bka
803 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Pavankumar Kondeti
|
74a8607aa7 |
sched/walt: Fix the memory leak of idle task load pointers
The memory for task load pointers are allocated twice for each idle thread except for the boot CPU. This happens during boot from idle_threads_init()->idle_init() in the following 2 paths. 1. idle_init()->fork_idle()->copy_process()-> sched_fork()->init_new_task_load() 2. idle_init()->fork_idle()-> init_idle()->init_new_task_load() The memory allocation for all tasks happens through the 1st path, so use the same for idle tasks and kill the 2nd path. Since the idle thread of boot CPU does not go through fork_idle(), allocate the memory for it separately. Change-Id: I4696a414ffe07d4114b56d326463026019e278f1 Signed-off-by: Pavankumar Kondeti <pkondeti@codeaurora.org> (cherry picked from commit eb58f47212c9621be82108de57bcf3e94ce1035a) |
||
|
Angelo G. Del Regno
|
e7a8a5f04c |
Backport new vmalloc for "large performance benefits"
This is a backport from Linux 5.2-rc1 of a patch series to greatly enhance vmalloc's performance especially on embedded systems, plus all of its dependencies that were missing in kernel 4.9. For all the informations, refer to LKML: https://lkml.org/lkml/2018/10/19/786 Brief informations: Currently an allocation of the new VA area is done over busy list iteration until a suitable hole is found between two busy areas. Therefore each new allocation causes the list being grown. Due to long list and different permissive parameters an allocation can take a long time on embedded devices(milliseconds). This patch organizes the vmalloc memory layout into free areas of the VMALLOC_START-VMALLOC_END range. It uses a red-black tree that keeps blocks sorted by their offsets in pair with linked list keeping the free space in order of increasing addresses. Quote Phoronix: With this patch from Uladzislau Rezki, calling vmalloc() can take up to 67% less time compared to the behavior on Linux 5.1 and prior, at least with tests done by the developer under QEMU. Personal tests are showing that the device is more responsive when memory pressure is high and when huge allocations are to be done, it's also noticeably faster in this case, like when starting Chrome with more than 100 opened tabs after a system reboot (so, an uncached complete load of it). Shameless kanged from: https://github.com/sonyxperiadev/kernel / Pull Request 2016 |
||
|
Yaroslav Furman
|
8dd51ea7a5 |
fork: queue mmput_async to a highpri workqueue
Signed-off-by: Yaroslav Furman <yaro330@gmail.com> Signed-off-by: Yousef Algadri <yusufgadrie@gmail.com> |
||
|
Rik van Riel
|
812cf2ac92 |
fork,random: use get_random_canary() to set tsk->stack_canary
Use the ascii-armor canary to prevent unterminated C string overflows from being able to successfully overwrite the canary, even if they somehow obtain the canary value. Inspired by execshield ascii-armor and Daniel Micay's linux-hardened tree. Link: http://lkml.kernel.org/r/20170524155751.424-3-riel@redhat.com Signed-off-by: Rik van Riel <riel@redhat.com> Acked-by: Kees Cook <keescook@chromium.org> Cc: Daniel Micay <danielmicay@gmail.com> Cc: "Theodore Ts'o" <tytso@mit.edu> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Ingo Molnar <mingo@kernel.org> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Yoshinori Sato <ysato@users.sourceforge.jp> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Chenyang Zhong <zhongcy95@gmail.com> Change-Id: Ifec581ea30e0e4f0f72230d8f67fdf0e6584ad32 |
||
|
Wilson Sung
|
fa8bc31678 |
Merge android-4.9-q (4.9.284) into android-msm-pixel-4.9-sc-lts
Merge 4.9.284 into android-4.9-q
Linux 4.9.284
* sctp: validate from_addr_param return
include/net/sctp/structs.h
drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV
blk-throttle: fix UAF by deleteing timer in blk_throtl_exit()
nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group
nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group
nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group
nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group
nilfs2: fix NULL pointer in nilfs_##name##_attr_release
nilfs2: fix memory leak in nilfs_sysfs_create_device_group
ceph: lockdep annotations for try_nonblocking_invalidate
dmaengine: xilinx_dma: Set DMA mask for coherent APIs
* dmaengine: ioat: depends on !UML
drivers/dma/Kconfig
parisc: Move pci_dev_is_behind_card_dino to where it is used
pwm: lpc32xx: Don't modify HW state in .probe() after the PWM chip was registered
* profiling: fix shift-out-of-bounds bugs
kernel/profile.c
* prctl: allow to setup brk for et_dyn executables
kernel/sys.c
9p/trans_virtio: Remove sysfs file on probe failure
thermal/drivers/exynos: Fix an error code in exynos_tmu_probe()
dmaengine: acpi: Avoid comparison GSI with Linux vIRQ
sctp: add param size validation for SCTP_PARAM_SET_PRIMARY
sctp: validate chunk size in __rcv_asconf_lookup
* staging: android: ion: fix page is NULL
drivers/staging/android/ion/ion_system_heap.c
crypto: talitos - fix max key size for sha384 and sha512
* PM / wakeirq: Fix unbalanced IRQ enable for wakeirq
drivers/base/power/wakeirq.c
s390/bpf: Fix optimizing out zero-extensions
Merge 4.9.283 into android-4.9-q
Linux 4.9.283
s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant
net: renesas: sh_eth: Fix freeing wrong tx descriptor
qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom
net: dsa: b53: Fix calculating number of switch ports
ARC: export clear_user_page() for modules
mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()'
* PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n
include/linux/pci.h
ethtool: Fix an error code in cxgb2.c
net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920
mfd: Don't use irq_create_mapping() to resolve a mapping
dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation
x86/mm: Fix kern_addr_valid() to cope with existing but not present entries
* tcp: fix tp->undo_retrans accounting in tcp_sacktag_one()
net/ipv4/tcp_input.c
* net/af_unix: fix a data-race in unix_dgram_poll
include/linux/skbuff.h
net/unix/af_unix.c
* events: Reuse value read using READ_ONCE instead of re-reading it
kernel/events/core.c
tipc: increase timeout in tipc_sk_enqueue()
r6040: Restore MDIO clock frequency after MAC reset
* net/l2tp: Fix reference count leak in l2tp_udp_recv_core
net/l2tp/l2tp_core.c
dccp: don't duplicate ccid when cloning dccp sock
ptp: dp83640: don't define PAGE0
net-caif: avoid user-triggerable WARN_ON(1)
bnx2x: Fix enabling network interfaces without VFs
xen: reset legacy rtc flag for PV domU
platform/chrome: cros_ec_proto: Send command again when timeout occurs
memcg: enable accounting for pids in nested pid namespaces
* mm/hugetlb: initialize hugetlb_usage in mm_init
include/linux/hugetlb.h
kernel/fork.c
scsi: BusLogic: Fix missing pr_cont() use
parisc: fix crash with signals and alloca
net: w5100: check return value after calling platform_get_resource()
* net: fix NULL pointer reference in cipso_v4_doi_free
net/netlabel/netlabel_cipso_v4.c
ath9k: fix sleeping in atomic context
ath9k: fix OOB read ar9300_eeprom_restore_internal
parport: remove non-zero check on count
usbip: give back URBs for unsent unlink requests during cleanup
* Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set"
drivers/usb/host/xhci.c
cifs: fix wrong release in sess_alloc_buffer() failed path
mmc: rtsx_pci: Fix long reads when clock is prescaled
gfs2: Don't call dlm after protocol is unmounted
rpc: fix gss_svc_init cleanup on failure
ARM: tegra: tamonten: Fix UART pad setting
gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port()
* Bluetooth: avoid circular locks in sco_sock_connect
net/bluetooth/sco.c
net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe()
ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the matching in-/output
* Bluetooth: skip invalid hci_sync_conn_complete_evt
net/bluetooth/hci_event.c
ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init()
staging: ks7010: Fix the initialization of the 'sleep_status' structure
serial: 8250_pci: make setup_port() parameters explicitly unsigned
hvsi: don't panic on tty_register_driver failure
xtensa: ISS: don't panic in rs_init
serial: 8250: Define RX trigger levels for OxSemi 950 devices
s390/jump_label: print real address in a case of a jump label bug
* flow_dissector: Fix out-of-bounds warnings
net/core/flow_dissector.c
* ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs()
net/ipv4/ip_output.c
video: fbdev: riva: Error out if 'pixclock' equals zero
video: fbdev: kyro: Error out if 'pixclock' equals zero
video: fbdev: asiliantfb: Error out if 'pixclock' equals zero
bpf/tests: Do not PASS tests without actually testing the result
bpf/tests: Fix copy-and-paste error in double word test
tty: serial: jsm: hold port lock when reporting modem line changes
staging: board: Fix uninitialized spinlock when attaching genpd
* usb: gadget: composite: Allow bMaxPower=0 if self-powered
drivers/usb/gadget/composite.c
* usb: gadget: u_ether: fix a potential null pointer dereference
drivers/usb/gadget/function/u_ether.c
usb: host: fotg210: fix the actual_length of an iso packet
usb: host: fotg210: fix the endpoint's transactional opportunities calculation
* Smack: Fix wrong semantics in smk_access_entry()
security/smack/smack_access.c
* netlink: Deal with ESRCH error in nlmsg_notify()
net/netlink/af_netlink.c
video: fbdev: kyro: fix a DoS bug by restricting user input
iio: dac: ad5624r: Fix incorrect handling of an optional regulator.
* PCI: Use pci_update_current_state() in pci_enable_device_flags()
drivers/pci/pci.c
crypto: mxs-dcp - Use sg_mapping_iter to copy data
MIPS: Malta: fix alignment of the devicetree buffer
pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry()
openrisc: don't printk() unconditionally
* vfio: Use config not menuconfig for VFIO_NOIOMMU
drivers/vfio/Kconfig
* PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure
drivers/pci/syscall.c
* PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported
drivers/pci/quirks.c
ARM: 9105/1: atags_to_fdt: don't warn about stack size
libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs
media: rc-loopback: return number of emitters rather than error
media: uvc: don't do DMA on stack
VMCI: fix NULL pointer dereference when unmapping queue pair
power: supply: max17042: handle fails of reading status register
crypto: public_key: fix overflow during implicit conversion
xen: fix setting of max_pfn in shared_info
powerpc/perf/hv-gpci: Fix counter value parsing
* PCI/MSI: Skip masking MSI-X on Xen PV
drivers/pci/msi.c
rtc: tps65910: Correct driver module alias
* fbmem: don't allow too huge resolutions
drivers/video/fbdev/core/fbmem.c
clk: kirkwood: Fix a clocking boot regression
IMA: remove -Wmissing-prototypes warning
KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted
* tty: Fix data race between tiocsti() and flush_to_ldisc()
drivers/tty/tty_io.c
* ipv4: make exception cache less predictible
net/ipv4/route.c
bcma: Fix memory leak for internally-handled cores
ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point()
usb: ehci-orion: Handle errors of clk_prepare_enable() in probe
i2c: mt65xx: fix IRQ check
CIFS: Fix a potencially linear read overflow
mmc: moxart: Fix issue with uninitialized dma_slave_config
mmc: dw_mmc: Fix issue with uninitialized dma_slave_config
i2c: s3c2410: fix IRQ check
i2c: iop3xx: fix deferred probing
* Bluetooth: add timeout sanity check to hci_inquiry
net/bluetooth/hci_core.c
usb: gadget: mv_u3d: request_irq() after initializing UDC
usb: phy: tahvo: add IRQ check
usb: host: ohci-tmio: add IRQ check
* Bluetooth: Move shutdown callback before flushing tx and rx queue
net/bluetooth/hci_core.c
usb: phy: twl6030: add IRQ checks
usb: phy: fsl-usb: add IRQ check
usb: gadget: udc: at91: add IRQ check
drm/msm/dsi: Fix some reference counted resource leaks
* Bluetooth: fix repeated calls to sco_sock_kill
net/bluetooth/sco.c
arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7
Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow
soc: qcom: smsm: Fix missed interrupts if state changes while masked
* PCI: PM: Enable PME if it can be signaled from D3cold
drivers/pci/pci.c
i2c: highlander: add IRQ check
* net: cipso: fix warnings in netlbl_cipsov4_add_std
net/netlabel/netlabel_cipso_v4.c
* tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos
net/ipv4/tcp_ipv4.c
* Bluetooth: sco: prevent information leak in sco_conn_defer_accept()
net/bluetooth/sco.c
media: go7007: remove redundant initialization
media: dvb-usb: fix uninit-value in vp702x_read_mac_addr
media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init
* certs: Trigger creation of RSA module signing key if it's not an RSA key
certs/Makefile
crypto: qat - use proper type for vf_mask
spi: spi-pic32: Fix issue with uninitialized dma_slave_config
m68k: emu: Fix invalid free in nfeth_cleanup()
udf_get_extendedattr() had no boundary checks.
crypto: qat - do not export adf_iov_putmsg()
crypto: qat - fix naming for init/shutdown VF to PF notifications
crypto: qat - fix reuse of completion variable
crypto: qat - handle both source of interrupt in VF ISR
crypto: qat - do not ignore errors from enable_vf2pf_comms()
libata: fix ata_host_start()
power: supply: max17042_battery: fix typo in MAx17042_TOFF
udf: Check LVID earlier
crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop()
power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors
crypto: mxs-dcp - Check for DMA mapping errors
* regmap: fix the offset of register error log
drivers/base/regmap/regmap.c
* PCI: Call Max Payload Size-related fixup quirks early
drivers/pci/quirks.c
x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions
Revert "btrfs: compression: don't try to compress if we don't have enough pages"
* mm/page_alloc: speed up the iteration of max_order
mm/page_alloc.c
net: ll_temac: Remove left-over debug message
powerpc/boot: Delete unneeded .globl _zimage_start
powerpc/module64: Fix comment in R_PPC64_ENTRY handling
crypto: talitos - reduce max key size for SEC1
mm/kmemleak.c: make cond_resched() rate-limiting more efficient
s390/disassembler: correct disassembly lines alignment
* ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing table (v2)
net/ipv4/icmp.c
gfs2: Don't clear SGID when inheriting ACLs
nvme-pci: Fix an error handling path in 'nvme_probe()'
tc358743: fix register i2c_rd/wr function fix
* PM / wakeirq: Enable dedicated wakeirq for suspend
drivers/base/power/wakeirq.c
net/sched: cls_flower: Use mask for addr_type
USB: serial: mos7720: improve OOM-handling in read_mos_reg()
usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled
* igmp: Add ip_mc_list lock in ip_check_mc_rcu
net/ipv4/igmp.c
media: stkwebcam: fix memory leak in stk_camera_probe
ath9k: Postpone key cache entry deletion for TXQ frames reference it
ath: Modify ath_key_delete() to not need full key entry
ath: Export ath_hw_keysetmac()
ath9k: Clear key cache explicitly on disabling hardware
ath: Use safer key clearing with key cache entries
* ALSA: pcm: fix divide error in snd_pcm_lib_ioctl
sound/core/pcm_lib.c
ARM: 8918/2: only build return_address() if needed
* cryptoloop: add a deprecation warning
drivers/block/Kconfig
perf/x86/amd/ibs: Work around erratum #1197
qede: Fix memset corruption
qed: Fix the VF msix vectors flow
xtensa: fix kconfig unmet dependency warning for HAVE_FUTEX_CMPXCHG
mtd: nand: atmel_nand: remove build warning in atmel_nand_remove()
* ext4: fix race writing to an inline_data file while its xattrs are changing
fs/ext4/inline.c
Merge 4.9.282 into android-4.9-q
Linux 4.9.282
Revert "floppy: reintroduce O_NDELAY fix"
KVM: x86/mmu: Treat NX as used (not reserved) for all !TDP shadow MMUs
* fbmem: add margin check to fb_check_caps()
drivers/video/fbdev/core/fbmem.c
* vt_kdsetmode: extend console locking
drivers/tty/vt/vt_ioctl.c
net/rds: dma_map_sg is entitled to merge entries
vringh: Use wiov->used to check for read/write desc order
virtio: Improve vq->broken access to avoid any compiler optimization
net: marvell: fix MVNETA_TX_IN_PRGRS bit number
ip_gre: add validation for csum_start
e1000e: Fix the max snoop/no-snoop latency for 10M
IB/hfi1: Fix possible null-pointer dereference in _extend_sdma_tx_descs()
* usb: dwc3: gadget: Fix dwc3_calc_trbs_left()
drivers/usb/dwc3/gadget.c
USB: serial: option: add new VID/PID to support Fibocom FG150
Revert "USB: serial: ch341: fix character loss at high transfer rates"
can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters
ARC: Fix CONFIG_STACKDEPOT
Bug: 201722185
Change-Id: Ia09164e3bcbce03e2a295154246ba064c9c35795
Signed-off-by: Wilson Sung <wilsonsung@google.com>
|
||
|
Greg Kroah-Hartman
|
dc1c320e16 |
Merge 4.9.283 into android-4.9-q
Changes in 4.9.283 ext4: fix race writing to an inline_data file while its xattrs are changing mtd: nand: atmel_nand: remove build warning in atmel_nand_remove() xtensa: fix kconfig unmet dependency warning for HAVE_FUTEX_CMPXCHG qed: Fix the VF msix vectors flow qede: Fix memset corruption perf/x86/amd/ibs: Work around erratum #1197 cryptoloop: add a deprecation warning ARM: 8918/2: only build return_address() if needed ALSA: pcm: fix divide error in snd_pcm_lib_ioctl ath: Use safer key clearing with key cache entries ath9k: Clear key cache explicitly on disabling hardware ath: Export ath_hw_keysetmac() ath: Modify ath_key_delete() to not need full key entry ath9k: Postpone key cache entry deletion for TXQ frames reference it media: stkwebcam: fix memory leak in stk_camera_probe igmp: Add ip_mc_list lock in ip_check_mc_rcu usb: phy: isp1301: Fix build warning when CONFIG_OF is disabled USB: serial: mos7720: improve OOM-handling in read_mos_reg() net/sched: cls_flower: Use mask for addr_type PM / wakeirq: Enable dedicated wakeirq for suspend tc358743: fix register i2c_rd/wr function fix nvme-pci: Fix an error handling path in 'nvme_probe()' gfs2: Don't clear SGID when inheriting ACLs ipv4/icmp: l3mdev: Perform icmp error route lookup on source device routing table (v2) s390/disassembler: correct disassembly lines alignment mm/kmemleak.c: make cond_resched() rate-limiting more efficient crypto: talitos - reduce max key size for SEC1 powerpc/module64: Fix comment in R_PPC64_ENTRY handling powerpc/boot: Delete unneeded .globl _zimage_start net: ll_temac: Remove left-over debug message mm/page_alloc: speed up the iteration of max_order Revert "btrfs: compression: don't try to compress if we don't have enough pages" x86/reboot: Limit Dell Optiplex 990 quirk to early BIOS versions PCI: Call Max Payload Size-related fixup quirks early regmap: fix the offset of register error log crypto: mxs-dcp - Check for DMA mapping errors power: supply: axp288_fuel_gauge: Report register-address on readb / writeb errors crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop() udf: Check LVID earlier power: supply: max17042_battery: fix typo in MAx17042_TOFF libata: fix ata_host_start() crypto: qat - do not ignore errors from enable_vf2pf_comms() crypto: qat - handle both source of interrupt in VF ISR crypto: qat - fix reuse of completion variable crypto: qat - fix naming for init/shutdown VF to PF notifications crypto: qat - do not export adf_iov_putmsg() udf_get_extendedattr() had no boundary checks. m68k: emu: Fix invalid free in nfeth_cleanup() spi: spi-pic32: Fix issue with uninitialized dma_slave_config crypto: qat - use proper type for vf_mask certs: Trigger creation of RSA module signing key if it's not an RSA key media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init media: dvb-usb: fix uninit-value in vp702x_read_mac_addr media: go7007: remove redundant initialization Bluetooth: sco: prevent information leak in sco_conn_defer_accept() tcp: seq_file: Avoid skipping sk during tcp_seek_last_pos net: cipso: fix warnings in netlbl_cipsov4_add_std i2c: highlander: add IRQ check PCI: PM: Enable PME if it can be signaled from D3cold soc: qcom: smsm: Fix missed interrupts if state changes while masked Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7 Bluetooth: fix repeated calls to sco_sock_kill drm/msm/dsi: Fix some reference counted resource leaks usb: gadget: udc: at91: add IRQ check usb: phy: fsl-usb: add IRQ check usb: phy: twl6030: add IRQ checks Bluetooth: Move shutdown callback before flushing tx and rx queue usb: host: ohci-tmio: add IRQ check usb: phy: tahvo: add IRQ check usb: gadget: mv_u3d: request_irq() after initializing UDC Bluetooth: add timeout sanity check to hci_inquiry i2c: iop3xx: fix deferred probing i2c: s3c2410: fix IRQ check mmc: dw_mmc: Fix issue with uninitialized dma_slave_config mmc: moxart: Fix issue with uninitialized dma_slave_config CIFS: Fix a potencially linear read overflow i2c: mt65xx: fix IRQ check usb: ehci-orion: Handle errors of clk_prepare_enable() in probe ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() bcma: Fix memory leak for internally-handled cores ipv4: make exception cache less predictible tty: Fix data race between tiocsti() and flush_to_ldisc() KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted IMA: remove -Wmissing-prototypes warning clk: kirkwood: Fix a clocking boot regression fbmem: don't allow too huge resolutions rtc: tps65910: Correct driver module alias PCI/MSI: Skip masking MSI-X on Xen PV powerpc/perf/hv-gpci: Fix counter value parsing xen: fix setting of max_pfn in shared_info crypto: public_key: fix overflow during implicit conversion power: supply: max17042: handle fails of reading status register VMCI: fix NULL pointer dereference when unmapping queue pair media: uvc: don't do DMA on stack media: rc-loopback: return number of emitters rather than error libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs ARM: 9105/1: atags_to_fdt: don't warn about stack size PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure vfio: Use config not menuconfig for VFIO_NOIOMMU openrisc: don't printk() unconditionally pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() MIPS: Malta: fix alignment of the devicetree buffer crypto: mxs-dcp - Use sg_mapping_iter to copy data PCI: Use pci_update_current_state() in pci_enable_device_flags() iio: dac: ad5624r: Fix incorrect handling of an optional regulator. video: fbdev: kyro: fix a DoS bug by restricting user input netlink: Deal with ESRCH error in nlmsg_notify() Smack: Fix wrong semantics in smk_access_entry() usb: host: fotg210: fix the endpoint's transactional opportunities calculation usb: host: fotg210: fix the actual_length of an iso packet usb: gadget: u_ether: fix a potential null pointer dereference usb: gadget: composite: Allow bMaxPower=0 if self-powered staging: board: Fix uninitialized spinlock when attaching genpd tty: serial: jsm: hold port lock when reporting modem line changes bpf/tests: Fix copy-and-paste error in double word test bpf/tests: Do not PASS tests without actually testing the result video: fbdev: asiliantfb: Error out if 'pixclock' equals zero video: fbdev: kyro: Error out if 'pixclock' equals zero video: fbdev: riva: Error out if 'pixclock' equals zero ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() flow_dissector: Fix out-of-bounds warnings s390/jump_label: print real address in a case of a jump label bug serial: 8250: Define RX trigger levels for OxSemi 950 devices xtensa: ISS: don't panic in rs_init hvsi: don't panic on tty_register_driver failure serial: 8250_pci: make setup_port() parameters explicitly unsigned staging: ks7010: Fix the initialization of the 'sleep_status' structure ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() Bluetooth: skip invalid hci_sync_conn_complete_evt ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the matching in-/output net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() Bluetooth: avoid circular locks in sco_sock_connect gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() ARM: tegra: tamonten: Fix UART pad setting rpc: fix gss_svc_init cleanup on failure gfs2: Don't call dlm after protocol is unmounted mmc: rtsx_pci: Fix long reads when clock is prescaled cifs: fix wrong release in sess_alloc_buffer() failed path Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set" usbip: give back URBs for unsent unlink requests during cleanup parport: remove non-zero check on count ath9k: fix OOB read ar9300_eeprom_restore_internal ath9k: fix sleeping in atomic context net: fix NULL pointer reference in cipso_v4_doi_free net: w5100: check return value after calling platform_get_resource() parisc: fix crash with signals and alloca scsi: BusLogic: Fix missing pr_cont() use mm/hugetlb: initialize hugetlb_usage in mm_init memcg: enable accounting for pids in nested pid namespaces platform/chrome: cros_ec_proto: Send command again when timeout occurs xen: reset legacy rtc flag for PV domU bnx2x: Fix enabling network interfaces without VFs net-caif: avoid user-triggerable WARN_ON(1) ptp: dp83640: don't define PAGE0 dccp: don't duplicate ccid when cloning dccp sock net/l2tp: Fix reference count leak in l2tp_udp_recv_core r6040: Restore MDIO clock frequency after MAC reset tipc: increase timeout in tipc_sk_enqueue() events: Reuse value read using READ_ONCE instead of re-reading it net/af_unix: fix a data-race in unix_dgram_poll tcp: fix tp->undo_retrans accounting in tcp_sacktag_one() x86/mm: Fix kern_addr_valid() to cope with existing but not present entries dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation mfd: Don't use irq_create_mapping() to resolve a mapping net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 ethtool: Fix an error code in cxgb2.c PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()' ARC: export clear_user_page() for modules net: dsa: b53: Fix calculating number of switch ports qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom net: renesas: sh_eth: Fix freeing wrong tx descriptor s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant Linux 4.9.283 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I9e2017cce36805d71566ea1f265974a43bae33d1 |
||
|
Liu Zixian
|
958bb88f6f |
mm/hugetlb: initialize hugetlb_usage in mm_init
commit 13db8c50477d83ad3e3b9b0ae247e5cd833a7ae4 upstream.
After fork, the child process will get incorrect (2x) hugetlb_usage. If
a process uses 5 2MB hugetlb pages in an anonymous mapping,
HugetlbPages: 10240 kB
and then forks, the child will show,
HugetlbPages: 20480 kB
The reason for double the amount is because hugetlb_usage will be copied
from the parent and then increased when we copy page tables from parent
to child. Child will have 2x actual usage.
Fix this by adding hugetlb_count_init in mm_init.
Link: https://lkml.kernel.org/r/20210826071742.877-1-liuzixian4@huawei.com
Fixes:
|
||
|
Lucas Wei
|
28ab10340e |
Merge android-4.9-q (4.9.258) into android-msm-pixel-4.9-lts
Merge 4.9.258 into android-4.9-q
Linux 4.9.258
kvm: check tlbs_dirty directly
scsi: qla2xxx: Fix crash during driver load on big endian machines
xen-blkback: fix error handling in xen_blkbk_map()
xen-scsiback: don't "handle" error by BUG()
xen-netback: don't "handle" error by BUG()
xen-blkback: don't "handle" error by BUG()
xen/arm: don't ignore return errors from set_phys_to_machine
Xen/gntdev: correct error checking in gntdev_map_grant_pages()
Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages()
Xen/x86: also check kernel mapping in set_foreign_p2m_mapping()
Xen/x86: don't bail early from clear_foreign_p2m_mapping()
* tracing: Avoid calling cc-option -mrecord-mcount for every Makefile
Makefile
scripts/Makefile.build
* tracing: Fix SKIP_STACK_VALIDATION=1 build due to bad merge with -mrecord-mcount
scripts/Makefile.build
* trace: Use -mcount-record for dynamic ftrace
scripts/Makefile.build
x86/build: Disable CET instrumentation in the kernel for 32-bit too
vsock: fix locking in vsock_shutdown()
vsock/virtio: update credit only if socket is not closed
* net: watchdog: hold device global xmit lock during tx disable
include/linux/netdevice.h
net/vmw_vsock: improve locking in vsock_connect_timeout()
usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one
usb: dwc3: ulpi: fix checkpatch warning
h8300: fix PREEMPTION build, TI_PRE_COUNT undefined
* netfilter: conntrack: skip identical origin tuple in same zone only
net/netfilter/nf_conntrack_core.c
xen/netback: avoid race in xenvif_rx_ring_slots_available()
netfilter: xt_recent: Fix attempt to update deleted entry
* bpf: Check for integer overflow when using roundup_pow_of_two()
kernel/bpf/stackmap.c
* memblock: do not start bottom-up allocations with kernel_end
mm/memblock.c
ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL
* ovl: skip getxattr of security labels
fs/overlayfs/copy_up.c
* tracing: Check length before giving out the filter buffer
kernel/trace/trace.c
* tracing: Do not count ftrace events in top level enable output
kernel/trace/trace_events.c
squashfs: add more sanity checks in xattr id lookup
squashfs: add more sanity checks in inode lookup
squashfs: add more sanity checks in id lookup
* futex: Cure exit race
kernel/futex.c
* futex: Change locking rules
kernel/futex.c
* futex: Ensure the correct return value from futex_lock_pi()
kernel/futex.c
* memcg: fix a crash in wb_workfn when a device disappears
fs/fs-writeback.c
include/linux/backing-dev.h
include/trace/events/writeback.h
mm/backing-dev.c
* include/trace/events/writeback.h: fix -Wstringop-truncation warnings
include/trace/events/writeback.h
* lib/string: Add strscpy_pad() function
include/linux/string.h
lib/string.c
SUNRPC: Handle 0 length opaque XDR object data properly
* SUNRPC: Move simple_get_bytes and simple_get_netobj into private header
include/linux/sunrpc/xdr.h
iwlwifi: mvm: guard against device removal in reprobe
iwlwifi: pcie: add a NULL check in iwl_pcie_txq_unmap
iwlwifi: mvm: take mutex for calling iwl_mvm_get_sync_time()
* af_key: relax availability checks for skb size calculation
net/key/af_key.c
remoteproc: qcom_q6v5_mss: Validate MBA firmware size before load
* fgraph: Initialize tracing_graph_pause at task creation
include/linux/ftrace.h
* mm: memcontrol: fix NULL pointer crash in test_clear_page_writeback()
include/linux/memcontrol.h
mm/page-writeback.c
Merge 4.9.257 into android-4.9-q
Linux 4.9.257
ALSA: hda/realtek - Fix typo of pincfg for Dell quirk
iommu/vt-d: Do not use flush-queue when caching-mode is on
ACPI: thermal: Do not call acpi_thermal_check() directly
* Input: xpad - sync supported devices with fork on GitHub
drivers/input/joystick/xpad.c
x86/apic: Add extra serialization for non-serializing MSRs
* x86/build: Disable CET instrumentation in the kernel
Makefile
mm: thp: fix MADV_REMOVE deadlock on shmem THP
mm: hugetlb: remove VM_BUG_ON_PAGE from page_huge_active
mm: hugetlb: fix a race between isolating and freeing page
* mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
include/linux/hugetlb.h
ARM: footbridge: fix dc21285 PCI configuration accessors
* mmc: core: Limit retries when analyse of SDIO tuples fails
drivers/mmc/core/sdio_cis.c
cifs: report error instead of invalid when revalidating a dentry fails
* xhci: fix bounce buffer usage for non-sg list case
drivers/usb/host/xhci-ring.c
kretprobe: Avoid re-registration of the same kretprobe earlier
mac80211: fix station rate table updates on assoc
usb: dwc2: Fix endpoint direction check in ep_from_windex
USB: usblp: don't call usb_set_interface if there's a single alt
USB: gadget: legacy: fix an error code in eth_bind()
* elfcore: fix building with clang
include/linux/elfcore.h
kernel/Makefile
net: lapb: Copy the skb before sending a packet
Input: i8042 - unbreak Pegatron C15B
USB: serial: option: Adding support for Cinterion MV31
USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000
USB: serial: cp210x: add pid/vid for WSDA-200-USB
* stable: clamp SUBLEVEL in 4.4 and 4.9
Makefile
objtool: Don't fail on missing symbol table
scsi: ibmvfc: Set default timeout to avoid crash during migration
mac80211: fix fast-rx encryption check
scsi: libfc: Avoid invoking response handler twice if ep is already completed
* futex: Handle faults correctly for PI futexes
kernel/futex.c
* futex: Simplify fixup_pi_state_owner()
kernel/futex.c
* futex: Use pi_state_update_owner() in put_pi_state()
kernel/futex.c
* rtmutex: Remove unused argument from rt_mutex_proxy_unlock()
kernel/futex.c
kernel/locking/rtmutex.c
kernel/locking/rtmutex_common.h
* futex: Provide and use pi_state_update_owner()
kernel/futex.c
* futex: Replace pointless printk in fixup_owner()
kernel/futex.c
* futex: Avoid violating the 10th rule of futex
kernel/futex.c
kernel/locking/rtmutex.c
kernel/locking/rtmutex_common.h
* futex: Rework inconsistent rt_mutex/futex_q state
kernel/futex.c
* futex: Remove rt_mutex_deadlock_account_*()
kernel/locking/rtmutex.c
kernel/locking/rtmutex.h
* futex,rt_mutex: Provide futex specific rt_mutex API
kernel/futex.c
kernel/locking/rtmutex.c
kernel/locking/rtmutex_common.h
* net_sched: reject silly cell_log in qdisc_get_rtab()
net/sched/sch_api.c
ibmvnic: Ensure that CRQ entry read are correctly ordered
net: dsa: bcm_sf2: put device node before return
Merge 4.9.256 into android-4.9-q
Linux 4.9.256
Merge 4.9.255 into android-4.9-q
Linux 4.9.255
NFC: fix possible resource leak
NFC: fix resource leak when target index is invalid
iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built
iommu/vt-d: Gracefully handle DMAR units with no supported address widths
can: dev: prevent potential information leak in can_fill_info()
mac80211: pause TX while changing interface type
iwlwifi: pcie: reschedule in long-running memory reads
iwlwifi: pcie: use jiffies for memory read spin time limit
RDMA/cxgb4: Fix the reported max_recv_sge value
* xfrm: Fix oops in xfrm_replay_advance_bmp
net/xfrm/xfrm_input.c
netfilter: nft_dynset: add timeout extension to template
ARM: imx: build suspend-imx6.S with arm instruction set
mt7601u: fix rx buffer refcounting
mt7601u: fix kernel crash unplugging the device
* leds: trigger: fix potential deadlock with libata
drivers/leds/led-triggers.c
KVM: x86: get smi pending status correctly
KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[]
* futex: Prevent exit livelock
kernel/futex.c
* futex: Provide distinct return value when owner is exiting
kernel/futex.c
* futex: Add mutex around futex exit
include/linux/futex.h
include/linux/sched.h
kernel/futex.c
* futex: Provide state handling for exec() as well
kernel/futex.c
* futex: Sanitize exit state handling
kernel/futex.c
* futex: Mark the begin of futex exit explicitly
include/linux/futex.h
kernel/exit.c
kernel/futex.c
* futex: Set task::futex_state to DEAD right after handling futex exit
kernel/exit.c
kernel/futex.c
* futex: Split futex_mm_release() for exit/exec
include/linux/futex.h
kernel/fork.c
kernel/futex.c
* exit/exec: Seperate mm_release()
fs/exec.c
include/linux/sched.h
kernel/exit.c
kernel/fork.c
* futex: Replace PF_EXITPIDONE with a state
include/linux/futex.h
include/linux/sched.h
kernel/exit.c
kernel/futex.c
* futex: Move futex exit handling into futex code
include/linux/compat.h
include/linux/futex.h
kernel/fork.c
kernel/futex.c
* y2038: futex: Move compat implementation into futex.c
include/linux/futex.h
kernel/Makefile
kernel/futex.c
net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family
* wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
net/wireless/wext-core.c
ACPI: sysfs: Prefer "compatible" modalias
Bug: 181732917
Change-Id: Ice169f5980390199db8f86d42e944cdf5f37c562
Signed-off-by: Lucas Wei <lucaswei@google.com>
|
||
|
Greg Kroah-Hartman
|
2a2b02a000 |
Merge 4.9.255 into android-4.9-q
Changes in 4.9.255 ACPI: sysfs: Prefer "compatible" modalias wext: fix NULL-ptr-dereference with cfg80211's lack of commit() net: usb: qmi_wwan: added support for Thales Cinterion PLSx3 modem family y2038: futex: Move compat implementation into futex.c futex: Move futex exit handling into futex code futex: Replace PF_EXITPIDONE with a state exit/exec: Seperate mm_release() futex: Split futex_mm_release() for exit/exec futex: Set task::futex_state to DEAD right after handling futex exit futex: Mark the begin of futex exit explicitly futex: Sanitize exit state handling futex: Provide state handling for exec() as well futex: Add mutex around futex exit futex: Provide distinct return value when owner is exiting futex: Prevent exit livelock KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] KVM: x86: get smi pending status correctly leds: trigger: fix potential deadlock with libata mt7601u: fix kernel crash unplugging the device mt7601u: fix rx buffer refcounting ARM: imx: build suspend-imx6.S with arm instruction set netfilter: nft_dynset: add timeout extension to template xfrm: Fix oops in xfrm_replay_advance_bmp RDMA/cxgb4: Fix the reported max_recv_sge value iwlwifi: pcie: use jiffies for memory read spin time limit iwlwifi: pcie: reschedule in long-running memory reads mac80211: pause TX while changing interface type can: dev: prevent potential information leak in can_fill_info() iommu/vt-d: Gracefully handle DMAR units with no supported address widths iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built NFC: fix resource leak when target index is invalid NFC: fix possible resource leak Linux 4.9.255 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I1ead684216d7f27b8209f4d680f40b3619d16e3a |
||
|
Thomas Gleixner
|
8a16d8a352 |
futex: Split futex_mm_release() for exit/exec
commit 150d71584b12809144b8145b817e83b81158ae5f upstream. To allow separate handling of the futex exit state in the futex exit code for exit and exec, split futex_mm_release() into two functions and invoke them from the corresponding exit/exec_mm_release() callsites. Preparatory only, no functional change. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Ingo Molnar <mingo@kernel.org> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Link: https://lkml.kernel.org/r/20191106224556.332094221@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Lee Jones <lee.jones@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Thomas Gleixner
|
394ff1207f |
exit/exec: Seperate mm_release()
commit 4610ba7ad877fafc0a25a30c6c82015304120426 upstream. mm_release() contains the futex exit handling. mm_release() is called from do_exit()->exit_mm() and from exec()->exec_mm(). In the exit_mm() case PF_EXITING and the futex state is updated. In the exec_mm() case these states are not touched. As the futex exit code needs further protections against exit races, this needs to be split into two functions. Preparatory only, no functional change. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Ingo Molnar <mingo@kernel.org> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Link: https://lkml.kernel.org/r/20191106224556.240518241@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Lee Jones <lee.jones@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Thomas Gleixner
|
25f319bbcc |
futex: Move futex exit handling into futex code
commit ba31c1a48538992316cc71ce94fa9cd3e7b427c0 upstream. The futex exit handling is #ifdeffed into mm_release() which is not pretty to begin with. But upcoming changes to address futex exit races need to add more functionality to this exit code. Split it out into a function, move it into futex code and make the various futex exit functions static. Preparatory only and no functional change. Folded build fix from Borislav. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Ingo Molnar <mingo@kernel.org> Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org> Link: https://lkml.kernel.org/r/20191106224556.049705556@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Lee Jones <lee.jones@linaro.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
lucaswei
|
f09d91fe02 |
Merge android-4.9-q (4.9.248) into android-msm-pixel-4.9-lts
Merge 4.9.248 into android-4.9-q
Linux 4.9.248
x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes
Input: i8042 - fix error return code in i8042_setup_aux()
i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc()
gfs2: check for empty rgrp tree in gfs2_ri_update
* tracing: Fix userstacktrace option for instances
kernel/trace/trace.c
kernel/trace/trace.h
spi: bcm2835: Release the DMA channel if probe fails after dma_init
spi: bcm2835: Fix use-after-free on unbind
spi: bcm-qspi: Fix use-after-free on unbind
* spi: Introduce device-managed SPI controller allocation
drivers/spi/spi.c
include/linux/spi/spi.h
iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs
i2c: imx: Check for I2SR_IAL after every byte
i2c: imx: Fix reset of I2SR_IAL flag
cifs: fix potential use-after-free in cifs_echo_request()
ftrace: Fix updating FTRACE_FL_TRAMP
* tty: Fix ->session locking
drivers/tty/tty_io.c
include/linux/tty.h
ALSA: hda/generic: Add option to enforce preferred_dacs pairs
ALSA: hda/realtek - Add new codec supported for ALC897
* tty: Fix ->pgrp locking in tiocspgrp()
drivers/tty/tty_io.c
USB: serial: option: add support for Thales Cinterion EXS82
USB: serial: option: add Fibocom NL668 variants
USB: serial: ch341: sort device-id entries
USB: serial: ch341: add new Product ID for CH341A
USB: serial: kl5kusb105: fix memleak on open
* usb: gadget: f_fs: Use local copy of descriptors for userspace copy
drivers/usb/gadget/function/f_fs.c
* vlan: consolidate VLAN parsing code and limit max parsing depth
include/linux/if_vlan.h
include/net/inet_ecn.h
pinctrl: baytrail: Fix pin being driven low for a while on gpiod_get(..., GPIOD_OUT_HIGH)
pinctrl: baytrail: Replace WARN with dev_info_once when setting direct-irq pin to output
btrfs: sysfs: init devices outside of the chunk_mutex
RDMA/i40iw: Address an mmap handler exploit in i40iw
* spi: Fix controller unregister order harder
drivers/spi/spi.c
Input: i8042 - add ByteSpeed touchpad to noloop table
* Input: xpad - support Ardwiino Controllers
drivers/input/joystick/xpad.c
dt-bindings: net: correct interrupt flags in examples
net/mlx5: Fix wrong address reclaim when command interface is down
net: pasemi: fix error return code in pasemi_mac_open()
cxgb3: fix error return code in t3_sge_alloc_qset()
net/x25: prevent a couple of overflows
ibmvnic: Fix TX completion error handling
ibmvnic: Ensure that SCRQ entry reads are correctly ordered
netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal
* bonding: wait for sysfs kobject destruction before freeing struct slave
drivers/net/bonding/bond_main.c
drivers/net/bonding/bond_sysfs_slave.c
include/net/bonding.h
usbnet: ipheth: fix connectivity with iOS 14
rose: Fix Null pointer dereference in rose_send_frame()
net/af_iucv: set correct sk_protocol for child sockets
ANDROID: cuttlefish_defconfig: Disable CONFIG_KSM
Merge 4.9.247 into android-4.9-q
Linux 4.9.247
* USB: core: Fix regression in Hercules audio card
drivers/usb/core/quirks.c
* USB: core: add endpoint-blacklist quirk
drivers/usb/core/config.c
drivers/usb/core/quirks.c
drivers/usb/core/usb.h
include/linux/usb/quirks.h
* regulator: workaround self-referent regulators
drivers/regulator/core.c
* regulator: avoid resolve_supply() infinite recursion
drivers/regulator/core.c
x86/speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb
usb: gadget: Fix memleak in gadgetfs_fill_super
* usb: gadget: f_midi: Fix memleak in f_midi_alloc
drivers/usb/gadget/function/f_midi.c
* USB: core: Change %pK for __user pointers to %px
drivers/usb/core/devio.c
perf probe: Fix to die_entrypc() returns error correctly
platform/x86: toshiba_acpi: Fix the wrong variable assignment
can: gs_usb: fix endianess problem with candleLight firmware
efivarfs: revert "fix memory leak in efivarfs_create()"
ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq
net: ena: set initial DMA width to avoid intel iommu issue
nfc: s3fwrn5: use signed integer for parsing GPIO numbers
IB/mthca: fix return value of error branch in mthca_init_cq()
bnxt_en: Release PCI regions when DMA mask setup fails during probe.
video: hyperv_fb: Fix the cache type when mapping the VRAM
bnxt_en: fix error return code in bnxt_init_board()
* scsi: ufs: Fix race between shutdown and runtime resume flow
drivers/scsi/ufs/ufshcd.c
batman-adv: set .owner to THIS_MODULE
phy: tegra: xusb: Fix dangling pointer on probe failure
perf/x86: fix sysfs type mismatches
scsi: target: iscsi: Fix cmd abort fabric stop race
scsi: libiscsi: Fix NOP race condition
dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size
* proc: don't allow async path resolution of /proc/self components
fs/proc/self.c
x86/xen: don't unbind uninitialized lock_kicker_irq
dmaengine: xilinx_dma: use readl_poll_timeout_atomic variant
HID: hid-sensor-hub: Fix issue with devices with no report ID
Input: i8042 - allow insmod to succeed on devices without an i8042 controller
* HID: cypress: Support Varmilo Keyboards' media hotkeys
drivers/hid/hid-ids.h
ALSA: hda/hdmi: fix incorrect locking in hdmi_pcm_close
ALSA: hda/hdmi: Use single mutex unlock in error paths
* arm64: pgtable: Fix pte_accessible()
arch/arm64/include/asm/pgtable.h
btrfs: inode: Verify inode mode to avoid NULL pointer dereference
btrfs: tree-checker: Enhance chunk checker to validate chunk profile
* PCI: Add device even if driver attach failed
drivers/pci/bus.c
btrfs: fix lockdep splat when reading qgroup config on mount
mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault()
perf event: Check ref_reloc_sym before using it
* BACKPORT: arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm
arch/arm64/include/asm/efi.h
arch/arm64/include/asm/mmu_context.h
Merge 4.9.246 into android-4.9-q
Linux 4.9.246
x86/microcode/intel: Check patch signature before saving microcode for early loading
s390/cpum_sf.c: fix file permission for cpum_sfb_size
mac80211: free sta in sta_info_insert_finish() on errors
mac80211: minstrel: fix tx status processing corner case
mac80211: minstrel: remove deferred sampling code
xtensa: disable preemption around cache alias management calls
* regulator: fix memory leak with repeated set_machine_constraints()
drivers/regulator/core.c
iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum
* ext4: fix bogus warning in ext4_update_dx_flag()
fs/ext4/ext4.h
efivarfs: fix memory leak in efivarfs_create()
tty: serial: imx: keep console clocks always on
ALSA: mixart: Fix mutex deadlock
* ALSA: ctl: fix error path at adding user-defined element set
sound/core/control.c
powerpc/uaccess-flush: fix missing includes in kup-radix.h
* libfs: fix error cast of negative value in simple_attr_write()
fs/libfs.c
xfs: revert "xfs: fix rmap key and record comparison functions"
regulator: ti-abb: Fix array out of bound read access on the first transition
MIPS: Alchemy: Fix memleak in alchemy_clk_setup_cpu
can: m_can: m_can_handle_state_change(): fix state change
can: peak_usb: fix potential integer overflow on shift of a int
can: dev: can_restart(): post buffer from the right context
perf lock: Don't free "lock_seq_stat" if read_count isn't zero
ARM: dts: imx50-evk: Fix the chip select 1 IOMUX
arm: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy
MIPS: export has_transparent_hugepage() for modules
Input: adxl34x - clean up a data type in adxl34x_probe()
* vfs: remove lockdep bogosity in __sb_start_write
fs/super.c
* arm64: psci: Avoid printing in cpu_psci_cpu_die()
arch/arm64/kernel/psci.c
pinctrl: rockchip: enable gpio pclk for rockchip_gpio_to_irq
mlxsw: core: Use variable timeout for EMAD retries
net: ftgmac100: Fix crash when removing driver
tcp: only postpone PROBE_RTT if RTT is < current min_rtt estimate
net: usb: qmi_wwan: Set DTR quirk for MR400
sctp: change to hold/put transport for proto_unreach_timer
qlcnic: fix error return code in qlcnic_83xx_restart_hw()
net: x25: Increase refcnt of "struct x25_neigh" in x25_rx_call_request
net/mlx4_core: Fix init_hca fields offset
* netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist()
net/netlabel/netlabel_unlabeled.c
* netlabel: fix our progress tracking in netlbl_unlabel_staticlist()
net/netlabel/netlabel_unlabeled.c
net: Have netpoll bring-up DSA management interface
* net: bridge: add missing counters to ndo_get_stats64 callback
net/bridge/br_device.c
net: b44: fix error return code in b44_init_one()
* inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill()
net/ipv4/inet_diag.c
devlink: Add missing genlmsg_cancel() in devlink_nl_sb_port_pool_fill()
bnxt_en: read EEPROM A2h address using page 0
atm: nicstar: Unmap DMA on send error
* ah6: fix error return code in ah6_input()
net/ipv6/ah6.c
Merge 4.9.245 into android-4.9-q
Linux 4.9.245
ACPI: GED: fix -Wformat
KVM: x86: clflushopt should be treated as a no-op by emulation
mac80211: always wind down STA state
Input: sunkbd - avoid use-after-free in teardown paths
powerpc/8xx: Always fault when _PAGE_ACCESSED is not set
i2c: mux: pca954x: Add missing pca9546 definition to chip_desc
i2c: imx: Fix external abort on interrupt in exit paths
i2c: imx: use clk notifier for rate changes
powerpc/64s: flush L1D after user accesses
powerpc/uaccess: Evaluate macro arguments once, before user access is allowed
powerpc: Fix __clear_user() with KUAP enabled
powerpc: Implement user_access_begin and friends
powerpc: Add a framework for user access tracking
powerpc/64s: flush L1D on kernel entry
powerpc/64s: move some exception handlers out of line
powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL
Linux 4.9.244
Convert trailing spaces and periods in path components
* ext4: fix leaking sysfs kobject after failed mount
fs/ext4/super.c
* reboot: fix overflow parsing reboot cpu number
kernel/reboot.c
* Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint"
kernel/reboot.c
* perf/core: Fix race in the perf_mmap_close() function
kernel/events/core.c
xen/events: block rogue events for some time
xen/events: defer eoi in case of excessive number of events
xen/events: use a common cpu hotplug hook for event channels
xen/events: switch user event channels to lateeoi model
xen/pciback: use lateeoi irq binding
xen/scsiback: use lateeoi irq binding
xen/netback: use lateeoi irq binding
xen/blkback: use lateeoi irq binding
xen/events: add a new "late EOI" evtchn framework
xen/events: fix race in evtchn_fifo_unmask()
xen/events: add a proper barrier to 2-level uevent unmasking
xen/events: avoid removing an event channel while handling it
* perf/core: Fix a memory leak in perf_event_parse_addr_filter()
kernel/events/core.c
* perf/core: Fix crash when using HW tracing kernel filters
kernel/events/core.c
* perf/core: Fix bad use of igrab()
include/linux/perf_event.h
kernel/events/core.c
x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP
* random32: make prandom_u32() output unpredictable
drivers/char/random.c
include/linux/prandom.h
kernel/time/timer.c
lib/random32.c
net: Update window_clamp if SOCK_RCVBUF is set
net/x25: Fix null-ptr-deref in x25_connect
net/af_iucv: fix null pointer dereference on shutdown
* IPv6: Set SIT tunnel hard_header_len to zero
net/ipv6/sit.c
* swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb"
lib/swiotlb.c
pinctrl: amd: fix incorrect way to disable debounce filter
pinctrl: amd: use higher precision for 512 RtcClk
drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[]
* don't dump the threads that had been already exiting when zapped.
kernel/exit.c
ocfs2: initialize ip_next_orphan
mei: protect mei_cl_mtu from null dereference
usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode
* ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
fs/ext4/inline.c
* ext4: correctly report "not supported" for {usr,grp}jquota when !CONFIG_QUOTA
fs/ext4/super.c
* perf: Fix get_recursion_context()
kernel/events/internal.h
cosa: Add missing kfree in error path of cosa_write
* of/address: Fix of_node memory leak in of_dma_is_coherent
drivers/of/address.c
xfs: fix a missing unlock on error in xfs_fs_map_blocks
xfs: fix rmap key and record comparison functions
xfs: fix flags argument to rmap lookup when converting shared file rmaps
pinctrl: aspeed: Fix GPI only function problem.
iommu/amd: Increase interrupt remapping table limit to 512 entries
scsi: scsi_dh_alua: Avoid crash during alua_bus_detach()
* cfg80211: regulatory: Fix inconsistent format argument
net/wireless/reg.c
mac80211: fix use of skb payload instead of header
drm/amdgpu: perform srbm soft reset always on SDMA resume
scsi: hpsa: Fix memory leak in hpsa_init_one()
gfs2: check for live vs. read-only file system in gfs2_fitrim
gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
usb: gadget: goku_udc: fix potential crashes in probe
ath9k_htc: Use appropriate rs_datalen type
geneve: add transport ports in route lookup for geneve
i40e: Memory leak in i40e_config_iwarp_qvlist
i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c
i40e: Wrong truncation from u16 to u8
i40e: add num_vectors checker in iwarp handler
i40e: Fix a potential NULL pointer dereference
* pinctrl: devicetree: Avoid taking direct reference to device name string
drivers/pinctrl/devicetree.c
Btrfs: fix missing error return if writeback for extent buffer never started
xfs: flush new eof page on truncate to avoid post-eof corruption
can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
can: peak_usb: add range checking in decode operations
can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames
can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context
ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
perf tools: Add missing swap for ino_generation
* net: xfrm: fix a race condition during allocing spi
net/xfrm/xfrm_state.c
* genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY
kernel/irq/Kconfig
btrfs: reschedule when cloning lots of extents
* time: Prevent undefined behaviour in timespec64_to_ns()
include/linux/time64.h
mm: mempolicy: fix potential pte_unmap_unlock pte error
gfs2: Wake up when sd_glock_disposal becomes zero
* ring-buffer: Fix recursion protection transitions between interrupt context
kernel/trace/ring_buffer.c
* regulator: defer probe when trying to get voltage from unresolved supply
drivers/regulator/core.c
UPSTREAM: thermal/drivers/hisi: Remove bogus const from function return type
* UPSTREAM: net/ipv6: don't reinitialize ndev->cnf.addr_gen_mode on new inet6_dev
net/ipv6/addrconf.c
UPSTREAM: tee: shm: fix use-after-free via temporarily dropped reference
UPSTREAM: Documentation: ip-sysctl.txt: document addr_gen_mode
UPSTREAM: net: crypto set sk to NULL when af_alg_release.
* UPSTREAM: ipv6: don't auto-add link-local address to lag ports
net/ipv6/addrconf.c
* UPSTREAM: ipv6: ndisc: RFC-ietf-6man-ra-pref64-09 is now published as RFC8781
include/net/ndisc.h
* UPSTREAM: binder: fix incorrect cmd to binder_stat_br
drivers/android/binder.c
* UPSTREAM: arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb
arch/arm64/include/asm/mmu_context.h
UPSTREAM: staging: android: vsoc: fix copy_from_user overrun
Merge 4.9.243 into android-4.9-q
Linux 4.9.243
powercap: restrict energy meter to root access
Merge 4.9.242 into android-4.9-q
Linux 4.9.242
Revert "ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE"
ARC: stack unwinding: avoid indefinite looping
* USB: Add NO_LPM quirk for Kingston flash drive
drivers/usb/core/quirks.c
USB: serial: option: add Telit FN980 composition 0x1055
USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231
USB: serial: cyberjack: fix write-URB completion race
serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init
serial: 8250_mtk: Fix uart_get_baud_rate warning
* fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
kernel/fork.c
* vt: Disable KD_FONT_OP_COPY
drivers/tty/vt/vt.c
ACPI: NFIT: Fix comparison to '-ENXIO'
vsock: use ns_capable_noaudit() on socket create
* scsi: core: Don't start concurrent async scan on same host
drivers/scsi/scsi_scan.c
* of: Fix reserved-memory overlap detection
drivers/of/of_reserved_mem.c
x86/kexec: Use up-to-dated screen_info copy to fill boot params
ARM: dts: sun4i-a10: fix cpu_alert temperature
* tracing: Fix out of bounds write in get_trace_buf
kernel/trace/trace.c
* ftrace: Handle tracing when switching between context
kernel/trace/trace.h
* ftrace: Fix recursion check for NMI test
kernel/trace/trace.h
* kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled
kernel/kthread.c
* ALSA: usb-audio: Add implicit feedback quirk for Qu-16
sound/usb/pcm.c
Fonts: Replace discarded const qualifier
gianfar: Account for Tx PTP timestamp in the skb headroom
gianfar: Replace skb_realloc_headroom with skb_cow_head for PTP
tipc: fix use-after-free in tipc_bcast_get_mode
xen/events: don't use chip_data for legacy IRQs
staging: octeon: Drop on uncorrectable alignment or FCS error
staging: octeon: repair "fixed-link" support
staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice
* KVM: arm64: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR
arch/arm64/include/asm/kvm_host.h
* device property: Don't clear secondary pointer for shared primary firmware node
drivers/base/core.c
* device property: Keep secondary firmware node secondary by type
drivers/base/core.c
ARM: s3c24xx: fix missing system reset
ARM: samsung: fix PM debug build with DEBUG_LL but !MMU
hil/parisc: Disable HIL driver when it gets stuck
cachefiles: Handle readpage error correctly
* arm64: berlin: Select DW_APB_TIMER_OF
arch/arm64/Kconfig.platforms
* tty: make FONTX ioctl use the tty pointer they were actually passed
drivers/tty/vt/vt_ioctl.c
rtc: rx8010: don't modify the global rtc ops
vringh: fix __vringh_iov() when riov and wiov are different
* ring-buffer: Return 0 on success from ring_buffer_resize()
kernel/trace/ring_buffer.c
9P: Cast to loff_t before multiplying
libceph: clear con->out_msg on Policy::stateful_server faults
ceph: promote to unsigned long long before shifting
ia64: fix build error with !COREDUMP
ubi: check kthread_should_stop() after the setting of task state
ubifs: dent: Fix some potential memory leaks while iterating entries
powerpc/powernv/elog: Fix race while processing OPAL error log event.
powerpc: Warn about use of smt_snooze_delay
iio:gyro:itg3200: Fix timestamp alignment and prevent data leak.
iio:adc:ti-adc12138 Fix alignment issue with timestamp
iio:light:si1145: Fix timestamp alignment and prevent data leak.
dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status
* vt: keyboard, extend func_buf_lock to readers
drivers/tty/vt/keyboard.c
* vt: keyboard, simplify vt_kdgkbsent
drivers/tty/vt/keyboard.c
usb: host: fsl-mph-dr-of: check return of dma_set_mask()
* usb: dwc3: core: don't trigger runtime pm when remove driver
drivers/usb/dwc3/core.c
* usb: dwc3: core: add phy cleanup for probe error handling
drivers/usb/dwc3/core.c
btrfs: fix use-after-free on readahead extent after failure to create it
btrfs: cleanup cow block on error
btrfs: reschedule if necessary when logging directory items
scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove()
w1: mxc_w1: Fix timeout resolution problem leading to bus error
acpi-cpufreq: Honor _PSD table setting on new AMD CPUs
ACPI: debug: don't allow debugging when ACPI is disabled
ACPI: video: use ACPI backlight for HP 635 Notebook
ACPI / extlog: Check for RDMSR failure
NFS: fix nfs_path in case of a rename retry
* fs: Don't invalidate page buffers in block_write_full_page()
fs/buffer.c
leds: bcm6328, bcm6358: use devres LED registering function
perf/x86/amd/ibs: Fix raw sample data accumulation
perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count()
md/raid5: fix oops during stripe resizing
ARM: dts: s5pv210: remove dedicated 'audio-subsystem' node
ARM: dts: s5pv210: move PMU node out of clock controller
ARM: dts: s5pv210: remove DMA controller bus node name to fix dtschema warnings
memory: emif: Remove bogus debugfs error handling
gfs2: add validation checks for size of superblock
* ext4: Detect already used quota file early
fs/ext4/super.c
drivers: watchdog: rdc321x_wdt: Fix race condition bugs
net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid
clk: ti: clockdomain: fix static checker warning
md/bitmap: md_bitmap_get_counter returns wrong blocks
power: supply: test_power: add missing newlines when printing parameters by sysfs
bus/fsl_mc: Do not rely on caller to provide non NULL mc_io
drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values
* arm64/mm: return cpu_all_mask when node is NUMA_NO_NODE
arch/arm64/include/asm/numa.h
USB: adutux: fix debugging
cpufreq: sti-cpufreq: add stih418 support
* kgdb: Make "kgdbcon" work properly with "kgdb_earlycon"
kernel/debug/debug_core.c
* printk: reduce LOG_BUF_SHIFT range for H8300
init/Kconfig
mmc: via-sdmmc: Fix data race bug
media: tw5864: check status of tw5864_frameinterval_get
ath10k: fix VHT NSS calculation when STBC is enabled
video: fbdev: pvr2fb: initialize variables
xfs: fix realtime bitmap/summary file truncation when growing rt volume
ARM: 8997/2: hw_breakpoint: Handle inexact watchpoint addresses
um: change sigio_spinlock to a mutex
* f2fs: fix to check segment boundary during SIT page readahead
fs/f2fs/checkpoint.c
* f2fs: add trace exit in exception path
fs/f2fs/checkpoint.c
sparc64: remove mm_cpumask clearing to fix kthread_use_mm race
powerpc/powernv/smp: Fix spurious DBG() warning
mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish()
* fscrypt: use EEXIST when file already uses different policy
fs/crypto/policy.c
* fscrypto: move ioctl processing more fully into common code
fs/crypto/policy.c
fs/ext4/ext4.h
fs/ext4/ioctl.c
fs/f2fs/f2fs.h
fs/f2fs/file.c
* fscrypt: return -EXDEV for incompatible rename or link into encrypted dir
fs/crypto/policy.c
fs/ext4/namei.c
fs/f2fs/namei.c
ata: sata_rcar: Fix DMA boundary mask
mtd: lpddr: Fix bad logic in print_drs_error
p54: avoid accessing the data mapped to streaming DMA
* fuse: fix page dereference after free
fs/fuse/dev.c
arch/x86/amd/ibs: Fix re-arming IBS Fetch
tipc: fix memory leak caused by tipc_buf_append()
ravb: Fix bit fields checking in ravb_hwtstamp_get()
efivarfs: Replace invalid slashes with exclamation marks in dentries.
powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in interrupt handler
* scripts/setlocalversion: make git describe output more reliable
scripts/setlocalversion
SUNRPC: ECONNREFUSED should cause a rebind.
* ANDROID: Temporarily disable XFRM_USER_COMPAT filtering
net/xfrm/xfrm_state.c
net/xfrm/xfrm_user.c
* BACKPORT: xfrm/compat: Translate 32-bit user_policy from sockptr
include/net/xfrm.h
net/xfrm/xfrm_state.c
* BACKPORT: xfrm/compat: Add 32=>64-bit messages translator
include/net/xfrm.h
net/xfrm/Kconfig
net/xfrm/xfrm_user.c
* UPSTREAM: xfrm/compat: Attach xfrm dumps to 64=>32 bit translator
net/xfrm/xfrm_user.c
* BACKPORT: xfrm/compat: Add 64=>32-bit messages translator
include/net/xfrm.h
net/xfrm/xfrm_user.c
* BACKPORT: xfrm: Provide API to register translator module
include/net/xfrm.h
net/xfrm/Kconfig
net/xfrm/Makefile
net/xfrm/xfrm_state.c
* UPSTREAM: mm/sl[uo]b: export __kmalloc_track(_node)_caller
mm/slub.c
ANDROID: Publish uncompressed Image on aarch64
* ANDROID: Makefile: append BUILD_NUMBER to version string when defined
Makefile
Change-Id: I345c9bde484cf008679253982f61b2a833527c3e
Signed-off-by: Lucas Wei <lucaswei@google.com>
|
||
|
Greg Kroah-Hartman
|
4a8894270e |
Merge 4.9.242 into android-4.9-q
Changes in 4.9.242
SUNRPC: ECONNREFUSED should cause a rebind.
scripts/setlocalversion: make git describe output more reliable
powerpc/powernv/opal-dump : Use IRQ_HANDLED instead of numbers in interrupt handler
efivarfs: Replace invalid slashes with exclamation marks in dentries.
ravb: Fix bit fields checking in ravb_hwtstamp_get()
tipc: fix memory leak caused by tipc_buf_append()
arch/x86/amd/ibs: Fix re-arming IBS Fetch
fuse: fix page dereference after free
p54: avoid accessing the data mapped to streaming DMA
mtd: lpddr: Fix bad logic in print_drs_error
ata: sata_rcar: Fix DMA boundary mask
fscrypt: return -EXDEV for incompatible rename or link into encrypted dir
fscrypto: move ioctl processing more fully into common code
fscrypt: use EEXIST when file already uses different policy
mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish()
powerpc/powernv/smp: Fix spurious DBG() warning
sparc64: remove mm_cpumask clearing to fix kthread_use_mm race
f2fs: add trace exit in exception path
f2fs: fix to check segment boundary during SIT page readahead
um: change sigio_spinlock to a mutex
ARM: 8997/2: hw_breakpoint: Handle inexact watchpoint addresses
xfs: fix realtime bitmap/summary file truncation when growing rt volume
video: fbdev: pvr2fb: initialize variables
ath10k: fix VHT NSS calculation when STBC is enabled
media: tw5864: check status of tw5864_frameinterval_get
mmc: via-sdmmc: Fix data race bug
printk: reduce LOG_BUF_SHIFT range for H8300
kgdb: Make "kgdbcon" work properly with "kgdb_earlycon"
cpufreq: sti-cpufreq: add stih418 support
USB: adutux: fix debugging
arm64/mm: return cpu_all_mask when node is NUMA_NO_NODE
drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values
bus/fsl_mc: Do not rely on caller to provide non NULL mc_io
power: supply: test_power: add missing newlines when printing parameters by sysfs
md/bitmap: md_bitmap_get_counter returns wrong blocks
clk: ti: clockdomain: fix static checker warning
net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid
drivers: watchdog: rdc321x_wdt: Fix race condition bugs
ext4: Detect already used quota file early
gfs2: add validation checks for size of superblock
memory: emif: Remove bogus debugfs error handling
ARM: dts: s5pv210: remove DMA controller bus node name to fix dtschema warnings
ARM: dts: s5pv210: move PMU node out of clock controller
ARM: dts: s5pv210: remove dedicated 'audio-subsystem' node
md/raid5: fix oops during stripe resizing
perf/x86/amd/ibs: Don't include randomized bits in get_ibs_op_count()
perf/x86/amd/ibs: Fix raw sample data accumulation
leds: bcm6328, bcm6358: use devres LED registering function
fs: Don't invalidate page buffers in block_write_full_page()
NFS: fix nfs_path in case of a rename retry
ACPI / extlog: Check for RDMSR failure
ACPI: video: use ACPI backlight for HP 635 Notebook
ACPI: debug: don't allow debugging when ACPI is disabled
acpi-cpufreq: Honor _PSD table setting on new AMD CPUs
w1: mxc_w1: Fix timeout resolution problem leading to bus error
scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove()
btrfs: reschedule if necessary when logging directory items
btrfs: cleanup cow block on error
btrfs: fix use-after-free on readahead extent after failure to create it
usb: dwc3: core: add phy cleanup for probe error handling
usb: dwc3: core: don't trigger runtime pm when remove driver
usb: host: fsl-mph-dr-of: check return of dma_set_mask()
vt: keyboard, simplify vt_kdgkbsent
vt: keyboard, extend func_buf_lock to readers
dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status
iio:light:si1145: Fix timestamp alignment and prevent data leak.
iio:adc:ti-adc12138 Fix alignment issue with timestamp
iio:gyro:itg3200: Fix timestamp alignment and prevent data leak.
powerpc: Warn about use of smt_snooze_delay
powerpc/powernv/elog: Fix race while processing OPAL error log event.
ubifs: dent: Fix some potential memory leaks while iterating entries
ubi: check kthread_should_stop() after the setting of task state
ia64: fix build error with !COREDUMP
ceph: promote to unsigned long long before shifting
libceph: clear con->out_msg on Policy::stateful_server faults
9P: Cast to loff_t before multiplying
ring-buffer: Return 0 on success from ring_buffer_resize()
vringh: fix __vringh_iov() when riov and wiov are different
rtc: rx8010: don't modify the global rtc ops
tty: make FONTX ioctl use the tty pointer they were actually passed
arm64: berlin: Select DW_APB_TIMER_OF
cachefiles: Handle readpage error correctly
hil/parisc: Disable HIL driver when it gets stuck
ARM: samsung: fix PM debug build with DEBUG_LL but !MMU
ARM: s3c24xx: fix missing system reset
device property: Keep secondary firmware node secondary by type
device property: Don't clear secondary pointer for shared primary firmware node
KVM: arm64: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR
staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice
staging: octeon: repair "fixed-link" support
staging: octeon: Drop on uncorrectable alignment or FCS error
xen/events: don't use chip_data for legacy IRQs
tipc: fix use-after-free in tipc_bcast_get_mode
gianfar: Replace skb_realloc_headroom with skb_cow_head for PTP
gianfar: Account for Tx PTP timestamp in the skb headroom
Fonts: Replace discarded const qualifier
ALSA: usb-audio: Add implicit feedback quirk for Qu-16
kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled
ftrace: Fix recursion check for NMI test
ftrace: Handle tracing when switching between context
tracing: Fix out of bounds write in get_trace_buf
ARM: dts: sun4i-a10: fix cpu_alert temperature
x86/kexec: Use up-to-dated screen_info copy to fill boot params
of: Fix reserved-memory overlap detection
scsi: core: Don't start concurrent async scan on same host
vsock: use ns_capable_noaudit() on socket create
ACPI: NFIT: Fix comparison to '-ENXIO'
vt: Disable KD_FONT_OP_COPY
fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
serial: 8250_mtk: Fix uart_get_baud_rate warning
serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init
USB: serial: cyberjack: fix write-URB completion race
USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231
USB: serial: option: add Telit FN980 composition 0x1055
USB: Add NO_LPM quirk for Kingston flash drive
ARC: stack unwinding: avoid indefinite looping
Revert "ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE"
Linux 4.9.242
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: I594296d57790eb8b7fa737119346d2b60572e5fd
|
||
|
Eddy Wu
|
66be43d818 |
fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent
commit b4e00444cab4c3f3fec876dc0cccc8cbb0d1a948 upstream. current->group_leader->exit_signal may change during copy_process() if current->real_parent exits. Move the assignment inside tasklist_lock to avoid the race. Signed-off-by: Eddy Wu <eddy_wu@trendmicro.com> Acked-by: Oleg Nesterov <oleg@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
lucaswei
|
fe4d25c70e |
Merge android-4.9-q (4.9.200) into android-msm-pixel-4.9-lts
Merge 4.9.200 into android-4.9-q
Linux 4.9.200
* alarmtimer: Change remaining ENOTSUPP to EOPNOTSUPP
kernel/time/alarmtimer.c
dmaengine: qcom: bam_dma: Fix resource leak
* net/flow_dissector: switch to siphash
include/linux/skbuff.h
include/net/flow_dissector.h
net/core/flow_dissector.c
net/sched/sch_fq_codel.c
* kbuild: add -fcf-protection=none when using retpoline flags
Makefile
* kbuild: use -fmacro-prefix-map to make __FILE__ a relative path
Makefile
* Kbuild: make designated_init attribute fatal
Makefile
* inet: stop leaking jiffies on the wire
net/ipv4/datagram.c
net/ipv4/tcp_ipv4.c
net/mlx4_core: Dynamically set guaranteed amount of counters per VF
vxlan: check tun_info options_len properly
net: bcmgenet: reset 40nm EPHY on energy detect
net: dsa: fix switch tree list
* net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
net/core/datagram.c
selftests: net: reuseport_dualstack: fix uninitalized parameter
* net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()
net/core/ethtool.c
net: hisilicon: Fix ping latency when deal with high throughput
* net: fix sk_page_frag() recursion from memory reclaim
include/linux/gfp.h
include/net/sock.h
dccp: do not leak jiffies on the wire
cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
MIPS: bmips: mark exception vectors as char arrays
of: unittest: fix memory leak in unittest_data_add
scsi: target: core: Do not overwrite CDB byte 1
ARM: davinci: dm365: Fix McBSP dma_slave_map entry
perf kmem: Fix memory leak in compact_gfp_flags()
ARM: dts: imx7s: Correct GPT's ipg clock source
* scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE
drivers/scsi/Kconfig
scsi: sni_53c710: fix compilation error
scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions
ARM: mm: fix alignment handler faults under memory pressure
pinctrl: ns2: Fix off by one bugs in ns2_pinmux_enable()
ARM: dts: logicpd-torpedo-som: Remove twl_keypad
ASoc: rockchip: i2s: Fix RPM imbalance
ASoC: wm_adsp: Don't generate kcontrols without READ flags
regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized
regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone
UPSTREAM: HID: steam: fix deadlock with input devices.
UPSTREAM: HID: steam: fix boot loop with bluetooth firmware
UPSTREAM: HID: steam: remove input device when a hid client is running.
UPSTREAM: HID: steam: use hid_device.driver_data instead of hid_set_drvdata()
UPSTREAM: HID: steam: add missing fields in client initialization
UPSTREAM: HID: steam: add battery device.
* UPSTREAM: HID: add driver for Valve Steam Controller
drivers/hid/Kconfig
drivers/hid/Makefile
drivers/hid/hid-core.c
drivers/hid/hid-ids.h
include/linux/hid.h
* UPSTREAM: HID: sony: Fix memory corruption issue on cleanup.
drivers/hid/hid-sony.c
* UPSTREAM: HID: sony: Fix race condition between rumble and device remove.
drivers/hid/hid-sony.c
Merge 4.9.199 into android-4.9-q
Linux 4.9.199
Revert "ALSA: hda: Flush interrupts on disabling"
* ALSA: timer: Fix mutex deadlock at releasing card
sound/core/timer.c
* ALSA: timer: Simplify error path in snd_timer_open()
sound/core/timer.c
* ALSA: timer: Limit max instances per timer
include/sound/timer.h
sound/core/timer.c
* ALSA: timer: Follow standard EXPORT_SYMBOL() declarations
sound/core/timer.c
xfs: Correctly invert xfs_buftarg LRU isolation logic
sctp: not bind the socket in sctp_connect
* sctp: fix the issue that flags are ignored when using kernel_connect
include/net/sctp/sctp.h
* sch_netem: fix rcu splat in netem_enqueue()
include/net/sch_generic.h
net/sched/sch_netem.c
net: usb: sr9800: fix uninitialized local variable
* bonding: fix potential NULL deref in bond_update_slave_arr
drivers/net/bonding/bond_main.c
llc: fix sk_buff leak in llc_conn_service()
llc: fix sk_buff leak in llc_sap_state_process()
dmaengine: cppi41: Fix cppi41_dma_prep_slave_sg() when idle
rtlwifi: Fix potential overflow on P2P code
s390/cmm: fix information leak in cmm_timeout_handler()
* nl80211: fix validation of mesh path nexthop
net/wireless/nl80211.c
* HID: fix error message in hid_open_report()
drivers/hid/hid-core.c
* HID: Fix assumption that devices have inputs
drivers/hid/hid-dr.c
drivers/hid/hid-gaff.c
drivers/hid/hid-sony.c
HID: i2c-hid: add Trekstor Primebook C11B to descriptor override
USB: serial: whiteheat: fix line-speed endianness
USB: serial: whiteheat: fix potential slab corruption
USB: ldusb: fix control-message timeout
USB: ldusb: fix ring-buffer locking
* usb-storage: Revert commit 747668dbc061 ("usb-storage: Set virt_boundary_mask to avoid SG overflows")
drivers/usb/storage/scsiglue.c
* USB: gadget: Reject endpoints with 0 maxpacket value
drivers/usb/gadget/udc/core.c
UAS: Revert commit 3ae62a42090f ("UAS: fix alignment of scatter/gather segments")
ALSA: bebob: Fix prototype of helper function to return negative value
* fuse: truncate pending writes on O_TRUNC
fs/fuse/file.c
* fuse: flush dirty data/metadata before non-truncate setattr
fs/fuse/dir.c
ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()
thunderbolt: Use 32-bit writes when writing ring producer/consumer
USB: legousbtower: fix a signedness bug in tower_probe()
* tracing: Initialize iter->seq after zeroing in tracing_read_pipe()
kernel/trace/trace.c
s390/uaccess: avoid (false positive) compiler warnings
NFSv4: Fix leak of clp->cl_acceptor string
MIPS: fw: sni: Fix out of bounds init of o32 stack
fs: ocfs2: fix a possible null-pointer dereference in ocfs2_info_scan_inode_alloc()
fs: ocfs2: fix a possible null-pointer dereference in ocfs2_write_end_nolock()
fs: ocfs2: fix possible null-pointer dereferences in ocfs2_xa_prepare_entry()
ocfs2: clear zero in unaligned direct IO
efi/x86: Do not clean dummy variable in kexec path
efi/cper: Fix endianness of PCIe class code
serial: mctrl_gpio: Check for NULL pointer
fs: cifs: mute -Wunused-const-variable message
gpio: max77620: Use correct unit for debounce times
RDMA/iwcm: Fix a lock inversion issue
staging: rtl8188eu: fix null dereference when kzalloc fails
perf jevents: Fix period for Intel fixed counters
perf map: Fix overlapped map handling
iio: fix center temperature of bmc150-accel-core
* exec: load_script: Do not exec truncated interpreter path
fs/binfmt_script.c
rtc: pcf8523: set xtal load capacitance from DT
* usb: handle warm-reset port requests on hub resume
drivers/usb/core/hub.c
* scripts/setlocalversion: Improve -dirty check with git-status --no-optional-locks
scripts/setlocalversion
HID: i2c-hid: Add Odys Winbook 13 to descriptor override
x86/cpu: Add Atom Tremont (Jacobsville)
HID: i2c-hid: add Direkt-Tek DTLAPY133-1 to descriptor override
sc16is7xx: Fix for "Unexpected interrupt: 8"
* dm: Use kzalloc for all structs with embedded biosets/mempools
drivers/md/dm-io.c
drivers/md/dm-kcopyd.c
dm snapshot: rework COW throttling to fix deadlock
dm snapshot: introduce account_start_copy() and account_end_copy()
dm snapshot: use mutex instead of rw_semaphore
* binder: binder: fix possible UAF when freeing buffer
drivers/android/binder.c
* BACKPORT: dm bufio: introduce a global cache replacement
drivers/md/dm-bufio.c
* BACKPORT: dm bufio: remove old-style buffer cleanup
drivers/md/dm-bufio.c
* BACKPORT: dm bufio: introduce a global queue
drivers/md/dm-bufio.c
* BACKPORT: dm bufio: refactor adjust_total_allocated
drivers/md/dm-bufio.c
* BACKPORT: dm bufio: call adjust_total_allocated from __link_buffer and __unlink_buffer
drivers/md/dm-bufio.c
cuttlefish-4.9: Enable CONFIG_DM_SNAPSHOT
Merge 4.9.198 into android-4.9-q
Linux 4.9.198
RDMA/cxgb4: Do not dma memory off of the stack
* Revert "net: sit: fix memory leak in sit_init_net()"
net/ipv6/sit.c
* PCI: PM: Fix pci_power_up()
drivers/pci/pci.c
xen/netback: fix error path of xenvif_connect_data()
* cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown
drivers/base/core.c
drivers/cpufreq/cpufreq.c
memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()'
btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group()
CIFS: avoid using MID 0xFFFF
parisc: Fix vmap memory leak in ioremap()/iounmap()
xtensa: drop EXPORT_SYMBOL for outs*/ins*
* mm/slub: fix a deadlock in show_slab_objects()
mm/slub.c
scsi: zfcp: fix reaction on bit error threshold notification
* drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50
drivers/gpu/drm/drm_edid.c
mac80211: Reject malformed SSID elements
cfg80211: wext: avoid copying malformed SSIDs
ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting
Input: da9063 - fix capability and drop KEY_SLEEP
* scsi: core: try to get module before removing device
drivers/scsi/scsi_sysfs.c
staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS
MIPS: tlbex: Fix build_restore_pagemask KScratch restore
USB: ldusb: fix read info leaks
USB: usblp: fix use-after-free on disconnect
USB: ldusb: fix memleak on disconnect
USB: serial: ti_usb_3410_5052: fix port-close races
usb: udc: lpc32xx: fix bad bit shift operation
ALSA: hda/realtek - Add support for ALC711
USB: legousbtower: fix memleak on disconnect
* memfd: Fix locking when tagging pins
mm/shmem.c
* ipv4: Return -ENETUNREACH if we can't create route but saddr is valid
net/ipv4/route.c
* net: avoid potential infinite loop in tc_ctl_action()
net/sched/act_api.c
sctp: change sctp_prot .no_autobind with true
net: bcmgenet: Set phydev->dev_flags only for internal PHYs
net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3
* loop: Add LOOP_SET_DIRECT_IO to compat ioctl
drivers/block/loop.c
ocfs2: fix panic due to ocfs2_wq is null
Revert "drm/radeon: Fix EEH during kexec"
namespace: fix namespace.pl script to support relative paths
net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write()
mips: Loongson: Fix the link time qualifier of 'serial_exit()'
mac80211: fix txq null pointer dereference
* nl80211: fix null pointer dereference
net/wireless/nl80211.c
MIPS: dts: ar9331: fix interrupt-controller size
ARM: dts: am4372: Set memory bandwidth limit for DISPC
ARM: OMAP2+: Fix missing reset done flag for am3 and am43
scsi: qla2xxx: Fix unbound sleep in fcport delete path.
scsi: megaraid: disable device when probe failed after enabled device
* scsi: ufs: skip shutdown if hba is not powered
drivers/scsi/ufs/ufshcd.c
rtlwifi: Fix potential overflow on P2P code
ANDROID: clang: update to 9.0.8 based on r365631c
* ANDROID: move up spin_unlock_bh() ahead of remove_proc_entry()
net/netfilter/xt_quota2.c
ANDROID: refactor build.config files to remove duplication
Merge 4.9.197 into android-4.9-q
Linux 4.9.197
xfs: clear sb->s_fs_info on mount failure
x86/asm: Fix MWAITX C-state hint value
* tracing: Get trace_array reference for available_tracers files
kernel/trace/trace.c
tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency
tracing/hwlat: Report total time spent in all NMIs during the sample
media: stkwebcam: fix runtime PM after driver unbind
* Fix the locking in dcache_readdir() and friends
fs/libfs.c
MIPS: Disable Loongson MMI instructions for kernel build
Staging: fbtft: fix memory leak in fbtft_framebuffer_alloc
staging: fbtft: Stop using BL_CORE_DRIVER1
* kernel/sysctl.c: do not override max_threads provided by userspace
kernel/fork.c
CIFS: Force reval dentry if LOOKUP_REVAL flag is set
CIFS: Force revalidate inode when dentry is stale
CIFS: Gracefully handle QueryInfo errors during open
perf inject jit: Fix JIT_CODE_MOVE filename
perf llvm: Don't access out-of-scope array
efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified
iio: light: opt3001: fix mutex unlock race
iio: adc: ad799x: fix probe error handling
staging: vt6655: Fix memory leak in vt6655_probe
USB: legousbtower: fix use-after-free on release
USB: legousbtower: fix open after failed reset request
USB: legousbtower: fix potential NULL-deref on disconnect
USB: legousbtower: fix deadlock on disconnect
USB: legousbtower: fix slab info leak at probe
usb: renesas_usbhs: gadget: Fix usb_ep_set_{halt,wedge}() behavior
usb: renesas_usbhs: gadget: Do not discard queues in usb_ep_set_{halt,wedge}()
USB: dummy-hcd: fix power budget for SuperSpeed mode
USB: microtek: fix info-leak at probe
USB: usblcd: fix I/O after disconnect
USB: serial: fix runtime PM after driver unbind
USB: serial: option: add support for Cinterion CLS8 devices
USB: serial: option: add Telit FN980 compositions
USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20
USB: serial: keyspan: fix NULL-derefs on open() and write()
serial: uartlite: fix exit path null pointer
USB: ldusb: fix NULL-derefs on driver unbind
USB: chaoskey: fix use-after-free on release
USB: usblp: fix runtime PM after driver unbind
USB: iowarrior: fix use-after-free after driver unbind
USB: iowarrior: fix use-after-free on release
USB: iowarrior: fix use-after-free on disconnect
USB: adutux: fix use-after-free on release
USB: adutux: fix NULL-derefs on disconnect
USB: adutux: fix use-after-free on disconnect
USB: adutux: remove redundant variable minor
* xhci: Increase STS_SAVE timeout in xhci_suspend()
drivers/usb/host/xhci.c
* usb: xhci: wait for CNR controller not ready bit in xhci resume
drivers/usb/host/xhci.c
* xhci: Check all endpoints for LPM timeout
drivers/usb/host/xhci.c
* xhci: Prevent device initiated U1/U2 link pm if exit latency is too long
drivers/usb/host/xhci.c
* xhci: Fix false warning message about wrong bounce buffer write length
drivers/usb/host/xhci-ring.c
USB: usb-skeleton: fix NULL-deref on disconnect
USB: usb-skeleton: fix runtime PM after driver unbind
USB: yurex: fix NULL-derefs on disconnect
USB: yurex: Don't retry on unexpected errors
* USB: rio500: Remove Rio 500 kernel driver
drivers/usb/misc/Kconfig
drivers/usb/misc/Makefile
* panic: ensure preemption is disabled during panic()
kernel/panic.c
ASoC: sgtl5000: Improve VAG power and mute control
* nl80211: validate beacon head
net/wireless/nl80211.c
* cfg80211: Use const more consistently in for_each_element macros
include/linux/ieee80211.h
* cfg80211: add and use strongly typed element iteration macros
include/linux/ieee80211.h
net/wireless/scan.c
coresight: etm4x: Use explicit barriers on enable/disable
crypto: caam - fix concurrency issue in givencrypt descriptor
perf stat: Reset previous counts on repeat with interval
perf stat: Fix a segmentation fault when using repeat forever
perf tools: Fix segfault in cpu_cache_level__read()
tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure
* kernel/elfcore.c: include proper prototypes
kernel/elfcore.c
* sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr()
kernel/sched/core.c
fuse: fix memleak in cuse_channel_open
* thermal: Fix use-after-free when unregistering thermal zone device
drivers/thermal/thermal_core.c
drm/amdgpu: Check for valid number of registers to read
ceph: reconnect connection if session hang in opening state
ceph: fix directories inode i_blkbits initialization
xen/pci: reserve MCFG areas earlier
9p: avoid attaching writeback_fid on mmap with type PRIVATE
fs: nfs: Fix possible null-pointer dereferences in encode_attrs()
ima: always return negative code for error
* cfg80211: initialize on-stack chandefs
net/wireless/nl80211.c
net/wireless/reg.c
ieee802154: atusb: fix use-after-free at disconnect
watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout
* timer: Read jiffies once when forwarding base clk
kernel/time/timer.c
* usercopy: Avoid HIGHMEM pfn warning
mm/usercopy.c
crypto: qat - Silence smp_processor_id() warning
can: mcp251x: mcp251x_hw_reset(): allow more time after a reset
powerpc/powernv: Restrict OPAL symbol map to only be readable by root
* ASoC: Define a set of DAPM pre/post-up events
include/sound/soc-dapm.h
KVM: nVMX: handle page fault in vmread fix
s390/cio: exclude subchannels with no parent from pseudo check
s390/cio: avoid calling strlen on null pointer
s390/topology: avoid firing events before kobjs are created
KVM: s390: Test for bad access register and size at the start of S390_MEM_OP
ANDROID: cuttlefish_defconfig: Enable BPF_JIT and BPF_JIT_ALWAYS_ON
Change-Id: Ie9c99a9fcb1ee411aea4da0b1c4a454989142343
Signed-off-by: lucaswei <lucaswei@google.com>
|
||
|
Greg Kroah-Hartman
|
e9766ef8f1 |
Merge 4.9.197 into android-4.9-q
Changes in 4.9.197
KVM: s390: Test for bad access register and size at the start of S390_MEM_OP
s390/topology: avoid firing events before kobjs are created
s390/cio: avoid calling strlen on null pointer
s390/cio: exclude subchannels with no parent from pseudo check
KVM: nVMX: handle page fault in vmread fix
ASoC: Define a set of DAPM pre/post-up events
powerpc/powernv: Restrict OPAL symbol map to only be readable by root
can: mcp251x: mcp251x_hw_reset(): allow more time after a reset
crypto: qat - Silence smp_processor_id() warning
usercopy: Avoid HIGHMEM pfn warning
timer: Read jiffies once when forwarding base clk
watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout
ieee802154: atusb: fix use-after-free at disconnect
cfg80211: initialize on-stack chandefs
ima: always return negative code for error
fs: nfs: Fix possible null-pointer dereferences in encode_attrs()
9p: avoid attaching writeback_fid on mmap with type PRIVATE
xen/pci: reserve MCFG areas earlier
ceph: fix directories inode i_blkbits initialization
ceph: reconnect connection if session hang in opening state
drm/amdgpu: Check for valid number of registers to read
thermal: Fix use-after-free when unregistering thermal zone device
fuse: fix memleak in cuse_channel_open
sched/core: Fix migration to invalid CPU in __set_cpus_allowed_ptr()
kernel/elfcore.c: include proper prototypes
tools lib traceevent: Do not free tep->cmdlines in add_new_comm() on failure
perf tools: Fix segfault in cpu_cache_level__read()
perf stat: Fix a segmentation fault when using repeat forever
perf stat: Reset previous counts on repeat with interval
crypto: caam - fix concurrency issue in givencrypt descriptor
coresight: etm4x: Use explicit barriers on enable/disable
cfg80211: add and use strongly typed element iteration macros
cfg80211: Use const more consistently in for_each_element macros
nl80211: validate beacon head
ASoC: sgtl5000: Improve VAG power and mute control
panic: ensure preemption is disabled during panic()
USB: rio500: Remove Rio 500 kernel driver
USB: yurex: Don't retry on unexpected errors
USB: yurex: fix NULL-derefs on disconnect
USB: usb-skeleton: fix runtime PM after driver unbind
USB: usb-skeleton: fix NULL-deref on disconnect
xhci: Fix false warning message about wrong bounce buffer write length
xhci: Prevent device initiated U1/U2 link pm if exit latency is too long
xhci: Check all endpoints for LPM timeout
usb: xhci: wait for CNR controller not ready bit in xhci resume
xhci: Increase STS_SAVE timeout in xhci_suspend()
USB: adutux: remove redundant variable minor
USB: adutux: fix use-after-free on disconnect
USB: adutux: fix NULL-derefs on disconnect
USB: adutux: fix use-after-free on release
USB: iowarrior: fix use-after-free on disconnect
USB: iowarrior: fix use-after-free on release
USB: iowarrior: fix use-after-free after driver unbind
USB: usblp: fix runtime PM after driver unbind
USB: chaoskey: fix use-after-free on release
USB: ldusb: fix NULL-derefs on driver unbind
serial: uartlite: fix exit path null pointer
USB: serial: keyspan: fix NULL-derefs on open() and write()
USB: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20
USB: serial: option: add Telit FN980 compositions
USB: serial: option: add support for Cinterion CLS8 devices
USB: serial: fix runtime PM after driver unbind
USB: usblcd: fix I/O after disconnect
USB: microtek: fix info-leak at probe
USB: dummy-hcd: fix power budget for SuperSpeed mode
usb: renesas_usbhs: gadget: Do not discard queues in usb_ep_set_{halt,wedge}()
usb: renesas_usbhs: gadget: Fix usb_ep_set_{halt,wedge}() behavior
USB: legousbtower: fix slab info leak at probe
USB: legousbtower: fix deadlock on disconnect
USB: legousbtower: fix potential NULL-deref on disconnect
USB: legousbtower: fix open after failed reset request
USB: legousbtower: fix use-after-free on release
staging: vt6655: Fix memory leak in vt6655_probe
iio: adc: ad799x: fix probe error handling
iio: light: opt3001: fix mutex unlock race
efivar/ssdt: Don't iterate over EFI vars if no SSDT override was specified
perf llvm: Don't access out-of-scope array
perf inject jit: Fix JIT_CODE_MOVE filename
CIFS: Gracefully handle QueryInfo errors during open
CIFS: Force revalidate inode when dentry is stale
CIFS: Force reval dentry if LOOKUP_REVAL flag is set
kernel/sysctl.c: do not override max_threads provided by userspace
staging: fbtft: Stop using BL_CORE_DRIVER1
Staging: fbtft: fix memory leak in fbtft_framebuffer_alloc
MIPS: Disable Loongson MMI instructions for kernel build
Fix the locking in dcache_readdir() and friends
media: stkwebcam: fix runtime PM after driver unbind
tracing/hwlat: Report total time spent in all NMIs during the sample
tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency
tracing: Get trace_array reference for available_tracers files
x86/asm: Fix MWAITX C-state hint value
xfs: clear sb->s_fs_info on mount failure
Linux 4.9.197
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Michal Hocko
|
5a4a1217c0 |
kernel/sysctl.c: do not override max_threads provided by userspace
commit b0f53dbc4bc4c371f38b14c391095a3bb8a0bb40 upstream. Partially revert |
||
|
Robin Peng
|
d5bdee4cf1 |
Merge android-4.9-q (4.9.192) into android-msm-pixel-4.9-lts
Merge 4.9.192 into android-4.9-q
Linux 4.9.192
* mld: fix memory leak in mld_del_delrec()
net/ipv6/mcast.c
* tcp: inherit timestamp on mtu probe
net/ipv4/tcp_output.c
net: stmmac: dwmac-rk: Don't fail if phy regulator is absent
net: fix skb use after free in netpoll
Revert "x86/apic: Include the LDR when clearing out APIC registers"
spi: bcm2835aux: fix corruptions for longer spi transfers
spi: bcm2835aux: remove dangerous uncontrolled read of fifo
spi: bcm2835aux: unifying code between polling and interrupt driven code
spi: bcm2835aux: ensure interrupts are enabled for shared handler
libceph: allow ceph_buffer_put() to receive a NULL ceph_buffer
KVM: arm/arm64: Only skip MMIO insn once
ceph: fix buffer free while holding i_ceph_lock in fill_inode()
ceph: fix buffer free while holding i_ceph_lock in __ceph_setxattr()
IB/mlx4: Fix memory leaks
Tools: hv: kvp: eliminate 'may be used uninitialized' warning
ravb: Fix use-after-free ravb_tstamp_skb
wimax/i2400m: fix a memory leak bug
net: kalmia: fix memory leaks
cx82310_eth: fix a memory leak bug
net: myri10ge: fix memory leaks
cxgb4: fix a memory leak bug
* gpio: Fix build error of function redefinition
include/linux/gpio.h
ibmveth: Convert multicast list size for little-endian system
Bluetooth: btqca: Add a short delay before downloading the NVM
net: tc35815: Explicitly check NET_IP_ALIGN is not zero in tc35815_rx
net: tundra: tsi108: use spin_lock_irqsave instead of spin_lock_irq in IRQ context
Merge 4.9.191 into android-4.9-q
Linux 4.9.191
* mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n
mm/zsmalloc.c
x86/ptrace: fix up botched merge of spectrev1 fix
i2c: piix4: Fix port selection for AMD Family 16h Model 30h
KVM: arm/arm64: vgic-v2: Handle SGI bits in GICD_I{S,C}PENDR0 as WI
KVM: arm/arm64: vgic: Fix potential deadlock when ap_list is long
mac80211: fix possible sta leak
* Revert "cfg80211: fix processing world regdomain when non modular"
net/wireless/reg.c
VMCI: Release resource if the work is already queued
stm class: Fix a double free of stm_source_device
* mmc: core: Fix init of SD cards reporting an invalid VDD range
drivers/mmc/core/sd.c
mmc: sdhci-of-at91: add quirk for broken HS200
uprobes/x86: Fix detection of 32-bit user mode
ptrace,x86: Make user_64bit_mode() available to 32-bit builds
USB: storage: ums-realtek: Whitelist auto-delink support
USB: storage: ums-realtek: Update module parameter description for auto_delink_en
usb: host: xhci: rcar: Fix typo in compatible string matching
usb: host: ohci: fix a race condition between shutdown and irq
usb: chipidea: udc: don't do hardware access if gadget has stopped
USB: cdc-wdm: fix race between write and disconnect due to flag abuse
* usb-storage: Add new JMS567 revision to unusual_devs
drivers/usb/storage/unusual_devs.h
* mm/zsmalloc.c: fix race condition in zs_destroy_pool
mm/zsmalloc.c
x86/apic: Include the LDR when clearing out APIC registers
x86/apic: Do not initialize LDR and DFR for bigsmp
KVM: x86: Don't update RIP or do single-step on faulting emulation
ALSA: seq: Fix potential concurrent access to the deleted pool
ALSA: line6: Fix memory leak at line6_init_pcm() error path
* tcp: make sure EPOLLOUT wont be missed
net/core/stream.c
* ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
sound/usb/mixer.c
* ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term
sound/usb/mixer.c
* tcp: fix tcp_rtx_queue_tail in case of empty retransmit queue
include/net/tcp.h
* scsi: ufs: Fix RX_TERMINATION_FORCE_ENABLE define value
drivers/scsi/ufs/unipro.h
watchdog: bcm2835_wdt: Fix module autoload
tools: hv: fix KVP and VSS daemons exit code
usb: host: fotg2: restart hcd after port reset
i2c: emev2: avoid race when unregistering slave client
xen/blkback: fix memory leaks
* usb: gadget: composite: Clear "suspended" on reset/disconnect
drivers/usb/gadget/composite.c
* iommu/dma: Handle SG length overflow better
drivers/iommu/dma-iommu.c
dmaengine: ste_dma40: fix unneeded variable warning
x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h
Revert "perf test 6: Fix missing kvm module load for s390"
xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT
* mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely
mm/zsmalloc.c
mm, page_owner: handle THP splits correctly
* genirq: Properly pair kobject_del() with kobject_add()
kernel/irq/irqdesc.c
* dm table: fix invalid memory accesses with too high sector number
drivers/md/dm-table.c
dm space map metadata: fix missing store of apply_bops() return value
dm btree: fix order of block initialization in btree_split_beneath
x86/boot: Fix boot regression caused by bootparam sanitizing
x86/boot: Save fields explicitly, zero out everything else
x86/apic: Handle missing global clockevent gracefully
x86/retpoline: Don't clobber RFLAGS during CALL_NOSPEC on i386
userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx
* gpiolib: never report open-drain/source lines as 'input' to user-space
drivers/gpio/gpiolib.c
* Revert "dm bufio: fix deadlock with loop device"
drivers/md/dm-bufio.c
HID: wacom: Correct distance scale for 2nd-gen Intuos devices
HID: wacom: correct misreported EKR ring values
selftests: kvm: Adding config fragments
perf pmu-events: Fix missing "cpu_clk_unhalted.core" event
drm/vmwgfx: fix memory leak when too many retries have occurred
x86/lib/cpu: Address missing prototypes warning
libata: add SG safety checks in SFF pio transfers
net: hisilicon: Fix dma_map_single failed on arm64
net: hisilicon: fix hip04-xmit never return TX_BUSY
net: hisilicon: make hip04_tx_reclaim non-reentrant
net: cxgb3_main: Fix a resource leak in a error path in 'init_one()'
HID: input: fix a4tech horizontal wheel custom usage
NFSv4: Fix a potential sleep while atomic in nfs4_do_reclaim()
can: peak_usb: force the string buffer NULL-terminated
can: sja1000: force the string buffer NULL-terminated
perf bench numa: Fix cpu0 binding
isdn: hfcsusb: Fix mISDN driver crash caused by transfer buffer on the stack
isdn: mISDN: hfcsusb: Fix possible null-pointer dereferences in start_isoc_chain()
net: usb: qmi_wwan: Add the BroadMobi BM818 card
ASoC: ti: davinci-mcasp: Correct slot_width posed constraint
st_nci_hci_connectivity_event_received: null check the allocation
st21nfca_connectivity_event_received: null check the allocation
can: dev: call netif_carrier_off() in register_candev()
* bonding: Force slave speed check after link state recovery for 802.3ad
drivers/net/bonding/bond_main.c
* ASoC: dapm: Fix handling of custom_stop_condition on DAPM graph walks
sound/soc/soc-dapm.c
* netfilter: ebtables: fix a memory leak bug in compat
net/bridge/netfilter/ebtables.c
MIPS: kernel: only use i8253 clocksource with periodic clockevent
HID: Add 044f:b320 ThrustMaster, Inc. 2 in 1 DT
* BACKPORT: arch: add pidfd and io_uring syscalls everywhere
arch/arm64/include/asm/unistd32.h
* UPSTREAM: pidfd: fix a poll race when setting exit_state
kernel/exit.c
* BACKPORT: arch: wire-up pidfd_open()
arch/arm64/include/asm/unistd.h
arch/arm64/include/asm/unistd32.h
arch/x86/entry/syscalls/syscall_32.tbl
include/uapi/asm-generic/unistd.h
* BACKPORT: pid: add pidfd_open()
include/linux/syscalls.h
kernel/pid.c
* UPSTREAM: pidfd: add polling support
include/linux/pid.h
kernel/fork.c
kernel/pid.c
kernel/signal.c
* UPSTREAM: signal: improve comments
kernel/signal.c
* BACKPORT: fork: do not release lock that wasn't taken
kernel/fork.c
* BACKPORT: signal: support CLONE_PIDFD with pidfd_send_signal
kernel/signal.c
kernel/sys_ni.c
* BACKPORT: clone: add CLONE_PIDFD
include/linux/pid.h
include/uapi/linux/sched.h
kernel/fork.c
* UPSTREAM: Make anon_inodes unconditional
arch/arm64/kvm/Kconfig
drivers/base/Kconfig
drivers/char/tpm/Kconfig
drivers/dma-buf/Kconfig
drivers/gpio/Kconfig
drivers/iio/Kconfig
drivers/infiniband/Kconfig
drivers/vfio/Kconfig
fs/Makefile
fs/notify/fanotify/Kconfig
fs/notify/inotify/Kconfig
init/Kconfig
* UPSTREAM: signal: use fdget() since we don't allow O_PATH
kernel/signal.c
* UPSTREAM: signal: don't silently convert SI_USER signals to non-current pidfd
kernel/signal.c
* BACKPORT: signal: add pidfd_send_signal() syscall
arch/x86/entry/syscalls/syscall_32.tbl
fs/proc/base.c
include/linux/proc_fs.h
include/linux/syscalls.h
include/uapi/asm-generic/unistd.h
kernel/signal.c
kernel/sys_ni.c
* ANDROID: sched: Disallow WALT with CFS bandwidth control
init/Kconfig
* ANDROID: fiq_debugger: remove
drivers/staging/android/Kconfig
drivers/staging/android/Makefile
Merge 4.9.190 into android-4.9-q
Linux 4.9.190
* bonding: Add vlan tx offload to hw_enc_features
drivers/net/bonding/bond_main.c
team: Add vlan tx offload to hw_enc_features
net/mlx5e: Use flow keys dissector to parse packets for ARFS
net/mlx5e: Only support tx/rx pause setting for port owner
xen/netback: Reset nr_frags before freeing skb
sctp: fix the transport error_count check
* net/packet: fix race in tpacket_snd()
net/packet/af_packet.c
bnx2x: Fix VF's VLAN reconfiguration in reload.
iommu/amd: Move iommu_init_pci() to .init section
Input: psmouse - fix build error of multiple definition
* netfilter: conntrack: Use consistent ct id hash calculation
net/netfilter/nf_conntrack_core.c
* arm64: compat: Allow single-byte watchpoints on all addresses
arch/arm64/kernel/hw_breakpoint.c
* bpf: fix bpf_jit_limit knob for PAGE_SIZE >= 64K
include/linux/filter.h
kernel/bpf/core.c
net/core/sysctl_net_core.c
* asm-generic: fix -Wtype-limits compiler warnings
include/asm-generic/getorder.h
USB: serial: option: Add Motorola modem UARTs
USB: serial: option: add the BroadMobi BM818 card
USB: serial: option: Add support for ZTE MF871A
USB: serial: option: add D-Link DWM-222 device ID
* USB: CDC: fix sanity checks in CDC union parser
drivers/usb/core/message.c
usb: cdc-acm: make sure a refcount is taken early enough
* USB: core: Fix races in character device registration and deregistraion
drivers/usb/core/file.c
staging: comedi: dt3000: Fix rounding up of timer divisor
staging: comedi: dt3000: Fix signed integer overflow 'divider * base'
ocfs2: remove set but not used variable 'last_hash'
IB/mad: Fix use-after-free in ib mad completion handling
IB/core: Add mitigation for Spectre V1
* arm64/mm: fix variable 'pud' set but not used
arch/arm64/include/asm/pgtable.h
* arm64/efi: fix variable 'si' set but not used
arch/arm64/include/asm/efi.h
* kbuild: modpost: handle KBUILD_EXTRA_SYMBOLS only for external modules
scripts/Makefile.modpost
ata: libahci: do not complain in case of deferred probe
scsi: hpsa: correct scsi command status issue after reset
libata: zpodd: Fix small read overflow in zpodd_get_mech_type()
perf header: Fix use of unitialized value warning
perf header: Fix divide by zero error if f_header.attr_size==0
irqchip/irq-imx-gpcv2: Forward irq type to parent
xen/pciback: remove set but not used variable 'old_state'
net: usb: pegasus: fix improper read if get_registers() fail
Input: iforce - add sanity checks
Input: kbtab - sanity check for endpoint type
* HID: hiddev: do cleanup in failure of opening a device
drivers/hid/usbhid/hiddev.c
* HID: hiddev: avoid opening a disconnected device
drivers/hid/usbhid/hiddev.c
HID: holtek: test for sanity of intfdata
ALSA: hda - Let all conexant codec enter D3 when rebooting
ALSA: hda - Add a generic reboot_notify
ALSA: hda - Fix a memory leak bug
xtensa: add missing isync to the cpu_reset TLB code
* netfilter: ctnetlink: don't use conntrack/expect object addresses as id
include/net/netfilter/nf_conntrack.h
net/netfilter/nf_conntrack_core.c
net/netfilter/nf_conntrack_netlink.c
* inet: switch IP ID generator to siphash
include/linux/siphash.h
include/net/netns/ipv4.h
net/ipv4/route.c
net/ipv6/output_core.c
* siphash: implement HalfSipHash1-3 for hash tables
include/linux/siphash.h
lib/siphash.c
* siphash: add cryptographically secure PRF
include/linux/siphash.h
lib/Kconfig.debug
lib/Makefile
lib/siphash.c
vhost: scsi: add weight support
vhost_net: fix possible infinite loop
vhost: introduce vhost_exceeds_weight()
vhost_net: introduce vhost_exceeds_weight()
vhost_net: use packet weight for rx handler, too
vhost-net: set packet weight of tx polling to 2 * vq size
* bpf: add bpf_jit_limit knob to restrict unpriv allocations
include/linux/filter.h
kernel/bpf/core.c
net/core/sysctl_net_core.c
* bpf: restrict access to core bpf sysctls
net/core/sysctl_net_core.c
* bpf: get rid of pure_initcall dependency to enable jits
kernel/bpf/core.c
net/core/sysctl_net_core.c
net/socket.c
* mm/memcontrol.c: fix use after free in mem_cgroup_iter()
mm/memcontrol.c
* mm/usercopy: use memory range to be accessed for wraparound check
mm/usercopy.c
sh: kernel: hw_breakpoint: Fix missing break in switch statement
scsi: mpt3sas: Use 63-bit DMA addressing on SAS35 HBA
iwlwifi: don't unmap as page memory that was mapped as single
mwifiex: fix 802.11n/WPA detection
smb3: send CAP_DFS capability during session setup
SMB3: Fix deadlock in validate negotiate hits reconnect
mac80211: don't WARN on short WMM parameters from AP
ALSA: hda - Don't override global PCM hw info flag
ALSA: firewire: fix a memory leak bug
hwmon: (nct7802) Fix wrong detection of in4 presence
can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices
can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices
* perf/core: Fix creating kernel counters for PMUs that override event->cpu
kernel/events/core.c
* tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed sleep loop
drivers/tty/tty_ldsem.c
scsi: scsi_dh_alua: always use a 2 second delay before retrying RTPG
scsi: ibmvfc: fix WARN_ON during event pool release
scsi: megaraid_sas: fix panic on loading firmware crashdump
ARM: davinci: fix sleep.S build error on ARMv4
ACPI/IORT: Fix off-by-one check in iort_dev_find_its_id()
drbd: dynamically allocate shash descriptor
perf probe: Avoid calling freeing routine multiple times for same pointer
* ALSA: compress: Be more restrictive about when a drain is allowed
sound/core/compress_offload.c
* ALSA: compress: Don't allow paritial drain operations on capture streams
sound/core/compress_offload.c
* ALSA: compress: Prevent bypasses of set_params
sound/core/compress_offload.c
* ALSA: compress: Fix regression on compressed capture streams
include/sound/compress_driver.h
sound/core/compress_offload.c
s390/qdio: add sanity checks to the fast-requeue path
cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init()
hwmon: (nct6775) Fix register address and added missed tolerance for nct6106
mac80211: don't warn about CW params when not using them
* iscsi_ibft: make ISCSI_IBFT dependson ACPI instead of ISCSI_IBFT_FIND
drivers/firmware/Kconfig
* netfilter: nfnetlink: avoid deadlock due to synchronous request_module
net/netfilter/nfnetlink.c
can: peak_usb: fix potential double kfree_skb()
usb: yurex: Fix use-after-free in yurex_delete
perf record: Fix module size on s390
perf db-export: Fix thread__exec_comm()
perf record: Fix wrong size in perf_record_mmap for last kernel module
* mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy()
mm/vmalloc.c
x86/mm: Sync also unmappings in vmalloc_sync_all()
x86/mm: Check for pfn instead of page in vmalloc_sync_one()
* sound: fix a memory leak bug
sound/sound_core.c
usb: iowarrior: fix deadlock on disconnect
* usb: usbfs: fix double-free of usb memory upon submiturb error
drivers/usb/core/devio.c
ANDROID: fix kernelci build-break in lowmemorykiller
ANDROID: Fixes to locking around handle_lmk_event
* UPSTREAM: net/ipv6: allow sysctl to change link-local address generation mode
include/linux/ipv6.h
include/net/if_inet6.h
net/ipv6/addrconf.c
* ANDROID: fix binder change in merge of 4.9.188
drivers/android/binder_alloc.c
Merge 4.9.189 into android-4.9-q
Linux 4.9.189
x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS
x86/entry/64: Use JMP instead of JMPQ
x86/speculation: Enable Spectre v1 swapgs mitigations
x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
x86: cpufeatures: Sort feature word 7
spi: bcm2835: Fix 3-wire mode if DMA is enabled
* block: blk_init_allocated_queue() set q->fq as NULL in the fail case
block/blk-core.c
bnx2x: Disable multi-cos feature.
ife: error out when nla attributes are empty
* ip6_tunnel: fix possible use-after-free on xmit
net/ipv6/ip6_tunnel.c
* compat_ioctl: pppoe: fix PPPOEIOCSFWD handling
drivers/net/ppp/pppoe.c
drivers/net/ppp/pppox.c
fs/compat_ioctl.c
include/linux/if_pppox.h
net/l2tp/l2tp_ppp.c
tipc: compat: allow tipc commands without arguments
net: sched: Fix a possible null-pointer dereference in dequeue_func()
net/mlx5: Use reversed order when unregister devices
* net: fix ifindex collision during namespace removal
net/core/dev.c
* net: bridge: mcast: don't delete permanent entries when fast leave is enabled
net/bridge/br_multicast.c
net: bridge: delete local fdb on device init failure
atm: iphase: Fix Spectre v1 vulnerability
libceph: use kbasename() and kill ceph_file_part()
objtool: Add rewind_stack_do_exit() to the noreturn list
objtool: Add machine_real_restart() to the noreturn list
IB: directly cast the sockaddr union to aockaddr
RDMA: Directly cast the sockaddr union to sockaddr
* HID: Add quirk for HP X1200 PIXART OEM mouse
drivers/hid/hid-ids.h
drivers/hid/usbhid/hid-quirks.c
HID: wacom: fix bit shift for Cintiq Companion 2
* tcp: be more careful in tcp_fragment()
include/net/tcp.h
net/ipv4/tcp_output.c
* arm64: cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG}
arch/arm64/include/asm/cpufeature.h
arch/arm64/kernel/cpufeature.c
* arm64: cpufeature: Fix CTR_EL0 field definitions
arch/arm64/kernel/cpufeature.c
ARM: dts: logicpd-som-lv: Fix Audio Mute
ARM: dts: Add pinmuxing for i2c2 and i2c3 for LogicPD torpedo
ARM: dts: Add pinmuxing for i2c2 and i2c3 for LogicPD SOM-LV
scsi: fcoe: Embed fc_rport_priv in fcoe_rport structure
* fs/crypto: Fix 4.9.186 missmerge
fs/crypto/policy.c
Merge 4.9.188 into android-4.9-q
Linux 4.9.188
x86, mm, gup: prevent get_page() race with munmap in paravirt guest
objtool: Support GCC 9 cold subfunction naming scheme
* include/linux/module.h: copy __init/__exit attrs to init/cleanup_module
include/linux/module.h
* Backport minimal compiler_attributes.h to support GCC 9
include/linux/compiler.h
eeprom: at24: make spd world-readable again
* coredump: fix race condition between collapse_huge_page() and core dumping
include/linux/mm.h
infiniband: fix race condition between infiniband mlx4, mlx5 driver and core dumping
* coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping
drivers/android/binder.c
fs/proc/task_mmu.c
include/linux/mm.h
mm/mmap.c
IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification
xen/swiotlb: fix condition for calling xen_destroy_contiguous_region()
* drivers/perf: arm_pmu: Fix failure path in PM notifier
drivers/perf/arm_pmu.c
s390/dasd: fix endless loop after read unit address configuration
* selinux: fix memory leak in policydb_init()
security/selinux/ss/policydb.c
* gpiolib: fix incorrect IRQ requesting of an active-low lineevent
drivers/gpio/gpiolib.c
mmc: dw_mmc: Fix occasional hang after tuning on eMMC
Btrfs: fix incremental send failure after deduplication
* kbuild: initialize CLANG_FLAGS correctly in the top Makefile
Makefile
x86, boot: Remove multiple copy of static function sanitize_boot_params()
x86/kvm: Don't call kvm_spurious_fault() from .fixup
ipc/mqueue.c: only perform resource calculation if user valid
drivers/rapidio/devices/rio_mport_cdev.c: NUL terminate some strings
uapi linux/coda_psdev.h: move upc_req definition from uapi to kernel side headers
coda: fix build using bare-metal toolchain
coda: add error handling for fget
* mm/cma.c: fail if fixed declaration can't be honored
mm/cma.c
x86: math-emu: Hide clang warnings for 16-bit overflow
x86/apic: Silence -Wtype-limits compiler warnings
be2net: Signal that the device cannot transmit during reconfiguration
* ACPI: fix false-positive -Wuninitialized warning
include/linux/acpi.h
scsi: zfcp: fix GCC compiler warning emitted with -Wmaybe-uninitialized
ceph: return -ERANGE if virtual xattr value didn't fit in buffer
ceph: fix improper use of smp_mb__before_atomic()
btrfs: fix minimum number of chunk errors for DUP
fs/adfs: super: fix use-after-free bug
dmaengine: rcar-dmac: Reject zero-length slave DMA requests
MIPS: lantiq: Fix bitfield masking
* kernel/module.c: Only return -EEXIST for modules that have finished loading
kernel/module.c
ftrace: Enable trampoline when rec count returns back to one
ARM: dts: rockchip: Mark that the rk3288 timer might stop in suspend
ARM: dts: rockchip: Make rk3288-veyron-mickey's emmc work again
ARM: dts: rockchip: Make rk3288-veyron-minnie run at hs200
ARM: riscpc: fix DMA
* UPSTREAM: net-ipv6-ndisc: add support for RFC7710 RA Captive Portal Identifier
include/net/ndisc.h
net/ipv6/ndisc.c
ANDROID: fix up 9p filesystem due to CFI non-upstream patches
Merge 4.9.187 into android-4.9-q
Linux 4.9.187
ceph: hold i_ceph_lock when removing caps for freeing inode
drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl
* sched/fair: Don't free p->numa_faults with concurrent readers
fs/exec.c
include/linux/sched.h
kernel/fork.c
kernel/sched/fair.c
Bluetooth: hci_uart: check for missing tty operations
media: radio-raremono: change devm_k*alloc to k*alloc
media: cpia2_usb: first wake up, then free in disconnect
media: au0828: fix null dereference in error path
ISDN: hfcsusb: checking idx of ep configuration
* arm64: compat: Provide definition for COMPAT_SIGMINSTKSZ
arch/arm64/include/asm/compat.h
i2c: qup: fixed releasing dma without flush operation completion
arm64: dts: marvell: Fix A37xx UART0 register size
* tcp: reset sk_send_head in tcp_write_queue_purge
include/net/tcp.h
ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt
* access: avoid the RCU grace period for the temporary subjective credentials
fs/open.c
include/linux/cred.h
kernel/cred.c
powerpc/tm: Fix oops on sigreturn on systems without TM
ALSA: hda - Add a conexant codec entry to let mute led work
ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
hpet: Fix division by zero in hpet_time_div()
x86/speculation/mds: Apply more accurate check on hypervisor platform
x86/sysfb_efi: Add quirks for some devices with swapped width and height
* usb: pci-quirks: Correct AMD PLL quirk detection
drivers/usb/host/pci-quirks.c
usb: wusbcore: fix unbalanced get/put cluster_id
locking/lockdep: Hide unused 'class' variable
locking/lockdep: Fix lock used or unused stats error
mm/mmu_notifier: use hlist_add_head_rcu()
9p: pass the correct prototype to read_cache_page
mm/kmemleak.c: fix check for softirq context
sh: prevent warnings when using iounmap
powerpc/eeh: Handle hugepages in ioremap space
* mailbox: handle failed named mailbox channel request
drivers/mailbox/mailbox.c
* f2fs: avoid out-of-range memory access
fs/f2fs/segment.c
powerpc/boot: add {get, put}_unaligned_be32 to xz_config.h
RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM
perf test mmap-thread-lookup: Initialize variable to suppress memory sanitizer warning
* kallsyms: exclude kasan local symbols on s390
scripts/kallsyms.c
serial: sh-sci: Fix TX DMA buffer flushing and workqueue races
serial: sh-sci: Terminate TX DMA during buffer flushing
RDMA/i40iw: Set queue pair state when being queried
powerpc/4xx/uic: clear pending interrupt after irq type/pol change
um: Silence lockdep complaint about mmap_sem
mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk
mfd: arizona: Fix undefined behavior
* mfd: core: Set fwnode for created devices
drivers/mfd/mfd-core.c
recordmcount: Fix spurious mcount entries on powerpc
iio: iio-utils: Fix possible incorrect mask calculation
PCI: xilinx-nwl: Fix Multi MSI data programming
* kbuild: Add -Werror=unknown-warning-option to CLANG_FLAGS
Makefile
* PCI: sysfs: Ignore lockdep for remove attribute
drivers/pci/pci-sysfs.c
powerpc/pci/of: Fix OF flags parsing for 64bit BARs
* usb: gadget: Zero ffs_io_data
drivers/usb/gadget/function/f_fs.c
* tty: serial_core: Set port active bit in uart_port_activate
drivers/tty/serial/serial_core.c
drm/rockchip: Properly adjust to a true clock in adjusted_mode
phy: renesas: rcar-gen2: Fix memory leak at error paths
drm/virtio: Add memory barriers for capset cache.
serial: 8250: Fix TX interrupt handling condition
tty: serial: msm_serial: avoid system lockup condition
tty/serial: digicolor: Fix digicolor-usart already registered warning
memstick: Fix error cleanup path of memstick_init
drm/bridge: sii902x: pixel clock unit is 10kHz instead of 1kHz
drm/bridge: tc358767: read display_props in get_modes()
tty: serial: cpm_uart - fix init when SMC is relocated
pinctrl: rockchip: fix leaked of_node references
tty: max310x: Fix invalid baudrate divisors calculator
* usb: core: hub: Disable hub-initiated U1/U2
drivers/usb/core/hub.c
drm/panel: simple: Fix panel_simple_dsi_probe
nfsd: Fix overflow causing non-working mounts on 1 TB machines
nfsd: fix performance-limiting session calculation
nfsd: give out fewer session slots as limit approaches
nfsd: increase DRC cache limit
NFSv4: Fix open create exclusive when the server reboots
perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined cpu_llc_id
perf/x86/amd/uncore: Get correct number of cores sharing last level cache
perf/x86/amd/uncore: Rename 'L2' to 'LLC'
* net: bridge: stp: don't cache eth dest pointer before skb pull
net/bridge/br_stp_bpdu.c
* net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
net/bridge/br_multicast.c
* net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
net/bridge/br_multicast.c
* tcp: Reset bytes_acked and bytes_received when disconnecting
net/ipv4/tcp.c
* bonding: validate ip header before check IPPROTO_IGMP
drivers/net/bonding/bond_main.c
netrom: hold sock when setting skb->destructor
netrom: fix a memory leak in nr_rx_frame()
macsec: fix checksumming after decryption
macsec: fix use-after-free of skb during RX
vrf: make sure skb->data contains ip header to make routing
sky2: Disable MSI on ASUS P6T
rxrpc: Fix send on a connected, but unbound socket
nfc: fix potential illegal memory access
net: openvswitch: fix csum updates for MPLS actions
* net: neigh: fix multiple neigh timer scheduling
net/core/neighbour.c
net: dsa: mv88e6xxx: wait after reset deactivation
net: bcmgenet: use promisc for unsupported filters
* ipv4: don't set IPv6 only flags to IPv4 addresses
net/ipv4/devinet.c
* igmp: fix memory leak in igmpv3_del_delrec()
net/ipv4/igmp.c
caif-hsi: fix possible deadlock in cfhsi_exit_module()
bnx2x: Prevent ptp_task to be rescheduled indefinitely
bnx2x: Prevent load reordering in tx completion processing
* ext4: allow directory holes
fs/ext4/dir.c
fs/ext4/namei.c
* lib/strscpy: Shut up KASAN false-positives in strscpy()
lib/string.c
* compiler.h: Add read_word_at_a_time() function.
include/linux/compiler.h
* compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
include/linux/compiler.h
* dm bufio: fix deadlock with loop device
drivers/md/dm-bufio.c
* usb: Handle USB3 remote wakeup for LPM enabled devices correctly
drivers/usb/core/hub.c
* Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
net/bluetooth/smp.c
intel_th: msu: Fix single mode with disabled IOMMU
* eCryptfs: fix a couple type promotion bugs
fs/ecryptfs/crypto.c
powerpc/watchpoint: Restore NV GPRs while returning from exception
powerpc/32s: fix suspend/resume when IBATs 4-7 are used
parisc: Fix kernel panic due invalid values in IAOQ0 or IAOQ1
parisc: Ensure userspace privilege for ptraced processes in regset functions
um: Fix FP register size for XSTATE/XSAVE
um: Allow building and running on older hosts
crypto: caam - limit output IV to CBC to work around CTR mode DMA issue
PCI: hv: Fix a use-after-free bug in hv_eject_device_work()
PCI: hv: Delete the device earlier from hbus->children for hot-remove
crypto: ccp - Validate the the error value used to index error messages
gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM
coda: pass the host file in vma->vm_file on mmap
floppy: fix out-of-bounds read in copy_buffer
floppy: fix invalid pointer dereference in drive_name
floppy: fix out-of-bounds read in next_valid_format
floppy: fix div-by-zero in setup_format_params
* take floppy compat ioctls to sodding floppy.c
block/compat_ioctl.c
libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields
Btrfs: add missing inode version, ctime and mtime updates when punching hole
* PCI: Do not poll for PME if the device is in D3cold
drivers/pci/pci.c
9p/virtio: Add cleanup path in p9_virtio_init
padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
drm/nouveau/i2c: Enable i2c pads & busses during preinit
* fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes.
fs/proc/proc_sysctl.c
arm64: tegra: Fix AGIC register range
KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed
media: coda: Remove unbalanced and unneeded mutex unlock
* media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
drivers/media/v4l2-core/v4l2-ctrls.c
ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine
ALSA: seq: Break too long mutex context in the write loop
* lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
lib/scatterlist.c
NFSv4: Handle the special Linux file open access mode
* tracing/snapshot: Resize spare buffer if size changed
kernel/trace/trace.c
iwlwifi: pcie: don't service an interrupt that was masked
arm64: tegra: Update Jetson TX1 GPU regulator timings
regulator: s2mps11: Fix buck7 and buck8 wrong voltages
Input: gtco - bounds check collection indent level
crypto: crypto4xx - fix a potential double free in ppc4xx_trng_probe
crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
* crypto: arm64/sha2-ce - correct digest for empty data in finup
arch/arm64/crypto/sha2-ce-glue.c
* crypto: arm64/sha1-ce - correct digest for empty data in finup
arch/arm64/crypto/sha1-ce-glue.c
* crypto: ghash - fix unaligned memory access in ghash_setkey()
crypto/ghash-generic.c
scsi: mac_scsi: Increase PIO/PDMA transfer length threshold
scsi: NCR5380: Always re-enable reselection interrupt
scsi: NCR5380: Reduce goto statements in NCR5380_select()
xen: let alloc_xenballooned_pages() fail if not enough memory free
gtp: fix use-after-free in gtp_newlink()
gtp: fix Illegal context switch in RCU read-side critical section.
* Bluetooth: validate BLE connection interval updates
net/bluetooth/hci_event.c
net/bluetooth/l2cap_core.c
* Bluetooth: Check state in l2cap_disconnect_rsp
net/bluetooth/l2cap_core.c
Bluetooth: 6lowpan: search for destination address in all peers
Bluetooth: hci_bcsp: Fix memory leak in rx_skb
* gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants
drivers/gpio/gpiolib.c
* net: usb: asix: init MAC address buffers
drivers/net/usb/asix_devices.c
iwlwifi: mvm: Drop large non sta frames
bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
* EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
drivers/edac/edac_mc_sysfs.c
drivers/edac/edac_module.h
* crypto: asymmetric_keys - select CRYPTO_HASH where needed
crypto/asymmetric_keys/Kconfig
ixgbe: Check DDM existence in transceiver before access
* rslib: Fix handling of of caller provided syndrome
lib/reed_solomon/decode_rs.c
* rslib: Fix decoding of shortened codes
lib/reed_solomon/decode_rs.c
* clocksource/drivers/exynos_mct: Increase priority over ARM arch timer
include/linux/cpuhotplug.h
libata: don't request sense data on !ZAC ATA devices
perf tools: Increase MAX_NR_CPUS and MAX_CACHES
ath10k: fix PCIE device wake up failed
mt7601u: fix possible memory leak when the device is disconnected
x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
mt7601u: do not schedule rx_tasklet when the device has been disconnected
media: coda: increment sequence offset for the last returned frame
media: coda: fix mpeg2 sequence number handling
acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
* timer_list: Guard procfs specific code
kernel/time/timer_list.c
* ntp: Limit TAI-UTC offset
kernel/time/ntp.c
* media: i2c: fix warning same module names
drivers/media/i2c/Makefile
* ipsec: select crypto ciphers for xfrm_algo
net/xfrm/Kconfig
* EDAC/sysfs: Fix memory leak when creating a csrow object
drivers/edac/edac_mc_sysfs.c
ipoib: correcly show a VF hardware address
vhost_net: disable zerocopy by default
perf evsel: Make perf_evsel__name() accept a NULL argument
* xfrm: fix sa selector validation
net/xfrm/xfrm_user.c
* blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration
fs/fs-writeback.c
* rcu: Force inlining of rcu_read_lock()
include/linux/rcupdate.h
* bpf: silence warning messages in core
kernel/bpf/Makefile
* regmap: fix bulk writes on paged registers
drivers/base/regmap/regmap.c
gpio: omap: ensure irq is enabled before wakeup
gpio: omap: fix lack of irqstatus_raw0 for OMAP4
perf test 6: Fix missing kvm module load for s390
perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode
s390/qdio: handle PENDING state for QEBSM devices
net: axienet: Fix race condition causing TX hang
net: fec: Do not use netdev messages too early
cpupower : frequency-set -r option misses the last cpu in related cpu list
media: wl128x: Fix some error handling in fm_v4l2_init_video_device()
locking/lockdep: Fix merging of hlocks with non-zero references
tua6100: Avoid build warnings.
crypto: talitos - Align SEC1 accesses to 32 bits boundaries.
crypto: talitos - properly handle split ICV.
* net: phy: Check against net_device being NULL
drivers/net/phy/phy_device.c
media: staging: media: davinci_vpfe: - Fix for memory leak if decoder initialization fails.
* media: mc-device.c: don't memset __user pointer contents
drivers/media/media-device.c
* xfrm: Fix xfrm sel prefix length validation
net/xfrm/xfrm_user.c
* af_key: fix leaks in key_pol_get_resp and dump_sp.
net/key/af_key.c
signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
net: stmmac: dwmac4/5: Clear unused address entries
net: stmmac: dwmac1000: Clear unused address entries
* media: media_device_enum_links32: clean a reserved field
drivers/media/media-device.c
media: vpss: fix a potential NULL pointer dereference
media: marvell-ccic: fix DMA s/g desc number calculation
crypto: talitos - fix skcipher failure due to wrong output IV
media: dvb: usb: fix use after free in dvb_usb_device_exit
batman-adv: fix for leaked TVLV handler.
ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
ath6kl: add some bounds checking
ath9k: Check for errors when reading SREV register
ath10k: Do not send probe response template for mesh
dmaengine: imx-sdma: fix use-after-free on probe error path
* arm64/efi: Mark __efistub_stext_offset as an absolute symbol explicitly
arch/arm64/kernel/image.h
MIPS: fix build on non-linux hosts
MIPS: ath79: fix ar933x uart parity mode
ANDROID: enable CONFIG_RTC_DRV_TEST on cuttlefish
* ANDROID: xfrm: remove in_compat_syscall() checks
net/xfrm/xfrm_state.c
net/xfrm/xfrm_user.c
* UPSTREAM: binder: Set end of SG buffer area properly.
drivers/android/binder.c
Merge 4.9.186 into android-4.9-q
Linux 4.9.186
s390/qdio: don't touch the dsci in tiqdio_add_input_queues()
s390/qdio: (re-)initialize tiqdio list entries
s390: fix stfle zero padding
ARC: hide unused function unw_hdr_alloc
* dm verity: use message limit for data block corruption message
drivers/md/dm-verity-target.c
ARM: dts: imx6ul: fix PWM[1-4] interrupts
sis900: fix TX completion
* ppp: mppe: Add softdep to arc4
drivers/net/ppp/ppp_mppe.c
be2net: fix link failure after ethtool offline test
ARM: omap2: remove incorrect __init annotation
* perf/core: Fix perf_sample_regs_user() mm check
kernel/events/core.c
arm64: crypto: remove accidentally backported files
nilfs2: do not use unexported cpu_to_le32()/le32_to_cpu() in uapi header
e1000e: start network tx queue only when link is up
Revert "e1000e: fix cyclic resets at link up with active tx"
MIPS: Remove superfluous check for __linux__
VMCI: Fix integer overflow in VMCI handle arrays
carl9170: fix misuse of device driver API
staging: comedi: amplc_pci230: fix null pointer deref on interrupt
staging: comedi: dt282x: fix a null pointer deref on interrupt
usb: renesas_usbhs: add a workaround for a race condition of workqueue
* usb: gadget: ether: Fix race between gether_disconnect and rx_submit
drivers/usb/gadget/function/u_ether.c
p54usb: Fix race between disconnect and firmware loading
Revert "serial: 8250: Don't service RX FIFO if interrupts are disabled"
USB: serial: option: add support for GosunCn ME3630 RNDIS mode
USB: serial: ftdi_sio: add ID for isodebug v1
mwifiex: Don't abort on small, spec-compliant vendor IEs
* fscrypt: don't set policy for a dead directory
fs/crypto/policy.c
mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies()
mwifiex: Abort at too short BSS descriptor element
x86/tls: Fix possible spectre-v1 in do_get_thread_area()
x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()
udf: Fix incorrect final NOT_ALLOCATED (hole) extent length
net :sunrpc :clnt :Fix xps refcount imbalance on the error path
* ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL
include/net/ip6_tunnel.h
bnx2x: Check if transceiver implements DDM before access
md: fix for divide error in status_resync
mac80211: only warn once on chanctx_conf being NULL
ARM: davinci: da8xx: specify dma_coherent_mask for lcdc
ARM: davinci: da850-evm: call regulator_has_full_constraints()
mlxsw: spectrum: Disallow prio-tagged packets when PVID is removed
KVM: arm/arm64: vgic: Fix kvm_device leak in vgic_its_destroy
Input: imx_keypad - make sure keyboard can always wake up system
* can: mcp251x: add support for mcp25625
drivers/net/can/spi/Kconfig
dt-bindings: can: mcp251x: add mcp25625 support
* netfilter: ipv6: nf_defrag: accept duplicate fragments again
net/ipv6/netfilter/nf_conntrack_reasm.c
* netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments
net/ipv6/netfilter/nf_conntrack_reasm.c
mwifiex: Fix possible buffer overflows at parsing bss descriptor
mac80211: free peer keys before vif down in mesh
mac80211: mesh: fix RCU warning
staging:iio:ad7150: fix threshold mode config bit
samples, bpf: fix to change the buffer size for read()
Input: elantech - enable middle button support on 2 ThinkPads
crypto: talitos - rename alternative AEAD algos.
Change-Id: Ic17f4ff767e98db1ddee5f127d7de4a4c314e026
Signed-off-by: Robin Peng <robinpeng@google.com>
|
||
|
Joel Fernandes (Google)
|
af1070fbf2 |
UPSTREAM: pidfd: add polling support
This patch adds polling support to pidfd. Android low memory killer (LMK) needs to know when a process dies once it is sent the kill signal. It does so by checking for the existence of /proc/pid which is both racy and slow. For example, if a PID is reused between when LMK sends a kill signal and checks for existence of the PID, since the wrong PID is now possibly checked for existence. Using the polling support, LMK will be able to get notified when a process exists in race-free and fast way, and allows the LMK to do other things (such as by polling on other fds) while awaiting the process being killed to die. For notification to polling processes, we follow the same existing mechanism in the kernel used when the parent of the task group is to be notified of a child's death (do_notify_parent). This is precisely when the tasks waiting on a poll of pidfd are also awakened in this patch. We have decided to include the waitqueue in struct pid for the following reasons: 1. The wait queue has to survive for the lifetime of the poll. Including it in task_struct would not be option in this case because the task can be reaped and destroyed before the poll returns. 2. By including the struct pid for the waitqueue means that during de_thread(), the new thread group leader automatically gets the new waitqueue/pid even though its task_struct is different. Appropriate test cases are added in the second patch to provide coverage of all the cases the patch is handling. Cc: Andy Lutomirski <luto@amacapital.net> Cc: Steven Rostedt <rostedt@goodmis.org> Cc: Daniel Colascione <dancol@google.com> Cc: Jann Horn <jannh@google.com> Cc: Tim Murray <timmurray@google.com> Cc: Jonathan Kowalski <bl0pbl33p@gmail.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Kees Cook <keescook@chromium.org> Cc: David Howells <dhowells@redhat.com> Cc: Oleg Nesterov <oleg@redhat.com> Cc: kernel-team@android.com Reviewed-by: Oleg Nesterov <oleg@redhat.com> Co-developed-by: Daniel Colascione <dancol@google.com> Signed-off-by: Daniel Colascione <dancol@google.com> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org> Signed-off-by: Christian Brauner <christian@brauner.io> (cherry picked from commit b53b0b9d9a613c418057f6cb921c2f40a6f78c24) Bug: 135608568 Test: test program using syscall(__NR_sys_pidfd_open,..) and poll() Change-Id: I02f259d2875bec46b198d580edfbb067f077084e Signed-off-by: Suren Baghdasaryan <surenb@google.com> |
||
|
Christian Brauner
|
3941f126e3 |
BACKPORT: fork: do not release lock that wasn't taken
Avoid calling cgroup_threadgroup_change_end() without having called
cgroup_threadgroup_change_begin() first.
During process creation we need to check whether the cgroup we are in
allows us to fork. To perform this check the cgroup needs to guard itself
against threadgroup changes and takes a lock.
Prior to CLONE_PIDFD the cleanup target "bad_fork_free_pid" would also need
to call cgroup_threadgroup_change_end() because said lock had already been
taken.
However, this is not the case anymore with the addition of CLONE_PIDFD. We
are now allocating a pidfd before we check whether the cgroup we're in can
fork and thus prior to taking the lock. So when copy_process() fails at the
right step it would release a lock we haven't taken.
This bug is not even very subtle to be honest. It's just not very clear
from the naming of cgroup_threadgroup_change_{begin,end}() that a lock is
taken.
Here's the relevant splat:
entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139
RIP: 0023:0xf7fec849
Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90
90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90
90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 002b:00000000ffed5a8c EFLAGS: 00000246 ORIG_RAX: 0000000000000078
RAX: ffffffffffffffda RBX: 0000000000003ffc RCX: 0000000000000000
RDX: 00000000200005c0 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000012 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(depth <= 0)
WARNING: CPU: 1 PID: 7744 at kernel/locking/lockdep.c:4052 __lock_release
kernel/locking/lockdep.c:4052 [inline]
WARNING: CPU: 1 PID: 7744 at kernel/locking/lockdep.c:4052
lock_release+0x667/0xa00 kernel/locking/lockdep.c:4321
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 7744 Comm: syz-executor007 Not tainted 5.1.0+ #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x172/0x1f0 lib/dump_stack.c:113
panic+0x2cb/0x65c kernel/panic.c:214
__warn.cold+0x20/0x45 kernel/panic.c:566
report_bug+0x263/0x2b0 lib/bug.c:186
fixup_bug arch/x86/kernel/traps.c:179 [inline]
fixup_bug arch/x86/kernel/traps.c:174 [inline]
do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:272
do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:291
invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:972
RIP: 0010:__lock_release kernel/locking/lockdep.c:4052 [inline]
RIP: 0010:lock_release+0x667/0xa00 kernel/locking/lockdep.c:4321
Code: 0f 85 a0 03 00 00 8b 35 77 66 08 08 85 f6 75 23 48 c7 c6 a0 55 6b 87
48 c7 c7 40 25 6b 87 4c 89 85 70 ff ff ff e8 b7 a9 eb ff <0f> 0b 4c 8b 85
70 ff ff ff 4c 89 ea 4c 89 e6 4c 89 c7 e8 52 63 ff
RSP: 0018:ffff888094117b48 EFLAGS: 00010086
RAX: 0000000000000000 RBX: 1ffff11012822f6f RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815af236 RDI: ffffed1012822f5b
RBP: ffff888094117c00 R08: ffff888092bfc400 R09: fffffbfff113301d
R10: fffffbfff113301c R11: ffffffff889980e3 R12: ffffffff8a451df8
R13: ffffffff8142e71f R14: ffffffff8a44cc80 R15: ffff888094117bd8
percpu_up_read.constprop.0+0xcb/0x110 include/linux/percpu-rwsem.h:92
cgroup_threadgroup_change_end include/linux/cgroup-defs.h:712 [inline]
copy_process.part.0+0x47ff/0x6710 kernel/fork.c:2222
copy_process kernel/fork.c:1772 [inline]
_do_fork+0x25d/0xfd0 kernel/fork.c:2338
__do_compat_sys_x86_clone arch/x86/ia32/sys_ia32.c:240 [inline]
__se_compat_sys_x86_clone arch/x86/ia32/sys_ia32.c:236 [inline]
__ia32_compat_sys_x86_clone+0xbc/0x140 arch/x86/ia32/sys_ia32.c:236
do_syscall_32_irqs_on arch/x86/entry/common.c:334 [inline]
do_fast_syscall_32+0x281/0xd54 arch/x86/entry/common.c:405
entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139
RIP: 0023:0xf7fec849
Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90
90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90
90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 002b:00000000ffed5a8c EFLAGS: 00000246 ORIG_RAX: 0000000000000078
RAX: ffffffffffffffda RBX: 0000000000003ffc RCX: 0000000000000000
RDX: 00000000200005c0 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000012 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
Kernel Offset: disabled
Rebooting in 86400 seconds..
Reported-and-tested-by: syzbot+3286e58549edc479faae@syzkaller.appspotmail.com
Fixes: b3e583825266 ("clone: add CLONE_PIDFD")
Signed-off-by: Christian Brauner <christian@brauner.io>
(cherry picked from commit c3b7112df86b769927a60a6d7175988ca3d60f09)
Conflicts:
kernel/fork.c
(1. Replaced cgroup_threadgroup_change_end with threadgroup_change_end)
Bug: 135608568
Test: test program using syscall(__NR_sys_pidfd_open,..) and poll()
Change-Id: Ib9ecb1e5c0c6e2d062b89c25109ec571570eb497
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
|
||
|
Christian Brauner
|
0e020c19bb |
BACKPORT: clone: add CLONE_PIDFD
This patchset makes it possible to retrieve pid file descriptors at process creation time by introducing the new flag CLONE_PIDFD to the clone() system call. Linus originally suggested to implement this as a new flag to clone() instead of making it a separate system call. As spotted by Linus, there is exactly one bit for clone() left. CLONE_PIDFD creates file descriptors based on the anonymous inode implementation in the kernel that will also be used to implement the new mount api. They serve as a simple opaque handle on pids. Logically, this makes it possible to interpret a pidfd differently, narrowing or widening the scope of various operations (e.g. signal sending). Thus, a pidfd cannot just refer to a tgid, but also a tid, or in theory - given appropriate flag arguments in relevant syscalls - a process group or session. A pidfd does not represent a privilege. This does not imply it cannot ever be that way but for now this is not the case. A pidfd comes with additional information in fdinfo if the kernel supports procfs. The fdinfo file contains the pid of the process in the callers pid namespace in the same format as the procfs status file, i.e. "Pid:\t%d". As suggested by Oleg, with CLONE_PIDFD the pidfd is returned in the parent_tidptr argument of clone. This has the advantage that we can give back the associated pid and the pidfd at the same time. To remove worries about missing metadata access this patchset comes with a sample program that illustrates how a combination of CLONE_PIDFD, and pidfd_send_signal() can be used to gain race-free access to process metadata through /proc/<pid>. The sample program can easily be translated into a helper that would be suitable for inclusion in libc so that users don't have to worry about writing it themselves. Suggested-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Christian Brauner <christian@brauner.io> Co-developed-by: Jann Horn <jannh@google.com> Signed-off-by: Jann Horn <jannh@google.com> Reviewed-by: Oleg Nesterov <oleg@redhat.com> Cc: Arnd Bergmann <arnd@arndb.de> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Kees Cook <keescook@chromium.org> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: David Howells <dhowells@redhat.com> Cc: "Michael Kerrisk (man-pages)" <mtk.manpages@gmail.com> Cc: Andy Lutomirsky <luto@kernel.org> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Aleksa Sarai <cyphar@cyphar.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Al Viro <viro@zeniv.linux.org.uk> (cherry picked from commit b3e5838252665ee4cfa76b82bdf1198dca81e5be) Conflicts: kernel/fork.c (1. Replaced proc_pid_ns() with its direct implementation.) Bug: 135608568 Test: test program using syscall(__NR_sys_pidfd_open,..) and poll() Change-Id: I3c804a92faea686e5bf7f99df893fe3a5d87ddf7 Signed-off-by: Suren Baghdasaryan <surenb@google.com> |
||
|
Greg Kroah-Hartman
|
0eb90dd8f7 |
Merge 4.9.187 into android-4.9-q
Changes in 4.9.187
MIPS: ath79: fix ar933x uart parity mode
MIPS: fix build on non-linux hosts
arm64/efi: Mark __efistub_stext_offset as an absolute symbol explicitly
dmaengine: imx-sdma: fix use-after-free on probe error path
ath10k: Do not send probe response template for mesh
ath9k: Check for errors when reading SREV register
ath6kl: add some bounds checking
ath: DFS JP domain W56 fixed pulse type 3 RADAR detection
batman-adv: fix for leaked TVLV handler.
media: dvb: usb: fix use after free in dvb_usb_device_exit
crypto: talitos - fix skcipher failure due to wrong output IV
media: marvell-ccic: fix DMA s/g desc number calculation
media: vpss: fix a potential NULL pointer dereference
media: media_device_enum_links32: clean a reserved field
net: stmmac: dwmac1000: Clear unused address entries
net: stmmac: dwmac4/5: Clear unused address entries
signal/pid_namespace: Fix reboot_pid_ns to use send_sig not force_sig
af_key: fix leaks in key_pol_get_resp and dump_sp.
xfrm: Fix xfrm sel prefix length validation
media: mc-device.c: don't memset __user pointer contents
media: staging: media: davinci_vpfe: - Fix for memory leak if decoder initialization fails.
net: phy: Check against net_device being NULL
crypto: talitos - properly handle split ICV.
crypto: talitos - Align SEC1 accesses to 32 bits boundaries.
tua6100: Avoid build warnings.
locking/lockdep: Fix merging of hlocks with non-zero references
media: wl128x: Fix some error handling in fm_v4l2_init_video_device()
cpupower : frequency-set -r option misses the last cpu in related cpu list
net: fec: Do not use netdev messages too early
net: axienet: Fix race condition causing TX hang
s390/qdio: handle PENDING state for QEBSM devices
perf cs-etm: Properly set the value of 'old' and 'head' in snapshot mode
perf test 6: Fix missing kvm module load for s390
gpio: omap: fix lack of irqstatus_raw0 for OMAP4
gpio: omap: ensure irq is enabled before wakeup
regmap: fix bulk writes on paged registers
bpf: silence warning messages in core
rcu: Force inlining of rcu_read_lock()
blkcg, writeback: dead memcgs shouldn't contribute to writeback ownership arbitration
xfrm: fix sa selector validation
perf evsel: Make perf_evsel__name() accept a NULL argument
vhost_net: disable zerocopy by default
ipoib: correcly show a VF hardware address
EDAC/sysfs: Fix memory leak when creating a csrow object
ipsec: select crypto ciphers for xfrm_algo
media: i2c: fix warning same module names
ntp: Limit TAI-UTC offset
timer_list: Guard procfs specific code
acpi/arm64: ignore 5.1 FADTs that are reported as 5.0
media: coda: fix mpeg2 sequence number handling
media: coda: increment sequence offset for the last returned frame
mt7601u: do not schedule rx_tasklet when the device has been disconnected
x86/build: Add 'set -e' to mkcapflags.sh to delete broken capflags.c
mt7601u: fix possible memory leak when the device is disconnected
ath10k: fix PCIE device wake up failed
perf tools: Increase MAX_NR_CPUS and MAX_CACHES
libata: don't request sense data on !ZAC ATA devices
clocksource/drivers/exynos_mct: Increase priority over ARM arch timer
rslib: Fix decoding of shortened codes
rslib: Fix handling of of caller provided syndrome
ixgbe: Check DDM existence in transceiver before access
crypto: asymmetric_keys - select CRYPTO_HASH where needed
EDAC: Fix global-out-of-bounds write when setting edac_mc_poll_msec
bcache: check c->gc_thread by IS_ERR_OR_NULL in cache_set_flush()
iwlwifi: mvm: Drop large non sta frames
net: usb: asix: init MAC address buffers
gpiolib: Fix references to gpiod_[gs]et_*value_cansleep() variants
Bluetooth: hci_bcsp: Fix memory leak in rx_skb
Bluetooth: 6lowpan: search for destination address in all peers
Bluetooth: Check state in l2cap_disconnect_rsp
Bluetooth: validate BLE connection interval updates
gtp: fix Illegal context switch in RCU read-side critical section.
gtp: fix use-after-free in gtp_newlink()
xen: let alloc_xenballooned_pages() fail if not enough memory free
scsi: NCR5380: Reduce goto statements in NCR5380_select()
scsi: NCR5380: Always re-enable reselection interrupt
scsi: mac_scsi: Increase PIO/PDMA transfer length threshold
crypto: ghash - fix unaligned memory access in ghash_setkey()
crypto: arm64/sha1-ce - correct digest for empty data in finup
crypto: arm64/sha2-ce - correct digest for empty data in finup
crypto: chacha20poly1305 - fix atomic sleep when using async algorithm
crypto: crypto4xx - fix a potential double free in ppc4xx_trng_probe
Input: gtco - bounds check collection indent level
regulator: s2mps11: Fix buck7 and buck8 wrong voltages
arm64: tegra: Update Jetson TX1 GPU regulator timings
iwlwifi: pcie: don't service an interrupt that was masked
tracing/snapshot: Resize spare buffer if size changed
NFSv4: Handle the special Linux file open access mode
lib/scatterlist: Fix mapping iterator when sg->offset is greater than PAGE_SIZE
ALSA: seq: Break too long mutex context in the write loop
ALSA: hda/realtek: apply ALC891 headset fixup to one Dell machine
media: v4l2: Test type instead of cfg->type in v4l2_ctrl_new_custom()
media: coda: Remove unbalanced and unneeded mutex unlock
KVM: x86/vPMU: refine kvm_pmu err msg when event creation failed
arm64: tegra: Fix AGIC register range
fs/proc/proc_sysctl.c: fix the default values of i_uid/i_gid on /proc/sys inodes.
drm/nouveau/i2c: Enable i2c pads & busses during preinit
padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
9p/virtio: Add cleanup path in p9_virtio_init
PCI: Do not poll for PME if the device is in D3cold
Btrfs: add missing inode version, ctime and mtime updates when punching hole
libnvdimm/pfn: fix fsdax-mode namespace info-block zero-fields
take floppy compat ioctls to sodding floppy.c
floppy: fix div-by-zero in setup_format_params
floppy: fix out-of-bounds read in next_valid_format
floppy: fix invalid pointer dereference in drive_name
floppy: fix out-of-bounds read in copy_buffer
coda: pass the host file in vma->vm_file on mmap
gpu: ipu-v3: ipu-ic: Fix saturation bit offset in TPMEM
crypto: ccp - Validate the the error value used to index error messages
PCI: hv: Delete the device earlier from hbus->children for hot-remove
PCI: hv: Fix a use-after-free bug in hv_eject_device_work()
crypto: caam - limit output IV to CBC to work around CTR mode DMA issue
um: Allow building and running on older hosts
um: Fix FP register size for XSTATE/XSAVE
parisc: Ensure userspace privilege for ptraced processes in regset functions
parisc: Fix kernel panic due invalid values in IAOQ0 or IAOQ1
powerpc/32s: fix suspend/resume when IBATs 4-7 are used
powerpc/watchpoint: Restore NV GPRs while returning from exception
eCryptfs: fix a couple type promotion bugs
intel_th: msu: Fix single mode with disabled IOMMU
Bluetooth: Add SMP workaround Microsoft Surface Precision Mouse bug
usb: Handle USB3 remote wakeup for LPM enabled devices correctly
dm bufio: fix deadlock with loop device
compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
compiler.h: Add read_word_at_a_time() function.
lib/strscpy: Shut up KASAN false-positives in strscpy()
ext4: allow directory holes
bnx2x: Prevent load reordering in tx completion processing
bnx2x: Prevent ptp_task to be rescheduled indefinitely
caif-hsi: fix possible deadlock in cfhsi_exit_module()
igmp: fix memory leak in igmpv3_del_delrec()
ipv4: don't set IPv6 only flags to IPv4 addresses
net: bcmgenet: use promisc for unsupported filters
net: dsa: mv88e6xxx: wait after reset deactivation
net: neigh: fix multiple neigh timer scheduling
net: openvswitch: fix csum updates for MPLS actions
nfc: fix potential illegal memory access
rxrpc: Fix send on a connected, but unbound socket
sky2: Disable MSI on ASUS P6T
vrf: make sure skb->data contains ip header to make routing
macsec: fix use-after-free of skb during RX
macsec: fix checksumming after decryption
netrom: fix a memory leak in nr_rx_frame()
netrom: hold sock when setting skb->destructor
bonding: validate ip header before check IPPROTO_IGMP
tcp: Reset bytes_acked and bytes_received when disconnecting
net: bridge: mcast: fix stale nsrcs pointer in igmp3/mld2 report handling
net: bridge: mcast: fix stale ipv6 hdr pointer when handling v6 query
net: bridge: stp: don't cache eth dest pointer before skb pull
perf/x86/amd/uncore: Rename 'L2' to 'LLC'
perf/x86/amd/uncore: Get correct number of cores sharing last level cache
perf/events/amd/uncore: Fix amd_uncore_llc ID to use pre-defined cpu_llc_id
NFSv4: Fix open create exclusive when the server reboots
nfsd: increase DRC cache limit
nfsd: give out fewer session slots as limit approaches
nfsd: fix performance-limiting session calculation
nfsd: Fix overflow causing non-working mounts on 1 TB machines
drm/panel: simple: Fix panel_simple_dsi_probe
usb: core: hub: Disable hub-initiated U1/U2
tty: max310x: Fix invalid baudrate divisors calculator
pinctrl: rockchip: fix leaked of_node references
tty: serial: cpm_uart - fix init when SMC is relocated
drm/bridge: tc358767: read display_props in get_modes()
drm/bridge: sii902x: pixel clock unit is 10kHz instead of 1kHz
memstick: Fix error cleanup path of memstick_init
tty/serial: digicolor: Fix digicolor-usart already registered warning
tty: serial: msm_serial: avoid system lockup condition
serial: 8250: Fix TX interrupt handling condition
drm/virtio: Add memory barriers for capset cache.
phy: renesas: rcar-gen2: Fix memory leak at error paths
drm/rockchip: Properly adjust to a true clock in adjusted_mode
tty: serial_core: Set port active bit in uart_port_activate
usb: gadget: Zero ffs_io_data
powerpc/pci/of: Fix OF flags parsing for 64bit BARs
PCI: sysfs: Ignore lockdep for remove attribute
kbuild: Add -Werror=unknown-warning-option to CLANG_FLAGS
PCI: xilinx-nwl: Fix Multi MSI data programming
iio: iio-utils: Fix possible incorrect mask calculation
recordmcount: Fix spurious mcount entries on powerpc
mfd: core: Set fwnode for created devices
mfd: arizona: Fix undefined behavior
mfd: hi655x-pmic: Fix missing return value check for devm_regmap_init_mmio_clk
um: Silence lockdep complaint about mmap_sem
powerpc/4xx/uic: clear pending interrupt after irq type/pol change
RDMA/i40iw: Set queue pair state when being queried
serial: sh-sci: Terminate TX DMA during buffer flushing
serial: sh-sci: Fix TX DMA buffer flushing and workqueue races
kallsyms: exclude kasan local symbols on s390
perf test mmap-thread-lookup: Initialize variable to suppress memory sanitizer warning
RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM
powerpc/boot: add {get, put}_unaligned_be32 to xz_config.h
f2fs: avoid out-of-range memory access
mailbox: handle failed named mailbox channel request
powerpc/eeh: Handle hugepages in ioremap space
sh: prevent warnings when using iounmap
mm/kmemleak.c: fix check for softirq context
9p: pass the correct prototype to read_cache_page
mm/mmu_notifier: use hlist_add_head_rcu()
locking/lockdep: Fix lock used or unused stats error
locking/lockdep: Hide unused 'class' variable
usb: wusbcore: fix unbalanced get/put cluster_id
usb: pci-quirks: Correct AMD PLL quirk detection
x86/sysfb_efi: Add quirks for some devices with swapped width and height
x86/speculation/mds: Apply more accurate check on hypervisor platform
hpet: Fix division by zero in hpet_time_div()
ALSA: line6: Fix wrong altsetting for LINE6_PODHD500_1
ALSA: hda - Add a conexant codec entry to let mute led work
powerpc/tm: Fix oops on sigreturn on systems without TM
access: avoid the RCU grace period for the temporary subjective credentials
ipv6: check sk sk_type and protocol early in ip_mroute_set/getsockopt
tcp: reset sk_send_head in tcp_write_queue_purge
arm64: dts: marvell: Fix A37xx UART0 register size
i2c: qup: fixed releasing dma without flush operation completion
arm64: compat: Provide definition for COMPAT_SIGMINSTKSZ
ISDN: hfcsusb: checking idx of ep configuration
media: au0828: fix null dereference in error path
media: cpia2_usb: first wake up, then free in disconnect
media: radio-raremono: change devm_k*alloc to k*alloc
Bluetooth: hci_uart: check for missing tty operations
sched/fair: Don't free p->numa_faults with concurrent readers
drivers/pps/pps.c: clear offset flags in PPS_SETPARAMS ioctl
ceph: hold i_ceph_lock when removing caps for freeing inode
Linux 4.9.187
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Jann Horn
|
837ffc9723 |
sched/fair: Don't free p->numa_faults with concurrent readers
commit 16d51a590a8ce3befb1308e0e7ab77f3b661af33 upstream.
When going through execve(), zero out the NUMA fault statistics instead of
freeing them.
During execve, the task is reachable through procfs and the scheduler. A
concurrent /proc/*/sched reader can read data from a freed ->numa_faults
allocation (confirmed by KASAN) and write it back to userspace.
I believe that it would also be possible for a use-after-free read to occur
through a race between a NUMA fault and execve(): task_numa_fault() can
lead to task_numa_compare(), which invokes task_weight() on the currently
running task of a different CPU.
Another way to fix this would be to make ->numa_faults RCU-managed or add
extra locking, but it seems easier to wipe the NUMA fault statistics on
execve.
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Petr Mladek <pmladek@suse.com>
Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Will Deacon <will@kernel.org>
Fixes:
|
||
|
Johannes Weiner
|
3df0e59afa |
UPSTREAM: psi: pressure stall information for CPU, memory, and IO
When systems are overcommitted and resources become contended, it's hard
to tell exactly the impact this has on workload productivity, or how close
the system is to lockups and OOM kills. In particular, when machines work
multiple jobs concurrently, the impact of overcommit in terms of latency
and throughput on the individual job can be enormous.
In order to maximize hardware utilization without sacrificing individual
job health or risk complete machine lockups, this patch implements a way
to quantify resource pressure in the system.
A kernel built with CONFIG_PSI=y creates files in /proc/pressure/ that
expose the percentage of time the system is stalled on CPU, memory, or IO,
respectively. Stall states are aggregate versions of the per-task delay
accounting delays:
cpu: some tasks are runnable but not executing on a CPU
memory: tasks are reclaiming, or waiting for swapin or thrashing cache
io: tasks are waiting for io completions
These percentages of walltime can be thought of as pressure percentages,
and they give a general sense of system health and productivity loss
incurred by resource overcommit. They can also indicate when the system
is approaching lockup scenarios and OOMs.
To do this, psi keeps track of the task states associated with each CPU
and samples the time they spend in stall states. Every 2 seconds, the
samples are averaged across CPUs - weighted by the CPUs' non-idle time to
eliminate artifacts from unused CPUs - and translated into percentages of
walltime. A running average of those percentages is maintained over 10s,
1m, and 5m periods (similar to the loadaverage).
[hannes@cmpxchg.org: doc fixlet, per Randy]
Link: http://lkml.kernel.org/r/20180828205625.GA14030@cmpxchg.org
[hannes@cmpxchg.org: code optimization]
Link: http://lkml.kernel.org/r/20180907175015.GA8479@cmpxchg.org
[hannes@cmpxchg.org: rename psi_clock() to psi_update_work(), per Peter]
Link: http://lkml.kernel.org/r/20180907145404.GB11088@cmpxchg.org
[hannes@cmpxchg.org: fix build]
Link: http://lkml.kernel.org/r/20180913014222.GA2370@cmpxchg.org
Link: http://lkml.kernel.org/r/20180828172258.3185-9-hannes@cmpxchg.org
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: Daniel Drake <drake@endlessm.com>
Tested-by: Suren Baghdasaryan <surenb@google.com>
Cc: Christopher Lameter <cl@linux.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Johannes Weiner <jweiner@fb.com>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Peter Enderborg <peter.enderborg@sony.com>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Vinayak Menon <vinmenon@codeaurora.org>
Cc: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit eb414681d5a07d28d2ff90dc05f69ec6b232ebd2)
Bug: 111308141
Test: modified lmkd to use PSI and tested using lmkd_unit_test
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I54a65620b3ed6f8172fdec789a237a99f8c82156
|
||
|
Petri Gynther
|
82fb8eb1d4 |
Merge android-4.9 into android-msm-bluecross-4.9-lts
Merge android-4.9 common kernel into B1/C1 kernel LTS staging branch.
Since android-msm-bluecross-4.9-lts is currently merged to LTS 4.9.150,
I deliberately chose to merge only up to:
commit
|
||
|
Petri Gynther
|
f95907a872 |
Merge 4.9.150 into android-msm-bluecross-4.9-lts
Linux 4.9.150
bnx2x: Fix NULL pointer dereference in bnx2x_del_all_vlans() on some hw
drm/vc4: Set ->is_yuv to false when num_planes == 1
power: supply: olpc_battery: correct the temperature units
intel_th: msu: Fix an off-by-one in attribute store
genwqe: Fix size check
ceph: don't update importing cap's mseq when handing cap export
iommu/vt-d: Handle domain agaw being less than iommu agaw
rxe: fix error completion wr_id and qp_num
9p/net: put a lower bound on msize
powerpc/tm: Set MSR[TS] just prior to recheckpoint
b43: Fix error in cordic routine
gfs2: Fix loop in gfs2_rbm_find
gfs2: Get rid of potential double-freeing in gfs2_create_inode
dlm: memory leaks on error path in dlm_user_request()
dlm: lost put_lkb on error path in receive_convert() and receive_unlock()
dlm: possible memory leak on error path in create_lkb()
dlm: fixed memory leaks after failed ls_remove_names allocation
* ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks
sound/usb/quirks-table.h
* ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit()
sound/usb/mixer.c
ALSA: cs46xx: Potential NULL dereference in probe
IB/hfi1: Incorrect sizing of sge for PIO will OOPs
vhost/vsock: fix uninitialized vhost_vsock->guest_cid
crypto: x86/chacha20 - avoid sleeping with preemption disabled
MIPS: math-emu: Write-protect delay slot emulation pages
sunrpc: use SVC_NET() in svcauth_gss_* functions
sunrpc: fix cache_head leak due to queued request
* mm, devm_memremap_pages: kill mapping "System RAM" support
kernel/memremap.c
* mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL
kernel/memremap.c
hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined
* fork: record start_time late
kernel/fork.c
libceph: fix CEPH_FEATURE_CEPHX_V2 check in calc_signature()
scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown
serial/sunsu: fix refcount leak
net: netxen: fix a missing check and an uninitialized use
vxge: ensure data0 is initialized in when fetching firmware version information
lan78xx: Resolve issue with changing MAC address
SUNRPC: Fix a race with XPRT_CONNECTING
net: hns: Add mac pcs config when enable|disable mac
net: hns: Fix ntuple-filters status error.
net: hns: Avoid net reset caused by pause frames storm
net: hns: Free irq when exit from abnormal branch
net: hns: Clean rx fbd when ae stopped.
net: hns: Fixed bug that netdev was opened twice
net: hns: Some registers use wrong address according to the datasheet.
net: hns: All ports can not work when insmod hns ko after rmmod.
net: hns: Incorrect offset address used for some registers.
w90p910_ether: remove incorrect __init annotation
drivers: net: xgene: Remove unnecessary forward declarations
scsi: target: iscsi: cxgbit: add missing spin_lock_init()
scsi: target: iscsi: cxgbit: fix csk leak
bnx2x: Send update-svid ramrod with retry/poll flags enabled
bnx2x: Remove configured vlans as part of unload sequence.
bnx2x: Clear fip MAC when fcoe offload support is disabled
netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
Input: omap-keypad - fix idle configuration to not block SoC idle states
scsi: bnx2fc: Fix NULL dereference in error handling
* netfilter: seqadj: re-load tcp header pointer after possible head reallocation
net/netfilter/nf_conntrack_seqadj.c
* xfrm: Fix bucket count reported to userspace
net/xfrm/xfrm_state.c
checkstack.pl: fix for aarch64
* Input: restore EV_ABS ABS_RESERVED
include/uapi/linux/input-event-codes.h
ARM: dts: imx7d-nitrogen7: Fix the description of the Wifi clock
ARM: imx: update the cpu power up timing setting on i.mx6sx
powerpc: Fix COFF zImage booting on old powermacs
pinctrl: meson: fix pull enable register calculation
Linux 4.9.149
spi: bcm2835: Unbreak the build of esoteric configs
tpm: tpm_i2c_nuvoton: use correct command duration for TPM 2.x
rtc: m41t80: Correct alarm month range with RTC reads
* arm64: KVM: Avoid setting the upper 32 bits of VTCR_EL2 to 1
arch/arm64/include/asm/kvm_arm.h
x86/kvm/vmx: do not use vm-exit instruction length for fast MMIO when running nested
CIFS: Fix error mapping for SMB2_LOCK command which caused OFD lock problem
MIPS: OCTEON: mark RGMII interface disabled on OCTEON III
MIPS: Align kernel load address to 64KB
MIPS: Ensure pmd_present() returns false after pmd_mknotpresent()
media: v4l2-tpg: array index could become negative
media: vivid: free bitmap_cap when updating std/timings/etc.
serial: uartps: Fix interrupt mask issue to handle the RX interrupts properly
* f2fs: fix validation of the block count in sanity_check_raw_super
fs/f2fs/super.c
cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader.
clk: rockchip: fix typo in rk3188 spdif_frac parent
spi: bcm2835: Avoid finishing transfer prematurely in IRQ mode
spi: bcm2835: Fix book-keeping of DMA termination
spi: bcm2835: Fix race on DMA termination
* ext4: force inode writes when nfsd calls commit_metadata()
fs/ext4/super.c
include/trace/events/ext4.h
* ext4: include terminating u32 in size of xattr entries when expanding inodes
fs/ext4/xattr.c
* ext4: fix EXT4_IOC_GROUP_ADD ioctl
fs/ext4/resize.c
* ext4: missing unlock/put_page() in ext4_try_to_write_inline_data()
fs/ext4/inline.c
* ext4: fix possible use after free in ext4_quota_enable
fs/ext4/super.c
perf pmu: Suppress potential format-truncation warning
* platform-msi: Free descriptors in platform_msi_domain_free()
drivers/base/platform-msi.c
include/linux/msi.h
KVM: x86: Use jmp to invoke kvm_spurious_fault() from .fixup
Input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G
qmi_wwan: apply SET_DTR quirk to the SIMCOM shared device ID
staging: wilc1000: fix missing read_write setting when reading data
usb: r8a66597: Fix a possible concurrency use-after-free bug in r8a66597_endpoint_disable()
USB: serial: option: add Fibocom NL678 series
USB: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays
ALSA: hda/tegra: clear pending irq handlers
ALSA: hda: add mute LED support for HP EliteBook 840 G4
* mtd: atmel-quadspi: disallow building on ebsa110
drivers/mtd/spi-nor/Kconfig
ALSA: emux: Fix potential Spectre v1 vulnerabilities
* ALSA: pcm: Fix potential Spectre v1 vulnerability
sound/core/pcm.c
ALSA: emu10k1: Fix potential Spectre v1 vulnerabilities
ALSA: rme9652: Fix potential Spectre v1 vulnerability
* ptr_ring: wrap back ->producer in __ptr_ring_swap_queue()
include/linux/ptr_ring.h
* sock: Make sock->sk_stamp thread-safe
include/net/sock.h
net/compat.c
net/core/sock.c
net/mlx5: Typo fix in del_sw_hw_rule
net/mlx5e: Remove the false indication of software timestamping support
* gro_cell: add napi_disable in gro_cells_destroy
include/net/gro_cells.h
tipc: compare remote and local protocols in tipc_udp_enable()
tipc: use lock_sock() in tipc_sk_reinit()
xen/netfront: tolerate frags with no data
VSOCK: Send reset control packet when socket is partially bound
vhost: make sure used idx is seen before log in vhost_add_used_n()
tipc: fix a double kfree_skb()
sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event
* packet: validate address length if non-zero
net/packet/af_packet.c
* packet: validate address length
net/packet/af_packet.c
net/wan: fix a double free in x25_asy_open_tty()
netrom: fix locking in nr_find_socket()
* net: phy: Fix the issue that netif always links up after resuming
drivers/net/phy/phy_device.c
* net: ipv4: do not handle duplicate fragments as overlapping
net/ipv4/ip_fragment.c
isdn: fix kernel-infoleak in capi_unlocked_ioctl
* ipv6: tunnels: fix two use-after-free
net/ipv6/ip6_tunnel.c
net/ipv6/ip6_vti.c
* ipv6: explicitly initialize udp6_addr in udp_sock_create6()
net/ipv6/ip6_udp_tunnel.c
ieee802154: lowpan_header_create check must check daddr
ibmveth: fix DMA unmap error in ibmveth_xmit_start error path
ax25: fix a use-after-free in ax25_fillin_cb()
ipv4: Fix potential Spectre v1 vulnerability
ip6mr: Fix potential Spectre v1 vulnerability
NFC: nxp-nci: Include unaligned.h instead of access_ok.h
Change-Id: I794662b5c716a33fc319570493566f72d56bdba2
Signed-off-by: Petri Gynther <pgynther@google.com>
|
||
|
Greg Kroah-Hartman
|
c7b283dd04 |
Merge 4.9.150 into android-4.9
Changes in 4.9.150 pinctrl: meson: fix pull enable register calculation powerpc: Fix COFF zImage booting on old powermacs ARM: imx: update the cpu power up timing setting on i.mx6sx ARM: dts: imx7d-nitrogen7: Fix the description of the Wifi clock Input: restore EV_ABS ABS_RESERVED checkstack.pl: fix for aarch64 xfrm: Fix bucket count reported to userspace netfilter: seqadj: re-load tcp header pointer after possible head reallocation scsi: bnx2fc: Fix NULL dereference in error handling Input: omap-keypad - fix idle configuration to not block SoC idle states netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel bnx2x: Clear fip MAC when fcoe offload support is disabled bnx2x: Remove configured vlans as part of unload sequence. bnx2x: Send update-svid ramrod with retry/poll flags enabled scsi: target: iscsi: cxgbit: fix csk leak scsi: target: iscsi: cxgbit: add missing spin_lock_init() drivers: net: xgene: Remove unnecessary forward declarations w90p910_ether: remove incorrect __init annotation net: hns: Incorrect offset address used for some registers. net: hns: All ports can not work when insmod hns ko after rmmod. net: hns: Some registers use wrong address according to the datasheet. net: hns: Fixed bug that netdev was opened twice net: hns: Clean rx fbd when ae stopped. net: hns: Free irq when exit from abnormal branch net: hns: Avoid net reset caused by pause frames storm net: hns: Fix ntuple-filters status error. net: hns: Add mac pcs config when enable|disable mac SUNRPC: Fix a race with XPRT_CONNECTING lan78xx: Resolve issue with changing MAC address vxge: ensure data0 is initialized in when fetching firmware version information net: netxen: fix a missing check and an uninitialized use serial/sunsu: fix refcount leak scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown libceph: fix CEPH_FEATURE_CEPHX_V2 check in calc_signature() fork: record start_time late hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL mm, devm_memremap_pages: kill mapping "System RAM" support sunrpc: fix cache_head leak due to queued request sunrpc: use SVC_NET() in svcauth_gss_* functions MIPS: math-emu: Write-protect delay slot emulation pages crypto: x86/chacha20 - avoid sleeping with preemption disabled vhost/vsock: fix uninitialized vhost_vsock->guest_cid IB/hfi1: Incorrect sizing of sge for PIO will OOPs ALSA: cs46xx: Potential NULL dereference in probe ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks dlm: fixed memory leaks after failed ls_remove_names allocation dlm: possible memory leak on error path in create_lkb() dlm: lost put_lkb on error path in receive_convert() and receive_unlock() dlm: memory leaks on error path in dlm_user_request() gfs2: Get rid of potential double-freeing in gfs2_create_inode gfs2: Fix loop in gfs2_rbm_find b43: Fix error in cordic routine powerpc/tm: Set MSR[TS] just prior to recheckpoint 9p/net: put a lower bound on msize rxe: fix error completion wr_id and qp_num iommu/vt-d: Handle domain agaw being less than iommu agaw ceph: don't update importing cap's mseq when handing cap export genwqe: Fix size check intel_th: msu: Fix an off-by-one in attribute store power: supply: olpc_battery: correct the temperature units drm/vc4: Set ->is_yuv to false when num_planes == 1 bnx2x: Fix NULL pointer dereference in bnx2x_del_all_vlans() on some hw Linux 4.9.150 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
David Herrmann
|
0ea6030b55 |
fork: record start_time late
commit 7b55851367136b1efd84d98fea81ba57a98304cf upstream. This changes the fork(2) syscall to record the process start_time after initializing the basic task structure but still before making the new process visible to user-space. Technically, we could record the start_time anytime during fork(2). But this might lead to scenarios where a start_time is recorded long before a process becomes visible to user-space. For instance, with userfaultfd(2) and TLS, user-space can delay the execution of fork(2) for an indefinite amount of time (and will, if this causes network access, or similar). By recording the start_time late, it much closer reflects the point in time where the process becomes live and can be observed by other processes. Lastly, this makes it much harder for user-space to predict and control the start_time they get assigned. Previously, user-space could fork a process and stall it in copy_thread_tls() before its pid is allocated, but after its start_time is recorded. This can be misused to later-on cycle through PIDs and resume the stalled fork(2) yielding a process that has the same pid and start_time as a process that existed before. This can be used to circumvent security systems that identify processes by their pid+start_time combination. Even though user-space was always aware that start_time recording is flaky (but several projects are known to still rely on start_time-based identification), changing the start_time to be recorded late will help mitigate existing attacks and make it much harder for user-space to control the start_time a process gets assigned. Reported-by: Jann Horn <jannh@google.com> Signed-off-by: Tom Gundersen <teg@jklm.no> Signed-off-by: David Herrmann <dh.herrmann@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Petri Gynther
|
466b53ddc8 |
LTS: Merge 4.9.140 into android-msm-bluecross-4.9
Update B1/C1 master kernel to 4.9.140 LTS kernel. Bug: 115649324 Test: Manual testing Change-Id: Ib1650df1966e00ca5e09bf5c82eee0697b7dfb97 Signed-off-by: Petri Gynther <pgynther@google.com> |
||
|
Petri Gynther
|
910dfad80a |
Merge 4.9.127 into android-msm-bluecross-4.9-lts
Linux 4.9.127
* arm64: Handle mismatched cache type
arch/arm64/include/asm/cpucaps.h
arch/arm64/kernel/cpu_errata.c
* arm64: Fix mismatched cache line size detection
arch/arm64/include/asm/cachetype.h
arch/arm64/kernel/cpu_errata.c
arch/arm64/kernel/cpufeature.c
btrfs: use correct compare function of dirty_metadata_bytes
ASoC: wm8994: Fix missing break in switch
s390/lib: use expoline for all bcr instructions
mei: me: allow runtime pm for platform with D0i3
sch_tbf: fix two null pointer dereferences on init failure
sch_netem: avoid null pointer deref on init failure
sch_hhf: fix null pointer dereference on init failure
* sch_multiq: fix double free on init failure
net/sched/sch_multiq.c
* sch_htb: fix crash on init failure
net/sched/sch_htb.c
Fixes: Commit
|
||
|
Johannes Weiner
|
21c9d241da |
UPSTREAM: psi: pressure stall information for CPU, memory, and IO
When systems are overcommitted and resources become contended, it's hard
to tell exactly the impact this has on workload productivity, or how close
the system is to lockups and OOM kills. In particular, when machines work
multiple jobs concurrently, the impact of overcommit in terms of latency
and throughput on the individual job can be enormous.
In order to maximize hardware utilization without sacrificing individual
job health or risk complete machine lockups, this patch implements a way
to quantify resource pressure in the system.
A kernel built with CONFIG_PSI=y creates files in /proc/pressure/ that
expose the percentage of time the system is stalled on CPU, memory, or IO,
respectively. Stall states are aggregate versions of the per-task delay
accounting delays:
cpu: some tasks are runnable but not executing on a CPU
memory: tasks are reclaiming, or waiting for swapin or thrashing cache
io: tasks are waiting for io completions
These percentages of walltime can be thought of as pressure percentages,
and they give a general sense of system health and productivity loss
incurred by resource overcommit. They can also indicate when the system
is approaching lockup scenarios and OOMs.
To do this, psi keeps track of the task states associated with each CPU
and samples the time they spend in stall states. Every 2 seconds, the
samples are averaged across CPUs - weighted by the CPUs' non-idle time to
eliminate artifacts from unused CPUs - and translated into percentages of
walltime. A running average of those percentages is maintained over 10s,
1m, and 5m periods (similar to the loadaverage).
[hannes@cmpxchg.org: doc fixlet, per Randy]
Link: http://lkml.kernel.org/r/20180828205625.GA14030@cmpxchg.org
[hannes@cmpxchg.org: code optimization]
Link: http://lkml.kernel.org/r/20180907175015.GA8479@cmpxchg.org
[hannes@cmpxchg.org: rename psi_clock() to psi_update_work(), per Peter]
Link: http://lkml.kernel.org/r/20180907145404.GB11088@cmpxchg.org
[hannes@cmpxchg.org: fix build]
Link: http://lkml.kernel.org/r/20180913014222.GA2370@cmpxchg.org
Link: http://lkml.kernel.org/r/20180828172258.3185-9-hannes@cmpxchg.org
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Tested-by: Daniel Drake <drake@endlessm.com>
Tested-by: Suren Baghdasaryan <surenb@google.com>
Cc: Christopher Lameter <cl@linux.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Johannes Weiner <jweiner@fb.com>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Peter Enderborg <peter.enderborg@sony.com>
Cc: Randy Dunlap <rdunlap@infradead.org>
Cc: Shakeel Butt <shakeelb@google.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Vinayak Menon <vinmenon@codeaurora.org>
Cc: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit eb414681d5a07d28d2ff90dc05f69ec6b232ebd2)
Bug: 111308141
Test: modified lmkd to use PSI and tested using lmkd_unit_test
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Change-Id: I54a65620b3ed6f8172fdec789a237a99f8c82156
|
||
|
Sami Tolvanen
|
f344424f3c |
ANDROID: add support for clang Shadow Call Stack (SCS)
This change adds generic support for clang's Shadow Call Stack, which uses a shadow stack to protect return addresses from being overwritten by an attacker. Details are available here: https://clang.llvm.org/docs/ShadowCallStack.html Bug: 112277034 Change-Id: Idd553b7c978b0673ab533a68980fb9a654f4510c Signed-off-by: Sami Tolvanen <samitolvanen@google.com> |
||
|
Sami Tolvanen
|
ddab5886dd |
Revert "add support for clang SafeStack"
This reverts commit
|
||
|
Petri Gynther
|
b7ccff19ab |
LTS: Merge 4.9.119 into android-msm-bluecross-4.9
Update B1/C1 kernel to 4.9.119 LTS kernel. Bug: 115649324 Test: Manual testing Change-Id: I20915a61ded810d36782cdef73896358421b329c Signed-off-by: Petri Gynther <pgynther@google.com> |
||
|
Petri Gynther
|
4f20e8d35c |
Merge 4.9.119 into android-msm-bluecross-4.9-lts
Linux 4.9.119
jfs: Fix inconsistency between memory allocation and ea_buf->max_size
IB/hfi1: Fix incorrect mixing of ERR_PTR and NULL return values
* fork: unconditionally clear stack on fork
include/linux/thread_info.h
kernel/fork.c
* kmemleak: clear stale pointers from task stacks
include/linux/thread_info.h
kernel/fork.c
* tcp: add tcp_ooo_try_coalesce() helper
net/ipv4/tcp_input.c
Btrfs: fix file data corruption after cloning a range and fsync
i2c: imx: Fix reinit_completion() use
* ring_buffer: tracing: Inherit the tracing setting to next ring buffer
include/linux/ring_buffer.h
kernel/trace/ring_buffer.c
kernel/trace/trace.c
ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle
* ext4: fix false negatives *and* false positives in ext4_check_descriptors()
fs/ext4/super.c
* netlink: Don't shift on 64 for ngroups
net/netlink/af_netlink.c
* netlink: Don't shift with UB on nlk->ngroups
net/netlink/af_netlink.c
* netlink: Do not subscribe to non-existent groups
net/netlink/af_netlink.c
* nohz: Fix local_timer_softirq_pending()
kernel/time/tick-sched.c
* genirq: Make force irq threading setup more robust
kernel/irq/manage.c
scsi: qla2xxx: Return error when TMF returns
scsi: qla2xxx: Fix ISP recovery on unload
Change-Id: I039b9c63511f3e1644bbc9205bc731af90e2170c
Signed-off-by: Petri Gynther <pgynther@google.com>
|
||
|
Greg Kroah-Hartman
|
ba01a4255d |
Merge 4.9.128 into android-4.9
Changes in 4.9.128
i2c: xiic: Make the start and the byte count write atomic
i2c: i801: fix DNV's SMBCTRL register offset
KVM: s390: vsie: copy wrapping keys to right place
ALSA: hda - Fix cancel_work_sync() stall from jackpoll work
cfq: Give a chance for arming slice idle timer in case of group_idle
kthread: Fix use-after-free if kthread fork fails
kthread: fix boot hang (regression) on MIPS/OpenRISC
staging: rt5208: Fix a sleep-in-atomic bug in xd_copy_page
staging/rts5208: Fix read overflow in memcpy
IB/rxe: do not copy extra stack memory to skb
block,blkcg: use __GFP_NOWARN for best-effort allocations in blkcg
nl80211: fix null-ptr dereference on invalid mesh configuration
locking/rwsem-xadd: Fix missed wakeup due to reordering of load
selinux: use GFP_NOWAIT in the AVC kmem_caches
locking/osq_lock: Fix osq_lock queue corruption
mm, vmscan: clear PGDAT_WRITEBACK when zone is balanced
mm: remove seemingly spurious reclaimability check from laptop_mode gating
ARC: [plat-axs*]: Enable SWAP
misc: mic: SCIF Fix scif_get_new_port() error handling
ethtool: Remove trailing semicolon for static inline
Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV
gpio: tegra: Move driver registration to subsys_init level
net: phy: Fix the register offsets in Broadcom iProc mdio mux driver
scsi: target: fix __transport_register_session locking
md/raid5: fix data corruption of replacements after originals dropped
timers: Clear timer_base::must_forward_clk with timer_base::lock held
misc: ti-st: Fix memory leak in the error path of probe()
uio: potential double frees if __uio_register_device() fails
tty: rocket: Fix possible buffer overwrite on register_PCI
f2fs: do not set free of current section
perf tools: Allow overriding MAX_NR_CPUS at compile time
NFSv4.0 fix client reference leak in callback
macintosh/via-pmu: Add missing mmio accessors
ath9k: report tx status on EOSP
ath9k_hw: fix channel maximum power level test
ath10k: prevent active scans on potential unusable channels
wlcore: Set rx_status boottime_ns field on rx
MIPS: Fix ISA virt/bus conversion for non-zero PHYS_OFFSET
ata: libahci: Correct setting of DEVSLP register
scsi: 3ware: fix return 0 on the error path of probe
ath10k: disable bundle mgmt tx completion event support
Bluetooth: hidp: Fix handling of strncpy for hid->name information
x86/mm: Remove in_nmi() warning from vmalloc_fault()
gpio: ml-ioh: Fix buffer underwrite on probe error path
net: mvneta: fix mtu change on port without link
f2fs: try grabbing node page lock aggressively in sync scenario
f2fs: fix to skip GC if type in SSA and SIT is inconsistent
tpm_tis_spi: Pass the SPI IRQ down to the driver
tpm/tpm_i2c_infineon: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT)
f2fs: fix to do sanity check with reserved blkaddr of inline inode
MIPS: Octeon: add missing of_node_put()
MIPS: generic: fix missing of_node_put()
net: dcb: For wild-card lookups, use priority -1, not 0
Input: atmel_mxt_ts - only use first T9 instance
media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions
partitions/aix: append null character to print data from disk
partitions/aix: fix usage of uninitialized lv_info and lvname structures
media: helene: fix xtal frequency setting at power on
f2fs: Fix uninitialized return in f2fs_ioc_shutdown()
iommu/ipmmu-vmsa: Fix allocation in atomic context
mfd: ti_am335x_tscadc: Fix struct clk memory leak
f2fs: fix to do sanity check with {sit,nat}_ver_bitmap_bytesize
NFSv4.1: Fix a potential layoutget/layoutrecall deadlock
MIPS: WARN_ON invalid DMA cache maintenance, not BUG_ON
RDMA/cma: Do not ignore net namespace for unbound cm_id
xhci: Fix use-after-free in xhci_free_virt_device
netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
mtd: ubi: wl: Fix error return code in ubi_wl_init()
autofs: fix autofs_sbi() does not check super block type
mm: get rid of vmacache_flush_all() entirely
Linux 4.9.128
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
|
Vegard Nossum
|
a70e46bcea |
kthread: Fix use-after-free if kthread fork fails
commit 4d6501dce079c1eb6bf0b1d8f528a5e81770109e upstream.
If a kthread forks (e.g. usermodehelper since commit 1da5c46fa965) but
fails in copy_process() between calling dup_task_struct() and setting
p->set_child_tid, then the value of p->set_child_tid will be inherited
from the parent and get prematurely freed by free_kthread_struct().
kthread()
- worker_thread()
- process_one_work()
| - call_usermodehelper_exec_work()
| - kernel_thread()
| - _do_fork()
| - copy_process()
| - dup_task_struct()
| - arch_dup_task_struct()
| - tsk->set_child_tid = current->set_child_tid // implied
| - ...
| - goto bad_fork_*
| - ...
| - free_task(tsk)
| - free_kthread_struct(tsk)
| - kfree(tsk->set_child_tid)
- ...
- schedule()
- __schedule()
- wq_worker_sleeping()
- kthread_data(task)->flags // UAF
The problem started showing up with commit 1da5c46fa965 since it reused
->set_child_tid for the kthread worker data.
A better long-term solution might be to get rid of the ->set_child_tid
abuse. The comment in set_kthread_struct() also looks slightly wrong.
Debugged-by: Jamie Iles <jamie.iles@oracle.com>
Fixes: 1da5c46fa965 ("kthread: Make struct kthread kmalloc'ed")
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
Acked-by: Oleg Nesterov <oleg@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Jamie Iles <jamie.iles@oracle.com>
Cc: stable@vger.kernel.org
Link: http://lkml.kernel.org/r/20170509073959.17858-1-vegard.nossum@oracle.com
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
be4935d541 |
Merge 4.9.127 into android-4.9
Changes in 4.9.127
x86/speculation/l1tf: Fix up pte->pfn conversion for PAE
act_ife: fix a potential use-after-free
ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state
net: bcmgenet: use MAC link status for fixed phy
net: sched: Fix memory exposure from short TCA_U32_SEL
qlge: Fix netdev features configuration.
r8169: add support for NCube 8168 network card
tcp: do not restart timewait timer on rst reception
vti6: remove !skb->ignore_df check from vti6_xmit()
sctp: hold transport before accessing its asoc in sctp_transport_get_next
vhost: correctly check the iova range when waking virtqueue
hv_netvsc: ignore devices that are not PCI
act_ife: move tcfa_lock down to where necessary
act_ife: fix a potential deadlock
net: sched: action_ife: take reference to meta module
cifs: check if SMB2 PDU size has been padded and suppress the warning
hfsplus: don't return 0 when fill_super() failed
hfs: prevent crash on exit from failed search
sunrpc: Don't use stack buffer with scatterlist
fork: don't copy inconsistent signal handler state to child
reiserfs: change j_timestamp type to time64_t
hfsplus: fix NULL dereference in hfsplus_lookup()
fat: validate ->i_start before using
scripts: modpost: check memory allocation results
virtio: pci-legacy: Validate queue pfn
mm/fadvise.c: fix signed overflow UBSAN complaint
fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot()
platform/x86: intel_punit_ipc: fix build errors
s390/kdump: Fix memleak in nt_vmcoreinfo
ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest()
mfd: sm501: Set coherent_dma_mask when creating subdevices
platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360
RDMA/hns: Fix usage of bitmap allocation functions return values
irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP
net/9p/trans_fd.c: fix race by holding the lock
net/9p: fix error path of p9_virtio_probe
powerpc: Fix size calculation using resource_size()
perf probe powerpc: Fix trace event post-processing
block: bvec_nr_vecs() returns value for wrong slab
s390/dasd: fix hanging offline processing due to canceled worker
s390/dasd: fix panic for failed online processing
ACPI / scan: Initialize status to ACPI_STA_DEFAULT
scsi: aic94xx: fix an error code in aic94xx_init()
PCI: mvebu: Fix I/O space end address calculation
dm kcopyd: avoid softlockup in run_complete_job
staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice
selftests/powerpc: Kill child processes on SIGINT
RDS: IB: fix 'passing zero to ERR_PTR()' warning
smb3: fix reset of bytes read and written stats
SMB3: Number of requests sent should be displayed for SMB3 not just CIFS
powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX.
clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399
btrfs: replace: Reset on-disk dev stats value after replace
btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized
btrfs: Don't remove block group that still has pinned down bytes
arm64: rockchip: Force CONFIG_PM on Rockchip systems
ARM: rockchip: Force CONFIG_PM on Rockchip systems
drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80
tcp: Revert "tcp: tcp_probe: use spin_lock_bh()"
debugobjects: Make stack check warning more informative
x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear
kbuild: make missing $DEPMOD a Warning instead of an Error
irda: Fix memory leak caused by repeated binds of irda socket
irda: Only insert new objects into the global database via setsockopt
Revert "ARM: imx_v6_v7_defconfig: Select ULPI support"
enic: do not call enic_change_mtu in enic_probe
Fixes: Commit
|
||
|
Jann Horn
|
015fd7e0a6 |
fork: don't copy inconsistent signal handler state to child
[ Upstream commit 06e62a46bbba20aa5286102016a04214bb446141 ] Before this change, if a multithreaded process forks while one of its threads is changing a signal handler using sigaction(), the memcpy() in copy_sighand() can race with the struct assignment in do_sigaction(). It isn't clear whether this can cause corruption of the userspace signal handler pointer, but it definitely can cause inconsistency between different fields of struct sigaction. Take the appropriate spinlock to avoid this. I have tested that this patch prevents inconsistency between sa_sigaction and sa_flags, which is possible before this patch. Link: http://lkml.kernel.org/r/20180702145108.73189-1-jannh@google.com Signed-off-by: Jann Horn <jannh@google.com> Acked-by: Michal Hocko <mhocko@suse.com> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Rik van Riel <riel@redhat.com> Cc: "Peter Zijlstra (Intel)" <peterz@infradead.org> Cc: Kees Cook <keescook@chromium.org> Cc: Oleg Nesterov <oleg@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Minchan Kim
|
04ff5ec537 |
mm: introduce per-process mm event tracking feature
Linux supports /proc/meminfo and /proc/vmstat stats as memory health metric.
Android uses them too. If user see something goes wrong(e.g., sluggish, jank)
on their system, they can capture and report system state to developers
for debugging.
It shows memory stat at the moment the bug is captured. However, it’s
not enough to investigate application's jank problem caused by memory
shortage. Because
1. It just shows event count which doesn’t quantify the latency of the
application well. Jank could happen by various reasons and one of simple
scenario is frame drop for a second. App should draw the frame every 16ms
interval. Just number of stats(e.g., allocstall or pgmajfault) couldn't
represnt how many of time the app spends for handling the event.
2. At bugreport, dump with vmstat and meminfo is never helpful because it's
too late to capture the moment when the problem happens.
When the user catch up the problem and try to capture the system state,
the problem has already gone.
3. Although we could capture MM stat at the moment bug happens, it couldn't
be helpful because MM stats are usually very flucuate so we need historical
data rather than one-time snapshot to see MM trend.
To solve above problems, this patch introduces per-process, light-weight,
mm event stat. Basically, it tracks minor/major faults, reclaim and compaction
latency of each process as well as event count and record the data into global
buffer.
To compromise memory overhead, it doesn't record every MM event of the process
to the buffer but just drain accumuated stats every 0.5sec interval to buffer.
If there isn't any event, it just skips the recording.
For latency data, it keeps average/max latency of each event in that period
With that, we could keep useful information with small buffer so that
we couldn't miss precious information any longer although the capture time
is rather late. This patch introduces basic facility of MM event stat.
After all patches in this patchset are applied, outout format is as follows,
dumpstate can use it for VM debugging in future.
<...>-1665 [001] d... 217.575173: mm_event_record: min_flt count=203 avg_lat=3 max_lat=58
<...>-1665 [001] d... 217.575183: mm_event_record: maj_flt count=1 avg_lat=1994 max_lat=1994
<...>-1665 [001] d... 217.575184: mm_event_record: kern_alloc count=227 avg_lat=0 max_lat=0
<...>-626 [000] d... 217.578096: mm_event_record: kern_alloc count=4 avg_lat=0 max_lat=0
<...>-6547 [000] .... 217.581913: mm_event_record: min_flt count=7 avg_lat=7 max_lat=20
<...>-6547 [000] .... 217.581955: mm_event_record: kern_alloc count=4 avg_lat=0 max_lat=0
This feature uses event trace for output buffer so that we could use all of
general benefit of event trace(e.g., buffer size management, filtering and
so on). To prevent overflow of the ring buffer by other random event race,
highly suggest that create separate instance of tracing
on /sys/kernel/debug/tracing/instances/
I had a concern of adding overhead. Actually, major|compaction/reclaim
are already heavy cost so it should be not a concern. Rather than,
minor fault and kern alloc would be severe so I tested a micro benchmark
to measure minor page fault overhead.
Test scenario is create 40 threads and each of them does minor
page fault for 25M range(ranges are not overwrapped).
I didn't see any noticible regression.
Base:
fault/wsec avg: 758489.8288
minor faults=13123118, major faults=0 ctx switch=139234
User System Wall fault/wsec
39.55s 41.73s 17.49s 749995.768
minor faults=13123135, major faults=0 ctx switch=139627
User System Wall fault/wsec
34.59s 41.61s 16.95s 773906.976
minor faults=13123061, major faults=0 ctx switch=139254
User System Wall fault/wsec
39.03s 41.55s 16.97s 772966.334
minor faults=13123131, major faults=0 ctx switch=139970
User System Wall fault/wsec
36.71s 42.12s 17.04s 769941.019
minor faults=13123027, major faults=0 ctx switch=138524
User System Wall fault/wsec
42.08s 42.24s 18.08s 725639.047
Base + MM event + event trace enable:
fault/wsec avg: 759626.1488
minor faults=13123488, major faults=0 ctx switch=140303
User System Wall fault/wsec
37.66s 42.21s 17.48s 750414.257
minor faults=13123066, major faults=0 ctx switch=138119
User System Wall fault/wsec
36.77s 42.14s 17.49s 750010.107
minor faults=13123505, major faults=0 ctx switch=140021
User System Wall fault/wsec
38.51s 42.50s 17.54s 748022.219
minor faults=13123431, major faults=0 ctx switch=138517
User System Wall fault/wsec
36.74s 41.49s 17.03s 770255.610
minor faults=13122955, major faults=0 ctx switch=137174
User System Wall fault/wsec
40.68s 40.97s 16.83s 779428.551
Bug: 80168800
Change-Id: I4e69c994f47402766481c58ab5ec2071180964b8
Signed-off-by: Minchan Kim <minchan@google.com>
|
||
|
Greg Kroah-Hartman
|
92e87041ed |
Merge 4.9.119 into android-4.9
Changes in 4.9.119 scsi: qla2xxx: Fix ISP recovery on unload scsi: qla2xxx: Return error when TMF returns genirq: Make force irq threading setup more robust nohz: Fix local_timer_softirq_pending() netlink: Do not subscribe to non-existent groups netlink: Don't shift with UB on nlk->ngroups netlink: Don't shift on 64 for ngroups ext4: fix false negatives *and* false positives in ext4_check_descriptors() ACPI / PCI: Bail early in acpi_pci_add_bus() if there is no ACPI handle ring_buffer: tracing: Inherit the tracing setting to next ring buffer i2c: imx: Fix reinit_completion() use Btrfs: fix file data corruption after cloning a range and fsync tcp: add tcp_ooo_try_coalesce() helper kmemleak: clear stale pointers from task stacks fork: unconditionally clear stack on fork IB/hfi1: Fix incorrect mixing of ERR_PTR and NULL return values jfs: Fix inconsistency between memory allocation and ea_buf->max_size Linux 4.9.119 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Kees Cook
|
6a19e26f11 |
fork: unconditionally clear stack on fork
commit e01e80634ecdde1dd113ac43b3adad21b47f3957 upstream. One of the classes of kernel stack content leaks[1] is exposing the contents of prior heap or stack contents when a new process stack is allocated. Normally, those stacks are not zeroed, and the old contents remain in place. In the face of stack content exposure flaws, those contents can leak to userspace. Fixing this will make the kernel no longer vulnerable to these flaws, as the stack will be wiped each time a stack is assigned to a new process. There's not a meaningful change in runtime performance; it almost looks like it provides a benefit. Performing back-to-back kernel builds before: Run times: 157.86 157.09 158.90 160.94 160.80 Mean: 159.12 Std Dev: 1.54 and after: Run times: 159.31 157.34 156.71 158.15 160.81 Mean: 158.46 Std Dev: 1.46 Instead of making this a build or runtime config, Andy Lutomirski recommended this just be enabled by default. [1] A noisy search for many kinds of stack content leaks can be seen here: https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=linux+kernel+stack+leak I did some more with perf and cycle counts on running 100,000 execs of /bin/true. before: Cycles: 218858861551 218853036130 214727610969 227656844122 224980542841 Mean: 221015379122.60 Std Dev: 4662486552.47 after: Cycles: 213868945060 213119275204 211820169456 224426673259 225489986348 Mean: 217745009865.40 Std Dev: 5935559279.99 It continues to look like it's faster, though the deviation is rather wide, but I'm not sure what I could do that would be less noisy. I'm open to ideas! Link: http://lkml.kernel.org/r/20180221021659.GA37073@beast Signed-off-by: Kees Cook <keescook@chromium.org> Acked-by: Michal Hocko <mhocko@suse.com> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Andy Lutomirski <luto@kernel.org> Cc: Laura Abbott <labbott@redhat.com> Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Cc: Mel Gorman <mgorman@techsingularity.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> [ Srivatsa: Backported to 4.9.y ] Signed-off-by: Srivatsa S. Bhat <srivatsa@csail.mit.edu> Reviewed-by: Srinidhi Rao <srinidhir@vmware.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Konstantin Khlebnikov
|
885b49b4f3 |
kmemleak: clear stale pointers from task stacks
commit ca182551857cc2c1e6a2b7f1e72090a137a15008 upstream. Kmemleak considers any pointers on task stacks as references. This patch clears newly allocated and reused vmap stacks. Link: http://lkml.kernel.org/r/150728990124.744199.8403409836394318684.stgit@buzz Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru> Acked-by: Catalin Marinas <catalin.marinas@arm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> [ Srivatsa: Backported to 4.9.y ] Signed-off-by: Srivatsa S. Bhat <srivatsa@csail.mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Woody Lin
|
0b9464df7b |
cpufreq_stats: Reset cpufreq_task_times right after dup_task_struct
Leverage from 'pa/1107162 cpufreq_stats: Reset cpufreq_task_stats right after dup_task_struct' to reset cpufreq_task_times related fields before any `goto bad_fork_free' to make sure that all cpufreq stats relative structure members are initialized before any chance the fields is being freed. Bug: 111081202 Bug: 111543484 Change-Id: I585dc28417fee740301e3ae1c1c974e84fdb19fe Signed-off-by: Woody Lin <woodylin@google.com> |
||
|
Sultan Alsawaf
|
47bbcd6bf8 |
ANDROID: Fix massive cpufreq_times memory leaks
Every time _cpu_up() is called for a CPU, idle_thread_get() is called which then re-initializes a CPU's idle thread that was already previously created and cached in a global variable in smpboot.c. idle_thread_get() calls init_idle() which then calls __sched_fork(). __sched_fork() is where cpufreq_task_times_init() is, and cpufreq_task_times_init() allocates memory for the task struct's time_in_state array. Since idle_thread_get() reuses a task struct instance that was already previously created, this means that every time it calls init_idle(), cpufreq_task_times_init() allocates this array again and overwrites the existing allocation that the idle thread already had. This causes memory to be leaked every time a CPU is onlined. In order to fix this, move allocation of time_in_state into _do_fork to avoid allocating it at all for idle threads. The cpufreq times interface is intended to be used for tracking userspace tasks, so we can safely remove it from the kernel's idle threads without killing any functionality. But that's not all! Task structs can be freed outside of release_task(), which creates another memory leak because a task struct can be freed without having its cpufreq times allocation freed. To fix this, free the cpufreq times allocation at the same time that task struct allocations are freed, in free_task(). Since free_task() can also be called in error paths of copy_process() after dup_task_struct(), set time_in_state to NULL immediately after calling dup_task_struct() to avoid possible double free. Bug description and fix adapted from patch submitted by Sultan Alsawaf <sultanxda@gmail.com> at https://android-review.googlesource.com/c/kernel/msm/+/700134 Bug: 110044919 Test: Hikey960 builds, boots & reports /proc/<pid>/time_in_state correctly Change-Id: I12fe7611fc88eb7f6c39f8f7629ad27b6ec4722c Signed-off-by: Connor O'Brien <connoro@google.com> |
||
|
Wei Wang
|
c1268f08ce |
kernel: initialize and free cpufreq stats properly
Initialize task's cpufreq to NULL including for idle Make sure free task's cpufreq when free task struct Bug: 110044919 Change-Id: I5fdb3f4bd5b7d7629b5ff2c60cb64483add809cb Signed-off-by: Wei Wang <wvw@google.com> |
||
|
Daniel Mentz
|
fbdcf61b3c |
Merge branch 'qcom-msm-4.9' into android-msm-bluecross-4.9
Conflicts: drivers/input/touchscreen/Kconfig drivers/nfc/nq-nci.c drivers/pinctrl/qcom/pinctrl-msm.c drivers/power/supply/qcom/Makefile include/linux/tcp.h security/pfe/pfk_ice.c Change-Id: I8c54f50d6c67c68e109d1b1576cf0cd65a1e29a2 |
||
|
Sami Tolvanen
|
26a804d93d |
add support for clang SafeStack
This change adds support for clang SafeStack, which protects function return addresses against attacks based on stack buffer overflows: https://clang.llvm.org/docs/SafeStack.html SafeStack splits the kernel stack into safe and unsafe parts. Safe stack is used only for data that's at compile time determined to be only accessed in a safe way. This prevents a buffer overflow in the unsafe stack from overwriting any data in the safe stack, including the return address. Bug: 67506682 Bug: 67507327 Change-Id: I6ce8dbf80dfd8a97d16e049531bba900eb8699b3 Signed-off-by: Sami Tolvanen <samitolvanen@google.com> |
||
|
Blagovest Kolenichev
|
5d703979bf |
Merge android-4.9-o.75 (2007563) into msm-4.9
* refs/heads/tmp-2007563: Linux 4.9.75 kaiser: Set _PAGE_NX only if supported KPTI: Report when enabled KPTI: Rename to PAGE_TABLE_ISOLATION x86/kaiser: Move feature detection up kaiser: disabled on Xen PV x86/kaiser: Reenable PARAVIRT x86/paravirt: Dont patch flush_tlb_single kaiser: kaiser_flush_tlb_on_return_to_user() check PCID kaiser: asm/tlbflush.h handle noPGE at lower level kaiser: drop is_atomic arg to kaiser_pagetable_walk() kaiser: use ALTERNATIVE instead of x86_cr3_pcid_noflush x86/kaiser: Check boottime cmdline params x86/kaiser: Rename and simplify X86_FEATURE_KAISER handling kaiser: add "nokaiser" boot option, using ALTERNATIVE kaiser: fix unlikely error in alloc_ldt_struct() kaiser: kaiser_remove_mapping() move along the pgd kaiser: paranoid_entry pass cr3 need to paranoid_exit kaiser: x86_cr3_pcid_noflush and x86_cr3_pcid_user kaiser: PCID 0 for kernel and 128 for user kaiser: load_new_mm_cr3() let SWITCH_USER_CR3 flush user kaiser: enhanced by kernel and user PCIDs kaiser: vmstat show NR_KAISERTABLE as nr_overhead kaiser: delete KAISER_REAL_SWITCH option kaiser: name that 0x1000 KAISER_SHADOW_PGD_OFFSET kaiser: cleanups while trying for gold link kaiser: align addition to x86/mm/Makefile kaiser: tidied up kaiser_add/remove_mapping slightly kaiser: tidied up asm/kaiser.h somewhat kaiser: ENOMEM if kaiser_pagetable_walk() NULL kaiser: fix perf crashes kaiser: fix regs to do_nmi() ifndef CONFIG_KAISER kaiser: KAISER depends on SMP kaiser: fix build and FIXME in alloc_ldt_struct() kaiser: stack map PAGE_SIZE at THREAD_SIZE-PAGE_SIZE kaiser: do not set _PAGE_NX on pgd_none kaiser: merged update KAISER: Kernel Address Isolation x86/boot: Add early cmdline parsing for options with arguments tcp_bbr: reset long-term bandwidth sampling on loss recovery undo tcp_bbr: reset full pipe detection on loss recovery undo Conflicts: security/Kconfig Change-Id: I4fea07f15ed92a33aa9475745506cb01bae95438 Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> |