mirror of
https://github.com/rd-stuffs/msm-4.14.git
synced 2025-02-20 11:45:48 +08:00
4600 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
qctecmdr Service
|
6618be6f36 | Merge "Merge android-4.14-p.74 (91ff1d1) into msm-4.14" | ||
|
qctecmdr Service
|
2330aa6c4c | Merge "Merge android-4.14-p.70 (e601ab6) into msm-4.14" | ||
|
qctecmdr Service
|
1a0bb389ca | Merge "Merge android-4.14-p.66 (d48d275) into msm-4.14" | ||
Blagovest Kolenichev
|
6a2de27bd7 |
Merge android-4.14-p.74 (91ff1d1) into msm-4.14
* refs/heads/tmp-91ff1d1:
ANDROID: sdcardfs: Change current->fs under lock
ANDROID: sdcardfs: Don't use OVERRIDE_CRED macro
Linux 4.14.74
media: v4l: event: Prevent freeing event subscriptions while accessed
arm64: KVM: Sanitize PSTATE.M when being set from userspace
x86/pti: Fix section mismatch warning/error
i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus
arm/arm64: smccc-1.1: Handle function result as parameters
arm/arm64: smccc-1.1: Make return values unsigned long
ARM: dts: omap4-droid4: Fix emmc errors seen on some devices
nvme-fcloop: Fix dropped LS's to removed target port
ata: ftide010: Add a quirk for SQ201
drm/amdgpu: Update power state at the end of smu hw_init.
drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode
Revert "ARM: dts: imx7d: Invert legacy PCI irq mapping"
hwmon: (adt7475) Make adt7475_read_word() return errors
hwmon: (ina2xx) fix sysfs shunt resistor read access
crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions.
e1000: ensure to free old tx/rx rings in set_ringparam()
e1000: check on netif_running() before calling e1000_up()
net: hns: fix skb->truesize underestimation
net: hns: fix length and page_offset overflow when CONFIG_ARM64_64K_PAGES
bpf: sockmap: write_space events need to be passed to TCP handler
tls: possible hang when do_tcp_sendpages hits sndbuf is full case
isofs: reject hardware sector size > 2048 bytes
thermal: of-thermal: disable passive polling when thermal zone is disabled
qed: Avoid sending mailbox commands when MFW is not responsive
qed: Prevent a possible deadlock during driver load and unload
qed: Wait for MCP halt and resume commands to take place
qed: Wait for ready indication before rereading the shmem
arm64: KVM: Tighten guest core register access from userspace
serial: imx: restore handshaking irq for imx1
drm/i915: Remove vma from object on destroy, not close
ovl: hash non-dir by lower inode for fsnotify
RDMA/uverbs: Atomically flush and mark closed the comp event queue
IB/hfi1: Fix context recovery when PBC has an UnsupportedVL
IB/hfi1: Invalid user input can result in crash
IB/hfi1: Fix SL array bounds check
IB/srp: Avoid that sg_reset -d ${srp_device} triggers an infinite loop
Input: elantech - enable middle button of touchpad on ThinkPad P72
USB: remove LPM management from usb_driver_claim_interface()
Revert "usb: cdc-wdm: Fix a sleep-in-atomic-context bug in service_outstanding_interrupt()"
USB: usbdevfs: restore warning for nonsensical flags
USB: usbdevfs: sanitize flags more
media: uvcvideo: Support realtek's UVC 1.5 device
slub: make ->cpu_partial unsigned int
usb: musb: dsps: do not disable CPPI41 irq in driver teardown
USB: handle NULL config in usb_find_alt_setting()
USB: fix error handling in usb_driver_claim_interface()
regulator: fix crash caused by null driver data
spi: rspi: Fix interrupted DMA transfers
spi: rspi: Fix invalid SPI use during system suspend
spi: sh-msiof: Fix handling of write value for SISTR register
spi: sh-msiof: Fix invalid SPI use during system suspend
spi: tegra20-slink: explicitly enable/disable clock
intel_th: Fix device removal logic
serial: cpm_uart: return immediately from console poll
tty: serial: lpuart: avoid leaking struct tty_struct
x86/mm: Expand static page table for fixmap space
floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
ARM: dts: dra7: fix DCAN node addresses
iio: 104-quad-8: Fix off-by-one error in register selection
Input: xen-kbdfront - fix multi-touch XenStore node's locations
fs/lock: skip lock owner pid translation in case we are in init_pid_ns
EDAC: Fix memleak in module init error path
nfsd: fix corrupted reply to badly ordered compound
gpio: Fix wrong rounding in gpio-menz127
module: exclude SHN_UNDEF symbols from kallsyms api
ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs
EDAC, i7core: Fix memleaks and use-after-free on probe and remove
scsi: megaraid_sas: Update controller info during resume
iomap: complete partial direct I/O writes synchronously
scsi: bnx2i: add error handling for ioremap_nocache
perf/x86/intel/lbr: Fix incomplete LBR call stack
MIPS: boot: fix build rule of vmlinux.its.S
HID: hid-ntrig: add error handling for sysfs_create_group
arm: dts: mediatek: Add missing cooling device properties for CPUs
ARM: mvebu: declare asm symbols as character arrays in pmsu.c
wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout()
brcmsmac: fix wrap around in conversion from constant to s16
rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication()
ath10k: transmit queued frames after processing rx packets
drm/sun4i: Fix releasing node when enumerating enpoints
net: phy: xgmiitorgmii: Check phy_driver ready before accessing
ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock
net: phy: xgmiitorgmii: Check read_status results
ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge
media: tm6000: add error handling for dvb_register_adapter
drivers/tty: add error handling for pcmcia_loop_config
staging: android: ashmem: Fix mmap size validation
media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data
media: soc_camera: ov772x: correct setting of banding filter
media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power
ALSA: snd-aoa: add of_node_put() in error path
posix-timers: Sanitize overrun handling
posix-timers: Make forward callback return s64
iio: accel: adxl345: convert address field usage in iio_chan_spec
mtd: rawnand: atmel: add module param to avoid using dma
s390/extmem: fix gcc 8 stringop-overflow warning
s390/scm_blk: correct numa_node in scm_blk_dev_setup
s390/dasd: correct numa_node in dasd_alloc_queue
alarmtimer: Prevent overflow for relative nanosleep
s390/sysinfo: add missing #ifdef CONFIG_PROC_FS
powerpc/powernv/ioda2: Reduce upper limit for DMA window size
ath10k: sdio: set skb len for all rx packets
ath10k: sdio: use same endpoint id for all packets in a bundle
usb: wusbcore: security: cast sizeof to int for comparison
scsi: target: Avoid that EXTENDED COPY commands trigger lock inversion
scsi: ibmvscsi: Improve strings handling
scsi: klist: Make it safe to use klists in atomic context
scsi: target/iscsi: Make iscsit_ta_authentication() respect the output buffer size
ARM: dts: ls1021a: Add missing cooling device properties for CPUs
x86/entry/64: Add two more instruction suffixes
ARM: hwmod: RTC: Don't assume lock/unlock will be called with irq enabled
x86/tsc: Add missing header to tsc_msr.c
media: staging/imx: fill vb2_v4l2_buffer field entry
media: fsl-viu: fix error handling in viu_of_probe()
powerpc/kdump: Handle crashkernel memory reservation failure
IB/mlx4: Test port number before querying type.
media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt()
IB/core: type promotion bug in rdma_rw_init_one_mr()
RDMA/i40w: Hold read semaphore while looking after VMA
RDMA/bnxt_re: Fix a couple off by one bugs
md-cluster: clear another node's suspend_area after the copy is finished
power: remove possible deadlock when unregistering power_supply
s390/mm: correct allocate_pgste proc_handler callback
iommu/msm: Don't call iommu_device_{,un}link from atomic context
6lowpan: iphc: reset mac_header after decompress to fix panic
USB: serial: kobil_sct: fix modem-status error handling
Bluetooth: Add a new Realtek 8723DE ID 0bda:b009
iommu/amd: make sure TLB to be flushed before IOVA freed
power: vexpress: fix corruption in notifier registration
uwb: hwa-rc: fix memory leak at probe
serial: sh-sci: Stop RX FIFO timer during port shutdown
misc: sram: enable clock before registering regions
power: supply: axp288_charger: Fix initial constant_charge_current value
staging: rts5208: fix missing error check on call to rtsx_write_register
x86/numa_emulation: Fix emulated-to-physical node mapping
vmci: type promotion bug in qp_host_get_user_memory()
tsl2550: fix lux1_input error in low light
iio: adc: ina2xx: avoid kthread_stop() with stale task_struct
crypto: skcipher - Fix -Wstringop-truncation warnings
Change-Id: I449d491af38003c7556865c2583b01f8560271dd
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Blagovest Kolenichev
|
e75d96f9f2 |
Merge android-4.14-p.71 (58b620f) into msm-4.14
* refs/heads/tmp-58b620f:
Linux 4.14.71
mm: get rid of vmacache_flush_all() entirely
autofs: fix autofs_sbi() does not check super block type
tuntap: fix use after free during release
tun: fix use after free for ptr_ring
mtd: ubi: wl: Fix error return code in ubi_wl_init()
ip: frags: fix crash in ip_do_fragment()
ip: process in-order fragments efficiently
ip: add helpers to process in-order fragments faster.
ipv4: frags: precedence bug in ip_expire()
net: sk_buff rbnode reorg
net: add rb_to_skb() and other rb tree helpers
net: pskb_trim_rcsum() and CHECKSUM_COMPLETE are friends
ipv6: defrag: drop non-last frags smaller than min mtu
net: modify skb_rbtree_purge to return the truesize of all purged skbs.
net: speed up skb_rbtree_purge()
ip: discard IPv4 datagrams with overlapping segments.
inet: frags: fix ip6frag_low_thresh boundary
inet: frags: get rid of ipfrag_skb_cb/FRAG_CB
inet: frags: reorganize struct netns_frags
rhashtable: reorganize struct rhashtable layout
ipv6: frags: rewrite ip6_expire_frag_queue()
inet: frags: do not clone skb in ip_expire()
inet: frags: break the 2GB limit for frags storage
inet: frags: remove inet_frag_maybe_warn_overflow()
inet: frags: get rif of inet_frag_evicting()
inet: frags: remove some helpers
inet: frags: use rhashtables for reassembly units
rhashtable: add schedule points
ipv6: export ip6 fragments sysctl to unprivileged users
inet: frags: refactor lowpan_net_frag_init()
inet: frags: refactor ipv6_frag_init()
inet: frags: Convert timers to use timer_setup()
inet: frags: refactor ipfrag_init()
inet: frags: add a pointer to struct netns_frags
inet: frags: change inet_frags_init_net() return value
drm/i915: set DP Main Stream Attribute for color range on DDI platforms
RDMA/cma: Do not ignore net namespace for unbound cm_id
MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON
NFSv4.1: Fix a potential layoutget/layoutrecall deadlock
f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize
mfd: ti_am335x_tscadc: Fix struct clk memory leak
iommu/ipmmu-vmsa: Fix allocation in atomic context
f2fs: Fix uninitialized return in f2fs_ioc_shutdown()
f2fs: fix to wait on page writeback before updating page
media: helene: fix xtal frequency setting at power on
partitions/aix: fix usage of uninitialized lv_info and lvname structures
partitions/aix: append null character to print data from disk
media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions
Input: atmel_mxt_ts - only use first T9 instance
dm cache: only allow a single io_mode cache feature to be requested
net: dcb: For wild-card lookups, use priority -1, not 0
MIPS: generic: fix missing of_node_put()
MIPS: Octeon: add missing of_node_put()
f2fs: fix to do sanity check with reserved blkaddr of inline inode
tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT)
tpm_tis_spi: Pass the SPI IRQ down to the driver
f2fs: fix to skip GC if type in SSA and SIT is inconsistent
pktcdvd: Fix possible Spectre-v1 for pkt_devs
f2fs: try grabbing node page lock aggressively in sync scenario
net: mvneta: fix mtu change on port without link
pinctrl/amd: only handle irq if it is pending and unmasked
gpio: ml-ioh: Fix buffer underwrite on probe error path
pinctrl: imx: off by one in imx_pinconf_group_dbg_show()
x86/mm: Remove in_nmi() warning from vmalloc_fault()
Bluetooth: hidp: Fix handling of strncpy for hid->name information
ath10k: disable bundle mgmt tx completion event support
tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access()
scsi: 3ware: fix return 0 on the error path of probe
ata: libahci: Correct setting of DEVSLP register
ata: libahci: Allow reconfigure of DEVSLP register
MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET
rpmsg: core: add support to power domains for devices
wlcore: Set rx_status boottime_ns field on rx
ath10k: prevent active scans on potential unusable channels
ath9k_hw: fix channel maximum power level test
ath9k: report tx status on EOSP
macintosh/via-pmu: Add missing mmio accessors
perf evlist: Fix error out while applying initial delay and LBR
perf c2c report: Fix crash for empty browser
NFSv4.0 fix client reference leak in callback
perf tools: Allow overriding MAX_NR_CPUS at compile time
f2fs: fix defined but not used build warnings
f2fs: do not set free of current section
f2fs: fix to active page in lru list for read path
tty: rocket: Fix possible buffer overwrite on register_PCI
Drivers: hv: vmbus: Cleanup synic memory free path
firmware: vpd: Fix section enabled flag on vpd_section_destroy
uio: potential double frees if __uio_register_device() fails
misc: ti-st: Fix memory leak in the error path of probe()
gpu: ipu-v3: default to id 0 on missing OF alias
media: camss: csid: Configure data type and decode format properly
timers: Clear timer_base::must_forward_clk with timer_base::lock held
md/raid5: fix data corruption of replacements after originals dropped
scsi: target: fix __transport_register_session locking
blk-mq: fix updating tags depth
net: phy: Fix the register offsets in Broadcom iProc mdio mux driver
media: dw2102: Fix memleak on sequence of probes
media: davinci: vpif_display: Mix memory leak on probe error path
selftests/bpf: fix a typo in map in map test
powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage
gpio: tegra: Move driver registration to subsys_init level
Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV
i2c: aspeed: Add an explicit type casting for *get_clk_reg_val
ethtool: Remove trailing semicolon for static inline
misc: mic: SCIF Fix scif_get_new_port() error handling
ARC: [plat-axs*]: Enable SWAP
tpm: separate cmd_ready/go_idle from runtime_pm
crypto: aes-generic - fix aes-generic regression on powerpc
switchtec: Fix Spectre v1 vulnerability
x86/microcode: Update the new microcode revision unconditionally
x86/microcode: Make sure boot_cpu_data.microcode is up-to-date
cpu/hotplug: Prevent state corruption on error rollback
cpu/hotplug: Adjust misplaced smb() in cpuhp_thread_fun()
ALSA: hda - Fix cancel_work_sync() stall from jackpoll work
KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr
KVM: s390: vsie: copy wrapping keys to right place
Btrfs: fix data corruption when deduplicating between different files
smb3: check for and properly advertise directory lease support
SMB3: Backup intent flag missing for directory opens with backupuid mounts
MIPS: VDSO: Match data page cache colouring when D$ aliases
android: binder: fix the race mmap and alloc_new_buf_locked
block: bfq: swap puts in bfqg_and_blkg_put
nbd: don't allow invalid blocksize settings
scsi: lpfc: Correct MDS diag and nvmet configuration
i2c: i801: fix DNV's SMBCTRL register offset
i2c: xiic: Make the start and the byte count write atomic
Conflicts:
include/linux/mm_types.h
Change-Id: I6d5ca1fc3e58d896127ca7a4a7ec6f662d9ab634
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
|
Blagovest Kolenichev
|
9cf1fbab82 |
Merge android-4.14-p.70 (e601ab6) into msm-4.14
* refs/heads/tmp-e601ab6: Linux 4.14.70 arm64: Handle mismatched cache type arm64: Fix mismatched cache line size detection ASoC: wm8994: Fix missing break in switch arm64: cpu_errata: include required headers x86: kvm: avoid unused variable warning kvm: x86: Set highest physical address bits in non-present/reserved SPTEs Revert "ARM: imx_v6_v7_defconfig: Select ULPI support" irda: Only insert new objects into the global database via setsockopt irda: Fix memory leak caused by repeated binds of irda socket s390/lib: use expoline for all bcr instructions kbuild: make missing $DEPMOD a Warning instead of an Error drm/i915: Increase LSPCON timeout x86/xen: don't write ptes directly in 32-bit PV guests x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear usb: dwc3: core: Fix ULPI PHYs and prevent phy_get/ulpi_init during suspend/resume HID: add quirk for another PIXART OEM mouse used by HP mm: Fix devm_memremap_pages() collision handling lightnvm: pblk: free padded entries in write buffer sched/deadline: Fix switching to -deadline debugobjects: Make stack check warning more informative uapi/linux/keyctl.h: don't use C++ reserved keyword as a struct member name drm/amdgpu:add VCN booting with firmware loaded by PSP drm/amdgpu:add VCN support in PSP driver drm/amdgpu:add new firmware id for VCN drm/amdgpu:add tmr mc address into amdgpu_firmware_info drm/amdgpu: update tmr mc address drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 drm/amd/pp/Polaris12: Fix a chunk of registers missed to program drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode drm/i915/lpe: Mark LPE audio runtime pm as "no callbacks" ARM: rockchip: Force CONFIG_PM on Rockchip systems arm64: rockchip: Force CONFIG_PM on Rockchip systems btrfs: Don't remove block group that still has pinned down bytes btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized btrfs: replace: Reset on-disk dev stats value after replace btrfs: Exit gracefully when chunk map cannot be inserted to the tree kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 KVM: vmx: track host_state.loaded using a loaded_vmcs pointer clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX. powerpc/64s: Make rfi_flush_fallback a little more robust powerpc/platforms/85xx: fix t1042rdb_diu.c build errors & warning SMB3: Number of requests sent should be displayed for SMB3 not just CIFS smb3: fix reset of bytes read and written stats cfq: Suppress compiler warnings about comparisons RDS: IB: fix 'passing zero to ERR_PTR()' warning selftests/powerpc: Kill child processes on SIGINT iommu/omap: Fix cache flushes on L2 table entries ASoC: rt5677: Fix initialization of rt5677_of_match.data staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice dm kcopyd: avoid softlockup in run_complete_job PCI: mvebu: Fix I/O space end address calculation xen/balloon: fix balloon initialization for PVH Dom0 Input: do not use WARN() in input_alloc_absinfo() NFSv4: Fix error handling in nfs4_sp4_select_mode() scsi: aic94xx: fix an error code in aic94xx_init() ACPI / scan: Initialize status to ACPI_STA_DEFAULT s390/dasd: fix panic for failed online processing s390/dasd: fix hanging offline processing due to canceled worker block: bvec_nr_vecs() returns value for wrong slab perf probe powerpc: Fix trace event post-processing powerpc: Fix size calculation using resource_size() powerpc/uaccess: Enable get_user(u64, *p) on 32-bit f2fs: fix to clear PG_checked flag in set_page_dirty() net/9p: fix error path of p9_virtio_probe net/9p/trans_fd.c: fix race by holding the lock irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP perf tools: Check for null when copying nsinfo. net: hns3: Fix for phy link issue when using marvell phy driver net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero RDMA/hns: Fix usage of bitmap allocation functions return values tcp, ulp: add alias for all ulp modules netfilter: fix memory leaks on netlink_dump_start error platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 mfd: sm501: Set coherent_dma_mask when creating subdevices ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() s390/kdump: Fix memleak in nt_vmcoreinfo netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses platform/x86: intel_punit_ipc: fix build errors fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() mm/fadvise.c: fix signed overflow UBSAN complaint pwm: meson: Fix mux clock names IB/hfi1: Invalid NUMA node information can cause a divide by zero x86/mce: Add notifier_block forward declaration virtio: pci-legacy: Validate queue pfn scripts: modpost: check memory allocation results fat: validate ->i_start before using fs/proc/kcore.c: use __pa_symbol() for KCORE_TEXT list entries hfsplus: fix NULL dereference in hfsplus_lookup() reiserfs: change j_timestamp type to time64_t fork: don't copy inconsistent signal handler state to child sunrpc: Don't use stack buffer with scatterlist hfs: prevent crash on exit from failed search hfsplus: don't return 0 when fill_super() failed cifs: check if SMB2 PDU size has been padded and suppress the warning net: sched: action_ife: take reference to meta module act_ife: fix a potential deadlock act_ife: move tcfa_lock down to where necessary hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() hv_netvsc: ignore devices that are not PCI vhost: correctly check the iova range when waking virtqueue mlxsw: spectrum_switchdev: Do not leak RIFs when removing bridge sctp: hold transport before accessing its asoc in sctp_transport_get_next nfp: wait for posted reconfigs when disabling the device tipc: fix a missing rhashtable_walk_exit() net/sched: act_pedit: fix dump of extended layered op vti6: remove !skb->ignore_df check from vti6_xmit() tcp: do not restart timewait timer on rst reception r8169: add support for NCube 8168 network card qlge: Fix netdev features configuration. net: sched: Fix memory exposure from short TCA_U32_SEL net: macb: do not disable MDIO bus at open/close time net: bcmgenet: use MAC link status for fixed phy ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state act_ife: fix a potential use-after-free Conflicts: arch/arm64/include/asm/cpucaps.h arch/arm64/kernel/cpu_errata.c drivers/usb/dwc3/core.c Change-Id: If27731291adb25e780b5eb7f202762f6ea065cd8 Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
|
Blagovest Kolenichev
|
47b6f627f1 |
Merge android-4.14-p.68 (2c79578) into msm-4.14
* refs/heads/tmp-2c79578:
Linux 4.14.68
gcc-plugins: Use dynamic initializers
gcc-plugins: Add include required by GCC release 8
cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
watchdog: Mark watchdog touch functions as notrace
power: generic-adc-battery: check for duplicate properties copied from iio channels
power: generic-adc-battery: fix out-of-bounds write when copying channel properties
PM / clk: signedness bug in of_pm_clk_add_clks()
clk: rockchip: fix clk_i2sout parent selection bits on rk3399
iscsi target: fix session creation failure handling
scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock
scsi: sysfs: Introduce sysfs_{un,}break_active_protection()
scsi: mpt3sas: Fix _transport_smp_handler() error path
tpm: Return the actual size when receiving an unsupported command
MIPS: lib: Provide MIPS64r6 __multi3() for GCC < 7
MIPS: Change definition of cpu_relax() for Loongson-3
MIPS: Always use -march=<arch>, not -<arch> shortcuts
MIPS: Correct the 64-bit DSP accumulator register size
kprobes: Make list and blacklist root user read only
kprobes/arm: Fix %p uses in error messages
s390/pci: fix out of bounds access during irq setup
s390/numa: move initial setup of node_to_cpumask_map
s390/qdio: reset old sbal_state flags
s390: fix br_r1_trampoline for machines without exrl
s390/mm: fix addressing exception after suspend/resume
x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit()
hwmon: (nct6775) Fix potential Spectre v1
x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+
x86/spectre: Add missing family 6 check to microcode check
x86/irqflags: Mark native_restore_fl extern inline
x86/nmi: Fix NMI uaccess race against CR3 switching
x86/vdso: Fix lsl operand order
pinctrl: freescale: off by one in imx1_pinconf_group_dbg_show()
ASoC: sirf: Fix potential NULL pointer dereference
ASoC: zte: Fix incorrect PCM format bit usages
ASoC: dpcm: don't merge format from invalid codec dai
b43/leds: Ensure NUL-termination of LED name string
b43legacy/leds: Ensure NUL-termination of LED name string
udl-kms: avoid division
udl-kms: fix crash due to uninitialized memory
udl-kms: handle allocation failure
udl-kms: change down_interruptible to down
fuse: Add missed unlock_page() to fuse_readpages_fill()
fuse: Fix oops at process_init_reply()
fuse: umount should wait for all requests
fuse: fix unlocked access to processing queue
fuse: fix double request_end()
fuse: fix initial parallel dirops
fuse: Don't access pipe->buffers without pipe_lock()
x86/kvm/vmx: Remove duplicate l1d flush definitions
KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled
x86/process: Re-export start_thread()
x86/vdso: Fix vDSO build if a retpoline is emitted
x86/speculation/l1tf: Suggest what to do on systems with too much RAM
x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM
x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE
mm: move tlb_table_flush to tlb_flush_mmu_free
platform/x86: ideapad-laptop: Apply no_hw_rfkill to Y20-15IKBM, too
nvme-pci: add a memory barrier to nvme_dbbuf_update_and_check_event
ext4: reset error code in ext4_find_entry in fallback
ext4: sysfs: print ext4_super_block fields as little-endian
ext4: check for NUL characters in extended attribute's name
stop_machine: Atomically queue and wake stopper threads
stop_machine: Reflow cpu_stop_queue_two_works()
s390/kvm: fix deadlock when killed by oom
KVM: arm/arm64: Skip updating PTE entry if no change
KVM: arm/arm64: Skip updating PMD entry if no change
arm64: dts: rockchip: corrected uart1 clock-names for rk3328
arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid()
kprobes/arm64: Fix %p uses in error messages
printk/nmi: Prevent deadlock when accessing the main log buffer in NMI
printk: Create helper function to queue deferred console handling
printk: Split the code for storing a message into the log buffer
iommu/arm-smmu: Error out only if not enough context interrupts
Btrfs: fix btrfs_write_inode vs delayed iput deadlock
btrfs: don't leak ret from do_chunk_alloc
btrfs: use correct compare function of dirty_metadata_bytes
smb3: fill in statfs fsid and correct namelen
smb3: don't request leases in symlink creation and query
smb3: Do not send SMB3 SET_INFO if nothing changed
smb3: enumerating snapshots was leaving part of the data off end
cifs: check kmalloc before use
cifs: add missing debug entries for kconfig options
mei: don't update offset in write
mm/memory.c: check return value of ioremap_prot
scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED
scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO
scsi: fcoe: drop frames in ELS LOGO error path
scsi: fcoe: fix use-after-free in fcoe_ctlr_els_send
gpiolib-acpi: make sure we trigger edge events at least once on boot
memcg: remove memcg_cgroup::id from IDR on mem_cgroup_css_alloc() failure
drivers: net: lmc: fix case value for target abort error
Squashfs: Compute expected length from inode size rather than block length
mm: delete historical BUG from zap_pmd_range()
squashfs metadata 2: electric boogaloo
enic: do not call enic_change_mtu in enic_probe
sparc: use asm-generic version of msi.h
sparc/time: Add missing __init to init_tick_ops()
arc: fix type warnings in arc/mm/cache.c
arc: fix build errors in arc/include/asm/delay.h
arc: [plat-eznps] fix printk warning in arc/plat-eznps/mtm.c
arc: [plat-eznps] fix data type errors in platform headers
ARC: [plat-eznps] Add missing struct nps_host_reg_aux_dpc
enic: handle mtu change for vf properly
nfp: flower: fix port metadata conversion bug
bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog()
ARC: dma [non-IOC] setup SMP_CACHE_BYTES and cache_line_size
Revert "MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum"
tools/power turbostat: Read extended processor family from CPUID
zswap: re-check zswap_is_full() after do zswap_shrink()
ipc/sem.c: prevent queue.status tearing in semop
hinic: Link the logical network device to the pci device in sysfs
selftests/ftrace: Add snapshot and tracing_on test case
cachefiles: Wait rather than BUG'ing on "Unexpected object collision"
cachefiles: Fix refcounting bug in backing-file read monitoring
fscache: Allow cancelled operations to be enqueued
x86/boot: Fix if_changed build flip/flop bug
sched/rt: Restore rt_runtime after disabling RT_RUNTIME_SHARE
i2c/mux, locking/core: Annotate the nested rt_mutex usage
locking/rtmutex: Allow specifying a subclass for nested locking
net: axienet: Fix double deregister of mdio
qmi_wwan: fix interface number for DW5821e production firmware
bnx2x: Fix invalid memory access in rss hash config path.
media: staging: omap4iss: Include asm/cacheflush.h after generic includes
perf/x86/amd/ibs: Don't access non-started event
i2c: davinci: Avoid zero value of CLKH
can: m_can: Move accessing of message ram to after clocks are enabled
can: mpc5xxx_can: check of_iomap return before use
net: prevent ISA drivers from building on PPC32
atl1c: reserve min skb headroom
qed: Correct Multicast API to reflect existence of 256 approximate buckets.
qed: Fix possible race for the link state value.
qed: Fix link flap issue due to mismatching EEE capabilities.
net: caif: Add a missing rcu_read_unlock() in caif_flow_cb
tools/power turbostat: fix -S on UP systems
KVM: vmx: use local variable for current_vmptr when emulating VMPTRST
netfilter: nf_tables: don't allow to rename to already-pending name
netfilter: nf_tables: fix memory leaks on chain rename
bpf, ppc64: fix unexpected r0=0 exit path inside bpf_xadd
netfilter: nft_set_hash: add rcu_barrier() in the nft_rhash_destroy()
usb: gadget: f_uac2: fix endianness of 'struct cntrl_*_lay3'
tools: usb: ffs-test: Fix build on big endian systems
usb/phy: fix PPC64 build errors in phy-fsl-usb.c
usb: gadget: u_audio: protect stream runtime fields with stream spinlock
usb: gadget: u_audio: remove cached period bytes value
usb: gadget: u_audio: remove caching of stream buffer parameters
usb: gadget: u_audio: update hw_ptr in iso_complete after data copied
usb: gadget: u_audio: fix pcm/card naming in g_audio_setup()
usb: gadget: f_uac2: fix error handling in afunc_bind (again)
usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue()
usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller()
nbd: handle unexpected replies better
nbd: don't requeue the same request twice.
drm/imx: imx-ldb: check if channel is enabled before printing warning
drm/imx: imx-ldb: disable LDB on driver bind
scsi: libiscsi: fix possible NULL pointer dereference in case of TMF
scsi: target: iscsi: cxgbit: fix max iso npdu calculation
drm/bridge: adv7511: Reset registers on hotplug
nl80211: Add a missing break in parse_station_flags
ext4: clear mmp sequence number when remounting read-only
mac80211: add stations tied to AP_VLANs during hw reconfig
esp6: fix memleak on error path in esp6_input
xfrm: free skb if nlsk pointer is NULL
xfrm: fix missing dst_release() after policy blocking lbcast and multicast
vti6: fix PMTU caching and reporting on xmit
crypto: vmx - Use skcipher for ctr fallback
Conflicts:
drivers/iommu/arm-smmu.c
kernel/stop_machine.c
Change-Id: Ib4f6c537166c1f2b192ae8fbd39be534e692b042
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
|
||
Mukesh Ojha
|
1cf6e1d28e |
Kconfig.debug: module: Add debug config to debug modules
There can be scenario where, dynamically loadable modules adds a certain nodes in list data structure and forgot to remove reference from the list while unloading themself. And this can result in fault while accessing those dangling pointers. So If we log the module used address ranges, we could be able to tell exact victim module. And, It will be good to keep these debug logs under a config flag. So, let's add DEBUG_MODULE_LOAD_INFO config and use this in printing module used init and core layout address ranges. e.g: Core layout sections: [ 40.599573] .text [ 40.627074] .plt [ 40.603426] .rodata.str1.8 [ 40.608016] __mcount_loc [ 40.622142] .note.gnu.build-id [ 40.612654] .data [ 40.616438] .gnu.linkonce.this_module [ 40.634909] .bss Init layout sections [ 40.630781] .init.plt [ 40.638591] .symtab [ 40.642573] .strtab After this patch: / # insmod sample.ko [ 26.244768] Hi Mukesh [ 26.247314] Loaded sample: module init layout addresses range: 0xffffff9dbff8a000-0xffffff9dbff8bfff [ 26.256896] sample: core layout addresses range: 0xffffff9dbff85000-0xffffff9dbff88fff / # rmmod sample [ 63.812065] Bye Mukesh [ 63.816318] Unloaded sample: module core layout address range: 0xffffff9dbff85000-0xffffff9dbff88fff Change-Id: I4acfc4f53c561f92ca63fa3c4559148929575580 Signed-off-by: Mukesh Ojha <mojha@codeaurora.org> |
||
Bart Van Assche
|
1390c37d16 |
scsi: klist: Make it safe to use klists in atomic context
[ Upstream commit 624fa7790f80575a4ec28fbdb2034097dc18d051 ]
In the scsi_transport_srp implementation it cannot be avoided to
iterate over a klist from atomic context when using the legacy block
layer instead of blk-mq. Hence this patch that makes it safe to use
klists in atomic context. This patch avoids that lockdep reports the
following:
WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
Possible interrupt unsafe locking scenario:
CPU0 CPU1
---- ----
lock(&(&k->k_lock)->rlock);
local_irq_disable();
lock(&(&q->__queue_lock)->rlock);
lock(&(&k->k_lock)->rlock);
<Interrupt>
lock(&(&q->__queue_lock)->rlock);
stack backtrace:
Workqueue: kblockd blk_timeout_work
Call Trace:
dump_stack+0xa4/0xf5
check_usage+0x6e6/0x700
__lock_acquire+0x185d/0x1b50
lock_acquire+0xd2/0x260
_raw_spin_lock+0x32/0x50
klist_next+0x47/0x190
device_for_each_child+0x8e/0x100
srp_timed_out+0xaf/0x1d0 [scsi_transport_srp]
scsi_times_out+0xd4/0x410 [scsi_mod]
blk_rq_timed_out+0x36/0x70
blk_timeout_work+0x1b5/0x220
process_one_work+0x4fe/0xad0
worker_thread+0x63/0x5a0
kthread+0x1c1/0x1e0
ret_from_fork+0x24/0x30
See also commit c9ddf73476ff ("scsi: scsi_transport_srp: Fix shost to
rport translation").
Signed-off-by: Bart Van Assche <bart.vanassche@wdc.com>
Cc: Martin K. Petersen <martin.petersen@oracle.com>
Cc: James Bottomley <jejb@linux.vnet.ibm.com>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Eric Dumazet
|
33dc9f7c5d |
rhashtable: add schedule points
Rehashing and destroying large hash table takes a lot of time, and happens in process context. It is safe to add cond_resched() in rhashtable_rehash_table() and rhashtable_free_and_destroy() Signed-off-by: Eric Dumazet <edumazet@google.com> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net> (cherry picked from commit ae6da1f503abb5a5081f9f6c4a6881de97830f3e) Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Joel Fernandes (Google)
|
8d015a362a |
debugobjects: Make stack check warning more informative
commit fc91a3c4c27acdca0bc13af6fbb68c35cfd519f2 upstream. While debugging an issue debugobject tracking warned about an annotation issue of an object on stack. It turned out that the issue was due to the object in concern being on a different stack which was due to another issue. Thomas suggested to print the pointers and the location of the stack for the currently running task. This helped to figure out that the object was on the wrong stack. As this is general useful information for debugging similar issues, make the error message more informative by printing the pointers. [ tglx: Massaged changelog ] Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Acked-by: Waiman Long <longman@redhat.com> Acked-by: Yang Shi <yang.shi@linux.alibaba.com> Cc: kernel-team@android.com Cc: Arnd Bergmann <arnd@arndb.de> Cc: astrachan@google.com Link: https://lkml.kernel.org/r/20180723212531.202328-1-joel@joelfernandes.org Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Patrick Daly
|
3f823802c5 |
lib: Ignore kasan errors from find_next_bit and last bit
find_next_bit and find_last_bit code operates on the unsigned long *addr, and without knowing the size of the actual buffer passed to it, Kasan detects it as invalid Out of Bound read access. find_next_bit and find_last_bit implementation is very generic and it need not to be modified for the Kasan, so we are skipping it from the sanitization. Following is the Kasan error log for the reference. [ 1.262524] BUG: KASan: out of bounds access in find_next_bit+0xa4/0xf0 at addr ffffffc00e9af260 [ 1.262534] Read of size 8 by task swapper/0/1 [ 1.262546] page:ffffffbc00920d60 count:0 mapcount:0 mapping: (null) index:0x0 [ 1.262554] page flags: 0x0() [ 1.262570] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 3.10.49-gef71b0c-00348-g4f06d68-dirty #160 [ 1.262577] Call trace: [ 1.262594] [<ffffffc00040a2d4>] dump_backtrace+0x0/0x1d4 [ 1.262610] [<ffffffc00040a4b8>] show_stack+0x10/0x1c [ 1.262625] [<ffffffc000face70>] dump_stack+0x1c/0x28 [ 1.262641] [<ffffffc000552448>] kasan_report_error+0x294/0x3e4 [ 1.262656] [<ffffffc0005526a8>] kasan_report+0x68/0x78 [ 1.262671] [<ffffffc00055169c>] __asan_load8+0x90/0x9c [ 1.262686] [<ffffffc00076fff8>] find_next_bit+0xa0/0xf0 [ 1.262701] [<ffffffc000de37d0>] bam_pipe_set_desc_write_offset+0xc8/0x378 [ 1.262716] [<ffffffc000e005e4>] sps_bam_pipe_transfer_one+0x6b8/0x70c [ 1.262730] [<ffffffc000e04f84>] sps_transfer_one+0x230/0x298 [ 1.262746] [<ffffffc000da4c58>] ipa_replenish_rx_cache+0x2e8/0x430 [ 1.262762] [<ffffffc000da891c>] ipa_setup_sys_pipe+0x14a8/0x22bc [ 1.262779] [<ffffffc000d8a554>] ipa_setup_apps_pipes+0x580/0x6a0 [ 1.262797] [<ffffffc000d91ef0>] ipa_init.constprop.8+0x134c/0x1dd4 [ 1.262814] [<ffffffc000d93038>] ipa_plat_drv_probe+0x6c0/0x720 [ 1.262829] [<ffffffc0009b51e0>] platform_drv_probe+0x2c/0x3c [ 1.262842] [<ffffffc0009b32d0>] driver_probe_device+0x1f4/0x47c [ 1.262856] [<ffffffc0009b3644>] __driver_attach+0x88/0xc0 [ 1.262873] [<ffffffc0009b05b4>] bus_for_each_dev+0xdc/0x11c [ 1.262886] [<ffffffc0009b2a2c>] driver_attach+0x2c/0x3c [ 1.262903] [<ffffffc0009b237c>] bus_add_driver+0x1bc/0x32c [ 1.262916] [<ffffffc0009b3eb0>] driver_register+0x10c/0x1d8 [ 1.262931] [<ffffffc0009b5a28>] platform_driver_register+0x98/0xa8 [ 1.262946] [<ffffffc0018422d4>] ipa_module_init+0x3c/0x48 [ 1.262960] [<ffffffc000400b08>] do_one_initcall+0xcc/0x188 [ 1.262978] [<ffffffc001800bd0>] kernel_init_freeable+0x1c0/0x264 [ 1.262992] [<ffffffc000f9f338>] kernel_init+0x10/0xcc [ 1.263000] Memory state around the buggy address: [ 1.263012] ffffffc00e9af100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1.263024] ffffffc00e9af180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1.263037] >ffffffc00e9af200: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 04 f4 f4 f4 [ 1.263046] ^ [ 1.263058] ffffffc00e9af280: f2 f2 f2 f2 00 00 00 00 00 00 00 00 00 00 f4 f4 [ 1.263071] ffffffc00e9af300: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 [ 1.263079] ================================================================== Change-Id: I7b7bde5f408dc1f04a773b7a314662ec91344a5e Signed-off-by: Patrick Daly <pdaly@codeaurora.org> Signed-off-by: Prasad Sodagudi <psodagud@codeaurora.org> |
||
|
Blagovest Kolenichev
|
c92598725f |
Merge android-4.14-p.64 (be62923) into msm-4.14
* refs/heads/tmp-be62923: Linux 4.14.64 x86/mm: Add TLB purge to free pmd/pte page interfaces ioremap: Update pgtable free interfaces with addr Bluetooth: hidp: buffer overflow in hidp_process_report ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization ASoC: msm8916-wcd-digital: fix RX2 MIX1 and RX3 MIX1 block, bfq: fix wrong init of saved start time for weight raising clk: sunxi-ng: Fix missing CLK_SET_RATE_PARENT in ccu-sun4i-a10.c ASoC: rsnd: fix ADG flags fw_cfg: fix driver remove sched/debug: Fix task state recording/printout ACPI / APEI: Remove ghes_ioremap_area crypto: skcipher - fix crash flushing dcache in error path crypto: skcipher - fix aligning block size in skcipher_copy_iv() crypto: ablkcipher - fix crash flushing dcache in error path crypto: blkcipher - fix crash flushing dcache in error path crypto: vmac - separate tfm and request context crypto: vmac - require a block cipher with 128-bit block size crypto: x86/sha256-mb - fix digest copy in sha256_mb_mgr_get_comp_job_avx2() kbuild: verify that $DEPMOD is installed x86/mm: Disable ioremap free page handling on x86-PAE x86: i8259: Add missing include file x86/l1tf: Fix build error seen if CONFIG_KVM_INTEL is disabled Change-Id: Ibcc52690b00298747a05d7d4ac0dfa23b858e8c7 Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |
||
Petr Mladek
|
cd71265a8c |
printk/nmi: Prevent deadlock when accessing the main log buffer in NMI
commit 03fc7f9c99c1e7ae2925d459e8487f1a6f199f79 upstream.
The commit 719f6a7040f1bdaf96 ("printk: Use the main logbuf in NMI
when logbuf_lock is available") brought back the possible deadlocks
in printk() and NMI.
The check of logbuf_lock is done only in printk_nmi_enter() to prevent
mixed output. But another CPU might take the lock later, enter NMI, and:
+ Both NMIs might be serialized by yet another lock, for example,
the one in nmi_cpu_backtrace().
+ The other CPU might get stopped in NMI, see smp_send_stop()
in panic().
The only safe solution is to use trylock when storing the message
into the main log-buffer. It might cause reordering when some lines
go to the main lock buffer directly and others are delayed via
the per-CPU buffer. It means that it is not useful in general.
This patch replaces the problematic NMI deferred context with NMI
direct context. It can be used to mark a code that might produce
many messages in NMI and the risk of losing them is more critical
than problems with eventual reordering.
The context is then used when dumping trace buffers on oops. It was
the primary motivation for the original fix. Also the reordering is
even smaller issue there because some traces have their own time stamps.
Finally, nmi_cpu_backtrace() need not longer be serialized because
it will always us the per-CPU buffers again.
Fixes: 719f6a7040f1bdaf96 ("printk: Use the main logbuf in NMI when logbuf_lock is available")
Cc: stable@vger.kernel.org
Link: http://lkml.kernel.org/r/20180627142028.11259-1-pmladek@suse.com
To: Steven Rostedt <rostedt@goodmis.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
Cc: linux-kernel@vger.kernel.org
Cc: stable@vger.kernel.org
Acked-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Signed-off-by: Petr Mladek <pmladek@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
qctecmdr Service
|
9f234b8c51 | Merge "Merge android-4.14-p.62 (366527f) into msm-4.14" | ||
Chintan Pandya
|
a34806961b |
ioremap: Update pgtable free interfaces with addr
commit 785a19f9d1dd8a4ab2d0633be4656653bd3de1fc upstream.
The following kernel panic was observed on ARM64 platform due to a stale
TLB entry.
1. ioremap with 4K size, a valid pte page table is set.
2. iounmap it, its pte entry is set to 0.
3. ioremap the same address with 2M size, update its pmd entry with
a new value.
4. CPU may hit an exception because the old pmd entry is still in TLB,
which leads to a kernel panic.
Commit b6bdb7517c3d ("mm/vmalloc: add interfaces to free unmapped page
table") has addressed this panic by falling to pte mappings in the above
case on ARM64.
To support pmd mappings in all cases, TLB purge needs to be performed
in this case on ARM64.
Add a new arg, 'addr', to pud_free_pmd_page() and pmd_free_pte_page()
so that TLB purge can be added later in seprate patches.
[toshi.kani@hpe.com: merge changes, rewrite patch description]
Fixes: 28ee90fe6048 ("x86/mm: implement free pmd/pte page interfaces")
Signed-off-by: Chintan Pandya <cpandya@codeaurora.org>
Signed-off-by: Toshi Kani <toshi.kani@hpe.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: mhocko@suse.com
Cc: akpm@linux-foundation.org
Cc: hpa@zytor.com
Cc: linux-mm@kvack.org
Cc: linux-arm-kernel@lists.infradead.org
Cc: Will Deacon <will.deacon@arm.com>
Cc: Joerg Roedel <joro@8bytes.org>
Cc: stable@vger.kernel.org
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Michal Hocko <mhocko@suse.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: <stable@vger.kernel.org>
Link: https://lkml.kernel.org/r/20180627141348.21777-3-toshi.kani@hpe.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Nicolai Stange
|
a3b031d13a |
debugfs: purge obsolete SRCU based removal protection
Purge the SRCU based file removal race protection in favour of the new,
refcount based debugfs_file_get()/debugfs_file_put() API.
Change-Id: If1f40752474e55773aae756fdcc9c5c64891c009
Fixes: 49d200deaa68 ("debugfs: prevent access to removed files' private data")
Signed-off-by: Nicolai Stange <nicstange@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Git-commit: c9afbec27089cd6b4e621b639f41c7fc726c3bf1
Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Signed-off-by: Raghavendra Rao Ananta <rananta@codeaurora.org>
|
||
Isaac J. Manjarres
|
b2c8463039 |
Merge android-4.14-p.61 (b7e55e8) into msm-4.14
* remotes/origin/tmp-b7e55e8:
Linux 4.14.61
scsi: sg: fix minor memory leak in error path
drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar formats
crypto: padlock-aes - Fix Nano workaround data corruption
RDMA/uverbs: Expand primary and alt AV port checks
iwlwifi: add more card IDs for 9000 series
userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails
audit: fix potential null dereference 'context->module.name'
kvm: x86: vmx: fix vpid leak
x86/entry/64: Remove %ebx handling from error_entry/exit
x86/apic: Future-proof the TSC_DEADLINE quirk for SKX
virtio_balloon: fix another race between migration and ballooning
net: socket: fix potential spectre v1 gadget in socketcall
can: ems_usb: Fix memory leak on ems_usb_disconnect()
squashfs: more metadata hardenings
squashfs: more metadata hardening
net/mlx5e: E-Switch, Initialize eswitch only if eswitch manager
rxrpc: Fix user call ID check in rxrpc_service_prealloc_one
net: stmmac: Fix WoL for PCI-based setups
netlink: Fix spectre v1 gadget in netlink_create()
net: dsa: Do not suspend/resume closed slave_dev
ipv4: frags: handle possible skb truesize change
inet: frag: enforce memory limits earlier
bonding: avoid lockdep confusion in bond_get_stats()
Linux 4.14.60
tcp: add one more quick ack after after ECN events
tcp: refactor tcp_ecn_check_ce to remove sk type cast
tcp: do not aggressively quick ack after ECN events
tcp: add max_quickacks param to tcp_incr_quickack and tcp_enter_quickack_mode
tcp: do not force quickack when receiving out-of-order packets
netlink: Don't shift with UB on nlk->ngroups
netlink: Do not subscribe to non-existent groups
xen-netfront: wait xenbus state change when load module manually
tcp_bbr: fix bw probing to raise in-flight data for very small BDPs
NET: stmmac: align DMA stuff to largest cache line length
net: mdio-mux: bcm-iproc: fix wrong getter and setter pair
net: lan78xx: fix rx handling before first packet is send
net: fix amd-xgbe flow-control issue
net: ena: Fix use of uninitialized DMA address bits field
ipv4: remove BUG_ON() from fib_compute_spec_dst
net: dsa: qca8k: Allow overwriting CPU port setting
net: dsa: qca8k: Add QCA8334 binding documentation
net: dsa: qca8k: Enable RXMAC when bringing up a port
net: dsa: qca8k: Force CPU port to its highest bandwidth
RDMA/uverbs: Protect from attempts to create flows on unsupported QP
usb: gadget: udc: renesas_usb3: should remove debugfs
ovl: Sync upper dirty data when syncing overlayfs
PCI: xgene: Remove leftover pci_scan_child_bus() call
PCI: pciehp: Assume NoCompl+ for Thunderbolt ports
ext4: fix check to prevent initializing reserved inodes
ext4: check for allocation block validity with block group locked
ext4: fix inline data updates with checksums enabled
squashfs: be more careful about metadata corruption
random: mix rdrand with entropy sent in from userspace
block: reset bi_iter.bi_done after splitting bio
blkdev: __blkdev_direct_IO_simple: fix leak in error case
block: bio_iov_iter_get_pages: fix size of last iovec
drm/dp/mst: Fix off-by-one typo when dump payload table
drm/atomic-helper: Drop plane->fb references only for drm_atomic_helper_shutdown()
drm: Add DP PSR2 sink enable bit
ASoC: topology: Add missing clock gating parameter when parsing hw_configs
ASoC: topology: Fix bclk and fsync inversion in set_link_hw_format()
media: si470x: fix __be16 annotations
media: atomisp: compat32: fix __user annotations
scsi: cxlflash: Avoid clobbering context control register value
scsi: cxlflash: Synchronize reset and remove ops
scsi: megaraid_sas: Increase timeout by 1 sec for non-RAID fastpath IOs
scsi: scsi_dh: replace too broad "TP9" string with the exact models
regulator: Don't return or expect -errno from of_map_mode()
media: omap3isp: fix unbalanced dma_iommu_mapping
crypto: authenc - don't leak pointers to authenc keys
crypto: authencesn - don't leak pointers to authenc keys
usb: hub: Don't wait for connect state at resume for powered-off ports
microblaze: Fix simpleImage format generation
soc: imx: gpcv2: Do not pass static memory as platform data
serial: core: Make sure compiler barfs for 16-byte earlycon names
staging: lustre: ldlm: free resource when ldlm_lock_create() fails.
staging: lustre: llite: correct removexattr detection
staging: vchiq_core: Fix missing semaphore release in error case
audit: allow not equal op for audit by executable
rsi: fix nommu_map_sg overflow kernel panic
rsi: Fix 'invalid vdd' warning in mmc
ipconfig: Correctly initialise ic_nameservers
drm/gma500: fix psb_intel_lvds_mode_valid()'s return type
igb: Fix queue selection on MAC filters on i210
arm64: defconfig: Enable Rockchip io-domain driver
nvme: lightnvm: add granby support
memory: tegra: Apply interrupts mask per SoC
memory: tegra: Do not handle spurious interrupts
delayacct: Use raw_spinlocks
stop_machine: Use raw spinlocks
backlight: pwm_bl: Don't use GPIOF_* with gpiod_get_direction
dt-bindings: net: meson-dwmac: new compatible name for AXG SoC
net: hns3: Fixes the out of bounds access in hclge_map_tqp
spi: meson-spicc: Fix error handling in meson_spicc_probe()
dt-bindings: pinctrl: meson: add support for the Meson8m2 SoC
mmc: pwrseq: Use kmalloc_array instead of stack VLA
mmc: dw_mmc: update actual clock for mmc debugfs
ALSA: hda/ca0132: fix build failure when a local macro is defined
drm/atomic: Handling the case when setting old crtc for plane
media: siano: get rid of __le32/__le16 cast warnings
f2fs: avoid fsync() failure caused by EAGAIN in writepage()
bpf: fix references to free_bpf_prog_info() in comments
thermal: exynos: fix setting rising_threshold for Exynos5433
staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5
staging: lustre: o2iblnd: fix race at kiblnd_connect_peer
scsi: qedf: Set the UNLOADING flag when removing a vport
scsi: hisi_sas: config ATA de-reset as an constrained command for v3 hw
scsi: megaraid: silence a static checker bug
scsi: 3w-xxxx: fix a missing-check bug
scsi: 3w-9xxx: fix a missing-check bug
bnxt_en: Check unsupported speeds in bnxt_update_link() on PF only.
perf: fix invalid bit in diagnostic entry
s390/cpum_sf: Add data entry sizes to sampling trailer entry
brcmfmac: Add support for bcm43364 wireless chipset
mtd: rawnand: fsl_ifc: fix FSL NAND driver to read all ONFI parameter pages
media: saa7164: Fix driver name in debug output
media: media-device: fix ioctl function types
ACPI / LPSS: Only call pwm_add_table() for Bay Trail PWM if PMIC HRV is 2
libata: Fix command retry decision
media: rcar_jpu: Add missing clk_disable_unprepare() on error in jpu_open()
net: phy: phylink: Release link GPIO
dma-iommu: Fix compilation when !CONFIG_IOMMU_DMA
tty: Fix data race in tty_insert_flip_string_fixed_flag
i40e: free the skb after clearing the bitlock
nvmem: properly handle returned value nvmem_reg_read
ARM: dts: sh73a0: Add missing interrupt-affinity to PMU node
ARM: dts: emev2: Add missing interrupt-affinity to PMU node
ARM: dts: stih407-pinctrl: Fix complain about IRQ_TYPE_NONE usage
EDAC, altera: Fix ARM64 build warning
HID: i2c-hid: check if device is there before really probing
powerpc/embedded6xx/hlwd-pic: Prevent interrupts from being handled by Starlet
drm/amdgpu: Remove VRAM from shared bo domains.
drm/radeon: fix mode_valid's return type
arm64: dts: renesas: salvator-common: use audio-graph-card for Sound
HID: hid-plantronics: Re-resend Update to map button for PTT products
arm64: cmpwait: Clear event register before arming exclusive monitor
media: atomisp: ov2680: don't declare unused vars
ALSA: usb-audio: Apply rate limit to warning messages in URB complete callback
net: ethernet: ti: cpsw-phy-sel: check bus_find_device() ret value
media: smiapp: fix timeout checking in smiapp_read_nvm
ixgbevf: fix MAC address changes through ixgbevf_set_mac()
md: fix NULL dereference of mddev->pers in remove_and_add_spares()
md/raid1: add error handling of read error from FailFast device
regulator: pfuze100: add .is_enable() for pfuze100_swb_regulator_ops
ALSA: emu10k1: Rate-limit error messages about page errors
rtc: tps65910: fix possible race condition
rtc: vr41xx: fix possible race condition
rtc: tps6586x: fix possible race condition
Bluetooth: btusb: add ID for LiteOn 04ca:301a
drm/nouveau/fifo/gk104-: poll for runlist update completion
scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger
scsi: ufs: fix exception event handling
scsi: ufs: ufshcd: fix possible unclocked register access
fscrypt: use unbound workqueue for decryption
net: hns3: Fix the missing client list node initialization
spi: Add missing pm_runtime_put_noidle() after failed get
drivers/perf: arm-ccn: don't log to dmesg in event_init
ima: based on policy verify firmware signatures (pre-allocated buffer)
mwifiex: correct histogram data with appropriate index
net: dsa: qca8k: Add support for QCA8334 switch
PCI: pciehp: Request control of native hotplug only if supported
bpf: powerpc64: pad function address loads with NOPs
pinctrl: at91-pio4: add missing of_node_put
powerpc/8xx: fix invalid register expression in head_8xx.S
spi: sh-msiof: Fix setting SIRMDR1.SYNCAC to match SITMDR1.SYNCAC
powerpc: Add __printf verification to prom_printf
powerpc/powermac: Mark variable x as unused
powerpc/powermac: Add missing prototype for note_bootable_part()
powerpc/chrp/time: Make some functions static, add missing header include
powerpc/32: Add a missing include header
ath: Add regulatory mapping for Bahamas
ath: Add regulatory mapping for Bermuda
ath: Add regulatory mapping for Serbia
ath: Add regulatory mapping for Tanzania
ath: Add regulatory mapping for Uganda
ath: Add regulatory mapping for APL2_FCCA
ath: Add regulatory mapping for APL13_WORLD
ath: Add regulatory mapping for ETSI8_WORLD
ath: Add regulatory mapping for FCC3_ETSIC
nvme-pci: Fix AER reset handling
nvme-rdma: stop admin queue before freeing it
PCI: Prevent sysfs disable of device while driver is attached
PM / wakeup: Make s2idle_lock a RAW_SPINLOCK
x86/microcode: Make the late update update_lock a raw lock for RT
btrfs: qgroup: Finish rescan when hit the last leaf of extent tree
btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups
Btrfs: don't BUG_ON() in btrfs_truncate_inode_items()
Btrfs: don't return ino to ino cache if inode item removal fails
media: videobuf2-core: don't call memop 'finish' when queueing
media: tw686x: Fix incorrect vb2_mem_ops GFP flags
net: hns3: Fixes the init of the VALID BD info in the descriptor
wlcore: sdio: check for valid platform device data before suspend
mwifiex: handle race during mwifiex_usb_disconnect
mfd: cros_ec: Fail early if we cannot identify the EC
ASoC: dpcm: fix BE dai not hw_free and shutdown
Bluetooth: btusb: Add a new Realtek 8723DE ID 2ff8:b011
Bluetooth: hci_qca: Fix "Sleep inside atomic section" warning
iwlwifi: pcie: fix race in Rx buffer allocator
btrfs: balance dirty metadata pages in btrfs_finish_ordered_io
PCI: Fix devm_pci_alloc_host_bridge() memory leak
selftests: intel_pstate: return Kselftest Skip code for skipped tests
selftests: memfd: return Kselftest Skip code for skipped tests
selftests/intel_pstate: Improve test, minor fixes
perf/x86/intel/uncore: Correct fixed counter index check for NHM
perf/x86/intel/uncore: Correct fixed counter index check in generic code
usbip: dynamically allocate idev by nports found in sysfs
usbip: usbip_detach: Fix memory, udev context and udev leak
block, bfq: remove wrong lock in bfq_requests_merged
f2fs: fix race in between GC and atomic open
f2fs: fix to detect failure of dquot_initialize
f2fs: Fix deadlock in shutdown ioctl
f2fs: fix to wait page writeback during revoking atomic write
f2fs: fix to don't trigger writeback during recovery
f2fs: fix error path of move_data_page
disable loading f2fs module on PAGE_SIZE > 4KB
pnfs: Don't release the sequence slot until we've processed layoutget on open
netfilter: nf_tables: check msg_type before nft_trans_set(trans)
lightnvm: pblk: warn in case of corrupted write buffer
RDMA/mad: Convert BUG_ONs to error flows
powerpc/64s: Fix compiler store ordering to SLB shadow area
hvc_opal: don't set tb_ticks_per_usec in udbg_init_opal_common()
powerpc/eeh: Fix use-after-release of EEH driver
powerpc/64s: Add barrier_nospec
powerpc/lib: Adjust .balign inside string functions for PPC32
infiniband: fix a possible use-after-free bug
e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes
ceph: fix alignment of rasize
bpf, arm32: fix inconsistent naming about emit_a32_lsr_{r64,i64}
printk: drop in_nmi check from printk_safe_flush_on_panic()
watchdog: da9063: Fix updating timeout value
irqchip/ls-scfg-msi: Map MSIs in the iommu
netfilter: ipset: List timing out entries with "timeout 1" instead of zero
netfilter: ipset: forbid family for hash:mac sets
perf tools: Fix pmu events parsing rule
rtc: ensure rtc_set_alarm fails when alarms are not supported
mm/slub.c: add __printf verification to slab_err()
mm: vmalloc: avoid racy handling of debugobjects in vunmap
mm: /proc/pid/pagemap: hide swap entries from unprivileged users
kernel/hung_task.c: show all hung tasks before panic
vfio/type1: Fix task tracking for QEMU vCPU hotplug
vfio/mdev: Check globally for duplicate devices
vfio: platform: Fix reset module leak in error path
nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo
NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY
ALSA: fm801: add error handling for snd_ctl_add
ALSA: emu10k1: add error handling for snd_ctl_add
skip LAYOUTRETURN if layout is invalid
hv_netvsc: fix network namespace issues with VF support
xen/netfront: raise max number of slots in xennet_get_responses()
kcov: ensure irq code sees a valid area
mlxsw: spectrum_switchdev: Fix port_vlan refcounting
arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups
tracing: Quiet gcc warning about maybe unused link variable
tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
kthread, tracing: Don't expose half-written comm when creating kthreads
tracing: Fix possible double free in event_enable_trigger_func()
tracing: Fix double free of event_trigger_data
delayacct: fix crash in delayacct_blkio_end() after delayacct init failure
kvm, mm: account shadow page tables to kmemcg
Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
Input: elan_i2c - add ACPI ID for lenovo ideapad 330
spi: spi-s3c64xx: Fix system resume support
drivers/infiniband/ulp/srpt/ib_srpt.c: fix build with gcc-4.4.4
IB/srpt: Fix an out-of-bounds stack access in srpt_zerolength_write()
drivers/infiniband/core/verbs.c: fix build with gcc-4.4.4
RDMA/core: Avoid that ib_drain_qp() triggers an out-of-bounds stack access
i2c: core: decrease reference count of device node in i2c_unregister_device
fork: unconditionally clear stack on fork
Linux 4.14.59
turn off -Wattribute-alias
can: m_can.c: fix setup of CCCR register: clear CCCR NISO bit before checking can.ctrlmode
can: peak_canfd: fix firmware < v3.3.0: limit allocation to 32-bit DMA addr only
can: xilinx_can: fix RX overflow interrupt not being enabled
can: xilinx_can: fix incorrect clear of non-processed interrupts
can: xilinx_can: keep only 1-2 frames in TX FIFO to fix TX accounting
can: xilinx_can: fix device dropping off bus on RX overrun
can: xilinx_can: fix recovery from error states not being propagated
can: xilinx_can: fix power management handling
can: xilinx_can: fix RX loop if RXNEMP is asserted without RXOK
driver core: Partially revert "driver core: correct device's shutdown order"
usb: gadget: f_fs: Only return delayed status when len is 0
usb: dwc2: Fix DMA alignment to start at allocated boundary
usb: core: handle hub C_PORT_OVER_CURRENT condition
usb: cdc_acm: Add quirk for Castles VEGA3000
staging: speakup: fix wraparound in uaccess length check
tcp: add tcp_ooo_try_coalesce() helper
tcp: call tcp_drop() from tcp_data_queue_ofo()
tcp: detect malicious patterns in tcp_collapse_ofo_queue()
tcp: avoid collapses in tcp_prune_queue() if possible
tcp: free batches of packets in tcp_prune_ofo_queue()
tcp: do not delay ACK in DCTCP upon CE status change
tcp: do not cancel delay-AcK on DCTCP special ACK
tcp: helpers to send special DCTCP ack
tcp: fix dctcp delayed ACK schedule
vxlan: fix default fdb entry netlink notify ordering during netdev create
vxlan: make netlink notify in vxlan_fdb_destroy optional
vxlan: add new fdb alloc and create helpers
rtnetlink: add rtnl_link_state check in rtnl_configure_link
sock: fix sg page frag coalescing in sk_alloc_sg
net: phy: consider PHY_IGNORE_INTERRUPT in phy_start_aneg_priv
multicast: do not restore deleted record source filter mode to new one
net/ipv6: Fix linklocal to global address with VRF
net/mlx5e: Fix quota counting in aRFS expire flow
net/mlx5e: Don't allow aRFS for encapsulated packets
net/mlx5: Adjust clock overflow work period
net: skb_segment() should not return NULL
net/mlx4_core: Save the qpn from the input modifier in RST2INIT wrapper
ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull
ip: hash fragments consistently
bonding: set default miimon value for non-arp modes if not set
drm/nouveau: Set DRIVER_ATOMIC cap earlier to fix debugfs
drm/nouveau/drm/nouveau: Fix runtime PM leak in nv50_disp_atomic_commit()
KVM: PPC: Check if IOMMU page is contained in the pinned physical page
xen/PVH: Set up GS segment for stack canary
MIPS: Fix off-by-one in pci_resource_to_user()
MIPS: ath79: fix register address in ath79_ddr_wb_flush()
Revert "cifs: Fix slab-out-of-bounds in send_set_info() on SMB2 ACE setting"
ANDROID: verity: really fix android-verity Kconfig
tcp: add tcp_ooo_try_coalesce() helper
tcp: call tcp_drop() from tcp_data_queue_ofo()
tcp: detect malicious patterns in tcp_collapse_ofo_queue()
tcp: avoid collapses in tcp_prune_queue() if possible
tcp: free batches of packets in tcp_prune_ofo_queue()
x86_64_cuttlefish_defconfig: Enable android-verity
x86_64_cuttlefish_defconfig: enable verity cert
ANDROID: android-verity: Fix broken parameter handling.
ANDROID: android-verity: Make it work with newer kernels
ANDROID: android-verity: Add API to verify signature with builtin keys.
ANDROID: verity: fix android-verity Kconfig dependencies
Linux 4.14.58
xhci: Fix perceived dead host due to runtime suspend race with event handler
powerpc/powernv: Fix save/restore of SPRG3 on entry/exit from stop (idle)
cxl_getfile(): fix double-iput() on alloc_file() failures
alpha: fix osf_wait4() breakage
net: usb: asix: replace mii_nway_restart in resume path
ipv6: make DAD fail with enhanced DAD when nonce length differs
net: systemport: Fix CRC forwarding check for SYSTEMPORT Lite
net/mlx4_en: Don't reuse RX page when XDP is set
hv_netvsc: Fix napi reschedule while receive completion is busy
tg3: Add higher cpu clock for 5762.
qmi_wwan: add support for Quectel EG91
ptp: fix missing break in switch
net: phy: fix flag masking in __set_phy_supported
net/ipv4: Set oif in fib_compute_spec_dst
skbuff: Unconditionally copy pfmemalloc in __skb_clone()
net: Don't copy pfmemalloc flag in __copy_skb_header()
net: diag: Don't double-free TCP_NEW_SYN_RECV sockets in tcp_abort
lib/rhashtable: consider param->min_size when setting initial table size
ipv6: ila: select CONFIG_DST_CACHE
ipv6: fix useless rol32 call on hash
ipv4: Return EINVAL when ping_group_range sysctl doesn't map to user ns
gen_stats: Fix netlink stats dumping in the presence of padding
drm/nouveau: Avoid looping through fake MST connectors
drm/nouveau: Use drm_connector_list_iter_* for iterating connectors
drm/i915: Fix hotplug irq ack on i965/g4x
stop_machine: Disable preemption when waking two stopper threads
vfio/spapr: Use IOMMU pageshift rather than pagesize
vfio/pci: Fix potential Spectre v1
cpufreq: intel_pstate: Register when ACPI PCCH is present
mm/huge_memory.c: fix data loss when splitting a file pmd
mm: memcg: fix use after free in mem_cgroup_iter()
ARC: mm: allow mprotect to make stack mappings executable
ARC: configs: Remove CONFIG_INITRAMFS_SOURCE from defconfigs
ARC: Fix CONFIG_SWAP
ARCv2: [plat-hsdk]: Save accl reg pair by default
ALSA: hda: add mute led support for HP ProBook 455 G5
ALSA: hda/realtek - Add Panasonic CF-SZ6 headset jack quirk
ALSA: rawmidi: Change resized buffers atomically
fat: fix memory allocation failure handling of match_strdup()
x86/MCE: Remove min interval polling limitation
x86/events/intel/ds: Fix bts_interrupt_threshold alignment
x86/apm: Don't access __preempt_count with zeroed fs
KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel.
scsi: sd_zbc: Fix variable type and bogus comment
ANDROID: uid_sys_stats: Replace tasklist lock with RCU in uid_cputime_show
Linux 4.14.57
string: drop __must_check from strscpy() and restore strscpy() usages in cgroup
arm64: KVM: Add ARCH_WORKAROUND_2 discovery through ARCH_FEATURES_FUNC_ID
arm64: KVM: Handle guest's ARCH_WORKAROUND_2 requests
arm64: KVM: Add ARCH_WORKAROUND_2 support for guests
arm64: KVM: Add HYP per-cpu accessors
arm64: ssbd: Add prctl interface for per-thread mitigation
arm64: ssbd: Introduce thread flag to control userspace mitigation
arm64: ssbd: Restore mitigation status on CPU resume
arm64: ssbd: Skip apply_ssbd if not using dynamic mitigation
arm64: ssbd: Add global mitigation state accessor
arm64: Add 'ssbd' command-line option
arm64: Add ARCH_WORKAROUND_2 probing
arm64: Add per-cpu infrastructure to call ARCH_WORKAROUND_2
arm64: Call ARCH_WORKAROUND_2 on transitions between EL0 and EL1
arm/arm64: smccc: Add SMCCC-specific return codes
KVM: arm64: Avoid storing the vcpu pointer on the stack
KVM: arm/arm64: Do not use kern_hyp_va() with kvm_vgic_global_state
arm64: alternatives: Add dynamic patching feature
KVM: arm64: Stop save/restoring host tpidr_el1 on VHE
arm64: alternatives: use tpidr_el2 on VHE hosts
KVM: arm64: Change hyp_panic()s dependency on tpidr_el2
KVM: arm/arm64: Convert kvm_host_cpu_state to a static per-cpu allocation
KVM: arm64: Store vcpu on the stack during __guest_enter()
net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL.
rds: avoid unenecessary cong_update in loop transport
bdi: Fix another oops in wb_workfn()
netfilter: ipv6: nf_defrag: drop skb dst before queueing
nsh: set mac len based on inner packet
autofs: fix slab out of bounds read in getname_kernel()
tls: Stricter error checking in zerocopy sendmsg path
KEYS: DNS: fix parsing multiple options
reiserfs: fix buffer overflow with long warning messages
netfilter: ebtables: reject non-bridge targets
PCI: hv: Disable/enable IRQs rather than BH in hv_compose_msi_msg()
block: do not use interruptible wait anywhere
mtd: rawnand: denali_dt: set clk_x_rate to 200 MHz unconditionally
crypto: af_alg - Initialize sg_num_bytes in error code path
clocksource: Initialize cs->wd_list
media: rc: oops in ir_timer_keyup after device unplug
xhci: Fix USB3 NULL pointer dereference at logical disconnect.
net: lan78xx: Fix race in tx pending skb size calculation
rtlwifi: rtl8821ae: fix firmware is not ready to run
rtlwifi: Fix kernel Oops "Fw download fail!!"
net: cxgb3_main: fix potential Spectre v1
VSOCK: fix loopback on big-endian systems
vhost_net: validate sock before trying to put its fd
tcp: prevent bogus FRTO undos with non-SACK flows
tcp: fix Fast Open key endianness
strparser: Remove early eaten to fix full tcp receive buffer stall
stmmac: fix DMA channel hang in half-duplex mode
r8152: napi hangup fix after disconnect
qmi_wwan: add support for the Dell Wireless 5821e module
qed: Limit msix vectors in kdump kernel to the minimum required count.
qed: Fix use of incorrect size in memcpy call.
qed: Fix setting of incorrect eswitch mode.
qede: Adverstise software timestamp caps when PHC is not available.
net/tcp: Fix socket lookups with SO_BINDTODEVICE
net: sungem: fix rx checksum support
net_sched: blackhole: tell upper qdisc about dropped packets
net/packet: fix use-after-free
net: mvneta: fix the Rx desc DMA address in the Rx path
net/mlx5: Fix wrong size allocation for QoS ETC TC regitster
net/mlx5: Fix required capability for manipulating MPFS
net/mlx5: Fix incorrect raw command length parsing
net/mlx5: Fix command interface race in polling mode
net/mlx5: E-Switch, Avoid setup attempt if not being e-switch manager
net/mlx5e: Don't attempt to dereference the ppriv struct if not being eswitch manager
net/mlx5e: Avoid dealing with vport representors if not being e-switch manager
net: macb: Fix ptp time adjustment for large negative delta
net: fix use-after-free in GRO with ESP
net: dccp: switch rx_tstamp_last_feedback to monotonic clock
net: dccp: avoid crash in ccid3_hc_rx_send_feedback()
ixgbe: split XDP_TX tail and XDP_REDIRECT map flushing
ipvlan: fix IFLA_MTU ignored on NEWLINK
ipv6: sr: fix passing wrong flags to crypto_alloc_shash()
hv_netvsc: split sub-channel setup into async and sync
atm: zatm: Fix potential Spectre v1
atm: Preserve value of skb->truesize when accounting to vcc
alx: take rtnl before calling __alx_open from resume
crypto: crypto4xx - fix crypto4xx_build_pdr, crypto4xx_build_sdr leak
crypto: crypto4xx - remove bad list_del
PCI: exynos: Fix a potential init_clk_resources NULL pointer dereference
bcm63xx_enet: do not write to random DMA channel on BCM6345
bcm63xx_enet: correct clock usage
ocfs2: ip_alloc_sem should be taken in ocfs2_get_block()
ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent
xprtrdma: Fix corner cases when handling device removal
cpufreq / CPPC: Set platform specific transition_delay_us
Btrfs: fix duplicate extents after fsync of file with prealloc extents
x86/paravirt: Make native_save_fl() extern inline
x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
compiler-gcc.h: Add __attribute__((gnu_inline)) to all inline declarations
ANDROID: Add hold functionality to schedtune CPU boost
ANDROID: sched/rt: Add schedtune accounting to rt task enqueue/dequeue
UPSTREAM: cpuidle: menu: Avoid selecting shallow states with stopped tick
UPSTREAM: cpuidle: menu: Refine idle state selection for running tick
UPSTREAM: sched: idle: Select idle state before stopping the tick
BACKPORT: time: hrtimer: Introduce hrtimer_next_event_without()
BACKPORT: time: tick-sched: Split tick_nohz_stop_sched_tick()
UPSTREAM: cpuidle: Return nohz hint from cpuidle_select()
UPSTREAM: jiffies: Introduce USER_TICK_USEC and redefine TICK_USEC
UPSTREAM: sched: idle: Do not stop the tick before cpuidle_idle_call()
BACKPORT: sched: idle: Do not stop the tick upfront in the idle loop
BACKPORT: time: tick-sched: Reorganize idle tick management code
ANDROID: sched/fair: fix a warning
ANDROID: sched/walt: Fix compilation issue for x86_64
ANDROID: mnt: Fix next_descendent
ANDROID: sched/events: Introduce util_est trace events
ANDROID: sched/fair: schedtune: update before schedutil
FROMLIST: sched/fair: add support to tune PELT ramp/decay timings
BACKPORT: sched/fair: Update util_est before updating schedutil
BACKPORT: sched/fair: Update util_est only on util_avg updates
BACKPORT: sched/fair: Use util_est in LB and WU paths
BACKPORT: sched/fair: Add util_est on top of PELT
ANDROID: sched/fair: Cleanup cpu_util{_wake}()
ANDROID: sched: Update max cpu capacity in case of max frequency constraints
ANDROID: arm: enable max frequency capping
ANDROID: arm64: enable max frequency capping
ANDROID: implement max frequency capping
ANDROID: sched/fair: add arch scaling function for max frequency capping
ANDROID: trace: Add WALT util signal to trace event sched_load_cfs_rq
ANDROID: sched, trace: Remove trace event sched_load_avg_cpu
ANDROID: Rename and move include/linux/sched_energy.h
ANDROID: Adjust juno energy model
ANDROID: Check equality of max cap state cap and cpu scale
ANDROID: Move energy model init call into arch_topology driver
ANDROID: Streamline sched_domain_energy_f functions
ANDROID: Separate cpu_scale and energy model setup
ANDROID: update_group_capacity for single cpu in cluster
ANDROID: sched/fair: return idle CPU immediately for prefer_idle
ANDROID: sched/fair: add idle state filter to prefer_idle case
ANDROID: sched/fair: remove order from CPU selection
ANDROID: sched/fair: unify spare capacity calculation
ANDROID:sched/fair: prefer energy efficient CPUs for !prefer_idle tasks
ANDROID: sched/fair: fix CPU selection for non latency sensitive tasks
ANDROID: sched/fair: Also do misfit in overloaded groups
ANDROID: sched/fair: Don't balance misfits if it would overload local group
ANDROID: sched/fair: Attempt to improve throughput for asym cap systems
FROMLIST: sched/fair: Don't move tasks to lower capacity cpus unless necessary
FROMLIST: sched/core: Disable SD_PREFER_SIBLING on asymmetric cpu capacity domains
FROMLIST: sched/core: Disable SD_ASYM_CPUCAPACITY for root_domains without asymmetry
FROMLIST: sched/fair: Set rq->rd->overload when misfit
FROMLIST: sched: Wrap rq->rd->overload accesses with READ/WRITE_ONCE
FROMLIST: sched: Change root_domain->overload type to int
FROMLIST: sched/fair: Change prefer_sibling type to bool
FROMLIST: sched/fair: Consider misfit tasks when load-balancing
FROMLIST: sched: Add sched_group per-cpu max capacity
FROMLIST: sched/fair: Add group_misfit_task load-balance type
FROMLIST: sched: Add static_key for asymmetric cpu capacity optimizations
UPSTREAM: ANDROID: binder: change down_write to down_read
UPSTREAM: ANDROID: binder: correct the cmd print for BINDER_WORK_RETURN_ERROR
UPSTREAM: ANDROID: binder: remove 32-bit binder interface.
UPSTREAM: android: binder: Use true and false for boolean values
UPSTREAM: android: binder: Use octal permissions
UPSTREAM: android: binder: Prefer __func__ to using hardcoded function name
UPSTREAM: ANDROID: binder: make binder_alloc_new_buf_locked static and indent its arguments
UPSTREAM: android: binder: Check for errors in binder_alloc_shrinker_init().
Conflicts:
arch/arm64/Kconfig
arch/arm64/include/asm/cpucaps.h
arch/arm64/include/asm/cpufeature.h
arch/arm64/include/asm/thread_info.h
arch/arm64/kernel/cpu_errata.c
arch/arm64/kernel/cpufeature.c
arch/arm64/kernel/entry.S
arch/arm64/kernel/ssbd.c
drivers/base/arch_topology.c
drivers/md/Kconfig
drivers/scsi/ufs/ufshcd.c
drivers/usb/gadget/function/f_fs.c
include/trace/events/sched.h
kernel/sched/cpufreq_schedutil.c
kernel/sched/energy.c
kernel/sched/fair.c
kernel/sched/features.h
kernel/sched/sched.h
kernel/sched/topology.c
kernel/sched/tune.c
kernel/sched/walt.c
kernel/sched/walt.h
kernel/stop_machine.c
kernel/time/tick-sched.c
net/socket.c
sound/core/rawmidi.c
Change-Id: Ia246711317930ecd55bb42565a04e6b4fdfc26d2
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
Davidlohr Bueso
|
cfb876dc30 |
lib/rhashtable: consider param->min_size when setting initial table size
[ Upstream commit 107d01f5ba10f4162c38109496607eb197059064 ] rhashtable_init() currently does not take into account the user-passed min_size parameter unless param->nelem_hint is set as well. As such, the default size (number of buckets) will always be HASH_DEFAULT_SIZE even if the smallest allowed size is larger than that. Remediate this by unconditionally calling into rounded_hashtable_size() and handling things accordingly. Signed-off-by: Davidlohr Bueso <dbueso@suse.de> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Isaac J. Manjarres
|
44984fa144 |
Merge android-4.14.53 (57c2874) into msm-4.14
* remotes/origin/tmp-57c2874:
Linux 4.14.53
xhci: Fix use-after-free in xhci_free_virt_device
dm thin: handle running out of data space vs concurrent discard
dm zoned: avoid triggering reclaim from inside dmz_map()
x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y
block: Fix cloning of requests with a special payload
block: Fix transfer when chunk sectors exceeds max
slub: fix failure when we delete and create a slab cache
ALSA: hda/realtek - Fix the problem of two front mics on more machines
ALSA: hda/realtek - Add a quirk for FSC ESPRIMO U9210
ALSA: hda/realtek - Fix pop noise on Lenovo P50 & co
ALSA: timer: Fix UBSAN warning at SNDRV_TIMER_IOCTL_NEXT_DEVICE ioctl
Input: elantech - fix V4 report decoding for module with middle key
Input: elantech - enable middle button of touchpads on ThinkPad P52
Input: elan_i2c_smbus - fix more potential stack buffer overflows
Input: xpad - fix GPD Win 2 controller name
udf: Detect incorrect directory size
xen: Remove unnecessary BUG_ON from __unbind_from_irq()
mm: fix devmem_is_allowed() for sub-page System RAM intersections
mm/ksm.c: ignore STABLE_FLAG of rmap_item->address in rmap_walk_ksm()
rbd: flush rbd_dev->watch_dwork after watch is unregistered
pwm: lpss: platform: Save/restore the ctrl register over a suspend/resume
Input: elan_i2c - add ELAN0618 (Lenovo v330 15IKB) ACPI ID
ACPI / LPSS: Add missing prv_offset setting for byt/cht PWM devices
video: uvesafb: Fix integer overflow in allocation
NFSv4: Fix a typo in nfs41_sequence_process
NFSv4: Revert commit 5f83d86cf531d ("NFSv4.x: Fix wraparound issues..")
NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message
nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir
media: dvb_frontend: fix locking issues at dvb_frontend_get_event()
media: cx231xx: Add support for AverMedia DVD EZMaker 7
media: v4l2-compat-ioctl32: prevent go past max size
media: vsp1: Release buffers for each video node
perf/x86/intel/uncore: Add event constraint for BDX PCU
perf vendor events: Add Goldmont Plus V1 event file
perf intel-pt: Fix packet decoding of CYC packets
perf intel-pt: Fix "Unexpected indirect branch" error
perf intel-pt: Fix MTC timing after overflow
perf intel-pt: Fix decoding to accept CBR between FUP and corresponding TIP
perf intel-pt: Fix sync_switch INTEL_PT_SS_NOT_TRACING
perf tools: Fix symbol and object code resolution for vdso32 and vdsox32
arm: dts: mt7623: fix invalid memory node being generated
mfd: intel-lpss: Fix Intel Cannon Lake LPSS I2C input clock
mfd: intel-lpss: Program REMAP register in PIO mode
backlight: tps65217_bl: Fix Device Tree node lookup
backlight: max8925_bl: Fix Device Tree node lookup
backlight: as3711_bl: Fix Device Tree node lookup
UBIFS: Fix potential integer overflow in allocation
ubi: fastmap: Correctly handle interrupted erasures in EBA
ubi: fastmap: Cancel work upon detach
rpmsg: smd: do not use mananged resources for endpoints and channels
md: fix two problems with setting the "re-add" device state.
rtc: sun6i: Fix bit_idx value for clk_register_gate
clk: at91: PLL recalc_rate() now using cached MUL and DIV values
linvdimm, pmem: Preserve read-only setting for pmem devices
scsi: zfcp: fix missing REC trigger trace on enqueue without ERP thread
scsi: zfcp: fix missing REC trigger trace for all objects in ERP_FAILED
scsi: zfcp: fix missing REC trigger trace on terminate_rport_io for ERP_FAILED
scsi: zfcp: fix missing REC trigger trace on terminate_rport_io early return
scsi: zfcp: fix misleading REC trigger trace where erp_action setup failed
scsi: zfcp: fix missing SCSI trace for retry of abort / scsi_eh TMF
scsi: zfcp: fix missing SCSI trace for result of eh_host_reset_handler
scsi: qla2xxx: Mask off Scope bits in retry delay
scsi: qla2xxx: Fix setting lower transfer speed if GPSC fails
scsi: hpsa: disable device during shutdown
mm: fix __gup_device_huge vs unmap
iio: sca3000: Fix an error handling path in 'sca3000_probe()'
iio: adc: ad7791: remove sample freq sysfs attributes
Btrfs: fix return value on rename exchange failure
X.509: unpack RSA signatureValue field from BIT STRING
irqchip/gic-v3-its: Don't bind LPI to unavailable NUMA node
time: Make sure jiffies_to_msecs() preserves non-zero time periods
MIPS: io: Add barrier after register read in inX()
cpufreq: intel_pstate: Fix scaling max/min limits with Turbo 3.0
pinctrl: devicetree: Fix pctldev pointer overwrite
pinctrl: samsung: Correct EINTG banks order
auxdisplay: fix broken menu
PCI: pciehp: Clear Presence Detect and Data Link Layer Status Changed on resume
PCI: Add ACS quirk for Intel 300 series
PCI: Add ACS quirk for Intel 7th & 8th Gen mobile
PCI: hv: Make sure the bus domain is really unique
MIPS: BCM47XX: Enable 74K Core ExternalSync for PCIe erratum
mtd: cfi_cmdset_0002: Avoid walking all chips when unlocking.
mtd: cfi_cmdset_0002: Fix unlocking requests crossing a chip boudary
mtd: cfi_cmdset_0002: fix SEGV unlocking multiple chips
mtd: cfi_cmdset_0002: Use right chip in do_ppb_xxlock()
mtd: cfi_cmdset_0002: Change write buffer to check correct value
xprtrdma: Return -ENOBUFS when no pages are available
RDMA/mlx4: Discard unknown SQP work requests
IB/hfi1: Fix user context tail allocation for DMA_RTAIL
IB/hfi1: Optimize kthread pointer locking when queuing CQ entries
IB/hfi1: Reorder incorrect send context disable
IB/hfi1: Fix fault injection init/exit issues
IB/isert: fix T10-pi check mask setting
IB/isert: Fix for lib/dma_debug check_sync warning
IB/mlx5: Fetch soft WQE's on fatal error state
IB/core: Make testing MR flags for writability a static inline function
IB/mlx4: Mark user MR as writable if actual virtual memory is writable
IB/{hfi1, qib}: Add handling of kernel restart
IB/qib: Fix DMA api warning with debug kernel
tpm: fix race condition in tpm_common_write()
tpm: fix use after free in tpm2_load_context()
of: platform: stop accessing invalid dev in of_platform_device_destroy
of: unittest: for strings, account for trailing \0 in property length field
of: overlay: validate offset from property fixups
ARM64: dts: meson: disable sd-uhs modes on the libretech-cc
arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance
arm64: kpti: Use early_param for kpti= command-line option
arm64: Fix syscall restarting around signal suppressed by tracer
ARM: dts: socfpga: Fix NAND controller node compatible for Arria10
ARM: dts: socfpga: Fix NAND controller clock supply
ARM: dts: socfpga: Fix NAND controller node compatible
ARM: dts: Fix SPI node for Arria10
ARM: 8764/1: kgdb: fix NUMREGBYTES so that gdb_regs[] is the correct size
cxl: Disable prefault_mode in Radix mode
soc: rockchip: power-domain: Fix wrong value when power up pd with writemask
powerpc/fadump: Unregister fadump on kexec down path.
cpuidle: powernv: Fix promotion from snooze if next state disabled
powerpc/powernv/cpuidle: Init all present cpus for deep states
powerpc/powernv: copy/paste - Mask SO bit in CR
powerpc/powernv/ioda2: Remove redundant free of TCE pages
powerpc/ptrace: Fix enforcement of DAWR constraints
powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus()
powerpc/ptrace: Fix setting 512B aligned breakpoints with PTRACE_SET_DEBUGREG
powerpc/mm/hash: Add missing isync prior to kernel stack SLB switch
fuse: fix control dir setup and teardown
fuse: don't keep dead fuse_conn at fuse_fill_super().
fuse: atomic_o_trunc should truncate pagecache
fuse: fix congested state leak on aborted connections
printk: fix possible reuse of va_list variable
Bluetooth: hci_qca: Avoid missing rampatch failure with userspace fw loader
ipmi:bt: Set the timeout before doing a capabilities check
branch-check: fix long->int truncation when profiling branches
mips: ftrace: fix static function graph tracing
ftrace/selftest: Have the reset_trigger code be a bit more careful
lib/vsprintf: Remove atomic-unsafe support for %pCr
clk: renesas: cpg-mssr: Stop using printk format %pCr
thermal: bcm2835: Stop using printk format %pCr
ASoC: cirrus: i2s: Fix {TX|RX}LinCtrlData setup
ASoC: cirrus: i2s: Fix LRCLK configuration
ASoC: cs35l35: Add use_single_rw to regmap config
ASoC: dapm: delete dapm_kcontrol_data paths list before freeing it
1wire: family module autoload fails because of upper/lower case mismatch.
usb: do not reset if a low-speed or full-speed device timed out
PM / OPP: Update voltage in case freq == old_freq
PM / core: Fix supplier device runtime PM usage counter imbalance
PM / Domains: Fix error path during attach in genpd
signal/xtensa: Consistenly use SIGBUS in do_unaligned_user
serial: sh-sci: Use spin_{try}lock_irqsave instead of open coding version
m68k/mac: Fix SWIM memory resource end address
m68k/mm: Adjust VM area to be unmapped by gap size for __iounmap()
x86: Call fixup_exception() before notify_die() in math_error()
x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out()
x86/mce: Fix incorrect "Machine check from unknown source" message
x86/mce: Check for alternate indication of machine check recovery on Skylake
x86/mce: Improve error message when kernel cannot recover
x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths
x86/spectre_v1: Disable compiler optimizations over array_index_mask_nospec()
FROMLIST: trace: Reorder display of TGID to be after PID
Change-Id: I2e5135127f9d81a39dc77bc84fa50c76ec0b58af
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
Geert Uytterhoeven
|
ea0ac01f68 |
lib/vsprintf: Remove atomic-unsafe support for %pCr
commit 666902e42fd8344b923c02dc5b0f37948ff4f225 upstream.
"%pCr" formats the current rate of a clock, and calls clk_get_rate().
The latter obtains a mutex, hence it must not be called from atomic
context.
Remove support for this rarely-used format, as vsprintf() (and e.g.
printk()) must be callable from any context.
Any remaining out-of-tree users will start seeing the clock's name
printed instead of its rate.
Reported-by: Jia-Ju Bai <baijiaju1990@gmail.com>
Fixes: 900cca2944254edd ("lib/vsprintf: add %pC{,n,r} format specifiers for clocks")
Link: http://lkml.kernel.org/r/1527845302-12159-5-git-send-email-geert+renesas@glider.be
To: Jia-Ju Bai <baijiaju1990@gmail.com>
To: Jonathan Corbet <corbet@lwn.net>
To: Michael Turquette <mturquette@baylibre.com>
To: Stephen Boyd <sboyd@kernel.org>
To: Zhang Rui <rui.zhang@intel.com>
To: Eduardo Valentin <edubezval@gmail.com>
To: Eric Anholt <eric@anholt.net>
To: Stefan Wahren <stefan.wahren@i2se.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
Cc: Petr Mladek <pmladek@suse.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: linux-doc@vger.kernel.org
Cc: linux-clk@vger.kernel.org
Cc: linux-pm@vger.kernel.org
Cc: linux-serial@vger.kernel.org
Cc: linux-arm-kernel@lists.infradead.org
Cc: linux-renesas-soc@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Cc: Geert Uytterhoeven <geert+renesas@glider.be>
Cc: stable@vger.kernel.org # 4.1+
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Signed-off-by: Petr Mladek <pmladek@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Yogesh Lal
|
1c462be3af |
lib: stackdepot: Add support to configure STACK_HASH_SIZE
Use STACK_HASH_ORDER_SHIFT to configure STACK_HASH_SIZE. Aim is to have configurable value for STACK_HASH_SIZE, so depend on use case one can configure it. One example is of Page Owner, default value of STACK_HASH_SIZE lead stack depot to consume 8MB of static memory. Making it configurable and use lower value helps to enable features like CONFIG_PAGE_OWNER without any significant overhead. Change-Id: If6b64d4d4d42c763b00e2719fde5a25e94c10597 Signed-off-by: Yogesh Lal <ylal@codeaurora.org> |
||
|
Isaac J. Manjarres
|
47984a2cfd |
Merge remote-tracking branch 'remotes/origin/tmp-cb1f148' into msm-4.14
* remotes/origin/tmp-cb1f148: Linux 4.14.47 Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU" Revert "vti4: Don't override MTU passed on link creation via IFLA_MTU" Linux 4.14.46 Revert "perf record: Fix crash in pipe mode" tools: sync up .h files with the repective arch and uapi .h files perf tools: Add trace/beauty/generated/ into .gitignore Linux 4.14.45 drm/vmwgfx: Set dmabuf_size when vmw_dmabuf_init is successful kdb: make "mdr" command repeat pinctrl: mcp23s08: spi: Fix regmap debugfs entries pinctrl: msm: Use dynamic GPIO numbering regulator: of: Add a missing 'of_node_put()' in an error handling path of 'of_regulator_match()' ARM: dts: porter: Fix HDMI output routing ARM: dts: imx7d: cl-som-imx7: fix pinctrl_enet i40e: Add delay after EMP reset for firmware to recover regmap: Correct comparison in regmap_cached ARM: dts: at91: tse850: use the correct compatible for the eeprom drm: rcar-du: lvds: Fix LVDS startup on R-Car Gen2 drm: rcar-du: lvds: Fix LVDS startup on R-Car Gen3 netlabel: If PF_INET6, check sk_buff ip header version selftests/net: fixes psock_fanout eBPF test case perf tests: Fix dwarf unwind for stripped binaries perf report: Fix memory corruption in --branch-history mode --branch-history perf tests: Use arch__compare_symbol_names to compare symbols perf report: Fix wrong jump arrow perf test: Fix test case inet_pton to accept inlines. x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified drm/rockchip: Respect page offset for PRIME mmap calls MIPS: Octeon: Fix logging messages with spurious periods after newlines dpaa_eth: fix pause capability advertisement logic pinctrl: sh-pfc: r8a7796: Fix MOD_SEL register pin assignment for SSI pins group rcu: Call touch_nmi_watchdog() while printing stall warnings net: stmmac: call correct function in stmmac_mac_config_rx_queues_routing() audit: return on memory error to avoid null pointer dereference PCMCIA / PM: Avoid noirq suspend aborts during suspend-to-idle ARM: dts: bcm283x: Fix pin function of JTAG pins ARM: dts: bcm283x: Fix probing of bcm2835-i2s power: supply: ltc2941-battery-gauge: Fix temperature units sh_eth: fix TSU init on SH7734/R8A7740 ixgbe: prevent ptp_rx_hang from running when in FILTER_ALL mode udf: Provide saner default for invalid uid / gid PCI: Add function 1 DMA alias quirk for Marvell 88SE9220 dpaa_eth: fix SG mapping cpufreq: Reorder cpufreq_online() error code path net: stmmac: ensure that the MSS desc is the last desc to set the own bit net: stmmac: ensure that the device has released ownership before reading data drm/amdgpu: adjust timeout for ib_ring_tests(v2) drm/amdgpu: disable GFX ring and disable PQ wptr in hw_fini ARM: dts: dra71-evm: Correct evm_sd regulator max voltage drm: omapdrm: dss: Move initialization code from component bind to probe dmaengine: qcom: bam_dma: get num-channels and num-ees from dt vfio-ccw: fence off transport mode pinctrl: artpec6: dt: add missing pin group uart5nocts pinctrl: devicetree: Fix dt_to_map_one_config handling of hogs hwrng: stm32 - add reset during probe watchdog: asm9260_wdt: fix error handling in asm9260_wdt_probe() enic: enable rq before updating rq descriptors dmaengine: rcar-dmac: Check the done lists in rcar_dmac_chan_get_residue() dmaengine: pl330: fix a race condition in case of threaded irqs block: null_blk: fix 'Invalid parameters' when loading module tools: hv: fix compiler warnings about major/target_fname drm/bridge: sii902x: Retry status read after DDI I2C phy: qcom-qmp: Fix phy pipe clock gating ALSA: vmaster: Propagate slave error phy: rockchip-emmc: retry calpad busy trimming x86/devicetree: Fix device IRQ settings in DT x86/devicetree: Initialize device tree before using it gfs2: Fix fallocate chunk size soc: qcom: wcnss_ctrl: Fix increment in NV upload arm64: dts: qcom: Fix SPI5 config on MSM8996 perf/x86/intel: Fix event update for auto-reload perf/x86/intel: Fix large period handling on Broadwell CPUs efi/arm*: Only register page tables when they exist cdrom: do not call check_disk_change() inside cdrom_open() perf/x86/intel: Properly save/restore the PMU state in the NMI handler hwmon: (pmbus/adm1275) Accept negative page register values hwmon: (pmbus/max8688) Accept negative page register values drm/panel: simple: Fix the bus format for the Ontat panel perf/core: Fix perf_output_read_group() max17042: propagate of_node to power supply device perf/core: Fix installing cgroup events on CPU f2fs: fix to check extent cache in f2fs_drop_extent_tree f2fs: fix to clear CP_TRIMMED_FLAG f2fs: fix to set KEEP_SIZE bit in f2fs_zero_range cxl: Check if PSL data-cache is available before issue flush request powerpc/powernv/npu: Fix deadlock in mmio_invalidate() powerpc: Add missing prototype for arch_irq_work_raise() drm/meson: Fix an un-handled error path in 'meson_drv_bind_master()' drm/meson: Fix some error handling paths in 'meson_drv_bind_master()' ipmi_ssif: Fix kernel panic at msg_done_handler watchdog: aspeed: Fix translation of reset mode to ctrl register watchdog: dw: RMW the control register PCI: Restore config space on runtime resume despite being unbound MIPS: ath79: Fix AR724X_PLL_REG_PCIE_CONFIG offset net/smc: pay attention to MAX_ORDER for CQ entries spi: bcm-qspi: fIX some error handling paths regulator: gpio: Fix some error handling paths in 'gpio_regulator_probe()' coresight: Use %px to print pcsr instead of %p drm/amdkfd: add missing include of mm.h IB/core: Honor port_num while resolving GID for IB link layer perf stat: Fix core dump when flag T is used perf top: Fix top.call-graph config option reading KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use i2c: mv64xxx: Apply errata delay only in standard mode cxgb4: Fix queue free path of ULD drivers ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c ACPICA: Fix memory leak on unusual memory leak ACPICA: Events: add a return on failure from acpi_hw_register_read dt-bindings: add device tree binding for Allwinner H6 main CCU remoteproc: imx_rproc: Fix an error handling path in 'imx_rproc_probe()' bcache: quit dc->writeback_thread when BCACHE_DEV_DETACHING is set zorro: Set up z->dev.dma_mask for the DMA API IB/mlx5: Set the default active rate and width to QDR and 4X cpufreq: cppc_cpufreq: Fix cppc_cpufreq_init() failure path iommu/mediatek: Fix protect memory setting drm/vmwgfx: Unpin the screen object backup buffer when not used ext4: don't complain about incorrect features when probing arm: dts: socfpga: fix GIC PPI warning virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS watchdog: aspeed: Allow configuring for alternate boot ima: Fallback to the builtin hash algorithm ima: Fix Kconfig to select TPM 2.0 CRB interface cxgb4: Setup FW queues before registering netdev ath9k: fix crash in spectral scan nvme-pci: disable APST for Samsung NVMe SSD 960 EVO + ASUS PRIME Z370-A ath10k: Fix kernel panic while using worker (ath10k_sta_rc_update_wk) watchdog: davinci_wdt: fix error handling in davinci_wdt_probe() net/mlx5: Protect from command bit overflow selftests: Print the test we're running to /dev/kmsg tools/thermal: tmon: fix for segfault rsi: fix kernel panic observed on 64bit machine powerpc/perf: Fix kernel address leak via sampling registers powerpc/perf: Prevent kernel address leak to userspace via BHRB buffer hwmon: (nct6775) Fix writing pwmX_mode parisc/pci: Switch LBA PCI bus from Hard Fail to Soft Fail mode iwlwifi: mvm: check if mac80211_queue is valid in iwl_mvm_disable_txq m68k: set dma and coherent masks for platform FEC ethernets intel_th: Use correct method of finding hub iommu/amd: Take into account that alloc_dev_data() may return NULL ath10k: advertize beacon_int_min_gcd ieee802154: ca8210: fix uninitialised data read powerpc/mpic: Check if cpu_possible() in mpic_physmask() ACPI: acpi_pad: Fix memory leak in power saving threads drivers: macintosh: rack-meter: really fix bogus memsets xen/acpi: off by one in read_acpi_id() rxrpc: Don't treat call aborts as conn aborts rxrpc: Fix Tx ring annotation after initial Tx failure btrfs: qgroup: Fix root item corruption when multiple same source snapshots are created with quota enabled btrfs: fix lockdep splat in btrfs_alloc_subvolume_writers Btrfs: fix copy_items() return value when logging an inode btrfs: tests/qgroup: Fix wrong tree backref level powerpc/64s: sreset panic if there is no debugger or crash dump handlers net: bgmac: Correctly annotate register space net: bgmac: Fix endian access in bgmac_dma_tx_ring_free() sparc64: Make atomic_xchg() an inline function rather than a macro. fscache: Fix hanging wait on page discarded by writeback lan78xx: Connect phy early KVM: VMX: raise internal error for exception during invalid protected mode state x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of this_cpu_has() in build_cr3_noflush() sched/rt: Fix rq->clock_update_flags < RQCF_ACT_SKIP warning powerpc/64s/idle: Fix restore of AMOR on POWER9 after deep sleep ocfs2/dlm: don't handle migrate lockres if already in shutdown IB/rxe: Fix for oops in rxe_register_device on ppc64le arch btrfs: Fix possible softlock on single core machines Btrfs: fix NULL pointer dereference in log_dir_items Btrfs: bail out on error during replay_dir_deletes mm: thp: fix potential clearing to referenced flag in page_idle_clear_pte_refs_one() mm: fix races between address_space dereference and free in page_evicatable mm/ksm: fix interaction with THP ibmvnic: Zero used TX descriptor counter on reset dp83640: Ensure against premature access to PHY registers after reset perf clang: Add support for recent clang versions perf tools: Fix perf builds with clang support powerpc/fscr: Enable interrupts earlier before calling get_user() cpufreq: CPPC: Initialize shared perf capabilities of CPUs Force log to disk before reading the AGF during a fstrim sr: get/drop reference to device in revalidate and check_events z3fold: fix memory leak swap: divide-by-zero when zero length swap file on ssd fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init x86/pgtable: Don't set huge PUD/PMD on non-leaf entries Btrfs: fix loss of prealloc extents past i_size after fsync log replay Btrfs: clean up resources during umount after trans is aborted nvme: don't send keep-alives to the discovery controller firmware: dmi_scan: Fix UUID length safety check sh: fix debug trap failure to process signals before return to user net: mvneta: fix enable of all initialized RXQs vlan: Fix vlan insertion for packets without ethernet header net: Fix untag for vlan packets without ethernet header qede: Do not drop rx-checksum invalidated packets. hv_netvsc: enable multicast if necessary mm/kmemleak.c: wait for scan completion before disabling free mm/vmstat.c: fix vmstat_update() preemption BUG mm/page_owner: fix recursion bug after changing skip entries mm, slab: memcg_link the SLAB's kmem_cache qede: Fix barrier usage after tx doorbell write. builddeb: Fix header package regarding dtc source links llc: properly handle dev_queue_xmit() return value x86/alternatives: Fixup alternative_call_2 perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs net/mlx5: Make eswitch support to depend on switchdev net: dsa: mt7530: fix module autoloading for OF platform drivers bonding: fix the err path for dev hwaddr sync in bond_enslave net: qmi_wwan: add BroadMobi BM806U 2020:2033 lan78xx: Set ASD in MAC_CR when EEE is enabled. ARM: 8748/1: mm: Define vdso_start, vdso_end as array batman-adv: fix packet loss for broadcasted DHCP packets to a server batman-adv: fix multicast-via-unicast transmission with AP isolation drm/amdkfd: Fix scratch memory with HWS enabled selftests: ftrace: Add a testcase for probepoint selftests: ftrace: Add a testcase for string type with kprobe_event selftests: ftrace: Add probe event argument syntax testcase xfrm: Fix transport mode skb control buffer usage. mm, thp: do not cause memcg oom for thp mm/mempolicy.c: avoid use uninitialized preferred_node drm/ast: Fixed 1280x800 Display Issue net: dsa: Fix functional dsa-loop dependency on FIXED_PHY net/sched: fix idr leak in the error path of tcf_skbmod_init() net/sched: fix idr leak in the error path of __tcf_ipt_init() net/sched: fix idr leak in the error path of tcp_pedit_init() net/sched: fix idr leak in the error path of tcf_act_police_init() net/sched: fix idr leak in the error path of tcf_simp_init() net/sched: fix idr leak on the error path of tcf_bpf_init() RDMA/qedr: Fix QP state initialization race RDMA/qedr: Fix rc initialization on CNQ allocation failure RDMA/qedr: fix QP's ack timeout configuration RDMA/ucma: Correct option size check using optlen kbuild: make scripts/adjust_autoksyms.sh robust against timestamp races brcmfmac: Fix check for ISO3166 code perf/cgroup: Fix child event counting bug drm/tegra: Shutdown on driver unbind iwlwifi: mvm: fix array out of bounds reference iwlwifi: mvm: make sure internal station has a valid id iwlwifi: mvm: clear tx queue id when unreserving aggregation queue iwlwifi: mvm: Increase session protection time after CS vti6: Fix dev->max_mtu setting vti4: Don't override MTU passed on link creation via IFLA_MTU ip_tunnel: Clamp MTU to bounds on new link vti4: Don't count header length twice on tunnel setup batman-adv: Fix skbuff rcsum on packet reroute net/sched: fix NULL dereference in the error path of tcf_sample_init() batman-adv: fix header size check in batadv_dbg_arp() vlan: Fix out of order vlan headers with reorder header off net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off iwlwifi: mvm: fix error checking for multi/broadcast sta iwlwifi: mvm: Correctly set IGTK for AP iwlwifi: mvm: set the correct tid when we flush the MCAST sta xfrm: fix rcu_read_unlock usage in xfrm_local_error drm/nouveau/bl: fix backlight regression drm/imx: move arming of the vblank event to atomic_flush gpu: ipu-v3: prg: avoid possible array underflow KVM: arm/arm64: vgic: Add missing irq_lock to vgic_mmio_read_pending sunvnet: does not support GSO for sctp ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu workqueue: use put_device() instead of kfree() bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa(). can: m_can: select pinctrl state in each suspend/resume function can: m_can: change comparison to bitshift when dealing with a mask netfilter: ebtables: fix erroneous reject of last rule dmaengine: mv_xor_v2: Fix clock resource by adding a register clock lib/test_kmod.c: fix limit check on number of test devices created selftests/vm/run_vmtests: adjust hugetlb size according to nr_cpus arm64: Relax ARM_SMCCC_ARCH_WORKAROUND_1 discovery ARM: davinci: fix the GPIO lookup for omapl138-hawk hv_netvsc: fix locking during VF setup hv_netvsc: fix locking for rx_mode hv_netvsc: fix filter flags xen: xenbus: use put_device() instead of kfree() xen-blkfront: move negotiate_mq to cover all cases of new VBDs cxgb4: do not set needs_free_netdev for mgmt dev's IB/core: Fix possible crash to access NULL netdev net: smsc911x: Fix unload crash when link is up net: qcom/emac: Use proper free methods during TX qed: Free RoCE ILT Memory on rmmod qedr fsl/fman: avoid sleeping in atomic context while adding an address fbdev: Fixing arbitrary kernel leak in case FBIOGETCMAP_SPARC in sbusfb_ioctl_helper(). IB/mlx5: Fix an error code in __mlx5_ib_modify_qp() IB/mlx4: Include GID type when deleting GIDs from HW table under RoCE IB/mlx4: Fix corruption of RoCEv2 IPv4 GIDs RDMA/qedr: Fix iWARP write and send with immediate RDMA/qedr: Fix kernel panic when running fio over NFSoRDMA ia64/err-inject: Use get_user_pages_fast() e1000e: allocate ring descriptors with dma_zalloc_coherent e1000e: Fix check_for_link return value with autoneg off perf record: Fix crash in pipe mode ARM: dts: rockchip: Add missing #sound-dai-cells on rk3288 hv_netvsc: propagate rx filters to VF hv_netvsc: filter multicast/broadcast hv_netvsc: use napi_schedule_irqoff batman-adv: Fix multicast packet loss with a single WANT_ALL_IPV4/6 flag watchdog: sbsa: use 32-bit read for WCV watchdog: f71808e_wdt: Fix magic close handling rds: Incorrect reference counting in TCP socket creation iwlwifi: mvm: Correctly set the tid for mcast queue iwlwifi: mvm: Direct multicast frames to the correct station iwlwifi: mvm: fix "failed to remove key" message iwlwifi: avoid collecting firmware dump if not loaded iwlwifi: mvm: fix assert 0x2B00 on older FWs iwlwifi: mvm: Fix channel switch for count 0 and 1 iwlwifi: mvm: fix TX of CCMP 256 net: ethtool: don't ignore return from driver get_fecparam method selftests/powerpc: Skip the subpage_prot tests if the syscall is unavailable nvme: pci: pass max vectors as num_possible_cpus() to pci_alloc_irq_vectors nvme-pci: Fix EEH failure on ppc block: display the correct diskname for bio ceph: fix potential memory leak in init_caches() Btrfs: fix log replay failure after linking special file and fsync Btrfs: send, fix issuing write op when processing hole in no data mode btrfs: use kvzalloc to allocate btrfs_fs_info drm/sun4i: Fix dclk_set_phase arm64: dts: rockchip: Fix rk3399-gru-* s2r (pinctrl hogs, wifi reset) xfrm: Fix ESN sequence number handling for IPsec GSO packets. drm/amd/amdgpu: Correct VRAM width for APUs with GMC9 xen/pirq: fix error path cleanup when binding MSIs RDMA/bnxt_re: Fix the ib_reg failure cleanup RDMA/bnxt_re: Fix incorrect DB offset calculation RDMA/bnxt_re: Unconditionly fence non wire memory operations IB/mlx: Set slid to zero in Ethernet completion struct ipvs: remove IPS_NAT_MASK check to fix passive FTP ARC: setup cpu possible mask according to possible-cpus dts property ARC: mcip: update MCIP debug mask when the new cpu came online ARC: mcip: halt GFRC counter when ARC cores halt spectrum: Reference count VLAN entries mlxsw: spectrum: Treat IPv6 unregistered multicast as broadcast mlxsw: core: Fix flex keys scratchpad offset conflict net/smc: use link_id of server in confirm link reply nvmet: fix PSDT field check in command format net/tcp/illinois: replace broken algorithm reference link gianfar: Fix Rx byte accounting for ndev stats clocksource/drivers/mips-gic-timer: Use correct shift count to extract data powerpc/boot: Fix random libfdt related build errors ARM: dts: bcm283x: Fix unit address of local_intc ARM: dts: NSP: Fix amount of RAM on BCM958625HR nbd: fix return value in error handling path sit: fix IFLA_MTU ignored on NEWLINK ip6_tunnel: fix IFLA_MTU ignored on NEWLINK ip_gre: fix IFLA_MTU ignored on NEWLINK bcache: fix kcrashes with fio in RAID5 backend dev dmaengine: rcar-dmac: fix max_chunk_size for R-Car Gen3 virtio-gpu: fix ioctl and expose the fixed status to userspace. r8152: fix tx packets accounting selftests/futex: Fix line continuation in Makefile qrtr: add MODULE_ALIAS macro to smd ARM: orion5x: Revert commit 4904dbda41c8. xen/pvcalls: fix null pointer dereference on map->sock ceph: fix dentry leak when failing to init debugfs libceph, ceph: avoid memory leak when specifying same option several times clocksource/drivers/fsl_ftm_timer: Fix error return checking nvme-pci: Fix nvme queue cleanup if IRQ setup fails batman-adv: Fix netlink dumping of BLA backbones batman-adv: Fix netlink dumping of BLA claims batman-adv: Ignore invalid batadv_v_gw during netlink send batman-adv: Ignore invalid batadv_iv_gw during netlink send netfilter: ebtables: convert BUG_ONs to WARN_ONs netfilter: ipt_CLUSTERIP: put config instead of freeing it netfilter: ipt_CLUSTERIP: put config struct if we can't increment ct refcount batman-adv: invalidate checksum on fragment reassembly batman-adv: fix packet checksum in receive path md/raid1: fix NULL pointer dereference md: fix a potential deadlock of raid5/raid10 reshape fs: dcache: Use READ_ONCE when accessing i_dir_seq fs: dcache: Avoid livelock between d_alloc_parallel and __d_add ARM: dts: imx6dl: Include correct dtsi file for Engicam i.CoreM6 DualLite/Solo RQS kvm: fix warning for CONFIG_HAVE_KVM_EVENTFD builds KVM: nVMX: Don't halt vcpu when L1 is injecting events to L2 macvlan: fix use-after-free in macvlan_common_newlink() arm64: fix unwind_frame() for filtered out fn for function graph tracing mac80211: drop frames with unexpected DS bits from fast-rx to slow path x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations locking/xchg/alpha: Fix xchg() and cmpxchg() memory ordering bugs x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system integrity/security: fix digsig.c build error with header file regulatory: add NUL to request alpha2 smsc75xx: fix smsc75xx_set_features() ARM: OMAP: Fix dmtimer init for omap1 nfs: system crashes after NFS4ERR_MOVED recovery arm64: dts: cavium: fix PCI bus dtc warnings PKCS#7: fix direct verification of SignerInfo signature selftests/bpf/test_maps: exit child process without error in ENOMEM case s390/cio: clear timer when terminating driver I/O s390/cio: fix return code after missing interrupt s390/cio: fix ccw_device_start_timeout API powerpc/bpf/jit: Fix 32-bit JIT for seccomp_data access soc: imx: gpc: de-register power domains only if initialized seccomp: add a selftest for get_metadata selftests/memfd: add run_fuse_test.sh to TEST_FILES bug.h: work around GCC PR82365 in BUG() kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE virtio_net: fix XDP code path in receive_small() md: raid5: avoid string overflow warning locking/xchg/alpha: Add unconditional memory barrier to cmpxchg() net/mlx5e: Return error if prio is specified when offloading eswitch vlan push ibmvnic: Check for NULL skb's in NAPI poll routine RDMA/bnxt_re: Fix system crash during load/unload RDMA/bnxt_re: Unpin SQ and RQ memory if QP create fails arm64: perf: correct PMUVer probing drm/meson: fix vsync buffer update drm/exynos: fix comparison to bitshift when dealing with a mask drm/exynos: g2d: use monotonic timestamps md raid10: fix NULL deference in handle_write_completed() gpu: ipu-v3: prg: fix device node leak in ipu_prg_lookup_by_phandle gpu: ipu-v3: pre: fix device node leak in ipu_pre_lookup_by_phandle mac80211: Fix sending ADDBA response for an ongoing session mac80211: Do not disconnect on invalid operating class cfg80211: clear wep keys after disconnection mac80211: fix calling sleeping function in atomic context mac80211: fix a possible leak of station stats mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4 xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos s390/dasd: fix handling of internal requests md: fix md_write_start() deadlock w/o metadata devices MD: Free bioset when md_run fails rxrpc: Work around usercopy check NFC: llcp: Limit size of SDP URI iwlwifi: mvm: always init rs with 20mhz bandwidth rates iwlwifi: mvm: fix IBSS for devices that support station type API iwlwifi: mvm: fix security bug in PN checking ARM: dts: rockchip: Fix DWMMC clocks arm64: dts: rockchip: Fix DWMMC clocks IB/uverbs: Fix unbalanced unlock on error path for rdma_explicit_destroy IB/uverbs: Fix possible oops with duplicate ioctl attributes IB/uverbs: Fix method merging in uverbs_ioctl_merge xhci: workaround for AMD Promontory disabled ports wakeup tls: retrun the correct IV in getsockopt ibmvnic: Clean RX pool buffers during device close ibmvnic: Free RX socket buffer in case of adapter error ibmvnic: Wait until reset is complete to set carrier on ARM: OMAP1: clock: Fix debugfs_create_*() usage ARM: OMAP2+: Fix sar_base inititalization for HS omaps ARM: OMAP3: Fix prm wake interrupt for resume ARM: OMAP2+: timer: fix a kmemleak caused in omap_get_timer_dt selftests: memfd: add config fragment for fuse selftests: pstore: Adding config fragment CONFIG_PSTORE_RAM=m selftest/vDSO: fix O= selftests: sync: missing CFLAGS while compiling libata: Fix compile warning with ATA_DEBUG enabled arm64: dts: rockchip: correct ep-gpios for rk3399-sapphire arm64: dts: rockchip: fix rock64 gmac2io stability issues ptr_ring: prevent integer overflow when calculating size ARC: Fix malformed ARC_EMUL_UNALIGNED default mac80211: mesh: fix wrong mesh TTL offset calculation MIPS: generic: Fix machine compatible matching powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit powerpc/64s: Fix section mismatch warnings from setup_rfi_flush() powerpc/pseries: Restore default security feature flags on setup powerpc: Move default security feature flags powerpc/pseries: Fix clearing of security feature flags powerpc/64s: Wire up cpu_show_spectre_v2() powerpc/64s: Wire up cpu_show_spectre_v1() powerpc/pseries: Use the security flags in pseries_setup_rfi_flush() powerpc/powernv: Use the security flags in pnv_setup_rfi_flush() powerpc/64s: Enhance the information in cpu_show_meltdown() powerpc/64s: Move cpu_show_meltdown() powerpc/powernv: Set or clear security feature flags powerpc/pseries: Set or clear security feature flags powerpc: Add security feature flags for Spectre/Meltdown powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags powerpc/rfi-flush: Call setup_rfi_flush() after LPM migration powerpc/rfi-flush: Differentiate enabled and patched flush types powerpc/rfi-flush: Always enable fallback flush on pseries powerpc/rfi-flush: Make it possible to call setup_rfi_flush() again powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code powerpc/powernv: Support firmware disable of RFI flush powerpc/pseries: Support firmware disable of RFI flush powerpc/64s: Improve RFI L1-D cache flush fallback x86/kvm: fix LAPIC timer drift when guest uses periodic mode kvm: x86: IA32_ARCH_CAPABILITIES is always supported KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed KVM: s390: vsie: fix < 8k check for the itdba KVM/VMX: Expose SSBD properly to guests kernel/sys.c: fix potential Spectre v1 issue kasan: fix memory hotplug during boot kasan: free allocated shadow memory on MEM_CANCEL_ONLINE mm/kasan: don't vfree() nonexistent vm_area ipc/shm: fix shmat() nil address after round-down when remapping Revert "ipc/shm: Fix shmat mmap nil-page protection" idr: fix invalid ptr dereference on item delete sr: pass down correctly sized SCSI sense buffer IB/umem: Use the correct mm during ib_umem_release IB/hfi1: Use after free race condition in send context error path powerpc/64s: Clear PCR on boot arm64: lse: Add early clobbers to some input/output asm operands drm/vmwgfx: Fix 32-bit VMW_PORT_HB_[IN|OUT] macros xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent libata: blacklist Micron 500IT SSD with MU01 firmware libata: Blacklist some Sandisk SSDs for NCQ mmc: sdhci-iproc: add SDHCI_QUIRK2_HOST_OFF_CARD_ON for cygnus mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register mmc: sdhci-iproc: remove hard coded mmc cap 1.8v do d_instantiate/unlock_new_inode combinations safely ALSA: timer: Fix pause event notification aio: fix io_destroy(2) vs. lookup_ioctx() race fs: don't scan the inode cache before SB_BORN is set affs_lookup(): close a race with affs_remove_link() KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable" MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs MIPS: ptrace: Expose FIR register through FP regset MIPS: c-r4k: Fix data corruption related to cache coherence UPSTREAM: sched/fair: Consider RT/IRQ pressure in capacity_spare_wake BACKPORT, FROMLIST: fscrypt: add Speck128/256 support Change-Id: I64e5327b80b23c1ef79abed4b67bdb6a5684ec43 Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
Luis R. Rodriguez
|
e2d9442dfe |
lib/test_kmod.c: fix limit check on number of test devices created
[ Upstream commit ac68b1b3b9c73e652dc7ce0585672e23c5a2dca4 ] As reported by Dan the parentheses is in the wrong place, and since unlikely() call returns either 0 or 1 it's never less than zero. The second issue is that signed integer overflows like "INT_MAX + 1" are undefined behavior. Since num_test_devs represents the number of devices, we want to stop prior to hitting the max, and not rely on the wrap arround at all. So just cap at num_test_devs + 1, prior to assigning a new device. Link: http://lkml.kernel.org/r/20180224030046.24238-1-mcgrof@kernel.org Fixes: d9c6a72d6fa2 ("kmod: add test driver to stress test the module loader") Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Luis R. Rodriguez <mcgrof@kernel.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
Matthew Wilcox
|
0472f94cef |
idr: fix invalid ptr dereference on item delete
commit 7a4deea1aa8bddfed4ef1b35fc2b6732563d8ad5 upstream. If the radix tree underlying the IDR happens to be full and we attempt to remove an id which is larger than any id in the IDR, we will call __radix_tree_delete() with an uninitialised 'slot' pointer, at which point anything could happen. This was easiest to hit with a single entry at id 0 and attempting to remove a non-0 id, but it could have happened with 64 entries and attempting to remove an id >= 64. Roman said: The syzcaller test boils down to opening /dev/kvm, creating an eventfd, and calling a couple of KVM ioctls. None of this requires superuser. And the result is dereferencing an uninitialized pointer which is likely a crash. The specific path caught by syzbot is via KVM_HYPERV_EVENTD ioctl which is new in 4.17. But I guess there are other user-triggerable paths, so cc:stable is probably justified. Matthew added: We have around 250 calls to idr_remove() in the kernel today. Many of them pass an ID which is embedded in the object they're removing, so they're safe. Picking a few likely candidates: drivers/firewire/core-cdev.c looks unsafe; the ID comes from an ioctl. drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c is similar drivers/atm/nicstar.c could be taken down by a handcrafted packet Link: http://lkml.kernel.org/r/20180518175025.GD6361@bombadil.infradead.org Fixes: 0a835c4f090a ("Reimplement IDR and IDA using the radix tree") Reported-by: <syzbot+35666cba7f0a337e2e79@syzkaller.appspotmail.com> Debugged-by: Roman Kagan <rkagan@virtuozzo.com> Signed-off-by: Matthew Wilcox <mawilcox@microsoft.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Blagovest Kolenichev
|
0e1a219e24 |
Merge android-4.14.43 (4c9e0a9) into msm-4.14
* refs/heads/tmp-4c9e0a9
Linux 4.14.43
x86/bugs: Rename SSBD_NO to SSB_NO
KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD
x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG
x86/bugs: Rework spec_ctrl base and mask logic
x86/bugs: Remove x86_spec_ctrl_set()
x86/bugs: Expose x86_spec_ctrl_base directly
x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host}
x86/speculation: Rework speculative_store_bypass_update()
x86/speculation: Add virtualized speculative store bypass disable support
x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL
x86/speculation: Handle HT correctly on AMD
x86/cpufeatures: Add FEATURE_ZEN
x86/cpufeatures: Disentangle SSBD enumeration
x86/cpufeatures: Disentangle MSR_SPEC_CTRL enumeration from IBRS
x86/speculation: Use synthetic bits for IBRS/IBPB/STIBP
KVM: SVM: Move spec control call after restore of GS
x86/cpu: Make alternative_msr_write work for 32-bit code
x86/bugs: Fix the parameters alignment and missing void
x86/bugs: Make cpu_show_common() static
x86/bugs: Fix __ssb_select_mitigation() return type
Documentation/spec_ctrl: Do some minor cleanups
proc: Use underscores for SSBD in 'status'
x86/bugs: Rename _RDS to _SSBD
x86/speculation: Make "seccomp" the default mode for Speculative Store Bypass
seccomp: Move speculation migitation control to arch code
seccomp: Add filter flag to opt-out of SSB mitigation
seccomp: Use PR_SPEC_FORCE_DISABLE
prctl: Add force disable speculation
x86/bugs: Make boot modes __ro_after_init
seccomp: Enable speculation flaw mitigations
proc: Provide details on speculation flaw mitigations
nospec: Allow getting/setting on non-current task
x86/speculation: Add prctl for Speculative Store Bypass mitigation
x86/process: Allow runtime control of Speculative Store Bypass
prctl: Add speculation control prctls
x86/speculation: Create spec-ctrl.h to avoid include hell
x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
x86/bugs: Whitelist allowed SPEC_CTRL MSR values
x86/bugs/intel: Set proper CPU features and setup RDS
x86/bugs: Provide boot parameters for the spec_store_bypass_disable mitigation
x86/cpufeatures: Add X86_FEATURE_RDS
x86/bugs: Expose /sys/../spec_store_bypass
x86/bugs, KVM: Support the combination of guest and host IBRS
x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
x86/bugs: Concentrate bug reporting into a separate function
x86/bugs: Concentrate bug detection into a separate function
x86/nospec: Simplify alternative_msr_write()
btrfs: fix reading stale metadata blocks after degraded raid1 mounts
btrfs: Fix delalloc inodes invalidation during transaction abort
btrfs: Split btrfs_del_delalloc_inode into 2 functions
btrfs: fix crash when trying to resume balance without the resume flag
btrfs: property: Set incompat flag if lzo/zstd compression is set
Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting
Btrfs: fix xattr loss after power failure
ARM: 8772/1: kprobes: Prohibit kprobes on get_user functions
ARM: 8770/1: kprobes: Prohibit probing on optimized_callback
ARM: 8769/1: kprobes: Fix to use get_kprobe_ctlblk after irq-disabed
tick/broadcast: Use for_each_cpu() specially on UP kernels
x86/mm: Drop TS_COMPAT on 64-bit exec() syscall
ARM: 8771/1: kprobes: Prohibit kprobes on do_undefinstr
efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode
x86/pkeys: Do not special case protection key 0
x86/pkeys: Override pkey when moving away from PROT_EXEC
s390: remove indirect branch from do_softirq_own_stack
s390/qdio: don't release memory in qdio_setup_irq()
s390/cpum_sf: ensure sample frequency of perf event attributes is non-zero
s390/qdio: fix access to uninitialized qdio_q fields
drm/i915/gen9: Add WaClearHIZ_WM_CHICKEN3 for bxt and glk
mm: don't allow deferred pages with NEED_PER_CPU_KM
radix tree: fix multi-order iteration race
lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly
drm: Match sysfs name in link removal to link creation
powerpc/powernv: Fix NVRAM sleep in invalid context when crashing
i2c: designware: fix poll-after-enable regression
netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}
netfilter: nf_tables: can't fail after linking rule into active rule list
netfilter: nf_tables: free set name in error path
tee: shm: fix use-after-free via temporarily dropped reference
tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all}
vfio: ccw: fix cleanup if cp_prefetch fails
powerpc: Don't preempt_disable() in show_cpuinfo()
KVM: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock
KVM: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls
spi: bcm-qspi: Always read and set BSPI_MAST_N_BOOT_CTRL
spi: bcm-qspi: Avoid setting MSPI_CDRAM_PCS for spi-nor master
spi: pxa2xx: Allow 64-bit DMA
ALSA: control: fix a redundant-copy issue
ALSA: hda: Add Lenovo C50 All in one to the power_save blacklist
ALSA: usb: mixer: volume quirk for CM102-A+/102S+
usbip: usbip_host: fix bad unlock balance during stub_probe()
usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
usbip: usbip_host: run rebind from exit when module is removed
usbip: usbip_host: delete device from busid_table after rebind
usbip: usbip_host: refine probe and disconnect debug msgs to be useful
Linux 4.14.42
proc: do not access cmdline nor environ from file-backed areas
l2tp: revert "l2tp: fix missing print session offset info"
xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM)
btrfs: Take trans lock before access running trans in check_delayed_ref
xfrm: Use __skb_queue_tail in xfrm_trans_queue
scsi: aacraid: Correct hba_send to include iu_type
udp: fix SO_BINDTODEVICE
nsh: fix infinite loop
net/mlx5e: Allow offloading ipv4 header re-write for icmp
ipv6: fix uninit-value in ip6_multipath_l3_keys()
hv_netvsc: set master device
net/mlx5: Avoid cleaning flow steering table twice during error flow
net/mlx5e: TX, Use correct counter in dma_map error flow
net: sched: fix error path in tcf_proto_create() when modules are not configured
bonding: send learning packets for vlans on slave
bonding: do not allow rlb updates to invalid mac
tg3: Fix vunmap() BUG_ON() triggered from tg3_free_consistent().
tcp: ignore Fast Open on repair mode
tcp_bbr: fix to zero idle_restart only upon S/ACKed data
sctp: use the old asoc when making the cookie-ack chunk in dupcook_d
sctp: remove sctp_chunk_put from fail_mark err path in sctp_ulpevent_make_rcvmsg
sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
sctp: fix the issue that the cookie-ack with auth can't get processed
sctp: delay the authentication for the duplicated cookie-echo chunk
rds: do not leak kernel memory to user land
r8169: fix powering up RTL8168h
qmi_wwan: do not steal interfaces from class drivers
openvswitch: Don't swap table in nlattr_set() after OVS_ATTR_NESTED is found
net/tls: Fix connection stall on partial tls record
net/tls: Don't recursively call push_record during tls_write_space callbacks
net: support compat 64-bit time in {s,g}etsockopt
net_sched: fq: take care of throttled flows before reuse
net sched actions: fix refcnt leak in skbmod
net/mlx5: E-Switch, Include VF RDMA stats in vport statistics
net/mlx5e: Err if asked to offload TC match on frag being first
net/mlx4_en: Verify coalescing parameters are in range
net/mlx4_en: Fix an error handling path in 'mlx4_en_init_netdev()'
net: ethernet: ti: cpsw: fix packet leaking in dual_mac mode
net: ethernet: sun: niu set correct packet size in skb
llc: better deal with too small mtu
ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg
ipv4: fix fnhe usage by non-cached routes
dccp: fix tasklet usage
bridge: check iface upper dev when setting master via ioctl
8139too: Use disable_irq_nosync() in rtl8139_poll_controller()
ANDROID: sdcardfs: Don't d_drop in d_revalidate
FROMLIST: brcmfmac: fix initialization of struct cfg80211_inform_bss variable
FROMLIST: brcmfmac: reports boottime_ns while informing bss
Change-Id: I43c27b71b153a2a87070de3ea393002769856960
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
Ross Zwisler
|
572e2385ae |
radix tree: fix multi-order iteration race
commit 9f418224e8114156d995b98fa4e0f4fd21f685fe upstream.
Fix a race in the multi-order iteration code which causes the kernel to
hit a GP fault. This was first seen with a production v4.15 based
kernel (4.15.6-300.fc27.x86_64) utilizing a DAX workload which used
order 9 PMD DAX entries.
The race has to do with how we tear down multi-order sibling entries
when we are removing an item from the tree. Remember for example that
an order 2 entry looks like this:
struct radix_tree_node.slots[] = [entry][sibling][sibling][sibling]
where 'entry' is in some slot in the struct radix_tree_node, and the
three slots following 'entry' contain sibling pointers which point back
to 'entry.'
When we delete 'entry' from the tree, we call :
radix_tree_delete()
radix_tree_delete_item()
__radix_tree_delete()
replace_slot()
replace_slot() first removes the siblings in order from the first to the
last, then at then replaces 'entry' with NULL. This means that for a
brief period of time we end up with one or more of the siblings removed,
so:
struct radix_tree_node.slots[] = [entry][NULL][sibling][sibling]
This causes an issue if you have a reader iterating over the slots in
the tree via radix_tree_for_each_slot() while only under
rcu_read_lock()/rcu_read_unlock() protection. This is a common case in
mm/filemap.c.
The issue is that when __radix_tree_next_slot() => skip_siblings() tries
to skip over the sibling entries in the slots, it currently does so with
an exact match on the slot directly preceding our current slot.
Normally this works:
V preceding slot
struct radix_tree_node.slots[] = [entry][sibling][sibling][sibling]
^ current slot
This lets you find the first sibling, and you skip them all in order.
But in the case where one of the siblings is NULL, that slot is skipped
and then our sibling detection is interrupted:
V preceding slot
struct radix_tree_node.slots[] = [entry][NULL][sibling][sibling]
^ current slot
This means that the sibling pointers aren't recognized since they point
all the way back to 'entry', so we think that they are normal internal
radix tree pointers. This causes us to think we need to walk down to a
struct radix_tree_node starting at the address of 'entry'.
In a real running kernel this will crash the thread with a GP fault when
you try and dereference the slots in your broken node starting at
'entry'.
We fix this race by fixing the way that skip_siblings() detects sibling
nodes. Instead of testing against the preceding slot we instead look
for siblings via is_sibling_entry() which compares against the position
of the struct radix_tree_node.slots[] array. This ensures that sibling
entries are properly identified, even if they are no longer contiguous
with the 'entry' they point to.
Link: http://lkml.kernel.org/r/20180503192430.7582-6-ross.zwisler@linux.intel.com
Fixes: 148deab223b2 ("radix-tree: improve multiorder iterators")
Signed-off-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Reported-by: CR, Sapthagirish <sapthagirish.cr@intel.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Chinner <david@fromorbit.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Matthew Wilcox
|
f6c0f020ee |
lib/test_bitmap.c: fix bitmap optimisation tests to report errors correctly
commit 1e3054b98c5415d5cb5f8824fc33b548ae5644c3 upstream. I had neglected to increment the error counter when the tests failed, which made the tests noisy when they fail, but not actually return an error code. Link: http://lkml.kernel.org/r/20180509114328.9887-1-mpe@ellerman.id.au Fixes: 3cc78125a081 ("lib/test_bitmap.c: add optimisation tests") Signed-off-by: Matthew Wilcox <mawilcox@microsoft.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Reported-by: Michael Ellerman <mpe@ellerman.id.au> Tested-by: Michael Ellerman <mpe@ellerman.id.au> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: Yury Norov <ynorov@caviumnetworks.com> Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Cc: Geert Uytterhoeven <geert@linux-m68k.org> Cc: <stable@vger.kernel.org> [4.13+] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Blagovest Kolenichev
|
f4d73128a3 |
Merge android-4.14.41 (04f740d) into msm-4.14
* refs/heads/tmp-04f740d Linux 4.14.41 KVM: x86: remove APIC Timer periodic/oneshot spikes KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() perf/core: Fix possible Spectre-v1 indexing for ->aux_pages[] perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* tracing/uprobe_event: Fix strncpy corner case sched/autogroup: Fix possible Spectre-v1 indexing for sched_prio_to_weight[] smb3: directory sync should not return an error nvme: add quirk to force medium priority for SQ creation thermal: exynos: Propagate error value from tmu_read() thermal: exynos: Reading temperature makes sense only when TMU is turned on Bluetooth: btusb: Only check needs_reset_resume DMI table for QCA rome chipsets Bluetooth: btusb: Add Dell XPS 13 9360 to btusb_needs_reset_resume_table Revert "Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174" cpufreq: schedutil: Avoid using invalid next_freq PCI / PM: Check device_may_wakeup() in pci_enable_wake() PCI / PM: Always check PME wakeup capability for runtime wakeup support atm: zatm: Fix potential Spectre v1 net: atm: Fix potential Spectre v1 drm/atomic: Clean private obj old_state/new_state in drm_atomic_state_default_clear() drm/atomic: Clean old_state/new_state in drm_atomic_state_default_clear() drm/nouveau: Fix deadlock in nv50_mstm_register_connector() drm/i915: Fix drm:intel_enable_lvds ERROR message in kernel log drm/vc4: Fix scaling of uni-planar formats can: hi311x: Work around TX complete interrupt erratum can: hi311x: Acquire SPI lock on ->do_get_berr_counter can: kvaser_usb: Increase correct stats counter in kvaser_usb_rx_can_msg() ceph: fix rsize/wsize capping in ceph_direct_read_write() mm, oom: fix concurrent munlock and oom reaper unmap, v3 mm: sections are not offlined during memory hotremove z3fold: fix reclaim lock-ups tracing: Fix regex_match_front() to not over compare the test string dm integrity: use kvfree for kvmalloc'd memory libata: Apply NOLPM quirk for SanDisk SD7UB3Q*G1001 SSDs rfkill: gpio: fix memory leak in probe error path gpio: fix error path in lineevent_create gpio: fix aspeed_gpio unmask irq gpioib: do not free unrequested descriptors compat: fix 4-byte infoleak via uninitialized struct field arm64: Add work around for Arm Cortex-A55 Erratum 1024718 KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing KVM: PPC: Book3S HV: Fix guest time accounting with VIRT_CPU_ACCOUNTING_GEN KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry bdi: Fix oops in wb_workfn() bdi: wake up concurrent wb_shutdown() callers. tcp: fix TCP_REPAIR_QUEUE bound checking perf: Remove superfluous allocation error check memcg: fix per_node_info cleanup inetpeer: fix uninit-value in inet_getpeer soreuseport: initialise timewait reuseport field ipv4: fix uninit-value in ip_route_output_key_hash_rcu() dccp: initialize ireq->ir_mark net: fix uninit-value in __hw_addr_add_ex() net: initialize skb->peeked when cloning net: fix rtnh_ok() netlink: fix uninit-value in netlink_sendmsg crypto: af_alg - fix possible uninit-value in alg_bind() kcm: Call strp_stop before strp_done in kcm_attach netfilter: ebtables: don't attempt to allocate 0-sized compat array ipvs: fix rtnl_lock lockups caused by start_sync_thread ANDROID: goldfish: drop CONFIG_INPUT_KEYCHORD Linux 4.14.40 tracing: Fix bad use of igrab in trace_uprobe.c irqchip/qcom: Fix check for spurious interrupts platform/x86: asus-wireless: Fix NULL pointer dereference usb: musb: trace: fix NULL pointer dereference in musb_g_tx() usb: musb: host: fix potential NULL pointer dereference USB: serial: option: adding support for ublox R410M USB: serial: option: reimplement interface masking USB: Accept bulk endpoints with 1024-byte maxpacket usb: dwc3: gadget: Fix list_del corruption in dwc3_ep_dequeue USB: serial: visor: handle potential invalid device configuration errseq: Always report a writeback error once test_firmware: fix setting old custom fw path back on exit, second try drm/bridge: vga-dac: Fix edid memory leak drm/vmwgfx: Fix a buffer object leak iw_cxgb4: Atomically flush per QP HW CQEs IB/hfi1: Fix NULL pointer dereference when invalid num_vls is used IB/hfi1: Fix loss of BECN with AHG IB/hfi1: Fix handling of FECN marked multicast packet IB/mlx5: Use unlimited rate when static rate is not supported NET: usb: qmi_wwan: add support for ublox R410M PID 0x90b2 RDMA/mlx5: Protect from shift operand overflow RDMA/mlx5: Fix multiple NULL-ptr deref errors in rereg_mr flow RDMA/ucma: Allow resolving address w/o specifying source address RDMA/cxgb4: release hw resources on device removal xfs: prevent creating negative-sized file via INSERT_RANGE rtlwifi: cleanup 8723be ant_sel definition rtlwifi: btcoex: Add power_on_setting routine Input: atmel_mxt_ts - add touchpad button mapping for Samsung Chromebook Pro Input: leds - fix out of bound access scsi: target: Fix fortify_panic kernel exception tracepoint: Do not warn on ENOMEM ALSA: aloop: Add missing cable lock to ctl API callbacks ALSA: aloop: Mark paused device as inactive ALSA: dice: fix kernel NULL pointer dereference due to invalid calculation for array index ALSA: seq: Fix races at MIDI encoding in snd_virmidi_output_trigger() ALSA: pcm: Check PCM state at xfern compat ioctl ALSA: hda - Fix incorrect usage of IS_REACHABLE() USB: serial: option: Add support for Quectel EP06 ACPI / button: make module loadable when booted in non-ACPI mode crypto: talitos - fix IPsec cipher in length percpu: include linux/sched.h for cond_resched() net: don't call update_pmtu unconditionally geneve: update skb dst pmtu on tx path UPSTREAM: f2fs: avoid fsync() failure caused by EAGAIN in writepage() UPSTREAM: f2fs: clear PageError on writepage - part 2 ANDROID: build.config: enforce trace_printk check FROMLIST: staging: Fix sparse warnings in vsoc driver. FROMLIST: staging: vsoc: Fix a i386-randconfig warning. FROMLIST: staging: vsoc: Create wc kernel mapping for region shm. Change-Id: I697004775203b8bb5cace4fdf7e6489cfd32b54b Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
|
Isaac J. Manjarres
|
7b6565dbcb |
lib: refcount: Cause kernel panic on refcount error detection
Currently, when using the refcount API functions, a warning is printed out once to let a user of the refcount API know that an error case has been detected. Then the refcount functions will silently return, without modifying the reference count, which could be mistaken for a successful modification. This can allow for improper use of the object associated with that refcount later. Trigger a kernel panic in case of refcount error detection to prevent misuse of objects associated with refcounts. Change-Id: Ifb6a331d08a7d6c285225bc9667d2f4054db3561 Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
Matthew Wilcox
|
0799a0ea96 |
errseq: Always report a writeback error once
commit b4678df184b314a2bd47d2329feca2c2534aa12b upstream. The errseq_t infrastructure assumes that errors which occurred before the file descriptor was opened are of no interest to the application. This turns out to be a regression for some applications, notably Postgres. Before errseq_t, a writeback error would be reported exactly once (as long as the inode remained in memory), so Postgres could open a file, call fsync() and find out whether there had been a writeback error on that file from another process. This patch changes the errseq infrastructure to report errors to all file descriptors which are opened after the error occurred, but before it was reported to any file descriptor. This restores the user-visible behaviour. Cc: stable@vger.kernel.org Fixes: 5660e13d2fd6 ("fs: new infrastructure for writeback error handling and reporting") Signed-off-by: Matthew Wilcox <mawilcox@microsoft.com> Reviewed-by: Jeff Layton <jlayton@kernel.org> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
qctecmdr Service
|
8d86cfc2f3 | Merge "Merge remote-tracking branch 'remotes/origin/tmp-c50e5cb' into msm-4.14" | ||
|
Isaac J. Manjarres
|
8cfb73341f |
Merge remote-tracking branch 'remotes/origin/tmp-c50e5cb' into msm-4.14
* remotes/origin/tmp-c50e5cb:
Linux 4.14.39
powerpc/eeh: Fix race with driver un/bind
arm/arm64: KVM: Add PSCI version selection API
tick/sched: Do not mess with an enqueued hrtimer
x86/microcode: Do not exit early from __reload_late()
x86/microcode/intel: Save microcode patch unconditionally
x86/smpboot: Don't use mwait_play_dead() on AMD systems
x86/ipc: Fix x32 version of shmid64_ds and msqid64_ds
tools/lib/subcmd/pager.c: do not alias select() params
objtool, perf: Fix GCC 8 -Wrestrict error
drm/i915: Enable display WA#1183 from its correct spot
drm/amdgpu: set COMPUTE_PGM_RSRC1 for SGPR/VGPR clearing shaders
rtc: opal: Fix OPAL RTC driver OPAL_BUSY loops
cpufreq: powernv: Fix hardlockup due to synchronous smp_call in timer interrupt
earlycon: Use a pointer table to fix __earlycon_table stride
fpga-manager: altera-ps-spi: preserve nCONFIG state
libceph: validate con->state at the top of try_write()
libceph: reschedule a tick in finish_hunting()
libceph: un-backoff on tick when we have a authenticated session
ASoC: fsl_esai: Fix divisor calculation failure at lower ratio
crypto: drbg - set freed buffers to NULL
powerpc/powernv/npu: Do a PID GPU TLB flush when invalidating a large address range
powerpc/mm: Flush cache on memory hot(un)plug
KVM: arm/arm64: Close VMID generation race
ARM: socfpga_defconfig: Remove QSPI Sector 4K size force
ARM: amba: Don't read past the end of sysfs "driver_override" buffer
ARM: amba: Fix race condition with driver_override
ARM: amba: Make driver_override output consistent with other buses
PCI: aardvark: Fix PCIe Max Read Request Size setting
PCI: aardvark: Use ISR1 instead of ISR0 interrupt in legacy irq mode
PCI: aardvark: Set PIO_ADDR_LS correctly in advk_pcie_rd_conf()
PCI: aardvark: Fix logic in advk_pcie_{rd,wr}_conf()
ANDROID: binder: prevent transactions into own process.
vfio: ccw: process ssch with interrupts disabled
bfq-iosched: ensure to clear bic/bfqq pointers when preparing request
scsi: sd: Defer spinning up drive while SANITIZE is in progress
kobject: don't use WARN for registration failures
mtd: rawnand: tango: Fix struct clk memory leak
mtd: cfi: cmdset_0002: Do not allow read/write to suspend erase block.
mtd: cfi: cmdset_0001: Workaround Micron Erase suspend bug.
mtd: cfi: cmdset_0001: Do not allow read/write to suspend erase block.
mtd: spi-nor: cadence-quadspi: Fix page fault kernel panic
ALSA: hda/realtek - change the location for one of two front mics
ALSA: hda/realtek - Update ALC255 depop optimize
ALSA: hda/realtek - Add some fixes for ALC233
ALSA: hda: Hardening for potential Spectre v1
ALSA: seq: oss: Hardening for potential Spectre v1
ALSA: seq: oss: Fix unbalanced use lock for synth MIDI device
ALSA: core: Report audio_tstamp in snd_pcm_sync_ptr
ALSA: pcm: Return negative delays from SNDRV_PCM_IOCTL_DELAY.
ALSA: control: Hardening for potential Spectre v1
ALSA: rme9652: Hardening for potential Spectre v1
ALSA: hdspm: Hardening for potential Spectre v1
ALSA: asihpi: Hardening for potential Spectre v1
ALSA: opl3: Hardening for potential Spectre v1
ALSA: hda - Skip jack and others for non-existing PCM streams
ALSA: dice: fix error path to destroy initialized stream data
ALSA: dice: fix OUI for TC group
tty: Use __GFP_NOFAIL for tty_ldisc_get()
tty: Avoid possible error pointer dereference at tty_ldisc_restore().
tty: n_gsm: Fix DLCI handling for ADM mode if debug & 2 is not set
tty: n_gsm: Fix long delays with control frame timeouts in ADM mode
tty: Don't call panic() at tty_ldisc_init()
drm/virtio: fix vq wait_event condition
virtio_console: reset on out of memory
virtio_console: move removal code
virtio_console: drop custom control queue cleanup
virtio_console: free buffers after reset
virtio_console: don't tie bufs to a vq
virtio: add ability to iterate over vqs
ALSA: usb-audio: Skip broken EU on Dell dock USB-audio
USB: Increment wakeup count on remote wakeup.
usb: core: Add quirk for HP v222w 16GB Mini
usb: typec: ucsi: Increase command completion timeout value
USB: serial: cp210x: add ID for NI USB serial console
USB: serial: ftdi_sio: use jtag quirk for Arrow USB Blaster
USB: serial: simple: add libtransistor console
xhci: Fix USB ports for Dell Inspiron 5775
Revert "xhci: plat: Register shutdown for xhci_plat"
usbip: vhci_hcd: check rhport before using in vhci_hub_control()
usbip: vhci_hcd: Fix usb device and sockfd leaks
usbip: usbip_host: fix to hold parent lock for device_attach() calls
usbip: usbip_event: fix to not print kernel pointer address
random: rate limit unseeded randomness warnings
random: fix possible sleeping allocation from irq context
random: set up the NUMA crng instances after the CRNG is fully initialized
ext4: fix bitmap position validation
ext4: add validity checks for bitmap block numbers
ext4: add MODULE_SOFTDEP to ensure crc32c is included in the initramfs
ext4: set h_journal if there is a failure starting a reserved handle
ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
cfi: print target address on failure
Change-Id: I9a3d0c10b1a2d2c28872401cb656d490604352a7
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
Matt Wagantall
|
6499baf92d |
exit: Add PANIC_ON_RECURSIVE_FAULT Kconfig option
If a recursive fault is detected during do_exit(), tasks are left to sit and wait in an un-interruptible sleep until the system reboots (typically manually). Add Kconfig option to change this behaviour and force a panic. This is particularly important if a critical system task encounters a recursive fault (ex. a kworker). Otherwise, the system may be unusable, but since the scheduler is still running system watchdogs may continue to be pet. Change-Id: Ifc26fc79d6066f05a3b2c4d27f78bf4f8d2bd640 Signed-off-by: Matt Wagantall <mattw@codeaurora.org> |
||
Dmitry Vyukov
|
a5f4276787 |
kobject: don't use WARN for registration failures
commit 3e14c6abbfb5c94506edda9d8e2c145d79375798 upstream. This WARNING proved to be noisy. The function still returns an error and callers should handle it. That's how most of kernel code works. Downgrade the WARNING to pr_err() and leave WARNINGs for kernel bugs. Signed-off-by: Dmitry Vyukov <dvyukov@google.com> Reported-by: syzbot+209c0f67f99fec8eb14b@syzkaller.appspotmail.com Reported-by: syzbot+7fb6d9525a4528104e05@syzkaller.appspotmail.com Reported-by: syzbot+2e63711063e2d8f9ea27@syzkaller.appspotmail.com Reported-by: syzbot+de73361ee4971b6e6f75@syzkaller.appspotmail.com Cc: stable <stable@vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Isaac J. Manjarres
|
4f5d011e6d |
Merge remote-tracking branch 'remotes/origin/tmp-bb60f28' into msm-4.14
* remotes/origin/tmp-bb60f28:
Linux 4.14.37
mac80211_hwsim: fix use-after-free bug in hwsim_exit_net
Revert "KVM: X86: Fix SMRAM accessing even if VM is shutdown"
RDMA/mlx5: Fix NULL dereference while accessing XRC_TGT QPs
perf: Return proper values for user stack errors
perf: Fix sample_max_stack maximum check
netfilter: x_tables: limit allocation requests for blob rule heads
netfilter: compat: reject huge allocation requests
netfilter: compat: prepare xt_compat_init_offsets to return errors
netfilter: x_tables: add counters allocation wrapper
netfilter: x_tables: cap allocations at 512 mbyte
alarmtimer: Init nanosleep alarm timer on stack
RDMA/core: Reduce poll batch for direct cq polling
irqchip/gic-v3: Change pr_debug message to pr_devel
cpumask: Make for_each_cpu_wrap() available on UP as well
irqchip/gic-v3: Ignore disabled ITS nodes
perf test: Fix test trace+probe_libc_inet_pton.sh for s390x
powerpc/powernv: IMC fix out of bounds memory access at shutdown
locking/qspinlock: Ensure node->count is updated before initialising node
x86/platform/UV: Fix GAM Range Table entries less than 1GB
powerpc/mm/hash64: Zero PGD pages on allocation
vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page
PM / wakeirq: Fix unbalanced IRQ enable for wakeirq
ACPI / EC: Restore polling during noirq suspend/resume phases
bpf: fix rlimit in reuseport net selftest
net: stmmac: discard disabled flags in interrupt status register
SUNRPC: Don't call __UDPX_INC_STATS() from a preemptible context
KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code
tools/libbpf: handle issues with bpf ELF objects containing .eh_frames
net: Extra '_get' in declaration of arch_get_platform_mac_address
svcrdma: Fix Read chunk round-up
rxrpc: Don't put crypto buffers on the stack
selftests/ftrace: Add some missing glob checks
cpufreq: intel_pstate: Enable HWP during system resume on CPU0
bcache: return attach error when no cache set exist
bcache: fix for data collapse after re-attaching an attached device
bcache: fix for allocator and register thread race
bcache: properly set task state in bch_writeback_thread()
cifs: silence compiler warnings showing up with gcc-8.0.0
PM / domains: Fix up domain-idle-states OF parsing
proc: fix /proc/*/map_files lookup
arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics
RDS: IB: Fix null pointer issue
bpf: sockmap, fix leaking maps with attached but not detached progs
xen/grant-table: Use put_page instead of free_page
xen-netfront: Fix race between device setup and open
perf evsel: Fix period/freq terms setup
MIPS: Generic: Support GIC in EIC mode
perf record: Fix period option handling
MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS
bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
ACPI / scan: Use acpi_bus_get_status() to initialize ACPI_TYPE_DEVICE devs
ACPI / bus: Do not call _STA on battery devices with unmet dependencies
ACPI: processor_perflib: Do not send _PPC change notification if not ready
firmware: dmi_scan: Fix handling of empty DMI strings
x86/dumpstack: Avoid uninitlized variable
x86/power: Fix swsusp_arch_resume prototype
netfilter: ipv6: nf_defrag: Kill frag queue on RFC2460 failure
s390/eadm: fix CONFIG_BLOCK include dependency
drm/nouveau/pmu/fuc: don't use movw directly anymore
IB/core: Map iWarp AH type to undefined in rdma_ah_find_type
IB/ipoib: Fix for potential no-carrier state
IB/hfi1: Fix for potential refcount leak in hfi1_open_file()
IB/hfi1: Re-order IRQ cleanup to address driver cleanup race
blk-mq: fix discard merge with scheduler attached
openvswitch: Remove padding from packet before L3+ conntrack processing
mm/fadvise: discard partial page if endbyte is also EOF
mm: pin address_space before dereferencing it while isolating an LRU page
mm: thp: use down_read_trylock() in khugepaged to avoid long block
sparc64: update pmdp_invalidate() to return old pmd value
asm-generic: provide generic_pmdp_establish()
mm/mempolicy: add nodes_empty check in SYSC_migrate_pages
mm/mempolicy: fix the check of nodemask from user
ocfs2: return error when we attempt to access a dirty bh in jbd2
ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute
ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid
fs/dax.c: release PMD lock even when there is no PMD support in DAX
x86/kvm/vmx: do not use vm-exit instruction length for fast MMIO when running nested
kvm: Map PFN-type memory regions as writable (if possible)
tcp_nv: fix potential integer overflow in tcpnv_acked
netfilter: x_tables: fix pointer leaks to userspace
x86/hyperv: Check for required priviliges in hyperv_init()
gianfar: prevent integer wrapping in the rx handler
ntb_transport: Fix bug with max_mw_size parameter
RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure
powerpc/numa: Ensure nodes initialized for hotplug
powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes
samples/bpf: Partially fixes the bpf.o build
i40e: fix reported mask for ntuple filters
i40e: program fragmented IPv4 filter input set
ixgbe: don't set RXDCTL.RLPML for 82599
jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path
RDMA/uverbs: Use an unambiguous errno for method not supported
crypto: artpec6 - remove select on non-existing CRYPTO_SHA384
device property: Define type of PROPERTY_ENRTY_*() macros
tty: serial: exar: Relocate sleep wake-up handling
x86/hyperv: Stop suppressing X86_FEATURE_PCID
fm10k: fix "failed to kill vid" message for VF
igb: Clear TXSTMP when ptp_tx_work() is timeout
igb: Allow to remove administratively set MAC on VFs
ASoC: rockchip: Use dummy_dai for rt5514 dsp dailink
blk-mq-debugfs: don't allow write on attributes with seq_operations set
KVM: s390: vsie: use READ_ONCE to access some SCB fields
platform/x86: thinkpad_acpi: suppress warning about palm detection
i40evf: ignore link up if not running
i40evf: Don't schedule reset_task when device is being removed
bpf: test_maps: cleanup sockmaps when test ends
block: Set BIO_TRACE_COMPLETION on new bio during split
nfp: fix error return code in nfp_pci_probe()
HID: roccat: prevent an out of bounds read in kovaplus_profile_activated()
Input: stmfts - set IRQ_NOAUTOEN to the irq flag
scsi: fas216: fix sense buffer initialization
scsi: devinfo: fix format of the device list
f2fs: avoid hungtask when GC encrypted block if io_bits is set
RDMA/cma: Check existence of netdevice during port validation
Btrfs: raid56: fix race between merge_bio and rbio_orig_end_io
Btrfs: fix unexpected EEXIST from btrfs_get_extent
btrfs: fail mount when sb flag is not in BTRFS_SUPER_FLAG_SUPP
Btrfs: fix scrub to repair raid6 corruption
btrfs: Fix out of bounds access in btrfs_search_slot
Btrfs: set plug for fsync
ipmi/powernv: Fix error return code in ipmi_powernv_probe()
mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
kconfig: Fix expr_free() E_NOT leak
kconfig: Fix automatic menu creation mem leak
kconfig: Don't leak main menus during parsing
watchdog: sp5100_tco: Fix watchdog disable bit
PCI: Add dummy pci_irqd_intx_xlate() for CONFIG_PCI=n build
MIPS: Fix clean of vmlinuz.{32,ecoff,bin,srec}
nfs: Do not convert nfs_idmap_cache_timeout to jiffies
IB/cq: Don't force IB_POLL_DIRECT poll context for ib_process_cq_direct
spi: a3700: Clear DATA_OUT when performing a read
net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock
net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b
ubifs: Fix uninitialized variable in search_dh_cookie()
blk-mq: turn WARN_ON in __blk_mq_run_hw_queue into printk
dm mpath: return DM_MAPIO_REQUEUE on blk-mq rq allocation failure
dm thin: fix documentation relative to low water mark threshold
iommu/vt-d: Use domain instead of cache fetching
powerpc: System reset avoid interleaving oops using die synchronisation
iommu/exynos: Don't unconditionally steal bus ops
perf record: Fix failed memory allocation for get_cpuid_str
tools lib traceevent: Fix get_field_str() for dynamic strings
perf callchain: Fix attr.sample_max_stack setting
tools lib traceevent: Simplify pointer print logic and fix %pF
perf unwind: Do not look just at the global callchain_param.record_mode
scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout()
i40iw: Zero-out consumer key on allocate stag for FMR
i40iw: Free IEQ resources
Input: synaptics - reset the ABS_X/Y fuzz after initializing MT axes
libbpf: Makefile set specified permission mode
Input: psmouse - fix Synaptics detection when protocol is disabled
PCI: Add function 1 DMA alias quirk for Marvell 9128
selftest: ftrace: Fix to pick text symbols for kprobes
xprtrdma: Fix backchannel allocation of extra rpcrdma_reps
platform/x86: dell-laptop: Filter out spurious keyboard backlight change events
KVM: s390: use created_vcpus in more places
tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account
netfilter: ipv6: nf_defrag: Pass on packets to stack per RFC2460
KVM: PPC: Book3S HV: Enable migration of decrementer register
RDMA/core: Clarify rdma_ah_find_type
kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl
ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read()
ALSA: hda - Use IS_REACHABLE() for dependency on input
ACPI / LPSS: Do not instiate platform_dev for devs without MMIO resources
NFSv4: always set NFS_LOCK_LOST when a lock is lost.
x86/tsc: Allow TSC calibration without PIT
firewire-ohci: work around oversized DMA reads on JMicron controllers
usb: musb: Fix external abort in musb_remove on omap2430
usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers
usb: musb: fix enumeration after resume
drm/i915/bxt, glk: Increase PCODE timeouts during CDCLK freq changing
drm/i915: Fix LSPCON TMDS output buffer enabling from low-power state
drm/i915: Do no use kfree() to free a kmem_cache_alloc() return value
drm/i915/audio: Fix audio detection issue on GLK
drm/i915/gvt: throw error on unhandled vfio ioctls
drm/vc4: Fix memory leak during BO teardown
x86/tsc: Prevent 32bit truncation in calc_hpet_ref()
clocksource/imx-tpm: Correct -ETIME return condition check
x86/acpi: Prevent X2APIC id 0xffffffff from being accounted
btrfs: fix unaligned access in readdir
cifs: do not allow creating sockets except with SMB1 posix exensions
UPSTREAM: module: Do not paper over type mismatches in module_param_call()
UPSTREAM: treewide: Fix function prototypes for module_param_call()
UPSTREAM: module: Prepare to convert all module_param_call() prototypes
UPSTREAM: kbuild: add clang-version.sh
UPSTREAM: console: Expand dummy functions for CFI
UPSTREAM: console: SisUSB2VGA: Drop dummy con_font_get()
ANDROID: sdcardfs: Set s_root to NULL after putting
ANDROID: sdcardfs: d_make_root calls iput
ANDROID: sdcardfs: Check for private data earlier
ANDROID: sched: Remove duplicate const specifier
Conflicts:
kernel/sched/sched.h
Change in module_param_call() definition requires alignment in:
drivers/hwtracing/coresight/coresight-event.c
drivers/power/reset/msm-poweroff.c
Change-Id: I0114d2226301af0b1775b37d79db5529653b135d
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
Yonghong Song
|
3e01c16d87 |
bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
[ Upstream commit 09584b406742413ac4c8d7e030374d4daa045b69 ] With CONFIG_BPF_JIT_ALWAYS_ON is defined in the config file, tools/testing/selftests/bpf/test_kmod.sh failed like below: [root@localhost bpf]# ./test_kmod.sh sysctl: setting key "net.core.bpf_jit_enable": Invalid argument [ JIT enabled:0 hardened:0 ] [ 132.175681] test_bpf: #297 BPF_MAXINSNS: Jump, gap, jump, ... FAIL to prog_create err=-524 len=4096 [ 132.458834] test_bpf: Summary: 348 PASSED, 1 FAILED, [340/340 JIT'ed] [ JIT enabled:1 hardened:0 ] [ 133.456025] test_bpf: #297 BPF_MAXINSNS: Jump, gap, jump, ... FAIL to prog_create err=-524 len=4096 [ 133.730935] test_bpf: Summary: 348 PASSED, 1 FAILED, [340/340 JIT'ed] [ JIT enabled:1 hardened:1 ] [ 134.769730] test_bpf: #297 BPF_MAXINSNS: Jump, gap, jump, ... FAIL to prog_create err=-524 len=4096 [ 135.050864] test_bpf: Summary: 348 PASSED, 1 FAILED, [340/340 JIT'ed] [ JIT enabled:1 hardened:2 ] [ 136.442882] test_bpf: #297 BPF_MAXINSNS: Jump, gap, jump, ... FAIL to prog_create err=-524 len=4096 [ 136.821810] test_bpf: Summary: 348 PASSED, 1 FAILED, [340/340 JIT'ed] [root@localhost bpf]# The test_kmod.sh load/remove test_bpf.ko multiple times with different settings for sysctl net.core.bpf_jit_{enable,harden}. The failed test #297 of test_bpf.ko is designed such that JIT always fails. Commit 290af86629b2 (bpf: introduce BPF_JIT_ALWAYS_ON config) introduced the following tightening logic: ... if (!bpf_prog_is_dev_bound(fp->aux)) { fp = bpf_int_jit_compile(fp); #ifdef CONFIG_BPF_JIT_ALWAYS_ON if (!fp->jited) { *err = -ENOTSUPP; return fp; } #endif ... With this logic, Test #297 always gets return value -ENOTSUPP when CONFIG_BPF_JIT_ALWAYS_ON is defined, causing the test failure. This patch fixed the failure by marking Test #297 as expected failure when CONFIG_BPF_JIT_ALWAYS_ON is defined. Fixes: 290af86629b2 (bpf: introduce BPF_JIT_ALWAYS_ON config) Signed-off-by: Yonghong Song <yhs@fb.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Blagovest Kolenichev
|
bce6a97741 |
Merge android-4.14.35 (07e1389) into msm-4.14
* refs/heads/tmp-07e1389 Linux 4.14.35 nfsd: fix incorrect umasks hugetlbfs: fix bug in pgoff overflow checking xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling ovl: fix lookup with middle layer opaque dir and absolute path redirects blk-mq: don't keep offline CPUs mapped to hctx 0 lib: fix stall in __bitmap_parselist() f2fs: fix heap mode to reset it back sunrpc: remove incorrect HMAC request initialization ath9k: Protect queue draining by rcu_read_lock() hwmon: (ina2xx) Fix access to uninitialized mutex x86/mce/AMD: Get address from already initialized block x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type x86/mce/AMD: Pass the bank number to smca_get_bank_type() x86/MCE: Report only DRAM ECC as memory errors on AMD systems rtl8187: Fix NULL pointer dereference in priv->conf_mutex Bluetooth: hci_bcm: Treat Interrupt ACPI resources as always being active-low Bluetooth: Fix connection if directed advertising and privacy is used getname_kernel() needs to make sure that ->name != ->iname in long case get_user_pages_fast(): return -EFAULT on access_ok failure s390/ipl: ensure loadparm valid flag is set s390/qdio: don't merge ERROR output buffers s390/qdio: don't retry EQBS after CCQ 96 nfit: fix region registration vs block-data-window ranges block/loop: fix deadlock after loop_set_status apparmor: fix resource audit messages when auditing peer apparmor: fix display of .ns_name for containers apparmor: fix logging of the existence test for signals scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure x86/MCE/AMD: Define a function to get SMCA bank type radeon: hide pointless #warning when compile testing perf/core: Fix use-after-free in uprobe_perf_close() perf intel-pt: Fix timestamp following overflow perf intel-pt: Fix error recovery from missing TIP packet perf intel-pt: Fix sync_switch perf intel-pt: Fix overlap detection to identify consecutive buffers correctly KVM: PPC: Book3S HV: trace_tlbie must not be called in realmode PCI: hv: Serialize the present and eject work items Drivers: hv: vmbus: do not mark HV_PCIE as perf_device parisc: Fix HPMC handler by increasing size to multiple of 16 bytes parisc: Fix out of array access in match_pci_device() media: v4l: vsp1: Fix header display list status check in continuous mode media: v4l2-compat-ioctl32: don't oops on overlay lan78xx: Correctly indicate invalid OTP vhost: Fix vhost_copy_to_user() vhost: fix vhost_vq_access_ok() log check slip: Check if rstate is initialized before uncompressing rds: MP-RDS may use an invalid c_path cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit() ANDROID: Add build server config for cuttlefish. ANDROID: Add defconfig for cuttlefish. FROMLIST: staging: Android: Add 'vsoc' driver for cuttlefish. ANDROID: cpufreq: Add time_in_state to /proc/uid directories ANDROID: proc: Add /proc/uid directory ANDROID: cpufreq: times: track per-uid time in state ANDROID: cpufreq: track per-task time in state f2fs/fscrypt: updates to v4.17-rc1 Change-Id: I0fdc9762e63ff9a9abb25e6adea0c723e517a2a6 Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
Yury Norov
|
a333a284ff |
lib: fix stall in __bitmap_parselist()
commit 8351760ff5b2042039554b4948ddabaac644a976 upstream. syzbot is catching stalls at __bitmap_parselist() (https://syzkaller.appspot.com/bug?id=ad7e0351fbc90535558514a71cd3edc11681997a). The trigger is unsigned long v = 0; bitmap_parselist("7:,", &v, BITS_PER_LONG); which results in hitting infinite loop at while (a <= b) { off = min(b - a + 1, used_size); bitmap_set(maskp, a, off); a += group_size; } due to used_size == group_size == 0. Link: http://lkml.kernel.org/r/20180404162647.15763-1-ynorov@caviumnetworks.com Fixes: 0a5ce0831d04382a ("lib/bitmap.c: make bitmap_parselist() thread-safe and much faster") Signed-off-by: Yury Norov <ynorov@caviumnetworks.com> Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Reported-by: syzbot <syzbot+6887cbb011c8054e8a3d@syzkaller.appspotmail.com> Cc: Noam Camus <noamca@mellanox.com> Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk> Cc: Matthew Wilcox <mawilcox@microsoft.com> Cc: Mauro Carvalho Chehab <mchehab@kernel.org> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Isaac J. Manjarres
|
7ed7e2acf0 |
Merge remote-tracking branch 'remotes/origin/tmp-51e322a' into msm-4.14
* remotes/origin/tmp-51e322a: Linux 4.14.32 s390/qeth: on channel error, reject further cmd requests s390/qeth: lock read device while queueing next buffer s390/qeth: when thread completes, wake up all waiters s390/qeth: free netdevice when removing a card dpaa_eth: remove duplicate increment of the tx_errors counter dpaa_eth: increment the RX dropped counter when needed dpaa_eth: remove duplicate initialization dpaa_eth: fix error in dpaa_remove() soc/fsl/qbman: fix issue in qman_delete_cgr_safe() team: Fix double free in error path skbuff: Fix not waking applications when errors are enqueued qede: Fix qedr link update net: systemport: Rewrite __bcm_sysport_tx_reclaim() net: Only honor ifindex in IP_PKTINFO if non-0 netlink: avoid a double skb free in genlmsg_mcast() net/iucv: Free memory obtained by kzalloc net: fec: Fix unbalanced PM runtime calls net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY interface net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred l2tp: do not accept arbitrary sockets ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() dccp: check sk for closed state in dccp_sendmsg() net: Fix hlist corruptions in inet_evict_bucket() net: use skb_to_full_sk() in skb_update_prio() ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() sch_netem: fix skb leak in netem_enqueue() kcm: lock lower socket in kcm_attach rhashtable: Fix rhlist duplicates insertion ppp: avoid loop in xmit recursion detection code net sched actions: return explicit error when tunnel_key mode is not specified net: phy: Tell caller result of phy_change() mlxsw: spectrum_buffers: Set a minimum quota for CPU port traffic ipv6: sr: fix scheduling in RCU when creating seg6 lwtunnel state ipv6: sr: fix NULL pointer dereference when setting encap source address ipv6: old_dport should be a __be16 in __ip6_datagram_connect() net: ipv6: keep sk status consistent after datagram connect failure macvlan: filter out unsupported feature flags devlink: Remove redundant free on error path net: phy: relax error checking when creating sysfs link netdev->phydev sysfs: symlink: export sysfs_create_link_nowarn() qed: Fix non TCP packets should be dropped on iWARP ll2 connection tcp: purge write queue upon aborting the connection tcp: reset sk_send_head in tcp_write_queue_purge Change-Id: Ief39b9585daef847f0456cfe8fa70ba0178ea127 Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
|
Isaac J. Manjarres
|
976852dffe |
Merge remote-tracking branch 'remotes/origin/tmp-331d833' into msm-4.14
* remotes/origin/tmp-331d833:
Linux 4.14.31
bpf, x64: increase number of passes
bpf: skip unnecessary capability check
kbuild: disable clang's default use of -fmerge-all-constants
x86/pkeys/selftests: Rename 'si_pkey' to 'siginfo_pkey'
usb: xhci: Fix potential memory leak in xhci_disable_slot()
usb: xhci: Disable slot even when virt-dev is null
staging: lustre: ptlrpc: kfree used instead of kvfree
staging: android: ion: Zero CMA allocated memory
iio: imu: st_lsm6dsx: fix endianness in st_lsm6dsx_read_oneshot()
iio: ABI: Fix name of timestamp sysfs file
perf/x86/intel/uncore: Fix multi-domain PCI CHA enumeration bug on Skylake servers
perf/x86/intel: Don't accidentally clear high bits in bdw_limit_period()
perf/core: Fix ctx_event_type in ctx_resched()
perf stat: Fix CVS output format for non-supported counters
perf/x86/intel/uncore: Fix Skylake UPI event format
drm/syncobj: Stop reusing the same struct file for all syncobj -> fd
x86/boot/64: Verify alignment of the LOAD segment
x86/build/64: Force the linker to use 2MB page size
kvm/x86: fix icebp instruction handling
posix-timers: Protect posix clock array access against speculation
x86/efi: Free efi_pgd with free_pages()
x86/vsyscall/64: Use proper accessor to update P4D entry
selftests/x86/ptrace_syscall: Fix for yet more glibc interference
x86/entry/64: Don't use IST entry for #BP stack
tty: vt: fix up tabstops properly
can: cc770: Fix use after free in cc770_tx_interrupt()
can: cc770: Fix queue stall & dropped RTR reply
can: cc770: Fix stalls on rt-linux, remove redundant IRQ ack
can: ifi: Check core revision upon probe
can: ifi: Repair the error handling
can: peak/pcie_fd: remove useless code when interface starts
can: peak/pcie_fd: fix echo_skb is occupied! bug
staging: ncpfs: memory corruption in ncp_read_kernel()
mtd: nand: fsl_ifc: Read ECCSTAT0 and ECCSTAT1 registers for IFC 2.0
mtd: nand: fsl_ifc: Fix eccstat array overflow for IFC ver >= 2.0.0
mtd: nand: fsl_ifc: Fix nand waitfunc return value
mtdchar: fix usage of mtd_ooblayout_ecc()
tracing: probeevent: Fix to support minus offset from symbol
rtlwifi: rtl8723be: Fix loss of signal
brcmfmac: fix P2P_DEVICE ethernet address generation
libnvdimm, {btt, blk}: do integrity setup before add_disk()
ACPI / watchdog: Fix off-by-one error at resource assignment
acpi, numa: fix pxm to online numa node associations
mm/vmscan: wake up flushers for legacy cgroups too
drm: udl: Properly check framebuffer mmap offsets
drm: Reject getfb for multi-plane framebuffers
drm/radeon: Don't turn off DP sink when disconnected
drm/vmwgfx: Fix a destoy-while-held mutex problem.
drm/vmwgfx: Fix black screen and device errors when running without fbdev
Revert "mm: page_alloc: skip over regions of invalid pfns where possible"
mm/shmem: do not wait for lock_page() in shmem_unused_huge_shrink()
mm/thp: do not wait for lock_page() in deferred_split_scan()
mm/khugepaged.c: convert VM_BUG_ON() to collapse fail
x86/mm: implement free pmd/pte page interfaces
mm/vmalloc: add interfaces to free unmapped page table
h8300: remove extraneous __BIG_ENDIAN definition
hugetlbfs: check for pgoff value overflow
nfsd: remove blocked locks on client teardown
cgroup: fix rule checking for threaded mode switching
libata: Modify quirks for MX100 to limit NCQ_TRIM quirk to MU01 version
libata: Make Crucial BX100 500GB LPM quirk apply to all firmware versions
libata: Apply NOLPM quirk to Crucial M500 480 and 960GB SSDs
libata: Enable queued TRIM for Samsung SSD 860
libata: disable LPM for Crucial BX100 SSD 500GB drive
libata: Apply NOLPM quirk to Crucial MX100 512GB SSDs
libata: don't try to pass through NCQ commands to non-NCQ devices
libata: remove WARN() for DMA or PIO command without data
libata: fix length validation of ATAPI-relayed SCSI commands
Bluetooth: btusb: Fix quirk for Atheros 1525/QCA6174
Bluetooth: btusb: Add Dell OptiPlex 3060 to btusb_needs_reset_resume_table
Bluetooth: btusb: Remove Yoga 920 from the btusb_needs_reset_resume_table
pinctrl: samsung: Validate alias coming from DT
Drivers: hv: vmbus: Fix ring buffer signaling
RDMA/mlx5: Fix crash while accessing garbage pointer and freed memory
clk: sunxi-ng: a31: Fix CLK_OUT_* clock ops
clk: bcm2835: Protect sections updating shared registers
clk: bcm2835: Fix ana->maskX definitions
lockdep: fix fs_reclaim warning
ahci: Add PCI-id for the Highpoint Rocketraid 644L card
PCI: Add function 1 DMA alias quirk for Highpoint RocketRAID 644L
mmc: dw_mmc: fix falling from idmac to PIO mode when dw_mci_reset occurs
mmc: dw_mmc: exynos: fix the suspend/resume issue for exynos5433
mmc: dw_mmc: Fix the DTO/CTO timeout overflow calculation for 32-bit systems
mmc: block: fix updating ext_csd caches on ioctl call
mmc: core: Disable HPI for certain Micron (Numonyx) eMMC cards
mmc: core: Fix tracepoint print of blk_addr and blksz
ALSA: hda/realtek - Always immediately update mute LED with pin VREF
ALSA: hda/realtek - Fix Dell headset Mic can't record
ALSA: hda/realtek - Fix speaker no sound after system resume
ALSA: hda - Force polling mode on CFL for fixing codec communication
ALSA: aloop: Fix access to not-yet-ready substream via cable
ALSA: aloop: Sync stale timer before release
ALSA: usb-audio: Fix parsing descriptor of UAC2 processing unit
iio: adc: meson-saradc: unlock on error in meson_sar_adc_lock()
iio: st_pressure: st_accel: pass correct platform data to init
iio: chemical: ccs811: Corrected firmware boot/application mode transition
MIPS: lantiq: ase: Enable MFD_SYSCON
MIPS: lantiq: Enable AHB Bus for USB
MIPS: lantiq: Fix Danube USB clock
MIPS: ralink: Fix booting on MT7621
MIPS: ralink: Remove ralink_halt()
ANDROID: arm64: Image.gz-dtb build target depends on Image.gz
Conflicts:
drivers/staging/android/ion/ion_cma_heap.c
Change-Id: I1ed32b5d3bcf4db15991859bdd89fed0d70fdb86
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
Paul Blakey
|
07cf9d303c |
rhashtable: Fix rhlist duplicates insertion
[ Upstream commit d3dcf8eb615537526bd42ff27a081d46d337816e ]
When inserting duplicate objects (those with the same key),
current rhlist implementation messes up the chain pointers by
updating the bucket pointer instead of prev next pointer to the
newly inserted node. This causes missing elements on removal and
travesal.
Fix that by properly updating pprev pointer to point to
the correct rhash_head next pointer.
Issue: 1241076
Change-Id: I86b2c140bcb4aeb10b70a72a267ff590bb2b17e7
Fixes: ca26893f05e8 ('rhashtable: Add rhlist interface')
Signed-off-by: Paul Blakey <paulb@mellanox.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Toshi Kani
|
acdb498164 |
mm/vmalloc: add interfaces to free unmapped page table
commit b6bdb7517c3d3f41f20e5c2948d6bc3f8897394e upstream.
On architectures with CONFIG_HAVE_ARCH_HUGE_VMAP set, ioremap() may
create pud/pmd mappings. A kernel panic was observed on arm64 systems
with Cortex-A75 in the following steps as described by Hanjun Guo.
1. ioremap a 4K size, valid page table will build,
2. iounmap it, pte0 will set to 0;
3. ioremap the same address with 2M size, pgd/pmd is unchanged,
then set the a new value for pmd;
4. pte0 is leaked;
5. CPU may meet exception because the old pmd is still in TLB,
which will lead to kernel panic.
This panic is not reproducible on x86. INVLPG, called from iounmap,
purges all levels of entries associated with purged address on x86. x86
still has memory leak.
The patch changes the ioremap path to free unmapped page table(s) since
doing so in the unmap path has the following issues:
- The iounmap() path is shared with vunmap(). Since vmap() only
supports pte mappings, making vunmap() to free a pte page is an
overhead for regular vmap users as they do not need a pte page freed
up.
- Checking if all entries in a pte page are cleared in the unmap path
is racy, and serializing this check is expensive.
- The unmap path calls free_vmap_area_noflush() to do lazy TLB purges.
Clearing a pud/pmd entry before the lazy TLB purges needs extra TLB
purge.
Add two interfaces, pud_free_pmd_page() and pmd_free_pte_page(), which
clear a given pud/pmd entry and free up a page for the lower level
entries.
This patch implements their stub functions on x86 and arm64, which work
as workaround.
[akpm@linux-foundation.org: fix typo in pmd_free_pte_page() stub]
Link: http://lkml.kernel.org/r/20180314180155.19492-2-toshi.kani@hpe.com
Fixes: e61ce6ade404e ("mm: change ioremap to set up huge I/O mappings")
Reported-by: Lei Li <lious.lilei@hisilicon.com>
Signed-off-by: Toshi Kani <toshi.kani@hpe.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Wang Xuefeng <wxf.wang@hisilicon.com>
Cc: Will Deacon <will.deacon@arm.com>
Cc: Hanjun Guo <guohanjun@huawei.com>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Borislav Petkov <bp@suse.de>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Chintan Pandya <cpandya@codeaurora.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Blagovest Kolenichev
|
24b2e60f51 |
Merge android-4.14.29 (45c8dbe) into msm-4.14
* refs/heads/tmp-45c8dbe
Linux 4.14.29
usb: dwc3: Fix GDBGFIFOSPACE_TYPE values
USB: gadget: udc: Add missing platform_device_put() on error in bdc_pci_probe()
scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure
scsi: qla2xxx: Fix logo flag for qlt_free_session_done()
scsi: qla2xxx: Fix NULL pointer access for fcport structure
scsi: qla2xxx: Fix smatch warning in qla25xx_delete_{rsp|req}_que
btrfs: Fix memory barriers usage with device stats counters
btrfs: remove spurious WARN_ON(ref->count < 0) in find_parent_nodes
btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device
btrfs: alloc_chunk: fix DUP stripe size handling
btrfs: add missing initialization in btrfs_check_shared
btrfs: Fix NULL pointer exception in find_bio_stripe
irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis
RDMAVT: Fix synchronization around percpu_ref
fs/aio: Use RCU accessors for kioctx_table->table[]
fs/aio: Add explicit RCU grace period when freeing kioctx
lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
KVM: arm/arm64: vgic: Don't populate multiple LRs with the same vintid
kvm: arm/arm64: vgic-v3: Tighten synchronization for guests using v2 on v3
KVM: arm/arm64: Reduce verbosity of KVM init log
fs: Teach path_connected to handle nfs filesystems with multiple roots.
drm/amdgpu/dce: Don't turn off DP sink when disconnected
drm/radeon: fix prime teardown order
drm/amdgpu: fix prime teardown order
drm/nouveau/bl: Fix oops on driver unbind
ALSA: seq: Clear client entry before deleting else at closing
ALSA: seq: Fix possible UAF in snd_seq_check_queue()
ALSA: hda - Revert power_save option default value
ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats()
parisc: Handle case where flush_cache_range is called with no context
x86/mm: Fix vmalloc_fault to use pXd_large
KVM: x86: Fix device passthrough when SME is active
x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist
x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels
x86/vm86/32: Fix POPF emulation
selftests/x86/entry_from_vm86: Add test cases for POPF
selftests/x86: Add tests for the STR and SLDT instructions
selftests/x86: Add tests for User-Mode Instruction Prevention
selftests/x86/entry_from_vm86: Exit with 1 if we fail
x86/cpufeatures: Add Intel PCONFIG cpufeature
x86/cpufeatures: Add Intel Total Memory Encryption cpufeature
ANDROID: arm-smccc: fix clang build
staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
Linux 4.14.28
drm/i915/glk: Disable Guc and HuC on GLK
dmaengine: qcom_hidma: check pending interrupts
IB/mlx5: revisit -Wmaybe-uninitialized warning
ima: relax requiring a file signature for new files with zero length
locking/locktorture: Fix num reader/writer corner cases
rcutorture/configinit: Fix build directory error message
ipvlan: add L2 check for packets arriving via virtual devices
Fix misannotated out-of-line _copy_to_user()
mmc: mmc_test: Ensure command queue is disabled for testing
ASoC: nuc900: Fix a loop timeout test
crypto: caam/qi - use correct print specifier for size_t
mac80211: remove BUG() when interface type is invalid
mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED
agp/intel: Flush all chipset writes after updating the GGTT
arm64: dts: renesas: salvator-common: Add EthernetAVB PHY reset
powerpc/64: Don't trace irqs-off at interrupt return to soft-disabled context
powerpc/modules: Don't try to restore r2 after a sibling call
drm/amdkfd: Fix memory leaks in kfd topology
veth: set peer GSO values
net: sched: drop qdisc_reset from dev_graft_qdisc
virtio_net: Disable interrupts if napi_complete_done rescheduled napi
media: davinci: vpif_capture: add NULL check on devm_kzalloc return value
media: cpia2: Fix a couple off by one bugs
dm raid: fix raid set size revalidation
media: vsp1: Prevent suspending and resuming DRM pipelines
scsi: dh: add new rdac devices
scsi: devinfo: apply to HP XP the same flags as Hitachi VSP
scsi: core: scsi_get_device_flags_keyed(): Always return device flags
bnxt_en: Don't print "Link speed -1 no longer supported" messages.
spi: sun6i: disable/unprepare clocks on remove
tools/usbip: fixes build with musl libc toolchain
ath10k: fix invalid STS_CAP_OFFSET_MASK
mwifiex: cfg80211: do not change virtual interface during scan processing
clk: qcom: msm8916: fix mnd_width for codec_digcodec
drm/amdgpu:fix virtual dce bug
iwlwifi: mvm: avoid dumping assert log when device is stopped
perf annotate: Fix objdump comment parsing for Intel mov dissassembly
perf annotate: Fix unnecessary memory allocation for s390x
pinctrl: sh-pfc: r8a7795-es1: Fix MOD_SEL1 bit[25:24] to 0x3 when using STP_ISEN_1_D
pinctrl: sh-pfc: r8a7791: Add can_clk function
drm/sun4i: Fix format mask in DE2 driver
pwm: stmpe: Fix wrong register offset for hwpwm=2 case
scsi: ses: don't ask for diagnostic pages repeatedly during probe
drm/amdgpu:fix random missing of FLR NOTIFY
cpufreq: Fix governor module removal race
ath10k: update tdls teardown state to target
iio: health: max30102: Add power enable parameter to get_temp function
iio: adc: ina2xx: Shift bus voltage register to mask flag bits
drm/etnaviv: make THERMAL selectable
power: supply: ab8500_charger: Bail out in case of error in 'ab8500_charger_init_hw_registers()'
power: supply: ab8500_charger: Fix an error handling path
leds: pm8058: Silence pointer to integer size warning
xfrm: Fix xfrm_replay_overflow_offload_esn
userns: Don't fail follow_automount based on s_user_ns
mtd: nand: ifc: update bufnum mask for ver >= 2.0.0
ARM: dts: omap3-n900: Fix the audio CODEC's reset pin
ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin
net: thunderx: Set max queue count taking XDP_TX into account
mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]()
net: xfrm: allow clearing socket xfrm policies.
rtc: brcmstb-waketimer: fix error handling in brcmstb_waketmr_probe()
net: ieee802154: adf7242: Fix bug if defined DEBUG
test_firmware: fix setting old custom fw path back on exit
crypto: cavium - fix memory leak on info
crypto: ecc - Fix NULL pointer deref. on no default_rng
sched: Stop resched_cpu() from sending IPIs to offline CPUs
sched: Stop switched_to_rt() from sending IPIs to offline CPUs
USB: ledtrig-usbport: fix of-node leak
typec: tcpm: fusb302: Resolve out of order messaging events
staging: rtl8822be: fix missing null check on dev_alloc_skb return
drm/amdgpu: fix get_max_engine_clock_in_mhz
ARM: dts: exynos: Correct Trats2 panel reset line
clk: meson: gxbb: fix wrong clock for SARADC/SANA
ARM: dts: koelsch: Move cec_clock to root node
iwlwifi: mvm: rs: don't override the rate history in the search cycle
HID: elo: clear BTN_LEFT mapping
HID: multitouch: Only look at non touch fields in first packet of a frame
video/hdmi: Allow "empty" HDMI infoframes
dma-buf/fence: Fix lock inversion within dma-fence-array
drm/edid: set ELD connector type in drm_edid_to_eld()
Revert "btrfs: use proper endianness accessors for super_copy"
dm mpath: fix passing integrity data
earlycon: add reg-offset to physical address before mapping
serial: core: mark port as initialized in autoconfig
serial: 8250_pci: Add Brainboxes UC-260 4 port serial device
usb: dwc3: Fix lock-up on ID change during system suspend/resume
usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb()
usb: usbmon: Read text within supplied buffer size
usb: quirks: add control message delay for 1b1c:1b20
usbip: vudc: fix null pointer dereference on udc->lock
USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h
staging: android: ashmem: Fix lockdep issue during llseek
staging: comedi: fix comedi_nsamples_left.
uas: fix comparison for error code
tty/serial: atmel: add new version check for usart
serial: sh-sci: prevent lockup on full TTY buffers
xhci: fix endpoint context tracer output
xhci: Fix front USB ports on ASUS PRIME B350M-A
usb: host: xhci-rcar: add support for r8a77965
ASoC: rt5651: Fix regcache sync errors on resume
ASoC: wm_adsp: For TLV controls only register TLV get/set
ASoC: sgtl5000: Fix suspend/resume
ASoC: sun4i-i2s: Fix RX slot number of SUN8I
x86: Treat R_X86_64_PLT32 as R_X86_64_PC32
net: phy: Restore phy_resume() locking assumption
net: phy: fix resume handling
ANDROID: sdcardfs: fix lock issue on 32 bit/SMP architectures
Change-Id: Ida88909c333e059adf42a8794c3b92b1d15252f7
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
Christophe Leroy
|
0ced0c46b4 |
Fix misannotated out-of-line _copy_to_user()
[ Upstream commit a0e94598e6b6c0d1df6a5fa14eb7c767ca817a20 ]
Destination is a kernel pointer and source - a userland one
in _copy_from_user(); _copy_to_user() is the other way round.
Fixes: d597580d37377 ("generic ...copy_..._user primitives")
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Linux Build Service Account
|
be49c61378 | Merge "Merge remote-tracking branch 'remotes/origin/tmp-df0daba' into msm-4.14" into msm-4.14 | ||
|
Linux Build Service Account
|
14b1002220 | Merge "lib: ubsan: Fix compilation issues for ubsan" into msm-4.14 | ||
|
Isaac J. Manjarres
|
3ba3c6ce0a |
Merge remote-tracking branch 'remotes/origin/tmp-df0daba' into msm-4.14
* remotes/origin/tmp-df0daba: Linux 4.14.27 x86/kprobes: Fix kernel crash when probing .entry_trampoline code objtool: Fix 32-bit build objtool: Fix another switch table detection issue objtool, retpolines: Integrate objtool with retpoline support more closely objtool: Add module specific retpoline rules kbuild: move cc-option and cc-disable-warning after incl. arch Makefile kbuild: Set KBUILD_CFLAGS before incl. arch Makefile kbuild: re-order the code to not parse unnecessary variables objtool: Add retpoline validation objtool: Use existing global variables for options x86/mm/sme, objtool: Annotate indirect call in sme_encrypt_execute() x86/boot, objtool: Annotate indirect jump in secondary_startup_64() x86/paravirt, objtool: Annotate indirect calls x86/speculation: Move firmware_restrict_branch_speculation_*() from C to CPP x86/speculation, objtool: Annotate indirect calls/jumps for objtool x86/retpoline: Support retpoline builds with Clang x86/speculation: Use IBRS if available before calling into firmware Revert "x86/retpoline: Simplify vmexit_fill_RSB()" x86-64/realmode: Add instruction suffix x86/LDT: Avoid warning in 32-bit builds with older gcc x86/asm: Improve how GEN_*_SUFFIXED_RMWcc() specify clobbers x86/mm: Remove stale comment about KMEMCHECK x86/entry/64: Use 'xorl' for faster register clearing x86/entry: Reduce the code footprint of the 'idtentry' macro nospec: Include <asm/barrier.h> dependency nospec: Kill array_index_nospec_mask_check() MIPS: CPC: Map registers using DT in mips_cpc_default_phys_base() dt-bindings: Document mti,mips-cpc binding scsi: qla2xxx: Fix recursion while sending terminate exchange scsi: qla2xxx: Fix NULL pointer crash due to probe failure ALSA: hda: add dock and led support for HP ProBook 640 G2 ALSA: hda: add dock and led support for HP EliteBook 820 G3 ALSA: hda - Fix a wrong FIXUP for alc289 on Dell machines ALSA: seq: More protection for concurrent write and ioctl races ALSA: seq: Don't allow resizing pool in use ALSA: hda/realtek - Make dock sound work on ThinkPad L570 ALSA: hda/realtek - Fix dock line-out volume on Dell Precision 7520 ALSA: hda/realtek: Limit mic boost on T480 ALSA: hda/realtek - Add headset mode support for Dell laptop ALSA: hda/realtek - Add support headset mode for DELL WYSE x86/spectre_v2: Don't check microcode versions when running under hypervisors perf tools: Fix trigger class trigger_on() x86/MCE: Serialize sysfs changes x86/MCE: Save microcode revision in machine check records bcache: don't attach backing with duplicate UUID bcache: fix crashes in duplicate cache device register IB/mlx5: Fix incorrect size of klms in the memory region dm bufio: avoid false-positive Wmaybe-uninitialized warning kbuild: Handle builtin dtb file names containing hyphens IB/core: Fix missing RDMA cgroups release in case of failure to register device arm64: mm: fix thinko in non-global page table attribute check KVM: s390: fix memory overwrites when not using SCA entries virtio_ring: fix num_free handling in error case loop: Fix lost writes caused by missing flag Documentation/sphinx: Fix Directive import error mm/memblock.c: hardcode the end_pfn being -1 lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() Input: matrix_keypad - fix race when disabling interrupts PCI: dwc: Fix enumeration end when reaching root subordinate MIPS: OCTEON: irq: Check for null return on kzalloc allocation MIPS: ath25: Check for kzalloc allocation failure MIPS: BMIPS: Do not mask IPIs during suspend drm/amdgpu:Always save uvd vcpu_bo in VM Mode drm/amdgpu:Correct max uvd handles drm/amdgpu: fix KV harvesting drm/radeon: fix KV harvesting drm/amdgpu: Notify sbios device ready before send request drm/amdgpu: used cached pcie gen info for SI (v2) drm/amd/powerplay: fix power over limit on Fiji drm/radeon: insist on 32-bit DMA for Cedar on PPC64/PPC64LE Revert "drm/radeon/pm: autoswitch power state when in balanced mode" drm/amd/powerplay/vega10: allow mclk switching with no displays drm/amd/powerplay/smu7: allow mclk switching with no displays drm/nouveau: prefer XBGR2101010 for addfb ioctl drm/amdgpu: Fix deadlock on runtime suspend drm/radeon: Fix deadlock on runtime suspend drm/nouveau: Fix deadlock on runtime suspend drm: Allow determining if current task is output poll worker workqueue: Allow retrieval of current task's work struct drm/i915: Always call to intel_display_set_init_power() in resume_early. scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS scsi: core: Avoid that ATA error handling can trigger a kernel hang or oops drm/i915/perf: fix perf stream opening lock drm/i915: Try EDID bitbanging on HDMI after failed read drm/i915: Update watermark state correctly in sanitize_watermarks drm/i915: Disable DC states around GMBUS on GLK drm/i915: Clear the in-use marker on execbuf failure drm/i915: Fix rsvd2 mask when out-fence is returned regulator: stm32-vrefbuf: fix check on ready flag net/smc: fix NULL pointer dereference on sock_create_kern() error path IB/uverbs: Improve lockdep_check RDMA/mlx5: Fix integer overflow while resizing CQ RDMA/ucma: Check that user doesn't overflow QP state RDMA/ucma: Limit possible option size NFS: Fix unstable write completion pNFS: Prevent the layout header refcount going to zero in pnfs_roc() NFS: Fix an incorrect type in struct nfs_direct_req scsi: qla2xxx: Fix memory leak in dual/target mode scsi: qla2xxx: Fix system crash in qlt_plogi_ack_unref scsi: qla2xxx: Remove aborting ELS IOCB call issued as part of timeout. scsi: qla2xxx: Defer processing of GS IOCB calls scsi: qla2xxx: Clear loop id after delete scsi: qla2xxx: Fix scan state field for fcport scsi: qla2xxx: Replace fcport alloc with qla2x00_alloc_fcport scsi: qla2xxx: Fix abort command deadlock due to spinlock scsi: qla2xxx: Fix PRLI state check scsi: qla2xxx: Fix Relogin being triggered too fast scsi: qla2xxx: Fix NPIV host cleanup in target mode scsi: qla2xxx: Fix login state machine stuck at GPDB scsi: qla2xxx: Serialize GPNID for multiple RSCN scsi: qla2xxx: Retry switch command on time out scsi: qla2xxx: Fix re-login for Nport Handle in use scsi: qla2xxx: Skip IRQ affinity for Target QPairs scsi: qla2xxx: Move session delete to driver work queue scsi: qla2xxx: Fix gpnid error processing scsi: qla2xxx: Fix system crash for Notify ack timeout handling tpm: only attempt to disable the LPC CLKRUN if is already enabled tpm: remove unused variables tpm: delete the TPM_TIS_CLK_ENABLE flag tpm: Keep CLKRUN enabled throughout the duration of transmit_cmd() tpm_tis: Move ilb_base_addr to tpm_tis_data netfilter: use skb_to_full_sk in ip6_route_me_harder netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt netfilter: bridge: ebt_among: add missing match size checks netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets netfilter: IDLETIMER: be syzkaller friendly netfilter: nat: cope with negative port range netfilter: x_tables: fix missing timer initialization in xt_LED netfilter: xt_hashlimit: fix lock imbalance netfilter: ipt_CLUSTERIP: fix a race condition of proc file creation netfilter: add back stackpointer size checks ASoC: Intel: kbl: fix jack name ASoC: Intel: Skylake: Fix jack name format substitution ARM: omap2: hide omap3_save_secure_ram on non-OMAP3 builds watchdog: hpwdt: Remove legacy NMI sourcing. watchdog: hpwdt: fix unused variable warning watchdog: hpwdt: Check source of NMI watchdog: hpwdt: SMBIOS check kbuild: move "_all" target out of $(KBUILD_SRC) conditional FROMLIST: f2fs: don't put dentry page in pagecache into highmem Conflicts: Makefile Change-Id: I9c0acaa8aea9f4986bf01898de8d4be4658c64ce Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
Kees Cook
|
d50cb5cedb |
lib/bug.c: exclude non-BUG/WARN exceptions from report_bug()
commit 1b4cfe3c0a30dde968fb43c577a8d7e262a145ee upstream.
Commit b8347c219649 ("x86/debug: Handle warnings before the notifier
chain, to fix KGDB crash") changed the ordering of fixups, and did not
take into account the case of x86 processing non-WARN() and non-BUG()
exceptions. This would lead to output of a false BUG line with no other
information.
In the case of a refcount exception, it would be immediately followed by
the refcount WARN(), producing very strange double-"cut here":
lkdtm: attempting bad refcount_inc() overflow
------------[ cut here ]------------
Kernel BUG at 0000000065f29de5 [verbose debug info unavailable]
------------[ cut here ]------------
refcount_t overflow at lkdtm_REFCOUNT_INC_OVERFLOW+0x6b/0x90 in cat[3065], uid/euid: 0/0
WARNING: CPU: 0 PID: 3065 at kernel/panic.c:657 refcount_error_report+0x9a/0xa4
...
In the prior ordering, exceptions were searched first:
do_trap_no_signal(struct task_struct *tsk, int trapnr, char *str,
...
if (fixup_exception(regs, trapnr))
return 0;
- if (fixup_bug(regs, trapnr))
- return 0;
-
As a result, fixup_bugs()'s is_valid_bugaddr() didn't take into account
needing to search the exception list first, since that had already
happened.
So, instead of searching the exception list twice (once in
is_valid_bugaddr() and then again in fixup_exception()), just add a
simple sanity check to report_bug() that will immediately bail out if a
BUG() (or WARN()) entry is not found.
Link: http://lkml.kernel.org/r/20180301225934.GA34350@beast
Fixes: b8347c219649 ("x86/debug: Handle warnings before the notifier chain, to fix KGDB crash")
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Richard Weinberger <richard.weinberger@gmail.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Isaac J. Manjarres
|
a7ea4f03e5 |
lib: ubsan: Fix compilation issues for ubsan
Currently, multiple declarations of data structures and functions exist, as well as dead code that was meant to be removed earlier. Remove dead code and multiple declarations for ubsan. Change-Id: I2b1d27ab2edc9852a3cd286c70fe8990aa0e0754 Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |