malhuda/msm-4.14
1
0
Fork 0
mirror of https://github.com/rd-stuffs/msm-4.14.git synced 2025-02-20 11:45:48 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
757,302 Commits 5 Branches 0 Tags
Commit Graph

1804 Commits

Author SHA1 Message Date
Lingutla Chandrasekhar
e1c04f0324 sched: Improve the scheduler 
This change is for general scheduler improvements.

Change-Id: I5e7c2d92ae5cddaa4dc37d68dfb7a184a72b1c12
Signed-off-by: Lingutla Chandrasekhar <clingutla@codeaurora.org>
 2020-06-23 00:05:56 -07:00
Srinivasarao P
8241b06f7c Merge android-4.14.159 (f960b38) into msm-4.14 
* refs/heads/tmp-f960b38:
  Linux 4.14.159
  of: unittest: fix memory leak in attach_node_and_children
  raid5: need to set STRIPE_HANDLE for batch head
  gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist
  kernel/module.c: wakeup processes in module_wq on module unload
  gfs2: fix glock reference problem in gfs2_trans_remove_revoke
  net/mlx5e: Fix SFF 8472 eeprom length
  sunrpc: fix crash when cache_head become valid before update
  workqueue: Fix missing kfree(rescuer) in destroy_workqueue()
  blk-mq: make sure that line break can be printed
  mfd: rk808: Fix RK818 ID template
  ext4: fix a bug in ext4_wait_for_tail_page_commit
  mm/shmem.c: cast the type of unmap_start to u64
  firmware: qcom: scm: Ensure 'a0' status code is treated as signed
  ext4: work around deleting a file with i_nlink == 0 safely
  powerpc: Fix vDSO clock_getres()
  powerpc: Avoid clang warnings around setjmp and longjmp
  ath10k: fix fw crash by moving chip reset after napi disabled
  media: vimc: fix component match compare
  mlxsw: spectrum_router: Refresh nexthop neighbour when it becomes dead
  power: supply: cpcap-battery: Fix signed counter sample register
  x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk
  x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models
  e100: Fix passing zero to 'PTR_ERR' warning in e100_load_ucode_wait
  drbd: Change drbd_request_detach_interruptible's return type to int
  scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE
  scsi: lpfc: Cap NPIV vports to 256
  omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251
  phy: renesas: rcar-gen3-usb2: Fix sysfs interface of "role"
  iio: adis16480: Add debugfs_reg_access entry
  xhci: make sure interrupts are restored to correct state
  xhci: Fix memory leak in xhci_add_in_port()
  scsi: qla2xxx: Fix message indicating vectors used by driver
  scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value
  scsi: qla2xxx: Fix qla24xx_process_bidir_cmd()
  scsi: qla2xxx: Fix session lookup in qlt_abort_work()
  scsi: qla2xxx: Fix DMA unmap leak
  scsi: zfcp: trace channel log even for FCP command responses
  block: fix single range discard merge
  reiserfs: fix extended attributes on the root directory
  ext4: Fix credit estimate for final inode freeing
  quota: fix livelock in dquot_writeback_dquots
  ext2: check err when partial != NULL
  quota: Check that quota is not dirty before release
  video/hdmi: Fix AVI bar unpack
  powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts
  powerpc: Allow flush_icache_range to work across ranges >4GB
  powerpc/xive: Prevent page fault issues in the machine crash handler
  powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB
  ppdev: fix PPGETTIME/PPSETTIME ioctls
  ARM: dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity
  mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card
  pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init
  pinctrl: samsung: Fix device node refcount leaks in init code
  pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init
  pinctrl: samsung: Add of_node_put() before return in error path
  ACPI: PM: Avoid attaching ACPI PM domain to certain devices
  ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data()
  ACPI: OSL: only free map once in osl.c
  cpufreq: powernv: fix stack bloat and hard limit on number of CPUs
  PM / devfreq: Lock devfreq in trans_stat_show
  intel_th: pci: Add Tiger Lake CPU support
  intel_th: pci: Add Ice Lake CPU support
  intel_th: Fix a double put_device() in error path
  cpuidle: Do not unset the driver if it is there already
  media: cec.h: CEC_OP_REC_FLAG_ values were swapped
  media: radio: wl1273: fix interrupt masking on release
  media: bdisp: fix memleak on release
  s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported
  ar5523: check NULL before memcpy() in ar5523_cmd()
  cgroup: pids: use atomic64_t for pids->limit
  blk-mq: avoid sysfs buffer overflow with too many CPU cores
  ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report
  workqueue: Fix pwq ref leak in rescuer_thread()
  workqueue: Fix spurious sanity check failures in destroy_workqueue()
  dm zoned: reduce overhead of backing device checks
  hwrng: omap - Fix RNG wait loop timeout
  watchdog: aspeed: Fix clock behaviour for ast2600
  md/raid0: Fix an error message in raid0_make_request()
  ALSA: hda - Fix pending unsol events at shutdown
  ovl: relax WARN_ON() on rename to self
  lib: raid6: fix awk build warnings
  rtlwifi: rtl8192de: Fix missing enable interrupt flag
  rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer
  rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address
  btrfs: record all roots for rename exchange on a subvol
  Btrfs: send, skip backreference walking for extents with many references
  btrfs: Remove btrfs_bio::flags member
  Btrfs: fix negative subv_writers counter and data space leak after buffered write
  btrfs: use refcount_inc_not_zero in kill_all_nodes
  btrfs: check page->mapping when loading free space cache
  usb: dwc3: ep0: Clear started flag on completion
  virtio-balloon: fix managed page counts when migrating pages between zones
  mtd: spear_smi: Fix Write Burst mode
  tpm: add check after commands attribs tab allocation
  usb: mon: Fix a deadlock in usbmon between mmap and read
  usb: core: urb: fix URB structure initialization function
  USB: adutux: fix interface sanity check
  USB: serial: io_edgeport: fix epic endpoint lookup
  USB: idmouse: fix interface sanity checks
  USB: atm: ueagle-atm: add missing endpoint check
  iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel reporting
  ARM: dts: pandora-common: define wl1251 as child node of mmc3
  xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour.
  xhci: Increase STS_HALT timeout in xhci_suspend()
  usb: xhci: only set D3hot for pci device
  staging: gigaset: add endpoint-type sanity check
  staging: gigaset: fix illegal free on probe errors
  staging: gigaset: fix general protection fault on probe
  staging: rtl8712: fix interface sanity check
  staging: rtl8188eu: fix interface sanity check
  usb: Allow USB device to be warm reset in suspended state
  USB: documentation: flags on usb-storage versus UAS
  USB: uas: heed CAPACITY_HEURISTICS
  USB: uas: honor flag to avoid CAPACITY16
  media: venus: remove invalid compat_ioctl32 handler
  scsi: qla2xxx: Fix driver unload hang
  usb: gadget: pch_udc: fix use after free
  usb: gadget: configfs: Fix missing spin_lock_init()
  appletalk: Set error code if register_snap_client failed
  appletalk: Fix potential NULL pointer dereference in unregister_snap_client
  KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)
  ASoC: rsnd: fixup MIX kctrl registration
  binder: Handle start==NULL in binder_update_page_range()
  thermal: Fix deadlock in thermal thermal_zone_device_check
  iomap: Fix pipe page leakage during splicing
  RDMA/qib: Validate ->show()/store() callbacks before calling them
  spi: atmel: Fix CS high support
  crypto: user - fix memory leak in crypto_report
  crypto: ecdh - fix big endian bug in ECC library
  crypto: ccp - fix uninitialized list head
  crypto: af_alg - cast ki_complete ternary op to int
  crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr
  KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES
  KVM: x86: do not modify masked bits of shared MSRs
  KVM: arm/arm64: vgic: Don't rely on the wrong pending table
  drm/i810: Prevent underflow in ioctl
  jbd2: Fix possible overflow in jbd2_log_space_left()
  kernfs: fix ino wrap-around detection
  can: slcan: Fix use-after-free Read in slcan_open
  tty: vt: keyboard: reject invalid keycodes
  CIFS: Fix SMB2 oplock break processing
  CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks
  x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect
  Input: Fix memory leak in psxpad_spi_probe
  coresight: etm4x: Fix input validation for sysfs.
  Input: goodix - add upside-down quirk for Teclast X89 tablet
  Input: synaptics-rmi4 - don't increment rmiaddr for SMBus transfers
  Input: synaptics-rmi4 - re-enable IRQs in f34v7_do_reflash
  Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus
  ALSA: hda - Add mute led support for HP ProBook 645 G4
  ALSA: pcm: oss: Avoid potential buffer overflows
  ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236
  fuse: verify attributes
  fuse: verify nlink
  sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision
  tcp: exit if nothing to retransmit on RTO timeout
  net: aquantia: fix RSS table and key sizes
  media: vimc: fix start stream when link is disabled
  ARM: dts: sunxi: Fix PMU compatible strings
  usb: mtu3: fix dbginfo in qmu_tx_zlp_error_handler
  mlx4: Use snprintf instead of complicated strcpy
  IB/hfi1: Close VNIC sdma_progress sleep window
  IB/hfi1: Ignore LNI errors before DC8051 transitions to Polling state
  mlxsw: spectrum_router: Relax GRE decap matching check
  firmware: qcom: scm: fix compilation error when disabled
  media: stkwebcam: Bugfix for wrong return values
  tty: Don't block on IO when ldisc change is pending
  nfsd: Return EPERM, not EACCES, in some SETATTR cases
  MIPS: OCTEON: cvmx_pko_mem_debug8: use oldest forward compatible definition
  clk: renesas: r8a77995: Correct parent clock of DU
  powerpc/math-emu: Update macros from GCC
  pstore/ram: Avoid NULL deref in ftrace merging failure path
  net/mlx4_core: Fix return codes of unsupported operations
  dlm: fix invalid cluster name warning
  ARM: dts: realview: Fix some more duplicate regulator nodes
  clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent
  ARM: dts: pxa: clean up USB controller nodes
  mtd: fix mtd_oobavail() incoherent returned value
  kbuild: fix single target build for external module
  modpost: skip ELF local symbols during section mismatch check
  tcp: fix SNMP TCP timeout under-estimation
  tcp: fix SNMP under-estimation on failed retransmission
  tcp: fix off-by-one bug on aborting window-probing socket
  ARM: dts: realview-pbx: Fix duplicate regulator nodes
  ARM: dts: mmp2: fix the gpio interrupt cell number
  net/x25: fix null_x25_address handling
  net/x25: fix called/calling length calculation in x25_parse_address_block
  arm64: dts: meson-gxl-khadas-vim: fix GPIO lines names
  arm64: dts: meson-gxbb-odroidc2: fix GPIO lines names
  arm64: dts: meson-gxbb-nanopi-k2: fix GPIO lines names
  arm64: dts: meson-gxl-libretech-cc: fix GPIO lines names
  ARM: OMAP1/2: fix SoC name printing
  ASoC: au8540: use 64-bit arithmetic instead of 32-bit
  nfsd: fix a warning in __cld_pipe_upcall()
  ARM: debug: enable UART1 for socfpga Cyclone5
  dlm: NULL check before kmem_cache_destroy is not needed
  ARM: dts: sun8i: v3s: Change pinctrl nodes to avoid warning
  ARM: dts: sun5i: a10s: Fix HDMI output DTC warning
  ASoC: rsnd: tidyup registering method for rsnd_kctrl_new()
  lockd: fix decoding of TEST results
  i2c: imx: don't print error message on probe defer
  serial: imx: fix error handling in console_setup
  altera-stapl: check for a null key before strcasecmp'ing it
  dma-mapping: fix return type of dma_set_max_seg_size()
  sparc: Correct ctx->saw_frame_pointer logic.
  f2fs: fix to allow node segment for GC by ioctl path
  ARM: dts: rockchip: Assign the proper GPIO clocks for rv1108
  ARM: dts: rockchip: Fix the PMU interrupt number for rv1108
  f2fs: change segment to section in f2fs_ioc_gc_range
  f2fs: fix count of seg_freed to make sec_freed correct
  ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion()
  usb: dwc3: don't log probe deferrals; but do log other error codes
  usb: dwc3: debugfs: Properly print/set link state for HS
  dmaengine: dw-dmac: implement dma protection control setting
  dmaengine: coh901318: Remove unused variable
  dmaengine: coh901318: Fix a double-lock bug
  media: cec: report Vendor ID after initialization
  media: pulse8-cec: return 0 when invalidating the logical address
  ARM: dts: exynos: Use Samsung SoC specific compatible for DWC2 module
  rtc: dt-binding: abx80x: fix resistance scale
  rtc: max8997: Fix the returned value in case of error in 'max8997_rtc_read_alarm()'
  math-emu/soft-fp.h: (_FP_ROUND_ZERO) cast 0 to void to fix warning
  net/smc: use after free fix in smc_wr_tx_put_slot()
  MIPS: OCTEON: octeon-platform: fix typing
  iomap: sub-block dio needs to zeroout beyond EOF
  net-next/hinic:fix a bug in set mac address
  regulator: Fix return value of _set_load() stub
  clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328
  clk: rockchip: fix I2S1 clock gate register for rk3328
  mm/vmstat.c: fix NUMA statistics updates
  Staging: iio: adt7316: Fix i2c data reading, set the data field
  pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues
  crypto: bcm - fix normal/non key hash algorithm failure
  crypto: ecc - check for invalid values in the key verification test
  scsi: zfcp: drop default switch case which might paper over missing case
  net: dsa: mv88e6xxx: Work around mv886e6161 SERDES missing MII_PHYSID2
  MIPS: SiByte: Enable ZONE_DMA32 for LittleSur
  dlm: fix missing idr_destroy for recover_idr
  ARM: dts: rockchip: Fix rk3288-rock2 vcc_flash name
  clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering
  clk: rockchip: fix rk3188 sclk_smc gate data
  i40e: don't restart nway if autoneg not supported
  rtc: s3c-rtc: Avoid using broken ALMYEAR register
  net: ethernet: ti: cpts: correct debug for expired txq skb
  extcon: max8997: Fix lack of path setting in USB device mode
  dlm: fix possible call to kfree() for non-initialized pointer
  clk: sunxi-ng: a64: Fix gate bit of DSI DPHY
  net/mlx5: Release resource on error flow
  ARM: 8813/1: Make aligned 2-byte getuser()/putuser() atomic on ARMv6+
  iwlwifi: mvm: Send non offchannel traffic via AP sta
  iwlwifi: mvm: synchronize TID queue removal
  cxgb4vf: fix memleak in mac_hlist initialization
  serial: core: Allow processing sysrq at port unlock time
  i2c: core: fix use after free in of_i2c_notify
  net: ep93xx_eth: fix mismatch of request_mem_region in remove
  rsxx: add missed destroy_workqueue calls in remove
  ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed()
  sched/core: Avoid spurious lock dependencies
  Input: cyttsp4_core - fix use after free bug
  xfrm: release device reference for invalid state
  NFC: nxp-nci: Fix NULL pointer dereference after I2C communication error
  audit_get_nd(): don't unlock parent too early
  exportfs_decode_fh(): negative pinned may become positive without the parent locked
  iwlwifi: pcie: don't consider IV len in A-MSDU
  RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN
  autofs: fix a leak in autofs_expire_indirect()
  serial: ifx6x60: add missed pm_runtime_disable
  serial: serial_core: Perform NULL checks for break_ctl ops
  serial: pl011: Fix DMA ->flush_buffer()
  tty: serial: msm_serial: Fix flow control
  tty: serial: fsl_lpuart: use the sg count from dma_map_sg
  usb: gadget: u_serial: add missing port entry locking
  arm64: tegra: Fix 'active-low' warning for Jetson TX1 regulator
  rsi: release skb if rsi_prepare_beacon fails
  ANDROID: staging: android: ion: Fix build when CONFIG_ION_SYSTEM_HEAP=n
  ANDROID: staging: android: ion: Expose total heap and pool sizes via sysfs
  UPSTREAM: include/linux/slab.h: fix sparse warning in kmalloc_type()
  UPSTREAM: mm, slab: shorten kmalloc cache names for large sizes
  UPSTREAM: mm, proc: add KReclaimable to /proc/meminfo
  BACKPORT: mm: rename and change semantics of nr_indirectly_reclaimable_bytes
  UPSTREAM: dcache: allocate external names from reclaimable kmalloc caches
  BACKPORT: mm, slab/slub: introduce kmalloc-reclaimable caches
  UPSTREAM: mm, slab: combine kmalloc_caches and kmalloc_dma_caches
  ANDROID: kbuild: disable SCS by default in allmodconfig
  ANDROID: arm64: cuttlefish_defconfig: enable LTO, CFI, and SCS
  BACKPORT: FROMLIST: arm64: implement Shadow Call Stack
  FROMLIST: arm64: disable SCS for hypervisor code
  BACKPORT: FROMLIST: arm64: vdso: disable Shadow Call Stack
  FROMLIST: arm64: preserve x18 when CPU is suspended
  FROMLIST: arm64: reserve x18 from general allocation with SCS
  FROMLIST: arm64: disable function graph tracing with SCS
  FROMLIST: scs: add support for stack usage debugging
  FROMLIST: scs: add accounting
  FROMLIST: add support for Clang's Shadow Call Stack (SCS)
  FROMLIST: arm64: kernel: avoid x18 in __cpu_soft_restart
  FROMLIST: arm64: kvm: stop treating register x18 as caller save
  FROMLIST: arm64/lib: copy_page: avoid x18 register in assembler code
  FROMLIST: arm64: mm: avoid x18 in idmap_kpti_install_ng_mappings
  ANDROID: use non-canonical CFI jump tables
  ANDROID: arm64: add __nocfi to __apply_alternatives
  ANDROID: arm64: add __pa_function
  ANDROID: arm64: allow ThinLTO to be selected
  ANDROID: soc/tegra: disable ARCH_TEGRA_210_SOC with LTO
  FROMLIST: arm64: fix alternatives with LLVM's integrated assembler
  ANDROID: irqchip/gic-v3: rename gic_of_init to work around a ThinLTO+CFI bug
  ANDROID: kbuild: limit LTO inlining
  ANDROID: kbuild: merge module sections with LTO
  ANDROID: init: ensure initcall ordering with LTO
  Revert "ANDROID: HACK: init: ensure initcall ordering with LTO"
  ANDROID: add support for ThinLTO
  ANDROID: Switch to LLD
  ANDROID: clang: update to 10.0.1
  ANDROID: arm64: add atomic_ll_sc.o to obj-y if using lld
  ANDROID: enable ARM64_ERRATUM_843419 by default with LTO_CLANG
  ANDROID: kbuild: allow lld to be used with CONFIG_LTO_CLANG
  ANDROID: Makefile: set -Qunused-arguments sooner
  BACKPORT: FROMLIST: Makefile: lld: tell clang to use lld
  BACKPORT: FROMLIST: Makefile: lld: set -O2 linker flag when linking with LLD
  ANDROID: scripts/Kbuild: add ld-name support for ld.lld
  UPSTREAM: bpf: permit multiple bpf attachments for a single perf event
  UPSTREAM: bpf: use the same condition in perf event set/free bpf handler
  UPSTREAM: bpf: multi program support for cgroup+bpf
  BACKPORT: serdev: make synchronous write return bytes written
  UPSTREAM: gnss: serial: fix synchronous write timeout
  UPSTREAM: gnss: fix potential error pointer dereference
  BACKPORT: gnss: add receiver type support
  UPSTREAM: dt-bindings: add generic gnss binding
  UPSTREAM: gnss: add generic serial driver
  ANDROID: cuttlefish_defconfig: Enable CONFIG_SERIAL_DEV_BUS
  ANDROID: cuttlefish_defconfig: Enable CONFIG_GNSS
  BACKPORT: gnss: add GNSS receiver subsystem
  UPSTREAM: arm64: Validate tagged addresses in access_ok() called from kernel threads
  BACKPORT: ARM: 8905/1: Emit __gnu_mcount_nc when using Clang 10.0.0 or newer
  fs/lock: skip lock owner pid translation in case we are in init_pid_ns
  f2fs: stop GC when the victim becomes fully valid
  f2fs: expose main_blkaddr in sysfs
  f2fs: choose hardlimit when softlimit is larger than hardlimit in f2fs_statfs_project()
  f2fs: Fix deadlock in f2fs_gc() context during atomic files handling
  f2fs: show f2fs instance in printk_ratelimited
  f2fs: fix potential overflow
  f2fs: fix to update dir's i_pino during cross_rename
  f2fs: support aligned pinned file
  f2fs: avoid kernel panic on corruption test
  f2fs: fix wrong description in document
  f2fs: cache global IPU bio
  f2fs: fix to avoid memory leakage in f2fs_listxattr
  f2fs: check total_segments from devices in raw_super
  f2fs: update multi-dev metadata in resize_fs
  f2fs: mark recovery flag correctly in read_raw_super_block()
  f2fs: fix to update time in lazytime mode
  vfs: don't allow writes to swap files
  mm: set S_SWAPFILE on blockdev swap devices

Conflicts:
	drivers/Makefile
	drivers/staging/android/ion/ion.c
	drivers/staging/android/ion/ion.h
	drivers/staging/android/ion/ion_page_pool.c
	drivers/usb/dwc3/core.c
	drivers/usb/dwc3/debugfs.c
	drivers/usb/dwc3/ep0.c
	fs/f2fs/data.c
	include/linux/mmzone.h
	mm/vmstat.c

Discarded below patches, as usb patches not applicable and block patch
causing stability issues:
	usb: dwc3: ep0: Clear started flag on completion
	usb: dwc3: don't log probe deferrals; but do log other error codes
	block: fix single range discard merge

Fixed build errors in below files:
	drivers/gpu/msm/kgsl_pool.c
	drivers/staging/android/ion/ion_page_pool.c
	kernel/taskstats.c

Fixed bootup issue in:
	arch/arm64/mm/proc.s

Change-Id: I0a16824c251c14c63af78f9cfd9ede5e82c427fc
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2020-04-17 17:47:52 +05:30
Blagovest Kolenichev
8ad87c80a2 Merge android-4.14.151 (2bb70f4) into msm-4.14 
* refs/heads/tmp-2bb70f4:
  ANDROID: virtio: virtio_input: Set the amount of multitouch slots in virtio input
  ANDROID: dummy_cpufreq: Implement get()
  rtlwifi: Fix potential overflow on P2P code
  ANDROID: cpufreq: create dummy cpufreq driver
  ANDROID: Allow DRM_IOCTL_MODE_*_DUMB for render clients.
  ANDROID: sdcardfs: evict dentries on fscrypt key removal
  ANDROID: fscrypt: add key removal notifier chain
  ANDROID: Move from clang r353983c to r365631c
  ANDROID: move up spin_unlock_bh() ahead of remove_proc_entry()
  BACKPORT: arm64: tags: Preserve tags for addresses translated via TTBR1
  UPSTREAM: arm64: memory: Implement __tag_set() as common function
  UPSTREAM: arm64/mm: fix variable 'tag' set but not used
  UPSTREAM: arm64: avoid clang warning about self-assignment
  ANDROID: refactor build.config files to remove duplication
  UPSTREAM: mm: vmalloc: show number of vmalloc pages in /proc/meminfo
  BACKPORT: PM/sleep: Expose suspend stats in sysfs
  UPSTREAM: power: supply: Init device wakeup after device_add()
  UPSTREAM: PM / wakeup: Unexport wakeup_source_sysfs_{add,remove}()
  UPSTREAM: PM / wakeup: Register wakeup class kobj after device is added
  BACKPORT: PM / wakeup: Fix sysfs registration error path
  BACKPORT: PM / wakeup: Show wakeup sources stats in sysfs
  UPSTREAM: PM / wakeup: Print warn if device gets enabled as wakeup source during sleep
  UPSTREAM: PM / wakeup: Use wakeup_source_register() in wakelock.c
  UPSTREAM: PM / wakeup: Only update last time for active wakeup sources
  UPSTREAM: PM / core: Add support to skip power management in device/driver model
  cuttlefish-4.14: Enable CONFIG_DM_SNAPSHOT
  ANDROID: cuttlefish_defconfig: Enable BPF_JIT and BPF_JIT_ALWAYS_ON
  UPSTREAM: netfilter: xt_IDLETIMER: fix sysfs callback function type
  UPSTREAM: mm: untag user pointers in mmap/munmap/mremap/brk
  UPSTREAM: vfio/type1: untag user pointers in vaddr_get_pfn
  UPSTREAM: media/v4l2-core: untag user pointers in videobuf_dma_contig_user_get
  UPSTREAM: drm/radeon: untag user pointers in radeon_gem_userptr_ioctl
  BACKPORT: drm/amdgpu: untag user pointers
  UPSTREAM: userfaultfd: untag user pointers
  UPSTREAM: fs/namespace: untag user pointers in copy_mount_options
  UPSTREAM: mm: untag user pointers in get_vaddr_frames
  UPSTREAM: mm: untag user pointers in mm/gup.c
  BACKPORT: mm: untag user pointers passed to memory syscalls
  BACKPORT: lib: untag user pointers in strn*_user
  UPSTREAM: arm64: Fix reference to docs for ARM64_TAGGED_ADDR_ABI
  UPSTREAM: selftests, arm64: add kernel headers path for tags_test
  BACKPORT: arm64: Relax Documentation/arm64/tagged-pointers.rst
  UPSTREAM: arm64: Define Documentation/arm64/tagged-address-abi.rst
  UPSTREAM: arm64: Change the tagged_addr sysctl control semantics to only prevent the opt-in
  UPSTREAM: arm64: Tighten the PR_{SET, GET}_TAGGED_ADDR_CTRL prctl() unused arguments
  UPSTREAM: selftests, arm64: fix uninitialized symbol in tags_test.c
  UPSTREAM: arm64: mm: Really fix sparse warning in untagged_addr()
  UPSTREAM: selftests, arm64: add a selftest for passing tagged pointers to kernel
  BACKPORT: arm64: Introduce prctl() options to control the tagged user addresses ABI
  UPSTREAM: thread_info: Add update_thread_flag() helpers
  UPSTREAM: arm64: untag user pointers in access_ok and __uaccess_mask_ptr
  UPSTREAM: uaccess: add noop untagged_addr definition
  BACKPORT: block: annotate refault stalls from IO submission
  ext4: add verity flag check for dax
  ANDROID: usb: gadget: Fix dependency for f_accessory
  ANDROID: sched: fair: balance for single core cluster
  UPSTREAM: mm/kasan: fix false positive invalid-free reports with CONFIG_KASAN_SW_TAGS=y
  f2fs: add a condition to detect overflow in f2fs_ioc_gc_range()
  f2fs: fix to add missing F2FS_IO_ALIGNED() condition
  f2fs: fix to fallback to buffered IO in IO aligned mode
  f2fs: fix to handle error path correctly in f2fs_map_blocks
  f2fs: fix extent corrupotion during directIO in LFS mode
  f2fs: check all the data segments against all node ones
  f2fs: Add a small clarification to CONFIG_FS_F2FS_FS_SECURITY
  f2fs: fix inode rwsem regression
  f2fs: fix to avoid accessing uninitialized field of inode page in is_alive()
  f2fs: avoid infinite GC loop due to stale atomic files
  f2fs: Fix indefinite loop in f2fs_gc()
  f2fs: convert inline_data in prior to i_size_write
  f2fs: fix error path of f2fs_convert_inline_page()
  f2fs: add missing documents of reserve_root/resuid/resgid
  f2fs: fix flushing node pages when checkpoint is disabled
  f2fs: enhance f2fs_is_checkpoint_ready()'s readability
  f2fs: clean up __bio_alloc()'s parameter
  f2fs: fix wrong error injection path in inc_valid_block_count()
  f2fs: fix to writeout dirty inode during node flush
  f2fs: optimize case-insensitive lookups
  f2fs: introduce f2fs_match_name() for cleanup
  f2fs: Fix indefinite loop in f2fs_gc()
  f2fs: allocate memory in batch in build_sit_info()
  f2fs: fix to avoid data corruption by forbidding SSR overwrite
  f2fs: Fix build error while CONFIG_NLS=m
  Revert "f2fs: avoid out-of-range memory access"
  f2fs: cleanup the code in build_sit_entries.
  f2fs: fix wrong available node count calculation
  f2fs: remove duplicate code in f2fs_file_write_iter
  f2fs: fix to migrate blocks correctly during defragment
  f2fs: use wrapped f2fs_cp_error()
  f2fs: fix to use more generic EOPNOTSUPP
  f2fs: use wrapped IS_SWAPFILE()
  f2fs: Support case-insensitive file name lookups
  f2fs: include charset encoding information in the superblock
  fs: Reserve flag for casefolding
  f2fs: fix to avoid call kvfree under spinlock
  fs: f2fs: Remove unnecessary checks of SM_I(sbi) in update_general_status()
  f2fs: disallow direct IO in atomic write
  f2fs: fix to handle quota_{on,off} correctly
  f2fs: fix to detect cp error in f2fs_setxattr()
  f2fs: fix to spread f2fs_is_checkpoint_ready()
  f2fs: support fiemap() for directory inode
  f2fs: fix to avoid discard command leak
  f2fs: fix to avoid tagging SBI_QUOTA_NEED_REPAIR incorrectly
  f2fs: fix to drop meta/node pages during umount
  f2fs: disallow switching io_bits option during remount
  f2fs: fix panic of IO alignment feature
  f2fs: introduce {page,io}_is_mergeable() for readability
  f2fs: fix livelock in swapfile writes
  f2fs: add fs-verity support
  ext4: update on-disk format documentation for fs-verity
  ext4: add fs-verity read support
  ext4: add basic fs-verity support
  fs-verity: support builtin file signatures
  fs-verity: add SHA-512 support
  fs-verity: implement FS_IOC_MEASURE_VERITY ioctl
  fs-verity: implement FS_IOC_ENABLE_VERITY ioctl
  fs-verity: add data verification hooks for ->readpages()
  fs-verity: add the hook for file ->setattr()
  fs-verity: add the hook for file ->open()
  fs-verity: add inode and superblock fields
  fs-verity: add Kconfig and the helper functions for hashing
  fs: uapi: define verity bit for FS_IOC_GETFLAGS
  fs-verity: add UAPI header
  fs-verity: add MAINTAINERS file entry
  fs-verity: add a documentation file
  ext4: fix kernel oops caused by spurious casefold flag
  ext4: fix coverity warning on error path of filename setup
  ext4: optimize case-insensitive lookups
  ext4: fix dcache lookup of !casefolded directories
  unicode: update to Unicode 12.1.0 final
  unicode: add missing check for an error return from utf8lookup()
  ext4: export /sys/fs/ext4/feature/casefold if Unicode support is present
  unicode: refactor the rule for regenerating utf8data.h
  ext4: Support case-insensitive file name lookups
  ext4: include charset encoding information in the superblock
  unicode: update unicode database unicode version 12.1.0
  unicode: introduce test module for normalized utf8 implementation
  unicode: implement higher level API for string handling
  unicode: reduce the size of utf8data[]
  unicode: introduce code for UTF-8 normalization
  unicode: introduce UTF-8 character database
  ext4 crypto: fix to check feature status before get policy
  fscrypt: document the new ioctls and policy version
  ubifs: wire up new fscrypt ioctls
  f2fs: wire up new fscrypt ioctls
  ext4: wire up new fscrypt ioctls
  fscrypt: require that key be added when setting a v2 encryption policy
  fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS ioctl
  fscrypt: allow unprivileged users to add/remove keys for v2 policies
  fscrypt: v2 encryption policy support
  fscrypt: add an HKDF-SHA512 implementation
  fscrypt: add FS_IOC_GET_ENCRYPTION_KEY_STATUS ioctl
  fscrypt: add FS_IOC_REMOVE_ENCRYPTION_KEY ioctl
  fscrypt: add FS_IOC_ADD_ENCRYPTION_KEY ioctl
  fscrypt: rename keyinfo.c to keysetup.c
  fscrypt: move v1 policy key setup to keysetup_v1.c
  fscrypt: refactor key setup code in preparation for v2 policies
  fscrypt: rename fscrypt_master_key to fscrypt_direct_key
  fscrypt: add ->ci_inode to fscrypt_info
  fscrypt: use FSCRYPT_* definitions, not FS_*
  fscrypt: use FSCRYPT_ prefix for uapi constants
  fs, fscrypt: move uapi definitions to new header <linux/fscrypt.h>
  fscrypt: use ENOPKG when crypto API support missing
  fscrypt: improve warnings for missing crypto API support
  fscrypt: improve warning messages for unsupported encryption contexts
  fscrypt: make fscrypt_msg() take inode instead of super_block
  fscrypt: clean up base64 encoding/decoding
  fscrypt: remove loadable module related code
  ANDROID: arm64: bpf: implement arch_bpf_jit_check_func
  ANDROID: bpf: validate bpf_func when BPF_JIT is enabled with CFI
  UPSTREAM: kcm: use BPF_PROG_RUN
  UPSTREAM: psi: get poll_work to run when calling poll syscall next time
  UPSTREAM: sched/psi: Do not require setsched permission from the trigger creator
  UPSTREAM: sched/psi: Reduce psimon FIFO priority
  BACKPORT: arm64: Add support for relocating the kernel with RELR relocations
  ANDROID: Log which device failed to suspend in dpm_suspend_start()
  ANDROID: Revert "ANDROID: sched: Disallow WALT with CFS bandwidth control"
  ANDROID: sched: WALT: Add support for CFS_BANDWIDTH
  ANDROID: sched: WALT: Refactor cumulative runnable average fixup
  ANDROID: sched: Disallow WALT with CFS bandwidth control
  fscrypt: document testing with xfstests
  fscrypt: remove selection of CONFIG_CRYPTO_SHA256
  fscrypt: remove unnecessary includes of ratelimit.h
  fscrypt: don't set policy for a dead directory
  fscrypt: decrypt only the needed blocks in __fscrypt_decrypt_bio()
  fscrypt: support decrypting multiple filesystem blocks per page
  fscrypt: introduce fscrypt_decrypt_block_inplace()
  fscrypt: handle blocksize < PAGE_SIZE in fscrypt_zeroout_range()
  fscrypt: support encrypting multiple filesystem blocks per page
  fscrypt: introduce fscrypt_encrypt_block_inplace()
  fscrypt: clean up some BUG_ON()s in block encryption/decryption
  fscrypt: rename fscrypt_do_page_crypto() to fscrypt_crypt_block()
  fscrypt: remove the "write" part of struct fscrypt_ctx
  fscrypt: simplify bounce page handling
  ANDROID: fiq_debugger: remove
  UPSTREAM: lib/test_meminit.c: use GFP_ATOMIC in RCU critical section
  UPSTREAM: mm: slub: Fix slab walking for init_on_free
  UPSTREAM: lib/test_meminit.c: minor test fixes
  UPSTREAM: lib/test_meminit.c: fix -Wmaybe-uninitialized false positive
  UPSTREAM: lib: introduce test_meminit module
  UPSTREAM: mm: init: report memory auto-initialization features at boot time
  BACKPORT: mm: security: introduce init_on_alloc=1 and init_on_free=1 boot options
  UPSTREAM: arm64: move jump_label_init() before parse_early_param()
  ANDROID: Add a tracepoint for mapping inode to full path
  BACKPORT: arch: add pidfd and io_uring syscalls everywhere
  UPSTREAM: dma-buf: add show_fdinfo handler
  UPSTREAM: dma-buf: add DMA_BUF_SET_NAME ioctls
  BACKPORT: dma-buf: give each buffer a full-fledged inode
  ANDROID: fix kernelci build-break
  UPSTREAM: drm/virtio: Fix cache entry creation race.
  UPSTREAM: drm/virtio: Wake up all waiters when capset response comes in.
  UPSTREAM: drm/virtio: Ensure cached capset entries are valid before copying.
  UPSTREAM: drm/virtio: use u64_to_user_ptr macro
  UPSTREAM: drm/virtio: remove irrelevant DRM_UNLOCKED flag
  UPSTREAM: drm/virtio: Remove redundant return type
  UPSTREAM: drm/virtio: allocate fences with GFP_KERNEL
  UPSTREAM: drm/virtio: add trace events for commands
  UPSTREAM: drm/virtio: trace drm_fence_emit
  BACKPORT: drm/virtio: set seqno for dma-fence
  BACKPORT: drm/virtio: move drm_connector_update_edid_property() call
  UPSTREAM: drm/virtio: add missing drm_atomic_helper_shutdown() call.
  BACKPORT: drm/virtio: rework resource creation workflow.
  UPSTREAM: drm/virtio: params struct for virtio_gpu_cmd_create_resource_3d()
  BACKPORT: drm/virtio: params struct for virtio_gpu_cmd_create_resource()
  BACKPORT: drm/virtio: use struct to pass params to virtio_gpu_object_create()
  UPSTREAM: drm/virtio: add virtio-gpu-features debugfs file.
  UPSTREAM: drm/virtio: remove set but not used variable 'vgdev'
  BACKPORT: drm/virtio: implement prime export
  UPSTREAM: drm/virtio: remove prime pin/unpin callbacks.
  UPSTREAM: drm/virtio: implement prime mmap
  UPSTREAM: drm/virtio: drop virtio_gpu_fence_cleanup()
  UPSTREAM: drm/virtio: fix pageflip flush
  UPSTREAM: drm/virtio: log error responses
  UPSTREAM: drm/virtio: Add missing virtqueue reset
  UPSTREAM: drm/virtio: Remove incorrect kfree()
  UPSTREAM: drm/virtio: virtio_gpu_cmd_resource_create_3d: drop unused fence arg
  UPSTREAM: drm/virtio: fence: pass plain pointer
  BACKPORT: drm/virtio: add edid support
  UPSTREAM: virtio-gpu: add VIRTIO_GPU_F_EDID feature
  BACKPORT: drm/virtio: fix memory leak of vfpriv on error return path
  UPSTREAM: drm/virtio: bump driver version after explicit synchronization addition
  UPSTREAM: drm/virtio: add in/out fence support for explicit synchronization
  UPSTREAM: drm/virtio: add uapi for in and out explicit fences
  UPSTREAM: drm/virtio: add virtio_gpu_alloc_fence()
  UPSTREAM: drm/virtio: Handle error from virtio_gpu_resource_id_get
  UPSTREAM: gpu/drm/virtio/virtgpu_vq.c: Use kmem_cache_zalloc
  UPSTREAM: drm/virtio: fix resource id handling
  UPSTREAM: drm/virtio: drop resource_id argument.
  UPSTREAM: drm/virtio: use virtio_gpu_object->hw_res_handle in virtio_gpu_resource_create_ioctl()
  UPSTREAM: drm/virtio: use virtio_gpu_object->hw_res_handle in virtio_gpu_mode_dumb_create()
  UPSTREAM: drm/virtio: use virtio_gpu_object->hw_res_handle in virtio_gpufb_create()
  BACKPORT: drm/virtio: track created object state
  UPSTREAM: drm/virtio: document drm_dev_set_unique workaround
  UPSTREAM: virtio: Support prime objects vmap/vunmap
  UPSTREAM: virtio: Rework virtio_gpu_object_kmap()
  UPSTREAM: virtio: Add virtio_gpu_object_kunmap()
  UPSTREAM: drm/virtio: pass virtio_gpu_object to virtio_gpu_cmd_transfer_to_host_{2d, 3d}
  UPSTREAM: drm/virtio: add dma sync for dma mapped virtio gpu framebuffer pages
  UPSTREAM: drm/virtio: Remove set but not used variable 'bo'
  UPSTREAM: drm/virtio: add iommu support.
  UPSTREAM: drm/virtio: add virtio_gpu_object_detach() function
  UPSTREAM: drm/virtio: track virtual output state
  UPSTREAM: drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset()
  UPSTREAM: gpu: drm: virtio: code cleanup
  UPSTREAM: drm/virtio: Place GEM BOs in drm_framebuffer
  UPSTREAM: drm/virtio: fix mode_valid's return type
  UPSTREAM: drm/virtio: Add spaces around operators
  UPSTREAM: drm/virtio: Remove multiple blank lines
  UPSTREAM: drm/virtio: Replace 'unsigned' for 'unsigned int'
  UPSTREAM: drm/virtio: Remove return from void function
  UPSTREAM: drm/virtio: Add */ in block comments to separate line
  UPSTREAM: drm/virtio: Add blank line after variable declarations
  UPSTREAM: drm/virtio: Add tabs at the start of a line
  UPSTREAM: drm/virtio: Don't return invalid caps on timeout
  UPSTREAM: virtgpu: remove redundant task_comm copying
  UPSTREAM: drm/virtio: add create_handle support.
  UPSTREAM: drm: virtio: replace reference/unreference with get/put
  UPSTREAM: drm/virtio: Replace instances of reference/unreference with get/put
  UPSTREAM: drm: byteorder: add DRM_FORMAT_HOST_*
  UPSTREAM: drm: add drm_connector_attach_edid_property()
  BACKPORT: drm/prime: Add drm_gem_prime_mmap()
  f2fs: fix build error on android tracepoints
  ANDROID: cuttlefish_defconfig: Enable CAN/VCAN
  UPSTREAM: pidfd: fix a poll race when setting exit_state
  BACKPORT: arch: wire-up pidfd_open()
  BACKPORT: pid: add pidfd_open()
  UPSTREAM: pidfd: add polling support
  UPSTREAM: signal: improve comments
  UPSTREAM: fork: do not release lock that wasn't taken
  BACKPORT: signal: support CLONE_PIDFD with pidfd_send_signal
  BACKPORT: clone: add CLONE_PIDFD
  UPSTREAM: Make anon_inodes unconditional
  UPSTREAM: signal: use fdget() since we don't allow O_PATH
  UPSTREAM: signal: don't silently convert SI_USER signals to non-current pidfd
  BACKPORT: signal: add pidfd_send_signal() syscall
  UPSTREAM: net-ipv6-ndisc: add support for RFC7710 RA Captive Portal Identifier
  ANDROID: fix up 9p filesystem due to CFI non-upstream patches
  f2fs: use EINVAL for superblock with invalid magic
  f2fs: fix to read source block before invalidating it
  f2fs: remove redundant check from f2fs_setflags_common()
  f2fs: use generic checking function for FS_IOC_FSSETXATTR
  f2fs: use generic checking and prep function for FS_IOC_SETFLAGS
  ubifs, fscrypt: cache decrypted symlink target in ->i_link
  vfs: use READ_ONCE() to access ->i_link
  fs, fscrypt: clear DCACHE_ENCRYPTED_NAME when unaliasing directory
  ANDROID: (arm64) cuttlefish_defconfig: enable CONFIG_CPU_FREQ_TIMES
  ANDROID: xfrm: remove in_compat_syscall() checks
  ANDROID: enable CONFIG_RTC_DRV_TEST on cuttlefish
  UPSTREAM: binder: Set end of SG buffer area properly.
  ANDROID: x86_64_cuttlefish_defconfig: enable CONFIG_CPU_FREQ_TIMES
  ANDROID: f2fs: add android fsync tracepoint
  ANDROID: f2fs: fix wrong android tracepoint
  fscrypt: cache decrypted symlink target in ->i_link
  fscrypt: fix race where ->lookup() marks plaintext dentry as ciphertext
  fscrypt: only set dentry_operations on ciphertext dentries
  fscrypt: fix race allowing rename() and link() of ciphertext dentries
  fscrypt: clean up and improve dentry revalidation
  fscrypt: use READ_ONCE() to access ->i_crypt_info
  fscrypt: remove WARN_ON_ONCE() when decryption fails
  fscrypt: drop inode argument from fscrypt_get_ctx()
  f2fs: improve print log in f2fs_sanity_check_ckpt()
  f2fs: avoid out-of-range memory access
  f2fs: fix to avoid long latency during umount
  f2fs: allow all the users to pin a file
  f2fs: support swap file w/ DIO
  f2fs: allocate blocks for pinned file
  f2fs: fix is_idle() check for discard type
  f2fs: add a rw_sem to cover quota flag changes
  f2fs: set SBI_NEED_FSCK for xattr corruption case
  f2fs: use generic EFSBADCRC/EFSCORRUPTED
  f2fs: Use DIV_ROUND_UP() instead of open-coding
  f2fs: print kernel message if filesystem is inconsistent
  f2fs: introduce f2fs_<level> macros to wrap f2fs_printk()
  f2fs: avoid get_valid_blocks() for cleanup
  f2fs: ioctl for removing a range from F2FS
  f2fs: only set project inherit bit for directory
  f2fs: separate f2fs i_flags from fs_flags and ext4 i_flags
  UPSTREAM: kasan: initialize tag to 0xff in __kasan_kmalloc
  UPSTREAM: x86/boot: Provide KASAN compatible aliases for string routines
  UPSTREAM: mm/kasan: Remove the ULONG_MAX stack trace hackery
  UPSTREAM: x86/uaccess, kasan: Fix KASAN vs SMAP
  UPSTREAM: x86/uaccess: Introduce user_access_{save,restore}()
  UPSTREAM: kasan: fix variable 'tag' set but not used warning
  UPSTREAM: Revert "x86_64: Increase stack size for KASAN_EXTRA"
  UPSTREAM: kasan: fix coccinelle warnings in kasan_p*_table
  UPSTREAM: kasan: fix kasan_check_read/write definitions
  BACKPORT: kasan: remove use after scope bugs detection.
  BACKPORT: kasan: turn off asan-stack for clang-8 and earlier
  UPSTREAM: slub: fix a crash with SLUB_DEBUG + KASAN_SW_TAGS
  UPSTREAM: kasan, slab: remove redundant kasan_slab_alloc hooks
  UPSTREAM: kasan, slab: make freelist stored without tags
  UPSTREAM: kasan, slab: fix conflicts with CONFIG_HARDENED_USERCOPY
  UPSTREAM: kasan: prevent tracing of tags.c
  UPSTREAM: kasan: fix random seed generation for tag-based mode
  UPSTREAM: slub: fix SLAB_CONSISTENCY_CHECKS + KASAN_SW_TAGS
  UPSTREAM: kasan, slub: fix more conflicts with CONFIG_SLAB_FREELIST_HARDENED
  UPSTREAM: kasan, slub: fix conflicts with CONFIG_SLAB_FREELIST_HARDENED
  UPSTREAM: kasan, slub: move kasan_poison_slab hook before page_address
  UPSTREAM: kasan, kmemleak: pass tagged pointers to kmemleak
  UPSTREAM: kasan: fix assigning tags twice
  UPSTREAM: kasan: mark file common so ftrace doesn't trace it
  UPSTREAM: kasan, arm64: remove redundant ARCH_SLAB_MINALIGN define
  UPSTREAM: kasan: fix krealloc handling for tag-based mode
  UPSTREAM: kasan: make tag based mode work with CONFIG_HARDENED_USERCOPY
  UPSTREAM: kasan, arm64: use ARCH_SLAB_MINALIGN instead of manual aligning
  BACKPORT: mm/memblock.c: skip kmemleak for kasan_init()
  UPSTREAM: kasan: add SPDX-License-Identifier mark to source files
  BACKPORT: kasan: update documentation
  UPSTREAM: kasan, arm64: select HAVE_ARCH_KASAN_SW_TAGS
  UPSTREAM: kasan: add __must_check annotations to kasan hooks
  BACKPORT: kasan, mm, arm64: tag non slab memory allocated via pagealloc
  UPSTREAM: kasan, arm64: add brk handler for inline instrumentation
  UPSTREAM: kasan: add hooks implementation for tag-based mode
  UPSTREAM: mm: move obj_to_index to include/linux/slab_def.h
  UPSTREAM: kasan: add bug reporting routines for tag-based mode
  UPSTREAM: kasan: split out generic_report.c from report.c
  UPSTREAM: kasan, mm: perform untagged pointers comparison in krealloc
  BACKPORT: kasan, arm64: enable top byte ignore for the kernel
  BACKPORT: kasan, arm64: fix up fault handling logic
  UPSTREAM: kasan: preassign tags to objects with ctors or SLAB_TYPESAFE_BY_RCU
  UPSTREAM: kasan, arm64: untag address in _virt_addr_is_linear
  UPSTREAM: kasan: add tag related helper functions
  BACKPORT: arm64: move untagged_addr macro from uaccess.h to memory.h
  BACKPORT: kasan: initialize shadow to 0xff for tag-based mode
  BACKPORT: kasan: rename kasan_zero_page to kasan_early_shadow_page
  BACKPORT: kasan, arm64: adjust shadow size for tag-based mode
  BACKPORT: kasan: add CONFIG_KASAN_GENERIC and CONFIG_KASAN_SW_TAGS
  UPSTREAM: kasan: rename source files to reflect the new naming scheme
  BACKPORT: kasan: move common generic and tag-based code to common.c
  UPSTREAM: kasan, slub: handle pointer tags in early_kmem_cache_node_alloc
  UPSTREAM: kasan, mm: change hooks signatures
  UPSTREAM: arm64: add EXPORT_SYMBOL_NOKASAN()
  BACKPORT: compiler: remove __no_sanitize_address_or_inline again
  UPSTREAM: mm/kasan/quarantine.c: make quarantine_lock a raw_spinlock_t
  UPSTREAM: lib/test_kasan.c: add tests for several string/memory API functions
  UPSTREAM: arm64: lib: use C string functions with KASAN enabled
  UPSTREAM: compiler: introduce __no_sanitize_address_or_inline
  UPSTREAM: arm64: Fix typo in a comment in arch/arm64/mm/kasan_init.c
  BACKPORT: kernel/memremap, kasan: make ZONE_DEVICE with work with KASAN
  BACKPORT: mm/mempool.c: remove unused argument in kasan_unpoison_element() and remove_element()
  UPSTREAM: kasan: only select SLUB_DEBUG with SYSFS=y
  UPSTREAM: kasan: depend on CONFIG_SLUB_DEBUG
  UPSTREAM: KASAN: prohibit KASAN+STRUCTLEAK combination
  UPSTREAM: arm64: kasan: avoid pfn_to_nid() before page array is initialized
  UPSTREAM: kasan: fix invalid-free test crashing the kernel
  UPSTREAM: kasan, slub: fix handling of kasan_slab_free hook
  UPSTREAM: slab, slub: skip unnecessary kasan_cache_shutdown()
  BACKPORT: kasan: make kasan_cache_create() work with 32-bit slab cache sizes
  UPSTREAM: locking/atomics: Instrument cmpxchg_double*()
  UPSTREAM: locking/atomics: Instrument xchg()
  UPSTREAM: locking/atomics: Simplify cmpxchg() instrumentation
  UPSTREAM: locking/atomics/x86: Reduce arch_cmpxchg64*() instrumentation
  UPSTREAM: locking/atomic, asm-generic, x86: Add comments for atomic instrumentation
  UPSTREAM: locking/atomic, asm-generic: Add KASAN instrumentation to atomic operations
  UPSTREAM: locking/atomic/x86: Switch atomic.h to use atomic-instrumented.h
  UPSTREAM: locking/atomic, asm-generic: Add asm-generic/atomic-instrumented.h
  BACKPORT: kasan, arm64: clean up KASAN_SHADOW_SCALE_SHIFT usage
  UPSTREAM: kasan: clean up KASAN_SHADOW_SCALE_SHIFT usage
  UPSTREAM: kasan: fix prototype author email address
  UPSTREAM: kasan: detect invalid frees
  UPSTREAM: kasan: unify code between kasan_slab_free() and kasan_poison_kfree()
  UPSTREAM: kasan: detect invalid frees for large mempool objects
  UPSTREAM: kasan: don't use __builtin_return_address(1)
  UPSTREAM: kasan: detect invalid frees for large objects
  UPSTREAM: kasan: add functions for unpoisoning stack variables
  UPSTREAM: kasan: add tests for alloca poisoning
  UPSTREAM: kasan: support alloca() poisoning
  UPSTREAM: kasan/Makefile: support LLVM style asan parameters
  BACKPORT: kasan: add compiler support for clang
  BACKPORT: fs: dcache: Revert "manually unpoison dname after allocation to shut up kasan's reports"
  UPSTREAM: fs/dcache: Use read_word_at_a_time() in dentry_string_cmp()
  UPSTREAM: lib/strscpy: Shut up KASAN false-positives in strscpy()
  UPSTREAM: compiler.h: Add read_word_at_a_time() function.
  UPSTREAM: compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
  UPSTREAM: arm64/mm/kasan: don't use vmemmap_populate() to initialize shadow
  UPSTREAM: Documentation/features/KASAN: mark KASAN as supported only on 64-bit on x86
  f2fs: Add option to limit required GC for checkpoint=disable
  f2fs: Fix accounting for unusable blocks
  f2fs: Fix root reserved on remount
  f2fs: Lower threshold for disable_cp_again
  f2fs: fix sparse warning
  f2fs: fix f2fs_show_options to show nodiscard mount option
  f2fs: add error prints for debugging mount failure
  f2fs: fix to do sanity check on segment bitmap of LFS curseg
  f2fs: add missing sysfs entries in documentation
  f2fs: fix to avoid deadloop if data_flush is on
  f2fs: always assume that the device is idle under gc_urgent
  f2fs: add bio cache for IPU
  f2fs: allow ssr block allocation during checkpoint=disable period
  f2fs: fix to check layout on last valid checkpoint park

Conflicts:
	arch/arm64/configs/cuttlefish_defconfig
	arch/arm64/include/asm/memory.h
	arch/arm64/include/asm/thread_info.h
	arch/x86/configs/x86_64_cuttlefish_defconfig
	build.config.common
	drivers/dma-buf/dma-buf.c
	fs/crypto/Makefile
	fs/crypto/bio.c
	fs/crypto/fscrypt_private.h
	fs/crypto/keyinfo.c
	fs/ext4/page-io.c
	fs/f2fs/data.c
	fs/f2fs/f2fs.h
	fs/f2fs/inode.c
	fs/f2fs/segment.c
	fs/userfaultfd.c
	include/linux/dma-buf.h
	include/linux/fscrypt.h
	include/linux/kasan.h
	include/linux/platform_data/ds2482.h
	include/uapi/linux/fs.h
	kernel/sched/deadline.c
	kernel/sched/fair.c
	kernel/sched/rt.c
	kernel/sched/sched.h
	kernel/sched/stop_task.c
	kernel/sched/walt.c
	kernel/sched/walt.h
	lib/test_kasan.c
	mm/kasan/common.c
	mm/kasan/kasan.h
	mm/kasan/report.c
	mm/slub.c
	mm/vmalloc.c
	scripts/Makefile.kasan

Changed below files to fix build errors:

	drivers/char/diag/diagchar_core.c
	drivers/power/supply/qcom/battery.c
	drivers/power/supply/qcom/smb1390-charger-psy.c
	drivers/power/supply/qcom/smb1390-charger.c
	drivers/power/supply/qcom/step-chg-jeita.c
	fs/crypto/fscrypt_ice.c
	fs/crypto/fscrypt_private.h
	fs/f2fs/inode.c
	include/uapi/linux/fscrypt.h
	net/qrtr/qrtr.c
	gen_headers_arm.bp
	gen_headers_arm64.bp

Extra added fixes in fs/f2fs/data.c for FBE:

  * Fix FBE regression with 9937c21ce1 ("f2fs: add bio cache
    for IPU"). The above commit is not setting the DUN for
    bio, due to which the bio's could get corrupted when FBE
    is enabled.

  * The f2fs_merge_page_bio() incorrectly uses the bio after
    it is submitted for IO when fscrypt_mergeable_bio()
    returns false. Fix it by making the submitted bio NULL
    so that a new bio gets allocated for the next/new page.

Ignored the below scheduler patches as they are already present:

  ANDROID: sched: WALT: Add support for CFS_BANDWIDTH
  ANDROID: sched: WALT: Refactor cumulative runnable average fixup

picked below patches from 4.14.159 and 4.14.172 versions to fix issues
  0e39aa9d5 "UPSTREAM: arm64: Validate tagged addresses in access_ok() called from kernel threads"
  352902650 "fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY"

Change-Id: I205b796ee125fa6e9d27fa30f881e4e8fe8bea29
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2020-04-07 15:22:27 +05:30
Blagovest Kolenichev
3c563a8a9e Merge android-4.14-q.156 (d343218) into msm-4.14 
* refs/heads/tmp-d343218:
  Linux 4.14.156
  mmc: tmio: fix SCC error handling to avoid false positive CRC error
  powerpc/time: Fix clockevent_decrementer initalisation for PR KVM
  tools: PCI: Fix broken pcitest compilation
  ARM: dts: omap5: Fix dual-role mode on Super-Speed port
  mlxsw: spectrum_switchdev: Check notification relevance based on upper device
  spi: rockchip: initialize dma_slave_config properly
  mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode
  mac80211: minstrel: fix CCK rate group streams value
  mac80211: minstrel: fix using short preamble CCK rates on HT clients
  misc: cxl: Fix possible null pointer dereference
  netfilter: nft_compat: do not dump private area
  hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros
  hwmon: (pwm-fan) Silence error on probe deferral
  pinctrl: gemini: Fix up TVC clock group
  orangefs: rate limit the client not running info message
  ARM: 8802/1: Call syscall_trace_exit even when system call skipped
  spi: spidev: Fix OF tree warning logic
  pinctrl: gemini: Mask and set properly
  spi: fsl-lpspi: Prevent FIFO under/overrun by default
  gpio: syscon: Fix possible NULL ptr usage
  x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error
  media: cx231xx: fix potential sign-extension overflow on large shift
  GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads
  media: isif: fix a NULL pointer dereference bug
  printk: Give error on attempt to set log buffer length to over 2G
  mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable
  backlight: lm3639: Unconditionally call led_classdev_unregister
  proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted()
  s390/kasan: avoid vdso instrumentation
  media: dw9714: Fix error handling in probe function
  bcache: recal cached_dev_sectors on detach
  reset: Fix potential use-after-free in __of_reset_control_get()
  fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper()
  fbdev: sbuslib: use checked version of put_user()
  mmc: tmio: Fix SCC error detection
  x86/fsgsbase/64: Fix ptrace() to read the FS/GS base accurately
  iwlwifi: mvm: don't send keys when entering D3
  ACPI / SBS: Fix rare oops when removing modules
  xfrm: use correct size to initialise sp->ovec
  crypto: mxs-dcp - Fix AES issues
  crypto: mxs-dcp - Fix SHA null hashes and output length
  dmaengine: rcar-dmac: set scatter/gather max segment size
  x86/olpc: Fix build error with CONFIG_MFD_CS5535=m
  kexec: Allocate decrypted control pages for kdump if SME is enabled
  remoteproc: Check for NULL firmwares in sysfs interface
  Input: silead - try firmware reload after unsuccessful resume
  Input: st1232 - set INPUT_PROP_DIRECT property
  media: cec-gpio: select correct Signal Free Time
  dmaengine: ioat: fix prototype of ioat_enumerate_channels
  NFSv4.x: fix lock recovery during delegation recall
  i2c: brcmstb: Allow enabling the driver on DSL SoCs
  clk: samsung: Use clk_hw API for calling clk framework from clk notifiers
  clk: samsung: exynos5420: Define CLK_SECKEY gate clock only or Exynos5420
  qtnfmac: drop error reports for out-of-bounds key indexes
  qtnfmac: pass sgi rate info flag to wireless core
  brcmfmac: fix full timeout waiting for action frame on-channel tx
  brcmfmac: reduce timeout for action frame scan
  cpu/SMT: State SMT is disabled even with nosmt and without "=force"
  mtd: physmap_of: Release resources on error
  USB: serial: cypress_m8: fix interrupt-out transfer length
  KVM: PPC: Book3S PR: Exiting split hack mode needs to fixup both PC and LR
  ALSA: hda/sigmatel - Disable automute for Elo VuPoint
  media: i2c: adv748x: Support probing a single output
  media: pxa_camera: Fix check for pdev->dev.of_node
  media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote
  ata: ep93xx: Use proper enums for directions
  powerpc/time: Use clockevents_register_device(), fixing an issue with large decrementer
  ACPICA: Never run _REG on system_memory and system_IO
  IB/mlx4: Avoid implicit enumerated type conversion
  IB/mthca: Fix error return code in __mthca_init_one()
  ixgbe: Fix crash with VFs and flow director on interface flap
  i40e: Use proper enum in i40e_ndo_set_vf_link_state
  ixgbe: Fix ixgbe TX hangs with XDP_TX beyond queue limit
  md: allow metadata updates while suspending an array - fix
  clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines
  clocksource/drivers/sh_cmt: Fixup for 64-bit machines
  tools: PCI: Fix compilation warnings
  PM / hibernate: Check the success of generating md5 digest before hibernation
  mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer
  ARM: dts: at91: at91sam9x5cm: fix addressable nand flash size
  ARM: dts: at91: sama5d4_xplained: fix addressable nand flash size
  powerpc/xive: Move a dereference below a NULL test
  powerpc/pseries: Fix how we iterate over the DTL entries
  powerpc/pseries: Fix DTL buffer registration
  cxgb4: Use proper enum in IEEE_FAUX_SYNC
  cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update
  mei: samples: fix a signedness bug in amt_host_if_call()
  sunrpc: Fix connect metrics
  clk: keystone: Enable TISCI clocks if K3_ARCH
  ext4: fix build error when DX_DEBUG is defined
  dmaengine: timb_dma: Use proper enum in td_prep_slave_sg
  dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction
  KVM: PPC: Inform the userspace about TCE update failures
  watchdog: w83627hf_wdt: Support NCT6796D, NCT6797D, NCT6798D
  irqchip/irq-mvebu-icu: Fix wrong private data retrieval
  nl80211: Fix a GET_KEY reply attribute
  usb: dwc3: gadget: Check ENBLSLPM before sending ep command
  usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status()
  ath9k: fix reporting calculated new FFT upper max
  ata: ahci_brcm: Allow using driver or DSL SoCs
  ath10k: fix vdev-start timeout on error
  arm64/numa: Report correct memblock range for the dummy node
  kvm: arm/arm64: Fix stage2_flush_memslot for 4 level page table
  iommu/io-pgtable-arm: Fix race handling in split_blk_unmap()
  IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds
  SUNRPC: Fix priority queue fairness
  ARM: dts: sun8i: h3-h5: ir register size should be the whole memory block
  f2fs: return correct errno in f2fs_gc
  net: hns3: Fix for netdev not up problem when setting mtu
  ARM: dts: omap5: enable OTG role for DWC3 controller
  ARM: dts: dra7: Enable workaround for errata i870 in PCIe host mode
  net: xen-netback: fix return type of ndo_start_xmit function
  net: ovs: fix return type of ndo_start_xmit function
  fbdev: Ditch fb_edid_add_monspecs
  arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault
  mm/memory_hotplug: fix updating the node span
  mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span()
  idr: Fix idr_get_next race with idr_remove
  net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size()
  Revert "OPP: Protect dev_list with opp_table lock"
  tee: optee: add missing of_node_put after of_device_is_available
  spi: mediatek: use correct mata->xfer_len when in fifo transfer

Conflicts:
	drivers/usb/dwc3/gadget.c

Change-Id: Icf9ef7b9ec7939c0c8fda1801aa0013d51a6830b
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2020-02-12 04:37:31 -08:00
Blagovest Kolenichev
0f3b8ff636 Merge android-4.14-q.151 (93b2755) into msm-4.14 
* refs/heads/tmp-93b2755:
  Linux 4.14.151
  RDMA/cxgb4: Do not dma memory off of the stack
  kvm: vmx: Basic APIC virtualization controls have three settings
  kvm: apic: Flush TLB after APIC mode/address change if VPIDs are in use
  kvm: vmx: Introduce lapic_mode enumeration
  KVM: X86: introduce invalidate_gpa argument to tlb flush
  PCI: PM: Fix pci_power_up()
  xen/netback: fix error path of xenvif_connect_data()
  cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown
  memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()'
  btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group()
  pinctrl: armada-37xx: swap polarity on LED group
  pinctrl: armada-37xx: fix control of pins 32 and up
  x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area
  CIFS: avoid using MID 0xFFFF
  parisc: Fix vmap memory leak in ioremap()/iounmap()
  xtensa: drop EXPORT_SYMBOL for outs*/ins*
  hugetlbfs: don't access uninitialized memmaps in pfn_range_valid_gigantic()
  mm/page_owner: don't access uninitialized memmaps when reading /proc/pagetypeinfo
  mm/slub: fix a deadlock in show_slab_objects()
  scsi: zfcp: fix reaction on bit error threshold notification
  fs/proc/page.c: don't access uninitialized memmaps in fs/proc/page.c
  drivers/base/memory.c: don't access uninitialized memmaps in soft_offline_page_store()
  drm/amdgpu: Bail earlier when amdgpu.cik_/si_support is not set to 1
  drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50
  mac80211: Reject malformed SSID elements
  cfg80211: wext: avoid copying malformed SSIDs
  ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting
  Input: synaptics-rmi4 - avoid processing unknown IRQs
  Input: da9063 - fix capability and drop KEY_SLEEP
  scsi: ch: Make it possible to open a ch device multiple times again
  scsi: core: try to get module before removing device
  scsi: core: save/restore command resid for error handling
  scsi: sd: Ignore a failure to sync cache due to lack of authorization
  staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS
  MIPS: tlbex: Fix build_restore_pagemask KScratch restore
  arm64/speculation: Support 'mitigations=' cmdline option
  arm64: Use firmware to detect CPUs that are not affected by Spectre-v2
  arm64: Force SSBS on context switch
  arm64: ssbs: Don't treat CPUs with SSBS as unaffected by SSB
  arm64: add sysfs vulnerability show for speculative store bypass
  arm64: add sysfs vulnerability show for spectre-v2
  arm64: Always enable spectre-v2 vulnerability detection
  arm64: Advertise mitigation of Spectre-v2, or lack thereof
  arm64: Provide a command line to disable spectre_v2 mitigation
  arm64: Always enable ssb vulnerability detection
  arm64: enable generic CPU vulnerabilites support
  arm64: add sysfs vulnerability show for meltdown
  arm64: Add sysfs vulnerability show for spectre-v1
  arm64: fix SSBS sanitization
  KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe
  arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3
  arm64: cpufeature: Detect SSBS and advertise to userspace
  arm64: Get rid of __smccc_workaround_1_hvc_*
  arm64: don't zero DIT on signal return
  arm64: KVM: Use SMCCC_ARCH_WORKAROUND_1 for Falkor BP hardening
  arm64: capabilities: Add support for checks based on a list of MIDRs
  arm64: Add MIDR encoding for Arm Cortex-A55 and Cortex-A35
  arm64: Add helpers for checking CPU MIDR against a range
  arm64: capabilities: Clean up midr range helpers
  arm64: capabilities: Change scope of VHE to Boot CPU feature
  arm64: capabilities: Add support for features enabled early
  arm64: capabilities: Restrict KPTI detection to boot-time CPUs
  arm64: capabilities: Introduce weak features based on local CPU
  arm64: capabilities: Group handling of features and errata workarounds
  arm64: capabilities: Allow features based on local CPU scope
  arm64: capabilities: Split the processing of errata work arounds
  arm64: capabilities: Prepare for grouping features and errata work arounds
  arm64: capabilities: Filter the entries based on a given mask
  arm64: capabilities: Unify the verification
  arm64: capabilities: Add flags to handle the conflicts on late CPU
  arm64: capabilities: Prepare for fine grained capabilities
  arm64: capabilities: Move errata processing code
  arm64: capabilities: Move errata work around check on boot CPU
  arm64: capabilities: Update prototype for enable call back
  arm64: Introduce sysreg_clear_set()
  arm64: add PSR_AA32_* definitions
  arm64: move SCTLR_EL{1,2} assertions to <asm/sysreg.h>
  arm64: Expose Arm v8.4 features
  arm64: Documentation: cpu-feature-registers: Remove RES0 fields
  arm64: v8.4: Support for new floating point multiplication instructions
  arm64: Fix the feature type for ID register fields
  arm64: Expose support for optional ARMv8-A features
  arm64: sysreg: Move to use definitions for all the SCTLR bits
  USB: ldusb: fix read info leaks
  USB: usblp: fix use-after-free on disconnect
  USB: ldusb: fix memleak on disconnect
  USB: serial: ti_usb_3410_5052: fix port-close races
  usb: udc: lpc32xx: fix bad bit shift operation
  ALSA: hda/realtek - Add support for ALC711
  USB: legousbtower: fix memleak on disconnect
  memfd: Fix locking when tagging pins
  loop: Add LOOP_SET_DIRECT_IO to compat ioctl
  net: avoid potential infinite loop in tc_ctl_action()
  sctp: change sctp_prot .no_autobind with true
  net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow
  net: i82596: fix dma_alloc_attr for sni_82596
  net: bcmgenet: Set phydev->dev_flags only for internal PHYs
  net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3
  ipv4: Return -ENETUNREACH if we can't create route but saddr is valid
  ocfs2: fix panic due to ocfs2_wq is null
  Revert "drm/radeon: Fix EEH during kexec"
  md/raid0: fix warning message for parameter default_layout
  namespace: fix namespace.pl script to support relative paths
  r8152: Set macpassthru in reset_resume callback
  net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write()
  mips: Loongson: Fix the link time qualifier of 'serial_exit()'
  mac80211: fix txq null pointer dereference
  nl80211: fix null pointer dereference
  xen/efi: Set nonblocking callbacks
  MIPS: dts: ar9331: fix interrupt-controller size
  net: dsa: qca8k: Use up to 7 ports for all operations
  ARM: dts: am4372: Set memory bandwidth limit for DISPC
  ieee802154: ca8210: prevent memory leak
  ARM: OMAP2+: Fix missing reset done flag for am3 and am43
  scsi: qla2xxx: Fix unbound sleep in fcport delete path.
  scsi: megaraid: disable device when probe failed after enabled device
  scsi: ufs: skip shutdown if hba is not powered
  rtlwifi: Fix potential overflow on P2P code
  ANDROID: clang: update to 9.0.8 based on r365631c
  ANDROID: move up spin_unlock_bh() ahead of remove_proc_entry()
  ANDROID: refactor build.config files to remove duplication

Conflicts:
	arch/arm64/include/asm/cpucaps.h
	arch/arm64/include/asm/cputype.h
	arch/arm64/include/asm/processor.h
	arch/arm64/include/asm/ptrace.h
	arch/arm64/include/asm/sysreg.h
	arch/arm64/include/uapi/asm/hwcap.h
	arch/arm64/kernel/cpu_errata.c
	arch/arm64/kernel/cpufeature.c
	arch/arm64/kernel/ssbd.c

Change-Id: Ia6d7b060214022efcb061ea4029bb583e4a68aa2
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2020-01-06 04:25:17 -08:00
Vlastimil Babka
1d58dbc096 UPSTREAM: mm, proc: add KReclaimable to /proc/meminfo 
The vmstat NR_KERNEL_MISC_RECLAIMABLE counter is for kernel non-slab
allocations that can be reclaimed via shrinker.  In /proc/meminfo, we can
show the sum of all reclaimable kernel allocations (including slab) as
"KReclaimable".  Add the same counter also to per-node meminfo under /sys

With this counter, users will have more complete information about kernel
memory usage.  Non-slab reclaimable pages (currently just the ION
allocator) will not be missing from /proc/meminfo, making users wonder
where part of their memory went.  More precisely, they already appear in
MemAvailable, but without the new counter, it's not obvious why the value
in MemAvailable doesn't fully correspond with the sum of other counters
participating in it.

Link: http://lkml.kernel.org/r/20180731090649.16028-6-vbabka@suse.cz
Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
Acked-by: Roman Gushchin <guro@fb.com>
Cc: Christoph Lameter <cl@linux.com>
Cc: David Rientjes <rientjes@google.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Cc: Laura Abbott <labbott@redhat.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Michal Hocko <mhocko@kernel.org>
Cc: Sumit Semwal <sumit.semwal@linaro.org>
Cc: Vijayanand Jitta <vjitta@codeaurora.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

(cherry picked from commit 61f94e18de94f79abaad3bb83549ff78923ac785)

Bug: 138148041
Test: verify KReclaimable accounting after ION allocation+deallocation
Change-Id: I646e1a4f1217de902c70466906ca053c6c825185
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
 2019-12-16 23:32:43 +00:00
Sami Tolvanen
ad751f33a5 FROMLIST: scs: add accounting 
This change adds accounting for the memory allocated for shadow stacks.

Bug: 145210207
Change-Id: I51157fe0b23b4cb28bb33c86a5dfe3ac911296a4
(am from https://lore.kernel.org/patchwork/patch/1149055/)
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
 2019-12-13 07:14:20 -08:00
Greg Kroah-Hartman
d343218438 This is the 4.14.156 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl3aL/cACgkQONu9yGCS
 aT7ItBAAuh9Td+0gRweh5Wtxsj8MZYNeXb7TrM6rLU/z3QcP0GXSHB62ZUne+j9v
 bUS40aXAzd5O6quKt2XUW3EymyZH6InELtAV19b4wkzKjMbMOFJEEPxVs8KUUUyQ
 rCD0Mvazjwc8Z9c0EVVZRieLYhRo6vzgnMqaHp2BaIEd55VAF03vKWKIxJ7sEiNb
 uHEWYcTPFsowuvs3/+Nc/9cLYO/Cbxi9cr4FJGR/M0qNkQYK6HngWJwbWXERhfSI
 /CZB2FHNfzUuqZSdjbDDqznZqN/2mqePg2HpHrK+sPq3q5UJLNXW1qITls0r5P8K
 f4csvkt1BMjbJYS006x14s5nHpgpsmXDzzaoPVij5LZO1k2/W8ospCW7zAZK6w9c
 dn59S73SzCBCBPunxdK7l4FpMZZkbbW9GsrqF+EYaoR2ftUCDfXuzay79eMoCGW2
 uG9Oy5lW4ci/QhNB072QMOSosnda9kWniw30Q02iFZpp9hZqpbYvSt3IH8Qgbz2S
 hEM2aqNEfjumBT1SdHgPsjn1Tmqeyo3wVCah6K5vy+qTjOxmVBslB5zT7upAA4be
 h77EN3aD7iqrwuZkeUvPpLxermqFZa7CmSXorOoOSMkzHtOiVyxS6koQechgIgpl
 DePv2tWYhRPmAeNo0+gGOiRAQ518PfVBSdJ9NTvcwvv+Ad+E0hM=
 =jEkm
 -----END PGP SIGNATURE-----

Merge 4.14.156 into android-4.14-q

Changes in 4.14.156
	spi: mediatek: use correct mata->xfer_len when in fifo transfer
	tee: optee: add missing of_node_put after of_device_is_available
	Revert "OPP: Protect dev_list with opp_table lock"
	net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size()
	idr: Fix idr_get_next race with idr_remove
	mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span()
	mm/memory_hotplug: fix updating the node span
	arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault
	fbdev: Ditch fb_edid_add_monspecs
	net: ovs: fix return type of ndo_start_xmit function
	net: xen-netback: fix return type of ndo_start_xmit function
	ARM: dts: dra7: Enable workaround for errata i870 in PCIe host mode
	ARM: dts: omap5: enable OTG role for DWC3 controller
	net: hns3: Fix for netdev not up problem when setting mtu
	f2fs: return correct errno in f2fs_gc
	ARM: dts: sun8i: h3-h5: ir register size should be the whole memory block
	SUNRPC: Fix priority queue fairness
	IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds
	iommu/io-pgtable-arm: Fix race handling in split_blk_unmap()
	kvm: arm/arm64: Fix stage2_flush_memslot for 4 level page table
	arm64/numa: Report correct memblock range for the dummy node
	ath10k: fix vdev-start timeout on error
	ata: ahci_brcm: Allow using driver or DSL SoCs
	ath9k: fix reporting calculated new FFT upper max
	usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status()
	usb: dwc3: gadget: Check ENBLSLPM before sending ep command
	nl80211: Fix a GET_KEY reply attribute
	irqchip/irq-mvebu-icu: Fix wrong private data retrieval
	watchdog: w83627hf_wdt: Support NCT6796D, NCT6797D, NCT6798D
	KVM: PPC: Inform the userspace about TCE update failures
	dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction
	dmaengine: timb_dma: Use proper enum in td_prep_slave_sg
	ext4: fix build error when DX_DEBUG is defined
	clk: keystone: Enable TISCI clocks if K3_ARCH
	sunrpc: Fix connect metrics
	mei: samples: fix a signedness bug in amt_host_if_call()
	cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update
	cxgb4: Use proper enum in IEEE_FAUX_SYNC
	powerpc/pseries: Fix DTL buffer registration
	powerpc/pseries: Fix how we iterate over the DTL entries
	powerpc/xive: Move a dereference below a NULL test
	ARM: dts: at91: sama5d4_xplained: fix addressable nand flash size
	ARM: dts: at91: at91sam9x5cm: fix addressable nand flash size
	mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer
	PM / hibernate: Check the success of generating md5 digest before hibernation
	tools: PCI: Fix compilation warnings
	clocksource/drivers/sh_cmt: Fixup for 64-bit machines
	clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines
	md: allow metadata updates while suspending an array - fix
	ixgbe: Fix ixgbe TX hangs with XDP_TX beyond queue limit
	i40e: Use proper enum in i40e_ndo_set_vf_link_state
	ixgbe: Fix crash with VFs and flow director on interface flap
	IB/mthca: Fix error return code in __mthca_init_one()
	IB/mlx4: Avoid implicit enumerated type conversion
	ACPICA: Never run _REG on system_memory and system_IO
	powerpc/time: Use clockevents_register_device(), fixing an issue with large decrementer
	ata: ep93xx: Use proper enums for directions
	media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote
	media: pxa_camera: Fix check for pdev->dev.of_node
	media: i2c: adv748x: Support probing a single output
	ALSA: hda/sigmatel - Disable automute for Elo VuPoint
	KVM: PPC: Book3S PR: Exiting split hack mode needs to fixup both PC and LR
	USB: serial: cypress_m8: fix interrupt-out transfer length
	mtd: physmap_of: Release resources on error
	cpu/SMT: State SMT is disabled even with nosmt and without "=force"
	brcmfmac: reduce timeout for action frame scan
	brcmfmac: fix full timeout waiting for action frame on-channel tx
	qtnfmac: pass sgi rate info flag to wireless core
	qtnfmac: drop error reports for out-of-bounds key indexes
	clk: samsung: exynos5420: Define CLK_SECKEY gate clock only or Exynos5420
	clk: samsung: Use clk_hw API for calling clk framework from clk notifiers
	i2c: brcmstb: Allow enabling the driver on DSL SoCs
	NFSv4.x: fix lock recovery during delegation recall
	dmaengine: ioat: fix prototype of ioat_enumerate_channels
	media: cec-gpio: select correct Signal Free Time
	Input: st1232 - set INPUT_PROP_DIRECT property
	Input: silead - try firmware reload after unsuccessful resume
	remoteproc: Check for NULL firmwares in sysfs interface
	kexec: Allocate decrypted control pages for kdump if SME is enabled
	x86/olpc: Fix build error with CONFIG_MFD_CS5535=m
	dmaengine: rcar-dmac: set scatter/gather max segment size
	crypto: mxs-dcp - Fix SHA null hashes and output length
	crypto: mxs-dcp - Fix AES issues
	xfrm: use correct size to initialise sp->ovec
	ACPI / SBS: Fix rare oops when removing modules
	iwlwifi: mvm: don't send keys when entering D3
	x86/fsgsbase/64: Fix ptrace() to read the FS/GS base accurately
	mmc: tmio: Fix SCC error detection
	fbdev: sbuslib: use checked version of put_user()
	fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper()
	reset: Fix potential use-after-free in __of_reset_control_get()
	bcache: recal cached_dev_sectors on detach
	media: dw9714: Fix error handling in probe function
	s390/kasan: avoid vdso instrumentation
	proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted()
	backlight: lm3639: Unconditionally call led_classdev_unregister
	mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable
	printk: Give error on attempt to set log buffer length to over 2G
	media: isif: fix a NULL pointer dereference bug
	GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads
	media: cx231xx: fix potential sign-extension overflow on large shift
	x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error
	gpio: syscon: Fix possible NULL ptr usage
	spi: fsl-lpspi: Prevent FIFO under/overrun by default
	pinctrl: gemini: Mask and set properly
	spi: spidev: Fix OF tree warning logic
	ARM: 8802/1: Call syscall_trace_exit even when system call skipped
	orangefs: rate limit the client not running info message
	pinctrl: gemini: Fix up TVC clock group
	hwmon: (pwm-fan) Silence error on probe deferral
	hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros
	netfilter: nft_compat: do not dump private area
	misc: cxl: Fix possible null pointer dereference
	mac80211: minstrel: fix using short preamble CCK rates on HT clients
	mac80211: minstrel: fix CCK rate group streams value
	mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode
	spi: rockchip: initialize dma_slave_config properly
	mlxsw: spectrum_switchdev: Check notification relevance based on upper device
	ARM: dts: omap5: Fix dual-role mode on Super-Speed port
	tools: PCI: Fix broken pcitest compilation
	powerpc/time: Fix clockevent_decrementer initalisation for PR KVM
	mmc: tmio: fix SCC error handling to avoid false positive CRC error
	Linux 4.14.156

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-11-25 10:07:17 +01:00
Greg Kroah-Hartman
f9b4ab5c8e This is the 4.14.156 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl3aL/cACgkQONu9yGCS
 aT7ItBAAuh9Td+0gRweh5Wtxsj8MZYNeXb7TrM6rLU/z3QcP0GXSHB62ZUne+j9v
 bUS40aXAzd5O6quKt2XUW3EymyZH6InELtAV19b4wkzKjMbMOFJEEPxVs8KUUUyQ
 rCD0Mvazjwc8Z9c0EVVZRieLYhRo6vzgnMqaHp2BaIEd55VAF03vKWKIxJ7sEiNb
 uHEWYcTPFsowuvs3/+Nc/9cLYO/Cbxi9cr4FJGR/M0qNkQYK6HngWJwbWXERhfSI
 /CZB2FHNfzUuqZSdjbDDqznZqN/2mqePg2HpHrK+sPq3q5UJLNXW1qITls0r5P8K
 f4csvkt1BMjbJYS006x14s5nHpgpsmXDzzaoPVij5LZO1k2/W8ospCW7zAZK6w9c
 dn59S73SzCBCBPunxdK7l4FpMZZkbbW9GsrqF+EYaoR2ftUCDfXuzay79eMoCGW2
 uG9Oy5lW4ci/QhNB072QMOSosnda9kWniw30Q02iFZpp9hZqpbYvSt3IH8Qgbz2S
 hEM2aqNEfjumBT1SdHgPsjn1Tmqeyo3wVCah6K5vy+qTjOxmVBslB5zT7upAA4be
 h77EN3aD7iqrwuZkeUvPpLxermqFZa7CmSXorOoOSMkzHtOiVyxS6koQechgIgpl
 DePv2tWYhRPmAeNo0+gGOiRAQ518PfVBSdJ9NTvcwvv+Ad+E0hM=
 =jEkm
 -----END PGP SIGNATURE-----

Merge 4.14.156 into android-4.14

Changes in 4.14.156
	spi: mediatek: use correct mata->xfer_len when in fifo transfer
	tee: optee: add missing of_node_put after of_device_is_available
	Revert "OPP: Protect dev_list with opp_table lock"
	net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size()
	idr: Fix idr_get_next race with idr_remove
	mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span()
	mm/memory_hotplug: fix updating the node span
	arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault
	fbdev: Ditch fb_edid_add_monspecs
	net: ovs: fix return type of ndo_start_xmit function
	net: xen-netback: fix return type of ndo_start_xmit function
	ARM: dts: dra7: Enable workaround for errata i870 in PCIe host mode
	ARM: dts: omap5: enable OTG role for DWC3 controller
	net: hns3: Fix for netdev not up problem when setting mtu
	f2fs: return correct errno in f2fs_gc
	ARM: dts: sun8i: h3-h5: ir register size should be the whole memory block
	SUNRPC: Fix priority queue fairness
	IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds
	iommu/io-pgtable-arm: Fix race handling in split_blk_unmap()
	kvm: arm/arm64: Fix stage2_flush_memslot for 4 level page table
	arm64/numa: Report correct memblock range for the dummy node
	ath10k: fix vdev-start timeout on error
	ata: ahci_brcm: Allow using driver or DSL SoCs
	ath9k: fix reporting calculated new FFT upper max
	usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status()
	usb: dwc3: gadget: Check ENBLSLPM before sending ep command
	nl80211: Fix a GET_KEY reply attribute
	irqchip/irq-mvebu-icu: Fix wrong private data retrieval
	watchdog: w83627hf_wdt: Support NCT6796D, NCT6797D, NCT6798D
	KVM: PPC: Inform the userspace about TCE update failures
	dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction
	dmaengine: timb_dma: Use proper enum in td_prep_slave_sg
	ext4: fix build error when DX_DEBUG is defined
	clk: keystone: Enable TISCI clocks if K3_ARCH
	sunrpc: Fix connect metrics
	mei: samples: fix a signedness bug in amt_host_if_call()
	cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update
	cxgb4: Use proper enum in IEEE_FAUX_SYNC
	powerpc/pseries: Fix DTL buffer registration
	powerpc/pseries: Fix how we iterate over the DTL entries
	powerpc/xive: Move a dereference below a NULL test
	ARM: dts: at91: sama5d4_xplained: fix addressable nand flash size
	ARM: dts: at91: at91sam9x5cm: fix addressable nand flash size
	mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer
	PM / hibernate: Check the success of generating md5 digest before hibernation
	tools: PCI: Fix compilation warnings
	clocksource/drivers/sh_cmt: Fixup for 64-bit machines
	clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines
	md: allow metadata updates while suspending an array - fix
	ixgbe: Fix ixgbe TX hangs with XDP_TX beyond queue limit
	i40e: Use proper enum in i40e_ndo_set_vf_link_state
	ixgbe: Fix crash with VFs and flow director on interface flap
	IB/mthca: Fix error return code in __mthca_init_one()
	IB/mlx4: Avoid implicit enumerated type conversion
	ACPICA: Never run _REG on system_memory and system_IO
	powerpc/time: Use clockevents_register_device(), fixing an issue with large decrementer
	ata: ep93xx: Use proper enums for directions
	media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote
	media: pxa_camera: Fix check for pdev->dev.of_node
	media: i2c: adv748x: Support probing a single output
	ALSA: hda/sigmatel - Disable automute for Elo VuPoint
	KVM: PPC: Book3S PR: Exiting split hack mode needs to fixup both PC and LR
	USB: serial: cypress_m8: fix interrupt-out transfer length
	mtd: physmap_of: Release resources on error
	cpu/SMT: State SMT is disabled even with nosmt and without "=force"
	brcmfmac: reduce timeout for action frame scan
	brcmfmac: fix full timeout waiting for action frame on-channel tx
	qtnfmac: pass sgi rate info flag to wireless core
	qtnfmac: drop error reports for out-of-bounds key indexes
	clk: samsung: exynos5420: Define CLK_SECKEY gate clock only or Exynos5420
	clk: samsung: Use clk_hw API for calling clk framework from clk notifiers
	i2c: brcmstb: Allow enabling the driver on DSL SoCs
	NFSv4.x: fix lock recovery during delegation recall
	dmaengine: ioat: fix prototype of ioat_enumerate_channels
	media: cec-gpio: select correct Signal Free Time
	Input: st1232 - set INPUT_PROP_DIRECT property
	Input: silead - try firmware reload after unsuccessful resume
	remoteproc: Check for NULL firmwares in sysfs interface
	kexec: Allocate decrypted control pages for kdump if SME is enabled
	x86/olpc: Fix build error with CONFIG_MFD_CS5535=m
	dmaengine: rcar-dmac: set scatter/gather max segment size
	crypto: mxs-dcp - Fix SHA null hashes and output length
	crypto: mxs-dcp - Fix AES issues
	xfrm: use correct size to initialise sp->ovec
	ACPI / SBS: Fix rare oops when removing modules
	iwlwifi: mvm: don't send keys when entering D3
	x86/fsgsbase/64: Fix ptrace() to read the FS/GS base accurately
	mmc: tmio: Fix SCC error detection
	fbdev: sbuslib: use checked version of put_user()
	fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper()
	reset: Fix potential use-after-free in __of_reset_control_get()
	bcache: recal cached_dev_sectors on detach
	media: dw9714: Fix error handling in probe function
	s390/kasan: avoid vdso instrumentation
	proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted()
	backlight: lm3639: Unconditionally call led_classdev_unregister
	mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable
	printk: Give error on attempt to set log buffer length to over 2G
	media: isif: fix a NULL pointer dereference bug
	GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads
	media: cx231xx: fix potential sign-extension overflow on large shift
	x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error
	gpio: syscon: Fix possible NULL ptr usage
	spi: fsl-lpspi: Prevent FIFO under/overrun by default
	pinctrl: gemini: Mask and set properly
	spi: spidev: Fix OF tree warning logic
	ARM: 8802/1: Call syscall_trace_exit even when system call skipped
	orangefs: rate limit the client not running info message
	pinctrl: gemini: Fix up TVC clock group
	hwmon: (pwm-fan) Silence error on probe deferral
	hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros
	netfilter: nft_compat: do not dump private area
	misc: cxl: Fix possible null pointer dereference
	mac80211: minstrel: fix using short preamble CCK rates on HT clients
	mac80211: minstrel: fix CCK rate group streams value
	mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode
	spi: rockchip: initialize dma_slave_config properly
	mlxsw: spectrum_switchdev: Check notification relevance based on upper device
	ARM: dts: omap5: Fix dual-role mode on Super-Speed port
	tools: PCI: Fix broken pcitest compilation
	powerpc/time: Fix clockevent_decrementer initalisation for PR KVM
	mmc: tmio: fix SCC error handling to avoid false positive CRC error
	Linux 4.14.156

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-11-25 10:05:57 +01:00
Borislav Petkov
27647dde30 proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted() 
[ Upstream commit cf089611f4c446285046fcd426d90c18f37d2905 ]

Lianbo reported a build error with a particular 32-bit config, see Link
below for details.

Provide a weak copy_oldmem_page_encrypted() function which architectures
can override, in the same manner other functionality in that file is
supplied.

Reported-by: Lianbo Jiang <lijiang@redhat.com>
Signed-off-by: Borislav Petkov <bp@suse.de>
CC: x86@kernel.org
Link: http://lkml.kernel.org/r/710b9d95-2f70-eadf-c4a1-c3dc80ee4ebb@redhat.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
 2019-11-24 08:23:23 +01:00
Greg Kroah-Hartman
2bb70f40b0 This is the 4.14.151 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl239a0ACgkQONu9yGCS
 aT6hEw//Rlg3vjxO79bglvQA+2BUCXk8EDadSzV26UlQ/7qrB3K00yj0iyCmhNOP
 ef6HIFvT8XfH2O/K5s155bhnboTv1S6ElXDBTM1gN6OAZq9++/cNprdlHZXZaWh/
 yM8eZ+/tThnjHXfJ36LrK3Zam1k54otiX8BFxKrLZ8o67/Pk86SgXAHTJiGVS/Bm
 WtBIjTdkVOf1OEq8Pg8lV6+iP6d9AYakrRshFOCxMh6tEPDqHBc3GIkVxa9D6+u2
 GBoKiVfky83xeCh73mkehYFs+Tt2Zz1rVthLrgLmPo0Y6Ia9PpZE4CcKQZMbs/tO
 vmMyoQQ4rw9cRtZKrQMmVekwTdC/w1loG/VaFA6F/1h4qBmnJKSr56Xi37JtJkcy
 kfnnNw7jlbGBgWnbFlZAp8MDdxXf6bDpKWRusVgB/qr36uQ8RL1cWyCFPOTsodXQ
 FlyU8mmMDfDogI32n6jYB1vTZlxpwc0drT6PxvCyt2pT+T05lz6EUTSyxQ/cUZtt
 1YWNTEU5QwWcqGNOPxSGmS5Qu7vPO4wAe8OvgDAAE15ticQxxpp5p7IuuOlT/YkI
 BNranSqyjiAOYGjSImcDqvaeYVcRh5fxIPibYEMkl4lB6w3kObtwUWAp1HZ+ZKOW
 qcs8tjvzIiWknI7DPcJn+VcpdutKFa7BEWD0LAc88NU5EXPiDP0=
 =4WBX
 -----END PGP SIGNATURE-----

Merge 4.14.151 into android-4.14

Changes in 4.14.151
	scsi: ufs: skip shutdown if hba is not powered
	scsi: megaraid: disable device when probe failed after enabled device
	scsi: qla2xxx: Fix unbound sleep in fcport delete path.
	ARM: OMAP2+: Fix missing reset done flag for am3 and am43
	ieee802154: ca8210: prevent memory leak
	ARM: dts: am4372: Set memory bandwidth limit for DISPC
	net: dsa: qca8k: Use up to 7 ports for all operations
	MIPS: dts: ar9331: fix interrupt-controller size
	xen/efi: Set nonblocking callbacks
	nl80211: fix null pointer dereference
	mac80211: fix txq null pointer dereference
	mips: Loongson: Fix the link time qualifier of 'serial_exit()'
	net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write()
	r8152: Set macpassthru in reset_resume callback
	namespace: fix namespace.pl script to support relative paths
	md/raid0: fix warning message for parameter default_layout
	Revert "drm/radeon: Fix EEH during kexec"
	ocfs2: fix panic due to ocfs2_wq is null
	ipv4: Return -ENETUNREACH if we can't create route but saddr is valid
	net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3
	net: bcmgenet: Set phydev->dev_flags only for internal PHYs
	net: i82596: fix dma_alloc_attr for sni_82596
	net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow
	sctp: change sctp_prot .no_autobind with true
	net: avoid potential infinite loop in tc_ctl_action()
	loop: Add LOOP_SET_DIRECT_IO to compat ioctl
	memfd: Fix locking when tagging pins
	USB: legousbtower: fix memleak on disconnect
	ALSA: hda/realtek - Add support for ALC711
	usb: udc: lpc32xx: fix bad bit shift operation
	USB: serial: ti_usb_3410_5052: fix port-close races
	USB: ldusb: fix memleak on disconnect
	USB: usblp: fix use-after-free on disconnect
	USB: ldusb: fix read info leaks
	arm64: sysreg: Move to use definitions for all the SCTLR bits
	arm64: Expose support for optional ARMv8-A features
	arm64: Fix the feature type for ID register fields
	arm64: v8.4: Support for new floating point multiplication instructions
	arm64: Documentation: cpu-feature-registers: Remove RES0 fields
	arm64: Expose Arm v8.4 features
	arm64: move SCTLR_EL{1,2} assertions to <asm/sysreg.h>
	arm64: add PSR_AA32_* definitions
	arm64: Introduce sysreg_clear_set()
	arm64: capabilities: Update prototype for enable call back
	arm64: capabilities: Move errata work around check on boot CPU
	arm64: capabilities: Move errata processing code
	arm64: capabilities: Prepare for fine grained capabilities
	arm64: capabilities: Add flags to handle the conflicts on late CPU
	arm64: capabilities: Unify the verification
	arm64: capabilities: Filter the entries based on a given mask
	arm64: capabilities: Prepare for grouping features and errata work arounds
	arm64: capabilities: Split the processing of errata work arounds
	arm64: capabilities: Allow features based on local CPU scope
	arm64: capabilities: Group handling of features and errata workarounds
	arm64: capabilities: Introduce weak features based on local CPU
	arm64: capabilities: Restrict KPTI detection to boot-time CPUs
	arm64: capabilities: Add support for features enabled early
	arm64: capabilities: Change scope of VHE to Boot CPU feature
	arm64: capabilities: Clean up midr range helpers
	arm64: Add helpers for checking CPU MIDR against a range
	arm64: Add MIDR encoding for Arm Cortex-A55 and Cortex-A35
	arm64: capabilities: Add support for checks based on a list of MIDRs
	arm64: KVM: Use SMCCC_ARCH_WORKAROUND_1 for Falkor BP hardening
	arm64: don't zero DIT on signal return
	arm64: Get rid of __smccc_workaround_1_hvc_*
	arm64: cpufeature: Detect SSBS and advertise to userspace
	arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3
	KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe
	arm64: fix SSBS sanitization
	arm64: Add sysfs vulnerability show for spectre-v1
	arm64: add sysfs vulnerability show for meltdown
	arm64: enable generic CPU vulnerabilites support
	arm64: Always enable ssb vulnerability detection
	arm64: Provide a command line to disable spectre_v2 mitigation
	arm64: Advertise mitigation of Spectre-v2, or lack thereof
	arm64: Always enable spectre-v2 vulnerability detection
	arm64: add sysfs vulnerability show for spectre-v2
	arm64: add sysfs vulnerability show for speculative store bypass
	arm64: ssbs: Don't treat CPUs with SSBS as unaffected by SSB
	arm64: Force SSBS on context switch
	arm64: Use firmware to detect CPUs that are not affected by Spectre-v2
	arm64/speculation: Support 'mitigations=' cmdline option
	MIPS: tlbex: Fix build_restore_pagemask KScratch restore
	staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS
	scsi: sd: Ignore a failure to sync cache due to lack of authorization
	scsi: core: save/restore command resid for error handling
	scsi: core: try to get module before removing device
	scsi: ch: Make it possible to open a ch device multiple times again
	Input: da9063 - fix capability and drop KEY_SLEEP
	Input: synaptics-rmi4 - avoid processing unknown IRQs
	ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting
	cfg80211: wext: avoid copying malformed SSIDs
	mac80211: Reject malformed SSID elements
	drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50
	drm/amdgpu: Bail earlier when amdgpu.cik_/si_support is not set to 1
	drivers/base/memory.c: don't access uninitialized memmaps in soft_offline_page_store()
	fs/proc/page.c: don't access uninitialized memmaps in fs/proc/page.c
	scsi: zfcp: fix reaction on bit error threshold notification
	mm/slub: fix a deadlock in show_slab_objects()
	mm/page_owner: don't access uninitialized memmaps when reading /proc/pagetypeinfo
	hugetlbfs: don't access uninitialized memmaps in pfn_range_valid_gigantic()
	xtensa: drop EXPORT_SYMBOL for outs*/ins*
	parisc: Fix vmap memory leak in ioremap()/iounmap()
	CIFS: avoid using MID 0xFFFF
	x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area
	pinctrl: armada-37xx: fix control of pins 32 and up
	pinctrl: armada-37xx: swap polarity on LED group
	btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group()
	memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()'
	cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown
	xen/netback: fix error path of xenvif_connect_data()
	PCI: PM: Fix pci_power_up()
	KVM: X86: introduce invalidate_gpa argument to tlb flush
	kvm: vmx: Introduce lapic_mode enumeration
	kvm: apic: Flush TLB after APIC mode/address change if VPIDs are in use
	kvm: vmx: Basic APIC virtualization controls have three settings
	RDMA/cxgb4: Do not dma memory off of the stack
	Linux 4.14.151

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-10-30 09:56:41 +01:00
Greg Kroah-Hartman
93b2755998 This is the 4.14.151 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl239a0ACgkQONu9yGCS
 aT6hEw//Rlg3vjxO79bglvQA+2BUCXk8EDadSzV26UlQ/7qrB3K00yj0iyCmhNOP
 ef6HIFvT8XfH2O/K5s155bhnboTv1S6ElXDBTM1gN6OAZq9++/cNprdlHZXZaWh/
 yM8eZ+/tThnjHXfJ36LrK3Zam1k54otiX8BFxKrLZ8o67/Pk86SgXAHTJiGVS/Bm
 WtBIjTdkVOf1OEq8Pg8lV6+iP6d9AYakrRshFOCxMh6tEPDqHBc3GIkVxa9D6+u2
 GBoKiVfky83xeCh73mkehYFs+Tt2Zz1rVthLrgLmPo0Y6Ia9PpZE4CcKQZMbs/tO
 vmMyoQQ4rw9cRtZKrQMmVekwTdC/w1loG/VaFA6F/1h4qBmnJKSr56Xi37JtJkcy
 kfnnNw7jlbGBgWnbFlZAp8MDdxXf6bDpKWRusVgB/qr36uQ8RL1cWyCFPOTsodXQ
 FlyU8mmMDfDogI32n6jYB1vTZlxpwc0drT6PxvCyt2pT+T05lz6EUTSyxQ/cUZtt
 1YWNTEU5QwWcqGNOPxSGmS5Qu7vPO4wAe8OvgDAAE15ticQxxpp5p7IuuOlT/YkI
 BNranSqyjiAOYGjSImcDqvaeYVcRh5fxIPibYEMkl4lB6w3kObtwUWAp1HZ+ZKOW
 qcs8tjvzIiWknI7DPcJn+VcpdutKFa7BEWD0LAc88NU5EXPiDP0=
 =4WBX
 -----END PGP SIGNATURE-----

Merge 4.14.151 into android-4.14-q

Changes in 4.14.151
	scsi: ufs: skip shutdown if hba is not powered
	scsi: megaraid: disable device when probe failed after enabled device
	scsi: qla2xxx: Fix unbound sleep in fcport delete path.
	ARM: OMAP2+: Fix missing reset done flag for am3 and am43
	ieee802154: ca8210: prevent memory leak
	ARM: dts: am4372: Set memory bandwidth limit for DISPC
	net: dsa: qca8k: Use up to 7 ports for all operations
	MIPS: dts: ar9331: fix interrupt-controller size
	xen/efi: Set nonblocking callbacks
	nl80211: fix null pointer dereference
	mac80211: fix txq null pointer dereference
	mips: Loongson: Fix the link time qualifier of 'serial_exit()'
	net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write()
	r8152: Set macpassthru in reset_resume callback
	namespace: fix namespace.pl script to support relative paths
	md/raid0: fix warning message for parameter default_layout
	Revert "drm/radeon: Fix EEH during kexec"
	ocfs2: fix panic due to ocfs2_wq is null
	ipv4: Return -ENETUNREACH if we can't create route but saddr is valid
	net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3
	net: bcmgenet: Set phydev->dev_flags only for internal PHYs
	net: i82596: fix dma_alloc_attr for sni_82596
	net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow
	sctp: change sctp_prot .no_autobind with true
	net: avoid potential infinite loop in tc_ctl_action()
	loop: Add LOOP_SET_DIRECT_IO to compat ioctl
	memfd: Fix locking when tagging pins
	USB: legousbtower: fix memleak on disconnect
	ALSA: hda/realtek - Add support for ALC711
	usb: udc: lpc32xx: fix bad bit shift operation
	USB: serial: ti_usb_3410_5052: fix port-close races
	USB: ldusb: fix memleak on disconnect
	USB: usblp: fix use-after-free on disconnect
	USB: ldusb: fix read info leaks
	arm64: sysreg: Move to use definitions for all the SCTLR bits
	arm64: Expose support for optional ARMv8-A features
	arm64: Fix the feature type for ID register fields
	arm64: v8.4: Support for new floating point multiplication instructions
	arm64: Documentation: cpu-feature-registers: Remove RES0 fields
	arm64: Expose Arm v8.4 features
	arm64: move SCTLR_EL{1,2} assertions to <asm/sysreg.h>
	arm64: add PSR_AA32_* definitions
	arm64: Introduce sysreg_clear_set()
	arm64: capabilities: Update prototype for enable call back
	arm64: capabilities: Move errata work around check on boot CPU
	arm64: capabilities: Move errata processing code
	arm64: capabilities: Prepare for fine grained capabilities
	arm64: capabilities: Add flags to handle the conflicts on late CPU
	arm64: capabilities: Unify the verification
	arm64: capabilities: Filter the entries based on a given mask
	arm64: capabilities: Prepare for grouping features and errata work arounds
	arm64: capabilities: Split the processing of errata work arounds
	arm64: capabilities: Allow features based on local CPU scope
	arm64: capabilities: Group handling of features and errata workarounds
	arm64: capabilities: Introduce weak features based on local CPU
	arm64: capabilities: Restrict KPTI detection to boot-time CPUs
	arm64: capabilities: Add support for features enabled early
	arm64: capabilities: Change scope of VHE to Boot CPU feature
	arm64: capabilities: Clean up midr range helpers
	arm64: Add helpers for checking CPU MIDR against a range
	arm64: Add MIDR encoding for Arm Cortex-A55 and Cortex-A35
	arm64: capabilities: Add support for checks based on a list of MIDRs
	arm64: KVM: Use SMCCC_ARCH_WORKAROUND_1 for Falkor BP hardening
	arm64: don't zero DIT on signal return
	arm64: Get rid of __smccc_workaround_1_hvc_*
	arm64: cpufeature: Detect SSBS and advertise to userspace
	arm64: ssbd: Add support for PSTATE.SSBS rather than trapping to EL3
	KVM: arm64: Set SCTLR_EL2.DSSBS if SSBD is forcefully disabled and !vhe
	arm64: fix SSBS sanitization
	arm64: Add sysfs vulnerability show for spectre-v1
	arm64: add sysfs vulnerability show for meltdown
	arm64: enable generic CPU vulnerabilites support
	arm64: Always enable ssb vulnerability detection
	arm64: Provide a command line to disable spectre_v2 mitigation
	arm64: Advertise mitigation of Spectre-v2, or lack thereof
	arm64: Always enable spectre-v2 vulnerability detection
	arm64: add sysfs vulnerability show for spectre-v2
	arm64: add sysfs vulnerability show for speculative store bypass
	arm64: ssbs: Don't treat CPUs with SSBS as unaffected by SSB
	arm64: Force SSBS on context switch
	arm64: Use firmware to detect CPUs that are not affected by Spectre-v2
	arm64/speculation: Support 'mitigations=' cmdline option
	MIPS: tlbex: Fix build_restore_pagemask KScratch restore
	staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS
	scsi: sd: Ignore a failure to sync cache due to lack of authorization
	scsi: core: save/restore command resid for error handling
	scsi: core: try to get module before removing device
	scsi: ch: Make it possible to open a ch device multiple times again
	Input: da9063 - fix capability and drop KEY_SLEEP
	Input: synaptics-rmi4 - avoid processing unknown IRQs
	ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting
	cfg80211: wext: avoid copying malformed SSIDs
	mac80211: Reject malformed SSID elements
	drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50
	drm/amdgpu: Bail earlier when amdgpu.cik_/si_support is not set to 1
	drivers/base/memory.c: don't access uninitialized memmaps in soft_offline_page_store()
	fs/proc/page.c: don't access uninitialized memmaps in fs/proc/page.c
	scsi: zfcp: fix reaction on bit error threshold notification
	mm/slub: fix a deadlock in show_slab_objects()
	mm/page_owner: don't access uninitialized memmaps when reading /proc/pagetypeinfo
	hugetlbfs: don't access uninitialized memmaps in pfn_range_valid_gigantic()
	xtensa: drop EXPORT_SYMBOL for outs*/ins*
	parisc: Fix vmap memory leak in ioremap()/iounmap()
	CIFS: avoid using MID 0xFFFF
	x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area
	pinctrl: armada-37xx: fix control of pins 32 and up
	pinctrl: armada-37xx: swap polarity on LED group
	btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group()
	memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()'
	cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown
	xen/netback: fix error path of xenvif_connect_data()
	PCI: PM: Fix pci_power_up()
	KVM: X86: introduce invalidate_gpa argument to tlb flush
	kvm: vmx: Introduce lapic_mode enumeration
	kvm: apic: Flush TLB after APIC mode/address change if VPIDs are in use
	kvm: vmx: Basic APIC virtualization controls have three settings
	RDMA/cxgb4: Do not dma memory off of the stack
	Linux 4.14.151

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-10-30 09:10:54 +01:00
David Hildenbrand
80b9274e3f fs/proc/page.c: don't access uninitialized memmaps in fs/proc/page.c 
commit aad5f69bc161af489dbb5934868bd347282f0764 upstream.

There are three places where we access uninitialized memmaps, namely:
- /proc/kpagecount
- /proc/kpageflags
- /proc/kpagecgroup

We have initialized memmaps either when the section is online or when the
page was initialized to the ZONE_DEVICE.  Uninitialized memmaps contain
garbage and in the worst case trigger kernel BUGs, especially with
CONFIG_PAGE_POISONING.

For example, not onlining a DIMM during boot and calling /proc/kpagecount
with CONFIG_PAGE_POISONING:

  :/# cat /proc/kpagecount > tmp.test
  BUG: unable to handle page fault for address: fffffffffffffffe
  #PF: supervisor read access in kernel mode
  #PF: error_code(0x0000) - not-present page
  PGD 114616067 P4D 114616067 PUD 114618067 PMD 0
  Oops: 0000 [#1] SMP NOPTI
  CPU: 0 PID: 469 Comm: cat Not tainted 5.4.0-rc1-next-20191004+ #11
  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.4
  RIP: 0010:kpagecount_read+0xce/0x1e0
  Code: e8 09 83 e0 3f 48 0f a3 02 73 2d 4c 89 e7 48 c1 e7 06 48 03 3d ab 51 01 01 74 1d 48 8b 57 08 480
  RSP: 0018:ffffa14e409b7e78 EFLAGS: 00010202
  RAX: fffffffffffffffe RBX: 0000000000020000 RCX: 0000000000000000
  RDX: 0000000000000001 RSI: 00007f76b5595000 RDI: fffff35645000000
  RBP: 00007f76b5595000 R08: 0000000000000001 R09: 0000000000000000
  R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000140000
  R13: 0000000000020000 R14: 00007f76b5595000 R15: ffffa14e409b7f08
  FS:  00007f76b577d580(0000) GS:ffff8f41bd400000(0000) knlGS:0000000000000000
  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  CR2: fffffffffffffffe CR3: 0000000078960000 CR4: 00000000000006f0
  Call Trace:
   proc_reg_read+0x3c/0x60
   vfs_read+0xc5/0x180
   ksys_read+0x68/0xe0
   do_syscall_64+0x5c/0xa0
   entry_SYSCALL_64_after_hwframe+0x49/0xbe

For now, let's drop support for ZONE_DEVICE from the three pseudo files
in order to fix this.  To distinguish offline memory (with garbage
memmap) from ZONE_DEVICE memory with properly initialized memmaps, we
would have to check get_dev_pagemap() and pfn_zone_device_reserved()
right now.  The usage of both (especially, special casing devmem) is
frowned upon and needs to be reworked.

The fundamental issue we have is:

	if (pfn_to_online_page(pfn)) {
		/* memmap initialized */
	} else if (pfn_valid(pfn)) {
		/*
		 * ???
		 * a) offline memory. memmap garbage.
		 * b) devmem: memmap initialized to ZONE_DEVICE.
		 * c) devmem: reserved for driver. memmap garbage.
		 * (d) devmem: memmap currently initializing - garbage)
		 */
	}

We'll leave the pfn_zone_device_reserved() check in stable_page_flags()
in place as that function is also used from memory failure.  We now no
longer dump information about pages that are not in use anymore -
offline.

Link: http://lkml.kernel.org/r/20191009142435.3975-2-david@redhat.com
Fixes: f1dd2cd13c4b ("mm, memory_hotplug: do not associate hotadded memory to zones until online")	[visible after d0dc12e86b319]
Signed-off-by: David Hildenbrand <david@redhat.com>
Reported-by: Qian Cai <cai@lca.pw>
Acked-by: Michal Hocko <mhocko@suse.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Toshiki Fukasawa <t-fukasawa@vx.jp.nec.com>
Cc: Pankaj gupta <pagupta@redhat.com>
Cc: Mike Rapoport <rppt@linux.vnet.ibm.com>
Cc: Anthony Yznaga <anthony.yznaga@oracle.com>
Cc: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>
Cc: <stable@vger.kernel.org>	[4.13+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 2019-10-29 09:17:37 +01:00
Roman Gushchin
248a268ad1 UPSTREAM: mm: vmalloc: show number of vmalloc pages in /proc/meminfo 
Vmalloc() is getting more and more used these days (kernel stacks, bpf and
percpu allocator are new top users), and the total % of memory consumed by
vmalloc() can be pretty significant and changes dynamically.

/proc/meminfo is the best place to display this information: its top goal
is to show top consumers of the memory.

Since the VmallocUsed field in /proc/meminfo is not in use for quite a
long time (it has been defined to 0 by a5ad88ce8c7f ("mm: get rid of
'vmalloc_info' from /proc/meminfo")), let's reuse it for showing the
actual physical memory consumption of vmalloc().

Link: http://lkml.kernel.org/r/20190417194002.12369-3-guro@fb.com
Signed-off-by: Roman Gushchin <guro@fb.com>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Minchan Kim <minchan@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit 97105f0ab7b877a8ece2005e214894e93793950c)
Signed-off-by: Minchan Kim <minchan@google.com>
Bug: 141257998
Test: "cat /proc/meminfo | grep VmallocUsed" doesn't show 0 any longer
Change-Id: Ia4316c68507e68cda3175af41db09b16edd1fc51
 2019-10-14 20:10:03 +00:00
Christian Brauner
c8b9b2c5cc BACKPORT: signal: add pidfd_send_signal() syscall 
The kill() syscall operates on process identifiers (pid). After a process
has exited its pid can be reused by another process. If a caller sends a
signal to a reused pid it will end up signaling the wrong process. This
issue has often surfaced and there has been a push to address this problem [1].

This patch uses file descriptors (fd) from proc/<pid> as stable handles on
struct pid. Even if a pid is recycled the handle will not change. The fd
can be used to send signals to the process it refers to.
Thus, the new syscall pidfd_send_signal() is introduced to solve this
problem. Instead of pids it operates on process fds (pidfd).

/* prototype and argument /*
long pidfd_send_signal(int pidfd, int sig, siginfo_t *info, unsigned int flags);

/* syscall number 424 */
The syscall number was chosen to be 424 to align with Arnd's rework in his
y2038 to minimize merge conflicts (cf. [25]).

In addition to the pidfd and signal argument it takes an additional
siginfo_t and flags argument. If the siginfo_t argument is NULL then
pidfd_send_signal() is equivalent to kill(<positive-pid>, <signal>). If it
is not NULL pidfd_send_signal() is equivalent to rt_sigqueueinfo().
The flags argument is added to allow for future extensions of this syscall.
It currently needs to be passed as 0. Failing to do so will cause EINVAL.

/* pidfd_send_signal() replaces multiple pid-based syscalls */
The pidfd_send_signal() syscall currently takes on the job of
rt_sigqueueinfo(2) and parts of the functionality of kill(2), Namely, when a
positive pid is passed to kill(2). It will however be possible to also
replace tgkill(2) and rt_tgsigqueueinfo(2) if this syscall is extended.

/* sending signals to threads (tid) and process groups (pgid) */
Specifically, the pidfd_send_signal() syscall does currently not operate on
process groups or threads. This is left for future extensions.
In order to extend the syscall to allow sending signal to threads and
process groups appropriately named flags (e.g. PIDFD_TYPE_PGID, and
PIDFD_TYPE_TID) should be added. This implies that the flags argument will
determine what is signaled and not the file descriptor itself. Put in other
words, grouping in this api is a property of the flags argument not a
property of the file descriptor (cf. [13]). Clarification for this has been
requested by Eric (cf. [19]).
When appropriate extensions through the flags argument are added then
pidfd_send_signal() can additionally replace the part of kill(2) which
operates on process groups as well as the tgkill(2) and
rt_tgsigqueueinfo(2) syscalls.
How such an extension could be implemented has been very roughly sketched
in [14], [15], and [16]. However, this should not be taken as a commitment
to a particular implementation. There might be better ways to do it.
Right now this is intentionally left out to keep this patchset as simple as
possible (cf. [4]).

/* naming */
The syscall had various names throughout iterations of this patchset:
- procfd_signal()
- procfd_send_signal()
- taskfd_send_signal()
In the last round of reviews it was pointed out that given that if the
flags argument decides the scope of the signal instead of different types
of fds it might make sense to either settle for "procfd_" or "pidfd_" as
prefix. The community was willing to accept either (cf. [17] and [18]).
Given that one developer expressed strong preference for the "pidfd_"
prefix (cf. [13]) and with other developers less opinionated about the name
we should settle for "pidfd_" to avoid further bikeshedding.

The  "_send_signal" suffix was chosen to reflect the fact that the syscall
takes on the job of multiple syscalls. It is therefore intentional that the
name is not reminiscent of neither kill(2) nor rt_sigqueueinfo(2). Not the
fomer because it might imply that pidfd_send_signal() is a replacement for
kill(2), and not the latter because it is a hassle to remember the correct
spelling - especially for non-native speakers - and because it is not
descriptive enough of what the syscall actually does. The name
"pidfd_send_signal" makes it very clear that its job is to send signals.

/* zombies */
Zombies can be signaled just as any other process. No special error will be
reported since a zombie state is an unreliable state (cf. [3]). However,
this can be added as an extension through the @flags argument if the need
ever arises.

/* cross-namespace signals */
The patch currently enforces that the signaler and signalee either are in
the same pid namespace or that the signaler's pid namespace is an ancestor
of the signalee's pid namespace. This is done for the sake of simplicity
and because it is unclear to what values certain members of struct
siginfo_t would need to be set to (cf. [5], [6]).

/* compat syscalls */
It became clear that we would like to avoid adding compat syscalls
(cf. [7]).  The compat syscall handling is now done in kernel/signal.c
itself by adding __copy_siginfo_from_user_generic() which lets us avoid
compat syscalls (cf. [8]). It should be noted that the addition of
__copy_siginfo_from_user_any() is caused by a bug in the original
implementation of rt_sigqueueinfo(2) (cf. 12).
With upcoming rework for syscall handling things might improve
significantly (cf. [11]) and __copy_siginfo_from_user_any() will not gain
any additional callers.

/* testing */
This patch was tested on x64 and x86.

/* userspace usage */
An asciinema recording for the basic functionality can be found under [9].
With this patch a process can be killed via:

 #define _GNU_SOURCE
 #include <errno.h>
 #include <fcntl.h>
 #include <signal.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <sys/stat.h>
 #include <sys/syscall.h>
 #include <sys/types.h>
 #include <unistd.h>

 static inline int do_pidfd_send_signal(int pidfd, int sig, siginfo_t *info,
                                         unsigned int flags)
 {
 #ifdef __NR_pidfd_send_signal
         return syscall(__NR_pidfd_send_signal, pidfd, sig, info, flags);
 #else
         return -ENOSYS;
 #endif
 }

 int main(int argc, char *argv[])
 {
         int fd, ret, saved_errno, sig;

         if (argc < 3)
                 exit(EXIT_FAILURE);

         fd = open(argv[1], O_DIRECTORY | O_CLOEXEC);
         if (fd < 0) {
                 printf("%s - Failed to open \"%s\"\n", strerror(errno), argv[1]);
                 exit(EXIT_FAILURE);
         }

         sig = atoi(argv[2]);

         printf("Sending signal %d to process %s\n", sig, argv[1]);
         ret = do_pidfd_send_signal(fd, sig, NULL, 0);

         saved_errno = errno;
         close(fd);
         errno = saved_errno;

         if (ret < 0) {
                 printf("%s - Failed to send signal %d to process %s\n",
                        strerror(errno), sig, argv[1]);
                 exit(EXIT_FAILURE);
         }

         exit(EXIT_SUCCESS);
 }

/* Q&A
 * Given that it seems the same questions get asked again by people who are
 * late to the party it makes sense to add a Q&A section to the commit
 * message so it's hopefully easier to avoid duplicate threads.
 *
 * For the sake of progress please consider these arguments settled unless
 * there is a new point that desperately needs to be addressed. Please make
 * sure to check the links to the threads in this commit message whether
 * this has not already been covered.
 */
Q-01: (Florian Weimer [20], Andrew Morton [21])
      What happens when the target process has exited?
A-01: Sending the signal will fail with ESRCH (cf. [22]).

Q-02:  (Andrew Morton [21])
       Is the task_struct pinned by the fd?
A-02:  No. A reference to struct pid is kept. struct pid - as far as I
       understand - was created exactly for the reason to not require to
       pin struct task_struct (cf. [22]).

Q-03: (Andrew Morton [21])
      Does the entire procfs directory remain visible? Just one entry
      within it?
A-03: The same thing that happens right now when you hold a file descriptor
      to /proc/<pid> open (cf. [22]).

Q-04: (Andrew Morton [21])
      Does the pid remain reserved?
A-04: No. This patchset guarantees a stable handle not that pids are not
      recycled (cf. [22]).

Q-05: (Andrew Morton [21])
      Do attempts to signal that fd return errors?
A-05: See {Q,A}-01.

Q-06: (Andrew Morton [22])
      Is there a cleaner way of obtaining the fd? Another syscall perhaps.
A-06: Userspace can already trivially retrieve file descriptors from procfs
      so this is something that we will need to support anyway. Hence,
      there's no immediate need to add another syscalls just to make
      pidfd_send_signal() not dependent on the presence of procfs. However,
      adding a syscalls to get such file descriptors is planned for a
      future patchset (cf. [22]).

Q-07: (Andrew Morton [21] and others)
      This fd-for-a-process sounds like a handy thing and people may well
      think up other uses for it in the future, probably unrelated to
      signals. Are the code and the interface designed to permit such
      future applications?
A-07: Yes (cf. [22]).

Q-08: (Andrew Morton [21] and others)
      Now I think about it, why a new syscall? This thing is looking
      rather like an ioctl?
A-08: This has been extensively discussed. It was agreed that a syscall is
      preferred for a variety or reasons. Here are just a few taken from
      prior threads. Syscalls are safer than ioctl()s especially when
      signaling to fds. Processes are a core kernel concept so a syscall
      seems more appropriate. The layout of the syscall with its four
      arguments would require the addition of a custom struct for the
      ioctl() thereby causing at least the same amount or even more
      complexity for userspace than a simple syscall. The new syscall will
      replace multiple other pid-based syscalls (see description above).
      The file-descriptors-for-processes concept introduced with this
      syscall will be extended with other syscalls in the future. See also
      [22], [23] and various other threads already linked in here.

Q-09: (Florian Weimer [24])
      What happens if you use the new interface with an O_PATH descriptor?
A-09:
      pidfds opened as O_PATH fds cannot be used to send signals to a
      process (cf. [2]). Signaling processes through pidfds is the
      equivalent of writing to a file. Thus, this is not an operation that
      operates "purely at the file descriptor level" as required by the
      open(2) manpage. See also [4].

/* References */
[1]:  https://lore.kernel.org/lkml/20181029221037.87724-1-dancol@google.com/
[2]:  https://lore.kernel.org/lkml/874lbtjvtd.fsf@oldenburg2.str.redhat.com/
[3]:  https://lore.kernel.org/lkml/20181204132604.aspfupwjgjx6fhva@brauner.io/
[4]:  https://lore.kernel.org/lkml/20181203180224.fkvw4kajtbvru2ku@brauner.io/
[5]:  https://lore.kernel.org/lkml/20181121213946.GA10795@mail.hallyn.com/
[6]:  https://lore.kernel.org/lkml/20181120103111.etlqp7zop34v6nv4@brauner.io/
[7]:  https://lore.kernel.org/lkml/36323361-90BD-41AF-AB5B-EE0D7BA02C21@amacapital.net/
[8]:  https://lore.kernel.org/lkml/87tvjxp8pc.fsf@xmission.com/
[9]:  https://asciinema.org/a/IQjuCHew6bnq1cr78yuMv16cy
[11]: https://lore.kernel.org/lkml/F53D6D38-3521-4C20-9034-5AF447DF62FF@amacapital.net/
[12]: https://lore.kernel.org/lkml/87zhtjn8ck.fsf@xmission.com/
[13]: https://lore.kernel.org/lkml/871s6u9z6u.fsf@xmission.com/
[14]: https://lore.kernel.org/lkml/20181206231742.xxi4ghn24z4h2qki@brauner.io/
[15]: https://lore.kernel.org/lkml/20181207003124.GA11160@mail.hallyn.com/
[16]: https://lore.kernel.org/lkml/20181207015423.4miorx43l3qhppfz@brauner.io/
[17]: https://lore.kernel.org/lkml/CAGXu5jL8PciZAXvOvCeCU3wKUEB_dU-O3q0tDw4uB_ojMvDEew@mail.gmail.com/
[18]: https://lore.kernel.org/lkml/20181206222746.GB9224@mail.hallyn.com/
[19]: https://lore.kernel.org/lkml/20181208054059.19813-1-christian@brauner.io/
[20]: https://lore.kernel.org/lkml/8736rebl9s.fsf@oldenburg.str.redhat.com/
[21]: https://lore.kernel.org/lkml/20181228152012.dbf0508c2508138efc5f2bbe@linux-foundation.org/
[22]: https://lore.kernel.org/lkml/20181228233725.722tdfgijxcssg76@brauner.io/
[23]: https://lwn.net/Articles/773459/
[24]: https://lore.kernel.org/lkml/8736rebl9s.fsf@oldenburg.str.redhat.com/
[25]: https://lore.kernel.org/lkml/CAK8P3a0ej9NcJM8wXNPbcGUyOUZYX+VLoDFdbenW3s3114oQZw@mail.gmail.com/

Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Jann Horn <jannh@google.com>
Cc: Andy Lutomirsky <luto@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Christian Brauner <christian@brauner.io>
Reviewed-by: Tycho Andersen <tycho@tycho.ws>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: David Howells <dhowells@redhat.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Serge Hallyn <serge@hallyn.com>
Acked-by: Aleksa Sarai <cyphar@cyphar.com>

(cherry picked from commit 3eb39f47934f9d5a3027fe00d906a45fe3a15fad)

Conflicts:
        arch/x86/entry/syscalls/syscall_32.tbl - trivial manual merge
        arch/x86/entry/syscalls/syscall_64.tbl - trivial manual merge
        include/linux/proc_fs.h - trivial manual merge
        include/linux/syscalls.h - trivial manual merge
        include/uapi/asm-generic/unistd.h - trivial manual merge
        kernel/signal.c - struct kernel_siginfo does not exist in 4.14
        kernel/sys_ni.c - cond_syscall is used instead of COND_SYSCALL
        arch/x86/entry/syscalls/syscall_32.tbl
        arch/x86/entry/syscalls/syscall_64.tbl

(1. manual merges because of 4.14 differences
 2. change prepare_kill_siginfo() to use struct siginfo instead of
kernel_siginfo
 3. use copy_from_user() instead of copy_siginfo_from_user() in copy_siginfo_from_user_any()
 4. replaced COND_SYSCALL with cond_syscall
 5. Removed __ia32_sys_pidfd_send_signal in arch/x86/entry/syscalls/syscall_32.tbl.
 6. Replaced __x64_sys_pidfd_send_signal with sys_pidfd_send_signal in arch/x86/entry/syscalls/syscall_64.tbl.)

Bug: 135608568
Test: test program using syscall(__NR_pidfd_send_signal,..) to send SIGKILL
Change-Id: I34da11c63ac8cafb0353d9af24c820cef519ec27
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
 2019-08-12 13:29:46 -04:00
qctecmdr
ade40a753b Merge "Merge android-4.14-q.135 (1391d3b) into msm-4.14" 2019-08-09 05:47:28 -07:00
Blagovest Kolenichev
41d4f1d82f Merge android-4.14-q.135 (1391d3b) into msm-4.14 
* refs/heads/tmp-1391d3b:
  Linux 4.14.135
  access: avoid the RCU grace period for the temporary subjective credentials
  powerpc/tm: Fix oops on sigreturn on systems without TM
  powerpc/xive: Fix loop exit-condition in xive_find_target_in_mask()
  ALSA: hda - Add a conexant codec entry to let mute led work
  ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
  hpet: Fix division by zero in hpet_time_div()
  fpga-manager: altera-ps-spi: Fix build error
  binder: prevent transactions to context manager from its own process.
  x86/speculation/mds: Apply more accurate check on hypervisor platform
  x86/sysfb_efi: Add quirks for some devices with swapped width and height
  btrfs: inode: Don't compress if NODATASUM or NODATACOW set
  KVM: nVMX: do not use dangling shadow VMCS after guest reset
  usb: pci-quirks: Correct AMD PLL quirk detection
  usb: wusbcore: fix unbalanced get/put cluster_id
  drm/crc-debugfs: Also sprinkle irqrestore over early exits
  drm/crc: Only report a single overflow when a CRC fd is opened
  locking/lockdep: Hide unused 'class' variable
  locking/lockdep: Fix lock used or unused stats error
  mm/mmu_notifier: use hlist_add_head_rcu()
  mm/gup.c: remove some BUG_ONs from get_gate_page()
  mm/gup.c: mark undo_dev_pagemap as __maybe_unused
  9p: pass the correct prototype to read_cache_page
  mm/kmemleak.c: fix check for softirq context
  sh: prevent warnings when using iounmap
  block/bio-integrity: fix a memory leak bug
  powerpc/eeh: Handle hugepages in ioremap space
  mailbox: handle failed named mailbox channel request
  f2fs: avoid out-of-range memory access
  powerpc/boot: add {get, put}_unaligned_be32 to xz_config.h
  PCI: dwc: pci-dra7xx: Fix compilation when !CONFIG_GPIOLIB
  RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM
  perf annotate: Fix dereferencing freed memory found by the smatch tool
  perf session: Fix potential NULL pointer dereference found by the smatch tool
  perf test mmap-thread-lookup: Initialize variable to suppress memory sanitizer warning
  kallsyms: exclude kasan local symbols on s390
  serial: sh-sci: Fix TX DMA buffer flushing and workqueue races
  serial: sh-sci: Terminate TX DMA during buffer flushing
  RDMA/i40iw: Set queue pair state when being queried
  powerpc/4xx/uic: clear pending interrupt after irq type/pol change
  um: Silence lockdep complaint about mmap_sem
  mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk
  mfd: arizona: Fix undefined behavior
  mfd: core: Set fwnode for created devices
  recordmcount: Fix spurious mcount entries on powerpc
  powerpc/xmon: Fix disabling tracing while in xmon
  iio: iio-utils: Fix possible incorrect mask calculation
  PCI: xilinx-nwl: Fix Multi MSI data programming
  kbuild: Add -Werror=unknown-warning-option to CLANG_FLAGS
  PCI: sysfs: Ignore lockdep for remove attribute
  serial: mctrl_gpio: Check if GPIO property exisits before requesting it
  drm/msm: Depopulate platform on probe failure
  powerpc/pci/of: Fix OF flags parsing for 64bit BARs
  usb: gadget: Zero ffs_io_data
  tty: serial_core: Set port active bit in uart_port_activate
  drm/rockchip: Properly adjust to a true clock in adjusted_mode
  powerpc/pseries/mobility: prevent cpu hotplug during DT update
  phy: renesas: rcar-gen2: Fix memory leak at error paths
  drm/virtio: Add memory barriers for capset cache.
  serial: 8250: Fix TX interrupt handling condition
  tty: serial: msm_serial: avoid system lockup condition
  tty/serial: digicolor: Fix digicolor-usart already registered warning
  memstick: Fix error cleanup path of memstick_init
  drm/crc-debugfs: User irqsafe spinlock in drm_crtc_add_crc_entry
  drm/bridge: sii902x: pixel clock unit is 10kHz instead of 1kHz
  drm/bridge: tc358767: read display_props in get_modes()
  PCI: Return error if cannot probe VF
  drm/edid: Fix a missing-check bug in drm_load_edid_firmware()
  tty: serial: cpm_uart - fix init when SMC is relocated
  pinctrl: rockchip: fix leaked of_node references
  tty: max310x: Fix invalid baudrate divisors calculator
  usb: core: hub: Disable hub-initiated U1/U2
  drm/panel: simple: Fix panel_simple_dsi_probe
  hvsock: fix epollout hang from race condition
  nfsd: Fix overflow causing non-working mounts on 1 TB machines
  nfsd: fix performance-limiting session calculation
  nfsd: give out fewer session slots as limit approaches
  nfsd: increase DRC cache limit
  NFSv4: Fix open create exclusive when the server reboots
  perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined cpu_llc_id
  mm: vmscan: scan anonymous pages on file refaults
  ext4: allow directory holes
  ext4: use jbd2_inode dirty range scoping
  jbd2: introduce jbd2_inode dirty range scoping
  mm: add filemap_fdatawait_range_keep_errors()
  ext4: enforce the immutable flag on open files
  ext4: don't allow any modifications to an immutable file
  MIPS: lb60: Fix pin mappings
  dma-buf: Discard old fence_excl on retrying get_fences_rcu for realloc
  dma-buf: balance refcount inbalance
  net: bridge: stp: don't cache eth dest pointer before skb pull
  net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
  net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
  tcp: Reset bytes_acked and bytes_received when disconnecting
  tcp: fix tcp_set_congestion_control() use from bpf hook
  net: make skb_dst_force return true when dst is refcounted
  bonding: validate ip header before check IPPROTO_IGMP
  netrom: hold sock when setting skb->destructor
  netrom: fix a memory leak in nr_rx_frame()
  macsec: fix checksumming after decryption
  macsec: fix use-after-free of skb during RX
  vrf: make sure skb->data contains ip header to make routing
  sky2: Disable MSI on ASUS P6T
  rxrpc: Fix send on a connected, but unbound socket
  nfc: fix potential illegal memory access
  net: openvswitch: fix csum updates for MPLS actions
  net: neigh: fix multiple neigh timer scheduling
  net: dsa: mv88e6xxx: wait after reset deactivation
  net: bcmgenet: use promisc for unsupported filters
  ipv4: don't set IPv6 only flags to IPv4 addresses
  igmp: fix memory leak in igmpv3_del_delrec()
  caif-hsi: fix possible deadlock in cfhsi_exit_module()
  bnx2x: Prevent ptp_task to be rescheduled indefinitely
  bnx2x: Prevent load reordering in tx completion processing
  lib/strscpy: Shut up KASAN false-positives in strscpy()
  compiler.h: Add read_word_at_a_time() function.
  compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
  dm bufio: fix deadlock with loop device
  dt-bindings: allow up to four clocks for orion-mdio
  net: mvmdio: allow up to four clocks to be specified for orion-mdio
  usb: Handle USB3 remote wakeup for LPM enabled devices correctly
  Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
  intel_th: msu: Fix single mode with disabled IOMMU
  eCryptfs: fix a couple type promotion bugs
  powerpc/watchpoint: Restore NV GPRs while returning from exception
  powerpc/32s: fix suspend/resume when IBATs 4-7 are used
  parisc: Fix kernel panic due invalid values in IAOQ0 or IAOQ1
  parisc: Ensure userspace privilege for ptraced processes in regset functions
  crypto: caam - limit output IV to CBC to work around CTR mode DMA issue
  PCI: hv: Fix a use-after-free bug in hv_eject_device_work()
  gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM
  coda: pass the host file in vma->vm_file on mmap
  libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields
  HID: wacom: correct touch resolution x/y typo
  HID: wacom: generic: only switch the mode on devices with LEDs
  Btrfs: add missing inode version, ctime and mtime updates when punching hole
  Btrfs: fix fsync not persisting dentry deletions due to inode evictions
  Btrfs: fix data loss after inode eviction, renaming it, and fsync it
  PCI: Do not poll for PME if the device is in D3cold
  intel_th: pci: Add Ice Lake NNPI support
  perf/x86/amd/uncore: Set the thread mask for F17h L3 PMCs
  perf/x86/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs
  x86/boot: Fix memory leak in default_get_smp_config()
  9p/virtio: Add cleanup path in p9_virtio_init
  9p/xen: Add cleanup path in p9_trans_xen_init
  xen/events: fix binding user event channels to cpus
  dm zoned: fix zone state management race
  padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
  drm/nouveau/i2c: Enable i2c pads & busses during preinit
  fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes.
  arm64: tegra: Fix AGIC register range
  KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed
  media: coda: Remove unbalanced and unneeded mutex unlock
  media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
  ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine
  ALSA: seq: Break too long mutex context in the write loop
  ASoC: dapm: Adapt for debugfs API change
  lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
  pnfs/flexfiles: Fix PTR_ERR() dereferences in ff_layout_track_ds_error
  NFSv4: Handle the special Linux file open access mode
  iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X
  iwlwifi: pcie: don't service an interrupt that was masked
  arm64: tegra: Update Jetson TX1 GPU regulator timings
  regulator: s2mps11: Fix buck7 and buck8 wrong voltages
  Input: alps - fix a mismatch between a condition check and its comment
  Input: synaptics - whitelist Lenovo T580 SMBus intertouch
  Input: alps - don't handle ALPS cs19 trackpoint-only device
  Input: gtco - bounds check collection indent level
  crypto: crypto4xx - fix a potential double free in ppc4xx_trng_probe
  crypto: ccp/gcm - use const time tag comparison.
  crypto: ccp - memset structure fields to zero before reuse
  crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
  crypto: arm64/sha2-ce - correct digest for empty data in finup
  crypto: arm64/sha1-ce - correct digest for empty data in finup
  crypto: ccp - Validate the the error value used to index error messages
  crypto: ghash - fix unaligned memory access in ghash_setkey()
  scsi: mac_scsi: Fix pseudo DMA implementation, take 2
  scsi: mac_scsi: Increase PIO/PDMA transfer length threshold
  scsi: megaraid_sas: Fix calculation of target ID
  scsi: core: Fix race on creating sense cache
  Revert "scsi: ncr5380: Increase register polling limit"
  scsi: NCR5380: Always re-enable reselection interrupt
  scsi: NCR5380: Reduce goto statements in NCR5380_select()
  xen: let alloc_xenballooned_pages() fail if not enough memory free
  floppy: fix out-of-bounds read in copy_buffer
  floppy: fix invalid pointer dereference in drive_name
  floppy: fix out-of-bounds read in next_valid_format
  floppy: fix div-by-zero in setup_format_params
  iavf: fix dereference of null rx_buffer pointer
  net: mvmdio: defer probe of orion-mdio if a clock is not ready
  gtp: fix use-after-free in gtp_newlink()
  gtp: fix use-after-free in gtp_encap_destroy()
  gtp: fix Illegal context switch in RCU read-side critical section.
  gtp: fix suspicious RCU usage
  Bluetooth: validate BLE connection interval updates
  gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable()
  Bluetooth: Check state in l2cap_disconnect_rsp
  Bluetooth: 6lowpan: search for destination address in all peers
  Bluetooth: hci_bcsp: Fix memory leak in rx_skb
  gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants
  net: usb: asix: init MAC address buffers
  perf stat: Make metric event lookup more robust
  iwlwifi: mvm: Drop large non sta frames
  ath10k: destroy sdio workqueue while remove sdio module
  net: hns3: add some error checking in hclge_tm module
  net: hns3: fix a -Wformat-nonliteral compile warning
  bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
  EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
  crypto: asymmetric_keys - select CRYPTO_HASH where needed
  crypto: serpent - mark __serpent_setkey_sbox noinline
  ixgbe: Check DDM existence in transceiver before access
  rslib: Fix handling of of caller provided syndrome
  rslib: Fix decoding of shortened codes
  clocksource/drivers/exynos_mct: Increase priority over ARM arch timer
  libata: don't request sense data on !ZAC ATA devices
  perf tools: Increase MAX_NR_CPUS and MAX_CACHES
  ath10k: fix PCIE device wake up failed
  ath10k: add missing error handling
  ipvs: fix tinfo memory leak in start_sync_thread
  mt7601u: fix possible memory leak when the device is disconnected
  x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
  mt7601u: do not schedule rx_tasklet when the device has been disconnected
  rtlwifi: rtl8192cu: fix error handle when usb probe failed
  media: hdpvr: fix locking and a missing msleep
  media: vimc: cap: check v4l2_fill_pixfmt return value
  media: coda: increment sequence offset for the last returned frame
  media: coda: fix last buffer handling in V4L2_ENC_CMD_STOP
  media: coda: fix mpeg2 sequence number handling
  acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
  timer_list: Guard procfs specific code
  ntp: Limit TAI-UTC offset
  media: i2c: fix warning same module names
  media: s5p-mfc: Make additional clocks optional
  ipvs: defer hook registration to avoid leaks
  ipsec: select crypto ciphers for xfrm_algo
  EDAC/sysfs: Fix memory leak when creating a csrow object
  ipoib: correcly show a VF hardware address
  vhost_net: disable zerocopy by default
  perf evsel: Make perf_evsel__name() accept a NULL argument
  x86/atomic: Fix smp_mb__{before,after}_atomic()
  sched/core: Add __sched tag for io_schedule()
  xfrm: fix sa selector validation
  blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration
  x86/cpufeatures: Add FDP_EXCPTN_ONLY and ZERO_FCS_FDS
  rcu: Force inlining of rcu_read_lock()
  bpf: silence warning messages in core
  regmap: fix bulk writes on paged registers
  gpio: omap: ensure irq is enabled before wakeup
  gpio: omap: fix lack of irqstatus_raw0 for OMAP4
  iommu: Fix a leak in iommu_insert_resv_region
  media: fdp1: Support M3N and E3 platforms
  perf test 6: Fix missing kvm module load for s390
  perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode
  ipset: Fix memory accounting for hash types on resize
  net: sfp: add mutex to prevent concurrent state checks
  RAS/CEC: Fix pfn insertion
  s390/qdio: handle PENDING state for QEBSM devices
  net: axienet: Fix race condition causing TX hang
  net: fec: Do not use netdev messages too early
  net: stmmac: dwmac4: fix flow control issue
  cpupower : frequency-set -r option misses the last cpu in related cpu list
  media: wl128x: Fix some error handling in fm_v4l2_init_video_device()
  locking/lockdep: Fix merging of hlocks with non-zero references
  tua6100: Avoid build warnings.
  crypto: talitos - Align SEC1 accesses to 32 bits boundaries.
  crypto: talitos - properly handle split ICV.
  net: phy: Check against net_device being NULL
  media: staging: media: davinci_vpfe: - Fix for memory leak if decoder initialization fails.
  media: mc-device.c: don't memset __user pointer contents
  fscrypt: clean up some BUG_ON()s in block encryption/decryption
  xfrm: Fix xfrm sel prefix length validation
  af_key: fix leaks in key_pol_get_resp and dump_sp.
  signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
  qed: Set the doorbell address correctly
  net: stmmac: dwmac4/5: Clear unused address entries
  net: stmmac: dwmac1000: Clear unused address entries
  media: media_device_enum_links32: clean a reserved field
  media: vpss: fix a potential NULL pointer dereference
  media: marvell-ccic: fix DMA s/g desc number calculation
  crypto: talitos - fix skcipher failure due to wrong output IV
  media: spi: IR LED: add missing of table registration
  media: dvb: usb: fix use after free in dvb_usb_device_exit
  batman-adv: fix for leaked TVLV handler.
  ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
  ath6kl: add some bounds checking
  ath9k: Check for errors when reading SREV register
  ath10k: Do not send probe response template for mesh
  wil6210: fix potential out-of-bounds read
  dmaengine: imx-sdma: fix use-after-free on probe error path
  scsi: iscsi: set auth_protocol back to NULL if CHAP_A value is not supported
  arm64/efi: Mark __efistub_stext_offset as an absolute symbol explicitly
  MIPS: fix build on non-linux hosts
  MIPS: ath79: fix ar933x uart parity mode
  ANDROID: enable CONFIG_RTC_DRV_TEST on cuttlefish
  ANDROID: cuttlefish_defconfig: enable CONFIG_CPU_FREQ_TIMES
  ANDROID: xfrm: remove in_compat_syscall() checks
  UPSTREAM: binder: Set end of SG buffer area properly.

Conflicts:
	drivers/gpu/drm/msm/msm_drv.c

Change-Id: I3f568e1d41c853c51a6ed293de6420fb447fe8e0
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2019-07-31 06:09:15 -07:00
Greg Kroah-Hartman
1391d3b9b2 This is the 4.14.135 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl1BJxsACgkQONu9yGCS
 aT4wBxAAymuWVXtmeWFQSFNji/RAJcHBAOvydIRMr7vwCXpojuRerNolo7WibM/B
 Mgx2OISn0d8rg98Cc3wiM6WUN9AeHr3lSWXORg3iBr0zP+ZO5Vs0Y2w9gueEJS+i
 egMvi2KZyS3Esrfmxv62pJ9DIVqyPVlvzN/Y79BARcwIeZOt+puycR5XV3WROzX9
 Wy2JBz5f56m9qzPGKXGRLlvq7LghZ5EbyFoIb/fj9K6pFdVBrpSEOeocCQos9IEz
 0+1TiWAkqOGLGZWJ3CFW/6Nbn1JO3hZpIgqxVczZXR+4UVhR+yniHUzZ20g89DzE
 mmprjKGv/8/7pXyXtGhjXuaZN5r1ldUje5SZf1X7SzxLuABSKIHykYJjKUQY2O3b
 8tpPULGA77V7Ww4TtyRLeOVPqaVslWFgLP6snyileSdoxfISebo2KptQn0pmuFX2
 Y0ePPot/aHHXmhrn5mAY9UZO9etqko8LjvVHDOsQQ99GJJ1BAz73w+wkKDtHXGuo
 iqUlSSW2YpThnAkufUlyhk10y6itGmy0P7GSrw8PCd9As2/LAz6c9+8+NPp/2P2Z
 Ffl2q7eUCqb0HixAnq5KqcPDSVdyqVtQ7XeN3lAEWVGmwpiu2xyuZgpQyT5FRqOZ
 mLYHZJF7FEZOZo+hkbH4O6j3umJ0QFJakVwrEiQ/ha0yLZpS3OM=
 =u0hP
 -----END PGP SIGNATURE-----

Merge 4.14.135 into android-4.14-q

Changes in 4.14.135
	MIPS: ath79: fix ar933x uart parity mode
	MIPS: fix build on non-linux hosts
	arm64/efi: Mark __efistub_stext_offset as an absolute symbol explicitly
	scsi: iscsi: set auth_protocol back to NULL if CHAP_A value is not supported
	dmaengine: imx-sdma: fix use-after-free on probe error path
	wil6210: fix potential out-of-bounds read
	ath10k: Do not send probe response template for mesh
	ath9k: Check for errors when reading SREV register
	ath6kl: add some bounds checking
	ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
	batman-adv: fix for leaked TVLV handler.
	media: dvb: usb: fix use after free in dvb_usb_device_exit
	media: spi: IR LED: add missing of table registration
	crypto: talitos - fix skcipher failure due to wrong output IV
	media: marvell-ccic: fix DMA s/g desc number calculation
	media: vpss: fix a potential NULL pointer dereference
	media: media_device_enum_links32: clean a reserved field
	net: stmmac: dwmac1000: Clear unused address entries
	net: stmmac: dwmac4/5: Clear unused address entries
	qed: Set the doorbell address correctly
	signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
	af_key: fix leaks in key_pol_get_resp and dump_sp.
	xfrm: Fix xfrm sel prefix length validation
	fscrypt: clean up some BUG_ON()s in block encryption/decryption
	media: mc-device.c: don't memset __user pointer contents
	media: staging: media: davinci_vpfe: - Fix for memory leak if decoder initialization fails.
	net: phy: Check against net_device being NULL
	crypto: talitos - properly handle split ICV.
	crypto: talitos - Align SEC1 accesses to 32 bits boundaries.
	tua6100: Avoid build warnings.
	locking/lockdep: Fix merging of hlocks with non-zero references
	media: wl128x: Fix some error handling in fm_v4l2_init_video_device()
	cpupower : frequency-set -r option misses the last cpu in related cpu list
	net: stmmac: dwmac4: fix flow control issue
	net: fec: Do not use netdev messages too early
	net: axienet: Fix race condition causing TX hang
	s390/qdio: handle PENDING state for QEBSM devices
	RAS/CEC: Fix pfn insertion
	net: sfp: add mutex to prevent concurrent state checks
	ipset: Fix memory accounting for hash types on resize
	perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode
	perf test 6: Fix missing kvm module load for s390
	media: fdp1: Support M3N and E3 platforms
	iommu: Fix a leak in iommu_insert_resv_region
	gpio: omap: fix lack of irqstatus_raw0 for OMAP4
	gpio: omap: ensure irq is enabled before wakeup
	regmap: fix bulk writes on paged registers
	bpf: silence warning messages in core
	rcu: Force inlining of rcu_read_lock()
	x86/cpufeatures: Add FDP_EXCPTN_ONLY and ZERO_FCS_FDS
	blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration
	xfrm: fix sa selector validation
	sched/core: Add __sched tag for io_schedule()
	x86/atomic: Fix smp_mb__{before,after}_atomic()
	perf evsel: Make perf_evsel__name() accept a NULL argument
	vhost_net: disable zerocopy by default
	ipoib: correcly show a VF hardware address
	EDAC/sysfs: Fix memory leak when creating a csrow object
	ipsec: select crypto ciphers for xfrm_algo
	ipvs: defer hook registration to avoid leaks
	media: s5p-mfc: Make additional clocks optional
	media: i2c: fix warning same module names
	ntp: Limit TAI-UTC offset
	timer_list: Guard procfs specific code
	acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
	media: coda: fix mpeg2 sequence number handling
	media: coda: fix last buffer handling in V4L2_ENC_CMD_STOP
	media: coda: increment sequence offset for the last returned frame
	media: vimc: cap: check v4l2_fill_pixfmt return value
	media: hdpvr: fix locking and a missing msleep
	rtlwifi: rtl8192cu: fix error handle when usb probe failed
	mt7601u: do not schedule rx_tasklet when the device has been disconnected
	x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
	mt7601u: fix possible memory leak when the device is disconnected
	ipvs: fix tinfo memory leak in start_sync_thread
	ath10k: add missing error handling
	ath10k: fix PCIE device wake up failed
	perf tools: Increase MAX_NR_CPUS and MAX_CACHES
	libata: don't request sense data on !ZAC ATA devices
	clocksource/drivers/exynos_mct: Increase priority over ARM arch timer
	rslib: Fix decoding of shortened codes
	rslib: Fix handling of of caller provided syndrome
	ixgbe: Check DDM existence in transceiver before access
	crypto: serpent - mark __serpent_setkey_sbox noinline
	crypto: asymmetric_keys - select CRYPTO_HASH where needed
	EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
	bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
	net: hns3: fix a -Wformat-nonliteral compile warning
	net: hns3: add some error checking in hclge_tm module
	ath10k: destroy sdio workqueue while remove sdio module
	iwlwifi: mvm: Drop large non sta frames
	perf stat: Make metric event lookup more robust
	net: usb: asix: init MAC address buffers
	gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants
	Bluetooth: hci_bcsp: Fix memory leak in rx_skb
	Bluetooth: 6lowpan: search for destination address in all peers
	Bluetooth: Check state in l2cap_disconnect_rsp
	gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable()
	Bluetooth: validate BLE connection interval updates
	gtp: fix suspicious RCU usage
	gtp: fix Illegal context switch in RCU read-side critical section.
	gtp: fix use-after-free in gtp_encap_destroy()
	gtp: fix use-after-free in gtp_newlink()
	net: mvmdio: defer probe of orion-mdio if a clock is not ready
	iavf: fix dereference of null rx_buffer pointer
	floppy: fix div-by-zero in setup_format_params
	floppy: fix out-of-bounds read in next_valid_format
	floppy: fix invalid pointer dereference in drive_name
	floppy: fix out-of-bounds read in copy_buffer
	xen: let alloc_xenballooned_pages() fail if not enough memory free
	scsi: NCR5380: Reduce goto statements in NCR5380_select()
	scsi: NCR5380: Always re-enable reselection interrupt
	Revert "scsi: ncr5380: Increase register polling limit"
	scsi: core: Fix race on creating sense cache
	scsi: megaraid_sas: Fix calculation of target ID
	scsi: mac_scsi: Increase PIO/PDMA transfer length threshold
	scsi: mac_scsi: Fix pseudo DMA implementation, take 2
	crypto: ghash - fix unaligned memory access in ghash_setkey()
	crypto: ccp - Validate the the error value used to index error messages
	crypto: arm64/sha1-ce - correct digest for empty data in finup
	crypto: arm64/sha2-ce - correct digest for empty data in finup
	crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
	crypto: ccp - memset structure fields to zero before reuse
	crypto: ccp/gcm - use const time tag comparison.
	crypto: crypto4xx - fix a potential double free in ppc4xx_trng_probe
	Input: gtco - bounds check collection indent level
	Input: alps - don't handle ALPS cs19 trackpoint-only device
	Input: synaptics - whitelist Lenovo T580 SMBus intertouch
	Input: alps - fix a mismatch between a condition check and its comment
	regulator: s2mps11: Fix buck7 and buck8 wrong voltages
	arm64: tegra: Update Jetson TX1 GPU regulator timings
	iwlwifi: pcie: don't service an interrupt that was masked
	iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X
	NFSv4: Handle the special Linux file open access mode
	pnfs/flexfiles: Fix PTR_ERR() dereferences in ff_layout_track_ds_error
	lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
	ASoC: dapm: Adapt for debugfs API change
	ALSA: seq: Break too long mutex context in the write loop
	ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine
	media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
	media: coda: Remove unbalanced and unneeded mutex unlock
	KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed
	arm64: tegra: Fix AGIC register range
	fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes.
	drm/nouveau/i2c: Enable i2c pads & busses during preinit
	padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
	dm zoned: fix zone state management race
	xen/events: fix binding user event channels to cpus
	9p/xen: Add cleanup path in p9_trans_xen_init
	9p/virtio: Add cleanup path in p9_virtio_init
	x86/boot: Fix memory leak in default_get_smp_config()
	perf/x86/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs
	perf/x86/amd/uncore: Set the thread mask for F17h L3 PMCs
	intel_th: pci: Add Ice Lake NNPI support
	PCI: Do not poll for PME if the device is in D3cold
	Btrfs: fix data loss after inode eviction, renaming it, and fsync it
	Btrfs: fix fsync not persisting dentry deletions due to inode evictions
	Btrfs: add missing inode version, ctime and mtime updates when punching hole
	HID: wacom: generic: only switch the mode on devices with LEDs
	HID: wacom: correct touch resolution x/y typo
	libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields
	coda: pass the host file in vma->vm_file on mmap
	gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM
	PCI: hv: Fix a use-after-free bug in hv_eject_device_work()
	crypto: caam - limit output IV to CBC to work around CTR mode DMA issue
	parisc: Ensure userspace privilege for ptraced processes in regset functions
	parisc: Fix kernel panic due invalid values in IAOQ0 or IAOQ1
	powerpc/32s: fix suspend/resume when IBATs 4-7 are used
	powerpc/watchpoint: Restore NV GPRs while returning from exception
	eCryptfs: fix a couple type promotion bugs
	intel_th: msu: Fix single mode with disabled IOMMU
	Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
	usb: Handle USB3 remote wakeup for LPM enabled devices correctly
	net: mvmdio: allow up to four clocks to be specified for orion-mdio
	dt-bindings: allow up to four clocks for orion-mdio
	dm bufio: fix deadlock with loop device
	compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
	compiler.h: Add read_word_at_a_time() function.
	lib/strscpy: Shut up KASAN false-positives in strscpy()
	bnx2x: Prevent load reordering in tx completion processing
	bnx2x: Prevent ptp_task to be rescheduled indefinitely
	caif-hsi: fix possible deadlock in cfhsi_exit_module()
	igmp: fix memory leak in igmpv3_del_delrec()
	ipv4: don't set IPv6 only flags to IPv4 addresses
	net: bcmgenet: use promisc for unsupported filters
	net: dsa: mv88e6xxx: wait after reset deactivation
	net: neigh: fix multiple neigh timer scheduling
	net: openvswitch: fix csum updates for MPLS actions
	nfc: fix potential illegal memory access
	rxrpc: Fix send on a connected, but unbound socket
	sky2: Disable MSI on ASUS P6T
	vrf: make sure skb->data contains ip header to make routing
	macsec: fix use-after-free of skb during RX
	macsec: fix checksumming after decryption
	netrom: fix a memory leak in nr_rx_frame()
	netrom: hold sock when setting skb->destructor
	bonding: validate ip header before check IPPROTO_IGMP
	net: make skb_dst_force return true when dst is refcounted
	tcp: fix tcp_set_congestion_control() use from bpf hook
	tcp: Reset bytes_acked and bytes_received when disconnecting
	net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
	net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
	net: bridge: stp: don't cache eth dest pointer before skb pull
	dma-buf: balance refcount inbalance
	dma-buf: Discard old fence_excl on retrying get_fences_rcu for realloc
	MIPS: lb60: Fix pin mappings
	ext4: don't allow any modifications to an immutable file
	ext4: enforce the immutable flag on open files
	mm: add filemap_fdatawait_range_keep_errors()
	jbd2: introduce jbd2_inode dirty range scoping
	ext4: use jbd2_inode dirty range scoping
	ext4: allow directory holes
	mm: vmscan: scan anonymous pages on file refaults
	perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined cpu_llc_id
	NFSv4: Fix open create exclusive when the server reboots
	nfsd: increase DRC cache limit
	nfsd: give out fewer session slots as limit approaches
	nfsd: fix performance-limiting session calculation
	nfsd: Fix overflow causing non-working mounts on 1 TB machines
	hvsock: fix epollout hang from race condition
	drm/panel: simple: Fix panel_simple_dsi_probe
	usb: core: hub: Disable hub-initiated U1/U2
	tty: max310x: Fix invalid baudrate divisors calculator
	pinctrl: rockchip: fix leaked of_node references
	tty: serial: cpm_uart - fix init when SMC is relocated
	drm/edid: Fix a missing-check bug in drm_load_edid_firmware()
	PCI: Return error if cannot probe VF
	drm/bridge: tc358767: read display_props in get_modes()
	drm/bridge: sii902x: pixel clock unit is 10kHz instead of 1kHz
	drm/crc-debugfs: User irqsafe spinlock in drm_crtc_add_crc_entry
	memstick: Fix error cleanup path of memstick_init
	tty/serial: digicolor: Fix digicolor-usart already registered warning
	tty: serial: msm_serial: avoid system lockup condition
	serial: 8250: Fix TX interrupt handling condition
	drm/virtio: Add memory barriers for capset cache.
	phy: renesas: rcar-gen2: Fix memory leak at error paths
	powerpc/pseries/mobility: prevent cpu hotplug during DT update
	drm/rockchip: Properly adjust to a true clock in adjusted_mode
	tty: serial_core: Set port active bit in uart_port_activate
	usb: gadget: Zero ffs_io_data
	powerpc/pci/of: Fix OF flags parsing for 64bit BARs
	drm/msm: Depopulate platform on probe failure
	serial: mctrl_gpio: Check if GPIO property exisits before requesting it
	PCI: sysfs: Ignore lockdep for remove attribute
	kbuild: Add -Werror=unknown-warning-option to CLANG_FLAGS
	PCI: xilinx-nwl: Fix Multi MSI data programming
	iio: iio-utils: Fix possible incorrect mask calculation
	powerpc/xmon: Fix disabling tracing while in xmon
	recordmcount: Fix spurious mcount entries on powerpc
	mfd: core: Set fwnode for created devices
	mfd: arizona: Fix undefined behavior
	mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk
	um: Silence lockdep complaint about mmap_sem
	powerpc/4xx/uic: clear pending interrupt after irq type/pol change
	RDMA/i40iw: Set queue pair state when being queried
	serial: sh-sci: Terminate TX DMA during buffer flushing
	serial: sh-sci: Fix TX DMA buffer flushing and workqueue races
	kallsyms: exclude kasan local symbols on s390
	perf test mmap-thread-lookup: Initialize variable to suppress memory sanitizer warning
	perf session: Fix potential NULL pointer dereference found by the smatch tool
	perf annotate: Fix dereferencing freed memory found by the smatch tool
	RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM
	PCI: dwc: pci-dra7xx: Fix compilation when !CONFIG_GPIOLIB
	powerpc/boot: add {get, put}_unaligned_be32 to xz_config.h
	f2fs: avoid out-of-range memory access
	mailbox: handle failed named mailbox channel request
	powerpc/eeh: Handle hugepages in ioremap space
	block/bio-integrity: fix a memory leak bug
	sh: prevent warnings when using iounmap
	mm/kmemleak.c: fix check for softirq context
	9p: pass the correct prototype to read_cache_page
	mm/gup.c: mark undo_dev_pagemap as __maybe_unused
	mm/gup.c: remove some BUG_ONs from get_gate_page()
	mm/mmu_notifier: use hlist_add_head_rcu()
	locking/lockdep: Fix lock used or unused stats error
	locking/lockdep: Hide unused 'class' variable
	drm/crc: Only report a single overflow when a CRC fd is opened
	drm/crc-debugfs: Also sprinkle irqrestore over early exits
	usb: wusbcore: fix unbalanced get/put cluster_id
	usb: pci-quirks: Correct AMD PLL quirk detection
	KVM: nVMX: do not use dangling shadow VMCS after guest reset
	btrfs: inode: Don't compress if NODATASUM or NODATACOW set
	x86/sysfb_efi: Add quirks for some devices with swapped width and height
	x86/speculation/mds: Apply more accurate check on hypervisor platform
	binder: prevent transactions to context manager from its own process.
	fpga-manager: altera-ps-spi: Fix build error
	hpet: Fix division by zero in hpet_time_div()
	ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
	ALSA: hda - Add a conexant codec entry to let mute led work
	powerpc/xive: Fix loop exit-condition in xive_find_target_in_mask()
	powerpc/tm: Fix oops on sigreturn on systems without TM
	access: avoid the RCU grace period for the temporary subjective credentials
	Linux 4.14.135

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-07-31 08:11:10 +02:00
Greg Kroah-Hartman
a5847ae74b This is the 4.14.135 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl1BJxsACgkQONu9yGCS
 aT4wBxAAymuWVXtmeWFQSFNji/RAJcHBAOvydIRMr7vwCXpojuRerNolo7WibM/B
 Mgx2OISn0d8rg98Cc3wiM6WUN9AeHr3lSWXORg3iBr0zP+ZO5Vs0Y2w9gueEJS+i
 egMvi2KZyS3Esrfmxv62pJ9DIVqyPVlvzN/Y79BARcwIeZOt+puycR5XV3WROzX9
 Wy2JBz5f56m9qzPGKXGRLlvq7LghZ5EbyFoIb/fj9K6pFdVBrpSEOeocCQos9IEz
 0+1TiWAkqOGLGZWJ3CFW/6Nbn1JO3hZpIgqxVczZXR+4UVhR+yniHUzZ20g89DzE
 mmprjKGv/8/7pXyXtGhjXuaZN5r1ldUje5SZf1X7SzxLuABSKIHykYJjKUQY2O3b
 8tpPULGA77V7Ww4TtyRLeOVPqaVslWFgLP6snyileSdoxfISebo2KptQn0pmuFX2
 Y0ePPot/aHHXmhrn5mAY9UZO9etqko8LjvVHDOsQQ99GJJ1BAz73w+wkKDtHXGuo
 iqUlSSW2YpThnAkufUlyhk10y6itGmy0P7GSrw8PCd9As2/LAz6c9+8+NPp/2P2Z
 Ffl2q7eUCqb0HixAnq5KqcPDSVdyqVtQ7XeN3lAEWVGmwpiu2xyuZgpQyT5FRqOZ
 mLYHZJF7FEZOZo+hkbH4O6j3umJ0QFJakVwrEiQ/ha0yLZpS3OM=
 =u0hP
 -----END PGP SIGNATURE-----

Merge 4.14.135 into android-4.14

Changes in 4.14.135
	MIPS: ath79: fix ar933x uart parity mode
	MIPS: fix build on non-linux hosts
	arm64/efi: Mark __efistub_stext_offset as an absolute symbol explicitly
	scsi: iscsi: set auth_protocol back to NULL if CHAP_A value is not supported
	dmaengine: imx-sdma: fix use-after-free on probe error path
	wil6210: fix potential out-of-bounds read
	ath10k: Do not send probe response template for mesh
	ath9k: Check for errors when reading SREV register
	ath6kl: add some bounds checking
	ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
	batman-adv: fix for leaked TVLV handler.
	media: dvb: usb: fix use after free in dvb_usb_device_exit
	media: spi: IR LED: add missing of table registration
	crypto: talitos - fix skcipher failure due to wrong output IV
	media: marvell-ccic: fix DMA s/g desc number calculation
	media: vpss: fix a potential NULL pointer dereference
	media: media_device_enum_links32: clean a reserved field
	net: stmmac: dwmac1000: Clear unused address entries
	net: stmmac: dwmac4/5: Clear unused address entries
	qed: Set the doorbell address correctly
	signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
	af_key: fix leaks in key_pol_get_resp and dump_sp.
	xfrm: Fix xfrm sel prefix length validation
	fscrypt: clean up some BUG_ON()s in block encryption/decryption
	media: mc-device.c: don't memset __user pointer contents
	media: staging: media: davinci_vpfe: - Fix for memory leak if decoder initialization fails.
	net: phy: Check against net_device being NULL
	crypto: talitos - properly handle split ICV.
	crypto: talitos - Align SEC1 accesses to 32 bits boundaries.
	tua6100: Avoid build warnings.
	locking/lockdep: Fix merging of hlocks with non-zero references
	media: wl128x: Fix some error handling in fm_v4l2_init_video_device()
	cpupower : frequency-set -r option misses the last cpu in related cpu list
	net: stmmac: dwmac4: fix flow control issue
	net: fec: Do not use netdev messages too early
	net: axienet: Fix race condition causing TX hang
	s390/qdio: handle PENDING state for QEBSM devices
	RAS/CEC: Fix pfn insertion
	net: sfp: add mutex to prevent concurrent state checks
	ipset: Fix memory accounting for hash types on resize
	perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode
	perf test 6: Fix missing kvm module load for s390
	media: fdp1: Support M3N and E3 platforms
	iommu: Fix a leak in iommu_insert_resv_region
	gpio: omap: fix lack of irqstatus_raw0 for OMAP4
	gpio: omap: ensure irq is enabled before wakeup
	regmap: fix bulk writes on paged registers
	bpf: silence warning messages in core
	rcu: Force inlining of rcu_read_lock()
	x86/cpufeatures: Add FDP_EXCPTN_ONLY and ZERO_FCS_FDS
	blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration
	xfrm: fix sa selector validation
	sched/core: Add __sched tag for io_schedule()
	x86/atomic: Fix smp_mb__{before,after}_atomic()
	perf evsel: Make perf_evsel__name() accept a NULL argument
	vhost_net: disable zerocopy by default
	ipoib: correcly show a VF hardware address
	EDAC/sysfs: Fix memory leak when creating a csrow object
	ipsec: select crypto ciphers for xfrm_algo
	ipvs: defer hook registration to avoid leaks
	media: s5p-mfc: Make additional clocks optional
	media: i2c: fix warning same module names
	ntp: Limit TAI-UTC offset
	timer_list: Guard procfs specific code
	acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
	media: coda: fix mpeg2 sequence number handling
	media: coda: fix last buffer handling in V4L2_ENC_CMD_STOP
	media: coda: increment sequence offset for the last returned frame
	media: vimc: cap: check v4l2_fill_pixfmt return value
	media: hdpvr: fix locking and a missing msleep
	rtlwifi: rtl8192cu: fix error handle when usb probe failed
	mt7601u: do not schedule rx_tasklet when the device has been disconnected
	x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
	mt7601u: fix possible memory leak when the device is disconnected
	ipvs: fix tinfo memory leak in start_sync_thread
	ath10k: add missing error handling
	ath10k: fix PCIE device wake up failed
	perf tools: Increase MAX_NR_CPUS and MAX_CACHES
	libata: don't request sense data on !ZAC ATA devices
	clocksource/drivers/exynos_mct: Increase priority over ARM arch timer
	rslib: Fix decoding of shortened codes
	rslib: Fix handling of of caller provided syndrome
	ixgbe: Check DDM existence in transceiver before access
	crypto: serpent - mark __serpent_setkey_sbox noinline
	crypto: asymmetric_keys - select CRYPTO_HASH where needed
	EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
	bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
	net: hns3: fix a -Wformat-nonliteral compile warning
	net: hns3: add some error checking in hclge_tm module
	ath10k: destroy sdio workqueue while remove sdio module
	iwlwifi: mvm: Drop large non sta frames
	perf stat: Make metric event lookup more robust
	net: usb: asix: init MAC address buffers
	gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants
	Bluetooth: hci_bcsp: Fix memory leak in rx_skb
	Bluetooth: 6lowpan: search for destination address in all peers
	Bluetooth: Check state in l2cap_disconnect_rsp
	gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable()
	Bluetooth: validate BLE connection interval updates
	gtp: fix suspicious RCU usage
	gtp: fix Illegal context switch in RCU read-side critical section.
	gtp: fix use-after-free in gtp_encap_destroy()
	gtp: fix use-after-free in gtp_newlink()
	net: mvmdio: defer probe of orion-mdio if a clock is not ready
	iavf: fix dereference of null rx_buffer pointer
	floppy: fix div-by-zero in setup_format_params
	floppy: fix out-of-bounds read in next_valid_format
	floppy: fix invalid pointer dereference in drive_name
	floppy: fix out-of-bounds read in copy_buffer
	xen: let alloc_xenballooned_pages() fail if not enough memory free
	scsi: NCR5380: Reduce goto statements in NCR5380_select()
	scsi: NCR5380: Always re-enable reselection interrupt
	Revert "scsi: ncr5380: Increase register polling limit"
	scsi: core: Fix race on creating sense cache
	scsi: megaraid_sas: Fix calculation of target ID
	scsi: mac_scsi: Increase PIO/PDMA transfer length threshold
	scsi: mac_scsi: Fix pseudo DMA implementation, take 2
	crypto: ghash - fix unaligned memory access in ghash_setkey()
	crypto: ccp - Validate the the error value used to index error messages
	crypto: arm64/sha1-ce - correct digest for empty data in finup
	crypto: arm64/sha2-ce - correct digest for empty data in finup
	crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
	crypto: ccp - memset structure fields to zero before reuse
	crypto: ccp/gcm - use const time tag comparison.
	crypto: crypto4xx - fix a potential double free in ppc4xx_trng_probe
	Input: gtco - bounds check collection indent level
	Input: alps - don't handle ALPS cs19 trackpoint-only device
	Input: synaptics - whitelist Lenovo T580 SMBus intertouch
	Input: alps - fix a mismatch between a condition check and its comment
	regulator: s2mps11: Fix buck7 and buck8 wrong voltages
	arm64: tegra: Update Jetson TX1 GPU regulator timings
	iwlwifi: pcie: don't service an interrupt that was masked
	iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X
	NFSv4: Handle the special Linux file open access mode
	pnfs/flexfiles: Fix PTR_ERR() dereferences in ff_layout_track_ds_error
	lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
	ASoC: dapm: Adapt for debugfs API change
	ALSA: seq: Break too long mutex context in the write loop
	ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine
	media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
	media: coda: Remove unbalanced and unneeded mutex unlock
	KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed
	arm64: tegra: Fix AGIC register range
	fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes.
	drm/nouveau/i2c: Enable i2c pads & busses during preinit
	padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
	dm zoned: fix zone state management race
	xen/events: fix binding user event channels to cpus
	9p/xen: Add cleanup path in p9_trans_xen_init
	9p/virtio: Add cleanup path in p9_virtio_init
	x86/boot: Fix memory leak in default_get_smp_config()
	perf/x86/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs
	perf/x86/amd/uncore: Set the thread mask for F17h L3 PMCs
	intel_th: pci: Add Ice Lake NNPI support
	PCI: Do not poll for PME if the device is in D3cold
	Btrfs: fix data loss after inode eviction, renaming it, and fsync it
	Btrfs: fix fsync not persisting dentry deletions due to inode evictions
	Btrfs: add missing inode version, ctime and mtime updates when punching hole
	HID: wacom: generic: only switch the mode on devices with LEDs
	HID: wacom: correct touch resolution x/y typo
	libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields
	coda: pass the host file in vma->vm_file on mmap
	gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM
	PCI: hv: Fix a use-after-free bug in hv_eject_device_work()
	crypto: caam - limit output IV to CBC to work around CTR mode DMA issue
	parisc: Ensure userspace privilege for ptraced processes in regset functions
	parisc: Fix kernel panic due invalid values in IAOQ0 or IAOQ1
	powerpc/32s: fix suspend/resume when IBATs 4-7 are used
	powerpc/watchpoint: Restore NV GPRs while returning from exception
	eCryptfs: fix a couple type promotion bugs
	intel_th: msu: Fix single mode with disabled IOMMU
	Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
	usb: Handle USB3 remote wakeup for LPM enabled devices correctly
	net: mvmdio: allow up to four clocks to be specified for orion-mdio
	dt-bindings: allow up to four clocks for orion-mdio
	dm bufio: fix deadlock with loop device
	compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
	compiler.h: Add read_word_at_a_time() function.
	lib/strscpy: Shut up KASAN false-positives in strscpy()
	bnx2x: Prevent load reordering in tx completion processing
	bnx2x: Prevent ptp_task to be rescheduled indefinitely
	caif-hsi: fix possible deadlock in cfhsi_exit_module()
	igmp: fix memory leak in igmpv3_del_delrec()
	ipv4: don't set IPv6 only flags to IPv4 addresses
	net: bcmgenet: use promisc for unsupported filters
	net: dsa: mv88e6xxx: wait after reset deactivation
	net: neigh: fix multiple neigh timer scheduling
	net: openvswitch: fix csum updates for MPLS actions
	nfc: fix potential illegal memory access
	rxrpc: Fix send on a connected, but unbound socket
	sky2: Disable MSI on ASUS P6T
	vrf: make sure skb->data contains ip header to make routing
	macsec: fix use-after-free of skb during RX
	macsec: fix checksumming after decryption
	netrom: fix a memory leak in nr_rx_frame()
	netrom: hold sock when setting skb->destructor
	bonding: validate ip header before check IPPROTO_IGMP
	net: make skb_dst_force return true when dst is refcounted
	tcp: fix tcp_set_congestion_control() use from bpf hook
	tcp: Reset bytes_acked and bytes_received when disconnecting
	net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
	net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
	net: bridge: stp: don't cache eth dest pointer before skb pull
	dma-buf: balance refcount inbalance
	dma-buf: Discard old fence_excl on retrying get_fences_rcu for realloc
	MIPS: lb60: Fix pin mappings
	ext4: don't allow any modifications to an immutable file
	ext4: enforce the immutable flag on open files
	mm: add filemap_fdatawait_range_keep_errors()
	jbd2: introduce jbd2_inode dirty range scoping
	ext4: use jbd2_inode dirty range scoping
	ext4: allow directory holes
	mm: vmscan: scan anonymous pages on file refaults
	perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined cpu_llc_id
	NFSv4: Fix open create exclusive when the server reboots
	nfsd: increase DRC cache limit
	nfsd: give out fewer session slots as limit approaches
	nfsd: fix performance-limiting session calculation
	nfsd: Fix overflow causing non-working mounts on 1 TB machines
	hvsock: fix epollout hang from race condition
	drm/panel: simple: Fix panel_simple_dsi_probe
	usb: core: hub: Disable hub-initiated U1/U2
	tty: max310x: Fix invalid baudrate divisors calculator
	pinctrl: rockchip: fix leaked of_node references
	tty: serial: cpm_uart - fix init when SMC is relocated
	drm/edid: Fix a missing-check bug in drm_load_edid_firmware()
	PCI: Return error if cannot probe VF
	drm/bridge: tc358767: read display_props in get_modes()
	drm/bridge: sii902x: pixel clock unit is 10kHz instead of 1kHz
	drm/crc-debugfs: User irqsafe spinlock in drm_crtc_add_crc_entry
	memstick: Fix error cleanup path of memstick_init
	tty/serial: digicolor: Fix digicolor-usart already registered warning
	tty: serial: msm_serial: avoid system lockup condition
	serial: 8250: Fix TX interrupt handling condition
	drm/virtio: Add memory barriers for capset cache.
	phy: renesas: rcar-gen2: Fix memory leak at error paths
	powerpc/pseries/mobility: prevent cpu hotplug during DT update
	drm/rockchip: Properly adjust to a true clock in adjusted_mode
	tty: serial_core: Set port active bit in uart_port_activate
	usb: gadget: Zero ffs_io_data
	powerpc/pci/of: Fix OF flags parsing for 64bit BARs
	drm/msm: Depopulate platform on probe failure
	serial: mctrl_gpio: Check if GPIO property exisits before requesting it
	PCI: sysfs: Ignore lockdep for remove attribute
	kbuild: Add -Werror=unknown-warning-option to CLANG_FLAGS
	PCI: xilinx-nwl: Fix Multi MSI data programming
	iio: iio-utils: Fix possible incorrect mask calculation
	powerpc/xmon: Fix disabling tracing while in xmon
	recordmcount: Fix spurious mcount entries on powerpc
	mfd: core: Set fwnode for created devices
	mfd: arizona: Fix undefined behavior
	mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk
	um: Silence lockdep complaint about mmap_sem
	powerpc/4xx/uic: clear pending interrupt after irq type/pol change
	RDMA/i40iw: Set queue pair state when being queried
	serial: sh-sci: Terminate TX DMA during buffer flushing
	serial: sh-sci: Fix TX DMA buffer flushing and workqueue races
	kallsyms: exclude kasan local symbols on s390
	perf test mmap-thread-lookup: Initialize variable to suppress memory sanitizer warning
	perf session: Fix potential NULL pointer dereference found by the smatch tool
	perf annotate: Fix dereferencing freed memory found by the smatch tool
	RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM
	PCI: dwc: pci-dra7xx: Fix compilation when !CONFIG_GPIOLIB
	powerpc/boot: add {get, put}_unaligned_be32 to xz_config.h
	f2fs: avoid out-of-range memory access
	mailbox: handle failed named mailbox channel request
	powerpc/eeh: Handle hugepages in ioremap space
	block/bio-integrity: fix a memory leak bug
	sh: prevent warnings when using iounmap
	mm/kmemleak.c: fix check for softirq context
	9p: pass the correct prototype to read_cache_page
	mm/gup.c: mark undo_dev_pagemap as __maybe_unused
	mm/gup.c: remove some BUG_ONs from get_gate_page()
	mm/mmu_notifier: use hlist_add_head_rcu()
	locking/lockdep: Fix lock used or unused stats error
	locking/lockdep: Hide unused 'class' variable
	drm/crc: Only report a single overflow when a CRC fd is opened
	drm/crc-debugfs: Also sprinkle irqrestore over early exits
	usb: wusbcore: fix unbalanced get/put cluster_id
	usb: pci-quirks: Correct AMD PLL quirk detection
	KVM: nVMX: do not use dangling shadow VMCS after guest reset
	btrfs: inode: Don't compress if NODATASUM or NODATACOW set
	x86/sysfb_efi: Add quirks for some devices with swapped width and height
	x86/speculation/mds: Apply more accurate check on hypervisor platform
	binder: prevent transactions to context manager from its own process.
	fpga-manager: altera-ps-spi: Fix build error
	hpet: Fix division by zero in hpet_time_div()
	ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
	ALSA: hda - Add a conexant codec entry to let mute led work
	powerpc/xive: Fix loop exit-condition in xive_find_target_in_mask()
	powerpc/tm: Fix oops on sigreturn on systems without TM
	access: avoid the RCU grace period for the temporary subjective credentials
	Linux 4.14.135

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-07-31 08:08:59 +02:00
Radoslaw Burny
2cbf2af144 fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes. 
commit 5ec27ec735ba0477d48c80561cc5e856f0c5dfaf upstream.

Normally, the inode's i_uid/i_gid are translated relative to s_user_ns,
but this is not a correct behavior for proc.  Since sysctl permission
check in test_perm is done against GLOBAL_ROOT_[UG]ID, it makes more
sense to use these values in u_[ug]id of proc inodes.  In other words:
although uid/gid in the inode is not read during test_perm, the inode
logically belongs to the root of the namespace.  I have confirmed this
with Eric Biederman at LPC and in this thread:
  https://lore.kernel.org/lkml/87k1kzjdff.fsf@xmission.com

Consequences
============

Since the i_[ug]id values of proc nodes are not used for permissions
checks, this change usually makes no functional difference.  However, it
causes an issue in a setup where:

 * a namespace container is created without root user in container -
   hence the i_[ug]id of proc nodes are set to INVALID_[UG]ID

 * container creator tries to configure it by writing /proc/sys files,
   e.g. writing /proc/sys/kernel/shmmax to configure shared memory limit

Kernel does not allow to open an inode for writing if its i_[ug]id are
invalid, making it impossible to write shmmax and thus - configure the
container.

Using a container with no root mapping is apparently rare, but we do use
this configuration at Google.  Also, we use a generic tool to configure
the container limits, and the inability to write any of them causes a
failure.

History
=======

The invalid uids/gids in inodes first appeared due to 81754357770e (fs:
Update i_[ug]id_(read|write) to translate relative to s_user_ns).
However, AFAIK, this did not immediately cause any issues.  The
inability to write to these "invalid" inodes was only caused by a later
commit 0bd23d09b874 (vfs: Don't modify inodes with a uid or gid unknown
to the vfs).

Tested: Used a repro program that creates a user namespace without any
mapping and stat'ed /proc/$PID/root/proc/sys/kernel/shmmax from outside.
Before the change, it shows the overflow uid, with the change it's 0.
The overflow uid indicates that the uid in the inode is not correct and
thus it is not possible to open the file for writing.

Link: http://lkml.kernel.org/r/20190708115130.250149-1-rburny@google.com
Fixes: 0bd23d09b874 ("vfs: Don't modify inodes with a uid or gid unknown to the vfs")
Signed-off-by: Radoslaw Burny <rburny@google.com>
Acked-by: Luis Chamberlain <mcgrof@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: "Eric W . Biederman" <ebiederm@xmission.com>
Cc: Seth Forshee <seth.forshee@canonical.com>
Cc: John Sperbeck <jsperbeck@google.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: <stable@vger.kernel.org>	[4.8+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 2019-07-31 07:28:38 +02:00
Blagovest Kolenichev
dbc4aced9e Merge android-4.14.132 (0dcd8eb) into msm-4.14 
* refs/heads/tmp-0dcd8eb:
  Linux 4.14.132
  arm64: insn: Fix ldadd instruction encoding
  tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
  futex: Update comments and docs about return values of arch futex code
  bpf, arm64: use more scalable stadd over ldxr / stxr loop in xadd
  arm64: futex: Avoid copying out uninitialised stack in failed cmpxchg()
  bpf: udp: ipv6: Avoid running reuseport's bpf_prog from __udp6_lib_err
  bpf: udp: Avoid calling reuseport's bpf_prog from udp_gro
  bonding: Always enable vlan tx offload
  team: Always enable vlan tx offload
  tun: wake up waitqueues after IFF_UP is set
  tipc: check msg->req data len in tipc_nl_compat_bearer_disable
  tipc: change to use register_pernet_device
  sctp: change to hold sk after auth shkey is created successfully
  net: stmmac: fixed new system time seconds value calculation
  net: remove duplicate fetch in sock_getsockopt
  net/packet: fix memory leak in packet_set_ring()
  ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop
  af_packet: Block execution of tasks waiting for transmit to complete in AF_PACKET
  eeprom: at24: fix unexpected timeout under high load
  cpu/speculation: Warn on unsupported mitigations= parameter
  NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O
  x86/microcode: Fix the microcode load on CPU hotplug for real
  x86/speculation: Allow guests to use SSBD even if host does not
  scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
  dm log writes: make sure super sector log updates are written in order
  mm/page_idle.c: fix oops because end_pfn is larger than max_pfn
  fs/binfmt_flat.c: make load_flat_shared_library() work
  mm/mempolicy.c: fix an incorrect rebind node in mpol_rebind_nodemask
  fs/proc/array.c: allow reporting eip/esp for all coredumping threads
  Revert "compiler.h: update definition of unreachable()"
  qmi_wwan: Fix out-of-bounds read
  net/9p: include trans_common.h to fix missing prototype warning.
  9p: p9dirent_read: check network-provided name length
  9p/rdma: remove useless check in cm_event_handler
  9p: acl: fix uninitialized iattr access
  9p/rdma: do not disconnect on down_interruptible EAGAIN
  9p/xen: fix check for xenbus_read error in front_probe
  block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs
  block: add a lower-level bio_add_page interface
  IB/hfi1: Close PSM sdma_progress sleep window
  Revert "x86/uaccess, ftrace: Fix ftrace_likely_update() vs. SMAP"
  perf header: Fix unchecked usage of strncpy()
  perf help: Remove needless use of strncpy()
  perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul

Change-Id: I253fc7ffebfad129b8c2165dd2d5aa5af221fd4b
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2019-07-23 11:01:07 -07:00
blong
0528e7f72b sched: Add task boost feature 
This change is for general scheduler improvement.

Change-Id: I3fc3976316350f9b2c392b8484d5390240a04782
Signed-off-by: Abhijeet Dharmapurikar <adharmap@codeaurora.org>
Signed-off-by: blong <blong@codeaurora.org>
 2019-07-23 01:09:49 -07:00
Greg Kroah-Hartman
574ebb217d This is the 4.14.132 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl0cjnQACgkQONu9yGCS
 aT6wVRAAoL5ffO+WBrxRKBYweeprTlFTpvI2ZuMN12hONL0AcOocdRrlK4sgD8RW
 8CWHU65BihYDE19OKLsQf+5M/ov78cokfq4NsnWHXalSDXwrBt1cle5kGOFFdOSE
 5IE8Dfal6v5YxyORVSu3ls19cjy9AO8q53Sdi8N3CRJAVho0UavJQyLkUhJXlNtM
 +q0ohE8XGwX5+UAORuULb7rqeuIwKzEUu3npZzNB9OnThbStepgJUFxHKvFVOei8
 McEC6/ifJnxD0hDmmgt7WSJWPjnv85c5oReJeceerF83i5h1MZUicNtMWOjbV7lH
 vv/B4m5Un2T3cflGuarhpNdfjHs2PqRXO7T5+Fs2t8WIA7uuAedhhlEHir0bTOfB
 uj7yBND35SVsQzmzw58j7XPREEmpQBgpI1K4YYFQzrdfddtxFIC46LjTxa2Hk5OB
 z1n2Tq7lQaYddUMpmBbab6+znHef1Ts++g0aof5JyBnx3heBdUYNBDUYXBpGAD9Y
 +pFmR1ZULScm3btwCNxiEIn+YWYNO+GV9BibXTXag3URPC4Ff1damstOOZwXkaxg
 CPJagiufQgXQQjDUPt0GolJz3Dd/T9YN6mNmqTQhqxFfY5kAeDVsqhIPN1ZKZY5u
 /40rDoKyxJSzxrKRIqAKTm6wWELq4hS14LlVSQJRmxK2RXJFwlE=
 =Mmka
 -----END PGP SIGNATURE-----

Merge 4.14.132 into android-4.14-q

Changes in 4.14.132
	perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul
	perf help: Remove needless use of strncpy()
	perf header: Fix unchecked usage of strncpy()
	Revert "x86/uaccess, ftrace: Fix ftrace_likely_update() vs. SMAP"
	IB/hfi1: Close PSM sdma_progress sleep window
	block: add a lower-level bio_add_page interface
	block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs
	9p/xen: fix check for xenbus_read error in front_probe
	9p/rdma: do not disconnect on down_interruptible EAGAIN
	9p: acl: fix uninitialized iattr access
	9p/rdma: remove useless check in cm_event_handler
	9p: p9dirent_read: check network-provided name length
	net/9p: include trans_common.h to fix missing prototype warning.
	qmi_wwan: Fix out-of-bounds read
	Revert "compiler.h: update definition of unreachable()"
	fs/proc/array.c: allow reporting eip/esp for all coredumping threads
	mm/mempolicy.c: fix an incorrect rebind node in mpol_rebind_nodemask
	fs/binfmt_flat.c: make load_flat_shared_library() work
	mm/page_idle.c: fix oops because end_pfn is larger than max_pfn
	dm log writes: make sure super sector log updates are written in order
	scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
	x86/speculation: Allow guests to use SSBD even if host does not
	x86/microcode: Fix the microcode load on CPU hotplug for real
	NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O
	cpu/speculation: Warn on unsupported mitigations= parameter
	eeprom: at24: fix unexpected timeout under high load
	af_packet: Block execution of tasks waiting for transmit to complete in AF_PACKET
	ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop
	net/packet: fix memory leak in packet_set_ring()
	net: remove duplicate fetch in sock_getsockopt
	net: stmmac: fixed new system time seconds value calculation
	sctp: change to hold sk after auth shkey is created successfully
	tipc: change to use register_pernet_device
	tipc: check msg->req data len in tipc_nl_compat_bearer_disable
	tun: wake up waitqueues after IFF_UP is set
	team: Always enable vlan tx offload
	bonding: Always enable vlan tx offload
	bpf: udp: Avoid calling reuseport's bpf_prog from udp_gro
	bpf: udp: ipv6: Avoid running reuseport's bpf_prog from __udp6_lib_err
	arm64: futex: Avoid copying out uninitialised stack in failed cmpxchg()
	bpf, arm64: use more scalable stadd over ldxr / stxr loop in xadd
	futex: Update comments and docs about return values of arch futex code
	tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
	arm64: insn: Fix ldadd instruction encoding
	Linux 4.14.132

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-07-03 13:48:11 +02:00
Greg Kroah-Hartman
0dcd8eb0ae This is the 4.14.132 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl0cjnQACgkQONu9yGCS
 aT6wVRAAoL5ffO+WBrxRKBYweeprTlFTpvI2ZuMN12hONL0AcOocdRrlK4sgD8RW
 8CWHU65BihYDE19OKLsQf+5M/ov78cokfq4NsnWHXalSDXwrBt1cle5kGOFFdOSE
 5IE8Dfal6v5YxyORVSu3ls19cjy9AO8q53Sdi8N3CRJAVho0UavJQyLkUhJXlNtM
 +q0ohE8XGwX5+UAORuULb7rqeuIwKzEUu3npZzNB9OnThbStepgJUFxHKvFVOei8
 McEC6/ifJnxD0hDmmgt7WSJWPjnv85c5oReJeceerF83i5h1MZUicNtMWOjbV7lH
 vv/B4m5Un2T3cflGuarhpNdfjHs2PqRXO7T5+Fs2t8WIA7uuAedhhlEHir0bTOfB
 uj7yBND35SVsQzmzw58j7XPREEmpQBgpI1K4YYFQzrdfddtxFIC46LjTxa2Hk5OB
 z1n2Tq7lQaYddUMpmBbab6+znHef1Ts++g0aof5JyBnx3heBdUYNBDUYXBpGAD9Y
 +pFmR1ZULScm3btwCNxiEIn+YWYNO+GV9BibXTXag3URPC4Ff1damstOOZwXkaxg
 CPJagiufQgXQQjDUPt0GolJz3Dd/T9YN6mNmqTQhqxFfY5kAeDVsqhIPN1ZKZY5u
 /40rDoKyxJSzxrKRIqAKTm6wWELq4hS14LlVSQJRmxK2RXJFwlE=
 =Mmka
 -----END PGP SIGNATURE-----

Merge 4.14.132 into android-4.14

Changes in 4.14.132
	perf ui helpline: Use strlcpy() as a shorter form of strncpy() + explicit set nul
	perf help: Remove needless use of strncpy()
	perf header: Fix unchecked usage of strncpy()
	Revert "x86/uaccess, ftrace: Fix ftrace_likely_update() vs. SMAP"
	IB/hfi1: Close PSM sdma_progress sleep window
	block: add a lower-level bio_add_page interface
	block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs
	9p/xen: fix check for xenbus_read error in front_probe
	9p/rdma: do not disconnect on down_interruptible EAGAIN
	9p: acl: fix uninitialized iattr access
	9p/rdma: remove useless check in cm_event_handler
	9p: p9dirent_read: check network-provided name length
	net/9p: include trans_common.h to fix missing prototype warning.
	qmi_wwan: Fix out-of-bounds read
	Revert "compiler.h: update definition of unreachable()"
	fs/proc/array.c: allow reporting eip/esp for all coredumping threads
	mm/mempolicy.c: fix an incorrect rebind node in mpol_rebind_nodemask
	fs/binfmt_flat.c: make load_flat_shared_library() work
	mm/page_idle.c: fix oops because end_pfn is larger than max_pfn
	dm log writes: make sure super sector log updates are written in order
	scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck()
	x86/speculation: Allow guests to use SSBD even if host does not
	x86/microcode: Fix the microcode load on CPU hotplug for real
	NFS/flexfiles: Use the correct TCP timeout for flexfiles I/O
	cpu/speculation: Warn on unsupported mitigations= parameter
	eeprom: at24: fix unexpected timeout under high load
	af_packet: Block execution of tasks waiting for transmit to complete in AF_PACKET
	ipv4: Use return value of inet_iif() for __raw_v4_lookup in the while loop
	net/packet: fix memory leak in packet_set_ring()
	net: remove duplicate fetch in sock_getsockopt
	net: stmmac: fixed new system time seconds value calculation
	sctp: change to hold sk after auth shkey is created successfully
	tipc: change to use register_pernet_device
	tipc: check msg->req data len in tipc_nl_compat_bearer_disable
	tun: wake up waitqueues after IFF_UP is set
	team: Always enable vlan tx offload
	bonding: Always enable vlan tx offload
	bpf: udp: Avoid calling reuseport's bpf_prog from udp_gro
	bpf: udp: ipv6: Avoid running reuseport's bpf_prog from __udp6_lib_err
	arm64: futex: Avoid copying out uninitialised stack in failed cmpxchg()
	bpf, arm64: use more scalable stadd over ldxr / stxr loop in xadd
	futex: Update comments and docs about return values of arch futex code
	tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
	arm64: insn: Fix ldadd instruction encoding
	Linux 4.14.132

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-07-03 13:28:16 +02:00
John Ogness
7cc3997787 fs/proc/array.c: allow reporting eip/esp for all coredumping threads 
commit cb8f381f1613cafe3aec30809991cd56e7135d92 upstream.

0a1eb2d474ed ("fs/proc: Stop reporting eip and esp in /proc/PID/stat")
stopped reporting eip/esp and fd7d56270b52 ("fs/proc: Report eip/esp in
/prod/PID/stat for coredumping") reintroduced the feature to fix a
regression with userspace core dump handlers (such as minicoredumper).

Because PF_DUMPCORE is only set for the primary thread, this didn't fix
the original problem for secondary threads.  Allow reporting the eip/esp
for all threads by checking for PF_EXITING as well.  This is set for all
the other threads when they are killed.  coredump_wait() waits for all the
tasks to become inactive before proceeding to invoke a core dumper.

Link: http://lkml.kernel.org/r/87y32p7i7a.fsf@linutronix.de
Link: http://lkml.kernel.org/r/20190522161614.628-1-jlu@pengutronix.de
Fixes: fd7d56270b526ca3 ("fs/proc: Report eip/esp in /prod/PID/stat for coredumping")
Signed-off-by: John Ogness <john.ogness@linutronix.de>
Reported-by: Jan Luebbe <jlu@pengutronix.de>
Tested-by: Jan Luebbe <jlu@pengutronix.de>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 2019-07-03 13:15:59 +02:00
Blagovest Kolenichev
c1042002f1 Merge android-4.14.115 (b5123fd) into msm-4.14 
* refs/heads/tmp-b5123fd:
  Linux 4.14.115
  Documentation: Add nospectre_v1 parameter
  powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg
  ipv4: set the tcp_min_rtt_wlen range from 0 to one day
  net/rose: fix unbound loop in rose_loopback_timer()
  net/rose: Convert timers to use timer_setup()
  team: fix possible recursive locking when add slaves
  stmmac: pci: Adjust IOT2000 matching
  net: stmmac: move stmmac_check_ether_addr() to driver probe
  net: rds: exchange of 8K and 1M pool
  net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
  mlxsw: spectrum: Fix autoneg status in ethtool
  ipv4: add sanity checks in ipv4_link_failure()
  Revert "block/loop: Use global lock for ioctl() operation."
  mm: Fix warning in insert_pfn()
  x86/retpolines: Disable switch jump tables when retpolines are enabled
  x86, retpolines: Raise limit for generating indirect calls from switch-case
  dm integrity: change memcmp to strncmp in dm_integrity_ctr
  tipc: check link name with right length in tipc_nl_compat_link_set
  tipc: check bearer name with right length in tipc_nl_compat_bearer_enable
  fm10k: Fix a potential NULL pointer dereference
  netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
  NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
  sched/deadline: Correctly handle active 0-lag timers
  binder: fix handling of misaligned binder object
  ipvs: fix warning on unused variable
  fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
  intel_th: gth: Fix an off-by-one in output unassigning
  slip: make slhc_free() silently accept an error pointer
  tipc: handle the err returned from cmd header function
  vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock
  ext4: fix some error pointer dereferences
  USB: Consolidate LPM checks to avoid enabling LPM twice
  USB: Add new USB LPM helpers
  drm/vc4: Fix compilation error reported by kbuild test bot
  Revert "drm/i915/fbdev: Actually configure untiled displays"
  drm/vc4: Fix memory leak during gpu reset.
  ARM: 8857/1: efi: enable CP15 DMB instructions before cleaning the cache
  dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid
  vfio/type1: Limit DMA mappings per container
  Input: synaptics-rmi4 - write config register values to the right offset
  sunrpc: don't mark uninitialised items as VALID.
  nfsd: Don't release the callback slot unless it was actually held
  ceph: fix ci->i_head_snapc leak
  ceph: ensure d_name stability in ceph_dentry_hash()
  ceph: only use d_name directly when parent is locked
  sched/numa: Fix a possible divide-by-zero
  IB/rdmavt: Fix frwr memory registration
  trace: Fix preempt_enable_no_resched() abuse
  MIPS: scall64-o32: Fix indirect syscall number load
  lib/Kconfig.debug: fix build error without CONFIG_BLOCK
  zram: pass down the bvec we need to read into in the work struct
  tracing: Fix buffer_ref pipe ops
  tracing: Fix a memory leak by early error exit in trace_pid_write()
  cifs: do not attempt cifs operation on smb2+ rename error
  kbuild: simplify ld-option implementation

Conflicts:
	net/ipv4/sysctl_net_ipv4.c

Change-Id: I2c01204927f3217ee955185c4526df777b5a4b42
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2019-06-25 03:08:02 -07:00
Blagovest Kolenichev
dc1d03db8d Merge android-4.14.114 (c680586) into msm-4.14 
* refs/heads/tmp-c680586:
  dm: Restore reverted changes
  Linux 4.14.114
  kernel/sysctl.c: fix out-of-bounds access when setting file-max
  Revert "locking/lockdep: Add debug_locks check in __lock_downgrade()"
  i2c-hid: properly terminate i2c_hid_dmi_desc_override_table[] array
  xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute
  xfs: add the ability to join a held buffer to a defer_ops
  iomap: report collisions between directio and buffered writes to userspace
  tools include: Adopt linux/bits.h
  percpu: stop printing kernel addresses
  ALSA: info: Fix racy addition/deletion of nodes
  mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n
  device_cgroup: fix RCU imbalance in error case
  sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
  Revert "kbuild: use -Oz instead of -Os when using clang"
  net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c
  net: IP6 defrag: use rbtrees for IPv6 defrag
  ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module
  net: IP defrag: encapsulate rbtree defrag code into callable functions
  ipv6: frags: fix a lockdep false positive
  tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete
  modpost: file2alias: check prototype of handler
  modpost: file2alias: go back to simple devtable lookup
  mmc: sdhci: Handle auto-command errors
  mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR
  mmc: sdhci: Fix data command CRC error handling
  crypto: crypto4xx - properly set IV after de- and encrypt
  x86/speculation: Prevent deadlock on ssb_state::lock
  perf/x86: Fix incorrect PEBS_REGS
  x86/cpu/bugs: Use __initconst for 'const' init data
  perf/x86/amd: Add event map for AMD Family 17h
  mac80211: do not call driver wake_tx_queue op during reconfig
  rt2x00: do not increment sequence number while re-transmitting
  kprobes: Fix error check when reusing optimized probes
  kprobes: Mark ftrace mcount handler functions nokprobe
  x86/kprobes: Verify stack frame on kretprobe
  arm64: futex: Restore oldval initialization to work around buggy compilers
  crypto: x86/poly1305 - fix overflow during partial reduction
  coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
  Revert "svm: Fix AVIC incomplete IPI emulation"
  Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO"
  scsi: core: set result when the command cannot be dispatched
  ALSA: core: Fix card races between register and disconnect
  ALSA: hda/realtek - add two more pin configuration sets to quirk table
  staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf
  staging: comedi: ni_usb6501: Fix use of uninitialized mutex
  staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
  staging: comedi: vmk80xx: Fix use of uninitialized semaphore
  io: accel: kxcjk1013: restore the range after resume.
  iio: core: fix a possible circular locking dependency
  iio: adc: at91: disable adc channel interrupt in timeout case
  iio: Fix scan mask selection
  iio: dac: mcp4725: add missing powerdown bits in store eeprom
  iio: ad_sigma_delta: select channel when reading register
  iio: cros_ec: Fix the maths for gyro scale calculation
  iio/gyro/bmg160: Use millidegrees for temperature scale
  iio: gyro: mpu3050: fix chip ID reading
  staging: iio: ad7192: Fix ad7193 channel address
  Staging: iio: meter: fixed typo
  KVM: x86: svm: make sure NMI is injected after nmi_singlestep
  KVM: x86: Don't clear EFER during SMM transitions for 32-bit vCPU
  CIFS: keep FileInfo handle live during oplock break
  net: thunderx: don't allow jumbo frames with XDP
  net: thunderx: raise XDP MTU to 1508
  ipv4: ensure rcu_read_lock() in ipv4_link_failure()
  ipv4: recompile ip options in ipv4_link_failure
  vhost: reject zero size iova range
  team: set slave to promisc if team is already in promisc mode
  tcp: tcp_grow_window() needs to respect tcp_space()
  net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
  net: bridge: multicast: use rcu to access port list from br_multicast_start_querier
  net: bridge: fix per-port af_packet sockets
  net: atm: Fix potential Spectre v1 vulnerabilities
  bonding: fix event handling for stacked bonds
  ANDROID: cuttlefish_defconfig: Enable CONFIG_XFRM_STATISTICS
  Linux 4.14.113
  appletalk: Fix compile regression
  mm: hide incomplete nr_indirectly_reclaimable in sysfs
  net: stmmac: Set dma ring length before enabling the DMA
  bpf: Fix selftests are changes for CVE 2019-7308
  bpf: fix sanitation rewrite in case of non-pointers
  bpf: do not restore dst_reg when cur_state is freed
  bpf: fix inner map masking to prevent oob under speculation
  bpf: fix sanitation of alu op with pointer / scalar type from different paths
  bpf: prevent out of bounds speculation on pointer arithmetic
  bpf: fix check_map_access smin_value test when pointer contains offset
  bpf: restrict unknown scalars of mixed signed bounds for unprivileged
  bpf: restrict stack pointer arithmetic for unprivileged
  bpf: restrict map value pointer arithmetic for unprivileged
  bpf: enable access to ax register also from verifier rewrite
  bpf: move tmp variable into ax register in interpreter
  bpf: move {prev_,}insn_idx into verifier env
  bpf: fix stack state printing in verifier log
  bpf: fix verifier NULL pointer dereference
  bpf: fix verifier memory leaks
  bpf: reduce verifier memory consumption
  dm: disable CRYPTO_TFM_REQ_MAY_SLEEP to fix a GFP_KERNEL recursion deadlock
  bpf: fix use after free in bpf_evict_inode
  include/linux/swap.h: use offsetof() instead of custom __swapoffset macro
  lib/div64.c: off by one in shift
  appletalk: Fix use-after-free in atalk_proc_exit
  drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI)
  ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t
  drm/nouveau/volt/gf117: fix speedo readout register
  coresight: cpu-debug: Support for CA73 CPUs
  Revert "ACPI / EC: Remove old CLEAR_ON_RESUME quirk"
  crypto: axis - fix for recursive locking from bottom half
  drm/panel: panel-innolux: set display off in innolux_panel_unprepare
  lkdtm: Add tests for NULL pointer dereference
  lkdtm: Print real addresses
  soc/tegra: pmc: Drop locking from tegra_powergate_is_powered()
  iommu/dmar: Fix buffer overflow during PCI bus notification
  crypto: sha512/arm - fix crash bug in Thumb2 build
  crypto: sha256/arm - fix crash bug in Thumb2 build
  kernel: hung_task.c: disable on suspend
  cifs: fallback to older infolevels on findfirst queryinfo retry
  compiler.h: update definition of unreachable()
  KVM: nVMX: restore host state in nested_vmx_vmexit for VMFail
  ACPI / SBS: Fix GPE storm on recent MacBookPro's
  usbip: fix vhci_hcd controller counting
  ARM: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms
  HID: i2c-hid: override HID descriptors for certain devices
  media: au0828: cannot kfree dev before usb disconnect
  powerpc/pseries: Remove prrn_work workqueue
  serial: uartps: console_setup() can't be placed to init section
  netfilter: xt_cgroup: shrink size of v2 path
  f2fs: fix to do sanity check with current segment number
  9p locks: add mount option for lock retry interval
  9p: do not trust pdu content for stat item size
  rsi: improve kernel thread handling to fix kernel panic
  gpio: pxa: handle corner case of unprobed device
  ext4: prohibit fstrim in norecovery mode
  fix incorrect error code mapping for OBJECTID_NOT_FOUND
  x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error
  iommu/vt-d: Check capability before disabling protected memory
  drm/nouveau/debugfs: Fix check of pm_runtime_get_sync failure
  x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors
  x86/hpet: Prevent potential NULL pointer dereference
  irqchip/mbigen: Don't clear eventid when freeing an MSI
  perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test()
  perf tests: Fix memory leak by expr__find_other() in test__expr()
  perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test
  perf evsel: Free evsel->counts in perf_evsel__exit()
  perf hist: Add missing map__put() in error case
  perf top: Fix error handling in cmd_top()
  perf build-id: Fix memory leak in print_sdt_events()
  perf config: Fix a memory leak in collect_config()
  perf config: Fix an error in the config template documentation
  perf list: Don't forget to drop the reference to the allocated thread_map
  tools/power turbostat: return the exit status of a command
  x86/mm: Don't leak kernel addresses
  scsi: iscsi: flush running unbind operations when removing a session
  thermal/intel_powerclamp: fix truncated kthread name
  thermal/int340x_thermal: fix mode setting
  thermal/int340x_thermal: Add additional UUIDs
  thermal: bcm2835: Fix crash in bcm2835_thermal_debugfs
  thermal/intel_powerclamp: fix __percpu declaration of worker_data
  ALSA: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration
  mmc: davinci: remove extraneous __init annotation
  IB/mlx4: Fix race condition between catas error reset and aliasguid flows
  auxdisplay: hd44780: Fix memory leak on ->remove()
  ALSA: sb8: add a check for request_region
  ALSA: echoaudio: add a check for ioremap_nocache
  ext4: report real fs size after failed resize
  ext4: add missing brelse() in add_new_gdb_meta_bg()
  perf/core: Restore mmap record type correctly
  arc: hsdk_defconfig: Enable CONFIG_BLK_DEV_RAM
  ARC: u-boot args: check that magic number is correct
  ANDROID: cuttlefish_defconfig: Enable L2TP/PPTP
  ANDROID: Makefile: Properly resolve 4.14.112 merge
  Make arm64 serial port config compatible with crosvm
  Linux 4.14.112
  arm64: dts: rockchip: Fix vcc_host1_5v GPIO polarity on rk3328-rock64
  arm64: dts: rockchip: fix vcc_host1_5v pin assign on rk3328-rock64
  dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors
  PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller
  x86/perf/amd: Remove need to check "running" bit in NMI handler
  x86/perf/amd: Resolve NMI latency issues for active PMCs
  x86/perf/amd: Resolve race condition when disabling PMC
  xtensa: fix return_address
  sched/fair: Do not re-read ->h_load_next during hierarchical load calculation
  xen: Prevent buffer overflow in privcmd ioctl
  arm64: backtrace: Don't bother trying to unwind the userspace stack
  arm64: dts: rockchip: fix rk3328 rgmii high tx error rate
  arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value
  ARM: dts: at91: Fix typo in ISC_D0 on PC9
  ARM: dts: am335x-evm: Correct the regulators for the audio codec
  ARM: dts: am335x-evmsk: Correct the regulators for the audio codec
  virtio: Honour 'may_reduce_num' in vring_create_virtqueue
  genirq: Initialize request_mutex if CONFIG_SPARSE_IRQ=n
  genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent()
  block: fix the return errno for direct IO
  block: do not leak memory in bio_copy_user_iov()
  btrfs: prop: fix vanished compression property after failed set
  btrfs: prop: fix zstd compression parameter validation
  Btrfs: do not allow trimming when a fs is mounted with the nologreplay option
  ASoC: fsl_esai: fix channel swap issue when stream starts
  include/linux/bitrev.h: fix constant bitrev
  drm/udl: add a release method and delay modeset teardown
  alarmtimer: Return correct remaining time
  parisc: regs_return_value() should return gpr28
  parisc: Detect QEMU earlier in boot process
  arm64: dts: rockchip: fix rk3328 sdmmc0 write errors
  hv_netvsc: Fix unwanted wakeup after tx_disable
  ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type
  ALSA: seq: Fix OOB-reads from strlcpy
  net: ethtool: not call vzalloc for zero sized memory request
  netns: provide pure entropy for net_hash_mix()
  net/sched: act_sample: fix divide by zero in the traffic path
  bnxt_en: Reset device on RX buffer errors.
  bnxt_en: Improve RX consumer index validity check.
  nfp: validate the return code from dev_queue_xmit()
  net/mlx5e: Add a lock on tir list
  net/mlx5e: Fix error handling when refreshing TIRs
  vrf: check accept_source_route on the original netdevice
  tcp: Ensure DCTCP reacts to losses
  sctp: initialize _pad of sockaddr_in before copying to user memory
  qmi_wwan: add Olicard 600
  openvswitch: fix flow actions reallocation
  net/sched: fix ->get helper of the matchall cls
  net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock().
  net/mlx5: Decrease default mr cache size
  net-gro: Fix GRO flush when receiving a GSO packet.
  kcm: switch order of device registration to fix a crash
  ipv6: sit: reset ip header pointer in ipip6_rcv
  ipv6: Fix dangling pointer when ipv6 fragment
  tty: ldisc: add sysctl to prevent autoloading of ldiscs
  tty: mark Siemens R3964 line discipline as BROKEN
  arm64: kaslr: Reserve size of ARM64_MEMSTART_ALIGN in linear region
  stating: ccree: revert "staging: ccree: fix leak of import() after init()"
  lib/string.c: implement a basic bcmp
  x86/vdso: Drop implicit common-page-size linker flag
  x86: vdso: Use $LD instead of $CC to link
  kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD
  powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM
  drm/i915/gvt: do not let pin count of shadow mm go negative
  x86/power: Make restore_processor_context() sane
  x86/power/32: Move SYSENTER MSR restoration to fix_processor_context()
  x86/power/64: Use struct desc_ptr for the IDT in struct saved_context
  x86/power: Fix some ordering bugs in __restore_processor_context()
  net: sfp: move sfp_register_socket call from sfp_remove to sfp_probe
  Revert "CHROMIUM: dm: boot time specification of dm="
  Revert "ANDROID: dm: do_mounts_dm: Rebase on top of 4.9"
  Revert "ANDROID: dm: do_mounts_dm: fix dm_substitute_devices()"
  Revert "ANDROID: dm: do_mounts_dm: Update init/do_mounts_dm.c to the latest ChromiumOS version."
  sched/fair: remove printk while schedule is in progress
  ANDROID: Makefile: Add '-fsplit-lto-unit' to cfi-clang-flags
  ANDROID: cfi: Remove unused variable in ptr_to_check_fn
  ANDROID: cuttlefish_defconfig: Enable CONFIG_FUSE_FS

Conflicts:
	arch/arm64/kernel/traps.c
	drivers/mmc/host/sdhci.c
	drivers/mmc/host/sdhci.h
	drivers/tty/Kconfig
	kernel/sched/fair.c

Change-Id: Ic4c01204f58cdb536e2cab04e4f1a2451977f6a3
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2019-06-25 03:05:18 -07:00
Blagovest Kolenichev
b97245abcb Merge android-4.14.110 (588c629) into msm-4.14 
* refs/heads/tmp-588c629:
  Linux 4.14.110
  vfio: ccw: only free cp on final interrupt
  Revert "USB: core: only clean up what we allocated"
  KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts
  KVM: Reject device ioctls from processes other than the VM's creator
  x86/smp: Enforce CONFIG_HOTPLUG_CPU when SMP=y
  cpu/hotplug: Prevent crash when CPU bringup fails on CONFIG_HOTPLUG_CPU=n
  perf intel-pt: Fix TSC slip
  mm/migrate.c: add missing flush_dcache_page for non-mapped page migrate
  usb: cdc-acm: fix race during wakeup blocking TX traffic
  xhci: Fix port resume done detection for SS ports with LPM enabled
  usb: host: xhci-rcar: Add XHCI_TRUST_TX_LENGTH quirk
  usb: common: Consider only available nodes for dr_mode
  USB: gadget: f_hid: fix deadlock in f_hidg_write()
  usb: mtu3: fix EXTCON dependency
  phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs
  gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input
  gpio: exar: add a check for the return value of ida_simple_get fails
  drm/vgem: fix use-after-free when drm_gem_handle_create() fails
  fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links
  Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc
  USB: serial: option: add Olicard 600
  USB: serial: option: add support for Quectel EM12
  USB: serial: option: set driver_info for SIM5218 and compatibles
  USB: serial: mos7720: fix mos_parport refcount imbalance on error path
  USB: serial: ftdi_sio: add additional NovaTech products
  USB: serial: cp210x: add new device id
  serial: sh-sci: Fix setting SCSCR_TIE while transferring data
  serial: max310x: Fix to avoid potential NULL pointer dereference
  staging: vt6655: Fix interrupt race condition on device start up.
  staging: vt6655: Remove vif check from vnt_interrupt
  staging: comedi: ni_mio_common: Fix divide-by-zero for DIO cmdtest
  tty: atmel_serial: fix a potential NULL pointer dereference
  scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices
  scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host
  scsi: sd: Quiesce warning if device does not report optimal I/O size
  scsi: sd: Fix a race between closing an sd device and sd I/O
  ocfs2: fix inode bh swapping mixup in ocfs2_reflink_inodes_lock
  fs/open.c: allow opening only regular files during execve()
  kbuild: modversions: Fix relative CRC byte order interpretation
  ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB
  ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
  ALSA: pcm: Don't suspend stream in unrecoverable PCM state
  ALSA: pcm: Fix possible OOB access in PCM oss plugins
  ALSA: seq: oss: Fix Spectre v1 vulnerability
  ALSA: rawmidi: Fix potential Spectre v1 vulnerability
  net: dsa: qca8k: remove leftover phy accessors
  NFSv4.1 don't free interrupted slot on open
  powerpc: bpf: Fix generation of load/store DW instructions
  ARM: imx6q: cpuidle: fix bug that CPU might not wake up at expected time
  btrfs: raid56: properly unmap parity page in finish_parity_scrub()
  btrfs: remove WARN_ON in log_dir_items
  Btrfs: fix incorrect file size after shrinking truncate and fsync
  powerpc/security: Fix spectre_v2 reporting
  powerpc/fsl: Fix the flush of branch predictor.
  powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup'
  powerpc/fsl: Update Spectre v2 reporting
  powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used
  powerpc/fsl: Flush branch predictor when entering KVM
  powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit)
  powerpc/fsl: Flush the branch predictor at each kernel entry (64bit)
  powerpc/fsl: Add nospectre_v2 command line argument
  powerpc/fsl: Emulate SPRN_BUCSR register
  powerpc/fsl: Fix spectre_v2 mitigations reporting
  powerpc/fsl: Add macro to flush the branch predictor
  powerpc/fsl: Add infrastructure to fixup branch predictor flush
  powerpc/powernv: Query firmware for count cache flush settings
  powerpc/pseries: Query hypervisor for count cache flush settings
  powerpc/64s: Add support for software count cache flush
  powerpc/64s: Add new security feature flags for count cache flush
  powerpc/asm: Add a patch_site macro & helpers for patching instructions
  powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms
  powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E
  powerpc/64: Make meltdown reporting Book3S 64 specific
  powerpc/64: Call setup_barrier_nospec() from setup_arch()
  powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
  powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
  powerpc/64: Disable the speculation barrier from the command line
  powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
  powerpc/64s: Enhance the information in cpu_show_spectre_v1()
  powerpc/64: Use barrier_nospec in syscall entry
  powerpc: Use barrier_nospec in copy_from_user()
  powerpc/64s: Enable barrier_nospec based on firmware settings
  powerpc/64s: Patch barrier_nospec in modules
  powerpc/64s: Add support for ori barrier_nospec patching
  tun: add a missing rcu_read_unlock() in error path
  tun: properly test for IFF_UP
  mac8390: Fix mmio access size probe
  net: aquantia: fix rx checksum offload for UDP/TCP over IPv6
  sctp: get sctphdr by offset in sctp_compute_cksum
  vxlan: Don't call gro_cells_destroy() before device is unregistered
  thunderx: eliminate extra calls to put_page() for pages held for recycling
  thunderx: enable page recycling for non-XDP case
  tcp: do not use ipv6 header for ipv4 flow
  rhashtable: Still do rehash when we get EEXIST
  packets: Always register packet sk in the same order
  net-sysfs: call dev_hold if kobject_init_and_add success
  net: stmmac: fix memory corruption with large MTUs
  net: rose: fix a possible stack overflow
  net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec
  net: datagram: fix unbounded loop in __skb_try_recv_datagram()
  mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S
  genetlink: Fix a memory leak on error path
  dccp: do not use ipv6 header for ipv4 flow
  stmmac: copy unicast mac address to MAC registers
  video: fbdev: Set pixclock = 0 in goldfishfb
  Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
  Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
  ANDROID: revert the rest of ANDROID_PARANOID_NETWORK
  UPSTREAM: virt_wifi: Remove REGULATORY_WIPHY_SELF_MANAGED

Change-Id: I70fd703c71d37e8d6055c39abcf5cf03c4c448ee
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2019-05-15 07:46:12 -07:00
Blagovest Kolenichev
070370f0ae Merge android-4.14.108 (4344de2) into msm-4.14 
* refs/heads/tmp-4344de2:
  Linux 4.14.108
  s390/setup: fix boot crash for machine without EDAT-1
  KVM: nVMX: Ignore limit checks on VMX instructions using flat segments
  KVM: nVMX: Apply addr size mask to effective address for VMX instructions
  KVM: nVMX: Sign extend displacements of VMX instr's mem operands
  KVM: x86/mmu: Do not cache MMIO accesses while memslots are in flux
  KVM: x86/mmu: Detect MMIO generation wrap in any address space
  KVM: Call kvm_arch_memslots_updated() before updating memslots
  drm/radeon/evergreen_cs: fix missing break in switch statement
  media: imx: csi: Stop upstream before disabling IDMA channel
  media: imx: csi: Disable CSI immediately after last EOF
  media: vimc: Add vimc-streamer for stream control
  media: uvcvideo: Avoid NULL pointer dereference at the end of streaming
  media: imx: prpencvf: Stop upstream before disabling IDMA channel
  rcu: Do RCU GP kthread self-wakeup from softirq and interrupt
  tpm: Unify the send callback behaviour
  tpm/tpm_crb: Avoid unaligned reads in crb_recv()
  md: Fix failed allocation of md_register_thread
  perf intel-pt: Fix divide by zero when TSC is not available
  perf intel-pt: Fix overlap calculation for padding
  perf auxtrace: Define auxtrace record alignment
  perf intel-pt: Fix CYC timestamp calculation after OVF
  x86/unwind/orc: Fix ORC unwind table alignment
  bcache: never writeback a discard operation
  PM / wakeup: Rework wakeup source timer cancellation
  NFSv4.1: Reinitialise sequence results before retransmitting a request
  nfsd: fix wrong check in write_v4_end_grace()
  nfsd: fix memory corruption caused by readdir
  NFS: Don't recoalesce on error in nfs_pageio_complete_mirror()
  NFS: Fix an I/O request leakage in nfs_do_recoalesce
  NFS: Fix I/O request leakages
  cpcap-charger: generate events for userspace
  dm integrity: limit the rate of error messages
  dm: fix to_sector() for 32bit
  arm64: KVM: Fix architecturally invalid reset value for FPEXC32_EL2
  arm64: debug: Ensure debug handlers check triggering exception level
  arm64: Fix HCR.TGE status for NMI contexts
  ARM: s3c24xx: Fix boolean expressions in osiris_dvs_notify
  powerpc/traps: Fix the message printed when stack overflows
  powerpc/traps: fix recoverability of machine check handling on book3s/32
  powerpc/hugetlb: Don't do runtime allocation of 16G pages in LPAR configuration
  powerpc/ptrace: Simplify vr_get/set() to avoid GCC warning
  powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest
  powerpc/83xx: Also save/restore SPRG4-7 during suspend
  powerpc/powernv: Make opal log only readable by root
  powerpc/wii: properly disable use of BATs when requested.
  powerpc/32: Clear on-stack exception marker upon exception return
  security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblock
  jbd2: fix compile warning when using JBUFFER_TRACE
  jbd2: clear dirty flag when revoking a buffer from an older transaction
  serial: 8250_pci: Have ACCES cards that use the four port Pericom PI7C9X7954 chip use the pci_pericom_setup()
  serial: 8250_pci: Fix number of ports for ACCES serial cards
  serial: 8250_of: assume reg-shift of 2 for mrvl,mmp-uart
  serial: uartps: Fix stuck ISR if RX disabled with non-empty FIFO
  drm/i915: Relax mmap VMA check
  crypto: arm64/aes-neonbs - fix returning final keystream block
  i2c: tegra: fix maximum transfer size
  parport_pc: fix find_superio io compare code, should use equal test.
  intel_th: Don't reference unassigned outputs
  device property: Fix the length used in PROPERTY_ENTRY_STRING()
  kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv
  mm/vmalloc: fix size check for remap_vmalloc_range_partial()
  mm: hwpoison: fix thp split handing in soft_offline_in_use_page()
  nfit: acpi_nfit_ctl(): Check out_obj->type in the right place
  usb: chipidea: tegra: Fix missed ci_hdrc_remove_device()
  clk: ingenic: Fix doc of ingenic_cgu_div_info
  clk: ingenic: Fix round_rate misbehaving with non-integer dividers
  clk: clk-twl6040: Fix imprecise external abort for pdmclk
  clk: uniphier: Fix update register for CPU-gear
  ext2: Fix underflow in ext2_max_size()
  cxl: Wrap iterations over afu slices inside 'afu_list_lock'
  IB/hfi1: Close race condition on user context disable and close
  ext4: fix crash during online resizing
  ext4: add mask of ext4 flags to swap
  cpufreq: pxa2xx: remove incorrect __init annotation
  cpufreq: tegra124: add missing of_node_put()
  x86/kprobes: Prohibit probing on optprobe template code
  irqchip/gic-v3-its: Avoid parsing _indirect_ twice for Device table
  libertas_tf: don't set URB_ZERO_PACKET on IN USB transfer
  crypto: pcbc - remove bogus memcpy()s with src == dest
  Btrfs: fix corruption reading shared and compressed extents after hole punching
  btrfs: ensure that a DUP or RAID1 block group has exactly two stripes
  Btrfs: setup a nofs context for memory allocation at __btrfs_set_acl
  m68k: Add -ffreestanding to CFLAGS
  splice: don't merge into linked buffers
  fs/devpts: always delete dcache dentry-s in dput()
  scsi: target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock
  scsi: sd: Optimal I/O size should be a multiple of physical block size
  scsi: aacraid: Fix performance issue on logical drives
  scsi: virtio_scsi: don't send sc payload with tmfs
  s390/virtio: handle find on invalid queue gracefully
  s390/setup: fix early warning messages
  clocksource/drivers/exynos_mct: Clear timer interrupt when shutdown
  clocksource/drivers/exynos_mct: Move one-shot check from tick clear to ISR
  regulator: s2mpa01: Fix step values for some LDOs
  regulator: max77620: Initialize values for DT properties
  regulator: s2mps11: Fix steps for buck7, buck8 and LDO35
  spi: pxa2xx: Setup maximum supported DMA transfer length
  spi: ti-qspi: Fix mmap read when more than one CS in use
  mmc: sdhci-esdhc-imx: fix HS400 timing issue
  ACPI / device_sysfs: Avoid OF modalias creation for removed device
  xen: fix dom0 boot on huge systems
  tracing: Do not free iter->trace in fail path of tracing_open_pipe()
  tracing: Use strncpy instead of memcpy for string keys in hist triggers
  CIFS: Fix read after write for files with read caching
  CIFS: Do not reset lease state to NONE on lease break
  crypto: arm64/aes-ccm - fix bugs in non-NEON fallback routine
  crypto: arm64/aes-ccm - fix logical bug in AAD MAC handling
  crypto: testmgr - skip crc32c context test for ahash algorithms
  crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails
  crypto: arm64/crct10dif - revert to C code for short inputs
  crypto: arm/crct10dif - revert to C code for short inputs
  fix cgroup_do_mount() handling of failure exits
  libnvdimm: Fix altmap reservation size calculation
  libnvdimm/pmem: Honor force_raw for legacy pmem regions
  libnvdimm, pfn: Fix over-trim in trim_pfn_device()
  libnvdimm/label: Clear 'updating' flag after label-set update
  stm class: Prevent division by zero
  media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused()
  tmpfs: fix uninitialized return value in shmem_link
  net: set static variable an initial value in atl2_probe()
  nfp: bpf: fix ALU32 high bits clearance bug
  nfp: bpf: fix code-gen bug on BPF_ALU | BPF_XOR | BPF_K
  net: thunderx: make CFG_DONE message to run through generic send-ack sequence
  mac80211_hwsim: propagate genlmsg_reply return code
  phonet: fix building with clang
  ARCv2: support manual regfile save on interrupts
  ARC: uacces: remove lp_start, lp_end from clobber list
  ARCv2: lib: memcpy: fix doing prefetchw outside of buffer
  ixgbe: fix older devices that do not support IXGBE_MRQC_L3L4TXSWEN
  tmpfs: fix link accounting when a tmpfile is linked in
  net: marvell: mvneta: fix DMA debug warning
  arm64: Relax GIC version check during early boot
  qed: Fix iWARP syn packet mac address validation.
  ASoC: topology: free created components in tplg load error
  mailbox: bcm-flexrm-mailbox: Fix FlexRM ring flush timeout issue
  net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe()
  qmi_wwan: apply SET_DTR quirk to Sierra WP7607
  pinctrl: meson: meson8b: fix the sdxc_a data 1..3 pins
  net: systemport: Fix reception of BPDUs
  scsi: libiscsi: Fix race between iscsi_xmit_task and iscsi_complete_task
  keys: Fix dependency loop between construction record and auth key
  assoc_array: Fix shortcut creation
  af_key: unconditionally clone on broadcast
  ARM: 8824/1: fix a migrating irq bug when hotplug cpu
  esp: Skip TX bytes accounting when sending from a request socket
  clk: sunxi: A31: Fix wrong AHB gate number
  clk: sunxi-ng: v3s: Fix TCON reset de-assert bit
  Input: st-keyscan - fix potential zalloc NULL dereference
  auxdisplay: ht16k33: fix potential user-after-free on module unload
  i2c: bcm2835: Clear current buffer pointers and counts after a transfer
  i2c: cadence: Fix the hold bit setting
  net: hns: Fix object reference leaks in hns_dsaf_roce_reset()
  mm: page_alloc: fix ref bias in page_frag_alloc() for 1-byte allocs
  Revert "mm: use early_pfn_to_nid in page_ext_init"
  mm/gup: fix gup_pmd_range() for dax
  NFS: Don't use page_file_mapping after removing the page
  floppy: check_events callback should not return a negative number
  ipvs: fix dependency on nf_defrag_ipv6
  mac80211: Fix Tx aggregation session tear down with ITXQs
  Input: matrix_keypad - use flush_delayed_work()
  Input: ps2-gpio - flush TX work when closing port
  Input: cap11xx - switch to using set_brightness_blocking()
  ARM: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug
  KVM: arm/arm64: Reset the VCPU without preemption and vcpu state loaded
  ASoC: rsnd: fixup rsnd_ssi_master_clk_start() user count check
  ASoC: dapm: fix out-of-bounds accesses to DAPM lookup tables
  ARM: OMAP2+: Variable "reg" in function omap4_dsi_mux_pads() could be uninitialized
  Input: pwm-vibra - stop regulator after disabling pwm, not before
  Input: pwm-vibra - prevent unbalanced regulator
  s390/dasd: fix using offset into zero size array error
  gpu: ipu-v3: Fix CSI offsets for imx53
  drm/imx: imx-ldb: add missing of_node_puts
  gpu: ipu-v3: Fix i.MX51 CSI control registers offset
  drm/imx: ignore plane updates on disabled crtcs
  crypto: rockchip - update new iv to device in multiple operations
  crypto: rockchip - fix scatterlist nents error
  crypto: ahash - fix another early termination in hash walk
  crypto: caam - fixed handling of sg list
  stm class: Fix an endless loop in channel allocation
  iio: adc: exynos-adc: Fix NULL pointer exception on unbind
  ASoC: fsl_esai: fix register setting issue in RIGHT_J mode
  9p/net: fix memory leak in p9_client_create
  9p: use inode->i_lock to protect i_size_write() under 32-bit
  FROMLIST: psi: introduce psi monitor
  FROMLIST: refactor header includes to allow kthread.h inclusion in psi_types.h
  FROMLIST: psi: track changed states
  FROMLIST: psi: split update_stats into parts
  FROMLIST: psi: rename psi fields in preparation for psi trigger addition
  FROMLIST: psi: make psi_enable static
  FROMLIST: psi: introduce state_mask to represent stalled psi states
  ANDROID: cuttlefish_defconfig: Enable CONFIG_INPUT_MOUSEDEV
  ANDROID: cuttlefish_defconfig: Enable CONFIG_PSI
  BACKPORT: kernel: cgroup: add poll file operation
  BACKPORT: fs: kernfs: add poll file operation
  UPSTREAM: psi: avoid divide-by-zero crash inside virtual machines
  UPSTREAM: psi: clarify the Kconfig text for the default-disable option
  UPSTREAM: psi: fix aggregation idle shut-off
  UPSTREAM: psi: fix reference to kernel commandline enable
  UPSTREAM: psi: make disabling/enabling easier for vendor kernels
  UPSTREAM: kernel/sched/psi.c: simplify cgroup_move_task()
  BACKPORT: psi: cgroup support
  UPSTREAM: psi: pressure stall information for CPU, memory, and IO
  UPSTREAM: sched: introduce this_rq_lock_irq()
  UPSTREAM: sched: sched.h: make rq locking and clock functions available in stats.h
  UPSTREAM: sched: loadavg: make calc_load_n() public
  BACKPORT: sched: loadavg: consolidate LOAD_INT, LOAD_FRAC, CALC_LOAD
  UPSTREAM: delayacct: track delays from thrashing cache pages
  UPSTREAM: mm: workingset: tell cache transitions from workingset thrashing
  sched/fair: fix energy compute when a cluster is only a cpu core in multi-cluster system

Conflicts:
	arch/arm/kernel/irq.c
	drivers/scsi/sd.c
	include/linux/sched.h
	include/uapi/linux/taskstats.h
	kernel/sched/Makefile
	sound/soc/soc-dapm.c

Change-Id: I12ebb57a34da9101ee19458d7e1f96ecc769c39a
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2019-05-15 07:44:57 -07:00
Greg Kroah-Hartman
626ab65fb5 This is the 4.14.115 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzKnvMACgkQONu9yGCS
 aT6vPRAAgy8sPwaOoETexGtsEaVVaZX2Yt20ekTuNbKHZKBJKXlq+pcfXawwotUE
 dr+/jRrpUrOD7Ta4y+qU+mKV3eS4FZ8bJaYvEOKkf/wSFG5sWF6pE7jmgnJ2lJVj
 SafR601YTCh2eZm+rLogqEF+lXZ9rNUCJlnO6q4APnpvuOGqX6kPaqTxDRK+Qfzz
 mkij3bnw43YAX5lkx9l2OzreNU5jlh2RSamrF0YrqoL01E/7IXYeAnxQl+Atmjmu
 pLWsWl/rdxVAnDPwpiZZZAEs3/DYpVtP1bcCH7tESLWICawajUsffn5/yVtwl1UW
 BKl0mFom7K9tZOhSxmf7kvK+Yq8p5AdyooIFVEfoObYMCZAyXarpnBiey4SeqqQU
 GRi6fLfMeXrk3ikkI3qGbClbjLhiGmUIyYWz0VI2mxf7+SRnOzHsxgILiaJHPQOn
 4+6Y8n1XINMMOu6p0apVSZAAlKjnLsUX0gocTaRQsFTzY9Zqm+/hePe6x7Xm+h66
 X4e9NAy/RxZog78aVxTihphAX6V5gbRgcYku+UvWTDoIB13XZ7qxcjyod3DiLvZT
 n3APkif2sC2ATFmJ3eRSLSitFQ2igIAfW3ob9GtdYb/13I7Zsh0K0FqH1icuKVVm
 VBsTtvNahCMMKXT/Z5hJOO2agXPprx0kGnn1J6vazh/Bs94QBLw=
 =tLin
 -----END PGP SIGNATURE-----

Merge 4.14.115 into android-4.14-q

Changes in 4.14.115
	kbuild: simplify ld-option implementation
	cifs: do not attempt cifs operation on smb2+ rename error
	tracing: Fix a memory leak by early error exit in trace_pid_write()
	tracing: Fix buffer_ref pipe ops
	zram: pass down the bvec we need to read into in the work struct
	lib/Kconfig.debug: fix build error without CONFIG_BLOCK
	MIPS: scall64-o32: Fix indirect syscall number load
	trace: Fix preempt_enable_no_resched() abuse
	IB/rdmavt: Fix frwr memory registration
	sched/numa: Fix a possible divide-by-zero
	ceph: only use d_name directly when parent is locked
	ceph: ensure d_name stability in ceph_dentry_hash()
	ceph: fix ci->i_head_snapc leak
	nfsd: Don't release the callback slot unless it was actually held
	sunrpc: don't mark uninitialised items as VALID.
	Input: synaptics-rmi4 - write config register values to the right offset
	vfio/type1: Limit DMA mappings per container
	dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid
	ARM: 8857/1: efi: enable CP15 DMB instructions before cleaning the cache
	drm/vc4: Fix memory leak during gpu reset.
	Revert "drm/i915/fbdev: Actually configure untiled displays"
	drm/vc4: Fix compilation error reported by kbuild test bot
	USB: Add new USB LPM helpers
	USB: Consolidate LPM checks to avoid enabling LPM twice
	ext4: fix some error pointer dereferences
	vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock
	tipc: handle the err returned from cmd header function
	slip: make slhc_free() silently accept an error pointer
	intel_th: gth: Fix an off-by-one in output unassigning
	fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
	ipvs: fix warning on unused variable
	binder: fix handling of misaligned binder object
	sched/deadline: Correctly handle active 0-lag timers
	NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
	netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
	fm10k: Fix a potential NULL pointer dereference
	tipc: check bearer name with right length in tipc_nl_compat_bearer_enable
	tipc: check link name with right length in tipc_nl_compat_link_set
	dm integrity: change memcmp to strncmp in dm_integrity_ctr
	x86, retpolines: Raise limit for generating indirect calls from switch-case
	x86/retpolines: Disable switch jump tables when retpolines are enabled
	mm: Fix warning in insert_pfn()
	Revert "block/loop: Use global lock for ioctl() operation."
	ipv4: add sanity checks in ipv4_link_failure()
	mlxsw: spectrum: Fix autoneg status in ethtool
	net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
	net: rds: exchange of 8K and 1M pool
	net: stmmac: move stmmac_check_ether_addr() to driver probe
	stmmac: pci: Adjust IOT2000 matching
	team: fix possible recursive locking when add slaves
	net/rose: Convert timers to use timer_setup()
	net/rose: fix unbound loop in rose_loopback_timer()
	ipv4: set the tcp_min_rtt_wlen range from 0 to one day
	powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg
	Documentation: Add nospectre_v1 parameter
	Linux 4.14.115

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-05-02 09:57:06 +02:00
Greg Kroah-Hartman
b5123fd473 This is the 4.14.115 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzKnvMACgkQONu9yGCS
 aT6vPRAAgy8sPwaOoETexGtsEaVVaZX2Yt20ekTuNbKHZKBJKXlq+pcfXawwotUE
 dr+/jRrpUrOD7Ta4y+qU+mKV3eS4FZ8bJaYvEOKkf/wSFG5sWF6pE7jmgnJ2lJVj
 SafR601YTCh2eZm+rLogqEF+lXZ9rNUCJlnO6q4APnpvuOGqX6kPaqTxDRK+Qfzz
 mkij3bnw43YAX5lkx9l2OzreNU5jlh2RSamrF0YrqoL01E/7IXYeAnxQl+Atmjmu
 pLWsWl/rdxVAnDPwpiZZZAEs3/DYpVtP1bcCH7tESLWICawajUsffn5/yVtwl1UW
 BKl0mFom7K9tZOhSxmf7kvK+Yq8p5AdyooIFVEfoObYMCZAyXarpnBiey4SeqqQU
 GRi6fLfMeXrk3ikkI3qGbClbjLhiGmUIyYWz0VI2mxf7+SRnOzHsxgILiaJHPQOn
 4+6Y8n1XINMMOu6p0apVSZAAlKjnLsUX0gocTaRQsFTzY9Zqm+/hePe6x7Xm+h66
 X4e9NAy/RxZog78aVxTihphAX6V5gbRgcYku+UvWTDoIB13XZ7qxcjyod3DiLvZT
 n3APkif2sC2ATFmJ3eRSLSitFQ2igIAfW3ob9GtdYb/13I7Zsh0K0FqH1icuKVVm
 VBsTtvNahCMMKXT/Z5hJOO2agXPprx0kGnn1J6vazh/Bs94QBLw=
 =tLin
 -----END PGP SIGNATURE-----

Merge 4.14.115 into android-4.14

Changes in 4.14.115
	kbuild: simplify ld-option implementation
	cifs: do not attempt cifs operation on smb2+ rename error
	tracing: Fix a memory leak by early error exit in trace_pid_write()
	tracing: Fix buffer_ref pipe ops
	zram: pass down the bvec we need to read into in the work struct
	lib/Kconfig.debug: fix build error without CONFIG_BLOCK
	MIPS: scall64-o32: Fix indirect syscall number load
	trace: Fix preempt_enable_no_resched() abuse
	IB/rdmavt: Fix frwr memory registration
	sched/numa: Fix a possible divide-by-zero
	ceph: only use d_name directly when parent is locked
	ceph: ensure d_name stability in ceph_dentry_hash()
	ceph: fix ci->i_head_snapc leak
	nfsd: Don't release the callback slot unless it was actually held
	sunrpc: don't mark uninitialised items as VALID.
	Input: synaptics-rmi4 - write config register values to the right offset
	vfio/type1: Limit DMA mappings per container
	dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid
	ARM: 8857/1: efi: enable CP15 DMB instructions before cleaning the cache
	drm/vc4: Fix memory leak during gpu reset.
	Revert "drm/i915/fbdev: Actually configure untiled displays"
	drm/vc4: Fix compilation error reported by kbuild test bot
	USB: Add new USB LPM helpers
	USB: Consolidate LPM checks to avoid enabling LPM twice
	ext4: fix some error pointer dereferences
	vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock
	tipc: handle the err returned from cmd header function
	slip: make slhc_free() silently accept an error pointer
	intel_th: gth: Fix an off-by-one in output unassigning
	fs/proc/proc_sysctl.c: Fix a NULL pointer dereference
	ipvs: fix warning on unused variable
	binder: fix handling of misaligned binder object
	sched/deadline: Correctly handle active 0-lag timers
	NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
	netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
	fm10k: Fix a potential NULL pointer dereference
	tipc: check bearer name with right length in tipc_nl_compat_bearer_enable
	tipc: check link name with right length in tipc_nl_compat_link_set
	dm integrity: change memcmp to strncmp in dm_integrity_ctr
	x86, retpolines: Raise limit for generating indirect calls from switch-case
	x86/retpolines: Disable switch jump tables when retpolines are enabled
	mm: Fix warning in insert_pfn()
	Revert "block/loop: Use global lock for ioctl() operation."
	ipv4: add sanity checks in ipv4_link_failure()
	mlxsw: spectrum: Fix autoneg status in ethtool
	net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
	net: rds: exchange of 8K and 1M pool
	net: stmmac: move stmmac_check_ether_addr() to driver probe
	stmmac: pci: Adjust IOT2000 matching
	team: fix possible recursive locking when add slaves
	net/rose: Convert timers to use timer_setup()
	net/rose: fix unbound loop in rose_loopback_timer()
	ipv4: set the tcp_min_rtt_wlen range from 0 to one day
	powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg
	Documentation: Add nospectre_v1 parameter
	Linux 4.14.115

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-05-02 09:56:08 +02:00
YueHaibing
a50d8db5f3 fs/proc/proc_sysctl.c: Fix a NULL pointer dereference 
commit 89189557b47b35683a27c80ee78aef18248eefb4 upstream.

Syzkaller report this:

  sysctl could not get directory: /net//bridge -12
  kasan: CONFIG_KASAN_INLINE enabled
  kasan: GPF could be caused by NULL-ptr deref or user memory access
  general protection fault: 0000 [#1] SMP KASAN PTI
  CPU: 1 PID: 7027 Comm: syz-executor.0 Tainted: G         C        5.1.0-rc3+ #8
  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
  RIP: 0010:__write_once_size include/linux/compiler.h:220 [inline]
  RIP: 0010:__rb_change_child include/linux/rbtree_augmented.h:144 [inline]
  RIP: 0010:__rb_erase_augmented include/linux/rbtree_augmented.h:186 [inline]
  RIP: 0010:rb_erase+0x5f4/0x19f0 lib/rbtree.c:459
  Code: 00 0f 85 60 13 00 00 48 89 1a 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 48 89 f2 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 75 0c 00 00 4d 85 ed 4c 89 2e 74 ce 4c 89 ea 48
  RSP: 0018:ffff8881bb507778 EFLAGS: 00010206
  RAX: dffffc0000000000 RBX: ffff8881f224b5b8 RCX: ffffffff818f3f6a
  RDX: 000000000000000a RSI: 0000000000000050 RDI: ffff8881f224b568
  RBP: 0000000000000000 R08: ffffed10376a0ef4 R09: ffffed10376a0ef4
  R10: 0000000000000001 R11: ffffed10376a0ef4 R12: ffff8881f224b558
  R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
  FS:  00007f3e7ce13700(0000) GS:ffff8881f7300000(0000) knlGS:0000000000000000
  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  CR2: 00007fd60fbe9398 CR3: 00000001cb55c001 CR4: 00000000007606e0
  DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
  DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
  PKRU: 55555554
  Call Trace:
   erase_entry fs/proc/proc_sysctl.c:178 [inline]
   erase_header+0xe3/0x160 fs/proc/proc_sysctl.c:207
   start_unregistering fs/proc/proc_sysctl.c:331 [inline]
   drop_sysctl_table+0x558/0x880 fs/proc/proc_sysctl.c:1631
   get_subdir fs/proc/proc_sysctl.c:1022 [inline]
   __register_sysctl_table+0xd65/0x1090 fs/proc/proc_sysctl.c:1335
   br_netfilter_init+0x68/0x1000 [br_netfilter]
   do_one_initcall+0xbc/0x47d init/main.c:901
   do_init_module+0x1b5/0x547 kernel/module.c:3456
   load_module+0x6405/0x8c10 kernel/module.c:3804
   __do_sys_finit_module+0x162/0x190 kernel/module.c:3898
   do_syscall_64+0x9f/0x450 arch/x86/entry/common.c:290
   entry_SYSCALL_64_after_hwframe+0x49/0xbe
  Modules linked in: br_netfilter(+) backlight comedi(C) hid_sensor_hub max3100 ti_ads8688 udc_core fddi snd_mona leds_gpio rc_streamzap mtd pata_netcell nf_log_common rc_winfast udp_tunnel snd_usbmidi_lib snd_usb_toneport snd_usb_line6 snd_rawmidi snd_seq_device snd_hwdep videobuf2_v4l2 videobuf2_common videodev media videobuf2_vmalloc videobuf2_memops rc_gadmei_rm008z 8250_of smm665 hid_tmff hid_saitek hwmon_vid rc_ati_tv_wonder_hd_600 rc_core pata_pdc202xx_old dn_rtmsg as3722 ad714x_i2c ad714x snd_soc_cs4265 hid_kensington panel_ilitek_ili9322 drm drm_panel_orientation_quirks ipack cdc_phonet usbcore phonet hid_jabra hid extcon_arizona can_dev industrialio_triggered_buffer kfifo_buf industrialio adm1031 i2c_mux_ltc4306 i2c_mux ipmi_msghandler mlxsw_core snd_soc_cs35l34 snd_soc_core snd_pcm_dmaengine snd_pcm snd_timer ac97_bus snd_compress snd soundcore gpio_da9055 uio ecdh_generic mdio_thunder of_mdio fixed_phy libphy mdio_cavium iptable_security iptable_raw iptable_mangle
   iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 iptable_filter bpfilter ip6_vti ip_vti ip_gre ipip sit tunnel4 ip_tunnel hsr veth netdevsim vxcan batman_adv cfg80211 rfkill chnl_net caif nlmon dummy team bonding vcan bridge stp llc ip6_gre gre ip6_tunnel tunnel6 tun joydev mousedev ppdev tpm kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel aesni_intel ide_pci_generic piix aes_x86_64 crypto_simd cryptd ide_core glue_helper input_leds psmouse intel_agp intel_gtt serio_raw ata_generic i2c_piix4 agpgart pata_acpi parport_pc parport floppy rtc_cmos sch_fq_codel ip_tables x_tables sha1_ssse3 sha1_generic ipv6 [last unloaded: br_netfilter]
  Dumping ftrace buffer:
     (ftrace buffer empty)
  ---[ end trace 68741688d5fbfe85 ]---

commit 23da9588037e ("fs/proc/proc_sysctl.c: fix NULL pointer
dereference in put_links") forgot to handle start_unregistering() case,
while header->parent is NULL, it calls erase_header() and as seen in the
above syzkaller call trace, accessing &header->parent->root will trigger
a NULL pointer dereference.

As that commit explained, there is also no need to call
start_unregistering() if header->parent is NULL.

Link: http://lkml.kernel.org/r/20190409153622.28112-1-yuehaibing@huawei.com
Fixes: 23da9588037e ("fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links")
Fixes: 0e47c99d7fe25 ("sysctl: Replace root_list with links between sysctl_table_sets")
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Reported-by: Hulk Robot <hulkci@huawei.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: Luis Chamberlain <mcgrof@kernel.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 2019-05-02 09:40:31 +02:00
Greg Kroah-Hartman
8448bfb4c9 This is the 4.14.114 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzEBk4ACgkQONu9yGCS
 aT7oPg/+LqGEp+af4Q2623Y5tzG+pV580Xzzeyu+ZulmfTiG8yylSCxtVKvzjlmf
 omeCYxZXCNDtOn1aWFWvM+cZlNC90gOem2Xm2P7KEx25QZflFFI+Uzt+7sKrLr1l
 v/6YOf2cjvfOAlYF6euI98Ja6+m+OWXhWDUQUEUbl0X8Of2pXW9opWsf13LKT/BT
 p9WpVjDN+pow1kGl1Sk4zu11LBZsN0PI5ZW64PTSG2AuSIMQ9pHZzxrGD7/vhQMC
 50s2WsJxlIvuE3tmWDnpqfR0WjzaUk59hHrrBM9YLDlqjzFZNgD2ziRn0A0sfW1n
 us81cw6Wz+LcykK3D2qvIvhZkRkDVI7J6LQSzeNaBWl3AkEEjwYw3cSwD5jl5+xn
 cbTgaBjKursuBZU5rdXPcabAhFIlL6NIt43n6DYRl/MYSpFvzifLKnCso2fPNNgT
 lXZuwH1qDBepVVQ0YrTnOBf+7u822lPuGyIq1Nz4YUBhKAAlBTV/Hxv3gJCXTihO
 6NW42qk44VLjmu/Gpo5Q4Nc6EWeujwZRXNEZo8m5YfV92VteJTs3520iPRB0qFga
 aPOyiMNIKyhzZ3CPxxkDXgeRDh7AFznwcljlDE6DiCVmbPaUucJkvad/TwyFf4ul
 Wp1zZ2aCrt/oO5GK/MQfGNh4rmN/0qB9cxYoBDWbOJSG4R1+PTI=
 =dQgB
 -----END PGP SIGNATURE-----

Merge 4.14.114 into android-4.14-q

Changes in 4.14.114
	bonding: fix event handling for stacked bonds
	net: atm: Fix potential Spectre v1 vulnerabilities
	net: bridge: fix per-port af_packet sockets
	net: bridge: multicast: use rcu to access port list from br_multicast_start_querier
	net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
	tcp: tcp_grow_window() needs to respect tcp_space()
	team: set slave to promisc if team is already in promisc mode
	vhost: reject zero size iova range
	ipv4: recompile ip options in ipv4_link_failure
	ipv4: ensure rcu_read_lock() in ipv4_link_failure()
	net: thunderx: raise XDP MTU to 1508
	net: thunderx: don't allow jumbo frames with XDP
	CIFS: keep FileInfo handle live during oplock break
	KVM: x86: Don't clear EFER during SMM transitions for 32-bit vCPU
	KVM: x86: svm: make sure NMI is injected after nmi_singlestep
	Staging: iio: meter: fixed typo
	staging: iio: ad7192: Fix ad7193 channel address
	iio: gyro: mpu3050: fix chip ID reading
	iio/gyro/bmg160: Use millidegrees for temperature scale
	iio: cros_ec: Fix the maths for gyro scale calculation
	iio: ad_sigma_delta: select channel when reading register
	iio: dac: mcp4725: add missing powerdown bits in store eeprom
	iio: Fix scan mask selection
	iio: adc: at91: disable adc channel interrupt in timeout case
	iio: core: fix a possible circular locking dependency
	io: accel: kxcjk1013: restore the range after resume.
	staging: comedi: vmk80xx: Fix use of uninitialized semaphore
	staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
	staging: comedi: ni_usb6501: Fix use of uninitialized mutex
	staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf
	ALSA: hda/realtek - add two more pin configuration sets to quirk table
	ALSA: core: Fix card races between register and disconnect
	scsi: core: set result when the command cannot be dispatched
	Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO"
	Revert "svm: Fix AVIC incomplete IPI emulation"
	coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
	crypto: x86/poly1305 - fix overflow during partial reduction
	arm64: futex: Restore oldval initialization to work around buggy compilers
	x86/kprobes: Verify stack frame on kretprobe
	kprobes: Mark ftrace mcount handler functions nokprobe
	kprobes: Fix error check when reusing optimized probes
	rt2x00: do not increment sequence number while re-transmitting
	mac80211: do not call driver wake_tx_queue op during reconfig
	perf/x86/amd: Add event map for AMD Family 17h
	x86/cpu/bugs: Use __initconst for 'const' init data
	perf/x86: Fix incorrect PEBS_REGS
	x86/speculation: Prevent deadlock on ssb_state::lock
	crypto: crypto4xx - properly set IV after de- and encrypt
	mmc: sdhci: Fix data command CRC error handling
	mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR
	mmc: sdhci: Handle auto-command errors
	modpost: file2alias: go back to simple devtable lookup
	modpost: file2alias: check prototype of handler
	tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete
	ipv6: frags: fix a lockdep false positive
	net: IP defrag: encapsulate rbtree defrag code into callable functions
	ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module
	net: IP6 defrag: use rbtrees for IPv6 defrag
	net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c
	Revert "kbuild: use -Oz instead of -Os when using clang"
	sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
	device_cgroup: fix RCU imbalance in error case
	mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n
	ALSA: info: Fix racy addition/deletion of nodes
	percpu: stop printing kernel addresses
	tools include: Adopt linux/bits.h
	iomap: report collisions between directio and buffered writes to userspace
	xfs: add the ability to join a held buffer to a defer_ops
	xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute
	i2c-hid: properly terminate i2c_hid_dmi_desc_override_table[] array
	Revert "locking/lockdep: Add debug_locks check in __lock_downgrade()"
	kernel/sysctl.c: fix out-of-bounds access when setting file-max
	Linux 4.14.114

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-04-30 13:00:47 +02:00
Greg Kroah-Hartman
c680586c4f This is the 4.14.114 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlzEBk4ACgkQONu9yGCS
 aT7oPg/+LqGEp+af4Q2623Y5tzG+pV580Xzzeyu+ZulmfTiG8yylSCxtVKvzjlmf
 omeCYxZXCNDtOn1aWFWvM+cZlNC90gOem2Xm2P7KEx25QZflFFI+Uzt+7sKrLr1l
 v/6YOf2cjvfOAlYF6euI98Ja6+m+OWXhWDUQUEUbl0X8Of2pXW9opWsf13LKT/BT
 p9WpVjDN+pow1kGl1Sk4zu11LBZsN0PI5ZW64PTSG2AuSIMQ9pHZzxrGD7/vhQMC
 50s2WsJxlIvuE3tmWDnpqfR0WjzaUk59hHrrBM9YLDlqjzFZNgD2ziRn0A0sfW1n
 us81cw6Wz+LcykK3D2qvIvhZkRkDVI7J6LQSzeNaBWl3AkEEjwYw3cSwD5jl5+xn
 cbTgaBjKursuBZU5rdXPcabAhFIlL6NIt43n6DYRl/MYSpFvzifLKnCso2fPNNgT
 lXZuwH1qDBepVVQ0YrTnOBf+7u822lPuGyIq1Nz4YUBhKAAlBTV/Hxv3gJCXTihO
 6NW42qk44VLjmu/Gpo5Q4Nc6EWeujwZRXNEZo8m5YfV92VteJTs3520iPRB0qFga
 aPOyiMNIKyhzZ3CPxxkDXgeRDh7AFznwcljlDE6DiCVmbPaUucJkvad/TwyFf4ul
 Wp1zZ2aCrt/oO5GK/MQfGNh4rmN/0qB9cxYoBDWbOJSG4R1+PTI=
 =dQgB
 -----END PGP SIGNATURE-----

Merge 4.14.114 into android-4.14

Changes in 4.14.114
	bonding: fix event handling for stacked bonds
	net: atm: Fix potential Spectre v1 vulnerabilities
	net: bridge: fix per-port af_packet sockets
	net: bridge: multicast: use rcu to access port list from br_multicast_start_querier
	net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
	tcp: tcp_grow_window() needs to respect tcp_space()
	team: set slave to promisc if team is already in promisc mode
	vhost: reject zero size iova range
	ipv4: recompile ip options in ipv4_link_failure
	ipv4: ensure rcu_read_lock() in ipv4_link_failure()
	net: thunderx: raise XDP MTU to 1508
	net: thunderx: don't allow jumbo frames with XDP
	CIFS: keep FileInfo handle live during oplock break
	KVM: x86: Don't clear EFER during SMM transitions for 32-bit vCPU
	KVM: x86: svm: make sure NMI is injected after nmi_singlestep
	Staging: iio: meter: fixed typo
	staging: iio: ad7192: Fix ad7193 channel address
	iio: gyro: mpu3050: fix chip ID reading
	iio/gyro/bmg160: Use millidegrees for temperature scale
	iio: cros_ec: Fix the maths for gyro scale calculation
	iio: ad_sigma_delta: select channel when reading register
	iio: dac: mcp4725: add missing powerdown bits in store eeprom
	iio: Fix scan mask selection
	iio: adc: at91: disable adc channel interrupt in timeout case
	iio: core: fix a possible circular locking dependency
	io: accel: kxcjk1013: restore the range after resume.
	staging: comedi: vmk80xx: Fix use of uninitialized semaphore
	staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
	staging: comedi: ni_usb6501: Fix use of uninitialized mutex
	staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf
	ALSA: hda/realtek - add two more pin configuration sets to quirk table
	ALSA: core: Fix card races between register and disconnect
	scsi: core: set result when the command cannot be dispatched
	Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO"
	Revert "svm: Fix AVIC incomplete IPI emulation"
	coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
	crypto: x86/poly1305 - fix overflow during partial reduction
	arm64: futex: Restore oldval initialization to work around buggy compilers
	x86/kprobes: Verify stack frame on kretprobe
	kprobes: Mark ftrace mcount handler functions nokprobe
	kprobes: Fix error check when reusing optimized probes
	rt2x00: do not increment sequence number while re-transmitting
	mac80211: do not call driver wake_tx_queue op during reconfig
	perf/x86/amd: Add event map for AMD Family 17h
	x86/cpu/bugs: Use __initconst for 'const' init data
	perf/x86: Fix incorrect PEBS_REGS
	x86/speculation: Prevent deadlock on ssb_state::lock
	crypto: crypto4xx - properly set IV after de- and encrypt
	mmc: sdhci: Fix data command CRC error handling
	mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR
	mmc: sdhci: Handle auto-command errors
	modpost: file2alias: go back to simple devtable lookup
	modpost: file2alias: check prototype of handler
	tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete
	ipv6: frags: fix a lockdep false positive
	net: IP defrag: encapsulate rbtree defrag code into callable functions
	ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module
	net: IP6 defrag: use rbtrees for IPv6 defrag
	net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c
	Revert "kbuild: use -Oz instead of -Os when using clang"
	sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup
	device_cgroup: fix RCU imbalance in error case
	mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n
	ALSA: info: Fix racy addition/deletion of nodes
	percpu: stop printing kernel addresses
	tools include: Adopt linux/bits.h
	iomap: report collisions between directio and buffered writes to userspace
	xfs: add the ability to join a held buffer to a defer_ops
	xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute
	i2c-hid: properly terminate i2c_hid_dmi_desc_override_table[] array
	Revert "locking/lockdep: Add debug_locks check in __lock_downgrade()"
	kernel/sysctl.c: fix out-of-bounds access when setting file-max
	Linux 4.14.114

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-04-30 12:56:41 +02:00
Andrea Arcangeli
bb461ad8e6 coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping 
commit 04f5866e41fb70690e28397487d8bd8eea7d712a upstream.

The core dumping code has always run without holding the mmap_sem for
writing, despite that is the only way to ensure that the entire vma
layout will not change from under it.  Only using some signal
serialization on the processes belonging to the mm is not nearly enough.
This was pointed out earlier.  For example in Hugh's post from Jul 2017:

  https://lkml.kernel.org/r/alpine.LSU.2.11.1707191716030.2055@eggly.anvils

  "Not strictly relevant here, but a related note: I was very surprised
   to discover, only quite recently, how handle_mm_fault() may be called
   without down_read(mmap_sem) - when core dumping. That seems a
   misguided optimization to me, which would also be nice to correct"

In particular because the growsdown and growsup can move the
vm_start/vm_end the various loops the core dump does around the vma will
not be consistent if page faults can happen concurrently.

Pretty much all users calling mmget_not_zero()/get_task_mm() and then
taking the mmap_sem had the potential to introduce unexpected side
effects in the core dumping code.

Adding mmap_sem for writing around the ->core_dump invocation is a
viable long term fix, but it requires removing all copy user and page
faults and to replace them with get_dump_page() for all binary formats
which is not suitable as a short term fix.

For the time being this solution manually covers the places that can
confuse the core dump either by altering the vma layout or the vma flags
while it runs.  Once ->core_dump runs under mmap_sem for writing the
function mmget_still_valid() can be dropped.

Allowing mmap_sem protected sections to run in parallel with the
coredump provides some minor parallelism advantage to the swapoff code
(which seems to be safe enough by never mangling any vma field and can
keep doing swapins in parallel to the core dumping) and to some other
corner case.

In order to facilitate the backporting I added "Fixes: 86039bd3b4e6"
however the side effect of this same race condition in /proc/pid/mem
should be reproducible since before 2.6.12-rc2 so I couldn't add any
other "Fixes:" because there's no hash beyond the git genesis commit.

Because find_extend_vma() is the only location outside of the process
context that could modify the "mm" structures under mmap_sem for
reading, by adding the mmget_still_valid() check to it, all other cases
that take the mmap_sem for reading don't need the new check after
mmget_not_zero()/get_task_mm().  The expand_stack() in page fault
context also doesn't need the new check, because all tasks under core
dumping are frozen.

Link: http://lkml.kernel.org/r/20190325224949.11068-1-aarcange@redhat.com
Fixes: 86039bd3b4e6 ("userfaultfd: add new syscall to provide memory externalization")
Signed-off-by: Andrea Arcangeli <aarcange@redhat.com>
Reported-by: Jann Horn <jannh@google.com>
Suggested-by: Oleg Nesterov <oleg@redhat.com>
Acked-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Mike Rapoport <rppt@linux.ibm.com>
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Jann Horn <jannh@google.com>
Acked-by: Jason Gunthorpe <jgg@mellanox.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 2019-04-27 09:35:37 +02:00
Greg Kroah-Hartman
516c937d80 This is the 4.14.110 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlykNbEACgkQONu9yGCS
 aT5HyQ//X23Zk/FFcyVZv3U/CTmuLGDyLDiVFAKoGwngGhYVSpH5LuF7al/Csihc
 pKiwi+oz3qj89+/Rx3OvtHUTnIE2sBcuN0nBclwHY+5uTmv6m9a358/LPRWEDl19
 HUSFwrRS0bmOcrG5W+p+XSQ/VBv/UhigLQ5PJ9ezvcgUW/kh0SuVd0FTUGxse8wi
 jaJSaKISSHtwoqoWjLUHeyWR+pl8rRZx6ujfcQXl9+0Ei9Rl/osDezexDNfaoKBA
 CGHYdFNVlYMhPIO0Z5X0jsIUUnCn5DwmHEFqjQsPq49y1sJhd5yCTciF0VtMaFQm
 r1+VCNXTEWaEOrHrL8DzkOKXm+mKjY72P1tsodpjGwBb1y1gEtQwH3jf9jhUQvrh
 0/YN39BKjE5f0X4Nusri35r+8DgjK9aab5AlMBezIm8luTAkQzfsWjrdo7N00szc
 GmlxSyqsaMwU9KUPEUD/ILlJaxvTX8eKZtOPourpmVileEjQ5lQvFtu4b8OWgDs3
 5UdPbDiaYcQAMTbcJQ4z8DNwOoW9/OHGY2YmOdvbqamRr7T25Eku9v5yjLnR7mIm
 F1kkx5fhPkMd/zfM27hEavNcpq5sojCCccsm8IwuOcKZxytONpWnDbcVLT7znGEt
 WArxqoxHfnJ5IbxXSb5xCQdhNg/Fe7JvcF6ztM+C5oy0J7e3Erw=
 =de4i
 -----END PGP SIGNATURE-----

Merge 4.14.110 into android-4.14-q

Changes in 4.14.110
	Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
	Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
	video: fbdev: Set pixclock = 0 in goldfishfb
	stmmac: copy unicast mac address to MAC registers
	dccp: do not use ipv6 header for ipv4 flow
	genetlink: Fix a memory leak on error path
	mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S
	net: datagram: fix unbounded loop in __skb_try_recv_datagram()
	net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec
	net: rose: fix a possible stack overflow
	net: stmmac: fix memory corruption with large MTUs
	net-sysfs: call dev_hold if kobject_init_and_add success
	packets: Always register packet sk in the same order
	rhashtable: Still do rehash when we get EEXIST
	tcp: do not use ipv6 header for ipv4 flow
	thunderx: enable page recycling for non-XDP case
	thunderx: eliminate extra calls to put_page() for pages held for recycling
	vxlan: Don't call gro_cells_destroy() before device is unregistered
	sctp: get sctphdr by offset in sctp_compute_cksum
	net: aquantia: fix rx checksum offload for UDP/TCP over IPv6
	mac8390: Fix mmio access size probe
	tun: properly test for IFF_UP
	tun: add a missing rcu_read_unlock() in error path
	powerpc/64s: Add support for ori barrier_nospec patching
	powerpc/64s: Patch barrier_nospec in modules
	powerpc/64s: Enable barrier_nospec based on firmware settings
	powerpc: Use barrier_nospec in copy_from_user()
	powerpc/64: Use barrier_nospec in syscall entry
	powerpc/64s: Enhance the information in cpu_show_spectre_v1()
	powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
	powerpc/64: Disable the speculation barrier from the command line
	powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
	powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
	powerpc/64: Call setup_barrier_nospec() from setup_arch()
	powerpc/64: Make meltdown reporting Book3S 64 specific
	powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E
	powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms
	powerpc/asm: Add a patch_site macro & helpers for patching instructions
	powerpc/64s: Add new security feature flags for count cache flush
	powerpc/64s: Add support for software count cache flush
	powerpc/pseries: Query hypervisor for count cache flush settings
	powerpc/powernv: Query firmware for count cache flush settings
	powerpc/fsl: Add infrastructure to fixup branch predictor flush
	powerpc/fsl: Add macro to flush the branch predictor
	powerpc/fsl: Fix spectre_v2 mitigations reporting
	powerpc/fsl: Emulate SPRN_BUCSR register
	powerpc/fsl: Add nospectre_v2 command line argument
	powerpc/fsl: Flush the branch predictor at each kernel entry (64bit)
	powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit)
	powerpc/fsl: Flush branch predictor when entering KVM
	powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used
	powerpc/fsl: Update Spectre v2 reporting
	powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup'
	powerpc/fsl: Fix the flush of branch predictor.
	powerpc/security: Fix spectre_v2 reporting
	Btrfs: fix incorrect file size after shrinking truncate and fsync
	btrfs: remove WARN_ON in log_dir_items
	btrfs: raid56: properly unmap parity page in finish_parity_scrub()
	ARM: imx6q: cpuidle: fix bug that CPU might not wake up at expected time
	powerpc: bpf: Fix generation of load/store DW instructions
	NFSv4.1 don't free interrupted slot on open
	net: dsa: qca8k: remove leftover phy accessors
	ALSA: rawmidi: Fix potential Spectre v1 vulnerability
	ALSA: seq: oss: Fix Spectre v1 vulnerability
	ALSA: pcm: Fix possible OOB access in PCM oss plugins
	ALSA: pcm: Don't suspend stream in unrecoverable PCM state
	ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
	ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB
	kbuild: modversions: Fix relative CRC byte order interpretation
	fs/open.c: allow opening only regular files during execve()
	ocfs2: fix inode bh swapping mixup in ocfs2_reflink_inodes_lock
	scsi: sd: Fix a race between closing an sd device and sd I/O
	scsi: sd: Quiesce warning if device does not report optimal I/O size
	scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host
	scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices
	tty: atmel_serial: fix a potential NULL pointer dereference
	staging: comedi: ni_mio_common: Fix divide-by-zero for DIO cmdtest
	staging: vt6655: Remove vif check from vnt_interrupt
	staging: vt6655: Fix interrupt race condition on device start up.
	serial: max310x: Fix to avoid potential NULL pointer dereference
	serial: sh-sci: Fix setting SCSCR_TIE while transferring data
	USB: serial: cp210x: add new device id
	USB: serial: ftdi_sio: add additional NovaTech products
	USB: serial: mos7720: fix mos_parport refcount imbalance on error path
	USB: serial: option: set driver_info for SIM5218 and compatibles
	USB: serial: option: add support for Quectel EM12
	USB: serial: option: add Olicard 600
	Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc
	fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links
	drm/vgem: fix use-after-free when drm_gem_handle_create() fails
	gpio: exar: add a check for the return value of ida_simple_get fails
	gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input
	phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs
	usb: mtu3: fix EXTCON dependency
	USB: gadget: f_hid: fix deadlock in f_hidg_write()
	usb: common: Consider only available nodes for dr_mode
	usb: host: xhci-rcar: Add XHCI_TRUST_TX_LENGTH quirk
	xhci: Fix port resume done detection for SS ports with LPM enabled
	usb: cdc-acm: fix race during wakeup blocking TX traffic
	mm/migrate.c: add missing flush_dcache_page for non-mapped page migrate
	perf intel-pt: Fix TSC slip
	cpu/hotplug: Prevent crash when CPU bringup fails on CONFIG_HOTPLUG_CPU=n
	x86/smp: Enforce CONFIG_HOTPLUG_CPU when SMP=y
	KVM: Reject device ioctls from processes other than the VM's creator
	KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts
	Revert "USB: core: only clean up what we allocated"
	vfio: ccw: only free cp on final interrupt
	Linux 4.14.110

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-04-03 07:12:28 +02:00
Greg Kroah-Hartman
588c629944 This is the 4.14.110 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlykNbEACgkQONu9yGCS
 aT5HyQ//X23Zk/FFcyVZv3U/CTmuLGDyLDiVFAKoGwngGhYVSpH5LuF7al/Csihc
 pKiwi+oz3qj89+/Rx3OvtHUTnIE2sBcuN0nBclwHY+5uTmv6m9a358/LPRWEDl19
 HUSFwrRS0bmOcrG5W+p+XSQ/VBv/UhigLQ5PJ9ezvcgUW/kh0SuVd0FTUGxse8wi
 jaJSaKISSHtwoqoWjLUHeyWR+pl8rRZx6ujfcQXl9+0Ei9Rl/osDezexDNfaoKBA
 CGHYdFNVlYMhPIO0Z5X0jsIUUnCn5DwmHEFqjQsPq49y1sJhd5yCTciF0VtMaFQm
 r1+VCNXTEWaEOrHrL8DzkOKXm+mKjY72P1tsodpjGwBb1y1gEtQwH3jf9jhUQvrh
 0/YN39BKjE5f0X4Nusri35r+8DgjK9aab5AlMBezIm8luTAkQzfsWjrdo7N00szc
 GmlxSyqsaMwU9KUPEUD/ILlJaxvTX8eKZtOPourpmVileEjQ5lQvFtu4b8OWgDs3
 5UdPbDiaYcQAMTbcJQ4z8DNwOoW9/OHGY2YmOdvbqamRr7T25Eku9v5yjLnR7mIm
 F1kkx5fhPkMd/zfM27hEavNcpq5sojCCccsm8IwuOcKZxytONpWnDbcVLT7znGEt
 WArxqoxHfnJ5IbxXSb5xCQdhNg/Fe7JvcF6ztM+C5oy0J7e3Erw=
 =de4i
 -----END PGP SIGNATURE-----

Merge 4.14.110 into android-4.14

Changes in 4.14.110
	Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
	Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
	video: fbdev: Set pixclock = 0 in goldfishfb
	stmmac: copy unicast mac address to MAC registers
	dccp: do not use ipv6 header for ipv4 flow
	genetlink: Fix a memory leak on error path
	mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S
	net: datagram: fix unbounded loop in __skb_try_recv_datagram()
	net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec
	net: rose: fix a possible stack overflow
	net: stmmac: fix memory corruption with large MTUs
	net-sysfs: call dev_hold if kobject_init_and_add success
	packets: Always register packet sk in the same order
	rhashtable: Still do rehash when we get EEXIST
	tcp: do not use ipv6 header for ipv4 flow
	thunderx: enable page recycling for non-XDP case
	thunderx: eliminate extra calls to put_page() for pages held for recycling
	vxlan: Don't call gro_cells_destroy() before device is unregistered
	sctp: get sctphdr by offset in sctp_compute_cksum
	net: aquantia: fix rx checksum offload for UDP/TCP over IPv6
	mac8390: Fix mmio access size probe
	tun: properly test for IFF_UP
	tun: add a missing rcu_read_unlock() in error path
	powerpc/64s: Add support for ori barrier_nospec patching
	powerpc/64s: Patch barrier_nospec in modules
	powerpc/64s: Enable barrier_nospec based on firmware settings
	powerpc: Use barrier_nospec in copy_from_user()
	powerpc/64: Use barrier_nospec in syscall entry
	powerpc/64s: Enhance the information in cpu_show_spectre_v1()
	powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2
	powerpc/64: Disable the speculation barrier from the command line
	powerpc/64: Make stf barrier PPC_BOOK3S_64 specific.
	powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC
	powerpc/64: Call setup_barrier_nospec() from setup_arch()
	powerpc/64: Make meltdown reporting Book3S 64 specific
	powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E
	powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms
	powerpc/asm: Add a patch_site macro & helpers for patching instructions
	powerpc/64s: Add new security feature flags for count cache flush
	powerpc/64s: Add support for software count cache flush
	powerpc/pseries: Query hypervisor for count cache flush settings
	powerpc/powernv: Query firmware for count cache flush settings
	powerpc/fsl: Add infrastructure to fixup branch predictor flush
	powerpc/fsl: Add macro to flush the branch predictor
	powerpc/fsl: Fix spectre_v2 mitigations reporting
	powerpc/fsl: Emulate SPRN_BUCSR register
	powerpc/fsl: Add nospectre_v2 command line argument
	powerpc/fsl: Flush the branch predictor at each kernel entry (64bit)
	powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit)
	powerpc/fsl: Flush branch predictor when entering KVM
	powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used
	powerpc/fsl: Update Spectre v2 reporting
	powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup'
	powerpc/fsl: Fix the flush of branch predictor.
	powerpc/security: Fix spectre_v2 reporting
	Btrfs: fix incorrect file size after shrinking truncate and fsync
	btrfs: remove WARN_ON in log_dir_items
	btrfs: raid56: properly unmap parity page in finish_parity_scrub()
	ARM: imx6q: cpuidle: fix bug that CPU might not wake up at expected time
	powerpc: bpf: Fix generation of load/store DW instructions
	NFSv4.1 don't free interrupted slot on open
	net: dsa: qca8k: remove leftover phy accessors
	ALSA: rawmidi: Fix potential Spectre v1 vulnerability
	ALSA: seq: oss: Fix Spectre v1 vulnerability
	ALSA: pcm: Fix possible OOB access in PCM oss plugins
	ALSA: pcm: Don't suspend stream in unrecoverable PCM state
	ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO
	ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB
	kbuild: modversions: Fix relative CRC byte order interpretation
	fs/open.c: allow opening only regular files during execve()
	ocfs2: fix inode bh swapping mixup in ocfs2_reflink_inodes_lock
	scsi: sd: Fix a race between closing an sd device and sd I/O
	scsi: sd: Quiesce warning if device does not report optimal I/O size
	scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host
	scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices
	tty: atmel_serial: fix a potential NULL pointer dereference
	staging: comedi: ni_mio_common: Fix divide-by-zero for DIO cmdtest
	staging: vt6655: Remove vif check from vnt_interrupt
	staging: vt6655: Fix interrupt race condition on device start up.
	serial: max310x: Fix to avoid potential NULL pointer dereference
	serial: sh-sci: Fix setting SCSCR_TIE while transferring data
	USB: serial: cp210x: add new device id
	USB: serial: ftdi_sio: add additional NovaTech products
	USB: serial: mos7720: fix mos_parport refcount imbalance on error path
	USB: serial: option: set driver_info for SIM5218 and compatibles
	USB: serial: option: add support for Quectel EM12
	USB: serial: option: add Olicard 600
	Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc
	fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links
	drm/vgem: fix use-after-free when drm_gem_handle_create() fails
	gpio: exar: add a check for the return value of ida_simple_get fails
	gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input
	phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs
	usb: mtu3: fix EXTCON dependency
	USB: gadget: f_hid: fix deadlock in f_hidg_write()
	usb: common: Consider only available nodes for dr_mode
	usb: host: xhci-rcar: Add XHCI_TRUST_TX_LENGTH quirk
	xhci: Fix port resume done detection for SS ports with LPM enabled
	usb: cdc-acm: fix race during wakeup blocking TX traffic
	mm/migrate.c: add missing flush_dcache_page for non-mapped page migrate
	perf intel-pt: Fix TSC slip
	cpu/hotplug: Prevent crash when CPU bringup fails on CONFIG_HOTPLUG_CPU=n
	x86/smp: Enforce CONFIG_HOTPLUG_CPU when SMP=y
	KVM: Reject device ioctls from processes other than the VM's creator
	KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts
	Revert "USB: core: only clean up what we allocated"
	vfio: ccw: only free cp on final interrupt
	Linux 4.14.110

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-04-03 06:59:26 +02:00
YueHaibing
0d9ef3f5b0 fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links 
commit 23da9588037ecdd4901db76a5b79a42b529c4ec3 upstream.

Syzkaller reports:

kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] SMP KASAN PTI
CPU: 1 PID: 5373 Comm: syz-executor.0 Not tainted 5.0.0-rc8+ #3
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
RIP: 0010:put_links+0x101/0x440 fs/proc/proc_sysctl.c:1599
Code: 00 0f 85 3a 03 00 00 48 8b 43 38 48 89 44 24 20 48 83 c0 38 48 89 c2 48 89 44 24 28 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 0f 85 fe 02 00 00 48 8b 74 24 20 48 c7 c7 60 2a 9d 91
RSP: 0018:ffff8881d828f238 EFLAGS: 00010202
RAX: dffffc0000000000 RBX: ffff8881e01b1140 RCX: ffffffff8ee98267
RDX: 0000000000000007 RSI: ffffc90001479000 RDI: ffff8881e01b1178
RBP: dffffc0000000000 R08: ffffed103ee27259 R09: ffffed103ee27259
R10: 0000000000000001 R11: ffffed103ee27258 R12: fffffffffffffff4
R13: 0000000000000006 R14: ffff8881f59838c0 R15: dffffc0000000000
FS:  00007f072254f700(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fff8b286668 CR3: 00000001f0542002 CR4: 00000000007606e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
PKRU: 55555554
Call Trace:
 drop_sysctl_table+0x152/0x9f0 fs/proc/proc_sysctl.c:1629
 get_subdir fs/proc/proc_sysctl.c:1022 [inline]
 __register_sysctl_table+0xd65/0x1090 fs/proc/proc_sysctl.c:1335
 br_netfilter_init+0xbc/0x1000 [br_netfilter]
 do_one_initcall+0xfa/0x5ca init/main.c:887
 do_init_module+0x204/0x5f6 kernel/module.c:3460
 load_module+0x66b2/0x8570 kernel/module.c:3808
 __do_sys_finit_module+0x238/0x2a0 kernel/module.c:3902
 do_syscall_64+0x147/0x600 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x462e99
Code: f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f072254ec58 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
RAX: ffffffffffffffda RBX: 000000000073bf00 RCX: 0000000000462e99
RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
RBP: 00007f072254ec70 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f072254f6bc
R13: 00000000004bcefa R14: 00000000006f6fb0 R15: 0000000000000004
Modules linked in: br_netfilter(+) dvb_usb_dibusb_mc_common dib3000mc dibx000_common dvb_usb_dibusb_common dvb_usb_dw2102 dvb_usb classmate_laptop palmas_regulator cn videobuf2_v4l2 v4l2_common snd_soc_bd28623 mptbase snd_usb_usx2y snd_usbmidi_lib snd_rawmidi wmi libnvdimm lockd sunrpc grace rc_kworld_pc150u rc_core rtc_da9063 sha1_ssse3 i2c_cros_ec_tunnel adxl34x_spi adxl34x nfnetlink lib80211 i5500_temp dvb_as102 dvb_core videobuf2_common videodev media videobuf2_vmalloc videobuf2_memops udc_core lnbp22 leds_lp3952 hid_roccat_ryos s1d13xxxfb mtd vport_geneve openvswitch nf_conncount nf_nat_ipv6 nsh geneve udp_tunnel ip6_udp_tunnel snd_soc_mt6351 sis_agp phylink snd_soc_adau1761_spi snd_soc_adau1761 snd_soc_adau17x1 snd_soc_core snd_pcm_dmaengine ac97_bus snd_compress snd_soc_adau_utils snd_soc_sigmadsp_regmap snd_soc_sigmadsp raid_class hid_roccat_konepure hid_roccat_common hid_roccat c2port_duramar2150 core mdio_bcm_unimac iptable_security iptable_raw iptable_mangle
 iptable_nat nf_nat_ipv4 nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 iptable_filter bpfilter ip6_vti ip_vti ip_gre ipip sit tunnel4 ip_tunnel hsr veth netdevsim devlink vxcan batman_adv cfg80211 rfkill chnl_net caif nlmon dummy team bonding vcan bridge stp llc ip6_gre gre ip6_tunnel tunnel6 tun crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel joydev mousedev ide_pci_generic piix aesni_intel aes_x86_64 ide_core crypto_simd atkbd cryptd glue_helper serio_raw ata_generic pata_acpi i2c_piix4 floppy sch_fq_codel ip_tables x_tables ipv6 [last unloaded: lm73]
Dumping ftrace buffer:
   (ftrace buffer empty)
---[ end trace 770020de38961fd0 ]---

A new dir entry can be created in get_subdir and its 'header->parent' is
set to NULL.  Only after insert_header success, it will be set to 'dir',
otherwise 'header->parent' is set to NULL and drop_sysctl_table is called.
However in err handling path of get_subdir, drop_sysctl_table also be
called on 'new->header' regardless its value of parent pointer.  Then
put_links is called, which triggers NULL-ptr deref when access member of
header->parent.

In fact we have multiple error paths which call drop_sysctl_table() there,
upon failure on insert_links() we also call drop_sysctl_table().And even
in the successful case on __register_sysctl_table() we still always call
drop_sysctl_table().This patch fix it.

Link: http://lkml.kernel.org/r/20190314085527.13244-1-yuehaibing@huawei.com
Fixes: 0e47c99d7fe25 ("sysctl: Replace root_list with links between sysctl_table_sets")
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Reported-by: Hulk Robot <hulkci@huawei.com>
Acked-by: Luis Chamberlain <mcgrof@kernel.org>
Cc: Kees Cook <keescook@chromium.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Eric W. Biederman <ebiederm@xmission.com>
Cc: <stable@vger.kernel.org>    [3.4+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 2019-04-03 06:25:19 +02:00
Johannes Weiner
d900bee055 BACKPORT: sched: loadavg: consolidate LOAD_INT, LOAD_FRAC, CALC_LOAD 
There are several definitions of those functions/macros in places that
mess with fixed-point load averages.  Provide an official version.

[akpm@linux-foundation.org: fix missed conversion in block/blk-iolatency.c]
Link: http://lkml.kernel.org/r/20180828172258.3185-5-hannes@cmpxchg.org
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: Suren Baghdasaryan <surenb@google.com>
Tested-by: Daniel Drake <drake@endlessm.com>
Cc: Christopher Lameter <cl@linux.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Johannes Weiner <jweiner@fb.com>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Peter Enderborg <peter.enderborg@sony.com>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Vinayak Menon <vinmenon@codeaurora.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

(cherry picked from commit 8508cf3ffad4defa202b303e5b6379efc4cd9054)

Conflicts:
        block/blk-iolatency.c

(1. skipped changes in block/blk-iolatency.c as file does not exist in 4.14)

Bug: 127712811
Test: lmkd in PSI mode
Change-Id: Ifb7e12280b2aa4d379df29e24bbeab3e82a0bff8
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
 2019-03-21 16:19:55 -07:00
Roman Gushchin
fd7f993edf mm: show number of vmalloc pages in /proc/meminfo 
Vmalloc() is getting more and more used these days (kernel stacks,
bpf and percpu allocator are new top users), and the total %
of memory consumed by vmalloc() can be pretty significant
and changes dynamically.

/proc/meminfo is the best place to display this information:
its top goal is to show top consumers of the memory.

Since the VmallocUsed field in /proc/meminfo is not in use
for quite a long time (it has been defined to 0 by the
commit a5ad88ce8c7f ("mm: get rid of 'vmalloc_info' from
/proc/meminfo")), let's reuse it for showing the actual
physical memory consumption of vmalloc().

Change-Id: Ice4fd4b94c9c156b463487aaef033a8f8c3aa821
Signed-off-by: Roman Gushchin <guro@fb.com>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Patch-mainline: linux-mm @ Mon, 25 Feb 2019 12:30:37 -0800
Signed-off-by: Vijayanand Jitta <vjitta@codeaurora.org>
Signed-off-by: Vinayak Menon <vinmenon@codeaurora.org>
 2019-03-19 22:53:38 -07:00
Blagovest Kolenichev
7ab08b2ef4 Merge android-4.14-p.104 (1912b02) into msm-4.14 
* refs/heads/tmp-1912b02:
  Linux 4.14.104
  net: phylink: avoid resolving link state too early
  sched/sysctl: Fix attributes of some extern declarations
  phy: tegra: remove redundant self assignment of 'map'
  pinctrl: max77620: Use define directive for max77620_pinconf_param values
  netfilter: ipv6: Don't preserve original oif for loopback address
  netfilter: nft_compat: use-after-free when deleting targets
  netfilter: nf_tables: fix flush after rule deletion in the same batch
  Revert "bridge: do not add port to router list when receives query with source 0.0.0.0"
  net: avoid false positives in untrusted gso validation
  net: validate untrusted gso packets without csum offload
  drm/i915/fbdev: Actually configure untiled displays
  ARC: define ARCH_SLAB_MINALIGN = 8
  ARC: U-boot: check arguments paranoidly
  ARCv2: Enable unaligned access in early ASM code
  parisc: Fix ptrace syscall number modification
  KEYS: always initialize keyring_index_key::desc_len
  KEYS: user: Align the payload buffer
  RDMA/srp: Rework SCSI device reset handling
  inet_diag: fix reporting cgroup classid and fallback to priority
  net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames
  sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
  team: avoid complex list operations in team_nl_cmd_options_set()
  sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment
  net: sfp: do not probe SFP module before we're attached
  net/packet: fix 4gb buffer limit due to overflow check
  net/mlx5e: Don't overwrite pedit action when multiple pedit used
  ipv6: propagate genlmsg_reply return code
  batman-adv: fix uninit-value in batadv_interface_tx()
  isdn: avm: Fix string plus integer warning from Clang
  net/mlx5e: Fix wrong (zero) TX drop counter indication for representor
  mlxsw: spectrum_switchdev: Do not treat static FDB entries as sticky
  bpf: bpf_setsockopt: reset sock dst on SO_MARK changes
  leds: lp5523: fix a missing check of return value of lp55xx_read
  hwmon: (tmp421) Correct the misspelling of the tmp442 compatible attribute in OF device ID table
  atm: he: fix sign-extension overflow on large shift
  drm/meson: add missing of_node_put
  always clear the X2APIC_ENABLE bit for PV guest
  scsi: qedi: Add ep_state for login completion on un-reachable targets
  scsi: ufs: Fix system suspend status
  isdn: i4l: isdn_tty: Fix some concurrency double-free bugs
  net: stmmac: Fix PCI module removal leak
  bpf: correctly set initial window on active Fast Open sender
  MIPS: jazz: fix 64bit build
  scsi: isci: initialize shost fully before calling scsi_add_host()
  scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param
  netfilter: nf_tables: fix leaking object reference count
  MIPS: ath79: Enable OF serial ports in the default config
  net: hns: Fix use after free identified by SLUB debug
  qed: Fix qed_ll2_post_rx_buffer_notify_fw() by adding a write memory barrier
  qed: Fix qed_chain_set_prod() for PBL chains with non power of 2 page count
  xen/pvcalls: remove set but not used variable 'intf'
  mfd: mc13xxx: Fix a missing check of a register-read failure
  mfd: tps65218: Use devm_regmap_add_irq_chip and clean up error path in probe()
  mfd: wm5110: Add missing ASRC rate register
  mfd: qcom_rpm: write fw_version to CTRL_REG
  mfd: bd9571mwv: Add volatile register to make DVFS work
  mfd: ab8500-core: Return zero in get_register_interruptible()
  mfd: mt6397: Do not call irq_domain_remove if PMIC unsupported
  mfd: db8500-prcmu: Fix some section annotations
  mfd: twl-core: Fix section annotations on {,un}protect_pm_master
  pvcalls-back: set -ENOTCONN in pvcalls_conn_back_read
  mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells
  KEYS: allow reaching the keys quotas exactly
  proc, oom: do not report alien mms when setting oom_score_adj
  numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES
  ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
  libceph: handle an empty authorize reply
  mac80211: Free mpath object when rhashtable insertion fails
  mac80211: Restore vif beacon interval if start ap fails
  MIPS: eBPF: Always return sign extended 32b values
  tracing: Fix number of entries in trace header
  ARM: 8834/1: Fix: kprobes: optimized kprobes illegal instruction

Change-Id: Iaa9dd7842d9c83e5bfd7ea15e7d772fe0ce92438
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2019-03-01 11:14:49 -08:00
Blagovest Kolenichev
9ec70dd408 Merge android-4.14-p.102 (6d248da0) into msm-4.14 
* refs/heads/tmp-6d248da0:
  Revert "sched, trace: Fix prev_state output in sched_switch tracepoint"
  Linux 4.14.102
  uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define
  pinctrl: msm: fix gpio-hog related boot issues
  futex: Cure exit race
  sched, trace: Fix prev_state output in sched_switch tracepoint
  drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set
  dm thin: fix bug where bio that overwrites thin block ignores FUA
  dm crypt: don't overallocate the integrity tag space
  x86/a.out: Clear the dump structure initially
  md/raid1: don't clear bitmap bits on interrupted recovery.
  signal: Restore the stop PTRACE_EVENT_EXIT
  x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls
  tracing/uprobes: Fix output for multiple string arguments
  alpha: Fix Eiger NR_IRQS to 128
  alpha: fix page fault handling for r16-r18 targets
  mm: proc: smaps_rollup: fix pss_locked calculation
  Input: elantech - enable 3rd button support on Fujitsu CELSIUS H780
  Input: bma150 - register input device after setting private data
  kvm: vmx: Fix entry number check for add_atomic_switch_msr()
  ALSA: usb-audio: Fix implicit fb endpoint setup by quirk
  ALSA: hda - Add quirk for HP EliteBook 840 G5
  perf/x86: Add check_period PMU callback
  perf/core: Fix impossible ring-buffer sizes warning
  Input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK
  Revert "Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G"
  cifs: Limit memory used by lock request calls to a page
  drm/nouveau/falcon: avoid touching registers if engine is off
  drm/nouveau: Don't disable polling in fallback mode
  gpio: pl061: handle failed allocations
  ARM: dts: kirkwood: Fix polarity of GPIO fan lines
  ARM: dts: da850-lcdk: Correct the sound card name
  ARM: dts: da850-evm: Correct the sound card name
  nvme-pci: use the same attributes when freeing host_mem_desc_bufs.
  drm/bridge: tc358767: fix output H/V syncs
  drm/bridge: tc358767: reject modes which require too much BW
  drm/bridge: tc358767: fix initial DP0/1_SRCCTRL value
  drm/bridge: tc358767: fix single lane configuration
  drm/bridge: tc358767: add defines for DP1_SRCCTRL & PHY_2LANE
  cpufreq: check if policy is inactive early in __cpufreq_get()
  perf test shell: Use a fallback to get the pathname in vfs_getname
  ACPI: NUMA: Use correct type for printing addresses on i386-PAE
  bnx2x: disable GSO where gso_size is too big for hardware
  net: create skb_gso_validate_mac_len()
  ARM: fix the cockup in the previous patch
  ARM: ensure that processor vtables is not lost after boot
  ARM: spectre-v2: per-CPU vtables to work around big.Little systems
  ARM: add PROC_VTABLE and PROC_TABLE macros
  ARM: clean up per-processor check_bugs method call
  ARM: split out processor lookup
  ARM: make lookup_processor_type() non-__init
  ARM: 8810/1: vfp: Fix wrong assignement to ufp_exc
  ARM: 8797/1: spectre-v1.1: harden __copy_to_user
  ARM: 8796/1: spectre-v1,v1.1: provide helpers for address sanitization
  ARM: 8795/1: spectre-v1.1: use put_user() for __put_user()
  ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit
  ARM: 8793/1: signal: replace __put_user_error with __put_user
  ARM: 8792/1: oabi-compat: copy oabi events using __copy_to_user()
  ARM: 8791/1: vfp: use __copy_to_user() when saving VFP state
  ARM: 8790/1: signal: always use __copy_to_user to save iwmmxt context
  ARM: 8789/1: signal: copy registers using __copy_to_user()
  uapi/if_ether.h: prevent redefinition of struct ethhdr
  blk-mq: fix a hung issue when fsync
  eeprom: at24: add support for 24c2048
  dt-bindings: eeprom: at24: add "atmel,24c2048" compatible string

Change-Id: I76266eef1ae49d35fb83938d82066e72be54bb2c
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2019-03-01 11:14:41 -08:00
Greg Kroah-Hartman
1912b02244 This is the 4.14.104 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlx2U3kACgkQONu9yGCS
 aT6ocg//RY5zNiVm1frgw1M6HrUUfPO0nXMs67X93sIZ+Iwym5gUBWAK9wfyLn/h
 7G5bGnKya9IS1ltU1Z2fwaIt+N7Wnih3sMk/6ypmf4VdDVE2mGrML0D3nPW7fO3A
 iiXzdixDQlt/VHNB2CXg/z0a7cvtw6ZNF+69QR+plHEGgy40tNvIYPbeCMgfKBAk
 hkv1BjN3SdHzM0CbIDBx/Wq/kFP/pUEcmVJ0gafdZiYAQM69nkQvFcoSslASfbP4
 /VP1vlXO0EINgGn8u6/C+iGoGbPYCXOcwafUXEFVh2bQML4IfOiX1mGE3ve5Pe5Z
 ooYbbhsyKfEtclNfBKUjuTfdrkHBedyoeohkEhzDzpQBpeoW3yp5y/1sTdIMHeHs
 j4L1qmgX3QfWrJXyaBWKaHOQjK+rpZPfbt+pfxE9l8+M+6jzHtnmabVdjxZ70LNn
 YySa4eCW57HIV3Z3aMDL9fWNEAYxsXNtfc0h9rh0Byery44HNDAAeBaVSDsZFcbI
 uLslCcKWNyJ/52Z+XkFWKzSYKHdpe2TvPzsDllokE7OpCRF35Wsdsf6V0LJrOXRO
 t5O4t6rimhCF/Icd1oJmyV/SmDd8yrw3tE9JBdzZEmlBZpKDP0UCx8fMsQNPgE8y
 NmKeDp0L4w44PBeTjqSrE8Q3o6BdtWsZEXz3x+zmkLyiZ7N6mzc=
 =ODN3
 -----END PGP SIGNATURE-----

Merge 4.14.104 into android-4.14-p

Changes in 4.14.104
	ARM: 8834/1: Fix: kprobes: optimized kprobes illegal instruction
	tracing: Fix number of entries in trace header
	MIPS: eBPF: Always return sign extended 32b values
	mac80211: Restore vif beacon interval if start ap fails
	mac80211: Free mpath object when rhashtable insertion fails
	libceph: handle an empty authorize reply
	ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
	numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES
	proc, oom: do not report alien mms when setting oom_score_adj
	KEYS: allow reaching the keys quotas exactly
	mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells
	pvcalls-back: set -ENOTCONN in pvcalls_conn_back_read
	mfd: twl-core: Fix section annotations on {,un}protect_pm_master
	mfd: db8500-prcmu: Fix some section annotations
	mfd: mt6397: Do not call irq_domain_remove if PMIC unsupported
	mfd: ab8500-core: Return zero in get_register_interruptible()
	mfd: bd9571mwv: Add volatile register to make DVFS work
	mfd: qcom_rpm: write fw_version to CTRL_REG
	mfd: wm5110: Add missing ASRC rate register
	mfd: tps65218: Use devm_regmap_add_irq_chip and clean up error path in probe()
	mfd: mc13xxx: Fix a missing check of a register-read failure
	xen/pvcalls: remove set but not used variable 'intf'
	qed: Fix qed_chain_set_prod() for PBL chains with non power of 2 page count
	qed: Fix qed_ll2_post_rx_buffer_notify_fw() by adding a write memory barrier
	net: hns: Fix use after free identified by SLUB debug
	MIPS: ath79: Enable OF serial ports in the default config
	netfilter: nf_tables: fix leaking object reference count
	scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param
	scsi: isci: initialize shost fully before calling scsi_add_host()
	MIPS: jazz: fix 64bit build
	bpf: correctly set initial window on active Fast Open sender
	net: stmmac: Fix PCI module removal leak
	isdn: i4l: isdn_tty: Fix some concurrency double-free bugs
	scsi: ufs: Fix system suspend status
	scsi: qedi: Add ep_state for login completion on un-reachable targets
	always clear the X2APIC_ENABLE bit for PV guest
	drm/meson: add missing of_node_put
	atm: he: fix sign-extension overflow on large shift
	hwmon: (tmp421) Correct the misspelling of the tmp442 compatible attribute in OF device ID table
	leds: lp5523: fix a missing check of return value of lp55xx_read
	bpf: bpf_setsockopt: reset sock dst on SO_MARK changes
	mlxsw: spectrum_switchdev: Do not treat static FDB entries as sticky
	net/mlx5e: Fix wrong (zero) TX drop counter indication for representor
	isdn: avm: Fix string plus integer warning from Clang
	batman-adv: fix uninit-value in batadv_interface_tx()
	ipv6: propagate genlmsg_reply return code
	net/mlx5e: Don't overwrite pedit action when multiple pedit used
	net/packet: fix 4gb buffer limit due to overflow check
	net: sfp: do not probe SFP module before we're attached
	sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment
	team: avoid complex list operations in team_nl_cmd_options_set()
	sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
	net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames
	inet_diag: fix reporting cgroup classid and fallback to priority
	RDMA/srp: Rework SCSI device reset handling
	KEYS: user: Align the payload buffer
	KEYS: always initialize keyring_index_key::desc_len
	parisc: Fix ptrace syscall number modification
	ARCv2: Enable unaligned access in early ASM code
	ARC: U-boot: check arguments paranoidly
	ARC: define ARCH_SLAB_MINALIGN = 8
	drm/i915/fbdev: Actually configure untiled displays
	net: validate untrusted gso packets without csum offload
	net: avoid false positives in untrusted gso validation
	Revert "bridge: do not add port to router list when receives query with source 0.0.0.0"
	netfilter: nf_tables: fix flush after rule deletion in the same batch
	netfilter: nft_compat: use-after-free when deleting targets
	netfilter: ipv6: Don't preserve original oif for loopback address
	pinctrl: max77620: Use define directive for max77620_pinconf_param values
	phy: tegra: remove redundant self assignment of 'map'
	sched/sysctl: Fix attributes of some extern declarations
	net: phylink: avoid resolving link state too early
	Linux 4.14.104

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-02-27 10:25:27 +01:00
Greg Kroah-Hartman
0cc8f104f4 This is the 4.14.104 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlx2U3kACgkQONu9yGCS
 aT6ocg//RY5zNiVm1frgw1M6HrUUfPO0nXMs67X93sIZ+Iwym5gUBWAK9wfyLn/h
 7G5bGnKya9IS1ltU1Z2fwaIt+N7Wnih3sMk/6ypmf4VdDVE2mGrML0D3nPW7fO3A
 iiXzdixDQlt/VHNB2CXg/z0a7cvtw6ZNF+69QR+plHEGgy40tNvIYPbeCMgfKBAk
 hkv1BjN3SdHzM0CbIDBx/Wq/kFP/pUEcmVJ0gafdZiYAQM69nkQvFcoSslASfbP4
 /VP1vlXO0EINgGn8u6/C+iGoGbPYCXOcwafUXEFVh2bQML4IfOiX1mGE3ve5Pe5Z
 ooYbbhsyKfEtclNfBKUjuTfdrkHBedyoeohkEhzDzpQBpeoW3yp5y/1sTdIMHeHs
 j4L1qmgX3QfWrJXyaBWKaHOQjK+rpZPfbt+pfxE9l8+M+6jzHtnmabVdjxZ70LNn
 YySa4eCW57HIV3Z3aMDL9fWNEAYxsXNtfc0h9rh0Byery44HNDAAeBaVSDsZFcbI
 uLslCcKWNyJ/52Z+XkFWKzSYKHdpe2TvPzsDllokE7OpCRF35Wsdsf6V0LJrOXRO
 t5O4t6rimhCF/Icd1oJmyV/SmDd8yrw3tE9JBdzZEmlBZpKDP0UCx8fMsQNPgE8y
 NmKeDp0L4w44PBeTjqSrE8Q3o6BdtWsZEXz3x+zmkLyiZ7N6mzc=
 =ODN3
 -----END PGP SIGNATURE-----

Merge 4.14.104 into android-4.14

Changes in 4.14.104
	ARM: 8834/1: Fix: kprobes: optimized kprobes illegal instruction
	tracing: Fix number of entries in trace header
	MIPS: eBPF: Always return sign extended 32b values
	mac80211: Restore vif beacon interval if start ap fails
	mac80211: Free mpath object when rhashtable insertion fails
	libceph: handle an empty authorize reply
	ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
	numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES
	proc, oom: do not report alien mms when setting oom_score_adj
	KEYS: allow reaching the keys quotas exactly
	mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells
	pvcalls-back: set -ENOTCONN in pvcalls_conn_back_read
	mfd: twl-core: Fix section annotations on {,un}protect_pm_master
	mfd: db8500-prcmu: Fix some section annotations
	mfd: mt6397: Do not call irq_domain_remove if PMIC unsupported
	mfd: ab8500-core: Return zero in get_register_interruptible()
	mfd: bd9571mwv: Add volatile register to make DVFS work
	mfd: qcom_rpm: write fw_version to CTRL_REG
	mfd: wm5110: Add missing ASRC rate register
	mfd: tps65218: Use devm_regmap_add_irq_chip and clean up error path in probe()
	mfd: mc13xxx: Fix a missing check of a register-read failure
	xen/pvcalls: remove set but not used variable 'intf'
	qed: Fix qed_chain_set_prod() for PBL chains with non power of 2 page count
	qed: Fix qed_ll2_post_rx_buffer_notify_fw() by adding a write memory barrier
	net: hns: Fix use after free identified by SLUB debug
	MIPS: ath79: Enable OF serial ports in the default config
	netfilter: nf_tables: fix leaking object reference count
	scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param
	scsi: isci: initialize shost fully before calling scsi_add_host()
	MIPS: jazz: fix 64bit build
	bpf: correctly set initial window on active Fast Open sender
	net: stmmac: Fix PCI module removal leak
	isdn: i4l: isdn_tty: Fix some concurrency double-free bugs
	scsi: ufs: Fix system suspend status
	scsi: qedi: Add ep_state for login completion on un-reachable targets
	always clear the X2APIC_ENABLE bit for PV guest
	drm/meson: add missing of_node_put
	atm: he: fix sign-extension overflow on large shift
	hwmon: (tmp421) Correct the misspelling of the tmp442 compatible attribute in OF device ID table
	leds: lp5523: fix a missing check of return value of lp55xx_read
	bpf: bpf_setsockopt: reset sock dst on SO_MARK changes
	mlxsw: spectrum_switchdev: Do not treat static FDB entries as sticky
	net/mlx5e: Fix wrong (zero) TX drop counter indication for representor
	isdn: avm: Fix string plus integer warning from Clang
	batman-adv: fix uninit-value in batadv_interface_tx()
	ipv6: propagate genlmsg_reply return code
	net/mlx5e: Don't overwrite pedit action when multiple pedit used
	net/packet: fix 4gb buffer limit due to overflow check
	net: sfp: do not probe SFP module before we're attached
	sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment
	team: avoid complex list operations in team_nl_cmd_options_set()
	sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
	net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames
	inet_diag: fix reporting cgroup classid and fallback to priority
	RDMA/srp: Rework SCSI device reset handling
	KEYS: user: Align the payload buffer
	KEYS: always initialize keyring_index_key::desc_len
	parisc: Fix ptrace syscall number modification
	ARCv2: Enable unaligned access in early ASM code
	ARC: U-boot: check arguments paranoidly
	ARC: define ARCH_SLAB_MINALIGN = 8
	drm/i915/fbdev: Actually configure untiled displays
	net: validate untrusted gso packets without csum offload
	net: avoid false positives in untrusted gso validation
	Revert "bridge: do not add port to router list when receives query with source 0.0.0.0"
	netfilter: nf_tables: fix flush after rule deletion in the same batch
	netfilter: nft_compat: use-after-free when deleting targets
	netfilter: ipv6: Don't preserve original oif for loopback address
	pinctrl: max77620: Use define directive for max77620_pinconf_param values
	phy: tegra: remove redundant self assignment of 'map'
	sched/sysctl: Fix attributes of some extern declarations
	net: phylink: avoid resolving link state too early
	Linux 4.14.104

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-02-27 10:25:05 +01:00
Michal Hocko
e69eb7e8a0 proc, oom: do not report alien mms when setting oom_score_adj 
commit b2b469939e93458753cfbf8282ad52636495965e upstream.

Tetsuo has reported that creating a thousands of processes sharing MM
without SIGHAND (aka alien threads) and setting
/proc/<pid>/oom_score_adj will swamp the kernel log and takes ages [1]
to finish.  This is especially worrisome that all that printing is done
under RCU lock and this can potentially trigger RCU stall or softlockup
detector.

The primary reason for the printk was to catch potential users who might
depend on the behavior prior to 44a70adec910 ("mm, oom_adj: make sure
processes sharing mm have same view of oom_score_adj") but after more
than 2 years without a single report I guess it is safe to simply remove
the printk altogether.

The next step should be moving oom_score_adj over to the mm struct and
remove all the tasks crawling as suggested by [2]

[1] http://lkml.kernel.org/r/97fce864-6f75-bca5-14bc-12c9f890e740@i-love.sakura.ne.jp
[2] http://lkml.kernel.org/r/20190117155159.GA4087@dhcp22.suse.cz

Link: http://lkml.kernel.org/r/20190212102129.26288-1-mhocko@kernel.org
Signed-off-by: Michal Hocko <mhocko@suse.com>
Reported-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Acked-by: Johannes Weiner <hannes@cmpxchg.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Yong-Taek Lee <ytk.lee@samsung.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 2019-02-27 10:08:01 +01:00
Greg Kroah-Hartman
6d248da07f This is the 4.14.102 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlxtG/gACgkQONu9yGCS
 aT7ZKxAA1PZRUjg4Q7m0zI6VXIKoQrlgbdaFC9xMJ1ySYDCRUbLnHXzBp3GuksEs
 s8n/dHfLRRy9HEs5g6KLgTvI/mNjQNZXJ7pKtcVnU5o6O7Oz4t8+Fr+zkyXTGKky
 eB+IS8IodW1xKrcYUIVzqiovt2O8bbwLBQ4xdAOdJClf/SiMZyuP2IN1bXKqXbQ6
 D82Lbl0IJotaceF9V4CtrJhfEolqpU+6LW0gtdTEd00OLotK5svmVRvW71mNv+PK
 5Njx3428rs0Y8iEgiunpX7hrLsekqeE610iDiHkC6kMp1gaNVdG0hSRDquwRzVrO
 5R+SQqi3nd+k0Wt6beJE1xjdWwGkfZXZJYqK0AQY2kdnEA7sONDYt72at+5KchX5
 GrkdQVNqvZfKAAXvAFNqd9xDCWItl4mZPS4wFaY8LYJpzgWjNGuNHi+QmzQP08Kd
 pJoNOf3183tNMaf3iUzCkyyctbVMTlPwaqZKnUMOGvlpxrVi5qvWpgTxPHKZ5+BW
 TBW2FDiZfO5bcAMoJdbSPOJb1V6GnPojjNkU1UdInj6HVBTAvVNvCa9Tvfn5X5yO
 8QkS3wDGpKNGKGfSBkZvOTtY+2YByKI07K6f7ljqEt2xZGbHuK2swQZ7WDtFL82B
 klL+hDGzzfOilUidMVceYe2fi8d48YoXDVDSNSxPPJAPTDP+K20=
 =55az
 -----END PGP SIGNATURE-----

Merge 4.14.102 into android-4.14-p

Changes in 4.14.102
	dt-bindings: eeprom: at24: add "atmel,24c2048" compatible string
	eeprom: at24: add support for 24c2048
	blk-mq: fix a hung issue when fsync
	uapi/if_ether.h: prevent redefinition of struct ethhdr
	ARM: 8789/1: signal: copy registers using __copy_to_user()
	ARM: 8790/1: signal: always use __copy_to_user to save iwmmxt context
	ARM: 8791/1: vfp: use __copy_to_user() when saving VFP state
	ARM: 8792/1: oabi-compat: copy oabi events using __copy_to_user()
	ARM: 8793/1: signal: replace __put_user_error with __put_user
	ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit
	ARM: 8795/1: spectre-v1.1: use put_user() for __put_user()
	ARM: 8796/1: spectre-v1,v1.1: provide helpers for address sanitization
	ARM: 8797/1: spectre-v1.1: harden __copy_to_user
	ARM: 8810/1: vfp: Fix wrong assignement to ufp_exc
	ARM: make lookup_processor_type() non-__init
	ARM: split out processor lookup
	ARM: clean up per-processor check_bugs method call
	ARM: add PROC_VTABLE and PROC_TABLE macros
	ARM: spectre-v2: per-CPU vtables to work around big.Little systems
	ARM: ensure that processor vtables is not lost after boot
	ARM: fix the cockup in the previous patch
	net: create skb_gso_validate_mac_len()
	bnx2x: disable GSO where gso_size is too big for hardware
	ACPI: NUMA: Use correct type for printing addresses on i386-PAE
	perf test shell: Use a fallback to get the pathname in vfs_getname
	cpufreq: check if policy is inactive early in __cpufreq_get()
	drm/bridge: tc358767: add defines for DP1_SRCCTRL & PHY_2LANE
	drm/bridge: tc358767: fix single lane configuration
	drm/bridge: tc358767: fix initial DP0/1_SRCCTRL value
	drm/bridge: tc358767: reject modes which require too much BW
	drm/bridge: tc358767: fix output H/V syncs
	nvme-pci: use the same attributes when freeing host_mem_desc_bufs.
	ARM: dts: da850-evm: Correct the sound card name
	ARM: dts: da850-lcdk: Correct the sound card name
	ARM: dts: kirkwood: Fix polarity of GPIO fan lines
	gpio: pl061: handle failed allocations
	drm/nouveau: Don't disable polling in fallback mode
	drm/nouveau/falcon: avoid touching registers if engine is off
	cifs: Limit memory used by lock request calls to a page
	Revert "Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G"
	Input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK
	perf/core: Fix impossible ring-buffer sizes warning
	perf/x86: Add check_period PMU callback
	ALSA: hda - Add quirk for HP EliteBook 840 G5
	ALSA: usb-audio: Fix implicit fb endpoint setup by quirk
	kvm: vmx: Fix entry number check for add_atomic_switch_msr()
	Input: bma150 - register input device after setting private data
	Input: elantech - enable 3rd button support on Fujitsu CELSIUS H780
	mm: proc: smaps_rollup: fix pss_locked calculation
	alpha: fix page fault handling for r16-r18 targets
	alpha: Fix Eiger NR_IRQS to 128
	tracing/uprobes: Fix output for multiple string arguments
	x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls
	signal: Restore the stop PTRACE_EVENT_EXIT
	md/raid1: don't clear bitmap bits on interrupted recovery.
	x86/a.out: Clear the dump structure initially
	dm crypt: don't overallocate the integrity tag space
	dm thin: fix bug where bio that overwrites thin block ignores FUA
	drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set
	sched, trace: Fix prev_state output in sched_switch tracepoint
	futex: Cure exit race
	pinctrl: msm: fix gpio-hog related boot issues
	uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define
	Linux 4.14.102

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-02-20 10:43:43 +01:00
Greg Kroah-Hartman
01709c953f This is the 4.14.102 stable release 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlxtG/gACgkQONu9yGCS
 aT7ZKxAA1PZRUjg4Q7m0zI6VXIKoQrlgbdaFC9xMJ1ySYDCRUbLnHXzBp3GuksEs
 s8n/dHfLRRy9HEs5g6KLgTvI/mNjQNZXJ7pKtcVnU5o6O7Oz4t8+Fr+zkyXTGKky
 eB+IS8IodW1xKrcYUIVzqiovt2O8bbwLBQ4xdAOdJClf/SiMZyuP2IN1bXKqXbQ6
 D82Lbl0IJotaceF9V4CtrJhfEolqpU+6LW0gtdTEd00OLotK5svmVRvW71mNv+PK
 5Njx3428rs0Y8iEgiunpX7hrLsekqeE610iDiHkC6kMp1gaNVdG0hSRDquwRzVrO
 5R+SQqi3nd+k0Wt6beJE1xjdWwGkfZXZJYqK0AQY2kdnEA7sONDYt72at+5KchX5
 GrkdQVNqvZfKAAXvAFNqd9xDCWItl4mZPS4wFaY8LYJpzgWjNGuNHi+QmzQP08Kd
 pJoNOf3183tNMaf3iUzCkyyctbVMTlPwaqZKnUMOGvlpxrVi5qvWpgTxPHKZ5+BW
 TBW2FDiZfO5bcAMoJdbSPOJb1V6GnPojjNkU1UdInj6HVBTAvVNvCa9Tvfn5X5yO
 8QkS3wDGpKNGKGfSBkZvOTtY+2YByKI07K6f7ljqEt2xZGbHuK2swQZ7WDtFL82B
 klL+hDGzzfOilUidMVceYe2fi8d48YoXDVDSNSxPPJAPTDP+K20=
 =55az
 -----END PGP SIGNATURE-----

Merge 4.14.102 into android-4.14

Changes in 4.14.102
	dt-bindings: eeprom: at24: add "atmel,24c2048" compatible string
	eeprom: at24: add support for 24c2048
	blk-mq: fix a hung issue when fsync
	uapi/if_ether.h: prevent redefinition of struct ethhdr
	ARM: 8789/1: signal: copy registers using __copy_to_user()
	ARM: 8790/1: signal: always use __copy_to_user to save iwmmxt context
	ARM: 8791/1: vfp: use __copy_to_user() when saving VFP state
	ARM: 8792/1: oabi-compat: copy oabi events using __copy_to_user()
	ARM: 8793/1: signal: replace __put_user_error with __put_user
	ARM: 8794/1: uaccess: Prevent speculative use of the current addr_limit
	ARM: 8795/1: spectre-v1.1: use put_user() for __put_user()
	ARM: 8796/1: spectre-v1,v1.1: provide helpers for address sanitization
	ARM: 8797/1: spectre-v1.1: harden __copy_to_user
	ARM: 8810/1: vfp: Fix wrong assignement to ufp_exc
	ARM: make lookup_processor_type() non-__init
	ARM: split out processor lookup
	ARM: clean up per-processor check_bugs method call
	ARM: add PROC_VTABLE and PROC_TABLE macros
	ARM: spectre-v2: per-CPU vtables to work around big.Little systems
	ARM: ensure that processor vtables is not lost after boot
	ARM: fix the cockup in the previous patch
	net: create skb_gso_validate_mac_len()
	bnx2x: disable GSO where gso_size is too big for hardware
	ACPI: NUMA: Use correct type for printing addresses on i386-PAE
	perf test shell: Use a fallback to get the pathname in vfs_getname
	cpufreq: check if policy is inactive early in __cpufreq_get()
	drm/bridge: tc358767: add defines for DP1_SRCCTRL & PHY_2LANE
	drm/bridge: tc358767: fix single lane configuration
	drm/bridge: tc358767: fix initial DP0/1_SRCCTRL value
	drm/bridge: tc358767: reject modes which require too much BW
	drm/bridge: tc358767: fix output H/V syncs
	nvme-pci: use the same attributes when freeing host_mem_desc_bufs.
	ARM: dts: da850-evm: Correct the sound card name
	ARM: dts: da850-lcdk: Correct the sound card name
	ARM: dts: kirkwood: Fix polarity of GPIO fan lines
	gpio: pl061: handle failed allocations
	drm/nouveau: Don't disable polling in fallback mode
	drm/nouveau/falcon: avoid touching registers if engine is off
	cifs: Limit memory used by lock request calls to a page
	Revert "Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G"
	Input: elan_i2c - add ACPI ID for touchpad in Lenovo V330-15ISK
	perf/core: Fix impossible ring-buffer sizes warning
	perf/x86: Add check_period PMU callback
	ALSA: hda - Add quirk for HP EliteBook 840 G5
	ALSA: usb-audio: Fix implicit fb endpoint setup by quirk
	kvm: vmx: Fix entry number check for add_atomic_switch_msr()
	Input: bma150 - register input device after setting private data
	Input: elantech - enable 3rd button support on Fujitsu CELSIUS H780
	mm: proc: smaps_rollup: fix pss_locked calculation
	alpha: fix page fault handling for r16-r18 targets
	alpha: Fix Eiger NR_IRQS to 128
	tracing/uprobes: Fix output for multiple string arguments
	x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls
	signal: Restore the stop PTRACE_EVENT_EXIT
	md/raid1: don't clear bitmap bits on interrupted recovery.
	x86/a.out: Clear the dump structure initially
	dm crypt: don't overallocate the integrity tag space
	dm thin: fix bug where bio that overwrites thin block ignores FUA
	drm/i915: Prevent a race during I915_GEM_MMAP ioctl with WC set
	sched, trace: Fix prev_state output in sched_switch tracepoint
	futex: Cure exit race
	pinctrl: msm: fix gpio-hog related boot issues
	uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define
	Linux 4.14.102

Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
 2019-02-20 10:43:03 +01:00
Sandeep Patil
716926f409 mm: proc: smaps_rollup: fix pss_locked calculation 
commit 27dd768ed8db48beefc4d9e006c58e7a00342bde upstream.

The 'pss_locked' field of smaps_rollup was being calculated incorrectly.
It accumulated the current pss everytime a locked VMA was found.  Fix
that by adding to 'pss_locked' the same time as that of 'pss' if the vma
being walked is locked.

Link: http://lkml.kernel.org/r/20190203065425.14650-1-sspatil@android.com
Fixes: 493b0e9d945f ("mm: add /proc/pid/smaps_rollup")
Signed-off-by: Sandeep Patil <sspatil@android.com>
Acked-by: Vlastimil Babka <vbabka@suse.cz>
Reviewed-by: Joel Fernandes (Google) <joel@joelfernandes.org>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Daniel Colascione <dancol@google.com>
Cc: <stable@vger.kernel.org>	[4.14.x, 4.19.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 2019-02-20 10:20:53 +01:00
Blagovest Kolenichev
0927a7b7f2 Merge android-4.14-p.91 (eef4cf6) into msm-4.14 
* refs/heads/tmp-eef4cf6:
  Revert "mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support"
  Linux 4.14.91
  drm/ioctl: Fix Spectre v1 vulnerabilities
  proc/sysctl: don't return ENOMEM on lookup when a table is unregistering
  mm: don't miss the last page because of round-off error
  ubifs: Handle re-linking of inodes correctly while recovery
  spi: imx: mx51-ecspi: Move some initialisation to prepare_message hook.
  spi: imx: add a device specific prepare_message callback
  iwlwifi: add new cards for 9560, 9462, 9461 and killer series
  iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT to old firmwares
  panic: avoid deadlocks in re-entrant console drivers
  x86/mtrr: Don't copy uninitialized gentry fields back to userspace
  Drivers: hv: vmbus: Return -EINVAL for the sys files for unopened channels
  KVM: Fix UAF in nested posted interrupt processing
  kvm: x86: Add AMD's EX_CFG to the list of ignored MSRs
  posix-timers: Fix division by zero bug
  gpiolib-acpi: Only defer request_irq for GpioInt ACPI event handlers
  gpio: max7301: fix driver for use with CONFIG_VMAP_STACK
  mmc: omap_hsmmc: fix DMA API warning
  mmc: core: Use a minimum 1600ms timeout when enabling CACHE ctrl
  mmc: core: Allow BKOPS and CACHE ctrl even if no HPI support
  mmc: core: Reset HPI enabled state during re-init and in case of errors
  scsi: sd: use mempool for discard special page
  USB: serial: option: add Telit LN940 series
  USB: serial: option: add Fibocom NL668 series
  USB: serial: option: add Simcom SIM7500/SIM7600 (MBIM mode)
  USB: serial: option: add HP lt4132
  USB: serial: option: add GosunCn ZTE WeLink ME3630
  USB: xhci: fix 'broken_suspend' placement in struct xchi_hcd
  xhci: Don't prevent USB2 bus suspend in state check intended for USB3 only
  USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data
  cifs: integer overflow in in SMB2_ioctl()
  perf record: Synthesize features before events in pipe mode
  ib_srpt: Fix a use-after-free in __srpt_close_all_ch()
  ubifs: Fix directory size calculation for symlinks
  ASoC: sta32x: set ->component pointer in private struct
  block: fix infinite loop if the device loses discard capability
  block: break discard submissions into the user defined size

Conflicts:
	drivers/mmc/core/mmc.c

Change-Id: I1f0d24983198c7aa704dd334696e72dc8bf93b67
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
 2019-01-29 12:18:16 -08:00
Yang Shi
1022f84ec6 mm: introduce arg_lock to protect arg_start|end and env_start|end in mm_struct 
mmap_sem is on the hot path of kernel, and it very contended, but it is
abused too.  It is used to protect arg_start|end and evn_start|end when
reading /proc/$PID/cmdline and /proc/$PID/environ, but it doesn't make
sense since those proc files just expect to read 4 values atomically and
not related to VM, they could be set to arbitrary values by C/R.

And, the mmap_sem contention may cause unexpected issue like below:

INFO: task ps:14018 blocked for more than 120 seconds.
       Tainted: G            E 4.9.79-009.ali3000.alios7.x86_64 #1
 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this
message.
 ps              D    0 14018      1 0x00000004
 Call Trace:
   schedule+0x36/0x80
   rwsem_down_read_failed+0xf0/0x150
   call_rwsem_down_read_failed+0x18/0x30
   down_read+0x20/0x40
   proc_pid_cmdline_read+0xd9/0x4e0
   __vfs_read+0x37/0x150
   vfs_read+0x96/0x130
   SyS_read+0x55/0xc0
   entry_SYSCALL_64_fastpath+0x1a/0xc5

Both Alexey Dobriyan and Michal Hocko suggested to use dedicated lock
for them to mitigate the abuse of mmap_sem.

So, introduce a new spinlock in mm_struct to protect the concurrent
access to arg_start|end, env_start|end and others, as well as replace
write map_sem to read to protect the race condition between prctl and
sys_brk which might break check_data_rlimit(), and makes prctl more
friendly to other VM operations.

This patch just eliminates the abuse of mmap_sem, but it can't resolve
the above hung task warning completely since the later
access_remote_vm() call needs acquire mmap_sem.  The mmap_sem
scalability issue will be solved in the future.

Change-Id: Ifa8f001ee2fc4f0ce60c18e771cebcf8a1f0943e
[yang.shi@linux.alibaba.com: add comment about mmap_sem and arg_lock]
  Link: http://lkml.kernel.org/r/1524077799-80690-1-git-send-email-yang.shi@linux.alibaba.com
Link: http://lkml.kernel.org/r/1523730291-109696-1-git-send-email-yang.shi@linux.alibaba.com
Signed-off-by: Yang Shi <yang.shi@linux.alibaba.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Michal Hocko <mhocko@suse.com>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Mateusz Guzik <mguzik@redhat.com>
Cc: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Git-commit: 88aa7cc688d48ddd84558b41d5905a0db9535c4b
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Signed-off-by: Srinivas Ramana <sramana@codeaurora.org>
 2019-01-24 13:34:04 -08:00