cc8657ff73
5168 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Greg Kroah-Hartman
|
1fca2c99f4 |
This is the 4.19.99 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl4u6tsACgkQONu9yGCS aT693A//TExeDRnNnf+2v4TJorylyRr17BMxk/Ie2L5E6d2n/RWodsrOThAPU9tx 5alNUkXCT8Jd31BUVnUoPoAQ4zSymSVi++XEf05wDeO0tQ982IESGaLmu9EC1uMF nnM5y4IdRYmFI1Zji4h5vRJckoYUlB6Mdg4BgMr4Q1KX7RkZYfe6bjs7DwM/uyMx jVXdFaQBD1H6F5W6A+GmgUZ36g9uNqzcBxxWwv5URj+q816NdI4bsxIJMF0v0WC+ S54fmpS07QWIYKKsQBUepeSgEF4ECESOE2VoF1ICcnfakdPnDBmNgyPJPSrLmVf+ itRUxoH1MewaOvoJrv+xsGBPmM29LcKH2oBmj5DR2Xstp7ACPs+OtXJEU9dUTDN4 NhaSts5fIp0f4Y5mMn508pDUwYDAWDt99ZJWdx6aK/TRyUsHBgpxBQDt37BE3U5W PCBnObNe2b2KDAsVXLjX5iDYoA0+usFreveMo8uEP+ohfh0ANvJlRkzedYw7NquI ZCcT+I1P9q8aa0528tR332VLrQeYg+kG6LVi2kAabmRA/VtEsT0w90MY/eo2vuTU WlPmbs2yerv2HTm050e6MOgBZfPh7wP/FpbjsSXufj7EDywlfxF+1hXdwfrpPJeN fN3g0kepeUp7+kLzO40FLam/z5ndjAUhyN2SBaPzGsXjMkZdETk= =zvlh -----END PGP SIGNATURE----- Merge 4.19.99 into android-4.19 Changes in 4.19.99 Revert "efi: Fix debugobjects warning on 'efi_rts_work'" xfs: Sanity check flags of Q_XQUOTARM call i2c: stm32f7: rework slave_id allocation i2c: i2c-stm32f7: fix 10-bits check in slave free id search loop mfd: intel-lpss: Add default I2C device properties for Gemini Lake SUNRPC: Fix svcauth_gss_proxy_init() powerpc/pseries: Enable support for ibm,drc-info property powerpc/archrandom: fix arch_get_random_seed_int() tipc: update mon's self addr when node addr generated tipc: fix wrong timeout input for tipc_wait_for_cond() mt7601u: fix bbp version check in mt7601u_wait_bbp_ready crypto: sun4i-ss - fix big endian issues perf map: No need to adjust the long name of modules soc: aspeed: Fix snoop_file_poll()'s return type watchdog: sprd: Fix the incorrect pointer getting from driver data ipmi: Fix memory leak in __ipmi_bmc_register drm/sti: do not remove the drm_bridge that was never added ARM: dts: at91: nattis: set the PRLUD and HIPOW signals low ARM: dts: at91: nattis: make the SD-card slot work ixgbe: don't clear IPsec sa counters on HW clearing drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() iio: fix position relative kernel version apparmor: Fix network performance issue in aa_label_sk_perm ALSA: hda: fix unused variable warning apparmor: don't try to replace stale label in ptrace access check ARM: qcom_defconfig: Enable MAILBOX firmware: coreboot: Let OF core populate platform device PCI: iproc: Remove PAXC slot check to allow VF support bridge: br_arp_nd_proxy: set icmp6_router if neigh has NTF_ROUTER drm/hisilicon: hibmc: Don't overwrite fb helper surface depth signal/ia64: Use the generic force_sigsegv in setup_frame signal/ia64: Use the force_sig(SIGSEGV,...) in ia64_rt_sigreturn ASoC: wm9712: fix unused variable warning mailbox: mediatek: Add check for possible failure of kzalloc IB/rxe: replace kvfree with vfree IB/hfi1: Add mtu check for operational data VLs genirq/debugfs: Reinstate full OF path for domain name usb: dwc3: add EXTCON dependency for qcom usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure cfg80211: regulatory: make initialization more robust mei: replace POLL* with EPOLL* for write queues. drm/msm: fix unsigned comparison with less than zero of: Fix property name in of_node_get_device_type ALSA: usb-audio: update quirk for B&W PX to remove microphone iwlwifi: nvm: get num of hw addresses from firmware staging: comedi: ni_mio_common: protect register write overflow netfilter: nft_osf: usage from output path is not valid pwm: lpss: Release runtime-pm reference from the driver's remove callback powerpc/pseries/memory-hotplug: Fix return value type of find_aa_index rtlwifi: rtl8821ae: replace _rtl8821ae_mrate_idx_to_arfr_id with generic version RDMA/bnxt_re: Add missing spin lock initialization netfilter: nf_flow_table: do not remove offload when other netns's interface is down powerpc/kgdb: add kgdb_arch_set/remove_breakpoint() tipc: eliminate message disordering during binding table update net: socionext: Add dummy PHY register read in phy_write() drm/sun4i: hdmi: Fix double flag assignation net: hns3: add error handler for hns3_nic_init_vector_data() mlxsw: reg: QEEC: Add minimum shaper fields mlxsw: spectrum: Set minimum shaper on MC TCs NTB: ntb_hw_idt: replace IS_ERR_OR_NULL with regular NULL checks ASoC: wm97xx: fix uninitialized regmap pointer problem ARM: dts: bcm283x: Correct mailbox register sizes pcrypt: use format specifier in kobject_add ASoC: sun8i-codec: add missing route for ADC pinctrl: meson-gxl: remove invalid GPIOX tsin_a pins bus: ti-sysc: Add mcasp optional clocks flag exportfs: fix 'passing zero to ERR_PTR()' warning drm: rcar-du: Fix the return value in case of error in 'rcar_du_crtc_set_crc_source()' drm: rcar-du: Fix vblank initialization net: always initialize pagedlen drm/dp_mst: Skip validating ports during destruction, just ref arm64: dts: meson-gx: Add hdmi_5v regulator as hdmi tx supply arm64: dts: renesas: r8a7795-es1: Add missing power domains to IPMMU nodes net: phy: Fix not to call phy_resume() if PHY is not attached IB/hfi1: Correctly process FECN and BECN in packets OPP: Fix missing debugfs supply directory for OPPs IB/rxe: Fix incorrect cache cleanup in error flow mailbox: ti-msgmgr: Off by one in ti_msgmgr_of_xlate() staging: bcm2835-camera: Abort probe if there is no camera staging: bcm2835-camera: fix module autoloading switchtec: Remove immediate status check after submitting MRPC command ipv6: add missing tx timestamping on IPPROTO_RAW pinctrl: sh-pfc: r8a7740: Add missing REF125CK pin to gether_gmii group pinctrl: sh-pfc: r8a7740: Add missing LCD0 marks to lcd0_data24_1 group pinctrl: sh-pfc: r8a7791: Remove bogus ctrl marks from qspi_data4_b group pinctrl: sh-pfc: r8a7791: Remove bogus marks from vin1_b_data18 group pinctrl: sh-pfc: sh73a0: Add missing TO pin to tpu4_to3 group pinctrl: sh-pfc: r8a7794: Remove bogus IPSR9 field pinctrl: sh-pfc: r8a77970: Add missing MOD_SEL0 field pinctrl: sh-pfc: r8a77980: Add missing MOD_SEL0 field pinctrl: sh-pfc: sh7734: Add missing IPSR11 field pinctrl: sh-pfc: r8a77995: Remove bogus SEL_PWM[0-3]_3 configurations pinctrl: sh-pfc: sh7269: Add missing PCIOR0 field pinctrl: sh-pfc: sh7734: Remove bogus IPSR10 value net: hns3: fix error handling int the hns3_get_vector_ring_chain vxlan: changelink: Fix handling of default remotes Input: nomadik-ske-keypad - fix a loop timeout test fork,memcg: fix crash in free_thread_stack on memcg charge fail clk: highbank: fix refcount leak in hb_clk_init() clk: qoriq: fix refcount leak in clockgen_init() clk: ti: fix refcount leak in ti_dt_clocks_register() clk: socfpga: fix refcount leak clk: samsung: exynos4: fix refcount leak in exynos4_get_xom() clk: imx6q: fix refcount leak in imx6q_clocks_init() clk: imx6sx: fix refcount leak in imx6sx_clocks_init() clk: imx7d: fix refcount leak in imx7d_clocks_init() clk: vf610: fix refcount leak in vf610_clocks_init() clk: armada-370: fix refcount leak in a370_clk_init() clk: kirkwood: fix refcount leak in kirkwood_clk_init() clk: armada-xp: fix refcount leak in axp_clk_init() clk: mv98dx3236: fix refcount leak in mv98dx3236_clk_init() clk: dove: fix refcount leak in dove_clk_init() MIPS: BCM63XX: drop unused and broken DSP platform device arm64: defconfig: Re-enable bcm2835-thermal driver remoteproc: qcom: q6v5-mss: Add missing clocks for MSM8996 remoteproc: qcom: q6v5-mss: Add missing regulator for MSM8996 drm: Fix error handling in drm_legacy_addctx ARM: dts: r8a7743: Remove generic compatible string from iic3 drm/etnaviv: fix some off by one bugs drm/fb-helper: generic: Fix setup error path fork, memcg: fix cached_stacks case IB/usnic: Fix out of bounds index check in query pkey RDMA/ocrdma: Fix out of bounds index check in query pkey RDMA/qedr: Fix out of bounds index check in query pkey drm/shmob: Fix return value check in shmob_drm_probe arm64: dts: apq8016-sbc: Increase load on l11 for SDCARD spi: cadence: Correct initialisation of runtime PM RDMA/iw_cxgb4: Fix the unchecked ep dereference net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ9031 memory: tegra: Don't invoke Tegra30+ specific memory timing setup on Tegra20 drm/etnaviv: NULL vs IS_ERR() buf in etnaviv_core_dump() media: s5p-jpeg: Correct step and max values for V4L2_CID_JPEG_RESTART_INTERVAL kbuild: mark prepare0 as PHONY to fix external module build crypto: brcm - Fix some set-but-not-used warning crypto: tgr192 - fix unaligned memory access ASoC: imx-sgtl5000: put of nodes if finding codec fails IB/iser: Pass the correct number of entries for dma mapped SGL net: hns3: fix wrong combined count returned by ethtool -l media: tw9910: Unregister subdevice with v4l2-async IB/mlx5: Don't override existing ip_protocol rtc: cmos: ignore bogus century byte spi/topcliff_pch: Fix potential NULL dereference on allocation error net: hns3: fix bug of ethtool_ops.get_channels for VF ARM: dts: sun8i-a23-a33: Move NAND controller device node to sort by address clk: sunxi-ng: sun8i-a23: Enable PLL-MIPI LDOs when ungating it iwlwifi: mvm: avoid possible access out of array. net/mlx5: Take lock with IRQs disabled to avoid deadlock ip_tunnel: Fix route fl4 init in ip_md_tunnel_xmit arm64: dts: allwinner: h6: Move GIC device node fix base address ordering iwlwifi: mvm: fix A-MPDU reference assignment bus: ti-sysc: Fix timer handling with drop pm_runtime_irq_safe() tty: ipwireless: Fix potential NULL pointer dereference driver: uio: fix possible memory leak in __uio_register_device driver: uio: fix possible use-after-free in __uio_register_device crypto: crypto4xx - Fix wrong ppc4xx_trng_probe()/ppc4xx_trng_remove() arguments driver core: Fix DL_FLAG_AUTOREMOVE_SUPPLIER device link flag handling driver core: Avoid careless re-use of existing device links driver core: Do not resume suppliers under device_links_write_lock() driver core: Fix handling of runtime PM flags in device_link_add() driver core: Do not call rpm_put_suppliers() in pm_runtime_drop_link() ARM: dts: lpc32xx: add required clocks property to keypad device node ARM: dts: lpc32xx: reparent keypad controller to SIC1 ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller variant ARM: dts: lpc32xx: fix ARM PrimeCell LCD controller clocks property ARM: dts: lpc32xx: phy3250: fix SD card regulator voltage drm/xen-front: Fix mmap attributes for display buffers iwlwifi: mvm: fix RSS config command staging: most: cdev: add missing check for cdev_add failure clk: ingenic: jz4740: Fix gating of UDC clock rtc: ds1672: fix unintended sign extension thermal: mediatek: fix register index error arm64: dts: msm8916: remove bogus argument to the cpu clock ath10k: fix dma unmap direction for management frames net: phy: fixed_phy: Fix fixed_phy not checking GPIO rtc: ds1307: rx8130: Fix alarm handling net/smc: original socket family in inet_sock_diag rtc: 88pm860x: fix unintended sign extension rtc: 88pm80x: fix unintended sign extension rtc: pm8xxx: fix unintended sign extension fbdev: chipsfb: remove set but not used variable 'size' iw_cxgb4: use tos when importing the endpoint iw_cxgb4: use tos when finding ipv6 routes ipmi: kcs_bmc: handle devm_kasprintf() failure case xsk: add missing smp_rmb() in xsk_mmap drm/etnaviv: potential NULL dereference ntb_hw_switchtec: debug print 64bit aligned crosslink BAR Numbers ntb_hw_switchtec: NT req id mapping table register entry number should be 512 pinctrl: sh-pfc: emev2: Add missing pinmux functions pinctrl: sh-pfc: r8a7791: Fix scifb2_data_c pin group pinctrl: sh-pfc: r8a7792: Fix vin1_data18_b pin group pinctrl: sh-pfc: sh73a0: Fix fsic_spdif pin groups RDMA/mlx5: Fix memory leak in case we fail to add an IB device driver core: Fix possible supplier PM-usage counter imbalance PCI: endpoint: functions: Use memcpy_fromio()/memcpy_toio() usb: phy: twl6030-usb: fix possible use-after-free on remove block: don't use bio->bi_vcnt to figure out segment number keys: Timestamp new keys net: dsa: b53: Fix default VLAN ID net: dsa: b53: Properly account for VLAN filtering net: dsa: b53: Do not program CPU port's PVID mt76: usb: fix possible memory leak in mt76u_buf_free media: sh: migor: Include missing dma-mapping header vfio_pci: Enable memory accesses before calling pci_map_rom hwmon: (pmbus/tps53679) Fix driver info initialization in probe routine mdio_bus: Fix PTR_ERR() usage after initialization to constant KVM: PPC: Release all hardware TCE tables attached to a group staging: r8822be: check kzalloc return or bail dmaengine: mv_xor: Use correct device for DMA API cdc-wdm: pass return value of recover_from_urb_loss brcmfmac: create debugfs files for bus-specific layer regulator: pv88060: Fix array out-of-bounds access regulator: pv88080: Fix array out-of-bounds access regulator: pv88090: Fix array out-of-bounds access net: dsa: qca8k: Enable delay for RGMII_ID mode net/mlx5: Delete unused FPGA QPN variable drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON drm/nouveau/pmu: don't print reply values if exec is false drm/nouveau: fix missing break in switch statement driver core: Fix PM-runtime for links added during consumer probe ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of() net: dsa: fix unintended change of bridge interface STP state fs/nfs: Fix nfs_parse_devname to not modify it's argument staging: rtlwifi: Use proper enum for return in halmac_parse_psd_data_88xx powerpc/64s: Fix logic when handling unknown CPU features NFS: Fix a soft lockup in the delegation recovery code perf: Copy parent's address filter offsets on clone perf, pt, coresight: Fix address filters for vmas with non-zero offset clocksource/drivers/sun5i: Fail gracefully when clock rate is unavailable clocksource/drivers/exynos_mct: Fix error path in timer resources initialization platform/x86: wmi: fix potential null pointer dereference NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount mmc: sdhci-brcmstb: handle mmc_of_parse() errors during probe iommu: Fix IOMMU debugfs fallout ARM: 8847/1: pm: fix HYP/SVC mode mismatch when MCPM is used ARM: 8848/1: virt: Align GIC version check with arm64 counterpart ARM: 8849/1: NOMMU: Fix encodings for PMSAv8's PRBAR4/PRLAR4 regulator: wm831x-dcdc: Fix list of wm831x_dcdc_ilim from mA to uA ath10k: Fix length of wmi tlv command for protected mgmt frames netfilter: nft_set_hash: fix lookups with fixed size hash on big endian netfilter: nft_set_hash: bogus element self comparison from deactivation path net: sched: act_csum: Fix csum calc for tagged packets hwrng: bcm2835 - fix probe as platform device iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm() NFS: Add missing encode / decode sequence_maxsz to v4.2 operations NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() net: aquantia: fixed instack structure overflow powerpc/mm: Check secondary hash page table media: dvb/earth-pt1: fix wrong initialization for demod blocks rbd: clear ->xferred on error from rbd_obj_issue_copyup() PCI: Fix "try" semantics of bus and slot reset nios2: ksyms: Add missing symbol exports x86/mm: Remove unused variable 'cpu' scsi: megaraid_sas: reduce module load time nfp: fix simple vNIC mailbox length drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen() xen, cpu_hotplug: Prevent an out of bounds access net/mlx5: Fix multiple updates of steering rules in parallel net/mlx5e: IPoIB, Fix RX checksum statistics update net: sh_eth: fix a missing check of of_get_phy_mode regulator: lp87565: Fix missing register for LP87565_BUCK_0 soc: amlogic: gx-socinfo: Add mask for each SoC packages media: ivtv: update *pos correctly in ivtv_read_pos() media: cx18: update *pos correctly in cx18_read_pos() media: wl128x: Fix an error code in fm_download_firmware() media: cx23885: check allocation return regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB crypto: ccree - reduce kernel stack usage with clang jfs: fix bogus variable self-initialization tipc: tipc clang warning m68k: mac: Fix VIA timer counter accesses ARM: dts: sun8i: a33: Reintroduce default pinctrl muxing arm64: dts: allwinner: a64: Add missing PIO clocks ARM: dts: sun9i: optimus: Fix fixed-regulators net: phy: don't clear BMCR in genphy_soft_reset ARM: OMAP2+: Fix potentially uninitialized return value for _setup_reset() net: dsa: Avoid null pointer when failing to connect to PHY soc: qcom: cmd-db: Fix an error code in cmd_db_dev_probe() media: davinci-isif: avoid uninitialized variable use media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame spi: tegra114: clear packed bit for unpacked mode spi: tegra114: fix for unpacked mode transfers spi: tegra114: terminate dma and reset on transfer timeout spi: tegra114: flush fifos spi: tegra114: configure dma burst size to fifo trig level bus: ti-sysc: Fix sysc_unprepare() when no clocks have been allocated soc/fsl/qe: Fix an error code in qe_pin_request() spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios drm/fb-helper: generic: Call drm_client_add() after setup is done arm64/vdso: don't leak kernel addresses rtc: Fix timestamp value for RTC_TIMESTAMP_BEGIN_1900 rtc: mt6397: Don't call irq_dispose_mapping. ehea: Fix a copy-paste err in ehea_init_port_res bpf: Add missed newline in verifier verbose log drm/vmwgfx: Remove set but not used variable 'restart' scsi: qla2xxx: Unregister chrdev if module initialization fails of: use correct function prototype for of_overlay_fdt_apply() net/sched: cbs: fix port_rate miscalculation clk: qcom: Skip halt checks on gcc_pcie_0_pipe_clk for 8998 ACPI: button: reinitialize button state upon resume firmware: arm_scmi: fix of_node leak in scmi_mailbox_check rxrpc: Fix detection of out of order acks scsi: target/core: Fix a race condition in the LUN lookup code brcmfmac: fix leak of mypkt on error return path ARM: pxa: ssp: Fix "WARNING: invalid free of devm_ allocated data" PCI: rockchip: Fix rockchip_pcie_ep_assert_intx() bitwise operations net: hns3: fix for vport->bw_limit overflow problem hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses perf/core: Fix the address filtering fix staging: android: vsoc: fix copy_from_user overrun PCI: dwc: Fix dw_pcie_ep_find_capability() to return correct capability offset soc: amlogic: meson-gx-pwrc-vpu: Fix power on/off register bitmask platform/x86: alienware-wmi: fix kfree on potentially uninitialized pointer tipc: set sysctl_tipc_rmem and named_timeout right range usb: typec: tcpm: Notify the tcpc to start connection-detection for SRPs selftests/ipc: Fix msgque compiler warnings net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info() powerpc: vdso: Make vdso32 installation conditional in vdso_install ARM: dts: ls1021: Fix SGMII PCS link remaining down after PHY disconnect media: ov2659: fix unbalanced mutex_lock/unlock 6lowpan: Off by one handling ->nexthdr dmaengine: axi-dmac: Don't check the number of frames for alignment ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() afs: Fix AFS file locking to allow fine grained locks afs: Further fix file locking NFS: Don't interrupt file writeout due to fatal errors coresight: catu: fix clang build warning s390/kexec_file: Fix potential segment overlap in ELF loader irqchip/gic-v3-its: fix some definitions of inner cacheability attributes scsi: qla2xxx: Fix a format specifier scsi: qla2xxx: Fix error handling in qlt_alloc_qfull_cmd() scsi: qla2xxx: Avoid that qlt_send_resp_ctio() corrupts memory KVM: PPC: Book3S HV: Fix lockdep warning when entering the guest netfilter: nft_flow_offload: add entry to flowtable after confirmation PCI: iproc: Enable iProc config read for PAXBv2 ARM: dts: logicpd-som-lv: Fix MMC1 card detect packet: in recvmsg msg_name return at least sizeof sockaddr_ll ASoC: fix valid stream condition usb: gadget: fsl: fix link error against usb-gadget module dwc2: gadget: Fix completed transfer size calculation in DDMA IB/mlx5: Add missing XRC options to QP optional params mask RDMA/rxe: Consider skb reserve space based on netdev of GID iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry net: ena: fix: Free napi resources when ena_up() fails net: ena: fix incorrect test of supported hash function net: ena: fix ena_com_fill_hash_function() implementation dmaengine: tegra210-adma: restore channel status watchdog: rtd119x_wdt: Fix remove function mmc: core: fix possible use after free of host lightnvm: pblk: fix lock order in pblk_rb_tear_down_check ath10k: Fix encoding for protected management frames afs: Fix the afs.cell and afs.volume xattr handlers vfio/mdev: Avoid release parent reference during error path vfio/mdev: Follow correct remove sequence vfio/mdev: Fix aborting mdev child device removal if one fails l2tp: Fix possible NULL pointer dereference ALSA: aica: Fix a long-time build breakage media: omap_vout: potential buffer overflow in vidioc_dqbuf() media: davinci/vpbe: array underflow in vpbe_enum_outputs() platform/x86: alienware-wmi: printing the wrong error code crypto: caam - fix caam_dump_sg that iterates through scatterlist netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule pwm: meson: Consider 128 a valid pre-divider pwm: meson: Don't disable PWM when setting duty repeatedly ARM: riscpc: fix lack of keyboard interrupts after irq conversion nfp: bpf: fix static check error through tightening shift amount adjustment kdb: do a sanity check on the cpu in kdb_per_cpu() netfilter: nf_tables: correct NFT_LOGLEVEL_MAX value backlight: lm3630a: Return 0 on success in update_status functions thermal: rcar_gen3_thermal: fix interrupt type thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power EDAC/mc: Fix edac_mc_find() in case no device is found afs: Fix key leak in afs_release() and afs_evict_inode() afs: Don't invalidate callback if AFS_VNODE_DIR_VALID not set afs: Fix lock-wait/callback-break double locking afs: Fix double inc of vnode->cb_break ARM: dts: sun8i-h3: Fix wifi in Beelink X2 DT clk: meson: gxbb: no spread spectrum on mpll0 clk: meson: axg: spread spectrum is on mpll2 dmaengine: tegra210-adma: Fix crash during probe arm64: dts: meson: libretech-cc: set eMMC as removable RDMA/qedr: Fix incorrect device rate. spi: spi-fsl-spi: call spi_finalize_current_message() at the end crypto: ccp - fix AES CFB error exposed by new test vectors crypto: ccp - Fix 3DES complaint from ccp-crypto module serial: stm32: fix word length configuration serial: stm32: fix rx error handling serial: stm32: fix rx data length when parity enabled serial: stm32: fix transmit_chars when tx is stopped serial: stm32: Add support of TC bit status check serial: stm32: fix wakeup source initialization misc: sgi-xp: Properly initialize buf in xpc_get_rsvd_page_pa iommu: Add missing new line for dma type iommu: Use right function to get group for device signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig signal/cifs: Fix cifs_put_tcp_session to call send_sig instead of force_sig inet: frags: call inet_frags_fini() after unregister_pernet_subsys() net: hns3: fix a memory leak issue for hclge_map_unmap_ring_to_vf_vector crypto: talitos - fix AEAD processing. netvsc: unshare skb in VF rx handler net: core: support XDP generic on stacked devices. RDMA/uverbs: check for allocation failure in uapi_add_elm() net: don't clear sock->sk early to avoid trouble in strparser phy: qcom-qusb2: fix missing assignment of ret when calling clk_prepare_enable cpufreq: brcmstb-avs-cpufreq: Fix initial command check cpufreq: brcmstb-avs-cpufreq: Fix types for voltage/frequency clk: sunxi-ng: sun50i-h6-r: Fix incorrect W1 clock gate register media: vivid: fix incorrect assignment operation when setting video mode crypto: inside-secure - fix zeroing of the request in ahash_exit_inv crypto: inside-secure - fix queued len computation arm64: dts: renesas: ebisu: Remove renesas, no-ether-link property mpls: fix warning with multi-label encap serial: stm32: fix a recursive locking in stm32_config_rs485 arm64: dts: meson-gxm-khadas-vim2: fix gpio-keys-polled node arm64: dts: meson-gxm-khadas-vim2: fix Bluetooth support iommu/vt-d: Duplicate iommu_resv_region objects per device list phy: usb: phy-brcm-usb: Remove sysfs attributes upon driver removal firmware: arm_scmi: fix bitfield definitions for SENSOR_DESC attributes firmware: arm_scmi: update rate_discrete in clock_describe_rates_get ntb_hw_switchtec: potential shift wrapping bug in switchtec_ntb_init_sndev() ASoC: meson: axg-tdmin: right_j is not supported ASoC: meson: axg-tdmout: right_j is not supported qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state qed: iWARP - fix uninitialized callback powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration bpf: fix the check that forwarding is enabled in bpf_ipv6_fib_lookup IB/hfi1: Handle port down properly in pio drm/msm/mdp5: Fix mdp5_cfg_init error return net: netem: fix backlog accounting for corrupted GSO frames net/udp_gso: Allow TX timestamp with UDP GSO net/af_iucv: build proper skbs for HiperTransport net/af_iucv: always register net_device notifier ASoC: ti: davinci-mcasp: Fix slot mask settings when using multiple AXRs rtc: pcf8563: Fix interrupt trigger method rtc: pcf8563: Clear event flags and disable interrupts before requesting irq ARM: dts: iwg20d-q7-common: Fix SDHI1 VccQ regularor net/sched: cbs: Fix error path of cbs_module_init arm64: dts: allwinner: h6: Pine H64: Add interrupt line for RTC drm/msm/a3xx: remove TPL1 regs from snapshot ip6_fib: Don't discard nodes with valid routing information in fib6_locate_1() perf/ioctl: Add check for the sample_period value dmaengine: hsu: Revert "set HSU_CH_MTSR to memory width" clk: qcom: Fix -Wunused-const-variable nvmem: imx-ocotp: Ensure WAIT bits are preserved when setting timing nvmem: imx-ocotp: Change TIMING calculation to u-boot algorithm tools: bpftool: use correct argument in cgroup errors backlight: pwm_bl: Fix heuristic to determine number of brightness levels fork,memcg: alloc_thread_stack_node needs to set tsk->stack bnxt_en: Fix ethtool selftest crash under error conditions. bnxt_en: Suppress error messages when querying DSCP DCB capabilities. iommu/amd: Make iommu_disable safer mfd: intel-lpss: Release IDA resources rxrpc: Fix uninitialized error code in rxrpc_send_data_packet() xprtrdma: Fix use-after-free in rpcrdma_post_recvs um: Fix IRQ controller regression on console read PM: ACPI/PCI: Resume all devices during hibernation ACPI: PM: Simplify and fix PM domain hibernation callbacks ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS fsi/core: Fix error paths on CFAM init devres: allow const resource arguments fsi: sbefifo: Don't fail operations when in SBE IPL state RDMA/hns: Fixs hw access invalid dma memory error PCI: mobiveil: Remove the flag MSI_FLAG_MULTI_PCI_MSI PCI: mobiveil: Fix devfn check in mobiveil_pcie_valid_device() PCI: mobiveil: Fix the valid check for inbound and outbound windows ceph: fix "ceph.dir.rctime" vxattr value net: pasemi: fix an use-after-free in pasemi_mac_phy_init() net/tls: fix socket wmem accounting on fallback with netem x86/pgtable/32: Fix LOWMEM_PAGES constant xdp: fix possible cq entry leak ARM: stm32: use "depends on" instead of "if" after prompt scsi: libfc: fix null pointer dereference on a null lport xfrm interface: ifname may be wrong in logs drm/panel: make drm_panel.h self-contained clk: sunxi-ng: v3s: add the missing PLL_DDR1 PM: sleep: Fix possible overflow in pm_system_cancel_wakeup() libertas_tf: Use correct channel range in lbtf_geo_init qed: reduce maximum stack frame size usb: host: xhci-hub: fix extra endianness conversion media: rcar-vin: Clean up correct notifier in error path mic: avoid statically declaring a 'struct device'. x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI crypto: ccp - Reduce maximum stack usage ALSA: aoa: onyx: always initialize register read value arm64: dts: renesas: r8a77995: Fix register range of display node tipc: reduce risk of wakeup queue starvation ARM: dts: stm32: add missing vdda-supply to adc on stm32h743i-eval net/mlx5: Fix mlx5_ifc_query_lag_out_bits cifs: fix rmmod regression in cifs.ko caused by force_sig changes iio: tsl2772: Use devm_add_action_or_reset for tsl2772_chip_off net: fix bpf_xdp_adjust_head regression for generic-XDP spi: bcm-qspi: Fix BSPI QUAD and DUAL mode support when using flex mode cxgb4: smt: Add lock for atomic_dec_and_test crypto: caam - free resources in case caam_rng registration failed ext4: set error return correctly when ext4_htree_store_dirent fails RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver ASoC: es8328: Fix copy-paste error in es8328_right_line_controls ASoC: cs4349: Use PM ops 'cs4349_runtime_pm' ASoC: wm8737: Fix copy-paste error in wm8737_snd_controls net/rds: Add a few missing rds_stat_names entries tools: bpftool: fix arguments for p_err() in do_event_pipe() tools: bpftool: fix format strings and arguments for jsonw_printf() drm: rcar-du: lvds: Fix bridge_to_rcar_lvds bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails signal: Allow cifs and drbd to receive their terminating signals powerpc/64s/radix: Fix memory hot-unplug page table split ASoC: sun4i-i2s: RX and TX counter registers are swapped dmaengine: dw: platform: Switch to acpi_dma_controller_register() rtc: rv3029: revert error handling patch to rv3029_eeprom_write() mac80211: minstrel_ht: fix per-group max throughput rate initialization i40e: reduce stack usage in i40e_set_fc media: atmel: atmel-isi: fix timeout value for stop streaming ARM: 8896/1: VDSO: Don't leak kernel addresses rtc: pcf2127: bugfix: read rtc disables watchdog mips: avoid explicit UB in assignment of mips_io_port_base media: em28xx: Fix exception handling in em28xx_alloc_urbs() iommu/mediatek: Fix iova_to_phys PA start for 4GB mode ahci: Do not export local variable ahci_em_messages rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2] Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()" hwmon: (lm75) Fix write operations for negative temperatures net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate power: supply: Init device wakeup after device_add() x86, perf: Fix the dependency of the x86 insn decoder selftest staging: greybus: light: fix a couple double frees irqdomain: Add the missing assignment of domain->fwnode for named fwnode bcma: fix incorrect update of BCMA_CORE_PCI_MDIO_DATA usb: typec: tps6598x: Fix build error without CONFIG_REGMAP_I2C bcache: Fix an error code in bch_dump_read() iio: dac: ad5380: fix incorrect assignment to val netfilter: ctnetlink: honor IPS_OFFLOAD flag ath9k: dynack: fix possible deadlock in ath_dynack_node_{de}init wcn36xx: use dynamic allocation for large variables tty: serial: fsl_lpuart: Use appropriate lpuart32_* I/O funcs ARM: dts: aspeed-g5: Fixe gpio-ranges upper limit xsk: avoid store-tearing when assigning queues xsk: avoid store-tearing when assigning umem led: triggers: Fix dereferencing of null pointer net: sonic: return NETDEV_TX_OK if failed to map buffer net: hns3: fix error VF index when setting VLAN offload rtlwifi: Fix file release memory leak ARM: dts: logicpd-som-lv: Fix i2c2 and i2c3 Pin mux f2fs: fix wrong error injection path in inc_valid_block_count() f2fs: fix error path of f2fs_convert_inline_page() scsi: fnic: fix msix interrupt allocation Btrfs: fix hang when loading existing inode cache off disk Btrfs: fix inode cache waiters hanging on failure to start caching thread Btrfs: fix inode cache waiters hanging on path allocation failure btrfs: use correct count in btrfs_file_write_iter() ixgbe: sync the first fragment unconditionally hwmon: (shtc1) fix shtc1 and shtw1 id mask net: sonic: replace dev_kfree_skb in sonic_send_packet pinctrl: iproc-gpio: Fix incorrect pinconf configurations gpio/aspeed: Fix incorrect number of banks ath10k: adjust skb length in ath10k_sdio_mbox_rx_packet RDMA/cma: Fix false error message net/rds: Fix 'ib_evt_handler_call' element in 'rds_ib_stat_names' um: Fix off by one error in IRQ enumeration bnxt_en: Increase timeout for HWRM_DBG_COREDUMP_XX commands f2fs: fix to avoid accessing uninitialized field of inode page in is_alive() mailbox: qcom-apcs: fix max_register value clk: actions: Fix factor clk struct member access powerpc/mm/mce: Keep irqs disabled during lockless page table walk bpf: fix BTF limits crypto: hisilicon - Matching the dma address for dma_pool_free() iommu/amd: Wait for completion of IOTLB flush in attach_device net: aquantia: Fix aq_vec_isr_legacy() return value cxgb4: Signedness bug in init_one() net: hisilicon: Fix signedness bug in hix5hd2_dev_probe() net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe() net: netsec: Fix signedness bug in netsec_probe() net: socionext: Fix a signedness bug in ave_probe() net: stmmac: dwmac-meson8b: Fix signedness bug in probe net: axienet: fix a signedness bug in probe of: mdio: Fix a signedness bug in of_phy_get_and_connect() net: nixge: Fix a signedness bug in nixge_probe() net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse() net: sched: cbs: Avoid division by zero when calculating the port rate nvme: retain split access workaround for capability reads net: stmmac: gmac4+: Not all Unicast addresses may be available rxrpc: Fix trace-after-put looking at the put connection record mac80211: accept deauth frames in IBSS mode llc: fix another potential sk_buff leak in llc_ui_sendmsg() llc: fix sk_buff refcounting in llc_conn_state_process() ip6erspan: remove the incorrect mtu limit for ip6erspan net: stmmac: fix length of PTP clock's name string net: stmmac: fix disabling flexible PPS output sctp: add chunks to sk_backlog when the newsk sk_socket is not set s390/qeth: Fix error handling during VNICC initialization s390/qeth: Fix initialization of vnicc cmd masks during set online act_mirred: Fix mirred_init_module error handling net: avoid possible false sharing in sk_leave_memory_pressure() net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head tcp: annotate lockless access to tcp_memory_pressure net/smc: receive returns without data net/smc: receive pending data after RCV_SHUTDOWN drm/msm/dsi: Implement reset correctly vhost/test: stop device before reset dmaengine: imx-sdma: fix size check for sdma script_number firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices arm64: hibernate: check pgd table allocation net: netem: fix error path for corrupted GSO frames net: netem: correct the parent's backlog when corrupted packet was dropped xsk: Fix registration of Rx-only sockets bpf, offload: Unlock on error in bpf_offload_dev_create() afs: Fix missing timeout reset net: qca_spi: Move reset_count to struct qcaspi hv_netvsc: Fix offset usage in netvsc_send_table() hv_netvsc: Fix send_table offset in case of a host bug afs: Fix large file support drm: panel-lvds: Potential Oops in probe error handling hwrng: omap3-rom - Fix missing clock by probing with device tree dpaa_eth: perform DMA unmapping before read dpaa_eth: avoid timestamp read on error paths MIPS: Loongson: Fix return value of loongson_hwmon_init hv_netvsc: flag software created hash value net: neigh: use long type to store jiffies delta packet: fix data-race in fanout_flow_is_huge() i2c: stm32f7: report dma error during probe mmc: sdio: fix wl1251 vendor id mmc: core: fix wl1251 sdio quirks affs: fix a memory leak in affs_remount afs: Remove set but not used variables 'before', 'after' dmaengine: ti: edma: fix missed failure handling drm/radeon: fix bad DMA from INTERRUPT_CNTL2 arm64: dts: juno: Fix UART frequency samples/bpf: Fix broken xdp_rxq_info due to map order assumptions usb: dwc3: Allow building USB_DWC3_QCOM without EXTCON IB/iser: Fix dma_nents type definition serial: stm32: fix clearing interrupt error flags arm64: dts: meson-gxm-khadas-vim2: fix uart_A bluetooth node m68k: Call timer_interrupt() with interrupts disabled Linux 4.19.99 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ieabeab79ea5c8cb4b6b1552702fa5d6100cea5db |
||
Linus Torvalds
|
d9711896dd |
Partially revert "kfifo: fix kfifo_alloc() and kfifo_init()"
[ Upstream commit ab9bb6318b0967671e0c9b6537c1537d51ca4f45 ] Commit |
||
Arnd Bergmann
|
0fea8f5ee0 |
devres: allow const resource arguments
[ Upstream commit 9dea44c91469512d346e638694c22c30a5273992 ]
devm_ioremap_resource() does not currently take 'const' arguments,
which results in a warning from the first driver trying to do it
anyway:
drivers/gpio/gpio-amd-fch.c: In function 'amd_fch_gpio_probe':
drivers/gpio/gpio-amd-fch.c:171:49: error: passing argument 2 of 'devm_ioremap_resource' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
priv->base = devm_ioremap_resource(&pdev->dev, &amd_fch_gpio_iores);
^~~~~~~~~~~~~~~~~~~
Change the prototype to allow it, as there is no real reason not to.
Fixes: 9bb2e0452508 ("gpio: amd: Make resource struct const")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Link: https://lore.kernel.org/r/20190628150049.1108048-1-arnd@arndb.de
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Reviwed-By: Enrico Weigelt <info@metux.net>
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
Laura Abbott
|
4dcb40753b |
UPSTREAM: lib/test_meminit.c: add bulk alloc/free tests
Upstream commit dc5c5ad79f0c ("lib/test_meminit.c: add bulk alloc/free
tests").
kmem_cache_alloc_bulk/kmem_cache_free_bulk are used to make multiple
allocations of the same size to avoid the overhead of multiple
kmalloc/kfree calls. Extend the kmem_cache tests to make some calls to
these APIs.
Link: http://lkml.kernel.org/r/20191107191447.23058-1-labbott@redhat.com
Signed-off-by: Laura Abbott <labbott@redhat.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Tested-by: Alexander Potapenko <glider@google.com>
Cc: Laura Abbott <labbott@redhat.com>
Cc: Christoph Lameter <cl@linux.com>
Cc: Nick Desaulniers <ndesaulniers@google.com>
Cc: Kostya Serebryany <kcc@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Sandeep Patil <sspatil@android.com>
Cc: Jann Horn <jannh@google.com>
Cc: Marco Elver <elver@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Bug: 138435492
Test: Boot an ARM64 mobile device with and without init_on_alloc=1
Change-Id: I78e767949384359a00c9aaf893d725649bd1732c
Signed-off-by: Alexander Potapenko <glider@google.com>
|
||
Alexander Potapenko
|
2689307b65 |
UPSTREAM: lib/test_meminit: add a kmem_cache_alloc_bulk() test
Upstream commit 03a9349ac0e0 ("lib/test_meminit: add a kmem_cache_alloc_bulk()
test").
Make sure allocations from kmem_cache_alloc_bulk() and
kmem_cache_free_bulk() are properly initialized.
Link: http://lkml.kernel.org/r/20191007091605.30530-2-glider@google.com
Signed-off-by: Alexander Potapenko <glider@google.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Christoph Lameter <cl@linux.com>
Cc: Laura Abbott <labbott@redhat.com>
Cc: Thibaut Sautereau <thibaut@sautereau.fr>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Bug: 138435492
Test: Boot an ARM64 mobile device with and without init_on_alloc=1
Change-Id: I59a742796d1dba97fdbd17b1ffec4830ee91a390
Signed-off-by: Alexander Potapenko <glider@google.com>
|
||
Hridya Valsaraju
|
266b4d3045 |
ANDROID: lib/plist: Export symbol plist_add
The symbol is required by the ion driver when modularized. Test: build, boot Bug: 147914088 Change-Id: I667866e809cb00c5ad0f39ed82b20f5fc3397a0f Signed-off-by: Hridya Valsaraju <hridya@google.com> |
||
Mark Rutland
|
877fb9d674 |
UPSTREAM: kcov: improve CONFIG_ARCH_HAS_KCOV help text
(Upstream commit 40453c4f9bb6d166a56a102a8c51dd24b0801557.) The help text for CONFIG_ARCH_HAS_KCOV is stale, and describes the feature as being enabled only for x86_64, when it is now enabled for several architectures, including arm, arm64, powerpc, and s390. Let's remove that stale help text, and update it along the lines of hat for ARCH_HAS_FORTIFY_SOURCE, better describing when an architecture should select CONFIG_ARCH_HAS_KCOV. Link: http://lkml.kernel.org/r/20190412102733.5154-1-mark.rutland@arm.com Signed-off-by: Mark Rutland <mark.rutland@arm.com> Acked-by: Dmitry Vyukov <dvyukov@google.com> Cc: Kees Cook <keescook@chromium.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Bug: 147413187 Change-Id: If1a6cce383c704fc96ea9a267459b665d32fb8bd |
||
|
Greg Kroah-Hartman
|
d902dae13d |
This is the 4.19.90 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl35M30ACgkQONu9yGCS aT7MxQ/+P2k2knFpbzGfqn7Ug4fyrWJ8T0cvmcQYLxcddJdM+tQWuFfXR6rhg2U6 cCEkIAKVxihEA51PT6LYiynIMQ1UDAEYENfwYK4inVX2HbMsqDC4D0qnAkABzH27 sLXwhKOOGB/z1F7oKjjsX/cCwP3V2E0PL1P7owHZis6tB24pZrMEss24x/4+dDm9 zBDDxpR++mJypRvG3fA8oP5dhZZJNacIvLW+48wrxZWkIcVNnRV+QnyHZe68af1R SH4+I12AAeEDyEsQI8yX8PmGAnj1RZrzRQhibxooyBH4642RbX2qCYJkutPjI5rG pUl4970MdSHYMyEUwxh77b0jSO/9w7k02yatyp0DVA0PQ7p0lLBFZ96GEG9ytXJm Csuc6HEXSSTvuX8pf/KAf18L6kgnUhlxywkDcrcAVLQofMDhODul3fJALmGSVJXW jbp6AFoqT84I8Gm+je+vyuQciLnuH5C9wwxrOrWZzr+hLzZk60iG+OpRohn/g+Bx PjDjvnump0JGjF89hfNc+v9F+ihz7GBwOxspGrgb27ViRIhcxf0GuYFxyJtEuDiW 6+gYNzWUaVC4RR1l1jXGWtGUPBsNV50sxFHK/Hx09UMIu/uJPMtF+TW9QDhJT1jr kL1kKeCsRV54nWjiWKwTTI2I37xJCPuidW5hvLqf2+ZHYTfQzsE= =Op5F -----END PGP SIGNATURE----- Merge 4.19.90 into android-4.19 Changes in 4.19.90 usb: gadget: configfs: Fix missing spin_lock_init() usb: gadget: pch_udc: fix use after free scsi: qla2xxx: Fix driver unload hang media: venus: remove invalid compat_ioctl32 handler USB: uas: honor flag to avoid CAPACITY16 USB: uas: heed CAPACITY_HEURISTICS USB: documentation: flags on usb-storage versus UAS usb: Allow USB device to be warm reset in suspended state staging: rtl8188eu: fix interface sanity check staging: rtl8712: fix interface sanity check staging: gigaset: fix general protection fault on probe staging: gigaset: fix illegal free on probe errors staging: gigaset: add endpoint-type sanity check usb: xhci: only set D3hot for pci device xhci: Fix memory leak in xhci_add_in_port() xhci: Increase STS_HALT timeout in xhci_suspend() xhci: handle some XHCI_TRUST_TX_LENGTH quirks cases as default behaviour. ARM: dts: pandora-common: define wl1251 as child node of mmc3 iio: adis16480: Add debugfs_reg_access entry iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel reporting iio: imu: inv_mpu6050: fix temperature reporting using bad unit USB: atm: ueagle-atm: add missing endpoint check USB: idmouse: fix interface sanity checks USB: serial: io_edgeport: fix epic endpoint lookup usb: roles: fix a potential use after free USB: adutux: fix interface sanity check usb: core: urb: fix URB structure initialization function usb: mon: Fix a deadlock in usbmon between mmap and read tpm: add check after commands attribs tab allocation mtd: spear_smi: Fix Write Burst mode virtio-balloon: fix managed page counts when migrating pages between zones usb: dwc3: pci: add ID for the Intel Comet Lake -H variant usb: dwc3: gadget: Fix logical condition usb: dwc3: ep0: Clear started flag on completion phy: renesas: rcar-gen3-usb2: Fix sysfs interface of "role" btrfs: check page->mapping when loading free space cache btrfs: use refcount_inc_not_zero in kill_all_nodes Btrfs: fix metadata space leak on fixup worker failure to set range as delalloc Btrfs: fix negative subv_writers counter and data space leak after buffered write btrfs: Avoid getting stuck during cyclic writebacks btrfs: Remove btrfs_bio::flags member Btrfs: send, skip backreference walking for extents with many references btrfs: record all roots for rename exchange on a subvol rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address rtlwifi: rtl8192de: Fix missing callback that tests for hw release of buffer rtlwifi: rtl8192de: Fix missing enable interrupt flag lib: raid6: fix awk build warnings ovl: fix corner case of non-unique st_dev;st_ino ovl: relax WARN_ON() on rename to self hwrng: omap - Fix RNG wait loop timeout dm writecache: handle REQ_FUA dm zoned: reduce overhead of backing device checks workqueue: Fix spurious sanity check failures in destroy_workqueue() workqueue: Fix pwq ref leak in rescuer_thread() ASoC: rt5645: Fixed buddy jack support. ASoC: rt5645: Fixed typo for buddy jack support. ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report md: improve handling of bio with REQ_PREFLUSH in md_flush_request() blk-mq: avoid sysfs buffer overflow with too many CPU cores cgroup: pids: use atomic64_t for pids->limit ar5523: check NULL before memcpy() in ar5523_cmd() s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported media: bdisp: fix memleak on release media: radio: wl1273: fix interrupt masking on release media: cec.h: CEC_OP_REC_FLAG_ values were swapped cpuidle: Do not unset the driver if it is there already erofs: zero out when listxattr is called with no xattr intel_th: Fix a double put_device() in error path intel_th: pci: Add Ice Lake CPU support intel_th: pci: Add Tiger Lake CPU support PM / devfreq: Lock devfreq in trans_stat_show cpufreq: powernv: fix stack bloat and hard limit on number of CPUs ACPI / hotplug / PCI: Allocate resources directly under the non-hotplug bridge ACPI: OSL: only free map once in osl.c ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data() ACPI: PM: Avoid attaching ACPI PM domain to certain devices pinctrl: armada-37xx: Fix irq mask access in armada_37xx_irq_set_type() pinctrl: samsung: Add of_node_put() before return in error path pinctrl: samsung: Fix device node refcount leaks in Exynos wakeup controller init pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup controller init pinctrl: samsung: Fix device node refcount leaks in init code pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup controller init mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of pandora_wl1251_init_card ARM: dts: omap3-tao3530: Fix incorrect MMC card detection GPIO polarity ppdev: fix PPGETTIME/PPSETTIME ioctls powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB powerpc/xive: Prevent page fault issues in the machine crash handler powerpc: Allow flush_icache_range to work across ranges >4GB powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts video/hdmi: Fix AVI bar unpack quota: Check that quota is not dirty before release ext2: check err when partial != NULL quota: fix livelock in dquot_writeback_dquots ext4: Fix credit estimate for final inode freeing reiserfs: fix extended attributes on the root directory block: fix single range discard merge scsi: zfcp: trace channel log even for FCP command responses scsi: qla2xxx: Fix DMA unmap leak scsi: qla2xxx: Fix hang in fcport delete path scsi: qla2xxx: Fix session lookup in qlt_abort_work() scsi: qla2xxx: Fix qla24xx_process_bidir_cmd() scsi: qla2xxx: Always check the qla2x00_wait_for_hba_online() return value scsi: qla2xxx: Fix message indicating vectors used by driver scsi: qla2xxx: Fix SRB leak on switch command timeout xhci: make sure interrupts are restored to correct state usb: typec: fix use after free in typec_register_port() omap: pdata-quirks: remove openpandora quirks for mmc3 and wl1251 scsi: lpfc: Cap NPIV vports to 256 scsi: lpfc: Correct code setting non existent bits in sli4 ABORT WQE scsi: lpfc: Correct topology type reporting on G7 adapters drbd: Change drbd_request_detach_interruptible's return type to int e100: Fix passing zero to 'PTR_ERR' warning in e100_load_ucode_wait pvcalls-front: don't return error when the ring is full sch_cake: Correctly update parent qlen when splitting GSO packets net/smc: do not wait under send_lock net: hns3: clear pci private data when unload hns3 driver net: hns3: change hnae3_register_ae_dev() to int net: hns3: Check variable is valid before assigning it to another scsi: hisi_sas: send primitive NOTIFY to SSP situation only scsi: hisi_sas: Reject setting programmed minimum linkrate > 1.5G x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk power: supply: cpcap-battery: Fix signed counter sample register mlxsw: spectrum_router: Refresh nexthop neighbour when it becomes dead media: vimc: fix component match compare ath10k: fix fw crash by moving chip reset after napi disabled regulator: 88pm800: fix warning same module names powerpc: Avoid clang warnings around setjmp and longjmp powerpc: Fix vDSO clock_getres() ext4: work around deleting a file with i_nlink == 0 safely firmware: qcom: scm: Ensure 'a0' status code is treated as signed mm/shmem.c: cast the type of unmap_start to u64 rtc: disable uie before setting time and enable after splice: only read in as much information as there is pipe buffer space ext4: fix a bug in ext4_wait_for_tail_page_commit mfd: rk808: Fix RK818 ID template mm, thp, proc: report THP eligibility for each vma s390/smp,vdso: fix ASCE handling blk-mq: make sure that line break can be printed workqueue: Fix missing kfree(rescuer) in destroy_workqueue() perf callchain: Fix segfault in thread__resolve_callchain_sample() gre: refetch erspan header from skb->data after pskb_may_pull() firmware: arm_scmi: Avoid double free in error flow sunrpc: fix crash when cache_head become valid before update net/mlx5e: Fix SFF 8472 eeprom length leds: trigger: netdev: fix handling on interface rename PCI: rcar: Fix missing MACCTLR register setting in initialization sequence gfs2: fix glock reference problem in gfs2_trans_remove_revoke of: overlay: add_changeset_property() memory leak kernel/module.c: wakeup processes in module_wq on module unload cifs: Fix potential softlockups while refreshing DFS cache gpiolib: acpi: Add Terra Pad 1061 to the run_edge_events_on_boot_blacklist raid5: need to set STRIPE_HANDLE for batch head scsi: qla2xxx: Change discovery state before PLOGI iio: imu: mpu6050: add missing available scan masks idr: Fix idr_get_next_ul race with idr_remove scsi: zorro_esp: Limit DMA transfers to 65536 bytes (except on Fastlane) of: unittest: fix memory leak in attach_node_and_children Linux 4.19.90 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I790291e9f3d3c8dd3f53e4387de25ff272ad4f39 |
||
Matthew Wilcox (Oracle)
|
0cec640db8 |
idr: Fix idr_get_next_ul race with idr_remove
[ Upstream commit 5a74ac4c4a97bd8b7dba054304d598e2a882fea6 ]
Commit 5c089fd0c734 ("idr: Fix idr_get_next race with idr_remove")
neglected to fix idr_get_next_ul(). As far as I can tell, nobody's
actually using this interface under the RCU read lock, but fix it now
before anybody decides to use it.
Fixes: 5c089fd0c734 ("idr: Fix idr_get_next race with idr_remove")
Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
Greg Kroah-Hartman
|
458f77a499 |
lib: raid6: fix awk build warnings
commit 702600eef73033ddd4eafcefcbb6560f3e3a90f7 upstream.
Newer versions of awk spit out these fun warnings:
awk: ../lib/raid6/unroll.awk:16: warning: regexp escape sequence `\#' is not a known regexp operator
As commit 700c1018b86d ("x86/insn: Fix awk regexp warnings") showed, it
turns out that there are a number of awk strings that do not need to be
escaped and newer versions of awk now warn about this.
Fix the string up so that no warning is produced. The exact same kernel
module gets created before and after this patch, showing that it wasn't
needed.
Link: https://lore.kernel.org/r/20191206152600.GA75093@kroah.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
291d853dff |
This is the 4.19.88 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl3owgEACgkQONu9yGCS aT43zw//SS1As83XXuHr4mdWIVDjXo6RMJ6Ib7YbRi/uhBmQuUuGVFcqGxUIA9Kl eSXu5Kt8TNmInzHq9AMYgegrELAEwPD2XfptALGDwiUHonQuiFaqOQn/bltJOm1L PsG15A7+/gFhuhPJDp2ZfNBmZGdpXdIwD27oUDqF1XD64dMa/HPbFUVgxWn3HHkd sm0J6Ez0eNA+BmLnHXYDiSaEYIiwvy1nN6XpyIfOyb2Tz6kPoe0vVWU00Cmy8KAU EIWB+TBRunspgMsShL5Cl1MSFOxf9QOmgnZxcrODAQfb1TbLMACB1FGMjK4nLm+3 wPlSnC7L49ARl/pvmN5NOUrjHi8S8qq/Od9QW+UIckRI6KzOU832h99v4gFuHjSC KFiLi5K9+uTIMgNOETmINBiKKUcUzYXYVajvm4tuAUq3HO8wy6jeALtt34OiJZQZ DV8wyBdL9NDUFqBymFaMFA4Us/fGIREzvPgI0E0jth2ANuLFLtScrnStuWv8buwJ JT3V9xCxHZtZ3Ctevx/Jp6OaQtnbSnWjMjrO0UDzZ6N7+g5UKmh9/R3xL6sBpFVU Vu49J+qWU3VmbY3EIulel+yARNe7xS4ExK185JmNzpYFyOpXum14FHhhtQ6xNSeu dRqyITI0KYP7jWtBDKCgVAWF5jC9gHP1ksrHSZMhyGrv1dC1XZM= =KnJW -----END PGP SIGNATURE----- Merge 4.19.88 into android-4.19 Changes in 4.19.88 clk: meson: gxbb: let sar_adc_clk_div set the parent clock rate clocksource/drivers/mediatek: Fix error handling ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX ASoC: compress: fix unsigned integer overflow check reset: Fix memory leak in reset_control_array_put() clk: samsung: exynos5433: Fix error paths ASoC: kirkwood: fix external clock probe defer ASoC: kirkwood: fix device remove ordering clk: samsung: exynos5420: Preserve PLL configuration during suspend/resume pinctrl: cherryview: Allocate IRQ chip dynamic ARM: dts: imx6qdl-sabreauto: Fix storm of accelerometer interrupts reset: fix reset_control_ops kerneldoc comment clk: at91: avoid sleeping early clk: sunxi: Fix operator precedence in sunxi_divs_clk_setup clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 ARM: dts: sun8i-a83t-tbs-a711: Fix WiFi resume from suspend samples/bpf: fix build by setting HAVE_ATTR_TEST to zero powerpc/bpf: Fix tail call implementation idr: Fix integer overflow in idr_for_each_entry idr: Fix idr_alloc_u32 on 32-bit systems x86/resctrl: Prevent NULL pointer dereference when reading mondata clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call clk: ti: clkctrl: Fix failed to enable error with double udelay timeout net: fec: add missed clk_disable_unprepare in remove bridge: ebtables: don't crash when using dnat target in output chains can: peak_usb: report bus recovery as well can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid skb mem leak can: rx-offload: can_rx_offload_offload_one(): do not increase the skb_queue beyond skb_queue_len_max can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to propagate error value in case of errors can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error can: flexcan: increase error counters if skb enqueueing via can_rx_offload_queue_sorted() fails can: mcp251x: mcp251x_restart_work_handler(): Fix potential force_quit race condition watchdog: meson: Fix the wrong value of left time ASoC: stm32: sai: add restriction on mmap support scripts/gdb: fix debugging modules compiled with hot/cold partitioning net: bcmgenet: use RGMII loopback for MAC reset net: bcmgenet: reapply manual settings to the PHY net: mscc: ocelot: fix __ocelot_rmw_ix prototype ceph: return -EINVAL if given fsc mount option on kernel w/o support net/fq_impl: Switch to kvmalloc() for memory allocation mac80211: fix station inactive_time shortly after boot block: drbd: remove a stray unlock in __drbd_send_protocol() pwm: bcm-iproc: Prevent unloading the driver module while in use scsi: target/tcmu: Fix queue_cmd_ring() declaration scsi: lpfc: Fix kernel Oops due to null pring pointers scsi: lpfc: Fix dif and first burst use in write commands ARM: dts: Fix up SQ201 flash access tracing: Lock event_mutex before synth_event_mutex ARM: debug-imx: only define DEBUG_IMX_UART_PORT if needed ARM: dts: imx51: Fix memory node duplication ARM: dts: imx53: Fix memory node duplication ARM: dts: imx31: Fix memory node duplication ARM: dts: imx35: Fix memory node duplication ARM: dts: imx7: Fix memory node duplication ARM: dts: imx6ul: Fix memory node duplication ARM: dts: imx6sx: Fix memory node duplication ARM: dts: imx6sl: Fix memory node duplication ARM: dts: imx50: Fix memory node duplication ARM: dts: imx23: Fix memory node duplication ARM: dts: imx1: Fix memory node duplication ARM: dts: imx27: Fix memory node duplication ARM: dts: imx25: Fix memory node duplication ARM: dts: imx53-voipac-dmm-668: Fix memory node duplication parisc: Fix serio address output parisc: Fix HP SDC hpa address output ARM: dts: Fix hsi gdd range for omap4 arm64: mm: Prevent mismatched 52-bit VA support arm64: smp: Handle errors reported by the firmware bus: ti-sysc: Check for no-reset and no-idle flags at the child level platform/x86: mlx-platform: Fix LED configuration ARM: OMAP1: fix USB configuration for device-only setups RDMA/hns: Fix the bug while use multi-hop of pbl arm64: preempt: Fix big-endian when checking preempt count in assembly RDMA/vmw_pvrdma: Use atomic memory allocation in create AH PM / AVS: SmartReflex: NULL check before some freeing functions is not needed xfs: zero length symlinks are not valid ARM: ks8695: fix section mismatch warning ACPI / LPSS: Ignore acpi_device_fix_up_power() return value scsi: lpfc: Enable Management features for IF_TYPE=6 scsi: qla2xxx: Fix NPIV handling for FC-NVMe scsi: qla2xxx: Fix for FC-NVMe discovery for NPIV port nvme: provide fallback for discard alloc failure s390/zcrypt: make sysfs reset attribute trigger queue reset crypto: user - support incremental algorithm dumps arm64: dts: renesas: draak: Fix CVBS input mwifiex: fix potential NULL dereference and use after free mwifiex: debugfs: correct histogram spacing, formatting brcmfmac: set F2 watermark to 256 for 4373 brcmfmac: set SDIO F1 MesBusyCtrl for CYW4373 rtl818x: fix potential use after free bcache: do not check if debug dentry is ERR or NULL explicitly on remove bcache: do not mark writeback_running too early xfs: require both realtime inodes to mount nvme: fix kernel paging oops ubifs: Fix default compression selection in ubifs ubi: Put MTD device after it is not used ubi: Do not drop UBI device reference before using microblaze: adjust the help to the real behavior microblaze: move "... is ready" messages to arch/microblaze/Makefile microblaze: fix multiple bugs in arch/microblaze/boot/Makefile iwlwifi: move iwl_nvm_check_version() into dvm iwlwifi: mvm: force TCM re-evaluation on TCM resume iwlwifi: pcie: fix erroneous print iwlwifi: pcie: set cmd_len in the correct place gpio: pca953x: Fix AI overflow on PCAL6524 gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB kvm: vmx: Set IA32_TSC_AUX for legacy mode guests Revert "KVM: nVMX: reset cache/shadows when switching loaded VMCS" Revert "KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode()" crypto/chelsio/chtls: listen fails with multiadapt VSOCK: bind to random port for VMADDR_PORT_ANY mmc: meson-gx: make sure the descriptor is stopped on errors mtd: rawnand: sunxi: Write pageprog related opcodes to WCMD_SET usb: ehci-omap: Fix deferred probe for phy handling btrfs: Check for missing device before bio submission in btrfs_map_bio btrfs: fix ncopies raid_attr for RAID56 btrfs: dev-replace: set result code of cancel by status of scrub Btrfs: allow clear_extent_dirty() to receive a cached extent state record btrfs: only track ref_heads in delayed_ref_updates serial: sh-sci: Fix crash in rx_timer_fn() on PIO fallback HID: intel-ish-hid: fixes incorrect error handling gpio: raspberrypi-exp: decrease refcount on firmware dt node serial: 8250: Rate limit serial port rx interrupts during input overruns kprobes/x86/xen: blacklist non-attachable xen interrupt functions xen/pciback: Check dev_data before using it kprobes: Blacklist symbols in arch-defined prohibited area kprobes/x86: Show x86-64 specific blacklisted symbols correctly vfio-mdev/samples: Use u8 instead of char for handle functions memory: omap-gpmc: Get the header of the enum pinctrl: xway: fix gpio-hog related boot issues net/mlx5: Continue driver initialization despite debugfs failure netfilter: nf_nat_sip: fix RTP/RTCP source port translations exofs_mount(): fix leaks on failure exits bnxt_en: Return linux standard errors in bnxt_ethtool.c bnxt_en: Save ring statistics before reset. bnxt_en: query force speeds before disabling autoneg mode. KVM: s390: unregister debug feature on failing arch init pinctrl: sh-pfc: r8a77990: Fix MOD_SEL0 SEL_I2C1 field width pinctrl: sh-pfc: sh7264: Fix PFCR3 and PFCR0 register configuration pinctrl: sh-pfc: sh7734: Fix shifted values in IPSR10 HID: doc: fix wrong data structure reference for UHID_OUTPUT dm flakey: Properly corrupt multi-page bios. gfs2: take jdata unstuff into account in do_grow dm raid: fix false -EBUSY when handling check/repair message xfs: Align compat attrlist_by_handle with native implementation. xfs: Fix bulkstat compat ioctls on x32 userspace. IB/qib: Fix an error code in qib_sdma_verbs_send() clocksource/drivers/fttmr010: Fix invalid interrupt register access vxlan: Fix error path in __vxlan_dev_create() powerpc/book3s/32: fix number of bats in p/v_block_mapped() powerpc/xmon: fix dump_segments() drivers/regulator: fix a missing check of return value Bluetooth: hci_bcm: Handle specific unknown packets after firmware loading serial: max310x: Fix tx_empty() callback openrisc: Fix broken paths to arch/or32 RDMA/srp: Propagate ib_post_send() failures to the SCSI mid-layer scsi: qla2xxx: deadlock by configfs_depend_item scsi: csiostor: fix incorrect dma device in case of vport brcmfmac: Fix access point mode ath6kl: Only use match sets when firmware supports it ath6kl: Fix off by one error in scan completion powerpc/perf: Fix unit_sel/cache_sel checks powerpc/32: Avoid unsupported flags with clang powerpc/prom: fix early DEBUG messages powerpc/mm: Make NULL pointer deferences explicit on bad page faults. powerpc/44x/bamboo: Fix PCI range vfio/spapr_tce: Get rid of possible infinite loop powerpc/powernv/eeh/npu: Fix uninitialized variables in opal_pci_eeh_freeze_status drbd: ignore "all zero" peer volume sizes in handshake drbd: reject attach of unsuitable uuids even if connected drbd: do not block when adjusting "disk-options" while IO is frozen drbd: fix print_st_err()'s prototype to match the definition IB/rxe: Make counters thread safe bpf/cpumap: make sure frame_size for build_skb is aligned if headroom isn't regulator: tps65910: fix a missing check of return value powerpc/83xx: handle machine check caused by watchdog timer powerpc/pseries: Fix node leak in update_lmb_associativity_index() powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y crypto: mxc-scc - fix build warnings on ARM64 pwm: clps711x: Fix period calculation net/netlink_compat: Fix a missing check of nla_parse_nested net/net_namespace: Check the return value of register_pernet_subsys() f2fs: fix block address for __check_sit_bitmap f2fs: fix to dirty inode synchronously um: Include sys/uio.h to have writev() um: Make GCOV depend on !KCOV net: (cpts) fix a missing check of clk_prepare net: stmicro: fix a missing check of clk_prepare net: dsa: bcm_sf2: Propagate error value from mdio_write atl1e: checking the status of atl1e_write_phy_reg tipc: fix a missing check of genlmsg_put net: marvell: fix a missing check of acpi_match_device net/wan/fsl_ucc_hdlc: Avoid double free in ucc_hdlc_probe() ocfs2: clear journal dirty flag after shutdown journal vmscan: return NODE_RECLAIM_NOSCAN in node_reclaim() when CONFIG_NUMA is n mm/page_alloc.c: free order-0 pages through PCP in page_frag_free() mm/page_alloc.c: use a single function to free page mm/page_alloc.c: deduplicate __memblock_free_early() and memblock_free() tools/vm/page-types.c: fix "kpagecount returned fewer pages than expected" failures netfilter: nf_tables: fix a missing check of nla_put_failure xprtrdma: Prevent leak of rpcrdma_rep objects infiniband: bnxt_re: qplib: Check the return value of send_message infiniband/qedr: Potential null ptr dereference of qp firmware: arm_sdei: fix wrong of_node_put() in init function firmware: arm_sdei: Fix DT platform device creation lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk lib/genalloc.c: use vzalloc_node() to allocate the bitmap fork: fix some -Wmissing-prototypes warnings drivers/base/platform.c: kmemleak ignore a known leak lib/genalloc.c: include vmalloc.h mtd: Check add_mtd_device() ret code tipc: fix memory leak in tipc_nl_compat_publ_dump net/core/neighbour: tell kmemleak about hash tables ata: ahci: mvebu: do Armada 38x configuration only on relevant SoCs PCI/MSI: Return -ENOSPC from pci_alloc_irq_vectors_affinity() net/core/neighbour: fix kmemleak minimal reference count for hash tables serial: 8250: Fix serial8250 initialization crash gpu: ipu-v3: pre: don't trigger update if buffer address doesn't change sfc: suppress duplicate nvmem partition types in efx_ef10_mtd_probe ip_tunnel: Make none-tunnel-dst tunnel port work with lwtunnel decnet: fix DN_IFREQ_SIZE net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() net/smc: don't wait for send buffer space when data was already sent mm/hotplug: invalid PFNs from pfn_to_online_page() xfs: end sync buffer I/O properly on shutdown error net/smc: fix sender_free computation blktrace: Show requests without sector net/smc: fix byte_order for rx_curs_confirmed tipc: fix skb may be leaky in tipc_link_input ASoC: samsung: i2s: Fix prescaler setting for the secondary DAI sfc: initialise found bitmap in efx_ef10_mtd_probe geneve: change NET_UDP_TUNNEL dependency to select net: fix possible overflow in __sk_mem_raise_allocated() net: ip_gre: do not report erspan_ver for gre or gretap net: ip6_gre: do not report erspan_ver for ip6gre or ip6gretap sctp: don't compare hb_timer expire date before starting it bpf: decrease usercnt if bpf_map_new_fd() fails in bpf_map_get_fd_by_id() mmc: core: align max segment size with logical block size net: dev: Use unsigned integer as an argument to left-shift kvm: properly check debugfs dentry before using it bpf: drop refcount if bpf_map_new_fd() fails in map_create() net: hns3: Change fw error code NOT_EXEC to NOT_SUPPORTED net: hns3: fix PFC not setting problem for DCB module net: hns3: fix an issue for hclgevf_ae_get_hdev net: hns3: fix an issue for hns3_update_new_int_gl iommu/amd: Fix NULL dereference bug in match_hid_uid apparmor: delete the dentry in aafs_remove() to avoid a leak scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery ACPI / APEI: Don't wait to serialise with oops messages when panic()ing ACPI / APEI: Switch estatus pool to use vmalloc memory scsi: hisi_sas: shutdown axi bus to avoid exception CQ returned scsi: libsas: Check SMP PHY control function result RDMA/hns: Fix the bug with updating rq head pointer when flush cqe RDMA/hns: Bugfix for the scene without receiver queue RDMA/hns: Fix the state of rereg mr RDMA/hns: Use GFP_ATOMIC in hns_roce_v2_modify_qp ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property() xdp: fix cpumap redirect SKB creation bug mtd: Remove a debug trace in mtdpart.c mm, gup: add missing refcount overflow checks on s390 clk: at91: fix update bit maps on CFG_MOR write clk: at91: generated: set audio_pll_allowed in at91_clk_register_generated() usb: dwc2: use a longer core rest timeout in dwc2_core_reset() staging: rtl8192e: fix potential use after free staging: rtl8723bs: Drop ACPI device ids staging: rtl8723bs: Add 024c:0525 to the list of SDIO device-ids USB: serial: ftdi_sio: add device IDs for U-Blox C099-F9P mei: bus: prefix device names on bus with the bus name mei: me: add comet point V device id thunderbolt: Power cycle the router if NVM authentication fails xfrm: Fix memleak on xfrm state destroy media: v4l2-ctrl: fix flags for DO_WHITE_BALANCE net: macb: fix error format in dev_err() pwm: Clear chip_data in pwm_put() media: atmel: atmel-isc: fix asd memory allocation media: atmel: atmel-isc: fix INIT_WORK misplacement macvlan: schedule bc_work even if error net: psample: fix skb_over_panic openvswitch: fix flow command message size sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook slip: Fix use-after-free Read in slip_open openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info() openvswitch: remove another BUG_ON() selftests: bpf: test_sockmap: handle file creation failures gracefully tipc: fix link name length check sctp: cache netns in sctp_ep_common net: sched: fix `tc -s class show` no bstats on class with nolock subqueues net: macb: add missed tasklet_kill ext4: add more paranoia checking in ext4_expand_extra_isize handling watchdog: sama5d4: fix WDD value to be always set to max net: macb: Fix SUBNS increment and increase resolution net: macb driver, check for SKBTX_HW_TSTAMP mtd: rawnand: atmel: Fix spelling mistake in error message mtd: rawnand: atmel: fix possible object reference leak mtd: spi-nor: cast to u64 to avoid uint overflows drm/atmel-hlcdc: revert shift by 8 mailbox: stm32_ipcc: add spinlock to fix channels concurrent access tcp: exit if nothing to retransmit on RTO timeout HID: core: check whether Usage Page item is after Usage ID items crypto: stm32/hash - Fix hmac issue more than 256 bytes media: stm32-dcmi: fix DMA corruption when stopping streaming media: stm32-dcmi: fix check of pm_runtime_get_sync return value hwrng: stm32 - fix unbalanced pm_runtime_enable clk: stm32mp1: fix HSI divider flag clk: stm32mp1: fix mcu divider table clk: stm32mp1: add CLK_SET_RATE_NO_REPARENT to Kernel clocks clk: stm32mp1: parent clocks update mailbox: mailbox-test: fix null pointer if no mmio pinctrl: stm32: fix memory leak issue ASoC: stm32: i2s: fix dma configuration ASoC: stm32: i2s: fix 16 bit format support ASoC: stm32: i2s: fix IRQ clearing ASoC: stm32: sai: add missing put_device() dmaengine: stm32-dma: check whether length is aligned on FIFO threshold platform/x86: hp-wmi: Fix ACPI errors caused by too small buffer platform/x86: hp-wmi: Fix ACPI errors caused by passing 0 as input size net: fec: fix clock count mis-match Linux 4.19.88 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ifd3801a77cb551be72788031e7fcfc8a1d4fd197 |
||
Olof Johansson
|
6a471a2665 |
lib/genalloc.c: include vmalloc.h
[ Upstream commit 35004f2e55807a1a1491db24ab512dd2f770a130 ]
Fixes build break on most ARM/ARM64 defconfigs:
lib/genalloc.c: In function 'gen_pool_add_virt':
lib/genalloc.c:190:10: error: implicit declaration of function 'vzalloc_node'; did you mean 'kzalloc_node'?
lib/genalloc.c:190:8: warning: assignment to 'struct gen_pool_chunk *' from 'int' makes pointer from integer without a cast [-Wint-conversion]
lib/genalloc.c: In function 'gen_pool_destroy':
lib/genalloc.c:254:3: error: implicit declaration of function 'vfree'; did you mean 'kfree'?
Fixes: 6862d2fc8185 ('lib/genalloc.c: use vzalloc_node() to allocate the bitmap')
Cc: Huang Shijie <sjhuang@iluvatar.ai>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Alexey Skidanov <alexey.skidanov@intel.com>
Signed-off-by: Olof Johansson <olof@lixom.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
||
Huang Shijie
|
0321fe1cdd |
lib/genalloc.c: use vzalloc_node() to allocate the bitmap
[ Upstream commit 6862d2fc81859f88c1f3f660886427893f2b4f3f ] Some devices may have big memory on chip, such as over 1G. In some cases, the nbytes maybe bigger then 4M which is the bounday of the memory buddy system (4K default). So use vzalloc_node() to allocate the bitmap. Also use vfree to free it. Link: http://lkml.kernel.org/r/20181225015701.6289-1-sjhuang@iluvatar.ai Signed-off-by: Huang Shijie <sjhuang@iluvatar.ai> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Alexey Skidanov <alexey.skidanov@intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Alexey Skidanov
|
28fb78ccb5 |
lib/genalloc.c: fix allocation of aligned buffer from non-aligned chunk
[ Upstream commit 52fbf1134d479234d7e64ba9dcbaea23405f229e ] gen_pool_alloc_algo() uses different allocation functions implementing different allocation algorithms. With gen_pool_first_fit_align() allocation function, the returned address should be aligned on the requested boundary. If chunk start address isn't aligned on the requested boundary, the returned address isn't aligned too. The only way to get properly aligned address is to initialize the pool with chunks aligned on the requested boundary. If want to have an ability to allocate buffers aligned on different boundaries (for example, 4K, 1MB, ...), the chunk start address should be aligned on the max possible alignment. This happens because gen_pool_first_fit_align() looks for properly aligned memory block without taking into account the chunk start address alignment. To fix this, we provide chunk start address to gen_pool_first_fit_align() and change its implementation such that it starts looking for properly aligned block with appropriate offset (exactly as is done in CMA). Link: https://lkml.kernel.org/lkml/a170cf65-6884-3592-1de9-4c235888cc8a@intel.com Link: http://lkml.kernel.org/r/1541690953-4623-1-git-send-email-alexey.skidanov@intel.com Signed-off-by: Alexey Skidanov <alexey.skidanov@intel.com> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Logan Gunthorpe <logang@deltatee.com> Cc: Daniel Mentz <danielmentz@google.com> Cc: Mathieu Desnoyers <mathieu.desnoyers@efficios.com> Cc: Laura Abbott <labbott@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Matthew Wilcox (Oracle)
|
8ef58b82d1 |
idr: Fix idr_alloc_u32 on 32-bit systems
[ Upstream commit b7e9728f3d7fc5c5c8508d99f1675212af5cfd49 ] Attempting to allocate an entry at 0xffffffff when one is already present would succeed in allocating one at 2^32, which would confuse everything. Return -ENOSPC in this case, as expected. Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
2700cf837e |
This is the 4.19.87 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl3jdysACgkQONu9yGCS aT49mhAAxl50oRh0bSk/SikbVCn7kRaoRNlCBsPtvtvbDDIpyREIzMRmIbH2OZjS ji1umUu8iMj+HXW72dWNqPo2K337UzcNRsUXWAdJH8Et+ao+xOUV1jps/Zr3D9ca 2Cw6iTn2QFhKQythMlCxb30sf+kN4cAU1XY3M8xEWXB+4nAqc/aFW7mRAP1jusRb 1DAW+xqPiwCbaag1v5OzumAOGBhpmTcX8sfEYM+3DKcPgGL1jPyYeWlXA26nih8/ LQR6r2tAb454pipV0uApJ2u7V5nNxprcrfUNDmAfap2q/eF1w5pBbZoS5sqpf1eZ 2ycZ36w0ThE7lJKvNrfjq13Su+bGtpENxHlwesNPbsvz0F4xoEkelYSCE1gJBaHX CZvq1Dhrk5DBvkCCElV8+CJxxuhMUZwzOwrz2iBLdPnpCpSgj8uNPLXMJno6D9fH PZMCcBFf4WnCUBc06fB7qG+Z7y0TeAuLsNQmK3zYQoEc1gz4Yk5aFo7NgTyajqbD YKINVP2Wj11TDBssolIA58EYcc2J38As54wuOvYtwy+k/mVkvZVhCPOtI+h3UYm4 lX2ROCHTzt+Av5qFlM8aSBcIlm1qihzSHEdnyqX2EZvUGC4C5Mc5/Eml3QJxAnVh SzUfLZGzzfntpnWn2cJZ/EA/p6hXujG5k95LEwtAnxxYBFpLTKc= =d8kA -----END PGP SIGNATURE----- Merge 4.19.87 into android-4.19 Changes in 4.19.87 mlxsw: spectrum_router: Fix determining underlay for a GRE tunnel net/mlx4_en: fix mlx4 ethtool -N insertion net/mlx4_en: Fix wrong limitation for number of TX rings net: rtnetlink: prevent underflows in do_setvfinfo() net/sched: act_pedit: fix WARN() in the traffic path net: sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key sfc: Only cancel the PPS workqueue if it exists net/mlx5e: Fix set vf link state error flow net/mlxfw: Verify FSM error code translation doesn't exceed array size net/mlx5: Fix auto group size calculation vhost/vsock: split packets to send using multiple buffers gpio: max77620: Fixup debounce delays tools: gpio: Correctly add make dependencies for gpio_utils nbd:fix memory leak in nbd_get_socket() virtio_console: allocate inbufs in add_port() only if it is needed Revert "fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()" mm/ksm.c: don't WARN if page is still mapped in remove_stable_node() drm/amd/powerplay: issue no PPSMC_MSG_GetCurrPkgPwr on unsupported ASICs drm/i915/pmu: "Frequency" is reported as accumulated cycles drm/i915/userptr: Try to acquire the page lock around set_page_dirty() mwifiex: Fix NL80211_TX_POWER_LIMITED ALSA: isight: fix leak of reference to firewire unit in error path of .probe callback crypto: testmgr - fix sizeof() on COMP_BUF_SIZE printk: lock/unlock console only for new logbuf entries printk: fix integer overflow in setup_log_buf() pinctrl: madera: Fix uninitialized variable bug in madera_mux_set_mux PCI: cadence: Write MSI data with 32bits gfs2: Fix marking bitmaps non-full pty: fix compat ioctls synclink_gt(): fix compat_ioctl() powerpc: Fix signedness bug in update_flash_db() powerpc/boot: Fix opal console in boot wrapper powerpc/boot: Disable vector instructions powerpc/eeh: Fix null deref for devices removed during EEH powerpc/eeh: Fix use of EEH_PE_KEEP on wrong field EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() mt76: do not store aggregation sequence number for null-data frames mt76x0: phy: fix restore phase in mt76x0_phy_recalibrate_after_assoc brcmsmac: AP mode: update beacon when TIM changes ath10k: set probe request oui during driver start ath10k: allocate small size dma memory in ath10k_pci_diag_write_mem skd: fixup usage of legacy IO API cdrom: don't attempt to fiddle with cdo->capability spi: sh-msiof: fix deferred probing mmc: mediatek: fill the actual clock for mmc debugfs mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready fail PCI: mediatek: Fix class type for MT7622 to PCI_CLASS_BRIDGE_PCI btrfs: defrag: use btrfs_mod_outstanding_extents in cluster_pages_for_defrag btrfs: handle error of get_old_root gsmi: Fix bug in append_to_eventlog sysfs handler misc: mic: fix a DMA pool free failure w1: IAD Register is yet readable trough iad sys file. Fix snprintf (%u for unsigned, count for max size). m68k: fix command-line parsing when passed from u-boot scsi: hisi_sas: Feed back linkrate(max/min) when re-attached scsi: hisi_sas: Fix the race between IO completion and timeout for SMP/internal IO scsi: hisi_sas: Free slot later in slot_complete_vx_hw() RDMA/bnxt_re: Avoid NULL check after accessing the pointer RDMA/bnxt_re: Fix qp async event reporting RDMA/bnxt_re: Avoid resource leak in case the NQ registration fails pinctrl: sunxi: Fix a memory leak in 'sunxi_pinctrl_build_state()' pwm: lpss: Only set update bit if we are actually changing the settings amiflop: clean up on errors during setup qed: Align local and global PTT to propagate through the APIs. scsi: ips: fix missing break in switch nfp: bpf: protect against mis-initializing atomic counters KVM: nVMX: reset cache/shadows when switching loaded VMCS KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() KVM/x86: Fix invvpid and invept register operand size in 64-bit mode clk: tegra: Fixes for MBIST work around scsi: isci: Use proper enumerated type in atapi_d2h_reg_frame_handler scsi: isci: Change sci_controller_start_task's return type to sci_status scsi: bfa: Avoid implicit enum conversion in bfad_im_post_vendor_event scsi: iscsi_tcp: Explicitly cast param in iscsi_sw_tcp_host_get_param crypto: ccree - avoid implicit enum conversion nvmet: avoid integer overflow in the discard code nvmet-fcloop: suppress a compiler warning nvme-pci: fix hot removal during error handling PCI: mediatek: Fixup MSI enablement logic by enabling MSI before clocks clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk clk: at91: audio-pll: fix audio pmc type ASoC: tegra_sgtl5000: fix device_node refcounting scsi: dc395x: fix dma API usage in srb_done scsi: dc395x: fix DMA API usage in sg_update_list scsi: zorro_esp: Limit DMA transfers to 65535 bytes net: dsa: mv88e6xxx: Fix 88E6141/6341 2500mbps SERDES speed net: fix warning in af_unix net: ena: Fix Kconfig dependency on X86 xfs: fix use-after-free race in xfs_buf_rele xfs: clear ail delwri queued bufs on unmount of shutdown fs kprobes, x86/ptrace.h: Make regs_get_kernel_stack_nth() not fault on bad stack ACPI / scan: Create platform device for INT33FE ACPI nodes PM / Domains: Deal with multiple states but no governor in genpd ALSA: i2c/cs8427: Fix int to char conversion macintosh/windfarm_smu_sat: Fix debug output PCI: vmd: Detach resources after stopping root bus USB: misc: appledisplay: fix backlight update_status return code usbip: tools: fix atoi() on non-null terminated string sctp: use sk_wmem_queued to check for writable space dm raid: avoid bitmap with raid4/5/6 journal device selftests/bpf: fix file resource leak in load_kallsyms SUNRPC: Fix a compile warning for cmpxchg64() sunrpc: safely reallow resvport min/max inversion atm: zatm: Fix empty body Clang warnings s390/perf: Return error when debug_register fails swiotlb: do not panic on mapping failures spi: omap2-mcspi: Set FIFO DMA trigger level to word length x86/intel_rdt: Prevent pseudo-locking from using stale pointers sparc: Fix parport build warnings. scsi: hisi_sas: Fix NULL pointer dereference powerpc/pseries: Export raw per-CPU VPA data via debugfs powerpc/mm/radix: Fix off-by-one in split mapping logic powerpc/mm/radix: Fix overuse of small pages in splitting logic powerpc/mm/radix: Fix small page at boundary when splitting powerpc/64s/radix: Fix radix__flush_tlb_collapsed_pmd double flushing pmd selftests/bpf: fix return value comparison for tests in test_libbpf.sh tools: bpftool: fix completion for "bpftool map update" ceph: fix dentry leak in ceph_readdir_prepopulate ceph: only allow punch hole mode in fallocate rtc: s35390a: Change buf's type to u8 in s35390a_init RISC-V: Avoid corrupting the upper 32-bit of phys_addr_t in ioremap thermal: armada: fix a test in probe() f2fs: fix to spread clear_cold_data() f2fs: spread f2fs_set_inode_flags() mISDN: Fix type of switch control variable in ctrl_teimanager qlcnic: fix a return in qlcnic_dcb_get_capability() net: ethernet: ti: cpsw: unsync mcast entries while switch promisc mode mfd: arizona: Correct calling of runtime_put_sync mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values mfd: intel_soc_pmic_bxtwc: Chain power button IRQs as well mfd: max8997: Enale irq-wakeup unconditionally net: socionext: Stop PHY before resetting netsec fs/cifs: fix uninitialised variable warnings spi: uniphier: fix incorrect property items selftests/ftrace: Fix to test kprobe $comm arg only if available selftests: watchdog: fix message when /dev/watchdog open fails selftests: watchdog: Fix error message. selftests: kvm: Fix -Wformat warnings selftests: fix warning: "_GNU_SOURCE" redefined thermal: rcar_thermal: fix duplicate IRQ request thermal: rcar_thermal: Prevent hardware access during system suspend net: ethernet: cadence: fix socket buffer corruption problem bpf: devmap: fix wrong interface selection in notifier_call bpf, btf: fix a missing check bug in btf_parse powerpc/process: Fix flush_all_to_thread for SPE sparc64: Rework xchg() definition to avoid warnings. arm64: lib: use C string functions with KASAN enabled fs/ocfs2/dlm/dlmdebug.c: fix a sleep-in-atomic-context bug in dlm_print_one_mle() mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock tools/testing/selftests/vm/gup_benchmark.c: fix 'write' flag usage mm: thp: fix MADV_DONTNEED vs migrate_misplaced_transhuge_page race condition macsec: update operstate when lower device changes macsec: let the administrator set UP state even if lowerdev is down block: fix the DISCARD request merge i2c: uniphier-f: make driver robust against concurrency i2c: uniphier-f: fix occasional timeout error i2c: uniphier-f: fix race condition when IRQ is cleared um: Make line/tty semantics use true write IRQ vfs: avoid problematic remapping requests into partial EOF block ipv4/igmp: fix v1/v2 switchback timeout based on rfc3376, 8.12 powerpc/xmon: Relax frame size for clang selftests/powerpc/ptrace: Fix out-of-tree build selftests/powerpc/signal: Fix out-of-tree build selftests/powerpc/switch_endian: Fix out-of-tree build selftests/powerpc/cache_shape: Fix out-of-tree build block: call rq_qos_exit() after queue is frozen mm/gup_benchmark.c: prevent integer overflow in ioctl linux/bitmap.h: handle constant zero-size bitmaps correctly linux/bitmap.h: fix type of nbits in bitmap_shift_right() lib/bitmap.c: fix remaining space computation in bitmap_print_to_pagebuf hfsplus: fix BUG on bnode parent update hfs: fix BUG on bnode parent update hfsplus: prevent btree data loss on ENOSPC hfs: prevent btree data loss on ENOSPC hfsplus: fix return value of hfsplus_get_block() hfs: fix return value of hfs_get_block() hfsplus: update timestamps on truncate() hfs: update timestamp on truncate() fs/hfs/extent.c: fix array out of bounds read of array extent kernel/panic.c: do not append newline to the stack protector panic string mm/memory_hotplug: make add_memory() take the device_hotplug_lock mm/memory_hotplug: fix online/offline_pages called w.o. mem_hotplug_lock powerpc/powernv: hold device_hotplug_lock when calling device_online() igb: shorten maximum PHC timecounter update interval fm10k: ensure completer aborts are marked as non-fatal after a resume net: hns3: bugfix for buffer not free problem during resetting net: hns3: bugfix for reporting unknown vector0 interrupt repeatly problem net: hns3: bugfix for is_valid_csq_clean_head() net: hns3: bugfix for hclge_mdio_write and hclge_mdio_read ntb_netdev: fix sleep time mismatch ntb: intel: fix return value for ndev_vec_mask() irq/matrix: Fix memory overallocation nvme-pci: fix conflicting p2p resource adds arm64: makefile fix build of .i file in external module case tools/power turbosat: fix AMD APIC-id output mm: handle no memcg case in memcg_kmem_charge() properly ocfs2: without quota support, avoid calling quota recovery ocfs2: don't use iocb when EIOCBQUEUED returns ocfs2: don't put and assigning null to bh allocated outside ocfs2: fix clusters leak in ocfs2_defrag_extent() net: do not abort bulk send on BQL status sched/topology: Fix off by one bug sched/fair: Don't increase sd->balance_interval on newidle balance openvswitch: fix linking without CONFIG_NF_CONNTRACK_LABELS ARM: dts: imx6sx-sdb: Fix enet phy regulator clk: sunxi-ng: enable so-said LDOs for A64 SoC's pll-mipi clock soc: bcm: brcmstb: Fix re-entry point with a THUMB2_KERNEL audit: print empty EXECVE args sock_diag: fix autoloading of the raw_diag module net: bpfilter: fix iptables failure if bpfilter_umh is disabled nds32: Fix bug in bitfield.h media: ov13858: Check for possible null pointer btrfs: avoid link error with CONFIG_NO_AUTO_INLINE wil6210: fix debugfs memory access alignment wil6210: fix L2 RX status handling wil6210: fix RGF_CAF_ICR address for Talyn-MB wil6210: fix locking in wmi_call ath10k: snoc: fix unbalanced clock error handling wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()' rtl8xxxu: Fix missing break in switch brcmsmac: never log "tid x is not agg'able" by default wireless: airo: potential buffer overflow in sprintf() rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information net: dsa: bcm_sf2: Turn on PHY to allow successful registration scsi: mpt3sas: Fix Sync cache command failure during driver unload scsi: mpt3sas: Don't modify EEDPTagMode field setting on SAS3.5 HBA devices scsi: mpt3sas: Fix driver modifying persistent data in Manufacturing page11 scsi: megaraid_sas: Fix msleep granularity scsi: megaraid_sas: Fix goto labels in error handling scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point scsi: lpfc: Correct loss of fc4 type on remote port address change usb: typec: tcpm: charge current handling for sink during hard reset dlm: fix invalid free dlm: don't leak kernel pointer to userspace vrf: mark skb for multicast or link-local as enslaved to VRF clk: tegra20: Turn EMC clock gate into divider ACPICA: Use %d for signed int print formatting instead of %u net: bcmgenet: return correct value 'ret' from bcmgenet_power_down of: unittest: allow base devicetree to have symbol metadata of: unittest: initialize args before calling of_*parse_*() tools: bpftool: pass an argument to silence open_obj_pinned() cfg80211: Prevent regulatory restore during STA disconnect in concurrent interfaces pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues pinctrl: bcm2835: Use define directive for BCM2835_PINCONF_PARAM_PULL pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD PCI: keystone: Use quirk to limit MRRS for K2G nvme-pci: fix surprise removal spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch i2c: uniphier-f: fix timeout error after reading 8 bytes mm/memory_hotplug: Do not unlock when fails to take the device_hotplug_lock ipv6: Fix handling of LLA with VRF and sockets bound to VRF cfg80211: call disconnect_wk when AP stops mm/page_io.c: do not free shared swap slots Bluetooth: Fix invalid-free in bcsp_close() KVM: MMU: Do not treat ZONE_DEVICE pages as being reserved ath10k: Fix a NULL-ptr-deref bug in ath10k_usb_alloc_urb_from_pipe ath9k_hw: fix uninitialized variable data md/raid10: prevent access of uninitialized resync_pages offset mm/memory_hotplug: don't access uninitialized memmaps in shrink_zone_span() net: phy: dp83867: fix speed 10 in sgmii mode net: phy: dp83867: increase SGMII autoneg timer duration ocfs2: remove ocfs2_is_o2cb_active() ARM: 8904/1: skip nomap memblocks while finding the lowmem/highmem boundary ARC: perf: Accommodate big-endian CPU x86/insn: Fix awk regexp warnings x86/speculation: Fix incorrect MDS/TAA mitigation status x86/speculation: Fix redundant MDS mitigation message nbd: prevent memory leak y2038: futex: Move compat implementation into futex.c futex: Prevent robust futex exit race ALSA: usb-audio: Fix NULL dereference at parsing BADD nfc: port100: handle command failure cleanly media: vivid: Set vid_cap_streaming and vid_out_streaming to true media: vivid: Fix wrong locking that causes race conditions on streaming stop media: usbvision: Fix races among open, close, and disconnect cpufreq: Add NULL checks to show() and store() methods of cpufreq media: uvcvideo: Fix error path in control parsing failure media: b2c2-flexcop-usb: add sanity checking media: cxusb: detect cxusb_ctrl_msg error in query media: imon: invalid dereference in imon_touch_event virtio_ring: fix return code on DMA mapping fails USBIP: add config dependency for SGL_ALLOC usbip: tools: fix fd leakage in the function of read_attr_usbip_status usbip: Fix uninitialized symbol 'nents' in stub_recv_cmd_submit() usb-serial: cp201x: support Mark-10 digital force gauge USB: chaoskey: fix error case of a timeout appledisplay: fix error handling in the scheduled work USB: serial: mos7840: add USB ID to support Moxa UPort 2210 USB: serial: mos7720: fix remote wakeup USB: serial: mos7840: fix remote wakeup USB: serial: option: add support for DW5821e with eSIM support USB: serial: option: add support for Foxconn T77W968 LTE modules staging: comedi: usbduxfast: usbduxfast_ai_cmdtest rounding error powerpc/64s: support nospectre_v2 cmdline option powerpc/book3s64: Fix link stack flush on context switch KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel PM / devfreq: Fix kernel oops on governor module load Linux 4.19.87 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: Id8c8d4cd92227f8f46c48c05440e09da957fa687 |
||
Rasmus Villemoes
|
08751e477f |
lib/bitmap.c: fix remaining space computation in bitmap_print_to_pagebuf
[ Upstream commit ce1091d471107dbf6f91db66a480a25950c9b9ff ] For various alignments of buf, the current expression computes 4096 ok 4095 ok 8190 8189 ... 4097 i.e., if the caller has already written two bytes into the page buffer, len is 8190 rather than 4094, because PTR_ALIGN aligns up to the next boundary. So if the printed version of the bitmap is huge, scnprintf() ends up writing beyond the page boundary. I don't think any current callers actually write anything before bitmap_print_to_pagebuf, but the API seems to be designed to allow it. [akpm@linux-foundation.org: use offset_in_page(), per Andy] [akpm@linux-foundation.org: include mm.h for offset_in_page()] Link: http://lkml.kernel.org/r/20180818131623.8755-7-linux@rasmusvillemoes.dk Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk> Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com> Cc: Yury Norov <ynorov@caviumnetworks.com> Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk> Cc: Sudeep Holla <sudeep.holla@arm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
a36fc1fff6 |
This is the 4.19.86 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl3aL2UACgkQONu9yGCS
aT73GA//VSRJjGzdohy0+NVK3Dk7tCb2GfXFyLfRasyCbpCVGudaN9IltPU20pmj
U67BRp3jJg6AFRFDxJn4uyAxqcYF6VFp77BiBLiF6lZEv3+0xxOqdyFL2IY9Cyew
5XGNWcjXAR/bZ0r/rRXw8GUBMmW/8oewW7Iay4YhriUWv/afucbMVK7cNgyj/qvP
jSbHh4mp15BGg1aIanM7YSlJgXX2MimXwEceyHPQJgKpSx1CApI2uRMSNZw/RXeP
hFox3Ord5o/K+dowtKW+eTXUMkbm+7Htsi0p+WvE69y6KjyBzh3CEXrQqJsLtd0Y
1myphKOX42z0/hbysUZQV8AvY5jrZu/SPoH8quXD/MNxPvNe0OjO3UiMruAdohQh
I3SjKZB+HprtsCGn4X6/PiHUxq8PCLwtMaa9IIRmtFOXeuxPPeQLdEoM8m2eCEiL
DnwkDXVVtQhKymmYgWUxcAsFpXl+s3k5ZRFmWEDDTuwlyZRWMPuRaWEOH8YuIHzz
QETCyodrOis90TFgG1XJDijzPpZtxZKuJ8HdGmO7J8BMDXi6r0aoTzBk8cPAAe3A
TUqRnHoMKLLYC+9vxA90aThXsibL6DuD06beJy3H1XCSj2vKvkM/iLaL8R95JjAW
XZaEv/SH9zoEynypd+b8tOHHdPSaZcTe3pd3SDmOPLpejOuSTJU=
=VtIx
-----END PGP SIGNATURE-----
Merge 4.19.86 into android-4.19
Changes in 4.19.86
spi: mediatek: use correct mata->xfer_len when in fifo transfer
i2c: mediatek: modify threshold passed to i2c_get_dma_safe_msg_buf()
tee: optee: add missing of_node_put after of_device_is_available
Revert "OPP: Protect dev_list with opp_table lock"
net: cdc_ncm: Signedness bug in cdc_ncm_set_dgram_size()
idr: Fix idr_get_next race with idr_remove
mm/memory_hotplug: don't access uninitialized memmaps in shrink_pgdat_span()
mm/memory_hotplug: fix updating the node span
arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess fault
fbdev: Ditch fb_edid_add_monspecs
bpf, x32: Fix bug for BPF_ALU64 | BPF_NEG
bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_X shift by 0
bpf, x32: Fix bug with ALU64 {LSH, RSH, ARSH} BPF_K shift by 0
bpf, x32: Fix bug for BPF_JMP | {BPF_JSGT, BPF_JSLE, BPF_JSLT, BPF_JSGE}
net: ovs: fix return type of ndo_start_xmit function
net: xen-netback: fix return type of ndo_start_xmit function
ARM: dts: dra7: Enable workaround for errata i870 in PCIe host mode
ARM: dts: omap5: enable OTG role for DWC3 controller
net: hns3: Fix for netdev not up problem when setting mtu
net: hns3: Fix loss of coal configuration while doing reset
f2fs: return correct errno in f2fs_gc
ARM: dts: sun8i: h3-h5: ir register size should be the whole memory block
ARM: dts: sun8i: h3: bpi-m2-plus: Fix address for external RGMII Ethernet PHY
tcp: up initial rmem to 128KB and SYN rwin to around 64KB
SUNRPC: Fix priority queue fairness
ACPI / LPSS: Make acpi_lpss_find_device() also find PCI devices
ACPI / LPSS: Resume BYT/CHT I2C controllers from resume_noirq
f2fs: keep lazytime on remount
IB/hfi1: Error path MAD response size is incorrect
IB/hfi1: Ensure ucast_dlid access doesnt exceed bounds
mt76x2: fix tx power configuration for VHT mcs 9
mt76x2: disable WLAN core before probe
mt76: fix handling ps-poll frames
iommu/io-pgtable-arm: Fix race handling in split_blk_unmap()
iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout
kvm: arm/arm64: Fix stage2_flush_memslot for 4 level page table
arm64/numa: Report correct memblock range for the dummy node
ath10k: fix vdev-start timeout on error
rtlwifi: btcoex: Use proper enumerated types for Wi-Fi only interface
ata: ahci_brcm: Allow using driver or DSL SoCs
PM / devfreq: Fix devfreq_add_device() when drivers are built as modules.
PM / devfreq: Fix handling of min/max_freq == 0
PM / devfreq: stopping the governor before device_unregister()
ath9k: fix reporting calculated new FFT upper max
selftests/tls: Fix recv(MSG_PEEK) & splice() test cases
usb: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in fotg210_get_status()
usb: dwc3: gadget: Check ENBLSLPM before sending ep command
nl80211: Fix a GET_KEY reply attribute
irqchip/irq-mvebu-icu: Fix wrong private data retrieval
watchdog: core: fix null pointer dereference when releasing cdev
watchdog: renesas_wdt: stop when unregistering
watchdog: sama5d4: fix timeout-sec usage
watchdog: w83627hf_wdt: Support NCT6796D, NCT6797D, NCT6798D
KVM: PPC: Inform the userspace about TCE update failures
printk: Do not miss new messages when replaying the log
printk: CON_PRINTBUFFER console registration is a bit racy
dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction
dmaengine: timb_dma: Use proper enum in td_prep_slave_sg
ALSA: hda: Fix mismatch for register mask and value in ext controller.
ext4: fix build error when DX_DEBUG is defined
clk: keystone: Enable TISCI clocks if K3_ARCH
sunrpc: Fix connect metrics
x86/PCI: Apply VMD's AERSID fixup generically
mei: samples: fix a signedness bug in amt_host_if_call()
cxgb4: Use proper enum in cxgb4_dcb_handle_fw_update
cxgb4: Use proper enum in IEEE_FAUX_SYNC
powerpc/pseries: Fix DTL buffer registration
powerpc/pseries: Fix how we iterate over the DTL entries
powerpc/xive: Move a dereference below a NULL test
ARM: dts: at91: sama5d4_xplained: fix addressable nand flash size
ARM: dts: at91: at91sam9x5cm: fix addressable nand flash size
ARM: dts: at91: sama5d2_ptc_ek: fix bootloader env offsets
mtd: rawnand: sh_flctl: Use proper enum for flctl_dma_fifo0_transfer
PM / hibernate: Check the success of generating md5 digest before hibernation
tools: PCI: Fix compilation warnings
clocksource/drivers/sh_cmt: Fixup for 64-bit machines
clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines
ice: Fix forward to queue group logic
md: allow metadata updates while suspending an array - fix
ixgbe: Fix ixgbe TX hangs with XDP_TX beyond queue limit
i40e: Use proper enum in i40e_ndo_set_vf_link_state
ixgbe: Fix crash with VFs and flow director on interface flap
IB/mthca: Fix error return code in __mthca_init_one()
IB/rxe: avoid srq memory leak
RDMA/hns: Bugfix for reserved qp number
RDMA/hns: Submit bad wr when post send wr exception
RDMA/hns: Bugfix for CM test
RDMA/hns: Limit the size of extend sge of sq
IB/mlx4: Avoid implicit enumerated type conversion
rpmsg: glink: smem: Support rx peak for size less than 4 bytes
msm/gpu/a6xx: Force of_dma_configure to setup DMA for GMU
OPP: Return error on error from dev_pm_opp_get_opp_count()
ACPICA: Never run _REG on system_memory and system_IO
cpuidle: menu: Fix wakeup statistics updates for polling state
ASoC: qdsp6: q6asm-dai: checking NULL vs IS_ERR()
powerpc/time: Use clockevents_register_device(), fixing an issue with large decrementer
powerpc/64s/radix: Explicitly flush ERAT with local LPID invalidation
ata: ep93xx: Use proper enums for directions
qed: Avoid implicit enum conversion in qed_ooo_submit_tx_buffers
media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote
media: pxa_camera: Fix check for pdev->dev.of_node
media: rcar-vin: fix redeclaration of symbol
media: i2c: adv748x: Support probing a single output
ALSA: hda/sigmatel - Disable automute for Elo VuPoint
bnxt_en: return proper error when FW returns HWRM_ERR_CODE_RESOURCE_ACCESS_DENIED
KVM: PPC: Book3S PR: Exiting split hack mode needs to fixup both PC and LR
USB: serial: cypress_m8: fix interrupt-out transfer length
usb: dwc2: disable power_down on rockchip devices
mtd: physmap_of: Release resources on error
cpu/SMT: State SMT is disabled even with nosmt and without "=force"
brcmfmac: reduce timeout for action frame scan
brcmfmac: fix full timeout waiting for action frame on-channel tx
qtnfmac: request userspace to do OBSS scanning if FW can not
qtnfmac: pass sgi rate info flag to wireless core
qtnfmac: inform wireless core about supported extended capabilities
qtnfmac: drop error reports for out-of-bounds key indexes
clk: samsung: Use NOIRQ stage for Exynos5433 clocks suspend/resume
clk: samsung: exynos5420: Define CLK_SECKEY gate clock only or Exynos5420
clk: samsung: Use clk_hw API for calling clk framework from clk notifiers
i2c: brcmstb: Allow enabling the driver on DSL SoCs
printk: Correct wrong casting
NFSv4.x: fix lock recovery during delegation recall
dmaengine: ioat: fix prototype of ioat_enumerate_channels
media: ov5640: fix framerate update
media: cec-gpio: select correct Signal Free Time
gfs2: slow the deluge of io error messages
i2c: omap: use core to detect 'no zero length' quirk
i2c: qup: use core to detect 'no zero length' quirk
i2c: tegra: use core to detect 'no zero length' quirk
i2c: zx2967: use core to detect 'no zero length' quirk
Input: st1232 - set INPUT_PROP_DIRECT property
Input: silead - try firmware reload after unsuccessful resume
soc: fsl: bman_portals: defer probe after bman's probe
net: hns3: Fix for rx vlan id handle to support Rev 0x21 hardware
tc-testing: fix build of eBPF programs
remoteproc: Check for NULL firmwares in sysfs interface
remoteproc: qcom: q6v5: Fix a race condition on fatal crash
kexec: Allocate decrypted control pages for kdump if SME is enabled
x86/olpc: Fix build error with CONFIG_MFD_CS5535=m
dmaengine: rcar-dmac: set scatter/gather max segment size
crypto: mxs-dcp - Fix SHA null hashes and output length
crypto: mxs-dcp - Fix AES issues
xfrm: use correct size to initialise sp->ovec
ACPI / SBS: Fix rare oops when removing modules
iwlwifi: mvm: don't send keys when entering D3
xsk: proper AF_XDP socket teardown ordering
x86/fsgsbase/64: Fix ptrace() to read the FS/GS base accurately
mmc: renesas_sdhi_internal_dmac: Whitelist r8a774a1
mmc: tmio: Fix SCC error detection
mmc: renesas_sdhi_internal_dmac: set scatter/gather max segment size
atmel_lcdfb: support native-mode display-timings
fbdev: sbuslib: use checked version of put_user()
fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper()
fbdev: fix broken menu dependencies
reset: Fix potential use-after-free in __of_reset_control_get()
bcache: account size of buckets used in uuid write to ca->meta_sectors_written
bcache: recal cached_dev_sectors on detach
platform/x86: mlx-platform: Properly use mlxplat_mlxcpld_msn201x_items
media: dw9714: Fix error handling in probe function
media: dw9807-vcm: Fix probe error handling
media: cx18: Don't check for address of video_dev
mtd: spi-nor: cadence-quadspi: Use proper enum for dma_[un]map_single
mtd: devices: m25p80: Make sure WRITE_EN is issued before each write
x86/intel_rdt: Introduce utility to obtain CDP peer
x86/intel_rdt: CBM overlap should also check for overlap with CDP peer
mmc: mmci: expand startbiterr to irqmask and error check
s390/kasan: avoid vdso instrumentation
s390/kasan: avoid instrumentation of early C code
s390/kasan: avoid user access code instrumentation
proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted()
backlight: lm3639: Unconditionally call led_classdev_unregister
mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable
printk: Give error on attempt to set log buffer length to over 2G
media: isif: fix a NULL pointer dereference bug
GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads
media: cx231xx: fix potential sign-extension overflow on large shift
media: venus: vdec: fix decoded data size
ALSA: hda/ca0132 - Fix input effect controls for desktop cards
lightnvm: pblk: fix rqd.error return value in pblk_blk_erase_sync
lightnvm: pblk: fix incorrect min_write_pgs
lightnvm: pblk: guarantee emeta on line close
lightnvm: pblk: fix write amplificiation calculation
lightnvm: pblk: guarantee mw_cunits on read buffer
lightnvm: do no update csecs and sos on 1.2
lightnvm: pblk: fix error handling of pblk_lines_init()
lightnvm: pblk: consider max hw sectors supported for max_write_pgs
x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error
bpf: btf: Fix a missing check bug
net: fix generic XDP to handle if eth header was mangled
gpio: syscon: Fix possible NULL ptr usage
spi: fsl-lpspi: Prevent FIFO under/overrun by default
pinctrl: gemini: Mask and set properly
spi: spidev: Fix OF tree warning logic
ARM: 8802/1: Call syscall_trace_exit even when system call skipped
x86/mm: Do not warn about PCI BIOS W+X mappings
orangefs: rate limit the client not running info message
pinctrl: gemini: Fix up TVC clock group
scsi: arcmsr: clean up clang warning on extraneous parentheses
hwmon: (k10temp) Support all Family 15h Model 6xh and Model 7xh processors
hwmon: (nct6775) Fix names of DIMM temperature sources
hwmon: (pwm-fan) Silence error on probe deferral
hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros
hwmon: (npcm-750-pwm-fan) Change initial pwm target to 255
selftests: forwarding: Have lldpad_app_wait_set() wait for unknown, too
net: sched: avoid writing on noop_qdisc
netfilter: nft_compat: do not dump private area
misc: cxl: Fix possible null pointer dereference
mac80211: minstrel: fix using short preamble CCK rates on HT clients
mac80211: minstrel: fix CCK rate group streams value
mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode
spi: rockchip: initialize dma_slave_config properly
mlxsw: spectrum_switchdev: Check notification relevance based on upper device
ARM: dts: omap5: Fix dual-role mode on Super-Speed port
tcp: start receiver buffer autotuning sooner
ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for hibernate
PM / devfreq: Fix static checker warning in try_then_request_governor
tools: PCI: Fix broken pcitest compilation
powerpc/time: Fix clockevent_decrementer initalisation for PR KVM
mmc: tmio: fix SCC error handling to avoid false positive CRC error
x86/resctrl: Fix rdt_find_domain() return value and checks
Linux 4.19.86
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ib9de820e5026cadf4fab89e69d1324302cdae9c3
|
||
|
Matthew Wilcox (Oracle)
|
a16a366927 |
idr: Fix idr_get_next race with idr_remove
commit 5c089fd0c73411f2170ab795c9ffc16718c7d007 upstream.
If the entry is deleted from the IDR between the call to
radix_tree_iter_find() and rcu_dereference_raw(), idr_get_next()
will return NULL, which will end the iteration prematurely. We should
instead continue to the next entry in the IDR. This only happens if the
iteration is protected by the RCU lock. Most IDR users use a spinlock
or semaphore to exclude simultaneous modifications. It was noticed once
the PID allocator was converted to use the IDR, as it uses the RCU lock,
but there may be other users elsewhere in the kernel.
We can't use the normal pattern of calling radix_tree_deref_retry()
(which catches both a retry entry in a leaf node and a node entry in
the root) as the IDR supports storing entries which are unaligned,
which will trigger an infinite loop if they are encountered. Instead,
we have to explicitly check whether the entry is a retry entry.
Fixes:
|
||
Eric Biggers
|
ad28c2ba43 |
crypto: chacha20 - Fix chacha20_block() keystream alignment (again)
[ Upstream commit a5e9f557098e54af44ade5d501379be18435bfbf ]
In commit
|
||
Joel Fernandes (Google)
|
0f2b4ea6e2 |
FROMLIST: vsprintf: Inline call to ptr_to_hashval
There is concern that ptr_to_hashval not being inlined can cause performance issues (unlike before where it was a static branch) with trace_printk being a hot path for it. Just create an inline version called __ptr_to_hashval(), and have the actual ptr_to_hashval() call it. Link: http://lore.kernel.org/r/20191113153816.14b95acd@gandalf.local.home Link: lore.kernel.org/r/20191114164622.GC233237@google.com Suggested-by: Steven Rostedt <rostedt@goodmis.org> Change-Id: Ie7133b9f32a8185e244db2634b028b316a3d7ea1 Signed-off-by: Joel Fernandes <joel@joelfernandes.org> Signed-off-by: Joel Fernandes <joelaf@google.com> |
||
Joel Fernandes
|
23727eb130 |
UPSTREAM: rss_stat: Add support to detect RSS updates of external mm
When a process updates the RSS of a different process, the rss_stat tracepoint appears in the context of the process doing the update. This can confuse userspace that the RSS of process doing the update is updated, while in reality a different process's RSS was updated. This issue happens in reclaim paths such as with direct reclaim or background reclaim. This patch adds more information to the tracepoint about whether the mm being updated belongs to the current process's context (curr field). We also include a hash of the mm pointer so that the process who the mm belongs to can be uniquely identified (mm_id field). Also vsprintf.c is refactored a bit to allow reuse of hashing code. Change-Id: Ic87af93af608c83be0b08757aed99d2b9c2c01d8 Reported-by: Ioannis Ilkos <ilkos@google.com> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Acked-by: Petr Mladek <pmladek@suse.com> # lib/vsprintf.c Signed-off-by: Joel Fernandes <joelaf@google.com> |
||
|
Greg Kroah-Hartman
|
b777b6f211 |
This is the 4.19.84 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl3K+EEACgkQONu9yGCS aT5ReA/+IrdgTosfTtLizJhq+rR7UClBC4D7rOEBv6BVpKMNRdldcaVsFy6/MO6I eq3keoicBpGxY8j6mp559GT7ACvXC3L6SALlwvfmGX6BHGVmwTE1Q6UmYbMfCoVY kkZ6YUGc9T20hfvi1aG/bXerv90phIj3mSOttpLQsiNmlqkP4o2ayA9c/ohhINZ9 N3tEqh81vuZ9DQKdR6hY3iiqq8j3x5if5PppfdtQJMq8U7EUePHeiOrl6+j/PWXV UHF+BGXVJBXF7Qn3NGzLAZsI5HI+PT9ec9R5/6kFwbKnD88CR80AJpwzmPXmLjTu 584oSQHzSQzSl5+r53SrK3EgOUdsduicGHJfO9RU1ttMAkkz+t+7LSSMDMX0qMFX OGJdaiQc5arKNEcgckpnNDScRAlxK7IwUWfgcyFsjgMhLKxEfAuz8+JGJEp3QF6T bNXupekzCnhE70j1/1MObLrTshW+BwIfYgSWwjH01Fq5h6/7IcuGWtfpuanhFj0k sa4J02kdCvUPNAAlXAt07E/QS/4pLEV/Lh4K86MGR2ltYQjPEyYoY9LwIJAFEyQE /DYUTS9GvlOitpbdUT48v/msZpOHWvhza8He/ZChN17RqFrIY9ykkPkA22moCqWB w7d4HTP3dkYlt00e2DAclbCMsek9rNn+oTnY1jxGKa3pXxZAKyo= =T5EF -----END PGP SIGNATURE----- Merge 4.19.84 into android-4.19 Changes in 4.19.84 bonding: fix state transition issue in link monitoring CDC-NCM: handle incomplete transfer of MTU ipv4: Fix table id reference in fib_sync_down_addr net: ethernet: octeon_mgmt: Account for second possible VLAN header net: fix data-race in neigh_event_send() net: qualcomm: rmnet: Fix potential UAF when unregistering net: usb: qmi_wwan: add support for DW5821e with eSIM support NFC: fdp: fix incorrect free object nfc: netlink: fix double device reference drop NFC: st21nfca: fix double free qede: fix NULL pointer deref in __qede_remove() net: mscc: ocelot: don't handle netdev events for other netdevs net: mscc: ocelot: fix NULL pointer on LAG slave removal ipv6: fixes rt6_probe() and fib6_nh->last_probe init net: hns: Fix the stray netpoll locks causing deadlock in NAPI path ALSA: timer: Fix incorrectly assigned timer instance ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series ALSA: hda/ca0132 - Fix possible workqueue stall mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges mm, meminit: recalculate pcpu batch and high limits after init completes mm: thp: handle page cache THP correctly in PageTransCompoundMap mm, vmstat: hide /proc/pagetypeinfo from normal users dump_stack: avoid the livelock of the dump_lock tools: gpio: Use !building_out_of_srctree to determine srctree perf tools: Fix time sorting drm/radeon: fix si_enable_smc_cac() failed issue HID: wacom: generic: Treat serial number and related fields as unsigned soundwire: depend on ACPI soundwire: bus: set initial value to port_status arm64: Do not mask out PTE_RDONLY in pte_same() ceph: fix use-after-free in __ceph_remove_cap() ceph: add missing check in d_revalidate snapdir handling iio: adc: stm32-adc: fix stopping dma iio: imu: adis16480: make sure provided frequency is positive iio: srf04: fix wrong limitation in distance measuring ARM: sunxi: Fix CPU powerdown on A83T netfilter: nf_tables: Align nft_expr private data to 64-bit netfilter: ipset: Fix an error code in ip_set_sockfn_get() intel_th: pci: Add Comet Lake PCH support intel_th: pci: Add Jasper Lake PCH support x86/apic/32: Avoid bogus LDR warnings SMB3: Fix persistent handles reconnect can: usb_8dev: fix use-after-free on disconnect can: flexcan: disable completely the ECC mechanism can: c_can: c_can_poll(): only read status register after status IRQ can: peak_usb: fix a potential out-of-sync while decoding packets can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak can: gs_usb: gs_can_open(): prevent memory leak can: dev: add missing of_node_put() after calling of_get_child_by_name() can: mcba_usb: fix use-after-free on disconnect can: peak_usb: fix slab info leak configfs: stash the data we need into configfs_buffer at open time configfs_register_group() shouldn't be (and isn't) called in rmdirable parts configfs: new object reprsenting tree fragments configfs: provide exclusion between IO and removals configfs: fix a deadlock in configfs_symlink() ALSA: usb-audio: More validations of descriptor units ALSA: usb-audio: Simplify parse_audio_unit() ALSA: usb-audio: Unify the release of usb_mixer_elem_info objects ALSA: usb-audio: Remove superfluous bLength checks ALSA: usb-audio: Clean up check_input_term() ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk() ALSA: usb-audio: remove some dead code ALSA: usb-audio: Fix copy&paste error in the validator sched/fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices sched/fair: Fix -Wunused-but-set-variable warnings usbip: Fix vhci_urb_enqueue() URB null transfer buffer error path usbip: Implement SG support to vhci-hcd and stub driver PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30 HID: google: add magnemite/masterball USB ids dmaengine: xilinx_dma: Fix control reg update in vdma_channel_set_config dmaengine: sprd: Fix the possible memory leak issue HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring() RDMA/mlx5: Clear old rate limit when closing QP iw_cxgb4: fix ECN check on the passive accept RDMA/qedr: Fix reported firmware version net/mlx5e: TX, Fix consumer index of error cqe dump net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq scsi: qla2xxx: fixup incorrect usage of host_byte RDMA/uverbs: Prevent potential underflow net: openvswitch: free vport unless register_netdevice() succeeds scsi: lpfc: Honor module parameter lpfc_use_adisc scsi: qla2xxx: Initialized mailbox to prevent driver load failure netfilter: nf_flow_table: set timeout before insertion into hashes ipvs: don't ignore errors in case refcounting ip_vs module fails ipvs: move old_secure_tcp into struct netns_ipvs bonding: fix unexpected IFF_BONDING bit unset macsec: fix refcnt leak in module exit routine usb: fsl: Check memory resource before releasing it usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode. usb: gadget: composite: Fix possible double free memory bug usb: dwc3: pci: prevent memory leak in dwc3_pci_probe usb: gadget: configfs: fix concurrent issue between composite APIs usb: dwc3: remove the call trace of USBx_GFLADJ perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) perf/x86/uncore: Fix event group support USB: Skip endpoints with 0 maxpacket length USB: ldusb: use unsigned size format specifiers usbip: tools: Fix read_usb_vudc_device() error path handling RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case RDMA/hns: Prevent memory leaks of eq->buf_list scsi: qla2xxx: stop timer in shutdown path nvme-multipath: fix possible io hang after ctrl reconnect fjes: Handle workqueue allocation failure net: hisilicon: Fix "Trying to free already-free IRQ" net: mscc: ocelot: fix vlan_filtering when enslaving to bridge before link is up net: mscc: ocelot: refuse to overwrite the port's native vlan iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41 drm/amdgpu: If amdgpu_ib_schedule fails return back the error. drm/amd/display: Passive DP->HDMI dongle detection fix hv_netvsc: Fix error handling in netvsc_attach() usb: dwc3: gadget: fix race when disabling ep with cancelled xfers NFSv4: Don't allow a cached open with a revoked delegation net: ethernet: arc: add the missed clk_disable_unprepare igb: Fix constant media auto sense switching when no cable is connected e1000: fix memory leaks pinctrl: intel: Avoid potential glitches if pin is in GPIO mode ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() pinctrl: cherryview: Fix irq_valid_mask calculation blkcg: make blkcg_print_stat() print stats only for online blkgs iio: imu: mpu6050: Add support for the ICM 20602 IMU iio: imu: inv_mpu6050: fix no data on MPU6050 mm/filemap.c: don't initiate writeback if mapping has no dirty pages cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is dead usbip: Fix free of unallocated memory in vhci tx netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets net: prevent load/store tearing on sk->sk_stamp iio: imu: mpu6050: Fix FIFO layout for ICM20602 vsock/virtio: fix sock refcnt holding during the shutdown drm/i915: Rename gen7 cmdparser tables drm/i915: Disable Secure Batches for gen6+ drm/i915: Remove Master tables from cmdparser drm/i915: Add support for mandatory cmdparsing drm/i915: Support ro ppgtt mapped cmdparser shadow buffers drm/i915: Allow parsing of unsized batches drm/i915: Add gen9 BCS cmdparsing drm/i915/cmdparser: Use explicit goto for error paths drm/i915/cmdparser: Add support for backward jumps drm/i915/cmdparser: Ignore Length operands during command matching drm/i915: Lower RM timeout to avoid DSI hard hangs drm/i915/gen8+: Add RC6 CTX corruption WA drm/i915/cmdparser: Fix jump whitelist clearing KVM: x86: use Intel speculation bugs and features as derived in generic x86 code x86/msr: Add the IA32_TSX_CTRL MSR x86/cpu: Add a helper function x86_read_arch_cap_msr() x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default x86/speculation/taa: Add mitigation for TSX Async Abort x86/speculation/taa: Add sysfs reporting for TSX Async Abort kvm/x86: Export MDS_NO=0 to guests when TSX is enabled x86/tsx: Add "auto" option to the tsx= cmdline parameter x86/speculation/taa: Add documentation for TSX Async Abort x86/tsx: Add config options to set tsx=on|off|auto x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs x86/bugs: Add ITLB_MULTIHIT bug infrastructure x86/cpu: Add Tremont to the cpu vulnerability whitelist cpu/speculation: Uninline and export CPU mitigations helpers Documentation: Add ITLB_MULTIHIT documentation kvm: x86, powerpc: do not allow clearing largepages debugfs entry kvm: Convert kvm_lock to a mutex kvm: mmu: Do not release the page inside mmu_set_spte() KVM: x86: make FNAME(fetch) and __direct_map more similar KVM: x86: remove now unneeded hugepage gfn adjustment KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON KVM: x86: add tracepoints around __direct_map and FNAME(fetch) KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active kvm: mmu: ITLB_MULTIHIT mitigation kvm: Add helper function for creating VM worker threads kvm: x86: mmu: Recovery of shattered NX large pages Linux 4.19.84 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I7a820f00c4b868ed677bb49613f835b7e67a3a06 |
||
Kevin Hao
|
8e358a0276 |
dump_stack: avoid the livelock of the dump_lock
commit 5cbf2fff3bba8d3c6a4d47c1754de1cf57e2b01f upstream.
In the current code, we use the atomic_cmpxchg() to serialize the output
of the dump_stack(), but this implementation suffers the thundering herd
problem. We have observed such kind of livelock on a Marvell cn96xx
board(24 cpus) when heavily using the dump_stack() in a kprobe handler.
Actually we can let the competitors to wait for the releasing of the
lock before jumping to atomic_cmpxchg(). This will definitely mitigate
the thundering herd problem. Thanks Linus for the suggestion.
[akpm@linux-foundation.org: fix comment]
Link: http://lkml.kernel.org/r/20191030031637.6025-1-haokexin@gmail.com
Fixes:
|
||
|
Greg Kroah-Hartman
|
c8532f7af6 |
This is the 4.19.81 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl239joACgkQONu9yGCS aT4C8g//docfwEU2Ezqy7G2049bm0ulF99clghNoT47idndkBGgrZp1fJ9X8H7dO dxR12NoKQcYtlxdLvY1XTrHYXnxhMgECjltLeI0sd2sA90hteWx9lXS9DDcWcwWr zE4vtteCEE6b7DlMtMV3IeSqtkLIAewdlYYepmsX2xNVnRJXwCbEbvQ0TVHan0P/ 1QtuiiiO97q8NkPAOAJCqfs6l+LFfWMuKN1cESBQ7fVUg0PppP+dfqrBhyJ/C98S kA+iFkFKkRdYr7052sJtm0mSvOrBmCU9KGixHzQ9gmN7LlfxgfnQqH5i1qCL/mC2 +/9jozmZ2vhyH75VV2CT3hsVgyseptURudrmOcQC/iiCF8nDypcqrcYBYYNMNg8z u4b4bvxxXv+XzJQkgIWjiKPa1+BQh3JBubbNHxVhJecxyd6dwHH498z/9t3e1XRn 9pdW7YdVDWNI5HgxVJRTmaN157N0mQSg9ghEDQ10G/KOhY7+pbCGCEIOursSvou3 ov01uMeip2TE+OcjcEMyspcKJZkxaEvfS0iAvCYsXebPjyVwtVrT9Nph8MTJ1zPw W3YN5wt/kT3pJII2owR5SG3ti+LindvaK+jAEKsLcA9CZ3DeS2tSjwr5KQR0w8Px 5wtfVo5yFG7YRQCXKq3mhuZEeXHXOXASNEuxD4fmgXqSYwj2SZU= =bugE -----END PGP SIGNATURE----- Merge 4.19.81 into android-4.19 Changes in 4.19.81 nvme-pci: Fix a race in controller removal scsi: ufs: skip shutdown if hba is not powered scsi: megaraid: disable device when probe failed after enabled device scsi: qla2xxx: Fix unbound sleep in fcport delete path. ARM: OMAP2+: Fix missing reset done flag for am3 and am43 ARM: OMAP2+: Fix warnings with broken omap2_set_init_voltage() ieee802154: ca8210: prevent memory leak ARM: dts: am4372: Set memory bandwidth limit for DISPC net: dsa: qca8k: Use up to 7 ports for all operations MIPS: dts: ar9331: fix interrupt-controller size xen/efi: Set nonblocking callbacks nl80211: fix null pointer dereference mac80211: fix txq null pointer dereference netfilter: nft_connlimit: disable bh on garbage collection net: dsa: rtl8366rb: add missing of_node_put after calling of_get_child_by_name mips: Loongson: Fix the link time qualifier of 'serial_exit()' net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write() lib: textsearch: fix escapes in example code r8152: Set macpassthru in reset_resume callback namespace: fix namespace.pl script to support relative paths libata/ahci: Fix PCS quirk application md/raid0: fix warning message for parameter default_layout Revert "drm/radeon: Fix EEH during kexec" ocfs2: fix panic due to ocfs2_wq is null ipv4: fix race condition between route lookup and invalidation ipv4: Return -ENETUNREACH if we can't create route but saddr is valid net: avoid potential infinite loop in tc_ctl_action() net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3 net: bcmgenet: Set phydev->dev_flags only for internal PHYs net: i82596: fix dma_alloc_attr for sni_82596 net/ibmvnic: Fix EOI when running in XIVE mode. net: ipv6: fix listify ip6_rcv_finish in case of forwarding net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow sctp: change sctp_prot .no_autobind with true memfd: Fix locking when tagging pins USB: legousbtower: fix memleak on disconnect ALSA: hda/realtek - Add support for ALC711 ALSA: hda/realtek - Enable headset mic on Asus MJ401TA ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers ALSA: hda - Force runtime PM on Nvidia HDMI codecs usb: udc: lpc32xx: fix bad bit shift operation USB: serial: ti_usb_3410_5052: fix port-close races USB: ldusb: fix memleak on disconnect USB: usblp: fix use-after-free on disconnect USB: ldusb: fix read info leaks MIPS: tlbex: Fix build_restore_pagemask KScratch restore staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS scsi: zfcp: fix reaction on bit error threshold notification scsi: sd: Ignore a failure to sync cache due to lack of authorization scsi: core: save/restore command resid for error handling scsi: core: try to get module before removing device scsi: ch: Make it possible to open a ch device multiple times again Input: da9063 - fix capability and drop KEY_SLEEP Input: synaptics-rmi4 - avoid processing unknown IRQs ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() cfg80211: wext: avoid copying malformed SSIDs mac80211: Reject malformed SSID elements drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 drm/ttm: Restore ttm prefaulting drm/amdgpu: Bail earlier when amdgpu.cik_/si_support is not set to 1 drivers/base/memory.c: don't access uninitialized memmaps in soft_offline_page_store() fs/proc/page.c: don't access uninitialized memmaps in fs/proc/page.c mmc: cqhci: Commit descriptors before setting the doorbell mm/memory-failure.c: don't access uninitialized memmaps in memory_failure() mm/slub: fix a deadlock in show_slab_objects() mm/page_owner: don't access uninitialized memmaps when reading /proc/pagetypeinfo hugetlbfs: don't access uninitialized memmaps in pfn_range_valid_gigantic() mm/memory-failure: poison read receives SIGKILL instead of SIGBUS if mmaped more than once xtensa: drop EXPORT_SYMBOL for outs*/ins* parisc: Fix vmap memory leak in ioremap()/iounmap() EDAC/ghes: Fix Use after free in ghes_edac remove path arm64: Enable workaround for Cavium TX2 erratum 219 when running SMT CIFS: avoid using MID 0xFFFF CIFS: Fix use after free of file info structures perf/aux: Fix AUX output stopping tracing: Fix race in perf_trace_buf initialization dm cache: fix bugs when a GFP_NOWAIT allocation fails x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area x86/apic/x2apic: Fix a NULL pointer deref when handling a dying cpu pinctrl: cherryview: restore Strago DMI workaround for all versions pinctrl: armada-37xx: fix control of pins 32 and up pinctrl: armada-37xx: swap polarity on LED group btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() Btrfs: add missing extents release on file extent cluster relocation error Btrfs: check for the full sync flag while holding the inode lock during fsync btrfs: tracepoints: Fix bad entry members of qgroup events memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown xen/netback: fix error path of xenvif_connect_data() PCI: PM: Fix pci_power_up() blk-rq-qos: fix first node deletion of rq_qos_del() RDMA/cxgb4: Do not dma memory off of the stack Linux 4.19.81 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I96ed6b6f11919bc6dd4b560b160b8e7059ec574e |
||
Randy Dunlap
|
0cb5c7b06a |
lib: textsearch: fix escapes in example code
[ Upstream commit 2105b52e30debe7f19f3218598d8ae777dcc6776 ]
This textsearch code example does not need the '\' escapes and they can
be misleading to someone reading the example. Also, gcc and sparse warn
that the "\%d" is an unknown escape sequence.
Fixes:
|
||
Andrey Konovalov
|
f0526f4075 |
BACKPORT: lib: untag user pointers in strn*_user
Backport: drop sparc changes. (Upstream commit 903f433f8f7a33e292a319259483adece8cc6674). Patch series "arm64: untag user pointers passed to the kernel", v19. === Overview arm64 has a feature called Top Byte Ignore, which allows to embed pointer tags into the top byte of each pointer. Userspace programs (such as HWASan, a memory debugging tool [1]) might use this feature and pass tagged user pointers to the kernel through syscalls or other interfaces. Right now the kernel is already able to handle user faults with tagged pointers, due to these patches: 1. |
||
|
Greg Kroah-Hartman
|
75337a6f96 |
This is the 4.19.78 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl2bbnkACgkQONu9yGCS aT6bng/+Jvj4gXLq2w+KmeN1SRbNu2ee+GjQsgQR6JZ3/dY5+rzPhuL37Op0fQd6 UwnLhY4TL3PUiRCE8pNaVYI8nDfpxRkohYP+SMtGyoQKmoiy3W/SWe3CgEwniLwg k9TsuqxUsIUeEdSr6Bjbry0IU4VoZ3MP0cmMc1SrFUqJzFoGoUMHsHmQJvDPiy1f l7oZUgYrXArcnPhCda6peD9AJUfuIRKAM4BW47WN6Z9moqAAAa60eXN/u/hHp+Qc w55AZTSxel7CMbLDMnZ6/xWDgY/FHTLjkmhdIl9H6Qi8SbrJwq23zXnBO5xVameQ 4MaLIgrp7M5sohAVFdqAVZYyZrkX91ssVujYwc+I6O1TYdja1Usj2TzdyL/MPqzY FLM9s3P0C3xKLdlg5gq9BxxnohIIhNmBy069NGsmfFd9jP2o6vFUEjiVxSY7Hp3r GpZP1ETAfMNHCG3jN3o5EkwyLoQHegFWfLpCIEF++k9gjo2CP00+Lf16RVrSsG47 ILobFW5Wy4RXFyd7M8PrjSyuAtuzkUTzxg6P+6zuEtPwwvZPtadd97dGbA90pKvv eB1UPHu8/emMhW/8fwDBbpeQbIh0pHtX2yQq/LTItEHGr+YjRTIyH3Z/fST5itre ZDofsls4A+70TQ5/XOgjlDjco93iUs8KULDzQqvTFIuUIlvk3hQ= =7fm2 -----END PGP SIGNATURE----- Merge 4.19.78 into android-4.19 Changes in 4.19.78 tpm: use tpm_try_get_ops() in tpm-sysfs.c. tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations drm/bridge: tc358767: Increase AUX transfer length limit drm/panel: simple: fix AUO g185han01 horizontal blanking video: ssd1307fb: Start page range at page_offset drm/stm: attach gem fence to atomic state drm/panel: check failure cases in the probe func drm/rockchip: Check for fast link training before enabling psr drm/radeon: Fix EEH during kexec gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property() PCI: rpaphp: Avoid a sometimes-uninitialized warning ipmi_si: Only schedule continuously in the thread in maintenance mode clk: qoriq: Fix -Wunused-const-variable clk: sunxi-ng: v3s: add missing clock slices for MMC2 module clocks drm/amd/display: fix issue where 252-255 values are clipped drm/amd/display: reprogram VM config when system resume powerpc/powernv/ioda2: Allocate TCE table levels on demand for default DMA window clk: actions: Don't reference clk_init_data after registration clk: sirf: Don't reference clk_init_data after registration clk: sprd: Don't reference clk_init_data after registration clk: zx296718: Don't reference clk_init_data after registration powerpc/xmon: Check for HV mode when dumping XIVE info from OPAL powerpc/rtas: use device model APIs and serialization during LPM powerpc/futex: Fix warning: 'oldval' may be used uninitialized in this function powerpc/pseries/mobility: use cond_resched when updating device tree pinctrl: tegra: Fix write barrier placement in pmx_writel powerpc/eeh: Clear stale EEH_DEV_NO_HANDLER flag vfio_pci: Restore original state on release drm/nouveau/volt: Fix for some cards having 0 maximum voltage pinctrl: amd: disable spurious-firing GPIO IRQs clk: renesas: mstp: Set GENPD_FLAG_ALWAYS_ON for clock domain clk: renesas: cpg-mssr: Set GENPD_FLAG_ALWAYS_ON for clock domain drm/amd/display: support spdif drm/amdgpu/si: fix ASIC tests powerpc/64s/exception: machine check use correct cfar for late handler pstore: fs superblock limits clk: qcom: gcc-sdm845: Use floor ops for sdcc clks powerpc/pseries: correctly track irq state in default idle pinctrl: meson-gxbb: Fix wrong pinning definition for uart_c arm64: fix unreachable code issue with cmpxchg clk: at91: select parent if main oscillator or bypass is enabled powerpc: dump kernel log before carrying out fadump or kdump mbox: qcom: add APCS child device for QCS404 clk: sprd: add missing kfree scsi: core: Reduce memory required for SCSI logging dma-buf/sw_sync: Synchronize signal vs syncpt free ext4: fix potential use after free after remounting with noblock_validity MIPS: Ingenic: Disable broken BTB lookup optimization. MIPS: tlbex: Explicitly cast _PAGE_NO_EXEC to a boolean i2c-cht-wc: Fix lockdep warning mfd: intel-lpss: Remove D3cold delay PCI: tegra: Fix OF node reference leak HID: wacom: Fix several minor compiler warnings livepatch: Nullify obj->mod in klp_module_coming()'s error path ARM: 8898/1: mm: Don't treat faults reported from cache maintenance as writes soundwire: intel: fix channel number reported by hardware ARM: 8875/1: Kconfig: default to AEABI w/ Clang rtc: snvs: fix possible race condition rtc: pcf85363/pcf85263: fix regmap error in set_time HID: apple: Fix stuck function keys when using FN PCI: rockchip: Propagate errors for optional regulators PCI: histb: Propagate errors for optional regulators PCI: imx6: Propagate errors for optional regulators PCI: exynos: Propagate errors for optional PHYs security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb() ARM: 8903/1: ensure that usable memory in bank 0 starts from a PMD-aligned address fat: work around race with userspace's read via blockdev while mounting pktcdvd: remove warning on attempting to register non-passthrough dev hypfs: Fix error number left in struct pointer member crypto: hisilicon - Fix double free in sec_free_hw_sgl() kbuild: clean compressed initramfs image ocfs2: wait for recovering done after direct unlock request kmemleak: increase DEBUG_KMEMLEAK_EARLY_LOG_SIZE default to 16K arm64: consider stack randomization for mmap base only when necessary mips: properly account for stack randomization and stack guard gap arm: properly account for stack randomization and stack guard gap arm: use STACK_TOP when computing mmap base address block: mq-deadline: Fix queue restart handling bpf: fix use after free in prog symbol exposure cxgb4:Fix out-of-bounds MSI-X info array access erspan: remove the incorrect mtu limit for erspan hso: fix NULL-deref on tty open ipv6: drop incoming packets having a v4mapped source address ipv6: Handle missing host route in __ipv6_ifa_notify net: ipv4: avoid mixed n_redirects and rate_tokens usage net: qlogic: Fix memory leak in ql_alloc_large_buffers net: Unpublish sk from sk_reuseport_cb before call_rcu nfc: fix memory leak in llcp_sock_bind() qmi_wwan: add support for Cinterion CLS8 devices rxrpc: Fix rxrpc_recvmsg tracepoint sch_dsmark: fix potential NULL deref in dsmark_init() udp: fix gso_segs calculations vsock: Fix a lockdep warning in __vsock_release() net: dsa: rtl8366: Check VLAN ID and not ports udp: only do GSO if # of segs > 1 net/rds: Fix error handling in rds_ib_add_one() xen-netfront: do not use ~0U as error return value for xennet_fill_frags() tipc: fix unlimited bundling of small messages sch_cbq: validate TCA_CBQ_WRROPT to avoid crash soundwire: Kconfig: fix help format soundwire: fix regmap dependencies and align with other serial links Smack: Don't ignore other bprm->unsafe flags if LSM_UNSAFE_PTRACE is set smack: use GFP_NOFS while holding inode_smack::smk_lock NFC: fix attrs checks in netlink interface kexec: bail out upon SIGKILL when allocating memory. 9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie Linux 4.19.78 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I02db9c4a0cc1f784e6ac1523599fcbed747a6375 |
||
Nicolas Boichat
|
30ab799e75 |
kmemleak: increase DEBUG_KMEMLEAK_EARLY_LOG_SIZE default to 16K
[ Upstream commit b751c52bb587ae66f773b15204ef7a147467f4c7 ] The current default value (400) is too low on many systems (e.g. some ARM64 platform takes up 1000+ entries). syzbot uses 16000 as default value, and has proved to be enough on beefy configurations, so let's pick that value. This consumes more RAM on boot (each entry is 160 bytes, so in total ~2.5MB of RAM), but the memory would later be freed (early_log is __initdata). Link: http://lkml.kernel.org/r/20190730154027.101525-1-drinkcat@chromium.org Signed-off-by: Nicolas Boichat <drinkcat@chromium.org> Suggested-by: Dmitry Vyukov <dvyukov@google.com> Acked-by: Catalin Marinas <catalin.marinas@arm.com> Acked-by: Dmitry Vyukov <dvyukov@google.com> Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Cc: Kees Cook <keescook@chromium.org> Cc: Petr Mladek <pmladek@suse.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Cc: Joe Lawrence <joe.lawrence@redhat.com> Cc: Uladzislau Rezki <urezki@gmail.com> Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Cc: Stephen Rothwell <sfr@canb.auug.org.au> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
Andrey Ryabinin
|
f46851e627 |
BACKPORT: kasan: remove use after scope bugs detection.
(Upstream commit 7771bdbbfd3d6f204631b6fd9e1bbc30cd15918e). Use after scope bugs detector seems to be almost entirely useless for the linux kernel. It exists over two years, but I've seen only one valid bug so far [1]. And the bug was fixed before it has been reported. There were some other use-after-scope reports, but they were false-positives due to different reasons like incompatibility with structleak plugin. This feature significantly increases stack usage, especially with GCC < 9 version, and causes a 32K stack overflow. It probably adds performance penalty too. Given all that, let's remove use-after-scope detector entirely. While preparing this patch I've noticed that we mistakenly enable use-after-scope detection for clang compiler regardless of CONFIG_KASAN_EXTRA setting. This is also fixed now. [1] http://lkml.kernel.org/r/<20171129052106.rhgbjhhis53hkgfn@wfg-t540p.sh.intel.com> Link: http://lkml.kernel.org/r/20190111185842.13978-1-aryabinin@virtuozzo.com Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Acked-by: Will Deacon <will.deacon@arm.com> [arm64] Cc: Qian Cai <cai@lca.pw> Cc: Alexander Potapenko <glider@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Change-Id: I00d869a5e287e3e198950b78ad17bd6ff6a51595 Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Bug: 128674696 |
||
|
Arnd Bergmann
|
b1932f7fee |
BACKPORT: kasan: turn off asan-stack for clang-8 and earlier
(Upstream commit 6baec880d7a53cbc2841123e56ee31e830df9b49). Building an arm64 allmodconfig kernel with clang results in over 140 warnings about overly large stack frames, the worst ones being: drivers/gpu/drm/panel/panel-sitronix-st7789v.c:196:12: error: stack frame size of 20224 bytes in function 'st7789v_prepare' drivers/video/fbdev/omap2/omapfb/displays/panel-tpo-td028ttec1.c:196:12: error: stack frame size of 13120 bytes in function 'td028ttec1_panel_enable' drivers/usb/host/max3421-hcd.c:1395:1: error: stack frame size of 10048 bytes in function 'max3421_spi_thread' drivers/net/wan/slic_ds26522.c:209:12: error: stack frame size of 9664 bytes in function 'slic_ds26522_probe' drivers/crypto/ccp/ccp-ops.c:2434:5: error: stack frame size of 8832 bytes in function 'ccp_run_cmd' drivers/media/dvb-frontends/stv0367.c:1005:12: error: stack frame size of 7840 bytes in function 'stv0367ter_algo' None of these happen with gcc today, and almost all of these are the result of a single known issue in llvm. Hopefully it will eventually get fixed with the clang-9 release. In the meantime, the best idea I have is to turn off asan-stack for clang-8 and earlier, so we can produce a kernel that is safe to run. I have posted three patches that address the frame overflow warnings that are not addressed by turning off asan-stack, so in combination with this change, we get much closer to a clean allmodconfig build, which in turn is necessary to do meaningful build regression testing. It is still possible to turn on the CONFIG_ASAN_STACK option on all versions of clang, and it's always enabled for gcc, but when CONFIG_COMPILE_TEST is set, the option remains invisible, so allmodconfig and randconfig builds (which are normally done with a forced CONFIG_COMPILE_TEST) will still result in a mostly clean build. Link: http://lkml.kernel.org/r/20190222222950.3997333-1-arnd@arndb.de Link: https://bugs.llvm.org/show_bug.cgi?id=38809 Signed-off-by: Arnd Bergmann <arnd@arndb.de> Reviewed-by: Qian Cai <cai@lca.pw> Reviewed-by: Mark Brown <broonie@kernel.org> Acked-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Nick Desaulniers <ndesaulniers@google.com> Cc: Kostya Serebryany <kcc@google.com> Cc: Andrey Konovalov <andreyknvl@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Change-Id: Ieefb7b14a9a4c36054e0a6d39f018d39ba78313d Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Bug: 128674696 |
||
|
Andrey Konovalov
|
8712cc728d |
BACKPORT: kasan: add CONFIG_KASAN_GENERIC and CONFIG_KASAN_SW_TAGS
The conflict during backport is caused by the include/linux/compiler_attributes.h file not being present. (Upstream commit 2bd926b439b4cb6b9ed240a9781cd01958b53d85). This commit splits the current CONFIG_KASAN config option into two: 1. CONFIG_KASAN_GENERIC, that enables the generic KASAN mode (the one that exists now); 2. CONFIG_KASAN_SW_TAGS, that enables the software tag-based KASAN mode. The name CONFIG_KASAN_SW_TAGS is chosen as in the future we will have another hardware tag-based KASAN mode, that will rely on hardware memory tagging support in arm64. With CONFIG_KASAN_SW_TAGS enabled, compiler options are changed to instrument kernel files with -fsantize=kernel-hwaddress (except the ones for which KASAN_SANITIZE := n is set). Both CONFIG_KASAN_GENERIC and CONFIG_KASAN_SW_TAGS support both CONFIG_KASAN_INLINE and CONFIG_KASAN_OUTLINE instrumentation modes. This commit also adds empty placeholder (for now) implementation of tag-based KASAN specific hooks inserted by the compiler and adjusts common hooks implementation. While this commit adds the CONFIG_KASAN_SW_TAGS config option, this option is not selectable, as it depends on HAVE_ARCH_KASAN_SW_TAGS, which we will enable once all the infrastracture code has been added. Link: http://lkml.kernel.org/r/b2550106eb8a68b10fefbabce820910b115aa853.1544099024.git.andreyknvl@google.com Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Reviewed-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Reviewed-by: Dmitry Vyukov <dvyukov@google.com> Cc: Christoph Lameter <cl@linux.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Will Deacon <will.deacon@arm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Change-Id: Id95c0c0b6857c6b30f2bea4597aea6c90273ef89 Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Bug: 128674696 |
||
|
Andrey Ryabinin
|
c904d75be8 |
UPSTREAM: lib/test_kasan.c: add tests for several string/memory API functions
(Upstream commit 0c96350a2d2f64fe777b444c995f6bb633c5d069). Arch code may have asm implementation of string/memory API functions instead of using generic one from lib/string.c. KASAN don't see memory accesses in asm code, thus can miss many bugs. E.g. on ARM64 KASAN don't see bugs in memchr(), memcmp(), str[r]chr(), str[n]cmp(), str[n]len(). Add tests for these functions to be sure that we notice the problem on other architectures. Link: http://lkml.kernel.org/r/20180920135631.23833-3-aryabinin@virtuozzo.com Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Alexander Potapenko <glider@google.com> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Dmitry Vyukov <dvyukov@google.com> Cc: Kyeongdon Kim <kyeongdon.kim@lge.com> Cc: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Andrey Konovalov <andreyknvl@google.com> Bug: 128674696 Change-Id: I378fa5e7b3e9f4ff85d29ecadbb0c29c26870de8 |
||
|
Linus Torvalds
|
ac351de9dd |
BACKPORT: make 'user_access_begin()' do 'access_ok()'
upstream commit 594cc251fdd0 ("make 'user_access_begin()' do 'access_ok()'")
Originally, the rule used to be that you'd have to do access_ok()
separately, and then user_access_begin() before actually doing the
direct (optimized) user access.
But experience has shown that people then decide not to do access_ok()
at all, and instead rely on it being implied by other operations or
similar. Which makes it very hard to verify that the access has
actually been range-checked.
If you use the unsafe direct user accesses, hardware features (either
SMAP - Supervisor Mode Access Protection - on x86, or PAN - Privileged
Access Never - on ARM) do force you to use user_access_begin(). But
nothing really forces the range check.
By putting the range check into user_access_begin(), we actually force
people to do the right thing (tm), and the range check vill be visible
near the actual accesses. We have way too long a history of people
trying to avoid them.
Bug: 135368228
Change-Id: I4ca0e4566ea080fa148c5e768bb1a0b6f7201c01
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||
|
Greg Kroah-Hartman
|
6b1f307bd0 |
This is the 4.19.70 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl1yF0AACgkQONu9yGCS
aT64ew/6AzJDRMcmnx1COeRP8tfQ5A8ghjnp6REEca1MYJWjDlqd0X+EMd/7zorZ
YkBzb1ND1c/9KeGQzdx8lJ5lcNRVJcD7tT6irT5zMnBcyR9uPamAaVgmVHXxuorK
el4nvX9g/MxBLsuqLHxGr5pNXi7mHu6zfXyQ86TJzlez7yHlPuiJb8bDpHnCRJ1P
n/MemPq/nQgC5jPBQRhT+IpqC1MTIHNhRaHHg/5Gdrrz+eVumnk+1zbWqtBRuJKS
qS7RL1pI0Su00i5bY1r76iSkoRkGw9SoeIgz3sycbtAvGo9TI16/hZPvWAsYOAjL
2DQS0rMPSnM4QV0odbUImFt86f0YJiAL7xYS8EYCc4GX/eLbNRtP8yLq+8rlo4Oa
36HbiNhGSEjRxenfVRUD/STgBYzfVeQOMEyFJNRtfNDP/l66sLk/pEOEd83j06H4
G87BJgKFC35dv5QrbCmJO8P1IXLs5QaChD3dL6R9/hbvCU2A/MOqhPL16JCXWA20
+hOWn8ryrtBa5Dt0avAkrrnUNC8cVWyD44uAm+Hu/49CZpkTasZMB7Z81VSIsuvO
xoT1Jx0J1W/LtHwCghSkui/fjQjVpkP3xnB7zVGem73Mpcm68g6mLajKaUrLnJHp
/sz2mppF7gZob43anTtUhSV9OvrzqftkR+iFg3rCKSJyQE1o48o=
=hMvg
-----END PGP SIGNATURE-----
Merge 4.19.70 into android-4.19
Changes in 4.19.70
dmaengine: ste_dma40: fix unneeded variable warning
nvme-multipath: revalidate nvme_ns_head gendisk in nvme_validate_ns
afs: Fix the CB.ProbeUuid service handler to reply correctly
afs: Fix loop index mixup in afs_deliver_vl_get_entry_by_name_u()
fs: afs: Fix a possible null-pointer dereference in afs_put_read()
afs: Only update d_fsdata if different in afs_d_revalidate()
nvmet-loop: Flush nvme_delete_wq when removing the port
nvme: fix a possible deadlock when passthru commands sent to a multipath device
nvme-pci: Fix async probe remove race
soundwire: cadence_master: fix register definition for SLAVE_STATE
soundwire: cadence_master: fix definitions for INTSTAT0/1
auxdisplay: panel: need to delete scan_timer when misc_register fails in panel_attach
dmaengine: stm32-mdma: Fix a possible null-pointer dereference in stm32_mdma_irq_handler()
omap-dma/omap_vout_vrfb: fix off-by-one fi value
iommu/dma: Handle SG length overflow better
usb: gadget: composite: Clear "suspended" on reset/disconnect
usb: gadget: mass_storage: Fix races between fsg_disable and fsg_set_alt
xen/blkback: fix memory leaks
arm64: cpufeature: Don't treat granule sizes as strict
i2c: rcar: avoid race when unregistering slave client
i2c: emev2: avoid race when unregistering slave client
drm/ast: Fixed reboot test may cause system hanged
usb: host: fotg2: restart hcd after port reset
tools: hv: fixed Python pep8/flake8 warnings for lsvmbus
tools: hv: fix KVP and VSS daemons exit code
drm/i915: fix broadwell EU computation
watchdog: bcm2835_wdt: Fix module autoload
drm/bridge: tfp410: fix memleak in get_modes()
scsi: ufs: Fix RX_TERMINATION_FORCE_ENABLE define value
drm/tilcdc: Register cpufreq notifier after we have initialized crtc
net/tls: Fixed return value when tls_complete_pending_work() fails
net/tls: swap sk_write_space on close
net: tls, fix sk_write_space NULL write when tx disabled
ipv6/addrconf: allow adding multicast addr if IFA_F_MCAUTOJOIN is set
ipv6: Default fib6_type to RTN_UNICAST when not set
net/smc: make sure EPOLLOUT is raised
tcp: make sure EPOLLOUT wont be missed
ipv4/icmp: fix rt dst dev null pointer dereference
mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n
ALSA: usb-audio: Check mixer unit bitmap yet more strictly
ALSA: line6: Fix memory leak at line6_init_pcm() error path
ALSA: hda - Fixes inverted Conexant GPIO mic mute led
ALSA: seq: Fix potential concurrent access to the deleted pool
ALSA: usb-audio: Fix invalid NULL check in snd_emuusb_set_samplerate()
ALSA: usb-audio: Add implicit fb quirk for Behringer UFX1604
kvm: x86: skip populating logical dest map if apic is not sw enabled
KVM: x86: Don't update RIP or do single-step on faulting emulation
uprobes/x86: Fix detection of 32-bit user mode
x86/apic: Do not initialize LDR and DFR for bigsmp
x86/apic: Include the LDR when clearing out APIC registers
ftrace: Fix NULL pointer dereference in t_probe_next()
ftrace: Check for successful allocation of hash
ftrace: Check for empty hash and comment the race with registering probes
usb-storage: Add new JMS567 revision to unusual_devs
USB: cdc-wdm: fix race between write and disconnect due to flag abuse
usb: hcd: use managed device resources
usb: chipidea: udc: don't do hardware access if gadget has stopped
usb: host: ohci: fix a race condition between shutdown and irq
usb: host: xhci: rcar: Fix typo in compatible string matching
USB: storage: ums-realtek: Update module parameter description for auto_delink_en
USB: storage: ums-realtek: Whitelist auto-delink support
mei: me: add Tiger Lake point LP device ID
mmc: sdhci-of-at91: add quirk for broken HS200
mmc: core: Fix init of SD cards reporting an invalid VDD range
stm class: Fix a double free of stm_source_device
intel_th: pci: Add support for another Lewisburg PCH
intel_th: pci: Add Tiger Lake support
typec: tcpm: fix a typo in the comparison of pdo_max_voltage
fsi: scom: Don't abort operations for minor errors
lib: logic_pio: Fix RCU usage
lib: logic_pio: Avoid possible overlap for unregistering regions
lib: logic_pio: Add logic_pio_unregister_range()
drm/amdgpu: Add APTX quirk for Dell Latitude 5495
drm/i915: Don't deballoon unused ggtt drm_mm_node in linux guest
drm/i915: Call dma_set_max_seg_size() in i915_driver_hw_probe()
bus: hisi_lpc: Unregister logical PIO range to avoid potential use-after-free
bus: hisi_lpc: Add .remove method to avoid driver unbind crash
VMCI: Release resource if the work is already queued
crypto: ccp - Ignore unconfigured CCP device on suspend/resume
Revert "cfg80211: fix processing world regdomain when non modular"
mac80211: fix possible sta leak
mac80211: Don't memset RXCB prior to PAE intercept
mac80211: Correctly set noencrypt for PAE frames
KVM: PPC: Book3S: Fix incorrect guest-to-user-translation error handling
KVM: arm/arm64: vgic: Fix potential deadlock when ap_list is long
KVM: arm/arm64: vgic-v2: Handle SGI bits in GICD_I{S,C}PENDR0 as WI
NFS: Clean up list moves of struct nfs_page
NFSv4/pnfs: Fix a page lock leak in nfs_pageio_resend()
NFS: Pass error information to the pgio error cleanup routine
NFS: Ensure O_DIRECT reports an error if the bytes read/written is 0
i2c: piix4: Fix port selection for AMD Family 16h Model 30h
x86/ptrace: fix up botched merge of spectrev1 fix
mt76: mt76x0u: do not reset radio on resume
Revert "ASoC: Fail card instantiation if DAI format setup fails"
Linux 4.19.70
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I35ff8a403a05a8c66d87cb4b542997e63c422288
|
||
John Garry
|
c4616a9b3d |
lib: logic_pio: Add logic_pio_unregister_range()
commit b884e2de2afc68ce30f7093747378ef972dde253 upstream. Add a function to unregister a logical PIO range. Logical PIO space can still be leaked when unregistering certain LOGIC_PIO_CPU_MMIO regions, but this acceptable for now since there are no callers to unregister LOGIC_PIO_CPU_MMIO regions, and the logical PIO region allocation scheme would need significant work to improve this. Cc: stable@vger.kernel.org Signed-off-by: John Garry <john.garry@huawei.com> Signed-off-by: Wei Xu <xuwei5@hisilicon.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
John Garry
|
7faef13e6f |
lib: logic_pio: Avoid possible overlap for unregistering regions
commit 0a27142bd1ee259e24a0be2b0133e5ca5df8da91 upstream. The code was originally written to not support unregistering logical PIO regions. To accommodate supporting unregistering logical PIO regions, subtly modify LOGIC_PIO_CPU_MMIO region registration code, such that the "end" of the registered regions is the "end" of the last region, and not the sum of the sizes of all the registered regions. Cc: stable@vger.kernel.org Signed-off-by: John Garry <john.garry@huawei.com> Signed-off-by: Wei Xu <xuwei5@hisilicon.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
John Garry
|
b865c2c6e3 |
lib: logic_pio: Fix RCU usage
commit 06709e81c668f5f56c65b806895b278517bd44e0 upstream.
The traversing of io_range_list with list_for_each_entry_rcu()
is not properly protected by rcu_read_lock() and rcu_read_unlock(),
so add them.
These functions mark the critical section scope where the list is
protected for the reader, it cannot be "reclaimed". Any updater - in
this case, the logical PIO registration functions - cannot update the
list until the reader exits this critical section.
In addition, the list traversing used in logic_pio_register_range()
does not need to use the rcu variant.
This is because we are already using io_range_mutex to guarantee mutual
exclusion from mutating the list.
Cc: stable@vger.kernel.org
Fixes:
|
||
|
Alexander Potapenko
|
881c8b1e6b |
UPSTREAM: lib/test_meminit.c: use GFP_ATOMIC in RCU critical section
Upstream commit 733d1d1a7745 ("lib/test_meminit.c: use GFP_ATOMIC in RCU
critical section").
kmalloc() shouldn't sleep while in RCU critical section, therefore use
GFP_ATOMIC instead of GFP_KERNEL.
The bug was spotted by the 0day kernel testing robot.
Link: http://lkml.kernel.org/r/20190725121703.210874-1-glider@google.com
Fixes: 7e659650cbda ("lib: introduce test_meminit module")
Signed-off-by: Alexander Potapenko <glider@google.com>
Reviewed-by: Andrew Morton <akpm@linux-foundation.org>
Reported-by: kernel test robot <lkp@intel.com>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: I0cc435a0a5478e590180f720e3548d6e27789a1e
Bug: 138435492
Test: Boot cuttlefish with and without
Test: CONFIG_INIT_ON_ALLOC_DEFAULT_ON/CONFIG_INIT_ON_FREE_DEFAULT_ON
Signed-off-by: Alexander Potapenko <glider@google.com>
|
||
|
Alexander Potapenko
|
1607dadbf2 |
UPSTREAM: lib/test_meminit.c: minor test fixes
Upstream commit 4ab7ace46546 ("lib/test_meminit.c: minor test fixes").
Fix the following issues in test_meminit.c:
- |size| in fill_with_garbage_skip() should be signed so that it
doesn't overflow if it's not aligned on sizeof(*p);
- fill_with_garbage_skip() should actually skip |skip| bytes;
- do_kmem_cache_size() should deallocate memory in the RCU case.
Link: http://lkml.kernel.org/r/20190626133135.217355-1-glider@google.com
Fixes: 7e659650cbda ("lib: introduce test_meminit module")
Fixes: 94e8988d91c7 ("lib/test_meminit.c: fix -Wmaybe-uninitialized false positive")
Signed-off-by: Alexander Potapenko <glider@google.com>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: Icb31f93f509a25e1fc8d05286a5ba56e720d6b03
Bug: 138435492
Test: Boot cuttlefish with and without
Test: CONFIG_INIT_ON_ALLOC_DEFAULT_ON/CONFIG_INIT_ON_FREE_DEFAULT_ON
Signed-off-by: Alexander Potapenko <glider@google.com>
|
||
|
Arnd Bergmann
|
51889763b7 |
UPSTREAM: lib/test_meminit.c: fix -Wmaybe-uninitialized false positive
Upstream commit d3a811617ae6 ("lib/test_meminit.c: fix
-Wmaybe-uninitialized false positive").
The conditional logic is too complicated for the compiler to fully
comprehend:
lib/test_meminit.c: In function 'test_meminit_init':
lib/test_meminit.c:236:5: error: 'buf_copy' may be used uninitialized in this function [-Werror=maybe-uninitialized]
kfree(buf_copy);
^~~~~~~~~~~~~~~
lib/test_meminit.c:201:14: note: 'buf_copy' was declared here
Simplify it by splitting out the non-rcu section.
Link: http://lkml.kernel.org/r/20190617131210.2190280-1-arnd@arndb.de
Fixes: af734ee6ec85 ("lib: introduce test_meminit module")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Alexander Potapenko <glider@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: I810a4b8f115f387c8ffe30937ac1225849520132
Bug: 138435492
Test: Boot cuttlefish with and without
Test: CONFIG_INIT_ON_ALLOC_DEFAULT_ON/CONFIG_INIT_ON_FREE_DEFAULT_ON
Signed-off-by: Alexander Potapenko <glider@google.com>
|
||
|
Alexander Potapenko
|
e703875779 |
UPSTREAM: lib: introduce test_meminit module
Upstream commit 5015a300a522 ("lib: introduce test_meminit module").
Add tests for heap and pagealloc initialization. These can be used to
check init_on_alloc and init_on_free implementations as well as other
approaches to initialization.
Expected test output in the case the kernel provides heap initialization
(e.g. when running with either init_on_alloc=1 or init_on_free=1):
test_meminit: all 10 tests in test_pages passed
test_meminit: all 40 tests in test_kvmalloc passed
test_meminit: all 60 tests in test_kmemcache passed
test_meminit: all 10 tests in test_rcu_persistent passed
test_meminit: all 120 tests passed!
Link: http://lkml.kernel.org/r/20190529123812.43089-4-glider@google.com
Signed-off-by: Alexander Potapenko <glider@google.com>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: Christoph Lameter <cl@linux.com>
Cc: Nick Desaulniers <ndesaulniers@google.com>
Cc: Kostya Serebryany <kcc@google.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: Sandeep Patil <sspatil@android.com>
Cc: Laura Abbott <labbott@redhat.com>
Cc: Jann Horn <jannh@google.com>
Cc: Marco Elver <elver@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Change-Id: I815efdc79304ae1ad6ef60277ac5b88a4c41d479
Bug: 138435492
Test: Boot cuttlefish with and without
Test: CONFIG_INIT_ON_ALLOC_DEFAULT_ON/CONFIG_INIT_ON_FREE_DEFAULT_ON
Signed-off-by: Alexander Potapenko <glider@google.com>
|
||
|
Greg Kroah-Hartman
|
b1e96f1650 |
This is the 4.19.67 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl1WZYYACgkQONu9yGCS aT5VjRAApdD6wuKcKhZ8j010Ni18w6W+3qs6IuIXv94eav0zFSRaO9Zp93lZq2p0 h+k+ssZ+P8a4EuDquzDydlagno9hojHFAYr+9loPZlZUw578Jzg9JbJK9Z1MyQCo BCRElzZG67E+WjLP0wGHnS0oVhIoHlJaVWP3pEYkTJILY65ErLT/fYGs64YUAEKr Ct1pKoIHPEC0606IKx12kmV645ME4z6pI7g4kLDhk2BozglbxGlwdHgVuIe/NzDP PraR1gqMoOD2skjK673ozsZ65yuiVeqSTsbs49Xao1lAS6etUMbC/ACU/yrhL48H mMM/EFTSKb5TjJSxQAXU1ANQrm4X6n1yPkNW/MdthnPAotDY3Nda4NNVE9X2toM7 XW0HfFdcVD7aJtpC/h6ckndGTaOGkHSPjhJtSlBEjF76BA+KhZ9hhcjNWng92bWL d5Nws4b82wvgM6T99mkZfbMc2MOopPMf+I94W0JcMa49+rXhyhJdrC72GpxKLdSq +XtZJupFWg0RrPlZfmc4Az8f/uY0UfR9gNSaHJokaZAkMzH2x4MzMnPxwRiXAw4W qz1s+sgZlqUQcWvODzaNvG1l7QtjD5rbdJ+FAjN2+16F8rep52Yl/IQffYr04DDD wikYmcUoMh8hCoj6Atj2LAAU9ulhl6ja8s0YpmHz/HQETufHAZc= =gOG+ -----END PGP SIGNATURE----- Merge 4.19.67 into android-4.19 Changes in 4.19.67 iio: cros_ec_accel_legacy: Fix incorrect channel setting iio: adc: max9611: Fix misuse of GENMASK macro staging: gasket: apex: fix copy-paste typo staging: android: ion: Bail out upon SIGKILL when allocating memory. crypto: ccp - Fix oops by properly managing allocated structures crypto: ccp - Add support for valid authsize values less than 16 crypto: ccp - Ignore tag length when decrypting GCM ciphertext usb: usbfs: fix double-free of usb memory upon submiturb error usb: iowarrior: fix deadlock on disconnect sound: fix a memory leak bug mmc: cavium: Set the correct dma max segment size for mmc_host mmc: cavium: Add the missing dma unmap when the dma has finished. loop: set PF_MEMALLOC_NOIO for the worker thread Input: usbtouchscreen - initialize PM mutex before using it Input: elantech - enable SMBus on new (2018+) systems Input: synaptics - enable RMI mode for HP Spectre X360 x86/mm: Check for pfn instead of page in vmalloc_sync_one() x86/mm: Sync also unmappings in vmalloc_sync_all() mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy() perf annotate: Fix s390 gap between kernel end and module start perf db-export: Fix thread__exec_comm() perf record: Fix module size on s390 x86/purgatory: Use CFLAGS_REMOVE rather than reset KBUILD_CFLAGS gfs2: gfs2_walk_metadata fix usb: host: xhci-rcar: Fix timeout in xhci_suspend() usb: yurex: Fix use-after-free in yurex_delete usb: typec: tcpm: free log buf memory when remove debug file usb: typec: tcpm: remove tcpm dir if no children usb: typec: tcpm: Add NULL check before dereferencing config usb: typec: tcpm: Ignore unsupported/unknown alternate mode requests can: rcar_canfd: fix possible IRQ storm on high load can: peak_usb: fix potential double kfree_skb() netfilter: nfnetlink: avoid deadlock due to synchronous request_module vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn netfilter: Fix rpfilter dropping vrf packets by mistake netfilter: conntrack: always store window size un-scaled netfilter: nft_hash: fix symhash with modulus one scripts/sphinx-pre-install: fix script for RHEL/CentOS drm/amd/display: Wait for backlight programming completion in set backlight level drm/amd/display: use encoder's engine id to find matched free audio device drm/amd/display: Fix dc_create failure handling and 666 color depths drm/amd/display: Only enable audio if speaker allocation exists drm/amd/display: Increase size of audios array iscsi_ibft: make ISCSI_IBFT dependson ACPI instead of ISCSI_IBFT_FIND nl80211: fix NL80211_HE_MAX_CAPABILITY_LEN mac80211: don't warn about CW params when not using them allocate_flower_entry: should check for null deref hwmon: (nct6775) Fix register address and added missed tolerance for nct6106 drm: silence variable 'conn' set but not used cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init() s390/qdio: add sanity checks to the fast-requeue path ALSA: compress: Fix regression on compressed capture streams ALSA: compress: Prevent bypasses of set_params ALSA: compress: Don't allow paritial drain operations on capture streams ALSA: compress: Be more restrictive about when a drain is allowed perf tools: Fix proper buffer size for feature processing perf probe: Avoid calling freeing routine multiple times for same pointer drbd: dynamically allocate shash descriptor ACPI/IORT: Fix off-by-one check in iort_dev_find_its_id() nvme: fix multipath crash when ANA is deactivated ARM: davinci: fix sleep.S build error on ARMv4 ARM: dts: bcm: bcm47094: add missing #cells for mdio-bus-mux scsi: megaraid_sas: fix panic on loading firmware crashdump scsi: ibmvfc: fix WARN_ON during event pool release scsi: scsi_dh_alua: always use a 2 second delay before retrying RTPG test_firmware: fix a memory leak bug tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop perf/core: Fix creating kernel counters for PMUs that override event->cpu s390/dma: provide proper ARCH_ZONE_DMA_BITS value HID: sony: Fix race condition between rumble and device remove. x86/purgatory: Do not use __builtin_memcpy and __builtin_memset ALSA: usb-audio: fix a memory leak bug can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices hwmon: (nct7802) Fix wrong detection of in4 presence drm/i915: Fix wrong escape clock divisor init for GLK ALSA: firewire: fix a memory leak bug ALSA: hiface: fix multiple memory leak bugs ALSA: hda - Don't override global PCM hw info flag ALSA: hda - Workaround for crackled sound on AMD controller (1022:1457) mac80211: don't WARN on short WMM parameters from AP dax: dax_layout_busy_page() should not unmap cow pages SMB3: Fix deadlock in validate negotiate hits reconnect smb3: send CAP_DFS capability during session setup NFSv4: Fix an Oops in nfs4_do_setattr KVM: Fix leak vCPU's VMCS value into other pCPU mwifiex: fix 802.11n/WPA detection iwlwifi: don't unmap as page memory that was mapped as single iwlwifi: mvm: fix an out-of-bound access iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT on version < 41 iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support Linux 4.19.67 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I5ea813ed5ba6d1eeda51eb4031395ee3e8ba54c3 |
||
Wenwen Wang
|
0ba69e96cc |
test_firmware: fix a memory leak bug
[ Upstream commit d4fddac5a51c378c5d3e68658816c37132611e1f ] In test_firmware_init(), the buffer pointed to by the global pointer 'test_fw_config' is allocated through kzalloc(). Then, the buffer is initialized in __test_firmware_config_init(). In the case that the initialization fails, the following execution in test_firmware_init() needs to be terminated with an error code returned to indicate this failure. However, the allocated buffer is not freed on this execution path, leading to a memory leak bug. To fix the above issue, free the allocated buffer before returning from test_firmware_init(). Signed-off-by: Wenwen Wang <wenwen@cs.uga.edu> Link: https://lore.kernel.org/r/1563084696-6865-1-git-send-email-wang6495@umn.edu Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> |
||
|
Greg Kroah-Hartman
|
de4c70d6a9 |
This is the 4.19.65 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl1Js7MACgkQONu9yGCS
aT4PQxAAo7xa4kYvDxc1RjUY/yIlp6lQ3rpYAAfZB0t8vN+dqivnJZ7m6JHeWX1Y
CMcxg85zxLVFeuiXdP821Zj68AB5zqlWMhX0bXm2lhw/Eo9+XHzXtnrLZHhz0/Xd
M5cmfIPmoyPCUQQfzSfUMvch+ZpwzEt5op5pUfSjckSpjHQZ0HFj1WJ4D8Hn9jAJ
y4+DAKDZgtqhb3GvpS6MoVnBJgcPk9+mBiDkSb12L392+FvHqfeBi3tDRhvyiZAO
iJrk747SPds7NlNmuRnj7YyUSDhBzaceRCz0Jsv9FT5EKXoPErXdsL3Bkfa9TREM
pH0OaMgNr6WSXLO9qIMcfxMeaKVIvIbotqBTkBTzhEAGPkHA75dhi0lpixXXFExg
MaqhLfmHO0dOEr9FrvYGe7f2wUA1Rdw/qRTM3KPEKmHxMqBS7eufIWMHwie1n9Oe
cYoP6UkxUIvhUyFV2BlMRFdMfaDbtR0iqy8Dqh36NISD6PAYaUGSoVeSO1fEg4Jy
5GgrKPg6rcz2XNY2cVbsm2zLpqY4dY58SFK9ORfuULdKUQvScvFGrdSSW0CgX+uc
F/5NmPutUoboHVxFraDPx7yo46pHf1RW0Me4xZ0aJ3e9ituLAN4fmJ9u46nofb5M
thPelQlMVt30O41uViJ0ADkOjCsiBr3AxOFvc76Ct9Q/BJVxhLk=
=JVBv
-----END PGP SIGNATURE-----
Merge 4.19.65 into android-4.19
Changes in 4.19.65
ARM: riscpc: fix DMA
ARM: dts: rockchip: Make rk3288-veyron-minnie run at hs200
ARM: dts: rockchip: Make rk3288-veyron-mickey's emmc work again
ARM: dts: rockchip: Mark that the rk3288 timer might stop in suspend
ftrace: Enable trampoline when rec count returns back to one
dmaengine: tegra-apb: Error out if DMA_PREP_INTERRUPT flag is unset
arm64: dts: rockchip: fix isp iommu clocks and power domain
kernel/module.c: Only return -EEXIST for modules that have finished loading
firmware/psci: psci_checker: Park kthreads before stopping them
MIPS: lantiq: Fix bitfield masking
dmaengine: rcar-dmac: Reject zero-length slave DMA requests
clk: tegra210: fix PLLU and PLLU_OUT1
fs/adfs: super: fix use-after-free bug
clk: sprd: Add check for return value of sprd_clk_regmap_init()
btrfs: fix minimum number of chunk errors for DUP
btrfs: qgroup: Don't hold qgroup_ioctl_lock in btrfs_qgroup_inherit()
cifs: Fix a race condition with cifs_echo_request
ceph: fix improper use of smp_mb__before_atomic()
ceph: return -ERANGE if virtual xattr value didn't fit in buffer
ACPI: blacklist: fix clang warning for unused DMI table
scsi: zfcp: fix GCC compiler warning emitted with -Wmaybe-uninitialized
perf version: Fix segfault due to missing OPT_END()
x86: kvm: avoid constant-conversion warning
ACPI: fix false-positive -Wuninitialized warning
be2net: Signal that the device cannot transmit during reconfiguration
x86/apic: Silence -Wtype-limits compiler warnings
x86: math-emu: Hide clang warnings for 16-bit overflow
mm/cma.c: fail if fixed declaration can't be honored
lib/test_overflow.c: avoid tainting the kernel and fix wrap size
lib/test_string.c: avoid masking memset16/32/64 failures
coda: add error handling for fget
coda: fix build using bare-metal toolchain
uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side headers
drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings
ipc/mqueue.c: only perform resource calculation if user valid
mlxsw: spectrum_dcb: Configure DSCP map as the last rule is removed
xen/pv: Fix a boot up hang revealed by int3 self test
x86/kvm: Don't call kvm_spurious_fault() from .fixup
x86/paravirt: Fix callee-saved function ELF sizes
x86, boot: Remove multiple copy of static function sanitize_boot_params()
drm/nouveau: fix memory leak in nouveau_conn_reset()
kconfig: Clear "written" flag to avoid data loss
kbuild: initialize CLANG_FLAGS correctly in the top Makefile
Btrfs: fix incremental send failure after deduplication
Btrfs: fix race leading to fs corruption after transaction abort
mmc: dw_mmc: Fix occasional hang after tuning on eMMC
mmc: meson-mx-sdio: Fix misuse of GENMASK macro
gpiolib: fix incorrect IRQ requesting of an active-low lineevent
IB/hfi1: Fix Spectre v1 vulnerability
mtd: rawnand: micron: handle on-die "ECC-off" devices correctly
selinux: fix memory leak in policydb_init()
ALSA: hda: Fix 1-minute detection delay when i915 module is not available
mm: vmscan: check if mem cgroup is disabled or not before calling memcg slab shrinker
s390/dasd: fix endless loop after read unit address configuration
cgroup: kselftest: relax fs_spec checks
parisc: Fix build of compressed kernel even with debug enabled
drivers/perf: arm_pmu: Fix failure path in PM notifier
arm64: compat: Allow single-byte watchpoints on all addresses
arm64: cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG}
nbd: replace kill_bdev() with __invalidate_device() again
xen/swiotlb: fix condition for calling xen_destroy_contiguous_region()
IB/mlx5: Fix unreg_umr to ignore the mkey state
IB/mlx5: Use direct mkey destroy command upon UMR unreg failure
IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache
IB/mlx5: Fix clean_mr() to work in the expected order
IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification
IB/hfi1: Check for error on call to alloc_rsm_map_table
drm/i915/gvt: fix incorrect cache entry for guest page mapping
eeprom: at24: make spd world-readable again
ARC: enable uboot support unconditionally
objtool: Support GCC 9 cold subfunction naming scheme
gcc-9: properly declare the {pv,hv}clock_page storage
x86/vdso: Prevent segfaults due to hoisted vclock reads
scsi: mpt3sas: Use 63-bit DMA addressing on SAS35 HBA
x86/cpufeatures: Carve out CQM features retrieval
x86/cpufeatures: Combine word 11 and 12 into a new scattered features word
x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
x86/speculation: Enable Spectre v1 swapgs mitigations
x86/entry/64: Use JMP instead of JMPQ
x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS
Documentation: Add swapgs description to the Spectre v1 documentation
Linux 4.19.65
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Iceeabdb164657e0a616db618e6aa8445d56b0dc1
|
||
Peter Rosin
|
93b83005ea |
lib/test_string.c: avoid masking memset16/32/64 failures
[ Upstream commit 33d6e0ff68af74be0c846c8e042e84a9a1a0561e ]
If a memsetXX implementation is completely broken and fails in the first
iteration, when i, j, and k are all zero, the failure is masked as zero
is returned. Failing in the first iteration is perhaps the most likely
failure, so this makes the tests pretty much useless. Avoid the
situation by always setting a random unused bit in the result on
failure.
Link: http://lkml.kernel.org/r/20190506124634.6807-3-peda@axentia.se
Fixes:
|
||
Kees Cook
|
8e087a2aba |
lib/test_overflow.c: avoid tainting the kernel and fix wrap size
[ Upstream commit 8e060c21ae2c265a2b596e9e7f9f97ec274151a4 ]
This adds __GFP_NOWARN to the kmalloc()-portions of the overflow test to
avoid tainting the kernel. Additionally fixes up the math on wrap size
to be architecture and page size agnostic.
Link: http://lkml.kernel.org/r/201905282012.0A8767E24@keescook
Fixes:
|
||
|
Greg Kroah-Hartman
|
71ce27c31a |
This is the 4.19.61 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAl06qFcACgkQONu9yGCS
aT6O9A/+JZqoVYnItpOnT8Hu//0mYEKvREWqsoTJNpZJhLWtGjPTT9ospHNpVgfC
GUkFqngWzXHpzCgTYHUV3Mm+SIiVXCM3nkCU1+2YOsPzrKo/lJSfFt3wOYGpKO5V
qratAQLra5TqR0teR00aQblqKqfmrux05uL9dNcVIwve813m00jFALcpjrXnanpP
tx5cqCo3uHOou5XLraHx/CMPnfJI/mLegBUTM4DxAmN2vG4gQck2gnrU7s1eg4cy
1Fqh0Oo2Ycj5p9yoGss02JqR3wGZHOEmF55j2JcTZAPvW6/c55iPd52Trn8kPOHB
Awq/VwJmP4p10a4TWoZpv7VqpL3PzO8/AW7QWOER8QnDzfOTHGae7YT8LVp5Xqj5
1NqowuP/Tm0yaZSaDLqkdvhVqTi0oGL8OCYLErpeR9PQ3P+p3paaswopsPqnXURj
Q4Pahe1vm9WG2NpKh2bHVmmVkQmvwuxxxnaa31HI/IyLd5bYFV1/LbEa/XrSK36W
VJtO+0AjERO9uTVP/YDloDkQ4R3+3W+m520jYsgf1OwY7v/Kc6iLb7cDwci/ZWMy
YSMm8hrO0nzuT0SI25TKLDvxjGbANKvxytzOQMOTb8NsIWwaoEKWh+4r9XkdUXNa
+dx72I5J2Be+3hk+eaDNzCdEae5pgVTxBpwJbzI4RfnK1Doa4uE=
=hJdd
-----END PGP SIGNATURE-----
Merge 4.19.61 into android-4.19
Changes in 4.19.61
MIPS: ath79: fix ar933x uart parity mode
MIPS: fix build on non-linux hosts
arm64/efi: Mark __efistub_stext_offset as an absolute symbol explicitly
scsi: iscsi: set auth_protocol back to NULL if CHAP_A value is not supported
dmaengine: imx-sdma: fix use-after-free on probe error path
wil6210: fix potential out-of-bounds read
ath10k: Do not send probe response template for mesh
ath9k: Check for errors when reading SREV register
ath6kl: add some bounds checking
ath10k: add peer id check in ath10k_peer_find_by_id
wil6210: fix spurious interrupts in 3-msi
ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
regmap: debugfs: Fix memory leak in regmap_debugfs_init
batman-adv: fix for leaked TVLV handler.
media: dvb: usb: fix use after free in dvb_usb_device_exit
media: spi: IR LED: add missing of table registration
crypto: talitos - fix skcipher failure due to wrong output IV
media: ov7740: avoid invalid framesize setting
media: marvell-ccic: fix DMA s/g desc number calculation
media: vpss: fix a potential NULL pointer dereference
media: media_device_enum_links32: clean a reserved field
net: stmmac: dwmac1000: Clear unused address entries
net: stmmac: dwmac4/5: Clear unused address entries
qed: Set the doorbell address correctly
signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
af_key: fix leaks in key_pol_get_resp and dump_sp.
xfrm: Fix xfrm sel prefix length validation
fscrypt: clean up some BUG_ON()s in block encryption/decryption
perf annotate TUI browser: Do not use member from variable within its own initialization
media: mc-device.c: don't memset __user pointer contents
media: saa7164: fix remove_proc_entry warning
media: staging: media: davinci_vpfe: - Fix for memory leak if decoder initialization fails.
net: phy: Check against net_device being NULL
crypto: talitos - properly handle split ICV.
crypto: talitos - Align SEC1 accesses to 32 bits boundaries.
tua6100: Avoid build warnings.
batman-adv: Fix duplicated OGMs on NETDEV_UP
locking/lockdep: Fix merging of hlocks with non-zero references
media: wl128x: Fix some error handling in fm_v4l2_init_video_device()
net: hns3: set ops to null when unregister ad_dev
cpupower : frequency-set -r option misses the last cpu in related cpu list
arm64: mm: make CONFIG_ZONE_DMA32 configurable
perf jvmti: Address gcc string overflow warning for strncpy()
net: stmmac: dwmac4: fix flow control issue
net: stmmac: modify default value of tx-frames
crypto: inside-secure - do not rely on the hardware last bit for result descriptors
net: fec: Do not use netdev messages too early
net: axienet: Fix race condition causing TX hang
s390/qdio: handle PENDING state for QEBSM devices
RAS/CEC: Fix pfn insertion
net: sfp: add mutex to prevent concurrent state checks
ipset: Fix memory accounting for hash types on resize
perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode
perf test 6: Fix missing kvm module load for s390
perf report: Fix OOM error in TUI mode on s390
irqchip/meson-gpio: Add support for Meson-G12A SoC
media: uvcvideo: Fix access to uninitialized fields on probe error
media: fdp1: Support M3N and E3 platforms
iommu: Fix a leak in iommu_insert_resv_region
gpio: omap: fix lack of irqstatus_raw0 for OMAP4
gpio: omap: ensure irq is enabled before wakeup
regmap: fix bulk writes on paged registers
bpf: silence warning messages in core
media: s5p-mfc: fix reading min scratch buffer size on MFC v6/v7
selinux: fix empty write to keycreate file
x86/cpu: Add Ice Lake NNPI to Intel family
ASoC: meson: axg-tdm: fix sample clock inversion
rcu: Force inlining of rcu_read_lock()
x86/cpufeatures: Add FDP_EXCPTN_ONLY and ZERO_FCS_FDS
qed: iWARP - Fix tc for MPA ll2 connection
net: hns3: fix for skb leak when doing selftest
block: null_blk: fix race condition for null_del_dev
blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration
xfrm: fix sa selector validation
sched/core: Add __sched tag for io_schedule()
sched/fair: Fix "runnable_avg_yN_inv" not used warnings
perf/x86/intel/uncore: Handle invalid event coding for free-running counter
x86/atomic: Fix smp_mb__{before,after}_atomic()
perf evsel: Make perf_evsel__name() accept a NULL argument
vhost_net: disable zerocopy by default
ipoib: correcly show a VF hardware address
x86/cacheinfo: Fix a -Wtype-limits warning
blk-iolatency: only account submitted bios
ACPICA: Clear status of GPEs on first direct enable
EDAC/sysfs: Fix memory leak when creating a csrow object
nvme: fix possible io failures when removing multipathed ns
nvme-pci: properly report state change failure in nvme_reset_work
nvme-pci: set the errno on ctrl state change error
lightnvm: pblk: fix freeing of merged pages
arm64: Do not enable IRQs for ct_user_exit
ipsec: select crypto ciphers for xfrm_algo
ipvs: defer hook registration to avoid leaks
media: s5p-mfc: Make additional clocks optional
media: i2c: fix warning same module names
ntp: Limit TAI-UTC offset
timer_list: Guard procfs specific code
acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
media: coda: fix mpeg2 sequence number handling
media: coda: fix last buffer handling in V4L2_ENC_CMD_STOP
media: coda: increment sequence offset for the last returned frame
media: vimc: cap: check v4l2_fill_pixfmt return value
media: hdpvr: fix locking and a missing msleep
net: stmmac: sun8i: force select external PHY when no internal one
rtlwifi: rtl8192cu: fix error handle when usb probe failed
mt7601u: do not schedule rx_tasklet when the device has been disconnected
x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
mt7601u: fix possible memory leak when the device is disconnected
ipvs: fix tinfo memory leak in start_sync_thread
ath10k: add missing error handling
ath10k: fix PCIE device wake up failed
perf tools: Increase MAX_NR_CPUS and MAX_CACHES
ASoC: Intel: hdac_hdmi: Set ops to NULL on remove
libata: don't request sense data on !ZAC ATA devices
clocksource/drivers/exynos_mct: Increase priority over ARM arch timer
xsk: Properly terminate assignment in xskq_produce_flush_desc
rslib: Fix decoding of shortened codes
rslib: Fix handling of of caller provided syndrome
ixgbe: Check DDM existence in transceiver before access
crypto: serpent - mark __serpent_setkey_sbox noinline
crypto: asymmetric_keys - select CRYPTO_HASH where needed
wil6210: drop old event after wmi_call timeout
EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
bcache: check CACHE_SET_IO_DISABLE in allocator code
bcache: check CACHE_SET_IO_DISABLE bit in bch_journal()
bcache: acquire bch_register_lock later in cached_dev_free()
bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
bcache: fix potential deadlock in cached_def_free()
net: hns3: fix a -Wformat-nonliteral compile warning
net: hns3: add some error checking in hclge_tm module
ath10k: destroy sdio workqueue while remove sdio module
net: mvpp2: prs: Don't override the sign bit in SRAM parser shift
igb: clear out skb->tstamp after reading the txtime
iwlwifi: mvm: Drop large non sta frames
bpf: fix uapi bpf_prog_info fields alignment
perf stat: Make metric event lookup more robust
perf stat: Fix group lookup for metric group
bnx2x: Prevent ptp_task to be rescheduled indefinitely
net: usb: asix: init MAC address buffers
rxrpc: Fix oops in tracepoint
bpf, libbpf, smatch: Fix potential NULL pointer dereference
selftests: bpf: fix inlines in test_lwt_seg6local
bonding: validate ip header before check IPPROTO_IGMP
gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants
tools: bpftool: Fix json dump crash on powerpc
Bluetooth: hci_bcsp: Fix memory leak in rx_skb
Bluetooth: Add new 13d3:3491 QCA_ROME device
Bluetooth: Add new 13d3:3501 QCA_ROME device
Bluetooth: 6lowpan: search for destination address in all peers
perf tests: Fix record+probe_libc_inet_pton.sh for powerpc64
Bluetooth: Check state in l2cap_disconnect_rsp
gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable()
Bluetooth: validate BLE connection interval updates
gtp: fix suspicious RCU usage
gtp: fix Illegal context switch in RCU read-side critical section.
gtp: fix use-after-free in gtp_encap_destroy()
gtp: fix use-after-free in gtp_newlink()
net: mvmdio: defer probe of orion-mdio if a clock is not ready
iavf: fix dereference of null rx_buffer pointer
floppy: fix div-by-zero in setup_format_params
floppy: fix out-of-bounds read in next_valid_format
floppy: fix invalid pointer dereference in drive_name
floppy: fix out-of-bounds read in copy_buffer
xen: let alloc_xenballooned_pages() fail if not enough memory free
scsi: NCR5380: Reduce goto statements in NCR5380_select()
scsi: NCR5380: Always re-enable reselection interrupt
Revert "scsi: ncr5380: Increase register polling limit"
scsi: core: Fix race on creating sense cache
scsi: megaraid_sas: Fix calculation of target ID
scsi: mac_scsi: Increase PIO/PDMA transfer length threshold
scsi: mac_scsi: Fix pseudo DMA implementation, take 2
crypto: ghash - fix unaligned memory access in ghash_setkey()
crypto: ccp - Validate the the error value used to index error messages
crypto: arm64/sha1-ce - correct digest for empty data in finup
crypto: arm64/sha2-ce - correct digest for empty data in finup
crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
crypto: crypto4xx - fix AES CTR blocksize value
crypto: crypto4xx - fix blocksize for cfb and ofb
crypto: crypto4xx - block ciphers should only accept complete blocks
crypto: ccp - memset structure fields to zero before reuse
crypto: ccp/gcm - use const time tag comparison.
crypto: crypto4xx - fix a potential double free in ppc4xx_trng_probe
Revert "bcache: set CACHE_SET_IO_DISABLE in bch_cached_dev_error()"
bcache: Revert "bcache: fix high CPU occupancy during journal"
bcache: Revert "bcache: free heap cache_set->flush_btree in bch_journal_free"
bcache: ignore read-ahead request failure on backing device
bcache: fix mistaken sysfs entry for io_error counter
bcache: destroy dc->writeback_write_wq if failed to create dc->writeback_thread
Input: gtco - bounds check collection indent level
Input: alps - don't handle ALPS cs19 trackpoint-only device
Input: synaptics - whitelist Lenovo T580 SMBus intertouch
Input: alps - fix a mismatch between a condition check and its comment
regulator: s2mps11: Fix buck7 and buck8 wrong voltages
arm64: tegra: Update Jetson TX1 GPU regulator timings
iwlwifi: pcie: don't service an interrupt that was masked
iwlwifi: pcie: fix ALIVE interrupt handling for gen2 devices w/o MSI-X
iwlwifi: don't WARN when calling iwl_get_shared_mem_conf with RF-Kill
iwlwifi: fix RF-Kill interrupt while FW load for gen2 devices
NFSv4: Handle the special Linux file open access mode
pnfs/flexfiles: Fix PTR_ERR() dereferences in ff_layout_track_ds_error
pNFS: Fix a typo in pnfs_update_layout
pnfs: Fix a problem where we gratuitously start doing I/O through the MDS
lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
ASoC: dapm: Adapt for debugfs API change
raid5-cache: Need to do start() part job after adding journal device
ALSA: seq: Break too long mutex context in the write loop
ALSA: hda/realtek - Fixed Headphone Mic can't record on Dell platform
ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine
media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
media: coda: Remove unbalanced and unneeded mutex unlock
media: videobuf2-core: Prevent size alignment wrapping buffer size to 0
media: videobuf2-dma-sg: Prevent size from overflowing
KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed
arm64: tegra: Fix AGIC register range
fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes.
kconfig: fix missing choice values in auto.conf
drm/nouveau/i2c: Enable i2c pads & busses during preinit
padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
dm zoned: fix zone state management race
xen/events: fix binding user event channels to cpus
9p/xen: Add cleanup path in p9_trans_xen_init
9p/virtio: Add cleanup path in p9_virtio_init
x86/boot: Fix memory leak in default_get_smp_config()
perf/x86/intel: Fix spurious NMI on fixed counter
perf/x86/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs
perf/x86/amd/uncore: Set the thread mask for F17h L3 PMCs
drm/edid: parse CEA blocks embedded in DisplayID
intel_th: pci: Add Ice Lake NNPI support
PCI: hv: Fix a use-after-free bug in hv_eject_device_work()
PCI: Do not poll for PME if the device is in D3cold
PCI: qcom: Ensure that PERST is asserted for at least 100 ms
Btrfs: fix data loss after inode eviction, renaming it, and fsync it
Btrfs: fix fsync not persisting dentry deletions due to inode evictions
Btrfs: add missing inode version, ctime and mtime updates when punching hole
IB/mlx5: Report correctly tag matching rendezvous capability
HID: wacom: generic: only switch the mode on devices with LEDs
HID: wacom: generic: Correct pad syncing
HID: wacom: correct touch resolution x/y typo
libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields
coda: pass the host file in vma->vm_file on mmap
include/asm-generic/bug.h: fix "cut here" for WARN_ON for __WARN_TAINT architectures
xfs: fix pagecache truncation prior to reflink
xfs: flush removing page cache in xfs_reflink_remap_prep
xfs: don't overflow xattr listent buffer
xfs: rename m_inotbt_nores to m_finobt_nores
xfs: don't ever put nlink > 0 inodes on the unlinked list
xfs: reserve blocks for ifree transaction during log recovery
xfs: fix reporting supported extra file attributes for statx()
xfs: serialize unaligned dio writes against all other dio writes
xfs: abort unaligned nowait directio early
gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM
crypto: caam - limit output IV to CBC to work around CTR mode DMA issue
parisc: Ensure userspace privilege for ptraced processes in regset functions
parisc: Fix kernel panic due invalid values in IAOQ0 or IAOQ1
powerpc/32s: fix suspend/resume when IBATs 4-7 are used
powerpc/watchpoint: Restore NV GPRs while returning from exception
powerpc/powernv/npu: Fix reference leak
powerpc/pseries: Fix oops in hotplug memory notifier
mmc: sdhci-msm: fix mutex while in spinlock
eCryptfs: fix a couple type promotion bugs
mtd: rawnand: mtk: Correct low level time calculation of r/w cycle
mtd: spinand: read returns badly if the last page has bitflips
intel_th: msu: Fix single mode with disabled IOMMU
Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
usb: Handle USB3 remote wakeup for LPM enabled devices correctly
blk-throttle: fix zero wait time for iops throttled group
blk-iolatency: clear use_delay when io.latency is set to zero
blkcg: update blkcg_print_stat() to handle larger outputs
net: mvmdio: allow up to four clocks to be specified for orion-mdio
dt-bindings: allow up to four clocks for orion-mdio
dm bufio: fix deadlock with loop device
Linux 4.19.61
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I2f565111b1c16f369fa86e0481527fcc6357fe1b
|
||
Christophe Leroy
|
677b2aa3be |
lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
commit aeb87246537a83c2aff482f3f34a2e0991e02cbc upstream.
All mapping iterator logic is based on the assumption that sg->offset
is always lower than PAGE_SIZE.
But there are situations where sg->offset is such that the SG item
is on the second page. In that case sg_copy_to_buffer() fails
properly copying the data into the buffer. One of the reason is
that the data will be outside the kmapped area used to access that
data.
This patch fixes the issue by adjusting the mapping iterator
offset and pgoffset fields such that offset is always lower than
PAGE_SIZE.
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Fixes:
|
||
Ferdinand Blomqvist
|
0340c621ec |
rslib: Fix handling of of caller provided syndrome
[ Upstream commit ef4d6a8556b637ad27c8c2a2cff1dda3da38e9a9 ] Check if the syndrome provided by the caller is zero, and act accordingly. Signed-off-by: Ferdinand Blomqvist <ferdinand.blomqvist@gmail.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Link: https://lkml.kernel.org/r/20190620141039.9874-6-ferdinand.blomqvist@gmail.com Signed-off-by: Sasha Levin <sashal@kernel.org> |