mirror of
https://github.com/rd-stuffs/msm-4.14.git
synced 2025-02-20 11:45:48 +08:00
854 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Richard Raya
|
9cdc78c354 |
Merge branch 'android-4.14-stable' of https://android.googlesource.com/kernel/common
* 'android-4.14-stable' of https://android.googlesource.com/kernel/common: (2966 commits) Linux 4.14.331 net: sched: fix race condition in qdisc_graft() scsi: virtio_scsi: limit number of hw queues by nr_cpu_ids ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks ext4: correct return value of ext4_convert_meta_bg ext4: correct offset of gdb backup in non meta_bg group to update_backups ext4: apply umask if ACL support is disabled media: venus: hfi: fix the check to handle session buffer requirement media: sharp: fix sharp encoding i2c: i801: fix potential race in i801_block_transaction_byte_by_byte net: dsa: lan9303: consequently nested-lock physical MDIO ALSA: info: Fix potential deadlock at disconnection parisc/pgtable: Do not drop upper 5 address bits of physical address parisc: Prevent booting 64-bit kernels on PA1.x machines mcb: fix error handling for different scenarios when parsing jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware mmc: meson-gx: Remove setting of CMD_CFG_ERROR PM: hibernate: Clean up sync_read handling in snapshot_write_next() PM: hibernate: Use __get_safe_page() rather than touching the list ... Change-Id: I755d2aa7c525ace28adc4aee433572b3110ea39b |
||
Greg Kroah-Hartman
|
fce78edbb4 |
This is the 4.14.322 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmTWAT4ACgkQONu9yGCS
aT6kKxAA00HDcoEbS4CpQxK1ggeeW6xMFqPHHwUz62ScZPR1zcrR4ag5UrKOQALF
cCQwt2nVBMUXciiQd3gY+MciAYPRVIXLMK9QqQEJSBZ+2p8zY3nb/HbM6o8iKQeV
xIhUneiyHtbOyTo3oQcyET7ngwxtDp9uEnd+8I+sSbGi8Wyh8Z8L2daVQTrke1Js
QIe3wDQsUj0pEDhRfYx29JKeQ8fBOfZlxtFEsdHvGgP/4j2EXGwyMVnt3/DVuwM8
5/b/SML0skSh8YM9JfMQwpYpR+MAFGyyYKoF2pGu1trvyoh2Jd3TYuYcNqjwIywg
W+ODGmULcYUYPBzUMdvrefwpn4l/2qpPCJ8FHB80h+4Jmy6PMN7lm1YnMBeQK4GP
ACLr2BzJ4Tp5LavWZpTpqdRlC039aSZqY+7K+H/eoNstwZMU3hKc3Kn2KrPss0pp
K0M7+8oukTnSiFNgIXVJOsr+kN1nNvtQmqCVRWlrn2cQckdDf8pVkPl/QtC3ZtWf
aI8xYr6UpAr0z1elK5p9lO6N0R8FLwVmDG7B4b/6nLbWtRSt53ay/nMAzebodpn1
8r+6ZoXO5LedNJsUOMJqE58X0ywbUgcx8mfkuRS8PLXEk7yI4+PR7DCeWyZ/YdVX
dUqaYIK0yYx9yXAkMaSdrnMs+OSqa6lK9c9juPDvFox+ngLAjNk=
=67ef
-----END PGP SIGNATURE-----
Merge 4.14.322 into android-4.14-stable
Changes in 4.14.322
gfs2: Don't deref jdesc in evict
x86/microcode/AMD: Load late on both threads too
x86/smp: Use dedicated cache-line for mwait_play_dead()
fbdev: imsttfb: Fix use after free bug in imsttfb_probe
drm/edid: Fix uninitialized variable in drm_cvt_modes()
scripts/tags.sh: Resolve gtags empty index generation
drm/amdgpu: Validate VM ioctl flags.
treewide: Remove uninitialized_var() usage
md/raid10: fix overflow of md/safe_mode_delay
md/raid10: fix wrong setting of max_corr_read_errors
md/raid10: fix io loss while replacement replace rdev
PM: domains: fix integer overflow issues in genpd_parse_state()
evm: Complete description of evm_inode_setattr()
wifi: ath9k: fix AR9003 mac hardware hang check register offset calculation
wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx
wifi: orinoco: Fix an error handling path in spectrum_cs_probe()
wifi: orinoco: Fix an error handling path in orinoco_cs_probe()
wifi: atmel: Fix an error handling path in atmel_probe()
wifi: wl3501_cs: Fix an error handling path in wl3501_probe()
wifi: ray_cs: Fix an error handling path in ray_probe()
wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
watchdog/perf: define dummy watchdog_update_hrtimer_threshold() on correct config
watchdog/perf: more properly prevent false positives with turbo modes
kexec: fix a memory leak in crash_shrink_memory()
memstick r592: make memstick_debug_get_tpc_name() static
wifi: ath9k: Fix possible stall on ath9k_txq_list_has_key()
wifi: ath9k: convert msecs to jiffies where needed
netlink: fix potential deadlock in netlink_set_err()
netlink: do not hard code device address lenth in fdb dumps
gtp: Fix use-after-free in __gtp_encap_destroy().
lib/ts_bm: reset initial match offset for every block of text
netfilter: nf_conntrack_sip: fix the ct_sip_parse_numerical_param() return value.
netlink: Add __sock_i_ino() for __netlink_diag_dump().
radeon: avoid double free in ci_dpm_init()
Input: drv260x - sleep between polling GO bit
ARM: dts: BCM5301X: Drop "clock-names" from the SPI node
Input: adxl34x - do not hardcode interrupt trigger type
drm/panel: simple: fix active size for Ampire AM-480272H3TMQW-T01H
ARM: ep93xx: fix missing-prototype warnings
ASoC: es8316: Increment max value for ALC Capture Target Volume control
soc/fsl/qe: fix usb.c build errors
fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()
drm/radeon: fix possible division-by-zero errors
ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer
scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe()
PCI: Add pci_clear_master() stub for non-CONFIG_PCI
pinctrl: cherryview: Return correct value if pin in push-pull mode
perf dwarf-aux: Fix off-by-one in die_get_varname()
pinctrl: at91-pio4: check return value of devm_kasprintf()
crypto: nx - fix build warnings when DEBUG_FS is not enabled
modpost: fix section mismatch message for R_ARM_ABS32
modpost: fix section mismatch message for R_ARM_{PC24,CALL,JUMP24}
modpost: fix off by one in is_executable_section()
USB: serial: option: add LARA-R6 01B PIDs
block: change all __u32 annotations to __be32 in affs_hardblocks.h
w1: fix loop in w1_fini()
sh: j2: Use ioremap() to translate device tree address into kernel memory
media: usb: Check az6007_read() return value
media: videodev2.h: Fix struct v4l2_input tuner index comment
media: usb: siano: Fix warning due to null work_func_t function pointer
extcon: Fix kernel doc of property fields to avoid warnings
extcon: Fix kernel doc of property capability fields to avoid warnings
usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
mfd: rt5033: Drop rt5033-battery sub-device
mfd: intel-lpss: Add missing check for platform_get_resource
mfd: stmpe: Only disable the regulators if they are enabled
rtc: st-lpc: Release some resources in st_rtc_probe() in case of error
sctp: fix potential deadlock on &net->sctp.addr_wq_lock
Add MODULE_FIRMWARE() for FIRMWARE_TG357766.
spi: bcm-qspi: return error if neither hif_mspi nor mspi is available
mailbox: ti-msgmgr: Fill non-message tx data fields with 0x0
powerpc: allow PPC_EARLY_DEBUG_CPM only when SERIAL_CPM=y
net: bridge: keep ports without IFF_UNICAST_FLT in BR_PROMISC mode
tcp: annotate data races in __tcp_oow_rate_limited()
net/sched: act_pedit: Add size check for TCA_PEDIT_PARMS_EX
sh: dma: Fix DMA channel offset calculation
NFSD: add encoding of op_recall flag for write delegation
mmc: core: disable TRIM on Kingston EMMC04G-M627
mmc: core: disable TRIM on Micron MTFC4GACAJCN-1M
integrity: Fix possible multiple allocation in integrity_inode_get()
jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
btrfs: fix race when deleting quota root from the dirty cow roots list
ARM: orion5x: fix d2net gpio initialization
spi: spi-fsl-spi: remove always-true conditional in fsl_spi_do_one_msg
spi: spi-fsl-spi: relax message sanity checking a little
spi: spi-fsl-spi: allow changing bits_per_word while CS is still active
netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
netfilter: nf_tables: unbind non-anonymous set if rule construction fails
netfilter: conntrack: Avoid nf_ct_helper_hash uses after free
netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
workqueue: clean up WORK_* constant types, clarify masking
net: mvneta: fix txq_map in case of txq_number==1
udp6: fix udp6_ehashfn() typo
ntb: idt: Fix error handling in idt_pci_driver_init()
NTB: amd: Fix error handling in amd_ntb_pci_driver_init()
ntb: intel: Fix error handling in intel_ntb_pci_driver_init()
NTB: ntb_transport: fix possible memory leak while device_register() fails
ipv6/addrconf: fix a potential refcount underflow for idev
wifi: airo: avoid uninitialized warning in airo_get_rate()
net/sched: make psched_mtu() RTNL-less safe
tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
perf intel-pt: Fix CYC timestamps after standalone CBR
ext4: fix wrong unit use in ext4_mb_clear_bb
ext4: only update i_reserved_data_blocks on successful block allocation
jfs: jfs_dmap: Validate db_l2nbperpage while mounting
PCI: Add function 1 DMA alias quirk for Marvell 88SE9235
misc: pci_endpoint_test: Re-init completion for every test
md/raid0: add discard support for the 'original' layout
fs: dlm: return positive pid value for F_GETLK
hwrng: imx-rngc - fix the timeout for init and self check
meson saradc: fix clock divider mask length
Revert "8250: add support for ASIX devices with a FIFO bug"
tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error
tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk
ring-buffer: Fix deadloop issue on reading trace_pipe
xtensa: ISS: fix call to split_if_spec
scsi: qla2xxx: Wait for io return on terminate rport
scsi: qla2xxx: Fix potential NULL pointer dereference
scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
scsi: qla2xxx: Pointer may be dereferenced
serial: atmel: don't enable IRQs prematurely
perf probe: Add test for regression introduced by switch to die_get_decl_file()
fuse: revalidate: don't invalidate if interrupted
can: bcm: Fix UAF in bcm_proc_show()
ext4: correct inline offset when handling xattrs in inode body
debugobjects: Recheck debug_objects_enabled before reporting
nbd: Add the maximum limit of allocated index in nbd_dev_add
md: fix data corruption for raid456 when reshape restart while grow up
md/raid10: prevent soft lockup while flush writes
posix-timers: Ensure timer ID search-loop limit is valid
sched/fair: Don't balance task to its current running CPU
bpf: Address KCSAN report on bpf_lru_list
wifi: wext-core: Fix -Wstringop-overflow warning in ioctl_standard_iw_point()
igb: Fix igb_down hung on surprise removal
spi: bcm63xx: fix max prepend length
fbdev: imxfb: warn about invalid left/right margin
pinctrl: amd: Use amd_pinconf_set() for all config options
net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field()/cpsw_ale_set_field()
fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe
llc: Don't drop packet from non-root netns.
netfilter: nf_tables: fix spurious set element insertion failure
tcp: annotate data-races around rskq_defer_accept
tcp: annotate data-races around tp->notsent_lowat
tcp: annotate data-races around fastopenq.max_qlen
gpio: tps68470: Make tps68470_gpio_output() always set the initial value
i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir()
ethernet: atheros: fix return value check in atl1e_tso_csum()
ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new temporary address
tcp: Reduce chance of collisions in inet6_hashfn().
bonding: reset bond's flags when down link is P2P device
team: reset team's flags when down link is P2P device
platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100
benet: fix return value check in be_lancer_xmit_workarounds()
ASoC: fsl_spdif: Silence output on stop
block: Fix a source code comment in include/uapi/linux/blkzoned.h
dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths
ata: pata_ns87415: mark ns87560_tf_read static
ring-buffer: Fix wrong stat of cpu_buffer->read
tracing: Fix warning in trace_buffered_event_disable()
USB: serial: option: support Quectel EM060K_128
USB: serial: option: add Quectel EC200A module support
USB: serial: simple: add Kaufmann RKS+CAN VCP
USB: serial: simple: sort driver entries
can: gs_usb: gs_can_close(): add missing set of CAN state to CAN_STATE_STOPPED
usb: ohci-at91: Fix the unhandle interrupt when resume
usb: xhci-mtk: set the dma max_seg_size
Documentation: security-bugs.rst: update preferences when dealing with the linux-distros group
staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()
hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
tpm_tis: Explicitly check for error code
irq-bcm6345-l1: Do not assume a fixed block to cpu mapping
s390/dasd: fix hanging device after quiesce/resume
ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register
dm cache policy smq: ensure IO doesn't prevent cleaner policy progress
drm/client: Fix memory leak in drm_client_target_cloned
net/sched: cls_fw: Fix improper refcount update leads to use-after-free
net/sched: sch_qfq: account for stab overhead in qfq_enqueue
net/sched: cls_u32: Fix reference counter leak leading to overflow
perf: Fix function pointer case
word-at-a-time: use the same return type for has_zero regardless of endianness
net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer()
perf test uprobe_from_different_cu: Skip if there is no gcc
net: add missing data-race annotations around sk->sk_peek_off
net: add missing data-race annotation for sk_ll_usec
net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free
net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free
ip6mr: Fix skb_under_panic in ip6mr_cache_report()
tcp_metrics: fix addr_same() helper
tcp_metrics: annotate data-races around tm->tcpm_stamp
tcp_metrics: annotate data-races around tm->tcpm_lock
tcp_metrics: annotate data-races around tm->tcpm_vals[]
tcp_metrics: annotate data-races around tm->tcpm_net
tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen
loop: Select I/O scheduler 'none' from inside add_disk()
libceph: fix potential hang in ceph_osdc_notify()
USB: zaurus: Add ID for A-300/B-500/C-700
fs/sysv: Null check to prevent null-ptr-deref bug
Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb
net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
ext2: Drop fragment support
test_firmware: fix a memory leak with reqs buffer
mtd: rawnand: omap_elm: Fix incorrect type in assignment
drm/edid: fix objtool warning in drm_cvt_modes()
Linux 4.14.322
Change-Id: Ia25c00bd23a112b634b83577ec7d54569e8b7c70
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Kees Cook
|
d68627697d |
treewide: Remove uninitialized_var() usage
commit 3f649ab728cda8038259d8f14492fe400fbab911 upstream. Using uninitialized_var() is dangerous as it papers over real bugs[1] (or can in the future), and suppresses unrelated compiler warnings (e.g. "unused variable"). If the compiler thinks it is uninitialized, either simply initialize the variable or make compiler changes. In preparation for removing[2] the[3] macro[4], remove all remaining needless uses with the following script: git grep '\buninitialized_var\b' | cut -d: -f1 | sort -u | \ xargs perl -pi -e \ 's/\buninitialized_var\(([^\)]+)\)/\1/g; s:\s*/\* (GCC be quiet|to make compiler happy) \*/$::g;' drivers/video/fbdev/riva/riva_hw.c was manually tweaked to avoid pathological white-space. No outstanding warnings were found building allmodconfig with GCC 9.3.0 for x86_64, i386, arm64, arm, powerpc, powerpc64le, s390x, mips, sparc64, alpha, and m68k. [1] https://lore.kernel.org/lkml/20200603174714.192027-1-glider@google.com/ [2] https://lore.kernel.org/lkml/CA+55aFw+Vbj0i=1TGqCR5vQkCzWJ0QxK6CernOU6eedsudAixw@mail.gmail.com/ [3] https://lore.kernel.org/lkml/CA+55aFwgbgqhbp1fkxvRKEpzyR5J8n1vKT1VZdz9knmPuXhOeg@mail.gmail.com/ [4] https://lore.kernel.org/lkml/CA+55aFz2500WfbKXAx8s67wrm9=yVJu65TpLgN_ybYNv0VEOKA@mail.gmail.com/ Reviewed-by: Leon Romanovsky <leonro@mellanox.com> # drivers/infiniband and mlx4/mlx5 Acked-by: Jason Gunthorpe <jgg@mellanox.com> # IB Acked-by: Kalle Valo <kvalo@codeaurora.org> # wireless drivers Reviewed-by: Chao Yu <yuchao0@huawei.com> # erofs Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
0efbe093b6 |
This is the 4.14.315 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmRkmmMACgkQONu9yGCS
aT5S/g/+LHkUcwpnnPu5llymtK0jd/0WvwWUJfJAOlGpa3l9CkoPtjHzNwtagoFR
2+woN7zhC7UteTz20/RXMFtNv7zFOMA91nsVSmYp4Cc997XpILeTkzpQMzoCm8Qt
YFMpKEX0op6sAR+NUJ5Vaj/HaFBvO9J2ZMGGrxeUKVPAAgRk3AdvTGfHFwzXlmfb
AKVo9jhG7NszYeLYIHRONMDJRyiBLJXrLSLfn+u+uKKRjNnBqJJEDQu3zYt6kavy
M/8CE6QgOoCAcbyTIgVw9ZU51ydWfbKiEnMpEwPAEHy6C4xrYfMnWqF8LDjkSNCL
xsNYbAyaPh/MdJoLGdTcuRSp58xP5dNT366xShN78RLqbeKPfg0nZCHMDWnC4BZP
ET+zAwiueaf64Hu3NWHq8IC74EhgM8ZCzLiVb9CqCyllcVCT2xjdRE8eJtXz5Vgq
ahsuJmvzGdSIkX6HFh8QKpWdoeRSPbOol+/xD/0fPFf97EiAvMZX5kLgfI+o0rGj
6fZuENIECp/WHiIqHJ2bsGb69M/OeJfoISxUUVFrCnGduXA59Gnj9zKftNHyNMQZ
GCu2yHYkkM50RRw9xSO/286Z3mbz84fFRc8PKwWzu7veghuPXYOOKaA4Eleaw/Oy
Sx92e2OTKjQVGKadHT4HfTd1xabks/9qLGBpx20GuRsfhHt/yJo=
=ef7P
-----END PGP SIGNATURE-----
Merge 4.14.315 into android-4.14-stable
Changes in 4.14.315
wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
bluetooth: Perform careful capability checks in hci_sock_ioctl()
USB: serial: option: add UNISOC vendor and TOZED LT70C product
iio: adc: palmas_gpadc: fix NULL dereference on rmmod
USB: dwc3: fix runtime pm imbalance on unbind
perf sched: Cast PTHREAD_STACK_MIN to int as it may turn into sysconf(__SC_THREAD_STACK_MIN_VALUE)
staging: iio: resolver: ads1210: fix config mode
MIPS: fw: Allow firmware to pass a empty env
ring-buffer: Sync IRQ works before buffer destruction
reiserfs: Add security prefix to xattr name in reiserfs_security_write()
i2c: omap: Fix standard mode false ACK readings
Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
ubi: Fix return value overwrite issue in try_write_vid_and_data()
ubifs: Free memory for tmpfile name
selinux: fix Makefile dependencies of flask.h
selinux: ensure av_permissions.h is built when needed
drm/rockchip: Drop unbalanced obj unref
drm/vgem: add missing mutex_destroy
drm/probe-helper: Cancel previous job before starting new one
media: bdisp: Add missing check for create_workqueue
media: av7110: prevent underflow in write_ts_to_decoder()
x86/apic: Fix atomic update of offset in reserve_eilvt_offset()
media: dm1105: Fix use after free bug in dm1105_remove due to race condition
x86/ioapic: Don't return 0 from arch_dynirq_lower_bound()
arm64: kgdb: Set PSTATE.SS to 1 to re-enable single-step
wifi: ath6kl: minor fix for allocation size
wifi: ath5k: fix an off by one check in ath5k_eeprom_read_freq_list()
wifi: ath6kl: reduce WARN to dev_dbg() in callback
scm: fix MSG_CTRUNC setting condition for SO_PASSSEC
vlan: partially enable SIOCSHWTSTAMP in container
net/packet: convert po->origdev to an atomic flag
net/packet: convert po->auxdata to an atomic flag
scsi: target: iscsit: Fix TAS handling during conn cleanup
scsi: megaraid: Fix mega_cmd_done() CMDID_INT_CMDS
md/raid10: fix leak of 'r10bio->remaining' for recovery
wifi: iwlwifi: make the loop for card preparation effective
wifi: iwlwifi: mvm: check firmware response size
ixgbe: Allow flow hash to be set via ethtool
ixgbe: Enable setting RSS table to default values
ipv4: Fix potential uninit variable access bug in __ip_make_skb()
Revert "Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work"
net: amd: Fix link leak when verifying config failed
tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.
pstore: Revert pmsg_lock back to a normal mutex
linux/vt_buffer.h: allow either builtin or modular for macros
spi: fsl-spi: Fix CPM/QE mode Litte Endian
of: Fix modalias string generation
ia64: mm/contig: fix section mismatch warning/error
uapi/linux/const.h: prefer ISO-friendly __typeof__
sh: sq: Fix incorrect element size for allocating bitmap buffer
usb: chipidea: fix missing goto in `ci_hdrc_probe`
tty: serial: fsl_lpuart: adjust buffer length to the intended size
serial: 8250: Add missing wakeup event reporting
staging: rtl8192e: Fix W_DISABLE# does not work after stop/start
spmi: Add a check for remove callback when removing a SPMI driver
macintosh/windfarm_smu_sat: Add missing of_node_put()
powerpc/mpc512x: fix resource printk format warning
powerpc/wii: fix resource printk format warnings
powerpc/sysdev/tsi108: fix resource printk format warnings
macintosh: via-pmu-led: requires ATA to be set
powerpc/rtas: use memmove for potentially overlapping buffer copy
perf/core: Fix hardlockup failure caused by perf throttle
RDMA/rdmavt: Delete unnecessary NULL check
power: supply: generic-adc-battery: fix unit scaling
clk: add missing of_node_put() in "assigned-clocks" property parsing
IB/hfi1: Fix SDMA mmu_rb_node not being evicted in LRU order
NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease
SUNRPC: remove the maximum number of retries in call_bind_status
phy: tegra: xusb: Add missing tegra_xusb_port_unregister for usb2_port and ulpi_port
dmaengine: at_xdmac: do not enable all cyclic channels
parisc: Fix argument pointer in real64_call_asm()
nilfs2: do not write dirty data after degenerating to read-only
nilfs2: fix infinite loop in nilfs_mdt_get_block()
wifi: rtl8xxxu: RTL8192EU always needs full init
clk: rockchip: rk3399: allow clk_cifout to force clk_cifout_src to reparent
btrfs: scrub: reject unsupported scrub flags
s390/dasd: fix hanging blockdevice after request requeue
dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
dm flakey: fix a crash with invalid table line
dm ioctl: fix nested locking in table_clear() to remove deadlock concern
perf auxtrace: Fix address filter entire kernel size
netfilter: nf_tables: split set destruction in deactivate and destroy phase
netfilter: nf_tables: unbind set in rule from commit path
netfilter: nft_hash: fix nft_hash_deactivate
netfilter: nf_tables: use-after-free in failing rule with bound set
netfilter: nf_tables: bogus EBUSY when deleting set after flush
netfilter: nf_tables: deactivate anonymous set from preparation phase
sit: update dev->needed_headroom in ipip6_tunnel_bind_dev()
writeback: fix call of incorrect macro
net/sched: act_mirred: Add carrier check
af_packet: Don't send zero-byte data in packet_sendmsg_spkt().
ALSA: caiaq: input: Add error handling for unsupported input methods in `snd_usb_caiaq_input_init`
perf vendor events power9: Remove UTF-8 characters from JSON files
perf map: Delete two variable initialisations before null pointer checks in sort__sym_from_cmp()
perf symbols: Fix return incorrect build_id size in elf_read_build_id()
btrfs: fix btrfs_prev_leaf() to not return the same key twice
btrfs: print-tree: parent bytenr must be aligned to sector size
cifs: fix pcchunk length type in smb2_copychunk_range
sh: math-emu: fix macro redefined warning
sh: nmi_debug: fix return value of __setup handler
ARM: dts: exynos: fix WM8960 clock name in Itop Elite
ARM: dts: s5pv210: correct MIPI CSIS clock name
HID: wacom: Set a default resolution for older tablets
ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum
ext4: improve error recovery code paths in __ext4_remount()
ext4: add bounds checking in get_max_inline_xattr_value_size()
ext4: bail out of ext4_xattr_ibody_get() fails for any reason
ext4: remove a BUG_ON in ext4_mb_release_group_pa()
ext4: fix invalid free tracking in ext4_xattr_move_to_block()
perf bench: Share some global variables to fix build with gcc 10
tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
serial: 8250: Fix serial8250_tx_empty() race with DMA Tx
drbd: correctly submit flush bio on barrier
printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h
mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock
Linux 4.14.315
Change-Id: I7e3fda05118b08edc995f33280f9eec1f563b951
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Mårten Lindahl
|
8ad8c67a89 |
ubifs: Free memory for tmpfile name
commit 1fb815b38bb31d6af9bd0540b8652a0d6fe6cfd3 upstream.
When opening a ubifs tmpfile on an encrypted directory, function
fscrypt_setup_filename allocates memory for the name that is to be
stored in the directory entry, but after the name has been copied to the
directory entry inode, the memory is not freed.
When running kmemleak on it we see that it is registered as a leak. The
report below is triggered by a simple program 'tmpfile' just opening a
tmpfile:
unreferenced object 0xffff88810178f380 (size 32):
comm "tmpfile", pid 509, jiffies 4294934744 (age 1524.742s)
backtrace:
__kmem_cache_alloc_node
__kmalloc
fscrypt_setup_filename
ubifs_tmpfile
vfs_tmpfile
path_openat
Free this memory after it has been copied to the inode.
Signed-off-by: Mårten Lindahl <marten.lindahl@axis.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Cc: stable@vger.kernel.org
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Zhihao Cheng
|
e431beb084 |
Revert "ubifs: dirty_cow_znode: Fix memleak in error handling path"
commit 7d01cb27f6aebc54efbe28d8961a973b8f795b13 upstream. This reverts commit 122deabfe1428 (ubifs: dirty_cow_znode: Fix memleak in error handling path). After commit 122deabfe1428 applied, if insert_old_idx() failed, old index neither exists in TNC nor in old-index tree. Which means that old index node could be overwritten in layout_leb_in_gaps(), then ubifs image will be corrupted in power-cut. Fixes: 122deabfe1428 (ubifs: dirty_cow_znode: Fix memleak ... path) Cc: stable@vger.kernel.org Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
dcf8e96bea |
This is the 4.14.308 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmQMngEACgkQONu9yGCS aT5ifBAAlRcsirDWn3jLJYYFuBv02tDCwZWOlkNUhobBYP6V5Qiu0clDb8GOW7px VLSy6uxKS3FSVFxv7Jg0tM0Kb4id6u3hn1OpXDgKFDpofwH1mF/pHHm0TszlwBkK 1d3X04HfowiGrmFEx0uz5RCJSFj/7xDcmq2AivRs2KmTvThHmOZBVSIiv5kr+t1z 7TJ5JNE3OK9IaHK/Ic9p3/8r3Xx0pwpZnS9vBL2KbPOjDiYIAnwtfQ5efg++Dfw8 rCeFpDFGVVW0Biau17Q+1NBN8GhVcn0A7C6oCZZhEgGhWdEPkTn3UVaYaYE8FPnV wM1zPhcYUus0QVUUE9wgsxmVFsiSc2KcSraii98PPgnNFdj2nYQzYNAfmiyByKnr U3wuQvF69L+Z9sRo4z3zjjVnO2gYNgdygdwekbXnVraTDv5NhbVwyJ7LngaseGXN QQZMD2AEJtAbng9zDi8kQbHM1MpdRWhtcUyhP2R9qZ2rcnXyk1cJz2Qw3oqJV6Av yLl8g74112CErNyVDJqMJV1TzQDtkN6A1xXzLwUtMLUJ8dYedlopduhhDRaM94Xx ZJjiduSsif1eeYMheNC82F3pR5As7FJFlnqTBcJIYSmfYQ3ooYUBGhyGhp3tFn1F HY7AXdIQRqtbRcJMx2Hs0ZA86FCWHYafQDr+4QO9WEU1d8y5vvg= =ch57 -----END PGP SIGNATURE----- Merge 4.14.308 into android-4.14-stable Changes in 4.14.308 ARM: dts: rockchip: add power-domains property to dp node on rk3288 btrfs: send: limit number of clones and allocated memory size IB/hfi1: Assign npages earlier net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues(). bpf: Do not use ax register in interpreter on div/mod bpf: fix subprog verifier bypass by div/mod by 0 exception bpf: Fix 32 bit src register truncation on div/mod bpf: Fix truncation handling for mod32 dst reg wrt zero dmaengine: sh: rcar-dmac: Check for error num after dma_set_max_seg_size USB: serial: option: add support for VW/Skoda "Carstick LTE" USB: core: Don't hold device lock while reading the "descriptors" sysfs file HID: asus: Remove check for same LED brightness on set HID: asus: use spinlock to protect concurrent accesses HID: asus: use spinlock to safely schedule workers ARM: OMAP2+: Fix memory leak in realtime_counter_init() ARM: zynq: Fix refcount leak in zynq_early_slcr_init arm64: dts: meson-gx: Fix Ethernet MAC address unit name arm64: dts: meson-gx: Fix the SCPI DVFS node name and unit address ARM: OMAP1: call platform_device_put() in error case in omap1_dm_timer_init() ARM: dts: exynos: correct wr-active property in Exynos3250 Rinato arm64: dts: amlogic: meson-gx: fix SCPI clock dvfs node name arm64: dts: amlogic: meson-gx: add missing unit address to rng node name arm64: dts: amlogic: meson-gxl: add missing unit address to eth-phy-mux node name block: bio-integrity: Copy flags when bio_integrity_payload is cloned wifi: libertas: fix memory leak in lbs_init_adapter() wifi: rtl8xxxu: don't call dev_kfree_skb() under spin_lock_irqsave() wifi: ipw2200: fix memory leak in ipw_wdev_init() wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit() wifi: brcmfmac: unmap dma buffer in brcmf_msgbuf_alloc_pktid() wifi: libertas: main: don't call kfree_skb() under spin_lock_irqsave() wifi: libertas: cmdresp: don't call kfree_skb() under spin_lock_irqsave() wifi: wl3501_cs: don't call kfree_skb() under spin_lock_irqsave() genirq: Fix the return type of kstat_cpu_irqs_sum() lib/mpi: Fix buffer overrun when SG is too long ACPICA: nsrepair: handle cases without a return value correctly wifi: orinoco: check return value of hermes_write_wordrec() wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() ACPI: battery: Fix missing NUL-termination with large strings crypto: seqiv - Handle EBUSY correctly net/mlx5: Enhance debug print in page allocation failure irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains irqchip/irq-mvebu-gicp: Fix refcount leak in mvebu_gicp_probe cpufreq: davinci: Fix clk use after free Bluetooth: L2CAP: Fix potential user-after-free crypto: rsa-pkcs1pad - Use akcipher_request_complete m68k: /proc/hardware should depend on PROC_FS wifi: mwifiex: fix loop iterator in mwifiex_update_ampdu_txwinsize() can: esd_usb: Move mislocated storage of SJA1000_ECC_SEG bits in case of a bus error irqchip/irq-bcm7120-l2: Set IRQ_LEVEL for level triggered interrupts drm: mxsfb: DRM_MXSFB should depend on ARCH_MXS || ARCH_MXC drm/bridge: megachips: Fix error handling in i2c_register_driver() gpu: ipu-v3: common: Add of_node_put() for reference returned by of_graph_get_port_by_id() drm/msm/hdmi: Add missing check for alloc_ordered_workqueue pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups ALSA: hda/ca0132: minor fix for allocation size drm/mipi-dsi: Fix byte order of 16-bit DCS set/get brightness drm/mediatek: Drop unbalanced obj unref ASoC: soc-compress.c: fixup private_data on snd_soc_new_compress() gpio: vf610: connect GPIO label to dev name hwmon: (ltc2945) Handle error case in ltc2945_value_store scsi: aic94xx: Add missing check for dma_map_single() dm: remove flush_scheduled_work() during local_exit() mfd: pcf50633-adc: Fix potential memleak in pcf50633_adc_async_read() mtd: rawnand: sunxi: Fix the size of the last OOB region Input: ads7846 - don't report pressure for ads7845 Input: ads7846 - don't check penirq immediately for 7845 powerpc/powernv/ioda: Skip unallocated resources when mapping to PE powerpc/pseries/lparcfg: add missing RTAS retry status handling MIPS: vpe-mt: drop physical_memsize media: platform: ti: Add missing check for devm_regulator_get media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() media: usb: siano: Fix use after free bugs caused by do_submit_urb rpmsg: glink: Avoid infinite loop on intent for missing channel udf: Define EFSCORRUPTED error code ARM: dts: exynos: Use Exynos5420 compatible for the MIPI video phy wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() rcu: Suppress smp_processor_id() complaint in synchronize_rcu_expedited_wait() thermal: intel: Fix unsigned comparison with less than zero timers: Prevent union confusion from unexpected restart_syscall() x86/bugs: Reset speculation control settings on init inet: fix fast path in __inet_hash_connect() ACPI: Don't build ACPICA with '-Os' net: bcmgenet: Add a check for oversized packets m68k: Check syscall_trace_enter() return code ACPI: video: Fix Lenovo Ideapad Z570 DMI match drm/radeon: free iio for atombios when driver shutdown drm/msm/dsi: Add missing check for alloc_ordered_workqueue docs/scripts/gdb: add necessary make scripts_gdb step ASoC: kirkwood: Iterate over array indexes instead of using pointer math regulator: max77802: Bounds check regulator id against opmode regulator: s5m8767: Bounds check id indexing into arrays pinctrl: at91: use devm_kasprintf() to avoid potential leaks dm thin: add cond_resched() to various workqueue loops dm cache: add cond_resched() to various workqueue loops spi: bcm63xx-hsspi: Fix multi-bit mode setting wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu rtc: pm8xxx: fix set-alarm race s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler s390/kprobes: fix current_kprobe never cleared after kprobes reenter hfs: fix missing hfs_bnode_get() in __hfs_bnode_create fs: hfsplus: fix UAF issue in hfsplus_put_super f2fs: fix information leak in f2fs_move_inline_dirents() ocfs2: fix defrag path triggering jbd2 ASSERT ocfs2: fix non-auto defrag path not working issue udf: Truncate added extents on failed expansion udf: Do not bother merging very long extents udf: Do not update file length for failed writes to inline files udf: Fix file corruption when appending just after end of preallocated extent x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows) x86/crash: Disable virt in core NMI crash handler to avoid double shootdown x86/reboot: Disable virtualization in an emergency if SVM is supported x86/reboot: Disable SVM, not just VMX, when stopping CPUs x86/kprobes: Fix __recover_optprobed_insn check optimizing logic x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter x86/microcode/AMD: Add a @cpu parameter to the reloading functions x86/microcode/AMD: Fix mixed steppings support x86/speculation: Allow enabling STIBP with legacy IBRS Documentation/hw-vuln: Document the interaction between IBRS and STIBP ima: Align ima_file_mmap() parameters with mmap_file LSM hook irqdomain: Fix association race irqdomain: Fix disassociation race irqdomain: Drop bogus fwspec-mapping error handling ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls() ext4: optimize ea_inode block expansion ext4: refuse to create ea block when umounted wifi: rtl8xxxu: Use a longer retry limit of 48 wifi: cfg80211: Fix use after free for wext dm flakey: fix logic when corrupting a bio dm flakey: don't corrupt the zero page ARM: dts: exynos: correct TMU phandle in Exynos4 ARM: dts: exynos: correct TMU phandle in Odroid XU rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails alpha: fix FEN fault handling mips: fix syscall_get_nr ktest.pl: Fix missing "end_monitor" when machine check fails scsi: qla2xxx: Fix link failure in NPIV environment scsi: qla2xxx: Fix erroneous link down scsi: ses: Don't attach if enclosure has no components scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses scsi: ses: Fix possible desc_ptr out-of-bounds accesses scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() PCI: Avoid FLR for AMD FCH AHCI adapters drm/radeon: Fix eDP for single-display iMac11,2 kbuild: Port silent mode detection to future gnu make. net/sched: Retire tcindex classifier fs/jfs: fix shift exponent db_agl2size negative pwm: stm32-lp: fix the check on arr and cmp registers update ubi: ensure that VID header offset + VID header size <= alloc, size ubifs: Rectify space budget for ubifs_xrename() ubifs: Fix wrong dirty space budget for dirty inode ubifs: Reserve one leb for each journal head while doing budget ubi: Fix use-after-free when volume resizing failed ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() ubi: Fix possible null-ptr-deref in ubi_free_volume() ubifs: Re-statistic cleaned znode count if commit failed ubifs: dirty_cow_znode: Fix memleak in error handling path ubifs: ubifs_writepage: Mark page dirty after writing inode failed ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show() ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed x86: um: vdso: Add '%rcx' and '%r11' to the syscall clobber list watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in error path watchdog: Fix kmemleak in watchdog_cdev_register watchdog: pcwd_usb: Fix attempting to access uninitialized memory netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() net: fix __dev_kfree_skb_any() vs drop monitor 9p/xen: fix version parsing 9p/xen: fix connection sequence nfc: fix memory leak of se_io context in nfc_genl_se_io ARM: dts: spear320-hmi: correct STMPE GPIO compatible tcp: tcp_check_req() can be called from process context scsi: ipr: Work around fortify-string warning thermal: intel: quark_dts: fix error pointer dereference tracing: Add NULL checks for buffer in ring_buffer_free_read_page() firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3 media: uvcvideo: Handle cameras with invalid descriptors tty: fix out-of-bounds access in tty_driver_lookup_tty() tty: serial: fsl_lpuart: disable the CTS when send break signal tools/iio/iio_utils:fix memory leak iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_status_word() iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_config_word() usb: host: xhci: mvebu: Iterate over array indexes instead of using pointer math USB: ene_usb6250: Allocate enough memory for full object usb: uvc: Enumerate valid values for color matching phy: rockchip-typec: Fix unsigned comparison with less than zero Bluetooth: hci_sock: purge socket queues in the destruct() callback s390/maccess: add no DAT mode to kernel_write s390/setup: init jump labels before command line parsing tcp: Fix listen() regression in 4.14.303. thermal: intel: powerclamp: Fix cur_state for multi package system Linux 4.14.308 Change-Id: Iad2a41de33ff004df8050f949aa00955604b4cf6 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Zhihao Cheng
|
44071bcf91 |
ubifs: ubifs_writepage: Mark page dirty after writing inode failed
[ Upstream commit fb8bc4c74ae4526d9489362ab2793a936d072b84 ]
There are two states for ubifs writing pages:
1. Dirty, Private
2. Not Dirty, Not Private
There is a third possibility which maybe related to [1] that page is
private but not dirty caused by following process:
PA
lock(page)
ubifs_write_end
attach_page_private // set Private
__set_page_dirty_nobuffers // set Dirty
unlock(page)
write_cache_pages
lock(page)
clear_page_dirty_for_io(page) // clear Dirty
ubifs_writepage
write_inode
// fail, goto out, following codes are not executed
// do_writepage
// set_page_writeback // set Writeback
// detach_page_private // clear Private
// end_page_writeback // clear Writeback
out:
unlock(page) // Private, Not Dirty
PB
ksys_fadvise64_64
generic_fadvise
invalidate_inode_page
// page is neither Dirty nor Writeback
invalidate_complete_page
// page_has_private is true
try_to_release_page
ubifs_releasepage
ubifs_assert(c, 0) !!!
Then we may get following assertion failed:
UBIFS error (ubi0:0 pid 1492): ubifs_assert_failed [ubifs]:
UBIFS assert failed: 0, in fs/ubifs/file.c:1499
UBIFS warning (ubi0:0 pid 1492): ubifs_ro_mode [ubifs]:
switched to read-only mode, error -22
CPU: 2 PID: 1492 Comm: aa Not tainted 5.16.0-rc2-00012-g7bb767dee0ba-dirty
Call Trace:
dump_stack+0x13/0x1b
ubifs_ro_mode+0x54/0x60 [ubifs]
ubifs_assert_failed+0x4b/0x80 [ubifs]
ubifs_releasepage+0x7e/0x1e0 [ubifs]
try_to_release_page+0x57/0xe0
invalidate_inode_page+0xfb/0x130
invalidate_mapping_pagevec+0x12/0x20
generic_fadvise+0x303/0x3c0
vfs_fadvise+0x35/0x40
ksys_fadvise64_64+0x4c/0xb0
Jump [2] to find a reproducer.
[1] https://linux-mtd.infradead.narkive.com/NQoBeT1u/patch-rfc-ubifs-fix-assert-failed-in-ubifs-set-page-dirty
[2] https://bugzilla.kernel.org/show_bug.cgi?id=215357
Fixes: 1e51764a3c2ac0 ("UBIFS: add new flash file system")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Zhihao Cheng
|
011050fc47 |
ubifs: dirty_cow_znode: Fix memleak in error handling path
[ Upstream commit 122deabfe1428bffe95e2bf364ff8a5059bdf089 ]
Following process will cause a memleak for copied up znode:
dirty_cow_znode
zn = copy_znode(c, znode);
err = insert_old_idx(c, zbr->lnum, zbr->offs);
if (unlikely(err))
return ERR_PTR(err); // No one refers to zn.
Fix it by adding copied znode back to tnc, then it will be freed
by ubifs_destroy_tnc_subtree() while closing tnc.
Fetch a reproducer in [Link].
Link: https://bugzilla.kernel.org/show_bug.cgi?id=216705
Fixes: 1e51764a3c2a ("UBIFS: add new flash file system")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Zhihao Cheng
|
e8f1c0eff5 |
ubifs: Re-statistic cleaned znode count if commit failed
[ Upstream commit 944e096aa24071d3fe22822f6249d3ae309e39ea ]
Dirty znodes will be written on flash in committing process with
following states:
process A | znode state
------------------------------------------------------
do_commit | DIRTY_ZNODE
ubifs_tnc_start_commit | DIRTY_ZNODE
get_znodes_to_commit | DIRTY_ZNODE | COW_ZNODE
layout_commit | DIRTY_ZNODE | COW_ZNODE
fill_gap | 0
write master | 0 or OBSOLETE_ZNODE
process B | znode state
------------------------------------------------------
do_commit | DIRTY_ZNODE[1]
ubifs_tnc_start_commit | DIRTY_ZNODE
get_znodes_to_commit | DIRTY_ZNODE | COW_ZNODE
ubifs_tnc_end_commit | DIRTY_ZNODE | COW_ZNODE
write_index | 0
write master | 0 or OBSOLETE_ZNODE[2] or
| DIRTY_ZNODE[3]
[1] znode is dirtied without concurrent committing process
[2] znode is copied up (re-dirtied by other process) before cleaned
up in committing process
[3] znode is re-dirtied after cleaned up in committing process
Currently, the clean znode count is updated in free_obsolete_znodes(),
which is called only in normal path. If do_commit failed, clean znode
count won't be updated, which triggers a failure ubifs assertion[4] in
ubifs_tnc_close():
ubifs_assert_failed [ubifs]: UBIFS assert failed: freed == n
[4] Commit 380347e9ca7682 ("UBIFS: Add an assertion for clean_zn_cnt").
Fix it by re-statisticing cleaned znode count in tnc_destroy_cnext().
Fetch a reproducer in [Link].
Link: https://bugzilla.kernel.org/show_bug.cgi?id=216704
Fixes: 1e51764a3c2a ("UBIFS: add new flash file system")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Zhihao Cheng
|
c0cbcb08d3 |
ubifs: Reserve one leb for each journal head while doing budget
[ Upstream commit e874dcde1cbf82c786c0e7f2899811c02630cc52 ] UBIFS calculates available space by c->main_bytes - c->lst.total_used (which means non-index lebs' free and dirty space is accounted into total available), then index lebs and four lebs (one for gc_lnum, one for deletions, two for journal heads) are deducted. In following situation, ubifs may get -ENOSPC from make_reservation(): LEB 84: DATAHD free 122880 used 1920 dirty 2176 dark 6144 LEB 110:DELETION free 126976 used 0 dirty 0 dark 6144 (empty) LEB 201:gc_lnum free 126976 used 0 dirty 0 dark 6144 LEB 272:GCHD free 77824 used 47672 dirty 1480 dark 6144 LEB 356:BASEHD free 0 used 39776 dirty 87200 dark 6144 OTHERS: index lebs, zero-available non-index lebs UBIFS calculates the available bytes is 6888 (How to calculate it: 126976 * 5[remain main bytes] - 1920[used] - 47672[used] - 39776[used] - 126976 * 1[deletions] - 126976 * 1[gc_lnum] - 126976 * 2[journal heads] - 6144 * 5[dark] = 6888) after doing budget, however UBIFS cannot use BASEHD's dirty space(87200), because UBIFS cannot find next BASEHD to reclaim current BASEHD. (c->bi.min_idx_lebs equals to c->lst.idx_lebs, the empty leb won't be found by ubifs_find_free_space(), and dirty index lebs won't be picked as gced lebs. All non-index lebs has dirty space less then c->dead_wm, non-index lebs won't be picked as gced lebs either. So new free lebs won't be produced.). See more details in Link. To fix it, reserve one leb for each journal head while doing budget. Link: https://bugzilla.kernel.org/show_bug.cgi?id=216562 Fixes: 1e51764a3c2ac0 ("UBIFS: add new flash file system") Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Zhihao Cheng
|
5381c45466 |
ubifs: Fix wrong dirty space budget for dirty inode
[ Upstream commit b248eaf049d9cdc5eb76b59399e4d3de233f02ac ]
Each dirty inode should reserve 'c->bi.inode_budget' bytes in space
budget calculation. Currently, space budget for dirty inode reports
more space than what UBIFS actually needs to write.
Fixes: 1e51764a3c2ac0 ("UBIFS: add new flash file system")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Zhihao Cheng
|
3afd49bec1 |
ubifs: Rectify space budget for ubifs_xrename()
[ Upstream commit 1b2ba09060e41adb356b9ae58ef94a7390928004 ] There is no space budget for ubifs_xrename(). It may let make_reservation() return with -ENOSPC, which could turn ubifs to read-only mode in do_writepage() process. Fix it by adding space budget for ubifs_xrename(). Fetch a reproducer in [Link]. Link: https://bugzilla.kernel.org/show_bug.cgi?id=216569 Fixes: 9ec64962afb170 ("ubifs: Implement RENAME_EXCHANGE") Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
azrim
|
e9e83ae080
|
Merge remote-tracking branch 'google/upstream-f2fs-stable-linux-4.14.y' into sheesh
* google/upstream-f2fs-stable-linux-4.14.y:
f2fs: fix to do sanity check on .cp_pack_total_block_count
f2fs: make gc_urgent and gc_segment_mode sysfs node readable
f2fs: use aggressive GC policy during f2fs_disable_checkpoint()
f2fs: fix compressed file start atomic write may cause data corruption
f2fs: initialize sbi->gc_mode explicitly
f2fs: introduce gc_urgent_mid mode
f2fs: compress: fix to print raw data size in error path of lz4 decompression
f2fs: remove redundant parameter judgment
f2fs: use spin_lock to avoid hang
f2fs: don't get FREEZE lock in f2fs_evict_inode in frozen fs
f2fs: remove unnecessary read for F2FS_FITS_IN_INODE
f2fs: fix to do sanity check on curseg->alloc_type
f2fs: fix to avoid potential deadlock
f2fs: quota: fix loop condition at f2fs_quota_sync()
f2fs: Restore rwsem lockdep support
f2fs: fix missing free nid in f2fs_handle_failed_inode
f2fs: add a way to limit roll forward recovery time
f2fs: introduce F2FS_IPU_HONOR_OPU_WRITE ipu policy
f2fs: adjust readahead block number during recovery
f2fs: fix to unlock page correctly in error path of is_alive()
f2fs: expose discard related parameters in sysfs
f2fs: move discard parameters into discard_cmd_control
f2fs: fix to enable ATGC correctly via gc_idle sysfs interface
f2fs: move f2fs to use reader-unfair rwsems
f2fs: do not allow partial truncation on pinned file
f2fs: remove redunant invalidate compress pages
f2fs: Simplify bool conversion
f2fs: don't drop compressed page cache in .{invalidate,release}page
f2fs: fix to reserve space for IO align feature
f2fs: fix to check available space of CP area correctly in update_ckpt_flags()
f2fs: support fault injection to f2fs_trylock_op()
f2fs: clean up __find_inline_xattr() with __find_xattr()
f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr()
f2fs: do not bother checkpoint by f2fs_get_node_info
f2fs: avoid down_write on nat_tree_lock during checkpoint
f2fs: compress: fix potential deadlock of compress file
f2fs: avoid EINVAL by SBI_NEED_FSCK when pinning a file
f2fs: add gc_urgent_high_remaining sysfs node
f2fs: fix to do sanity check in is_alive()
f2fs: fix to avoid panic in is_alive() if metadata is inconsistent
f2fs: fix to do sanity check on inode type during garbage collection
f2fs: avoid duplicate call of mark_inode_dirty
f2fs: fix remove page failed in invalidate compress pages
f2fs: fix the f2fs_file_write_iter tracepoint
f2fs: do not expose unwritten blocks to user by DIO
f2fs: reduce indentation in f2fs_file_write_iter()
f2fs: rework write preallocations
f2fs: compress: reduce one page array alloc and free when write compressed page
f2fs: show number of pending discard commands
f2fs: check nr_pages for readahead
f2fs: fix UAF in f2fs_available_free_memory
f2fs: invalidate META_MAPPING before IPU/DIO write
f2fs: support fault injection for dquot_initialize()
f2fs: fix incorrect return value in f2fs_sanity_check_ckpt()
f2fs: compress: disallow disabling compress on non-empty compressed file
f2fs: compress: fix overwrite may reduce compress ratio unproperly
f2fs: multidevice: support direct IO
f2fs: introduce fragment allocation mode mount option
f2fs: include non-compressed blocks in compr_written_block
f2fs: fix wrong condition to trigger background checkpoint correctly
f2fs: fix to use WHINT_MODE
f2fs: fix up f2fs_lookup tracepoints
f2fs: set SBI_NEED_FSCK flag when inconsistent node block found
f2fs: introduce excess_dirty_threshold()
f2fs: avoid attaching SB_ACTIVE flag during mount
f2fs: quota: fix potential deadlock
f2fs: should use GFP_NOFS for directory inodes
f2fs: should put a page beyond EOF when preparing a write
f2fs: deallocate compressed pages when error happens
f2fs: enable realtime discard iff device supports discard
f2fs: guarantee to write dirty data when enabling checkpoint back
f2fs: fix to unmap pages from userspace process in punch_hole()
f2fs: fix unexpected ENOENT comes from f2fs_map_blocks()
f2fs: fix to account missing .skipped_gc_rwsem
f2fs: adjust unlock order for cleanup
f2fs: Don't create discard thread when device doesn't support realtime discard
f2fs: rebuild nat_bits during umount
f2fs: introduce periodic iostat io latency traces
f2fs: separate out iostat feature
f2fs: compress: do sanity check on cluster
f2fs: fix description about main_blkaddr node
f2fs: convert S_IRUGO to 0444
f2fs: fix to keep compatibility of fault injection interface
f2fs: support fault injection for f2fs_kmem_cache_alloc()
f2fs: compress: allow write compress released file after truncate to zero
f2fs: correct comment in segment.h
f2fs: improve sbi status info in debugfs/f2fs/status
f2fs: compress: avoid duplicate counting of valid blocks when read compressed file
f2fs: fix to do sanity check for sb/cp fields correctly
f2fs: avoid unneeded memory allocation in __add_ino_entry()
f2fs: extent cache: support unaligned extent
f2fs: Kconfig: clean up config options about compression
f2fs: reduce the scope of setting fsck tag when de->name_len is zero
f2fs: fix to stop filesystem update once CP failed
f2fs: introduce discard_unit mount option
f2fs: fix min_seq_blocks can not make sense in some scenes.
f2fs: fix to force keeping write barrier for strict fsync mode
f2fs: fix wrong checkpoint_changed value in f2fs_remount()
f2fs: show sbi status in debugfs/f2fs/status
f2fs: turn back remapped address in compressed page endio
f2fs: change fiemap way in printing compression chunk
f2fs: do not submit NEW_ADDR to read node block
f2fs: compress: remove unneeded read when rewrite whole cluster
f2fs: don't sleep while grabing nat_tree_lock
f2fs: remove allow_outplace_dio()
f2fs: make f2fs_write_failed() take struct inode
f2fs: quota: fix potential deadlock
f2fs: let's keep writing IOs on SBI_NEED_FSCK
f2fs: Revert "f2fs: Fix indefinite loop in f2fs_gc() v1"
f2fs: avoid to create an empty string as the extension_list
f2fs: compress: fix to set zstd compress level correctly
f2fs: add sysfs nodes to get GC info for each GC mode
f2fs: drop dirty node pages when cp is in error status
f2fs: initialize page->private when using for our internal use
f2fs: compress: add nocompress extensions support
Revert "f2fs: avoid attaching SB_ACTIVE flag during mount/remount"
f2fs: remove false alarm on iget failure during GC
f2fs: enable extent cache for compression files in read-only
f2fs: fix to avoid adding tab before doc section
f2fs: introduce f2fs_casefolded_name slab cache
f2fs: swap: support migrating swapfile in aligned write mode
f2fs: swap: remove dead codes
f2fs: compress: add compress_inode to cache compressed blocks
f2fs: clean up /sys/fs/f2fs/<disk>/features
f2fs: add pin_file in feature list
f2fs: Advertise encrypted casefolding in sysfs
f2fs: Show casefolding support only when supported
f2fs: support RO feature
f2fs: logging neatening
f2fs: restructure f2fs page.private layout
f2fs: introduce FI_COMPRESS_RELEASED instead of using IMMUTABLE bit
f2fs: compress: remove unneeded preallocation
f2fs: avoid attaching SB_ACTIVE flag during mount/remount
f2fs: atgc: export entries for better tunability via sysfs
f2fs: compress: fix to disallow temp extension
f2fs: let's allow compression for mmap files
f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs
f2fs: return success if there is no work to do
f2fs: compress: clean up parameter of __f2fs_cluster_blocks()
f2fs: compress: remove unneeded f2fs_put_dnode()
f2fs: atgc: fix to set default age threshold
f2fs: Prevent swap file in LFS mode
f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances
f2fs: add cp_error check in f2fs_write_compressed_pages
f2fs: compress: rename __cluster_may_compress
f2fs: return EINVAL for hole cases in swap file
f2fs: avoid swapon failure by giving a warning first
f2fs: compress: fix to assign cc.cluster_idx correctly
f2fs: compress: fix race condition of overwrite vs truncate
f2fs: compress: fix to free compress page correctly
f2fs: support iflag change given the mask
f2fs: avoid null pointer access when handling IPU error
f2fs: drop inplace IO if fs status is abnormal
f2fs: compress: remove unneed check condition
f2fs: clean up left deprecated IO trace codes
f2fs: avoid using native allocate_segment_by_default()
f2fs: remove unnecessary struct declaration
f2fs: fix to avoid NULL pointer dereference
f2fs: avoid duplicated codes for cleanup
f2fs: document: add description about compressed space handling
f2fs: clean up build warnings
f2fs: fix the periodic wakeups of discard thread
f2fs: fix to avoid accessing invalid fio in f2fs_allocate_data_block()
f2fs: fix to avoid GC/mmap race with f2fs_truncate()
f2fs: set checkpoint_merge by default
f2fs: Fix a hungtask problem in atomic write
f2fs: fix to restrict mount condition on readonly block device
f2fs: introduce gc_merge mount option
f2fs: fix to cover __allocate_new_section() with curseg_lock
f2fs: fix wrong alloc_type in f2fs_do_replace_block
f2fs: delete empty compress.h
f2fs: fix a typo in inode.c
f2fs: allow to change discard policy based on cached discard cmds
f2fs: fix to avoid touching checkpointed data in get_victim()
f2fs: fix to update last i_size if fallocate partially succeeds
f2fs: fix error path of f2fs_remount()
f2fs: fix wrong comment of nat_tree_lock
f2fs: fix to avoid out-of-bounds memory access
f2fs: don't start checkpoint thread in readonly mountpoint
f2fs: do not use AT_SSR mode in FG_GC & high urgent BG_GC
f2fs: add sysfs nodes to get runtime compression stat
f2fs: fix to use per-inode maxbytes in f2fs_fiemap
f2fs: fix to align to section for fallocate() on pinned file
f2fs: expose # of overprivision segments
f2fs: fix error handling in f2fs_end_enable_verity()
f2fs: fix a redundant call to f2fs_balance_fs if an error occurs
f2fs: remove unused file_clear_encrypt()
f2fs: check if swapfile is section-alligned
f2fs: fix last_lblock check in check_swap_activate_fast
f2fs: remove unnecessary IS_SWAPFILE check
f2fs: Replace one-element array with flexible-array member
f2fs: compress: Allow modular (de)compression algorithms
f2fs: check discard command number before traversing discard pending list
f2fs: update comments for explicit memory barrier
f2fs: remove unused FORCE_FG_GC macro
f2fs: avoid unused f2fs_show_compress_options()
f2fs: fix panic during f2fs_resize_fs()
f2fs: fix to allow migrating fully valid segment
f2fs: fix a spelling error
f2fs: fix a spacing coding style
fs: Enable bmap() function to properly return errors
f2fs: remove obsolete f2fs.txt
fs-verity: support reading signature with ioctl
fs-verity: support reading descriptor with ioctl
fs-verity: support reading Merkle tree with ioctl
fs-verity: add FS_IOC_READ_VERITY_METADATA ioctl
fs-verity: don't pass whole descriptor to fsverity_verify_signature()
fs-verity: factor out fsverity_get_descriptor()
fs-verity: move structs needed for file signing to UAPI header
fs-verity: rename "file measurement" to "file digest"
fs-verity: rename fsverity_signed_digest to fsverity_formatted_digest
fs-verity: remove filenames from file comments
fs-verity: use smp_load_acquire() for ->i_verity_info
f2fs: remove FAULT_ALLOC_BIO
f2fs: use blkdev_issue_flush in __submit_flush_wait
f2fs: remove a few bd_part checks
quota: Cleanup list iteration in dqcache_shrink_scan()
quota: reclaim least recently used dquots
fs: quota: Replace GFP_ATOMIC with GFP_KERNEL in dquot_init
quota: Check for register_shrinker() failure.
quota: propagate error from __dquot_initialize
quota: be aware of error from dquot_initialize
Documentation: f2fs: fix typo s/automaic/automatic
f2fs: give a warning only for readonly partition
f2fs: don't grab superblock freeze for flush/ckpt thread
f2fs: add ckpt_thread_ioprio sysfs node
f2fs: introduce checkpoint_merge mount option
f2fs: relocate inline conversion from mmap() to mkwrite()
f2fs: fix a wrong condition in __submit_bio
f2fs: remove unnecessary initialization in xattr.c
f2fs: fix to avoid inconsistent quota data
f2fs: flush data when enabling checkpoint back
f2fs: deprecate f2fs_trace_io
f2fs: remove unused stat_{inc, dec}_atomic_write
f2fs: introduce sb_status sysfs node
f2fs: fix to use per-inode maxbytes
f2fs: compress: fix potential deadlock
libfs: unexport generic_ci_d_compare() and generic_ci_d_hash()
f2fs: fix to set/clear I_LINKABLE under i_lock
f2fs: fix null page reference in redirty_blocks
f2fs: clean up post-read processing
f2fs: trival cleanup in move_data_block()
f2fs: fix out-of-repair __setattr_copy()
f2fs: fix to tag FIEMAP_EXTENT_MERGED in f2fs_fiemap()
f2fs: introduce a new per-sb directory in sysfs
f2fs: compress: support compress level
f2fs: compress: deny setting unsupported compress algorithm
f2fs: relocate f2fs_precache_extents()
f2fs: enforce the immutable flag on open files
f2fs: enhance to update i_mode and acl atomically in f2fs_setattr()
f2fs: fix to set inode->i_mode correctly for posix_acl_update_mode
f2fs: Replace expression with offsetof()
f2fs: handle unallocated section and zone on pinned/atgc
f2fs: compress: fix compression chksum
f2fs: fix shift-out-of-bounds in sanity_check_raw_super()
f2fs: fix race of pending_pages in decompression
f2fs: fix to account inline xattr correctly during recovery
f2fs: inline: fix wrong inline inode stat
f2fs: inline: correct comment in f2fs_recover_inline_data
f2fs: don't check PAGE_SIZE again in sanity_check_raw_super()
f2fs: convert to F2FS_*_INO macro
f2fs: introduce max_io_bytes, a sysfs entry, to limit bio size
f2fs: don't allow any writes on readonly mount
f2fs: avoid race condition for shrinker count
f2fs: add F2FS_IOC_DECOMPRESS_FILE and F2FS_IOC_COMPRESS_FILE
f2fs: add compress_mode mount option
f2fs: Remove unnecessary unlikely()
f2fs: init dirty_secmap incorrectly
f2fs: remove buffer_head which has 32bits limit
f2fs: fix wrong block count instead of bytes
f2fs: use new conversion functions between blks and bytes
f2fs: rename logical_to_blk and blk_to_logical
f2fs: fix kbytes written stat for multi-device case
f2fs: compress: support chksum
f2fs: fix to avoid REQ_TIME and CP_TIME collision
f2fs: change to use rwsem for cp_mutex
f2fs: Handle casefolding with Encryption
fscrypt: Have filesystems handle their d_ops
libfs: Add generic function for setting dentry_ops
f2fs: Remove the redundancy initialization
f2fs: remove writeback_inodes_sb in f2fs_remount
f2fs: fix double free of unicode map
f2fs: fix compat F2FS_IOC_{MOVE,GARBAGE_COLLECT}_RANGE
f2fs: avoid unneeded data copy in f2fs_ioc_move_range()
f2fs: add F2FS_IOC_SET_COMPRESS_OPTION ioctl
f2fs: add F2FS_IOC_GET_COMPRESS_OPTION ioctl
f2fs: move ioctl interface definitions to separated file
f2fs: fix to seek incorrect data offset in inline data file
f2fs: check fiemap parameters
f2fs: call f2fs_get_meta_page_retry for nat page
fscrypt: rename DCACHE_ENCRYPTED_NAME to DCACHE_NOKEY_NAME
fscrypt: don't call no-key names "ciphertext names"
fscrypt: export fscrypt_d_revalidate()
f2fs: code cleanup by removing unnecessary check
f2fs: wait for sysfs kobject removal before freeing f2fs_sb_info
f2fs: fix writecount false positive in releasing compress blocks
f2fs: introduce check_swap_activate_fast()
f2fs: don't issue flush in f2fs_flush_device_cache() for nobarrier case
f2fs: handle errors of f2fs_get_meta_page_nofail
f2fs: fix to set SBI_NEED_FSCK flag for inconsistent inode
f2fs: reject CASEFOLD inode flag without casefold feature
f2fs: fix memory alignment to support 32bit
f2fs: fix slab leak of rpages pointer
f2fs: compress: fix to disallow enabling compress on non-empty file
f2fs: compress: introduce cic/dic slab cache
f2fs: compress: introduce page array slab cache
f2fs: fix to do sanity check on segment/section count
f2fs: fix to check segment boundary during SIT page readahead
f2fs: fix uninit-value in f2fs_lookup
fs/buffer.c: record blockdev write errors in super_block that it backs
vfs: track per-sb writeback errors and report them to syncfs
f2fs: remove unneeded parameter in find_in_block()
f2fs: fix wrong total_sections check and fsmeta check
f2fs: remove duplicated code in sanity_check_area_boundary
f2fs: remove unused check on version_bitmap
f2fs: relocate blkzoned feature check
f2fs: do sanity check on zoned block device path
f2fs: add trace exit in exception path
f2fs: change return value of reserved_segments to unsigned int
f2fs: clean up kvfree
f2fs: change virtual mapping way for compression pages
f2fs: change return value of f2fs_disable_compressed_file to bool
f2fs: change i_compr_blocks of inode to atomic value
f2fs: ignore compress mount option on image w/o compression feature
f2fs: allocate proper size memory for zstd decompress
f2fs: change compr_blocks of superblock info to 64bit
f2fs: add block address limit check to compressed file
f2fs: check position in move range ioctl
f2fs: correct statistic of APP_DIRECT_IO/APP_DIRECT_READ_IO
f2fs: support age threshold based garbage collection
f2fs: Use generic casefolding support
fs: Add standard casefolding support
unicode: Add utf8_casefold_hash
f2fs: compress: use more readable atomic_t type for {cic,dic}.ref
f2fs: fix compile warning
f2fs: support 64-bits key in f2fs rb-tree node entry
f2fs: inherit mtime of original block during GC
f2fs: record average update time of segment
f2fs: introduce inmem curseg
f2fs: compress: remove unneeded code
f2fs: remove duplicated type casting
f2fs: support zone capacity less than zone size
f2fs: update changes in upstream on GC_URGENT_HIGH
f2fs: Return EOF on unaligned end of file DIO read
f2fs: fix indefinite loop scanning for free nid
f2fs: Fix type of section block count variables
f2fs: prepare a waiter before entering io_schedule
f2fs: update_sit_entry: Make the judgment condition of f2fs_bug_on more intuitive
f2fs: replace test_and_set/clear_bit() with set/clear_bit()
f2fs: make file immutable even if releasing zero compression block
f2fs: compress: disable compression mount option if compression is off
f2fs: compress: add sanity check during compressed cluster read
f2fs: use macro instead of f2fs verity version
f2fs: fix deadlock between quota writes and checkpoint
f2fs: correct comment of f2fs_exist_written_data
f2fs: compress: delay temp page allocation
f2fs: compress: fix to update isize when overwriting compressed file
f2fs: space related cleanup
f2fs: fix use-after-free issue
f2fs: Change the type of f2fs_flush_inline_data() to void
f2fs: add F2FS_IOC_SEC_TRIM_FILE ioctl
f2fs: segment.h: delete a duplicated word
f2fs: compress: fix to avoid memory leak on cc->cpages
f2fs: use generic names for generic ioctls
f2fs: don't keep meta inode pages used for compressed block migration
f2fs: fix error path in do_recover_data()
f2fs: fix to wait GCed compressed page writeback
f2fs: remove write attribute of main_blkaddr sysfs node
f2fs: add GC_URGENT_LOW mode in gc_urgent
f2fs: avoid readahead race condition
f2fs: fix return value of move_data_block()
f2fs: add parameter op_flag in f2fs_submit_page_read()
f2fs: split f2fs_allocate_new_segments()
f2fs: lost matching-pair of trace in f2fs_truncate_inode_blocks
f2fs: fix an oops in f2fs_is_compressed_page
f2fs: make trace enter and end in pairs for unlink
f2fs: fix to check page dirty status before writeback
f2fs: remove the unused compr parameter
f2fs: support to trace f2fs_fiemap()
f2fs: support to trace f2fs_bmap()
f2fs: fix wrong return value of f2fs_bmap_compress()
f2fs: remove useless parameter of __insert_free_nid()
f2fs: fix typo in comment of f2fs_do_add_link
f2fs: fix to wait page writeback before update
f2fs: show more debug info for per-temperature log
f2fs: add f2fs_gc exception handle in f2fs_ioc_gc_range
f2fs: clean up parameter of f2fs_allocate_data_block()
f2fs: shrink node_write lock coverage
f2fs: add prefix for exported symbols
f2fs: use kfree() to free variables allocated by match_strdup()
f2fs: get the right gc victim section when section has several segments
f2fs: fix a race condition between f2fs_write_end_io and f2fs_del_fsync_node_entry
f2fs: remove useless truncate in f2fs_collapse_range()
f2fs: use kfree() instead of kvfree() to free superblock data
f2fs: avoid checkpatch error
f2fs: should avoid inode eviction in synchronous path
|
||
|
azrim
|
2abb319f4b
|
Merge branch 'android-4.14-stable' of https://android.googlesource.com/kernel/common into sheesh
* 'android-4.14-stable' of https://android.googlesource.com/kernel/common: Linux 4.14.277 Revert "net: micrel: fix KS8851_MLL Kconfig" ax25: Fix UAF bugs in ax25 timers ax25: Fix NULL pointer dereferences in ax25 timers ax25: fix NPD bug in ax25_disconnect ax25: fix UAF bug in ax25_send_control() ax25: Fix refcount leaks caused by ax25_cb_del() ax25: fix UAF bugs of net_device caused by rebinding operation ax25: fix reference count leaks of ax25_dev ax25: add refcount in ax25_dev to avoid UAF bugs block/compat_ioctl: fix range check in BLKGETSIZE staging: ion: Prevent incorrect reference counting behavour ext4: force overhead calculation if the s_overhead_cluster makes no sense ext4: fix overhead calculation to account for the reserved gdt blocks ext4: limit length to bitmap_maxbytes - blocksize in punch_hole ext4: fix symlink file size not match to file content ARC: entry: fix syscall_trace_exit argument e1000e: Fix possible overflow in LTR decoding ASoC: soc-dapm: fix two incorrect uses of list iterator openvswitch: fix OOB access in reserve_sfa_size() powerpc/perf: Fix power9 event alternatives dma: at_xdmac: fix a missing check on list iterator ata: pata_marvell: Check the 'bmdma_addr' beforing reading stat: fix inconsistency between struct stat and struct compat_stat net: macb: Restart tx only if queue pointer is lagging drm/msm/mdp5: check the return of kzalloc() brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant cifs: Check the IOCB_DIRECT flag, not O_DIRECT vxlan: fix error return code in vxlan_fdb_append ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative ARM: vexpress/spc: Avoid negative array index when !SMP netlink: reset network and mac headers in netlink_dump() net/packet: fix packet_sock xmit return value checking dmaengine: imx-sdma: Fix error checking in sdma_event_remap tcp: Fix potential use-after-free due to double kfree() tcp: fix race condition when creating child sockets from syncookies ALSA: usb-audio: Clear MIDI port active flag after draining gfs2: assign rgrp glock before compute_bitstructs can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path tracing: Dump stacktrace trigger to the corresponding instance tracing: Have traceon and traceoff trigger honor the instance mm: page_alloc: fix building error on -Werror=array-compare etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead Linux 4.14.276 i2c: pasemi: Wait for write xfers to finish smp: Fix offline cpu check in flush_smp_call_function_queue() ARM: davinci: da850-evm: Avoid NULL pointer dereference ALSA: pcm: Test for "silence" field in struct "pcm_format_data" gcc-plugins: latent_entropy: use /dev/urandom mm: kmemleak: take a full lowmem check in kmemleak_*_phys() mm, page_alloc: fix build_zonerefs_node() drivers: net: slip: fix NPD bug in sl_tx_timeout() scsi: mvsas: Add PCI ID of RocketRaid 2640 gpu: ipu-v3: Fix dev_dbg frequency output ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs net: micrel: fix KS8851_MLL Kconfig scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024 scsi: target: tcmu: Fix possible page UAF Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer drm/amdkfd: Check for potential null return of kmalloc_array() drm/amd: Add USBC connector ID cifs: potential buffer overflow in handling symlinks nfc: nci: add flush_workqueue to prevent uaf net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link mlxsw: i2c: Fix initialization error flow gpiolib: acpi: use correct format characters veth: Ensure eth header is in skb's linear part memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe xfrm: policy: match with both mark and mask on user interfaces cgroup: Use open-time cgroup namespace for process migration perm checks cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv cgroup: Use open-time credentials for process migraton perm checks mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning arm64: module: remove (NOLOAD) from linker script mm: don't skip swap entry even if zap_details specified dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error" tools build: Use $(shell ) instead of `` to get embedded libperl's ccopts perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator arm64: patch_text: Fixup last cpu should be master btrfs: fix qgroup reserve overflow the qgroup limit x86/speculation: Restore speculation related MSRs during S3 resume x86/pm: Save the MSR validity status at context setup mm/mempolicy: fix mpol_new leak in shared_policy_replace mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning" drbd: Fix five use after free bugs in get_initial_state drm/imx: Fix memory leak in imx_pd_connector_get_modes net: stmmac: Fix unset max_speed difference between DT and non-DT platforms scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() mm: fix race between MADV_FREE reclaim and blkdev direct IO read net: add missing SOF_TIMESTAMPING_OPT_ID support ipv6: add missing tx timestamping on IPPROTO_RAW parisc: Fix CPU affinity for Lasi, WAX and Dino chips jfs: prevent NULL deref in diFree virtio_console: eliminate anonymous module_init & module_exit serial: samsung_tty: do not unlock port->lock for uart_write_wakeup() NFS: swap-out must always use STABLE writes. NFS: swap IO handling is slightly different for O_DIRECT IO SUNRPC/call_alloc: async tasks mustn't block waiting for memory w1: w1_therm: fixes w1_seq for ds28ea00 sensors init/main.c: return 1 from handled __setup() functions Bluetooth: Fix use after free in hci_send_acl xtensa: fix DTC warning unit_address_format usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm scsi: libfc: Fix use after free in fc_exch_abts_resp() MIPS: fix fortify panic when copying asm exception handlers bnxt_en: Eliminate unintended link toggle during FW reset macvtap: advertise link netns via netlink net/smc: correct settings of RMB window update limit scsi: aha152x: Fix aha152x_setup() __setup handler return value scsi: pm8001: Fix pm8001_mpi_task_abort_resp() dm ioctl: prevent potential spectre v1 gadget iommu/arm-smmu-v3: fix event handling soft lockup PCI: aardvark: Fix support for MSI interrupts powerpc: Set crashkernel offset to mid of RMA region power: supply: axp20x_battery: properly report current when discharging scsi: bfa: Replace snprintf() with sysfs_emit() scsi: mvsas: Replace snprintf() with sysfs_emit() powerpc: dts: t104xrdb: fix phy type for FMAN 4/5 ptp: replace snprintf with sysfs_emit ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs ARM: 9187/1: JIVE: fix return value of __setup handler rtc: wm8350: Handle error for wm8350_register_irq ubifs: Rectify space amount budget for mkdir/tmpfile operations KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated openvswitch: Fixed nd target mask field in the flow dump. ARM: dts: spear13xx: Update SPI dma properties ARM: dts: spear1340: Update serial node properties ASoC: topology: Allow TLV control to be either read or write ubi: fastmap: Return error code if memory allocation fails in add_aeb() mm/memcontrol: return 1 from cgroup.memory __setup() handler mm/mmap: return 1 from stack_guard_gap __setup() handler ACPI: CPPC: Avoid out of bounds access when parsing _CPC data ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl pinctrl: pinconf-generic: Print arguments for bias-pull-* gfs2: Make sure FITRIM minlen is rounded up to fs block size can: mcba_usb: properly check endpoint type can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path ubifs: rename_whiteout: correct old_dir size computing ubifs: setflags: Make dirtied_ino_d 8 bytes aligned ubifs: Add missing iput if do_tmpfile() failed in rename whiteout ubifs: rename_whiteout: Fix double free for whiteout_ui->data KVM: Prevent module exit until all VMs are freed scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() scsi: qla2xxx: Fix warning for missing error code powerpc/lib/sstep: Fix build errors with newer binutils powerpc/lib/sstep: Fix 'sthcx' instruction mmc: host: Return an error when ->enable_sdio_irq() ops is missing media: hdpvr: initialize dev->worker at hdpvr_register_videodev video: fbdev: sm712fb: Fix crash in smtcfb_write() ARM: mmp: Fix failure to remove sram device ARM: tegra: tamonten: Fix I2C3 pad setting media: cx88-mpeg: clear interrupt status register before streaming video ASoC: soc-core: skip zero num_dai component in searching dai name video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf() video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf() ARM: dts: bcm2837: Add the missing L1/L2 cache information ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960 video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit video: fbdev: cirrusfb: check pixclock to avoid divide by zero video: fbdev: w100fb: Reset global state video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow ntfs: add sanity check on allocation size ext4: don't BUG if someone dirty pages without asking ext4 first spi: tegra20: Use of_device_get_match_data() PM: core: keep irq flags in device_pm_check_callbacks() ACPI/APEI: Limit printable size of BERT table data ACPICA: Avoid walking the ACPI Namespace if it is not there irqchip/nvic: Release nvic_base upon failure Fix incorrect type in assignment of ipv6 port for audit loop: use sysfs_emit() in the sysfs xxx show() selinux: use correct type for context length lib/test: use after free in register_test_dev_kmod() NFSv4/pNFS: Fix another issue with a list iterator pointing to the head net/x25: Fix null-ptr-deref caused by x25_disconnect qlcnic: dcb: default to returning -EOPNOTSUPP net: phy: broadcom: Fix brcm_fet_config_init() xen: fix is_xen_pmu() netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options jfs: fix divide error in dbNextAG kgdbts: fix return value of __setup handler kgdboc: fix return value of __setup handler tty: hvc: fix return value of __setup handler pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init NFS: remove unneeded check in decode_devicenotify_args() clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver clk: clps711x: Terminate clk_div_table with sentinel element clk: loongson1: Terminate clk_div_table with sentinel element remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region clk: qcom: clk-rcg2: Update the frac table for pixel clock iio: adc: Add check for devm_request_threaded_irq serial: 8250: Fix race condition in RTS-after-send handling serial: 8250_mid: Balance reference count for PCI DMA device staging:iio:adc:ad7280a: Fix handing of device address bit reversing. pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() mxser: fix xmit_buf leak in activate when LSR == 0xff mfd: asic3: Add missing iounmap() on error asic3_mfd_probe tcp: ensure PMTU updates are processed during fastopen i2c: mux: demux-pinctrl: do not deactivate a master that is not active af_netlink: Fix shift out of bounds in group mask calculation USB: storage: ums-realtek: fix error code in rts51x_read_mem() mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init MIPS: RB532: fix return value of __setup handler vxcan: enable local echo for sent CAN frames mfd: mc13xxx: Add check for mc13xxx_irq_request powerpc/sysdev: fix incorrect use to determine if list is empty PCI: Reduce warnings on possible RW1C corruption power: supply: wm8350-power: Add missing free in free_charger_irq power: supply: wm8350-power: Handle error for wm8350_register_irq i2c: xiic: Make bus names unique KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() KVM: x86: Fix emulation in writing cr8 power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return drm/tegra: Fix reference leak in tegra_dsi_ganged_probe ext2: correct max file size computing TOMOYO: fix __setup handlers return values scsi: pm8001: Fix abort all task initialization scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() scsi: pm8001: Fix command initialization in pm80XX_send_read_log() dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS iwlwifi: Fix -EIO error code that is never returned HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init ray_cs: Check ioremap return value power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe ath9k_htc: fix uninit value bugs drm/edid: Don't clear formats if using deep color mtd: onenand: Check for error irq ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe ASoC: imx-es8328: Fix error return code in imx_es8328_probe() ASoC: mxs: Fix error handling in mxs_sgtl5000_probe ASoC: dmaengine: do not use a NULL prepare_slave_config() callback video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of ASoC: fsi: Add check for clk_enable ASoC: wm8350: Handle error for wm8350_register_irq ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction memory: emif: check the pointer temp in get_device_details() memory: emif: Add check for setup_interrupts ASoC: atmel_ssc_dai: Handle errors for clk_enable ASoC: mxs-saif: Handle errors for clk_enable printk: fix return value of printk.devkmsg __setup handler arm64: dts: broadcom: Fix sata nodename arm64: dts: ns2: Fix spi-cpol and spi-cpha property ALSA: spi: Add check for clk_enable() ASoC: ti: davinci-i2s: Add check for clk_enable() media: usb: go7007: s2250-board: fix leak in probe() soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe ARM: dts: qcom: ipq4019: fix sleep clock video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() media: coda: Fix missing put_device() call in coda_get_vdoa_data perf/x86/intel/pt: Fix address filter config for 32-bit kernel perf/core: Fix address filter parser for multiple filters sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa clocksource: acpi_pm: fix return value of __setup handler hwmon: (pmbus) Add Vin unit off handling crypto: ccp - ccp_dmaengine_unregister release dma channels ACPI: APEI: fix return value of __setup handlers crypto: vmx - add missing dependencies hwrng: atmel - disable trng on failure path PM: suspend: fix return value of __setup handler PM: hibernate: fix __setup handler error handling hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING hwmon: (pmbus) Add mutex to regulator ops spi: pxa2xx-pci: Balance reference count for PCI DMA device selftests/x86: Add validity check and allow field splitting spi: tegra114: Add missing IRQ check in tegra_spi_probe crypto: mxs-dcp - Fix scatterlist processing crypto: authenc - Fix sleep in atomic context in decrypt_tail PCI: pciehp: Clear cmd_busy bit in polling mode brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio brcmfmac: firmware: Allocate space for default boardrev in nvram media: davinci: vpif: fix unbalanced runtime PM get DEC: Limit PMAX memory probing to R3k systems lib/raid6/test: fix multiple definition linking error thermal: int340x: Increase bitmap size carl9170: fix missing bit-wise or operator for tx_params ARM: dts: exynos: add missing HDMI supplies on SMDK5420 ARM: dts: exynos: add missing HDMI supplies on SMDK5250 ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 ARM: dts: at91: sama5d2: Fix PMERRLOC resource size video: fbdev: atari: Atari 2 bpp (STe) palette bugfix video: fbdev: sm712fb: Fix crash in smtcfb_read() drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() ACPI: properties: Consistently return -ENOENT if there are no more references drbd: fix potential silent data corruption ALSA: cs4236: fix an incorrect NULL check on list iterator Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads" qed: validate and restrict untrusted VFs vlan promisc mode qed: display VF trust config scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands mempolicy: mbind_range() set_policy() after vma_merge() mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node jffs2: fix memory leak in jffs2_scan_medium jffs2: fix memory leak in jffs2_do_mount_fs jffs2: fix use-after-free in jffs2_clear_xattr_subsystem can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path pinctrl: samsung: drop pin banks references on error paths NFSD: prevent underflow in nfssvc_decode_writeargs() SUNRPC: avoid race between mod_timer() and del_timer_sync() Documentation: update stable tree link Documentation: add link to stable release candidate tree ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE clk: uniphier: Fix fixed-rate initialization iio: inkern: make a best effort on offset calculation iio: inkern: apply consumer scale when no channel scale is available iio: inkern: apply consumer scale on IIO_VAL_INT cases coresight: Fix TRCCONFIGR.QE sysfs interface USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c virtio-blk: Use blk_validate_block_size() to validate block size block: Add a helper to validate the block size tpm: fix reference counting for struct tpm_chip fuse: fix pipe buffer lifetime for direct_io af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register spi: Fix erroneous sgs value with min_t() spi: Fix invalid sgs value ethernet: sun: Free the coherent when failing in probing virtio_console: break out of buf poll on remove netdevice: add the case if dev is NULL USB: serial: simple: add Nokia phone driver USB: serial: pl2303: add IBM device IDs ANDROID: incremental-fs: limit mount stack depth UPSTREAM: binderfs: use __u32 for device numbers Linux 4.14.275 arm64: Use the clearbhb instruction in mitigations arm64: add ID_AA64ISAR2_EL1 sys register KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated arm64: Mitigate spectre style branch history side channels KVM: arm64: Add templates for BHB mitigation sequences arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 arm64: Add percpu vectors for EL1 arm64: entry: Add macro for reading symbol addresses from the trampoline arm64: entry: Add vectors that have the bhb mitigation sequences arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations arm64: entry: Allow the trampoline text to occupy multiple pages arm64: entry: Make the kpti trampoline's kpti sequence optional arm64: entry: Move trampoline macros out of ifdef'd section arm64: entry: Don't assume tramp_vectors is the start of the vectors arm64: entry: Allow tramp_alias to access symbols after the 4K boundary arm64: entry: Move the trampoline data page before the text page arm64: entry: Free up another register on kpti's tramp_exit path arm64: entry: Make the trampoline cleanup optional arm64: entry.S: Add ventry overflow sanity checks arm64: Add Cortex-X2 CPU part definition arm64: Add Neoverse-N2, Cortex-A710 CPU part definition arm64: Add part number for Arm Cortex-A77 arm64: Add part number for Neoverse N1 arm64: Make ARM64_ERRATUM_1188873 depend on COMPAT arm64: Add silicon-errata.txt entry for ARM erratum 1188873 arm64: arch_timer: avoid unused function warning arm64: arch_timer: Add workaround for ARM erratum 1188873 Linux 4.14.274 llc: only change llc->dev when bind() succeeds mac80211: fix potential double free on mesh join crypto: qat - disable registration of algorithms ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board netfilter: nf_tables: initialize registers in nft_do_chain() drivers: net: xgene: Fix regression in CRC stripping ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec ALSA: cmipci: Restore aux vol on suspend/resume ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB ALSA: pcm: Add stream lock during PCM reset ioctl operations llc: fix netdevice reference leaks in llc_ui_bind() thermal: int340x: fix memory leak in int3400_notify() staging: fbtft: fb_st7789v: reset display before initialization esp: Fix possible buffer overflow in ESP transformation net: ipv6: fix skb_over_panic in __ip6_append_data nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION Linux 4.14.273 perf symbols: Fix symbol size calculation condition Input: aiptek - properly check endpoint type usb: gadget: Fix use-after-free bug by not setting udc->dev.driver usb: gadget: rndis: prevent integer overflow in rndis_set_response() net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit() atm: eni: Add check for dma_map_single net/packet: fix slab-out-of-bounds access in packet_recvmsg() efi: fix return value of __setup handlers fs: sysfs_emit: Remove PAGE_SIZE alignment check kselftest/vm: fix tests build with old libc sfc: extend the locking on mcdi->seqno tcp: make tcp_read_sock() more robust nl80211: Update bss channel on channel switch for P2P_CLIENT atm: firestream: check the return value of ioremap() in fs_init() can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready ARM: 9178/1: fix unmet dependency on BITREVERSE for HAVE_ARCH_BITREVERSE MIPS: smp: fill in sibling and core maps earlier ARM: dts: rockchip: fix a typo on rk3288 crypto-controller arm64: dts: rockchip: fix rk3399-puma eMMC HS400 signal integrity xfrm: Fix xfrm migrate issues when address family changes sctp: fix the processing for INIT_ACK chunk sctp: fix the processing for INIT chunk Linux 4.14.272 btrfs: unlock newly allocated extent buffer after error ext4: add check to prevent attempting to resize an fs with sparse_super2 ARM: fix Thumb2 regression with Spectre BHB virtio: acknowledge all features before access virtio: unexport virtio_finalize_features staging: gdm724x: fix use after free in gdm_lte_rx() ARM: Spectre-BHB: provide empty stub for non-config selftests/memfd: clean up mapping in mfd_fail_write tracing: Ensure trace buffer is at least 4096 bytes large Revert "xen-netback: Check for hotplug-status existence before watching" Revert "xen-netback: remove 'hotplug-status' once it has served its purpose" net-sysfs: add check for netdevice being present to speed_show sctp: fix kernel-infoleak for SCTP sockets gpio: ts4900: Do not set DAT and OE together NFC: port100: fix use-after-free in port100_send_complete net/mlx5: Fix size field in bufferx_reg struct ax25: Fix NULL pointer dereference in ax25_kill_by_device net: ethernet: lpc_eth: Handle error for clk_enable net: ethernet: ti: cpts: Handle error for clk_enable ethernet: Fix error handling in xemaclite_of_probe qed: return status of qed_iov_get_link net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() |
||
|
Greg Kroah-Hartman
|
b296bf0cb0 |
This is the 4.14.276 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmJfsXYACgkQONu9yGCS aT4FSg/+JNuh/FNAa4Es7pC4O3BpsaIIji6MEYjSw1sMMgqtmXCnbm+1TCsgCOee auBiVGZzNjLRNESrqOPisEA5aUs31i3fVOD0c55bHgOhqxtLxaU7HmtqIlfvnEKu a49LRtqq3AEObilBFeBHQnUrTEGO/MnI4XoUsLdR6FWJBnYsBLczDdNGYIWZ/hCX y129piS/P53nHfmPTMH0De6soOXFIx3d82437pwA0vDEANtMx8lyaW+kdPSsgZl7 03JAQFW1KRjiLzHt+9w7c78dbnyEIQd78W4wn4NFglN7Ybxi7NFEjaf0xnyerwG2 b38ofe8Gw5IqUzF6eCHliG1UgQwZD7pNBjOIKukrpxL3bIEcTOhIQeu1HCm901k0 /Y53ju6tNCrv2PbHVylYibasxPiA2gxzFwJW/JvWWTtZZ6AwkZV0fs3LXXpmDix3 7n/QBjQcz4sOAAWwFoaxneUOTaNoFseZtW/dgqbq+Ukgt2SCP15EUDMVjIXi3fDr 3z5+QvO5IbjbcsFShVfDQ6RfnALp4TWXbrPQ+RTK77BZTbMNg7wjKxBC2MmTmStI 8aiDYecKR4FOXdW930zxYHS76gx57V30hur7jlqjFz0uNYnXU/R42kKUxEqD/86G UNX+zMv9uH5INANIy4P6DNZyZoTHQgdMIuuhKvntg/G3BcQ5I7k= =zpoO -----END PGP SIGNATURE----- Merge 4.14.276 into android-4.14-stable Changes in 4.14.276 USB: serial: pl2303: add IBM device IDs USB: serial: simple: add Nokia phone driver netdevice: add the case if dev is NULL virtio_console: break out of buf poll on remove ethernet: sun: Free the coherent when failing in probing spi: Fix invalid sgs value spi: Fix erroneous sgs value with min_t() af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register fuse: fix pipe buffer lifetime for direct_io tpm: fix reference counting for struct tpm_chip block: Add a helper to validate the block size virtio-blk: Use blk_validate_block_size() to validate block size USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c coresight: Fix TRCCONFIGR.QE sysfs interface iio: inkern: apply consumer scale on IIO_VAL_INT cases iio: inkern: apply consumer scale when no channel scale is available iio: inkern: make a best effort on offset calculation clk: uniphier: Fix fixed-rate initialization ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE Documentation: add link to stable release candidate tree Documentation: update stable tree link SUNRPC: avoid race between mod_timer() and del_timer_sync() NFSD: prevent underflow in nfssvc_decode_writeargs() pinctrl: samsung: drop pin banks references on error paths can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path jffs2: fix use-after-free in jffs2_clear_xattr_subsystem jffs2: fix memory leak in jffs2_do_mount_fs jffs2: fix memory leak in jffs2_scan_medium mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node mempolicy: mbind_range() set_policy() after vma_merge() scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands qed: display VF trust config qed: validate and restrict untrusted VFs vlan promisc mode Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads" ALSA: cs4236: fix an incorrect NULL check on list iterator drbd: fix potential silent data corruption ACPI: properties: Consistently return -ENOENT if there are no more references drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() video: fbdev: sm712fb: Fix crash in smtcfb_read() video: fbdev: atari: Atari 2 bpp (STe) palette bugfix ARM: dts: at91: sama5d2: Fix PMERRLOC resource size ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 ARM: dts: exynos: add missing HDMI supplies on SMDK5250 ARM: dts: exynos: add missing HDMI supplies on SMDK5420 carl9170: fix missing bit-wise or operator for tx_params thermal: int340x: Increase bitmap size lib/raid6/test: fix multiple definition linking error DEC: Limit PMAX memory probing to R3k systems media: davinci: vpif: fix unbalanced runtime PM get brcmfmac: firmware: Allocate space for default boardrev in nvram brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio PCI: pciehp: Clear cmd_busy bit in polling mode crypto: authenc - Fix sleep in atomic context in decrypt_tail crypto: mxs-dcp - Fix scatterlist processing spi: tegra114: Add missing IRQ check in tegra_spi_probe selftests/x86: Add validity check and allow field splitting spi: pxa2xx-pci: Balance reference count for PCI DMA device hwmon: (pmbus) Add mutex to regulator ops hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING PM: hibernate: fix __setup handler error handling PM: suspend: fix return value of __setup handler hwrng: atmel - disable trng on failure path crypto: vmx - add missing dependencies ACPI: APEI: fix return value of __setup handlers crypto: ccp - ccp_dmaengine_unregister release dma channels hwmon: (pmbus) Add Vin unit off handling clocksource: acpi_pm: fix return value of __setup handler sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa perf/core: Fix address filter parser for multiple filters perf/x86/intel/pt: Fix address filter config for 32-bit kernel media: coda: Fix missing put_device() call in coda_get_vdoa_data video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() ARM: dts: qcom: ipq4019: fix sleep clock soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe media: usb: go7007: s2250-board: fix leak in probe() ASoC: ti: davinci-i2s: Add check for clk_enable() ALSA: spi: Add check for clk_enable() arm64: dts: ns2: Fix spi-cpol and spi-cpha property arm64: dts: broadcom: Fix sata nodename printk: fix return value of printk.devkmsg __setup handler ASoC: mxs-saif: Handle errors for clk_enable ASoC: atmel_ssc_dai: Handle errors for clk_enable memory: emif: Add check for setup_interrupts memory: emif: check the pointer temp in get_device_details() ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe ASoC: wm8350: Handle error for wm8350_register_irq ASoC: fsi: Add check for clk_enable video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of ASoC: dmaengine: do not use a NULL prepare_slave_config() callback ASoC: mxs: Fix error handling in mxs_sgtl5000_probe ASoC: imx-es8328: Fix error return code in imx_es8328_probe() ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe mtd: onenand: Check for error irq drm/edid: Don't clear formats if using deep color ath9k_htc: fix uninit value bugs power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe ray_cs: Check ioremap return value power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports iwlwifi: Fix -EIO error code that is never returned dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS scsi: pm8001: Fix command initialization in pm80XX_send_read_log() scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() scsi: pm8001: Fix abort all task initialization TOMOYO: fix __setup handlers return values ext2: correct max file size computing drm/tegra: Fix reference leak in tegra_dsi_ganged_probe power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return KVM: x86: Fix emulation in writing cr8 KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() i2c: xiic: Make bus names unique power: supply: wm8350-power: Handle error for wm8350_register_irq power: supply: wm8350-power: Add missing free in free_charger_irq PCI: Reduce warnings on possible RW1C corruption powerpc/sysdev: fix incorrect use to determine if list is empty mfd: mc13xxx: Add check for mc13xxx_irq_request vxcan: enable local echo for sent CAN frames MIPS: RB532: fix return value of __setup handler mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init USB: storage: ums-realtek: fix error code in rts51x_read_mem() af_netlink: Fix shift out of bounds in group mask calculation i2c: mux: demux-pinctrl: do not deactivate a master that is not active tcp: ensure PMTU updates are processed during fastopen mfd: asic3: Add missing iounmap() on error asic3_mfd_probe mxser: fix xmit_buf leak in activate when LSR == 0xff pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() staging:iio:adc:ad7280a: Fix handing of device address bit reversing. serial: 8250_mid: Balance reference count for PCI DMA device serial: 8250: Fix race condition in RTS-after-send handling iio: adc: Add check for devm_request_threaded_irq clk: qcom: clk-rcg2: Update the frac table for pixel clock remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region clk: loongson1: Terminate clk_div_table with sentinel element clk: clps711x: Terminate clk_div_table with sentinel element clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver NFS: remove unneeded check in decode_devicenotify_args() pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe tty: hvc: fix return value of __setup handler kgdboc: fix return value of __setup handler kgdbts: fix return value of __setup handler jfs: fix divide error in dbNextAG netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options xen: fix is_xen_pmu() net: phy: broadcom: Fix brcm_fet_config_init() qlcnic: dcb: default to returning -EOPNOTSUPP net/x25: Fix null-ptr-deref caused by x25_disconnect NFSv4/pNFS: Fix another issue with a list iterator pointing to the head lib/test: use after free in register_test_dev_kmod() selinux: use correct type for context length loop: use sysfs_emit() in the sysfs xxx show() Fix incorrect type in assignment of ipv6 port for audit irqchip/nvic: Release nvic_base upon failure ACPICA: Avoid walking the ACPI Namespace if it is not there ACPI/APEI: Limit printable size of BERT table data PM: core: keep irq flags in device_pm_check_callbacks() spi: tegra20: Use of_device_get_match_data() ext4: don't BUG if someone dirty pages without asking ext4 first ntfs: add sanity check on allocation size video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow video: fbdev: w100fb: Reset global state video: fbdev: cirrusfb: check pixclock to avoid divide by zero video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960 ARM: dts: bcm2837: Add the missing L1/L2 cache information video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf() video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf() ASoC: soc-core: skip zero num_dai component in searching dai name media: cx88-mpeg: clear interrupt status register before streaming video ARM: tegra: tamonten: Fix I2C3 pad setting ARM: mmp: Fix failure to remove sram device video: fbdev: sm712fb: Fix crash in smtcfb_write() media: hdpvr: initialize dev->worker at hdpvr_register_videodev mmc: host: Return an error when ->enable_sdio_irq() ops is missing powerpc/lib/sstep: Fix 'sthcx' instruction powerpc/lib/sstep: Fix build errors with newer binutils scsi: qla2xxx: Fix warning for missing error code scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() KVM: Prevent module exit until all VMs are freed ubifs: rename_whiteout: Fix double free for whiteout_ui->data ubifs: Add missing iput if do_tmpfile() failed in rename whiteout ubifs: setflags: Make dirtied_ino_d 8 bytes aligned ubifs: rename_whiteout: correct old_dir size computing can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path can: mcba_usb: properly check endpoint type gfs2: Make sure FITRIM minlen is rounded up to fs block size pinctrl: pinconf-generic: Print arguments for bias-pull-* ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl ACPI: CPPC: Avoid out of bounds access when parsing _CPC data mm/mmap: return 1 from stack_guard_gap __setup() handler mm/memcontrol: return 1 from cgroup.memory __setup() handler ubi: fastmap: Return error code if memory allocation fails in add_aeb() ASoC: topology: Allow TLV control to be either read or write ARM: dts: spear1340: Update serial node properties ARM: dts: spear13xx: Update SPI dma properties openvswitch: Fixed nd target mask field in the flow dump. KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated ubifs: Rectify space amount budget for mkdir/tmpfile operations rtc: wm8350: Handle error for wm8350_register_irq ARM: 9187/1: JIVE: fix return value of __setup handler KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 ptp: replace snprintf with sysfs_emit powerpc: dts: t104xrdb: fix phy type for FMAN 4/5 scsi: mvsas: Replace snprintf() with sysfs_emit() scsi: bfa: Replace snprintf() with sysfs_emit() power: supply: axp20x_battery: properly report current when discharging powerpc: Set crashkernel offset to mid of RMA region PCI: aardvark: Fix support for MSI interrupts iommu/arm-smmu-v3: fix event handling soft lockup dm ioctl: prevent potential spectre v1 gadget scsi: pm8001: Fix pm8001_mpi_task_abort_resp() scsi: aha152x: Fix aha152x_setup() __setup handler return value net/smc: correct settings of RMB window update limit macvtap: advertise link netns via netlink bnxt_en: Eliminate unintended link toggle during FW reset MIPS: fix fortify panic when copying asm exception handlers scsi: libfc: Fix use after free in fc_exch_abts_resp() usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm xtensa: fix DTC warning unit_address_format Bluetooth: Fix use after free in hci_send_acl init/main.c: return 1 from handled __setup() functions w1: w1_therm: fixes w1_seq for ds28ea00 sensors SUNRPC/call_alloc: async tasks mustn't block waiting for memory NFS: swap IO handling is slightly different for O_DIRECT IO NFS: swap-out must always use STABLE writes. serial: samsung_tty: do not unlock port->lock for uart_write_wakeup() virtio_console: eliminate anonymous module_init & module_exit jfs: prevent NULL deref in diFree parisc: Fix CPU affinity for Lasi, WAX and Dino chips ipv6: add missing tx timestamping on IPPROTO_RAW net: add missing SOF_TIMESTAMPING_OPT_ID support mm: fix race between MADV_FREE reclaim and blkdev direct IO read drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() net: stmmac: Fix unset max_speed difference between DT and non-DT platforms drm/imx: Fix memory leak in imx_pd_connector_get_modes drbd: Fix five use after free bugs in get_initial_state Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning" mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) mm/mempolicy: fix mpol_new leak in shared_policy_replace x86/pm: Save the MSR validity status at context setup x86/speculation: Restore speculation related MSRs during S3 resume btrfs: fix qgroup reserve overflow the qgroup limit arm64: patch_text: Fixup last cpu should be master perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator tools build: Use $(shell ) instead of `` to get embedded libperl's ccopts dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error" mm: don't skip swap entry even if zap_details specified arm64: module: remove (NOLOAD) from linker script mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning cgroup: Use open-time credentials for process migraton perm checks cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv cgroup: Use open-time cgroup namespace for process migration perm checks xfrm: policy: match with both mark and mask on user interfaces memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe veth: Ensure eth header is in skb's linear part gpiolib: acpi: use correct format characters mlxsw: i2c: Fix initialization error flow net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link nfc: nci: add flush_workqueue to prevent uaf cifs: potential buffer overflow in handling symlinks drm/amd: Add USBC connector ID drm/amdkfd: Check for potential null return of kmalloc_array() Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer scsi: target: tcmu: Fix possible page UAF scsi: ibmvscsis: Increase INITIAL_SRP_LIMIT to 1024 net: micrel: fix KS8851_MLL Kconfig ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs gpu: ipu-v3: Fix dev_dbg frequency output scsi: mvsas: Add PCI ID of RocketRaid 2640 drivers: net: slip: fix NPD bug in sl_tx_timeout() mm, page_alloc: fix build_zonerefs_node() mm: kmemleak: take a full lowmem check in kmemleak_*_phys() gcc-plugins: latent_entropy: use /dev/urandom ALSA: pcm: Test for "silence" field in struct "pcm_format_data" ARM: davinci: da850-evm: Avoid NULL pointer dereference smp: Fix offline cpu check in flush_smp_call_function_queue() i2c: pasemi: Wait for write xfers to finish Linux 4.14.276 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I45d8292ce654c0236758030a89b4618cf3a3d87b |
||
|
Zhihao Cheng
|
f7e252d7e4 |
ubifs: Rectify space amount budget for mkdir/tmpfile operations
[ Upstream commit a6dab6607d4681d227905d5198710b575dbdb519 ]
UBIFS should make sure the flash has enough space to store dirty (Data
that is newer than disk) data (in memory), space budget is exactly
designed to do that. If space budget calculates less data than we need,
'make_reservation()' will do more work(return -ENOSPC if no free space
lelf, sometimes we can see "cannot reserve xxx bytes in jhead xxx, error
-28" in ubifs error messages) with ubifs inodes locked, which may effect
other syscalls.
A simple way to decide how much space do we need when make a budget:
See how much space is needed by 'make_reservation()' in ubifs_jnl_xxx()
function according to corresponding operation.
It's better to report ENOSPC in ubifs_budget_space(), as early as we can.
Fixes: 474b93704f32163 ("ubifs: Implement O_TMPFILE")
Fixes: 1e51764a3c2ac05 ("UBIFS: add new flash file system")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
Baokun Li
|
d6a8cbe916 |
ubifs: rename_whiteout: correct old_dir size computing
commit 705757274599e2e064dd3054aabc74e8af31a095 upstream.
When renaming the whiteout file, the old whiteout file is not deleted.
Therefore, we add the old dentry size to the old dir like XFS.
Otherwise, an error may be reported due to `fscki->calc_sz != fscki->size`
in check_indes.
Fixes: 9e0a1fff8db56ea ("ubifs: Implement RENAME_WHITEOUT")
Reported-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Baokun Li <libaokun1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Zhihao Cheng
|
defaaeaae3 |
ubifs: setflags: Make dirtied_ino_d 8 bytes aligned
commit 1b83ec057db16b4d0697dc21ef7a9743b6041f72 upstream.
Make 'ui->data_len' aligned with 8 bytes before it is assigned to
dirtied_ino_d. Since 8871d84c8f8b0c6b("ubifs: convert to fileattr")
applied, 'setflags()' only affects regular files and directories, only
xattr inode, symlink inode and special inode(pipe/char_dev/block_dev)
have none- zero 'ui->data_len' field, so assertion
'!(req->dirtied_ino_d & 7)' cannot fail in ubifs_budget_space().
To avoid assertion fails in future evolution(eg. setflags can operate
special inodes), it's better to make dirtied_ino_d 8 bytes aligned,
after all aligned size is still zero for regular files.
Fixes: 1e51764a3c2ac05a ("UBIFS: add new flash file system")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Zhihao Cheng
|
a94ab3ad70 |
ubifs: Add missing iput if do_tmpfile() failed in rename whiteout
commit 716b4573026bcbfa7b58ed19fe15554bac66b082 upstream.
whiteout inode should be put when do_tmpfile() failed if inode has been
initialized. Otherwise we will get following warning during umount:
UBIFS error (ubi0:0 pid 1494): ubifs_assert_failed [ubifs]: UBIFS
assert failed: c->bi.dd_growth == 0, in fs/ubifs/super.c:1930
VFS: Busy inodes after unmount of ubifs. Self-destruct in 5 seconds.
Fixes: 9e0a1fff8db56ea ("ubifs: Implement RENAME_WHITEOUT")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Suggested-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Zhihao Cheng
|
8b3c7be16f |
ubifs: rename_whiteout: Fix double free for whiteout_ui->data
commit 40a8f0d5e7b3999f096570edab71c345da812e3e upstream.
'whiteout_ui->data' will be freed twice if space budget fail for
rename whiteout operation as following process:
rename_whiteout
dev = kmalloc
whiteout_ui->data = dev
kfree(whiteout_ui->data) // Free first time
iput(whiteout)
ubifs_free_inode
kfree(ui->data) // Double free!
KASAN reports:
==================================================================
BUG: KASAN: double-free or invalid-free in ubifs_free_inode+0x4f/0x70
Call Trace:
kfree+0x117/0x490
ubifs_free_inode+0x4f/0x70 [ubifs]
i_callback+0x30/0x60
rcu_do_batch+0x366/0xac0
__do_softirq+0x133/0x57f
Allocated by task 1506:
kmem_cache_alloc_trace+0x3c2/0x7a0
do_rename+0x9b7/0x1150 [ubifs]
ubifs_rename+0x106/0x1f0 [ubifs]
do_syscall_64+0x35/0x80
Freed by task 1506:
kfree+0x117/0x490
do_rename.cold+0x53/0x8a [ubifs]
ubifs_rename+0x106/0x1f0 [ubifs]
do_syscall_64+0x35/0x80
The buggy address belongs to the object at ffff88810238bed8 which
belongs to the cache kmalloc-8 of size 8
==================================================================
Let ubifs_free_inode() free 'whiteout_ui->data'. BTW, delete unused
assignment 'whiteout_ui->data_len = 0', process 'ubifs_evict_inode()
-> ubifs_jnl_delete_inode() -> ubifs_jnl_write_inode()' doesn't need it
(because 'inc_nlink(whiteout)' won't be excuted by 'goto out_release',
and the nlink of whiteout inode is 0).
Fixes: 9e0a1fff8db56ea ("ubifs: Implement RENAME_WHITEOUT")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Arian
|
3a330c6445 |
Merge branch 'android-4.14-stable' of https://android.googlesource.com/kernel/common into HEAD
Change-Id: I714223aa1f97959bd97b6bf758511466c9394bd8 |
||
|
Greg Kroah-Hartman
|
2fcd4969cf |
This is the 4.14.263 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmHyUUIACgkQONu9yGCS
aT4WTxAAitdyMkdXXlFsJtrie+9DO+NxgZJajZ2mWbooDk4HmDR+aOq8PGR8mJPs
rBsJfHUS0YrwM9AaWS9GvVUiU0ZHLnisLPTBdowQONbsd16r6TGO6RjAEp/odaeB
J6pti1V8pXEhxS+JRUhsPBeLfWx4pE+vP+pgDCi2ESaKew3U60q1k4hjKHMMAeov
HijWTJYRLNvE8aJKiZ13ZtB+N+YH9mxyZLQYk9nQ4ekoVlYr+2FubnH1Mxis7Lp1
8pyWtXsIixaYTzbfKAXiNg/x5GIDdfoYy/PVM9Rhi7mIrf902/19x+B4qGiIsV9T
P7GzSC2dY461U8LcqnFtve7LNRRIZC/f8uqAXRVCUsxQclG5dBWDFtjVFujqAi4e
FB/C67agIV/x9nlDRG8Ne72St7MzY/gmQzBq6HnSgSPaQLiXuRu9sgBuJKreEdxi
paPQlif222xeaTNTg6RLXQCCrbw4sDYfKe16peHnA4AQ7wPE0ZRC2JKnG600L5kw
sfVytizbyc3cg4AyGJrZzoElC8k3PMP49owf/Gc18ewuJ9RfaoPQJfKMwzbMI3tz
zxez9Pr6cGzTMb3HfpakmEK+YtbVFjjwUybij7kzJDArK6o6aqm+WXGkF2Eez2+h
Q6o7+5zeRdAMPSMeOJeXdQdrQ0OxOaUMgAkKuP5RkfuJJNDIs6c=
=6b7N
-----END PGP SIGNATURE-----
Merge 4.14.263 into android-4.14-stable
Changes in 4.14.263
Bluetooth: bfusb: fix division by zero in send path
USB: core: Fix bug in resuming hub's handling of wakeup requests
USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status
mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe()
can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data
can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved}
random: fix data race on crng_node_pool
random: fix data race on crng init time
staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn()
drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk()
orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc()
media: uvcvideo: fix division by zero at stream start
rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled
Bluetooth: schedule SCO timeouts with delayed_work
Bluetooth: fix init and cleanup of sco_conn.timeout_work
HID: uhid: Fix worker destroying device without any protection
HID: wacom: Ignore the confidence flag when a touch is removed
HID: wacom: Avoid using stale array indicies to read contact count
nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind()
rtc: cmos: take rtc_lock while reading from CMOS
media: flexcop-usb: fix control-message timeouts
media: mceusb: fix control-message timeouts
media: em28xx: fix control-message timeouts
media: cpia2: fix control-message timeouts
media: s2255: fix control-message timeouts
media: dib0700: fix undefined behavior in tuner shutdown
media: redrat3: fix control-message timeouts
media: pvrusb2: fix control-message timeouts
media: stk1160: fix control-message timeouts
can: softing_cs: softingcs_probe(): fix memleak on registration failure
shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode
PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails
clk: bcm-2835: Pick the closest clock rate
clk: bcm-2835: Remove rounding up the dividers
wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND
media: em28xx: fix memory leak in em28xx_init_dev
Bluetooth: stop proccessing malicious adv data
media: dmxdev: fix UAF when dvb_register_device() fails
crypto: qce - fix uaf on qce_ahash_register_one
tty: serial: atmel: Check return code of dmaengine_submit()
tty: serial: atmel: Call dma_async_issue_pending()
media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released
netfilter: bridge: add support for pppoe filtering
arm64: dts: qcom: msm8916: fix MMC controller aliases
drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode()
drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms()
serial: amba-pl011: do not request memory region twice
floppy: Fix hang in watchdog when disk is ejected
media: dib8000: Fix a memleak in dib8000_init()
media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach()
media: si2157: Fix "warm" tuner state detection
sched/rt: Try to restart rt period timer when rt runtime exceeded
media: dw2102: Fix use after free
media: msi001: fix possible null-ptr-deref in msi001_probe()
usb: ftdi-elan: fix memory leak on device disconnect
x86/mce/inject: Avoid out-of-bounds write when setting flags
pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region()
pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region()
ppp: ensure minimum packet size in ppp_write()
fsl/fman: Check for null pointer after calling devm_ioremap
spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe
tpm: add request_locality before write TPM_INT_ENABLE
can: softing: softing_startstop(): fix set but not used variable warning
can: xilinx_can: xcan_probe(): check for error irq
pcmcia: fix setting of kthread task states
net: mcs7830: handle usb read errors properly
ext4: avoid trim error on fs with small groups
ALSA: jack: Add missing rwsem around snd_ctl_remove() calls
ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls
ALSA: hda: Add missing rwsem around snd_ctl_remove() calls
RDMA/hns: Validate the pkey index
powerpc/prom_init: Fix improper check of prom_getprop()
ALSA: oss: fix compile error when OSS_DEBUG is enabled
char/mwave: Adjust io port register size
scsi: ufs: Fix race conditions related to driver data
RDMA/core: Let ib_find_gid() continue search even after empty entry
dmaengine: pxa/mmp: stop referencing config->slave_id
iommu/iova: Fix race between FQ timeout and teardown
ASoC: samsung: idma: Check of ioremap return value
misc: lattice-ecp3-config: Fix task hung when firmware load failed
mips: lantiq: add support for clk_set_parent()
mips: bcm63xx: add support for clk_set_parent()
RDMA/cxgb4: Set queue pair state when being queried
Bluetooth: Fix debugfs entry leak in hci_register_dev()
fs: dlm: filter user dlm messages for kernel locks
ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply
drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR
usb: gadget: f_fs: Use stream_open() for endpoint files
HID: apple: Do not reset quirks when the Fn key is not found
media: b2c2: Add missing check in flexcop_pci_isr:
mlxsw: pci: Add shutdown method in PCI driver
drm/bridge: megachips: Ensure both bridges are probed before registration
gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use
HSI: core: Fix return freed object in hsi_new_client
mwifiex: Fix skb_over_panic in mwifiex_usb_recv()
usb: uhci: add aspeed ast2600 uhci support
floppy: Add max size check for user space request
media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds.
media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach()
media: m920x: don't use stack on USB reads
iwlwifi: mvm: synchronize with FW after multicast commands
ath10k: Fix tx hanging
net: bonding: debug: avoid printing debug logs when bond is not notifying peers
bpf: Do not WARN in bpf_warn_invalid_xdp_action()
media: igorplugusb: receiver overflow should be reported
media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach()
mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO
arm64: tegra: Adjust length of CCPLEX cluster MMIO region
usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0
ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream
iwlwifi: fix leaks/bad data after failed firmware load
iwlwifi: remove module loading failure message
um: registers: Rename function names to avoid conflicts and build problems
jffs2: GC deadlock reading a page that is used in jffs2_write_begin()
ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions
ACPICA: Utilities: Avoid deleting the same object twice in a row
ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R()
ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5
btrfs: remove BUG_ON() in find_parent_nodes()
btrfs: remove BUG_ON(!eie) in find_parent_nodes
net: mdio: Demote probed message to debug print
mac80211: allow non-standard VHT MCS-10/11
dm btree: add a defensive bounds check to insert_at()
dm space map common: add bounds check to sm_ll_lookup_bitmap()
net: phy: marvell: configure RGMII delays for 88E1118
serial: pl010: Drop CR register reset on set_termios
serial: core: Keep mctrl register state and cached copy in sync
parisc: Avoid calling faulthandler_disabled() twice
powerpc/6xx: add missing of_node_put
powerpc/powernv: add missing of_node_put
powerpc/cell: add missing of_node_put
powerpc/btext: add missing of_node_put
powerpc/watchdog: Fix missed watchdog reset due to memory ordering race
i2c: i801: Don't silently correct invalid transfer size
powerpc/smp: Move setup_profiling_timer() under CONFIG_PROFILING
i2c: mpc: Correct I2C reset procedure
w1: Misuse of get_user()/put_user() reported by sparse
ALSA: seq: Set upper limit of processed events
MIPS: OCTEON: add put_device() after of_find_device_by_node()
i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters
MIPS: Octeon: Fix build errors using clang
scsi: sr: Don't use GFP_DMA
ASoC: mediatek: mt8173: fix device_node leak
power: bq25890: Enable continuous conversion for ADC at charging
ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers
serial: Fix incorrect rs485 polarity on uart open
cputime, cpuacct: Include guest time in user time in cpuacct.stat
iwlwifi: mvm: Increase the scan timeout guard to 30 seconds
ext4: make sure quota gets properly shutdown on error
ext4: set csum seed in tmp inode while migrating to extents
ext4: Fix BUG_ON in ext4_bread when write quota data
ext4: don't use the orphan list when migrating an inode
crypto: stm32/crc32 - Fix kernel BUG triggered in probe()
drm/radeon: fix error handling in radeon_driver_open_kms
firmware: Update Kconfig help text for Google firmware
Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization
RDMA/hns: Modify the mapping attribute of doorbell to device
RDMA/rxe: Fix a typo in opcode name
powerpc/cell: Fix clang -Wimplicit-fallthrough warning
powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses
net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module
parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries
af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress
net: axienet: Wait for PhyRstCmplt after core reset
net: axienet: fix number of TX ring slots for available check
netns: add schedule point in ops_exit_list()
libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route()
dmaengine: at_xdmac: Don't start transactions at tx_submit level
dmaengine: at_xdmac: Print debug message after realeasing the lock
dmaengine: at_xdmac: Fix lld view setting
dmaengine: at_xdmac: Fix at_xdmac_lld struct definition
net_sched: restore "mpu xxx" handling
bcmgenet: add WOL IRQ check
scripts/dtc: dtx_diff: remove broken example from help text
lib82596: Fix IRQ check in sni_82596_probe
mips,s390,sh,sparc: gup: Work around the "COW can break either way" issue
drm/ttm/nouveau: don't call tt destroy callback on alloc failure.
fuse: fix bad inode
fuse: fix live lock in fuse_iget()
gianfar: simplify FCS handling and fix memory leak
gianfar: fix jumbo packets+napi+rx overrun crash
NFSv4: Initialise connection to the server in nfs4_alloc_client()
Linux 4.14.263
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Id582f955b2955c5d007268d9a6e5c6203a5ef0cf
|
||
Petr Cvachoucek
|
5fba5c5d0c |
ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers
commit 3fea4d9d160186617ff40490ae01f4f4f36b28ff upstream. it seems freeing the write buffers in the error path of the ubifs_remount_rw() is wrong. It leads later to a kernel oops like this: [10016.431274] UBIFS (ubi0:0): start fixing up free space [10090.810042] UBIFS (ubi0:0): free space fixup complete [10090.814623] UBIFS error (ubi0:0 pid 512): ubifs_remount_fs: cannot spawn "ubifs_bgt0_0", error -4 [10101.915108] UBIFS (ubi0:0): background thread "ubifs_bgt0_0" started, PID 517 [10105.275498] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000030 [10105.284352] Mem abort info: [10105.287160] ESR = 0x96000006 [10105.290252] EC = 0x25: DABT (current EL), IL = 32 bits [10105.295592] SET = 0, FnV = 0 [10105.298652] EA = 0, S1PTW = 0 [10105.301848] Data abort info: [10105.304723] ISV = 0, ISS = 0x00000006 [10105.308573] CM = 0, WnR = 0 [10105.311564] user pgtable: 4k pages, 48-bit VAs, pgdp=00000000f03d1000 [10105.318034] [0000000000000030] pgd=00000000f6cee003, pud=00000000f4884003, pmd=0000000000000000 [10105.326783] Internal error: Oops: 96000006 [#1] PREEMPT SMP [10105.332355] Modules linked in: ath10k_pci ath10k_core ath mac80211 libarc4 cfg80211 nvme nvme_core cryptodev(O) [10105.342468] CPU: 3 PID: 518 Comm: touch Tainted: G O 5.4.3 #1 [10105.349517] Hardware name: HYPEX CPU (DT) [10105.353525] pstate: 40000005 (nZcv daif -PAN -UAO) [10105.358324] pc : atomic64_try_cmpxchg_acquire.constprop.22+0x8/0x34 [10105.364596] lr : mutex_lock+0x1c/0x34 [10105.368253] sp : ffff000075633aa0 [10105.371563] x29: ffff000075633aa0 x28: 0000000000000001 [10105.376874] x27: ffff000076fa80c8 x26: 0000000000000004 [10105.382185] x25: 0000000000000030 x24: 0000000000000000 [10105.387495] x23: 0000000000000000 x22: 0000000000000038 [10105.392807] x21: 000000000000000c x20: ffff000076fa80c8 [10105.398119] x19: ffff000076fa8000 x18: 0000000000000000 [10105.403429] x17: 0000000000000000 x16: 0000000000000000 [10105.408741] x15: 0000000000000000 x14: fefefefefefefeff [10105.414052] x13: 0000000000000000 x12: 0000000000000fe0 [10105.419364] x11: 0000000000000fe0 x10: ffff000076709020 [10105.424675] x9 : 0000000000000000 x8 : 00000000000000a0 [10105.429986] x7 : ffff000076fa80f4 x6 : 0000000000000030 [10105.435297] x5 : 0000000000000000 x4 : 0000000000000000 [10105.440609] x3 : 0000000000000000 x2 : ffff00006f276040 [10105.445920] x1 : ffff000075633ab8 x0 : 0000000000000030 [10105.451232] Call trace: [10105.453676] atomic64_try_cmpxchg_acquire.constprop.22+0x8/0x34 [10105.459600] ubifs_garbage_collect+0xb4/0x334 [10105.463956] ubifs_budget_space+0x398/0x458 [10105.468139] ubifs_create+0x50/0x180 [10105.471712] path_openat+0x6a0/0x9b0 [10105.475284] do_filp_open+0x34/0x7c [10105.478771] do_sys_open+0x78/0xe4 [10105.482170] __arm64_sys_openat+0x1c/0x24 [10105.486180] el0_svc_handler+0x84/0xc8 [10105.489928] el0_svc+0x8/0xc [10105.492808] Code: 52800013 17fffffb d2800003 f9800011 (c85ffc05) [10105.498903] ---[ end trace 46b721d93267a586 ]--- To reproduce the problem: 1. Filesystem initially mounted read-only, free space fixup flag set. 2. mount -o remount,rw <mountpoint> 3. it takes some time (free space fixup running) ... try to terminate running mount by CTRL-C ... does not respond, only after free space fixup is complete ... then "ubifs_remount_fs: cannot spawn "ubifs_bgt0_0", error -4" 4. mount -o remount,rw <mountpoint> ... now finished instantly (fixup already done). 5. Create file or just unmount the filesystem and we get the oops. Cc: <stable@vger.kernel.org> Fixes: b50b9f408502 ("UBIFS: do not free write-buffers when in R/O mode") Signed-off-by: Petr Cvachoucek <cvachoucek@gmail.com> Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
7b74d84a30 |
This is the 4.14.240 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmD221sACgkQONu9yGCS
aT6gfhAAlQIQSPK9XKZc2VSaWxJkRtJAPzgNsLJyGfWLIjwwVb00oQboFJMpECev
w1PT3cvmBeKyJyXXCtsreHM4tDXau00kSkrQ6o3Vi0yuOC4SSEmrlgtGkI3xUl5X
spXrO0pnVgomDDqxscZPR06S1iMEKYKbh21FerJZ16DUGofl5LYe8bJ6feAD7cHd
F8PbTFgr0icIDE38bpE9zOieavtRxA0YWAhfKQ8ae4R8ZEKfFVQCbXy0SWom4K6y
KGyU8J1LejyYEe1wG0YP2/wCzFfhCCz6fRXoyJEMzpUx5xM/PkI+rRvezUoJNEHB
tw/dF5d/C9hZ7IVzASowgeigrygg6ui8VJB0WUN18t3ds+QBKmE0F9QF3eiHF91W
I5oKz8ouRNpaCN48W7FovRgtMYGXFpqG3zHY6XcwsmzhNHOj2yuOElEKoQjv/JKO
Oldi/gDy/URqeVCF5UxCMZvOEtBhdbLzgGRnf3yVG3fW8WpN6lU0MllCgC4H7xw8
95FlMfn1ODuUdaPAO2g6+2wgILC7wJ1tfqDQBnzlKxahRBG0+KeVO0rYhpYUTABK
hq0TpvfTSuiJxmk25pJTw75+zTsT89To7+KvRl3LeH4yxZu6bLyx2eH6Cljc2Vf1
z86t18yVj8vgrJmRbMGuSjK/3kDOR/H/T+iCOl560Ys74smF36U=
=0ISn
-----END PGP SIGNATURE-----
Merge 4.14.240 into android-4.14-stable
Changes in 4.14.240
ALSA: usb-audio: fix rate on Ozone Z90 USB headset
media: dvb-usb: fix wrong definition
Input: usbtouchscreen - fix control-request directions
net: can: ems_usb: fix use-after-free in ems_usb_disconnect()
usb: gadget: eem: fix echo command packet response issue
USB: cdc-acm: blacklist Heimann USB Appset device
ntfs: fix validity check for file name attribute
iov_iter_fault_in_readable() should do nothing in xarray case
Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
ARM: dts: at91: sama5d4: fix pinctrl muxing
btrfs: send: fix invalid path for unlink operations after parent orphanization
btrfs: clear defrag status of a root if starting transaction fails
ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle
ext4: fix kernel infoleak via ext4_extent_header
ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
ext4: remove check for zero nr_to_scan in ext4_es_scan()
ext4: fix avefreec in find_group_orlov
ext4: use ext4_grp_locked_error in mb_find_extent
can: bcm: delay release of struct bcm_op after synchronize_rcu()
can: gw: synchronize rcu operations before removing gw job entry
can: peak_pciefd: pucan_handle_status(): fix a potential starvation issue in TX path
SUNRPC: Fix the batch tasks count wraparound.
SUNRPC: Should wake up the privileged task firstly.
s390/cio: dont call css_wait_for_slow_path() inside a lock
rtc: stm32: Fix unbalanced clk_disable_unprepare() on probe error path
iio: ltr501: mark register holding upper 8 bits of ALS_DATA{0,1} and PS_DATA as volatile, too
iio: ltr501: ltr559: fix initialization of LTR501_ALS_CONTR
iio: ltr501: ltr501_read_ps(): add missing endianness conversion
serial: sh-sci: Stop dmaengine transfer in sci_stop_tx()
serial_cs: Add Option International GSM-Ready 56K/ISDN modem
serial_cs: remove wrong GLOBETROTTER.cis entry
ath9k: Fix kernel NULL pointer dereference during ath_reset_internal()
ssb: sdio: Don't overwrite const buffer if block_write fails
rsi: Assign beacon rate settings to the correct rate_info descriptor field
seq_buf: Make trace_seq_putmem_hex() support data longer than 8
fuse: check connected before queueing on fpq->io
spi: Make of_register_spi_device also set the fwnode
spi: spi-loopback-test: Fix 'tx_buf' might be 'rx_buf'
spi: spi-topcliff-pch: Fix potential double free in pch_spi_process_messages()
spi: omap-100k: Fix the length judgment problem
crypto: nx - add missing MODULE_DEVICE_TABLE
media: cpia2: fix memory leak in cpia2_usb_probe
media: cobalt: fix race condition in setting HPD
media: pvrusb2: fix warning in pvr2_i2c_core_done
crypto: qat - check return code of qat_hal_rd_rel_reg()
crypto: qat - remove unused macro in FW loader
media: em28xx: Fix possible memory leak of em28xx struct
media: v4l2-core: Avoid the dangling pointer in v4l2_fh_release
media: bt8xx: Fix a missing check bug in bt878_probe
media: st-hva: Fix potential NULL pointer dereferences
media: dvd_usb: memory leak in cinergyt2_fe_attach
mmc: via-sdmmc: add a check against NULL pointer dereference
crypto: shash - avoid comparing pointers to exported functions under CFI
media: dvb_net: avoid speculation from net slot
media: siano: fix device register error path
btrfs: fix error handling in __btrfs_update_delayed_inode
btrfs: abort transaction if we fail to update the delayed inode
btrfs: disable build on platforms having page size 256K
regulator: da9052: Ensure enough delay time for .set_voltage_time_sel
HID: do not use down_interruptible() when unbinding devices
ACPI: processor idle: Fix up C-state latency if not ordered
hv_utils: Fix passing zero to 'PTR_ERR' warning
lib: vsprintf: Fix handling of number field widths in vsscanf
ACPI: EC: Make more Asus laptops use ECDT _GPE
block_dump: remove block_dump feature in mark_inode_dirty()
fs: dlm: cancel work sync othercon
random32: Fix implicit truncation warning in prandom_seed_state()
fs: dlm: fix memory leak when fenced
ACPICA: Fix memory leak caused by _CID repair function
ACPI: bus: Call kobject_put() in acpi_init() error path
platform/x86: toshiba_acpi: Fix missing error code in toshiba_acpi_setup_keyboard()
ACPI: tables: Add custom DSDT file as makefile prerequisite
HID: wacom: Correct base usage for capacitive ExpressKey status bits
ia64: mca_drv: fix incorrect array size calculation
media: s5p_cec: decrement usage count if disabled
crypto: ixp4xx - dma_unmap the correct address
crypto: ux500 - Fix error return code in hash_hw_final()
sata_highbank: fix deferred probing
pata_rb532_cf: fix deferred probing
media: I2C: change 'RST' to "RSET" to fix multiple build errors
pata_octeon_cf: avoid WARN_ON() in ata_host_activate()
crypto: ccp - Fix a resource leak in an error handling path
pata_ep93xx: fix deferred probing
media: exynos4-is: Fix a use after free in isp_video_release
media: tc358743: Fix error return code in tc358743_probe_of()
media: siano: Fix out-of-bounds warnings in smscore_load_firmware_family2()
mmc: usdhi6rol0: fix error return code in usdhi6_probe()
media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx
hwmon: (max31722) Remove non-standard ACPI device IDs
hwmon: (max31790) Fix fan speed reporting for fan7..12
btrfs: clear log tree recovering status if starting transaction fails
spi: spi-sun6i: Fix chipselect/clock bug
crypto: nx - Fix RCU warning in nx842_OF_upd_status
ACPI: sysfs: Fix a buffer overrun problem with description_show()
ocfs2: fix snprintf() checking
net: pch_gbe: Propagate error from devm_gpio_request_one()
drm/rockchip: cdn-dp-core: add missing clk_disable_unprepare() on error in cdn_dp_grf_write()
ehea: fix error return code in ehea_restart_qps()
RDMA/rxe: Fix failure during driver load
drm: qxl: ensure surf.data is ininitialized
wireless: carl9170: fix LEDS build errors & warnings
brcmsmac: mac80211_if: Fix a resource leak in an error handling path
ath10k: Fix an error code in ath10k_add_interface()
netlabel: Fix memory leak in netlbl_mgmt_add_common
netfilter: nft_exthdr: check for IPv6 packet before further processing
samples/bpf: Fix the error return code of xdp_redirect's main()
net: ethernet: aeroflex: fix UAF in greth_of_remove
net: ethernet: ezchip: fix UAF in nps_enet_remove
net: ethernet: ezchip: fix error handling
pkt_sched: sch_qfq: fix qfq_change_class() error path
vxlan: add missing rcu_read_lock() in neigh_reduce()
net: bcmgenet: Fix attaching to PYH failed on RPi 4B
i40e: Fix error handling in i40e_vsi_open
Revert "ibmvnic: remove duplicate napi_schedule call in open function"
Bluetooth: mgmt: Fix slab-out-of-bounds in tlv_data_is_valid
writeback: fix obtain a reference to a freeing memcg css
net: sched: fix warning in tcindex_alloc_perfect_hash
tty: nozomi: Fix a resource leak in an error handling function
mwifiex: re-fix for unaligned accesses
iio: adis_buffer: do not return ints in irq handlers
iio: accel: bma180: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: bma220: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: hid: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: kxcjk-1013: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: stk8312: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: accel: stk8ba50: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: ti-ads1015: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: adc: vf610: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: gyro: bmg160: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: humidity: am2315: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: srf08: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: pulsed-light: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: prox: as3935: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: light: isl29125: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: light: tcs3414: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
iio: potentiostat: lmp91000: Fix alignment of buffer in iio_push_to_buffers_with_timestamp()
ASoC: hisilicon: fix missing clk_disable_unprepare() on error in hi6210_i2s_startup()
Input: hil_kbd - fix error return code in hil_dev_connect()
char: pcmcia: error out if 'num_bytes_read' is greater than 4 in set_protocol()
tty: nozomi: Fix the error handling path of 'nozomi_card_init()'
scsi: FlashPoint: Rename si_flags field
s390: appldata depends on PROC_SYSCTL
eeprom: idt_89hpesx: Put fwnode in matching case during ->probe()
iio: adc: mxs-lradc: Fix buffer alignment in iio_push_to_buffers_with_timestamp()
staging: gdm724x: check for buffer overflow in gdm_lte_multi_sdu_pkt()
staging: gdm724x: check for overflow in gdm_lte_netif_rx()
ASoC: cs42l42: Correct definition of CS42L42_ADC_PDN_MASK
of: Fix truncation of memory sizes on 32-bit platforms
scsi: mpt3sas: Fix error return value in _scsih_expander_add()
phy: ti: dm816x: Fix the error handling path in 'dm816x_usb_phy_probe()
extcon: sm5502: Drop invalid register write in sm5502_reg_data
extcon: max8997: Add missing modalias string
configfs: fix memleak in configfs_release_bin_file
leds: as3645a: Fix error return code in as3645a_parse_node()
leds: ktd2692: Fix an error handling path
mm/huge_memory.c: don't discard hugepage if other processes are mapping it
selftests/vm/pkeys: fix alloc_random_pkey() to make it really, really random
mmc: vub3000: fix control-request direction
scsi: core: Retry I/O for Notify (Enable Spinup) Required error
drm/mxsfb: Don't select DRM_KMS_FB_HELPER
drm/zte: Don't select DRM_KMS_FB_HELPER
drm/amd/amdgpu/sriov disable all ip hw status by default
net: pch_gbe: Use proper accessors to BE data in pch_ptp_match()
hugetlb: clear huge pte during flush function on mips platform
atm: iphase: fix possible use-after-free in ia_module_exit()
mISDN: fix possible use-after-free in HFC_cleanup()
atm: nicstar: Fix possible use-after-free in nicstar_cleanup()
net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT
reiserfs: add check for invalid 1st journal block
drm/virtio: Fix double free on probe failure
udf: Fix NULL pointer dereference in udf_symlink function
e100: handle eeprom as little endian
clk: renesas: r8a77995: Add ZA2 clock
clk: tegra: Ensure that PLLU configuration is applied properly
ipv6: use prandom_u32() for ID generation
RDMA/cxgb4: Fix missing error code in create_qp()
dm space maps: don't reset space map allocation cursor when committing
virtio_net: Remove BUG() to avoid machine dead
net: bcmgenet: check return value after calling platform_get_resource()
net: micrel: check return value after calling platform_get_resource()
fjes: check return value after calling platform_get_resource()
selinux: use __GFP_NOWARN with GFP_NOWAIT in the AVC
xfrm: Fix error reporting in xfrm_state_construct.
wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP
wl1251: Fix possible buffer overflow in wl1251_cmd_scan
cw1200: add missing MODULE_DEVICE_TABLE
MIPS: add PMD table accounting into MIPS'pmd_alloc_one
atm: nicstar: use 'dma_free_coherent' instead of 'kfree'
atm: nicstar: register the interrupt handler in the right place
vsock: notify server to shutdown when client has pending signal
RDMA/rxe: Don't overwrite errno from ib_umem_get()
iwlwifi: mvm: don't change band on bound PHY contexts
sfc: avoid double pci_remove of VFs
sfc: error code if SRIOV cannot be disabled
wireless: wext-spy: Fix out-of-bounds warning
RDMA/cma: Fix rdma_resolve_route() memory leak
Bluetooth: Fix the HCI to MGMT status conversion table
Bluetooth: Shutdown controller after workqueues are flushed or cancelled
Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc.
sctp: validate from_addr_param return
sctp: add size validation when walking chunks
fscrypt: don't ignore minor_hash when hash is 0
bdi: Do not use freezable workqueue
fuse: reject internal errno
mac80211: fix memory corruption in EAPOL handling
powerpc/barrier: Avoid collision with clang's __lwsync macro
usb: gadget: f_fs: Fix setting of device and driver data cross-references
drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create()
pinctrl/amd: Add device HID for new AMD GPIO controller
mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode
mmc: core: clear flags before allowing to retune
mmc: core: Allow UHS-I voltage switch for SDSC cards if supported
ata: ahci_sunxi: Disable DIPM
cpu/hotplug: Cure the cpusets trainwreck
ASoC: tegra: Set driver_name=tegra for all machine drivers
qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute
ipmi/watchdog: Stop watchdog timer when the current action is 'none'
power: supply: ab8500: Fix an old bug
seq_buf: Fix overflow in seq_buf_putmem_hex()
tracing: Simplify & fix saved_tgids logic
ipack/carriers/tpci200: Fix a double free in tpci200_pci_probe
dm btree remove: assign new_root only when removal succeeds
media: dtv5100: fix control-request directions
media: zr364xx: fix memory leak in zr364xx_start_readpipe
media: gspca/sq905: fix control-request direction
media: gspca/sunplus: fix zero-length control requests
media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K
jfs: fix GPF in diFree
smackfs: restrict bytes count in smk_set_cipso()
KVM: x86: Use guest MAXPHYADDR from CPUID.0x8000_0008 iff TDP is enabled
KVM: X86: Disable hardware breakpoints unconditionally before kvm_x86->run()
scsi: core: Fix bad pointer dereference when ehandler kthread is invalid
tracing: Do not reference char * as a string in histograms
PCI: aardvark: Don't rely on jiffies while holding spinlock
PCI: aardvark: Fix kernel panic during PIO transfer
tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero
misc/libmasm/module: Fix two use after free in ibmasm_init_one
Revert "ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro"
w1: ds2438: fixing bug that would always get page0
scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology
scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs
scsi: core: Cap scsi_host cmd_per_lun at can_queue
tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
fs/jfs: Fix missing error code in lmLogInit()
scsi: iscsi: Add iscsi_cls_conn refcount helpers
scsi: iscsi: Fix shost->max_id use
scsi: qedi: Fix null ref during abort handling
mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE
s390/sclp_vt220: fix console name to match device
ALSA: sb: Fix potential double-free of CSP mixer elements
powerpc/ps3: Add dma_mask to ps3_dma_region
gpio: zynq: Check return value of pm_runtime_get_sync
ALSA: ppc: fix error return code in snd_pmac_probe()
selftests/powerpc: Fix "no_handler" EBB selftest
ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing()
ALSA: bebob: add support for ToneWeal FW66
usb: gadget: f_hid: fix endianness issue with descriptors
usb: gadget: hid: fix error return code in hid_bind()
powerpc/boot: Fixup device-tree on little endian
backlight: lm3630a: Fix return code of .update_status() callback
ALSA: hda: Add IRQ check for platform_get_irq()
staging: rtl8723bs: fix macro value for 2.4Ghz only device
intel_th: Wait until port is in reset before programming it
i2c: core: Disable client irq on reboot/shutdown
lib/decompress_unlz4.c: correctly handle zero-padding around initrds.
pwm: spear: Don't modify HW state in .remove callback
power: supply: ab8500: Avoid NULL pointers
power: supply: max17042: Do not enforce (incorrect) interrupt trigger type
power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE
ARM: 9087/1: kprobes: test-thumb: fix for LLVM_IAS=1
watchdog: Fix possible use-after-free in wdt_startup()
watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()
watchdog: Fix possible use-after-free by calling del_timer_sync()
watchdog: iTCO_wdt: Account for rebooting on second timeout
x86/fpu: Return proper error codes from user access functions
orangefs: fix orangefs df output.
ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty
NFS: nfs_find_open_context() may only select open files
power: supply: charger-manager: add missing MODULE_DEVICE_TABLE
power: supply: ab8500: add missing MODULE_DEVICE_TABLE
pwm: tegra: Don't modify HW state in .remove callback
ACPI: AMBA: Fix resource name in /proc/iomem
ACPI: video: Add quirk for the Dell Vostro 3350
virtio-blk: Fix memory leak among suspend/resume procedure
virtio_net: Fix error handling in virtnet_restore()
virtio_console: Assure used length from device is limited
f2fs: add MODULE_SOFTDEP to ensure crc32 is included in the initramfs
PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun
power: supply: rt5033_battery: Fix device tree enumeration
um: fix error return code in slip_open()
um: fix error return code in winch_tramp()
watchdog: aspeed: fix hardware timeout calculation
nfs: fix acl memory leak of posix_acl_create()
ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode
x86/fpu: Limit xstate copy size in xstateregs_set()
ALSA: isa: Fix error return code in snd_cmi8330_probe()
NFSv4/pNFS: Don't call _nfs4_pnfs_v3_ds_connect multiple times
hexagon: use common DISCARDS macro
reset: a10sr: add missing of_match_table reference
ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3
ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4
memory: atmel-ebi: add missing of_node_put for loop iteration
rtc: fix snprintf() checking in is_rtc_hctosys()
ARM: dts: r8a7779, marzen: Fix DU clock names
ARM: dts: BCM5301X: Fixup SPI binding
reset: bail if try_module_get() fails
memory: fsl_ifc: fix leak of IO mapping on probe failure
memory: fsl_ifc: fix leak of private memory on probe failure
ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema
scsi: be2iscsi: Fix an error handling path in beiscsi_dev_probe()
mips: always link byteswap helpers into decompressor
mips: disable branch profiling in boot/decompress.o
MIPS: vdso: Invalid GIC access through VDSO
net: bridge: multicast: fix PIM hello router port marking race
seq_file: disallow extremely large seq buffer allocations
Linux 4.14.240
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Id1138ade09dcf12b10b98b21ad8a6b328e417623
|
||
|
Zhihao Cheng
|
a01ae145ba |
ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode
[ Upstream commit a801fcfeef96702fa3f9b22ad56c5eb1989d9221 ]
xfstests-generic/476 reports a warning message as below:
WARNING: CPU: 2 PID: 30347 at fs/inode.c:361 inc_nlink+0x52/0x70
Call Trace:
do_rename+0x502/0xd40 [ubifs]
ubifs_rename+0x8b/0x180 [ubifs]
vfs_rename+0x476/0x1080
do_renameat2+0x67c/0x7b0
__x64_sys_renameat2+0x6e/0x90
do_syscall_64+0x66/0xe0
entry_SYSCALL_64_after_hwframe+0x44/0xae
Following race case can cause this:
rename_whiteout(Thread 1) wb_workfn(Thread 2)
ubifs_rename
do_rename
__writeback_single_inode
spin_lock(&inode->i_lock)
whiteout->i_state |= I_LINKABLE
inode->i_state &= ~dirty;
---- How race happens on i_state:
(tmp = whiteout->i_state | I_LINKABLE)
(tmp = inode->i_state & ~dirty)
(whiteout->i_state = tmp)
(inode->i_state = tmp)
----
spin_unlock(&inode->i_lock)
inc_nlink(whiteout)
WARN_ON(!(inode->i_state & I_LINKABLE)) !!!
Fix to add i_lock to avoid i_state update race condition.
Fixes: 9e0a1fff8db56ea ("ubifs: Implement RENAME_WHITEOUT")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Greg Kroah-Hartman
|
40cb5ced6a |
This is the 4.14.216 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAmAENLIACgkQONu9yGCS
aT4rGQ//Q2kdwTMFdQPXdsQyVkKzuygOWImVYEbImg+2Ywufl3CLMee1w0g+Wbyd
vtPW0Mc9kMje3aFZisV0IzaRbkrr77nDbX0ydQJq3287yuhvW9Y9nyw3HSoBG4hv
p0VyTLB65rK/dTdQGLQ6Pef58nvAtuNfYVpbLjaxan136IMPgof8yL1Vpg9vxbnG
LyfT+eUDX+ptbtq5eqqv8PSYXexeas4V+qXnT++Q+yfCR/kXAF5hDB245T8xE/lZ
ZLsGF/lyZxMDTGePLUWiCVUN4y0g47Dx+/YUBhOmxFwBQel5paDkhY3KW0SU9SGl
tq+Rw7heeoLVMLHMJ+tgzib6NV2B3qHpLqCKOSdQkplemIOpYg7vqltMs9uJFeBf
CSBjMytSCvo9rwABea6rKKDUHuGmjjN7YOf3SaWvBzH353U8XyjZXCA9Ams1607u
x0rMVOXAiG3ZNop8jCGkphYRqi2T11450sOMlJByRBPQJgLGzBfA/VGiSC0Jqwsa
cdQTr91Ml3qWVoHhoTJh33x7rS3HtaNQWgXvlG/Hb7WISD3LEp/UlYXqbuREt5b2
Oqe7MVU5KR61xeozmvaVHE1ETzUeGmoL5VIa2YkKP2WLOK+HSYlegh4R+Pd/nWX0
7RubjMEL9P8DmDRkKpsdkITBd96wmPY4kB/pMtKL0GyIE6Oj1m0=
=27ld
-----END PGP SIGNATURE-----
Merge 4.14.216 into android-4.14-stable
Changes in 4.14.216
powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at
net: cdc_ncm: correct overhead in delayed_ndp_size
net: vlan: avoid leaks on register_vlan_dev() failures
net: ip: always refragment ip defragmented packets
net: fix pmtu check in nopmtudisc mode
x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC MSR
x86/resctrl: Don't move a task to the same resource group
vmlinux.lds.h: Add PGO and AutoFDO input sections
drm/i915: Fix mismatch between misplaced vma check and vma insert
ubifs: wbuf: Don't leak kernel memory to flash
spi: pxa2xx: Fix use-after-free on unbind
iio: imu: st_lsm6dsx: flip irq return logic
iio: imu: st_lsm6dsx: fix edge-trigger interrupts
ARM: OMAP2+: omap_device: fix idling of devices during probe
i2c: sprd: use a specific timeout to avoid system hang up issue
cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get()
spi: stm32: FIFO threshold level - fix align packet size
dmaengine: xilinx_dma: check dma_async_device_register return value
dmaengine: xilinx_dma: fix mixed_enum_type coverity warning
wil6210: select CONFIG_CRC32
block: rsxx: select CONFIG_CRC32
iommu/intel: Fix memleak in intel_irq_remapping_alloc
net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups
net/mlx5e: Fix two double free cases
wan: ds26522: select CONFIG_BITREVERSE
KVM: arm64: Don't access PMCR_EL0 when no PMU is available
block: fix use-after-free in disk_part_iter_next
net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet
Linux 4.14.216
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I12adfd0526e1f3ecce241d9006b05bc002cbcb78
|
||
Richard Weinberger
|
2c3747b1a8 |
ubifs: wbuf: Don't leak kernel memory to flash
commit 20f1431160c6b590cdc269a846fc5a448abf5b98 upstream
Write buffers use a kmalloc()'ed buffer, they can leak
up to seven bytes of kernel memory to flash if writes are not
aligned.
So use ubifs_pad() to fill these gaps with padding bytes.
This was never a problem while scanning because the scanner logic
manually aligns node lengths and skips over these gaps.
Cc: <stable@vger.kernel.org>
Fixes: 1e51764a3c2ac05a2 ("UBIFS: add new flash file system")
Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
[sudip: adjust context]
Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Daniel Rosenberg
|
c28ab4956e |
fscrypt: Have filesystems handle their d_ops
This shifts the responsibility of setting up dentry operations from fscrypt to the individual filesystems, allowing them to have their own operations while still setting fscrypt's d_revalidate as appropriate. Most filesystems can just use generic_set_encrypted_ci_d_ops, unless they have their own specific dentry operations as well. That operation will set the minimal d_ops required under the circumstances. Since the fscrypt d_ops are set later on, we must set all d_ops there, since we cannot adjust those later on. This should not result in any change in behavior. Signed-off-by: Daniel Rosenberg <drosen@google.com> Acked-by: Theodore Ts'o <tytso@mit.edu> Acked-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org> |
||
|
Greg Kroah-Hartman
|
890226def6 |
This is the 4.14.204 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl+jzuAACgkQONu9yGCS
aT7HQhAAgdVyTKGg2cRfirxFQ8L4kHNU7Zf0NYSeFwL9lTEaC/f6jHhqzzHln/W8
fN7u7c5KM9P7w6YjemqCeRt4b7jXuUtyx0dvGblXAGaabbUaa34yLshwv4zAW37h
FMPBjORfmI9JIh2EgcWpmECDE6HjeP5b828LL/5FTfcOamhA6XiOFO+0vNRlMRXX
IJY+GwfmcBRb7j7ks9q5At6bigow1UvAc7NXZPCTZRrM/RVK36nOq6aDyhegHtKg
h4UN2NzJcR0ItyBGKiKbeyPOQfWAVzEhvD8gjNLBRt3kb5Uc0z8XWfXhFtQiBEGm
EK4Wb8JOOcQDpUmobG9klT49sgC84qsGzwNgbSIUwyLRYxS66ouDsXf7p4T6vlKY
Msz5sEKLXGJncDPPy3E5wtIzm7Htp8cNBUkrcjjD2mZx8CuDRy7NTKrX2mjdJa5n
zLoW4QeMZAcMYqmfz+Z5edWY3PXflWv69kQhDXEs70rpnNg51OmeqSiJWfUnx+FT
o0UOVsqmUqOQfDsOIY7L2rem7K7HBX14QyYAi6ZaoXzglz1ev5VBI+PgfJtc9uLf
SMoY8K5l215zc3BWTLkLj8sq/QiZ03Jj3QKIpCZyxDiZP2/3Tn7hnprfy0x1JbqE
bX3A8DZfkH7MvW8U42vlxQNHoFYBKUx27BP8yirwkhspLt0oHxo=
=2cR2
-----END PGP SIGNATURE-----
Merge 4.14.204 into android-4.14-stable
Changes in 4.14.204
scripts/setlocalversion: make git describe output more reliable
arm64: link with -z norelro regardless of CONFIG_RELOCATABLE
efivarfs: Replace invalid slashes with exclamation marks in dentries.
gtp: fix an use-before-init in gtp_newlink()
ravb: Fix bit fields checking in ravb_hwtstamp_get()
tipc: fix memory leak caused by tipc_buf_append()
arch/x86/amd/ibs: Fix re-arming IBS Fetch
x86/xen: disable Firmware First mode for correctable memory errors
fuse: fix page dereference after free
p54: avoid accessing the data mapped to streaming DMA
mtd: lpddr: Fix bad logic in print_drs_error
ata: sata_rcar: Fix DMA boundary mask
fscrypt: return -EXDEV for incompatible rename or link into encrypted dir
x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels
mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish()
futex: Fix incorrect should_fail_futex() handling
powerpc/powernv/smp: Fix spurious DBG() warning
powerpc: select ARCH_WANT_IRQS_OFF_ACTIVATE_MM
sparc64: remove mm_cpumask clearing to fix kthread_use_mm race
f2fs: add trace exit in exception path
f2fs: fix to check segment boundary during SIT page readahead
um: change sigio_spinlock to a mutex
ARM: 8997/2: hw_breakpoint: Handle inexact watchpoint addresses
xfs: fix realtime bitmap/summary file truncation when growing rt volume
video: fbdev: pvr2fb: initialize variables
ath10k: start recovery process when payload length exceeds max htc length for sdio
ath10k: fix VHT NSS calculation when STBC is enabled
drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working correctly
media: videodev2.h: RGB BT2020 and HSV are always full range
media: platform: Improve queue set up flow for bug fixing
usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart
media: tw5864: check status of tw5864_frameinterval_get
mmc: via-sdmmc: Fix data race bug
drm/bridge/synopsys: dsi: add support for non-continuous HS clock
printk: reduce LOG_BUF_SHIFT range for H8300
kgdb: Make "kgdbcon" work properly with "kgdb_earlycon"
cpufreq: sti-cpufreq: add stih418 support
USB: adutux: fix debugging
uio: free uio id after uio file node is freed
arm64/mm: return cpu_all_mask when node is NUMA_NO_NODE
ACPI: Add out of bounds and numa_off protections to pxm_to_node()
drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values
bus/fsl_mc: Do not rely on caller to provide non NULL mc_io
power: supply: test_power: add missing newlines when printing parameters by sysfs
md/bitmap: md_bitmap_get_counter returns wrong blocks
bnxt_en: Log unknown link speed appropriately.
clk: ti: clockdomain: fix static checker warning
net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid
drivers: watchdog: rdc321x_wdt: Fix race condition bugs
ext4: Detect already used quota file early
gfs2: add validation checks for size of superblock
arm64: dts: renesas: ulcb: add full-pwr-cycle-in-suspend into eMMC nodes
memory: emif: Remove bogus debugfs error handling
ARM: dts: s5pv210: remove DMA controller bus node name to fix dtschema warnings
ARM: dts: s5pv210: move PMU node out of clock controller
ARM: dts: s5pv210: remove dedicated 'audio-subsystem' node
nbd: make the config put is called before the notifying the waiter
sgl_alloc_order: fix memory leak
nvme-rdma: fix crash when connect rejected
md/raid5: fix oops during stripe resizing
perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count()
perf/x86/amd/ibs: Fix raw sample data accumulation
leds: bcm6328, bcm6358: use devres LED registering function
fs: Don't invalidate page buffers in block_write_full_page()
NFS: fix nfs_path in case of a rename retry
ACPI / extlog: Check for RDMSR failure
ACPI: video: use ACPI backlight for HP 635 Notebook
ACPI: debug: don't allow debugging when ACPI is disabled
acpi-cpufreq: Honor _PSD table setting on new AMD CPUs
w1: mxc_w1: Fix timeout resolution problem leading to bus error
scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove()
btrfs: reschedule if necessary when logging directory items
btrfs: send, recompute reference path after orphanization of a directory
btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send()
btrfs: cleanup cow block on error
btrfs: fix use-after-free on readahead extent after failure to create it
usb: dwc3: ep0: Fix ZLP for OUT ep0 requests
usb: dwc3: core: add phy cleanup for probe error handling
usb: dwc3: core: don't trigger runtime pm when remove driver
usb: cdc-acm: fix cooldown mechanism
usb: host: fsl-mph-dr-of: check return of dma_set_mask()
drm/i915: Force VT'd workarounds when running as a guest OS
vt: keyboard, simplify vt_kdgkbsent
vt: keyboard, extend func_buf_lock to readers
dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status
iio:light:si1145: Fix timestamp alignment and prevent data leak.
iio:adc:ti-adc0832 Fix alignment issue with timestamp
iio:adc:ti-adc12138 Fix alignment issue with timestamp
iio:gyro:itg3200: Fix timestamp alignment and prevent data leak.
s390/stp: add locking to sysfs functions
powerpc/rtas: Restrict RTAS requests from userspace
powerpc: Warn about use of smt_snooze_delay
powerpc/powernv/elog: Fix race while processing OPAL error log event.
NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag
NFSD: Add missing NFSv2 .pc_func methods
ubifs: dent: Fix some potential memory leaks while iterating entries
perf python scripting: Fix printable strings in python3 scripts
ubi: check kthread_should_stop() after the setting of task state
ia64: fix build error with !COREDUMP
drm/amdgpu: don't map BO in reserved region
ceph: promote to unsigned long long before shifting
libceph: clear con->out_msg on Policy::stateful_server faults
9P: Cast to loff_t before multiplying
ring-buffer: Return 0 on success from ring_buffer_resize()
vringh: fix __vringh_iov() when riov and wiov are different
ext4: fix leaking sysfs kobject after failed mount
ext4: fix error handling code in add_new_gdb
ext4: fix invalid inode checksum
drm/ttm: fix eviction valuable range check.
rtc: rx8010: don't modify the global rtc ops
tty: make FONTX ioctl use the tty pointer they were actually passed
arm64: berlin: Select DW_APB_TIMER_OF
cachefiles: Handle readpage error correctly
hil/parisc: Disable HIL driver when it gets stuck
arm: dts: mt7623: add missing pause for switchport
ARM: samsung: fix PM debug build with DEBUG_LL but !MMU
ARM: s3c24xx: fix missing system reset
device property: Keep secondary firmware node secondary by type
device property: Don't clear secondary pointer for shared primary firmware node
KVM: arm64: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR
staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice
staging: octeon: repair "fixed-link" support
staging: octeon: Drop on uncorrectable alignment or FCS error
Linux 4.14.204
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ibed153216ddb983a9ef0640ae9c82781f51880fe
|
||
|
Zhihao Cheng
|
059da7d18e |
ubifs: dent: Fix some potential memory leaks while iterating entries
commit 58f6e78a65f1fcbf732f60a7478ccc99873ff3ba upstream.
Fix some potential memory leaks in error handling branches while
iterating dent entries. For example, function dbg_check_dir()
forgets to free pdent if it exists.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Cc: <stable@vger.kernel.org>
Fixes: 1e51764a3c2ac05a2 ("UBIFS: add new flash file system")
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Eric Biggers
|
4d6d4ed175 |
fscrypt: return -EXDEV for incompatible rename or link into encrypted dir
commit f5e55e777cc93eae1416f0fa4908e8846b6d7825 upstream. Currently, trying to rename or link a regular file, directory, or symlink into an encrypted directory fails with EPERM when the source file is unencrypted or is encrypted with a different encryption policy, and is on the same mountpoint. It is correct for the operation to fail, but the choice of EPERM breaks tools like 'mv' that know to copy rather than rename if they see EXDEV, but don't know what to do with EPERM. Our original motivation for EPERM was to encourage users to securely handle their data. Encrypting files by "moving" them into an encrypted directory can be insecure because the unencrypted data may remain in free space on disk, where it can later be recovered by an attacker. It's much better to encrypt the data from the start, or at least try to securely delete the source data e.g. using the 'shred' program. However, the current behavior hasn't been effective at achieving its goal because users tend to be confused, hack around it, and complain; see e.g. https://github.com/google/fscrypt/issues/76. And in some cases it's actually inconsistent or unnecessary. For example, 'mv'-ing files between differently encrypted directories doesn't work even in cases where it can be secure, such as when in userspace the same passphrase protects both directories. Yet, you *can* already 'mv' unencrypted files into an encrypted directory if the source files are on a different mountpoint, even though doing so is often insecure. There are probably better ways to teach users to securely handle their files. For example, the 'fscrypt' userspace tool could provide a command that migrates unencrypted files into an encrypted directory, acting like 'shred' on the source files and providing appropriate warnings depending on the type of the source filesystem and disk. Receiving errors on unimportant files might also force some users to disable encryption, thus making the behavior counterproductive. It's desirable to make encryption as unobtrusive as possible. Therefore, change the error code from EPERM to EXDEV so that tools looking for EXDEV will fall back to a copy. This, of course, doesn't prevent users from still doing the right things to securely manage their files. Note that this also matches the behavior when a file is renamed between two project quota hierarchies; so there's precedent for using EXDEV for things other than mountpoints. xfstests generic/398 will require an update with this change. [Rewritten from an earlier patch series by Michael Halcrow.] Cc: Michael Halcrow <mhalcrow@google.com> Cc: Joe Richey <joerichey@google.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
c1013a481e |
This is the 4.14.200 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl91udkACgkQONu9yGCS aT5wdw//Wn7Nd1kcd1h2umXWcn2rjLbrflmFMtAY32YSDhT85EQaTQMckeLzVKSi KPIPdNbjKhOirlizM6+mBv3EKn3bNbdDFeq0qGy0WI7DAT2Amyn8JRi18GKgM1z/ BBzmOldG2oeFUlFes5ADdVm0b3p+iiQ5WqzIJvLkBeV1HrLAQ2/zAl6ixpUwP2wr sZymWkCXUUG2ZYn7ZxX6SXKvfvSv+GKUD0ImX82Q1DvAcQHSyiZ9/o9/pZbS4m1t innS1EXJEEZHd1x61EBu2WrQkNwXvlpTDZNa7at9Lc5Uys6NsgfUkx4+fTyqDT8h FfnxGaP9qHJRImVpxdBHsZGvUheDTVPPUk3eNNyeR1wmEz/OPCQmPIPIz0sw1TJt LL0d4XN1rLjRSUGv+q1+Y6nbc85eU7nyJG/qB35Fag4z27x3P7D/4queR1hAij37 xp6MesrmEHPA7I4xV9jTzCRvY+O5MAughhOJMzZrn2f95EpC3Mg48OHdYRtktc1b 4L9Vb/HeQ6s0hgVZhkdNfoBPsi797YNCd5WNccKpAdq17mG5s6+6qJxBgCqgHS/i 4gjeR2IgSOL0KW2eE7STn8fgyY86ZepNsONkX6I+7n1h0lC7gVH6VtW5fzyvg9Bw RLA5ulOqUc+f8Ll7MwzbRL3+wiNN4jkX5NHYpaQB2nWVEO9A+cs= =76oN -----END PGP SIGNATURE----- Merge 4.14.200 into android-4.14-stable Changes in 4.14.200 af_key: pfkey_dump needs parameter validation phy: qcom-qmp: Use correct values for ipq8074 PCIe Gen2 PHY init KVM: fix memory leak in kvm_io_bus_unregister_dev() kprobes: fix kill kprobe which has been marked as gone mm/thp: fix __split_huge_pmd_locked() for migration PMD RDMA/ucma: ucma_context reference leak in error path hdlc_ppp: add range checks in ppp_cp_parse_cr() ip: fix tos reflection in ack and reset packets net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC tipc: fix shutdown() of connection oriented socket tipc: use skb_unshare() instead in tipc_buf_append() bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex. net: phy: Avoid NPD upon phy_detach() when driver is unbound net: add __must_check to skb_put_padto() ipv4: Update exception handling for multipath routes via same device geneve: add transport ports in route lookup for geneve serial: 8250: Avoid error message on reprobe mm: fix double page fault on arm64 if PTE_AF is cleared scsi: aacraid: fix illegal IO beyond last LBA m68k: q40: Fix info-leak in rtc_ioctl gma/gma500: fix a memory disclosure bug due to uninitialized bytes ASoC: kirkwood: fix IRQ error handling media: smiapp: Fix error handling at NVM reading arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback x86/ioapic: Unbreak check_timer() ALSA: usb-audio: Add delay quirk for H570e USB headsets ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged PM / devfreq: tegra30: Fix integer overflow on CPU's freq max out scsi: fnic: fix use after free clk/ti/adpll: allocate room for terminating null mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() mfd: mfd-core: Protect against NULL call-back function pointer tracing: Adding NULL checks for trace_array descriptor pointer bcache: fix a lost wake-up problem caused by mca_cannibalize_lock RDMA/i40iw: Fix potential use after free xfs: fix attr leaf header freemap.size underflow RDMA/iw_cgxb4: Fix an error handling path in 'c4iw_connect()' mmc: core: Fix size overflow for mmc partitions gfs2: clean up iopen glock mess in gfs2_create_inode debugfs: Fix !DEBUG_FS debugfs_create_automount CIFS: Properly process SMB3 lease breaks kernel/sys.c: avoid copying possible padding bytes in copy_to_user neigh_stat_seq_next() should increase position index rt_cpu_seq_next should increase position index seqlock: Require WRITE_ONCE surrounding raw_seqcount_barrier media: ti-vpe: cal: Restrict DMA to avoid memory corruption ACPI: EC: Reference count query handlers under lock dmaengine: zynqmp_dma: fix burst length configuration powerpc/eeh: Only dump stack once if an MMIO loop is detected tracing: Set kernel_stack's caller size properly ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter selftests/ftrace: fix glob selftest tools/power/x86/intel_pstate_tracer: changes for python 3 compatibility Bluetooth: Fix refcount use-after-free issue mm: pagewalk: fix termination condition in walk_pte_range() Bluetooth: prefetch channel before killing sock KVM: fix overflow of zero page refcount with ksm running ALSA: hda: Clear RIRB status before reading WP skbuff: fix a data race in skb_queue_len() audit: CONFIG_CHANGE don't log internal bookkeeping as an event selinux: sel_avc_get_stat_idx should increase position index scsi: lpfc: Fix RQ buffer leakage when no IOCBs available scsi: lpfc: Fix coverity errors in fmdi attribute handling drm/omap: fix possible object reference leak perf test: Fix test trace+probe_vfs_getname.sh on s390 RDMA/rxe: Fix configuration of atomic queue pair attributes KVM: x86: fix incorrect comparison in trace event media: staging/imx: Missing assignment in imx_media_capture_device_register() x86/pkeys: Add check for pkey "overflow" bpf: Remove recursion prevention from rcu free callback dmaengine: tegra-apb: Prevent race conditions on channel's freeing media: go7007: Fix URB type for interrupt handling Bluetooth: guard against controllers sending zero'd events timekeeping: Prevent 32bit truncation in scale64_check_overflow() ext4: fix a data race at inode->i_disksize mm: avoid data corruption on CoW fault into PFN-mapped VMA drm/amdgpu: increase atombios cmd timeout ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read scsi: aacraid: Disabling TM path and only processing IOP reset Bluetooth: L2CAP: handle l2cap config request during open state media: tda10071: fix unsigned sign extension overflow xfs: don't ever return a stale pointer from __xfs_dir3_free_read tpm: ibmvtpm: Wait for buffer to be set before proceeding rtc: ds1374: fix possible race condition tracing: Use address-of operator on section symbols serial: 8250_port: Don't service RX FIFO if throttled serial: 8250_omap: Fix sleeping function called from invalid context during probe serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout perf cpumap: Fix snprintf overflow check cpufreq: powernv: Fix frame-size-overflow in powernv_cpufreq_work_fn tools: gpio-hammer: Avoid potential overflow in main RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices SUNRPC: Fix a potential buffer overflow in 'svc_print_xprts()' svcrdma: Fix leak of transport addresses ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len ALSA: usb-audio: Fix case when USB MIDI interface has more than one extra endpoint descriptor NFS: Fix races nfs_page_group_destroy() vs nfs_destroy_unlinked_subrequests() mm/kmemleak.c: use address-of operator on section symbols mm/filemap.c: clear page error before actual read mm/vmscan.c: fix data races using kswapd_classzone_idx mm/mmap.c: initialize align_offset explicitly for vm_unmapped_area scsi: qedi: Fix termination timeouts in session logout serial: uartps: Wait for tx_empty in console setup KVM: Remove CREATE_IRQCHIP/SET_PIT2 race bdev: Reduce time holding bd_mutex in sync in blkdev_close() drivers: char: tlclk.c: Avoid data race between init and interrupt handler staging:r8188eu: avoid skb_clone for amsdu to msdu conversion sparc64: vcc: Fix error return code in vcc_probe() arm64: cpufeature: Relax checks for AArch32 support at EL[0-2] dt-bindings: sound: wm8994: Correct required supplies based on actual implementaion atm: fix a memory leak of vcc->user_back power: supply: max17040: Correct voltage reading phy: samsung: s5pv210-usb2: Add delay after reset Bluetooth: Handle Inquiry Cancel error after Inquiry Complete USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() tty: serial: samsung: Correct clock selection logic ALSA: hda: Fix potential race in unsol event handler powerpc/traps: Make unrecoverable NMIs die instead of panic fuse: don't check refcount after stealing page USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int arm64/cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register e1000: Do not perform reset in reset_task if we are already down drm/nouveau/debugfs: fix runtime pm imbalance on error printk: handle blank console arguments passed in. usb: dwc3: Increase timeout for CmdAct cleared by device controller btrfs: don't force read-only after error in drop snapshot vfio/pci: fix memory leaks of eventfd ctx perf util: Fix memory leak of prefix_if_not_in perf kcore_copy: Fix module map when there are no modules loaded mtd: rawnand: omap_elm: Fix runtime PM imbalance on error ceph: fix potential race in ceph_check_caps mm/swap_state: fix a data race in swapin_nr_pages rapidio: avoid data race between file operation callbacks and mport_cdev_add(). mtd: parser: cmdline: Support MTD names containing one or more colons x86/speculation/mds: Mark mds_user_clear_cpu_buffers() __always_inline vfio/pci: Clear error and request eventfd ctx after releasing cifs: Fix double add page to memcg when cifs_readpages scsi: libfc: Handling of extra kref scsi: libfc: Skip additional kref updating work event selftests/x86/syscall_nt: Clear weird flags after each test vfio/pci: fix racy on error and request eventfd ctx btrfs: qgroup: fix data leak caused by race between writeback and truncate s390/init: add missing __init annotations i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() objtool: Fix noreturn detection for ignored functions ieee802154: fix one possible memleak in ca8210_dev_com_init ieee802154/adf7242: check status of adf7242_read_reg clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() mwifiex: Increase AES key storage size to 256 bits batman-adv: bla: fix type misuse for backbone_gw hash indexing atm: eni: fix the missed pci_disable_device() for eni_init_one() batman-adv: mcast/TT: fix wrongly dropped or rerouted packets mac802154: tx: fix use-after-free drm/vc4/vc4_hdmi: fill ASoC card owner net: qed: RDMA personality shouldn't fail VF load batman-adv: Add missing include for in_interrupt() batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh ALSA: asihpi: fix iounmap in error handler MIPS: Add the missing 'CPU_1074K' into __get_cpu_type() s390/dasd: Fix zero write for FBA devices kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() mm, THP, swap: fix allocating cluster for swapfile by mistake lib/string.c: implement stpcpy ata: define AC_ERR_OK ata: make qc_prep return ata_completion_errors ata: sata_mv, avoid trigerrable BUG_ON Linux 4.14.200 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I3d3049dca196c46cb6b2a66d60a5a6a3a099efbb |
||
Liu Song
|
2e21f66730 |
ubifs: Fix out-of-bounds memory access caused by abnormal value of node_len
[ Upstream commit acc5af3efa303d5f36cc8c0f61716161f6ca1384 ] In “ubifs_check_node”, when the value of "node_len" is abnormal, the code will goto label of "out_len" for execution. Then, in the following "ubifs_dump_node", if inode type is "UBIFS_DATA_NODE", in "print_hex_dump", an out-of-bounds access may occur due to the wrong "ch->len". Therefore, when the value of "node_len" is abnormal, data length should to be adjusted to a reasonable safe range. At this time, structured data is not credible, so dump the corrupted data directly for analysis. Signed-off-by: Liu Song <liu.song11@zte.com.cn> Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Neeraj Soni
|
00537bfa05 |
Revert "Reverting crypto patches"
This reverts commit b73e822d12ecbea7cad3742c46fd1be17aa141c8. This is reverted to integrate new file encryption framework support changes to ensure all fixes are present to use new encryption policies. Change-Id: I455ec66664064069ac34e6fe410bd28dc3a53d07 Signed-off-by: Neeraj Soni <neersoni@codeaurora.org> |
||
Srinivasarao P
|
90bb7a2b24 |
Merge android-4.14-stable.180 (816f245) into msm-4.14
* refs/heads/tmp-816f245:
Revert "clk: qcom: rcg2: Don't crash if our parent can't be found; return an error"
Reverting crypto patches
Reverting incremental fs changes
Linux 4.14.180
cgroup, netclassid: remove double cond_resched
mac80211: add ieee80211_is_any_nullfunc()
ALSA: hda: Match both PCI ID and SSID for driver blacklist
tracing: Reverse the order of trace_types_lock and event_mutex
sctp: Fix SHUTDOWN CTSN Ack in the peer restart case
net: systemport: suppress warnings on failed Rx SKB allocations
net: bcmgenet: suppress warnings on failed Rx SKB allocations
lib/mpi: Fix building for powerpc with clang
net: dsa: b53: Rework ARL bin logic
scripts/config: allow colons in option strings for sed
s390/ftrace: fix potential crashes when switching tracers
cifs: protect updating server->dstaddr with a spinlock
net: stmmac: Fix sub-second increment
net: stmmac: fix enabling socfpga's ptp_ref_clock
wimax/i2400m: Fix potential urb refcnt leak
ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry
ASoC: rsnd: Fix HDMI channel mapping for multi-SSI mode
ASoC: sgtl5000: Fix VAG power-on handling
selftests/ipc: Fix test failure seen after initial test run
ASoC: topology: Check return value of pcm_new_ver
powerpc/pci/of: Parse unassigned resources
vhost: vsock: kick send_pkt worker once device is started
ANDROID: arm64: fix a mismerge in proc.S
Linux 4.14.179
selinux: properly handle multiple messages in selinux_netlink_send()
dmaengine: dmatest: Fix iteration non-stop logic
nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl
ALSA: opti9xx: shut up gcc-10 range warning
iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system
scsi: target/iblock: fix WRITE SAME zeroing
iommu/qcom: Fix local_base status check
vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn()
vfio: avoid possible overflow in vfio_iommu_type1_pin_pages
RDMA/mlx4: Initialize ib_spec on the stack
RDMA/mlx5: Set GRH fields in query QP on RoCE
dm verity fec: fix hash block number in verity_fec_decode
PM: hibernate: Freeze kernel threads in software_resume()
PM: ACPI: Output correct message on target power state
ALSA: pcm: oss: Place the plugin buffer overflow checks correctly
ALSA: hda/hdmi: fix without unlocked before return
ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter
mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers
mmc: sdhci-xenon: fix annoying 1.8V regulator warning
btrfs: fix partial loss of prealloc extent past i_size after fsync
btrfs: fix block group leak when removing fails
drm/qxl: qxl_release use after free
drm/qxl: qxl_release leak in qxl_hw_surface_alloc()
drm/qxl: qxl_release leak in qxl_draw_dirty_fb()
drm/edid: Fix off-by-one in DispID DTD pixel clock
ext4: fix special inode number checks in __ext4_iget()
ANDROID: Incremental fs: Fix issues with very large files
Linux 4.14.178
propagate_one(): mnt_set_mountpoint() needs mount_lock
ext4: check for non-zero journal inum in ext4_calculate_overhead
qed: Fix use after free in qed_chain_free
ext4: unsigned int compared against zero
ext4: fix block validity checks for journal inodes using indirect blocks
ext4: don't perform block validity checks on the journal inode
ext4: protect journal inode's blocks using block_validity
ext4: avoid declaring fs inconsistent due to invalid file handles
hwmon: (jc42) Fix name to have no illegal characters
ext4: convert BUG_ON's to WARN_ON's in mballoc.c
ext4: increase wait time needed before reuse of deleted inode numbers
ext4: use matching invalidatepage in ext4_writepage
arm64: Delete the space separator in __emit_inst
xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status
objtool: Support Clang non-section symbols in ORC dump
objtool: Fix CONFIG_UBSAN_TRAP unreachable warnings
scsi: target: fix PR IN / READ FULL STATUS for FC
xfs: fix partially uninitialized structure in xfs_reflink_remap_extent
x86: hyperv: report value of misc_features
bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B
mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path
perf/core: fix parent pid/tid in task exit events
ARM: dts: bcm283x: Disable dsi0 node
net/cxgb4: Check the return from t4_query_params properly
i2c: altera: use proper variable to hold errno
nfsd: memory corruption in nfsd4_lock()
iio:ad7797: Use correct attribute_group
usb: gadget: udc: bdc: Remove unnecessary NULL checks in bdc_req_complete
usb: dwc3: gadget: Do link recovery for SS and SSP
binder: take read mode of mmap_sem in binder_alloc_free_page()
include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap
mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer
remoteproc: Fix wrong rvring index computation
xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT
xfs: validate sb_logsunit is a multiple of the fs blocksize
serial: sh-sci: Make sure status register SCxSR is read in correct sequence
usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset()
UAS: fix deadlock in error handling and PM flushing work
UAS: no use logging any details in case of ENODEV
cdc-acm: introduce a cool down
cdc-acm: close race betrween suspend() and acm_softint
staging: vt6656: Power save stop wake_up_count wrap around.
staging: vt6656: Fix pairwise key entry save.
staging: vt6656: Fix drivers TBTT timing counter.
staging: vt6656: Fix calling conditions of vnt_set_bss_mode
staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default.
vt: don't hardcode the mem allocation upper bound
staging: comedi: Fix comedi_device refcnt leak in comedi_open
staging: comedi: dt2815: fix writing hi byte of analog output
powerpc/setup_64: Set cache-line-size based on cache-block-size
ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y
iwlwifi: pcie: actually release queue memory in TVQM
ASoC: dapm: fixup dapm kcontrol widget
audit: check the length of userspace generated audit records
usb-storage: Add unusual_devs entry for JMicron JMS566
tty: rocket, avoid OOB access
tty: hvc: fix buffer overflow during hvc_alloc().
KVM: VMX: Enable machine check support for 32bit targets
KVM: Check validity of resolved slot when searching memslots
tpm: ibmvtpm: retry on H_CLOSED in tpm_ibmvtpm_send()
tpm/tpm_tis: Free IRQ if probing fails
ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices
ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif
ALSA: hda/realtek - Add new codec supported for ALC245
ALSA: usx2y: Fix potential NULL dereference
tools/vm: fix cross-compile build
mm/ksm: fix NULL pointer dereference when KSM zero page is enabled
mm/hugetlb: fix a addressing exception caused by huge_pte_offset
vmalloc: fix remap_vmalloc_range() bounds checks
overflow.h: Add arithmetic shift helper
USB: hub: Fix handling of connect changes during sleep
USB: core: Fix free-while-in-use bug in the USB S-Glibrary
USB: early: Handle AMD's spec-compliant identifiers, too
USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE
USB: sisusbvga: Change port variable from signed to unsigned
fs/namespace.c: fix mountpoint reference counter race
iio: xilinx-xadc: Fix sequencer configuration for aux channels in simultaneous mode
iio: xilinx-xadc: Fix clearing interrupt when enabling trigger
iio: xilinx-xadc: Fix ADC-B powerdown
iio: adc: stm32-adc: fix sleep in atomic context
ALSA: hda: Remove ASUS ROG Zenith from the blacklist
KEYS: Avoid false positive ENOMEM error on key read
vrf: Check skb for XFRM_TRANSFORMED flag
xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish
net: dsa: b53: Fix ARL register definitions
team: fix hang in team_mode_get()
tcp: cache line align MAX_TCP_HEADER
net/x25: Fix x25_neigh refcnt leak when receiving frame
net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
net: bcmgenet: correct per TX/RX ring statistics
macvlan: fix null dereference in macvlan_device_event()
macsec: avoid to set wrong mtu
ipv6: fix restrict IPV6_ADDRFORM operation
cxgb4: fix large delays in PTP synchronization
mm, slub: restore the original intention of prefetch_freepointer()
PCI/ASPM: Allow re-enabling Clock PM
perf/core: Disable page faults when getting phys address
pwm: bcm2835: Dynamically allocate base
pwm: renesas-tpu: Fix late Runtime PM enablement
s390/cio: avoid duplicated 'ADD' uevents
ipc/util.c: sysvipc_find_ipc() should increase position index
selftests: kmod: fix handling test numbers above 9
kernel/gcov/fs.c: gcov_seq_next() should increase position index
ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map()
scsi: iscsi: Report unbind session event when the target has been removed
pwm: rcar: Fix late Runtime PM enablement
ceph: don't skip updating wanted caps when cap is stale
ceph: return ceph_mdsc_do_request() errors from __get_parent()
scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login
watchdog: reset last_hw_keepalive time at start
vti4: removed duplicate log message.
crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static
drm/msm: Use the correct dma_sync calls harder
keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h
net: ipv4: avoid unused variable warning for sysctl
net: ipv4: emulate READ_ONCE() on ->hdrincl bit-field in raw_sendmsg()
ext4: fix extent_status fragmentation for plain files
FROMGIT: f2fs: fix missing check for f2fs_unlock_op
ANDROID: Fix kernel build regressions from virtio-gpu-next patches
ANDROID: Incremental fs: Add setattr call
ANDROID: cuttlefish_defconfig: enable LTO and CFI
ANDROID: x86: map CFI jump tables in pti_clone_entry_text
ANDROID: crypto: aesni: fix function types for aesni_(enc|dec)
ANDROID: x86: disable CFI for do_syscall_*
ANDROID: BACKPORT: x86, module: Ignore __typeid__ relocations
ANDROID: BACKPORT: x86, relocs: Ignore __typeid__ relocations
ANDROID: BACKPORT: x86/extable: Do not mark exception callback as CFI
FROMLIST: crypto, x86/sha: Eliminate casts on asm implementations
UPSTREAM: crypto: x86 - Rename functions to avoid conflict with crypto/sha256.h
BACKPORT: x86/vmlinux: Actually use _etext for the end of the text segment
ANDROID: x86: disable STACK_VALIDATION with LTO_CLANG
ANDROID: x86: add support for CONFIG_LTO_CLANG
ANDROID: x86/vdso: disable LTO only for VDSO
ANDROID: x86/cpu/vmware: use the full form of inl in VMWARE_PORT
UPSTREAM: x86/build/lto: Fix truncated .bss with -fdata-sections
ANDROID: kbuild: don't select LD_DEAD_CODE_DATA_ELIMINATION with LTO
ANDROID: kbuild: export LTO and CFI flags
ANDROID: cfi: remove unnecessary <asm/memory.h> include
ANDROID: drm/virtio: rebase to latest virgl/drm-misc-next (take 2)
UPSTREAM: sysrq: Use panic() to force a crash
ANDROID: Incremental fs: Use simple compression in log buffer
ANDROID: dm-bow: Fix not to skip trim at framented range
ANDROID: Remove VLA from uid_sys_stats.c
ANDROID: cuttlefish_defconfig: enable CONFIG_DEBUG_LIST
Linux 4.14.177
KEYS: Don't write out to userspace while holding key semaphore
KEYS: Use individual pages in big_key for crypto buffers
mtd: phram: fix a double free issue in error path
mtd: lpddr: Fix a double free in probe()
locktorture: Print ratio of acquisitions, not failures
tty: evh_bytechan: Fix out of bounds accesses
fbdev: potential information leak in do_fb_ioctl()
net: dsa: bcm_sf2: Fix overflow checks
iommu/amd: Fix the configuration of GCR3 table root pointer
libnvdimm: Out of bounds read in __nd_ioctl()
ext2: fix debug reference to ext2_xattr_cache
ext2: fix empty body warnings when -Wextra is used
iommu/vt-d: Fix mm reference leak
NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
drm/amdkfd: kfree the wrong pointer
x86: ACPI: fix CPU hotplug deadlock
KVM: s390: vsie: Fix possible race when shadowing region 3 tables
compiler.h: fix error in BUILD_BUG_ON() reporting
percpu_counter: fix a data race at vm_committed_as
include/linux/swapops.h: correct guards for non_swap_entry()
ext4: do not commit super on read-only bdev
powerpc/maple: Fix declaration made after definition
s390/cpuinfo: fix wrong output when CPU0 is offline
NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid()
rtc: 88pm860x: fix possible race condition
soc: imx: gpc: fix power up sequencing
clk: tegra: Fix Tegra PMC clock out parents
power: supply: bq27xxx_battery: Silence deferred-probe error
clk: at91: usb: continue if clk_hw_round_rate() return zero
of: unittest: kmemleak in of_unittest_platform_populate()
rbd: call rbd_dev_unprobe() after unwatching and flushing notifies
rbd: avoid a deadlock on header_rwsem when flushing notifies
of: fix missing kobject init for !SYSFS && OF_DYNAMIC config
soc: qcom: smem: Use le32_to_cpu for comparison
wil6210: abort properly in cfg suspend
wil6210: fix length check in __wmi_send
wil6210: add block size checks during FW load
wil6210: fix PCIe bus mastering in case of interface down
rpmsg: glink: smem: Ensure ordering during tx
rpmsg: glink: Fix missing mutex_init() in qcom_glink_alloc_channel()
rtc: pm8xxx: Fix issue in RTC write path
rpmsg: glink: use put_device() if device_register fail
wil6210: rate limit wil_rx_refill error
scsi: ufs: ufs-qcom: remove broken hci version quirk
scsi: ufs: make sure all interrupts are processed
wil6210: fix temperature debugfs
wil6210: increase firmware ready timeout
arch_topology: Fix section miss match warning due to free_raw_capacity()
arm64: traps: Don't print stack or raw PC/LR values in backtraces
arm64: perf: remove unsupported events for Cortex-A73
Revert "gpio: set up initial state from .get_direction()"
clk: Fix debugfs_create_*() usage
drm: NULL pointer dereference [null-pointer-deref] (CWE 476) problem
video: fbdev: sis: Remove unnecessary parentheses and commented code
lib/raid6: use vdupq_n_u8 to avoid endianness warnings
ALSA: hda: Don't release card at firmware loading error
irqchip/mbigen: Free msi_desc on device teardown
netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type
arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0
ext4: use non-movable memory for superblock readahead
scsi: sg: add sg_remove_request in sg_common_write
objtool: Fix switch table detection in .text.unlikely
mm/vmalloc.c: move 'area->pages' after if statement
x86/resctrl: Fix invalid attempt at removing the default resource group
x86/resctrl: Preserve CDP enable over CPU hotplug
x86/intel_rdt: Enable L2 CDP in MSR IA32_L2_QOS_CFG
x86/intel_rdt: Add two new resources for L2 Code and Data Prioritization (CDP)
x86/intel_rdt: Enumerate L2 Code and Data Prioritization (CDP) feature
x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE
scsi: target: fix hang when multiple threads try to destroy the same iscsi session
scsi: target: remove boilerplate code
kvm: x86: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD
dm flakey: check for null arg_name in parse_features()
ext4: do not zeroout extents beyond i_disksize
mac80211_hwsim: Use kstrndup() in place of kasprintf()
btrfs: check commit root generation in should_ignore_root
tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation
ALSA: usb-audio: Don't override ignore_ctl_error value from the map
ASoC: Intel: mrfld: return error codes when an error occurs
ASoC: Intel: mrfld: fix incorrect check on p->sink
ext4: fix incorrect inodes per group in error message
ext4: fix incorrect group count in ext4_fill_super error message
pwm: pca9685: Fix PWM/GPIO inter-operation
jbd2: improve comments about freeing data buffers whose page mapping is NULL
scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic
net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes
net: revert default NAPI poll timeout to 2 jiffies
net: qrtr: send msgs from local of same id as broadcast
net: ipv6: do not consider routes via gateways for anycast address check
net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
hsr: check protocol version in hsr_newlink()
amd-xgbe: Use __napi_schedule() in BH context
mfd: dln2: Fix sanity checking for endpoints
misc: echo: Remove unnecessary parentheses and simplify check for zero
powerpc/fsl_booke: Avoid creating duplicate tlb1 entry
ipmi: fix hung processes in __get_guid()
ftrace/kprobe: Show the maxactive number on kprobe_events
drm: Remove PageReserved manipulation from drm_pci_alloc
drm/dp_mst: Fix clearing payload state on topology disable
crypto: caam - update xts sector size for large input length
dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone()
btrfs: use nofs allocations for running delayed items
Btrfs: fix crash during unmount due to race with delayed inode workers
powerpc: Make setjmp/longjmp signature standard
powerpc: Add attributes for setjmp/longjmp
scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug
powerpc/kprobes: Ignore traps that happened in real mode
powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs
powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries
powerpc/64/tm: Don't let userspace set regs->trap via sigreturn
powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle
libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set
hfsplus: fix crash and filesystem corruption when deleting files
cpufreq: powernv: Fix use-after-free
kmod: make request_module() return an error when autoloading is disabled
Input: i8042 - add Acer Aspire 5738z to nomux list
s390/diag: fix display of diagnose call statistics
perf tools: Support Python 3.8+ in Makefile
ocfs2: no need try to truncate file beyond i_size
fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once()
ext4: fix a data race at inode->i_blocks
NFS: Fix a page leak in nfs_destroy_unlinked_subrequests()
rtc: omap: Use define directive for PIN_CONFIG_ACTIVE_HIGH
arm64: armv8_deprecated: Fix undef_hook mask for thumb setend
scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point
dm verity fec: fix memory leak in verity_fec_dtr
mm: Use fixed constant in page_frag_alloc instead of size + 1
tools: gpio: Fix out-of-tree build regression
x86/speculation: Remove redundant arch_smt_update() invocation
powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init()
net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags
ALSA: hda: Initialize power_state field properly
crypto: mxs-dcp - fix scatterlist linearization for hash
btrfs: drop block from cache on error in relocation
CIFS: Fix bug which the return value by asynchronous read is error
KVM: VMX: fix crash cleanup when KVM wasn't used
KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support
KVM: x86: Allocate new rmap and large page tracking when moving memslot
KVM: s390: vsie: Fix delivery of addressing exceptions
KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks
KVM: nVMX: Properly handle userspace interrupt window request
x86/entry/32: Add missing ASM_CLAC to general_protection entry
signal: Extend exec_id to 64bits
ath9k: Handle txpower changes even when TPC is disabled
MIPS: OCTEON: irq: Fix potential NULL pointer dereference
irqchip/versatile-fpga: Apply clear-mask earlier
KEYS: reaching the keys quotas correctly
PCI: endpoint: Fix for concurrent memory allocation in OB address region
PCI/ASPM: Clear the correct bits when enabling L1 substates
nvme-fc: Revert "add module to ops template to allow module references"
thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n
acpi/x86: ignore unspecified bit positions in the ACPI global lock field
media: ti-vpe: cal: fix disable_irqs to only the intended target
ALSA: hda/realtek - Set principled PC Beep configuration for ALC256
ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256
ALSA: pcm: oss: Fix regression by buffer overflow fix
ALSA: ice1724: Fix invalid access for enumerated ctl items
ALSA: hda: Fix potential access overflow in beep helper
ALSA: hda: Add driver blacklist
ALSA: usb-audio: Add mixer workaround for TRX40 and co
usb: gadget: composite: Inform controller driver of self-powered
usb: gadget: f_fs: Fix use after free issue as part of queue failure
ASoC: topology: use name_prefix for new kcontrol
ASoC: dpcm: allow start or stop during pause for backend
ASoC: dapm: connect virtual mux with default value
ASoC: fix regwmask
slub: improve bit diffusion for freelist ptr obfuscation
misc: rtsx: set correct pcr_ops for rts522A
uapi: rename ext2_swab() to swab() and share globally in swab.h
btrfs: track reloc roots based on their commit root bytenr
btrfs: remove a BUG_ON() from merge_reloc_roots()
block, bfq: fix use-after-free in bfq_idle_slice_timer_body
locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency
usb: dwc3: core: add support for disabling SS instances in park mode
block: Fix use-after-free issue accessing struct io_cq
genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy()
efi/x86: Ignore the memory attributes table on i386
x86/boot: Use unsigned comparison for addresses
gfs2: Don't demote a glock until its revokes are written
libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()
PCI/switchtec: Fix init_completion race condition with poll_wait()
selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault
sched: Avoid scale real weight down to zero
irqchip/versatile-fpga: Handle chained IRQs properly
block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices
x86: Don't let pgprot_modify() change the page encryption bit
null_blk: fix spurious IO errors after failed past-wp access
null_blk: Handle null_add_dev() failures properly
null_blk: Fix the null_add_dev() error path
i2c: st: fix missing struct parameter description
qlcnic: Fix bad kzalloc null test
cxgb4/ptp: pass the sign of offset delta in FW CMD
hinic: fix wrong para of wait_for_completion_timeout
hinic: fix a bug of waitting for IO stopped
net: vxge: fix wrong __VA_ARGS__ usage
bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
ANDROID: fix wakeup reason findings
UPSTREAM: gpu/trace: add a gpu total memory usage tracepoint
CHROMIUM: drm/virtio: rebase zero-copy patches to virgl/drm-misc-next
CHROMIUM: virtio-gpu: add VIRTIO_GPU_F_RESOURCE_UUID feature
CHROMIUM: drm/virtgpu: add legacy VIRTIO_GPU_* values for non-upstream variants
CHROMIUM: drm/virtgpu: fix various warnings
CHROMIUM: drm/virtgpu: implement metadata allocation ioctl
CHROMIUM: drm/virtgpu: introduce request IDRs
CHROMIUM: drm/virtgpu: implement DRM_VIRTGPU_RESOURCE_CREATE_V2
CHROMIUM: drm/virtgpu: add stub ioctl implementation
CHROMIUM: drm/virtgpu: check for revelant capabilites
CHROMIUM: drm/virtgpu: add memory type to virtio_gpu_object_params
CHROMIUM: drm/virtgpu: make memory and resource creation opaque
CHROMIUM: virtio-gpu api: VIRTIO_GPU_F_MEMORY
CHROMIUM: virtwl: store plane info per virtio_gpu_object
CHROMIUM: drm/virtgpu: expose new ioctls to userspace
BACKPORT: drm/virtio: move virtio_gpu_object_{attach, detach} calls.
ANDROID: drm: ttm: Add ttm_tt_create2 driver hook
UPSTREAM: virtio-gpu api: comment feature flags
UPSTREAM: drm/virtio: module_param_named() requires linux/moduleparam.h
BACKPORT: drm/virtio: fix resource id creation race
BACKPORT: drm/virtio: make resource id workaround runtime switchable.
BACKPORT: drm/virtio: do NOT reuse resource ids
BACKPORT: drm/virtio: Drop deprecated load/unload initialization
f2fs: fix quota_sync failure due to f2fs_lock_op
f2fs: support read iostat
f2fs: Fix the accounting of dcc->undiscard_blks
f2fs: fix to handle error path of f2fs_ra_meta_pages()
f2fs: report the discard cmd errors properly
f2fs: fix long latency due to discard during umount
f2fs: add tracepoint for f2fs iostat
f2fs: introduce sysfs/data_io_flag to attach REQ_META/FUA
UPSTREAM: kheaders: include only headers into kheaders_data.tar.xz
UPSTREAM: kheaders: remove meaningless -R option of 'ls'
ANDROID: Incremental fs: Fix create_file performance
ANDROID: Incremental fs: Fix compound page usercopy crash
ANDROID: Incremental fs: Clean up incfs_test build process
ANDROID: Incremental fs: make remount log buffer change atomic
ANDROID: Incremental fs: Optimize get_filled_block
ANDROID: Incremental fs: Fix mislabeled __user ptrs
ANDROID: Incremental fs: Use 64-bit int for file_size when writing hash blocks
Revert "ANDROID: Incremental fs: Fix initialization, use of bitfields"
Linux 4.14.176
drm/msm: Use the correct dma_sync calls in msm_gem
rpmsg: glink: smem: Support rx peak for size less than 4 bytes
drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read()
usb: dwc3: don't set gadget->is_otg flag
rpmsg: glink: Remove chunk size word align warning
arm64: Fix size of __early_cpu_boot_status
drm/msm: stop abusing dma_map/unmap for cache
clk: qcom: rcg: Return failure for RCG update
acpi/nfit: Fix bus command validation
fbcon: fix null-ptr-deref in fbcon_switch
RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
ceph: canonicalize server path in place
ceph: remove the extra slashes in the server path
IB/hfi1: Fix memory leaks in sysfs registration and unregistration
IB/hfi1: Call kobject_put() when kobject_init_and_add() fails
ASoC: jz4740-i2s: Fix divider written at incorrect offset in register
hwrng: imx-rngc - fix an error path
tools/accounting/getdelays.c: fix netlink attribute length
random: always use batched entropy for get_random_u{32,64}
mlxsw: spectrum_flower: Do not stop at FLOW_ACTION_VLAN_MANGLE
slcan: Don't transmit uninitialized stack data in padding
net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting
net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers
net: dsa: bcm_sf2: Ensure correct sub-node is parsed
ipv6: don't auto-add link-local address to lag ports
mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
padata: always acquire cpu_hotplug_lock before pinst->lock
coresight: do not use the BIT() macro in the UAPI header
misc: pci_endpoint_test: Fix to support > 10 pci-endpoint-test devices
blk-mq: Allow blocking queue tag iter callbacks
blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter
drm/etnaviv: replace MMU flush marker with flush sequence
tools/power turbostat: Fix gcc build warnings
initramfs: restore default compression behavior
drm/bochs: downgrade pci_request_region failure from error to warning
sctp: fix possibly using a bad saddr with a given dst
sctp: fix refcount bug in sctp_wfree
net, ip_tunnel: fix interface lookup with no key
ipv4: fix a RCU-list lock in fib_triestat_seq_show
ANDROID: power: wakeup_reason: wake reason enhancements
ubifs: wire up FS_IOC_GET_ENCRYPTION_NONCE
f2fs: wire up FS_IOC_GET_ENCRYPTION_NONCE
ext4: wire up FS_IOC_GET_ENCRYPTION_NONCE
fscrypt: add FS_IOC_GET_ENCRYPTION_NONCE ioctl
FROMLIST: power_supply: Add additional health properties to the header
UPSTREAM: power: supply: core: Update sysfs-class-power ABI document
BACKPORT: FROMGIT: kbuild: mkcompile_h: Include $LD version in /proc/version
ANDROID: fscrypt: fall back to filesystem-layer crypto when needed
ANDROID: block: require drivers to declare supported crypto key type(s)
ANDROID: block: make blk_crypto_start_using_mode() properly check for support
f2fs: keep inline_data when compression conversion
f2fs: fix to disable compression on directory
f2fs: add missing CONFIG_F2FS_FS_COMPRESSION
f2fs: switch discard_policy.timeout to bool type
f2fs: fix to verify tpage before releasing in f2fs_free_dic()
f2fs: show compression in statx
f2fs: clean up dic->tpages assignment
f2fs: compress: support zstd compress algorithm
f2fs: compress: add .{init,destroy}_decompress_ctx callback
f2fs: compress: fix to call missing destroy_compress_ctx()
f2fs: change default compression algorithm
f2fs: clean up {cic,dic}.ref handling
f2fs: fix to use f2fs_readpage_limit() in f2fs_read_multi_pages()
f2fs: xattr.h: Make stub helpers inline
f2fs: fix to avoid double unlock
f2fs: fix potential .flags overflow on 32bit architecture
f2fs: fix NULL pointer dereference in f2fs_verity_work()
f2fs: fix to clear PG_error if fsverity failed
f2fs: don't call fscrypt_get_encryption_info() explicitly in f2fs_tmpfile()
f2fs: don't trigger data flush in foreground operation
f2fs: fix NULL pointer dereference in f2fs_write_begin()
f2fs: clean up f2fs_may_encrypt()
f2fs: fix to avoid potential deadlock
f2fs: don't change inode status under page lock
f2fs: fix potential deadlock on compressed quota file
f2fs: delete DIO read lock
f2fs: don't mark compressed inode dirty during f2fs_iget()
f2fs: fix to account compressed blocks in f2fs_compressed_blocks()
f2fs: xattr.h: Replace zero-length array with flexible-array member
f2fs: fix to update f2fs_super_block fields under sb_lock
f2fs: Add a new CP flag to help fsck fix resize SPO issues
f2fs: Fix mount failure due to SPO after a successful online resize FS
f2fs: use kmem_cache pool during inline xattr lookups
f2fs: skip migration only when BG_GC is called
f2fs: fix to show tracepoint correctly
f2fs: avoid __GFP_NOFAIL in f2fs_bio_alloc
f2fs: introduce F2FS_IOC_GET_COMPRESS_BLOCKS
f2fs: fix to avoid triggering IO in write path
f2fs: add prefix for f2fs slab cache name
f2fs: introduce DEFAULT_IO_TIMEOUT
f2fs: skip GC when section is full
f2fs: add migration count iff migration happens
f2fs: clean up bggc mount option
f2fs: clean up lfs/adaptive mount option
f2fs: fix to show norecovery mount option
f2fs: clean up parameter of macro XATTR_SIZE()
f2fs: clean up codes with {f2fs_,}data_blkaddr()
f2fs: show mounted time
f2fs: Use scnprintf() for avoiding potential buffer overflow
f2fs: allow to clear F2FS_COMPR_FL flag
f2fs: fix to check dirty pages during compressed inode conversion
f2fs: fix to account compressed inode correctly
f2fs: fix wrong check on F2FS_IOC_FSSETXATTR
f2fs: fix to avoid use-after-free in f2fs_write_multi_pages()
f2fs: fix to avoid using uninitialized variable
f2fs: fix inconsistent comments
f2fs: remove i_sem lock coverage in f2fs_setxattr()
f2fs: cover last_disk_size update with spinlock
f2fs: fix to check i_compr_blocks correctly
FROMLIST: kmod: make request_module() return an error when autoloading is disabled
UPSTREAM: loop: Only freeze block queue when needed.
UPSTREAM: loop: Only change blocksize when needed.
ANDROID: Incremental fs: Fix remount
ANDROID: Incremental fs: Protect get_fill_block, and add a field
ANDROID: Incremental fs: Fix crash polling 0 size read_log
ANDROID: Incremental fs: get_filled_blocks: better index_out
ANDROID: Fix wq fp check for CFI builds
ANDROID: Incremental fs: Fix four resource bugs
ANDROID: kbuild: ensure __cfi_check is correctly aligned
ANDROID: kbuild: fix module linker script flags for LTO
Linux 4.14.175
arm64: dts: ls1046ardb: set RGMII interfaces to RGMII_ID mode
arm64: dts: ls1043a-rdb: correct RGMII delay mode to rgmii-id
ARM: bcm2835-rpi-zero-w: Add missing pinctrl name
ARM: dts: oxnas: Fix clear-mask property
perf map: Fix off by one in strncpy() size argument
arm64: alternative: fix build with clang integrated assembler
net: ks8851-ml: Fix IO operations, again
gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288 model
bpf: Explicitly memset some bpf info structures declared on the stack
bpf: Explicitly memset the bpf_attr structure
platform/x86: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table
vt: vt_ioctl: fix use-after-free in vt_in_use()
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
vt: vt_ioctl: remove unnecessary console allocation checks
vt: switch vt_dont_switch to bool
vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines
vt: selection, introduce vc_is_sel
mac80211: fix authentication with iwlwifi/mvm
mac80211: Check port authorization in the ieee80211_tx_dequeue() case
media: xirlink_cit: add missing descriptor sanity checks
media: stv06xx: add missing descriptor sanity checks
media: dib0700: fix rc endpoint lookup
media: ov519: add missing endpoint sanity checks
libfs: fix infoleak in simple_attr_read()
staging: wlan-ng: fix use-after-free Read in hfa384x_usbin_callback
staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb
staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table
media: usbtv: fix control-message timeouts
media: flexcop-usb: fix endpoint sanity check
usb: musb: fix crash with highmen PIO and usbmon
USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback
USB: cdc-acm: restore capability check order
USB: serial: option: add Wistron Neweb D19Q1
USB: serial: option: add BroadMobi BM806U
USB: serial: option: add support for ASKEY WWHC050
afs: Fix some tracing details
Input: raydium_i2c_ts - fix error codes in raydium_i2c_boot_trigger()
Input: raydium_i2c_ts - use true and false for boolean values
vti6: Fix memory leak of skb if input policy check fails
netfilter: nft_fwd_netdev: validate family and chain type
xfrm: policy: Fix doulbe free in xfrm_policy_timer
xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
xfrm: fix uctx len check in verify_sec_ctx_len
RDMA/mlx5: Block delay drop to unprivileged users
vti[6]: fix packet tx through bpf_redirect() in XinY cases
xfrm: handle NETDEV_UNREGISTER for xfrm device
genirq: Fix reference leaks on irq affinity notifiers
RDMA/core: Ensure security pkey modify is not lost
gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT + AXP288 model
gpiolib: acpi: Rework honor_wakeup option into an ignore_wake option
gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk
mac80211: mark station unauthorized before key removal
scsi: sd: Fix optimal I/O size for devices that change reported values
scripts/dtc: Remove redundant YYLOC global declaration
tools: Let O= makes handle a relative path with -C option
perf probe: Do not depend on dwfl_module_addrsym()
ARM: dts: omap5: Add bus_dma_limit for L3 bus
ARM: dts: dra7: Add bus_dma_limit for L3 bus
Input: avoid BIT() macro usage in the serio.h UAPI header
Input: synaptics - enable RMI on HP Envy 13-ad105ng
i2c: hix5hd2: add missed clk_disable_unprepare in remove
ftrace/x86: Anotate text_mutex split between ftrace_arch_code_modify_post_process() and ftrace_arch_code_modify_prepare()
arm64: compat: map SPSR_ELx<->PSR for signals
arm64: ptrace: map SPSR_ELx<->PSR for compat tasks
sxgbe: Fix off by one in samsung driver strncpy size arg
dpaa_eth: Remove unnecessary boolean expression in dpaa_get_headroom
mac80211: Do not send mesh HWMP PREQ if HWMP is disabled
scsi: ipr: Fix softlockup when rescanning devices in petitboot
fsl/fman: detect FMan erratum A050385
arm64: dts: ls1043a: FMan erratum A050385
dt-bindings: net: FMan erratum A050385
cgroup1: don't call release_agent when it is ""
drivers/of/of_mdio.c:fix of_mdiobus_register()
cpupower: avoid multiple definition with gcc -fno-common
cgroup-v1: cgroup_pidlist_next should update position index
net: ipv4: don't let PMTU updates increase route MTU
hsr: set .netnsok flag
hsr: add restart routine into hsr_get_node_list()
hsr: use rcu_read_lock() in hsr_get_node_{list/status}()
vxlan: check return value of gro_cells_init()
net: dsa: mt7530: Change the LINK bit to reflect the link status
bnxt_en: fix memory leaks in bnxt_dcbnl_ieee_getets()
slcan: not call free_netdev before rtnl_unlock in slcan_open
NFC: fdp: Fix a signedness bug in fdp_nci_send_patch()
net: stmmac: dwmac-rk: fix error path in rk_gmac_probe
net_sched: keep alloc_hash updated after hash allocation
net_sched: cls_route: remove the right filter from hashtable
net: qmi_wwan: add support for ASKEY WWHC050
net/packet: tpacket_rcv: avoid a producer race condition
net: mvneta: Fix the case where the last poll did not process all rx
net: dsa: Fix duplicate frames flooded by learning
macsec: restrict to ethernet devices
hsr: fix general protection fault in hsr_addr_is_self()
Revert "drm/dp_mst: Skip validating ports during destruction, just ref"
staging: greybus: loopback_test: fix potential path truncations
staging: greybus: loopback_test: fix potential path truncation
drm/bridge: dw-hdmi: fix AVI frame colorimetry
arm64: smp: fix crash_smp_send_stop() behaviour
arm64: smp: fix smp_send_stop() behaviour
ALSA: hda/realtek: Fix pop noise on ALC225
Revert "ipv6: Fix handling of LLA with VRF and sockets bound to VRF"
Revert "vrf: mark skb for multicast or link-local as enslaved to VRF"
futex: Unbreak futex hashing
futex: Fix inode life-time issue
kbuild: Disable -Wpointer-to-enum-cast
iio: adc: at91-sama5d2_adc: fix differential channels in triggered mode
iio: adc: at91-sama5d2_adc: fix channel configuration for differential channels
USB: cdc-acm: fix rounding error in TIOCSSERIAL
USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL
x86/mm: split vmalloc_sync_all()
page-flags: fix a crash at SetPageError(THP_SWAP)
mm, slub: prevent kmalloc_node crashes and memory leaks
mm: slub: be more careful about the double cmpxchg of freelist
memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event
xhci: Do not open code __print_symbolic() in xhci trace events
rtc: max8907: add missing select REGMAP_IRQ
intel_th: pci: Add Elkhart Lake CPU support
intel_th: Fix user-visible error codes
staging/speakup: fix get_word non-space look-ahead
staging: rtl8188eu: Add device id for MERCUSYS MW150US v2
mmc: sdhci-of-at91: fix cd-gpios for SAMA5D2
iio: magnetometer: ak8974: Fix negative raw values in sysfs
iio: trigger: stm32-timer: disable master mode when stopping
ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks
ALSA: pcm: oss: Avoid plugin buffer overflow
ALSA: seq: oss: Fix running status after receiving sysex
ALSA: seq: virmidi: Fix running status after receiving sysex
ALSA: line6: Fix endless MIDI read loop
usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c
USB: serial: pl2303: add device-id for HP LD381
usb: host: xhci-plat: add a shutdown
USB: serial: option: add ME910G1 ECM composition 0x110b
usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters
USB: Disable LPM on WD19's Realtek Hub
parse-maintainers: Mark as executable
block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group()
xenbus: req->err should be updated before req->state
xenbus: req->body should be updated before req->state
dm bio record: save/restore bi_end_io and bi_integrity
altera-stapl: altera_get_note: prevent write beyond end of 'key'
drivers/perf: arm_pmu_acpi: Fix incorrect checking of gicc pointer
drm/exynos: dsi: fix workaround for the legacy clock name
drm/exynos: dsi: propagate error value and silence meaningless warning
spi/zynqmp: remove entry that causes a cs glitch
spi: pxa2xx: Add CS control clock quirk
ARM: dts: dra7: Add "dma-ranges" property to PCIe RC DT nodes
powerpc: Include .BTF section
spi: qup: call spi_qup_pm_resume_runtime before suspending
UPSTREAM: ubifs: wire up FS_IOC_GET_ENCRYPTION_NONCE
UPSTREAM: f2fs: wire up FS_IOC_GET_ENCRYPTION_NONCE
UPSTREAM: ext4: wire up FS_IOC_GET_ENCRYPTION_NONCE
UPSTREAM: fscrypt: add FS_IOC_GET_ENCRYPTION_NONCE ioctl
UPSTREAM: usb: raw_gadget: fix compilation warnings in uapi headers
BACKPORT: usb: gadget: add raw-gadget interface
UPSTREAM: usb: gadget: move choice ... endchoice to legacy/Kconfig
ANDROID: clang: update to 10.0.5
FROMLIST: arm64: define __alloc_zeroed_user_highpage
ANDROID: Incremental fs: Add INCFS_IOC_GET_FILLED_BLOCKS
ANDROID: Incremental fs: Fix two typos
f2fs: fix to avoid potential deadlock
f2fs: add missing function name in kernel message
f2fs: recycle unused compress_data.chksum feild
f2fs: fix to avoid NULL pointer dereference
f2fs: fix leaking uninitialized memory in compressed clusters
f2fs: fix the panic in do_checkpoint()
f2fs: fix to wait all node page writeback
mm/swapfile.c: move inode_lock out of claim_swapfile
UPSTREAM: ipv6: ndisc: add support for 'PREF64' dns64 prefix identifier
UPSTREAM: ipv6: ndisc: add support for 'PREF64' dns64 prefix identifier
ANDROID: dm-bow: Fix free_show value is incorrect
UPSTREAM: coresight: Potential uninitialized variable in probe()
ANDROID: kbuild: do not merge .section..* into .section in modules
ANDROID: scsi: ufs: add ->map_sg_crypto() variant op
UPSTREAM: bpf: Explicitly memset some bpf info structures declared on the stack
UPSTREAM: bpf: Explicitly memset the bpf_attr structure
Linux 4.14.174
ipv4: ensure rcu_read_lock() in cipso_v4_error()
mm: slub: add missing TID bump in kmem_cache_alloc_bulk()
ARM: 8958/1: rename missed uaccess .fixup section
ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional()
jbd2: fix data races at struct journal_head
net: rmnet: fix NULL pointer dereference in rmnet_newlink()
hinic: fix a bug of setting hw_ioctxt
slip: not call free_netdev before rtnl_unlock in slip_open
signal: avoid double atomic counter increments for user accounting
mac80211: rx: avoid RCU list traversal under mutex
net: ks8851-ml: Fix IRQ handling and locking
net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch
scsi: libfc: free response frame from GPN_ID
cfg80211: check reg_rule for NULL in handle_channel_custom()
HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override
HID: apple: Add support for recent firmware on Magic Keyboards
ACPI: watchdog: Allow disabling WDAT at boot
perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag
batman-adv: Don't schedule OGM for disabled interface
batman-adv: Avoid free/alloc race when handling OGM buffer
batman-adv: Avoid free/alloc race when handling OGM2 buffer
batman-adv: Fix duplicated OGMs on NETDEV_UP
batman-adv: Fix debugfs path for renamed softif
batman-adv: Fix debugfs path for renamed hardif
batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs
batman-adv: Fix TT sync flags for intermediate TT responses
batman-adv: Avoid race in TT TVLV allocator helper
batman-adv: update data pointers after skb_cow()
batman-adv: Fix internal interface indices types
batman-adv: Fix lock for ogm cnt access in batadv_iv_ogm_calc_tq
batman-adv: Fix check of retrieved orig_gw in batadv_v_gw_is_eligible
batman-adv: Always initialize fragment header priority
batman-adv: Avoid spurious warnings from bat_v neigh_cmp implementation
efi: Add a sanity check to efivar_store_raw()
net/smc: check for valid ib_client_data
ipv6: restrict IPV6_ADDRFORM operation
i2c: acpi: put device when verifying client fails
iommu/vt-d: Ignore devices with out-of-spec domain number
iommu/vt-d: Fix the wrong printing in RHSA parsing
netfilter: nft_payload: add missing attribute validation for payload csum flags
netfilter: cthelper: add missing attribute validation for cthelper
nl80211: add missing attribute validation for channel switch
nl80211: add missing attribute validation for beacon report scanning
nl80211: add missing attribute validation for critical protocol indication
pinctrl: core: Remove extra kref_get which blocks hogs being freed
pinctrl: meson-gxl: fix GPIOX sdio pins
iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
iommu/dma: Fix MSI reservation allocation
x86/mce: Fix logic and comments around MSR_PPIN_CTL
efi: Fix a race and a buffer overflow while reading efivars via sysfs
ARC: define __ALIGN_STR and __ALIGN symbols for ARC
KVM: x86: clear stale x86_emulate_ctxt->intercept value
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
cifs_atomic_open(): fix double-put on late allocation failure
ktest: Add timeout for ssh sync testing
drm/amd/display: remove duplicated assignment to grph_obj_type
workqueue: don't use wq_select_unbound_cpu() for bound works
iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint
virtio-blk: fix hw_queue stopped on arbitrary error
iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices
cgroup: Iterate tasks that did not finish do_exit()
cgroup: cgroup_procs_next should increase position index
ipvlan: don't deref eth hdr before checking it's set
ipvlan: egress mcast packets are not exceptional
ipvlan: do not add hardware address of master to its unicast filter list
inet_diag: return classid for all socket types
macvlan: add cond_resched() during multicast processing
net: fec: validate the new settings in fec_enet_set_coalesce()
slip: make slhc_compress() more robust against malicious packets
bonding/alb: make sure arp header is pulled before accessing it
net: phy: fix MDIO bus PM PHY resuming
nfc: add missing attribute validation for vendor subcommand
nfc: add missing attribute validation for SE API
team: add missing attribute validation for array index
team: add missing attribute validation for port ifindex
net: fq: add missing attribute validation for orphan mask
macsec: add missing attribute validation for port
can: add missing attribute validation for termination
nl802154: add missing attribute validation for dev_type
nl802154: add missing attribute validation
fib: add missing attribute validation for tun_id
net: memcg: fix lockdep splat in inet_csk_accept()
net: memcg: late association of sock to memcg
cgroup: memcg: net: do not associate sock with unrelated cgroup
bnxt_en: reinitialize IRQs when MTU is modified
sfc: detach from cb_page in efx_copy_channel()
r8152: check disconnect status after long sleep
net/packet: tpacket_rcv: do not increment ring index on drop
net: nfc: fix bounds checking bugs on "pipe"
net: macsec: update SCI upon MAC address change.
netlink: Use netlink header as base to calculate bad attribute offset
ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
ipvlan: add cond_resched_rcu() while processing muticast backlog
ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface
gre: fix uninit-value in __iptunnel_pull_header
cgroup, netclassid: periodically release file_lock on classid updating
net: phy: Avoid multiple suspends
phy: Revert toggling reset changes.
ANDROID: Incremental fs: Add INCFS_IOC_PERMIT_FILL
ANDROID: Incremental fs: Remove signature checks from kernel
ANDROID: Incremental fs: Pad hash blocks
ANDROID: Incremental fs: Make fill block an ioctl
ANDROID: Incremental fs: Remove all access_ok checks
UPSTREAM: cgroup: Iterate tasks that did not finish do_exit()
UPSTREAM: arm64: memory: Add missing brackets to untagged_addr() macro
UPSTREAM: mm: Avoid creating virtual address aliases in brk()/mmap()/mremap()
ANDROID: Add TPM support and the vTPM proxy to Cuttlefish.
ANDROID: serdev: restrict claim of platform devices
UPSTREAM: fscrypt: don't evict dirty inodes after removing key
fscrypt: don't evict dirty inodes after removing key
Linux 4.14.173
ASoC: topology: Fix memleak in soc_tplg_manifest_load()
xhci: handle port status events for removed USB3 hcd
dm integrity: fix a deadlock due to offloading to an incorrect workqueue
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
ARM: imx: build v7_cpu_resume() unconditionally
IB/hfi1, qib: Ensure RCU is locked when accessing list
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
RDMA/iwcm: Fix iwcm work deallocation
ASoC: dapm: Correct DAPM handling of active widgets during shutdown
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
ASoC: intel: skl: Fix possible buffer overflow in debug outputs
ASoC: intel: skl: Fix pin debug prints
ASoC: topology: Fix memleak in soc_tplg_link_elems_load()
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
dm cache: fix a crash due to incorrect work item cancelling
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
dmaengine: tegra-apb: Fix use-after-free
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
vt: selection, push sel_lock up
vt: selection, push console lock down
vt: selection, close sel_buffer race
serial: 8250_exar: add support for ACCES cards
tty:serial:mvebu-uart:fix a wrong return
arm: dts: dra76x: Fix mmc3 max-frequency
fat: fix uninit-memory access for partial initialized inode
mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa
vgacon: Fix a UAF in vgacon_invert_region
usb: core: port: do error out if usb_autopm_get_interface() fails
usb: core: hub: do error out if usb_autopm_get_interface() fails
usb: core: hub: fix unhandled return by employing a void function
usb: quirks: add NO_LPM quirk for Logitech Screen Share
usb: storage: Add quirk for Samsung Fit flash
cifs: don't leak -EAGAIN for stat() during reconnect
net: thunderx: workaround BGX TX Underflow issue
x86/xen: Distribute switch variables for initialization
nvme: Fix uninitialized-variable warning
x86/boot/compressed: Don't declare __force_order in kaslr_64.c
s390/cio: cio_ignore_proc_seq_next should increase position index
watchdog: da9062: do not ping the hw during stop()
net: ks8851-ml: Fix 16-bit IO operation
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Remove 8-bit bus accessors
drm/msm/dsi: save pll state before dsi host is powered off
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
drm/msm/mdp5: rate limit pp done timeout warnings
usb: gadget: serial: fix Tx stall after buffer overflow
usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
usb: gadget: composite: Support more than 500mA MaxPower
selftests: fix too long argument
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic
RDMA/core: Fix use of logical OR in get_new_pps
RDMA/core: Fix pkey and port assignment in get_new_pps
net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec
EDAC/amd64: Set grain per DIMM
x86/mce: Handle varying MCA bank counts
vhost: Check docket sk_family instead of call getname
audit: always check the netlink payload length in audit_receive_msg()
Revert "char/random: silence a lockdep splat with printk()"
mm, thp: fix defrag setting if newline is not used
mm/huge_memory.c: use head to check huge zero page
perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc
kprobes: Set unoptimized flag after unoptimizing code
drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()'
tuntap: correctly set SOCKWQ_ASYNC_NOSPACE
KVM: Check for a bad hva before dropping into the ghc slow path
KVM: SVM: Override default MMIO mask if memory encryption is enabled
mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame()
namei: only return -ECHILD from follow_dotdot_rcu()
net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE
net: atlantic: fix potential error handling
net: netlink: cap max groups which will be considered in netlink_bind()
include/linux/bitops.h: introduce BITS_PER_TYPE
ecryptfs: Fix up bad backport of fe2e082f5da5b4a0a92ae32978f81507ef37ec66
usb: charger: assign specific number for enum value
drm/i915/gvt: Separate display reset from ALL_ENGINES reset
i2c: jz4780: silence log flood on txabrt
i2c: altera: Fix potential integer overflow
MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()'
HID: hiddev: Fix race in in hiddev_disconnect()
Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs"
tracing: Disable trace_printk() on post poned tests
HID: core: increase HID report buffer size to 8KiB
HID: core: fix off-by-one memset in hid_report_raw_event()
HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock
KVM: VMX: check descriptor table exits on instruction emulation
ACPI: watchdog: Fix gas->access_width usage
ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro
audit: fix error handling in audit_data_to_entry()
ext4: potential crash on allocation error in ext4_alloc_flex_bg_array()
net: sched: correct flower port blocking
qede: Fix race between rdma destroy workqueue and link change event
ipv6: Fix route replacement with dev-only route
ipv6: Fix nlmsg_flags when splitting a multipath route
sctp: move the format error check out of __sctp_sf_do_9_1_abort
nfc: pn544: Fix occasional HW initialization failure
net: phy: restore mdio regs in the iproc mdio driver
net: fib_rules: Correctly set table field when table number exceeds 8 bits
sysrq: Remove duplicated sysrq message
sysrq: Restore original console_loglevel when sysrq disabled
cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE
cifs: Fix mode output in debugging statements
net: ena: ena-com.c: prevent NULL pointer dereference
net: ena: ethtool: use correct value for crc32 hash
net: ena: fix incorrectly saving queue numbers when setting RSS indirection table
net: ena: rss: store hash function as values and not bits
net: ena: rss: fix failure to get indirection table
net: ena: fix incorrect default RSS key
net: ena: add missing ethtool TX timestamping indication
net: ena: fix uses of round_jiffies()
net: ena: fix potential crash when rxfh key is NULL
qmi_wwan: unconditionally reject 2 ep interfaces
qmi_wwan: re-add DW5821e pre-production variant
cfg80211: check wiphy driver existence for drvinfo report
mac80211: consider more elements in parsing CRC
dax: pass NOWAIT flag to iomap_apply
drm/msm: Set dma maximum segment size for mdss
ipmi:ssif: Handle a possible NULL pointer reference
ext4: fix potential race between s_group_info online resizing and access
ext4: fix potential race between s_flex_groups online resizing and access
ext4: fix potential race between online resizing and write operations
netfilter: nf_conntrack: resolve clash for matching conntracks
iwlwifi: pcie: fix rb_allocator workqueue allocation
FROMLIST: f2fs: fix wrong check on F2FS_IOC_FSSETXATTR
UPSTREAM: binder: prevent UAF for binderfs devices II
UPSTREAM: binder: prevent UAF for binderfs devices
FROMLIST: lib: test_stackinit.c: XFAIL switch variable init tests
ANDROID: cuttlefish: disable KPROBES
ANDROID: scsi: ufs: allow ufs variants to override sg entry size
FROMLIST: ufs: fix a bug on printing PRDT
BACKPORT: loop: Add LOOP_SET_BLOCK_SIZE in compat ioctl
ANDROID: fix build issue in security/selinux/avc.c
ANDROID: cuttlefish_defconfig: Disable CONFIG_RT_GROUP_SCHED
ANDROID: Enable HID_NINTENDO as y
FROMLIST: HID: nintendo: add nintendo switch controller driver
Linux 4.14.172
s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
xen: Enable interrupts when calling _cond_resched()
ata: ahci: Add shutdown to freeze hardware resources of ahci
netfilter: xt_hashlimit: limit the max size of hashtable
ALSA: seq: Fix concurrent access to queue current tick/time
ALSA: seq: Avoid concurrent access to queue flags
ALSA: rawmidi: Avoid bit fields for state flags
genirq/proc: Reject invalid affinity masks (again)
iommu/vt-d: Fix compile warning from intel-svm.h
ecryptfs: replace BUG_ON with error handling code
staging: greybus: use after free in gb_audio_manager_remove_all()
staging: rtl8723bs: fix copy of overlapping memory
usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus
scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session"
scsi: Revert "RDMA/isert: Fix a recently introduced regression related to logout"
Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents
btrfs: do not check delayed items are empty for single transaction cleanup
btrfs: fix bytes_may_use underflow in prealloc error condtition
KVM: apic: avoid calculating pending eoi from an uninitialized val
KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1
KVM: nVMX: Check IO instruction VM-exit conditions
KVM: nVMX: Refactor IO bitmap checks into helper function
ext4: fix race between writepages and enabling EXT4_EXTENTS_FL
ext4: rename s_journal_flag_rwsem to s_writepages_rwsem
ext4: fix mount failure with quota configured as module
ext4: add cond_resched() to __ext4_find_entry()
ext4: fix a data race in EXT4_I(inode)->i_disksize
KVM: nVMX: Don't emulate instructions in guest mode
lib/stackdepot.c: fix global out-of-bounds in stack_slabs
serial: 8250: Check UPF_IRQ_SHARED in advance
vt: vt_ioctl: fix race in VT_RESIZEX
VT_RESIZEX: get rid of field-by-field copyin
xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms
KVM: x86: don't notify userspace IOAPIC on edge-triggered interrupt EOI
drm/amdgpu/soc15: fix xclk for raven
mm/vmscan.c: don't round up scan size for online memory cgroup
Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()"
MAINTAINERS: Update drm/i915 bug filing URL
serdev: ttyport: restore client ops on deregistration
tty: serial: imx: setup the correct sg entry for tx dma
tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode
x86/mce/amd: Fix kobject lifetime
x86/mce/amd: Publish the bank pointer only after setup has succeeded
staging: rtl8723bs: Fix potential overuse of kernel memory
staging: rtl8723bs: Fix potential security hole
staging: rtl8188eu: Fix potential overuse of kernel memory
staging: rtl8188eu: Fix potential security hole
USB: hub: Fix the broken detection of USB3 device in SMSC hub
USB: hub: Don't record a connect-change event during reset-resume
USB: Fix novation SourceControl XL after suspend
usb: uas: fix a plug & unplug racing
usb: host: xhci: update event ring dequeue pointer on purpose
xhci: fix runtime pm enabling for quirky Intel hosts
xhci: Force Maximum Packet size for Full-speed bulk devices to valid range.
staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi.
staging: android: ashmem: Disallow ashmem memory from being remapped
vt: selection, handle pending signals in paste_selection
floppy: check FDC index for errors before assigning it
USB: misc: iowarrior: add support for the 100 device
USB: misc: iowarrior: add support for the 28 and 28L devices
USB: misc: iowarrior: add support for 2 OEMed devices
thunderbolt: Prevent crash if non-active NVMem file is read
net/smc: fix leak of kernel memory to user space
net/sched: flower: add missing validation of TCA_FLOWER_FLAGS
net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS
net: dsa: tag_qca: Make sure there is headroom for tag
enic: prevent waking up stopped tx queues over watchdog reset
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
mlxsw: spectrum_dpipe: Add missing error path
virtio_balloon: prevent pfn array overflow
help_next should increase position index
brd: check and limit max_part par
microblaze: Prevent the overflow of the start
iwlwifi: mvm: Fix thermal zone registration
irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL
bcache: explicity type cast in bset_bkey_last()
reiserfs: prevent NULL pointer dereference in reiserfs_insert_item()
lib/scatterlist.c: adjust indentation in __sg_alloc_table
ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans()
radeon: insert 10ms sleep in dce5_crtc_load_lut
trigger_next should increase position index
ftrace: fpid_next() should increase position index
drm/nouveau/disp/nv50-: prevent oops when no channel method map provided
irqchip/gic-v3: Only provision redistributors that are enabled in ACPI
ceph: check availability of mds cluster on mount after wait timeout
cifs: fix NULL dereference in match_prepath
iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop
hostap: Adjust indentation in prism2_hostapd_add_sta
ARM: 8951/1: Fix Kexec compilation issue.
jbd2: make sure ESHUTDOWN to be recorded in the journal superblock
jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record
powerpc/sriov: Remove VF eeh_dev state when disabling SR-IOV
ALSA: hda - Add docking station support for Lenovo Thinkpad T420s
driver core: platform: fix u32 greater or equal to zero comparison
s390/ftrace: generate traced function stack frame
x86/decoder: Add TEST opcode to Group3-2
ALSA: hda/hdmi - add retry logic to parse_intel_hdmi()
irqchip/mbigen: Set driver .suppress_bind_attrs to avoid remove problems
remoteproc: Initialize rproc_class before use
btrfs: device stats, log when stats are zeroed
btrfs: safely advance counter when looking up bio csums
btrfs: fix possible NULL-pointer dereference in integrity checks
pwm: Remove set but not set variable 'pwm'
ide: serverworks: potential overflow in svwks_set_pio_mode()
cmd64x: potential buffer overflow in cmd64x_program_timings()
pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional
x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd
f2fs: fix memleak of kobject
watchdog/softlockup: Enforce that timestamp is valid on boot
arm64: fix alternatives with LLVM's integrated assembler
scsi: iscsi: Don't destroy session if there are outstanding connections
f2fs: free sysfs kobject
iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE
usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue
drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add
drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler
drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw
drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new()
vme: bridges: reduce stack usage
driver core: Print device when resources present in really_probe()
driver core: platform: Prevent resouce overflow from causing infinite loops
tty: synclink_gt: Adjust indentation in several functions
tty: synclinkmp: Adjust indentation in several functions
ASoC: atmel: fix build error with CONFIG_SND_ATMEL_SOC_DMA=m
wan: ixp4xx_hss: fix compile-testing on 64-bit
Input: edt-ft5x06 - work around first register access error
rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls
efi/x86: Don't panic or BUG() on non-critical error conditions
soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
IB/hfi1: Add software counter for ctxt0 seq drop
udf: Fix free space reporting for metadata and virtual partitions
usbip: Fix unsafe unaligned pointer usage
drm: remove the newline for CRC source name.
tools lib api fs: Fix gcc9 stringop-truncation compilation error
ALSA: sh: Fix compile warning wrt const
ALSA: sh: Fix unused variable warnings
clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock
RDMA/rxe: Fix error type of mmap_offset
pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs
PM / devfreq: rk3399_dmc: Add COMPILE_TEST and HAVE_ARM_SMCCC dependency
x86/vdso: Provide missing include file
dmaengine: Store module owner in dma_device struct
ARM: dts: r8a7779: Add device node for ARM global timer
drm/mediatek: handle events when enabling/disabling crtc
scsi: aic7xxx: Adjust indentation in ahc_find_syncrate
scsi: ufs: Complete pending requests in host reset and restore path
ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1
orinoco: avoid assertion in case of NULL pointer
rtlwifi: rtl_pci: Fix -Wcast-function-type
iwlegacy: Fix -Wcast-function-type
ipw2x00: Fix -Wcast-function-type
b43legacy: Fix -Wcast-function-type
ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status
fore200e: Fix incorrect checks of NULL pointer dereference
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros
ARM: dts: imx6: rdu2: Disable WP for USDHC2 and USDHC3
arm64: dts: qcom: msm8996: Disable USB2 PHY suspend by core
NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu().
PCI/IOV: Fix memory leak in pci_iov_add_virtfn()
net/wan/fsl_ucc_hdlc: reject muram offsets above 64K
regulator: rk808: Lower log level on optional GPIOs being not available
drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table
clk: qcom: rcg2: Don't crash if our parent can't be found; return an error
kconfig: fix broken dependency in randconfig-generated .config
KVM: s390: ENOTSUPP -> EOPNOTSUPP fixups
nbd: add a flush_workqueue in nbd_start_device
ext4, jbd2: ensure panic when aborting with zero errno
tracing: Fix very unlikely race of registering two stat tracers
tracing: Fix tracing_stat return values in error handling paths
x86/sysfb: Fix check for bad VRAM size
jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal
kselftest: Minimise dependency of get_size on C library interfaces
clocksource/drivers/bcm2835_timer: Fix memory leak of timer
usb: dwc2: Fix IN FIFO allocation
usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe()
uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()
sparc: Add .exit.data section.
MIPS: Loongson: Fix potential NULL dereference in loongson3_platform_init()
efi/x86: Map the entire EFI vendor string before copying it
pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins
media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run()
char/random: silence a lockdep splat with printk()
gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_irq_map/unmap()
powerpc/powernv/iov: Ensure the pdn for VFs always contains a valid PE number
media: i2c: mt9v032: fix enum mbus codes and frame sizes
pxa168fb: Fix the function used to release some memory in an error handling path
pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs
gianfar: Fix TX timestamping with a stacked DSA driver
ALSA: ctl: allow TLV read operation for callback type of element in locked case
ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT
leds: pca963x: Fix open-drain initialization
brcmfmac: Fix use after free in brcmf_sdio_readframes()
cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order
drm/gma500: Fixup fbdev stolen size usage evaluation
KVM: nVMX: Use correct root level for nested EPT shadow page tables
Revert "KVM: VMX: Add non-canonical check on writes to RTIT address MSRs"
Revert "KVM: nVMX: Use correct root level for nested EPT shadow page tables"
scsi: qla2xxx: fix a potential NULL pointer dereference
jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer
jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()
hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions.
perf/x86/intel: Fix inaccurate period in context switch for auto-reload
s390/time: Fix clk type in get_tod_clock
RDMA/core: Fix protection fault in get_pkey_idx_qp_list
IB/hfi1: Close window for pq and request coliding
serial: imx: Only handle irqs that are actually enabled
serial: imx: ensure that RX irqs are off if RX is off
padata: Remove broken queue flushing
perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map
KVM: nVMX: Use correct root level for nested EPT shadow page tables
arm64: ssbs: Fix context-switch when SSBS is present on all CPUs
btrfs: log message when rw remount is attempted with unclean tree-log
btrfs: print message when tree-log replay starts
Btrfs: fix race between using extent maps and merging them
ext4: improve explanation of a mount failure caused by a misconfigured kernel
ext4: fix checksum errors with indexed dirs
ext4: fix support for inode sizes > 1024 bytes
ext4: don't assume that mmp_nodename/bdevname have NUL
ARM: 8723/2: always assume the "unified" syntax for assembly code
arm64: nofpsimd: Handle TIF_FOREIGN_FPSTATE flag cleanly
arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly
ALSA: usb-audio: Apply sample rate quirk for Audioengine D1
Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list
Input: synaptics - enable SMBus on ThinkPad L470
Input: synaptics - switch T470s to RMI4 by default
ecryptfs: fix a memory leak bug in ecryptfs_init_messaging()
ecryptfs: fix a memory leak bug in parse_tag_1_packet()
ASoC: sun8i-codec: Fix setting DAI data format
ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs
iommu/qcom: Fix bogus detach logic
KVM: x86: emulate RDPID
UPSTREAM: sched/psi: Fix OOB write when writing 0 bytes to PSI files
UPSTREAM: psi: Fix a division error in psi poll()
UPSTREAM: sched/psi: Fix sampling error and rare div0 crashes with cgroups and high uptime
UPSTREAM: sched/psi: Correct overly pessimistic size calculation
FROMLIST: f2fs: Handle casefolding with Encryption
FROMLIST: fscrypt: Have filesystems handle their d_ops
FROMLIST: ext4: Use generic casefolding support
FROMLIST: f2fs: Use generic casefolding support
FROMLIST: Add standard casefolding support
FROMLIST: unicode: Add utf8_casefold_hash
ANDROID: cuttlefish_defconfig: Add CONFIG_UNICODE
ANDROID: sdcardfs: fix -ENOENT lookup race issue
ANDROID: gki_defconfig: Enable CONFIG_RD_LZ4
ANDROID: dm: Add wrapped key support in dm-default-key
ANDROID: dm: add support for passing through derive_raw_secret
ANDROID: block: Prevent crypto fallback for wrapped keys
ANDROID: Disable wq fp check in CFI builds
ANDROID: increase limit on sched-tune boost groups
ANDROID: ufs, block: fix crypto power management and move into block layer
ANDROID: Incremental fs: Support xattrs
ANDROID: test_stackinit: work around LLVM PR44916
ANDROID: clang: update to 10.0.4
fs-verity: use u64_to_user_ptr()
fs-verity: use mempool for hash requests
fs-verity: implement readahead of Merkle tree pages
ext4: readpages() should submit IO as read-ahead
fs-verity: implement readahead for FS_IOC_ENABLE_VERITY
fscrypt: improve format of no-key names
ubifs: allow both hash and disk name to be provided in no-key names
ubifs: don't trigger assertion on invalid no-key filename
fscrypt: clarify what is meant by a per-file key
fscrypt: derive dirhash key for casefolded directories
fscrypt: don't allow v1 policies with casefolding
fscrypt: add "fscrypt_" prefix to fname_encrypt()
fscrypt: don't print name of busy file when removing key
fscrypt: document gfp_flags for bounce page allocation
fscrypt: optimize fscrypt_zeroout_range()
fscrypt: remove redundant bi_status check
fscrypt: Allow modular crypto algorithms
fscrypt: include <linux/ioctl.h> in UAPI header
fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info()
fscrypt: remove fscrypt_is_direct_key_policy()
fscrypt: move fscrypt_valid_enc_modes() to policy.c
fscrypt: check for appropriate use of DIRECT_KEY flag earlier
fscrypt: split up fscrypt_supported_policy() by policy version
fscrypt: introduce fscrypt_needs_contents_encryption()
fscrypt: move fscrypt_d_revalidate() to fname.c
fscrypt: constify inode parameter to filename encryption functions
fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
fscrypt: verify that the crypto_skcipher has the correct ivsize
fscrypt: use crypto_skcipher_driver_name()
fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
keys: Export lookup_user_key to external users
f2fs: fix build error on PAGE_KERNEL_RO
Conflicts:
arch/arm64/kernel/smp.c
arch/arm64/kernel/traps.c
block/blk-crypto-fallback.c
block/keyslot-manager.c
drivers/base/power/wakeup.c
drivers/clk/clk.c
drivers/clk/qcom/clk-rcg2.c
drivers/gpu/Makefile
drivers/gpu/drm/msm/msm_drv.c
drivers/gpu/drm/msm/msm_gem.c
drivers/hwtracing/coresight/coresight-funnel.c
drivers/irqchip/irq-gic-v3.c
drivers/md/dm.c
drivers/net/ethernet/qualcomm/rmnet/rmnet_config.c
drivers/net/ethernet/stmicro/stmmac/stmmac_hwtstamp.c
drivers/net/macsec.c
drivers/net/phy/micrel.c
drivers/net/wireless/ath/wil6210/cfg80211.c
drivers/net/wireless/ath/wil6210/fw_inc.c
drivers/net/wireless/ath/wil6210/pcie_bus.c
drivers/net/wireless/ath/wil6210/pm.c
drivers/net/wireless/ath/wil6210/wil6210.h
drivers/of/base.c
drivers/power/supply/power_supply_sysfs.c
drivers/rpmsg/qcom_glink_smem.c
drivers/scsi/sd.c
drivers/scsi/ufs/ufshcd-crypto.c
drivers/scsi/ufs/ufshcd.c
drivers/scsi/ufs/ufshcd.h
drivers/scsi/ufs/ufshci.h
drivers/usb/dwc3/core.c
drivers/usb/dwc3/gadget.c
drivers/usb/gadget/Kconfig
drivers/usb/gadget/composite.c
drivers/usb/gadget/function/f_fs.c
drivers/usb/gadget/legacy/Makefile
drivers/usb/host/xhci-mem.c
fs/ext4/readpage.c
fs/sdcardfs/lookup.c
include/linux/key.h
include/linux/keyslot-manager.h
include/linux/power_supply.h
include/uapi/linux/coresight-stm.h
net/qrtr/qrtr.c
Change-Id: Iaa9fcbe987e721f02596e167249a519781ed3888
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
|
||
|
Srinivasarao P
|
b73e822d12 |
Reverting crypto patches
c57952b UPSTREAM: ubifs: wire up FS_IOC_GET_ENCRYPTION_NONCE 379237b UPSTREAM: f2fs: wire up FS_IOC_GET_ENCRYPTION_NONCE 10e5acf UPSTREAM: ext4: wire up FS_IOC_GET_ENCRYPTION_NONCE 63bf273 ANDROID: scsi: ufs: add ->map_sg_crypto() variant op 10d4512 FROMLIST: f2fs: Handle casefolding with Encryption 4efb7e2 ANDROID: fscrypt: fall back to filesystem-layer crypto when needed a14fa7b ANDROID: block: require drivers to declare supported crypto key type(s) 5578bea ANDROID: block: make blk_crypto_start_using_mode() properly check for support e9c80bd UPSTREAM: fscrypt: add FS_IOC_GET_ENCRYPTION_NONCE ioctl 9e469e7 UPSTREAM: fscrypt: don't evict dirty inodes after removing key 53f2446 fscrypt: don't evict dirty inodes after removing key 207be96 FROMLIST: fscrypt: Have filesystems handle their d_ops 06ab740 ANDROID: dm: Add wrapped key support in dm-default-key 23e670a ANDROID: dm: add support for passing through derive_raw_secret 166fda7 ANDROID: block: Prevent crypto fallback for wrapped keys fe6e855 fscrypt: improve format of no-key names 216d8ca fscrypt: clarify what is meant by a per-file key 7e25032 fscrypt: derive dirhash key for casefolded directories e16d849 fscrypt: don't allow v1 policies with casefolding 0bc68c1 fscrypt: add "fscrypt_" prefix to fname_encrypt() 85b9c3e fscrypt: don't print name of busy file when removing key 9c5c8c5 fscrypt: document gfp_flags for bounce page allocation bee5bd5 fscrypt: optimize fscrypt_zeroout_range() 1c88eea fscrypt: remove redundant bi_status check 04f5184 fscrypt: Allow modular crypto algorithms 737ae90 fscrypt: include <linux/ioctl.h> in UAPI header 8842133 fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info() b21b79d fscrypt: remove fscrypt_is_direct_key_policy() 19b132b fscrypt: move fscrypt_valid_enc_modes() to policy.c add6ac4 fscrypt: check for appropriate use of DIRECT_KEY flag earlier 2454b5b fscrypt: split up fscrypt_supported_policy() by policy version bfa4ca6 fscrypt: introduce fscrypt_needs_contents_encryption() 3871977 fscrypt: move fscrypt_d_revalidate() to fname.c 39a0acc fscrypt: constify inode parameter to filename encryption functions 3942229 fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand() a7b6398 fscrypt: verify that the crypto_skcipher has the correct ivsize 9c1b3af fscrypt: use crypto_skcipher_driver_name() 3529026 fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY Change-Id: Ib1abe832e16d5f40bfcc9e34bdccbb063b37dbbc Signed-off-by: Srinivasarao P <spathi@codeaurora.org> |
||
|
Srinivasarao P
|
5f43935f7f |
Merge android-4.14.171 (998aa7d) into msm-4.14
* refs/heads/tmp-998aa7d:
Reverting crypto and incrementalfs changes
ANDROID: cuttlefish_defconfig: Enable CONFIG_NET_NS
ANDROID: virtio: virtio_input: pass _DIRECT only if the device advertises _DIRECT
ANDROID: net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head
ANDROID: Add INIT_STACK_ALL to the list of Clang-specific options
Linux 4.14.171
libertas: make lbs_ibss_join_existing() return error code on rates overflow
libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
serial: uartps: Move the spinlock after the read of the tx empty
dm: fix potential for q->make_request_fn NULL pointer
scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state
pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
media: i2c: adv748x: Fix unsafe macros
crypto: atmel-sha - fix error handling when setting hmac key
crypto: artpec6 - return correct error code for failed setkey()
KVM: arm/arm64: Fix young bit from mmu notifier
arm64: cpufeature: Fix the type of no FP/SIMD capability
ARM: 8949/1: mm: mark free_memmap as __init
KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections
powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW
powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning
tools/power/acpi: fix compilation error
ARM: dts: at91: sama5d3: define clock rate range for tcb1
ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
platform/x86: intel_mid_powerbtn: Take a copy of ddata
ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
rtc: cmos: Stop using shared IRQ
rtc: hym8563: Return -EINVAL if the time is known to be invalid
serial: uartps: Add a timeout to the tx empty wait
NFSv4: try lease recovery on NFS4ERR_EXPIRED
NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
nfs: NFS_SWAP should depend on SWAP
PCI: Don't disable bridge BARs when assigning bus resources
PCI/switchtec: Fix vep_vector_number ioread width
scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails
RDMA/netlink: Do not always generate an ACK for some netlink operations
hv_sock: Remove the accept port restriction
ASoC: pcm: update FE/BE trigger order based on the command
rxrpc: Fix service call disconnection
perf/core: Fix mlock accounting in perf_mmap()
clocksource: Prevent double add_timer_on() for watchdog_timer
cifs: fail i/o on soft mounts if sessionsetup errors out
KVM: s390: do not clobber registers during guest reset/store status
KVM: Play nice with read-only memslots when querying host page size
KVM: Use vcpu-specific gva->hva translation when querying host page size
KVM: nVMX: vmread should not set rflags to specify success in case of #PF
KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform
btrfs: flush write bio if we loop in extent_write_cache_pages
KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
drm: atmel-hlcdc: enable clock before configuring timing engine
Btrfs: fix race between adding and putting tree mod seq elements and nodes
btrfs: remove trivial locking wrappers of tree mod log
btrfs: free block groups after free'ing fs trees
btrfs: use bool argument in free_root_pointers()
Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES
Btrfs: fix assertion failure on fsync with NO_HOLES enabled
btrfs: Get rid of the confusing btrfs_file_extent_inline_len
ext4: fix deadlock allocating crypto bounce page from mempool
bonding/alb: properly access headers in bond_alb_xmit()
net: macb: Limit maximum GEM TX length in TSO
net: macb: Remove unnecessary alignment check for TSO
net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
net_sched: fix a resource leak in tcindex_set_parms()
net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port
mfd: rn5t618: Mark ADC control register volatile
mfd: da9062: Fix watchdog compatible string
ubi: Fix an error pointer dereference in error handling code
ubi: fastmap: Fix inverted logic in seen selfcheck
nfsd: fix jiffies/time_t mixup in LRU list
nfsd: fix delay timer on 32-bit architectures
IB/core: Fix ODP get user pages flow
IB/mlx5: Fix outstanding_pi index for GSI qps
net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
net: smc911x: Adjust indentation in smc911x_phy_configure
ppp: Adjust indentation into ppp_async_input
NFC: pn544: Adjust indentation in pn544_hci_check_presence
powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
ext2: Adjust indentation in ext2_fill_super
phy: qualcomm: Adjust indentation in read_poll_timeout
scsi: ufs: Recheck bkops level if bkops is disabled
scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
scsi: csiostor: Adjust indentation in csio_device_reset
scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
clk: tegra: Mark fuse clock as critical
KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks
KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c
KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
xen/balloon: Support xend-based toolstack take two
tools/kvm_stat: Fix kvm_exit filter name
sunrpc: expiry_time should be seconds not timeval
mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
iwlwifi: don't throw error when trying to remove IGTK
ARM: tegra: Enable PLLP bypass during Tegra124 LP1
btrfs: set trans->drity in btrfs_commit_transaction
NFS: Directory page cache pages need to be locked when read
NFS: Fix memory leaks and corruption in readdir
scsi: qla2xxx: Fix unbound NVME response length
crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill
crypto: api - Fix race condition in crypto_spawn_alg
crypto: atmel-aes - Fix counter overflow in CTR mode
crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
crypto: ccp - set max RSA modulus size for v3 platform devices as well
samples/bpf: Don't try to remove user's homedir on clean
ftrace: Protect ftrace_graph_hash with ftrace_sync
ftrace: Add comment to why rcu_dereference_sched() is open coded
tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu
tracing: Annotate ftrace_graph_hash pointer with __rcu
dm crypt: fix benbi IV constructor crash if used in authenticated mode
dm space map common: fix to ensure new block isn't already in use
dm zoned: support zone sizes smaller than 128MiB
of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
PM: core: Fix handling of devices deleted during system-wide resume
f2fs: code cleanup for f2fs_statfs_project()
f2fs: fix miscounted block limit in f2fs_statfs_project()
f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project()
power: supply: ltc2941-battery-gauge: fix use-after-free
scsi: qla2xxx: Fix mtcp dump collection failure
crypto: api - Check spawn->alg under lock in crypto_drop_spawn
hv_balloon: Balloon up according to request page number
ubifs: don't trigger assertion on invalid no-key filename
mmc: sdhci-of-at91: fix memleak on clk_get failure
PCI: keystone: Fix link training retries initiation
ubifs: Fix deadlock in concurrent bulk-read and writepage
ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
ubifs: Reject unsupported ioctl flags explicitly
alarmtimer: Unregister wakeup source when module get fails
ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards
mmc: spi: Toggle SPI polarity, do not hardcode it
powerpc/pseries: Advance pfn if section is not present in lmb_is_removable()
powerpc/xmon: don't access ASDR in VMs
s390/mm: fix dynamic pagetable upgrade for hugetlbfs
MIPS: fix indentation of the 'RELOCS' message
KVM: arm64: Only sign-extend MMIO up to register width
platform/x86: intel_scu_ipc: Fix interrupt support
irqdomain: Fix a memory leak in irq_domain_push_irq()
lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments
media/v4l2-core: set pages dirty upon releasing DMA buffers
ALSA: dummy: Fix PCM format loop in proc output
usb: gadget: f_ecm: Use atomic_t to track in-flight request
usb: gadget: f_ncm: Use atomic_t to track in-flight request
usb: gadget: legacy: set max_speed to super-speed
brcmfmac: Fix memory leak in brcmf_usbdev_qinit
tracing: Fix sched switch start/stop refcount racy updates
mfd: dln2: More sanity checking for endpoints
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect
rxrpc: Fix insufficient receive notification generation
tcp: clear tp->segs_{in|out} in tcp_disconnect()
tcp: clear tp->data_segs{in|out} in tcp_disconnect()
tcp: clear tp->delivered in tcp_disconnect()
tcp: clear tp->total_retrans in tcp_disconnect()
bnxt_en: Fix TC queue mapping.
net_sched: fix an OOB access in cls_tcindex
net: hsr: fix possible NULL deref in hsr_handle_frame()
l2tp: Allow duplicate session creation with UDP
gtp: use __GFP_NOWARN to avoid memalloc warning
cls_rsvp: fix rsvp_policy
sparc32: fix struct ipc64_perm type definition
iwlwifi: mvm: fix NVM check for 3168 devices
x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
media: iguanair: fix endpoint sanity check
kernel/module: Fix memleak in module_add_modinfo_attrs()
ANDROID: make memory initialization tests panic on failure
ANDROID: added memory initialization tests to cuttlefish config
UPSTREAM: lib/test_stackinit: Handle Clang auto-initialization pattern
UPSTREAM: lib: Introduce test_stackinit module
FROMLIST: rename missed uaccess .fixup section
ANDROID: cuttlefish_defconfig: enable heap and stack initialization.
ANDROID: f2fs: fix missing blk-crypto changes
ANDROID: update x86_64_cuttlefish_defconfig
BACKPORT: tracing: Remove unnecessary DEBUG_FS dependency
BACKPORT: debugfs: Fix !DEBUG_FS debugfs_create_automount
UPSTREAM: dynamic_debug: allow to work if debugfs is disabled
UPSTREAM: lib: dynamic_debug: no need to check return value of debugfs_create functions
ANDROID: f2fs: fix build error on PAGE_KERNEL_RO
ANDROID: Revert "ANDROID: gki_defconfig: removed CONFIG_PM_WAKELOCKS"
ANDROID: Set CONFIG_ANDROID_BINDERFS=y
ANDROID: dm: prevent default-key from being enabled without needed hooks
ANDROID: cf: disable virtio crypto
ANDROID: Incremental fs: Fix initialization, use of bitfields
ANDROID: cuttlefish_defconfig: enable dm-default-key
ANDROID: dm: add dm-default-key target for metadata encryption
ANDROID: dm: enable may_passthrough_inline_crypto on some targets
ANDROID: dm: add support for passing through inline crypto support
ANDROID: block: Introduce passthrough keyslot manager
ANDROID: ext4, f2fs: enable direct I/O with inline encryption
BACKPORT: FROMLIST: scsi: ufs: add program_key() variant op
ANDROID: block: export symbols needed for modules to use inline crypto
ANDROID: block: fix some inline crypto bugs
ANDROID: fscrypt: add support for hardware-wrapped keys
ANDROID: block: add KSM op to derive software secret from wrapped key
ANDROID: block: provide key size as input to inline crypto APIs
ANDROID: ufshcd-crypto: export cap find API
ANDROID: scsi: ufs-qcom: Enable BROKEN_CRYPTO quirk flag
ANDROID: scsi: ufs: Add quirk bit for controllers that don't play well with inline crypto
ANDROID: cuttlefish_defconfig: Enable blk-crypto fallback
BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series
ANDROID: scsi: ufs: UFS init should not require inline crypto
ANDROID: scsi: ufs: UFS crypto variant operations API
ANDROID: cuttlefish_defconfig: enable inline encryption
BACKPORT: FROMLIST: ext4: add inline encryption support
BACKPORT: FROMLIST: f2fs: add inline encryption support
BACKPORT: FROMLIST: fscrypt: add inline encryption support
BACKPORT: FROMLIST: scsi: ufs: Add inline encryption support to UFS
BACKPORT: FROMLIST: scsi: ufs: UFS crypto API
BACKPORT: FROMLIST: scsi: ufs: UFS driver v2.1 spec crypto additions
BACKPORT: FROMLIST: block: blk-crypto for Inline Encryption
ANDROID: block: Fix bio_crypt_should_process WARN_ON
BACKPORT: FROMLIST: block: Add encryption context to struct bio
BACKPORT: FROMLIST: block: Keyslot Manager for Inline Encryption
BACKPORT: atomic: Add irqsave variant of atomic_dec_and_lock()
ANDROID: Incremental fs: Fix crash on failed lookup
ANDROID: Incremental fs: Make files writeable
ANDROID: Incremental fs: Remove C++-style comments
f2fs: fix race conditions in ->d_compare() and ->d_hash()
f2fs: fix dcache lookup of !casefolded directories
f2fs: Add f2fs stats to sysfs
f2fs: delete duplicate information on sysfs nodes
f2fs: change to use rwsem for gc_mutex
f2fs: update f2fs document regarding to fsync_mode
f2fs: add a way to turn off ipu bio cache
f2fs: code cleanup for f2fs_statfs_project()
f2fs: fix miscounted block limit in f2fs_statfs_project()
f2fs: show the CP_PAUSE reason in checkpoint traces
f2fs: fix deadlock allocating bio_post_read_ctx from mempool
f2fs: remove unneeded check for error allocating bio_post_read_ctx
f2fs: convert inline_dir early before starting rename
f2fs: fix memleak of kobject
f2fs: fix to add swap extent correctly
mm: export add_swap_extent()
f2fs: run fsck when getting bad inode during GC
f2fs: support data compression
f2fs: free sysfs kobject
f2fs: declare nested quota_sem and remove unnecessary sems
mm: kvmalloc does not fallback to vmalloc for incompatible gfp flags
f2fs: don't put new_page twice in f2fs_rename
f2fs: set I_LINKABLE early to avoid wrong access by vfs
f2fs: don't keep META_MAPPING pages used for moving verity file blocks
f2fs: introduce private bioset
f2fs: cleanup duplicate stats for atomic files
f2fs: set GFP_NOFS when moving inline dentries
f2fs: should avoid recursive filesystem ops
f2fs: keep quota data on write_begin failure
f2fs: call f2fs_balance_fs outside of locked page
f2fs: preallocate DIO blocks when forcing buffered_io
Conflicts:
arch/arm64/configs/cuttlefish_defconfig
drivers/of/Kconfig
drivers/scsi/ufs/ufshcd.c
fs/ext4/page-io.c
fs/f2fs/data.c
kernel/time/alarmtimer.c
Fixed build error:
fs/f2fs/super.c
Change-Id: Icab37412960fb921b699c0c896c58e3d12db741a
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
|
||
|
Eric Biggers
|
3dcb4bdce9 |
ubifs: wire up FS_IOC_GET_ENCRYPTION_NONCE
This new ioctl retrieves a file's encryption nonce, which is useful for testing. See the corresponding fs/crypto/ patch for more details. Link: https://lore.kernel.org/r/20200314205052.93294-5-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
Blagovest Kolenichev
|
8ad87c80a2 |
Merge android-4.14.151 (2bb70f4) into msm-4.14
* refs/heads/tmp-2bb70f4:
ANDROID: virtio: virtio_input: Set the amount of multitouch slots in virtio input
ANDROID: dummy_cpufreq: Implement get()
rtlwifi: Fix potential overflow on P2P code
ANDROID: cpufreq: create dummy cpufreq driver
ANDROID: Allow DRM_IOCTL_MODE_*_DUMB for render clients.
ANDROID: sdcardfs: evict dentries on fscrypt key removal
ANDROID: fscrypt: add key removal notifier chain
ANDROID: Move from clang r353983c to r365631c
ANDROID: move up spin_unlock_bh() ahead of remove_proc_entry()
BACKPORT: arm64: tags: Preserve tags for addresses translated via TTBR1
UPSTREAM: arm64: memory: Implement __tag_set() as common function
UPSTREAM: arm64/mm: fix variable 'tag' set but not used
UPSTREAM: arm64: avoid clang warning about self-assignment
ANDROID: refactor build.config files to remove duplication
UPSTREAM: mm: vmalloc: show number of vmalloc pages in /proc/meminfo
BACKPORT: PM/sleep: Expose suspend stats in sysfs
UPSTREAM: power: supply: Init device wakeup after device_add()
UPSTREAM: PM / wakeup: Unexport wakeup_source_sysfs_{add,remove}()
UPSTREAM: PM / wakeup: Register wakeup class kobj after device is added
BACKPORT: PM / wakeup: Fix sysfs registration error path
BACKPORT: PM / wakeup: Show wakeup sources stats in sysfs
UPSTREAM: PM / wakeup: Print warn if device gets enabled as wakeup source during sleep
UPSTREAM: PM / wakeup: Use wakeup_source_register() in wakelock.c
UPSTREAM: PM / wakeup: Only update last time for active wakeup sources
UPSTREAM: PM / core: Add support to skip power management in device/driver model
cuttlefish-4.14: Enable CONFIG_DM_SNAPSHOT
ANDROID: cuttlefish_defconfig: Enable BPF_JIT and BPF_JIT_ALWAYS_ON
UPSTREAM: netfilter: xt_IDLETIMER: fix sysfs callback function type
UPSTREAM: mm: untag user pointers in mmap/munmap/mremap/brk
UPSTREAM: vfio/type1: untag user pointers in vaddr_get_pfn
UPSTREAM: media/v4l2-core: untag user pointers in videobuf_dma_contig_user_get
UPSTREAM: drm/radeon: untag user pointers in radeon_gem_userptr_ioctl
BACKPORT: drm/amdgpu: untag user pointers
UPSTREAM: userfaultfd: untag user pointers
UPSTREAM: fs/namespace: untag user pointers in copy_mount_options
UPSTREAM: mm: untag user pointers in get_vaddr_frames
UPSTREAM: mm: untag user pointers in mm/gup.c
BACKPORT: mm: untag user pointers passed to memory syscalls
BACKPORT: lib: untag user pointers in strn*_user
UPSTREAM: arm64: Fix reference to docs for ARM64_TAGGED_ADDR_ABI
UPSTREAM: selftests, arm64: add kernel headers path for tags_test
BACKPORT: arm64: Relax Documentation/arm64/tagged-pointers.rst
UPSTREAM: arm64: Define Documentation/arm64/tagged-address-abi.rst
UPSTREAM: arm64: Change the tagged_addr sysctl control semantics to only prevent the opt-in
UPSTREAM: arm64: Tighten the PR_{SET, GET}_TAGGED_ADDR_CTRL prctl() unused arguments
UPSTREAM: selftests, arm64: fix uninitialized symbol in tags_test.c
UPSTREAM: arm64: mm: Really fix sparse warning in untagged_addr()
UPSTREAM: selftests, arm64: add a selftest for passing tagged pointers to kernel
BACKPORT: arm64: Introduce prctl() options to control the tagged user addresses ABI
UPSTREAM: thread_info: Add update_thread_flag() helpers
UPSTREAM: arm64: untag user pointers in access_ok and __uaccess_mask_ptr
UPSTREAM: uaccess: add noop untagged_addr definition
BACKPORT: block: annotate refault stalls from IO submission
ext4: add verity flag check for dax
ANDROID: usb: gadget: Fix dependency for f_accessory
ANDROID: sched: fair: balance for single core cluster
UPSTREAM: mm/kasan: fix false positive invalid-free reports with CONFIG_KASAN_SW_TAGS=y
f2fs: add a condition to detect overflow in f2fs_ioc_gc_range()
f2fs: fix to add missing F2FS_IO_ALIGNED() condition
f2fs: fix to fallback to buffered IO in IO aligned mode
f2fs: fix to handle error path correctly in f2fs_map_blocks
f2fs: fix extent corrupotion during directIO in LFS mode
f2fs: check all the data segments against all node ones
f2fs: Add a small clarification to CONFIG_FS_F2FS_FS_SECURITY
f2fs: fix inode rwsem regression
f2fs: fix to avoid accessing uninitialized field of inode page in is_alive()
f2fs: avoid infinite GC loop due to stale atomic files
f2fs: Fix indefinite loop in f2fs_gc()
f2fs: convert inline_data in prior to i_size_write
f2fs: fix error path of f2fs_convert_inline_page()
f2fs: add missing documents of reserve_root/resuid/resgid
f2fs: fix flushing node pages when checkpoint is disabled
f2fs: enhance f2fs_is_checkpoint_ready()'s readability
f2fs: clean up __bio_alloc()'s parameter
f2fs: fix wrong error injection path in inc_valid_block_count()
f2fs: fix to writeout dirty inode during node flush
f2fs: optimize case-insensitive lookups
f2fs: introduce f2fs_match_name() for cleanup
f2fs: Fix indefinite loop in f2fs_gc()
f2fs: allocate memory in batch in build_sit_info()
f2fs: fix to avoid data corruption by forbidding SSR overwrite
f2fs: Fix build error while CONFIG_NLS=m
Revert "f2fs: avoid out-of-range memory access"
f2fs: cleanup the code in build_sit_entries.
f2fs: fix wrong available node count calculation
f2fs: remove duplicate code in f2fs_file_write_iter
f2fs: fix to migrate blocks correctly during defragment
f2fs: use wrapped f2fs_cp_error()
f2fs: fix to use more generic EOPNOTSUPP
f2fs: use wrapped IS_SWAPFILE()
f2fs: Support case-insensitive file name lookups
f2fs: include charset encoding information in the superblock
fs: Reserve flag for casefolding
f2fs: fix to avoid call kvfree under spinlock
fs: f2fs: Remove unnecessary checks of SM_I(sbi) in update_general_status()
f2fs: disallow direct IO in atomic write
f2fs: fix to handle quota_{on,off} correctly
f2fs: fix to detect cp error in f2fs_setxattr()
f2fs: fix to spread f2fs_is_checkpoint_ready()
f2fs: support fiemap() for directory inode
f2fs: fix to avoid discard command leak
f2fs: fix to avoid tagging SBI_QUOTA_NEED_REPAIR incorrectly
f2fs: fix to drop meta/node pages during umount
f2fs: disallow switching io_bits option during remount
f2fs: fix panic of IO alignment feature
f2fs: introduce {page,io}_is_mergeable() for readability
f2fs: fix livelock in swapfile writes
f2fs: add fs-verity support
ext4: update on-disk format documentation for fs-verity
ext4: add fs-verity read support
ext4: add basic fs-verity support
fs-verity: support builtin file signatures
fs-verity: add SHA-512 support
fs-verity: implement FS_IOC_MEASURE_VERITY ioctl
fs-verity: implement FS_IOC_ENABLE_VERITY ioctl
fs-verity: add data verification hooks for ->readpages()
fs-verity: add the hook for file ->setattr()
fs-verity: add the hook for file ->open()
fs-verity: add inode and superblock fields
fs-verity: add Kconfig and the helper functions for hashing
fs: uapi: define verity bit for FS_IOC_GETFLAGS
fs-verity: add UAPI header
fs-verity: add MAINTAINERS file entry
fs-verity: add a documentation file
ext4: fix kernel oops caused by spurious casefold flag
ext4: fix coverity warning on error path of filename setup
ext4: optimize case-insensitive lookups
ext4: fix dcache lookup of !casefolded directories
unicode: update to Unicode 12.1.0 final
unicode: add missing check for an error return from utf8lookup()
ext4: export /sys/fs/ext4/feature/casefold if Unicode support is present
unicode: refactor the rule for regenerating utf8data.h
ext4: Support case-insensitive file name lookups
ext4: include charset encoding information in the superblock
unicode: update unicode database unicode version 12.1.0
unicode: introduce test module for normalized utf8 implementation
unicode: implement higher level API for string handling
unicode: reduce the size of utf8data[]
unicode: introduce code for UTF-8 normalization
unicode: introduce UTF-8 character database
ext4 crypto: fix to check feature status before get policy
fscrypt: document the new ioctls and policy version
ubifs: wire up new fscrypt ioctls
f2fs: wire up new fscrypt ioctls
ext4: wire up new fscrypt ioctls
fscrypt: require that key be added when setting a v2 encryption policy
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl
fscrypt: allow unprivileged users to add/remove keys for v2 policies
fscrypt: v2 encryption policy support
fscrypt: add an HKDF-SHA512 implementation
fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl
fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
fscrypt: rename keyinfo.c to keysetup.c
fscrypt: move v1 policy key setup to keysetup_v1.c
fscrypt: refactor key setup code in preparation for v2 policies
fscrypt: rename fscrypt_master_key to fscrypt_direct_key
fscrypt: add ->ci_inode to fscrypt_info
fscrypt: use FSCRYPT_* definitions, not FS_*
fscrypt: use FSCRYPT_ prefix for uapi constants
fs, fscrypt: move uapi definitions to new header <linux/fscrypt.h>
fscrypt: use ENOPKG when crypto API support missing
fscrypt: improve warnings for missing crypto API support
fscrypt: improve warning messages for unsupported encryption contexts
fscrypt: make fscrypt_msg() take inode instead of super_block
fscrypt: clean up base64 encoding/decoding
fscrypt: remove loadable module related code
ANDROID: arm64: bpf: implement arch_bpf_jit_check_func
ANDROID: bpf: validate bpf_func when BPF_JIT is enabled with CFI
UPSTREAM: kcm: use BPF_PROG_RUN
UPSTREAM: psi: get poll_work to run when calling poll syscall next time
UPSTREAM: sched/psi: Do not require setsched permission from the trigger creator
UPSTREAM: sched/psi: Reduce psimon FIFO priority
BACKPORT: arm64: Add support for relocating the kernel with RELR relocations
ANDROID: Log which device failed to suspend in dpm_suspend_start()
ANDROID: Revert "ANDROID: sched: Disallow WALT with CFS bandwidth control"
ANDROID: sched: WALT: Add support for CFS_BANDWIDTH
ANDROID: sched: WALT: Refactor cumulative runnable average fixup
ANDROID: sched: Disallow WALT with CFS bandwidth control
fscrypt: document testing with xfstests
fscrypt: remove selection of CONFIG_CRYPTO_SHA256
fscrypt: remove unnecessary includes of ratelimit.h
fscrypt: don't set policy for a dead directory
fscrypt: decrypt only the needed blocks in __fscrypt_decrypt_bio()
fscrypt: support decrypting multiple filesystem blocks per page
fscrypt: introduce fscrypt_decrypt_block_inplace()
fscrypt: handle blocksize < PAGE_SIZE in fscrypt_zeroout_range()
fscrypt: support encrypting multiple filesystem blocks per page
fscrypt: introduce fscrypt_encrypt_block_inplace()
fscrypt: clean up some BUG_ON()s in block encryption/decryption
fscrypt: rename fscrypt_do_page_crypto() to fscrypt_crypt_block()
fscrypt: remove the "write" part of struct fscrypt_ctx
fscrypt: simplify bounce page handling
ANDROID: fiq_debugger: remove
UPSTREAM: lib/test_meminit.c: use GFP_ATOMIC in RCU critical section
UPSTREAM: mm: slub: Fix slab walking for init_on_free
UPSTREAM: lib/test_meminit.c: minor test fixes
UPSTREAM: lib/test_meminit.c: fix -Wmaybe-uninitialized false positive
UPSTREAM: lib: introduce test_meminit module
UPSTREAM: mm: init: report memory auto-initialization features at boot time
BACKPORT: mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options
UPSTREAM: arm64: move jump_label_init() before parse_early_param()
ANDROID: Add a tracepoint for mapping inode to full path
BACKPORT: arch: add pidfd and io_uring syscalls everywhere
UPSTREAM: dma-buf: add show_fdinfo handler
UPSTREAM: dma-buf: add DMA_BUF_SET_NAME ioctls
BACKPORT: dma-buf: give each buffer a full-fledged inode
ANDROID: fix kernelci build-break
UPSTREAM: drm/virtio: Fix cache entry creation race.
UPSTREAM: drm/virtio: Wake up all waiters when capset response comes in.
UPSTREAM: drm/virtio: Ensure cached capset entries are valid before copying.
UPSTREAM: drm/virtio: use u64_to_user_ptr macro
UPSTREAM: drm/virtio: remove irrelevant DRM_UNLOCKED flag
UPSTREAM: drm/virtio: Remove redundant return type
UPSTREAM: drm/virtio: allocate fences with GFP_KERNEL
UPSTREAM: drm/virtio: add trace events for commands
UPSTREAM: drm/virtio: trace drm_fence_emit
BACKPORT: drm/virtio: set seqno for dma-fence
BACKPORT: drm/virtio: move drm_connector_update_edid_property() call
UPSTREAM: drm/virtio: add missing drm_atomic_helper_shutdown() call.
BACKPORT: drm/virtio: rework resource creation workflow.
UPSTREAM: drm/virtio: params struct for virtio_gpu_cmd_create_resource_3d()
BACKPORT: drm/virtio: params struct for virtio_gpu_cmd_create_resource()
BACKPORT: drm/virtio: use struct to pass params to virtio_gpu_object_create()
UPSTREAM: drm/virtio: add virtio-gpu-features debugfs file.
UPSTREAM: drm/virtio: remove set but not used variable 'vgdev'
BACKPORT: drm/virtio: implement prime export
UPSTREAM: drm/virtio: remove prime pin/unpin callbacks.
UPSTREAM: drm/virtio: implement prime mmap
UPSTREAM: drm/virtio: drop virtio_gpu_fence_cleanup()
UPSTREAM: drm/virtio: fix pageflip flush
UPSTREAM: drm/virtio: log error responses
UPSTREAM: drm/virtio: Add missing virtqueue reset
UPSTREAM: drm/virtio: Remove incorrect kfree()
UPSTREAM: drm/virtio: virtio_gpu_cmd_resource_create_3d: drop unused fence arg
UPSTREAM: drm/virtio: fence: pass plain pointer
BACKPORT: drm/virtio: add edid support
UPSTREAM: virtio-gpu: add VIRTIO_GPU_F_EDID feature
BACKPORT: drm/virtio: fix memory leak of vfpriv on error return path
UPSTREAM: drm/virtio: bump driver version after explicit synchronization addition
UPSTREAM: drm/virtio: add in/out fence support for explicit synchronization
UPSTREAM: drm/virtio: add uapi for in and out explicit fences
UPSTREAM: drm/virtio: add virtio_gpu_alloc_fence()
UPSTREAM: drm/virtio: Handle error from virtio_gpu_resource_id_get
UPSTREAM: gpu/drm/virtio/virtgpu_vq.c: Use kmem_cache_zalloc
UPSTREAM: drm/virtio: fix resource id handling
UPSTREAM: drm/virtio: drop resource_id argument.
UPSTREAM: drm/virtio: use virtio_gpu_object->hw_res_handle in virtio_gpu_resource_create_ioctl()
UPSTREAM: drm/virtio: use virtio_gpu_object->hw_res_handle in virtio_gpu_mode_dumb_create()
UPSTREAM: drm/virtio: use virtio_gpu_object->hw_res_handle in virtio_gpufb_create()
BACKPORT: drm/virtio: track created object state
UPSTREAM: drm/virtio: document drm_dev_set_unique workaround
UPSTREAM: virtio: Support prime objects vmap/vunmap
UPSTREAM: virtio: Rework virtio_gpu_object_kmap()
UPSTREAM: virtio: Add virtio_gpu_object_kunmap()
UPSTREAM: drm/virtio: pass virtio_gpu_object to virtio_gpu_cmd_transfer_to_host_{2d, 3d}
UPSTREAM: drm/virtio: add dma sync for dma mapped virtio gpu framebuffer pages
UPSTREAM: drm/virtio: Remove set but not used variable 'bo'
UPSTREAM: drm/virtio: add iommu support.
UPSTREAM: drm/virtio: add virtio_gpu_object_detach() function
UPSTREAM: drm/virtio: track virtual output state
UPSTREAM: drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset()
UPSTREAM: gpu: drm: virtio: code cleanup
UPSTREAM: drm/virtio: Place GEM BOs in drm_framebuffer
UPSTREAM: drm/virtio: fix mode_valid's return type
UPSTREAM: drm/virtio: Add spaces around operators
UPSTREAM: drm/virtio: Remove multiple blank lines
UPSTREAM: drm/virtio: Replace 'unsigned' for 'unsigned int'
UPSTREAM: drm/virtio: Remove return from void function
UPSTREAM: drm/virtio: Add */ in block comments to separate line
UPSTREAM: drm/virtio: Add blank line after variable declarations
UPSTREAM: drm/virtio: Add tabs at the start of a line
UPSTREAM: drm/virtio: Don't return invalid caps on timeout
UPSTREAM: virtgpu: remove redundant task_comm copying
UPSTREAM: drm/virtio: add create_handle support.
UPSTREAM: drm: virtio: replace reference/unreference with get/put
UPSTREAM: drm/virtio: Replace instances of reference/unreference with get/put
UPSTREAM: drm: byteorder: add DRM_FORMAT_HOST_*
UPSTREAM: drm: add drm_connector_attach_edid_property()
BACKPORT: drm/prime: Add drm_gem_prime_mmap()
f2fs: fix build error on android tracepoints
ANDROID: cuttlefish_defconfig: Enable CAN/VCAN
UPSTREAM: pidfd: fix a poll race when setting exit_state
BACKPORT: arch: wire-up pidfd_open()
BACKPORT: pid: add pidfd_open()
UPSTREAM: pidfd: add polling support
UPSTREAM: signal: improve comments
UPSTREAM: fork: do not release lock that wasn't taken
BACKPORT: signal: support CLONE_PIDFD with pidfd_send_signal
BACKPORT: clone: add CLONE_PIDFD
UPSTREAM: Make anon_inodes unconditional
UPSTREAM: signal: use fdget() since we don't allow O_PATH
UPSTREAM: signal: don't silently convert SI_USER signals to non-current pidfd
BACKPORT: signal: add pidfd_send_signal() syscall
UPSTREAM: net-ipv6-ndisc: add support for RFC7710 RA Captive Portal Identifier
ANDROID: fix up 9p filesystem due to CFI non-upstream patches
f2fs: use EINVAL for superblock with invalid magic
f2fs: fix to read source block before invalidating it
f2fs: remove redundant check from f2fs_setflags_common()
f2fs: use generic checking function for FS_IOC_FSSETXATTR
f2fs: use generic checking and prep function for FS_IOC_SETFLAGS
ubifs, fscrypt: cache decrypted symlink target in ->i_link
vfs: use READ_ONCE() to access ->i_link
fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory
ANDROID: (arm64) cuttlefish_defconfig: enable CONFIG_CPU_FREQ_TIMES
ANDROID: xfrm: remove in_compat_syscall() checks
ANDROID: enable CONFIG_RTC_DRV_TEST on cuttlefish
UPSTREAM: binder: Set end of SG buffer area properly.
ANDROID: x86_64_cuttlefish_defconfig: enable CONFIG_CPU_FREQ_TIMES
ANDROID: f2fs: add android fsync tracepoint
ANDROID: f2fs: fix wrong android tracepoint
fscrypt: cache decrypted symlink target in ->i_link
fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext
fscrypt: only set dentry_operations on ciphertext dentries
fscrypt: fix race allowing rename() and link() of ciphertext dentries
fscrypt: clean up and improve dentry revalidation
fscrypt: use READ_ONCE() to access ->i_crypt_info
fscrypt: remove WARN_ON_ONCE() when decryption fails
fscrypt: drop inode argument from fscrypt_get_ctx()
f2fs: improve print log in f2fs_sanity_check_ckpt()
f2fs: avoid out-of-range memory access
f2fs: fix to avoid long latency during umount
f2fs: allow all the users to pin a file
f2fs: support swap file w/ DIO
f2fs: allocate blocks for pinned file
f2fs: fix is_idle() check for discard type
f2fs: add a rw_sem to cover quota flag changes
f2fs: set SBI_NEED_FSCK for xattr corruption case
f2fs: use generic EFSBADCRC/EFSCORRUPTED
f2fs: Use DIV_ROUND_UP() instead of open-coding
f2fs: print kernel message if filesystem is inconsistent
f2fs: introduce f2fs_<level> macros to wrap f2fs_printk()
f2fs: avoid get_valid_blocks() for cleanup
f2fs: ioctl for removing a range from F2FS
f2fs: only set project inherit bit for directory
f2fs: separate f2fs i_flags from fs_flags and ext4 i_flags
UPSTREAM: kasan: initialize tag to 0xff in __kasan_kmalloc
UPSTREAM: x86/boot: Provide KASAN compatible aliases for string routines
UPSTREAM: mm/kasan: Remove the ULONG_MAX stack trace hackery
UPSTREAM: x86/uaccess, kasan: Fix KASAN vs SMAP
UPSTREAM: x86/uaccess: Introduce user_access_{save,restore}()
UPSTREAM: kasan: fix variable 'tag' set but not used warning
UPSTREAM: Revert "x86_64: Increase stack size for KASAN_EXTRA"
UPSTREAM: kasan: fix coccinelle warnings in kasan_p*_table
UPSTREAM: kasan: fix kasan_check_read/write definitions
BACKPORT: kasan: remove use after scope bugs detection.
BACKPORT: kasan: turn off asan-stack for clang-8 and earlier
UPSTREAM: slub: fix a crash with SLUB_DEBUG + KASAN_SW_TAGS
UPSTREAM: kasan, slab: remove redundant kasan_slab_alloc hooks
UPSTREAM: kasan, slab: make freelist stored without tags
UPSTREAM: kasan, slab: fix conflicts with CONFIG_HARDENED_USERCOPY
UPSTREAM: kasan: prevent tracing of tags.c
UPSTREAM: kasan: fix random seed generation for tag-based mode
UPSTREAM: slub: fix SLAB_CONSISTENCY_CHECKS + KASAN_SW_TAGS
UPSTREAM: kasan, slub: fix more conflicts with CONFIG_SLAB_FREELIST_HARDENED
UPSTREAM: kasan, slub: fix conflicts with CONFIG_SLAB_FREELIST_HARDENED
UPSTREAM: kasan, slub: move kasan_poison_slab hook before page_address
UPSTREAM: kasan, kmemleak: pass tagged pointers to kmemleak
UPSTREAM: kasan: fix assigning tags twice
UPSTREAM: kasan: mark file common so ftrace doesn't trace it
UPSTREAM: kasan, arm64: remove redundant ARCH_SLAB_MINALIGN define
UPSTREAM: kasan: fix krealloc handling for tag-based mode
UPSTREAM: kasan: make tag based mode work with CONFIG_HARDENED_USERCOPY
UPSTREAM: kasan, arm64: use ARCH_SLAB_MINALIGN instead of manual aligning
BACKPORT: mm/memblock.c: skip kmemleak for kasan_init()
UPSTREAM: kasan: add SPDX-License-Identifier mark to source files
BACKPORT: kasan: update documentation
UPSTREAM: kasan, arm64: select HAVE_ARCH_KASAN_SW_TAGS
UPSTREAM: kasan: add __must_check annotations to kasan hooks
BACKPORT: kasan, mm, arm64: tag non slab memory allocated via pagealloc
UPSTREAM: kasan, arm64: add brk handler for inline instrumentation
UPSTREAM: kasan: add hooks implementation for tag-based mode
UPSTREAM: mm: move obj_to_index to include/linux/slab_def.h
UPSTREAM: kasan: add bug reporting routines for tag-based mode
UPSTREAM: kasan: split out generic_report.c from report.c
UPSTREAM: kasan, mm: perform untagged pointers comparison in krealloc
BACKPORT: kasan, arm64: enable top byte ignore for the kernel
BACKPORT: kasan, arm64: fix up fault handling logic
UPSTREAM: kasan: preassign tags to objects with ctors or SLAB_TYPESAFE_BY_RCU
UPSTREAM: kasan, arm64: untag address in _virt_addr_is_linear
UPSTREAM: kasan: add tag related helper functions
BACKPORT: arm64: move untagged_addr macro from uaccess.h to memory.h
BACKPORT: kasan: initialize shadow to 0xff for tag-based mode
BACKPORT: kasan: rename kasan_zero_page to kasan_early_shadow_page
BACKPORT: kasan, arm64: adjust shadow size for tag-based mode
BACKPORT: kasan: add CONFIG_KASAN_GENERIC and CONFIG_KASAN_SW_TAGS
UPSTREAM: kasan: rename source files to reflect the new naming scheme
BACKPORT: kasan: move common generic and tag-based code to common.c
UPSTREAM: kasan, slub: handle pointer tags in early_kmem_cache_node_alloc
UPSTREAM: kasan, mm: change hooks signatures
UPSTREAM: arm64: add EXPORT_SYMBOL_NOKASAN()
BACKPORT: compiler: remove __no_sanitize_address_or_inline again
UPSTREAM: mm/kasan/quarantine.c: make quarantine_lock a raw_spinlock_t
UPSTREAM: lib/test_kasan.c: add tests for several string/memory API functions
UPSTREAM: arm64: lib: use C string functions with KASAN enabled
UPSTREAM: compiler: introduce __no_sanitize_address_or_inline
UPSTREAM: arm64: Fix typo in a comment in arch/arm64/mm/kasan_init.c
BACKPORT: kernel/memremap, kasan: make ZONE_DEVICE with work with KASAN
BACKPORT: mm/mempool.c: remove unused argument in kasan_unpoison_element() and remove_element()
UPSTREAM: kasan: only select SLUB_DEBUG with SYSFS=y
UPSTREAM: kasan: depend on CONFIG_SLUB_DEBUG
UPSTREAM: KASAN: prohibit KASAN+STRUCTLEAK combination
UPSTREAM: arm64: kasan: avoid pfn_to_nid() before page array is initialized
UPSTREAM: kasan: fix invalid-free test crashing the kernel
UPSTREAM: kasan, slub: fix handling of kasan_slab_free hook
UPSTREAM: slab, slub: skip unnecessary kasan_cache_shutdown()
BACKPORT: kasan: make kasan_cache_create() work with 32-bit slab cache sizes
UPSTREAM: locking/atomics: Instrument cmpxchg_double*()
UPSTREAM: locking/atomics: Instrument xchg()
UPSTREAM: locking/atomics: Simplify cmpxchg() instrumentation
UPSTREAM: locking/atomics/x86: Reduce arch_cmpxchg64*() instrumentation
UPSTREAM: locking/atomic, asm-generic, x86: Add comments for atomic instrumentation
UPSTREAM: locking/atomic, asm-generic: Add KASAN instrumentation to atomic operations
UPSTREAM: locking/atomic/x86: Switch atomic.h to use atomic-instrumented.h
UPSTREAM: locking/atomic, asm-generic: Add asm-generic/atomic-instrumented.h
BACKPORT: kasan, arm64: clean up KASAN_SHADOW_SCALE_SHIFT usage
UPSTREAM: kasan: clean up KASAN_SHADOW_SCALE_SHIFT usage
UPSTREAM: kasan: fix prototype author email address
UPSTREAM: kasan: detect invalid frees
UPSTREAM: kasan: unify code between kasan_slab_free() and kasan_poison_kfree()
UPSTREAM: kasan: detect invalid frees for large mempool objects
UPSTREAM: kasan: don't use __builtin_return_address(1)
UPSTREAM: kasan: detect invalid frees for large objects
UPSTREAM: kasan: add functions for unpoisoning stack variables
UPSTREAM: kasan: add tests for alloca poisoning
UPSTREAM: kasan: support alloca() poisoning
UPSTREAM: kasan/Makefile: support LLVM style asan parameters
BACKPORT: kasan: add compiler support for clang
BACKPORT: fs: dcache: Revert "manually unpoison dname after allocation to shut up kasan's reports"
UPSTREAM: fs/dcache: Use read_word_at_a_time() in dentry_string_cmp()
UPSTREAM: lib/strscpy: Shut up KASAN false-positives in strscpy()
UPSTREAM: compiler.h: Add read_word_at_a_time() function.
UPSTREAM: compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
UPSTREAM: arm64/mm/kasan: don't use vmemmap_populate() to initialize shadow
UPSTREAM: Documentation/features/KASAN: mark KASAN as supported only on 64-bit on x86
f2fs: Add option to limit required GC for checkpoint=disable
f2fs: Fix accounting for unusable blocks
f2fs: Fix root reserved on remount
f2fs: Lower threshold for disable_cp_again
f2fs: fix sparse warning
f2fs: fix f2fs_show_options to show nodiscard mount option
f2fs: add error prints for debugging mount failure
f2fs: fix to do sanity check on segment bitmap of LFS curseg
f2fs: add missing sysfs entries in documentation
f2fs: fix to avoid deadloop if data_flush is on
f2fs: always assume that the device is idle under gc_urgent
f2fs: add bio cache for IPU
f2fs: allow ssr block allocation during checkpoint=disable period
f2fs: fix to check layout on last valid checkpoint park
Conflicts:
arch/arm64/configs/cuttlefish_defconfig
arch/arm64/include/asm/memory.h
arch/arm64/include/asm/thread_info.h
arch/x86/configs/x86_64_cuttlefish_defconfig
build.config.common
drivers/dma-buf/dma-buf.c
fs/crypto/Makefile
fs/crypto/bio.c
fs/crypto/fscrypt_private.h
fs/crypto/keyinfo.c
fs/ext4/page-io.c
fs/f2fs/data.c
fs/f2fs/f2fs.h
fs/f2fs/inode.c
fs/f2fs/segment.c
fs/userfaultfd.c
include/linux/dma-buf.h
include/linux/fscrypt.h
include/linux/kasan.h
include/linux/platform_data/ds2482.h
include/uapi/linux/fs.h
kernel/sched/deadline.c
kernel/sched/fair.c
kernel/sched/rt.c
kernel/sched/sched.h
kernel/sched/stop_task.c
kernel/sched/walt.c
kernel/sched/walt.h
lib/test_kasan.c
mm/kasan/common.c
mm/kasan/kasan.h
mm/kasan/report.c
mm/slub.c
mm/vmalloc.c
scripts/Makefile.kasan
Changed below files to fix build errors:
drivers/char/diag/diagchar_core.c
drivers/power/supply/qcom/battery.c
drivers/power/supply/qcom/smb1390-charger-psy.c
drivers/power/supply/qcom/smb1390-charger.c
drivers/power/supply/qcom/step-chg-jeita.c
fs/crypto/fscrypt_ice.c
fs/crypto/fscrypt_private.h
fs/f2fs/inode.c
include/uapi/linux/fscrypt.h
net/qrtr/qrtr.c
gen_headers_arm.bp
gen_headers_arm64.bp
Extra added fixes in fs/f2fs/data.c for FBE:
* Fix FBE regression with 9937c21ce1 ("f2fs: add bio cache
for IPU"). The above commit is not setting the DUN for
bio, due to which the bio's could get corrupted when FBE
is enabled.
* The f2fs_merge_page_bio() incorrectly uses the bio after
it is submitted for IO when fscrypt_mergeable_bio()
returns false. Fix it by making the submitted bio NULL
so that a new bio gets allocated for the next/new page.
Ignored the below scheduler patches as they are already present:
ANDROID: sched: WALT: Add support for CFS_BANDWIDTH
ANDROID: sched: WALT: Refactor cumulative runnable average fixup
picked below patches from 4.14.159 and 4.14.172 versions to fix issues
0e39aa9d5 "UPSTREAM: arm64: Validate tagged addresses in access_ok() called from kernel threads"
352902650 "fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY"
Change-Id: I205b796ee125fa6e9d27fa30f881e4e8fe8bea29
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Eric Biggers
|
c57952b019 |
UPSTREAM: ubifs: wire up FS_IOC_GET_ENCRYPTION_NONCE
This new ioctl retrieves a file's encryption nonce, which is useful for testing. See the corresponding fs/crypto/ patch for more details. Link: https://lore.kernel.org/r/20200314205052.93294-5-ebiggers@kernel.org Change-Id: I8f15e873b41e036bc039119a579beac1b78f937b Bug: 151100202 (cherry picked from commit 861261f2a9cc488c845fc214d9035f7a11094591) Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Daniel Rosenberg
|
207be96aba |
FROMLIST: fscrypt: Have filesystems handle their d_ops
This shifts the responsibility of setting up dentry operations from fscrypt to the individual filesystems, allowing them to have their own operations while still setting fscrypt's d_revalidate as appropriate. Also added helper function to libfs to unify ext4 and f2fs implementations. Signed-off-by: Daniel Rosenberg <drosen@google.com> Test: Boots, /data/media is case insensitive Bug: 138322712 Link: https://lore.kernel.org/linux-f2fs-devel/20200208013552.241832-1-drosen@google.com/T/#t Change-Id: Iaf77f8c5961ecf22e22478701ab0b7fe2025225d |
||
|
Eric Biggers
|
7c80641242 |
Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-4.14.y' into android-4.14
* aosp/upstream-f2fs-stable-linux-4.14.y:
fs-verity: use u64_to_user_ptr()
fs-verity: use mempool for hash requests
fs-verity: implement readahead of Merkle tree pages
ext4: readpages() should submit IO as read-ahead
fs-verity: implement readahead for FS_IOC_ENABLE_VERITY
fscrypt: improve format of no-key names
ubifs: allow both hash and disk name to be provided in no-key names
ubifs: don't trigger assertion on invalid no-key filename
fscrypt: clarify what is meant by a per-file key
fscrypt: derive dirhash key for casefolded directories
fscrypt: don't allow v1 policies with casefolding
fscrypt: add "fscrypt_" prefix to fname_encrypt()
fscrypt: don't print name of busy file when removing key
fscrypt: document gfp_flags for bounce page allocation
fscrypt: optimize fscrypt_zeroout_range()
fscrypt: remove redundant bi_status check
fscrypt: Allow modular crypto algorithms
fscrypt: include <linux/ioctl.h> in UAPI header
fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info()
fscrypt: remove fscrypt_is_direct_key_policy()
fscrypt: move fscrypt_valid_enc_modes() to policy.c
fscrypt: check for appropriate use of DIRECT_KEY flag earlier
fscrypt: split up fscrypt_supported_policy() by policy version
fscrypt: introduce fscrypt_needs_contents_encryption()
fscrypt: move fscrypt_d_revalidate() to fname.c
fscrypt: constify inode parameter to filename encryption functions
fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
fscrypt: verify that the crypto_skcipher has the correct ivsize
fscrypt: use crypto_skcipher_driver_name()
fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
keys: Export lookup_user_key to external users
f2fs: fix build error on PAGE_KERNEL_RO
Conflicts:
fs/crypto/Kconfig
fs/crypto/bio.c
fs/crypto/fname.c
fs/crypto/fscrypt_private.h
fs/crypto/keyring.c
fs/crypto/keysetup.c
fs/ubifs/dir.c
include/uapi/linux/fscrypt.h
Resolved the conflicts as per the corresponding android-mainline change,
Ib1e6b9eda8fb5dcfc6bdc8fa89d93f72b088c5f6.
Bug: 148667616
Change-Id: I5f8b846f0cd4d5403d8c61b9e12acb4581fac6f7
Signed-off-by: Eric Biggers <ebiggers@google.com>
|
||
|
Greg Kroah-Hartman
|
998aa7d8f2 |
This is the 4.14.171 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5HEegACgkQONu9yGCS
aT6cNw//eNxBC6h0ibDOVeVbItkku2c0lwPRSrxtvhyUbE/RG63FlisA2TFEOUp8
y+Ionderw4+d8ySuExEcsE644d/ykES1Lj1dVR4Lzlbxo33X6p9opN9GCMHH1VH2
sRVWR8xLTUxzamGm4i5rUXMDplqTB+pTscVWJbisH1o3XW6SGnxAX3UjvqCHhjrW
9iLPBMZF/KkZDvhYbfl59QsB+FuLsjET3D1n+csypCzlZTf7zbi96tPMidprvhyt
xWYl4NZCyLxqUFmKFILsWK3KN7tQNXMFILfwUMOVcn15689GGXRS1X4W7OA+nOKs
rnSYM1KHBrsLHWdnLLcHh+qq7sKvgsIpIhvEyixl52c+qoMB1qJC+soZhhGJ4/kQ
93nl5ibHNUmPwc7a+R2G2U6C83aAS1zvV4LFIBtPXMc9oKOISDBkQgRJhsJ0HmQA
4euecjN7o1V+sE1LzvtMja6XcXqDEe7BrgT4e5TyL0Gd7IUGSbwyt61oIKPODcHM
YWn4hnflpDXOxYtSiqFWTi9psrdja54G0b1eBuhJ4ve9Katdqb1xhj2p9+HRt5rr
38f3nNOHLI/ozWL4DrWVSUgxWM86zqr6cyI2iJmINIOVH5+oWjq4RzinT5TNbQby
mgFNw/0rOyJXjdRiTB2qiOQZSaiAp/NbfO9OBlnBgR2BGcF5F6U=
=BC1c
-----END PGP SIGNATURE-----
Merge 4.14.171 into android-4.14
Changes in 4.14.171
kernel/module: Fix memleak in module_add_modinfo_attrs()
media: iguanair: fix endpoint sanity check
x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
iwlwifi: mvm: fix NVM check for 3168 devices
sparc32: fix struct ipc64_perm type definition
cls_rsvp: fix rsvp_policy
gtp: use __GFP_NOWARN to avoid memalloc warning
l2tp: Allow duplicate session creation with UDP
net: hsr: fix possible NULL deref in hsr_handle_frame()
net_sched: fix an OOB access in cls_tcindex
bnxt_en: Fix TC queue mapping.
tcp: clear tp->total_retrans in tcp_disconnect()
tcp: clear tp->delivered in tcp_disconnect()
tcp: clear tp->data_segs{in|out} in tcp_disconnect()
tcp: clear tp->segs_{in|out} in tcp_disconnect()
rxrpc: Fix insufficient receive notification generation
rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
mfd: dln2: More sanity checking for endpoints
tracing: Fix sched switch start/stop refcount racy updates
brcmfmac: Fix memory leak in brcmf_usbdev_qinit
usb: gadget: legacy: set max_speed to super-speed
usb: gadget: f_ncm: Use atomic_t to track in-flight request
usb: gadget: f_ecm: Use atomic_t to track in-flight request
ALSA: dummy: Fix PCM format loop in proc output
media/v4l2-core: set pages dirty upon releasing DMA buffers
media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments
lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
irqdomain: Fix a memory leak in irq_domain_push_irq()
platform/x86: intel_scu_ipc: Fix interrupt support
KVM: arm64: Only sign-extend MMIO up to register width
MIPS: fix indentation of the 'RELOCS' message
s390/mm: fix dynamic pagetable upgrade for hugetlbfs
powerpc/xmon: don't access ASDR in VMs
powerpc/pseries: Advance pfn if section is not present in lmb_is_removable()
mmc: spi: Toggle SPI polarity, do not hardcode it
ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards
alarmtimer: Unregister wakeup source when module get fails
ubifs: Reject unsupported ioctl flags explicitly
ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
ubifs: Fix deadlock in concurrent bulk-read and writepage
PCI: keystone: Fix link training retries initiation
mmc: sdhci-of-at91: fix memleak on clk_get failure
ubifs: don't trigger assertion on invalid no-key filename
hv_balloon: Balloon up according to request page number
crypto: api - Check spawn->alg under lock in crypto_drop_spawn
scsi: qla2xxx: Fix mtcp dump collection failure
power: supply: ltc2941-battery-gauge: fix use-after-free
f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project()
f2fs: fix miscounted block limit in f2fs_statfs_project()
f2fs: code cleanup for f2fs_statfs_project()
PM: core: Fix handling of devices deleted during system-wide resume
of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
dm zoned: support zone sizes smaller than 128MiB
dm space map common: fix to ensure new block isn't already in use
dm crypt: fix benbi IV constructor crash if used in authenticated mode
tracing: Annotate ftrace_graph_hash pointer with __rcu
tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu
ftrace: Add comment to why rcu_dereference_sched() is open coded
ftrace: Protect ftrace_graph_hash with ftrace_sync
samples/bpf: Don't try to remove user's homedir on clean
crypto: ccp - set max RSA modulus size for v3 platform devices as well
crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
crypto: atmel-aes - Fix counter overflow in CTR mode
crypto: api - Fix race condition in crypto_spawn_alg
crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill
scsi: qla2xxx: Fix unbound NVME response length
NFS: Fix memory leaks and corruption in readdir
NFS: Directory page cache pages need to be locked when read
btrfs: set trans->drity in btrfs_commit_transaction
ARM: tegra: Enable PLLP bypass during Tegra124 LP1
iwlwifi: don't throw error when trying to remove IGTK
mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
sunrpc: expiry_time should be seconds not timeval
tools/kvm_stat: Fix kvm_exit filter name
xen/balloon: Support xend-based toolstack take two
KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c
KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks
KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
clk: tegra: Mark fuse clock as critical
scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
scsi: csiostor: Adjust indentation in csio_device_reset
scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
scsi: ufs: Recheck bkops level if bkops is disabled
phy: qualcomm: Adjust indentation in read_poll_timeout
ext2: Adjust indentation in ext2_fill_super
powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
NFC: pn544: Adjust indentation in pn544_hci_check_presence
ppp: Adjust indentation into ppp_async_input
net: smc911x: Adjust indentation in smc911x_phy_configure
net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
IB/mlx5: Fix outstanding_pi index for GSI qps
IB/core: Fix ODP get user pages flow
nfsd: fix delay timer on 32-bit architectures
nfsd: fix jiffies/time_t mixup in LRU list
ubi: fastmap: Fix inverted logic in seen selfcheck
ubi: Fix an error pointer dereference in error handling code
mfd: da9062: Fix watchdog compatible string
mfd: rn5t618: Mark ADC control register volatile
net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port
net_sched: fix a resource leak in tcindex_set_parms()
net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
net: macb: Remove unnecessary alignment check for TSO
net: macb: Limit maximum GEM TX length in TSO
bonding/alb: properly access headers in bond_alb_xmit()
ext4: fix deadlock allocating crypto bounce page from mempool
btrfs: Get rid of the confusing btrfs_file_extent_inline_len
Btrfs: fix assertion failure on fsync with NO_HOLES enabled
Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES
btrfs: use bool argument in free_root_pointers()
btrfs: free block groups after free'ing fs trees
btrfs: remove trivial locking wrappers of tree mod log
Btrfs: fix race between adding and putting tree mod seq elements and nodes
drm: atmel-hlcdc: enable clock before configuring timing engine
KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
btrfs: flush write bio if we loop in extent_write_cache_pages
KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform
KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
KVM: nVMX: vmread should not set rflags to specify success in case of #PF
KVM: Use vcpu-specific gva->hva translation when querying host page size
KVM: Play nice with read-only memslots when querying host page size
KVM: s390: do not clobber registers during guest reset/store status
cifs: fail i/o on soft mounts if sessionsetup errors out
clocksource: Prevent double add_timer_on() for watchdog_timer
perf/core: Fix mlock accounting in perf_mmap()
rxrpc: Fix service call disconnection
ASoC: pcm: update FE/BE trigger order based on the command
hv_sock: Remove the accept port restriction
RDMA/netlink: Do not always generate an ACK for some netlink operations
scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails
PCI/switchtec: Fix vep_vector_number ioread width
PCI: Don't disable bridge BARs when assigning bus resources
nfs: NFS_SWAP should depend on SWAP
NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
NFSv4: try lease recovery on NFS4ERR_EXPIRED
serial: uartps: Add a timeout to the tx empty wait
rtc: hym8563: Return -EINVAL if the time is known to be invalid
rtc: cmos: Stop using shared IRQ
ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
platform/x86: intel_mid_powerbtn: Take a copy of ddata
ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
ARM: dts: at91: sama5d3: define clock rate range for tcb1
tools/power/acpi: fix compilation error
powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning
powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW
KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections
ARM: 8949/1: mm: mark free_memmap as __init
arm64: cpufeature: Fix the type of no FP/SIMD capability
KVM: arm/arm64: Fix young bit from mmu notifier
crypto: artpec6 - return correct error code for failed setkey()
crypto: atmel-sha - fix error handling when setting hmac key
media: i2c: adv748x: Fix unsafe macros
pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state
dm: fix potential for q->make_request_fn NULL pointer
serial: uartps: Move the spinlock after the read of the tx empty
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
libertas: make lbs_ibss_join_existing() return error code on rates overflow
Linux 4.14.171
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I2ffa7bd44800917ea3b327486b387470ab5d31b9
|
||
|
Eric Biggers
|
7c5cf5c43f |
ubifs: don't trigger assertion on invalid no-key filename
[ Upstream commit f0d07a98a070bb5e443df19c3aa55693cbca9341 ]
If userspace provides an invalid fscrypt no-key filename which encodes a
hash value with any of the UBIFS node type bits set (i.e. the high 3
bits), gracefully report ENOENT rather than triggering ubifs_assert().
Test case with kvm-xfstests shell:
. fs/ubifs/config
. ~/xfstests/common/encrypt
dev=$(__blkdev_to_ubi_volume /dev/vdc)
ubiupdatevol $dev -t
mount $dev /mnt -t ubifs
mkdir /mnt/edir
xfs_io -c set_encpolicy /mnt/edir
rm /mnt/edir/_,,,,,DAAAAAAAAAAAAAAAAAAAAAAAAAA
With the bug, the following assertion fails on the 'rm' command:
[ 19.066048] UBIFS error (ubi0:0 pid 379): ubifs_assert_failed: UBIFS assert failed: !(hash & ~UBIFS_S_KEY_HASH_MASK), in fs/ubifs/key.h:170
Fixes: f4f61d2cc6d8 ("ubifs: Implement encrypted filenames")
Cc: <stable@vger.kernel.org> # v4.10+
Link: https://lore.kernel.org/r/20200120223201.241390-5-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Zhihao Cheng
|
3de94c38e9 |
ubifs: Fix deadlock in concurrent bulk-read and writepage
commit f5de5b83303e61b1f3fb09bd77ce3ac2d7a475f2 upstream.
In ubifs, concurrent execution of writepage and bulk read on the same file
may cause ABBA deadlock, for example (Reproduce method see Link):
Process A(Bulk-read starts from page4) Process B(write page4 back)
vfs_read wb_workfn or fsync
... ...
generic_file_buffered_read write_cache_pages
ubifs_readpage LOCK(page4)
ubifs_bulk_read ubifs_writepage
LOCK(ui->ui_mutex) ubifs_write_inode
ubifs_do_bulk_read LOCK(ui->ui_mutex)
find_or_create_page(alloc page4) ↑
LOCK(page4) <-- ABBA deadlock occurs!
In order to ensure the serialization execution of bulk read, we can't
remove the big lock 'ui->ui_mutex' in ubifs_bulk_read(). Instead, we
allow ubifs_do_bulk_read() to lock page failed by replacing
find_or_create_page(FGP_LOCK) with
pagecache_get_page(FGP_LOCK | FGP_NOWAIT).
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Suggested-by: zhangyi (F) <yi.zhang@huawei.com>
Cc: <Stable@vger.kernel.org>
Fixes: 4793e7c5e1c ("UBIFS: add bulk-read facility")
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206153
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Eric Biggers
|
d95ec03f72 |
ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
commit 2b57067a7778484c10892fa191997bfda29fea13 upstream.
UBIFS's implementation of FS_IOC_SETFLAGS fails to preserve existing
inode flags that aren't settable by FS_IOC_SETFLAGS, namely the encrypt
flag. This causes the encrypt flag to be unexpectedly cleared.
Fix it by preserving existing unsettable flags, like ext4 and f2fs do.
Test case with kvm-xfstests shell:
FSTYP=ubifs KEYCTL_PROG=keyctl
. fs/ubifs/config
. ~/xfstests/common/encrypt
dev=$(__blkdev_to_ubi_volume /dev/vdc)
ubiupdatevol -t $dev
mount $dev /mnt -t ubifs
k=$(_generate_session_encryption_key)
mkdir /mnt/edir
xfs_io -c "set_encpolicy $k" /mnt/edir
echo contents > /mnt/edir/file
chattr +i /mnt/edir/file
chattr -i /mnt/edir/file
With the bug, the following errors occur on the last command:
[ 18.081559] fscrypt (ubifs, inode 67): Inconsistent encryption context (parent directory: 65)
chattr: Operation not permitted while reading flags on /mnt/edir/file
Fixes: d475a507457b ("ubifs: Add skeleton for fscrypto")
Cc: <stable@vger.kernel.org> # v4.10+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Hou Tao
|
c68fb6c809 |
ubifs: Reject unsupported ioctl flags explicitly
commit 2fe8b2d5578d7d142982e3bf62e4c0caf8b8fe02 upstream. Reject unsupported ioctl flags explicitly, so the following command on a regular ubifs file will fail: chattr +d ubifs_file And xfstests generic/424 will pass. Signed-off-by: Hou Tao <houtao1@huawei.com> Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Eric Biggers
|
7fd1c005ec |
ubifs: allow both hash and disk name to be provided in no-key names
In order to support a new dirhash method that is a secret-keyed hash over the plaintext filenames (which will be used by encrypted+casefolded directories on ext4 and f2fs), fscrypt will be switching to a new no-key name format that always encodes the dirhash in the name. UBIFS isn't happy with this because it has assertions that verify that either the hash or the disk name is provided, not both. Change it to use the disk name if one is provided, even if a hash is available too; else use the hash. Link: https://lore.kernel.org/r/20200120223201.241390-6-ebiggers@kernel.org Signed-off-by: Eric Biggers <ebiggers@google.com> |
||
|
Eric Biggers
|
89aca68d2f |
ubifs: don't trigger assertion on invalid no-key filename
If userspace provides an invalid fscrypt no-key filename which encodes a
hash value with any of the UBIFS node type bits set (i.e. the high 3
bits), gracefully report ENOENT rather than triggering ubifs_assert().
Test case with kvm-xfstests shell:
. fs/ubifs/config
. ~/xfstests/common/encrypt
dev=$(__blkdev_to_ubi_volume /dev/vdc)
ubiupdatevol $dev -t
mount $dev /mnt -t ubifs
mkdir /mnt/edir
xfs_io -c set_encpolicy /mnt/edir
rm /mnt/edir/_,,,,,DAAAAAAAAAAAAAAAAAAAAAAAAAA
With the bug, the following assertion fails on the 'rm' command:
[ 19.066048] UBIFS error (ubi0:0 pid 379): ubifs_assert_failed: UBIFS assert failed: !(hash & ~UBIFS_S_KEY_HASH_MASK), in fs/ubifs/key.h:170
Fixes: f4f61d2cc6d8 ("ubifs: Implement encrypted filenames")
Cc: <stable@vger.kernel.org> # v4.10+
Link: https://lore.kernel.org/r/20200120223201.241390-5-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
|