mirror of
https://github.com/rd-stuffs/msm-4.14.git
synced 2025-02-20 11:45:48 +08:00
9083 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Greg Kroah-Hartman
|
4f02b6c9ac |
This is the 4.14.181 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl7Ey28ACgkQONu9yGCS aT5HHBAApSN5pEsCeogd9V1h20Gsx9TteDrn1qVqIxa4k7FczL7TuhGZw3SH9JjI oK7xvZK8JknVvr+GSnk+OO7oU64L3qtZ+icfrdqVecBIsxiyu3gopmazjLP+QxEo x+9xqR9clqTjOgQx3S8rH9s09fgsZMNAp1Ga8juyGZWxFkPoLiSyB+SDEIFwL43v IYeC2uJc5lnv8+vNGAcEHAJiphxKeWJLd/etmelIaFrp+kkmO0nIoszR9uLNkr8i yuCqt2tCSd3vVaQqjSOpg/3u1PnQpmMqvKqWXuDKBOkr9nz7cgOf+6uWeuo3Fvro Ji8q0Dtay1xNJLgwCGH3c98OsiRE5OMX0dIpadcDCteFwJOSryu7tkf5ODp7BA+Q EjZx5DIhvNa/7auqarqMJvblconocZnJ+8zcN2aGL8Yn57Q0bsfyiHyB6bMW98+/ J0dMSuXl0c9MPLKa28+31hrmeThs5kG15EpTUzBrkXcTbsLGxPoJVC4IFIACwqlg lyhokwuZ87slEZfnz91R3V2Ehdyl5d8ci2/DBzzZiPjgGsUoxWH1pwmb5WO2agNf K9l9VVsGCAl+gqY41kI9UCf3BNzv/sc2uScjlnOIjpGrNI4IVc/bGq1y1ktIY4UC WV3Qux5GvwHbS/Dbrapv7B5Tt9EtbLmAPbnCCJ93e1mXXEkUw3o= =6R5g -----END PGP SIGNATURE----- Merge 4.14.181 into android-4.14-stable Changes in 4.14.181 USB: serial: qcserial: Add DW5816e support dp83640: reverse arguments to list_add_tail fq_codel: fix TCA_FQ_CODEL_DROP_BATCH_SIZE sanity checks net: macsec: preserve ingress frame ordering net/mlx4_core: Fix use of ENOSPC around mlx4_counter_alloc() net: usb: qmi_wwan: add support for DW5816e sch_choke: avoid potential panic in choke_reset() sch_sfq: validate silly quantum values bnxt_en: Fix VLAN acceleration handling in bnxt_fix_features(). net/mlx5: Fix forced completion access non initialized command entry net/mlx5: Fix command entry leak in Internal Error State bnxt_en: Improve AER slot reset. bnxt_en: Fix VF anti-spoof filter setup. net: stricter validation of untrusted gso packets ipv6: fix cleanup ordering for ip6_mr failure HID: wacom: Read HID_DG_CONTACTMAX directly for non-generic devices geneve: only configure or fill UDP_ZERO_CSUM6_RX/TX info when CONFIG_IPV6 HID: usbhid: Fix race between usbhid_close() and usbhid_stop() USB: uas: add quirk for LaCie 2Big Quadra USB: serial: garmin_gps: add sanity checking for data length tracing: Add a vmalloc_sync_mappings() for safe measure KVM: arm: vgic: Fix limit condition when writing to GICD_I[CS]ACTIVER mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous() coredump: fix crash when umh is disabled batman-adv: fix batadv_nc_random_weight_tq batman-adv: Fix refcnt leak in batadv_show_throughput_override batman-adv: Fix refcnt leak in batadv_store_throughput_override batman-adv: Fix refcnt leak in batadv_v_ogm_process x86/entry/64: Fix unwind hints in kernel exit path x86/entry/64: Fix unwind hints in rewind_stack_do_exit() x86/unwind/orc: Don't skip the first frame for inactive tasks x86/unwind/orc: Prevent unwinding before ORC initialization x86/unwind/orc: Fix error path for bad ORC entry type netfilter: nat: never update the UDP checksum when it's 0 objtool: Fix stack offset tracking for indirect CFAs scripts/decodecode: fix trapping instruction formatting net: ipv6: add net argument to ip6_dst_lookup_flow net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup blktrace: fix unlocked access to init/start-stop/teardown blktrace: fix trace mutex deadlock blktrace: Protect q->blk_trace with RCU blktrace: fix dereference after null check f2fs: introduce read_inline_xattr f2fs: introduce read_xattr_block f2fs: sanity check of xattr entry size f2fs: fix to avoid accessing xattr across the boundary f2fs: fix to avoid memory leakage in f2fs_listxattr net: stmmac: Use mutex instead of spinlock shmem: fix possible deadlocks on shmlock_user_lock net/sonic: Fix a resource leak in an error handling path in 'jazz_sonic_probe()' net: moxa: Fix a potential double 'free_irq()' drop_monitor: work around gcc-10 stringop-overflow warning virtio-blk: handle block_device_operations callbacks after hot unplug scsi: sg: add sg_remove_request in sg_write dmaengine: pch_dma.c: Avoid data race between probe and irq handler dmaengine: mmp_tdma: Reset channel error on release cpufreq: intel_pstate: Only mention the BIOS disabling turbo mode once ALSA: hda/hdmi: fix race in monitor detection during probe drm/qxl: lost qxl_bo_kunmap_atomic_page in qxl_image_init_helper() ipc/util.c: sysvipc_find_ipc() incorrectly updates position index ALSA: hda/realtek - Fix S3 pop noise on Dell Wyse x86/entry/64: Fix unwind hints in register clearing code ipmi: Fix NULL pointer dereference in ssif_probe pinctrl: baytrail: Enable pin configuration setting for GPIO chip pinctrl: cherryview: Add missing spinlock usage in chv_gpio_irq_handler i40iw: Fix error handling in i40iw_manage_arp_cache() netfilter: conntrack: avoid gcc-10 zero-length-bounds warning IB/mlx4: Test return value of calls to ib_get_cached_pkey hwmon: (da9052) Synchronize access with mfd pnp: Use list_for_each_entry() instead of open coding gcc-10 warnings: fix low-hanging fruit kbuild: compute false-positive -Wmaybe-uninitialized cases in Kconfig Stop the ad-hoc games with -Wno-maybe-initialized gcc-10: disable 'zero-length-bounds' warning for now gcc-10: disable 'array-bounds' warning for now gcc-10: disable 'stringop-overflow' warning for now gcc-10: disable 'restrict' warning for now gcc-10: avoid shadowing standard library 'free()' in crypto x86/asm: Add instruction suffixes to bitops net: phy: micrel: Use strlcpy() for ethtool::get_strings net: fix a potential recursive NETDEV_FEAT_CHANGE netlabel: cope with NULL catmap net: phy: fix aneg restart in phy_ethtool_set_eee Revert "ipv6: add mtu lock check in __ip6_rt_update_pmtu" hinic: fix a bug of ndo_stop net: dsa: loop: Add module soft dependency net: ipv4: really enforce backoff for redirects netprio_cgroup: Fix unlimited memory leak of v2 cgroups net: tcp: fix rx timestamp behavior for tcp_recvmsg ALSA: hda/realtek - Limit int mic boost for Thinkpad T530 ALSA: rawmidi: Initialize allocated buffers ALSA: rawmidi: Fix racy buffer resize under concurrent accesses ARM: dts: dra7: Fix bus_dma_limit for PCIe ARM: dts: imx27-phytec-phycard-s-rdk: Fix the I2C1 pinctrl entries x86: Fix early boot crash on gcc-10, third try ALSA: usb-audio: Add control message quirk delay for Kingston HyperX headset usb: core: hub: limit HUB_QUIRK_DISABLE_AUTOSUSPEND to USB5534B usb: host: xhci-plat: keep runtime active when removing host USB: gadget: fix illegal array access in binding with UDC usb: xhci: Fix NULL pointer dereference when enqueuing trbs from urb sg list x86/unwind/orc: Fix error handling in __unwind_start() exec: Move would_dump into flush_old_exec clk: rockchip: fix incorrect configuration of rk3228 aclk_gpu* clocks usb: gadget: net2272: Fix a memory leak in an error handling path in 'net2272_plat_probe()' usb: gadget: audio: Fix a missing error return value in audio_bind() usb: gadget: legacy: fix error return code in gncm_bind() usb: gadget: legacy: fix error return code in cdc_bind() Revert "ALSA: hda/realtek: Fix pop noise on ALC225" arm64: dts: rockchip: Replace RK805 PMIC node name with "pmic" on rk3328 boards arm64: dts: rockchip: Rename dwc3 device nodes on rk3399 to make dtc happy ARM: dts: r8a73a4: Add missing CMT1 interrupts ARM: dts: r8a7740: Add missing extal2 to CPG node KVM: x86: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce Makefile: disallow data races on gcc-10 as well Linux 4.14.181 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ie1fb614d727dc6aad472bea0234073076eae8c8b |
||
Kelly Littlepage
|
8df010e4c8 |
net: tcp: fix rx timestamp behavior for tcp_recvmsg
[ Upstream commit cc4de047b33be247f9c8150d3e496743a49642b8 ]
The stated intent of the original commit is to is to "return the timestamp
corresponding to the highest sequence number data returned." The current
implementation returns the timestamp for the last byte of the last fully
read skb, which is not necessarily the last byte in the recv buffer. This
patch converts behavior to the original definition, and to the behavior of
the previous draft versions of commit 98aaa913b4ed ("tcp: Extend
SOF_TIMESTAMPING_RX_SOFTWARE to TCP recvmsg") which also match this
behavior.
Fixes: 98aaa913b4ed ("tcp: Extend SOF_TIMESTAMPING_RX_SOFTWARE to TCP recvmsg")
Co-developed-by: Iris Liu <iris@onechronos.com>
Signed-off-by: Iris Liu <iris@onechronos.com>
Signed-off-by: Kelly Littlepage <kelly@onechronos.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Acked-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Paolo Abeni
|
370c57bd4d |
net: ipv4: really enforce backoff for redirects
[ Upstream commit 57644431a6c2faac5d754ebd35780cf43a531b1a ]
In commit b406472b5ad7 ("net: ipv4: avoid mixed n_redirects and
rate_tokens usage") I missed the fact that a 0 'rate_tokens' will
bypass the backoff algorithm.
Since rate_tokens is cleared after a redirect silence, and never
incremented on redirects, if the host keeps receiving packets
requiring redirect it will reply ignoring the backoff.
Additionally, the 'rate_last' field will be updated with the
cadence of the ingress packet requiring redirect. If that rate is
high enough, that will prevent the host from generating any
other kind of ICMP messages
The check for a zero 'rate_tokens' value was likely a shortcut
to avoid the more complex backoff algorithm after a redirect
silence period. Address the issue checking for 'n_redirects'
instead, which is incremented on successful redirect, and
does not interfere with other ICMP replies.
Fixes: b406472b5ad7 ("net: ipv4: avoid mixed n_redirects and rate_tokens usage")
Reported-and-tested-by: Colin Walters <walters@redhat.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Paolo Abeni
|
0f5ae0f5b2 |
netlabel: cope with NULL catmap
[ Upstream commit eead1c2ea2509fd754c6da893a94f0e69e83ebe4 ]
The cipso and calipso code can set the MLS_CAT attribute on
successful parsing, even if the corresponding catmap has
not been allocated, as per current configuration and external
input.
Later, selinux code tries to access the catmap if the MLS_CAT flag
is present via netlbl_catmap_getlong(). That may cause null ptr
dereference while processing incoming network traffic.
Address the issue setting the MLS_CAT flag only if the catmap is
really allocated. Additionally let netlbl_catmap_getlong() cope
with NULL catmap.
Reported-by: Matthew Sheets <matthew.sheets@gd-ms.com>
Fixes: 4b8feff251da ("netlabel: fix the horribly broken catmap functions")
Fixes: ceba1832b1b2 ("calipso: Set the calipso socket label to match the secattr.")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Srinivasarao P
|
410eca3cca |
Merge android-4.14.167 (571f968) into msm-4.14
* refs/heads/tmp-571f968: Linux 4.14.167 regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id perf probe: Fix wrong address verification scsi: core: scsi_trace: Use get_unaligned_be*() scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI scsi: target: core: Fix a pr_debug() argument scsi: bnx2i: fix potential use after free scsi: qla4xxx: fix double free bug scsi: esas2r: unlock on error in esas2r_nvram_read_direct() reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr Revert "arm64: dts: juno: add dma-ranges property" tick/sched: Annotate lockless access to last_jiffies_update cfg80211: check for set_wiphy_params arm64: dts: meson-gxl-s905x-khadas-vim: fix gpio-keys-polled node cw1200: Fix a signedness bug in cw1200_load_firmware() xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk tcp: fix marked lost packets not being retransmitted r8152: add missing endpoint sanity check ptp: free ptp device pin descriptors properly net/wan/fsl_ucc_hdlc: fix out of bounds write on array utdm_info net: usb: lan78xx: limit size of local TSO packets net: hns: fix soft lockup when there is not enough memory net: dsa: tag_qca: fix doubled Tx statistics hv_netvsc: Fix memory leak when removing rndis device macvlan: use skb_reset_mac_header() in macvlan_queue_xmit() batman-adv: Fix DAT candidate selection on little endian systems NFC: pn533: fix bulk-message timeout netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct netfilter: fix a use-after-free in mtype_destroy() cfg80211: fix page refcount issue in A-MSDU decap arm64: dts: agilex/stratix10: fix pmu interrupt numbers mm/huge_memory.c: thp: fix conflict of above-47bit hint address and PMD alignment mm/huge_memory.c: make __thp_get_unmapped_area static USB: serial: io_edgeport: handle unbound ports on URB completion USB: serial: io_edgeport: use irqsave() in USB's complete callback net: stmmac: Enable 16KB buffer size net: stmmac: 16KB buffer must be 16 byte aligned mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() btrfs: fix memory leak in qgroup accounting mm/shmem.c: thp, shmem: fix conflict of above-47bit hint address and PMD alignment perf report: Fix incorrectly added dimensions as switch perf data file perf hists: Fix variable name's inconsistency in hists__for_each() macro x86/efistub: Disable paging at mixed mode entry x86/resctrl: Fix an imbalance in domain_remove_cpu() usb: core: hub: Improved device recognition on remote wakeup ptrace: reintroduce usage of subjective credentials in ptrace_has_cap() scsi: mptfusion: Fix double fetch bug in ioctl scsi: fnic: fix invalid stack access USB: serial: quatech2: handle unbound ports USB: serial: keyspan: handle unbound ports USB: serial: io_edgeport: add missing active-port sanity check USB: serial: ch341: handle unbound port at reset_resume USB: serial: suppress driver bind attributes USB: serial: option: add support for Quectel RM500Q in QDL mode USB: serial: opticon: fix control-message timeouts USB: serial: option: Add support for Quectel RM500Q USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx iio: buffer: align the size of scan bytes to size of the largest element ARM: dts: am571x-idk: Fix gpios property to have the correct gpio number block: fix an integer overflow in logical block size Fix built-in early-load Intel microcode alignment ALSA: seq: Fix racy access for queue timer in proc read ASoC: msm8916-wcd-analog: Fix selected events for MIC BIAS External1 clk: Don't try to enable critical clocks if prepare failed dt-bindings: reset: meson8b: fix duplicate reset IDs Change-Id: I8dd465e2236497910afadfc5546a0b9ee84d0543 Signed-off-by: Srinivasarao P <spathi@codeaurora.org> |
||
|
Srinivasarao P
|
52dea22a16 |
Merge android-4.14.165 (748d727) into msm-4.14
* refs/heads/tmp-748d727: cuttlefish - enable CONFIG_NETFILTER_XT_MATCH_QUOTA2_LOG=y ANDROID: Enable HID_STEAM as y Linux 4.14.165 drm/i915/gen9: Clear residual context state on context switch netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present netfilter: arp_tables: init netns pointer in xt_tgchk_param struct phy: cpcap-usb: Fix flakey host idling and enumerating of devices phy: cpcap-usb: Fix error path when no host driver is loaded USB: Fix: Don't skip endpoint descriptors with maxpacket=0 HID: hiddev: fix mess in hiddev_open() arm64: cpufeature: Avoid warnings due to unused symbols ath10k: fix memory leak rtl8xxxu: prevent leaking urb scsi: bfa: release allocated memory in case of error mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf mwifiex: fix possible heap overflow in mwifiex_process_country_ie() tty: always relink the port tty: link tty and port before configuring it as console staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21 drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ drm/fb-helper: Round up bits_per_pixel if possible Input: add safety guards to input_set_keycode() HID: hid-input: clear unmapped usages staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713 usb: musb: dma: Correct parameter passed to IRQ handler usb: musb: Disable pullup at init usb: musb: fix idling for suspend after disconnect interrupt USB: serial: option: add ZLP support for 0x1bc7/0x9010 staging: vt6656: set usb_set_intfdata on driver fail. gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism gpiolib: acpi: Turn dmi_system_id table into a generic quirk table can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs can: mscan: mscan_rx_poll(): fix rx path lockup when returning from polling to irq mode can: gs_usb: gs_usb_probe(): use descriptors of current altsetting HID: uhid: Fix returning EPOLLOUT from uhid_char_poll HID: Fix slab-out-of-bounds read in hid_field_extract tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail ALSA: hda/realtek - Set EAPD control to default for ALC222 ALSA: hda/realtek - Add new codec supported for ALCS1200A ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5 usb: chipidea: host: Disable port power only if previously enabled chardev: Avoid potential use-after-free in 'chrdev_open()' UPSTREAM: kcov: fix struct layout for kcov_remote_arg UPSTREAM: vhost, kcov: collect coverage from vhost_worker UPSTREAM: usb, kcov: collect coverage from hub_event BACKPORT: kcov: remote coverage support UPSTREAM: kcov: improve CONFIG_ARCH_HAS_KCOV help text UPSTREAM: kcov: convert kcov.refcount to refcount_t UPSTREAM: kcov: no need to check return value of debugfs_create functions UPSTREAM: kernel/kcov.c: mark write_comp_data() as notrace UPSTREAM: kernel/kcov.c: mark funcs in __sanitizer_cov_trace_pc() as notrace BACKPORT: sched/core / kcov: avoid kcov_area during task switch UPSTREAM: kcov: prefault the kcov_area BACKPORT: kcov: test compiler capability in Kconfig and correct dependency UPSTREAM: gcc-plugins: fix build condition of SANCOV plugin UPSTREAM: kcov: fix comparison callback signature UPSTREAM: kcov: update documentation BACKPORT: Makefile: support flag -fsanitizer-coverage=trace-cmp BACKPORT: kcov: support comparison operands collection UPSTREAM: kcov: remove pointless current != NULL check docs: fs-verity: mention statx() support f2fs: support STATX_ATTR_VERITY ext4: support STATX_ATTR_VERITY statx: define STATX_ATTR_VERITY docs: fs-verity: document first supported kernel version f2fs: add support for IV_INO_LBLK_64 encryption policies ext4: add support for IV_INO_LBLK_64 encryption policies fscrypt: add support for IV_INO_LBLK_64 policies fscrypt: avoid data race on fscrypt_mode::logged_impl_name fscrypt: zeroize fscrypt_info before freeing fscrypt: remove struct fscrypt_ctx fscrypt: invoke crypto API for ESSIV handling Conflicts: arch/arm64/kernel/cpufeature.c fs/crypto/bio.c include/linux/fscrypt.h Change-Id: Ib93acf5f5b5d66770ee3af1312cff999a84910eb Signed-off-by: Srinivasarao P <spathi@codeaurora.org> |
||
|
Srinivasarao P
|
14e46ae0c8 |
Merge android-4.14.164 (d2905c6) into msm-4.14
* refs/heads/tmp-d2905c6: Linux 4.14.164 vlan: fix memory leak in vlan_dev_set_egress_priority net: sch_prio: When ungrafting, replace with FIFO vlan: vlan_changelink() should propagate errors vxlan: fix tos value before xmit tcp: fix "old stuff" D-SACK causing SACK to be treated as D-SACK sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY USB: serial: option: add Telit ME910G1 0x110a composition USB: core: fix check for duplicate endpoints pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM net: usb: lan78xx: fix possible skb leak net: stmmac: dwmac-sunxi: Allow all RGMII modes net: stmmac: dwmac-sun8i: Allow all RGMII modes net: dsa: mv88e6xxx: Preserve priority when setting CPU port. macvlan: do not assume mac_header is set in macvlan_broadcast() gtp: fix bad unlock balance in gtp_encap_enable_socket mmc: block: propagate correct returned value in mmc_rpmb_ioctl mmc: core: Prevent bus reference leak in mmc_blk_init() mmc: block: Fix bug when removing RPMB chardev mmc: block: Delete mmc_access_rpmb() mmc: block: Convert RPMB to a character device PCI/switchtec: Read all 64 bits of part_event_bitmap bpf: Fix passing modified ctx to ld/abs/ind instruction bpf: reject passing modified ctx to helper functions hv_netvsc: Fix unwanted rx_table reset llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c) parisc: Fix compiler warnings in debug_core.c block: fix memleak when __blk_rq_map_user_iov() is failed s390/dasd: fix memleak in path handling error case s390/dasd/cio: Interpret ccw_device_get_mdc return value correctly net: stmmac: RX buffer size must be 16 byte aligned net: stmmac: Do not accept invalid MTU values fs: avoid softlockups in s_inodes iterators perf/x86/intel: Fix PT PMI handling kconfig: don't crash on NULL expressions in expr_eq() regulator: rn5t618: fix module aliases ASoC: wm8962: fix lambda value rfkill: Fix incorrect check to avoid NULL pointer dereference net: usb: lan78xx: Fix error message format specifier bnx2x: Fix logic to get total no. of PFs per engine bnx2x: Do not handle requests from VFs after parity powerpc: Ensure that swiotlb buffer is allocated from low memory samples: bpf: fix syscall_tp due to unused syscall samples: bpf: Replace symbol compare of trace_event ARM: dts: am437x-gp/epos-evm: fix panel compatible bpf, mips: Limit to 33 tail calls ARM: dts: bcm283x: Fix critical trip point ASoC: topology: Check return value for soc_tplg_pcm_create() spi: spi-cavium-thunderx: Add missing pci_release_regions() ARM: dts: Cygnus: Fix MDIO node address/size cells netfilter: nf_tables: validate NFT_SET_ELEM_INTERVAL_END netfilter: uapi: Avoid undefined left-shift in xt_sctp.h ARM: vexpress: Set-up shared OPP table instead of individual for each CPU efi/gop: Fix memory leak in __gop_query32/64() efi/gop: Return EFI_SUCCESS if a usable GOP was found efi/gop: Return EFI_NOT_FOUND if there are no usable GOPs x86/efi: Update e820 with reserved EFI boot services data to fix kexec breakage libtraceevent: Fix lib installation with O= mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() netfilter: ctnetlink: netns exit must wait for callbacks locking/spinlock/debug: Fix various data races USB: dummy-hcd: increase max number of devices to 32 USB: dummy-hcd: use usb_urb_dir_in instead of usb_pipein UPSTREAM: USB: dummy-hcd: use usb_urb_dir_in instead of usb_pipein UPSTREAM: USB: dummy-hcd: increase max number of devices to 32 UPSTREAM: USB: dummy-hcd: Fix failure to give back unlinked URBs UPSTREAM: USB: dummy-hcd: bandwidth limits for non-bulk transfers BACKPORT: perf_event: Add support for LSM and SELinux checks ANDROID: cuttlefish_defconfig: remove 80211_HWSIM Conflicts: drivers/mmc/core/block.c drivers/mmc/core/queue.h drivers/net/ethernet/stmicro/stmmac/stmmac_main.c kernel/events/core.c kernel/locking/spinlock_debug.c Excluded below commits as per mmc team's suggestion mmc: block: propagate correct returned value in mmc_rpmb_ioctl mmc: core: Prevent bus reference leak in mmc_blk_init() mmc: block: Fix bug when removing RPMB chardev mmc: block: Delete mmc_access_rpmb() mmc: block: Convert RPMB to a character device Change-Id: I1ec72ef72135c50e5bf46b6f66f1dd88b18add28 Signed-off-by: Srinivasarao P <spathi@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
a810d3c5bf |
This is the 4.14.178 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6tkL8ACgkQONu9yGCS
aT4DqQ/+NU5DTIpe/G453W7kieNu1S4JqjxITOj0syGBOzpWqXXyqyMTghps8G0O
6NR1kHh19rEZIo+aP2ltJB0cErQiVwmSN4msgs5AuBWj7krVIKZMp6LVLGxrp/b5
BI0/uHnyv1pvRN42eKBynxVBS0JEqht/gZwMWDd4+FsBEP37wqjhb4NH4+3VwlFs
qkpEhys91sVWbXhh/6u9id0wFm0C4M77hcRki3bp6giNKliVRqE1Tv3rCWP4IBUQ
dBujckqpgiOx2fI2PPadmB8FAoMGNTRL5DhsvJXAkcpU+9PsKEIW58NMggMDqer6
YXs/PCeuhJql5QUnnChdHrojbsv1xYRPvArB+fgb5F53AivHQ9f50pRN8Df28DBN
h4J3OpAWTT1A/gce8SCoO0oPFDEWleGdKWQW/qaMRKBQf94CnKyRsIOVaUr9oABS
bxI5B2OPiFNvkG1ImE+un8Fcty/0ZEtxSKnxJLjVD01sghxtVIi1TBQCR8XKDqWv
cLyYsQV+VexOFkOS980TVHQGGqMu5QqmLeyaImOxzOvV6h7lb0tcx87ycNS1AABF
stfkTARfScn6aKPwBdnWC4PfKVqfcthGNYxqAmZdEPsiglaeySIiKTsg8K/kAjYO
8HS2OdJllBNpjovH9rSMA6GPuxz0aiHF3KgaCeobUy6U88PIFzQ=
=u1LD
-----END PGP SIGNATURE-----
Merge 4.14.178 into android-4.14-stable
Changes in 4.14.178
ext4: fix extent_status fragmentation for plain files
net: ipv4: emulate READ_ONCE() on ->hdrincl bit-field in raw_sendmsg()
net: ipv4: avoid unused variable warning for sysctl
keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h
drm/msm: Use the correct dma_sync calls harder
crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static
vti4: removed duplicate log message.
watchdog: reset last_hw_keepalive time at start
scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login
ceph: return ceph_mdsc_do_request() errors from __get_parent()
ceph: don't skip updating wanted caps when cap is stale
pwm: rcar: Fix late Runtime PM enablement
scsi: iscsi: Report unbind session event when the target has been removed
ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map()
kernel/gcov/fs.c: gcov_seq_next() should increase position index
selftests: kmod: fix handling test numbers above 9
ipc/util.c: sysvipc_find_ipc() should increase position index
s390/cio: avoid duplicated 'ADD' uevents
pwm: renesas-tpu: Fix late Runtime PM enablement
pwm: bcm2835: Dynamically allocate base
perf/core: Disable page faults when getting phys address
PCI/ASPM: Allow re-enabling Clock PM
mm, slub: restore the original intention of prefetch_freepointer()
cxgb4: fix large delays in PTP synchronization
ipv6: fix restrict IPV6_ADDRFORM operation
macsec: avoid to set wrong mtu
macvlan: fix null dereference in macvlan_device_event()
net: bcmgenet: correct per TX/RX ring statistics
net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
net/x25: Fix x25_neigh refcnt leak when receiving frame
tcp: cache line align MAX_TCP_HEADER
team: fix hang in team_mode_get()
net: dsa: b53: Fix ARL register definitions
xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish
vrf: Check skb for XFRM_TRANSFORMED flag
KEYS: Avoid false positive ENOMEM error on key read
ALSA: hda: Remove ASUS ROG Zenith from the blacklist
iio: adc: stm32-adc: fix sleep in atomic context
iio: xilinx-xadc: Fix ADC-B powerdown
iio: xilinx-xadc: Fix clearing interrupt when enabling trigger
iio: xilinx-xadc: Fix sequencer configuration for aux channels in simultaneous mode
fs/namespace.c: fix mountpoint reference counter race
USB: sisusbvga: Change port variable from signed to unsigned
USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE
USB: early: Handle AMD's spec-compliant identifiers, too
USB: core: Fix free-while-in-use bug in the USB S-Glibrary
USB: hub: Fix handling of connect changes during sleep
overflow.h: Add arithmetic shift helper
vmalloc: fix remap_vmalloc_range() bounds checks
mm/hugetlb: fix a addressing exception caused by huge_pte_offset
mm/ksm: fix NULL pointer dereference when KSM zero page is enabled
tools/vm: fix cross-compile build
ALSA: usx2y: Fix potential NULL dereference
ALSA: hda/realtek - Add new codec supported for ALC245
ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif
ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices
tpm/tpm_tis: Free IRQ if probing fails
tpm: ibmvtpm: retry on H_CLOSED in tpm_ibmvtpm_send()
KVM: Check validity of resolved slot when searching memslots
KVM: VMX: Enable machine check support for 32bit targets
tty: hvc: fix buffer overflow during hvc_alloc().
tty: rocket, avoid OOB access
usb-storage: Add unusual_devs entry for JMicron JMS566
audit: check the length of userspace generated audit records
ASoC: dapm: fixup dapm kcontrol widget
iwlwifi: pcie: actually release queue memory in TVQM
ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y
powerpc/setup_64: Set cache-line-size based on cache-block-size
staging: comedi: dt2815: fix writing hi byte of analog output
staging: comedi: Fix comedi_device refcnt leak in comedi_open
vt: don't hardcode the mem allocation upper bound
staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default.
staging: vt6656: Fix calling conditions of vnt_set_bss_mode
staging: vt6656: Fix drivers TBTT timing counter.
staging: vt6656: Fix pairwise key entry save.
staging: vt6656: Power save stop wake_up_count wrap around.
cdc-acm: close race betrween suspend() and acm_softint
cdc-acm: introduce a cool down
UAS: no use logging any details in case of ENODEV
UAS: fix deadlock in error handling and PM flushing work
usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset()
serial: sh-sci: Make sure status register SCxSR is read in correct sequence
xfs: validate sb_logsunit is a multiple of the fs blocksize
xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT
remoteproc: Fix wrong rvring index computation
mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer
include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap
binder: take read mode of mmap_sem in binder_alloc_free_page()
usb: dwc3: gadget: Do link recovery for SS and SSP
usb: gadget: udc: bdc: Remove unnecessary NULL checks in bdc_req_complete
iio:ad7797: Use correct attribute_group
nfsd: memory corruption in nfsd4_lock()
i2c: altera: use proper variable to hold errno
net/cxgb4: Check the return from t4_query_params properly
ARM: dts: bcm283x: Disable dsi0 node
perf/core: fix parent pid/tid in task exit events
mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path
bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B
x86: hyperv: report value of misc_features
xfs: fix partially uninitialized structure in xfs_reflink_remap_extent
scsi: target: fix PR IN / READ FULL STATUS for FC
objtool: Fix CONFIG_UBSAN_TRAP unreachable warnings
objtool: Support Clang non-section symbols in ORC dump
xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status
arm64: Delete the space separator in __emit_inst
ext4: use matching invalidatepage in ext4_writepage
ext4: increase wait time needed before reuse of deleted inode numbers
ext4: convert BUG_ON's to WARN_ON's in mballoc.c
hwmon: (jc42) Fix name to have no illegal characters
ext4: avoid declaring fs inconsistent due to invalid file handles
ext4: protect journal inode's blocks using block_validity
ext4: don't perform block validity checks on the journal inode
ext4: fix block validity checks for journal inodes using indirect blocks
ext4: unsigned int compared against zero
qed: Fix use after free in qed_chain_free
ext4: check for non-zero journal inum in ext4_calculate_overhead
propagate_one(): mnt_set_mountpoint() needs mount_lock
Linux 4.14.178
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ia3d4a2b883413346daf1779820545cb0b0e35948
|
||
David Ahern
|
0367dba6b8 |
xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish
[ Upstream commit 0c922a4850eba2e668f73a3f1153196e09abb251 ] IPSKB_XFRM_TRANSFORMED and IP6SKB_XFRM_TRANSFORMED are skb flags set by xfrm code to tell other skb handlers that the packet has been passed through the xfrm output functions. Simplify the code and just always set them rather than conditionally based on netfilter enabled thus making the flag available for other users. Signed-off-by: David Ahern <dsahern@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Jeremy Sowden
|
f400768a2a |
vti4: removed duplicate log message.
commit 01ce31c57b3f07c91c9d45bbaf126124cce83a5d upstream.
Removed info log-message if ipip tunnel registration fails during
module-initialization: it adds nothing to the error message that is
written on all failures.
Fixes: dd9ee3444014e ("vti4: Fix a ipip packet processing bug in 'IPCOMP' virtual tunnel")
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Arnd Bergmann
|
48eaa2b5d5 |
net: ipv4: avoid unused variable warning for sysctl
commit 773daa3caf5d3f87fdb1ab43e9c1b367a38fa394 upstream.
The newly introudced ip_min_valid_pmtu variable is only used when
CONFIG_SYSCTL is set:
net/ipv4/route.c:135:12: error: 'ip_min_valid_pmtu' defined but not used [-Werror=unused-variable]
This moves it to the other variables like it, to avoid the harmless
warning.
Fixes: c7272c2f1229 ("net: ipv4: don't allow setting net.ipv4.route.min_pmtu below 68")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Nicolai Stange
|
bcf49bd648 |
net: ipv4: emulate READ_ONCE() on ->hdrincl bit-field in raw_sendmsg()
commit 20b50d79974ea3192e8c3ab7faf4e536e5f14d8f upstream.
Commit 8f659a03a0ba ("net: ipv4: fix for a race condition in
raw_sendmsg") fixed the issue of possibly inconsistent ->hdrincl handling
due to concurrent updates by reading this bit-field member into a local
variable and using the thus stabilized value in subsequent tests.
However, aforementioned commit also adds the (correct) comment that
/* hdrincl should be READ_ONCE(inet->hdrincl)
* but READ_ONCE() doesn't work with bit fields
*/
because as it stands, the compiler is free to shortcut or even eliminate
the local variable at its will.
Note that I have not seen anything like this happening in reality and thus,
the concern is a theoretical one.
However, in order to be on the safe side, emulate a READ_ONCE() on the
bit-field by doing it on the local 'hdrincl' variable itself:
int hdrincl = inet->hdrincl;
hdrincl = READ_ONCE(hdrincl);
This breaks the chain in the sense that the compiler is not allowed
to replace subsequent reads from hdrincl with reloads from inet->hdrincl.
Fixes: 8f659a03a0ba ("net: ipv4: fix for a race condition in raw_sendmsg")
Signed-off-by: Nicolai Stange <nstange@suse.de>
Reviewed-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Cc: Guenter Roeck <linux@roeck-us.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
95495cdf37 |
This is the 4.14.177 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6igLUACgkQONu9yGCS
aT5+1g//QeF4tEaKuz/4MnqHcXk7TUit90Y9DE1HzInayMj8hWzQy8JoC0tkGDcF
2EtB5ySxvD74FTMKCdLMjDNJaCw4wDrz2YZalE0PIaB/0/d4b2Vyr0NDT5siJUHz
0AVMbeSkFBP/ygldEl1T1V9EPqhh7VTUSTMCJ198XsWkBsGEK87+ah0LOPiL1d8i
OUYLC02/4lyyMLySvPWA51hdEOzobJNrGmUWZksmwocmO5a0xyBcqiS9dlmD0T3o
gLOQQW99QV40ZMNlYzpf8Qgane23HK9kw4koDPGamZtLuzUm1bDpiFpO7tktn0g7
/Pw0rm/a14HjpzG59v0bwL+3+m7G2uMCYT3XpRTseR251KrRI+xBkqArHHd4mm7Z
kZZrABko6W/cerwjq5D96HY28Hk8L5fHn5q6gLoi2cEMP8Fe+TdWdrvkxlDO6MTT
6P3y+pOfIHk0/OtiegrEpt132atkJEzG6eHmOU9LG9V9yXvmUzHR2+5sBOXUsZt/
PGR5Ty2o4SDCicvXyL5ULKvwvBjV1jMf87extOOKuKCa8Y4DtsZvBaOYUr3/b45H
CmusNFPvHWALL8xBWvDoqdGuvP0dmv70cLK5Frac+sv9nHawRVUvES13octkGzZG
68/ReEwZHws5Ir5Nr+eUtJdUnltFwmO6P9aCkw548PsH4Ug8Eqs=
=Z08g
-----END PGP SIGNATURE-----
Merge 4.14.177 into android-4.14-stable
Changes in 4.14.177
bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
net: vxge: fix wrong __VA_ARGS__ usage
hinic: fix a bug of waitting for IO stopped
hinic: fix wrong para of wait_for_completion_timeout
cxgb4/ptp: pass the sign of offset delta in FW CMD
qlcnic: Fix bad kzalloc null test
i2c: st: fix missing struct parameter description
null_blk: Fix the null_add_dev() error path
null_blk: Handle null_add_dev() failures properly
null_blk: fix spurious IO errors after failed past-wp access
x86: Don't let pgprot_modify() change the page encryption bit
block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices
irqchip/versatile-fpga: Handle chained IRQs properly
sched: Avoid scale real weight down to zero
selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault
PCI/switchtec: Fix init_completion race condition with poll_wait()
libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()
gfs2: Don't demote a glock until its revokes are written
x86/boot: Use unsigned comparison for addresses
efi/x86: Ignore the memory attributes table on i386
genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy()
block: Fix use-after-free issue accessing struct io_cq
usb: dwc3: core: add support for disabling SS instances in park mode
irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency
locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
block, bfq: fix use-after-free in bfq_idle_slice_timer_body
btrfs: remove a BUG_ON() from merge_reloc_roots()
btrfs: track reloc roots based on their commit root bytenr
uapi: rename ext2_swab() to swab() and share globally in swab.h
misc: rtsx: set correct pcr_ops for rts522A
slub: improve bit diffusion for freelist ptr obfuscation
ASoC: fix regwmask
ASoC: dapm: connect virtual mux with default value
ASoC: dpcm: allow start or stop during pause for backend
ASoC: topology: use name_prefix for new kcontrol
usb: gadget: f_fs: Fix use after free issue as part of queue failure
usb: gadget: composite: Inform controller driver of self-powered
ALSA: usb-audio: Add mixer workaround for TRX40 and co
ALSA: hda: Add driver blacklist
ALSA: hda: Fix potential access overflow in beep helper
ALSA: ice1724: Fix invalid access for enumerated ctl items
ALSA: pcm: oss: Fix regression by buffer overflow fix
ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256
ALSA: hda/realtek - Set principled PC Beep configuration for ALC256
media: ti-vpe: cal: fix disable_irqs to only the intended target
acpi/x86: ignore unspecified bit positions in the ACPI global lock field
thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n
nvme-fc: Revert "add module to ops template to allow module references"
PCI/ASPM: Clear the correct bits when enabling L1 substates
PCI: endpoint: Fix for concurrent memory allocation in OB address region
KEYS: reaching the keys quotas correctly
irqchip/versatile-fpga: Apply clear-mask earlier
MIPS: OCTEON: irq: Fix potential NULL pointer dereference
ath9k: Handle txpower changes even when TPC is disabled
signal: Extend exec_id to 64bits
x86/entry/32: Add missing ASM_CLAC to general_protection entry
KVM: nVMX: Properly handle userspace interrupt window request
KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks
KVM: s390: vsie: Fix delivery of addressing exceptions
KVM: x86: Allocate new rmap and large page tracking when moving memslot
KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support
KVM: VMX: fix crash cleanup when KVM wasn't used
CIFS: Fix bug which the return value by asynchronous read is error
btrfs: drop block from cache on error in relocation
crypto: mxs-dcp - fix scatterlist linearization for hash
ALSA: hda: Initialize power_state field properly
net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags
powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init()
x86/speculation: Remove redundant arch_smt_update() invocation
tools: gpio: Fix out-of-tree build regression
mm: Use fixed constant in page_frag_alloc instead of size + 1
dm verity fec: fix memory leak in verity_fec_dtr
scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point
arm64: armv8_deprecated: Fix undef_hook mask for thumb setend
rtc: omap: Use define directive for PIN_CONFIG_ACTIVE_HIGH
NFS: Fix a page leak in nfs_destroy_unlinked_subrequests()
ext4: fix a data race at inode->i_blocks
fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once()
ocfs2: no need try to truncate file beyond i_size
perf tools: Support Python 3.8+ in Makefile
s390/diag: fix display of diagnose call statistics
Input: i8042 - add Acer Aspire 5738z to nomux list
kmod: make request_module() return an error when autoloading is disabled
cpufreq: powernv: Fix use-after-free
hfsplus: fix crash and filesystem corruption when deleting files
libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set
powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle
powerpc/64/tm: Don't let userspace set regs->trap via sigreturn
powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries
powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs
powerpc/kprobes: Ignore traps that happened in real mode
scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug
powerpc: Add attributes for setjmp/longjmp
powerpc: Make setjmp/longjmp signature standard
Btrfs: fix crash during unmount due to race with delayed inode workers
btrfs: use nofs allocations for running delayed items
dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone()
crypto: caam - update xts sector size for large input length
drm/dp_mst: Fix clearing payload state on topology disable
drm: Remove PageReserved manipulation from drm_pci_alloc
ftrace/kprobe: Show the maxactive number on kprobe_events
ipmi: fix hung processes in __get_guid()
powerpc/fsl_booke: Avoid creating duplicate tlb1 entry
misc: echo: Remove unnecessary parentheses and simplify check for zero
mfd: dln2: Fix sanity checking for endpoints
amd-xgbe: Use __napi_schedule() in BH context
hsr: check protocol version in hsr_newlink()
net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
net: ipv6: do not consider routes via gateways for anycast address check
net: qrtr: send msgs from local of same id as broadcast
net: revert default NAPI poll timeout to 2 jiffies
net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes
scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic
jbd2: improve comments about freeing data buffers whose page mapping is NULL
pwm: pca9685: Fix PWM/GPIO inter-operation
ext4: fix incorrect group count in ext4_fill_super error message
ext4: fix incorrect inodes per group in error message
ASoC: Intel: mrfld: fix incorrect check on p->sink
ASoC: Intel: mrfld: return error codes when an error occurs
ALSA: usb-audio: Don't override ignore_ctl_error value from the map
tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation
btrfs: check commit root generation in should_ignore_root
mac80211_hwsim: Use kstrndup() in place of kasprintf()
ext4: do not zeroout extents beyond i_disksize
dm flakey: check for null arg_name in parse_features()
kvm: x86: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD
scsi: target: remove boilerplate code
scsi: target: fix hang when multiple threads try to destroy the same iscsi session
x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE
x86/intel_rdt: Enumerate L2 Code and Data Prioritization (CDP) feature
x86/intel_rdt: Add two new resources for L2 Code and Data Prioritization (CDP)
x86/intel_rdt: Enable L2 CDP in MSR IA32_L2_QOS_CFG
x86/resctrl: Preserve CDP enable over CPU hotplug
x86/resctrl: Fix invalid attempt at removing the default resource group
mm/vmalloc.c: move 'area->pages' after if statement
objtool: Fix switch table detection in .text.unlikely
scsi: sg: add sg_remove_request in sg_common_write
ext4: use non-movable memory for superblock readahead
arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0
netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type
irqchip/mbigen: Free msi_desc on device teardown
ALSA: hda: Don't release card at firmware loading error
lib/raid6: use vdupq_n_u8 to avoid endianness warnings
video: fbdev: sis: Remove unnecessary parentheses and commented code
drm: NULL pointer dereference [null-pointer-deref] (CWE 476) problem
clk: Fix debugfs_create_*() usage
Revert "gpio: set up initial state from .get_direction()"
arm64: perf: remove unsupported events for Cortex-A73
arm64: traps: Don't print stack or raw PC/LR values in backtraces
arch_topology: Fix section miss match warning due to free_raw_capacity()
wil6210: increase firmware ready timeout
wil6210: fix temperature debugfs
scsi: ufs: make sure all interrupts are processed
scsi: ufs: ufs-qcom: remove broken hci version quirk
wil6210: rate limit wil_rx_refill error
rpmsg: glink: use put_device() if device_register fail
rtc: pm8xxx: Fix issue in RTC write path
rpmsg: glink: Fix missing mutex_init() in qcom_glink_alloc_channel()
rpmsg: glink: smem: Ensure ordering during tx
wil6210: fix PCIe bus mastering in case of interface down
wil6210: add block size checks during FW load
wil6210: fix length check in __wmi_send
wil6210: abort properly in cfg suspend
soc: qcom: smem: Use le32_to_cpu for comparison
of: fix missing kobject init for !SYSFS && OF_DYNAMIC config
rbd: avoid a deadlock on header_rwsem when flushing notifies
rbd: call rbd_dev_unprobe() after unwatching and flushing notifies
of: unittest: kmemleak in of_unittest_platform_populate()
clk: at91: usb: continue if clk_hw_round_rate() return zero
power: supply: bq27xxx_battery: Silence deferred-probe error
clk: tegra: Fix Tegra PMC clock out parents
soc: imx: gpc: fix power up sequencing
rtc: 88pm860x: fix possible race condition
NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid()
NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
s390/cpuinfo: fix wrong output when CPU0 is offline
powerpc/maple: Fix declaration made after definition
ext4: do not commit super on read-only bdev
include/linux/swapops.h: correct guards for non_swap_entry()
percpu_counter: fix a data race at vm_committed_as
compiler.h: fix error in BUILD_BUG_ON() reporting
KVM: s390: vsie: Fix possible race when shadowing region 3 tables
x86: ACPI: fix CPU hotplug deadlock
drm/amdkfd: kfree the wrong pointer
NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
iommu/vt-d: Fix mm reference leak
ext2: fix empty body warnings when -Wextra is used
ext2: fix debug reference to ext2_xattr_cache
libnvdimm: Out of bounds read in __nd_ioctl()
iommu/amd: Fix the configuration of GCR3 table root pointer
net: dsa: bcm_sf2: Fix overflow checks
fbdev: potential information leak in do_fb_ioctl()
tty: evh_bytechan: Fix out of bounds accesses
locktorture: Print ratio of acquisitions, not failures
mtd: lpddr: Fix a double free in probe()
mtd: phram: fix a double free issue in error path
KEYS: Use individual pages in big_key for crypto buffers
KEYS: Don't write out to userspace while holding key semaphore
Linux 4.14.177
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I5eb89921eb63ee9e92a031fc6f3a10d9e2616358
|
||
Taras Chornyi
|
cce0d1bd3f |
net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
[ Upstream commit 690cc86321eb9bcee371710252742fb16fe96824 ]
When CONFIG_IP_MULTICAST is not set and multicast ip is added to the device
with autojoin flag or when multicast ip is deleted kernel will crash.
steps to reproduce:
ip addr add 224.0.0.0/32 dev eth0
ip addr del 224.0.0.0/32 dev eth0
or
ip addr add 224.0.0.0/32 dev eth0 autojoin
Unable to handle kernel NULL pointer dereference at virtual address 0000000000000088
pc : _raw_write_lock_irqsave+0x1e0/0x2ac
lr : lock_sock_nested+0x1c/0x60
Call trace:
_raw_write_lock_irqsave+0x1e0/0x2ac
lock_sock_nested+0x1c/0x60
ip_mc_config.isra.28+0x50/0xe0
inet_rtm_deladdr+0x1a8/0x1f0
rtnetlink_rcv_msg+0x120/0x350
netlink_rcv_skb+0x58/0x120
rtnetlink_rcv+0x14/0x20
netlink_unicast+0x1b8/0x270
netlink_sendmsg+0x1a0/0x3b0
____sys_sendmsg+0x248/0x290
___sys_sendmsg+0x80/0xc0
__sys_sendmsg+0x68/0xc0
__arm64_sys_sendmsg+0x20/0x30
el0_svc_common.constprop.2+0x88/0x150
do_el0_svc+0x20/0x80
el0_sync_handler+0x118/0x190
el0_sync+0x140/0x180
Fixes: 93a714d6b53d ("multicast: Extend ip address command to enable multicast group join/leave on")
Signed-off-by: Taras Chornyi <taras.chornyi@plvision.eu>
Signed-off-by: Vadym Kochan <vadym.kochan@plvision.eu>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Srinivasarao P
|
89c9d6d8aa |
Merge android-4.14.162 (c2bd4f8) into msm-4.14
* refs/heads/tmp-c2bd4f8: Linux 4.14.162 spi: fsl: use platform_get_irq() instead of of_irq_to_resource() gtp: avoid zero size hashtable gtp: fix an use-after-free in ipv4_pdp_find() gtp: fix wrong condition in gtp_genl_dump_pdp() tcp: do not send empty skb from tcp_write_xmit() tcp/dccp: fix possible race __inet_lookup_established() gtp: do not allow adding duplicate tid and ms_addr pdp context sit: do not confirm neighbor when do pmtu update vti: do not confirm neighbor when do pmtu update tunnel: do not confirm neighbor when do pmtu update net/dst: add new function skb_dst_update_pmtu_no_confirm gtp: do not confirm neighbor when do pmtu update ip6_gre: do not confirm neighbor when do pmtu update net: add bool confirm_neigh parameter for dst_ops.update_pmtu vhost/vsock: accept only packets with the right dst_cid udp: fix integer overflow while computing available space in sk_rcvbuf ptp: fix the race between the release of ptp_clock and cdev net/mlxfw: Fix out-of-memory error in mfa2 flash burning net: ena: fix napi handler misbehavior when the napi budget is zero pinctrl: baytrail: Really serialize all register accesses tty/serial: atmel: fix out of range clock divider handling spi: fsl: don't map irq during probe hrtimer: Annotate lockless access to timer->state net: icmp: fix data-race in cmp_global_allow() net: add a READ_ONCE() in skb_peek_tail() inetpeer: fix data-race in inet_putpeer / inet_putpeer netfilter: bridge: make sure to pull arp header in br_nf_forward_arp() 6pack,mkiss: fix possible deadlock netfilter: ebtables: compat: reject all padding in matches/watchers filldir[64]: remove WARN_ON_ONCE() for bad directory entries Make filldir[64]() verify the directory entry filename is valid perf strbuf: Remove redundant va_end() in strbuf_addv() bonding: fix active-backup transition after link failure ALSA: hda - Downgrade error message for single-cmd fallback netfilter: nf_queue: enqueue skbs with NULL dst net, sysctl: Fix compiler warning when only cBPF is present x86/mce: Fix possibly incorrect severity calculation on AMD userfaultfd: require CAP_SYS_PTRACE for UFFD_FEATURE_EVENT_FORK kernel: sysctl: make drop_caches write-only ocfs2: fix passing zero to 'PTR_ERR' warning s390/cpum_sf: Check for SDBT and SDB consistency libfdt: define INT32_MAX and UINT32_MAX in libfdt_env.h s390/zcrypt: handle new reply code FILTERED_BY_HYPERVISOR perf regs: Make perf_reg_name() return "unknown" instead of NULL perf script: Fix brstackinsn for AUXTRACE cdrom: respect device capabilities during opening action scripts/kallsyms: fix definitely-lost memory leak apparmor: fix unsigned len comparison with less than zero gpio: mpc8xxx: Don't overwrite default irq_set_type callback scsi: target: iscsi: Wait for all commands to finish before freeing a session scsi: iscsi: Don't send data to unbound connection scsi: NCR5380: Add disconnect_mask module parameter scsi: scsi_debug: num_tgts must be >= 0 scsi: ufs: Fix error handing during hibern8 enter scsi: pm80xx: Fix for SATA device discovery HID: Improve Windows Precision Touchpad detection. libnvdimm/btt: fix variable 'rc' set but not used HID: logitech-hidpp: Silence intermittent get_battery_capacity errors bcache: at least try to shrink 1 node in bch_mca_scan() clk: pxa: fix one of the pxa RTC clocks scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE powerpc/security: Fix wrong message when RFI Flush is disable powerpc/pseries/cmm: Implement release() function for sysfs device scsi: ufs: fix potential bug which ends in system hang scsi: lpfc: fix: Coverity: lpfc_cmpl_els_rsp(): Null pointer dereferences fs/quota: handle overflows of sysctl fs.quota.* and report as unsigned long irqchip: ingenic: Error out if IRQ domain creation failed irqchip/irq-bcm7038-l1: Enable parent IRQ if necessary clk: qcom: Allow constant ratio freq tables for rcg f2fs: fix to update dir's i_pino during cross_rename scsi: lpfc: Fix duplicate unreg_rpi error in port offline flow scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6) jbd2: Fix statistics for the number of logged blocks ext4: update direct I/O read lock pattern for IOCB_NOWAIT powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning powerpc/security/book3s64: Report L1TF status in sysfs clocksource/drivers/asm9260: Add a check for of_clk_get dma-debug: add a schedule point in debug_dma_dump_mappings() powerpc/tools: Don't quote $objdump in scripts powerpc/pseries: Don't fail hash page table insert for bolted mapping powerpc/pseries: Mark accumulate_stolen_time() as notrace scsi: csiostor: Don't enable IRQs too early scsi: lpfc: Fix SLI3 hba in loop mode not discovering devices scsi: target: compare full CHAP_A Algorithm strings iommu/tegra-smmu: Fix page tables in > 4 GiB memory Input: atmel_mxt_ts - disable IRQ across suspend scsi: lpfc: Fix locking on mailbox command completion scsi: mpt3sas: Fix clear pending bit in ioctl status scsi: lpfc: Fix discovery failures when target device connectivity bounces ANDROID: serdev: Fix platform device support Conflicts: drivers/scsi/ufs/ufshcd.c kernel/time/hrtimer.c Discarded commit 'kernel: sysctl: make drop_caches write-only' due to vts regression. Change-Id: Ieabdc1178e170d30672e233f43139bb97af9bf80 Signed-off-by: Srinivasarao P <spathi@codeaurora.org> Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Srinivasarao P
|
c84760496e |
Merge android-4.14.160 (0f543a0) into msm-4.14
* refs/heads/tmp-0f543a0:
Linux 4.14.160
net: stmmac: don't stop NAPI processing when dropping a packet
net: stmmac: use correct DMA buffer size in the RX descriptor
xhci: fix USB3 device initiated resume race with roothub autosuspend
drm/radeon: fix r1xx/r2xx register checker for POT textures
scsi: iscsi: Fix a potential deadlock in the timeout handler
dm btree: increase rebalance threshold in __rebalance2()
dma-buf: Fix memory leak in sync_file_merge()
vfio/pci: call irq_bypass_unregister_producer() before freeing irq
ARM: tegra: Fix FLOW_CTLR_HALT register clobbering by tegra_resume()
ARM: dts: s3c64xx: Fix init order of clock providers
CIFS: Respect O_SYNC and O_DIRECT flags during reconnect
rpmsg: glink: Free pending deferred work on remove
rpmsg: glink: Don't send pending rx_done during remove
rpmsg: glink: Fix rpmsg_register_device err handling
rpmsg: glink: Put an extra reference during cleanup
rpmsg: glink: Fix use after free in open_ack TIMEOUT case
rpmsg: glink: Fix reuse intents memory leak issue
rpmsg: glink: Set tail pointer to 0 at end of FIFO
xtensa: fix TLB sanity checker
PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3
PCI/MSI: Fix incorrect MSI-X masking on resume
PCI: Fix Intel ACS quirk UPDCR register address
PCI/PM: Always return devices to D0 when thawing
Revert "regulator: Defer init completion for a while after late_initcall"
nvme: host: core: fix precedence of ternary operator
inet: protect against too small mtu values.
tcp: Protect accesses to .ts_recent_stamp with {READ,WRITE}_ONCE()
tcp: tighten acceptance of ACKs not matching a child socket
tcp: fix rejected syncookies due to stale timestamps
tipc: fix ordering of tipc module init and exit routine
tcp: md5: fix potential overestimation of TCP option space
openvswitch: support asymmetric conntrack
net: thunderx: start phy before starting autonegotiation
net: ethernet: ti: cpsw: fix extra rx interrupt
net: dsa: fix flow dissection on Tx path
net: bridge: deny dev_set_mac_address() when unregistering
ANDROID: cuttlefish_defconfig: Enable CONFIG_GNSS_CMDLINE_SERIAL
ANDROID: gnss: Add command line test driver
ANDROID: serdev: add platform device support
ANDROID: cuttlefish_defconfig: set BINFMT_MISC
UPSTREAM: binder: fix incorrect calculation for num_valid
ANDROID: kbuild: disable clang-specific configs with other compilers
Conflicts:
drivers/rpmsg/qcom_glink_native.c
drivers/rpmsg/qcom_glink_smem.c
net/ipv4/ip_output.c
Change-Id: I5a153d5632311789c3d2a24522a8fa3696b06850
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Srinivasarao P
|
8241b06f7c |
Merge android-4.14.159 (f960b38) into msm-4.14
* refs/heads/tmp-f960b38: Linux 4.14.159 of: unittest: fix memory leak in attach_node_and_children raid5: need to set STRIPE_HANDLE for batch head gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist kernel/module.c: wakeup processes in module_wq on module unload gfs2: fix glock reference problem in gfs2_trans_remove_revoke net/mlx5e: Fix SFF 8472 eeprom length sunrpc: fix crash when cache_head become valid before update workqueue: Fix missing kfree(rescuer) in destroy_workqueue() blk-mq: make sure that line break can be printed mfd: rk808: Fix RK818 ID template ext4: fix a bug in ext4_wait_for_tail_page_commit mm/shmem.c: cast the type of unmap_start to u64 firmware: qcom: scm: Ensure 'a0' status code is treated as signed ext4: work around deleting a file with i_nlink == 0 safely powerpc: Fix vDSO clock_getres() powerpc: Avoid clang warnings around setjmp and longjmp ath10k: fix fw crash by moving chip reset after napi disabled media: vimc: fix component match compare mlxsw: spectrum_router: Refresh nexthop neighbour when it becomes dead power: supply: cpcap-battery: Fix signed counter sample register x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models e100: Fix passing zero to 'PTR_ERR' warning in e100_load_ucode_wait drbd: Change drbd_request_detach_interruptible's return type to int scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE scsi: lpfc: Cap NPIV vports to 256 omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251 phy: renesas: rcar-gen3-usb2: Fix sysfs interface of "role" iio: adis16480: Add debugfs_reg_access entry xhci: make sure interrupts are restored to correct state xhci: Fix memory leak in xhci_add_in_port() scsi: qla2xxx: Fix message indicating vectors used by driver scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value scsi: qla2xxx: Fix qla24xx_process_bidir_cmd() scsi: qla2xxx: Fix session lookup in qlt_abort_work() scsi: qla2xxx: Fix DMA unmap leak scsi: zfcp: trace channel log even for FCP command responses block: fix single range discard merge reiserfs: fix extended attributes on the root directory ext4: Fix credit estimate for final inode freeing quota: fix livelock in dquot_writeback_dquots ext2: check err when partial != NULL quota: Check that quota is not dirty before release video/hdmi: Fix AVI bar unpack powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts powerpc: Allow flush_icache_range to work across ranges >4GB powerpc/xive: Prevent page fault issues in the machine crash handler powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB ppdev: fix PPGETTIME/PPSETTIME ioctls ARM: dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init pinctrl: samsung: Fix device node refcount leaks in init code pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init pinctrl: samsung: Add of_node_put() before return in error path ACPI: PM: Avoid attaching ACPI PM domain to certain devices ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data() ACPI: OSL: only free map once in osl.c cpufreq: powernv: fix stack bloat and hard limit on number of CPUs PM / devfreq: Lock devfreq in trans_stat_show intel_th: pci: Add Tiger Lake CPU support intel_th: pci: Add Ice Lake CPU support intel_th: Fix a double put_device() in error path cpuidle: Do not unset the driver if it is there already media: cec.h: CEC_OP_REC_FLAG_ values were swapped media: radio: wl1273: fix interrupt masking on release media: bdisp: fix memleak on release s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported ar5523: check NULL before memcpy() in ar5523_cmd() cgroup: pids: use atomic64_t for pids->limit blk-mq: avoid sysfs buffer overflow with too many CPU cores ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report workqueue: Fix pwq ref leak in rescuer_thread() workqueue: Fix spurious sanity check failures in destroy_workqueue() dm zoned: reduce overhead of backing device checks hwrng: omap - Fix RNG wait loop timeout watchdog: aspeed: Fix clock behaviour for ast2600 md/raid0: Fix an error message in raid0_make_request() ALSA: hda - Fix pending unsol events at shutdown ovl: relax WARN_ON() on rename to self lib: raid6: fix awk build warnings rtlwifi: rtl8192de: Fix missing enable interrupt flag rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address btrfs: record all roots for rename exchange on a subvol Btrfs: send, skip backreference walking for extents with many references btrfs: Remove btrfs_bio::flags member Btrfs: fix negative subv_writers counter and data space leak after buffered write btrfs: use refcount_inc_not_zero in kill_all_nodes btrfs: check page->mapping when loading free space cache usb: dwc3: ep0: Clear started flag on completion virtio-balloon: fix managed page counts when migrating pages between zones mtd: spear_smi: Fix Write Burst mode tpm: add check after commands attribs tab allocation usb: mon: Fix a deadlock in usbmon between mmap and read usb: core: urb: fix URB structure initialization function USB: adutux: fix interface sanity check USB: serial: io_edgeport: fix epic endpoint lookup USB: idmouse: fix interface sanity checks USB: atm: ueagle-atm: add missing endpoint check iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel reporting ARM: dts: pandora-common: define wl1251 as child node of mmc3 xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour. xhci: Increase STS_HALT timeout in xhci_suspend() usb: xhci: only set D3hot for pci device staging: gigaset: add endpoint-type sanity check staging: gigaset: fix illegal free on probe errors staging: gigaset: fix general protection fault on probe staging: rtl8712: fix interface sanity check staging: rtl8188eu: fix interface sanity check usb: Allow USB device to be warm reset in suspended state USB: documentation: flags on usb-storage versus UAS USB: uas: heed CAPACITY_HEURISTICS USB: uas: honor flag to avoid CAPACITY16 media: venus: remove invalid compat_ioctl32 handler scsi: qla2xxx: Fix driver unload hang usb: gadget: pch_udc: fix use after free usb: gadget: configfs: Fix missing spin_lock_init() appletalk: Set error code if register_snap_client failed appletalk: Fix potential NULL pointer dereference in unregister_snap_client KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) ASoC: rsnd: fixup MIX kctrl registration binder: Handle start==NULL in binder_update_page_range() thermal: Fix deadlock in thermal thermal_zone_device_check iomap: Fix pipe page leakage during splicing RDMA/qib: Validate ->show()/store() callbacks before calling them spi: atmel: Fix CS high support crypto: user - fix memory leak in crypto_report crypto: ecdh - fix big endian bug in ECC library crypto: ccp - fix uninitialized list head crypto: af_alg - cast ki_complete ternary op to int crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES KVM: x86: do not modify masked bits of shared MSRs KVM: arm/arm64: vgic: Don't rely on the wrong pending table drm/i810: Prevent underflow in ioctl jbd2: Fix possible overflow in jbd2_log_space_left() kernfs: fix ino wrap-around detection can: slcan: Fix use-after-free Read in slcan_open tty: vt: keyboard: reject invalid keycodes CIFS: Fix SMB2 oplock break processing CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect Input: Fix memory leak in psxpad_spi_probe coresight: etm4x: Fix input validation for sysfs. Input: goodix - add upside-down quirk for Teclast X89 tablet Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus ALSA: hda - Add mute led support for HP ProBook 645 G4 ALSA: pcm: oss: Avoid potential buffer overflows ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236 fuse: verify attributes fuse: verify nlink sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision tcp: exit if nothing to retransmit on RTO timeout net: aquantia: fix RSS table and key sizes media: vimc: fix start stream when link is disabled ARM: dts: sunxi: Fix PMU compatible strings usb: mtu3: fix dbginfo in qmu_tx_zlp_error_handler mlx4: Use snprintf instead of complicated strcpy IB/hfi1: Close VNIC sdma_progress sleep window IB/hfi1: Ignore LNI errors before DC8051 transitions to Polling state mlxsw: spectrum_router: Relax GRE decap matching check firmware: qcom: scm: fix compilation error when disabled media: stkwebcam: Bugfix for wrong return values tty: Don't block on IO when ldisc change is pending nfsd: Return EPERM, not EACCES, in some SETATTR cases MIPS: OCTEON: cvmx_pko_mem_debug8: use oldest forward compatible definition clk: renesas: r8a77995: Correct parent clock of DU powerpc/math-emu: Update macros from GCC pstore/ram: Avoid NULL deref in ftrace merging failure path net/mlx4_core: Fix return codes of unsupported operations dlm: fix invalid cluster name warning ARM: dts: realview: Fix some more duplicate regulator nodes clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent ARM: dts: pxa: clean up USB controller nodes mtd: fix mtd_oobavail() incoherent returned value kbuild: fix single target build for external module modpost: skip ELF local symbols during section mismatch check tcp: fix SNMP TCP timeout under-estimation tcp: fix SNMP under-estimation on failed retransmission tcp: fix off-by-one bug on aborting window-probing socket ARM: dts: realview-pbx: Fix duplicate regulator nodes ARM: dts: mmp2: fix the gpio interrupt cell number net/x25: fix null_x25_address handling net/x25: fix called/calling length calculation in x25_parse_address_block arm64: dts: meson-gxl-khadas-vim: fix GPIO lines names arm64: dts: meson-gxbb-odroidc2: fix GPIO lines names arm64: dts: meson-gxbb-nanopi-k2: fix GPIO lines names arm64: dts: meson-gxl-libretech-cc: fix GPIO lines names ARM: OMAP1/2: fix SoC name printing ASoC: au8540: use 64-bit arithmetic instead of 32-bit nfsd: fix a warning in __cld_pipe_upcall() ARM: debug: enable UART1 for socfpga Cyclone5 dlm: NULL check before kmem_cache_destroy is not needed ARM: dts: sun8i: v3s: Change pinctrl nodes to avoid warning ARM: dts: sun5i: a10s: Fix HDMI output DTC warning ASoC: rsnd: tidyup registering method for rsnd_kctrl_new() lockd: fix decoding of TEST results i2c: imx: don't print error message on probe defer serial: imx: fix error handling in console_setup altera-stapl: check for a null key before strcasecmp'ing it dma-mapping: fix return type of dma_set_max_seg_size() sparc: Correct ctx->saw_frame_pointer logic. f2fs: fix to allow node segment for GC by ioctl path ARM: dts: rockchip: Assign the proper GPIO clocks for rv1108 ARM: dts: rockchip: Fix the PMU interrupt number for rv1108 f2fs: change segment to section in f2fs_ioc_gc_range f2fs: fix count of seg_freed to make sec_freed correct ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion() usb: dwc3: don't log probe deferrals; but do log other error codes usb: dwc3: debugfs: Properly print/set link state for HS dmaengine: dw-dmac: implement dma protection control setting dmaengine: coh901318: Remove unused variable dmaengine: coh901318: Fix a double-lock bug media: cec: report Vendor ID after initialization media: pulse8-cec: return 0 when invalidating the logical address ARM: dts: exynos: Use Samsung SoC specific compatible for DWC2 module rtc: dt-binding: abx80x: fix resistance scale rtc: max8997: Fix the returned value in case of error in 'max8997_rtc_read_alarm()' math-emu/soft-fp.h: (_FP_ROUND_ZERO) cast 0 to void to fix warning net/smc: use after free fix in smc_wr_tx_put_slot() MIPS: OCTEON: octeon-platform: fix typing iomap: sub-block dio needs to zeroout beyond EOF net-next/hinic:fix a bug in set mac address regulator: Fix return value of _set_load() stub clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 clk: rockchip: fix I2S1 clock gate register for rk3328 mm/vmstat.c: fix NUMA statistics updates Staging: iio: adt7316: Fix i2c data reading, set the data field pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues crypto: bcm - fix normal/non key hash algorithm failure crypto: ecc - check for invalid values in the key verification test scsi: zfcp: drop default switch case which might paper over missing case net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2 MIPS: SiByte: Enable ZONE_DMA32 for LittleSur dlm: fix missing idr_destroy for recover_idr ARM: dts: rockchip: Fix rk3288-rock2 vcc_flash name clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering clk: rockchip: fix rk3188 sclk_smc gate data i40e: don't restart nway if autoneg not supported rtc: s3c-rtc: Avoid using broken ALMYEAR register net: ethernet: ti: cpts: correct debug for expired txq skb extcon: max8997: Fix lack of path setting in USB device mode dlm: fix possible call to kfree() for non-initialized pointer clk: sunxi-ng: a64: Fix gate bit of DSI DPHY net/mlx5: Release resource on error flow ARM: 8813/1: Make aligned 2-byte getuser()/putuser() atomic on ARMv6+ iwlwifi: mvm: Send non offchannel traffic via AP sta iwlwifi: mvm: synchronize TID queue removal cxgb4vf: fix memleak in mac_hlist initialization serial: core: Allow processing sysrq at port unlock time i2c: core: fix use after free in of_i2c_notify net: ep93xx_eth: fix mismatch of request_mem_region in remove rsxx: add missed destroy_workqueue calls in remove ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() sched/core: Avoid spurious lock dependencies Input: cyttsp4_core - fix use after free bug xfrm: release device reference for invalid state NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error audit_get_nd(): don't unlock parent too early exportfs_decode_fh(): negative pinned may become positive without the parent locked iwlwifi: pcie: don't consider IV len in A-MSDU RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN autofs: fix a leak in autofs_expire_indirect() serial: ifx6x60: add missed pm_runtime_disable serial: serial_core: Perform NULL checks for break_ctl ops serial: pl011: Fix DMA ->flush_buffer() tty: serial: msm_serial: Fix flow control tty: serial: fsl_lpuart: use the sg count from dma_map_sg usb: gadget: u_serial: add missing port entry locking arm64: tegra: Fix 'active-low' warning for Jetson TX1 regulator rsi: release skb if rsi_prepare_beacon fails ANDROID: staging: android: ion: Fix build when CONFIG_ION_SYSTEM_HEAP=n ANDROID: staging: android: ion: Expose total heap and pool sizes via sysfs UPSTREAM: include/linux/slab.h: fix sparse warning in kmalloc_type() UPSTREAM: mm, slab: shorten kmalloc cache names for large sizes UPSTREAM: mm, proc: add KReclaimable to /proc/meminfo BACKPORT: mm: rename and change semantics of nr_indirectly_reclaimable_bytes UPSTREAM: dcache: allocate external names from reclaimable kmalloc caches BACKPORT: mm, slab/slub: introduce kmalloc-reclaimable caches UPSTREAM: mm, slab: combine kmalloc_caches and kmalloc_dma_caches ANDROID: kbuild: disable SCS by default in allmodconfig ANDROID: arm64: cuttlefish_defconfig: enable LTO, CFI, and SCS BACKPORT: FROMLIST: arm64: implement Shadow Call Stack FROMLIST: arm64: disable SCS for hypervisor code BACKPORT: FROMLIST: arm64: vdso: disable Shadow Call Stack FROMLIST: arm64: preserve x18 when CPU is suspended FROMLIST: arm64: reserve x18 from general allocation with SCS FROMLIST: arm64: disable function graph tracing with SCS FROMLIST: scs: add support for stack usage debugging FROMLIST: scs: add accounting FROMLIST: add support for Clang's Shadow Call Stack (SCS) FROMLIST: arm64: kernel: avoid x18 in __cpu_soft_restart FROMLIST: arm64: kvm: stop treating register x18 as caller save FROMLIST: arm64/lib: copy_page: avoid x18 register in assembler code FROMLIST: arm64: mm: avoid x18 in idmap_kpti_install_ng_mappings ANDROID: use non-canonical CFI jump tables ANDROID: arm64: add __nocfi to __apply_alternatives ANDROID: arm64: add __pa_function ANDROID: arm64: allow ThinLTO to be selected ANDROID: soc/tegra: disable ARCH_TEGRA_210_SOC with LTO FROMLIST: arm64: fix alternatives with LLVM's integrated assembler ANDROID: irqchip/gic-v3: rename gic_of_init to work around a ThinLTO+CFI bug ANDROID: kbuild: limit LTO inlining ANDROID: kbuild: merge module sections with LTO ANDROID: init: ensure initcall ordering with LTO Revert "ANDROID: HACK: init: ensure initcall ordering with LTO" ANDROID: add support for ThinLTO ANDROID: Switch to LLD ANDROID: clang: update to 10.0.1 ANDROID: arm64: add atomic_ll_sc.o to obj-y if using lld ANDROID: enable ARM64_ERRATUM_843419 by default with LTO_CLANG ANDROID: kbuild: allow lld to be used with CONFIG_LTO_CLANG ANDROID: Makefile: set -Qunused-arguments sooner BACKPORT: FROMLIST: Makefile: lld: tell clang to use lld BACKPORT: FROMLIST: Makefile: lld: set -O2 linker flag when linking with LLD ANDROID: scripts/Kbuild: add ld-name support for ld.lld UPSTREAM: bpf: permit multiple bpf attachments for a single perf event UPSTREAM: bpf: use the same condition in perf event set/free bpf handler UPSTREAM: bpf: multi program support for cgroup+bpf BACKPORT: serdev: make synchronous write return bytes written UPSTREAM: gnss: serial: fix synchronous write timeout UPSTREAM: gnss: fix potential error pointer dereference BACKPORT: gnss: add receiver type support UPSTREAM: dt-bindings: add generic gnss binding UPSTREAM: gnss: add generic serial driver ANDROID: cuttlefish_defconfig: Enable CONFIG_SERIAL_DEV_BUS ANDROID: cuttlefish_defconfig: Enable CONFIG_GNSS BACKPORT: gnss: add GNSS receiver subsystem UPSTREAM: arm64: Validate tagged addresses in access_ok() called from kernel threads BACKPORT: ARM: 8905/1: Emit __gnu_mcount_nc when using Clang 10.0.0 or newer fs/lock: skip lock owner pid translation in case we are in init_pid_ns f2fs: stop GC when the victim becomes fully valid f2fs: expose main_blkaddr in sysfs f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project() f2fs: Fix deadlock in f2fs_gc() context during atomic files handling f2fs: show f2fs instance in printk_ratelimited f2fs: fix potential overflow f2fs: fix to update dir's i_pino during cross_rename f2fs: support aligned pinned file f2fs: avoid kernel panic on corruption test f2fs: fix wrong description in document f2fs: cache global IPU bio f2fs: fix to avoid memory leakage in f2fs_listxattr f2fs: check total_segments from devices in raw_super f2fs: update multi-dev metadata in resize_fs f2fs: mark recovery flag correctly in read_raw_super_block() f2fs: fix to update time in lazytime mode vfs: don't allow writes to swap files mm: set S_SWAPFILE on blockdev swap devices Conflicts: drivers/Makefile drivers/staging/android/ion/ion.c drivers/staging/android/ion/ion.h drivers/staging/android/ion/ion_page_pool.c drivers/usb/dwc3/core.c drivers/usb/dwc3/debugfs.c drivers/usb/dwc3/ep0.c fs/f2fs/data.c include/linux/mmzone.h mm/vmstat.c Discarded below patches, as usb patches not applicable and block patch causing stability issues: usb: dwc3: ep0: Clear started flag on completion usb: dwc3: don't log probe deferrals; but do log other error codes block: fix single range discard merge Fixed build errors in below files: drivers/gpu/msm/kgsl_pool.c drivers/staging/android/ion/ion_page_pool.c kernel/taskstats.c Fixed bootup issue in: arch/arm64/mm/proc.s Change-Id: I0a16824c251c14c63af78f9cfd9ede5e82c427fc Signed-off-by: Srinivasarao P <spathi@codeaurora.org> Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Srinivasarao P
|
f3f0576c22 |
Merge android-4.14.158 (84afceb) into msm-4.14
* refs/heads/tmp-84afceb: Linux 4.14.158 net: fec: fix clock count mis-match platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer ASoC: stm32: i2s: fix IRQ clearing ASoC: stm32: i2s: fix 16 bit format support ASoC: stm32: i2s: fix dma configuration pinctrl: stm32: fix memory leak issue mailbox: mailbox-test: fix null pointer if no mmio hwrng: stm32 - fix unbalanced pm_runtime_enable media: stm32-dcmi: fix DMA corruption when stopping streaming crypto: stm32/hash - Fix hmac issue more than 256 bytes HID: core: check whether Usage Page item is after Usage ID items futex: Prevent exit livelock futex: Provide distinct return value when owner is exiting futex: Add mutex around futex exit futex: Provide state handling for exec() as well futex: Sanitize exit state handling futex: Mark the begin of futex exit explicitly futex: Set task::futex_state to DEAD right after handling futex exit futex: Split futex_mm_release() for exit/exec exit/exec: Seperate mm_release() futex: Replace PF_EXITPIDONE with a state futex: Move futex exit handling into futex code futex: Prevent robust futex exit race y2038: futex: Move compat implementation into futex.c mtd: spi-nor: cast to u64 to avoid uint overflows mtd: rawnand: atmel: fix possible object reference leak mtd: rawnand: atmel: Fix spelling mistake in error message net: macb driver, check for SKBTX_HW_TSTAMP net: macb: Fix SUBNS increment and increase resolution watchdog: sama5d4: fix WDD value to be always set to max ext4: add more paranoia checking in ext4_expand_extra_isize handling net: sched: fix `tc -s class show` no bstats on class with nolock subqueues sctp: cache netns in sctp_ep_common tipc: fix link name length check openvswitch: remove another BUG_ON() openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info() slip: Fix use-after-free Read in slip_open openvswitch: fix flow command message size net: psample: fix skb_over_panic macvlan: schedule bc_work even if error media: atmel: atmel-isc: fix INIT_WORK misplacement media: atmel: atmel-isc: fix asd memory allocation pwm: Clear chip_data in pwm_put() net: macb: fix error format in dev_err() media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE xfrm: Fix memleak on xfrm state destroy mei: bus: prefix device names on bus with the bus name USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids staging: rtl8723bs: Drop ACPI device ids staging: rtl8192e: fix potential use after free clk: at91: generated: set audio_pll_allowed in at91_clk_register_generated() clk: at91: fix update bit maps on CFG_MOR write mm, gup: add missing refcount overflow checks on s390 mtd: Remove a debug trace in mtdpart.c powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property() scsi: libsas: Check SMP PHY control function result ACPI / APEI: Switch estatus pool to use vmalloc memory ACPI / APEI: Don't wait to serialise with oops messages when panic()ing scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery apparmor: delete the dentry in aafs_remove() to avoid a leak iommu/amd: Fix NULL dereference bug in match_hid_uid net: hns3: Change fw error code NOT_EXEC to NOT_SUPPORTED bpf: drop refcount if bpf_map_new_fd() fails in map_create() kvm: properly check debugfs dentry before using it net: dev: Use unsigned integer as an argument to left-shift bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id() sctp: don't compare hb_timer expire date before starting it net: fix possible overflow in __sk_mem_raise_allocated() sfc: initialise found bitmap in efx_ef10_mtd_probe tipc: fix skb may be leaky in tipc_link_input blktrace: Show requests without sector net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() decnet: fix DN_IFREQ_SIZE ip_tunnel: Make none-tunnel-dst tunnel port work with lwtunnel sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe gpu: ipu-v3: pre: don't trigger update if buffer address doesn't change serial: 8250: Fix serial8250 initialization crash net/core/neighbour: fix kmemleak minimal reference count for hash tables PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity() net/core/neighbour: tell kmemleak about hash tables tipc: fix memory leak in tipc_nl_compat_publ_dump mtd: Check add_mtd_device() ret code lib/genalloc.c: include vmalloc.h drivers/base/platform.c: kmemleak ignore a known leak fork: fix some -Wmissing-prototypes warnings lib/genalloc.c: use vzalloc_node() to allocate the bitmap lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk vmscan: return NODE_RECLAIM_NOSCAN in node_reclaim() when CONFIG_NUMA is n ocfs2: clear journal dirty flag after shutdown journal net/wan/fsl_ucc_hdlc: Avoid double free in ucc_hdlc_probe() tipc: fix a missing check of genlmsg_put atl1e: checking the status of atl1e_write_phy_reg net: dsa: bcm_sf2: Propagate error value from mdio_write net: stmicro: fix a missing check of clk_prepare net: (cpts) fix a missing check of clk_prepare um: Make GCOV depend on !KCOV f2fs: fix to dirty inode synchronously net/net_namespace: Check the return value of register_pernet_subsys() net/netlink_compat: Fix a missing check of nla_parse_nested pwm: clps711x: Fix period calculation crypto: mxc-scc - fix build warnings on ARM64 powerpc/pseries: Fix node leak in update_lmb_associativity_index() powerpc/83xx: handle machine check caused by watchdog timer regulator: tps65910: fix a missing check of return value IB/rxe: Make counters thread safe drbd: fix print_st_err()'s prototype to match the definition drbd: do not block when adjusting "disk-options" while IO is frozen drbd: reject attach of unsuitable uuids even if connected drbd: ignore "all zero" peer volume sizes in handshake powerpc/powernv/eeh/npu: Fix uninitialized variables in opal_pci_eeh_freeze_status vfio/spapr_tce: Get rid of possible infinite loop powerpc/44x/bamboo: Fix PCI range powerpc/mm: Make NULL pointer deferences explicit on bad page faults. powerpc/prom: fix early DEBUG messages powerpc/perf: Fix unit_sel/cache_sel checks ath6kl: Fix off by one error in scan completion ath6kl: Only use match sets when firmware supports it scsi: csiostor: fix incorrect dma device in case of vport scsi: qla2xxx: deadlock by configfs_depend_item RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer openrisc: Fix broken paths to arch/or32 serial: max310x: Fix tx_empty() callback Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading drivers/regulator: fix a missing check of return value powerpc/xmon: fix dump_segments() powerpc/book3s/32: fix number of bats in p/v_block_mapped() vxlan: Fix error path in __vxlan_dev_create() clocksource/drivers/fttmr010: Fix invalid interrupt register access IB/qib: Fix an error code in qib_sdma_verbs_send() xfs: Fix bulkstat compat ioctls on x32 userspace. xfs: Align compat attrlist_by_handle with native implementation. gfs2: take jdata unstuff into account in do_grow dm flakey: Properly corrupt multi-page bios. HID: doc: fix wrong data structure reference for UHID_OUTPUT pinctrl: sh-pfc: sh7734: Fix shifted values in IPSR10 pinctrl: sh-pfc: sh7264: Fix PFCR3 and PFCR0 register configuration KVM: s390: unregister debug feature on failing arch init bnxt_en: query force speeds before disabling autoneg mode. bnxt_en: Return linux standard errors in bnxt_ethtool.c exofs_mount(): fix leaks on failure exits net/mlx5: Continue driver initialization despite debugfs failure pinctrl: xway: fix gpio-hog related boot issues vfio-mdev/samples: Use u8 instead of char for handle functions xen/pciback: Check dev_data before using it kprobes/x86/xen: blacklist non-attachable xen interrupt functions serial: 8250: Rate limit serial port rx interrupts during input overruns HID: intel-ish-hid: fixes incorrect error handling btrfs: only track ref_heads in delayed_ref_updates mtd: rawnand: sunxi: Write pageprog related opcodes to WCMD_SET mmc: meson-gx: make sure the descriptor is stopped on errors VSOCK: bind to random port for VMADDR_PORT_ANY kvm: vmx: Set IA32_TSC_AUX for legacy mode guests gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB iwlwifi: move iwl_nvm_check_version() into dvm microblaze: move "... is ready" messages to arch/microblaze/Makefile microblaze: adjust the help to the real behavior ubi: Do not drop UBI device reference before using ubi: Put MTD device after it is not used xfs: require both realtime inodes to mount rtl818x: fix potential use after free mwifiex: debugfs: correct histogram spacing, formatting mwifiex: fix potential NULL dereference and use after free crypto: user - support incremental algorithm dumps scsi: lpfc: Enable Management features for IF_TYPE=6 ACPI / LPSS: Ignore acpi_device_fix_up_power() return value ARM: ks8695: fix section mismatch warning PM / AVS: SmartReflex: NULL check before some freeing functions is not needed RDMA/vmw_pvrdma: Use atomic memory allocation in create AH ARM: OMAP1: fix USB configuration for device-only setups arm64: smp: Handle errors reported by the firmware arm64: mm: Prevent mismatched 52-bit VA support parisc: Fix HP SDC hpa address output parisc: Fix serio address output ARM: dts: imx53-voipac-dmm-668: Fix memory node duplication ARM: debug-imx: only define DEBUG_IMX_UART_PORT if needed ARM: dts: Fix up SQ201 flash access scsi: lpfc: Fix dif and first burst use in write commands scsi: lpfc: Fix kernel Oops due to null pring pointers pwm: bcm-iproc: Prevent unloading the driver module while in use block: drbd: remove a stray unlock in __drbd_send_protocol() mac80211: fix station inactive_time shortly after boot ceph: return -EINVAL if given fsc mount option on kernel w/o support net: bcmgenet: reapply manual settings to the PHY scripts/gdb: fix debugging modules compiled with hot/cold partitioning watchdog: meson: Fix the wrong value of left time can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open can: peak_usb: report bus recovery as well bridge: ebtables: don't crash when using dnat target in output chains net: fec: add missed clk_disable_unprepare in remove clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call x86/resctrl: Prevent NULL pointer dereference when reading mondata idr: Fix idr_alloc_u32 on 32-bit systems clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 clk: at91: avoid sleeping early reset: fix reset_control_ops kerneldoc comment clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume ASoC: kirkwood: fix external clock probe defer reset: Fix memory leak in reset_control_array_put() ASoC: compress: fix unsigned integer overflow check ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate Revert "KVM: nVMX: reset cache/shadows when switching loaded VMCS" UPSTREAM: dt-bindings: arm: coresight: Add support for coresight-loses-context-with-cpu BACKPORT: coresight: etm4x: Save/restore state across CPU low power states BACKPORT: ARM: 8900/1: UNWINDER_FRAME_POINTER implementation for Clang Conflicts: Documentation/devicetree/bindings/arm/coresight.txt arch/arm/Makefile drivers/hid/hid-core.c kernel/exit.c Reverted the downstream patch "HID: core: add usage_page_preceding flag for hid_concatenate_usage_page()" as original issue got fixed with upstream changes. Change-Id: I3b833825b3d1104fa07378caef144639074d0a0d Signed-off-by: Srinivasarao P <spathi@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
341ba4f053 |
This is the 4.14.176 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6UJB8ACgkQONu9yGCS
aT7Y3w//SzcPCruJztn3Mijf0PTsGQDhGwoZsb3yQe16/f1B4RSqJYU4OpM3ZCWV
HPDM6KGyK3O/XdegVf+b/kQqsSMscSuUDsm51THU3oyI1OvZRMFMQKlj78frBcpm
ZAHEInt/MkVO35DHd8MUW+L1ljHOKt0NIlNtxRVSwBtRmyYwsGi25SaeZLa6S3FQ
Uf50dH2jh7PFixdRv+9SDLy4kCu1c36K4rLEWG+TFNDDc4ORNCTt8aWkMowouC75
IVQ10d9Y/LPuo94M8tcxSEOwAQLNf0iOlhOCWHc5wLBFlGCc5tgkXYjACEKHd4Ma
pJtWFvaLJ8d+v3C5qIV41cPBh/uaKFRab3Lq8DTyTwpzyLe3ghvNXcesa+tWzYFE
W90i0P/irCXrhlOV41hVp0cbI9YW0xAwdsoPn0qm91g/KfZSCDtvw40qw9ILRTUg
Sv9Ex+6L4moSQ0p2XKcgIEn0qUiUXwTeaT75j+ZKk9GJrrr5BbgE8BTDLs6pyi6M
BnGYN1PatsNUkAf016nFeoth6xhpyH0asbkUeSLDyPNEV9bkONS3k7eWoiiNJKIK
2D8WetLQf/Jb0x/0pjjIPWW0k62tO6OwARpz7jTiDFY0nJKvh26nVqBfME8QAq5P
ktWidSldVOu1d/FokoVr66mGYentYQHUGyFX0FdIDabKKcIMDuc=
=iJMT
-----END PGP SIGNATURE-----
Merge 4.14.176 into android-4.14-stable
Changes in 4.14.176
ipv4: fix a RCU-list lock in fib_triestat_seq_show
net, ip_tunnel: fix interface lookup with no key
sctp: fix refcount bug in sctp_wfree
sctp: fix possibly using a bad saddr with a given dst
drm/bochs: downgrade pci_request_region failure from error to warning
initramfs: restore default compression behavior
tools/power turbostat: Fix gcc build warnings
drm/etnaviv: replace MMU flush marker with flush sequence
blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter
blk-mq: Allow blocking queue tag iter callbacks
misc: pci_endpoint_test: Fix to support > 10 pci-endpoint-test devices
coresight: do not use the BIT() macro in the UAPI header
padata: always acquire cpu_hotplug_lock before pinst->lock
mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
ipv6: don't auto-add link-local address to lag ports
net: dsa: bcm_sf2: Ensure correct sub-node is parsed
net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers
net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting
slcan: Don't transmit uninitialized stack data in padding
mlxsw: spectrum_flower: Do not stop at FLOW_ACTION_VLAN_MANGLE
random: always use batched entropy for get_random_u{32,64}
tools/accounting/getdelays.c: fix netlink attribute length
hwrng: imx-rngc - fix an error path
ASoC: jz4740-i2s: Fix divider written at incorrect offset in register
IB/hfi1: Call kobject_put() when kobject_init_and_add() fails
IB/hfi1: Fix memory leaks in sysfs registration and unregistration
ceph: remove the extra slashes in the server path
ceph: canonicalize server path in place
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow
fbcon: fix null-ptr-deref in fbcon_switch
acpi/nfit: Fix bus command validation
clk: qcom: rcg: Return failure for RCG update
drm/msm: stop abusing dma_map/unmap for cache
arm64: Fix size of __early_cpu_boot_status
rpmsg: glink: Remove chunk size word align warning
usb: dwc3: don't set gadget->is_otg flag
drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read()
rpmsg: glink: smem: Support rx peak for size less than 4 bytes
drm/msm: Use the correct dma_sync calls in msm_gem
Linux 4.14.176
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I15dbb5a2b6b015683408249990a95894658f611a
|
||
William Dauchy
|
b57327db68 |
net, ip_tunnel: fix interface lookup with no key
[ Upstream commit 25629fdaff2ff509dd0b3f5ff93d70a75e79e0a1 ]
when creating a new ipip interface with no local/remote configuration,
the lookup is done with TUNNEL_NO_KEY flag, making it impossible to
match the new interface (only possible match being fallback or metada
case interface); e.g: `ip link add tunl1 type ipip dev eth0`
To fix this case, adding a flag check before the key comparison so we
permit to match an interface with no local/remote config; it also avoids
breaking possible userland tools relying on TUNNEL_NO_KEY flag and
uninitialised key.
context being on my side, I'm creating an extra ipip interface attached
to the physical one, and moving it to a dedicated namespace.
Fixes: c54419321455 ("GRE: Refactor GRE tunneling code.")
Signed-off-by: William Dauchy <w.dauchy@criteo.com>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Qian Cai
|
545d7421fb |
ipv4: fix a RCU-list lock in fib_triestat_seq_show
[ Upstream commit fbe4e0c1b298b4665ee6915266c9d6c5b934ef4a ] fib_triestat_seq_show() calls hlist_for_each_entry_rcu(tb, head, tb_hlist) without rcu_read_lock() will trigger a warning, net/ipv4/fib_trie.c:2579 RCU-list traversed in non-reader section!! other info that might help us debug this: rcu_scheduler_active = 2, debug_locks = 1 1 lock held by proc01/115277: #0: c0000014507acf00 (&p->lock){+.+.}-{3:3}, at: seq_read+0x58/0x670 Call Trace: dump_stack+0xf4/0x164 (unreliable) lockdep_rcu_suspicious+0x140/0x164 fib_triestat_seq_show+0x750/0x880 seq_read+0x1a0/0x670 proc_reg_read+0x10c/0x1b0 __vfs_read+0x3c/0x70 vfs_read+0xac/0x170 ksys_read+0x7c/0x140 system_call+0x5c/0x68 Fix it by adding a pair of rcu_read_lock/unlock() and use cond_resched_rcu() to avoid the situation where walking of a large number of items may prevent scheduling for a long time. Signed-off-by: Qian Cai <cai@lca.pw> Reviewed-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
fae4e1d295 |
This is the 4.14.175 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl6F9/8ACgkQONu9yGCS
aT5DJQ//aAbpT3q2hDbthg9szl/SsAlJr6UX90k7ZjxlI/wnXTepNIWTZqvSnvV4
sb8HeOz2KUuTUh/PvM2vS37kdtzKqefku77tGl3JOE+pIIlKQ1au82U7vuSmo/FH
Ua+/MEN55f8baiZvYTGGQtwc36Bnj64iO8RUT5iSK2GU7KVVyIgFwKKqRQIzJ+Ds
dPACfMErty/+gvC9t0nx5u4BkC9ilIj5DH0OXiQvxZr9PQfg3lg7FFF/a6M0gaRF
qhBZFX2xKzQRKVKnbob5kSpir6gsW/cu8S43YIcNzx72Ce4ROFi910J7P1Jzlb5j
KEQGL7IuP+k8fwCpMZ7B9Goh9ian9VSUXKjrlr+UGotOGLzQ+dk4c/NJvCjxQvqx
m8FtHNjo3WUl72Ul1p6zJc4JMC3LD3ZSkIQGhVny4Z52n4D4CnWI7+b5ppQe9RZD
Iu8XjS0pTGfUUiomtci9ZcpWcTiWvW/VY0sRQbKj94h1nETWblXzXef5vJygZbMm
hL950oGkWeh2MoBM3FYyBSP0YYkruTtUSQ1GRs7tsboUsiMM9cNSkwzsFU9xeEvh
ZPIN5IdAIRilauOiI3YLEfO7JPz4OG0AlzodgnjbFchLqSIVzme8Wr84tFOYBhp1
868Am3/E3p8qqmnMvtS8/TTETeehhbrPVUp1D+7zHnkv/mRC1CU=
=uswL
-----END PGP SIGNATURE-----
Merge 4.14.175 into android-4.14
Changes in 4.14.175
spi: qup: call spi_qup_pm_resume_runtime before suspending
powerpc: Include .BTF section
ARM: dts: dra7: Add "dma-ranges" property to PCIe RC DT nodes
spi: pxa2xx: Add CS control clock quirk
spi/zynqmp: remove entry that causes a cs glitch
drm/exynos: dsi: propagate error value and silence meaningless warning
drm/exynos: dsi: fix workaround for the legacy clock name
drivers/perf: arm_pmu_acpi: Fix incorrect checking of gicc pointer
altera-stapl: altera_get_note: prevent write beyond end of 'key'
dm bio record: save/restore bi_end_io and bi_integrity
xenbus: req->body should be updated before req->state
xenbus: req->err should be updated before req->state
block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group()
parse-maintainers: Mark as executable
USB: Disable LPM on WD19's Realtek Hub
usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters
USB: serial: option: add ME910G1 ECM composition 0x110b
usb: host: xhci-plat: add a shutdown
USB: serial: pl2303: add device-id for HP LD381
usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c
ALSA: line6: Fix endless MIDI read loop
ALSA: seq: virmidi: Fix running status after receiving sysex
ALSA: seq: oss: Fix running status after receiving sysex
ALSA: pcm: oss: Avoid plugin buffer overflow
ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks
iio: trigger: stm32-timer: disable master mode when stopping
iio: magnetometer: ak8974: Fix negative raw values in sysfs
mmc: sdhci-of-at91: fix cd-gpios for SAMA5D2
staging: rtl8188eu: Add device id for MERCUSYS MW150US v2
staging/speakup: fix get_word non-space look-ahead
intel_th: Fix user-visible error codes
intel_th: pci: Add Elkhart Lake CPU support
rtc: max8907: add missing select REGMAP_IRQ
xhci: Do not open code __print_symbolic() in xhci trace events
memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event
mm: slub: be more careful about the double cmpxchg of freelist
mm, slub: prevent kmalloc_node crashes and memory leaks
page-flags: fix a crash at SetPageError(THP_SWAP)
x86/mm: split vmalloc_sync_all()
USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL
USB: cdc-acm: fix rounding error in TIOCSSERIAL
iio: adc: at91-sama5d2_adc: fix channel configuration for differential channels
iio: adc: at91-sama5d2_adc: fix differential channels in triggered mode
kbuild: Disable -Wpointer-to-enum-cast
futex: Fix inode life-time issue
futex: Unbreak futex hashing
Revert "vrf: mark skb for multicast or link-local as enslaved to VRF"
Revert "ipv6: Fix handling of LLA with VRF and sockets bound to VRF"
ALSA: hda/realtek: Fix pop noise on ALC225
arm64: smp: fix smp_send_stop() behaviour
arm64: smp: fix crash_smp_send_stop() behaviour
drm/bridge: dw-hdmi: fix AVI frame colorimetry
staging: greybus: loopback_test: fix potential path truncation
staging: greybus: loopback_test: fix potential path truncations
Revert "drm/dp_mst: Skip validating ports during destruction, just ref"
hsr: fix general protection fault in hsr_addr_is_self()
macsec: restrict to ethernet devices
net: dsa: Fix duplicate frames flooded by learning
net: mvneta: Fix the case where the last poll did not process all rx
net/packet: tpacket_rcv: avoid a producer race condition
net: qmi_wwan: add support for ASKEY WWHC050
net_sched: cls_route: remove the right filter from hashtable
net_sched: keep alloc_hash updated after hash allocation
net: stmmac: dwmac-rk: fix error path in rk_gmac_probe
NFC: fdp: Fix a signedness bug in fdp_nci_send_patch()
slcan: not call free_netdev before rtnl_unlock in slcan_open
bnxt_en: fix memory leaks in bnxt_dcbnl_ieee_getets()
net: dsa: mt7530: Change the LINK bit to reflect the link status
vxlan: check return value of gro_cells_init()
hsr: use rcu_read_lock() in hsr_get_node_{list/status}()
hsr: add restart routine into hsr_get_node_list()
hsr: set .netnsok flag
net: ipv4: don't let PMTU updates increase route MTU
cgroup-v1: cgroup_pidlist_next should update position index
cpupower: avoid multiple definition with gcc -fno-common
drivers/of/of_mdio.c:fix of_mdiobus_register()
cgroup1: don't call release_agent when it is ""
dt-bindings: net: FMan erratum A050385
arm64: dts: ls1043a: FMan erratum A050385
fsl/fman: detect FMan erratum A050385
scsi: ipr: Fix softlockup when rescanning devices in petitboot
mac80211: Do not send mesh HWMP PREQ if HWMP is disabled
dpaa_eth: Remove unnecessary boolean expression in dpaa_get_headroom
sxgbe: Fix off by one in samsung driver strncpy size arg
arm64: ptrace: map SPSR_ELx<->PSR for compat tasks
arm64: compat: map SPSR_ELx<->PSR for signals
ftrace/x86: Anotate text_mutex split between ftrace_arch_code_modify_post_process() and ftrace_arch_code_modify_prepare()
i2c: hix5hd2: add missed clk_disable_unprepare in remove
Input: synaptics - enable RMI on HP Envy 13-ad105ng
Input: avoid BIT() macro usage in the serio.h UAPI header
ARM: dts: dra7: Add bus_dma_limit for L3 bus
ARM: dts: omap5: Add bus_dma_limit for L3 bus
perf probe: Do not depend on dwfl_module_addrsym()
tools: Let O= makes handle a relative path with -C option
scripts/dtc: Remove redundant YYLOC global declaration
scsi: sd: Fix optimal I/O size for devices that change reported values
mac80211: mark station unauthorized before key removal
gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk
gpiolib: acpi: Rework honor_wakeup option into an ignore_wake option
gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT + AXP288 model
RDMA/core: Ensure security pkey modify is not lost
genirq: Fix reference leaks on irq affinity notifiers
xfrm: handle NETDEV_UNREGISTER for xfrm device
vti[6]: fix packet tx through bpf_redirect() in XinY cases
RDMA/mlx5: Block delay drop to unprivileged users
xfrm: fix uctx len check in verify_sec_ctx_len
xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
xfrm: policy: Fix doulbe free in xfrm_policy_timer
netfilter: nft_fwd_netdev: validate family and chain type
vti6: Fix memory leak of skb if input policy check fails
Input: raydium_i2c_ts - use true and false for boolean values
Input: raydium_i2c_ts - fix error codes in raydium_i2c_boot_trigger()
afs: Fix some tracing details
USB: serial: option: add support for ASKEY WWHC050
USB: serial: option: add BroadMobi BM806U
USB: serial: option: add Wistron Neweb D19Q1
USB: cdc-acm: restore capability check order
USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback
usb: musb: fix crash with highmen PIO and usbmon
media: flexcop-usb: fix endpoint sanity check
media: usbtv: fix control-message timeouts
staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table
staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb
staging: wlan-ng: fix use-after-free Read in hfa384x_usbin_callback
libfs: fix infoleak in simple_attr_read()
media: ov519: add missing endpoint sanity checks
media: dib0700: fix rc endpoint lookup
media: stv06xx: add missing descriptor sanity checks
media: xirlink_cit: add missing descriptor sanity checks
mac80211: Check port authorization in the ieee80211_tx_dequeue() case
mac80211: fix authentication with iwlwifi/mvm
vt: selection, introduce vc_is_sel
vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines
vt: switch vt_dont_switch to bool
vt: vt_ioctl: remove unnecessary console allocation checks
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
vt: vt_ioctl: fix use-after-free in vt_in_use()
platform/x86: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table
bpf: Explicitly memset the bpf_attr structure
bpf: Explicitly memset some bpf info structures declared on the stack
gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288 model
net: ks8851-ml: Fix IO operations, again
arm64: alternative: fix build with clang integrated assembler
perf map: Fix off by one in strncpy() size argument
ARM: dts: oxnas: Fix clear-mask property
ARM: bcm2835-rpi-zero-w: Add missing pinctrl name
arm64: dts: ls1043a-rdb: correct RGMII delay mode to rgmii-id
arm64: dts: ls1046ardb: set RGMII interfaces to RGMII_ID mode
Linux 4.14.175
Change-Id: If2c2cb5b3745ed6fbc5cb77737cfb1758fea4cb9
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Nicolas Dichtel
|
27993a6ac8 |
vti[6]: fix packet tx through bpf_redirect() in XinY cases
commit f1ed10264ed6b66b9cd5e8461cffce69be482356 upstream.
I forgot the 4in6/6in4 cases in my previous patch. Let's fix them.
Fixes: 95224166a903 ("vti[6]: fix packet tx through bpf_redirect()")
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Sabrina Dubroca
|
956b657b57 |
net: ipv4: don't let PMTU updates increase route MTU
[ Upstream commit 28d35bcdd3925e7293408cdb8aa5f2aac5f0d6e3 ]
When an MTU update with PMTU smaller than net.ipv4.route.min_pmtu is
received, we must clamp its value. However, we can receive a PMTU
exception with PMTU < old_mtu < ip_rt_min_pmtu, which would lead to an
increase in PMTU.
To fix this, take the smallest of the old MTU and ip_rt_min_pmtu.
Before this patch, in case of an update, the exception's MTU would
always change. Now, an exception can have only its lock flag updated,
but not the MTU, so we need to add a check on locking to the following
"is this exception getting updated, or close to expiring?" test.
Fixes: d52e5a7e7ca4 ("ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Reviewed-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Greg Kroah-Hartman
|
32bc956bc2 |
This is the 4.14.174 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl50lI4ACgkQONu9yGCS aT6V5w//bpLVXV9Tk0kOVromh24pJVFDWfvOgAkU1ZuapvjbTZvnv2eprflcwxVK R/ftiiashYOrYzyYUrzkmz1y7SI69p7d0Sp7CJJ4jSZl8FAJnZg35vNpeEE7eqic oH8+k8qU3bN0M76qcBJ9nd4/nzizoC09L+4hKBwIhnXmH8prqhY30coki1zBikyv PTlyMrzkrHArWhbeE1nvkztK3Yhyrz4/w9uLdcduNbtxoPBMkXh2huomFC/ucjUY NaJ4lC4jIK6SosuN+wjWqcrsecQeX0vMcmlOgrriBOY5mmfhytr6cMJz31bhAlSc NCI4OrsQCralVEhTtsirmuMwRSi9zi6HGLo37wTFga5iVTNiP2GxGU8wSUKJ3M0u b6PDmpfOdm0gKL7Vk53Eo6TDo9EvYcnRDbmuWWc/NUAyR64e4lhtQt3CnuCnwh3O 8u1Wpguc21BcwhRoAKKQutodUTql5hSuNMkaOKSz74Hjj4mu7wiZnl3CbfYEo1xW 1g3ptl4UbgV2lraLONMoCvgcifgCoJhHHrnhmyIp7fgCzDkykfvfd3O3Tx3gWZvx /x1kBfnL81UCElp83bV/sQOCTUlXMl5QjUo2lUuhr+YlHMhNGoS5/naje7IIqZkB 85pkTICwUgju/Ux5cffpwo/w9sCVG/dvUw10HhHISZzq85wtMbQ= =t+O8 -----END PGP SIGNATURE----- Merge 4.14.174 into android-4.14 Changes in 4.14.174 phy: Revert toggling reset changes. net: phy: Avoid multiple suspends cgroup, netclassid: periodically release file_lock on classid updating gre: fix uninit-value in __iptunnel_pull_header ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface ipvlan: add cond_resched_rcu() while processing muticast backlog ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast() netlink: Use netlink header as base to calculate bad attribute offset net: macsec: update SCI upon MAC address change. net: nfc: fix bounds checking bugs on "pipe" net/packet: tpacket_rcv: do not increment ring index on drop r8152: check disconnect status after long sleep sfc: detach from cb_page in efx_copy_channel() bnxt_en: reinitialize IRQs when MTU is modified cgroup: memcg: net: do not associate sock with unrelated cgroup net: memcg: late association of sock to memcg net: memcg: fix lockdep splat in inet_csk_accept() fib: add missing attribute validation for tun_id nl802154: add missing attribute validation nl802154: add missing attribute validation for dev_type can: add missing attribute validation for termination macsec: add missing attribute validation for port net: fq: add missing attribute validation for orphan mask team: add missing attribute validation for port ifindex team: add missing attribute validation for array index nfc: add missing attribute validation for SE API nfc: add missing attribute validation for vendor subcommand net: phy: fix MDIO bus PM PHY resuming bonding/alb: make sure arp header is pulled before accessing it slip: make slhc_compress() more robust against malicious packets net: fec: validate the new settings in fec_enet_set_coalesce() macvlan: add cond_resched() during multicast processing inet_diag: return classid for all socket types ipvlan: do not add hardware address of master to its unicast filter list ipvlan: egress mcast packets are not exceptional ipvlan: don't deref eth hdr before checking it's set cgroup: cgroup_procs_next should increase position index cgroup: Iterate tasks that did not finish do_exit() iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices virtio-blk: fix hw_queue stopped on arbitrary error iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint workqueue: don't use wq_select_unbound_cpu() for bound works drm/amd/display: remove duplicated assignment to grph_obj_type ktest: Add timeout for ssh sync testing cifs_atomic_open(): fix double-put on late allocation failure gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache KVM: x86: clear stale x86_emulate_ctxt->intercept value ARC: define __ALIGN_STR and __ALIGN symbols for ARC efi: Fix a race and a buffer overflow while reading efivars via sysfs x86/mce: Fix logic and comments around MSR_PPIN_CTL iommu/dma: Fix MSI reservation allocation iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page pinctrl: meson-gxl: fix GPIOX sdio pins pinctrl: core: Remove extra kref_get which blocks hogs being freed nl80211: add missing attribute validation for critical protocol indication nl80211: add missing attribute validation for beacon report scanning nl80211: add missing attribute validation for channel switch netfilter: cthelper: add missing attribute validation for cthelper netfilter: nft_payload: add missing attribute validation for payload csum flags iommu/vt-d: Fix the wrong printing in RHSA parsing iommu/vt-d: Ignore devices with out-of-spec domain number i2c: acpi: put device when verifying client fails ipv6: restrict IPV6_ADDRFORM operation net/smc: check for valid ib_client_data efi: Add a sanity check to efivar_store_raw() batman-adv: Avoid spurious warnings from bat_v neigh_cmp implementation batman-adv: Always initialize fragment header priority batman-adv: Fix check of retrieved orig_gw in batadv_v_gw_is_eligible batman-adv: Fix lock for ogm cnt access in batadv_iv_ogm_calc_tq batman-adv: Fix internal interface indices types batman-adv: update data pointers after skb_cow() batman-adv: Avoid race in TT TVLV allocator helper batman-adv: Fix TT sync flags for intermediate TT responses batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs batman-adv: Fix debugfs path for renamed hardif batman-adv: Fix debugfs path for renamed softif batman-adv: Fix duplicated OGMs on NETDEV_UP batman-adv: Avoid free/alloc race when handling OGM2 buffer batman-adv: Avoid free/alloc race when handling OGM buffer batman-adv: Don't schedule OGM for disabled interface perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag ACPI: watchdog: Allow disabling WDAT at boot HID: apple: Add support for recent firmware on Magic Keyboards HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override cfg80211: check reg_rule for NULL in handle_channel_custom() scsi: libfc: free response frame from GPN_ID net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch net: ks8851-ml: Fix IRQ handling and locking mac80211: rx: avoid RCU list traversal under mutex signal: avoid double atomic counter increments for user accounting slip: not call free_netdev before rtnl_unlock in slip_open hinic: fix a bug of setting hw_ioctxt net: rmnet: fix NULL pointer dereference in rmnet_newlink() jbd2: fix data races at struct journal_head ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional() ARM: 8958/1: rename missed uaccess .fixup section mm: slub: add missing TID bump in kmem_cache_alloc_bulk() ipv4: ensure rcu_read_lock() in cipso_v4_error() Linux 4.14.174 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I8594f155b5b3df71510fdb5dc034c80fb2332c91 |
||
Matteo Croce
|
62a47c2e06 |
ipv4: ensure rcu_read_lock() in cipso_v4_error()
commit 3e72dfdf8227b052393f71d820ec7599909dddc2 upstream.
Similarly to commit c543cb4a5f07 ("ipv4: ensure rcu_read_lock() in
ipv4_link_failure()"), __ip_options_compile() must be called under rcu
protection.
Fixes: 3da1ed7ac398 ("net: avoid use IPCB in cipso_v4_error")
Suggested-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: Matteo Croce <mcroce@redhat.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Dmitry Yakunin
|
e6b382e861 |
inet_diag: return classid for all socket types
[ Upstream commit 83f73c5bb7b9a9135173f0ba2b1aa00c06664ff9 ]
In commit 1ec17dbd90f8 ("inet_diag: fix reporting cgroup classid and
fallback to priority") croup classid reporting was fixed. But this works
only for TCP sockets because for other socket types icsk parameter can
be NULL and classid code path is skipped. This change moves classid
handling to inet_diag_msg_attrs_fill() function.
Also inet_diag_msg_attrs_size() helper was added and addends in
nlmsg_new() were reordered to save order from inet_sk_diag_fill().
Fixes: 1ec17dbd90f8 ("inet_diag: fix reporting cgroup classid and fallback to priority")
Signed-off-by: Dmitry Yakunin <zeil@yandex-team.ru>
Reviewed-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Eric Dumazet
|
69b1fc5ce9 |
net: memcg: fix lockdep splat in inet_csk_accept()
commit 06669ea346e476a5339033d77ef175566a40efbb upstream. Locking newsk while still holding the listener lock triggered a lockdep splat [1] We can simply move the memcg code after we release the listener lock, as this can also help if multiple threads are sharing a common listener. Also fix a typo while reading socket sk_rmem_alloc. [1] WARNING: possible recursive locking detected 5.6.0-rc3-syzkaller #0 Not tainted -------------------------------------------- syz-executor598/9524 is trying to acquire lock: ffff88808b5b8b90 (sk_lock-AF_INET6){+.+.}, at: lock_sock include/net/sock.h:1541 [inline] ffff88808b5b8b90 (sk_lock-AF_INET6){+.+.}, at: inet_csk_accept+0x69f/0xd30 net/ipv4/inet_connection_sock.c:492 but task is already holding lock: ffff88808b5b9590 (sk_lock-AF_INET6){+.+.}, at: lock_sock include/net/sock.h:1541 [inline] ffff88808b5b9590 (sk_lock-AF_INET6){+.+.}, at: inet_csk_accept+0x8d/0xd30 net/ipv4/inet_connection_sock.c:445 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(sk_lock-AF_INET6); lock(sk_lock-AF_INET6); *** DEADLOCK *** May be due to missing lock nesting notation 1 lock held by syz-executor598/9524: #0: ffff88808b5b9590 (sk_lock-AF_INET6){+.+.}, at: lock_sock include/net/sock.h:1541 [inline] #0: ffff88808b5b9590 (sk_lock-AF_INET6){+.+.}, at: inet_csk_accept+0x8d/0xd30 net/ipv4/inet_connection_sock.c:445 stack backtrace: CPU: 0 PID: 9524 Comm: syz-executor598 Not tainted 5.6.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x188/0x20d lib/dump_stack.c:118 print_deadlock_bug kernel/locking/lockdep.c:2370 [inline] check_deadlock kernel/locking/lockdep.c:2411 [inline] validate_chain kernel/locking/lockdep.c:2954 [inline] __lock_acquire.cold+0x114/0x288 kernel/locking/lockdep.c:3954 lock_acquire+0x197/0x420 kernel/locking/lockdep.c:4484 lock_sock_nested+0xc5/0x110 net/core/sock.c:2947 lock_sock include/net/sock.h:1541 [inline] inet_csk_accept+0x69f/0xd30 net/ipv4/inet_connection_sock.c:492 inet_accept+0xe9/0x7c0 net/ipv4/af_inet.c:734 __sys_accept4_file+0x3ac/0x5b0 net/socket.c:1758 __sys_accept4+0x53/0x90 net/socket.c:1809 __do_sys_accept4 net/socket.c:1821 [inline] __se_sys_accept4 net/socket.c:1818 [inline] __x64_sys_accept4+0x93/0xf0 net/socket.c:1818 do_syscall_64+0xf6/0x790 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4445c9 Code: e8 0c 0d 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc35b37608 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004445c9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000306777 R09: 0000000000306777 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00000000004053d0 R14: 0000000000000000 R15: 0000000000000000 Fixes: d752a4986532 ("net: memcg: late association of sock to memcg") Signed-off-by: Eric Dumazet <edumazet@google.com> Cc: Shakeel Butt <shakeelb@google.com> Reported-by: syzbot <syzkaller@googlegroups.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Shakeel Butt
|
357ac1da6e |
net: memcg: late association of sock to memcg
[ Upstream commit d752a4986532cb6305dfd5290a614cde8072769d ] If a TCP socket is allocated in IRQ context or cloned from unassociated (i.e. not associated to a memcg) in IRQ context then it will remain unassociated for its whole life. Almost half of the TCPs created on the system are created in IRQ context, so, memory used by such sockets will not be accounted by the memcg. This issue is more widespread in cgroup v1 where network memory accounting is opt-in but it can happen in cgroup v2 if the source socket for the cloning was created in root memcg. To fix the issue, just do the association of the sockets at the accept() time in the process context and then force charge the memory buffer already used and reserved by the socket. Signed-off-by: Shakeel Butt <shakeelb@google.com> Reviewed-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Eric Dumazet
|
31b4b975e3 |
gre: fix uninit-value in __iptunnel_pull_header
[ Upstream commit 17c25cafd4d3e74c83dce56b158843b19c40b414 ] syzbot found an interesting case of the kernel reading an uninit-value [1] Problem is in the handling of ETH_P_WCCP in gre_parse_header() We look at the byte following GRE options to eventually decide if the options are four bytes longer. Use skb_header_pointer() to not pull bytes if we found that no more bytes were needed. All callers of gre_parse_header() are properly using pskb_may_pull() anyway before proceeding to next header. [1] BUG: KMSAN: uninit-value in pskb_may_pull include/linux/skbuff.h:2303 [inline] BUG: KMSAN: uninit-value in __iptunnel_pull_header+0x30c/0xbd0 net/ipv4/ip_tunnel_core.c:94 CPU: 1 PID: 11784 Comm: syz-executor940 Not tainted 5.6.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1c9/0x220 lib/dump_stack.c:118 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215 pskb_may_pull include/linux/skbuff.h:2303 [inline] __iptunnel_pull_header+0x30c/0xbd0 net/ipv4/ip_tunnel_core.c:94 iptunnel_pull_header include/net/ip_tunnels.h:411 [inline] gre_rcv+0x15e/0x19c0 net/ipv6/ip6_gre.c:606 ip6_protocol_deliver_rcu+0x181b/0x22c0 net/ipv6/ip6_input.c:432 ip6_input_finish net/ipv6/ip6_input.c:473 [inline] NF_HOOK include/linux/netfilter.h:307 [inline] ip6_input net/ipv6/ip6_input.c:482 [inline] ip6_mc_input+0xdf2/0x1460 net/ipv6/ip6_input.c:576 dst_input include/net/dst.h:442 [inline] ip6_rcv_finish net/ipv6/ip6_input.c:76 [inline] NF_HOOK include/linux/netfilter.h:307 [inline] ipv6_rcv+0x683/0x710 net/ipv6/ip6_input.c:306 __netif_receive_skb_one_core net/core/dev.c:5198 [inline] __netif_receive_skb net/core/dev.c:5312 [inline] netif_receive_skb_internal net/core/dev.c:5402 [inline] netif_receive_skb+0x66b/0xf20 net/core/dev.c:5461 tun_rx_batched include/linux/skbuff.h:4321 [inline] tun_get_user+0x6aef/0x6f60 drivers/net/tun.c:1997 tun_chr_write_iter+0x1f2/0x360 drivers/net/tun.c:2026 call_write_iter include/linux/fs.h:1901 [inline] new_sync_write fs/read_write.c:483 [inline] __vfs_write+0xa5a/0xca0 fs/read_write.c:496 vfs_write+0x44a/0x8f0 fs/read_write.c:558 ksys_write+0x267/0x450 fs/read_write.c:611 __do_sys_write fs/read_write.c:623 [inline] __se_sys_write fs/read_write.c:620 [inline] __ia32_sys_write+0xdb/0x120 fs/read_write.c:620 do_syscall_32_irqs_on arch/x86/entry/common.c:339 [inline] do_fast_syscall_32+0x3c7/0x6e0 arch/x86/entry/common.c:410 entry_SYSENTER_compat+0x68/0x77 arch/x86/entry/entry_64_compat.S:139 RIP: 0023:0xf7f62d99 Code: 90 e8 0b 00 00 00 f3 90 0f ae e8 eb f9 8d 74 26 00 89 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 RSP: 002b:00000000fffedb2c EFLAGS: 00000217 ORIG_RAX: 0000000000000004 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020002580 RDX: 0000000000000fca RSI: 0000000000000036 RDI: 0000000000000004 RBP: 0000000000008914 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 Uninit was created at: kmsan_save_stack_with_flags mm/kmsan/kmsan.c:144 [inline] kmsan_internal_poison_shadow+0x66/0xd0 mm/kmsan/kmsan.c:127 kmsan_slab_alloc+0x8a/0xe0 mm/kmsan/kmsan_hooks.c:82 slab_alloc_node mm/slub.c:2793 [inline] __kmalloc_node_track_caller+0xb40/0x1200 mm/slub.c:4401 __kmalloc_reserve net/core/skbuff.c:142 [inline] __alloc_skb+0x2fd/0xac0 net/core/skbuff.c:210 alloc_skb include/linux/skbuff.h:1051 [inline] alloc_skb_with_frags+0x18c/0xa70 net/core/skbuff.c:5766 sock_alloc_send_pskb+0xada/0xc60 net/core/sock.c:2242 tun_alloc_skb drivers/net/tun.c:1529 [inline] tun_get_user+0x10ae/0x6f60 drivers/net/tun.c:1843 tun_chr_write_iter+0x1f2/0x360 drivers/net/tun.c:2026 call_write_iter include/linux/fs.h:1901 [inline] new_sync_write fs/read_write.c:483 [inline] __vfs_write+0xa5a/0xca0 fs/read_write.c:496 vfs_write+0x44a/0x8f0 fs/read_write.c:558 ksys_write+0x267/0x450 fs/read_write.c:611 __do_sys_write fs/read_write.c:623 [inline] __se_sys_write fs/read_write.c:620 [inline] __ia32_sys_write+0xdb/0x120 fs/read_write.c:620 do_syscall_32_irqs_on arch/x86/entry/common.c:339 [inline] do_fast_syscall_32+0x3c7/0x6e0 arch/x86/entry/common.c:410 entry_SYSENTER_compat+0x68/0x77 arch/x86/entry/entry_64_compat.S:139 Fixes: 95f5c64c3c13 ("gre: Move utility functions to common headers") Fixes: c54419321455 ("GRE: Refactor GRE tunneling code.") Signed-off-by: Eric Dumazet <edumazet@google.com> Reported-by: syzbot <syzkaller@googlegroups.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
998aa7d8f2 |
This is the 4.14.171 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl5HEegACgkQONu9yGCS
aT6cNw//eNxBC6h0ibDOVeVbItkku2c0lwPRSrxtvhyUbE/RG63FlisA2TFEOUp8
y+Ionderw4+d8ySuExEcsE644d/ykES1Lj1dVR4Lzlbxo33X6p9opN9GCMHH1VH2
sRVWR8xLTUxzamGm4i5rUXMDplqTB+pTscVWJbisH1o3XW6SGnxAX3UjvqCHhjrW
9iLPBMZF/KkZDvhYbfl59QsB+FuLsjET3D1n+csypCzlZTf7zbi96tPMidprvhyt
xWYl4NZCyLxqUFmKFILsWK3KN7tQNXMFILfwUMOVcn15689GGXRS1X4W7OA+nOKs
rnSYM1KHBrsLHWdnLLcHh+qq7sKvgsIpIhvEyixl52c+qoMB1qJC+soZhhGJ4/kQ
93nl5ibHNUmPwc7a+R2G2U6C83aAS1zvV4LFIBtPXMc9oKOISDBkQgRJhsJ0HmQA
4euecjN7o1V+sE1LzvtMja6XcXqDEe7BrgT4e5TyL0Gd7IUGSbwyt61oIKPODcHM
YWn4hnflpDXOxYtSiqFWTi9psrdja54G0b1eBuhJ4ve9Katdqb1xhj2p9+HRt5rr
38f3nNOHLI/ozWL4DrWVSUgxWM86zqr6cyI2iJmINIOVH5+oWjq4RzinT5TNbQby
mgFNw/0rOyJXjdRiTB2qiOQZSaiAp/NbfO9OBlnBgR2BGcF5F6U=
=BC1c
-----END PGP SIGNATURE-----
Merge 4.14.171 into android-4.14
Changes in 4.14.171
kernel/module: Fix memleak in module_add_modinfo_attrs()
media: iguanair: fix endpoint sanity check
x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
iwlwifi: mvm: fix NVM check for 3168 devices
sparc32: fix struct ipc64_perm type definition
cls_rsvp: fix rsvp_policy
gtp: use __GFP_NOWARN to avoid memalloc warning
l2tp: Allow duplicate session creation with UDP
net: hsr: fix possible NULL deref in hsr_handle_frame()
net_sched: fix an OOB access in cls_tcindex
bnxt_en: Fix TC queue mapping.
tcp: clear tp->total_retrans in tcp_disconnect()
tcp: clear tp->delivered in tcp_disconnect()
tcp: clear tp->data_segs{in|out} in tcp_disconnect()
tcp: clear tp->segs_{in|out} in tcp_disconnect()
rxrpc: Fix insufficient receive notification generation
rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect
media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
mfd: dln2: More sanity checking for endpoints
tracing: Fix sched switch start/stop refcount racy updates
brcmfmac: Fix memory leak in brcmf_usbdev_qinit
usb: gadget: legacy: set max_speed to super-speed
usb: gadget: f_ncm: Use atomic_t to track in-flight request
usb: gadget: f_ecm: Use atomic_t to track in-flight request
ALSA: dummy: Fix PCM format loop in proc output
media/v4l2-core: set pages dirty upon releasing DMA buffers
media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments
lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
irqdomain: Fix a memory leak in irq_domain_push_irq()
platform/x86: intel_scu_ipc: Fix interrupt support
KVM: arm64: Only sign-extend MMIO up to register width
MIPS: fix indentation of the 'RELOCS' message
s390/mm: fix dynamic pagetable upgrade for hugetlbfs
powerpc/xmon: don't access ASDR in VMs
powerpc/pseries: Advance pfn if section is not present in lmb_is_removable()
mmc: spi: Toggle SPI polarity, do not hardcode it
ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards
alarmtimer: Unregister wakeup source when module get fails
ubifs: Reject unsupported ioctl flags explicitly
ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
ubifs: Fix deadlock in concurrent bulk-read and writepage
PCI: keystone: Fix link training retries initiation
mmc: sdhci-of-at91: fix memleak on clk_get failure
ubifs: don't trigger assertion on invalid no-key filename
hv_balloon: Balloon up according to request page number
crypto: api - Check spawn->alg under lock in crypto_drop_spawn
scsi: qla2xxx: Fix mtcp dump collection failure
power: supply: ltc2941-battery-gauge: fix use-after-free
f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project()
f2fs: fix miscounted block limit in f2fs_statfs_project()
f2fs: code cleanup for f2fs_statfs_project()
PM: core: Fix handling of devices deleted during system-wide resume
of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
dm zoned: support zone sizes smaller than 128MiB
dm space map common: fix to ensure new block isn't already in use
dm crypt: fix benbi IV constructor crash if used in authenticated mode
tracing: Annotate ftrace_graph_hash pointer with __rcu
tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu
ftrace: Add comment to why rcu_dereference_sched() is open coded
ftrace: Protect ftrace_graph_hash with ftrace_sync
samples/bpf: Don't try to remove user's homedir on clean
crypto: ccp - set max RSA modulus size for v3 platform devices as well
crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
crypto: atmel-aes - Fix counter overflow in CTR mode
crypto: api - Fix race condition in crypto_spawn_alg
crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill
scsi: qla2xxx: Fix unbound NVME response length
NFS: Fix memory leaks and corruption in readdir
NFS: Directory page cache pages need to be locked when read
btrfs: set trans->drity in btrfs_commit_transaction
ARM: tegra: Enable PLLP bypass during Tegra124 LP1
iwlwifi: don't throw error when trying to remove IGTK
mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
sunrpc: expiry_time should be seconds not timeval
tools/kvm_stat: Fix kvm_exit filter name
xen/balloon: Support xend-based toolstack take two
KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks
KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c
KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks
KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
clk: tegra: Mark fuse clock as critical
scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
scsi: csiostor: Adjust indentation in csio_device_reset
scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
scsi: ufs: Recheck bkops level if bkops is disabled
phy: qualcomm: Adjust indentation in read_poll_timeout
ext2: Adjust indentation in ext2_fill_super
powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
NFC: pn544: Adjust indentation in pn544_hci_check_presence
ppp: Adjust indentation into ppp_async_input
net: smc911x: Adjust indentation in smc911x_phy_configure
net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
IB/mlx5: Fix outstanding_pi index for GSI qps
IB/core: Fix ODP get user pages flow
nfsd: fix delay timer on 32-bit architectures
nfsd: fix jiffies/time_t mixup in LRU list
ubi: fastmap: Fix inverted logic in seen selfcheck
ubi: Fix an error pointer dereference in error handling code
mfd: da9062: Fix watchdog compatible string
mfd: rn5t618: Mark ADC control register volatile
net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port
net_sched: fix a resource leak in tcindex_set_parms()
net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
net: macb: Remove unnecessary alignment check for TSO
net: macb: Limit maximum GEM TX length in TSO
bonding/alb: properly access headers in bond_alb_xmit()
ext4: fix deadlock allocating crypto bounce page from mempool
btrfs: Get rid of the confusing btrfs_file_extent_inline_len
Btrfs: fix assertion failure on fsync with NO_HOLES enabled
Btrfs: fix missing hole after hole punching and fsync when using NO_HOLES
btrfs: use bool argument in free_root_pointers()
btrfs: free block groups after free'ing fs trees
btrfs: remove trivial locking wrappers of tree mod log
Btrfs: fix race between adding and putting tree mod seq elements and nodes
drm: atmel-hlcdc: enable clock before configuring timing engine
KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
btrfs: flush write bio if we loop in extent_write_cache_pages
KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform
KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
KVM: nVMX: vmread should not set rflags to specify success in case of #PF
KVM: Use vcpu-specific gva->hva translation when querying host page size
KVM: Play nice with read-only memslots when querying host page size
KVM: s390: do not clobber registers during guest reset/store status
cifs: fail i/o on soft mounts if sessionsetup errors out
clocksource: Prevent double add_timer_on() for watchdog_timer
perf/core: Fix mlock accounting in perf_mmap()
rxrpc: Fix service call disconnection
ASoC: pcm: update FE/BE trigger order based on the command
hv_sock: Remove the accept port restriction
RDMA/netlink: Do not always generate an ACK for some netlink operations
scsi: ufs: Fix ufshcd_probe_hba() reture value in case ufshcd_scsi_add_wlus() fails
PCI/switchtec: Fix vep_vector_number ioread width
PCI: Don't disable bridge BARs when assigning bus resources
nfs: NFS_SWAP should depend on SWAP
NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
NFSv4: try lease recovery on NFS4ERR_EXPIRED
serial: uartps: Add a timeout to the tx empty wait
rtc: hym8563: Return -EINVAL if the time is known to be invalid
rtc: cmos: Stop using shared IRQ
ARC: [plat-axs10x]: Add missing multicast filter number to GMAC node
platform/x86: intel_mid_powerbtn: Take a copy of ddata
ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
ARM: dts: at91: sama5d3: define clock rate range for tcb1
tools/power/acpi: fix compilation error
powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning
powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW
KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections
ARM: 8949/1: mm: mark free_memmap as __init
arm64: cpufeature: Fix the type of no FP/SIMD capability
KVM: arm/arm64: Fix young bit from mmu notifier
crypto: artpec6 - return correct error code for failed setkey()
crypto: atmel-sha - fix error handling when setting hmac key
media: i2c: adv748x: Fix unsafe macros
pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state
dm: fix potential for q->make_request_fn NULL pointer
serial: uartps: Move the spinlock after the read of the tx empty
mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv()
libertas: don't exit from lbs_ibss_join_existing() with RCU read lock held
libertas: make lbs_ibss_join_existing() return error code on rates overflow
Linux 4.14.171
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I2ffa7bd44800917ea3b327486b387470ab5d31b9
|
||
|
Eric Dumazet
|
e1b992f58e |
tcp: clear tp->segs_{in|out} in tcp_disconnect()
[ Upstream commit 784f8344de750a41344f4bbbebb8507a730fc99c ]
tp->segs_in and tp->segs_out need to be cleared in tcp_disconnect().
tcp_disconnect() is rarely used, but it is worth fixing it.
Fixes: 2efd055c53c0 ("tcp: add tcpi_segs_in and tcpi_segs_out to tcp_info")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Marcelo Ricardo Leitner <mleitner@redhat.com>
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Neal Cardwell <ncardwell@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Eric Dumazet
|
deae87cf19 |
tcp: clear tp->data_segs{in|out} in tcp_disconnect()
[ Upstream commit db7ffee6f3eb3683cdcaeddecc0a630a14546fe3 ]
tp->data_segs_in and tp->data_segs_out need to be cleared
in tcp_disconnect().
tcp_disconnect() is rarely used, but it is worth fixing it.
Fixes: a44d6eacdaf5 ("tcp: Add RFC4898 tcpEStatsPerfDataSegsOut/In")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Martin KaFai Lau <kafai@fb.com>
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Neal Cardwell <ncardwell@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Eric Dumazet
|
4d469d93a8 |
tcp: clear tp->delivered in tcp_disconnect()
[ Upstream commit 2fbdd56251b5c62f96589f39eded277260de7267 ]
tp->delivered needs to be cleared in tcp_disconnect().
tcp_disconnect() is rarely used, but it is worth fixing it.
Fixes: ddf1af6fa00e ("tcp: new delivery accounting")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Neal Cardwell <ncardwell@google.com>
Acked-by: Yuchung Cheng <ycheng@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Acked-by: Soheil Hassas Yeganeh <soheil@google.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Eric Dumazet
|
24070b4092 |
tcp: clear tp->total_retrans in tcp_disconnect()
[ Upstream commit c13c48c00a6bc1febc73902505bdec0967bd7095 ]
total_retrans needs to be cleared in tcp_disconnect().
tcp_disconnect() is rarely used, but it is worth fixing it.
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: SeongJae Park <sjpark@amazon.de>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Blagovest Kolenichev
|
334e3e97bd |
Merge android-4.14-q.155 (13f83e6) into msm-4.14
* refs/heads/tmp-13f83e6: Linux 4.14.155 slcan: Fix memory leak in error path memfd: Use radix_tree_deref_slot_protected to avoid the warning. net: phy: mdio-bcm-unimac: mark PM functions as __maybe_unused IB/iser: Fix possible NULL deref at iser_inv_desc() fuse: use READ_ONCE on congestion_threshold and max_background usb: xhci-mtk: fix ISOC error when interval is zero netfilter: masquerade: don't flush all conntracks if only one address deleted on device rtc: armada38x: fix possible race condition ARM: dts: lpc32xx: Fix SPI controller node names arm64: dts: lg: Fix SPI controller node names arm64: dts: amd: Fix SPI bus warnings scsi: NCR5380: Check for bus reset scsi: NCR5380: Handle BUS FREE during reselection scsi: NCR5380: Don't call dsprintk() following reselection interrupt scsi: NCR5380: Don't clear busy flag when abort fails scsi: NCR5380: Check for invalid reselection target scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE scsi: NCR5380: Have NCR5380_select() return a bool scsi: NCR5380: Clear all unissued commands on host reset iwlwifi: mvm: Allow TKIP for AP mode iwlwifi: api: annotate compressed BA notif array sizes iwlwifi: dbg: don't crash if the firmware crashes in the middle of a debug dump crypto: fix a memory leak in rsa-kcs1pad's encryption mode crypto: s5p-sss: Fix Fix argument list alignment x86/hyperv: Suppress "PCI: Fatal: No config space access function found" Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS Bluetooth: hci_serdev: clear HCI_UART_PROTO_READY to avoid closing proto races firmware: dell_rbu: Make payload memory uncachable ARM: dts: realview: Fix SPI controller node names EDAC: Raise the maximum number of memory controllers f2fs: mark inode dirty explicitly in recover_inode() f2fs: fix to recover inode's project id during POR net: faraday: fix return type of ndo_start_xmit function net: smsc: fix return type of ndo_start_xmit function ARM: dts: paz00: fix wakeup gpio keycode ARM: tegra: apalis_t30: fix mmc1 cmd pull-up ARM: dts: tegra30: fix xcvr-setup-use-fuses phy: lantiq: Fix compile warning scsi: libsas: always unregister the old device if going to discover new vfio/pci: Mask buggy SR-IOV VF INTx support vfio/pci: Fix potential memory leak in vfio_msi_cap_len misc: genwqe: should return proper error value. misc: kgdbts: Fix restrict error coresight: tmc: Fix byte-address alignment for RRP coresight: etm4x: Configure EL2 exception level when kernel is running in HYP coresight: perf: Disable trace path upon source error coresight: perf: Fix per cpu path management coresight: Fix handling of sinks usb: gadget: uvc: Only halt video streaming endpoint in bulk mode usb: gadget: uvc: Factor out video USB request queueing phy: phy-twl4030-usb: fix denied runtime access phy: renesas: rcar-gen3-usb2: fix vbus_ctrl for role sysfs phy: brcm-sata: allow PHY_BRCM_SATA driver to be built for DSL SoCs i2c: aspeed: fix invalid clock parameters for very large divisors usb: gadget: uvc: configfs: Prevent format changes after linking header usb: gadget: uvc: configfs: Drop leaked references to config items ARM: dts: rockchip: explicitly set vcc_sd0 pin to gpio on rk3188-radxarock media: davinci: Fix implicit enum conversion warning media: au0828: Fix incorrect error messages media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init() arm64: dts: rockchip: Fix microSD in rk3399 sapphire board MIPS: kexec: Relax memory restriction x86/CPU: Change query logic so CPUID is enabled before testing x86/CPU: Use correct macros for Cyrix calls net: freescale: fix return type of ndo_start_xmit function net: micrel: fix return type of ndo_start_xmit function net: phy: mdio-bcm-unimac: Allow configuring MDIO clock divider samples/bpf: fix compilation failure bnx2x: Ignore bandwidth attention in single function mode ARM: dts: clearfog: fix sdhci supply property name x86/mce-inject: Reset injection struct after injection ARM: dts: marvell: Fix SPI and I2C bus warnings crypto: arm/crc32 - avoid warning when compiling with Clang cpufeature: avoid warning when compiling with clang spi: pic32: Use proper enum in dmaengine_prep_slave_rg ARM: dts: ste: Fix SPI controller node names ARM: dts: ux500: Fix LCDA clock line muxing ARM: dts: ux500: Correct SCU unit address f2fs: fix to recover inode's uid/gid during POR ARM: dts: am335x-evm: fix number of cpsw mlxsw: spectrum: Init shaper for TCs 8..15 usb: chipidea: Fix otg event handler usb: chipidea: imx: enable OTG overcurrent in case USB subsystem is already started nfp: provide a better warning when ring allocation fails net: hns3: Fix parameter type for q_id in hclge_tm_q_to_qs_map_cfg() net: hns3: Fix for setting speed for phy failed problem net: sun: fix return type of ndo_start_xmit function net: amd: fix return type of ndo_start_xmit function net: broadcom: fix return type of ndo_start_xmit function net: xilinx: fix return type of ndo_start_xmit function net: toshiba: fix return type of ndo_start_xmit function power: supply: twl4030_charger: disable eoc interrupt on linear charge power: supply: twl4030_charger: fix charging current out-of-bounds libfdt: Ensure INT_MAX is defined in libfdt_env.h OPP: Protect dev_list with opp_table lock RDMA/i40iw: Fix incorrect iterator type powerpc: Fix duplicate const clang warning in user access code powerpc/pseries: Disable CPU hotplug across migrations powerpc/64s/hash: Fix stab_rr off by one initialization powerpc/iommu: Avoid derefence before pointer check net: hns3: fix return type of ndo_start_xmit function ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address spi: mediatek: Don't modify spi_transfer when transfer. samples/bpf: fix a compilation failure serial: mxs-auart: Fix potential infinite loop serial: samsung: Enable baud clock for UART reset procedure in resume serial: uartps: Fix suspend functionality PCI/ACPI: Correct error message for ASPM disabling s390/qeth: invoke softirqs after napi_schedule() ath9k: Fix a locking bug in ath9k_add_interface() ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask ARM: dts: rockchip: Fix erroneous SPI bus dtc warnings on rk3036 ip_gre: fix parsing gre header in ipgre_err kernfs: Fix range checks in kernfs_get_target_path component: fix loop condition to call unbind() if bind() fails power: supply: max8998-charger: Fix platform data retrieval power: reset: at91-poweroff: do not procede if at91_shdwc is allocated power: supply: ab8500_fg: silence uninitialized variable warnings arm64: dts: meson: Fix erroneous SPI bus warnings blok, bfq: do not plug I/O if all queues are weight-raised cxgb4: Fix endianness issue in t4_fwcache() pinctrl: at91: don't use the same irqchip with multiple gpiochips ARM: dts: socfpga: Fix I2C bus unit-address error powerpc/vdso: Correct call frame information soc: qcom: wcnss_ctrl: Avoid string overflow ARM: dts: qcom: ipq4019: fix cpu0's qcom,saw2 reg value llc: avoid blocking in llc_sap_close() pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() ALSA: intel8x0m: Register irq handler after register initializations arm64: dts: meson: libretech: update board model media: dvb: fix compat ioctl translation media: fix: media: pci: meye: validate offset to avoid arbitrary access media: dt-bindings: adv748x: Fix decimal unit addresses nvmem: core: return error code instead of NULL from nvmem_device_get Drivers: hv: vmbus: Fix synic per-cpu context initialization kprobes: Don't call BUG_ON() if there is a kprobe in use on free list scsi: pm80xx: Fixed system hang issue during kexec boot scsi: pm80xx: Corrected dma_unmap_sg() parameter ARM: imx6: register pm_power_off handler if "fsl,pmic-stby-poweroff" is set scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() scsi: lpfc: Fix errors in log messages. scsi: qla2xxx: Fix dropped srb resource. scsi: qla2xxx: Defer chip reset until target mode is enabled scsi: qla2xxx: Fix iIDMA error f2fs: fix memory leak of percpu counter in fill_super() signal: Properly deliver SIGSEGV from x86 uprobes signal: Properly deliver SIGILL from uprobes signal: Always ignore SIGKILL and SIGSTOP sent to the global init IB/hfi1: Missing return value in error path for user sdma ath9k: add back support for using active monitor interfaces for tx99 rtc: pl030: fix possible race condition rtc: mt6397: fix possible race condition EDAC, sb_edac: Return early on ADDRV bit and address type test dmaengine: dma-jz4780: Further residue status fix dmaengine: dma-jz4780: Don't depend on MACH_JZ4780 arm64: dts: rockchip: Fix VCC5V0_HOST_EN on rk3399-sapphire sched/debug: Use symbolic names for task state constants ARM: dts: omap3-gta04: keep vpll2 always on ARM: dts: omap3-gta04: make NAND partitions compatible with recent U-Boot ARM: dts: omap3-gta04: fix touchscreen tsc2007 ARM: dts: omap3-gta04: tvout: enable as display1 alias ARM: dts: omap3-gta04: fixes for tvout / venc ARM: dts: omap3-gta04: give spi_lcd node a label so that we can overwrite in other DTS files of: make PowerMac cache node search conditional on CONFIG_PPC_PMAC ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation mips: txx9: fix iounmap related issue RDMA/core: Follow correct unregister order between sysfs and cgroup RDMA/core: Rate limit MAD error messages IB/ipoib: Ensure that MTU isn't less than minimum permitted ath10k: wmi: disable softirq's while calling ieee80211_rx ARM: dts: exynos: Disable pull control for S5M8767 PMIC ASoC: sgtl5000: avoid division by zero if lo_vag is zero net: lan78xx: Bail out if lan78xx_get_endpoints fails ARM: dts: meson8b: fix the clock controller register size ARM: dts: meson8: fix the clock controller register size net: phy: mscc: read 'vsc8531, edge-slowdown' as an u32 net: phy: mscc: read 'vsc8531,vddmac' as an u32 ASoC: rsnd: ssi: Fix issue in dma data address assignment soc: imx: gpc: fix PDN delay rtl8187: Fix warning generated when strncpy() destination length matches the sixe argument ARM: dts: pxa: fix power i2c base address ARM: dts: pxa: fix the rtc controller iwlwifi: mvm: avoid sending too many BARs iwlwifi: don't WARN on trying to dump dead firmware IB/rxe: fixes for rdma read retry i40e: Prevent deleting MAC address from VF when set by PF i40e: hold the rtnl lock on clearing interrupt scheme i40e: use correct length for strncpy ARM: dts: exynos: Fix regulators configuration on Peach Pi/Pit Chromebooks liquidio: fix race condition in instruction completion processing ARM: dts: exynos: Fix sound in Snow-rev5 Chromebook MIPS: BCM47XX: Enable USB power on Netgear WNDR3400v3 pinctrl: ingenic: Probe driver at subsys_initcall ASoC: dpcm: Properly initialise hw->rate_max gfs2: Don't set GFS2_RDF_UPTODATE when the lvb is updated ath10k: limit available channels via DT ieee80211-freq-limit ath9k: fix tx99 with monitor mode interface ALSA: seq: Do error checks at creating system ports cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set extcon: cht-wc: Return from default case to avoid warnings remoteproc/davinci: Use %zx for formating size_t rtc: rv8803: fix the rv8803 id in the OF table ARM: dts: at91/trivial: Fix USART1 definition for at91sam9g45 arm64: dts: tegra210-p2180: Correct sdmmc4 vqmmc-supply ALSA: pcm: signedness bug in snd_pcm_plug_alloc() arm64: dts: allwinner: a64: NanoPi-A64: Fix DCDC1 voltage arm64: dts: allwinner: a64: Olinuxino: fix DRAM voltage iio: dac: mcp4922: fix error handling in mcp4922_write_raw ath10k: fix kernel panic by moving pci flush after napi_disable tee: optee: take DT status property into account iio: adc: max9611: explicitly cast gain_selectors mmc: sdhci-of-at91: fix quirk2 overwrite mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup() mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros ecryptfs_lookup_interpose(): lower_dentry->d_parent is not stable either ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable i2c: acpi: Force bus speed to 400KHz if a Silead touchscreen is present IB/hfi1: Ensure full Gen3 speed in a Gen4 system Input: synaptics-rmi4 - destroy F54 poller workqueue when removing Input: synaptics-rmi4 - clear IRQ enables for F54 Input: synaptics-rmi4 - do not consume more data than we have (F11, F12) Input: synaptics-rmi4 - disable the relative position IRQ in the F12 driver Input: synaptics-rmi4 - fix video buffer size Input: ff-memless - kill timer in destroy() ALSA: usb-audio: not submit urb for stopped endpoint ALSA: usb-audio: Fix missing error check at mixer resolution test slip: Fix memory leak in slip_open error path net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules ax88172a: fix information leak on short answers powerpc/perf: Fix kfree memory allocated for nest pmus powerpc/perf: Fix IMC_MAX_PMU macro Revert "Input: synaptics-rmi4 - avoid processing unknown IRQs" scsi: core: Handle drivers which set sg_tablesize to zero MIPS: BCM63XX: fix switch core reset on BCM6368 KVM: x86: introduce is_pae_paging kvm: mmu: Don't read PDPTEs when paging is not enabled Conflicts: drivers/hwtracing/coresight/coresight-etm-perf.c drivers/hwtracing/coresight/coresight.c include/linux/libfdt_env.h Change-Id: I2ad0095d3092619013579ee7e7201900faf008da Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Blagovest Kolenichev
|
9f5be70fa4 |
Merge android-4.14-q.154 (b7f5267) into msm-4.14
* refs/heads/tmp-b7f5267: usb: gadget: configfs: Fix missing spin_lock_init() Linux 4.14.154 kvm: x86: mmu: Recovery of shattered NX large pages kvm: Add helper function for creating VM worker threads kvm: mmu: ITLB_MULTIHIT mitigation KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active KVM: x86: add tracepoints around __direct_map and FNAME(fetch) KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON KVM: x86: remove now unneeded hugepage gfn adjustment KVM: x86: make FNAME(fetch) and __direct_map more similar kvm: mmu: Do not release the page inside mmu_set_spte() kvm: Convert kvm_lock to a mutex kvm: x86, powerpc: do not allow clearing largepages debugfs entry Documentation: Add ITLB_MULTIHIT documentation cpu/speculation: Uninline and export CPU mitigations helpers x86/cpu: Add Tremont to the cpu vulnerability whitelist x86/bugs: Add ITLB_MULTIHIT bug infrastructure x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs x86/tsx: Add config options to set tsx=on|off|auto x86/speculation/taa: Add documentation for TSX Async Abort x86/tsx: Add "auto" option to the tsx= cmdline parameter kvm/x86: Export MDS_NO=0 to guests when TSX is enabled x86/speculation/taa: Add sysfs reporting for TSX Async Abort x86/speculation/taa: Add mitigation for TSX Async Abort x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default x86/cpu: Add a helper function x86_read_arch_cap_msr() x86/msr: Add the IA32_TSX_CTRL MSR KVM: x86: use Intel speculation bugs and features as derived in generic x86 code drm/i915/cmdparser: Fix jump whitelist clearing drm/i915/gen8+: Add RC6 CTX corruption WA drm/i915: Lower RM timeout to avoid DSI hard hangs drm/i915/cmdparser: Ignore Length operands during command matching drm/i915/cmdparser: Add support for backward jumps drm/i915/cmdparser: Use explicit goto for error paths drm/i915: Add gen9 BCS cmdparsing drm/i915: Allow parsing of unsized batches drm/i915: Support ro ppgtt mapped cmdparser shadow buffers drm/i915: Add support for mandatory cmdparsing drm/i915: Remove Master tables from cmdparser drm/i915: Disable Secure Batches for gen6+ drm/i915: Rename gen7 cmdparser tables drm/i915: Move engine->needs_cmd_parser to engine->flags drm/i915: Don't use GPU relocations prior to cmdparser stalls drm/i915: Silence smatch for cmdparser drm/i915/cmdparser: Do not check past the cmd length. drm/i915/cmdparser: Check reg_table_count before derefencing. drm/i915: Prevent writing into a read-only object via a GGTT mmap drm/i915/gtt: Disable read-only support under GVT drm/i915/gtt: Read-only pages for insert_entries on bdw+ drm/i915/gtt: Add read only pages to gen8_pte_encode net: prevent load/store tearing on sk->sk_stamp usbip: Fix free of unallocated memory in vhci tx cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is dead mm/filemap.c: don't initiate writeback if mapping has no dirty pages can: flexcan: disable completely the ECC mechanism x86/apic/32: Avoid bogus LDR warnings x86/apic: Drop logical_smp_processor_id() inline x86/apic: Move pending interrupt check code into it's own function e1000: fix memory leaks igb: Fix constant media auto sense switching when no cable is connected net: ethernet: arc: add the missed clk_disable_unprepare NFSv4: Don't allow a cached open with a revoked delegation hv_netvsc: Fix error handling in netvsc_attach() net: hisilicon: Fix "Trying to free already-free IRQ" fjes: Handle workqueue allocation failure scsi: qla2xxx: stop timer in shutdown path RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case USB: ldusb: use unsigned size format specifiers USB: Skip endpoints with 0 maxpacket length perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity usb: dwc3: remove the call trace of USBx_GFLADJ usb: gadget: configfs: fix concurrent issue between composite APIs usb: gadget: composite: Fix possible double free memory bug usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode. usb: fsl: Check memory resource before releasing it macsec: fix refcnt leak in module exit routine bonding: fix unexpected IFF_BONDING bit unset ipvs: move old_secure_tcp into struct netns_ipvs ipvs: don't ignore errors in case refcounting ip_vs module fails scsi: qla2xxx: Initialized mailbox to prevent driver load failure scsi: lpfc: Honor module parameter lpfc_use_adisc net: openvswitch: free vport unless register_netdevice() succeeds RDMA/uverbs: Prevent potential underflow scsi: qla2xxx: fixup incorrect usage of host_byte net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq RDMA/qedr: Fix reported firmware version HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring() dmaengine: xilinx_dma: Fix control reg update in vdma_channel_set_config PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30 usbip: Implement SG support to vhci-hcd and stub driver usbip: stub_rx: fix static checker warning on unnecessary checks usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path lib/scatterlist: Introduce sgl_alloc() and sgl_free() sched/fair: Fix -Wunused-but-set-variable warnings sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices ARM: dts: dra7: Disable USB metastability workaround for USB2 cpufreq: ti-cpufreq: add missing of_node_put() i2c: omap: Trigger bus recovery in lockup case ASoC: davinci-mcasp: Fix an error handling path in 'davinci_mcasp_probe()' ASoC: davinci: Kill BUG_ON() usage ASoC: davinci-mcasp: Handle return value of devm_kasprintf ASoC: tlv320dac31xx: mark expected switch fall-through mailbox: reset txdone_method TXDONE_BY_POLL if client knows_txdone misc: pci_endpoint_test: Fix BUG_ON error during pci_disable_msi() PCI: dra7xx: Add shutdown handler to cleanly turn off clocks misc: pci_endpoint_test: Prevent some integer overflows mtd: spi-nor: cadence-quadspi: add a delay in write sequence mtd: spi-nor: enable 4B opcodes for mx66l51235l ASoC: tlv320aic31xx: Handle inverted BCLK in non-DSP modes mfd: palmas: Assign the right powerhold mask for tps65917 usb: dwc3: Allow disabling of metastability workaround configfs: fix a deadlock in configfs_symlink() configfs: provide exclusion between IO and removals configfs: new object reprsenting tree fragments configfs_register_group() shouldn't be (and isn't) called in rmdirable parts configfs: stash the data we need into configfs_buffer at open time configfs: Fix bool initialization/comparison can: peak_usb: fix slab info leak can: mcba_usb: fix use-after-free on disconnect can: gs_usb: gs_can_open(): prevent memory leak can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak can: peak_usb: fix a potential out-of-sync while decoding packets can: c_can: c_can_poll(): only read status register after status IRQ can: usb_8dev: fix use-after-free on disconnect intel_th: pci: Add Jasper Lake PCH support intel_th: pci: Add Comet Lake PCH support netfilter: ipset: Fix an error code in ip_set_sockfn_get() netfilter: nf_tables: Align nft_expr private data to 64-bit iio: srf04: fix wrong limitation in distance measuring iio: imu: adis16480: make sure provided frequency is positive iio: adc: stm32-adc: fix stopping dma ceph: add missing check in d_revalidate snapdir handling ceph: fix use-after-free in __ceph_remove_cap() arm64: Do not mask out PTE_RDONLY in pte_same() HID: wacom: generic: Treat serial number and related fields as unsigned drm/radeon: fix si_enable_smc_cac() failed issue perf tools: Fix time sorting tools: gpio: Use !building_out_of_srctree to determine srctree dump_stack: avoid the livelock of the dump_lock mm, vmstat: hide /proc/pagetypeinfo from normal users mm: thp: handle page cache THP correctly in PageTransCompoundMap ALSA: hda/ca0132 - Fix possible workqueue stall ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series ALSA: timer: Fix incorrectly assigned timer instance qede: fix NULL pointer deref in __qede_remove() NFC: st21nfca: fix double free nfc: netlink: fix double device reference drop NFC: fdp: fix incorrect free object net: usb: qmi_wwan: add support for DW5821e with eSIM support net: qualcomm: rmnet: Fix potential UAF when unregistering net: fix data-race in neigh_event_send() net: ethernet: octeon_mgmt: Account for second possible VLAN header ipv4: Fix table id reference in fib_sync_down_addr CDC-NCM: handle incomplete transfer of MTU bonding: fix state transition issue in link monitoring Conflicts: Documentation/devicetree/bindings/usb/dwc3.txt drivers/net/ethernet/qualcomm/rmnet/rmnet_config.c drivers/usb/dwc3/core.h kernel/cpu.c Change-Id: I81b1613324c238a6e612cf1c6cf2c67ca17b4adc Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Blagovest Kolenichev
|
524ff247af |
Merge android-4.14-q.153 (56ab794) into msm-4.14
* refs/heads/tmp-56ab794: Linux 4.14.153 selftests/powerpc: Fix compile error on tlbie_test due to newer gcc selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9 powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions powerpc/mm: Fixup tlbie vs store ordering issue on POWER9 iio: adc: stm32-adc: fix a race when using several adcs with dma and irq iio: adc: stm32-adc: move registers definitions platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI table kbuild: add -fcf-protection=none when using retpoline flags kbuild: use -fmacro-prefix-map to make __FILE__ a relative path sched/wake_q: Fix wakeup ordering for wake_q dmaengine: qcom: bam_dma: Fix resource leak net/flow_dissector: switch to siphash inet: stop leaking jiffies on the wire erspan: fix the tun_info options_len check for erspan vxlan: check tun_info options_len properly net: use skb_queue_empty_lockless() in busy poll contexts net: use skb_queue_empty_lockless() in poll() handlers udp: use skb_queue_empty_lockless() net: add skb_queue_empty_lockless() net: bcmgenet: reset 40nm EPHY on energy detect net: dsa: fix switch tree list r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 net: usb: lan78xx: Connect PHY before registering MAC net: dsa: b53: Do not clear existing mirrored port mask net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget net: add READ_ONCE() annotation in __skb_wait_for_more_packets() udp: fix data-race in udp_set_dev_scratch() selftests: net: reuseport_dualstack: fix uninitalized parameter net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() net/mlx4_core: Dynamically set guaranteed amount of counters per VF net: hisilicon: Fix ping latency when deal with high throughput net: fix sk_page_frag() recursion from memory reclaim net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum net: dsa: bcm_sf2: Fix IMP setup for port different than 8 net: annotate lockless accesses to sk->sk_napi_id net: annotate accesses to sk->sk_incoming_cpu dccp: do not leak jiffies on the wire cxgb4: fix panic when attaching to ULD fail nbd: handle racing with error'ed out commands cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs i2c: stm32f7: remove warning when compiling with W=1 MIPS: bmips: mark exception vectors as char arrays of: unittest: fix memory leak in unittest_data_add ARM: 8926/1: v7m: remove register save to stack before svc scsi: target: core: Do not overwrite CDB byte 1 ARM: davinci: dm365: Fix McBSP dma_slave_map entry perf kmem: Fix memory leak in compact_gfp_flags() perf c2c: Fix memory leak in build_cl_output() ARM: dts: imx7s: Correct GPT's ipg clock source scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE scsi: sni_53c710: fix compilation error scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions ARM: mm: fix alignment handler faults under memory pressure pinctrl: ns2: Fix off by one bugs in ns2_pinmux_enable() ARM: dts: logicpd-torpedo-som: Remove twl_keypad ASoc: rockchip: i2s: Fix RPM imbalance ASoC: wm_adsp: Don't generate kcontrols without READ flags regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone arm64: dts: Fix gpio to pinmux mapping ANDROID: overlayfs: fix printk format Change-Id: Ic95f2a41e415e4db8078dcaa3180f956986fc1ed Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
312ed39aa8 |
This is the 4.14.170 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl46zr0ACgkQONu9yGCS aT5HUg//U8sKvb6mWfXZdx5nVIkQRCIK3LXu17kk6rGgSErI7en4/f+IUaWCxvjc U30plYa1ULbslsNiXdek6bUh2Vzko+qgQF5+0khMUEiTk5+rzhqMlO+voOgh40Rk Wk54q1YeBZ6hYupn97scvBOaf51Z2cH//rB9smJwhAfxGNShFcec+5+2J2eILCJZ ndcmKQiNfdfb3KJ8Apty/mbMFZhOLNp2kI6kdQx8RqPKobLTpZlWzycI7JcVHnYL Mv//imoqjKu511ZTCJO51SlgnzATUVuJp4dDBrFDfpEDYBa1P0KZOgPdpUI5xXUP YQskwdMMdeg+EtHdregQU2j97Ag/7nSbHsGf8Mmzgu9NxPh1CjWjPt1Yxz/51CTr fu7BT85T4D/DRXZV6WDht8ZH6XOMXjQnurNFts6pa0aDEKsTuJHO9vNZqz9DMERP V/iGMpheLvNc/1spQy5gAPXpnfnVlloq+LPDMi70ZgjoSD32SKguqdfcXFmcpf+E 6XWYeeg9SsbyJqNv7RcTHPQUf15LVCiDc6N2IXLVv1NCYuoH95b+auKx4R+mRx4x sWmDVCpReOtnG69jCRBz0ABHSVZb1k7vokv00xPoLbdnKEH2f4SWX+ue9muDo2Dg 1+S74C3HwiCFh25nOUNhnVe6Gx/8ENdbbrwaiGI9gz1qPZw8MFo= =6r2I -----END PGP SIGNATURE----- Merge 4.14.170 into android-4.14 Changes in 4.14.170 orinoco_usb: fix interface sanity check rsi_91x_usb: fix interface sanity check USB: serial: ir-usb: add missing endpoint sanity check USB: serial: ir-usb: fix link-speed handling USB: serial: ir-usb: fix IrLAP framing usb: dwc3: turn off VBUS when leaving host mode staging: most: net: fix buffer overflow staging: wlan-ng: ensure error return is actually returned staging: vt6656: correct packet types for CTS protect, mode. staging: vt6656: use NULLFUCTION stack on mac80211 staging: vt6656: Fix false Tx excessive retries reporting. serial: 8250_bcm2835aux: Fix line mismatch on driver unbind crypto: chelsio - fix writing tfm flags to wrong place ath9k: fix storage endpoint lookup brcmfmac: fix interface sanity check rtl8xxxu: fix interface sanity check zd1211rw: fix storage endpoint lookup arc: eznps: fix allmodconfig kconfig warning HID: ite: Add USB id match for Acer SW5-012 keyboard dock phy: cpcap-usb: Prevent USB line glitches from waking up modem watchdog: max77620_wdt: fix potential build errors watchdog: rn5t618_wdt: fix module aliases spi: spi-dw: Add lock protect dw_spi rx/tx to prevent concurrent calls drivers/net/b44: Change to non-atomic bit operations on pwol_mask net: wan: sdla: Fix cast from pointer to integer of different size gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP atm: eni: fix uninitialized variable warning PCI: Add DMA alias quirk for Intel VCA NTB usb-storage: Disable UAS on JMicron SATA enclosure net_sched: ematch: reject invalid TCF_EM_SIMPLE rsi: fix use-after-free on probe errors crypto: af_alg - Use bh_lock_sock in sk_destruct vfs: fix do_last() regression x86/resctrl: Fix use-after-free when deleting resource groups x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup x86/resctrl: Fix a deadlock due to inaccurate reference crypto: pcrypt - Fix user-after-free on module unload perf c2c: Fix return type for histogram sorting comparision functions PM / devfreq: Add new name attribute for sysfs tools lib: Fix builds when glibc contains strlcpy() arm64: kbuild: remove compressed images on 'make ARCH=arm64 (dist)clean' ext4: validate the debug_want_extra_isize mount option at parse time mm/mempolicy.c: fix out of bounds write in mpol_parse_str() reiserfs: Fix memory leak of journal device string media: digitv: don't continue if remote control state can't be read media: af9005: uninitialized variable printked media: gspca: zero usb_buf media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 ttyprintk: fix a potential deadlock in interrupt context issue Bluetooth: Fix race condition in hci_release_sock() cgroup: Prevent double killing of css when enabling threaded cgroup media: si470x-i2c: Move free() past last use of 'radio' ARM: dts: sun8i: a83t: Correct USB3503 GPIOs polarity ARM: dts: beagle-x15-common: Model 5V0 regulator soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot mac80211: mesh: restrict airtime metric to peered established plinks clk: mmp2: Fix the order of timer mux parents ixgbevf: Remove limit of 10 entries for unicast filter list ixgbe: Fix calculation of queue with VFs and flow director on interface flap igb: Fix SGMII SFP module discovery for 100FX/LX. ASoC: sti: fix possible sleep-in-atomic qmi_wwan: Add support for Quectel RM500Q wireless: fix enabling channel 12 for custom regulatory domain cfg80211: Fix radar event during another phy CAC mac80211: Fix TKIP replay protection immediately after key setup wireless: wext: avoid gcc -O3 warning net: dsa: bcm_sf2: Configure IMP port for 2Gb/sec bnxt_en: Fix ipv6 RFS filter matching logic. ARM: dts: am335x-boneblack-common: fix memory size vti[6]: fix packet tx through bpf_redirect() scsi: fnic: do not queue commands during fwreset ARM: 8955/1: virt: Relax arch timer version check during early boot tee: optee: Fix compilation issue with nommu airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE r8152: get default setting of WOL before initializing qlcnic: Fix CPU soft lockup while collecting firmware dump powerpc/fsl/dts: add fsl,erratum-a011043 net/fsl: treat fsl,erratum-a011043 net: fsl/fman: rename IF_MODE_XGMII to IF_MODE_10G net/sonic: Add mutual exclusion for accessing shared state net/sonic: Use MMIO accessors net/sonic: Fix receive buffer handling net/sonic: Quiesce SONIC before re-initializing descriptor memory seq_tab_next() should increase position index l2t_seq_next should increase position index net: Fix skb->csum update in inet_proto_csum_replace16(). btrfs: do not zero f_bavail if we have available space perf report: Fix no libunwind compiled warning break s390 issue Linux 4.14.170 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I7a9c84d82da0b9c258843767c9d57e034b6fc5f0 |
||
|
Nicolas Dichtel
|
9c8c51176e |
vti[6]: fix packet tx through bpf_redirect()
[ Upstream commit 95224166a9032ff5d08fca633d37113078ce7d01 ]
With an ebpf program that redirects packets through a vti[6] interface,
the packets are dropped because no dst is attached.
This could also be reproduced with an AF_PACKET socket, with the following
python script (vti1 is an ip_vti interface):
import socket
send_s = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, 0)
# scapy
# p = IP(src='10.100.0.2', dst='10.200.0.1')/ICMP(type='echo-request')
# raw(p)
req = b'E\x00\x00\x1c\x00\x01\x00\x00@\x01e\xb2\nd\x00\x02\n\xc8\x00\x01\x08\x00\xf7\xff\x00\x00\x00\x00'
send_s.sendto(req, ('vti1', 0x800, 0, 0))
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Greg Kroah-Hartman
|
239034f0e0 |
This is the 4.14.169 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4xkIAACgkQONu9yGCS aT4b4g//TLn7i1F3ZYXM3cVn1FoPwvM0JiPwVD/SbPxKTr10xAlwhs18l7QGsg+0 z3uK2kw7kzsg9JWV0ervGc87Laf18wqCzhi9HyiNHgYMsYNq0GTEgvSUlTKkWg8R wot+KToHAJfYhXR/8fTIBAJ1sw3o9iNwg2PhlbOVHqmPsZ/7Nf+BS+3TkhaVvXyo d8MxHrn8SlkXj0b5m4/Y+lnijVU3+J/GjAvbc/Xrp46CPyicMr4y5c7FDCyDMjlg f2lQfLzDkn+NO1YwfQy8152lLWfOhH04W3l/iIWCOu1P3GvFxt5okIlDXCQQzomF iLfb85DHT/9zuEIDLfiXYrvl6EsBZSUqiVLpB/gj8ZHoueJ5VqmeD/+zMxN8Vc+E 2D1ohbKvT43XuK44YfqrfjSRbQQPTUVLJdr5rpRlGZEdNDx2QGKVBUTjbzUBg+Ic onk4gpcrx4G2DbXKVG0lyElNrxDdIuBHvl2cii4ivy4zOnFqh3VtnGKqwHa3IEtv pXWtXSPJS6Pfg9wV6FN2aD17RQQ58RPJqm/2AuCq4E2fLhInylCevh3AbCrHj7E6 uwOw+EWSuuCcw+VtfXTyDHrGTO5ptE/iYJQTqX86rfIQmLUaQJUwVtcsHyjRCSMa +CjQ3o33dzQtBa0Kd7Cydp/U6fORQAgulwgbhiNmxhego6OnyiA= =uodM -----END PGP SIGNATURE----- Merge 4.14.169 into android-4.14 Changes in 4.14.169 can, slip: Protect tty->disc_data in write_wakeup and close with RCU firestream: fix memory leaks gtp: make sure only SOCK_DGRAM UDP sockets are accepted ipv6: sr: remove SKB_GSO_IPXIP6 on End.D* actions net: cxgb3_main: Add CAP_NET_ADMIN check to CHELSIO_GET_MEM net, ip6_tunnel: fix namespaces move net, ip_tunnel: fix namespaces move net_sched: fix datalen for ematch net-sysfs: Fix reference count leak in rx|netdev_queue_add_kobject net-sysfs: fix netdev_queue_add_kobject() breakage net-sysfs: Call dev_hold always in netdev_queue_add_kobject net-sysfs: Call dev_hold always in rx_queue_add_kobject net-sysfs: Fix reference count leak net: usb: lan78xx: Add .ndo_features_check tcp_bbr: improve arithmetic division in bbr_update_bw() net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link() hwmon: (adt7475) Make volt2reg return same reg as reg2volt input hwmon: Deal with errors from the thermal subsystem hwmon: (core) Fix double-free in __hwmon_device_register() hwmon: (core) Do not use device managed functions for memory allocations Input: keyspan-remote - fix control-message timeouts Revert "Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers" ARM: 8950/1: ftrace/recordmcount: filter relocation types mmc: tegra: fix SDR50 tuning override mmc: sdhci: fix minimum clock rate for v3 controller Documentation: Document arm64 kpti control Input: pm8xxx-vib - fix handling of separate enable register Input: sur40 - fix interface sanity checks Input: gtco - fix endpoint sanity check Input: aiptek - fix endpoint sanity check Input: pegasus_notetaker - fix endpoint sanity check Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register hwmon: (nct7802) Fix voltage limits to wrong registers scsi: RDMA/isert: Fix a recently introduced regression related to logout tracing: xen: Ordered comparison of function pointers do_last(): fetch directory ->i_mode and ->i_uid before it's too late sd: Fix REQ_OP_ZONE_REPORT completion handling coresight: etb10: Do not call smp_processor_id from preemptible coresight: tmc-etf: Do not call smp_processor_id from preemptible libertas: Fix two buffer overflows at parsing bss descriptor media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func md: Avoid namespace collision with bitmap API bitmap: Add bitmap_alloc(), bitmap_zalloc() and bitmap_free() netfilter: ipset: use bitmap infrastructure completely net/x25: fix nonblocking connect Linux 4.14.169 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Idfe88b4d68180df412c1dbadd8402cb0353f0ecf |
||
Wen Yang
|
7e70784f17 |
tcp_bbr: improve arithmetic division in bbr_update_bw()
[ Upstream commit 5b2f1f3070b6447b76174ea8bfb7390dc6253ebd ] do_div() does a 64-by-32 division. Use div64_long() instead of it if the divisor is long, to avoid truncation to 32-bit. And as a nice side effect also cleans up the function a bit. Signed-off-by: Wen Yang <wenyang@linux.alibaba.com> Cc: Eric Dumazet <edumazet@google.com> Cc: "David S. Miller" <davem@davemloft.net> Cc: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> Cc: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org> Cc: netdev@vger.kernel.org Cc: linux-kernel@vger.kernel.org Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
William Dauchy
|
426d5d6245 |
net, ip_tunnel: fix namespaces move
[ Upstream commit d0f418516022c32ecceaf4275423e5bd3f8743a9 ]
in the same manner as commit 690afc165bb3 ("net: ip6_gre: fix moving
ip6gre between namespaces"), fix namespace moving as it was broken since
commit 2e15ea390e6f ("ip_gre: Add support to collect tunnel metadata.").
Indeed, the ip6_gre commit removed the local flag for collect_md
condition, so there is no reason to keep it for ip_gre/ip_tunnel.
this patch will fix both ip_tunnel and ip_gre modules.
Fixes: 2e15ea390e6f ("ip_gre: Add support to collect tunnel metadata.")
Signed-off-by: William Dauchy <w.dauchy@criteo.com>
Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
509b38045c |
This is the 4.14.168 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4u6kwACgkQONu9yGCS
aT7ZVhAA0fWQvb1m4oDyWlRLY4yPYVqpvjre7S/MF5VoDV85SsSqQkCVP4dybmRd
SgNK9OkFuhY8QkPf8YSb6aU2tPQpIlMN3FYkpieN43OIrzU/OMOPiH50TygioPBT
oT9ihbXXmxv1oce1PDBF+tmJCjLq4Ppcxd5H5iHruwcRdP3ZGi+VXnyIcMcwK1ap
4zgDCGuI4fhkVWQPfP5Eh+57j65qvH6TjOAB94GvSMSOerW9gw9k7Vfw/tzGiktf
7Zw9GXMM1ky0MvpIhsAJScWXDgftOn599hWfKO+bdD0hnszl5fY0Ha21Y80f5HSg
S2Sl3EArr2psAxmKg9XqKJ9MugZG5odyRXS9ukIGmgNws7adDZY73Z6PLDUHsXZH
KsDwmgrGqSOkaGZyYuBTVeK5K/n7jVrZ4uPSZx/UnO1f68EOfVCJvoMzVzPZU2SS
+H7FfH0RSaSt2Mdc9LzzZO2QJ5DMA4fA0GZtNq5YU1rGyHo3Nq3aPQf9E5OJpYk6
mpXnoe8dndgmduwxdJ8wJaVJ2/nIwEZy0Hw4n5igkOKo+pTV//CQFwD87oBK16mE
+953pg7z71IEPfJYs0wlKsBj3R4JXy5zBcaNpJkWe+vWMrw0ixi6qGmf2NbmaRPP
7qlEh6r/SDnszuDn9QH90C4EqJOaaDrgI+E2dSFA2mJKhO5qcII=
=KNGQ
-----END PGP SIGNATURE-----
Merge 4.14.168 into android-4.14
Changes in 4.14.168
xfs: Sanity check flags of Q_XQUOTARM call
mfd: intel-lpss: Add default I2C device properties for Gemini Lake
powerpc/archrandom: fix arch_get_random_seed_int()
tipc: fix wrong timeout input for tipc_wait_for_cond()
mt7601u: fix bbp version check in mt7601u_wait_bbp_ready
crypto: sun4i-ss - fix big endian issues
drm/sti: do not remove the drm_bridge that was never added
drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset()
ALSA: hda: fix unused variable warning
apparmor: don't try to replace stale label in ptrace access check
PCI: iproc: Remove PAXC slot check to allow VF support
drm/hisilicon: hibmc: Don't overwrite fb helper surface depth
IB/rxe: replace kvfree with vfree
IB/hfi1: Add mtu check for operational data VLs
ALSA: usb-audio: update quirk for B&W PX to remove microphone
staging: comedi: ni_mio_common: protect register write overflow
pwm: lpss: Release runtime-pm reference from the driver's remove callback
drm/sun4i: hdmi: Fix double flag assignation
mlxsw: reg: QEEC: Add minimum shaper fields
NTB: ntb_hw_idt: replace IS_ERR_OR_NULL with regular NULL checks
pcrypt: use format specifier in kobject_add
exportfs: fix 'passing zero to ERR_PTR()' warning
drm/dp_mst: Skip validating ports during destruction, just ref
net: phy: Fix not to call phy_resume() if PHY is not attached
IB/rxe: Fix incorrect cache cleanup in error flow
staging: bcm2835-camera: Abort probe if there is no camera
switchtec: Remove immediate status check after submitting MRPC command
pinctrl: sh-pfc: r8a7740: Add missing REF125CK pin to gether_gmii group
pinctrl: sh-pfc: r8a7740: Add missing LCD0 marks to lcd0_data24_1 group
pinctrl: sh-pfc: r8a7791: Remove bogus ctrl marks from qspi_data4_b group
pinctrl: sh-pfc: r8a7791: Remove bogus marks from vin1_b_data18 group
pinctrl: sh-pfc: sh73a0: Add missing TO pin to tpu4_to3 group
pinctrl: sh-pfc: r8a7794: Remove bogus IPSR9 field
pinctrl: sh-pfc: sh7734: Add missing IPSR11 field
pinctrl: sh-pfc: r8a77995: Remove bogus SEL_PWM[0-3]_3 configurations
pinctrl: sh-pfc: sh7269: Add missing PCIOR0 field
pinctrl: sh-pfc: sh7734: Remove bogus IPSR10 value
vxlan: changelink: Fix handling of default remotes
Input: nomadik-ske-keypad - fix a loop timeout test
clk: highbank: fix refcount leak in hb_clk_init()
clk: qoriq: fix refcount leak in clockgen_init()
clk: socfpga: fix refcount leak
clk: samsung: exynos4: fix refcount leak in exynos4_get_xom()
clk: imx6q: fix refcount leak in imx6q_clocks_init()
clk: imx6sx: fix refcount leak in imx6sx_clocks_init()
clk: imx7d: fix refcount leak in imx7d_clocks_init()
clk: vf610: fix refcount leak in vf610_clocks_init()
clk: armada-370: fix refcount leak in a370_clk_init()
clk: kirkwood: fix refcount leak in kirkwood_clk_init()
clk: armada-xp: fix refcount leak in axp_clk_init()
clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init()
clk: dove: fix refcount leak in dove_clk_init()
MIPS: BCM63XX: drop unused and broken DSP platform device
IB/usnic: Fix out of bounds index check in query pkey
RDMA/ocrdma: Fix out of bounds index check in query pkey
RDMA/qedr: Fix out of bounds index check in query pkey
drm/shmob: Fix return value check in shmob_drm_probe
arm64: dts: apq8016-sbc: Increase load on l11 for SDCARD
spi: cadence: Correct initialisation of runtime PM
RDMA/iw_cxgb4: Fix the unchecked ep dereference
drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump()
media: s5p-jpeg: Correct step and max values for V4L2_CID_JPEG_RESTART_INTERVAL
kbuild: mark prepare0 as PHONY to fix external module build
crypto: brcm - Fix some set-but-not-used warning
crypto: tgr192 - fix unaligned memory access
ASoC: imx-sgtl5000: put of nodes if finding codec fails
IB/iser: Pass the correct number of entries for dma mapped SGL
rtc: cmos: ignore bogus century byte
spi/topcliff_pch: Fix potential NULL dereference on allocation error
clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it
iwlwifi: mvm: avoid possible access out of array.
net/mlx5: Take lock with IRQs disabled to avoid deadlock
iwlwifi: mvm: fix A-MPDU reference assignment
tty: ipwireless: Fix potential NULL pointer dereference
driver: uio: fix possible memory leak in __uio_register_device
driver: uio: fix possible use-after-free in __uio_register_device
crypto: crypto4xx - Fix wrong ppc4xx_trng_probe()/ppc4xx_trng_remove() arguments
driver core: Do not resume suppliers under device_links_write_lock()
ARM: dts: lpc32xx: add required clocks property to keypad device node
ARM: dts: lpc32xx: reparent keypad controller to SIC1
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller variant
ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller clocks property
ARM: dts: lpc32xx: phy3250: fix SD card regulator voltage
iwlwifi: mvm: fix RSS config command
staging: most: cdev: add missing check for cdev_add failure
rtc: ds1672: fix unintended sign extension
thermal: mediatek: fix register index error
net: phy: fixed_phy: Fix fixed_phy not checking GPIO
rtc: ds1307: rx8130: Fix alarm handling
rtc: 88pm860x: fix unintended sign extension
rtc: 88pm80x: fix unintended sign extension
rtc: pm8xxx: fix unintended sign extension
fbdev: chipsfb: remove set but not used variable 'size'
iw_cxgb4: use tos when importing the endpoint
iw_cxgb4: use tos when finding ipv6 routes
drm/etnaviv: potential NULL dereference
pinctrl: sh-pfc: emev2: Add missing pinmux functions
pinctrl: sh-pfc: r8a7791: Fix scifb2_data_c pin group
pinctrl: sh-pfc: r8a7792: Fix vin1_data18_b pin group
pinctrl: sh-pfc: sh73a0: Fix fsic_spdif pin groups
PCI: endpoint: functions: Use memcpy_fromio()/memcpy_toio()
usb: phy: twl6030-usb: fix possible use-after-free on remove
block: don't use bio->bi_vcnt to figure out segment number
keys: Timestamp new keys
vfio_pci: Enable memory accesses before calling pci_map_rom
hwmon: (pmbus/tps53679) Fix driver info initialization in probe routine
KVM: PPC: Release all hardware TCE tables attached to a group
staging: r8822be: check kzalloc return or bail
dmaengine: mv_xor: Use correct device for DMA API
cdc-wdm: pass return value of recover_from_urb_loss
regulator: pv88060: Fix array out-of-bounds access
regulator: pv88080: Fix array out-of-bounds access
regulator: pv88090: Fix array out-of-bounds access
net: dsa: qca8k: Enable delay for RGMII_ID mode
drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON
drm/nouveau/pmu: don't print reply values if exec is false
ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of()
fs/nfs: Fix nfs_parse_devname to not modify it's argument
staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx
powerpc/64s: Fix logic when handling unknown CPU features
NFS: Fix a soft lockup in the delegation recovery code
clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable
clocksource/drivers/exynos_mct: Fix error path in timer resources initialization
platform/x86: wmi: fix potential null pointer dereference
NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount
mmc: sdhci-brcmstb: handle mmc_of_parse() errors during probe
ARM: 8847/1: pm: fix HYP/SVC mode mismatch when MCPM is used
ARM: 8848/1: virt: Align GIC version check with arm64 counterpart
regulator: wm831x-dcdc: Fix list of wm831x_dcdc_ilim from mA to uA
netfilter: nft_set_hash: fix lookups with fixed size hash on big endian
NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE()
net: aquantia: fixed instack structure overflow
powerpc/mm: Check secondary hash page table
nios2: ksyms: Add missing symbol exports
x86/mm: Remove unused variable 'cpu'
scsi: megaraid_sas: reduce module load time
drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen()
xen, cpu_hotplug: Prevent an out of bounds access
net: sh_eth: fix a missing check of of_get_phy_mode
regulator: lp87565: Fix missing register for LP87565_BUCK_0
media: ivtv: update *pos correctly in ivtv_read_pos()
media: cx18: update *pos correctly in cx18_read_pos()
media: wl128x: Fix an error code in fm_download_firmware()
media: cx23885: check allocation return
regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB
jfs: fix bogus variable self-initialization
tipc: tipc clang warning
m68k: mac: Fix VIA timer counter accesses
arm64: dts: allwinner: a64: Add missing PIO clocks
ARM: OMAP2+: Fix potentially uninitialized return value for _setup_reset()
media: davinci-isif: avoid uninitialized variable use
media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
spi: tegra114: clear packed bit for unpacked mode
spi: tegra114: fix for unpacked mode transfers
spi: tegra114: terminate dma and reset on transfer timeout
spi: tegra114: flush fifos
spi: tegra114: configure dma burst size to fifo trig level
soc/fsl/qe: Fix an error code in qe_pin_request()
spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios
ehea: Fix a copy-paste err in ehea_init_port_res
scsi: qla2xxx: Unregister chrdev if module initialization fails
scsi: target/core: Fix a race condition in the LUN lookup code
ARM: pxa: ssp: Fix "WARNING: invalid free of devm_ allocated data"
net: hns3: fix for vport->bw_limit overflow problem
hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses
platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer
tipc: set sysctl_tipc_rmem and named_timeout right range
selftests/ipc: Fix msgque compiler warnings
powerpc: vdso: Make vdso32 installation conditional in vdso_install
ARM: dts: ls1021: Fix SGMII PCS link remaining down after PHY disconnect
media: ov2659: fix unbalanced mutex_lock/unlock
6lowpan: Off by one handling ->nexthdr
dmaengine: axi-dmac: Don't check the number of frames for alignment
ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk()
NFS: Don't interrupt file writeout due to fatal errors
irqchip/gic-v3-its: fix some definitions of inner cacheability attributes
scsi: qla2xxx: Fix a format specifier
scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory
packet: in recvmsg msg_name return at least sizeof sockaddr_ll
ASoC: fix valid stream condition
usb: gadget: fsl: fix link error against usb-gadget module
dwc2: gadget: Fix completed transfer size calculation in DDMA
IB/mlx5: Add missing XRC options to QP optional params mask
iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU
net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry
net: ena: fix: Free napi resources when ena_up() fails
net: ena: fix incorrect test of supported hash function
net: ena: fix ena_com_fill_hash_function() implementation
dmaengine: tegra210-adma: restore channel status
mmc: core: fix possible use after free of host
lightnvm: pblk: fix lock order in pblk_rb_tear_down_check
afs: Fix the afs.cell and afs.volume xattr handlers
vfio/mdev: Avoid release parent reference during error path
vfio/mdev: Fix aborting mdev child device removal if one fails
l2tp: Fix possible NULL pointer dereference
media: omap_vout: potential buffer overflow in vidioc_dqbuf()
media: davinci/vpbe: array underflow in vpbe_enum_outputs()
platform/x86: alienware-wmi: printing the wrong error code
crypto: caam - fix caam_dump_sg that iterates through scatterlist
netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule
pwm: meson: Consider 128 a valid pre-divider
pwm: meson: Don't disable PWM when setting duty repeatedly
ARM: riscpc: fix lack of keyboard interrupts after irq conversion
kdb: do a sanity check on the cpu in kdb_per_cpu()
backlight: lm3630a: Return 0 on success in update_status functions
thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power
EDAC/mc: Fix edac_mc_find() in case no device is found
ARM: dts: sun8i-h3: Fix wifi in Beelink X2 DT
dmaengine: tegra210-adma: Fix crash during probe
arm64: dts: meson: libretech-cc: set eMMC as removable
RDMA/qedr: Fix incorrect device rate.
spi: spi-fsl-spi: call spi_finalize_current_message() at the end
crypto: ccp - fix AES CFB error exposed by new test vectors
crypto: ccp - Fix 3DES complaint from ccp-crypto module
serial: stm32: fix rx error handling
serial: stm32: fix transmit_chars when tx is stopped
serial: stm32: Add support of TC bit status check
serial: stm32: fix wakeup source initialization
misc: sgi-xp: Properly initialize buf in xpc_get_rsvd_page_pa
iommu: Use right function to get group for device
signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig
inet: frags: call inet_frags_fini() after unregister_pernet_subsys()
netvsc: unshare skb in VF rx handler
cpufreq: brcmstb-avs-cpufreq: Fix initial command check
cpufreq: brcmstb-avs-cpufreq: Fix types for voltage/frequency
media: vivid: fix incorrect assignment operation when setting video mode
mpls: fix warning with multi-label encap
iommu/vt-d: Duplicate iommu_resv_region objects per device list
qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state
powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild
powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration
drm/msm/mdp5: Fix mdp5_cfg_init error return
net: netem: fix backlog accounting for corrupted GSO frames
net/af_iucv: always register net_device notifier
ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs
rtc: pcf8563: Fix interrupt trigger method
rtc: pcf8563: Clear event flags and disable interrupts before requesting irq
drm/msm/a3xx: remove TPL1 regs from snapshot
perf/ioctl: Add check for the sample_period value
dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width"
clk: qcom: Fix -Wunused-const-variable
nvmem: imx-ocotp: Ensure WAIT bits are preserved when setting timing
bnxt_en: Fix ethtool selftest crash under error conditions.
iommu/amd: Make iommu_disable safer
mfd: intel-lpss: Release IDA resources
rxrpc: Fix uninitialized error code in rxrpc_send_data_packet()
devres: allow const resource arguments
RDMA/hns: Fixs hw access invalid dma memory error
net: pasemi: fix an use-after-free in pasemi_mac_phy_init()
scsi: libfc: fix null pointer dereference on a null lport
clk: sunxi-ng: v3s: add the missing PLL_DDR1
PM: sleep: Fix possible overflow in pm_system_cancel_wakeup()
libertas_tf: Use correct channel range in lbtf_geo_init
qed: reduce maximum stack frame size
usb: host: xhci-hub: fix extra endianness conversion
mic: avoid statically declaring a 'struct device'.
x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI
crypto: ccp - Reduce maximum stack usage
ALSA: aoa: onyx: always initialize register read value
tipc: reduce risk of wakeup queue starvation
ARM: dts: stm32: add missing vdda-supply to adc on stm32h743i-eval
net/mlx5: Fix mlx5_ifc_query_lag_out_bits
cifs: fix rmmod regression in cifs.ko caused by force_sig changes
crypto: caam - free resources in case caam_rng registration failed
ext4: set error return correctly when ext4_htree_store_dirent fails
ASoC: es8328: Fix copy-paste error in es8328_right_line_controls
ASoC: cs4349: Use PM ops 'cs4349_runtime_pm'
ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls
net/rds: Add a few missing rds_stat_names entries
bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails
signal: Allow cifs and drbd to receive their terminating signals
ASoC: sun4i-i2s: RX and TX counter registers are swapped
dmaengine: dw: platform: Switch to acpi_dma_controller_register()
mac80211: minstrel_ht: fix per-group max throughput rate initialization
media: atmel: atmel-isi: fix timeout value for stop streaming
rtc: pcf2127: bugfix: read rtc disables watchdog
mips: avoid explicit UB in assignment of mips_io_port_base
iommu/mediatek: Fix iova_to_phys PA start for 4GB mode
ahci: Do not export local variable ahci_em_messages
Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()"
hwmon: (lm75) Fix write operations for negative temperatures
power: supply: Init device wakeup after device_add()
x86, perf: Fix the dependency of the x86 insn decoder selftest
staging: greybus: light: fix a couple double frees
irqdomain: Add the missing assignment of domain->fwnode for named fwnode
bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA
iio: dac: ad5380: fix incorrect assignment to val
ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init
tty: serial: fsl_lpuart: Use appropriate lpuart32_* I/O funcs
net: sonic: return NETDEV_TX_OK if failed to map buffer
scsi: fnic: fix msix interrupt allocation
Btrfs: fix hang when loading existing inode cache off disk
Btrfs: fix inode cache waiters hanging on failure to start caching thread
Btrfs: fix inode cache waiters hanging on path allocation failure
btrfs: use correct count in btrfs_file_write_iter()
ixgbe: sync the first fragment unconditionally
hwmon: (shtc1) fix shtc1 and shtw1 id mask
net: sonic: replace dev_kfree_skb in sonic_send_packet
pinctrl: iproc-gpio: Fix incorrect pinconf configurations
ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet
RDMA/cma: Fix false error message
net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names'
iommu/amd: Wait for completion of IOTLB flush in attach_device
net: aquantia: Fix aq_vec_isr_legacy() return value
net: hisilicon: Fix signedness bug in hix5hd2_dev_probe()
net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe()
net: stmmac: dwmac-meson8b: Fix signedness bug in probe
net: axienet: fix a signedness bug in probe
of: mdio: Fix a signedness bug in of_phy_get_and_connect()
net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse()
nvme: retain split access workaround for capability reads
net: stmmac: gmac4+: Not all Unicast addresses may be available
mac80211: accept deauth frames in IBSS mode
llc: fix another potential sk_buff leak in llc_ui_sendmsg()
llc: fix sk_buff refcounting in llc_conn_state_process()
net: stmmac: fix length of PTP clock's name string
act_mirred: Fix mirred_init_module error handling
net: avoid possible false sharing in sk_leave_memory_pressure()
net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head
tcp: annotate lockless access to tcp_memory_pressure
drm/msm/dsi: Implement reset correctly
dmaengine: imx-sdma: fix size check for sdma script_number
net: netem: fix error path for corrupted GSO frames
net: netem: correct the parent's backlog when corrupted packet was dropped
net: qca_spi: Move reset_count to struct qcaspi
afs: Fix large file support
MIPS: Loongson: Fix return value of loongson_hwmon_init
hv_netvsc: flag software created hash value
net: neigh: use long type to store jiffies delta
packet: fix data-race in fanout_flow_is_huge()
mmc: sdio: fix wl1251 vendor id
mmc: core: fix wl1251 sdio quirks
affs: fix a memory leak in affs_remount
dmaengine: ti: edma: fix missed failure handling
drm/radeon: fix bad DMA from INTERRUPT_CNTL2
arm64: dts: juno: Fix UART frequency
IB/iser: Fix dma_nents type definition
serial: stm32: fix clearing interrupt error flags
m68k: Call timer_interrupt() with interrupts disabled
Linux 4.14.168
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I3eeaa348e8e99998356d27c99d06dcb38e48e7d5
|
||
|
Eric Dumazet
|
a8e920b220 |
tcp: annotate lockless access to tcp_memory_pressure
[ Upstream commit 1f142c17d19a5618d5a633195a46f2c8be9bf232 ]
tcp_memory_pressure is read without holding any lock,
and its value could be changed on other cpus.
Use READ_ONCE() to annotate these lockless reads.
The write side is already using atomic ops.
Fixes: b8da51ebb1aa ("tcp: introduce tcp_under_memory_pressure()")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Eric Dumazet
|
681c8c92c4 |
net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head
[ Upstream commit 60b173ca3d1cd1782bd0096dc17298ec242f6fb1 ]
reqsk_queue_empty() is called from inet_csk_listen_poll() while
other cpus might write ->rskq_accept_head value.
Use {READ|WRITE}_ONCE() to avoid compiler tricks
and potential KCSAN splats.
Fixes: fff1f3001cc5 ("tcp: add a spinlock to protect struct request_sock_queue")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
|
Greg Kroah-Hartman
|
571f96858f |
This is the 4.14.167 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4pSUUACgkQONu9yGCS aT7tQA/9FkHOGpw/hHXap1LCqpOvcgagEexE2y2APxuZAaH0vBDoIHeXBJa8tsOa hIEag//gR7+CZ58eFiuNAEitOMDoeiIroh8H+GEw6ne3Ns4RGngfLySjhsaghLNS VMYENwwtyQrnbRgHZxdR9EeoMHeBOqUglmwGmGX34iNICNQ4P6ux4go3Lvxl+NWx yigKKHxZHYJgNXFw4neMoUgLX7ivQ3ccLQfAlxCkAGvJSUMN2J2qjr0PlsO2XOJy WV+ZxBiG6wOi4jO+QcCbDzfftB4vQHb3GItOQIeKGedDYcP7I/XnVQS43gW0EMYz bNoC2Zlj44Qg8v6cIeKKXHt2chy5wFvZid1JPbZSeXGAhyAmLxTLOwBJgHRPvlpT pgbMTthDXmQjx8k/lMYNEUIFEYRiTcEbyGOT4BYU6PemWh83EVdANu2xAGIFYxby L+d3gsS0LzU8ml9UYNZ0+f0ebXzvPL3qxlAu9vhTrXWPADrqR++cJmDg5z9fzvap BK3qyWhhGMuErTnlzlvkOqaAyY1EYSzVu3nWO4symyOXIebw2ofSceqTzxMAJfUk qo6ngca2RHDeISranlfRzPhG2EgegYhxsoC+51nqBGG/O2/Oln0JeA2hsDGYPbKG q4JdZEXPn50PVx19IgEHjC37lJv5aTko6z9ArxwXEcVkriyBiIE= =XBah -----END PGP SIGNATURE----- Merge 4.14.167 into android-4.14 Changes in 4.14.167 dt-bindings: reset: meson8b: fix duplicate reset IDs clk: Don't try to enable critical clocks if prepare failed ASoC: msm8916-wcd-analog: Fix selected events for MIC BIAS External1 ALSA: seq: Fix racy access for queue timer in proc read Fix built-in early-load Intel microcode alignment block: fix an integer overflow in logical block size ARM: dts: am571x-idk: Fix gpios property to have the correct gpio number iio: buffer: align the size of scan bytes to size of the largest element USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx USB: serial: option: Add support for Quectel RM500Q USB: serial: opticon: fix control-message timeouts USB: serial: option: add support for Quectel RM500Q in QDL mode USB: serial: suppress driver bind attributes USB: serial: ch341: handle unbound port at reset_resume USB: serial: io_edgeport: add missing active-port sanity check USB: serial: keyspan: handle unbound ports USB: serial: quatech2: handle unbound ports scsi: fnic: fix invalid stack access scsi: mptfusion: Fix double fetch bug in ioctl ptrace: reintroduce usage of subjective credentials in ptrace_has_cap() usb: core: hub: Improved device recognition on remote wakeup x86/resctrl: Fix an imbalance in domain_remove_cpu() x86/efistub: Disable paging at mixed mode entry perf hists: Fix variable name's inconsistency in hists__for_each() macro perf report: Fix incorrectly added dimensions as switch perf data file mm/shmem.c: thp, shmem: fix conflict of above-47bit hint address and PMD alignment btrfs: fix memory leak in qgroup accounting mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() net: stmmac: 16KB buffer must be 16 byte aligned net: stmmac: Enable 16KB buffer size USB: serial: io_edgeport: use irqsave() in USB's complete callback USB: serial: io_edgeport: handle unbound ports on URB completion mm/huge_memory.c: make __thp_get_unmapped_area static mm/huge_memory.c: thp: fix conflict of above-47bit hint address and PMD alignment arm64: dts: agilex/stratix10: fix pmu interrupt numbers cfg80211: fix page refcount issue in A-MSDU decap netfilter: fix a use-after-free in mtype_destroy() netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct NFC: pn533: fix bulk-message timeout batman-adv: Fix DAT candidate selection on little endian systems macvlan: use skb_reset_mac_header() in macvlan_queue_xmit() hv_netvsc: Fix memory leak when removing rndis device net: dsa: tag_qca: fix doubled Tx statistics net: hns: fix soft lockup when there is not enough memory net: usb: lan78xx: limit size of local TSO packets net/wan/fsl_ucc_hdlc: fix out of bounds write on array utdm_info ptp: free ptp device pin descriptors properly r8152: add missing endpoint sanity check tcp: fix marked lost packets not being retransmitted xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk cw1200: Fix a signedness bug in cw1200_load_firmware() arm64: dts: meson-gxl-s905x-khadas-vim: fix gpio-keys-polled node cfg80211: check for set_wiphy_params tick/sched: Annotate lockless access to last_jiffies_update Revert "arm64: dts: juno: add dma-ranges property" reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr scsi: esas2r: unlock on error in esas2r_nvram_read_direct() scsi: qla4xxx: fix double free bug scsi: bnx2i: fix potential use after free scsi: target: core: Fix a pr_debug() argument scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan scsi: core: scsi_trace: Use get_unaligned_be*() perf probe: Fix wrong address verification regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id Linux 4.14.167 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ie2aaf9891326fea7fc9c3e8480dd69871e9d0d7d |
||
Pengcheng Yang
|
43dfcc7735 |
tcp: fix marked lost packets not being retransmitted
[ Upstream commit e176b1ba476cf36f723cfcc7a9e57f3cb47dec70 ]
When the packet pointed to by retransmit_skb_hint is unlinked by ACK,
retransmit_skb_hint will be set to NULL in tcp_clean_rtx_queue().
If packet loss is detected at this time, retransmit_skb_hint will be set
to point to the current packet loss in tcp_verify_retransmit_hint(),
then the packets that were previously marked lost but not retransmitted
due to the restriction of cwnd will be skipped and cannot be
retransmitted.
To fix this, when retransmit_skb_hint is NULL, retransmit_skb_hint can
be reset only after all marked lost packets are retransmitted
(retrans_out >= lost_out), otherwise we need to traverse from
tcp_rtx_queue_head in tcp_xmit_retransmit_queue().
Packetdrill to demonstrate:
// Disable RACK and set max_reordering to keep things simple
0 `sysctl -q net.ipv4.tcp_recovery=0`
+0 `sysctl -q net.ipv4.tcp_max_reordering=3`
// Establish a connection
+0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3
+0 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
+0 bind(3, ..., ...) = 0
+0 listen(3, 1) = 0
+.1 < S 0:0(0) win 32792 <mss 1000,sackOK,nop,nop,nop,wscale 7>
+0 > S. 0:0(0) ack 1 <...>
+.01 < . 1:1(0) ack 1 win 257
+0 accept(3, ..., ...) = 4
// Send 8 data segments
+0 write(4, ..., 8000) = 8000
+0 > P. 1:8001(8000) ack 1
// Enter recovery and 1:3001 is marked lost
+.01 < . 1:1(0) ack 1 win 257 <sack 3001:4001,nop,nop>
+0 < . 1:1(0) ack 1 win 257 <sack 5001:6001 3001:4001,nop,nop>
+0 < . 1:1(0) ack 1 win 257 <sack 5001:7001 3001:4001,nop,nop>
// Retransmit 1:1001, now retransmit_skb_hint points to 1001:2001
+0 > . 1:1001(1000) ack 1
// 1001:2001 was ACKed causing retransmit_skb_hint to be set to NULL
+.01 < . 1:1(0) ack 2001 win 257 <sack 5001:8001 3001:4001,nop,nop>
// Now retransmit_skb_hint points to 4001:5001 which is now marked lost
// BUG: 2001:3001 was not retransmitted
+0 > . 2001:3001(1000) ack 1
Signed-off-by: Pengcheng Yang <yangpc@wangsu.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Tested-by: Neal Cardwell <ncardwell@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Florian Westphal
|
4130fabf9e |
netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
commit 212e7f56605ef9688d0846db60c6c6ec06544095 upstream. An earlier commit (1b789577f655060d98d20e, "netfilter: arp_tables: init netns pointer in xt_tgchk_param struct") fixed missing net initialization for arptables, but turns out it was incomplete. We can get a very similar struct net NULL deref during error unwinding: general protection fault: 0000 [#1] PREEMPT SMP KASAN RIP: 0010:xt_rateest_put+0xa1/0x440 net/netfilter/xt_RATEEST.c:77 xt_rateest_tg_destroy+0x72/0xa0 net/netfilter/xt_RATEEST.c:175 cleanup_entry net/ipv4/netfilter/arp_tables.c:509 [inline] translate_table+0x11f4/0x1d80 net/ipv4/netfilter/arp_tables.c:587 do_replace net/ipv4/netfilter/arp_tables.c:981 [inline] do_arpt_set_ctl+0x317/0x650 net/ipv4/netfilter/arp_tables.c:1461 Also init the netns pointer in xt_tgdtor_param struct. Fixes: add67461240c1d ("netfilter: add struct net * to target parameters") Reported-by: syzbot+91bdd8eece0f6629ec8b@syzkaller.appspotmail.com Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Greg Kroah-Hartman
|
748d727135 |
This is the 4.14.165 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4eEQ0ACgkQONu9yGCS aT5i7hAAhtuy6LEtpDbafLHmKEQwUmHu4dMWSVg0kzgraVVCGl9YqY8d+WgKn6dN mNxYvThWmD+ZSnwOJQnW4EdW/72S3S3FJ9ayTGUHkHj34/FkicxV803ETRGIeeTd 3aothT4kxKK2Mx99qKxg4+bJEMSdYME/ldGOQvqDMrIdf72b4U9N57902u0W7t1g XgzzxKb65qy29Icyr6XJUhEjA7dQuit2zNYIt4LUtAHkCmVXlUUVWBQ6FZNYVxIy 4Q3mPRpHvcbrHV3qWxAyA4k3XRiNCd5oYp6U2pXOoTCv1Ez6lGEXlrRb7P6W/qqq sAGTAgk5vCWtwH8Dqul3bdNWvN47+4jLko+kgFsiAbJDTUOejuNizUg6Jg8UnZnB IBj2INpvvBuurgvOzqp5kcX1Dt+EjaVTkXe0u4qiQE7iSemiRxUGsDDdrR/27JsV 83PHqRnBEHzIHKXIQdS2UhW5zprOf47CMuKP0nVb+oEEzEnbvh5nLKUoLNabD2sL KNPVqPDVNO57DPMiY4uRAQ5QUy6GcThwkFBD7ydqtpTPMQIPp0VG3h59DDE4noBX sekd6PKPHAJzVR9agx0ASrb8USDS3LBNQNGi5MiyAHn0SpoRQpyBzhJcHCXhVvFE LWBv6CfIu+igDRrGFdZCizhRQGNON0AfNEjMkN8RGG5rgCi7ofo= =Soo8 -----END PGP SIGNATURE----- Merge 4.14.165 into android-4.14 Changes in 4.14.165 chardev: Avoid potential use-after-free in 'chrdev_open()' usb: chipidea: host: Disable port power only if previously enabled ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5 ALSA: hda/realtek - Add new codec supported for ALCS1200A ALSA: hda/realtek - Set EAPD control to default for ALC222 kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail tracing: Have stack tracer compile when MCOUNT_INSN_SIZE is not defined HID: Fix slab-out-of-bounds read in hid_field_extract HID: uhid: Fix returning EPOLLOUT from uhid_char_poll can: gs_usb: gs_usb_probe(): use descriptors of current altsetting can: mscan: mscan_rx_poll(): fix rx path lockup when returning from polling to irq mode can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs gpiolib: acpi: Turn dmi_system_id table into a generic quirk table gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism staging: vt6656: set usb_set_intfdata on driver fail. USB: serial: option: add ZLP support for 0x1bc7/0x9010 usb: musb: fix idling for suspend after disconnect interrupt usb: musb: Disable pullup at init usb: musb: dma: Correct parameter passed to IRQ handler staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713 HID: hid-input: clear unmapped usages Input: add safety guards to input_set_keycode() drm/fb-helper: Round up bits_per_pixel if possible drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21 tty: link tty and port before configuring it as console tty: always relink the port mwifiex: fix possible heap overflow in mwifiex_process_country_ie() mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf scsi: bfa: release allocated memory in case of error rtl8xxxu: prevent leaking urb ath10k: fix memory leak arm64: cpufeature: Avoid warnings due to unused symbols HID: hiddev: fix mess in hiddev_open() USB: Fix: Don't skip endpoint descriptors with maxpacket=0 phy: cpcap-usb: Fix error path when no host driver is loaded phy: cpcap-usb: Fix flakey host idling and enumerating of devices netfilter: arp_tables: init netns pointer in xt_tgchk_param struct netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present drm/i915/gen9: Clear residual context state on context switch Linux 4.14.165 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ia2165e5228d420a483a05f2145f15255047446bc |