-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update from origin0412 #1
Commits on Mar 30, 2017
-
mmc: sdhci-of-at91: fix MMC_DDR_52 timing selection
The controller has different timings for MMC_TIMING_UHS_DDR50 and MMC_TIMING_MMC_DDR52. Configuring the controller with SDHCI_CTRL_UHS_DDR50, when MMC_TIMING_MMC_DDR52 timings are requested, is not correct and can lead to unexpected behavior. Signed-off-by: Ludovic Desroches <ludovic.desroches@microchip.com> Fixes: bb5f8ea ("mmc: sdhci-of-at91: introduce driver for the Atmel SDMMC") Cc: <stable@vger.kernel.org> # 4.4+ Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
Configuration menu - View commit details
-
Copy full SHA for d091876 - Browse repository at this point
Copy the full SHA d091876View commit details -
xtensa: make __pa work with uncached KSEG addresses
When __pa is applied to virtual address in uncached KSEG region the result is incorrect. Fix it by checking if the original address is in the uncached KSEG and adjusting the result. It looks better than masking off bits because pfn_valid would correctly work with new __pa results and it may be made working in noMMU case, once we get definition for uncached memory view. This is required for the dma_common_mmap and DMA debug code to work correctly: they both indirectly use __pa with coherent DMA addresses. In case of DMA debug the visible effect is false reports that an address mapped for DMA is accessed by CPU. Cc: stable@vger.kernel.org Tested-by: Boris Brezillon <boris.brezillon@free-electrons.com> Reviewed-by: Boris Brezillon <boris.brezillon@free-electrons.com> Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 2b83878 - Browse repository at this point
Copy the full SHA 2b83878View commit details -
Merge tag 'pci-v4.11-fixes-3' of git://git.kernel.org/pub/scm/linux/k…
…ernel/git/helgaas/pci Pull PCI fixes from Bjorn Helgaas: - fix iProc memory corruption - fix ThunderX usage of unregistered PNP/ACPI ID - fix ThunderX resource reservation on early firmware * tag 'pci-v4.11-fixes-3' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci: PCI: thunder-pem: Add legacy firmware support for Cavium ThunderX host controller PCI: thunder-pem: Use Cavium assigned hardware ID for ThunderX host controller PCI: iproc: Save host bridge window resource in struct iproc_pcie
Configuration menu - View commit details
-
Copy full SHA for d456226 - Browse repository at this point
Copy the full SHA d456226View commit details -
be2net: Fix endian issue in logical link config command
Use cpu_to_le32() for link_config variable in set_logical_link_config command as this variable is of type u32. Signed-off-by: Suresh Reddy <suresh.reddy@broadcom.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 0b98ca2 - Browse repository at this point
Copy the full SHA 0b98ca2View commit details
Commits on Mar 31, 2017
-
ARCv2: SLC: Make sure busy bit is set properly on SLC flushing
As reported in STAR 9001165532, an SLC control reg read (for checking busy state) right after SLC invalidate command may incorrectly return NOT busy causing software to NOT spin-wait while operation is underway. (and for some reason this only happens if L1 cache is also disabled - as required by IOC programming model) Suggested workaround is to do an additional Control Reg read, which ensures the 2nd read gets the right status. Cc: stable@vger.kernel.org #4.10 Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com> [vgupta: reworte changelog a bit] Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
Configuration menu - View commit details
-
Copy full SHA for c70c473 - Browse repository at this point
Copy the full SHA c70c473View commit details -
ARC: fix build warnings with !CONFIG_KPROBES
| CC lib/nmi_backtrace.o | In file included from ../include/linux/kprobes.h:43:0, | from ../lib/nmi_backtrace.c:17: | ../arch/arc/include/asm/kprobes.h:57:13: warning: 'trap_is_kprobe' defined but not used [-Wunused-function] | static void trap_is_kprobe(unsigned long address, struct pt_regs *regs) | ^~~~~~~~~~~~~~ The warning started with 7d134b2 ("kprobes: move kprobe declarations to asm-generic/kprobes.h") which started including <asm/kprobes.h> unconditionally into <linux/kprobes.h> exposing a stub function for !CONFIG_KPROBES to rest of world. Fix that by making the stub a macro Signed-off-by: Vineet Gupta <vgupta@synopsys.com>
Configuration menu - View commit details
-
Copy full SHA for 4c6fabd - Browse repository at this point
Copy the full SHA 4c6fabdView commit details -
Merge branch 'etnaviv/fixes' of https://git.pengutronix.de/git/lst/linux
into drm-fixes a single fix to keep fence seqnos of completed jobs monotonically increasing, as expected in various locations of the driver code. Also tagged for stable. * 'etnaviv/fixes' of https://git.pengutronix.de/git/lst/linux: drm/etnaviv: (re-)protect fence allocation with GPU mutex
Configuration menu - View commit details
-
Copy full SHA for 7502add - Browse repository at this point
Copy the full SHA 7502addView commit details -
Merge branch 'drm-fixes-4.11' of git://people.freedesktop.org/~agd5f/…
…linux into drm-fixes One small fix for radeon. * 'drm-fixes-4.11' of git://people.freedesktop.org/~agd5f/linux: drm/radeon: Override fpfn for all VRAM placements in radeon_evict_flags
Configuration menu - View commit details
-
Copy full SHA for 4adf043 - Browse repository at this point
Copy the full SHA 4adf043View commit details -
Merge tag 'drm-intel-fixes-2017-03-29' of git://anongit.freedesktop.o…
…rg/git/drm-intel into drm-fixes drm/i915 fixes for v4.11-rc5 * tag 'drm-intel-fixes-2017-03-29' of git://anongit.freedesktop.org/git/drm-intel: drm/i915: Restore marking context objects as dirty on pinning drm/i915/gvt: Use force single submit flag to distinguish gvt request from i915 request drm/i915/gvt: set shadow entry to scratch page while p2m failed drm/i915/gvt: Fix guest fail to read EDID leading to black guest console issue. drm/i915/gvt: fix wrong offset when loading RCS mocs drm/i915/gvt: add write handler for mmio mbctl drm/i915/kvmgt: Hold struct kvm reference
Configuration menu - View commit details
-
Copy full SHA for b61d607 - Browse repository at this point
Copy the full SHA b61d607View commit details -
target: Fix unknown fabric callback queue-full errors
This patch fixes a set of queue-full response handling bugs, where outgoing responses are leaked when a fabric driver is propagating non -EAGAIN or -ENOMEM errors to target-core. It introduces TRANSPORT_COMPLETE_QF_ERR state used to signal when CHECK_CONDITION status should be generated, when fabric driver ->write_pending(), ->queue_data_in(), or ->queue_status() callbacks fail with non -EAGAIN or -ENOMEM errors, and data-transfer should not be retried. Note all fabric driver -EAGAIN and -ENOMEM errors are still retried indefinately with associated data-transfer callbacks, following existing queue-full logic. Also fix two missing ->queue_status() queue-full cases related to CMD_T_ABORTED w/ TAS status handling. Reported-by: Potnuri Bharat Teja <bharat@chelsio.com> Reviewed-by: Potnuri Bharat Teja <bharat@chelsio.com> Tested-by: Potnuri Bharat Teja <bharat@chelsio.com> Cc: Potnuri Bharat Teja <bharat@chelsio.com> Reported-by: Steve Wise <swise@opengridcomputing.com> Cc: Steve Wise <swise@opengridcomputing.com> Cc: Sagi Grimberg <sagi@grimberg.me> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Configuration menu - View commit details
-
Copy full SHA for fa7e25c - Browse repository at this point
Copy the full SHA fa7e25cView commit details -
iscsi-target: Propigate queue_data_in + queue_status errors
This patch changes iscsi-target to propagate iscsit_transport ->iscsit_queue_data_in() and ->iscsit_queue_status() callback errors, back up into target-core. This allows target-core to retry failed iscsit_transport callbacks using internal queue-full logic. Reported-by: Potnuri Bharat Teja <bharat@chelsio.com> Reviewed-by: Potnuri Bharat Teja <bharat@chelsio.com> Tested-by: Potnuri Bharat Teja <bharat@chelsio.com> Cc: Potnuri Bharat Teja <bharat@chelsio.com> Reported-by: Steve Wise <swise@opengridcomputing.com> Cc: Steve Wise <swise@opengridcomputing.com> Cc: Sagi Grimberg <sagi@grimberg.me> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Configuration menu - View commit details
-
Copy full SHA for a446701 - Browse repository at this point
Copy the full SHA a446701View commit details -
iser-target: Fix queue-full response handling
This patch addresses two queue-full handling bugs in iser-target. The first is propagating isert_rdma_rw_ctx_post() return back to target-core via isert_put_datain() + isert_get_dataout() callbacks, in order to trigger queue-full logic in target-core. Note target-core expects -EAGAIN or -ENOMEM error to signal RDMA WRITE/READ data-transfer callbacks should be retried, after queue-full logic been invoked. Other types of errors propagated up from RDMA RW API will result in target-core generating internal CHECK_CONDITION status, avoiding subsequent isert_put_datain() and isert_get_dataout() iscsit_transport callback retry attempts. The second is to use transport_generic_request_failure() during T10-PI hw-offload errors in isert_rdma_write_done() and isert_rdma_read_done(), so CHECK_CONDITION queue-full is handled internally by target-core. Also add isert_put_response() T10-PI failure case fixme in isert_rdma_write_done(), which is currently not internally retried or released until session reinstatement. Reported-by: Potnuri Bharat Teja <bharat@chelsio.com> Reviewed-by: Potnuri Bharat Teja <bharat@chelsio.com> Tested-by: Potnuri Bharat Teja <bharat@chelsio.com> Cc: Potnuri Bharat Teja <bharat@chelsio.com> Reported-by: Steve Wise <swise@opengridcomputing.com> Cc: Steve Wise <swise@opengridcomputing.com> Cc: Sagi Grimberg <sagi@grimberg.me> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Configuration menu - View commit details
-
Copy full SHA for 555a65f - Browse repository at this point
Copy the full SHA 555a65fView commit details -
iser-target: avoid posting a recv buffer twice
We pre-allocate our send-queues and might overflow them in case we have multi work-request operations which tend to occur for large RDMA transfers over devices with limited allowed sg elements. When we get to a queue-full condition we might retry again later, so track our receive buffers so we don't repost them for a retry case. Reported-by: Potnuri Bharat Teja <bharat@chelsio.com> Tested-by: Potnuri Bharat Teja <bharat@chelsio.com> Reviewed-by: Potnuri Bharat Teja <bharat@chelsio.com> Signed-off-by: Sagi Grimberg <sagi@grimberg.me> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Configuration menu - View commit details
-
Copy full SHA for 7a56dc8 - Browse repository at this point
Copy the full SHA 7a56dc8View commit details -
target: Fix ALUA transition state race between multiple initiators
Multiple threads could be writing to alua_access_state at the same time, or there could be multiple STPGs in flight (different initiators sending them or one initiator sending them to different ports), or a combo of both and the core_alua_do_transition_tg_pt calls will race with each other. Because from the last patches we no longer delay running core_alua_do_transition_tg_pt_work, there does not seem to be any point in running that in a workqueue. And, we always wait for it to complete one way or another, so we can sleep in this code path. So, this patch made over target-pending just adds a mutex and does the work core_alua_do_transition_tg_pt_work was doing in core_alua_do_transition_tg_pt. There is also no need to use an atomic for the tg_pt_gp_alua_access_state. In core_alua_do_transition_tg_pt we will test and set it under the transition mutex. And, it is a int/32 bits so in the other places where it is read, we will never see it partially updated. Signed-off-by: Mike Christie <mchristi@redhat.com> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Configuration menu - View commit details
-
Copy full SHA for d19c464 - Browse repository at this point
Copy the full SHA d19c464View commit details -
Merge tag 'drm-misc-fixes-2017-03-31' of git://anongit.freedesktop.or…
…g/git/drm-misc into drm-fixes Just one vc4 fix from Eric, cc: stable * tag 'drm-misc-fixes-2017-03-31' of git://anongit.freedesktop.org/git/drm-misc: drm/vc4: Allocate the right amount of space for boot-time CRTC state.
Configuration menu - View commit details
-
Copy full SHA for 3a2d782 - Browse repository at this point
Copy the full SHA 3a2d782View commit details -
x86/mce/AMD: Give a name to MCA bank 3 when accessed with legacy MSRs
MCA bank 3 is reserved on systems pre-Fam17h, so it didn't have a name. However, MCA bank 3 is defined on Fam17h systems and can be accessed using legacy MSRs. Without a name we get a stack trace on Fam17h systems when trying to register sysfs files for bank 3 on kernels that don't recognize Scalable MCA. Call MCA bank 3 "decode_unit" since this is what it represents on Fam17h. This will allow kernels without SMCA support to see this bank on Fam17h+ and prevent the stack trace. This will not affect older systems since this bank is reserved on them, i.e. it'll be ignored. Tested on AMD Fam15h and Fam17h systems. WARNING: CPU: 26 PID: 1 at lib/kobject.c:210 kobject_add_internal kobject: (ffff88085bb256c0): attempted to be registered with empty name! ... Call Trace: kobject_add_internal kobject_add kobject_create_and_add threshold_create_device threshold_init_device Signed-off-by: Yazen Ghannam <yazen.ghannam@amd.com> Signed-off-by: Borislav Petkov <bp@suse.de> Link: http://lkml.kernel.org/r/1490102285-3659-1-git-send-email-Yazen.Ghannam@amd.com Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Configuration menu - View commit details
-
Copy full SHA for 29f72ce - Browse repository at this point
Copy the full SHA 29f72ceView commit details -
x86/boot: Include missing header file
Sparse complains about missing forward declarations: arch/x86/boot/compressed/error.c:8:6: warning: symbol 'warn' was not declared. Should it be static? arch/x86/boot/compressed/error.c:15:6: warning: symbol 'error' was not declared. Should it be static? Include the missing header file. Signed-off-by: Zhengyi Shen <shenzhengyi@gmail.com> Acked-by: Kess Cook <keescook@chromium.org> Link: http://lkml.kernel.org/r/1490770820-24472-1-git-send-email-shenzhengyi@gmail.com Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Configuration menu - View commit details
-
Copy full SHA for 6b1cc94 - Browse repository at this point
Copy the full SHA 6b1cc94View commit details -
ALSA: hda - fix a problem for lineout on a Dell AIO machine
On this Dell AIO machine, the lineout jack does not work. We found the pin 0x1a is assigned to lineout on this machine, and in the past, we applied ALC298_FIXUP_DELL1_MIC_NO_PRESENCE to fix the heaset-set mic problem for this machine, this fixup will redefine the pin 0x1a to headphone-mic, as a result the lineout doesn't work anymore. After consulting with Dell, they told us this machine doesn't support microphone via headset jack, so we add a new fixup which only defines the pin 0x18 as the headset-mic. [rearranged the fixup insertion position by tiwai in order to make the merge with other branches easier -- tiwai] Fixes: 59ec4b5 ("ALSA: hda - Fix headset mic detection problem for two dell machines") Cc: <stable@vger.kernel.org> Signed-off-by: Hui Wang <hui.wang@canonical.com> Signed-off-by: Takashi Iwai <tiwai@suse.de>
Configuration menu - View commit details
-
Copy full SHA for 2f726ae - Browse repository at this point
Copy the full SHA 2f726aeView commit details -
irqchip/mips-gic: Fix Local compare interrupt
Commit 4cfffcf ("irqchip/mips-gic: Fix local interrupts") added mapping of several local interrupts during initialisation of the gic driver. This associates virq numbers with these interrupts. Unfortunately, as not all of the interrupts are mapped in hardware order, when drivers subsequently request these interrupts they conflict with the mappings that have already been set up. For example, this manifests itself in the gic clocksource driver, which fails to probe with the message: clocksource: GIC: mask: 0xffffffffffffffff max_cycles: 0x7350c9738, max_idle_ns: 440795203769 ns GIC timer IRQ 25 setup failed: -22 This is because virq 25 (the correct IRQ number specified via device tree) was allocated to the PERFCTR interrupt (and 24 to the timer, 26 to the FDC). To fix this, map all of these local interrupts in the hardware order so as to associate their virq numbers with the correct hw interrupts. Fixes: 4cfffcf ("irqchip/mips-gic: Fix local interrupts") Acked-by: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Matt Redfearn <matt.redfearn@imgtec.com> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 4296989 - Browse repository at this point
Copy the full SHA 4296989View commit details -
Merge tag 'irq-fixes-4.11-rc5' of git://git.kernel.org/pub/scm/linux/…
…kernel/git/maz/arm-platforms into irq/urgent Pull irqchip fixes from Marc Zyngier - Fix mvebu-odmi dependency selection - Fix mips-gic virtual/hw mapping
Configuration menu - View commit details
-
Copy full SHA for a89eae6 - Browse repository at this point
Copy the full SHA a89eae6View commit details -
dm raid: fix NULL pointer dereference for raid1 without bitmap
Commit 4257e08 ("dm raid: support to change bitmap region size") introduced a bitmap resize call during preresume phase. User can create a DM device with "raid" target configured as raid1 with no metadata devices to hold superblock/bitmap info. It can be achieved using the following sequence: truncate -s 32M /dev/shm/raid-test LOOP=$(losetup --show -f /dev/shm/raid-test) dmsetup create raid-test-linear0 --table "0 1024 linear $LOOP 0" dmsetup create raid-test-linear1 --table "0 1024 linear $LOOP 1024" dmsetup create raid-test --table "0 1024 raid raid1 1 2048 2 - /dev/mapper/raid-test-linear0 - /dev/mapper/raid-test-linear1" This results in the following crash: [ 4029.110216] device-mapper: raid: Ignoring chunk size parameter for RAID 1 [ 4029.110217] device-mapper: raid: Choosing default region size of 4MiB [ 4029.111349] md/raid1:mdX: active with 2 out of 2 mirrors [ 4029.114770] BUG: unable to handle kernel NULL pointer dereference at 0000000000000030 [ 4029.114802] IP: bitmap_resize+0x25/0x7c0 [md_mod] [ 4029.114816] PGD 0 … [ 4029.115059] Hardware name: Aquarius Pro P30 S85 BUY-866/B85M-E, BIOS 2304 05/25/2015 [ 4029.115079] task: ffff88015cc29a80 task.stack: ffffc90001a5c000 [ 4029.115097] RIP: 0010:bitmap_resize+0x25/0x7c0 [md_mod] [ 4029.115112] RSP: 0018:ffffc90001a5fb68 EFLAGS: 00010246 [ 4029.115127] RAX: 0000000000000005 RBX: 0000000000000000 RCX: 0000000000000000 [ 4029.115146] RDX: 0000000000000000 RSI: 0000000000000400 RDI: 0000000000000000 [ 4029.115166] RBP: ffffc90001a5fc28 R08: 0000000800000000 R09: 00000008ffffffff [ 4029.115185] R10: ffffea0005661600 R11: ffff88015cc29a80 R12: ffff88021231f058 [ 4029.115204] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 4029.115223] FS: 00007fe73a6b4740(0000) GS:ffff88021ea80000(0000) knlGS:0000000000000000 [ 4029.115245] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 4029.115261] CR2: 0000000000000030 CR3: 0000000159a74000 CR4: 00000000001426e0 [ 4029.115281] Call Trace: [ 4029.115291] ? raid_iterate_devices+0x63/0x80 [dm_raid] [ 4029.115309] ? dm_table_all_devices_attribute.isra.23+0x41/0x70 [dm_mod] [ 4029.115329] ? dm_table_set_restrictions+0x225/0x2d0 [dm_mod] [ 4029.115346] raid_preresume+0x81/0x2e0 [dm_raid] [ 4029.115361] dm_table_resume_targets+0x47/0xe0 [dm_mod] [ 4029.115378] dm_resume+0xa8/0xd0 [dm_mod] [ 4029.115391] dev_suspend+0x123/0x250 [dm_mod] [ 4029.115405] ? table_load+0x350/0x350 [dm_mod] [ 4029.115419] ctl_ioctl+0x1c2/0x490 [dm_mod] [ 4029.115433] dm_ctl_ioctl+0xe/0x20 [dm_mod] [ 4029.115447] do_vfs_ioctl+0x8d/0x5a0 [ 4029.115459] ? ____fput+0x9/0x10 [ 4029.115470] ? task_work_run+0x79/0xa0 [ 4029.115481] SyS_ioctl+0x3c/0x70 [ 4029.115493] entry_SYSCALL_64_fastpath+0x13/0x94 The raid_preresume() function incorrectly assumes that the raid_set has a bitmap enabled if RT_FLAG_RS_BITMAP_LOADED is set. But RT_FLAG_RS_BITMAP_LOADED is getting set in __load_dirty_region_bitmap() even if there is no bitmap present (and bitmap_load() happily returns 0 even if a bitmap isn't present). So the only way forward in the near-term is to check if the bitmap is present by seeing if mddev->bitmap is not NULL after bitmap_load() has been called. By doing so the above NULL pointer is avoided. Fixes: 4257e08 ("dm raid: support to change bitmap region size") Cc: stable@vger.kernel.org # v4.8+ Signed-off-by: Dmitry Bilunov <kmeaw@yandex-team.ru> Signed-off-by: Andrey Smetanin <asmetanin@yandex-team.ru> Acked-by: Heinz Mauelshagen <heinzm@redhat.com> Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for 7a0c5c5 - Browse repository at this point
Copy the full SHA 7a0c5c5View commit details -
serial: mxs-auart: Fix baudrate calculation
The reference manual for the i.MX28 recommends to calculate the divisor as divisor = (UARTCLK * 32) / baud rate, rounded to the nearest integer , so let's do this. For a typical setup of UARTCLK = 24 MHz and baud rate = 115200 this changes the divisor from 6666 to 6667 and so the actual baud rate improves from 115211.521 Bd (error ≅ 0.01 %) to 115194.240 Bd (error ≅ 0.005 %). Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Cc: stable <stable@vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Configuration menu - View commit details
-
Copy full SHA for a6040bc - Browse repository at this point
Copy the full SHA a6040bcView commit details -
tty/serial: atmel: fix race condition (TX+DMA)
If uart_flush_buffer() is called between atmel_tx_dma() and atmel_complete_tx_dma(), the circular buffer has been cleared, but not atmel_port->tx_len. That leads to a circular buffer overflow (dumping (UART_XMIT_SIZE - atmel_port->tx_len) bytes). Tested-by: Nicolas Ferre <nicolas.ferre@microchip.com> Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Cc: stable <stable@vger.kernel.org> # 3.12+ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Configuration menu - View commit details
-
Copy full SHA for 31ca2c6 - Browse repository at this point
Copy the full SHA 31ca2c6View commit details -
tty/serial: atmel: fix TX path in atmel_console_write()
A side effect of 89d8232 ("tty/serial: atmel_serial: BUG: stop DMA from transmitting in stop_tx") is that the console can be called with TX path disabled. Then the system would hang trying to push charecters out in atmel_console_putchar(). Signed-off-by: Nicolas Ferre <nicolas.ferre@microchip.com> Fixes: 89d8232 ("tty/serial: atmel_serial: BUG: stop DMA from transmitting in stop_tx") Cc: stable <stable@vger.kernel.org> #4.4+ Acked-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Configuration menu - View commit details
-
Copy full SHA for 497e1e1 - Browse repository at this point
Copy the full SHA 497e1e1View commit details -
serial: 8250_EXAR: fix duplicate Kconfig text and add missing help text
In commit d0aeaa8 ("serial: exar: split out the exar code from 8250_pci") the exar driver got its own Kconfig. However the text for the new option was never changed from the original 8250_PCI text, and hence it appears confusing when you get asked the same question twice: 8250/16550 PCI device support (SERIAL_8250_PCI) [Y/n/m/?] (NEW) 8250/16550 PCI device support (SERIAL_8250_EXAR) [Y/n/m] (NEW) Adding to the confusion, is that there is no help text for this new option to indicate it is specific to a certain family of cards. Fix both issues at the same time, as well as the space vs. tab issues introduced in the same commit. Fixes: d0aeaa8 ("serial: exar: split out the exar code from 8250_pci") Cc: Jiri Slaby <jslaby@suse.com> Cc: linux-serial@vger.kernel.org Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> Acked-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com> Reviewed-by: Andy Shevchenko <andy.shevchenko@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Configuration menu - View commit details
-
Copy full SHA for 49e1590 - Browse repository at this point
Copy the full SHA 49e1590View commit details -
NFSv4.1 fix infinite loop on IO BAD_STATEID error
Commit 63d63cb "NFSv4.1: Don't recheck delegations that have already been checked" introduced a regression where when a client received BAD_STATEID error it would not send any TEST_STATEID and instead go into an infinite loop of resending the IO that caused the BAD_STATEID. Fixes: 63d63cb ("NFSv4.1: Don't recheck delegations that have already been checked") Signed-off-by: Olga Kornievskaia <kolga@netapp.com> Cc: stable@vger.kernel.org # 4.9+ Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Configuration menu - View commit details
-
Copy full SHA for 0e3d3e5 - Browse repository at this point
Copy the full SHA 0e3d3e5View commit details -
nfs: flexfiles: fix kernel OOPS if MDS returns unsupported DS type
this fix aims to fix dereferencing of a mirror in an error state when MDS returns unsupported DS type (IOW, not v3), which causes the following oops: [ 220.370709] BUG: unable to handle kernel NULL pointer dereference at 0000000000000065 [ 220.370842] IP: ff_layout_mirror_valid+0x2d/0x110 [nfs_layout_flexfiles] [ 220.370920] PGD 0 [ 220.370972] Oops: 0000 [#1] SMP [ 220.371013] Modules linked in: nfnetlink_queue nfnetlink_log bluetooth nfs_layout_flexfiles rpcsec_gss_krb5 nfsv4 dns_resolver nfs fscache nf_conntrack_netbios_ns nf_conntrack_broadcast xt_CT ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bridge stp llc ip6table_raw ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_security iptable_raw iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack libcrc32c iptable_mangle iptable_security ebtable_filter ebtables ip6table_filter ip6_tables binfmt_misc intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel btrfs kvm arc4 snd_hda_codec_hdmi iwldvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel intel_cstate mac80211 xor uvcvideo [ 220.371814] videobuf2_vmalloc videobuf2_memops snd_hda_codec_idt mei_wdt videobuf2_v4l2 snd_hda_codec_generic iTCO_wdt ppdev videobuf2_core iTCO_vendor_support dell_rbtn dell_wmi iwlwifi sparse_keymap dell_laptop dell_smbios snd_hda_intel dcdbas videodev snd_hda_codec dell_smm_hwmon snd_hda_core media cfg80211 intel_uncore snd_hwdep raid6_pq snd_seq intel_rapl_perf snd_seq_device joydev i2c_i801 rfkill lpc_ich snd_pcm parport_pc mei_me parport snd_timer dell_smo8800 mei snd shpchp soundcore tpm_tis tpm_tis_core tpm nfsd auth_rpcgss nfs_acl lockd grace sunrpc i915 nouveau mxm_wmi ttm i2c_algo_bit drm_kms_helper crc32c_intel e1000e drm sdhci_pci firewire_ohci sdhci serio_raw mmc_core firewire_core ptp crc_itu_t pps_core wmi fjes video [ 220.372568] CPU: 7 PID: 4988 Comm: cat Not tainted 4.10.5-200.fc25.x86_64 #1 [ 220.372647] Hardware name: Dell Inc. Latitude E6520/0J4TFW, BIOS A06 07/11/2011 [ 220.372729] task: ffff94791f6ea580 task.stack: ffffb72b88c0c000 [ 220.372802] RIP: 0010:ff_layout_mirror_valid+0x2d/0x110 [nfs_layout_flexfiles] [ 220.372883] RSP: 0018:ffffb72b88c0f970 EFLAGS: 00010246 [ 220.372945] RAX: 0000000000000000 RBX: ffff9479015ca600 RCX: ffffffffffffffed [ 220.373025] RDX: ffffffffffffffed RSI: ffff9479753dc980 RDI: 0000000000000000 [ 220.373104] RBP: ffffb72b88c0f988 R08: 000000000001c980 R09: ffffffffc0ea6112 [ 220.373184] R10: ffffef17477d9640 R11: ffff9479753dd6c0 R12: ffff9479211c7440 [ 220.373264] R13: ffff9478f45b7790 R14: 0000000000000001 R15: ffff9479015ca600 [ 220.373345] FS: 00007f555fa3e700(0000) GS:ffff9479753c0000(0000) knlGS:0000000000000000 [ 220.373435] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 220.373506] CR2: 0000000000000065 CR3: 0000000196044000 CR4: 00000000000406e0 [ 220.373586] Call Trace: [ 220.373627] nfs4_ff_layout_prepare_ds+0x5e/0x200 [nfs_layout_flexfiles] [ 220.373708] ff_layout_pg_init_read+0x81/0x160 [nfs_layout_flexfiles] [ 220.373806] __nfs_pageio_add_request+0x11f/0x4a0 [nfs] [ 220.373886] ? nfs_create_request.part.14+0x37/0x330 [nfs] [ 220.373967] nfs_pageio_add_request+0xb2/0x260 [nfs] [ 220.374042] readpage_async_filler+0xaf/0x280 [nfs] [ 220.374103] read_cache_pages+0xef/0x1b0 [ 220.374166] ? nfs_read_completion+0x210/0x210 [nfs] [ 220.374239] nfs_readpages+0x129/0x200 [nfs] [ 220.374293] __do_page_cache_readahead+0x1d0/0x2f0 [ 220.374352] ondemand_readahead+0x17d/0x2a0 [ 220.374403] page_cache_sync_readahead+0x2e/0x50 [ 220.374460] generic_file_read_iter+0x6c8/0x950 [ 220.374532] ? nfs_mapping_need_revalidate_inode+0x17/0x40 [nfs] [ 220.374617] nfs_file_read+0x6e/0xc0 [nfs] [ 220.374670] __vfs_read+0xe2/0x150 [ 220.374715] vfs_read+0x96/0x130 [ 220.374758] SyS_read+0x55/0xc0 [ 220.374801] entry_SYSCALL_64_fastpath+0x1a/0xa9 [ 220.374856] RIP: 0033:0x7f555f570bd0 [ 220.374900] RSP: 002b:00007ffeb73e1b38 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 220.374986] RAX: ffffffffffffffda RBX: 00007f555f839ae0 RCX: 00007f555f570bd0 [ 220.375066] RDX: 0000000000020000 RSI: 00007f555fa41000 RDI: 0000000000000003 [ 220.375145] RBP: 0000000000021010 R08: ffffffffffffffff R09: 0000000000000000 [ 220.375226] R10: 00007f555fa40010 R11: 0000000000000246 R12: 0000000000022000 [ 220.375305] R13: 0000000000021010 R14: 0000000000001000 R15: 0000000000002710 [ 220.375386] Code: 66 66 90 55 48 89 e5 41 54 53 49 89 fc 48 83 ec 08 48 85 f6 74 2e 48 8b 4e 30 48 89 f3 48 81 f9 00 f0 ff ff 77 1e 48 85 c9 74 15 <48> 83 79 78 00 b8 01 00 00 00 74 2c 48 83 c4 08 5b 41 5c 5d c3 [ 220.375653] RIP: ff_layout_mirror_valid+0x2d/0x110 [nfs_layout_flexfiles] RSP: ffffb72b88c0f970 [ 220.375748] CR2: 0000000000000065 [ 220.403538] ---[ end trace bcdca752211b7da9 ]--- Signed-off-by: Tigran Mkrtchyan <tigran.mkrtchyan@desy.de> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Configuration menu - View commit details
-
Copy full SHA for f17f8a1 - Browse repository at this point
Copy the full SHA f17f8a1View commit details -
Merge tag 'drm-fixes-for-v4.11-rc5' of git://people.freedesktop.org/~…
…airlied/linux Pull drm fixes from Dave Airlie: "Seems to be quietening down, which means someone will make a liar of me for rc6. Just one vc4, one etnvaiv, one radeon, and a few i915 GVT fixes, and one i915 normal fixes" * tag 'drm-fixes-for-v4.11-rc5' of git://people.freedesktop.org/~airlied/linux: drm/vc4: Allocate the right amount of space for boot-time CRTC state. drm/etnaviv: (re-)protect fence allocation with GPU mutex drm/radeon: Override fpfn for all VRAM placements in radeon_evict_flags drm/i915: Restore marking context objects as dirty on pinning drm/i915/gvt: Use force single submit flag to distinguish gvt request from i915 request drm/i915/gvt: set shadow entry to scratch page while p2m failed drm/i915/gvt: Fix guest fail to read EDID leading to black guest console issue. drm/i915/gvt: fix wrong offset when loading RCS mocs drm/i915/gvt: add write handler for mmio mbctl drm/i915/kvmgt: Hold struct kvm reference
Configuration menu - View commit details
-
Copy full SHA for 5559394 - Browse repository at this point
Copy the full SHA 5559394View commit details -
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel…
…/git/jikos/hid Pull HID fixes from Jiri Kosina: - Wacom regression fixes, from Aaron Armstrong Skomra - new device ID addition by Peter Stein * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid: HID: wacom: call _query_tablet_data() for BAMBOO_TOUCH HID: wacom: Don't add ghost interface as shared data HID: xinmo: fix for out of range for THT 2P arcade controller.
Configuration menu - View commit details
-
Copy full SHA for eee551d - Browse repository at this point
Copy the full SHA eee551dView commit details -
Merge tag 'sound-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kern…
…el/git/tiwai/sound Pull sound fixes from Takashi Iwai: "At this time, most of changes are for ASoC, while we got one fix for yet another race of ALSA sequencer core and a usual HD-audio quirk. The ASoC changes are mostly small and device-specific fixes. A slightly large volume is seen in sun8i-codec, which is a new code in 4.11, and we'd like to fix user-visible stuff before the official 4.1 release" * tag 'sound-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound: (27 commits) ALSA: hda - fix a problem for lineout on a Dell AIO machine ASoC: simple-card: fix simple_dai clk lookup ASoC: STI: Fix reader substream pointer set ALSA: seq: Fix race during FIFO resize ARM: dts: sun8i: Update audio-routing with renamed widgets ASoC: sun8i-codec: Convert to use SND_SOC_DAPM_AIF_IN ASoC: sun8i-codec: Fix space on audio-routing widget ASoC: sun8i-codec: Update mixer to use SOC_DAPM_DOUBLE ASoC: sun8i-codec: Remove analog "HP" widget ASoC: rt5665: fix wrong shift rt5665_if2_1_adc_in_enum ASoC: rt5665: fix define of RT5665_HP_DRIVER_5X ASoC: rcar: dma: remove unnecessary "volatile" ASoC: rcar: clear DE bit only in PDMACHCR when it stops ASoC: rsnd: fix sound route path when using SRC6/SRC9 ASoC: don't dereference NULL pcm_{new,free} ASoC: rt5665: CLKDET is also a power of ASRC ASoC: rt5665: Vref3 is necessary for Mono Amp ASoC: rt5665: increase LDO level ASoC: rt5665: fix getting wrong work handler container ASoC: atmel-classd: fix audio clock rate ...
Configuration menu - View commit details
-
Copy full SHA for 0fc04f9 - Browse repository at this point
Copy the full SHA 0fc04f9View commit details -
Merge tag 'mmc-v4.11-rc4' of git://git.kernel.org/pub/scm/linux/kerne…
…l/git/ulfh/mmc Pull MMC fixes from Ulf Hansson: "Here are a couple of mmc fixes intended for v4.11 rc5. MMC host: - sdhci: Fix bug when using SDIO IRQ - sdhci-of-at91: Fix eMMC DDR52 card detection" * tag 'mmc-v4.11-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc: mmc: sdhci-of-at91: fix MMC_DDR_52 timing selection mmc: sdhci: Disable runtime pm when the sdio_irq is enabled
Configuration menu - View commit details
-
Copy full SHA for 728f4b3 - Browse repository at this point
Copy the full SHA 728f4b3View commit details -
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git…
…/herbert/crypto-2.6 Pull crypto fixes from Herbert Xu: "This fixes the following issues: - memory corruption when kmalloc fails in xts/lrw - mark some CCP DMA channels as private - fix reordering race in padata - regression in omap-rng DT description" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: xts,lrw - fix out-of-bounds write after kmalloc failure crypto: ccp - Make some CCP DMA channels private padata: avoid race in reordering dt-bindings: rng: clocks property on omap_rng not always mandatory
Configuration menu - View commit details
-
Copy full SHA for 035f0cd - Browse repository at this point
Copy the full SHA 035f0cdView commit details -
Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/…
…git/arm64/linux Pull arm64 fixes from Will Deacon: "The main thing is a fix for a NULL dereference on systems that boot using spin-tables or the ACPI parking protocol, but there are also a couple of trivial one-liners too. We're currently debugging a page flags corruption issue under syzkaller, but we're still some way from fixing that as it's proving fiddly to reproduce. Summary: - fix cpu_die() NULL dereference when booting secondary CPUs using spin-table - remove redundant #include - remove obsolete .gitignore entry" * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: arm64: drop non-existing vdso-offsets.h from .gitignore arm64: remove redundant header file in current.h arm64: fix NULL dereference in have_cpu_die()
Configuration menu - View commit details
-
Copy full SHA for e39bccf - Browse repository at this point
Copy the full SHA e39bccfView commit details -
Merge tag 'nfs-for-4.11-3' of git://git.linux-nfs.org/projects/anna/l…
…inux-nfs Pull NFS client fixes from Anna Schumaker: "Here are a few more bugfixes that came in over the last couple of weeks. Most of these fix various hangs and loops that people found, but we also had a few error handling fixes. Stable Bugfixes: - fix infinite loop on BAD_STATEID error Other Bugfixes: - fix old dentry rehash after move - fix pnfs GETDEVINFO hangs - fix pnfs fallback to MDS on commit errors - fix flexfiles kernel oops" * tag 'nfs-for-4.11-3' of git://git.linux-nfs.org/projects/anna/linux-nfs: nfs: flexfiles: fix kernel OOPS if MDS returns unsupported DS type NFSv4.1 fix infinite loop on IO BAD_STATEID error PNFS fix fallback to MDS if got error on commit to DS NFS filelayout:call GETDEVICEINFO after pnfs_layout_process completes NFS store nfs4_deviceid in struct nfs4_filelayout_segment NFS cleanup struct nfs4_filelayout_segment NFS: Fix old dentry rehash after move
Configuration menu - View commit details
-
Copy full SHA for f9799ad - Browse repository at this point
Copy the full SHA f9799adView commit details -
dm verity fec: fix bufio leaks
Buffers read through dm_bufio_read() were not released in all code paths. Fixes: a739ff3 ("dm verity: add support for forward error correction") Cc: stable@vger.kernel.org # v4.5+ Signed-off-by: Sami Tolvanen <samitolvanen@google.com> Signed-off-by: Mike Snitzer <snitzer@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for 86e3e83 - Browse repository at this point
Copy the full SHA 86e3e83View commit details -
Merge branches 'acpi-hotplug-fixes', 'acpi-build-fixes' and 'acpi-ape…
…i-fixes' * acpi-hotplug-fixes: ACPI: Do not create a platform_device for IOAPIC/IOxAPIC ACPI: ioapic: Clear on-stack resource before using it * acpi-build-fixes: ACPI: Fix incompatibility with mcount-based function graph tracing * acpi-apei-fixes: ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal
Configuration menu - View commit details
-
Copy full SHA for a079306 - Browse repository at this point
Copy the full SHA a079306View commit details -
Merge branches 'pm-cpufreq-fixes' and 'pm-cpuidle-fixes'
* pm-cpufreq-fixes: cpufreq: Fix creation of symbolic links to policy directories * pm-cpuidle-fixes: cpuidle: powernv: Pass correct drv->cpumask for registration
Configuration menu - View commit details
-
Copy full SHA for 46e1d5e - Browse repository at this point
Copy the full SHA 46e1d5eView commit details -
ACPI / scan: Prefer devices without _HID for _ADR matching
Commit c2a6bba (ACPI / scan: Prefer devices without _HID/_CID for _ADR matching) added a list_empty(&adev->pnp.ids) check to find_child_checks() so as to catch situations in which the ACPI core attempts to decode _ADR for a device having a _HID too which is strictly against the spec. However, it overlooked the fact that the adev->pnp.ids list for the devices taken into account by find_child_checks() may contain device IDs set internally by the kernel, like "LNXVIDEO" (thanks to Zhang Rui for that realization), and it broke the enumeration of those devices as a result. To unbreak it, replace the overly coarse grained list_empty() check with a much more precise check against the pnp.type.platform_id flag which is only set for devices having a _HID (that's how it should be done from the start, as having both _ADR and _CID is actually permitted). Fixes: c2a6bba (ACPI / scan: Prefer devices without _HID/_CID for _ADR matching) Link: https://bugzilla.kernel.org/show_bug.cgi?id=194889 Reported-and-tested-by: Mike <mike@mikewilson.me.uk> Tested-by: Hans de Goede <hdegoede@redhat.com> Cc: 4.10+ <stable@vger.kernel.org> # 4.10+ Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Configuration menu - View commit details
-
Copy full SHA for fdad4e7 - Browse repository at this point
Copy the full SHA fdad4e7View commit details -
Use %pB in pr_cont format string instead of calling print_symbol separately. It turns [ 19.166249] Call Trace: [ 19.167265] [<a000e50a>] [ 19.167843] __warn+0x92/0xa0 [ 19.169656] [<a000e554>] [ 19.170059] warn_slowpath_fmt+0x3c/0x40 [ 19.171934] [<a02d5bd8>] back into [ 18.123240] Call Trace: [ 18.125039] [<a000e4f6>] __warn+0x92/0xa0 [ 18.126961] [<a000e540>] warn_slowpath_fmt+0x3c/0x40 Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for e640cc3 - Browse repository at this point
Copy the full SHA e640cc3View commit details -
xtensa: wire up statx system call
Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 1493aa6 - Browse repository at this point
Copy the full SHA 1493aa6View commit details
Commits on Apr 1, 2017
-
mm: migrate: fix remove_migration_pte() for ksm pages
I found that calling page migration for ksm pages causes the following bug: page:ffffea0004d51180 count:2 mapcount:2 mapping:ffff88013c785141 index:0x913 flags: 0x57ffffc0040068(uptodate|lru|active|swapbacked) raw: 0057ffffc0040068 ffff88013c785141 0000000000000913 0000000200000001 raw: ffffea0004d5f9e0 ffffea0004d53f60 0000000000000000 ffff88007d81b800 page dumped because: VM_BUG_ON_PAGE(!PageLocked(page)) page->mem_cgroup:ffff88007d81b800 ------------[ cut here ]------------ kernel BUG at /src/linux-dev/mm/rmap.c:1086! invalid opcode: 0000 [#1] SMP Modules linked in: ppdev parport_pc virtio_balloon i2c_piix4 pcspkr parport i2c_core acpi_cpufreq ip_tables xfs libcrc32c ata_generic pata_acpi ata_piix 8139too libata virtio_blk 8139cp crc32c_intel mii virtio_pci virtio_ring serio_raw virtio floppy dm_mirror dm_region_hash dm_log dm_mod CPU: 0 PID: 3162 Comm: bash Not tainted 4.11.0-rc2-mm1+ #1 Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 RIP: 0010:do_page_add_anon_rmap+0x1ba/0x260 RSP: 0018:ffffc90002473b30 EFLAGS: 00010282 RAX: 0000000000000021 RBX: ffffea0004d51180 RCX: 0000000000000006 RDX: 0000000000000000 RSI: 0000000000000082 RDI: ffff88007dc0dfe0 RBP: ffffc90002473b58 R08: 00000000fffffffe R09: 00000000000001c1 R10: 0000000000000005 R11: 00000000000001c0 R12: ffff880139ab3d80 R13: 0000000000000000 R14: 0000700000000200 R15: 0000160000000000 FS: 00007f5195f50740(0000) GS:ffff88007dc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fd450287000 CR3: 000000007a08e000 CR4: 00000000001406f0 Call Trace: page_add_anon_rmap+0x18/0x20 remove_migration_pte+0x220/0x2c0 rmap_walk_ksm+0x143/0x220 rmap_walk+0x55/0x60 remove_migration_ptes+0x53/0x80 migrate_pages+0x8ed/0xb60 soft_offline_page+0x309/0x8d0 store_soft_offline_page+0xaf/0xf0 dev_attr_store+0x18/0x30 sysfs_kf_write+0x3a/0x50 kernfs_fop_write+0xff/0x180 __vfs_write+0x37/0x160 vfs_write+0xb2/0x1b0 SyS_write+0x55/0xc0 do_syscall_64+0x67/0x180 entry_SYSCALL64_slow_path+0x25/0x25 RIP: 0033:0x7f51956339e0 RSP: 002b:00007ffcfa0dffc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 000000000000000c RCX: 00007f51956339e0 RDX: 000000000000000c RSI: 00007f5195f53000 RDI: 0000000000000001 RBP: 00007f5195f53000 R08: 000000000000000a R09: 00007f5195f50740 R10: 000000000000000b R11: 0000000000000246 R12: 00007f5195907400 R13: 000000000000000c R14: 0000000000000001 R15: 0000000000000000 Code: fe ff ff 48 81 c2 00 02 00 00 48 89 55 d8 e8 2e c3 fd ff 48 8b 55 d8 e9 42 ff ff ff 48 c7 c6 e0 52 a1 81 48 89 df e8 46 ad fe ff <0f> 0b 48 83 e8 01 e9 7f fe ff ff 48 83 e8 01 e9 96 fe ff ff 48 RIP: do_page_add_anon_rmap+0x1ba/0x260 RSP: ffffc90002473b30 ---[ end trace a679d00f4af2df48 ]--- Kernel panic - not syncing: Fatal exception Kernel Offset: disabled ---[ end Kernel panic - not syncing: Fatal exception The problem is in the following lines: new = page - pvmw.page->index + linear_page_index(vma, pvmw.address); The 'new' is calculated with 'page' which is given by the caller as a destination page and some offset adjustment for thp. But this doesn't properly work for ksm pages because pvmw.page->index doesn't change for each address but linear_page_index() changes, which means that 'new' points to different pages for each addresses backed by the ksm page. As a result, we try to set totally unrelated pages as destination pages, and that causes kernel crash. This patch fixes the miscalculation and makes ksm page migration work fine. Fixes: 3fe8796 ("mm: convert remove_migration_pte() to use page_vma_mapped_walk()") Link: http://lkml.kernel.org/r/1489717683-29905-1-git-send-email-n-horiguchi@ah.jp.nec.com Signed-off-by: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com> Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: Michal Hocko <mhocko@kernel.org> Cc: Mel Gorman <mgorman@suse.de> Cc: Hillf Danton <hillf.zj@alibaba-inc.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 4b0ece6 - Browse repository at this point
Copy the full SHA 4b0ece6View commit details -
mm: move mm_percpu_wq initialization earlier
Yang Li has reported that drain_all_pages triggers a WARN_ON which means that this function is called earlier than the mm_percpu_wq is initialized on arm64 with CMA configured: WARNING: CPU: 2 PID: 1 at mm/page_alloc.c:2423 drain_all_pages+0x244/0x25c Modules linked in: CPU: 2 PID: 1 Comm: swapper/0 Not tainted 4.11.0-rc1-next-20170310-00027-g64dfbc5 #127 Hardware name: Freescale Layerscape 2088A RDB Board (DT) task: ffffffc07c4a6d00 task.stack: ffffffc07c4a8000 PC is at drain_all_pages+0x244/0x25c LR is at start_isolate_page_range+0x14c/0x1f0 [...] drain_all_pages+0x244/0x25c start_isolate_page_range+0x14c/0x1f0 alloc_contig_range+0xec/0x354 cma_alloc+0x100/0x1fc dma_alloc_from_contiguous+0x3c/0x44 atomic_pool_init+0x7c/0x208 arm64_dma_init+0x44/0x4c do_one_initcall+0x38/0x128 kernel_init_freeable+0x1a0/0x240 kernel_init+0x10/0xfc ret_from_fork+0x10/0x20 Fix this by moving the whole setup_vmstat which is an initcall right now to init_mm_internals which will be called right after the WQ subsystem is initialized. Link: http://lkml.kernel.org/r/20170315164021.28532-1-mhocko@kernel.org Signed-off-by: Michal Hocko <mhocko@suse.com> Reported-by: Yang Li <pku.leo@gmail.com> Tested-by: Yang Li <pku.leo@gmail.com> Tested-by: Xiaolong Ye <xiaolong.ye@intel.com> Cc: Mel Gorman <mgorman@suse.de> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 597b730 - Browse repository at this point
Copy the full SHA 597b730View commit details -
mm: rmap: fix huge file mmap accounting in the memcg stats
Huge pages are accounted as single units in the memcg's "file_mapped" counter. Account the correct number of base pages, like we do in the corresponding node counter. Link: http://lkml.kernel.org/r/20170322005111.3156-1-hannes@cmpxchg.org Signed-off-by: Johannes Weiner <hannes@cmpxchg.org> Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Acked-by: Michal Hocko <mhocko@suse.com> Cc: Vladimir Davydov <vdavydov.dev@gmail.com> Cc: <stable@vger.kernel.org> [4.8+] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 553af43 - Browse repository at this point
Copy the full SHA 553af43View commit details -
mm: workingset: fix premature shadow node shrinking with cgroups
Commit 0a6b76d ("mm: workingset: make shadow node shrinker memcg aware") enabled cgroup-awareness in the shadow node shrinker, but forgot to also enable cgroup-awareness in the list_lru the shadow nodes sit on. Consequently, all shadow nodes are sitting on a global (per-NUMA node) list, while the shrinker applies the limits according to the amount of cache in the cgroup its shrinking. The result is excessive pressure on the shadow nodes from cgroups that have very little cache. Enable memcg-mode on the shadow node LRUs, such that per-cgroup limits are applied to per-cgroup lists. Fixes: 0a6b76d ("mm: workingset: make shadow node shrinker memcg aware") Link: http://lkml.kernel.org/r/20170322005320.8165-1-hannes@cmpxchg.org Signed-off-by: Johannes Weiner <hannes@cmpxchg.org> Acked-by: Vladimir Davydov <vdavydov@tarantool.org> Cc: Michal Hocko <mhocko@suse.com> Cc: <stable@vger.kernel.org> [4.6+] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 0cefabd - Browse repository at this point
Copy the full SHA 0cefabdView commit details -
mm, hugetlb: use pte_present() instead of pmd_present() in follow_hug…
…e_pmd() I found the race condition which triggers the following bug when move_pages() and soft offline are called on a single hugetlb page concurrently. Soft offlining page 0x119400 at 0x700000000000 BUG: unable to handle kernel paging request at ffffea0011943820 IP: follow_huge_pmd+0x143/0x190 PGD 7ffd2067 PUD 7ffd1067 PMD 0 [61163.582052] Oops: 0000 [#1] SMP Modules linked in: binfmt_misc ppdev virtio_balloon parport_pc pcspkr i2c_piix4 parport i2c_core acpi_cpufreq ip_tables xfs libcrc32c ata_generic pata_acpi virtio_blk 8139too crc32c_intel ata_piix serio_raw libata virtio_pci 8139cp virtio_ring virtio mii floppy dm_mirror dm_region_hash dm_log dm_mod [last unloaded: cap_check] CPU: 0 PID: 22573 Comm: iterate_numa_mo Tainted: P OE 4.11.0-rc2-mm1+ #2 Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 RIP: 0010:follow_huge_pmd+0x143/0x190 RSP: 0018:ffffc90004bdbcd0 EFLAGS: 00010202 RAX: 0000000465003e80 RBX: ffffea0004e34d30 RCX: 00003ffffffff000 RDX: 0000000011943800 RSI: 0000000000080001 RDI: 0000000465003e80 RBP: ffffc90004bdbd18 R08: 0000000000000000 R09: ffff880138d34000 R10: ffffea0004650000 R11: 0000000000c363b0 R12: ffffea0011943800 R13: ffff8801b8d34000 R14: ffffea0000000000 R15: 000077ff80000000 FS: 00007fc977710740(0000) GS:ffff88007dc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffea0011943820 CR3: 000000007a746000 CR4: 00000000001406f0 Call Trace: follow_page_mask+0x270/0x550 SYSC_move_pages+0x4ea/0x8f0 SyS_move_pages+0xe/0x10 do_syscall_64+0x67/0x180 entry_SYSCALL64_slow_path+0x25/0x25 RIP: 0033:0x7fc976e03949 RSP: 002b:00007ffe72221d88 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc976e03949 RDX: 0000000000c22390 RSI: 0000000000001400 RDI: 0000000000005827 RBP: 00007ffe72221e00 R08: 0000000000c2c3a0 R09: 0000000000000004 R10: 0000000000c363b0 R11: 0000000000000246 R12: 0000000000400650 R13: 00007ffe72221ee0 R14: 0000000000000000 R15: 0000000000000000 Code: 81 e4 ff ff 1f 00 48 21 c2 49 c1 ec 0c 48 c1 ea 0c 4c 01 e2 49 bc 00 00 00 00 00 ea ff ff 48 c1 e2 06 49 01 d4 f6 45 bc 04 74 90 <49> 8b 7c 24 20 40 f6 c7 01 75 2b 4c 89 e7 8b 47 1c 85 c0 7e 2a RIP: follow_huge_pmd+0x143/0x190 RSP: ffffc90004bdbcd0 CR2: ffffea0011943820 ---[ end trace e4f81353a2d23232 ]--- Kernel panic - not syncing: Fatal exception Kernel Offset: disabled This bug is triggered when pmd_present() returns true for non-present hugetlb, so fixing the present check in follow_huge_pmd() prevents it. Using pmd_present() to determine present/non-present for hugetlb is not correct, because pmd_present() checks multiple bits (not only _PAGE_PRESENT) for historical reason and it can misjudge hugetlb state. Fixes: e66f17f ("mm/hugetlb: take page table lock in follow_huge_pmd()") Link: http://lkml.kernel.org/r/1490149898-20231-1-git-send-email-n-horiguchi@ah.jp.nec.com Signed-off-by: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com> Acked-by: Hillf Danton <hillf.zj@alibaba-inc.com> Cc: Hugh Dickins <hughd@google.com> Cc: Michal Hocko <mhocko@kernel.org> Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Cc: Mike Kravetz <mike.kravetz@oracle.com> Cc: Christian Borntraeger <borntraeger@de.ibm.com> Cc: Gerald Schaefer <gerald.schaefer@de.ibm.com> Cc: <stable@vger.kernel.org> [4.0+] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for c9d398f - Browse repository at this point
Copy the full SHA c9d398fView commit details -
mm: fix section name for .data..ro_after_init
A section name for .data..ro_after_init was added by both: commit d07a980 ("s390: add proper __ro_after_init support") and commit d7c19b0 ("mm: kmemleak: scan .data.ro_after_init") The latter adds incorrect wrapping around the existing s390 section, and came later. I'd prefer the s390 naming, so this moves the s390-specific name up to the asm-generic/sections.h and renames the section as used by kmemleak (and in the future, kernel/extable.c). Link: http://lkml.kernel.org/r/20170327192213.GA129375@beast Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Heiko Carstens <heiko.carstens@de.ibm.com> [s390 parts] Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com> Cc: Eddie Kovsky <ewk@edkovsky.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 906f2a5 - Browse repository at this point
Copy the full SHA 906f2a5View commit details -
hugetlbfs: initialize shared policy as part of inode allocation
Any time after inode allocation, destroy_inode can be called. The hugetlbfs inode contains a shared_policy structure, and mpol_free_shared_policy is unconditionally called as part of hugetlbfs_destroy_inode. Initialize the policy as part of inode allocation so that any quick (error path) calls to destroy_inode will be handed an initialized policy. syzkaller fuzzer found this bug, that resulted in the following: BUG: KASAN: user-memory-access in atomic_inc include/asm-generic/atomic-instrumented.h:87 [inline] at addr 000000131730bd7a BUG: KASAN: user-memory-access in __lock_acquire+0x21a/0x3a80 kernel/locking/lockdep.c:3239 at addr 000000131730bd7a Write of size 4 by task syz-executor6/14086 CPU: 3 PID: 14086 Comm: syz-executor6 Not tainted 4.11.0-rc3+ #364 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: atomic_inc include/asm-generic/atomic-instrumented.h:87 [inline] __lock_acquire+0x21a/0x3a80 kernel/locking/lockdep.c:3239 lock_acquire+0x1ee/0x590 kernel/locking/lockdep.c:3762 __raw_write_lock include/linux/rwlock_api_smp.h:210 [inline] _raw_write_lock+0x33/0x50 kernel/locking/spinlock.c:295 mpol_free_shared_policy+0x43/0xb0 mm/mempolicy.c:2536 hugetlbfs_destroy_inode+0xca/0x120 fs/hugetlbfs/inode.c:952 alloc_inode+0x10d/0x180 fs/inode.c:216 new_inode_pseudo+0x69/0x190 fs/inode.c:889 new_inode+0x1c/0x40 fs/inode.c:918 hugetlbfs_get_inode+0x40/0x420 fs/hugetlbfs/inode.c:734 hugetlb_file_setup+0x329/0x9f0 fs/hugetlbfs/inode.c:1282 newseg+0x422/0xd30 ipc/shm.c:575 ipcget_new ipc/util.c:285 [inline] ipcget+0x21e/0x580 ipc/util.c:639 SYSC_shmget ipc/shm.c:673 [inline] SyS_shmget+0x158/0x230 ipc/shm.c:657 entry_SYSCALL_64_fastpath+0x1f/0xc2 Analysis provided by Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Link: http://lkml.kernel.org/r/1490477850-7944-1-git-send-email-mike.kravetz@oracle.com Signed-off-by: Mike Kravetz <mike.kravetz@oracle.com> Reported-by: Dmitry Vyukov <dvyukov@google.com> Acked-by: Hillf Danton <hillf.zj@alibaba-inc.com> Cc: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Cc: Michal Hocko <mhocko@suse.com> Cc: Dave Hansen <dave.hansen@linux.intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 4742a35 - Browse repository at this point
Copy the full SHA 4742a35View commit details -
kasan: report only the first error by default
Disable kasan after the first report. There are several reasons for this: - Single bug quite often has multiple invalid memory accesses causing storm in the dmesg. - Write OOB access might corrupt metadata so the next report will print bogus alloc/free stacktraces. - Reports after the first easily could be not bugs by itself but just side effects of the first one. Given that multiple reports usually only do harm, it makes sense to disable kasan after the first one. If user wants to see all the reports, the boot-time parameter kasan_multi_shot must be used. [aryabinin@virtuozzo.com: wrote changelog and doc, added missing include] Link: http://lkml.kernel.org/r/20170323154416.30257-1-aryabinin@virtuozzo.com Signed-off-by: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Andrey Konovalov <andreyknvl@google.com> Cc: Alexander Potapenko <glider@google.com> Cc: Dmitry Vyukov <dvyukov@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for b0845ce - Browse repository at this point
Copy the full SHA b0845ceView commit details -
mm/hugetlb.c: don't call region_abort if region_chg fails
Changes to hugetlbfs reservation maps is a two step process. The first step is a call to region_chg to determine what needs to be changed, and prepare that change. This should be followed by a call to call to region_add to commit the change, or region_abort to abort the change. The error path in hugetlb_reserve_pages called region_abort after a failed call to region_chg. As a result, the adds_in_progress counter in the reservation map is off by 1. This is caught by a VM_BUG_ON in resv_map_release when the reservation map is freed. syzkaller fuzzer (when using an injected kmalloc failure) found this bug, that resulted in the following: kernel BUG at mm/hugetlb.c:742! Call Trace: hugetlbfs_evict_inode+0x7b/0xa0 fs/hugetlbfs/inode.c:493 evict+0x481/0x920 fs/inode.c:553 iput_final fs/inode.c:1515 [inline] iput+0x62b/0xa20 fs/inode.c:1542 hugetlb_file_setup+0x593/0x9f0 fs/hugetlbfs/inode.c:1306 newseg+0x422/0xd30 ipc/shm.c:575 ipcget_new ipc/util.c:285 [inline] ipcget+0x21e/0x580 ipc/util.c:639 SYSC_shmget ipc/shm.c:673 [inline] SyS_shmget+0x158/0x230 ipc/shm.c:657 entry_SYSCALL_64_fastpath+0x1f/0xc2 RIP: resv_map_release+0x265/0x330 mm/hugetlb.c:742 Link: http://lkml.kernel.org/r/1490821682-23228-1-git-send-email-mike.kravetz@oracle.com Signed-off-by: Mike Kravetz <mike.kravetz@oracle.com> Reported-by: Dmitry Vyukov <dvyukov@google.com> Acked-by: Hillf Danton <hillf.zj@alibaba-inc.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for ff8c0c5 - Browse repository at this point
Copy the full SHA ff8c0c5View commit details -
drivers/rapidio/devices/tsi721.c: make module parameter variable name…
… unique kbuild test robot reported a non-static variable name collision between a staging driver and a RapidIO driver, with a generic variable name of 'dbg_level'. Both drivers should be changed so that they don't use this generic public variable name. This patch fixes the RapidIO driver but does not change the user interface (name) for the module parameter. drivers/staging/built-in.o:(.bss+0x109d0): multiple definition of `dbg_level' drivers/rapidio/built-in.o:(.bss+0x16c): first defined here Link: http://lkml.kernel.org/r/ab527fc5-aa3c-4b07-5d48-eef5de703192@infradead.org Signed-off-by: Randy Dunlap <rdunlap@infradead.org> Reported-by: kbuild test robot <fengguang.wu@intel.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Matt Porter <mporter@kernel.crashing.org> Cc: Alexandre Bounine <alexandre.bounine@idt.com> Cc: Jérémy Lefaure <jeremy.lefaure@lse.epita.fr> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 4785603 - Browse repository at this point
Copy the full SHA 4785603View commit details -
kasan: do not sanitize kexec purgatory
Fixes this: kexec: Undefined symbol: __asan_load8_noabort kexec-bzImage64: Loading purgatory failed Link: http://lkml.kernel.org/r/1489672155.4458.7.camel@gmx.de Signed-off-by: Mike Galbraith <efault@gmx.de> Cc: Alexander Potapenko <glider@google.com> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: Dmitry Vyukov <dvyukov@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 13a6798 - Browse repository at this point
Copy the full SHA 13a6798View commit details -
Merge branch 'for-linus-4.11' of git://git.kernel.org/pub/scm/linux/k…
…ernel/git/mason/linux-btrfs Pull btrfs fixes from Chris Mason: "We have three small fixes queued up in my for-linus-4.11 branch" * 'for-linus-4.11' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs: Btrfs: fix an integer overflow check btrfs: Change qgroup_meta_rsv to 64bit Btrfs: bring back repair during read
Configuration menu - View commit details
-
Copy full SHA for fe8e12b - Browse repository at this point
Copy the full SHA fe8e12bView commit details -
tty: pl011: fix earlycon work-around for QDF2400 erratum 44
The work-around for the Qualcomm Datacenter Technologies QDF2400 erratum 44 sets the "qdf2400_e44_present" global variable if the work-around is needed. However, this check does not happen until after earlycon is initialized, which means the work-around is not used, and the console hangs as soon as it displays one character. Fixes: d8a4995 ("tty: pl011: Work around QDF2400 E44 stuck BUSY bit") Signed-off-by: Timur Tabi <timur@codeaurora.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Configuration menu - View commit details
-
Copy full SHA for e53e597 - Browse repository at this point
Copy the full SHA e53e597View commit details -
Merge tag 'nfsd-4.11-1' of git://linux-nfs.org/~bfields/linux
Pull nfsd fixes from Bruce Fields: "The restriction of NFSv4 to TCP went overboard and also broke the backchannel; fix. Also some minor refinements to the nfsd version-setting interface that we'd like to get fixed before release" * tag 'nfsd-4.11-1' of git://linux-nfs.org/~bfields/linux: svcrdma: set XPT_CONG_CTRL flag for bc xprt NFSD: fix nfsd_reset_versions for NFSv4. NFSD: fix nfsd_minorversion(.., NFSD_AVAIL) NFSD: further refinement of content of /proc/fs/nfsd/versions nfsd: map the ENOKEY to nfserr_perm for avoiding warning SUNRPC/backchanel: set XPT_CONG_CTRL flag for bc xprt
Configuration menu - View commit details
-
Copy full SHA for 09c8b3d - Browse repository at this point
Copy the full SHA 09c8b3dView commit details -
Merge tag 'arc-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel…
…/git/vgupta/arc Pull ARC fixes from Vineet Gupta: "Accumulated fixes for ARC which I've been been sitting on for a while: - reading clk from driver vs device tree [Vlad] - fix support for UIO in VDK platform [Alexey] - SLC busy bit reading workaround - build warning with kprobes header reorg" * tag 'arc-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/vgupta/arc: ARC: fix build warnings with !CONFIG_KPROBES ARCv2: SLC: Make sure busy bit is set properly on SLC flushing ARC: vdk: Fix support of UIO ARCv2: make unimplemented vectors as no-ops rather than halt core ARC: get rate from clk driver instead of reading device tree ARC: [dts] add cpu nodes to ARCHS SMP device tree ARC: [dts] add input clocks for cpu nodes
Configuration menu - View commit details
-
Copy full SHA for dcbcb49 - Browse repository at this point
Copy the full SHA dcbcb49View commit details -
Merge branch 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/…
…kernel/git/wsa/linux Pull i2c fixes from Wolfram Sang: "Two bugfixes from I2C, specifically the I2C mux section. Thanks to peda for collecting them" * 'i2c/for-current' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: i2c: mux: pca954x: Add missing pca9546 definition to chip_desc Revert "i2c: mux: pca954x: Add ACPI support for pca954x"
Configuration menu - View commit details
-
Copy full SHA for 1300dc6 - Browse repository at this point
Copy the full SHA 1300dc6View commit details -
Merge tag 'pm-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/…
…git/rafael/linux-pm Pull power management fixes from Rafael Wysocki: "These fix a cpufreq core issue with the initialization of the cpufreq sysfs interface and a cpuidle powernv driver initialization issue. Specifics: - symbolic links from CPU directories to the corresponding cpufreq policy directories in sysfs are not created during initialization in some cases which confuses user space, so prevent that from happening (Rafael Wysocki). - the powernv cpuidle driver fails to pass a correct cpumaks to the cpuidle core in some cases which causes subsequent failures to occur, so fix it (Vaidyanathan Srinivasan)" * tag 'pm-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: cpuidle: powernv: Pass correct drv->cpumask for registration cpufreq: Fix creation of symbolic links to policy directories
Configuration menu - View commit details
-
Copy full SHA for 0d2ceec - Browse repository at this point
Copy the full SHA 0d2ceecView commit details -
Merge tag 'acpi-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kerne…
…l/git/rafael/linux-pm Pull ACPI fixes from Rafael Wysocki: "These fix two issues related to IOAPIC hotplug, an overzealous build optimization that prevents the function graph tracer from working with the ACPI subsystem correctly and an RCU synchronization issue in the ACPI APEI code. Specifics: - drop the unconditional setting of the '-Os' gcc flag from the ACPI Makefile to make the function graph tracer work correctly with the ACPI subsystem (Josh Poimboeuf). - add missing synchronize_rcu() to ghes_remove() which removes an element from an RCU-protected list, but fails to synchronize it properly afterward (James Morse). - fix two problems related to IOAPIC hotplug, a local variable initialization in setup_res() and the creation of platform device objects for IO(x)APICs which are (a) unused and (b) leaked on hot-removal (Joerg Roedel)" * tag 'acpi-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: ACPI: Fix incompatibility with mcount-based function graph tracing ACPI / APEI: Add missing synchronize_rcu() on NOTIFY_SCI removal ACPI: Do not create a platform_device for IOAPIC/IOxAPIC ACPI: ioapic: Clear on-stack resource before using it
Configuration menu - View commit details
-
Copy full SHA for 7ece03b - Browse repository at this point
Copy the full SHA 7ece03bView commit details -
Merge tag 'tty-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel…
…/git/gregkh/tty Pull tty/serial fixes from Greg KH: "Here are some small fixes for some serial drivers and Kconfig help text for 4.11-rc5. Nothing major here at all, a few things resolving reported bugs in some random serial drivers. I don't think these made the last linux-next due to me getting to them yesterday, but I am not sure, they might have snuck in. The patches only affect drivers that the maintainers of sent me these patches for, so we should be safe here :)" * tag 'tty-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty: tty: pl011: fix earlycon work-around for QDF2400 erratum 44 serial: 8250_EXAR: fix duplicate Kconfig text and add missing help text tty/serial: atmel: fix TX path in atmel_console_write() tty/serial: atmel: fix race condition (TX+DMA) serial: mxs-auart: Fix baudrate calculation
Configuration menu - View commit details
-
Copy full SHA for b3ff4fa - Browse repository at this point
Copy the full SHA b3ff4faView commit details -
Merge tag 'usb-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel…
…/git/gregkh/usb Pull USB fixes from Greg KH: "Here are some small USB fixes for 4.11-rc5. The usual xhci fixes are here, as well as a fix for yet-another-bug- found-by-KASAN, those developers are doing great stuff here. And there's a phy build warning fix that showed up in 4.11-rc1. All of these have been in linux-next with no reported issues" * tag 'usb-4.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb: usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled xhci: Manually give back cancelled URB if we can't queue it for cancel xhci: Set URB actual length for stopped control transfers xhci: plat: Register shutdown for xhci_plat USB: fix linked-list corruption in rh_call_control()
Configuration menu - View commit details
-
Copy full SHA for a9f6b6b - Browse repository at this point
Copy the full SHA a9f6b6bView commit details -
net: hns: Add ACPI support to check SFP present
The current code only supports DT to check SFP present. This patch adds ACPI support as well. Signed-off-by: Daode Huang <huangdaode@hisilicon.com> Reviewed-by: Yisen Zhuang <yisen.zhuang@huawei.com> Signed-off-by: Salil Mehta <salil.mehta@huawei.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for b917078 - Browse repository at this point
Copy the full SHA b917078View commit details -
net/faraday: Explicitly include linux/of.h and linux/property.h
This driver uses interfaces from linux/of.h and linux/property.h but relies on implict inclusion of those headers which means that changes in other headers could break the build, as happened in -next for arm today. Add a explicit includes. Signed-off-by: Mark Brown <broonie@kernel.org> Acked-by: Joel Stanley <joel@jms.id.au> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 3af887c - Browse repository at this point
Copy the full SHA 3af887cView commit details -
openvswitch: Fix ovs_flow_key_update()
ovs_flow_key_update() is called when the flow key is invalid, and it is used to update and revalidate the flow key. Commit 329f45b ("openvswitch: add mac_proto field to the flow key") introduces mac_proto field to flow key and use it to determine whether the flow key is valid. However, the commit does not update the code path in ovs_flow_key_update() to revalidate the flow key which may cause BUG_ON() on execute_recirc(). This patch addresses the aforementioned issue. Fixes: 329f45b ("openvswitch: add mac_proto field to the flow key") Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com> Acked-by: Jiri Benc <jbenc@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 6f56f61 - Browse repository at this point
Copy the full SHA 6f56f61View commit details -
r8152: The Microsoft Surface docks also use R8152 v2
Without this the generic cdc_ether grabs the device, and does not really work. Signed-off-by: René Rebe <rene@exactcode.de> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for d5b07cc - Browse repository at this point
Copy the full SHA d5b07ccView commit details -
bpf, verifier: fix alu ops against map_value{, _adj} register types
While looking into map_value_adj, I noticed that alu operations directly on the map_value() resp. map_value_adj() register (any alu operation on a map_value() register will turn it into a map_value_adj() typed register) are not sufficiently protected against some of the operations. Two non-exhaustive examples are provided that the verifier needs to reject: i) BPF_AND on r0 (map_value_adj): 0: (bf) r2 = r10 1: (07) r2 += -8 2: (7a) *(u64 *)(r2 +0) = 0 3: (18) r1 = 0xbf842a00 5: (85) call bpf_map_lookup_elem#1 6: (15) if r0 == 0x0 goto pc+2 R0=map_value(ks=8,vs=48,id=0),min_value=0,max_value=0 R10=fp 7: (57) r0 &= 8 8: (7a) *(u64 *)(r0 +0) = 22 R0=map_value_adj(ks=8,vs=48,id=0),min_value=0,max_value=8 R10=fp 9: (95) exit from 6 to 9: R0=inv,min_value=0,max_value=0 R10=fp 9: (95) exit processed 10 insns ii) BPF_ADD in 32 bit mode on r0 (map_value_adj): 0: (bf) r2 = r10 1: (07) r2 += -8 2: (7a) *(u64 *)(r2 +0) = 0 3: (18) r1 = 0xc24eee00 5: (85) call bpf_map_lookup_elem#1 6: (15) if r0 == 0x0 goto pc+2 R0=map_value(ks=8,vs=48,id=0),min_value=0,max_value=0 R10=fp 7: (04) (u32) r0 += (u32) 0 8: (7a) *(u64 *)(r0 +0) = 22 R0=map_value_adj(ks=8,vs=48,id=0),min_value=0,max_value=0 R10=fp 9: (95) exit from 6 to 9: R0=inv,min_value=0,max_value=0 R10=fp 9: (95) exit processed 10 insns Issue is, while min_value / max_value boundaries for the access are adjusted appropriately, we change the pointer value in a way that cannot be sufficiently tracked anymore from its origin. Operations like BPF_{AND,OR,DIV,MUL,etc} on a destination register that is PTR_TO_MAP_VALUE{,_ADJ} was probably unintended, in fact, all the test cases coming with 4846113 ("bpf: allow access into map value arrays") perform BPF_ADD only on the destination register that is PTR_TO_MAP_VALUE_ADJ. Only for UNKNOWN_VALUE register types such operations make sense, f.e. with unknown memory content fetched initially from a constant offset from the map value memory into a register. That register is then later tested against lower / upper bounds, so that the verifier can then do the tracking of min_value / max_value, and properly check once that UNKNOWN_VALUE register is added to the destination register with type PTR_TO_MAP_VALUE{,_ADJ}. This is also what the original use-case is solving. Note, tracking on what is being added is done through adjust_reg_min_max_vals() and later access to the map value enforced with these boundaries and the given offset from the insn through check_map_access_adj(). Tests will fail for non-root environment due to prohibited pointer arithmetic, in particular in check_alu_op(), we bail out on the is_pointer_value() check on the dst_reg (which is false in root case as we allow for pointer arithmetic via env->allow_ptr_leaks). Similarly to PTR_TO_PACKET, one way to fix it is to restrict the allowed operations on PTR_TO_MAP_VALUE{,_ADJ} registers to 64 bit mode BPF_ADD. The test_verifier suite runs fine after the patch and it also rejects mentioned test cases. Fixes: 4846113 ("bpf: allow access into map value arrays") Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Reviewed-by: Josef Bacik <jbacik@fb.com> Acked-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for fce366a - Browse repository at this point
Copy the full SHA fce366aView commit details -
bpf, verifier: fix rejection of unaligned access checks for map_value…
…_adj Currently, the verifier doesn't reject unaligned access for map_value_adj register types. Commit 4846113 ("bpf: allow access into map value arrays") added logic to check_ptr_alignment() extending it from PTR_TO_PACKET to also PTR_TO_MAP_VALUE_ADJ, but for PTR_TO_MAP_VALUE_ADJ no enforcement is in place, because reg->id for PTR_TO_MAP_VALUE_ADJ reg types is never non-zero, meaning, we can cause BPF_H/_W/_DW-based unaligned access for architectures not supporting efficient unaligned access, and thus worst case could raise exceptions on some archs that are unable to correct the unaligned access or perform a different memory access to the actual requested one and such. i) Unaligned load with !CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS on r0 (map_value_adj): 0: (bf) r2 = r10 1: (07) r2 += -8 2: (7a) *(u64 *)(r2 +0) = 0 3: (18) r1 = 0x42533a00 5: (85) call bpf_map_lookup_elem#1 6: (15) if r0 == 0x0 goto pc+11 R0=map_value(ks=8,vs=48,id=0),min_value=0,max_value=0 R10=fp 7: (61) r1 = *(u32 *)(r0 +0) 8: (35) if r1 >= 0xb goto pc+9 R0=map_value(ks=8,vs=48,id=0),min_value=0,max_value=0 R1=inv,min_value=0,max_value=10 R10=fp 9: (07) r0 += 3 10: (79) r7 = *(u64 *)(r0 +0) R0=map_value_adj(ks=8,vs=48,id=0),min_value=3,max_value=3 R1=inv,min_value=0,max_value=10 R10=fp 11: (79) r7 = *(u64 *)(r0 +2) R0=map_value_adj(ks=8,vs=48,id=0),min_value=3,max_value=3 R1=inv,min_value=0,max_value=10 R7=inv R10=fp [...] ii) Unaligned store with !CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS on r0 (map_value_adj): 0: (bf) r2 = r10 1: (07) r2 += -8 2: (7a) *(u64 *)(r2 +0) = 0 3: (18) r1 = 0x4df16a00 5: (85) call bpf_map_lookup_elem#1 6: (15) if r0 == 0x0 goto pc+19 R0=map_value(ks=8,vs=48,id=0),min_value=0,max_value=0 R10=fp 7: (07) r0 += 3 8: (7a) *(u64 *)(r0 +0) = 42 R0=map_value_adj(ks=8,vs=48,id=0),min_value=3,max_value=3 R10=fp 9: (7a) *(u64 *)(r0 +2) = 43 R0=map_value_adj(ks=8,vs=48,id=0),min_value=3,max_value=3 R10=fp 10: (7a) *(u64 *)(r0 -2) = 44 R0=map_value_adj(ks=8,vs=48,id=0),min_value=3,max_value=3 R10=fp [...] For the PTR_TO_PACKET type, reg->id is initially zero when skb->data was fetched, it later receives a reg->id from env->id_gen generator once another register with UNKNOWN_VALUE type was added to it via check_packet_ptr_add(). The purpose of this reg->id is twofold: i) it is used in find_good_pkt_pointers() for setting the allowed access range for regs with PTR_TO_PACKET of same id once verifier matched on data/data_end tests, and ii) for check_ptr_alignment() to determine that when not having efficient unaligned access and register with UNKNOWN_VALUE was added to PTR_TO_PACKET, that we're only allowed to access the content bytewise due to unknown unalignment. reg->id was never intended for PTR_TO_MAP_VALUE{,_ADJ} types and thus is always zero, the only marking is in PTR_TO_MAP_VALUE_OR_NULL that was added after 4846113 via 57a09bf ("bpf: Detect identical PTR_TO_MAP_VALUE_OR_NULL registers"). Above tests will fail for non-root environment due to prohibited pointer arithmetic. The fix splits register-type specific checks into their own helper instead of keeping them combined, so we don't run into a similar issue in future once we extend check_ptr_alignment() further and forget to add reg->type checks for some of the checks. Fixes: 4846113 ("bpf: allow access into map value arrays") Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Reviewed-by: Josef Bacik <jbacik@fb.com> Acked-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 79adffc - Browse repository at this point
Copy the full SHA 79adffcView commit details -
bpf: add various verifier test cases for self-tests
Add a couple of test cases, for example, probing for xadd on a spilled pointer to packet and map_value_adj register, various other map_value_adj tests including the unaligned load/store, and trying out pointer arithmetic on map_value_adj register itself. For the unaligned load/store, we need to figure out whether the architecture has efficient unaligned access and need to mark affected tests accordingly. Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Alexei Starovoitov <ast@kernel.org> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 02ea80b - Browse repository at this point
Copy the full SHA 02ea80bView commit details -
Merge branch 'bpf-map_value_adj-reg-types-fixes'
Daniel Borkmann says: ==================== BPF fixes on map_value_adj reg types This set adds two fixes for map_value_adj register type in the verifier and user space tests along with them for the BPF self test suite. For details, please see individual patches. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 0989bd0 - Browse repository at this point
Copy the full SHA 0989bd0View commit details -
Merge tag 'mac80211-for-davem-2017-03-31' of git://git.kernel.org/pub…
…/scm/linux/kernel/git/jberg/mac80211 Johannes Berg says: ==================== Two fixes: * don't block netdev queues (indefinitely!) if mac80211 manages traffic queueing itself * check wiphy registration before checking for ops on resume, to avoid crash ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 612307c - Browse repository at this point
Copy the full SHA 612307cView commit details
Commits on Apr 2, 2017
-
Merge branch 'akpm' (patches from Andrew)
Merge misc fixes from Andrew Morton: "11 fixes" * emailed patches from Andrew Morton <akpm@linux-foundation.org>: kasan: do not sanitize kexec purgatory drivers/rapidio/devices/tsi721.c: make module parameter variable name unique mm/hugetlb.c: don't call region_abort if region_chg fails kasan: report only the first error by default hugetlbfs: initialize shared policy as part of inode allocation mm: fix section name for .data..ro_after_init mm, hugetlb: use pte_present() instead of pmd_present() in follow_huge_pmd() mm: workingset: fix premature shadow node shrinking with cgroups mm: rmap: fix huge file mmap accounting in the memcg stats mm: move mm_percpu_wq initialization earlier mm: migrate: fix remove_migration_pte() for ksm pages
Configuration menu - View commit details
-
Copy full SHA for 978e0f9 - Browse repository at this point
Copy the full SHA 978e0f9View commit details -
Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/g…
…it/jejb/scsi Pull SCSI fixes from James Bottomley: "Thirteen small fixes: The hopefully final effort to get the lpfc nvme kconfig problems sorted, there's one important sg fix (user can induce read after end of buffer) and one minor enhancement (adding an extra PCI ID to qedi). The rest are a set of minor fixes, which mostly occur as user visible in error legs or on specific devices" * tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi: scsi: ufs: remove the duplicated checking for supporting clkscaling scsi: lpfc: fix building without debugfs support scsi: lpfc: Fix PT2PT PRLI reject scsi: hpsa: fix volume offline state scsi: libsas: fix ata xfer length scsi: scsi_dh_alua: Warn if the first argument of alua_rtpg_queue() is NULL scsi: scsi_dh_alua: Ensure that alua_activate() calls the completion function scsi: scsi_dh_alua: Check scsi_device_get() return value scsi: sg: check length passed to SG_NEXT_CMD_LEN scsi: ufshcd-platform: remove the useless cast in ERR_PTR/IS_ERR scsi: qedi: Add PCI device-ID for QL41xxx adapters. scsi: aacraid: Fix potential null access scsi: qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr
Configuration menu - View commit details
-
Copy full SHA for 7d34ddb - Browse repository at this point
Copy the full SHA 7d34ddbView commit details -
Merge branch 'parisc-4.11-3' of git://git.kernel.org/pub/scm/linux/ke…
…rnel/git/deller/parisc-linux Pull parisc fixes from Helge Deller: "Al Viro reported that - in case of read faults - our copy_from_user() implementation may claim to have copied more bytes than it actually did. In order to fix this bug and because of the way how gcc optimizes register usage for inline assembly in C code, we had to replace our pa_memcpy() function with a pure assembler implementation. While fixing the memcpy bug we noticed some other issues with our get_user() and put_user() functions, e.g. nested faults may return wrong data. This is now fixed by a common fixup handler for get_user/put_user in the exception handler which additionally makes generated code smaller and faster. The third patch is a trivial one-line fix for a patch which went in during 4.11-rc and which avoids stalled CPU warnings after power shutdown (for parisc machines which can't plug power off themselves). Due to the rewrite of pa_memcpy() into assembly this patch got bigger than what I wanted to have sent at this stage. Those patches have been running in production during the last few days on our debian build servers without any further issues" * 'parisc-4.11-3' of git://git.kernel.org/pub/scm/linux/kernel/git/deller/parisc-linux: parisc: Avoid stalled CPU warnings after system shutdown parisc: Clean up fixup routines for get_user()/put_user() parisc: Fix access fault handling in pa_memcpy()
Configuration menu - View commit details
-
Copy full SHA for 346ce1d - Browse repository at this point
Copy the full SHA 346ce1dView commit details -
sctp: use right in and out stream cnt
Since sctp reconf was added in sctp, the real cnt of in/out stream have not been c.sinit_max_instreams and c.sinit_num_ostreams any more. This patch is to replace them with stream->in/outcnt. Signed-off-by: Xin Long <lucien.xin@gmail.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for afe8996 - Browse repository at this point
Copy the full SHA afe8996View commit details -
l2tp: fix race in l2tp_recv_common()
Taking a reference on sessions in l2tp_recv_common() is racy; this has to be done by the callers. To this end, a new function is required (l2tp_session_get()) to atomically lookup a session and take a reference on it. Callers then have to manually drop this reference. Fixes: fd558d1 ("l2tp: Split pppol2tp patch into separate l2tp and ppp parts") Signed-off-by: Guillaume Nault <g.nault@alphalink.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 61b9a04 - Browse repository at this point
Copy the full SHA 61b9a04View commit details -
l2tp: ensure session can't get removed during pppol2tp_session_ioctl()
Holding a reference on session is required before calling pppol2tp_session_ioctl(). The session could get freed while processing the ioctl otherwise. Since pppol2tp_session_ioctl() uses the session's socket, we also need to take a reference on it in l2tp_session_get(). Fixes: fd558d1 ("l2tp: Split pppol2tp patch into separate l2tp and ppp parts") Signed-off-by: Guillaume Nault <g.nault@alphalink.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 57377d6 - Browse repository at this point
Copy the full SHA 57377d6View commit details -
l2tp: fix duplicate session creation
l2tp_session_create() relies on its caller for checking for duplicate sessions. This is racy since a session can be concurrently inserted after the caller's verification. Fix this by letting l2tp_session_create() verify sessions uniqueness upon insertion. Callers need to be adapted to check for l2tp_session_create()'s return code instead of calling l2tp_session_find(). pppol2tp_connect() is a bit special because it has to work on existing sessions (if they're not connected) or to create a new session if none is found. When acting on a preexisting session, a reference must be held or it could go away on us. So we have to use l2tp_session_get() instead of l2tp_session_find() and drop the reference before exiting. Fixes: d9e31d1 ("l2tp: Add L2TP ethernet pseudowire support") Fixes: fd558d1 ("l2tp: Split pppol2tp patch into separate l2tp and ppp parts") Signed-off-by: Guillaume Nault <g.nault@alphalink.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for dbdbc73 - Browse repository at this point
Copy the full SHA dbdbc73View commit details -
l2tp: hold session while sending creation notifications
l2tp_session_find() doesn't take any reference on the returned session. Therefore, the session may disappear while sending the notification. Use l2tp_session_get() instead and decrement session's refcount once the notification is sent. Fixes: 33f72e6 ("l2tp : multicast notification to the registered listeners") Signed-off-by: Guillaume Nault <g.nault@alphalink.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 5e6a9e5 - Browse repository at this point
Copy the full SHA 5e6a9e5View commit details -
l2tp: take a reference on sessions used in genetlink handlers
Callers of l2tp_nl_session_find() need to hold a reference on the returned session since there's no guarantee that it isn't going to disappear from under them. Relying on the fact that no l2tp netlink message may be processed concurrently isn't enough: sessions can be deleted by other means (e.g. by closing the PPPOL2TP socket of a ppp pseudowire). l2tp_nl_cmd_session_delete() is a bit special: it runs a callback function that may require a previous call to session->ref(). In particular, for ppp pseudowires, the callback is l2tp_session_delete(), which then calls pppol2tp_session_close() and dereferences the PPPOL2TP socket. The socket might already be gone at the moment l2tp_session_delete() calls session->ref(), so we need to take a reference during the session lookup. So we need to pass the do_ref variable down to l2tp_session_get() and l2tp_session_get_by_ifname(). Since all callers have to be updated, l2tp_session_find_by_ifname() and l2tp_nl_session_find() are renamed to reflect their new behaviour. Fixes: 309795f ("l2tp: Add netlink control API for L2TP") Signed-off-by: Guillaume Nault <g.nault@alphalink.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 2777e2a - Browse repository at this point
Copy the full SHA 2777e2aView commit details -
Merge branch 'l2tp_session_find-fixes'
Guillaume Nault says: ==================== l2tp: fix usage of l2tp_session_find() l2tp_session_find() doesn't take a reference on the session returned to its caller. Virtually all l2tp_session_find() users are racy, either because the session can disappear from under them or because they take a reference too late. This leads to bugs like 'use after free' or failure to notice duplicate session creations. In some cases, taking a reference on the session is not enough. The special callbacks .ref() and .deref() also have to be called in cases where the PPP pseudo-wire uses the socket associated with the session. Therefore, when looking up a session, we also have to pass a flag indicating if the .ref() callback has to be called. In the future, we probably could drop the .ref() and .deref() callbacks entirely by protecting the .sock field of struct pppol2tp_session with RCU, thus allowing it to be freed and set to NULL even if the L2TP session is still alive. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for e5c1e51 - Browse repository at this point
Copy the full SHA e5c1e51View commit details -
nvme: Correct NVMF enum values to match NVMe-oF rev 1.0
The enum values for QPTYPE, PRTYPE and CMS are off by 1 from the values defined in figure 42 of the NVM Express over Fabrics 1.0: http://www.nvmexpress.org/wp-content/uploads/NVMe_over_Fabrics_1_0_Gold_20160605-1.pdf Fix our enums to match the final spec. Signed-off-by: Roland Dreier <roland@purestorage.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Sagi Grimberg <sagi@grimberg.me>
Configuration menu - View commit details
-
Copy full SHA for bf17aa3 - Browse repository at this point
Copy the full SHA bf17aa3View commit details -
nvme: add missing byte swap in nvme_setup_discard
Fixes: b35ba01 ("nvme: support ranged discard requests") Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Sagi Grimberg <sagi@grimberg.me>
Configuration menu - View commit details
-
Copy full SHA for f1dd03a - Browse repository at this point
Copy the full SHA f1dd03aView commit details -
nvmet: add missing byte swap in nvmet_get_smart_log
In this case entirely harmless as it's all-ones, but still nice to shut up sparse. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Sagi Grimberg <sagi@grimberg.me>
Configuration menu - View commit details
-
Copy full SHA for 5ac5fcc - Browse repository at this point
Copy the full SHA 5ac5fccView commit details -
nvmet: fix byte swap in nvmet_execute_write_zeroes
The length field in the Write Zeroes command is a 16-bit field. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Sagi Grimberg <sagi@grimberg.me>
Configuration menu - View commit details
-
Copy full SHA for 78ce3da - Browse repository at this point
Copy the full SHA 78ce3daView commit details -
nvmet: fix byte swap in nvmet_parse_io_cmd
We need to do arithmetics after byte swapping, not before. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Sagi Grimberg <sagi@grimberg.me>
Configuration menu - View commit details
-
Copy full SHA for 793c7ed - Browse repository at this point
Copy the full SHA 793c7edView commit details -
iio: st_pressure: initialize lps22hb bootime
This patch initializes the bootime in struct st_sensor_settings for lps22hb sensor. Without this, sensor channels read from sysfs always report stale values. Signed-off-by: Shrirang Bagul <shrirang.bagul@canonical.com> Cc: <Stable@vger.kernel.org> Signed-off-by: Jonathan Cameron <jic23@kernel.org>
Configuration menu - View commit details
-
Copy full SHA for 51f528a - Browse repository at this point
Copy the full SHA 51f528aView commit details -
iio: core: Fix IIO_VAL_FRACTIONAL_LOG2 for negative values
Fix formatting of negative values of type IIO_VAL_FRACTIONAL_LOG2 by switching from do_div(), which can't handle negative numbers, to div_s64_rem(). Also use shift_right for shifting, which is safe with negative values. Signed-off-by: Nikolaus Schulz <nikolaus.schulz@avionic-design.de> Reviewed-by: Lars-Peter Clausen <lars@metafoo.de> Cc: stable@vger.kernel.org Signed-off-by: Jonathan Cameron <jic23@kernel.org>
Configuration menu - View commit details
-
Copy full SHA for 7fd6592 - Browse repository at this point
Copy the full SHA 7fd6592View commit details -
iio: accel: hid-sensor-accel-3d: Fix duplicate scan index error
When both accel_3d and gravity sensor are present, iio_device_register() fails with "Duplicate scan index" error. The reason for this is setting of indio_dev->num_channels based on accel_3d channel for both gravity and accel-3d sensor. But number of channels are not same, so for gravity it is pointing to some invalid memory and getting scan_index to compare which may match. To fix this issue, set the indio_dev->num_channels correctly based on the sensor type. Fixes: 0e377f3 ('iio: Add gravity sensor support') Signed-off-by: Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com> Signed-off-by: Jonathan Cameron <jic23@kernel.org>
Configuration menu - View commit details
-
Copy full SHA for 862d1d8 - Browse repository at this point
Copy the full SHA 862d1d8View commit details -
iio: hid-sensor-attributes: Fix sensor property setting failure.
When system bootup without get sensor property, set sensor property will be fail. If no get_feature operation done before set_feature, the sensor properties will all be the initialized value, which is not the same with sensor real properties. When set sensor property it will write back to sensor the changed perperty data combines with other sensor properties data, it is not right and may be dangerous. In order to get all sensor properties, choose to read one of the sensor properties(no matter read any sensor peroperty, driver will get all the peroperties and return the requested one). Fixes: 73c6768 ("iio: hid-sensors: Common attribute and trigger") Signed-off-by: Song Hongyan <hongyan.song@intel.com> Acked-by: Srinivas Pandruvada <srinivas.pandruvada@linux.intel.com> Cc: <Stable@vger.kernel.org> Signed-off-by: Jonathan Cameron <jic23@kernel.org>
Configuration menu - View commit details
-
Copy full SHA for bba6d9e - Browse repository at this point
Copy the full SHA bba6d9eView commit details -
Merge branch 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/…
…linux/kernel/git/tip/tip Pull core fix from Thomas Gleixner: "Prevent leaking kernel memory via /proc/$pid/syscall when the queried task is not in a syscall" * 'core-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: lib/syscall: Clear return values when no stack
Configuration menu - View commit details
-
Copy full SHA for ada63c6 - Browse repository at this point
Copy the full SHA ada63c6View commit details -
Merge branch 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/l…
…inux/kernel/git/tip/tip Pull irq fixes from Thomas Gleixner: "Two small fixlets: - select a required Kconfig to make the MVEBU driver compile - add the missing MIPS local GIC interrupts which prevent drivers to probe successfully" * 'irq-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: irqchip/mips-gic: Fix Local compare interrupt irqchip/mvebu-odmi: Select GENERIC_MSI_IRQ_DOMAIN
Configuration menu - View commit details
-
Copy full SHA for 907977b - Browse repository at this point
Copy the full SHA 907977bView commit details -
Merge branch 'timers-urgent-for-linus' of git://git.kernel.org/pub/sc…
…m/linux/kernel/git/tip/tip Pull timer fixes from Thomas Gleixner: "Two small fixes for the new CLKEVT_OF infrastructure" * 'timers-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: vmlinux.lds: Add __clkevt_of_table to kernel clockevents: Fix syntax error in clkevt-of macro
Configuration menu - View commit details
-
Copy full SHA for 4a6808f - Browse repository at this point
Copy the full SHA 4a6808fView commit details -
Merge branch 'efi-urgent-for-linus' of git://git.kernel.org/pub/scm/l…
…inux/kernel/git/tip/tip Pull EFI fix from Thomas Gleixner: "Downgrade the missing ESRT header printk to warning level and remove a useless error printk which just generates noise for no value" * 'efi-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: efi/esrt: Cleanup bad memory map log messages
Configuration menu - View commit details
-
Copy full SHA for 0a89b5e - Browse repository at this point
Copy the full SHA 0a89b5eView commit details -
Merge branch 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm…
…/linux/kernel/git/tip/tip Pull scheduler fixes from Thomas Gleixner: "This update provides: - make the scheduler clock switch to unstable mode smooth so the timestamps stay at microseconds granularity instead of switching to tick granularity. - unbreak perf test tsc by taking the new offset into account which was added in order to proveide better sched clock continuity - switching sched clock to unstable mode runs all clock related computations which affect the sched clock output itself from a work queue. In case of preemption sched clock uses half updated data and provides wrong timestamps. Keep the math in the protected context and delegate only the static key switch to workqueue context. - remove a duplicate header include" * 'sched-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: sched/headers: Remove duplicate #include <linux/sched/debug.h> line sched/clock: Fix broken stable to unstable transfer sched/clock, x86/perf: Fix "perf test tsc" sched/clock: Fix clear_sched_clock_stable() preempt wobbly
Configuration menu - View commit details
-
Copy full SHA for 128c434 - Browse repository at this point
Copy the full SHA 128c434View commit details -
Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/l…
…inux/kernel/git/tip/tip Pull x86 fixes from Thomas Gleixner: "This update provides: - prevent KASLR from randomizing EFI regions - restrict the usage of -maccumulate-outgoing-args and document when and why it is required. - make the Global Physical Address calculation for UV4 systems work correctly. - address a copy->paste->forgot-edit problem in the MCE exception table entries. - assign a name to AMD MCA bank 3, so the sysfs file registration works. - add a missing include in the boot code" * 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/boot: Include missing header file x86/mce/AMD: Give a name to MCA bank 3 when accessed with legacy MSRs x86/build: Mostly disable '-maccumulate-outgoing-args' x86/mm/KASLR: Exclude EFI region from KASLR VA space randomization x86/mce: Fix copy/paste error in exception table entries x86/platform/uv: Fix calculation of Global Physical Address
Configuration menu - View commit details
-
Copy full SHA for 496dcc5 - Browse repository at this point
Copy the full SHA 496dcc5View commit details -
iscsi-target: Drop work-around for legacy GlobalSAN initiator
Once upon a time back in 2009, a work-around was added to support the GlobalSAN iSCSI initiator v3.3 for MacOSX, which during login did not propose nor respond to MaxBurstLength, FirstBurstLength, DefaultTime2Wait and DefaultTime2Retain keys. The work-around in iscsi_check_proposer_for_optional_reply() allowed the missing keys to be proposed, but did not require waiting for a response before moving to full feature phase operation. This allowed GlobalSAN v3.3 to work out-of-the box, and for many years we didn't run into login interopt issues with any other initiators.. Until recently, when Martin tried a QLogic 57840S iSCSI Offload HBA on Windows 2016 which completed login, but subsequently failed with: Got unknown iSCSI OpCode: 0x43 The issue was QLogic MSFT side did not propose DefaultTime2Wait + DefaultTime2Retain, so LIO proposes them itself, and immediately transitions to full feature phase because of the GlobalSAN hack. However, the QLogic MSFT side still attempts to respond to DefaultTime2Retain + DefaultTime2Wait, even though LIO has set ISCSI_FLAG_LOGIN_NEXT_STAGE3 + ISCSI_FLAG_LOGIN_TRANSIT in last login response. So while the QLogic MSFT side should have been proposing these two keys to start, it was doing the correct thing per RFC-3720 attempting to respond to proposed keys before transitioning to full feature phase. All that said, recent versions of GlobalSAN iSCSI (v5.3.0.541) does correctly propose the four keys during login, making the original work-around moot. So in order to allow QLogic MSFT to run unmodified as-is, go ahead and drop this long standing work-around. Reported-by: Martin Svec <martin.svec@zoner.cz> Cc: Martin Svec <martin.svec@zoner.cz> Cc: Himanshu Madhani <Himanshu.Madhani@cavium.com> Cc: Arun Easi <arun.easi@cavium.com> Cc: stable@vger.kernel.org # 3.1+ Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Configuration menu - View commit details
-
Copy full SHA for 1c99de9 - Browse repository at this point
Copy the full SHA 1c99de9View commit details -
tcmu: Skip Data-Out blocks before gathering Data-In buffer for BIDI case
For the bidirectional case, the Data-Out buffer blocks will always at the head of the tcmu_cmd's bitmap, and before gathering the Data-In buffer, first of all it should skip the Data-Out ones, or the device supporting BIDI commands won't work. Fixed: 2641864 ("target/user: Introduce data_bitmap, replace data_length/data_head/data_tail") Reported-by: Ilias Tsitsimpis <iliastsi@arrikto.com> Tested-by: Ilias Tsitsimpis <iliastsi@arrikto.com> Signed-off-by: Xiubo Li <lixiubo@cmss.chinamobile.com> Cc: stable@vger.kernel.org # 4.6+ Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
Configuration menu - View commit details
-
Copy full SHA for a5d68ba - Browse repository at this point
Copy the full SHA a5d68baView commit details -
Merge tag 'dmaengine-fix-4.11-rc5' of git://git.infradead.org/users/v…
…koul/slave-dma Pull dmaengine fixes from Vinod Koul: "A couple of minor fixes for 4.11: - array bound fix for __get_unmap_pool() - cyclic period splitting for bcm2835" * tag 'dmaengine-fix-4.11-rc5' of git://git.infradead.org/users/vkoul/slave-dma: dmaengine: Fix array index out of bounds warning in __get_unmap_pool() dmaengine: bcm2835: Fix cyclic DMA period splitting
Configuration menu - View commit details
-
Copy full SHA for f49237b - Browse repository at this point
Copy the full SHA f49237bView commit details
Commits on Apr 3, 2017
-
Configuration menu - View commit details
-
Copy full SHA for a71c9a1 - Browse repository at this point
Copy the full SHA a71c9a1View commit details -
net: ethernet: ti: cpsw: wake tx queues on ndo_tx_timeout
In case, if TX watchdog is fired some or all netdev TX queues will be stopped and as part of recovery it is required not only to drain and reinitailize CPSW TX channeles, but also wake up stoppted TX queues what doesn't happen now and netdevice will stop transmiting data until reopenned. Hence, add netif_tx_wake_all_queues() call in .ndo_tx_timeout() to complete recovery and restore TX path. Signed-off-by: Grygorii Strashko <grygorii.strashko@ti.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 75514b6 - Browse repository at this point
Copy the full SHA 75514b6View commit details -
nios2: reserve boot memory for device tree
Make sure to reserve the boot memory for the flattened device tree. Otherwise it might get overwritten, e.g. when initial_boot_params is copied, leading to a corrupted FDT and a boot hang/crash: bootconsole [early0] enabled Early console on uart16650 initialized at 0xf8001600 OF: fdt: Error -11 processing FDT Kernel panic - not syncing: setup_cpuinfo: No CPU found in devicetree! ---[ end Kernel panic - not syncing: setup_cpuinfo: No CPU found in devicetree! Guenter Roeck says: > I think I found the problem. In unflatten_and_copy_device_tree(), with added > debug information: > > OF: fdt: initial_boot_params=c861e400, dt=c861f000 size=28874 (0x70ca) > > ... and then initial_boot_params is copied to dt, which results in corrupted > fdt since the memory overlaps. Looks like the initial_boot_params memory > is not reserved and (re-)allocated by early_init_dt_alloc_memory_arch(). Cc: stable@vger.kernel.org Reported-by: Guenter Roeck <linux@roeck-us.net> Reference: http://lkml.kernel.org/r/20170226210338.GA19476@roeck-us.net Tested-by: Guenter Roeck <linux@roeck-us.net> Signed-off-by: Tobias Klauser <tklauser@distanz.ch> Acked-by: Ley Foon Tan <ley.foon.tan@intel.com>
Configuration menu - View commit details
-
Copy full SHA for 921d701 - Browse repository at this point
Copy the full SHA 921d701View commit details -
Documentation/filesystems: fix documentation for ->getattr()
Following the recent merge of statx, correct the documented prototype for the ->getattr() inode operation, and add an entry to the porting file. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Configuration menu - View commit details
-
Copy full SHA for 75dd7e4 - Browse repository at this point
Copy the full SHA 75dd7e4View commit details -
statx: reject unknown flags when using NULL path
The statx() system call currently accepts unknown flags when called with a NULL path to operate on a file descriptor. Left unchanged, this could make it hard to introduce new query flags in the future, since applications may not be able to tell whether a given flag is supported. Fix this by failing the system call with EINVAL if any flags other than KSTAT_QUERY_FLAGS are specified in combination with a NULL path. Arguably, we could still permit known lookup-related flags such as AT_SYMLINK_NOFOLLOW. However, that would be inconsistent with how sys_utimensat() behaves when passed a NULL path, which seems to be the closest precedent. And given that the NULL path case is (I believe) mainly intended to be used to implement a wrapper function like fstatx() that doesn't have a path argument, I think rejecting lookup-related flags too is probably the best choice. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Configuration menu - View commit details
-
Copy full SHA for 8c7493a - Browse repository at this point
Copy the full SHA 8c7493aView commit details -
statx: remove incorrect part of vfs_statx() comment
request_mask and query_flags are function arguments, not passed in struct kstat. So remove the part of the comment which claims otherwise. This was apparently left over from an earlier version of the statx patch. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Configuration menu - View commit details
-
Copy full SHA for b15fb70 - Browse repository at this point
Copy the full SHA b15fb70View commit details -
statx: optimize copy of struct statx to userspace
I found that statx() was significantly slower than stat(). As a microbenchmark, I compared 10,000,000 invocations of fstat() on a tmpfs file to the same with statx() passed a NULL path: $ time ./stat_benchmark real 0m1.464s user 0m0.275s sys 0m1.187s $ time ./statx_benchmark real 0m5.530s user 0m0.281s sys 0m5.247s statx is expected to be a little slower than stat because struct statx is larger than struct stat, but not by *that* much. It turns out that most of the overhead was in copying struct statx to userspace, mostly in all the stac/clac instructions that got generated for each __put_user() call. (This was on x86_64, but some other architectures, e.g. arm64, have something similar now too.) stat() instead initializes its struct on the stack and copies it to userspace with a single call to copy_to_user(). This turns out to be much faster, and changing statx to do this makes it almost as fast as stat: $ time ./statx_benchmark real 0m1.624s user 0m0.270s sys 0m1.354s For zeroing the reserved fields, start by zeroing the full struct with memset. This makes it clear that every byte copied to userspace is initialized, even implicit padding bytes (though there are none currently). In the scenarios I tested, it also performed the same as a designated initializer. Manually initializing each field was still slightly faster, but would have been more error-prone and less verifiable. Also rename statx_set_result() to cp_statx() for consistency with cp_old_stat() et al., and make it noinline so that struct statx doesn't add to the stack usage during the main portion of the syscall execution. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Configuration menu - View commit details
-
Copy full SHA for 64bd720 - Browse repository at this point
Copy the full SHA 64bd720View commit details -
Return enhanced file attributes from the Ext4 filesystem. This includes the following: (1) The inode creation time (i_crtime) as stx_btime, setting STATX_BTIME. (2) Certain FS_xxx_FL flags are mapped to stx_attribute flags. This requires that all ext4 inodes have a getattr call, not just some of them, so to this end, split the ext4_getattr() function and only call part of it where appropriate. Example output: [root@andromeda ~]# touch foo [root@andromeda ~]# chattr +ai foo [root@andromeda ~]# /tmp/test-statx foo statx(foo) = 0 results=fff Size: 0 Blocks: 0 IO Block: 4096 regular file Device: 08:12 Inode: 2101950 Links: 1 Access: (0644/-rw-r--r--) Uid: 0 Gid: 0 Access: 2016-02-11 17:08:29.031795451+0000 Modify: 2016-02-11 17:08:29.031795451+0000 Change: 2016-02-11 17:11:11.987790114+0000 Birth: 2016-02-11 17:08:29.031795451+0000 Attributes: 0000000000000030 (-------- -------- -------- -------- -------- -------- -------- --ai----) Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Configuration menu - View commit details
-
Copy full SHA for 99652ea - Browse repository at this point
Copy the full SHA 99652eaView commit details -
xfs: report crtime and attribute flags to statx
statx has the ability to report inode creation times and inode flags, so hook up di_crtime and di_flags to that functionality. Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Configuration menu - View commit details
-
Copy full SHA for 5f955f2 - Browse repository at this point
Copy the full SHA 5f955f2View commit details -
statx: Reserve the top bit of the mask for future struct expansion
Reserve the top bit of the mask for future expansion of the statx struct and give an error if statx() sees it set. All the other bits are ignored if we see them set but don't support the bit; we just clear the bit in the returned mask. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Configuration menu - View commit details
-
Copy full SHA for 47071ae - Browse repository at this point
Copy the full SHA 47071aeView commit details -
statx: Include a mask for stx_attributes in struct statx
Include a mask in struct stat to indicate which bits of stx_attributes the filesystem actually supports. This would also be useful if we add another system call that allows you to do a 'bulk attribute set' and pass in a statx struct with the masks appropriately set to say what you want to set. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Configuration menu - View commit details
-
Copy full SHA for 3209f68 - Browse repository at this point
Copy the full SHA 3209f68View commit details -
alpha: fix stack smashing in old_adjtimex(2)
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro committedApr 3, 2017 Configuration menu - View commit details
-
Copy full SHA for 2b5efc0 - Browse repository at this point
Copy the full SHA 2b5efc0View commit details -
Merge branch 'work.statx' into for-next
Al Viro committedApr 3, 2017 Configuration menu - View commit details
-
Copy full SHA for a8e2844 - Browse repository at this point
Copy the full SHA a8e2844View commit details -
KVM: s390: remove change-recording override support
Change-recording override (CO) was never implemented in any machine. According to the architecture it is unpredictable if a translation-specification exception will be recognized if the bit is set and EDAT1 does not apply. Therefore the easiest solution is to simply ignore the bit. This also fixes commit cd1836f ("KVM: s390: instruction-execution-protection support"). A guest may enable instruction-execution-protection (IEP) but not EDAT1. In such a case the guest_translate() function (arch/s390/kvm/gaccess.c) will report a specification exception on pages that have the IEP bit set while it should not. It might make sense to add full IEP support to guest_translate() and the GACC_IFETCH case. However, as far as I can tell the GACC_IFETCH case is currently only used after an instruction was executed in order to fetch the failing instruction. So there is no additional problem *currently*. Fixes: cd1836f ("KVM: s390: instruction-execution-protection support") Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Configuration menu - View commit details
-
Copy full SHA for 232b8e3 - Browse repository at this point
Copy the full SHA 232b8e3View commit details -
Merge tag 'iio-fixes-for-4.11d' of git://git.kernel.org/pub/scm/linux…
…/kernel/git/jic23/iio into staging-linus 4th set of IIO fixes for the 4.12 cycle. core - fix IIO_VAL_FRACTIONAL_LOG2 handling for negative values. bmg160 - reset chip on probe to avoid a failure on some systems cros_ec - return type correctly when reading raw and calibbias data. hid-sensor-accel - fix a duplicate scan index error due to wrong number of channels for gravity sensor. hid-sensors - ensure a get_feature is always done before the first set feature to avoid issues with wrong cached values. st-pressure - initalize lps22hb boot time to avoid giving stale data.
Configuration menu - View commit details
-
Copy full SHA for a6d3614 - Browse repository at this point
Copy the full SHA a6d3614View commit details -
Merge branch 'ras-urgent-for-linus' of git://git.kernel.org/pub/scm/l…
…inux/kernel/git/tip/tip Pull RAS fix from Thomas Gleixner: "Prevent dmesg from being spammed when MCE logging is active" * 'ras-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86/mce: Don't print MCEs when mcelog is active
Configuration menu - View commit details
-
Copy full SHA for 3ccfcdc - Browse repository at this point
Copy the full SHA 3ccfcdcView commit details -
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel…
…/git/s390/linux Pull s390 fixes from Martin Schwidefsky: "Four bug fixes, two of them for stable: - avoid initrd corruptions in the kernel decompressor - prevent inconsistent dumps if the boot CPU does not have address zero - fix the new pkey interface added with the merge window for 4.11 - a fix for a fix, another issue with user copy zero padding" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390/uaccess: get_user() should zero on failure (again) s390/pkey: Fix wrong handling of secure key with old MKVP s390/smp: fix ipl from cpu with non-zero address s390/decompressor: fix initrd corruption caused by bss clear
Configuration menu - View commit details
-
Copy full SHA for 4ad7255 - Browse repository at this point
Copy the full SHA 4ad7255View commit details -
xfs: rework the inline directory verifiers
The inline directory verifiers should be called on the inode fork data, which means after iformat_local on the read side, and prior to ifork_flush on the write side. This makes the fork verifier more consistent with the way buffer verifiers work -- i.e. they will operate on the memory buffer that the code will be reading and writing directly. Furthermore, revise the verifier function to return -EFSCORRUPTED so that we don't flood the logs with corruption messages and assert notices. This has been a particular problem with xfs/348, which triggers the XFS_WANT_CORRUPTED_RETURN assertions, which halts the kernel when CONFIG_XFS_DEBUG=y. Disk corruption isn't supposed to do that, at least not in a verifier. Reviewed-by: Brian Foster <bfoster@redhat.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Configuration menu - View commit details
-
Copy full SHA for 7842028 - Browse repository at this point
Copy the full SHA 7842028View commit details -
xfs: Honor FALLOC_FL_KEEP_SIZE when punching ends of files
When punching past EOF on XFS, fallocate(mode=PUNCH_HOLE|KEEP_SIZE) will round the file size up to the nearest multiple of PAGE_SIZE: calvinow@vm-disks/generic-xfs-1 ~$ dd if=/dev/urandom of=test bs=2048 count=1 calvinow@vm-disks/generic-xfs-1 ~$ stat test Size: 2048 Blocks: 8 IO Block: 4096 regular file calvinow@vm-disks/generic-xfs-1 ~$ fallocate -n -l 2048 -o 2048 -p test calvinow@vm-disks/generic-xfs-1 ~$ stat test Size: 4096 Blocks: 8 IO Block: 4096 regular file Commit 3c2bdc9 ("xfs: kill xfs_zero_remaining_bytes") replaced xfs_zero_remaining_bytes() with calls to iomap helpers. The new helpers don't enforce that [pos,offset) lies strictly on [0,i_size) when being called from xfs_free_file_space(), so by "leaking" these ranges into xfs_zero_range() we get this buggy behavior. Fix this by reintroducing the checks xfs_zero_remaining_bytes() did against i_size at the bottom of xfs_free_file_space(). Reported-by: Aaron Gao <gzh@fb.com> Fixes: 3c2bdc9 ("xfs: kill xfs_zero_remaining_bytes") Cc: Christoph Hellwig <hch@lst.de> Cc: Brian Foster <bfoster@redhat.com> Cc: <stable@vger.kernel.org> # 4.8+ Signed-off-by: Calvin Owens <calvinowens@fb.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Configuration menu - View commit details
-
Copy full SHA for 3dd09d5 - Browse repository at this point
Copy the full SHA 3dd09d5View commit details -
xfs: fix kernel memory exposure problems
Fix a memory exposure problems in inumbers where we allocate an array of structures with holes, fail to zero the holes, then blindly copy the kernel memory contents (junk and all) into userspace. Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> Reviewed-by: Christoph Hellwig <hch@lst.de>
Configuration menu - View commit details
-
Copy full SHA for bf9216f - Browse repository at this point
Copy the full SHA bf9216fView commit details -
Merge branch 'vmwgfx-fixes-4.11' of git://people.freedesktop.org/~tho…
…mash/linux into drm-fixes Set of vmwgfx fixes * 'vmwgfx-fixes-4.11' of git://people.freedesktop.org/~thomash/linux: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() drm/vmwgfx: Remove getparam error message drm/ttm: Avoid calling drm_ht_remove from atomic context drm/ttm, drm/vmwgfx: Relax permission checking when opening surfaces drm/vmwgfx: avoid calling vzalloc with a 0 size in vmw_get_cap_3d_ioctl() drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() drm/vmwgfx: Type-check lookups of fence objects
Configuration menu - View commit details
-
Copy full SHA for 84c4ba5 - Browse repository at this point
Copy the full SHA 84c4ba5View commit details -
drm/msm: adreno: fix build error without debugfs
The newly added a5xx support fails to build when debugfs is diabled: drivers/gpu/drm/msm/adreno/a5xx_gpu.c:849:4: error: 'struct msm_gpu_funcs' has no member named 'show' drivers/gpu/drm/msm/adreno/a5xx_gpu.c:849:11: error: 'a5xx_show' undeclared here (not in a function); did you mean 'a5xx_irq'? This adds a missing #ifdef. Fixes: b5f103a ("drm/msm: gpu: Add A5XX target support") Cc: stable@vger.kernel.org Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Rob Clark <robdclark@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 280489d - Browse repository at this point
Copy the full SHA 280489dView commit details -
drm/msm: Fix wrong pointer check in a5xx_destroy
Instead of checking for a5xx_gpu->gpmu_iova during destroy we accidently check a5xx_gpu->gpmu_bo. Signed-off-by: Jordan Crouse <jcrouse@codeaurora.org> Signed-off-by: Rob Clark <robdclark@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for f456d34 - Browse repository at this point
Copy the full SHA f456d34View commit details -
drm/msm: Don't allow zero sized buffer objects
Zero sized buffer objects tend to make various bits of the GEM infrastructure complain: WARNING: CPU: 1 PID: 2323 at drivers/gpu/drm/drm_mm.c:389 drm_mm_insert_node_generic+0x258/0x2f0 Modules linked in: CPU: 1 PID: 2323 Comm: drm-api-test Tainted: G W 4.9.0-rc4-00906-g693af44 #213 Hardware name: Qualcomm Technologies, Inc. DB820c (DT) task: ffff8000d7353400 task.stack: ffff8000d7720000 PC is at drm_mm_insert_node_generic+0x258/0x2f0 LR is at drm_vma_offset_add+0x4c/0x70 Zero sized buffers serve no appreciable value to the user so disallow them at create time. Signed-off-by: Jordan Crouse <jcrouse@codeaurora.org> Signed-off-by: Rob Clark <robdclark@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 1a5dff5 - Browse repository at this point
Copy the full SHA 1a5dff5View commit details -
drm/msm/dsi: Fix bug in dsi_mgr_phy_enable
A recent commit introduces a bug in dsi_mgr_phy_enable. In the non dual DSI mode, we reset the mdsi (master DSI) PHY. This isn't right since master and slave DSI exist only in dual DSI mode. For the normal mode of operation, we should simply reset the PHY of the DSI device (i.e. msm_dsi) corresponding to the current bridge. Usage of the wrong DSI pointer also resulted in a static checker warning. That too is resolved with this fix. Fixes: b62aa70 (drm/msm/dsi: Move PHY operations out of host) Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Archit Taneja <architt@codeaurora.org> Reviewed-by: Rob Clark <robdclark@gmail.com> Signed-off-by: Rob Clark <robdclark@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for a5fef53 - Browse repository at this point
Copy the full SHA a5fef53View commit details -
drm/msm/mdp5: Update SSPP_MAX value
'SSPP_MAX + 1' is the max number of hwpipes that can be present on a MDP5 platform. Recently, 2 new cursor hwpipes were added, which caused overflows in arrays that used SSPP_MAX to represent the number of elements. Update the SSPP_MAX value to incorporate the extra hwpipes. Signed-off-by: Archit Taneja <architt@codeaurora.org> Signed-off-by: Rob Clark <robdclark@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 3051204 - Browse repository at this point
Copy the full SHA 3051204View commit details -
drm/msm/hdmi: redefinitions of macros not required
4 macros already defined in hdmi.h, which is not required to redefine in hdmi_audio.c Signed-off-by: Vinay Simha BN <simhavcs@gmail.com> Signed-off-by: Rob Clark <robdclark@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for d322a69 - Browse repository at this point
Copy the full SHA d322a69View commit details -
drm/msm: Make sure to detach the MMU during GPU cleanup
We should be detaching the MMU before destroying the address space. To do this cleanly, the detach has to happen in adreno_gpu_cleanup() because it needs access to structs in adreno_gpu.c. Plus it is better symmetry to have the attach and detach at the same code level. Signed-off-by: Jordan Crouse <jcrouse@codeaurora.org> Signed-off-by: Rob Clark <robdclark@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 028402d - Browse repository at this point
Copy the full SHA 028402dView commit details -
PCI: thunder-pem: Fix legacy firmware PEM-specific resources
SZ_16M PEM resource size includes PEM-specific register and its children resources. Reservation of the whole SZ_16M range leads to child device driver failure when pcieport driver is requesting resources: pcieport 0004:1f:00.0: can't enable device: BAR 0 [mem 0x87e0c0f00000-0x87e0c0ffffff 64bit] not claimed So we cannot reserve full 16M here and instead we want to reserve PEM-specific register only which is SZ_64K. At the end increase PEM resource to SZ_16M since this is what thunder_pem_init() call expects for proper initialization. Fixes: 9abb27c ("PCI: thunder-pem: Add legacy firmware support for Cavium ThunderX host controller") Signed-off-by: Tomasz Nowicki <tn@semihalf.com> Signed-off-by: Bjorn Helgaas <bhelgaas@google.com> CC: stable@vger.kernel.org # v4.10+
Configuration menu - View commit details
-
Copy full SHA for feb199e - Browse repository at this point
Copy the full SHA feb199eView commit details -
PCI: dwc: Select PCI_HOST_COMMON for hisi
Without PCI_HOST_COMMON support enabled, we get a link error: drivers/pci/dwc/built-in.o: In function `hisi_pcie_map_bus': pcie-hisi.c:(.text+0x8860): undefined reference to `pci_ecam_map_bus' drivers/pci/dwc/built-in.o: In function `hisi_pcie_almost_ecam_probe': pcie-hisi.c:(.text+0x88b4): undefined reference to `pci_host_common_probe' Add an explicit 'select', as the other users have. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Bjorn Helgaas <bhelgaas@google.com> Acked-by: Jingoo Han <jingoohan1@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 6665f8a - Browse repository at this point
Copy the full SHA 6665f8aView commit details -
flow dissector: correct size of storage for ARP
The last argument to __skb_header_pointer() should be a buffer large enough to store struct arphdr. This can be a pointer to a struct arphdr structure. The code was previously using a pointer to a pointer to struct arphdr. By my counting the storage available both before and after is 8 bytes on x86_64. Fixes: 5573335 ("flow disector: ARP support") Reported-by: Nicolas Iooss <nicolas.iooss_linux@m4x.org> Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for ac6a372 - Browse repository at this point
Copy the full SHA ac6a372View commit details -
sctp: check for dst and pathmtu update in sctp_packet_config
This patch is to move sctp_transport_dst_check into sctp_packet_config from sctp_packet_transmit and add pathmtu check in sctp_packet_config. With this fix, sctp can update dst or pathmtu before appending chunks, which can void dropping packets in sctp_packet_transmit when dst is obsolete or dst's mtu is changed. This patch is also to improve some other codes in sctp_packet_config. It updates packet max_size with gso_max_size, checks for dst and pathmtu, and appends ecne chunk only when packet is empty and asoc is not NULL. It makes sctp flush work better, as we only need to set up them once for one flush schedule. It's also safe, since asoc is NULL only when the packet is created by sctp_ootb_pkt_new in which it just gets the new dst, no need to do more things for it other than set packet with transport's pathmtu. Signed-off-by: Xin Long <lucien.xin@gmail.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for df2729c - Browse repository at this point
Copy the full SHA df2729cView commit details
Commits on Apr 4, 2017
-
Merge branch 'msm-fixes-4.11-rc6' of git://people.freedesktop.org/~ro…
…bclark/linux into drm-fixes misc msm fixes. * 'msm-fixes-4.11-rc6' of git://people.freedesktop.org/~robclark/linux: drm/msm: Make sure to detach the MMU during GPU cleanup drm/msm/hdmi: redefinitions of macros not required drm/msm/mdp5: Update SSPP_MAX value drm/msm/dsi: Fix bug in dsi_mgr_phy_enable drm/msm: Don't allow zero sized buffer objects drm/msm: Fix wrong pointer check in a5xx_destroy drm/msm: adreno: fix build error without debugfs
Configuration menu - View commit details
-
Copy full SHA for 130e35e - Browse repository at this point
Copy the full SHA 130e35eView commit details -
Merge tag 'xtensa-20170403' of git://github.com/jcmvbkbc/linux-xtensa
Pull Xtensa fixes from Max Filippov: - make __pa work with uncached KSEG addresses, it fixes DMA memory mmapping and DMA debug - fix torn stack dump output - wire up statx syscall * tag 'xtensa-20170403' of git://github.com/jcmvbkbc/linux-xtensa: xtensa: wire up statx system call xtensa: fix stack dump output xtensa: make __pa work with uncached KSEG addresses
Configuration menu - View commit details
-
Copy full SHA for 08e4e0d - Browse repository at this point
Copy the full SHA 08e4e0dView commit details -
tcp: minimize false-positives on TCP/GRO check
Markus Trippelsdorf reported that after commit dcb17d2 ("tcp: warn on bogus MSS and try to amend it") the kernel started logging the warning for a NIC driver that doesn't even support GRO. It was diagnosed that it was possibly caused on connections that were using TCP Timestamps but some packets lacked the Timestamps option. As we reduce rcv_mss when timestamps are used, the lack of them would cause the packets to be bigger than expected, although this is a valid case. As this warning is more as a hint, getting a clean-cut on the threshold is probably not worth the execution time spent on it. This patch thus alleviates the false-positives with 2 quick checks: by accounting for the entire TCP option space and also checking against the interface MTU if it's available. These changes, specially the MTU one, might mask some real positives, though if they are really happening, it's possible that sooner or later it will be triggered anyway. Reported-by: Markus Trippelsdorf <markus@trippelsdorf.de> Cc: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 0b9aefe - Browse repository at this point
Copy the full SHA 0b9aefeView commit details -
arm64: mm: unaligned access by user-land should be received as SIGBUS
After 52d7523 (arm64: mm: allow the kernel to handle alignment faults on user accesses) commit user-land accesses that produce unaligned exceptions like in case of aarch32 ldm/stm/ldrd/strd instructions operating on unaligned memory received by user-land as SIGSEGV. It is wrong, it should be reported as SIGBUS as it was before 52d7523 commit. Changed do_bad_area function to take signal and code parameters out of esr value using fault_info table, so in case of do_alignment_fault fault user-land will receive SIGBUS. Wrapped access to fault_info table into esr_to_fault_info function. Cc: <stable@vger.kernel.org> Fixes: 52d7523 (arm64: mm: allow the kernel to handle alignment faults on user accesses) Signed-off-by: Victor Kamensky <kamensky@cisco.com> Signed-off-by: Will Deacon <will.deacon@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 09a6adf - Browse repository at this point
Copy the full SHA 09a6adfView commit details -
kvm: arm/arm64: Fix locking for kvm_free_stage2_pgd
In kvm_free_stage2_pgd() we don't hold the kvm->mmu_lock while calling unmap_stage2_range() on the entire memory range for the guest. This could cause problems with other callers (e.g, munmap on a memslot) trying to unmap a range. And since we have to unmap the entire Guest memory range holding a spinlock, make sure we yield the lock if necessary, after we unmap each PUD range. Fixes: commit d5d8184 ("KVM: ARM: Memory virtualization setup") Cc: stable@vger.kernel.org # v3.10+ Cc: Paolo Bonzini <pbonzin@redhat.com> Cc: Marc Zyngier <marc.zyngier@arm.com> Cc: Christoffer Dall <christoffer.dall@linaro.org> Cc: Mark Rutland <mark.rutland@arm.com> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com> [ Avoid vCPU starvation and lockup detector warnings ] Signed-off-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Suzuki K Poulose <suzuki.poulose@arm.com> Signed-off-by: Christoffer Dall <cdall@linaro.org>
Suzuki K Poulose authored and Christoffer Dall committedApr 4, 2017 Configuration menu - View commit details
-
Copy full SHA for 8b3405e - Browse repository at this point
Copy the full SHA 8b3405eView commit details -
KVM: arm64: Ensure LRs are clear when they should be
We currently have some code to clear the list registers on GICv3, but we never call this code, because the caller got nuked when removing the old vgic. We also used to have a similar GICv2 part, but that got lost in the process too. Let's reintroduce the logic for GICv2 and call the logic when we initialize the use of hypervisors on the CPU, for example when first loading KVM or when exiting a low power state. Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <christoffer.dall@linaro.org> Signed-off-by: Marc Zyngier <marc.zyngier@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 5b0d2cc - Browse repository at this point
Copy the full SHA 5b0d2ccView commit details -
KVM: arm/arm64: vgic: Fix GICC_PMR uaccess on GICv3 and clarify ABI
As an oversight, for GICv2, we accidentally export the GICC_PMR register in the format of the GICH_VMCR.VMPriMask field in the lower 5 bits of a word, meaning that userspace must always use the lower 5 bits to communicate with the KVM device and must shift the value left by 3 places to obtain the actual priority mask level. Since GICv3 supports the full 8 bits of priority masking in the ICH_VMCR, we have to fix the value we export when emulating a GICv2 on top of a hardware GICv3 and exporting the emulated GICv2 state to userspace. Take the chance to clarify this aspect of the ABI. Reviewed-by: Marc Zyngier <marc.zyngier@arm.com> Signed-off-by: Christoffer Dall <cdall@linaro.org>
Christoffer Dall committedApr 4, 2017 Configuration menu - View commit details
-
Copy full SHA for 6d56111 - Browse repository at this point
Copy the full SHA 6d56111View commit details -
Merge tag 'kvm-s390-master-4.11-1' of git://git.kernel.org/pub/scm/li…
…nux/kernel/git/kvms390/linux From: Christian Borntraeger <borntraeger@de.ibm.com> KVM: s390: Fix instruction-execution-protection/change-recording override This is a fix that prevents translation exception errors on valid page tables for the instruction-exection-protection support. This feature was added during the 4.11 merge window. We have to remove an old check that would trigger if the change-recording override is not available (e.g. edat1 disabled via cpu model).
Configuration menu - View commit details
-
Copy full SHA for 34fcf05 - Browse repository at this point
Copy the full SHA 34fcf05View commit details -
powerpc: Don't try to fix up misaligned load-with-reservation instruc…
…tions In the past, there was only one load-with-reservation instruction, lwarx, and if a program attempted a lwarx on a misaligned address, it would take an alignment interrupt and the kernel handler would emulate it as though it was lwzx, which was not really correct, but benign since it is loading the right amount of data, and the lwarx should be paired with a stwcx. to the same address, which would also cause an alignment interrupt which would result in a SIGBUS being delivered to the process. We now have 5 different sizes of load-with-reservation instruction. Of those, lharx and ldarx cause an immediate SIGBUS by luck since their entries in aligninfo[] overlap instructions which were not fixed up, but lqarx overlaps with lhz and will be emulated as such. lbarx can never generate an alignment interrupt since it only operates on 1 byte. To straighten this out and fix the lqarx case, this adds code to detect the l[hwdq]arx instructions and return without fixing them up, resulting in a SIGBUS being delivered to the process. Cc: stable@vger.kernel.org Signed-off-by: Paul Mackerras <paulus@ozlabs.org> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Configuration menu - View commit details
-
Copy full SHA for 48fe9e9 - Browse repository at this point
Copy the full SHA 48fe9e9View commit details -
PCI: dwc: Fix dw_pcie_ops NULL pointer dereference
Fix a crash from dereferencing a NULL dw_pcie_ops pointer. For example, on ARTPEC-6: Unable to handle kernel NULL pointer dereference at virtual address 00000004 pgd = c0204000 [00000004] *pgd=00000000 Internal error: Oops: 5 [#1] SMP ARM Modules linked in: CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.11.0-rc3-next-20170321 #1 Hardware name: Axis ARTPEC-6 Platform task: db098000 task.stack: db096000 PC is at dw_pcie_writel_dbi+0x2c/0xd0 Prior to 442ec4c ("PCI: dwc: all: Split struct pcie_port into host-only and core structures"), every driver had a struct pcie_host_ops with function pointers, typically used as: if (pp->ops->readl_rc) return pp->ops->readl_rc(...); 442ec4c split struct pcie_host_ops into two pieces: struct dw_pcie_host_ops and struct dw_pcie_ops, so the above became: if (pci->ops->readl_dbi) return pci->ops->readl_dbi(...); But pcie-artpec6.c and pcie-designware-plat.c don't need the dw_pcie_ops pointers and didn't supply a pci->ops struct, which leads to NULL pointer dereferences. Supply an empty struct dw_pcie_ops to avoid the NULL pointer dereferences. [bhelgaas: changelog] Fixes: 442ec4c ("PCI: dwc: all: Split struct pcie_port into host-only and core structures") Signed-off-by: Niklas Cassel <niklas.cassel@axis.com> Signed-off-by: Bjorn Helgaas <bhelgaas@google.com> Acked-by: Kishon Vijay Abraham I <kishon@ti.com> Acked-by: Joao Pinto <jpinto@synopsys.com>
Configuration menu - View commit details
-
Copy full SHA for 794a860 - Browse repository at this point
Copy the full SHA 794a860View commit details -
KVM: nVMX: do not leak PML full vmexit to L1
The PML feature is not exposed to guests so we should not be forwarding the vmexit either. This commit fixes BSOD 0x20001 (HYPERVISOR_ERROR) when running Hyper-V enabled Windows Server 2016 in L1 on hardware that supports PML. Fixes: 843e433 ("KVM: VMX: Add PML support in VMX") Signed-off-by: Ladi Prosek <lprosek@redhat.com> Reviewed-by: David Hildenbrand <david@redhat.com> Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for ab007cc - Browse repository at this point
Copy the full SHA ab007ccView commit details -
xenbus: remove transaction holder from list before freeing
After allocation the item is being placed on the list right away. Consequently it needs to be taken off the list before freeing in the case xenbus_dev_request_and_reply() failed, as in that case the callback (xenbus_dev_queue_reply()) is not being called (and if it was called, it should do both). Fixes: 5584ea2 Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Juergen Gross <jgross@suse.com> Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Configuration menu - View commit details
-
Copy full SHA for ac4cde3 - Browse repository at this point
Copy the full SHA ac4cde3View commit details -
KVM: nVMX: initialize PML fields in vmcs02
L2 was running with uninitialized PML fields which led to incomplete dirty bitmap logging. This manifested as all kinds of subtle erratic behavior of the nested guest. Fixes: 843e433 ("KVM: VMX: Add PML support in VMX") Signed-off-by: Ladi Prosek <lprosek@redhat.com> Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Configuration menu - View commit details
-
Copy full SHA for 1fb883b - Browse repository at this point
Copy the full SHA 1fb883bView commit details -
Merge branch 'nvme-4.11-rc' of git://git.infradead.org/nvme into for-…
…linus Sagi writes: We have one spec mis-match fix from Roland and several sparse fixes from Christoph.
Configuration menu - View commit details
-
Copy full SHA for 8945927 - Browse repository at this point
Copy the full SHA 8945927View commit details -
l2tp: take reference on sessions being dumped
Take a reference on the sessions returned by l2tp_session_find_nth() (and rename it l2tp_session_get_nth() to reflect this change), so that caller is assured that the session isn't going to disappear while processing it. For procfs and debugfs handlers, the session is held in the .start() callback and dropped in .show(). Given that pppol2tp_seq_session_show() dereferences the associated PPPoL2TP socket and that l2tp_dfs_seq_session_show() might call pppol2tp_show(), we also need to call the session's .ref() callback to prevent the socket from going away from under us. Fixes: fd558d1 ("l2tp: Split pppol2tp patch into separate l2tp and ppp parts") Fixes: 0ad6614 ("l2tp: Add debugfs files for dumping l2tp debug info") Fixes: 309795f ("l2tp: Add netlink control API for L2TP") Signed-off-by: Guillaume Nault <g.nault@alphalink.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for e08293a - Browse repository at this point
Copy the full SHA e08293aView commit details -
bnx2x: fix spelling mistake in macros HW_INTERRUT_ASSERT_SET_*
Trival fix, rename HW_INTERRUT_ASSERT_SET_* to HW_INTERRUPT_ASSERT_SET_* Signed-off-by: Colin Ian King <colin.king@canonical.com> Acked-by: Yuval Mintz <Yuval.Mintz@cavium.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for a891966 - Browse repository at this point
Copy the full SHA a891966View commit details -
l2tp: fix PPP pseudo-wire auto-loading
PPP pseudo-wire type is 7 (11 is L2TP_PWTYPE_IP). Fixes: f1f39f9 ("l2tp: auto load type modules") Signed-off-by: Guillaume Nault <g.nault@alphalink.fr> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 249ee81 - Browse repository at this point
Copy the full SHA 249ee81View commit details -
Merge tag 'drm-fixes-for-v4.11-rc6' of git://people.freedesktop.org/~…
…airlied/linux Pull drm fixes from Dave Airlie: "This is just mostly stuff that missed rc5, from vmwgfx and msm drivers" * tag 'drm-fixes-for-v4.11-rc6' of git://people.freedesktop.org/~airlied/linux: drm/msm: Make sure to detach the MMU during GPU cleanup drm/msm/hdmi: redefinitions of macros not required drm/msm/mdp5: Update SSPP_MAX value drm/msm/dsi: Fix bug in dsi_mgr_phy_enable drm/msm: Don't allow zero sized buffer objects drm/msm: Fix wrong pointer check in a5xx_destroy drm/msm: adreno: fix build error without debugfs drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() drm/vmwgfx: Remove getparam error message drm/ttm: Avoid calling drm_ht_remove from atomic context drm/ttm, drm/vmwgfx: Relax permission checking when opening surfaces drm/vmwgfx: avoid calling vzalloc with a 0 size in vmw_get_cap_3d_ioctl() drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() drm/vmwgfx: Type-check lookups of fence objects
Configuration menu - View commit details
-
Copy full SHA for 1a589c0 - Browse repository at this point
Copy the full SHA 1a589c0View commit details -
net: ethernet: ti: cpsw: fix race condition during open()
TI's cpsw driver handles both OF and non-OF case for phy connect. Unfortunately of_phy_connect() returns NULL on error while phy_connect() returns ERR_PTR(). To handle this, cpsw_slave_open() overrides the return value from phy_connect() to make it NULL or error. This leaves a small window, where cpsw_adjust_link() may be invoked for a slave while slave->phy pointer is temporarily set to -ENODEV (or some other error) before it is finally set to NULL. _cpsw_adjust_link() only handles the NULL case, and an oops results when ERR_PTR() is seen by it. Note that cpsw_adjust_link() checks PHY status for each slave whenever it is invoked. It can so happen that even though phy_connect() for a given slave returns error, _cpsw_adjust_link() is still called for that slave because the link status of another slave changed. Fix this by using a temporary pointer to store return value of {of_}phy_connect() and do a one-time write to slave->phy. Reviewed-by: Grygorii Strashko <grygorii.strashko@ti.com> Reported-by: Yan Liu <yan-liu@ti.com> Signed-off-by: Sekhar Nori <nsekhar@ti.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 30c57f0 - Browse repository at this point
Copy the full SHA 30c57f0View commit details -
Merge tag 'nios2-v4.11-fix' of git://git.kernel.org/pub/scm/linux/ker…
…nel/git/lftan/nios2 Pull nios2 fix from Ley Foon Tan: - nios2: reserve boot memory for device tree * tag 'nios2-v4.11-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/lftan/nios2: nios2: reserve boot memory for device tree
Configuration menu - View commit details
-
Copy full SHA for b824a95 - Browse repository at this point
Copy the full SHA b824a95View commit details -
Merge tag 'wireless-drivers-for-davem-2017-04-03' of git://git.kernel…
….org/pub/scm/linux/kernel/git/kvalo/wireless-drivers Kalle Valo says: ==================== wireless-drivers fixes for 4.11 iwlwifi * an RCU fix * a fix for a potential out-of-bounds access crash * a fix for IBSS which has been broken since DQA was enabled rtlwifi * fix scheduling while atomic regression brcmfmac * fix use-after-free bug found by KASAN ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for e90be21 - Browse repository at this point
Copy the full SHA e90be21View commit details -
Merge tag 'gpio-v4.11-3' of git://git.kernel.org/pub/scm/linux/kernel…
…/git/linusw/linux-gpio Pull late GPIO fixes from Linus Walleij: "Some late coming ACPI fixes for GPIO. We're dealing with ACPI issues here. The first is related to wake IRQs on Bay Trail/Cherry Trail CPUs which are common in laptops. The second is about proper probe deferral when reading _CRS properties. For my untrained eye it seems there was some quarrel between the BIOS and the kernel about who is supposed to deal with wakeups from GPIO lines" * tag 'gpio-v4.11-3' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-gpio: ACPI / gpio: do not fall back to parsing _CRS when we get a deferral gpio: acpi: Call enable_irq_wake for _IAE GpioInts with Wake set
Configuration menu - View commit details
-
Copy full SHA for 308ac75 - Browse repository at this point
Copy the full SHA 308ac75View commit details
Commits on Apr 5, 2017
-
powerpc/64: Fix flush_(d|i)cache_range() called from modules
When the kernel is compiled to use 64bit ABIv2 the _GLOBAL() macro does not include a global entry point. A function's global entry point is used when the function is called from a different TOC context and in the kernel this typically means a call from a module into the vmlinux (or vice-versa). There are a few exported asm functions declared with _GLOBAL() and calling them from a module will likely crash the kernel since any TOC relative load will yield garbage. flush_icache_range() and flush_dcache_range() are both exported to modules, and use the TOC, so must use _GLOBAL_TOC(). Fixes: 721aeaa ("powerpc: Build little endian ppc64 kernel with ABIv2") Cc: stable@vger.kernel.org # v3.16+ Signed-off-by: Oliver O'Halloran <oohall@gmail.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Configuration menu - View commit details
-
Copy full SHA for 8f5f525 - Browse repository at this point
Copy the full SHA 8f5f525View commit details -
powerpc/mm: Add missing global TLB invalidate if cxl is active
Commit 4c6d9ac ("powerpc/mm: Add hooks for cxl") converted local TLB invalidates to global if the cxl driver is active. This is necessary because the CAPP snoops invalidations to forward them to the PSL on the cxl adapter. However one path was forgotten. native_flush_hash_range() still does local TLB invalidates, as found out the hard way recently. This patch fixes it by following the same logic as previously: if the cxl driver is active, the local TLB invalidates are 'upgraded' to global. Fixes: 4c6d9ac ("powerpc/mm: Add hooks for cxl") Cc: stable@vger.kernel.org # v3.18+ Signed-off-by: Frederic Barrat <fbarrat@linux.vnet.ibm.com> Reviewed-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Configuration menu - View commit details
-
Copy full SHA for 88b1bf7 - Browse repository at this point
Copy the full SHA 88b1bf7View commit details -
mfd: cros-ec: Fix host command buffer size
For SPI, we can get up to 32 additional bytes for response preamble. The current overhead (2 bytes) may cause problems when we try to receive a big response. Update it to 32 bytes. Without this fix we could see a kernel BUG when we receive a big response from the Chrome EC when is connected via SPI. Signed-off-by: Vic Yang <victoryang@google.com> Tested-by: Enric Balletbo i Serra <enric.balletbo.collabora.com> Signed-off-by: Lee Jones <lee.jones@linaro.org>
Vic Yang authored and Lee Jones committedApr 5, 2017 Configuration menu - View commit details
-
Copy full SHA for b237640 - Browse repository at this point
Copy the full SHA b237640View commit details -
crypto: caam - fix JR platform device subsequent (re)creations
The way Job Ring platform devices are created and released does not allow for multiple create-release cycles. JR0 Platform device creation error JR0 Platform device creation error caam 2100000.caam: no queues configured, terminating caam: probe of 2100000.caam failed with error -12 The reason is that platform devices are created for each job ring: for_each_available_child_of_node(nprop, np) if (of_device_is_compatible(np, "fsl,sec-v4.0-job-ring") || of_device_is_compatible(np, "fsl,sec4.0-job-ring")) { ctrlpriv->jrpdev[ring] = of_platform_device_create(np, NULL, dev); which sets OF_POPULATED on the device node, but then it cleans these up: /* Remove platform devices for JobRs */ for (ring = 0; ring < ctrlpriv->total_jobrs; ring++) { if (ctrlpriv->jrpdev[ring]) of_device_unregister(ctrlpriv->jrpdev[ring]); } which leaves OF_POPULATED set. Use of_platform_populate / of_platform_depopulate instead. This allows for a bit of driver clean-up, jrpdev is no longer needed. Logic changes a bit too: -exit in case of_platform_populate fails, since currently even QI backend depends on JR; true, we no longer support the case when "some" of the JR DT nodes are incorrect -when cleaning up, caam_remove() would also depopulate RTIC in case it would have been populated somewhere else - not the case for now Cc: <stable@vger.kernel.org> Fixes: 313ea29 ("crypto: caam - Add Platform driver for Job Ring") Reported-by: Russell King <rmk+kernel@armlinux.org.uk> Suggested-by: Rob Herring <robh+dt@kernel.org> Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Acked-by: Rob Herring <robh@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Configuration menu - View commit details
-
Copy full SHA for ec36060 - Browse repository at this point
Copy the full SHA ec36060View commit details -
crypto: caam - fix invalid dereference in caam_rsa_init_tfm()
In case caam_jr_alloc() fails, ctx->dev carries the error code, thus accessing it with dev_err() is incorrect. Cc: <stable@vger.kernel.org> # 4.8+ Fixes: 8c41977 ("crypto: caam - add support for RSA algorithm") Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Configuration menu - View commit details
-
Copy full SHA for 33fa46d - Browse repository at this point
Copy the full SHA 33fa46dView commit details -
crypto: caam - fix RNG deinstantiation error checking
RNG instantiation was previously fixed by commit 62743a4 ("crypto: caam - fix RNG init descriptor ret. code checking") while deinstantiation was not addressed. Since the descriptors used are similar, in the sense that they both end with a JUMP HALT command, checking for errors should be similar too, i.e. status code 7000_0000h should be considered successful. Cc: <stable@vger.kernel.org> # 3.13+ Fixes: 1005bcc ("crypto: caam - enable instantiation of all RNG4 state handles") Signed-off-by: Horia Geantă <horia.geanta@nxp.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Configuration menu - View commit details
-
Copy full SHA for 40c98cb - Browse repository at this point
Copy the full SHA 40c98cbView commit details -
ring-buffer: Fix return value check in test_ringbuffer()
In case of error, the function kthread_run() returns ERR_PTR() and never returns NULL. The NULL test in the return value check should be replaced with IS_ERR(). Link: http://lkml.kernel.org/r/1466184839-14927-1-git-send-email-weiyj_lk@163.com Cc: stable@vger.kernel.org Fixes: 6c43e55 ("ring-buffer: Add ring buffer startup selftest") Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Configuration menu - View commit details
-
Copy full SHA for 62277de - Browse repository at this point
Copy the full SHA 62277deView commit details -
metag/usercopy: Drop unused macros
Metag's lib/usercopy.c has a bunch of copy_from_user macros for larger copies between 5 and 16 bytes which are completely unused. Before fixing zeroing lets drop these macros so there is less to fix. Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: linux-metag@vger.kernel.org Cc: stable@vger.kernel.org
James Hogan committedApr 5, 2017 Configuration menu - View commit details
-
Copy full SHA for ef62a2d - Browse repository at this point
Copy the full SHA ef62a2dView commit details -
metag/usercopy: Fix alignment error checking
Fix the error checking of the alignment adjustment code in raw_copy_from_user(), which mistakenly considers it safe to skip the error check when aligning the source buffer on a 2 or 4 byte boundary. If the destination buffer was unaligned it may have started to copy using byte or word accesses, which could well be at the start of a new (valid) source page. This would result in it appearing to have copied 1 or 2 bytes at the end of the first (invalid) page rather than none at all. Fixes: 373cd78 ("metag: Memory handling") Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: linux-metag@vger.kernel.org Cc: stable@vger.kernel.org
James Hogan committedApr 5, 2017 Configuration menu - View commit details
-
Copy full SHA for 2257211 - Browse repository at this point
Copy the full SHA 2257211View commit details -
metag/usercopy: Add early abort to copy_to_user
When copying to userland on Meta, if any faults are encountered immediately abort the copy instead of continuing on and repeatedly faulting, and worse potentially copying further bytes successfully to subsequent valid pages. Fixes: 373cd78 ("metag: Memory handling") Reported-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: linux-metag@vger.kernel.org Cc: stable@vger.kernel.org
James Hogan committedApr 5, 2017 Configuration menu - View commit details
-
Copy full SHA for fb8ea06 - Browse repository at this point
Copy the full SHA fb8ea06View commit details -
sctp: get sock from transport in sctp_transport_update_pmtu
This patch is almost to revert commit 02f3d4c ("sctp: Adjust PMTU updates to accomodate route invalidation."). As t->asoc can't be NULL in sctp_transport_update_pmtu, it could get sk from asoc, and no need to pass sk into that function. It is also to remove some duplicated codes from that function. Signed-off-by: Xin Long <lucien.xin@gmail.com> Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 3ebfdf0 - Browse repository at this point
Copy the full SHA 3ebfdf0View commit details -
metag/usercopy: Zero rest of buffer from copy_from_user
Currently we try to zero the destination for a failed read from userland in fixup code in the usercopy.c macros. The rest of the destination buffer is then zeroed from __copy_user_zeroing(), which is used for both copy_from_user() and __copy_from_user(). Unfortunately we fail to zero in the fixup code as D1Ar1 is set to 0 before the fixup code entry labels, and __copy_from_user() shouldn't even be zeroing the rest of the buffer. Move the zeroing out into copy_from_user() and rename __copy_user_zeroing() to raw_copy_from_user() since it no longer does any zeroing. This also conveniently matches the name needed for RAW_COPY_USER support in a later patch. Fixes: 373cd78 ("metag: Memory handling") Reported-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: linux-metag@vger.kernel.org Cc: stable@vger.kernel.org
James Hogan committedApr 5, 2017 Configuration menu - View commit details
-
Copy full SHA for 563ddc1 - Browse repository at this point
Copy the full SHA 563ddc1View commit details -
metag/usercopy: Set flags before ADDZ
The fixup code for the copy_to_user rapf loops reads TXStatus.LSM_STEP to decide how far to rewind the source pointer. There is a special case for the last execution of an MGETL/MGETD, since it leaves LSM_STEP=0 even though the number of MGETLs/MGETDs attempted was 4. This uses ADDZ which is conditional upon the Z condition flag, but the AND instruction which masked the TXStatus.LSM_STEP field didn't set the condition flags based on the result. Fix that now by using ANDS which does set the flags, and also marking the condition codes as clobbered by the inline assembly. Fixes: 373cd78 ("metag: Memory handling") Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: linux-metag@vger.kernel.org Cc: stable@vger.kernel.org
James Hogan committedApr 5, 2017 Configuration menu - View commit details
-
Copy full SHA for fd40eee - Browse repository at this point
Copy the full SHA fd40eeeView commit details -
metag/usercopy: Fix src fixup in from user rapf loops
The fixup code to rewind the source pointer in __asm_copy_from_user_{32,64}bit_rapf_loop() always rewound the source by a single unit (4 or 8 bytes), however this is insufficient if the fault didn't occur on the first load in the loop, as the source pointer will have been incremented but nothing will have been stored until all 4 register [pairs] are loaded. Read the LSM_STEP field of TXSTATUS (which is already loaded into a register), a bit like the copy_to_user versions, to determine how many iterations of MGET[DL] have taken place, all of which need rewinding. Fixes: 373cd78 ("metag: Memory handling") Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: linux-metag@vger.kernel.org Cc: stable@vger.kernel.org
James Hogan committedApr 5, 2017 Configuration menu - View commit details
-
Copy full SHA for 2c0b1df - Browse repository at this point
Copy the full SHA 2c0b1dfView commit details -
metag/usercopy: Add missing fixups
The rapf copy loops in the Meta usercopy code is missing some extable entries for HTP cores with unaligned access checking enabled, where faults occur on the instruction immediately after the faulting access. Add the fixup labels and extable entries for these cases so that corner case user copy failures don't cause kernel crashes. Fixes: 373cd78 ("metag: Memory handling") Signed-off-by: James Hogan <james.hogan@imgtec.com> Cc: linux-metag@vger.kernel.org Cc: stable@vger.kernel.org
James Hogan committedApr 5, 2017 Configuration menu - View commit details
-
Copy full SHA for b884a19 - Browse repository at this point
Copy the full SHA b884a19View commit details -
Merge tag 'kvm-arm-for-v4.11-rc6' of git://git.kernel.org/pub/scm/lin…
…ux/kernel/git/kvmarm/kvmarm From: Christoffer Dall <cdall@linaro.org> KVM/ARM Fixes for v4.11-rc6 Fixes include: - Fix a problem with GICv3 userspace save/restore - Clarify GICv2 userspace save/restore ABI - Be more careful in clearing GIC LRs - Add missing synchronization primitive to our MMU handling code
Configuration menu - View commit details
-
Copy full SHA for 6fd6410 - Browse repository at this point
Copy the full SHA 6fd6410View commit details -
Merge tag 'kbuild-fixes-v4.11' of git://git.kernel.org/pub/scm/linux/…
…kernel/git/masahiroy/linux-kbuild Pull Kbuild fixes from Masahiro Yamada: - hand-off primary maintainership of Kbuild - fix build warnings - fix build error when GCOV is enabled with old compiler - fix HAVE_ASM_GOTO check when GCC plugin is enabled * tag 'kbuild-fixes-v4.11' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild: gconfig: remove misleading parentheses around a condition jump label: fix passing kbuild_cflags when checking for asm goto support Kbuild: use cc-disable-warning consistently for maybe-uninitialized kbuild: external module build warnings when KBUILD_OUTPUT set and W=1 MAINTAINERS: add Masahiro Yamada as a Kbuild maintainer
Configuration menu - View commit details
-
Copy full SHA for 9f0bffa - Browse repository at this point
Copy the full SHA 9f0bffaView commit details -
Merge tag 'mfd-fixes-4.11' of git://git.kernel.org/pub/scm/linux/kern…
…el/git/lee/mfd Pull MFD bug fix from Lee Jones: "Increase buffer size om cros-ec to allow for SPI messages" * tag 'mfd-fixes-4.11' of git://git.kernel.org/pub/scm/linux/kernel/git/lee/mfd: mfd: cros-ec: Fix host command buffer size
Configuration menu - View commit details
-
Copy full SHA for aeb4a57 - Browse repository at this point
Copy the full SHA aeb4a57View commit details -
Merge branch 'kprobe-fixes' of https://git.linaro.org/people/tixy/kernel
Russell King committedApr 5, 2017 Configuration menu - View commit details
-
Copy full SHA for 3872fe8 - Browse repository at this point
Copy the full SHA 3872fe8View commit details
Commits on Apr 6, 2017
-
tcp: fix lost retransmit SNMP under-counting
The lost retransmit SNMP stat is under-counting retransmission that uses segment offloading. This patch fixes that so all retransmission related SNMP counters are consistent. Fixes: 10d3be5 ("tcp-tso: do not split TSO packets at retransmit time") Signed-off-by: Yuchung Cheng <ycheng@google.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Neal Cardwell <ncardwell@google.com> Signed-off-by: Soheil Hassas Yeganeh <soheil@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for ecde8f3 - Browse repository at this point
Copy the full SHA ecde8f3View commit details -
tcp: fix reordering SNMP under-counting
Currently the reordering SNMP counters only increase if a connection sees a higher degree then it has previously seen. It ignores if the reordering degree is not greater than the default system threshold. This significantly under-counts the number of reordering events and falsely convey that reordering is rare on the network. This patch properly and faithfully records the number of reordering events detected by the TCP stack, just like the comment says "this exciting event is worth to be remembered". Note that even so TCP still under-estimate the actual reordering events because TCP requires TS options or certain packet sequences to detect reordering (i.e. ACKing never-retransmitted sequence in recovery or disordered state). Signed-off-by: Yuchung Cheng <ycheng@google.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Neal Cardwell <ncardwell@google.com> Signed-off-by: Soheil Hassas Yeganeh <soheil@google.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 2d2517e - Browse repository at this point
Copy the full SHA 2d2517eView commit details -
nfp: fix potential use after free on xdp prog
We should unregister the net_device first, before we give back our reference on xdp_prog. Otherwise xdp_prog may be freed before .ndo_stop() disabled the datapath. Found by code inspection. Fixes: ecd63a0 ("nfp: add XDP support in the driver") Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com> Reviewed-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for c383bdd - Browse repository at this point
Copy the full SHA c383bddView commit details -
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
Pull networking fixes from David Miller: 1) Reject invalid updates to netfilter expectation policies, from Pablo Neira Ayuso. 2) Fix memory leak in nfnl_cthelper, from Jeffy Chen. 3) Don't do stupid things if we get a neigh_probe() on a neigh entry whose ops lack a solicit method. From Eric Dumazet. 4) Don't transmit packets in r8152 driver when the carrier is off, from Hayes Wang. 5) Fix ipv6 packet type detection in aquantia driver, from Pavel Belous. 6) Don't write uninitialized data into hw registers in bna driver, from Arnd Bergmann. 7) Fix locking in ping_unhash(), from Eric Dumazet. 8) Make BPF verifier range checks able to understand certain sequences emitted by LLVM, from Alexei Starovoitov. 9) Fix use after free in ipconfig, from Mark Rutland. 10) Fix refcount leak on force commit in openvswitch, from Jarno Rajahalme. 11) Fix various overflow checks in AF_PACKET, from Andrey Konovalov. 12) Fix endianness bug in be2net driver, from Suresh Reddy. 13) Don't forget to wake TX queues when processing a timeout, from Grygorii Strashko. 14) ARP header on-stack storage is wrong in flow dissector, from Simon Horman. 15) Lost retransmit and reordering SNMP stats in TCP can be underreported. From Yuchung Cheng. * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (82 commits) nfp: fix potential use after free on xdp prog tcp: fix reordering SNMP under-counting tcp: fix lost retransmit SNMP under-counting sctp: get sock from transport in sctp_transport_update_pmtu net: ethernet: ti: cpsw: fix race condition during open() l2tp: fix PPP pseudo-wire auto-loading bnx2x: fix spelling mistake in macros HW_INTERRUT_ASSERT_SET_* l2tp: take reference on sessions being dumped tcp: minimize false-positives on TCP/GRO check sctp: check for dst and pathmtu update in sctp_packet_config flow dissector: correct size of storage for ARP net: ethernet: ti: cpsw: wake tx queues on ndo_tx_timeout l2tp: take a reference on sessions used in genetlink handlers l2tp: hold session while sending creation notifications l2tp: fix duplicate session creation l2tp: ensure session can't get removed during pppol2tp_session_ioctl() l2tp: fix race in l2tp_recv_common() sctp: use right in and out stream cnt bpf: add various verifier test cases for self-tests bpf, verifier: fix rejection of unaligned access checks for map_value_adj ...
Configuration menu - View commit details
-
Copy full SHA for ea6b172 - Browse repository at this point
Copy the full SHA ea6b172View commit details -
KVM: PPC: Book3S HV: Check for kmalloc errors in ioctl
kzalloc() won't actually fail because sizeof(*resize) is small, but static checkers complain. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Acked-by: David Gibson <david@gibson.dropbear.id.au> Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
Configuration menu - View commit details
-
Copy full SHA for abd80dc - Browse repository at this point
Copy the full SHA abd80dcView commit details -
Merge branch 'kvm-ppc-fixes' of git://git.kernel.org/pub/scm/linux/ke…
…rnel/git/paulus/powerpc From: Paul Mackerras <paulus@ozlabs.org> A check for a NULL return from kzalloc in recently-added code.
Configuration menu - View commit details
-
Copy full SHA for 8786fa6 - Browse repository at this point
Copy the full SHA 8786fa6View commit details -
HID: uclogic: add support for Ugee Tablet EX07S
This device has a different vendor id but responds to initialization. Signed-off-by: Xiaolei Yu <dreifachstein@gmail.com> Reviewed-by: Benjamin Tissoires <benjamin.tissoires@redhat.com> Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Configuration menu - View commit details
-
Copy full SHA for fe1a83b - Browse repository at this point
Copy the full SHA fe1a83bView commit details -
sparc64: Fix kernel panic due to erroneous #ifdef surrounding pmd_wri…
…te() This commit moves sparc64's prototype of pmd_write() outside of the CONFIG_TRANSPARENT_HUGEPAGE ifdef. In 2013, commit a7b9403 ("sparc64: Encode huge PMDs using PTE encoding.") exposed a path where pmd_write() could be called without CONFIG_TRANSPARENT_HUGEPAGE defined. This can result in the panic below. The diff is awkward to read, but the changes are straightforward. pmd_write() was moved outside of #ifdef CONFIG_TRANSPARENT_HUGEPAGE. Also, __HAVE_ARCH_PMD_WRITE was defined. kernel BUG at include/asm-generic/pgtable.h:576! \|/ ____ \|/ "@'/ .. \`@" /_| \__/ |_\ \__U_/ oracle_8114_cdb(8114): Kernel bad sw trap 5 [#1] CPU: 120 PID: 8114 Comm: oracle_8114_cdb Not tainted 4.1.12-61.7.1.el6uek.rc1.sparc64 #1 task: fff8400700a24d60 ti: fff8400700bc4000 task.ti: fff8400700bc4000 TSTATE: 0000004411e01607 TPC: 00000000004609f8 TNPC: 00000000004609fc Y: 00000005 Not tainted TPC: <gup_huge_pmd+0x198/0x1e0> g0: 000000000001c000 g1: 0000000000ef3954 g2: 0000000000000000 g3: 0000000000000001 g4: fff8400700a24d60 g5: fff8001fa5c10000 g6: fff8400700bc4000 g7: 0000000000000720 o0: 0000000000bc5058 o1: 0000000000000240 o2: 0000000000006000 o3: 0000000000001c00 o4: 0000000000000000 o5: 0000048000080000 sp: fff8400700bc6ab1 ret_pc: 00000000004609f0 RPC: <gup_huge_pmd+0x190/0x1e0> l0: fff8400700bc74fc l1: 0000000000020000 l2: 0000000000002000 l3: 0000000000000000 l4: fff8001f93250950 l5: 000000000113f800 l6: 0000000000000004 l7: 0000000000000000 i0: fff8400700ca46a0 i1: bd0000085e800453 i2: 000000026a0c4000 i3: 000000026a0c6000 i4: 0000000000000001 i5: fff800070c958de8 i6: fff8400700bc6b61 i7: 0000000000460dd0 I7: <gup_pud_range+0x170/0x1a0> Call Trace: [0000000000460dd0] gup_pud_range+0x170/0x1a0 [0000000000460e84] get_user_pages_fast+0x84/0x120 [00000000006f5a18] iov_iter_get_pages+0x98/0x240 [00000000005fa744] do_direct_IO+0xf64/0x1e00 [00000000005fbbc0] __blockdev_direct_IO+0x360/0x15a0 [00000000101f74fc] ext4_ind_direct_IO+0xdc/0x400 [ext4] [00000000101af690] ext4_ext_direct_IO+0x1d0/0x2c0 [ext4] [00000000101af86c] ext4_direct_IO+0xec/0x220 [ext4] [0000000000553bd4] generic_file_read_iter+0x114/0x140 [00000000005bdc2c] __vfs_read+0xac/0x100 [00000000005bf254] vfs_read+0x54/0x100 [00000000005bf368] SyS_pread64+0x68/0x80 Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 9ae34db - Browse repository at this point
Copy the full SHA 9ae34dbView commit details -
sparc64: Fix memory corruption when THP is enabled
The memory corruption was happening due to incorrect TLB/TSB flushing of hugepages. Reported-by: David S. Miller <davem@davemloft.net> Signed-off-by: Nitin Gupta <nitin.m.gupta@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 7681126 - Browse repository at this point
Copy the full SHA 7681126View commit details -
sparc32: Export vac_cache_size to fix build error
sparc32:allmodconfig fails to build with the following error. ERROR: "vac_cache_size" [drivers/infiniband/sw/rxe/rdma_rxe.ko] undefined! Fixes: cb88645 ("infiniband: Fix alignment of mmap cookies ...") Cc: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Cc: Doug Ledford <dledford@redhat.com> Signed-off-by: Guenter Roeck <linux@roeck-us.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 9d262d9 - Browse repository at this point
Copy the full SHA 9d262d9View commit details -
sparc: remove unused wp_works_ok macro
It's unused for ages, used to be required for ksyms.c back in the v1.1 times. Signed-off-by: Mathias Krause <minipli@googlemail.com> Acked-by: David S. Miller <davem@davemloft.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Configuration menu - View commit details
-
Copy full SHA for 86e1066 - Browse repository at this point
Copy the full SHA 86e1066View commit details -
Merge tag 'trace-v4.11-rc5' of git://git.kernel.org/pub/scm/linux/ker…
…nel/git/rostedt/linux-trace Pull tracing fix from Steven Rostedt: "Wei Yongjun fixed a long standing bug in the ring buffer startup test. If for some unknown reason, the kthread that is created fails to be created, the return from kthread_create() is an PTR_ERR and not a NULL. The test incorrectly checks for NULL instead of an error" * tag 'trace-v4.11-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace: ring-buffer: Fix return value check in test_ringbuffer()
Configuration menu - View commit details
-
Copy full SHA for 4691f4a - Browse repository at this point
Copy the full SHA 4691f4aView commit details -
Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upst…
…ream-linus Pull MIPS fixes from Ralf Baechle: "Lantiq: - Fix adding xbar resoures causing a panic Loongson3: - Some Loongson 3A don't identify themselves as having an FTLB so hardwire that knowledge into CPU probing. - Handle Loongson 3 TLB peculiarities in the fast path of the RDHWR emulation. - Fix invalid FTLB entries with huge page on VTLB+FTLB platforms - Add missing calculation of S-cache and V-cache cache-way size Ralink: - Fix typos in rt3883 pinctrl data Generic: - Force o32 fp64 support on 32bit MIPS64r6 kernels - Yet another build fix after the linux/sched.h changes - Wire up statx system call - Fix stack unwinding after introduction of IRQ stack - Fix spinlock code to build even for microMIPS with recent binutils SMP-CPS: - Fix retrieval of VPE mask on big endian CPUs" * 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus: MIPS: IRQ Stack: Unwind IRQ stack onto task stack MIPS: c-r4k: Fix Loongson-3's vcache/scache waysize calculation MIPS: Flush wrong invalid FTLB entry for huge page MIPS: Check TLB before handle_ri_rdhwr() for Loongson-3 MIPS: Add MIPS_CPU_FTLB for Loongson-3A R2 MIPS: Lantiq: fix missing xbar kernel panic MIPS: smp-cps: Fix retrieval of VPE mask on big endian CPUs MIPS: Wire up statx system call MIPS: Include asm/ptrace.h now linux/sched.h doesn't MIPS: ralink: Fix typos in rt3883 pinctrl MIPS: End spinlocks with .insn MIPS: Force o32 fp64 support on 32bit MIPS64r6 kernels
Configuration menu - View commit details
-
Copy full SHA for 977674c - Browse repository at this point
Copy the full SHA 977674cView commit details -
Merge tag 'xfs-4.11-fixes-3' of git://git.kernel.org/pub/scm/fs/xfs/x…
…fs-linux Pull XFS fixes from Darrick Wong: "Here are three more fixes for 4.11. The first one reworks the inline directory verifier to check the working copy of the directory metadata and to avoid triggering a periodic crash in xfs/348. The second patch fixes a regression in hole punching at EOF that corrupts files; and the third patch closes a kernel memory disclosure bug. Summary: - rework the inline directory verifier to avoid crashes on disk corruption - don't change file size when punching holes w/ KEEP_SIZE - close a kernel memory exposure bug" * tag 'xfs-4.11-fixes-3' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: xfs: fix kernel memory exposure problems xfs: Honor FALLOC_FL_KEEP_SIZE when punching ends of files xfs: rework the inline directory verifiers
Configuration menu - View commit details
-
Copy full SHA for 269c930 - Browse repository at this point
Copy the full SHA 269c930View commit details -
pinctrl: core: Fix pinctrl_register_and_init() with pinctrl_enable()
Recent pinctrl changes to allow dynamic allocation of pins exposed one more issue with the pinctrl pins claimed early by the controller itself. This caused a regression for IMX6 pinctrl hogs. Before enabling the pin controller driver we need to wait until it has been properly initialized, then claim the hogs, and only then enable it. To fix the regression, split the code into pinctrl_claim_hogs() and pinctrl_enable(). And then let's require that pinctrl_enable() is always called by the pin controller driver when ready after calling pinctrl_register_and_init(). Depends-on: 950b0d9 ("pinctrl: core: Fix regression caused by delayed work for hogs") Fixes: df61b36 ("pinctrl: core: Use delayed work for hogs") Fixes: e566fc1 ("pinctrl: imx: use generic pinctrl helpers for managing groups") Cc: Haojian Zhuang <haojian.zhuang@linaro.org> Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Cc: Mika Penttilä <mika.penttila@nextfour.com> Cc: Mika Westerberg <mika.westerberg@linux.intel.com> Cc: Nishanth Menon <nm@ti.com> Cc: Shawn Guo <shawnguo@kernel.org> Cc: Stefan Agner <stefan@agner.ch> Tested-by: Geert Uytterhoeven <geert+renesas@glider.be> Tested-by: Gary Bisson <gary.bisson@boundarydevices.com> Tested-by: Fabio Estevam <fabio.estevam@nxp.com> Signed-off-by: Tony Lindgren <tony@atomide.com> Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Configuration menu - View commit details
-
Copy full SHA for 6118714 - Browse repository at this point
Copy the full SHA 6118714View commit details
Commits on Apr 7, 2017
-
powerpc/crypto/crc32c-vpmsum: Fix missing preempt_disable()
In crc32c_vpmsum() we call enable_kernel_altivec() without first disabling preemption, which is not allowed: WARNING: CPU: 9 PID: 2949 at ../arch/powerpc/kernel/process.c:277 enable_kernel_altivec+0x100/0x120 Modules linked in: dm_thin_pool dm_persistent_data dm_bio_prison dm_bufio libcrc32c vmx_crypto ... CPU: 9 PID: 2949 Comm: docker Not tainted 4.11.0-rc5-compiler_gcc-6.3.1-00033-g308ac7563944 #381 ... NIP [c00000000001e320] enable_kernel_altivec+0x100/0x120 LR [d000000003df0910] crc32c_vpmsum+0x108/0x150 [crc32c_vpmsum] Call Trace: 0xc138fd09 (unreliable) crc32c_vpmsum+0x108/0x150 [crc32c_vpmsum] crc32c_vpmsum_update+0x3c/0x60 [crc32c_vpmsum] crypto_shash_update+0x88/0x1c0 crc32c+0x64/0x90 [libcrc32c] dm_bm_checksum+0x48/0x80 [dm_persistent_data] sb_check+0x84/0x120 [dm_thin_pool] dm_bm_validate_buffer.isra.0+0xc0/0x1b0 [dm_persistent_data] dm_bm_read_lock+0x80/0xf0 [dm_persistent_data] __create_persistent_data_objects+0x16c/0x810 [dm_thin_pool] dm_pool_metadata_open+0xb0/0x1a0 [dm_thin_pool] pool_ctr+0x4cc/0xb60 [dm_thin_pool] dm_table_add_target+0x16c/0x3c0 table_load+0x184/0x400 ctl_ioctl+0x2f0/0x560 dm_ctl_ioctl+0x38/0x50 do_vfs_ioctl+0xd8/0x920 SyS_ioctl+0x68/0xc0 system_call+0x38/0xfc It used to be sufficient just to call pagefault_disable(), because that also disabled preemption. But the two were decoupled in commit 8222dbe ("sched/preempt, mm/fault: Decouple preemption from the page fault logic") in mid 2015. So add the missing preempt_disable/enable(). We should also call disable_kernel_fp(), although it does nothing by default, there is a debug switch to make it active and all enables should be paired with disables. Fixes: 6dd7a82 ("crypto: powerpc - Add POWER8 optimised crc32c") Cc: stable@vger.kernel.org # v4.8+ Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Configuration menu - View commit details
-
Copy full SHA for 4749228 - Browse repository at this point
Copy the full SHA 4749228View commit details -
Revert "Revert "arm64: hugetlb: partial revert of 66b3923""
The use of the contiguous bit by our hugetlb implementation violates the break-before-make requirements of the architecture and can lead to silent data corruption or TLB conflict aborts. Once again, disable these hugetlb sizes whilst it gets worked out. This reverts commit ab2e1b8. Conflicts: arch/arm64/mm/hugetlbpage.c Signed-off-by: Will Deacon <will.deacon@arm.com>
Configuration menu - View commit details
-
Copy full SHA for 6ae979a - Browse repository at this point
Copy the full SHA 6ae979aView commit details -
Merge branch 'acpi-scan-fixes'
* acpi-scan-fixes: ACPI / scan: Prefer devices without _HID for _ADR matching
Configuration menu - View commit details
-
Copy full SHA for dc752d5 - Browse repository at this point
Copy the full SHA dc752d5View commit details -
A signal can interrupt a SendReceive call which result in incoming responses to the call being ignored. This is a problem for calls such as open which results in the successful response being ignored. This results in an open file resource on the server. The patch looks into responses which were cancelled after being sent and in case of successful open closes the open fids. For this patch, the check is only done in SendReceive2() RH-bz: 1403319 Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com> Cc: Stable <stable@vger.kernel.org>
Configuration menu - View commit details
-
Copy full SHA for 38bd490 - Browse repository at this point
Copy the full SHA 38bd490View commit details -
SMB3: Rename clone_range to copychunk_range
Server side copy is one of the most important mechanisms smb2/smb3 supports and it was unintentionally disabled for most use cases. Renaming calls to reflect the underlying smb2 ioctl called. This is similar to the name duplicate_extents used for a similar ioctl which is also used to duplicate files by reusing fs blocks. The name change is to avoid confusion. Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> CC: Stable <stable@vger.kernel.org> Signed-off-by: Steve French <smfrench@gmail.com> Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Configuration menu - View commit details
-
Copy full SHA for 312bbc5 - Browse repository at this point
Copy the full SHA 312bbc5View commit details -
Introduce cifs_copy_file_range()
The earlier changes to copy range for cifs unintentionally disabled the more common form of server side copy. The patch introduces the file_operations helper cifs_copy_file_range() which is used by the syscall copy_file_range. The new file operations helper allows us to perform server side copies for SMB2.0 and 2.1 servers as well as SMB 3.0+ servers which do not support the ioctl FSCTL_DUPLICATE_EXTENTS_TO_FILE. The new helper uses the ioctl FSCTL_SRV_COPYCHUNK_WRITE to perform server side copies. The helper is called by vfs_copy_file_range() only once an attempt to clone the file using the ioctl FSCTL_DUPLICATE_EXTENTS_TO_FILE has failed. Signed-off-by: Sachin Prabhu <sprabhu@redhat.com> Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com> CC: Stable <stable@vger.kernel.org> Signed-off-by: Steve French <smfrench@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 620d874 - Browse repository at this point
Copy the full SHA 620d874View commit details -
CIFS: Fix build failure with smb2
I saw the following build error during a randconfig build: fs/cifs/smb2ops.c: In function 'smb2_new_lease_key': fs/cifs/smb2ops.c:1104:2: error: implicit declaration of function 'generate_random_uuid' [-Werror=implicit-function-declaration] Explicit include the right header to fix this issue. Signed-off-by: Tobias Regnery <tobias.regnery@gmail.com> Reviewed-by: Aurelien Aptel <aaptel@suse.com> Signed-off-by: Steve French <smfrench@gmail.com>
Configuration menu - View commit details
-
Copy full SHA for 4fa8e50 - Browse repository at this point
Copy the full SHA 4fa8e50View commit details -
Reset TreeId to zero on SMB2 TREE_CONNECT
Currently the cifs module breaks the CIFS specs on reconnect as described in http://msdn.microsoft.com/en-us/library/cc246529.aspx: "TreeId (4 bytes): Uniquely identifies the tree connect for the command. This MUST be 0 for the SMB2 TREE_CONNECT Request." Signed-off-by: Jan-Marek Glogowski <glogow@fbihome.de> Reviewed-by: Aurelien Aptel <aaptel@suse.com> Tested-by: Aurelien Aptel <aaptel@suse.com> Signed-off-by: Steve French <smfrench@gmail.com> CC: Stable <stable@vger.kernel.org>
Configuration menu - View commit details
-
Copy full SHA for 806a28e - Browse repository at this point
Copy the full SHA 806a28eView commit details -
blk-mq: use the right hctx when getting a driver tag fails
While dispatching requests, if we fail to get a driver tag, we mark the hardware queue as waiting for a tag and put the requests on a hctx->dispatch list to be run later when a driver tag is freed. However, blk_mq_dispatch_rq_list() may dispatch requests from multiple hardware queues if using a single-queue scheduler with a multiqueue device. If blk_mq_get_driver_tag() fails, it doesn't update the hardware queue we are processing. This means we end up using the hardware queue of the previous request, which may or may not be the same as that of the current request. If it isn't, the wrong hardware queue will end up waiting for a tag, and the requests will be on the wrong dispatch list, leading to a hang. The fix is twofold: 1. Make sure we save which hardware queue we were trying to get a request for in blk_mq_get_driver_tag() regardless of whether it succeeds or not. 2. Make blk_mq_dispatch_rq_list() take a request_queue instead of a blk_mq_hw_queue to make it clear that it must handle multiple hardware queues, since I've already messed this up on a couple of occasions. This didn't appear in testing with nvme and mq-deadline because nvme has more driver tags than the default number of scheduler tags. However, with the blk_mq_update_nr_hw_queues() fix, it showed up with nbd. Signed-off-by: Omar Sandoval <osandov@fb.com> Signed-off-by: Jens Axboe <axboe@fb.com>
Configuration menu - View commit details
-
Copy full SHA for 81380ca - Browse repository at this point
Copy the full SHA 81380caView commit details -
blk-mq-sched: refactor scheduler initialization
Preparation cleanup for the next couple of fixes, push blk_mq_sched_setup() and e->ops.mq.init_sched() into a helper. Signed-off-by: Omar Sandoval <osandov@fb.com> Signed-off-by: Jens Axboe <axboe@fb.com>
Configuration menu - View commit details
-
Copy full SHA for 6917ff0 - Browse repository at this point
Copy the full SHA 6917ff0View commit details -
blk-mq-sched: set up scheduler tags when bringing up new queues
If a new hardware queue is added at runtime, we don't allocate scheduler tags for it, leading to a crash. This hooks up the scheduler framework to blk_mq_{init,exit}_hctx() to make sure everything gets properly initialized/freed. Signed-off-by: Omar Sandoval <osandov@fb.com> Signed-off-by: Jens Axboe <axboe@fb.com>
Configuration menu - View commit details
-
Copy full SHA for 9325263 - Browse repository at this point
Copy the full SHA 9325263View commit details -
blk-mq-sched: fix crash in switch error path
In elevator_switch(), if blk_mq_init_sched() fails, we attempt to fall back to the original scheduler. However, at this point, we've already torn down the original scheduler's tags, so this causes a crash. Doing the fallback like the legacy elevator path is much harder for mq, so fix it by just falling back to none, instead. Signed-off-by: Omar Sandoval <osandov@fb.com> Signed-off-by: Jens Axboe <axboe@fb.com>
Configuration menu - View commit details
-
Copy full SHA for 54d5329 - Browse repository at this point
Copy the full SHA 54d5329View commit details -
blk-mq: remap queues when adding/removing hardware queues
blk_mq_update_nr_hw_queues() used to remap hardware queues, which is the behavior that drivers expect. However, commit 4e68a01 changed blk_mq_queue_reinit() to not remap queues for the case of CPU hotplugging, inadvertently making blk_mq_update_nr_hw_queues() not remap queues as well. This breaks, for example, NBD's multi-connection mode, leaving the added hardware queues unused. Fix it by making blk_mq_update_nr_hw_queues() explicitly remap the queues. Fixes: 4e68a01 ("blk-mq: don't redistribute hardware queues on a CPU hotplug event") Reviewed-by: Keith Busch <keith.busch@intel.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Sagi Grimberg <sagi@grimberg.me> Signed-off-by: Omar Sandoval <osandov@fb.com> Signed-off-by: Jens Axboe <axboe@fb.com>
Configuration menu - View commit details
-
Copy full SHA for ebe8bdd - Browse repository at this point
Copy the full SHA ebe8bddView commit details -
sysctl: add sanity check for proc_douintvec
Commit e7d316a ("sysctl: handle error writing UINT_MAX to u32 fields") introduced the proc_douintvec helper function, but it forgot to add the related sanity check when doing register_sysctl_table. So add it now. Signed-off-by: Liping Zhang <zlpnobody@gmail.com> Cc: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org> Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 1680a38 - Browse repository at this point
Copy the full SHA 1680a38View commit details -
sysctl: don't print negative flag for proc_douintvec
I saw some very confusing sysctl output on my system: # cat /proc/sys/net/core/xfrm_aevent_rseqth -2 # cat /proc/sys/net/core/xfrm_aevent_etime -10 # cat /proc/sys/net/ipv4/tcp_notsent_lowat -4294967295 Because we forget to set the *negp flag in proc_douintvec, so it will become a garbage value. Since the value related to proc_douintvec is always an unsigned integer, so we can set *negp to false explictily to fix this issue. Fixes: e7d316a ("sysctl: handle error writing UINT_MAX to u32 fields") Signed-off-by: Liping Zhang <zlpnobody@gmail.com> Cc: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org> Cc: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 5380e56 - Browse repository at this point
Copy the full SHA 5380e56View commit details -
Merge tag 'for-linus-4.11b-rc6-tag' of git://git.kernel.org/pub/scm/l…
…inux/kernel/git/xen/tip Pull Xen fix from Juergen Gross: "A fix for error path cleanup in the xenbus handler" * tag 'for-linus-4.11b-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: xenbus: remove transaction holder from list before freeing
Configuration menu - View commit details
-
Copy full SHA for 50bdd7a - Browse repository at this point
Copy the full SHA 50bdd7aView commit details -
Merge tag 'acpi-4.11-rc6' of git://git.kernel.org/pub/scm/linux/kerne…
…l/git/rafael/linux-pm Pull ACPI fix from Rafael Wysocki: "This fixes a core device enumeration code change made in 4.10, in order to address a reported issue, that went too far. Specifics: - Refine the check for the existence of _HID in find_child_checks() so that it doesn't trigger for device objects with device IDs made up by the kernel (Rafael Wysocki)" * tag 'acpi-4.11-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm: ACPI / scan: Prefer devices without _HID for _ADR matching
Configuration menu - View commit details
-
Copy full SHA for 7ab6618 - Browse repository at this point
Copy the full SHA 7ab6618View commit details -
Merge tag 'metag-for-v4.11-rc6' of git://git.kernel.org/pub/scm/linux…
…/kernel/git/jhogan/metag Pull metag usercopy fixes from James Hogan: "Metag usercopy fault handling fixes These patches fix a bunch of longstanding (some over a decade old) metag user copy fault handling bugs. Thanks go to Al Viro for spotting some of the questionable code in the first place" * tag 'metag-for-v4.11-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/metag: metag/usercopy: Add missing fixups metag/usercopy: Fix src fixup in from user rapf loops metag/usercopy: Set flags before ADDZ metag/usercopy: Zero rest of buffer from copy_from_user metag/usercopy: Add early abort to copy_to_user metag/usercopy: Fix alignment error checking metag/usercopy: Drop unused macros
Configuration menu - View commit details
-
Copy full SHA for 4f0d14b - Browse repository at this point
Copy the full SHA 4f0d14bView commit details -
Merge tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/…
…git/arm64/linux Pull arm64 fixes from Will Deacon: "We've got a regression fix for the signal raised when userspace makes an unsupported unaligned access and a revert of the contiguous (hugepte) support for hugetlb, which has once again been found to be broken. One day, maybe, we'll get it right. Summary: - restore previous SIGBUS behaviour for unhandled unaligned user accesses - revert broken support for the contiguous bit in hugetlb (again...)" * tag 'arm64-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux: Revert "Revert "arm64: hugetlb: partial revert of 66b3923"" arm64: mm: unaligned access by user-land should be received as SIGBUS
Configuration menu - View commit details
-
Copy full SHA for dc25ad3 - Browse repository at this point
Copy the full SHA dc25ad3View commit details -
Merge tag 'dm-4.11-fixes-2' of git://git.kernel.org/pub/scm/linux/ker…
…nel/git/device-mapper/linux-dm Pull device mapper fixes from Mike Snitzer: - two stable fixes for the verity target's FEC support - a stable fix for raid target's raid1 support (when no bitmap is used) - a 4.11 cache metadata v2 format fix to properly test blocks are clean * tag 'dm-4.11-fixes-2' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm: dm verity fec: fix bufio leaks dm raid: fix NULL pointer dereference for raid1 without bitmap dm cache metadata: fix metadata2 format's blocks_are_clean_separate_dirty dm verity fec: limit error correction recursion
Configuration menu - View commit details
-
Copy full SHA for 81d4bab - Browse repository at this point
Copy the full SHA 81d4babView commit details -
blk-mq: Introduce blk_mq_delay_run_hw_queue()
Introduce a function that runs a hardware queue unconditionally after a delay. Note: there is already a function that stops and restarts a hardware queue after a delay, namely blk_mq_delay_queue(). This function will be used in the next patch in this series. Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com> Cc: Christoph Hellwig <hch@lst.de> Cc: Hannes Reinecke <hare@suse.de> Cc: Long Li <longli@microsoft.com> Cc: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Jens Axboe <axboe@fb.com>
Configuration menu - View commit details
-
Copy full SHA for 7587a5a - Browse repository at this point
Copy the full SHA 7587a5aView commit details -
scsi: Avoid that SCSI queues get stuck
If a .queue_rq() function returns BLK_MQ_RQ_QUEUE_BUSY then the block driver that implements that function is responsible for rerunning the hardware queue once requests can be queued again successfully. commit 52d7f1b ("blk-mq: Avoid that requeueing starts stopped queues") removed the blk_mq_stop_hw_queue() call from scsi_queue_rq() for the BLK_MQ_RQ_QUEUE_BUSY case. Hence change all calls to functions that are intended to rerun a busy queue such that these examine all hardware queues instead of only stopped queues. Since no other functions than scsi_internal_device_block() and scsi_internal_device_unblock() should ever stop or restart a SCSI queue, change the blk_mq_delay_queue() call into a blk_mq_delay_run_hw_queue() call. Fixes: commit 52d7f1b ("blk-mq: Avoid that requeueing starts stopped queues") Fixes: commit 7e79dad ("blk-mq: stop hardware queue in blk_mq_delay_queue()") Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com> Cc: Martin K. Petersen <martin.petersen@oracle.com> Cc: James Bottomley <James.Bottomley@HansenPartnership.com> Cc: Christoph Hellwig <hch@lst.de> Cc: Hannes Reinecke <hare@suse.de> Cc: Sagi Grimberg <sagi@grimberg.me> Cc: Long Li <longli@microsoft.com> Cc: K. Y. Srinivasan <kys@microsoft.com> Signed-off-by: Jens Axboe <axboe@fb.com>
Configuration menu - View commit details
-
Copy full SHA for 36e3cf2 - Browse repository at this point
Copy the full SHA 36e3cf2View commit details -
dm rq: Avoid that request processing stalls sporadically
While running the srp-test software I noticed that request processing stalls sporadically at the beginning of a test, namely when mkfs is run against a dm-mpath device. Every time when that happened the following command was sufficient to resume request processing: echo run >/sys/kernel/debug/block/dm-0/state This patch avoids that such request processing stalls occur. The test I ran is as follows: while srp-test/run_tests -d -r 30 -t 02-mq; do :; done Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com> Cc: Mike Snitzer <snitzer@redhat.com> Cc: dm-devel@redhat.com Signed-off-by: Jens Axboe <axboe@fb.com>
Configuration menu - View commit details
-
Copy full SHA for 6077c2d - Browse repository at this point
Copy the full SHA 6077c2dView commit details -
blk-mq: Restart a single queue if tag sets are shared
To improve scalability, if hardware queues are shared, restart a single hardware queue in round-robin fashion. Rename blk_mq_sched_restart_queues() to reflect the new semantics. Remove blk_mq_sched_mark_restart_queue() because this function has no callers. Remove flag QUEUE_FLAG_RESTART because this patch removes the code that uses this flag. Signed-off-by: Bart Van Assche <bart.vanassche@sandisk.com> Cc: Christoph Hellwig <hch@lst.de> Cc: Hannes Reinecke <hare@suse.com> Signed-off-by: Jens Axboe <axboe@fb.com>
Configuration menu - View commit details
-
Copy full SHA for 6d8c6c0 - Browse repository at this point
Copy the full SHA 6d8c6c0View commit details -
Merge tag 'pci-v4.11-fixes-4' of git://git.kernel.org/pub/scm/linux/k…
…ernel/git/helgaas/pci Pull PCI fixes from Bjorn Helgaas: - fix ThunderX legacy firmware resources - fix ARTPEC-6 and DesignWare platform driver NULL pointer dereferences - fix HiSilicon link error * tag 'pci-v4.11-fixes-4' of git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci: PCI: dwc: Fix dw_pcie_ops NULL pointer dereference PCI: dwc: Select PCI_HOST_COMMON for hisi PCI: thunder-pem: Fix legacy firmware PEM-specific resources
Configuration menu - View commit details
-
Copy full SHA for c2eb7be - Browse repository at this point
Copy the full SHA c2eb7beView commit details -
orangefs: move features validation to fix filesystem hang
Without this fix (and another to the userspace component itself described later), the kernel will be unable to process any OrangeFS requests after the userspace component is restarted (due to a crash or at the administrator's behest). The bug here is that inside orangefs_remount, the orangefs_request_mutex is locked. When the userspace component restarts while the filesystem is mounted, it sends a ORANGEFS_DEV_REMOUNT_ALL ioctl to the device, which causes the kernel to send it a few requests aimed at synchronizing the state between the two. While this is happening the orangefs_request_mutex is locked to prevent any other requests going through. This is only half of the bugfix. The other half is in the userspace component which outright ignores(!) requests made before it considers the filesystem remounted, which is after the ioctl returns. Of course the ioctl doesn't return until after the userspace component responds to the request it ignores. The userspace component has been changed to allow ORANGEFS_VFS_OP_FEATURES regardless of the mount status. Mike Marshall says: "I've tested this patch against the fixed userspace part. This patch is real important, I hope it can make it into 4.11... Here's what happens when the userspace daemon is restarted, without the patch: ============================================= [ INFO: possible recursive locking detected ] [ 4.10.0-00007-ge98bdb3 #1 Not tainted ] --------------------------------------------- pvfs2-client-co/29032 is trying to acquire lock: (orangefs_request_mutex){+.+.+.}, at: service_operation+0x3c7/0x7b0 [orangefs] but task is already holding lock: (orangefs_request_mutex){+.+.+.}, at: dispatch_ioctl_command+0x1bf/0x330 [orangefs] CPU: 0 PID: 29032 Comm: pvfs2-client-co Not tainted 4.10.0-00007-ge98bdb3 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-1.fc25 04/01/2014 Call Trace: __lock_acquire+0x7eb/0x1290 lock_acquire+0xe8/0x1d0 mutex_lock_killable_nested+0x6f/0x6e0 service_operation+0x3c7/0x7b0 [orangefs] orangefs_remount+0xea/0x150 [orangefs] dispatch_ioctl_command+0x227/0x330 [orangefs] orangefs_devreq_ioctl+0x29/0x70 [orangefs] do_vfs_ioctl+0xa3/0x6e0 SyS_ioctl+0x79/0x90" Signed-off-by: Martin Brandenburg <martin@omnibond.com> Acked-by: Mike Marshall <hubcap@omnibond.com> Cc: stable@vger.kernel.org Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for cefdc26 - Browse repository at this point
Copy the full SHA cefdc26View commit details
Commits on Apr 8, 2017
-
mm: fix page_vma_mapped_walk() for ksm pages
Doug Smythies reports oops with KSM in this backtrace, I've been seeing the same: page_vma_mapped_walk+0xe6/0x5b0 page_referenced_one+0x91/0x1a0 rmap_walk_ksm+0x100/0x190 rmap_walk+0x4f/0x60 page_referenced+0x149/0x170 shrink_active_list+0x1c2/0x430 shrink_node_memcg+0x67a/0x7a0 shrink_node+0xe1/0x320 kswapd+0x34b/0x720 Just as observed in commit 4b0ece6 ("mm: migrate: fix remove_migration_pte() for ksm pages"), you cannot use page->index calculations on ksm pages. page_vma_mapped_walk() is relying on __vma_address(), where a ksm page can lead it off the end of the page table, and into whatever nonsense is in the next page, ending as an oops inside check_pte()'s pte_page(). KSM tells page_vma_mapped_walk() exactly where to look for the page, it does not need any page->index calculation: and that's so also for all the normal and file and anon pages - just not for THPs and their subpages. Get out early in most cases: instead of a PageKsm test, move down the earlier not-THP-page test, as suggested by Kirill. I'm also slightly worried that this loop can stray into other vmas, so added a vm_end test to prevent surprises; though I have not imagined anything worse than a very contrived case, in which a page mlocked in the next vma might be reclaimed because it is not mlocked in this vma. Fixes: ace71a1 ("mm: introduce page_vma_mapped_walk()") Link: http://lkml.kernel.org/r/alpine.LSU.2.11.1704031104400.1118@eggly.anvils Signed-off-by: Hugh Dickins <hughd@google.com> Reported-by: Doug Smythies <dsmythies@telus.net> Tested-by: Doug Smythies <dsmythies@telus.net> Reviewed-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for d75450f - Browse repository at this point
Copy the full SHA d75450fView commit details -
userfaultfd: report actual registered features in fdinfo
fdinfo for userfault file descriptor reports UFFD_API_FEATURES. Up until recently, the UFFD_API_FEATURES was defined as 0, therefore corresponding field in fdinfo always contained zero. Now, with introduction of several additional features, UFFD_API_FEATURES is not longer 0 and it seems better to report actual features requested for the userfaultfd object described by the fdinfo. First, the applications that were using userfault will still see zero at the features field in fdinfo. Next, reporting actual features rather than available features, gives clear indication of what userfault features are used by an application. Link: http://lkml.kernel.org/r/1491140181-22121-1-git-send-email-rppt@linux.vnet.ibm.com Signed-off-by: Mike Rapoport <rppt@linux.vnet.ibm.com> Reviewed-by: Andrea Arcangeli <aarcange@redhat.com> Cc: Pavel Emelyanov <xemul@virtuozzo.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 045098e - Browse repository at this point
Copy the full SHA 045098eView commit details -
mm/page_alloc.c: fix print order in show_free_areas()
Fixes: 11fb998 ("mm: move most file-based accounting to the node") Link: http://lkml.kernel.org/r/1490377730.30219.2.camel@beget.ru Signed-off-by: Alexander Polyakov <apolyakov@beget.com> Acked-by: Michal Hocko <mhocko@suse.com> Cc: Mel Gorman <mgorman@techsingularity.net> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: <stable@vger.kernel.org> [4.8+] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 1f06b81 - Browse repository at this point
Copy the full SHA 1f06b81View commit details -
vmlinux.lds: add missing VMLINUX_SYMBOL macros
When __{start,end}_ro_after_init is referenced from C code, we run into the following build errors on blackfin: kernel/extable.c:169: undefined reference to `__start_ro_after_init' kernel/extable.c:169: undefined reference to `__end_ro_after_init' The build error is due to the fact that blackfin is one of the few arches that prepends an underscore '_' to all symbols defined in C. Fix this by wrapping __{start,end}_ro_after_init in vmlinux.lds.h with VMLINUX_SYMBOL(), which adds the necessary prefix for arches that have HAVE_UNDERSCORE_SYMBOL_PREFIX. Link: http://lkml.kernel.org/r/1491259387-15869-1-git-send-email-jeyu@redhat.com Signed-off-by: Jessica Yu <jeyu@redhat.com> Acked-by: Kees Cook <keescook@chromium.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Eddie Kovsky <ewk@edkovsky.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for d79bf21 - Browse repository at this point
Copy the full SHA d79bf21View commit details -
ptrace: fix PTRACE_LISTEN race corrupting task->state
In PT_SEIZED + LISTEN mode STOP/CONT signals cause a wakeup against __TASK_TRACED. If this races with the ptrace_unfreeze_traced at the end of a PTRACE_LISTEN, this can wake the task /after/ the check against __TASK_TRACED, but before the reset of state to TASK_TRACED. This causes it to instead clobber TASK_WAKING, allowing a subsequent wakeup against TRACED while the task is still on the rq wake_list, corrupting it. Oleg said: "The kernel can crash or this can lead to other hard-to-debug problems. In short, "task->state = TASK_TRACED" in ptrace_unfreeze_traced() assumes that nobody else can wake it up, but PTRACE_LISTEN breaks the contract. Obviusly it is very wrong to manipulate task->state if this task is already running, or WAKING, or it sleeps again" [akpm@linux-foundation.org: coding-style fixes] Fixes: 9899d11 ("ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL") Link: http://lkml.kernel.org/r/xm26y3vfhmkp.fsf_-_@bsegall-linux.mtv.corp.google.com Signed-off-by: Ben Segall <bsegall@google.com> Acked-by: Oleg Nesterov <oleg@redhat.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 5402e97 - Browse repository at this point
Copy the full SHA 5402e97View commit details -
mm, thp: fix setting of defer+madvise thp defrag mode
Setting thp defrag mode of "defer+madvise" actually sets "defer" in the kernel due to the name similarity and the out-of-order way the string is checked in defrag_store(). Check the string in the correct order so that TRANSPARENT_HUGEPAGE_DEFRAG_KSWAPD_OR_MADV_FLAG is set appropriately for "defer+madvise". Fixes: 21440d7 ("mm, thp: add new defer+madvise defrag option") Link: http://lkml.kernel.org/r/alpine.DEB.2.10.1704051814420.137626@chino.kir.corp.google.com Signed-off-by: David Rientjes <rientjes@google.com> Acked-by: Michal Hocko <mhocko@suse.com> Acked-by: Vlastimil Babka <vbabka@suse.cz> Cc: Mel Gorman <mgorman@techsingularity.net> Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 4fad7fb - Browse repository at this point
Copy the full SHA 4fad7fbView commit details -
dax: fix radix tree insertion race
While running generic/340 in my test setup I hit the following race. It can happen with kernels that support FS DAX PMDs, so v4.10 thru v4.11-rc5. Thread 1 Thread 2 -------- -------- dax_iomap_pmd_fault() grab_mapping_entry() spin_lock_irq() get_unlocked_mapping_entry() 'entry' is NULL, can't call lock_slot() spin_unlock_irq() radix_tree_preload() dax_iomap_pmd_fault() grab_mapping_entry() spin_lock_irq() get_unlocked_mapping_entry() ... lock_slot() spin_unlock_irq() dax_pmd_insert_mapping() <inserts a PMD mapping> spin_lock_irq() __radix_tree_insert() fails with -EEXIST <fall back to 4k fault, and die horribly when inserting a 4k entry where a PMD exists> The issue is that we have to drop mapping->tree_lock while calling radix_tree_preload(), but since we didn't have a radix tree entry to lock (unlike in the pmd_downgrade case) we have no protection against Thread 2 coming along and inserting a PMD at the same index. For 4k entries we handled this with a special-case response to -EEXIST coming from the __radix_tree_insert(), but this doesn't save us for PMDs because the -EEXIST case can also mean that we collided with a 4k entry in the radix tree at a different index, but one that is covered by our PMD range. So, correctly handle both the 4k and 2M collision cases by explicitly re-checking the radix tree for an entry at our index once we reacquire mapping->tree_lock. This patch has made it through a clean xfstests run with the current v4.11-rc5 based linux/master, and it also ran generic/340 500 times in a loop. It used to fail within the first 10 iterations. Link: http://lkml.kernel.org/r/20170406212944.2866-1-ross.zwisler@linux.intel.com Signed-off-by: Ross Zwisler <ross.zwisler@linux.intel.com> Cc: "Darrick J. Wong" <darrick.wong@oracle.com> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Cc: Christoph Hellwig <hch@lst.de> Cc: Dan Williams <dan.j.williams@intel.com> Cc: Jan Kara <jack@suse.cz> Cc: Matthew Wilcox <mawilcox@microsoft.com> Cc: <stable@vger.kernel.org> [4.10+] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for e11f8b7 - Browse repository at this point
Copy the full SHA e11f8b7View commit details -
mm, swap_cgroup: reschedule when neeed in swap_cgroup_swapoff()
We got need_resched() warnings in swap_cgroup_swapoff() because swap_cgroup_ctrl[type].length is particularly large. Reschedule when needed. Link: http://lkml.kernel.org/r/alpine.DEB.2.10.1704061315270.80559@chino.kir.corp.google.com Signed-off-by: David Rientjes <rientjes@google.com> Acked-by: Michal Hocko <mhocko@suse.com> Cc: Johannes Weiner <hannes@cmpxchg.org> Cc: Vladimir Davydov <vdavydov.dev@gmail.com> Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 460bcec - Browse repository at this point
Copy the full SHA 460bcecView commit details -
mailmap: update Yakir Yang email address
Set current email address to replace previous employers email addresses. Link: http://lkml.kernel.org/r/1491450722-6633-1-git-send-email-jeffy.chen@rock-chips.com Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for cdcf433 - Browse repository at this point
Copy the full SHA cdcf433View commit details -
mm: move pcp and lru-pcp draining into single wq
We currently have 2 specific WQ_RECLAIM workqueues in the mm code. vmstat_wq for updating pcp stats and lru_add_drain_wq dedicated to drain per cpu lru caches. This seems more than necessary because both can run on a single WQ. Both do not block on locks requiring a memory allocation nor perform any allocations themselves. We will save one rescuer thread this way. On the other hand drain_all_pages() queues work on the system wq which doesn't have rescuer and so this depend on memory allocation (when all workers are stuck allocating and new ones cannot be created). Initially we thought this would be more of a theoretical problem but Hugh Dickins has reported: : 4.11-rc has been giving me hangs after hours of swapping load. At : first they looked like memory leaks ("fork: Cannot allocate memory"); : but for no good reason I happened to do "cat /proc/sys/vm/stat_refresh" : before looking at /proc/meminfo one time, and the stat_refresh stuck : in D state, waiting for completion of flush_work like many kworkers. : kthreadd waiting for completion of flush_work in drain_all_pages(). This worker should be using WQ_RECLAIM as well in order to guarantee a forward progress. We can reuse the same one as for lru draining and vmstat. Link: http://lkml.kernel.org/r/20170307131751.24936-1-mhocko@kernel.org Signed-off-by: Michal Hocko <mhocko@suse.com> Suggested-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Acked-by: Vlastimil Babka <vbabka@suse.cz> Acked-by: Mel Gorman <mgorman@suse.de> Tested-by: Yang Li <pku.leo@gmail.com> Tested-by: Hugh Dickins <hughd@google.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for ce61287 - Browse repository at this point
Copy the full SHA ce61287View commit details -
Merge branch 'akpm' (patches from Andrew)
Merge misc fixes from Andrew Morton: "10 fixes" * emailed patches from Andrew Morton <akpm@linux-foundation.org>: mm: move pcp and lru-pcp draining into single wq mailmap: update Yakir Yang email address mm, swap_cgroup: reschedule when neeed in swap_cgroup_swapoff() dax: fix radix tree insertion race mm, thp: fix setting of defer+madvise thp defrag mode ptrace: fix PTRACE_LISTEN race corrupting task->state vmlinux.lds: add missing VMLINUX_SYMBOL macros mm/page_alloc.c: fix print order in show_free_areas() userfaultfd: report actual registered features in fdinfo mm: fix page_vma_mapped_walk() for ksm pages
Configuration menu - View commit details
-
Copy full SHA for 56c2997 - Browse repository at this point
Copy the full SHA 56c2997View commit details -
Merge branch 'stable-4.11' of git://git.infradead.org/users/pcmoore/a…
…udit Pull audit cleanup from Paul Moore: "A week later than I had hoped, but as promised, here is the audit uninline-fix we talked about during the last audit pull request. The patch is slightly different than what we originally discussed as it made more sense to keep the audit_signal_info() function in auditsc.c rather than move it and bunch of other related variables/definitions into audit.c/audit.h. At some point in the future I need to look at how the audit code is organized across kernel/audit*, I suspect we could do things a bit better, but it doesn't seem like a -rc release is a good place for that ;) Regardless, this patch passes our tests without problem and looks good for v4.11" * 'stable-4.11' of git://git.infradead.org/users/pcmoore/audit: audit: move audit_signal_info() into kernel/auditsc.c
Configuration menu - View commit details
-
Copy full SHA for 62fedca - Browse repository at this point
Copy the full SHA 62fedcaView commit details -
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull KVM fixes from Radim Krčmář: "ARM: - Fix a problem with GICv3 userspace save/restore - Clarify GICv2 userspace save/restore ABI - Be more careful in clearing GIC LRs - Add missing synchronization primitive to our MMU handling code PPC: - Check for a NULL return from kzalloc s390: - Prevent translation exception errors on valid page tables for the instruction-exection-protection support x86: - Fix Page-Modification Logging when running a nested guest" * tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: KVM: PPC: Book3S HV: Check for kmalloc errors in ioctl KVM: nVMX: initialize PML fields in vmcs02 KVM: nVMX: do not leak PML full vmexit to L1 KVM: arm/arm64: vgic: Fix GICC_PMR uaccess on GICv3 and clarify ABI KVM: arm64: Ensure LRs are clear when they should be kvm: arm/arm64: Fix locking for kvm_free_stage2_pgd KVM: s390: remove change-recording override support arm/arm64: KVM: Take mmap_sem in kvm_arch_prepare_memory_region arm/arm64: KVM: Take mmap_sem in stage2_unmap_vm
Configuration menu - View commit details
-
Copy full SHA for 542380a - Browse repository at this point
Copy the full SHA 542380aView commit details -
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc
Pull sparc fixes from David Miller: "Several fixes here, mostly having to due with either build errors or memory corruptions depending upon whether you have THP enabled or not" * git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc: sparc: remove unused wp_works_ok macro sparc32: Export vac_cache_size to fix build error sparc64: Fix memory corruption when THP is enabled sparc64: Fix kernel panic due to erroneous #ifdef surrounding pmd_write() arch/sparc: Avoid DCTI Couples sparc64: kern_addr_valid regression sparc64: Add support for 2G hugepages sparc64: Fix size check in huge_pte_alloc
Configuration menu - View commit details
-
Copy full SHA for 8b65bb5 - Browse repository at this point
Copy the full SHA 8b65bb5View commit details -
staging: android: ashmem: lseek failed due to no FMODE_LSEEK.
vfs_llseek will check whether the file mode has FMODE_LSEEK, no return failure. But ashmem can be lseek, so add FMODE_LSEEK to ashmem file. Comment From Greg Hackmann: ashmem_llseek() passes the llseek() call through to the backing shmem file. 91360b0 ("ashmem: use vfs_llseek()") changed this from directly calling the file's llseek() op into a VFS layer call. This also adds a check for the FMODE_LSEEK bit, so without that bit ashmem_llseek() now always fails with -ESPIPE. Fixes: 91360b0 ("ashmem: use vfs_llseek()") Signed-off-by: Shuxiao Zhang <zhangshuxiao@xiaomi.com> Tested-by: Greg Hackmann <ghackmann@google.com> Cc: stable <stable@vger.kernel.org> # 3.18+ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Configuration menu - View commit details
-
Copy full SHA for 97fbfef - Browse repository at this point
Copy the full SHA 97fbfefView commit details -
Documentation: stable-kernel-rules: fix stable-tag format
A patch documenting how to specify which kernels a particular fix should be backported to (seemingly) inadvertently added a minus sign after the kernel version. This particular stable-tag format had never been used prior to this patch, and was neither present when the patch in question was first submitted (it was added in v2 without any comment). Drop the minus sign to avoid any confusion. Fixes: fdc81b7 ("stable_kernel_rules: Add clause about specification of kernel versions to patch.") Signed-off-by: Johan Hovold <johan@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Configuration menu - View commit details
-
Copy full SHA for cf903e9 - Browse repository at this point
Copy the full SHA cf903e9View commit details -
sysfs: be careful of error returns from ops->show()
ops->show() can return a negative error code. Commit 65da348 ("sysfs: correctly handle short reads on PREALLOC attrs.") (in v4.4) caused this to be stored in an unsigned 'size_t' variable, so errors would look like large numbers. As a result, if an error is returned, sysfs_kf_read() will return the value of 'count', typically 4096. Commit 17d0774 ("sysfs: correctly handle read offset on PREALLOC attrs") (in v4.8) extended this error to use the unsigned large 'len' as a size for memmove(). Consequently, if ->show returns an error, then the first read() on the sysfs file will return 4096 and could return uninitialized memory to user-space. If the application performs a subsequent read, this will trigger a memmove() with extremely large count, and is likely to crash the machine is bizarre ways. This bug can currently only be triggered by reading from an md sysfs attribute declared with __ATTR_PREALLOC() during the brief period between when mddev_put() deletes an mddev from the ->all_mddevs list, and when mddev_delayed_delete() - which is scheduled on a workqueue - completes. Before this, an error won't be returned by the ->show() After this, the ->show() won't be called. I can reproduce it reliably only by putting delay like usleep_range(500000,700000); early in mddev_delayed_delete(). Then after creating an md device md0 run echo clear > /sys/block/md0/md/array_state; cat /sys/block/md0/md/array_state The bug can be triggered without the usleep. Fixes: 65da348 ("sysfs: correctly handle short reads on PREALLOC attrs.") Fixes: 17d0774 ("sysfs: correctly handle read offset on PREALLOC attrs") Cc: stable@vger.kernel.org Signed-off-by: NeilBrown <neilb@suse.com> Acked-by: Tejun Heo <tj@kernel.org> Reported-and-tested-by: Miroslav Benes <mbenes@suse.cz> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Configuration menu - View commit details
-
Copy full SHA for c8a139d - Browse repository at this point
Copy the full SHA c8a139dView commit details -
MAINTAINERS: separate out kernfs maintainership
Separate out kernfs from driver core and add myself as a co-maintainer. Signed-off-by: Tejun Heo <tj@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Configuration menu - View commit details
-
Copy full SHA for 27f395b - Browse repository at this point
Copy the full SHA 27f395bView commit details -
sysctl: report EINVAL if value is larger than UINT_MAX for proc_douin…
…tvec Currently, inputting the following command will succeed but actually the value will be truncated: # echo 0x12ffffffff > /proc/sys/net/ipv4/tcp_notsent_lowat This is not friendly to the user, so instead, we should report error when the value is larger than UINT_MAX. Fixes: e7d316a ("sysctl: handle error writing UINT_MAX to u32 fields") Signed-off-by: Liping Zhang <zlpnobody@gmail.com> Cc: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for 425fffd - Browse repository at this point
Copy the full SHA 425fffdView commit details -
mm/mempolicy.c: fix error handling in set_mempolicy and mbind.
In the case that compat_get_bitmap fails we do not want to copy the bitmap to the user as it will contain uninitialized stack data and leak sensitive data. Signed-off-by: Chris Salls <salls@cs.ucsb.edu> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Configuration menu - View commit details
-
Copy full SHA for cf01fb9 - Browse repository at this point
Copy the full SHA cf01fb9View commit details -
Merge tag 'powerpc-4.11-7' of git://git.kernel.org/pub/scm/linux/kern…
…el/git/powerpc/linux Pull powerpc fixes from Michael Ellerman: "Some more powerpc fixes for 4.11: Headed to stable: - disable HFSCR[TM] if TM is not supported, fixes a potential host kernel crash triggered by a hostile guest, but only in configurations that no one uses - don't try to fix up misaligned load-with-reservation instructions - fix flush_(d|i)cache_range() called from modules on little endian kernels - add missing global TLB invalidate if cxl is active - fix missing preempt_disable() in crc32c-vpmsum And a fix for selftests build changes that went in this release: - selftests/powerpc: Fix standalone powerpc build Thanks to: Benjamin Herrenschmidt, Frederic Barrat, Oliver O'Halloran, Paul Mackerras" * tag 'powerpc-4.11-7' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux: powerpc/crypto/crc32c-vpmsum: Fix missing preempt_disable() powerpc/mm: Add missing global TLB invalidate if cxl is active powerpc/64: Fix flush_(d|i)cache_range() called from modules powerpc: Don't try to fix up misaligned load-with-reservation instructions powerpc: Disable HFSCR[TM] if TM is not supported selftests/powerpc: Fix standalone powerpc build
Configuration menu - View commit details
-
Copy full SHA for 894ca30 - Browse repository at this point
Copy the full SHA 894ca30View commit details -
Merge tag 'pinctrl-v4.11-4' of git://git.kernel.org/pub/scm/linux/ker…
…nel/git/linusw/linux-pinctrl Pull pin control fix from Linus Walleij: "This late fix for pin control is hopefully the last I send this cycle. The problem was detected early in the v4.11 release cycle and there has been some back and forth on how to solve it. Sadly the proper fix arrives late, but at least not too late. An issue was detected with pin control on the Freescale i.MX after the refactorings for more general group and function handling. We now have the proper fix for this" * tag 'pinctrl-v4.11-4' of git://git.kernel.org/pub/scm/linux/kernel/git/linusw/linux-pinctrl: pinctrl: core: Fix pinctrl_register_and_init() with pinctrl_enable()
Configuration menu - View commit details
-
Copy full SHA for c3df1c7 - Browse repository at this point
Copy the full SHA c3df1c7View commit details -
Merge branch 'for-linus' of git://git.kernel.dk/linux-block
Pull block fixes from Jens Axboe: "Here's a pull request for 4.11-rc, fixing a set of issues mostly centered around the new scheduling framework. These have been brewing for a while, but split up into what we absolutely need in 4.11, and what we can defer until 4.12. These are well tested, on both single queue and multiqueue setups, and with and without shared tags. They fix several hangs that have happened in testing. This is obviously larger than I would have preferred at this point in time, but I don't think we can shave much off this and still get the desired results. In detail, this pull request contains: - a set of five fixes for NVMe, mostly from Christoph and one from Roland. - a series from Bart, fixing issues with dm-mq and SCSI shared tags and scheduling. Note that one of those patches commit messages may read like an optimization, but it is in fact an important fix for queue restarts in particular. - a series from Omar, most importantly fixing a hang with multiple hardware queues when we fail to get a driver tag. Another important fix in there is for resizing hardware queues, which nbd does when handling multiple sockets for one connection. - fixing an imbalance in putting the ctx for hctx request allocations from Minchan" * 'for-linus' of git://git.kernel.dk/linux-block: blk-mq: Restart a single queue if tag sets are shared dm rq: Avoid that request processing stalls sporadically scsi: Avoid that SCSI queues get stuck blk-mq: Introduce blk_mq_delay_run_hw_queue() blk-mq: remap queues when adding/removing hardware queues blk-mq-sched: fix crash in switch error path blk-mq-sched: set up scheduler tags when bringing up new queues blk-mq-sched: refactor scheduler initialization blk-mq: use the right hctx when getting a driver tag fails nvmet: fix byte swap in nvmet_parse_io_cmd nvmet: fix byte swap in nvmet_execute_write_zeroes nvmet: add missing byte swap in nvmet_get_smart_log nvme: add missing byte swap in nvme_setup_discard nvme: Correct NVMF enum values to match NVMe-oF rev 1.0 block: do not put mq context in blk_mq_alloc_request_hctx
Configuration menu - View commit details
-
Copy full SHA for 78d91a7 - Browse repository at this point
Copy the full SHA 78d91a7View commit details
Commits on Apr 9, 2017
-
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel…
…/git/viro/vfs Pull VFS fixes from Al Viro: "statx followup fixes and a fix for stack-smashing on alpha" * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: alpha: fix stack smashing in old_adjtimex(2) statx: Include a mask for stx_attributes in struct statx statx: Reserve the top bit of the mask for future struct expansion xfs: report crtime and attribute flags to statx ext4: Add statx support statx: optimize copy of struct statx to userspace statx: remove incorrect part of vfs_statx() comment statx: reject unknown flags when using NULL path Documentation/filesystems: fix documentation for ->getattr()
Configuration menu - View commit details
-
Copy full SHA for 2a610b8 - Browse repository at this point
Copy the full SHA 2a610b8View commit details -
Merge tag 'staging-4.11-rc6' of git://git.kernel.org/pub/scm/linux/ke…
…rnel/git/gregkh/staging Pull staging/IIO driver rfixes from Greg KH: "Here are a number of small IIO and staging driver fixes for 4.11-rc6. Nothing big here, just iio fixes for reported issues, and an ashmem fix for a very old bug that has been reported by a number of Android vendors" * tag 'staging-4.11-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging: staging: android: ashmem: lseek failed due to no FMODE_LSEEK. iio: hid-sensor-attributes: Fix sensor property setting failure. iio: accel: hid-sensor-accel-3d: Fix duplicate scan index error iio: core: Fix IIO_VAL_FRACTIONAL_LOG2 for negative values iio: st_pressure: initialize lps22hb bootime iio: bmg160: reset chip when probing iio: cros_ec_sensors: Fix return value to get raw and calibbias data.
Configuration menu - View commit details
-
Copy full SHA for 62e1fd0 - Browse repository at this point
Copy the full SHA 62e1fd0View commit details -
Merge tag 'driver-core-4.11-rc6' of git://git.kernel.org/pub/scm/linu…
…x/kernel/git/gregkh/driver-core Pull driver core fixes from Greg KH: "Here are 3 small fixes for 4.11-rc6. One resolves a reported issue with sysfs files that NeilBrown found, one is a documenatation fix for the stable kernel rules, and the last is a small MAINTAINERS file update for kernfs" * tag 'driver-core-4.11-rc6' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core: MAINTAINERS: separate out kernfs maintainership sysfs: be careful of error returns from ops->show() Documentation: stable-kernel-rules: fix stable-tag format
Configuration menu - View commit details
-
Copy full SHA for 5b50be7 - Browse repository at this point
Copy the full SHA 5b50be7View commit details -
Merge branch 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm
Pull ARM fixes from Russell King: "A number of ARM fixes: - prevent oopses caused by dma_get_sgtable() and declared DMA coherent memory - fix boot failure on nommu caused by ID_PFR1 access - a number of kprobes fixes from Jon Medhurst and Masami Hiramatsu" * 'fixes' of git://git.armlinux.org.uk/~rmk/linux-arm: ARM: 8665/1: nommu: access ID_PFR1 only if CPUID scheme ARM: dma-mapping: disallow dma_get_sgtable() for non-kernel managed memory arm: kprobes: Align stack to 8-bytes in test code arm: kprobes: Fix the return address of multiple kretprobes arm: kprobes: Skip single-stepping in recursing path if possible arm: kprobes: Allow to handle reentered kprobe on single-stepping
Configuration menu - View commit details
-
Copy full SHA for 462e9a3 - Browse repository at this point
Copy the full SHA 462e9a3View commit details -
Merge branch 'for-next' of git://git.samba.org/sfrench/cifs-2.6
Pull CIFS fixes from Steve French: "This is a set of CIFS/SMB3 fixes for stable. There is another set of four SMB3 reconnect fixes for stable in progress but they are still being reviewed/tested, so didn't want to wait any longer to send these five below" * 'for-next' of git://git.samba.org/sfrench/cifs-2.6: Reset TreeId to zero on SMB2 TREE_CONNECT CIFS: Fix build failure with smb2 Introduce cifs_copy_file_range() SMB3: Rename clone_range to copychunk_range Handle mismatched open calls
Configuration menu - View commit details
-
Copy full SHA for 84ced7f - Browse repository at this point
Copy the full SHA 84ced7fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 39da7c5 - Browse repository at this point
Copy the full SHA 39da7c5View commit details
Commits on Apr 10, 2017
-
audit: make sure we don't let the retry queue grow without bounds
The retry queue is intended to provide a temporary buffer in the case of transient errors when communicating with auditd, it is not meant as a long life queue, that functionality is provided by the hold queue. This patch fixes a problem identified by Seth where the retry queue could grow uncontrollably if an auditd instance did not connect to the kernel to drain the queues. This commit fixes this by doing the following: * Make sure we always call auditd_reset() if we decide the connection with audit is really dead. There were some cases in kauditd_hold_skb() where we did not reset the connection, this patch relocates the reset calls to kauditd_thread() so all the error conditions are caught and the connection reset. As a side effect, this means we could move auditd_reset() and get rid of the forward definition at the top of kernel/audit.c. * We never checked the status of the auditd connection when processing the main audit queue which meant that the retry queue could grow unchecked. This patch adds a call to auditd_reset() after the main queue has been processed if auditd is not connected, the auditd_reset() call will make sure the retry and hold queues are correctly managed/flushed so that the retry queue remains reasonable. Cc: <stable@vger.kernel.org> # 4.10.x-: 5b52330 Reported-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
Configuration menu - View commit details
-
Copy full SHA for 264d509 - Browse repository at this point
Copy the full SHA 264d509View commit details -
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git…
…/herbert/crypto-2.6 Pull crypto fixes from Herbert Xu: "This fixes a number of bugs in the caam driver: - device creation fails after release - error-path NULL-pointer dereference - spurious hardware error in RNG deinstantiation" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: caam - fix RNG deinstantiation error checking crypto: caam - fix invalid dereference in caam_rsa_init_tfm() crypto: caam - fix JR platform device subsequent (re)creations
Configuration menu - View commit details
-
Copy full SHA for c08e611 - Browse repository at this point
Copy the full SHA c08e611View commit details
Commits on Apr 11, 2017
-
cgroup: avoid attaching a cgroup root to two different superblocks
Run this: touch file0 for ((; ;)) { mount -t cpuset xxx file0 } And this concurrently: touch file1 for ((; ;)) { mount -t cpuset xxx file1 } We'll trigger a warning like this: ------------[ cut here ]------------ WARNING: CPU: 1 PID: 4675 at lib/percpu-refcount.c:317 percpu_ref_kill_and_confirm+0x92/0xb0 percpu_ref_kill_and_confirm called more than once on css_release! CPU: 1 PID: 4675 Comm: mount Not tainted 4.11.0-rc5+ #5 Hardware name: Bochs Bochs, BIOS Bochs 01/01/2007 Call Trace: dump_stack+0x63/0x84 __warn+0xd1/0xf0 warn_slowpath_fmt+0x5f/0x80 percpu_ref_kill_and_confirm+0x92/0xb0 cgroup_kill_sb+0x95/0xb0 deactivate_locked_super+0x43/0x70 deactivate_super+0x46/0x60 ... ---[ end trace a79f61c2a2633700 ]--- Here's a race: Thread A Thread B cgroup1_mount() # alloc a new cgroup root cgroup_setup_root() cgroup1_mount() # no sb yet, returns NULL kernfs_pin_sb() # but succeeds in getting the refcnt, # so re-use cgroup root percpu_ref_tryget_live() # alloc sb with cgroup root cgroup_do_mount() cgroup_kill_sb() # alloc another sb with same root cgroup_do_mount() cgroup_kill_sb() We end up using the same cgroup root for two different superblocks, so percpu_ref_kill() will be called twice on the same root when the two superblocks are destroyed. We should fix to make sure the superblock pinning is really successful. Cc: stable@vger.kernel.org # 3.16+ Reported-by: Dmitry Vyukov <dvyukov@google.com> Signed-off-by: Zefan Li <lizefan@huawei.com> Signed-off-by: Tejun Heo <tj@kernel.org>
Configuration menu - View commit details
-
Copy full SHA for bfb0b80 - Browse repository at this point
Copy the full SHA bfb0b80View commit details -
sata_via: Enable hotplug only on VT6421
Commit 57e5568 ("sata_via: Implement hotplug for VT6421") adds hotplug IRQ handler for VT6421 but enables hotplug on all chips. This is a bug because it causes "irq xx: nobody cared" error on VT6420 when hot-(un)plugging a drive: [ 381.839948] irq 20: nobody cared (try booting with the "irqpoll" option) [ 381.840014] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.10.0-rc5+ #148 [ 381.840066] Hardware name: P4VM800/P4VM800, BIOS P1.60 05/29/2006 [ 381.840117] Call Trace: [ 381.840167] <IRQ> [ 381.840225] ? dump_stack+0x44/0x58 [ 381.840278] ? __report_bad_irq+0x14/0x97 [ 381.840327] ? handle_edge_irq+0xa5/0xa5 [ 381.840376] ? note_interrupt+0x155/0x1cf [ 381.840426] ? handle_edge_irq+0xa5/0xa5 [ 381.840474] ? handle_irq_event_percpu+0x32/0x38 [ 381.840524] ? handle_irq_event+0x1f/0x38 [ 381.840573] ? handle_fasteoi_irq+0x69/0xb8 [ 381.840625] ? handle_irq+0x4f/0x5d [ 381.840672] </IRQ> [ 381.840726] ? do_IRQ+0x2e/0x8b [ 381.840782] ? common_interrupt+0x2c/0x34 [ 381.840836] ? mwait_idle+0x60/0x82 [ 381.840892] ? arch_cpu_idle+0x6/0x7 [ 381.840949] ? do_idle+0x96/0x18e [ 381.841002] ? cpu_startup_entry+0x16/0x1a [ 381.841057] ? start_kernel+0x319/0x31c [ 381.841111] ? startup_32_smp+0x166/0x168 [ 381.841165] handlers: [ 381.841219] [<c12a7263>] ata_bmdma_interrupt [ 381.841274] Disabling IRQ #20 Seems that VT6420 can do hotplug too (there's no documentation) but the comments say that SCR register access (required for detecting hotplug events) can cause problems on these chips. For now, just keep hotplug disabled on anything other than VT6421. Signed-off-by: Ondrej Zary <linux@rainbow-software.org> Signed-off-by: Tejun Heo <tj@kernel.org>
Configuration menu - View commit details
-
Copy full SHA for 3cf8645 - Browse repository at this point
Copy the full SHA 3cf8645View commit details -
Revert "HID: rmi: Handle all Synaptics touchpads using hid-rmi"
This reverts commit 279967a. Multiple regressions [1] [2] [3] have been reported. The hid-rmi support would have to fixed and redone in 4.11+. [1] http://lkml.kernel.org/r/b79b88c8-770a-13f6-5668-c3a94254e5e0@gmail.com [2] http://lkml.kernel.org/r/375e67b5-2cb8-3491-1d71-d8650d6e9451@gmail.com [3] https://bugzilla.kernel.org/show_bug.cgi?id=195287 Reported-by: Cameron Gutman <aicommander@gmail.com> Reported-by: Gabriele Mazzotta <gabriele.mzt@gmail.com> Reported-by: Lorenzo J. Lucchini <ljlbox@tiscali.it> Reported-by: Thorsten Leemhuis <linux@leemhuis.info> Signed-off-by: Jiri Kosina <jkosina@suse.cz>
Jiri Kosina committedApr 11, 2017 Configuration menu - View commit details
-
Copy full SHA for 84379d8 - Browse repository at this point
Copy the full SHA 84379d8View commit details
Commits on Apr 12, 2017
-
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel…
…/git/jikos/hid Pull HID fixes from Jiri Kosina: - revert of a commit that switched all Synaptics touchpads over to be driven by hid-rmi. It turns out that this caused several user-visible regressions, and therefore we revert back to the original state before all the reported issues have been fixed. - a new uclogic device ID addition, from Xiaolei Yu. * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid: Revert "HID: rmi: Handle all Synaptics touchpads using hid-rmi" HID: uclogic: add support for Ugee Tablet EX07S
Configuration menu - View commit details
-
Copy full SHA for fe251c4 - Browse repository at this point
Copy the full SHA fe251c4View commit details -
Merge branch 'for-4.11-fixes' of git://git.kernel.org/pub/scm/linux/k…
…ernel/git/tj/libata Pull libata fixes from Tejun Heo: "Two libata fixes. One to disable hotplug on VT6420 which never worked properly. The other reverts an earlier patch which disabled the second port on SB600/700. There were some confusions due to earlier datasheets which incorrectly indicated that the second port is not implemented on both SB600 and 700" * 'for-4.11-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/libata: sata_via: Enable hotplug only on VT6421 Revert "pata_atiixp: Don't use unconnected secondary port on SB600/SB700"
Configuration menu - View commit details
-
Copy full SHA for af94bdf - Browse repository at this point
Copy the full SHA af94bdfView commit details -
Merge branch 'for-4.11-fixes' of git://git.kernel.org/pub/scm/linux/k…
…ernel/git/tj/cgroup Pull cgroup fixes from Tejun Heo: "This contains fixes for two long standing subtle bugs: - kthread_bind() on a new kthread binds it to specific CPUs and prevents userland from messing with the affinity or cgroup membership. Unfortunately, for cgroup membership, there's a window between kthread creation and kthread_bind*() invocation where the kthread can be moved into a non-root cgroup by userland. Depending on what controllers are in effect, this can assign the kthread unexpected attributes. For example, in the reported case, workqueue workers ended up in a non-root cpuset cgroups and had their CPU affinities overridden. This broke workqueue invariants and led to workqueue stalls. Fixed by closing the window between kthread creation and kthread_bind() as suggested by Oleg. - There was a bug in cgroup mount path which could allow two competing mount attempts to attach the same cgroup_root to two different superblocks. This was caused by mishandling return value from kernfs_pin_sb(). Fixed" * 'for-4.11-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup: cgroup: avoid attaching a cgroup root to two different superblocks cgroup, kthread: close race window where new kthreads can be migrated to non-root cgroups
Configuration menu - View commit details
-
Copy full SHA for 06ea4c3 - Browse repository at this point
Copy the full SHA 06ea4c3View commit details -
Merge git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending
Pull SCSI target fixes from Nicholas Bellinger: "There has been work in a number of different areas over the last weeks, including: - Fix target-core-user (TCMU) back-end bi-directional handling (Xiubo Li + Mike Christie + Ilias Tsitsimpis) - Fix iscsi-target TMR reference leak during session shutdown (Rob Millner + Chu Yuan Lin) - Fix target_core_fabric_configfs.c race between LUN shutdown + mapped LUN creation (James Shen) - Fix target-core unknown fabric callback queue-full errors (Potnuri Bharat Teja) - Fix iscsi-target + iser-target queue-full handling in order to support iw_cxgb4 RNICs. (Potnuri Bharat Teja + Sagi Grimberg) - Fix ALUA transition state race between multiple initiator (Mike Christie) - Drop work-around for legacy GlobalSAN initiator, to allow QLogic 57840S + 579xx offload HBAs to work out-of-the-box in MSFT environments. (Martin Svec + Arun Easi) Note that a number are CC'ed for stable, and although the queue-full bug-fixes required for iser-target to work with iw_cxgb4 aren't CC'ed here, they'll be posted to Greg-KH separately" * git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending: tcmu: Skip Data-Out blocks before gathering Data-In buffer for BIDI case iscsi-target: Drop work-around for legacy GlobalSAN initiator target: Fix ALUA transition state race between multiple initiators iser-target: avoid posting a recv buffer twice iser-target: Fix queue-full response handling iscsi-target: Propigate queue_data_in + queue_status errors target: Fix unknown fabric callback queue-full errors tcmu: Fix wrongly calculating of the base_command_size tcmu: Fix possible overwrite of t_data_sg's last iov[] target: Avoid mappedlun symlink creation during lun shutdown iscsi-target: Fix TMR reference leak during session shutdown usb: gadget: Correct usb EP argument for BOT status request tcmu: Allow cmd_time_out to be set to zero (disabled)
Configuration menu - View commit details
-
Copy full SHA for 025def9 - Browse repository at this point
Copy the full SHA 025def9View commit details -
Merge branch 'stable-4.11' of git://git.infradead.org/users/pcmoore/a…
…udit Pull audit fix from Paul Moore: "One more small audit fix, this should be the last for v4.11. Seth Forshee noticed a problem where the audit retry queue wasn't being flushed properly when audit was enabled and the audit daemon wasn't running; this patches fixes the problem (see the commit description for more details on the change). Both Seth and I have tested this and everything looks good" * 'stable-4.11' of git://git.infradead.org/users/pcmoore/audit: audit: make sure we don't let the retry queue grow without bounds
Configuration menu - View commit details
-
Copy full SHA for b9b3322 - Browse repository at this point
Copy the full SHA b9b3322View commit details