewma estimation faster
ath9k: dynack: check da->enabled first in sampling routines
Linux 4.14.99
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Michael Ellerman
|
4a38ed76fb |
seq_buf: Make seq_buf_puts() null-terminate the buffer
[ Upstream commit 0464ed24380905d640030d368cd84a4e4d1e15e2 ]
Currently seq_buf_puts() will happily create a non null-terminated
string for you in the buffer. This is particularly dangerous if the
buffer is on the stack.
For example:
char buf[8];
char secret = "secret";
struct seq_buf s;
seq_buf_init(&s, buf, sizeof(buf));
seq_buf_puts(&s, "foo");
printk("Message is %s\n", buf);
Can result in:
Message is fooªªªªªsecret
We could require all users to memset() their buffer to zero before
use. But that seems likely to be forgotten and lead to bugs.
Instead we can change seq_buf_puts() to always leave the buffer in a
null-terminated state.
The only downside is that this makes the buffer 1 character smaller
for seq_buf_puts(), but that seems like a good trade off.
Link: http://lkml.kernel.org/r/20181019042109.8064-1-mpe@ellerman.id.au
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Greg Kroah-Hartman
|
da2880fa47 |
This is the 4.14.93 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlw6/lMACgkQONu9yGCS
aT7sQBAA1xkdFxT4QkGCz+pwU/tz9gj7BrCnKfhI4kAcgHsI+qRGZkMn3QDA0GY2
rUHx5Hfd7GgpqAl440OtWMwgy5KnEGFV8d0m98qagLGrhMfnZAidjatR77Xcr52r
3bW2xGebFHF8ndqjg6AhfWn2TxOjS/o4af99NWOhQcUU5OYeoPqDpk4t/jxJ4kck
D0t+PubXuHHwItFd1iK4BEFJo8vwpLnfP/sRJaCEE39wP8m3EghkhhPoAQkdB+OZ
wa8dvfU3Adc3YyDb8XY53DqkhS9EM10TZNnPmLQ5vJO6t8UIUJdaHmXiMnmqZ3Ww
4shwDdwheLqrp9EJl81ZqQOc8BIE6gkHksI3vIh6nuPUDR9WG1WHdQnbmCOOJeMO
I16hh3PBYlN+7Ipo4E2Q4Rr6iYOawvKEU47m0EZtcJUIWMxN8WkcMgZgjT0pxRuN
IhhL2FWSHBp0JUHTSGNs+j8jl5px8Rvyt8PlB3IVhX6pYy7WeakZtF1jvpW6EzVB
cR7BTq0X+VykP0agHX4I+ZzXVK45cKZCdUCnfgy38kJItAt1Y9Ov6ekAk8KjGkSP
CoStFeP8LpSXjBxH7lG42boKQnLIzd8Jg8t2E+hkGh362y4q4OWdyMC1/MuTKsOW
wHyRQLzNfVEXCf7PCp5ZkAlaIZtsJQNIhqSoa8OGkCDT+P9C+cY=
=BQgO
-----END PGP SIGNATURE-----
Merge 4.14.93 into android-4.14
Changes in 4.14.93
pinctrl: meson: fix pull enable register calculation
powerpc: Fix COFF zImage booting on old powermacs
powerpc/mm: Fix linux page tables build with some configs
HID: ite: Add USB id match for another ITE based keyboard rfkill key quirk
ARM: imx: update the cpu power up timing setting on i.mx6sx
ARM: dts: imx7d-nitrogen7: Fix the description of the Wifi clock
Input: restore EV_ABS ABS_RESERVED
checkstack.pl: fix for aarch64
xfrm: Fix error return code in xfrm_output_one()
xfrm: Fix bucket count reported to userspace
xfrm: Fix NULL pointer dereference in xfrm_input when skb_dst_force clears the dst_entry.
netfilter: seqadj: re-load tcp header pointer after possible head reallocation
scsi: bnx2fc: Fix NULL dereference in error handling
Input: omap-keypad - fix idle configuration to not block SoC idle states
Input: synaptics - enable RMI on ThinkPad T560
ibmvnic: Fix non-atomic memory allocation in IRQ context
ieee802154: ca8210: fix possible u8 overflow in ca8210_rx_done
x86/mm: Fix guard hole handling
x86/dump_pagetables: Fix LDT remap address marker
i40e: fix mac filter delete when setting mac address
netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
netfilter: nat: can't use dst_hold on noref dst
bnx2x: Clear fip MAC when fcoe offload support is disabled
bnx2x: Remove configured vlans as part of unload sequence.
bnx2x: Send update-svid ramrod with retry/poll flags enabled
scsi: target: iscsi: cxgbit: fix csk leak
scsi: target: iscsi: cxgbit: add missing spin_lock_init()
x86, hyperv: remove PCI dependency
drivers: net: xgene: Remove unnecessary forward declarations
w90p910_ether: remove incorrect __init annotation
net: hns: Incorrect offset address used for some registers.
net: hns: All ports can not work when insmod hns ko after rmmod.
net: hns: Some registers use wrong address according to the datasheet.
net: hns: Fixed bug that netdev was opened twice
net: hns: Clean rx fbd when ae stopped.
net: hns: Free irq when exit from abnormal branch
net: hns: Avoid net reset caused by pause frames storm
net: hns: Fix ntuple-filters status error.
net: hns: Add mac pcs config when enable|disable mac
net: hns: Fix ping failed when use net bridge and send multicast
SUNRPC: Fix a race with XPRT_CONNECTING
qed: Fix an error code qed_ll2_start_xmit()
net: macb: fix random memory corruption on RX with 64-bit DMA
net: macb: fix dropped RX frames due to a race
lan78xx: Resolve issue with changing MAC address
vxge: ensure data0 is initialized in when fetching firmware version information
mac80211: free skb fraglist before freeing the skb
kbuild: fix false positive warning/error about missing libelf
virtio: fix test build after uio.h change
gpio: mvebu: only fail on missing clk if pwm is actually to be used
Input: synaptics - enable SMBus for HP EliteBook 840 G4
net: netxen: fix a missing check and an uninitialized use
qmi_wwan: Fix qmap header retrieval in qmimux_rx_fixup
serial/sunsu: fix refcount leak
scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown
scsi: lpfc: do not set queue->page_count to 0 if pc_sli4_params.wqpcnt is invalid
genirq/affinity: Don't return with empty affinity masks on error
tools: fix cross-compile var clobbering
fork: record start_time late
zram: fix double free backing device
hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined
mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL
mm, devm_memremap_pages: kill mapping "System RAM" support
mm, hmm: use devm semantics for hmm_devmem_{add, remove}
mm, hmm: mark hmm_devmem_{add, add_resource} EXPORT_SYMBOL_GPL
mm, swap: fix swapoff with KSM pages
sunrpc: fix cache_head leak due to queued request
sunrpc: use SVC_NET() in svcauth_gss_* functions
powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer
powerpc: Disable -Wbuiltin-requires-header when setjmp is used
ftrace: Build with CPPFLAGS to get -Qunused-arguments
md: raid10: remove VLAIS
kbuild: add -no-integrated-as Clang option unconditionally
kbuild: consolidate Clang compiler flags
Makefile: Export clang toolchain variables
powerpc/boot: Set target when cross-compiling for clang
raid6/ppc: Fix build for clang
vhost/vsock: fix uninitialized vhost_vsock->guest_cid
dm verity: fix crash on bufio buffer that was allocated with vmalloc
dm zoned: Fix target BIO completion handling
ALSA: cs46xx: Potential NULL dereference in probe
ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()
ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks
dlm: fixed memory leaks after failed ls_remove_names allocation
dlm: possible memory leak on error path in create_lkb()
dlm: lost put_lkb on error path in receive_convert() and receive_unlock()
dlm: memory leaks on error path in dlm_user_request()
gfs2: Get rid of potential double-freeing in gfs2_create_inode
gfs2: Fix loop in gfs2_rbm_find
b43: Fix error in cordic routine
selinux: policydb - fix byte order and alignment issues
lockd: Show pid of lockd for remote locks
scripts/kallsyms: filter arm64's __efistub_ symbols
arm64: drop linker script hack to hide __efistub_ symbols
arm64: relocatable: fix inconsistencies in linker script and options
powerpc/tm: Set MSR[TS] just prior to recheckpoint
9p/net: put a lower bound on msize
rxe: fix error completion wr_id and qp_num
iommu/vt-d: Handle domain agaw being less than iommu agaw
sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c
ceph: don't update importing cap's mseq when handing cap export
genwqe: Fix size check
intel_th: msu: Fix an off-by-one in attribute store
power: supply: olpc_battery: correct the temperature units
lib: fix build failure in CONFIG_DEBUG_VIRTUAL test
drm/vc4: Set ->is_yuv to false when num_planes == 1
bnx2x: Fix NULL pointer dereference in bnx2x_del_all_vlans() on some hw
tools: power/acpi, revert to LD = gcc
Linux 4.14.93
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Christophe Leroy
|
ff420ff182 |
lib: fix build failure in CONFIG_DEBUG_VIRTUAL test
commit 10fdf838e5f540beca466e9d1325999c072e5d3f upstream.
On several arches, virt_to_phys() is in io.h
Build fails without it:
CC lib/test_debug_virtual.o
lib/test_debug_virtual.c: In function 'test_debug_virtual_init':
lib/test_debug_virtual.c:26:7: error: implicit declaration of function 'virt_to_phys' [-Werror=implicit-function-declaration]
pa = virt_to_phys(va);
^
Fixes: e4dace361552 ("lib: add test module for CONFIG_DEBUG_VIRTUAL")
CC: stable@vger.kernel.org
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Joel Stanley
|
1f33700bdf |
raid6/ppc: Fix build for clang
commit e213574a449f7a57d4202c1869bbc7680b6b5521 upstream. We cannot build these files with clang as it does not allow altivec instructions in assembly when -msoft-float is passed. Jinsong Ji <jji@us.ibm.com> wrote: > We currently disable Altivec/VSX support when enabling soft-float. So > any usage of vector builtins will break. > > Enable Altivec/VSX with soft-float may need quite some clean up work, so > I guess this is currently a limitation. > > Removing -msoft-float will make it work (and we are lucky that no > floating point instructions will be generated as well). This is a workaround until the issue is resolved in clang. Link: https://bugs.llvm.org/show_bug.cgi?id=31177 Link: https://github.com/ClangBuiltLinux/linux/issues/239 Signed-off-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Nick Desaulniers <ndesaulniers@google.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> [nc: Use 'ifeq ($(cc-name),clang)' instead of 'ifdef CONFIG_CC_IS_CLANG' because that config does not exist in 4.14; the Kconfig rewrite that added that config happened in 4.18] Signed-off-by: Nathan Chancellor <natechancellor@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
310c9f0e31 |
This is the 4.14.89 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlwXXkgACgkQONu9yGCS aT6JpQ/9HJbNsJQnTRpq06a+pWTEJfekr/QGu3h/Xd3s2MLSrbh+LI1srxV+Uvum RRMMx/6O3MQ79rxhZ8KQASZFi50jct8xOVAYHXteK04Am/Kd+srxATfvzww+qk0Q XqUfT+5Q266eycU2hVkhxTS1mskNBOWc7b6JO30d9+m166D5qflQuwgSm1kjFyGE lceWUJEUN0KFSCIRH2bMs2m0sHPMCIkrzaAAHZgXmWGG9Dg51WlNxHrYCHZhvhI7 qGFRFv6ZLgr29DgGVdlGp6MV5ZCJYBVVHD5l1vnNu7ej190RXZlQaMrmaMWPwoSg c57qHLoo1L6ryv0tic1dT1zHkV2RSTTWqeuOovmp+z0ZKrAgdcUZou/9mAleN3Px QUzbKXAZe3OSOqb8W427EegNfzVlIm/YANU+MjjE1T0XMZytXUn2RjOFRjqJggfn 5ONWdbIWYBfcQKJv33EthG+XXgw7UO8djGG2QeikQzhR4qRVUnUj88ENjLaHC+Q6 U5+4pTvVI/GdbB8vGvK+IRpliO7leAJVMjb46DA9nd8q88dtYI+NNulYCvBtZqcC For7IqJxWtliyIJyOMijKwd3SP+PG+WruvxROohmgscUBvC0gO3K5UA9KLWvUy/w sfnWhnN13Yx/LWi/Ur10c/Ba4lnK4tKGQC23NI/FD8Hdr3R0Cv8= =Ut8S -----END PGP SIGNATURE----- Merge 4.14.89 into android-4.14 Changes in 4.14.89 ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes ipv6: Check available headroom in ip6_xmit() even without options neighbour: Avoid writing before skb->head in neigh_hh_output() ipv6: sr: properly initialize flowi6 prior passing to ip6_route_output net: 8139cp: fix a BUG triggered by changing mtu with network traffic net/mlx4_core: Correctly set PFC param if global pause is turned off. net/mlx4_en: Change min MTU size to ETH_MIN_MTU net: phy: don't allow __set_phy_supported to add unsupported modes net: Prevent invalid access to skb->prev in __qdisc_drop_all rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices sctp: kfree_rcu asoc tcp: Do not underestimate rwnd_limited tcp: fix NULL ref in tail loss probe tun: forbid iface creation with rtnl ops virtio-net: keep vnet header zeroed after processing XDP ARM: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup ASoC: rsnd: fixup clock start checker staging: rtl8723bs: Fix the return value in case of error in 'rtw_wx_read32()' ARM: dts: logicpd-somlv: Fix interrupt on mmc3_dat1 ARM: OMAP1: ams-delta: Fix possible use of uninitialized field sysv: return 'err' instead of 0 in __sysv_write_inode selftests: add script to stress-test nft packet path vs. control plane netfilter: nf_tables: fix use-after-free when deleting compat expressions hwmon (ina2xx) Fix NULL id pointer in probe() ASoC: wm_adsp: Fix dma-unsafe read of scratch registers s390/cpum_cf: Reject request for sampling in event initialization hwmon: (ina2xx) Fix current value calculation ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing ASoC: dapm: Recalculate audio map forcely when card instantiated iio/hid-sensors: Fix IIO_CHAN_INFO_RAW returning wrong values for signed numbers netfilter: xt_hashlimit: fix a possible memory leak in htable_create() hwmon: (w83795) temp4_type has writable permission perf tools: Restore proper cwd on return from mnt namespace PCI: imx6: Fix link training status detection in link up check objtool: Fix double-free in .cold detection error path objtool: Fix segfault in .cold detection with -ffunction-sections ARM: dts: at91: sama5d2: use the divided clock for SMC Btrfs: send, fix infinite loop due to directory rename dependencies RDMA/mlx5: Fix fence type for IB_WR_LOCAL_INV WR RDMA/rdmavt: Fix rvt_create_ah function signature ASoC: omap-mcbsp: Fix latency value calculation for pm_qos ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE ASoC: omap-dmic: Add pm_qos handling to avoid overruns with CPU_IDLE exportfs: do not read dentry after free bpf: fix check of allowed specifiers in bpf_trace_printk ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf USB: omap_udc: use devm_request_irq() USB: omap_udc: fix crashes on probe error and module removal USB: omap_udc: fix omap_udc_start() on 15xx machines USB: omap_udc: fix USB gadget functionality on Palm Tungsten E USB: omap_udc: fix rejection of out transfers when DMA is used drm/meson: add support for 1080p25 mode netfilter: ipv6: Preserve link scope traffic original oif IB/mlx5: Fix page fault handling for MW KVM: x86: fix empty-body warnings x86/kvm/vmx: fix old-style function declaration net: thunderx: fix NULL pointer dereference in nic_remove usb: gadget: u_ether: fix unsafe list iteration netfilter: nf_tables: deactivate expressions in rule replecement routine cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active igb: fix uninitialized variables ixgbe: recognize 1000BaseLX SFP modules as 1Gbps net: hisilicon: remove unexpected free_netdev drm/amdgpu: Add delay after enable RLC ucode drm/ast: fixed reading monitor EDID not stable issue xen: xlate_mmu: add missing header to fix 'W=1' warning Revert "xen/balloon: Mark unallocated host memory as UNUSABLE" pstore/ram: Correctly calculate usable PRZ bytes fscache: fix race between enablement and dropping of object fscache, cachefiles: remove redundant variable 'cache' nvme: flush namespace scanning work just before removing namespaces ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value ocfs2: fix deadlock caused by ocfs2_defrag_extent() mm/page_alloc.c: fix calculation of pgdat->nr_zones hfs: do not free node before using hfsplus: do not free node before using debugobjects: avoid recursive calls with kmemleak ocfs2: fix potential use after free Revert "printk: Never set console_may_schedule in console_trylock()" printk: Add console owner and waiter logic to load balance console writes printk: Hide console waiter logic into helpers printk: Never set console_may_schedule in console_trylock() printk: Wake klogd when passing console_lock owner lib/rbtree-test: lower default params flexfiles: enforce per-mirror stateid only for v4 DSes staging: speakup: Replace strncpy with memcpy ALSA: fireface: fix reference to wrong register for clock configuration ALSA: hda/realtek - Fixed headphone issue for ALC700 IB/hfi1: Fix an out-of-bounds access in get_hw_stats tcp: lack of available data can also cause TSO defer Linux 4.14.89 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Davidlohr Bueso
|
891e5a89f0 |
lib/rbtree-test: lower default params
commit 0b548e33e6cb2bff240fdaf1783783be15c29080 upstream. Fengguang reported soft lockups while running the rbtree and interval tree test modules. The logic for these tests all occur in init phase, and we currently are pounding with the default values for number of nodes and number of iterations of each test. Reduce the latter by two orders of magnitude. This does not influence the value of the tests in that one thousand times by default is enough to get the picture. Link: http://lkml.kernel.org/r/20171109161715.xai2dtwqw2frhkcm@linux-n805 Signed-off-by: Davidlohr Bueso <dbueso@suse.de> Reported-by: Fengguang Wu <fengguang.wu@intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Guenter Roeck <linux@roeck-us.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |